def build_stack_variable(func_ea):
stack_vars = dict()
frame = idc.get_func_attr(func_ea, idc.FUNCATTR_FRAME)
if not frame:
return stack_vars
f_name = get_symbol_name(func_ea)
#grab the offset of the stored frame pointer, so that
#we can correlate offsets correctly in referent code
# e.g., EBP+(-0x4) will match up to the -0x4 offset
delta = idc.GetMemberOffset(frame, " s")
if delta == -1:
delta = 0
if f_name not in _FUNC_UNSAFE_LIST:
offset = idc.get_first_member(frame)
while -1 != _signed_from_unsigned(offset):
member_name = idc.get_member_name(frame, offset)
if member_name is None:
offset = idc.get_next_offset(frame, offset)
continue
if (member_name == " r" or member_name == " s"):
offset = idc.get_next_offset(frame, offset)
continue
member_size = idc.GetMemberSize(frame, offset)
if offset >= delta:
offset = idc.get_next_offset(frame, offset)
continue
member_flag = idc.GetMemberFlag(frame, offset)
flag_str = _get_flags_from_bits(member_flag)
member_offset = offset-delta
stack_vars[member_offset] = {"name": member_name,
"size": member_size,
"flags": flag_str,
"writes": list(),
"referent": list(),
"reads": list(),
"safe": False }
offset = idc.get_next_offset(frame, offset)
else:
offset = idc.get_first_member(frame)
frame_size = idc.get_func_attr(func_ea, idc.FUNCATTR_FRSIZE)
flag_str = ""
member_offset = _signed_from_unsigned(offset) - delta
stack_vars[member_offset] = {"name": f_name,
"size": frame_size,
"flags": flag_str,
"writes": list(),
"referent": list(),
"reads": list(),
"safe": False }
return stack_vars
def build_stack_variable(func_ea):
stack_vars = dict()
frame = idc.get_func_attr(func_ea, idc.FUNCATTR_FRAME)
if not frame:
return stack_vars
f_name = get_symbol_name(func_ea)
#grab the offset of the stored frame pointer, so that
#we can correlate offsets correctly in referent code
# e.g., EBP+(-0x4) will match up to the -0x4 offset
delta = idc.GetMemberOffset(frame, " s")
if delta == -1:
delta = 0
if f_name not in _FUNC_UNSAFE_LIST:
offset = idc.get_first_member(frame)
while -1 != _signed_from_unsigned(offset):
member_name = idc.get_member_name(frame, offset)
if member_name is None:
offset = idc.get_next_offset(frame, offset)
continue
if (member_name == " r" or member_name == " s"):
offset = idc.get_next_offset(frame, offset)
continue
member_size = idc.GetMemberSize(frame, offset)
if offset >= delta:
offset = idc.get_next_offset(frame, offset)
continue
member_flag = idc.GetMemberFlag(frame, offset)
flag_str = _get_flags_from_bits(member_flag)
member_offset = offset-delta
stack_vars[member_offset] = {"name": member_name,
"size": member_size,
"flags": flag_str,
"writes": list(),
"referent": list(),
"reads": list(),
"safe": False }
offset = idc.get_next_offset(frame, offset)
else:
offset = idc.get_first_member(frame)
frame_size = idc.get_func_attr(func_ea, idc.FUNCATTR_FRSIZE)
flag_str = ""
member_offset = _signed_from_unsigned(offset) - delta
stack_vars[member_offset] = {"name": f_name,
"size": frame_size,
"flags": flag_str,
"writes": list(),
"referent": list(),
"reads": list(),
"safe": False }
return stack_vars
def parse_function_args(ea: int) -> str:
local_variables = []
arguments = []
current = local_variables
frame = idc.get_func_attr(ea, FUNCATTR_FRAME)
arg_string = ""
if frame is None:
return ""
start = idc.get_first_member(frame)
end = idc.get_last_member(frame)
count = 0
max_count = 10000
args_str = ""
while start <= end and count <= max_count:
size = idc.get_member_size(frame, start)
count = count + 1
if size is None:
start = start + 1
continue
name = idc.get_member_name(frame, start)
start += size
if name in [" r", " s"]:
# Skip return address and base pointer
current = arguments
continue
arg_string += f" {name}"
current.append(name)
args_str = ", ".join(arguments)
if len(args_str) == 0:
args_str = "void"
return f"({args_str})"
def write_vtbl_struct(self, vtbl_name, struct_member_names):
struct_name = "{0}_struct".format(vtbl_name)
sid = idc.get_struc_id(struct_name)
if sid == idc.BADADDR:
# Doesn't exist
sid = idc.add_struc(-1, struct_name, is_union=0)
else:
# Clear existing
member_offset = idc.get_first_member(sid)
while member_offset != idc.BADADDR:
idc.del_struc_member(sid, member_offset)
member_offset = idc.get_first_member(sid)
for member_name in struct_member_names:
idc.add_struc_member(sid,
member_name,
offset=-1,
flag=idc.FF_DATA | idc.FF_QWORD,
typeid=-1,
nbytes=8,
reftype=idc.REF_OFF64)
member_offset = idc.get_last_member(sid)
member_id = idc.get_member_id(sid, member_offset)
idc.SetType(member_id, "void*")
def get_stack_arg(func_addr):
print func_addr
args = []
stack = idc.get_frame_id(func_addr)
if not stack:
return []
firstM = idc.get_first_member(stack)
lastM = idc.get_last_member(stack)
i = firstM
while i <= lastM:
mName = idc.get_member_name(stack, i)
mSize = idc.get_member_size(stack, i)
if mSize:
i = i + mSize
else:
i = i + 4
if mName not in args and mName and ' s' not in mName and ' r' not in mName:
args.append(mName)
return args
def get_stackVariables(func_addr):
#print func_addr
args = []
stack = idc.get_frame_id(func_addr)
if not stack:
return 0
firstM = idc.get_first_member(stack)
lastM = idc.get_last_member(stack)
i = firstM
while i <=lastM:
mName = idc.get_member_name(stack,i)
mSize = idc.get_member_size(stack,i)
if mSize:
i = i + mSize
else:
i = i+4
if mName not in args and mName and 'var_' in mName:
args.append(mName)
return len(args)
def StructMembers(sid):
"""
Get a list of structure members information (or stack vars if given a frame).
@param sid: ID of the structure.
@return: List of tuples (offset, name, size)
@note: If 'sid' does not refer to a valid structure,
an exception will be raised.
@note: This will not return 'holes' in structures/stack frames;
it only returns defined structure members.
"""
m = idc.get_first_member(sid)
if m == -1:
raise Exception("No structure with ID: 0x%x" % sid)
while (m != ida_idaapi.BADADDR):
name = idc.get_member_name(sid, m)
if name:
yield (m, name, idc.get_member_size(sid, m))
m = idc.get_next_offset(sid, m)
def __iter__(self):
m_off = get_first_member(self._sid)
while m_off != BADADDR and m_off != -1:
if get_member_flag(self._sid, m_off) != -1:
yield LocalVariable(self._sid, m_off)
m_off = get_next_offset(self._sid, m_off)
def members(self):
m_off = get_first_member(self._sid)
while m_off != BADADDR and m_off != -1:
if get_member_flag(self._sid, m_off) != -1:
yield StructureMember(self._sid, m_off)
m_off = get_next_offset(self._sid, m_off)
