def OnCommand(self, n, cmd):
if cmd == self.show_all_toggle_cmd:
if self.min_xrefs == self.MIN_XREFS:
self.min_xrefs = 0
if self.min_xrefs != self.MIN_XREFS:
self.min_xrefs = self.MIN_XREFS
if self.must_have_loop == self.MUST_HAVE_LOOP:
self.must_have_loop = False
else:
self.must_have_loop = self.MUST_HAVE_LOOP
elif cmd == self.rename_cmd:
response = ida_shims.ask_yn(
0,
"Are you sure you want to rename all 'sub_XXXXXX' functions "
"to 'leaf_XXXXXX'?")
if response:
for item in self.items:
# Is this a leaf function?
if item[-1] is True:
current_name = item[0]
if current_name.startswith('sub_'):
new_name = current_name.replace('sub_', 'leaf_')
ida_shims.set_name(
ida_shims.get_name_ea_simple(current_name),
new_name)
self.populate_items()
return 0
def rename_functions(self, debug=True, dry_run=False):
'''
Renames functions starting with "sub_" based on unique string xrefs.
@debug - Set to False to suppress debug output.
@dry_run - Set to True to perform a dry run (functions will not actually
be renamed).
Returns the number of renamed functions.
'''
count = 0
for (function_address,
function_name) in self.func2str_mappings().items():
if ida_shims.get_name(function_address).startswith("sub_"):
if dry_run or ida_shims.set_name(function_address,
function_name):
if debug:
print("0x%.8X => %s" %
(function_address, function_name))
count += 1
if debug:
print("Renamed %d functions based on unique string xrefs!" % count)
return count
def rename_regex(self, n, regex_str="", dryrun=False):
count = 0
if not regex_str:
regex_str = idc.AskStr("", "Regex rename rule")
if regex_str:
if dryrun:
print "Testing regex rename rule: '%s'" % regex_str
regex = re.compile(regex_str)
# Look at all the profiled functions
for (function, xrefs) in self.profile.functions.iteritems():
new_function_name = ""
# Don't rename functions that have already been renamed
if not idc.Name(function).startswith("sub_"):
continue
# Look through all the strings referenced by this function
for string in [x.string for x in xrefs if x.type == str]:
# Does the string match the given regex?
m = regex.search(string)
if m:
# Take the last group from the regex match
potential_function_name = m.groups()[-1].split(" ")[0]
# Replace common bad chars with underscores
for c in ['-', '>']:
potential_function_name = \
potential_function_name.replace(c, '_')
if idaapi.isident(potential_function_name) and \
'%' not in potential_function_name:
if len(potential_function_name) > len(
new_function_name):
new_function_name = potential_function_name
if new_function_name:
# Append _n to the function name, if it already exists
n = 1
orig_new_function_name = new_function_name
while idc.LocByName(new_function_name) != idc.BADADDR:
new_function_name = "%s_%d" % (orig_new_function_name,
n)
n += 1
if dryrun:
print "%s => %s" % (idc.Name(function),
new_function_name)
count += 1
else:
if ida_shims.set_name(function, new_function_name):
count += 1
print "Renamed %d functions" % count
def parse_function_tables(self):
count = 0
for pattern in self.search():
name2func = {}
ea = pattern.start
while ea < pattern.stop:
string_address = ida_shims.get_wide_dword(
ea + (pattern.name_element * pattern.element_size))
function_address = ida_shims.get_wide_dword(
ea + (pattern.function_element * pattern.element_size))
new_function_name = ida_shims.get_strlit_contents(
string_address).decode("utf8")
current_function_name = ida_shims.get_name(function_address)
if not self.valid_function_name(new_function_name):
print("ERROR: '%s' is not a valid function name. This is " \
"likely not a function table, or I have parsed it " \
"incorrectly!" % new_function_name)
print(" Ignoring all entries in the structures " \
"between 0x%X and 0x%X.\n" % (pattern.start,
pattern.stop))
name2func = {}
break
elif current_function_name.startswith("sub_"):
name2func[new_function_name] = function_address
ea += (pattern.num_elements * pattern.element_size)
for (name, address) in name2func.items():
print("0x%.8X => %s" % (address, name))
ida_shims.set_name(address, name)
count += 1
print("Renamed %d functions!" % count)
def rename(self, ea, name):
# Don't rely on the name in curfunc, it could have already been renamed
curname = ida_shims.get_name(ea)
# Don't rename if the name is a special identifier, or if the ea has
# already been named
if curname.startswith('sub_') and \
name.split('_')[0] not in \
['sub', 'loc', 'unk', 'dword', 'word', 'byte']:
# Don't rename if the name already exists in the IDB
if ida_shims.get_name_ea_simple(name) == idc.BADADDR:
if ida_shims.set_name(ea, name):
ida_shims.set_func_flags(
ea, (ida_shims.get_func_flags(ea) | idc.FUNC_LIB))
return 1
return 0
def rename_regex(self, n, regex_str="", dryrun=False):
count = 0
if not regex_str:
regex_str = idc.AskStr("", "Regex rename rule")
if regex_str:
if dryrun:
print "Testing regex rename rule: '%s'" % regex_str
regex = re.compile(regex_str)
for (function, xrefs) in self.profile.functions.iteritems():
new_function_name = ""
if not idc.Name(function).startswith("sub_"):
continue
for string in [x.string for x in xrefs if x.type == str]:
m = regex.search(string)
if m:
potential_function_name = m.groups()[-1].split(" ")[0]
for c in ['-', '>']:
potential_function_name = \
potential_function_name.replace(c, '_')
if idaapi.isident(potential_function_name) and \
'%' not in potential_function_name:
if len(potential_function_name) > len(new_function_name):
new_function_name = potential_function_name
if new_function_name:
# Append _n to the function name, if it already exists
n = 1
orig_new_function_name = new_function_name
while idc.LocByName(new_function_name) != idc.BADADDR:
new_function_name = "%s_%d" % (orig_new_function_name,
n)
n += 1
if dryrun:
print "%s => %s" % (idc.Name(function),
new_function_name)
count += 1
else:
if ida_shims.set_name(function, new_function_name):
count += 1
print "Renamed %d functions" % count
def pointify(self):
counter = 0
print("Renaming pointers...", end=' ')
for (name_ea, name) in idautils.Names():
for xref in idautils.XrefsTo(name_ea):
xref_name = ida_shims.get_name(xref.frm)
if xref_name and xref_name.startswith("off_"):
i = 0
new_name = name + "_ptr"
while ida_shims.get_name_ea_simple(
new_name) != idc.BADADDR:
new_name = name + "_ptr%d" % i
i += 1
if ida_shims.set_name(xref.frm, new_name):
counter += 1
#else:
# print "Failed to create name '%s'!" % new_name
print("renamed %d pointers" % counter)
def rename_function(self, n):
new_name = ida_shims.ask_ident(self.items[n][0], "New function name")
if new_name:
ida_shims.set_name(self.items[n][3], new_name)