def get_items_for_ea(self, ea): frm = [x.frm for x in idautils.XrefsTo(self.__ea)] items = [] for ea in frm: try: cfunc = hexrays.decompile(ea) cfunc.refcnt += 1 self.functions.append(cfunc.entry_ea) self.items.append((ea, idc.GetFunctionName(cfunc.entry_ea), self.get_decompiled_line(cfunc, ea))) except Exception as e: print 'could not decompile: %s' % (str(e), ) return
def populate_table(self): frm = [x.frm for x in idautils.XrefsTo(self.__ea)] self.functions = [] items = [] for ea in frm: try: #~ print 'decompiling', hex(ea) cfunc = hexrays.decompile(ea) cfunc.refcnt += 1 #~ print repr(cfunc) self.functions.append(cfunc.entry_ea) items.append((ea, idc.GetFunctionName(cfunc.entry_ea), self.get_decompiled_line(cfunc, ea))) except Exception as e: print 'could not decompile: %s' % (str(e), ) self.table.setRowCount(len(items)) i = 0 for item in items: address, func, line = item item = QtGui.QTableWidgetItem('0x%x' % (address, )) item.setFlags(item.flags() ^ QtCore.Qt.ItemIsEditable) self.table.setItem(i, 0, item) item = QtGui.QTableWidgetItem(func) item.setFlags(item.flags() ^ QtCore.Qt.ItemIsEditable) self.table.setItem(i, 1, item) item = QtGui.QTableWidgetItem(line) item.setFlags(item.flags() ^ QtCore.Qt.ItemIsEditable) self.table.setItem(i, 2, item) i += 1 self.table.resizeRowsToContents() return
def get_items_for_type(self): x = self.target.operands['x'] m = self.target.operands['m'] xtype = typestring(x.type.u_str()) xtype.remove_ptr_or_array() typename = str(xtype) addresses = [] for ea in idautils.Functions(): try: cfunc = hexrays.decompile(ea) cfunc.refcnt += 1 except: print 'Decompilation of %x failed' % (ea, ) continue str(cfunc) for citem in cfunc.treeitems: citem = citem.to_specific_type if not (type(citem) == hexrays.cexpr_t and citem.opname in ('memptr', 'memref')): continue _x = citem.operands['x'] _m = citem.operands['m'] _xtype = typestring(_x.type.u_str()) _xtype.remove_ptr_or_array() _typename = str(_xtype) #~ print 'in', hex(cfunc.entry_ea), _typename, _m if not (_typename == typename and _m == m): continue parent = citem while parent: if type(parent.to_specific_type) == hexrays.cinsn_t: break parent = cfunc.body.find_parent_of(parent) if not parent: print 'cannot find parent statement (?!)' continue if parent.ea in addresses: continue if parent.ea == idaapi.BADADDR: print 'parent.ea is BADADDR' continue addresses.append(parent.ea) self.functions.append(cfunc.entry_ea) self.items.append((parent.ea, idc.GetFunctionName(cfunc.entry_ea), self.get_decompiled_line(cfunc, int(parent.ea)))) return []
def get_items_for_type(self): x = self.target.operands['x'] m = self.target.operands['m'] xtype = typestring(x.type.u_str()) xtype.remove_ptr_or_array() typename = str(xtype) addresses = [] for ea in idautils.Functions(): try: cfunc = hexrays.decompile(ea) cfunc.refcnt += 1 except: print 'Decompilation of %x failed' % (ea, ) continue str(cfunc) for citem in cfunc.treeitems: citem = citem.to_specific_type if not (type(citem) == hexrays.cexpr_t and citem.opname in ('memptr', 'memref')): continue _x = citem.operands['x'] _m = citem.operands['m'] _xtype = typestring(_x.type.u_str()) _xtype.remove_ptr_or_array() _typename = str(_xtype) #~ print 'in', hex(cfunc.entry_ea), _typename, _m if not (_typename == typename and _m == m): continue parent = citem while parent: if type(parent.to_specific_type) == hexrays.cinsn_t: break parent = cfunc.body.find_parent_of(parent) if not parent: print 'cannot find parent statement (?!)' continue if parent.ea in addresses: continue if parent.ea == idaapi.BADADDR: print 'parent.ea is BADADDR' continue addresses.append(parent.ea) self.functions.append(cfunc.entry_ea) self.items.append( (parent.ea, idc.GetFunctionName(cfunc.entry_ea), self.get_decompiled_line(cfunc, int(parent.ea)))) return []