def printStructureGroups(context, chains, originAddr=None): chains.sort() for chain in chains: log.debug('\t[-] chain len:%d'%len(chain) ) if originAddr is not None: if originAddr not in chain: continue # ignore chain if originAddr is not in it for addr in map(long,chain): context.getStructureForAddr(addr).decodeFields() # can be long print context.getStructureForAddr(addr).toString() print '#','-'*78
def fixType(context, chains): ''' Fix the name of each structure to a generic word/type name ''' for chain in chains: name = getname() log.debug('\t[-] fix type of chain size:%d with name name:%s'% (len(chain), name ) ) for addr in chain: # chain is a numpy addr = int(addr) # FIXME instance = context.getStructureForAddr(addr) # ctypes_type = fixInstanceType(context, instance, name) return
def graphStructureGroups(context, chains, originAddr=None): # TODO change generic fn chains.sort() import networkx graph = networkx.DiGraph() for chain in chains: log.debug('\t[-] chain len:%d'%len(chain) ) if originAddr is not None: if originAddr not in chain: continue # ignore chain if originAddr is not in it for addr in map(long,chain): context.getStructureForAddr(addr).decodeFields() # can be long print context.getStructureForAddr(addr).toString() targets = set() for f in context.getStructureForAddr(addr).getPointerFields(): addr_child = f._getValue(0) child = context.getStructureForOffset(addr) targets.add(( '%x'%addr, '%x'%child._vaddr ) ) graph.add_edges_from( targets ) print '#','-'*78 networkx.readwrite.gexf.write_gexf( graph, Config.getCacheFilename(Config.CACHE_GRAPH, context.dumpname))