InterCodes translate_Struct(node *Exp,Operand place){ InterCodes code1 = InterCodes_init(); int size = 0; if(strcmp(Exp->child->child->name,"ID") == 0){ //ID1.ID2 node *ID2 = Exp->child->brother->brother; node *ID1 = Exp->child->child; //char typename[20]; //strcpy(typename,FindStruct(ID1->node_value,ID2->node_value)); FieldList p = Findname(ID1->node_value); p = p->brother; while(p!=NULL){ if(strcmp(p->name,Exp->child->brother->brother->node_value) == 0) break; size = size + getSize(p); p = p->brother; } Operand op1 = new_operand_name(ID1->node_value);op1->kind = ADDR_op; Operand op2 = new_operand(1,size); code1->code = new_interCode(ADDR); code1->code->binop.result = place; code1->code->binop.op1 = op1; code1->code->binop.op2 = op2; //place->kind = ADDR_op; return code1; } else if(strcpy(Exp->child->child->name,"Exp") == 0){ InterCodes code2 = InterCodes_init(); node *ID1 = Exp->child; Operand t1 = new_temp(); code1 = translate_Struct(Exp->child, t1); FieldList p = Findname(ID1->child->node_value); p = p->brother; while(p!=NULL){ if(strcmp(p->name,Exp->child->brother->brother->node_value) == 0) break; size = size + getSize(p); p = p->brother; } Operand op1 = new_operand_name(ID1->child->node_value);op1->kind = ADDR_op; Operand op2 = new_operand(1,size); code1->code = new_interCode(ADDR); code2->code->binop.result = place; code2->code->binop.op1 = op1; code2->code->binop.op2 = op2; InterCodes_link(code1,code2); //place->kind = ADDR_op; return code1; } }
// Standard function Painttable() makes most of OllyDbg windows redrawing. You // only need to supply another function that prepares text strings and // optionally colours them. Case of custom windows is a bit more complicated, // please read documentation. int Bookmarkgettext(char *s, char *mask, int *select, t_sortheader *ph, int column) { int n; ulong cmdsize, decodesize; char cmd[MAXCMDSIZE], *pdecode; t_memory *pmem; t_disasm da; t_bookmark *pb = (t_bookmark *)ph; if (column == 0) // Name of bookmark { // Column 0 contains name of bookmark in form "Alt+n", where n is the // digit from 0 to 9. Mainly for demonstration purposes, I display prefix // "Alt+" in grayed and digit in normal text. Standard table windows do // not need to bother about selection. n = sprintf(s, "Alt+%i", pb->index); *select = DRAW_MASK; memset(mask, DRAW_GRAY, 4); mask[4] = DRAW_NORMAL; } else if (column == 1) // Address of bookmark n = sprintf(s, "%08X", pb->addr); else if (column == 2) // Disassembled command { // Function Disasm() requires that calling routine supplies code to be // disassembled. Read this code from memory. First determine possible // code size. pmem = Findmemory(pb->addr); // Find memory block containing code if (pmem == NULL) { *select = DRAW_GRAY; return sprintf(s, "???"); }; cmdsize = pmem->base + pmem->size - pb->addr; if (cmdsize > MAXCMDSIZE) cmdsize = MAXCMDSIZE; if (Readmemory(cmd, pb->addr, cmdsize, MM_RESTORE | MM_SILENT) != cmdsize) { *select = DRAW_GRAY; return sprintf(s, "???"); }; pdecode = Finddecode(pb->addr, &decodesize); if (decodesize < cmdsize) pdecode = NULL; Disasm(cmd, cmdsize, pb->addr, pdecode, &da, DISASM_CODE, 0); strcpy(s, da.result); n = strlen(s); } else if (column == 3) // Comment // Only user-defined comments are displayed here. n = Findname(pb->addr, NM_COMMENT, s); else n = 0; // s is not necessarily 0-terminated return n; };
InterCodes translate_VarDec(node* VarDec){ InterCodes code1 = InterCodes_init(); if(strcmp(VarDec->child->name, "ID") == 0){ //ID FieldList p = Findname(VarDec->child->node_value); if(p->type->kind == Int || p->type->kind == Float){ return NULL; } else if(p->type->kind == ARRAY || p->type->kind == STRUCTVAR ){ int size = getSize(p); code1->code = new_interCode(DEC); code1->code->assign.left = new_operand_name(VarDec->child->node_value); code1->code->assign.right = new_operand(1,size); } return code1; } else //ID LB INT RB return translate_VarDec(VarDec->child); }
InterCodes translate_Args(node* Args,Operand *arg,int* num){ if(Args->child->brother == NULL){ InterCodes code1 = InterCodes_init(); /*if(strcmp(Args->child->child->name,"ID") == 0){ FieldList p = Findname(Args->child->child->node_value); if(p->type->kind!=Int && p->type->kind!=Float){ Operand op = new_temp(); Operand re = new_operand_name(p->name); code1->code = new_interCode(ASSIGN); code1->code->assign.right = re; code1->code->assign.left = op; return code1; } }*/ Operand op = new_temp(); code1 = translate_Exp(Args->child, op); arg[(*num)++] = op; return code1; } else{ InterCodes code1 = InterCodes_init(); if(strcmp(Args->child->child->name,"ID") == 0){ FieldList p = Findname(Args->child->child->node_value); if(p->type->kind!=Int && p->type->kind!=Float){ Operand op = new_temp(); Operand re = new_operand_name(p->name); code1->code = new_interCode(ASSIGN); code1->code->assign.right = re; code1->code->assign.left = op; arg[(*num)++] = op; } } else{ Operand op = new_temp(); code1 = translate_Exp(Args->child, op); arg[(*num)++] = op; } InterCodes code2 = translate_Args(Args,arg,num); InterCodes_link(code1,code2); return code1; } }
//prompt user for name/label and push it out to the server void insert_name(t_dump *pd) { char buf [MAXSTR+128]; char text [MAXSTR+128]; if (connector->is_connected()) // && origin==PM_DISASM) --> do we need this? { Findname(pd->sel0,NM_LABEL,text); //get existing name if (-1 == Gettext("Enter "PLUGIN_NAME" label(name):", text, 0x00, NM_LABEL, FIXEDFONT)) return; //cancelled by user Insertname(pd->sel0, NM_LABEL, text); Redrawdisassembler(); sprintf(buf, "%d:::%08x:::%s", IDA_SYNC_COMMAND_NAME, pd->sel0, // our current selected address text); if (connector_push(buf)) Message(pd->sel0, "[*] "PLUGIN_NAME"> Successfully pushed name/label at address 0x%08x to server.", pd->sel0); }//if connected }
InterCodes translate_Fundec(node* Fundec){ node* ID = Fundec->child; InterCodes code1 = InterCodes_init(); code1->code = new_interCode(FUNC_I); code1->code->onlyop.op = new_operand_name(ID->node_value); if(strcmp(ID->brother->brother->name,"VarList") == 0){ //ID LP VarList RP FieldList p = Findname(ID->node_value); FuncVar *q = p->type->func.brother; while(q != NULL){ InterCodes code2 = InterCodes_init(); code2->code = new_interCode(PARAM_I); code2->code->onlyop.op = (Operand)malloc(sizeof(Operand_)); code2->code->onlyop.op->kind = PARAM_op; strcpy(code2->code->onlyop.op->param,q->name); InterCodes_link(code1, code2); q = q->next; } return code1; } else //ID LP RP return code1; }
InterCodes translate_Array(node *Exp,Operand place){ InterCodes code1 = NULL; FieldList p = Findname(Exp->child->child->node_value); int size =0; //Operand t ; if(strcpy(Exp->child->child->name,"ID") == 0){ //Exp[Exp] if(p->type->array.elem->kind == STRUCTURE) size = getSize(p); else size = 4; Operand op1 = new_operand_name(Exp->child->child->node_value); InterCodes code2,code3,code4; Operand t1 = new_temp(); code2 = translate_Exp(Exp->child->brother->brother,t1); //翻译[]中的exp Operand t2 = new_temp(); Operand c1 = new_operand(1,size); code3 = InterCodes_init(); code3->code = new_interCode(MUL); code3->code->binop.result = t2; code3->code->binop.op1 = t1; code3->code->binop.op2 = c1; code4 = InterCodes_init(); code4->code = new_interCode(ADDR); code4->code->binop.result = place; code4->code->binop.op1 = op1; code4->code->binop.op2 = t2; /*InterCodes_link(code1,code2); InterCodes_link(code1,code3); InterCodes_link(code1,code4);*/ InterCodes_link(code2,code3); InterCodes_link(code2,code4); place->kind = ADDR_op; return code2; } else if(strcpy(Exp->child->child->name,"Exp") == 0) //Exp[Exp][Exp] { if(p->type->array.elem->kind == STRUCTURE) size = getSize(p); else size = 4; InterCodes code = InterCodes_init(); Operand temp = new_temp(); code = translate_Array(Exp->child,temp); Operand op1 = new_operand_name(Exp->child->child->node_value); InterCodes code2,code3,code4; Operand t1 = new_temp(); code2 = translate_Exp(Exp->child->brother->brother,t1); //翻译[]中的exp Operand t2 = new_temp(); Operand c1 = new_operand(1,size); code3 = InterCodes_init(); code3->code = new_interCode(MUL); code3->code->binop.result = t2; code3->code->binop.op1 = t1; code3->code->binop.op2 = c1; code4 = InterCodes_init(); code4->code = new_interCode(ADDR); code4->code->binop.result = place; code4->code->binop.op1 = op1; code4->code->binop.op2 = t2; /*InterCodes_link(code1,code2); InterCodes_link(code1,code3); InterCodes_link(code1,code4); InterCodes_link(code1,code);*/ InterCodes_link(code2,code3); InterCodes_link(code2,code4); InterCodes_link(code2,code); place->kind = ADDR_op; return code2; } }
void mapfile_apply(list_t* names) { TCHAR* undecorated; ULONG total = 0, filtered = 0, applied = 0, addr; int err, result; name_t* nm, *nm_last; list_t* rmtable; module_t* module = module_info(&err); if (!err) { Addtolist(0, 0, "Applying names from map file to module '%s'", module->name); if (!g_Config->collisionchecks) { rmtable = list_create(); } nm = (name_t*)names->first; while (nm) { if (nm->segment < module->nseg) { if (g_Config->demangle) { undecorated = (TCHAR*)malloc(2 * nm->size * sizeof(TCHAR)); if (result = Demanglename(nm->buffer, NM_LIBRARY, undecorated)) { free(nm->buffer); nm->size = result + 1; nm->buffer = undecorated; } else { free(undecorated); } } addr = module->base + module->segments[nm->segment] + nm->offset; if (g_Config->usemasks) { if (result = mask_filter(nm)) { filtered++; if ((result & FILTER_SKIP) && !g_Config->collisionchecks && /* Findname for NM_ANYNAME fails everytime, dunno why */ (Findname(addr, NM_COMMENT, NULL) || Findname(addr, NM_LABEL, NULL))) { list_addname(rmtable, NULL, 0, nm->segment, nm->offset); total++; nm = nm->next; continue; } } } if (g_Config->comments) { if (g_Config->collisionchecks) { if (!Findname(addr, NM_COMMENT, NULL) && !Quickinsertname(addr, NM_COMMENT, nm->buffer)) { applied++; } } else if (!Quickinsertname(addr, NM_COMMENT, nm->buffer)) { applied++; } } if (g_Config->labels) { if (g_Config->collisionchecks) { if (!Findlabel(addr, NULL) && !Quickinsertname(addr, NM_LABEL, nm->buffer)) { applied++; } } else if (!Quickinsertname(addr, NM_LABEL, nm->buffer)) { applied++; } } } total++; Progress(total * 1000 / names->count, "Inserting names"); nm = nm->next; } Progress(0, ""); Infoline("Merging names"); Mergequicknames(); if (!g_Config->collisionchecks) { Infoline("Cleaning skipped entries"); nm = (name_t*)rmtable->first; while (nm) { addr = module->base + module->segments[nm->segment] + nm->offset; if (g_Config->comments) { Insertname(addr, NM_COMMENT, ""); } if (g_Config->labels) { Insertname(addr, NM_LABEL, ""); } nm_last = nm; nm = nm->next; /* Manual list_freenames expansion to speed it up somehow */ free(nm_last); } } Infoline("Total loaded: %d, Names applied: %d, Names filtered: %d", total, applied, filtered); Addtolist(0, -1, " Total loaded: %d, Names applied: %d, Names filtered: %d", total, applied, filtered); module_free(module); } else { module_error(err); } }