//--------------------------------------------------------------------------
void idaapi cr16c_data(ea_t ea)
{
char obuf[256];
init_output_buffer(obuf, sizeof(obuf));
int col = 0;
uint32 flags = get_flags_novalue(ea);
if (isWord(flags)) {
out_snprintf("%s %xh", ash.a_word ? ash.a_word : "", get_word(ea));
}
else if (isDwrd(flags)) {
out_snprintf("%s %xh", ash.a_dword ? ash.a_dword : "", get_long(ea));
}
else { //if (isByte(flags)) {
int val = get_byte(ea);
char ch = ' ';
if (val >= 0x20 && val <= 0x7E) {
ch = val;
}
out_snprintf("%s %02xh ; %c", ash.a_byte ? ash.a_byte : "", val, ch);
}
term_output_buffer();
gl_comm = 1;
MakeLine(obuf);
return;
}
static int GetTypeOf(ea_t ea)
{
flags_t flags = getFlags(ea);
if (isTail(flags)) {
// check if it's a struct ptr
ea_t head = get_item_head(ea);
if (head == ea) return T_UNK;
flags = getFlags(head);
if (!isData(flags) || !isStruct(flags)) return T_UNK;
return GetTypeOfStructInstance(ea, head, flags);
}
if (!isData(flags)) return T_UNK;
if (isStruct(flags)) return GetTypeOfStructInstance(ea, ea, flags);
if (isByte(flags)) {
char s;
if (has_cmt(flags) && (get_cmt(ea, false, &s, 1) != -1) && s == 'S') return T_I8;
return T_U8;
}
if (isWord(flags)) {
char s;
if (has_cmt(flags) && (get_cmt(ea, false, &s, 1) != -1) && s == 'S') return T_I16;
return T_U16;
}
if (isDwrd(flags)) return T_I32;
return T_UNK;
}
static int GetTypeOf(ea_t ea)
{
flags_t flags = getFlags(ea);
if (!isData(flags)) return T_UNK;
if (isByte(flags)) return T_8BIT;
if (isWord(flags)) return T_16BIT;
if (isDwrd(flags)) return T_I32;
return T_UNK;
}
BOOL get_vtbl_info(ea_t ea_address, VTBL_info_t &vtbl_info)
{
flags_t flags = getFlags(ea_address);
if (!(hasRef(flags) || has_any_name(flags) && (isDwrd(flags) || isUnknown(flags))))
return(FALSE);
else
{
BOOL is_move_xref = FALSE;
ea_t ea_code_ref = get_first_dref_to(ea_address);
if (ea_code_ref && (ea_code_ref != BADADDR))
{
do
{
if (isCode(getFlags(ea_code_ref)))
{
LPCTSTR disasm_line = get_text_disasm(ea_code_ref);
#ifndef __EA64__
if ((*((PUINT)disasm_line) == 0x20766F6D /*"mov "*/) && (strstr(disasm_line + 4, " offset ") != NULL))
#else
if ((*((PUINT)disasm_line) == 0x2061656c /*"lea "*/) && (strstr(disasm_line + 4, "rcx") != NULL) && (strstr(disasm_line + 4, "const") != NULL))
#endif
{
is_move_xref = TRUE;
break;
}
}
ea_code_ref = get_next_dref_to(ea_address, ea_code_ref);
} while (ea_code_ref && (ea_code_ref != BADADDR));
}
if (!is_move_xref)
return(FALSE);
ZeroMemory(&vtbl_info, sizeof(VTBL_info_t));
// get_name(BADADDR, ea_address, vtbl_info.vtbl_name, (MAXSTR - 1));
f_get_ea_name(&vtbl_info.vtbl_name, ea_address);
ea_t ea_start = vtbl_info.ea_begin = ea_address;
while (TRUE)
{
flags_t index_flags = getFlags(ea_address);
#ifndef __EA64__
if (!(hasValue(index_flags) && (isDwrd(index_flags) || isUnknown(index_flags))))
#else
if (!(hasValue(index_flags) && (isQwrd(index_flags) || isUnknown(index_flags))))
#endif
break;
#ifndef __EA64__
ea_t ea_index_value = get_32bit(ea_address);
#else
ea_t ea_index_value = get_64bit(ea_address);
#endif
if (!(ea_index_value && (ea_index_value != BADADDR)))
break;
if (ea_address != ea_start)
if (hasRef(index_flags))
break;
flags_t value_flags = getFlags(ea_index_value);
if (!isCode(value_flags))
break;
else
if (isUnknown(index_flags))
#ifndef __EA64__
doDwrd(ea_address, sizeof(DWORD));
ea_address += sizeof(UINT);
#else
doQwrd(ea_address, sizeof(UINT64));
ea_address += sizeof(UINT64);
#endif
};
#ifndef __EA64__
if ((vtbl_info.methods = ((ea_address - ea_start) / sizeof(UINT))) > 0)
#else
if((vtbl_info.methods = ((ea_address - ea_start) / sizeof(UINT64))) > 0)
#endif
{
vtbl_info.ea_end = ea_address;
return(TRUE);
}
else
return(FALSE);
}
}
//----------------------------------------------------------------------
static void process_operand(op_t &x,int isAlt,int isload)
{
switch ( x.type )
{
case o_reg:
case o_phrase:
case o_reglist:
return;
case o_imm:
QASSERT(10094, isload);
process_immediate_number(x.n);
if ( op_adds_xrefs(uFlag, x.n) )
ua_add_off_drefs2(x, dr_O, OOFS_IFSIGN|OOFW_IMM);
break;
case o_displ:
process_immediate_number(x.n);
if ( isAlt )
break;
if ( op_adds_xrefs(uFlag, x.n) )
{
ea_t ea = ua_add_off_drefs2(x, isload ? dr_R : dr_W, get_displ_outf(x));
if ( ea != BADADDR )
{
ua_dodata2(x.offb, ea, x.dtyp);
if ( !isload )
doVar(ea);
}
}
// create stack variables if required
if ( may_create_stkvars() && !isDefArg(uFlag, x.n) )
{
func_t *pfn = get_func(cmd.ea);
if ( pfn != NULL
&& (issp(x.phrase)
|| isbp(x.phrase) && (pfn->flags & FUNC_FRAME) != 0) )
{
if ( ua_stkvar2(x, x.addr, STKVAR_VALID_SIZE) )
op_stkvar(cmd.ea, x.n);
}
}
break;
case o_near:
add_code_xref(x, calc_mem(x.addr));
break;
case o_mem:
case o_memind:
{
ea_t ea = calc_mem(x.addr);
if ( !isEnabled(ea) && find_sym(ea) ) break; // address not here
ua_add_dref(x.offb, ea, isload ? dr_R : dr_W);
ua_dodata2(x.offb, ea, x.dtyp);
if ( x.type == o_memind )
{
ssize_t size = get_dtyp_size(x.dtyp);
flags_t F = getFlags(ea);
if ( (isWord(F) || isDwrd(F))
&& (!isDefArg0(F) || isOff0(F)) )
{
ea_t target = calc_mem(size == 2
? get_word(ea)
: (get_long(ea) & 0xFFFFFFL));
if ( isEnabled(target) ) add_code_xref(x, target);
if ( !isOff0(F) )
set_offset(ea, 0, calc_mem(0));
}
break;
}
if ( !isload ) doVar(ea);
}
break;
default:
INTERR(10095);
}
}
// Process function
void processFunction(func_t *f)
{
// Skip tiny functions
if(f->size() >= 5)
{
// Don't add comments to API wrappers
char name[MAXNAMELEN]; name[0] = name[SIZESTR(name)] = 0;
if(!apiMap.empty())
{
if(get_short_name(BADADDR, f->startEA, name, SIZESTR(name)))
{
if(apiMap.find(name) != apiMap.end())
return;
}
}
// Iterate function body
STRLIST importLstTmp;
LPSTR commentPtr = NULL;
char comment[MAXSTR]; comment[0] = comment[SIZESTR(comment)] = 0;
UINT commentLen = 0;
#define ADDNM(_str) { UINT l = strlen(_str); memcpy(comment + commentLen, _str, l); commentLen += l; _ASSERT(commentLen < MAXSTR); }
func_item_iterator_t it(f);
do
{
ea_t currentEA = it.current();
// Will be a "to" xref
xrefblk_t xb;
if(xb.first_from(currentEA, XREF_FAR))
{
BOOL isImpFunc = FALSE;
name[0] = 0;
// If in import segment
// ============================================================================================
ea_t refAdrEa = xb.to;
if(isInImportSeg(refAdrEa))
{
flags_t flags = get_flags_novalue(refAdrEa);
if(has_name(flags) && hasRef(flags) && isDwrd(flags))
{
if(get_short_name(BADADDR, refAdrEa, name, SIZESTR(name)))
{
// Nix the imp prefix if there is one
if(strncmp(name, "__imp_", SIZESTR("__imp_")) == 0)
memmove(name, name + SIZESTR("__imp_"), ((strlen(name) - SIZESTR("__imp_")) + 1));
isImpFunc = TRUE;
}
else
msg(EAFORMAT" *** Failed to get import name! ***\n", refAdrEa);
}
}
// Else, check for import wrapper
// ============================================================================================
else
if(!apiMap.empty())
{
// Reference is a function entry?
flags_t flags = get_flags_novalue(refAdrEa);
if(isCode(flags) && has_name(flags) && hasRef(flags))
{
if(func_t *refFuncPtr = get_func(refAdrEa))
{
if(refFuncPtr->startEA == refAdrEa)
{
if(get_short_name(BADADDR, refAdrEa, name, SIZESTR(name)))
{
// Skip common unwanted types "sub_.." or "unknown_libname_.."
if(
// not "sub_..
/*"sub_"*/ (*((PUINT) name) != 0x5F627573) &&
// not "unknown_libname_..
/*"unknown_"*/ ((*((PUINT64) name) != 0x5F6E776F6E6B6E75) && (*((PUINT64) (name + 8)) != /*"libname_"*/ 0x5F656D616E62696C)) &&
// not nullsub_..
/*"nullsub_"*/ (*((PUINT64) name) != 0x5F6275736C6C756E)
)
{
// Nix the import prefixes
if(strncmp(name, "__imp_", SIZESTR("__imp_")) == 0)
memmove(name, name + SIZESTR("__imp_"), ((strlen(name) - SIZESTR("__imp_")) + 1));
// Assumed to be a wrapped import if it's in the list
isImpFunc = (apiMap.find(name) != apiMap.end());
}
}
else
msg(EAFORMAT" *** Failed to get function name! ***\n", refAdrEa);
}
}
}
}
// Found import function to add list
if(isImpFunc)
{
// Skip those large common STL names
if(strncmp(name, "std::", SIZESTR("std::")) != 0)
{
// Skip if already seen in this function
BOOL known = FALSE;
for(STRLIST::iterator ji = importLstTmp.begin(); ji != importLstTmp.end(); ji++)
{
if(strcmp(ji->c_str(), name) == 0)
{
known = TRUE;
break;
}
}
// Not seen
if(!known)
{
importLstTmp.push_front(name);
// Append to existing comments w/line feed
if(!commentLen && !commentPtr)
{
commentPtr = get_func_cmt(f, true);
if(!commentPtr)
get_func_cmt(f, false);
if(commentPtr)
{
commentLen = strlen(commentPtr);
// Bail out not enough comment space
if(commentLen >= (MAXSTR - 20))
{
qfree(commentPtr);
return;
}
memcpy(comment, commentPtr, commentLen);
ADDNM("\n"MYTAG);
}
}
if(!commentLen)
ADDNM(MYTAG);
// Append a "..." (continuation) and bail out if name hits max comment length
if((commentLen + strlen(name) + SIZESTR("()") + sizeof(", ")) >= (MAXSTR - sizeof("...")))
{
ADDNM(" ...");
break;
}
// Append this function name
else
{
if(importLstTmp.size() != 1)
ADDNM(", ");
ADDNM(name); ADDNM("()");
}
}
}
else
{
//msg("%s\n", szName);
}
}
}
}while(it.next_addr());
if(!importLstTmp.empty() && commentLen)
{
// Add comment
comment[commentLen] = 0;
set_func_cmt(f, comment, true);
commentCount++;
}
if(commentPtr)
qfree(commentPtr);
}
}
void enum_members2(struc_t *st)
{
char buf[MAXSTR];
type_t type[MAXSTR] = {0};
int gap_cnt = 1;
asize_t ofs = 0, gapend = BADADDR, gapstart = BADADDR;
for (size_t i=0;i<st->memqty;i++)
{
member_t &mem = st->members[i];
// unexpected beginning of member?
if (mem.soff != ofs)
{
// msg("gap detected @ %a!\n", ofs);
gapstart = ofs;
}
if (gapstart != BADADDR)
{
gapend = mem.soff;
msg("char pad%d[%d]\n", gap_cnt, gapend - gapstart);
//msg("gap size=%a\n", gapend - gapstart);
gapend = gapstart = BADADDR;
gap_cnt++;
}
typeinfo_t mem_ti;
retrieve_member_info(&mem, &mem_ti);
// data type size of member
asize_t dt_mem_size = get_data_type_size(mem.flag, &mem_ti);
// member size
asize_t mem_size = get_member_size(&mem);
// get the member's name
get_member_name(mem.id, buf, sizeof(buf));
char dtype[MAXSTR];
char arraystr[MAXSTR];
char typemod[10];
arraystr[0] = 0;
typemod[0] = 0;
if (isWord(mem.flag))
strcpy(dtype, "unsigned short");
else if (isDwrd(mem.flag))
strcpy(dtype, "unsigned long");
else if (isByte(mem.flag))
strcpy(dtype, "char");
else if (isStruct(mem.flag))
{
struc_t *nested_st = get_sptr(&mem);
get_struc_name(nested_st->id, dtype, MAXSTR);
}
else
strcpy(dtype, "user_type");
if (isOff0(mem.flag))
{
strcpy(typemod, "*");
}
if (isEnum0(mem.flag))
{
get_enum_name(mem_ti.ec.tid, dtype, sizeof(dtype));
}
asize_t ar_size = mem_size / dt_mem_size;
// an array?
if (ar_size > 1)
{
sprintf(arraystr, "[%d]", ar_size);
}
char out[100];
sprintf(out, "%s " /* type */
"%s" /* typemodif */ "%s" /* varname */ "%s" /*array*/ ";", dtype, typemod, buf, arraystr);
msg("%s\n", out);
/*
inline bool idaapi isByte (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_BYTE; }
inline bool idaapi isWord (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_WORD; }
inline bool idaapi isDwrd (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_DWRD; }
inline bool idaapi isQwrd (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_QWRD; }
inline bool idaapi isOwrd (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_OWRD; }
inline bool idaapi isTbyt (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_TBYT; }
inline bool idaapi isFloat (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_FLOAT; }
inline bool idaapi isDouble(flags_t F) { return isData(F) && (F & DT_TYPE) == FF_DOUBLE; }
inline bool idaapi isPackReal(flags_t F) { return isData(F) && (F & DT_TYPE) == FF_PACKREAL; }
inline bool idaapi isASCII (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_ASCI; }
inline bool idaapi isStruct(flags_t F) { return isData(F) && (F & DT_TYPE) == FF_STRU; }
inline bool idaapi is3byte (flags_t F) { return isData(F) && (F & DT_TYPE) == FF_3BYTE; }
*/
/*
msg("member[%d], name=%s; %a-%a ; id=%d; flags=%x type=%s dt_mem_size=%a mem_size=%a\n",
i,
buf,
mem.soff,
mem.eoff,
mem.id,
mem.flag,
type,
dt_mem_size,
mem_size);
*/
// we expect next member to begin @ end of last member
ofs = mem.eoff;
}
}
