void IdaFrontend::createSections(core::image::Image *image) {
for (int i = 0; i < get_segm_qty(); i++) {
segment_t *idaSegment = getnseg(i);
assert(idaSegment != NULL);
char segName[MAXSTR];
ssize_t segNameSize = get_segm_name(idaSegment, segName, sizeof(segName) - 1);
if(segNameSize < 0) {
segName[0] = '\0';
} else if(segNameSize > 0 && segName[0] == '_') {
segName[0] = '.';
}
auto section = std::make_unique<core::image::Section>(
segName,
checked_cast<ByteAddr>(idaSegment->startEA),
checked_cast<ByteSize>(idaSegment->size())
);
section->setReadable(idaSegment->perm & SEGPERM_READ);
section->setWritable(idaSegment->perm & SEGPERM_WRITE);
section->setExecutable(idaSegment->perm & SEGPERM_EXEC);
section->setCode(idaSegment->type == SEG_CODE);
section->setData(idaSegment->type == SEG_DATA);
section->setBss(idaSegment->type == SEG_BSS);
section->setAllocated(section->isCode() || section->isData() || section->isBss());
section->setExternalByteSource(std::make_unique<IdaByteSource>());
image->addSection(std::move(section));
}
}
void process_rtti()
{
ea_t start = getnseg(0)->startEA;
while (TRUE)
{
ea_t rt = find_RTTI(start, inf.maxEA);
start = rt + 4;
if (rt == BADADDR)
break;
char* name = get_demangle_name(rt);
ea_t rtd = rt - 8;
rtti_addr.push_back(rtd);
qstring tmp;
#ifndef __EA64__
tmp.cat_sprnt(" 0x%x: %s", rtd, name);
#else
tmp.cat_sprnt(_T(" 0x%I64X: %s"), rtd, name);
#endif
rtti_list.push_back(tmp);
}
}
//build an object for the listbox
//and fill it with appropriate data:
//headline | headline | headline
//name of segment start address end address
//... ... ...
line *build_segm_obj(void)
{
int i;
int seg_qty = get_segm_qty();
line *obj;
char addrbuf[10];
segment_t *curseg;
//allocate seg_qty lines +1 (for the header line)
obj = (line *)malloc(sizeof(line)*(seg_qty+1));
//first line will be filled with headline captions
strcpy( (char *)obj[0].segname, headline[0]);
strcpy( (char *)obj[0].startEA,headline[1]);
strcpy( (char *)obj[0].endEA,headline[2]);
//the following lines will contain name of segment,
//start- and end address of segments
for(i=1;i<=seg_qty;i++)
{
curseg = getnseg(i-1);
strcpy( (char *)obj[i].segname, get_true_segm_name(curseg));
sprintf(addrbuf,"%08X",curseg->startEA);
strcpy( (char *)obj[i].startEA, addrbuf);
sprintf(addrbuf,"%08X",curseg->endEA);
strcpy( (char *)obj[i].endEA, addrbuf);
}
//return pointer to object
return obj;
}
ea_t
auto_find_root_addr()
{
int i;
segment_t *s;
ea_t start, end, found;
for ( i = 0; i < segs.get_area_qty(); i++ )
{
s = getnseg(i);
if ( NULL == s )
continue;
start = s->startEA;
end = s->endEA;
while(start < end)
{
found = bin_search(start, end, root_name, NULL, ROOT_LEN + 1,
BIN_SEARCH_FORWARD, BIN_SEARCH_CASE);
if ( BADADDR == found )
break;
start = found + ROOT_LEN; /* for next iteration */
xrefblk_t xb;
int ok;
for ( ok = xb.first_to(found,XREF_ALL); ok; ok=xb.next_to() )
{
if ( xb.iscode ) /* we want data ref */
continue;
if ( NULL != ( found = find_root(found, true) ) )
return found;
}
}
}
return NULL;
}
ea_t find_import_loc(const char *name)
{
for (int i = 0; i < get_segm_qty(); i++) {
segment_t *seg = getnseg(i);
//msg("segment[%d] %a %a\n", i, seg->startEA, seg->endEA);
if (seg->type == SEG_XTRN) {
//msg("segment[%d] == SEG_XTRN\n", i);
ea_t loc = get_name_ea(seg->startEA, name);
if (loc != BADADDR) {
return loc;
}
}
}
return BADADDR;
}
//saves a segment to harddisk
bool dump_seg_to_disk(ulong n)
{
segment_t *curseg;
uchar *segdata;
char *answer;
FILE *file;
curseg = getnseg(n);
//show "save file" dialog
answer = askfile_cv(1,get_segm_name(curseg),"Enter a filename for the segment:",0);
if(answer == NULL)
{
return false;
}
//get copy of segment and save it to disk
segdata = get_segment_data(curseg->startEA, curseg->endEA, getsegsize(curseg));
file = fopenWB(answer);
ewrite(file, segdata, getsegsize(curseg));
eclose(file);
free(segdata);
return true;
}
static void idaapi run(int /* arg */)
{
static char mapFileName[_MAX_PATH] = { 0 };
// If user press shift key, show options dialog
if (GetAsyncKeyState(VK_SHIFT) & 0x8000)
{
ShowOptionsDlg();
}
ulong numOfSegs = (ulong) get_segm_qty();
if (0 == numOfSegs)
{
warning("Not found any segments");
return;
}
if ('\0' == mapFileName[0])
{
// First run
strncpy(mapFileName, get_input_file_path(), sizeof(mapFileName));
WIN32CHECK(PathRenameExtension(mapFileName, ".map"));
}
// Show open map file dialog
char *fname = askfile_c(0, mapFileName, "Open MAP file");
if (NULL == fname)
{
msg("LoadMap: User cancel\n");
return;
}
// Open the map file
LPSTR pMapStart = NULL;
DWORD mapSize = INVALID_FILE_SIZE;
MAP_OPEN_ERROR eRet = MapFileOpen(fname, pMapStart, mapSize);
switch (eRet)
{
case WIN32_ERROR:
warning("Could not open file '%s'.\nWin32 Error Code = 0x%08X",
fname, GetLastError());
return;
case FILE_EMPTY_ERROR:
warning("File '%s' is empty, zero size", fname);
return;
case FILE_BINARY_ERROR:
warning("File '%s' seem to be a binary or Unicode file", fname);
return;
case OPEN_NO_ERROR:
default:
break;
}
bool foundHdr = false;
ulong validSyms = 0;
ulong invalidSyms = 0;
// The mark pointer to the end of memory map file
// all below code must not read or write at and over it
LPSTR pMapEnd = pMapStart + mapSize;
show_wait_box("Parsing and applying symbols from the Map file '%s'", fname);
__try
{
LPSTR pLine = pMapStart;
LPSTR pEOL = pMapStart;
while (pLine < pMapEnd)
{
// Skip the spaces, '\r', '\n' characters, blank lines, seek to the
// non space character at the beginning of a non blank line
pLine = SkipSpaces(pEOL, pMapEnd);
// Find the EOL '\r' or '\n' characters
pEOL = FindEOL(pLine, pMapEnd);
size_t lineLen = (size_t) (pEOL - pLine);
if (lineLen < g_minLineLen)
{
continue;
}
if (!foundHdr)
{
if ((0 == strnicmp(pLine, VC_HDR_START , lineLen)) ||
(0 == strnicmp(pLine, BL_HDR_NAME_START , lineLen)) ||
(0 == strnicmp(pLine, BL_HDR_VALUE_START, lineLen)))
{
foundHdr = true;
}
}
else
{
ulong seg = SREG_NUM;
ulong addr = BADADDR;
char name[MAXNAMELEN + 1];
char fmt[80];
name[0] = '\0';
fmt[0] = '\0';
// Get segment number, address, name, by pass spaces at beginning,
// between ':' character, between address and name
int ret = _snscanf(pLine, min(lineLen, MAXNAMELEN + g_minLineLen),
" %04X : %08X %s", &seg, &addr, name);
if (3 != ret)
{
// we have parsed to end of value/name symbols table or reached EOF
_snprintf(fmt, sizeof(fmt), "Parsing finished at line: '%%.%ds'.\n", lineLen);
ShowMsg(fmt, pLine);
break;
}
else if ((0 == seg) || (--seg >= numOfSegs) ||
(BADADDR == addr) || ('\0' == name[0]))
{
sprintf(fmt, "Invalid map line: %%.%ds.\n", lineLen);
ShowMsg(fmt, pLine);
invalidSyms++;
}
else
{
// Ensure name is NULL terminated
name[MAXNAMELEN] = '\0';
// Determine the DeDe map file
bool bNameApply = g_options.bNameApply;
char *pname = name;
if (('<' == pname[0]) && ('-' == pname[1]))
{
// Functions indicator symbol of DeDe map
pname += 2;
bNameApply = true;
}
else if ('*' == pname[0])
{
// VCL controls indicator symbol of DeDe map
pname++;
bNameApply = false;
}
else if (('-' == pname[0]) && ('>' == pname[1]))
{
// VCL methods indicator symbol of DeDe map
pname += 2;
bNameApply = false;
}
ulong la = addr + getnseg((int) seg)->startEA;
flags_t f = getFlags(la);
if (bNameApply) // Apply symbols for name
{
// Add name if there's no meaningful name assigned.
if (g_options.bReplace ||
(!has_name(f) || has_dummy_name(f) || has_auto_name(f)))
{
if (set_name(la, pname, SN_NOWARN))
{
ShowMsg("%04X:%08X - Change name to '%s' successed\n",
seg, la, pname);
validSyms++;
}
else
{
ShowMsg("%04X:%08X - Change name to '%s' failed\n",
seg, la, pname);
invalidSyms++;
}
}
}
else if (g_options.bReplace || !has_cmt(f))
{
// Apply symbols for comment
if (set_cmt(la, pname, false))
{
ShowMsg("%04X:%08X - Change comment to '%s' successed\n",
seg, la, pname);
validSyms++;
}
else
{
ShowMsg("%04X:%08X - Change comment to '%s' failed\n",
seg, la, pname);
invalidSyms++;
}
}
}
}
}
}
__finally
{
MapFileClose(pMapStart);
hide_wait_box();
}
if (!foundHdr)
{
warning("File '%s' is not a valid Map file", fname);
}
else
{
// Save file name for next askfile_c dialog
strncpy(mapFileName, fname, sizeof(mapFileName));
// Show the result
msg("Result of loading and parsing the Map file '%s'\n"
" Number of Symbols applied: %d\n"
" Number of Invalid Symbols: %d\n\n",
fname, validSyms, invalidSyms);
}
}
void Apply_patches(HWND hwnd)
{
HWND hList = GetDlgItem(hwnd,IDC_LIST_SEGMEN);
netnode n("$ Apply SegMen");
char szFilePath[256 * 2] = {0};
strncpy(szFilePath, database_idb, 256);
char *lpTmpBuf = strrchr(szFilePath, '\\') + 1;
if(lpTmpBuf == (char*)1)
{
return;
}
*lpTmpBuf = 0;
get_root_filename(lpTmpBuf, 256);
msg("=============================\n");
msg("Apply Path:%s\n", szFilePath);
if(IsDlgButtonChecked(hwnd, IDC_APPLY_CHECK_BACK))
{
char szBackPath[300] = {0};
sprintf(szBackPath, "%s.back", szFilePath);
msg("BackFile Path:%s.back\n", szFilePath);
CopyFile(szFilePath, szBackPath, FALSE);
n.altset(CHECK_BACKFILE_INDEX, 1);
}
else
{
n.altset(CHECK_BACKFILE_INDEX, 0);
}
HANDLE hFile=CreateFile(szFilePath, GENERIC_WRITE | GENERIC_READ, 0,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); //获得文件句柄
HANDLE hMapping=CreateFileMapping(hFile,NULL,PAGE_READWRITE,0,0,NULL); //创建内存映射对象
if(INVALID_HANDLE_VALUE == hMapping)
{
msg("CreateFileMapping :%08X ErrorCode:%d\n", hMapping, GetLastError());
return ;
}
unsigned char* pvFile=(unsigned char*)MapViewOfFile(hMapping,FILE_MAP_ALL_ACCESS,0,0,0); //创建视图 就是映射文件到内存;
int i;
segment_t *curseg;
int seg_qty = get_segm_qty();
for(i=0 ; i < seg_qty; i++)
{
char segname[0x100] = {0};
curseg = getnseg(i);
get_true_segm_name(curseg, segname, 255);
int offset = get_fileregion_offset(curseg->startEA);
int nSize = curseg->endEA - curseg->startEA;
int nSelectStat = CheckedListBox_GetCheckState(hList, i);
n.altset(i, nSelectStat);
if(offset > 0 && nSelectStat)
{
//msg("offset:%X segname:%s EA:%08X, nSize: %X\n", offset, segname, curseg->startEA, nSize);
unsigned char *lpMem = (unsigned char*)malloc(nSize + 1);
memset(lpMem, 0, nSize + 1);
//if(get_many_bytes(curseg->startEA, lpMem, nSize))
if(segReadBuf(curseg->startEA, lpMem, nSize))
{
msg("Apply SegMenName: %s\n", segname);
SegWriteFile(pvFile, lpMem, nSize, offset);
}
//msg("lpMem:%X\n", lpMem);
free(lpMem);
}
// msg("Name:%s, StartEA:%08X, Offset:%08X, EndEA:%08X\n", segname, curseg->startEA, offset, curseg->endEA);
}
CloseHandle(hMapping);
// msg("CloseHandle(hMapping)\n");
if(0 == UnmapViewOfFile(pvFile) )
{
msg("文件同步失败! ErrorCode:%d\n", GetLastError());
}
else
{
msg("文件同步成功!\n");
msg("=============================\n");
}
// msg("UnmapViewOfFile(pvFile);\n");
CloseHandle(hFile);
return;
}
BOOL Main_Apply_OnInitDialog(HWND hwnd, HWND hwndFocus, LPARAM lParam)
{
HWND hList = GetDlgItem(hwnd,IDC_LIST_SEGMEN);
CheckedListBox_SetFlatStyleChecks(hList, TRUE);
char szFilePath[256 * 2] = {0};
strncpy(szFilePath, database_idb, 256);
char *lpTmpBuf = strrchr(szFilePath, '\\') + 1;
if(lpTmpBuf == (char*)1)
{
return FALSE;
}
*lpTmpBuf = 0;
get_root_filename(lpTmpBuf, 256);
HANDLE hFile=CreateFile(szFilePath, GENERIC_WRITE | GENERIC_READ, 0,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); //获得文件句柄
if(hFile == INVALID_HANDLE_VALUE)
{
msg("Apply Path:%s\n", szFilePath);
msg("失败!目标%s文件不存在 或 文件无法打开 ErrorCode:%d\n", szFilePath, GetLastError());
MoveWindowCenter(g_hwndMain, hwnd);
return FALSE;
}
CloseHandle(hFile);
int i;
segment_t *curseg;
int seg_qty = get_segm_qty();
netnode n("$ Apply SegMen");
if(BADNODE == (nodeidx_t)n)
{
netnode n("$ Apply SegMen", 0, true);
for(i=0 ; i < seg_qty; i++)
{
BOOL bStats = FALSE;
char segname[0x100] = {0};
curseg = getnseg(i);
get_true_segm_name(curseg, segname, 255);
ListBox_InsertString(hList, -1, segname);
bStats = !IsFilterTable(segname);
if(bStats)
{
msg("segname:%s, type:%d\n", segname, curseg->type);
bStats = curseg->type == SEG_CODE;
}
if(get_fileregion_offset(curseg->startEA) > 0)
{
CheckedListBox_SetCheckState(hList, i, bStats);
n.altset(i, bStats);
}
}
n.altset(CHECK_BACKFILE_INDEX, 1);
CheckDlgButton( hwnd,IDC_APPLY_CHECK_BACK, BST_CHECKED );
}
else
{
for(i=0 ; i < seg_qty; i++)
{
char segname[0x100] = {0};
curseg = getnseg(i);
get_true_segm_name(curseg, segname, 255);
ListBox_InsertString(hList, -1, segname);
if(get_fileregion_offset(curseg->startEA) > 0)
{
CheckedListBox_SetCheckState(hList, i, n.altval(i));
}
}
if(n.altval(CHECK_BACKFILE_INDEX))
{
CheckDlgButton( hwnd, IDC_APPLY_CHECK_BACK, BST_CHECKED );
}
}
MoveWindowCenter(g_hwndMain, hwnd);
return FALSE;
}
void Apply_patches()
{
char szFilePath[256 * 2] = {0};
strncpy(szFilePath, database_idb, 256);
char *lpTmpBuf = strrchr(szFilePath, '\\') + 1;
if(lpTmpBuf == (char*)1)
{
return;
}
*lpTmpBuf = 0;
get_root_filename(lpTmpBuf, 256);
msg("Apply Path:%s\n", szFilePath);
HANDLE hFile=CreateFile(szFilePath, GENERIC_WRITE | GENERIC_READ, 0,
NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); //获得文件句柄
if(hFile == INVALID_HANDLE_VALUE)
{
msg("失败!目标%s文件不存在 或 文件无法打开 ErrorCode:%d\n", szFilePath, GetLastError());
return;
}
HANDLE hMapping=CreateFileMapping(hFile,NULL,PAGE_READWRITE,0,0,NULL); //创建内存映射对象
if(INVALID_HANDLE_VALUE == hMapping)
{
msg("CreateFileMapping :%08X ErrorCode:%d\n", hMapping, GetLastError());
}
unsigned char* pvFile=(unsigned char*)MapViewOfFile(hMapping,FILE_MAP_ALL_ACCESS,0,0,0); //创建视图 就是映射文件到内存;
int i;
segment_t *curseg;
int seg_qty = get_segm_qty();
for(i=0 ; i < seg_qty; i++)
{
char segname[0x100] = {0};
curseg = getnseg(i);
get_true_segm_name(curseg, segname, 255);
int offset = get_fileregion_offset(curseg->startEA);
int nSize = curseg->endEA - curseg->startEA;
if(offset > 0 && !IsFilterTable(segname))
{
//msg("offset:%X segname:%s EA:%08X, nSize: %X\n", offset, segname, curseg->startEA, nSize);
unsigned char *lpMem = (unsigned char*)malloc(nSize + 1);
memset(lpMem, 0, nSize + 1);
//if(get_many_bytes(curseg->startEA, lpMem, nSize))
if(segReadBuf(curseg->startEA, lpMem, nSize))
{
SegWriteFile(pvFile, lpMem, nSize, offset);
}
//msg("lpMem:%X\n", lpMem);
free(lpMem);
}
// msg("Name:%s, StartEA:%08X, Offset:%08X, EndEA:%08X\n", segname, curseg->startEA, offset, curseg->endEA);
}
CloseHandle(hMapping);
// msg("CloseHandle(hMapping)\n");
UnmapViewOfFile(pvFile);
// msg("UnmapViewOfFile(pvFile);\n");
CloseHandle(hFile);
msg("文件同步成功!\n");
return;
}
// Plug-in process
void CORE_Process(int iArg)
{
try
{
char version[16];
sprintf(version, "%u.%u", HIBYTE(MY_VERSION), LOBYTE(MY_VERSION));
msg("\n>> WhatAPIs: v: %s, built: %s, By Sirmabus\n", version, __DATE__);
if (!autoIsOk())
{
msg("** Must wait for IDA to finish processing before starting plug-in! **\n*** Aborted ***\n\n");
return;
}
// Show UI
refreshUI();
int uiResult = AskUsingForm_c(mainDialog, version, doHyperlink);
if (!uiResult)
{
msg(" - Canceled -\n");
return;
}
WaitBox::show();
TIMESTAMP startTime = getTimeStamp();
// Build import segment bounds table
{
msg("Import segments:\n");
refreshUI();
SEGLIST segList;
for (int i = 0; i < get_segm_qty(); i++)
{
if (segment_t *s = getnseg(i))
{
if (s->type == SEG_XTRN)
{
char buffer[64] = { "unknown" }; buffer[SIZESTR(buffer)] = 0;
get_true_segm_name(s, buffer, SIZESTR(buffer));
msg(" [%d] \"%s\" "EAFORMAT" - "EAFORMAT"\n", segmentCount, buffer, s->startEA, s->endEA);
BOUNDS b = { s->startEA, s->endEA };
segList.push_back(b);
segmentCount++;
}
}
}
refreshUI();
// Flatten list into an array for speed
if (segmentCount)
{
UINT size = (segmentCount * sizeof(BOUNDS));
if (segmentPtr = (BOUNDS *)_aligned_malloc(size, 16))
{
BOUNDS *b = segmentPtr;
for (SEGLIST::iterator i = segList.begin(); i != segList.end(); i++, b++)
{
b->startEA = i->startEA;
b->endEA = i->endEA;
}
}
else
{
msg("\n*** Allocation failure of %u bytes! ***\n", size);
refreshUI();
}
}
}
if (segmentCount)
{
// Make a list of all import names
if (int moduleCount = get_import_module_qty())
{
for (int i = 0; i < moduleCount; i++)
enum_import_names(i, importNameCallback);
char buffer[32];
msg("Parsed %s module imports.\n", prettyNumberString(moduleCount, buffer));
refreshUI();
}
// Iterate through all functions..
BOOL aborted = FALSE;
UINT functionCount = get_func_qty();
char buffer[32];
msg("Processing %s functions.\n", prettyNumberString(functionCount, buffer));
refreshUI();
for (UINT n = 0; n < functionCount; n++)
{
processFunction(getn_func(n));
if (WaitBox::isUpdateTime())
{
if (WaitBox::updateAndCancelCheck((int)(((float)n / (float)functionCount) * 100.0f)))
{
msg("* Aborted *\n");
break;
}
}
}
refresh_idaview_anyway();
WaitBox::hide();
msg("\n");
msg("Done. %s comments add/appended in %s.\n", prettyNumberString(commentCount, buffer), timeString(getTimeStamp() - startTime));
msg("-------------------------------------------------------------\n");
}
else
msg("\n*** No import segments! ***\n");
if (segmentPtr)
{
_aligned_free(segmentPtr);
segmentPtr = NULL;
}
apiMap.clear();
}
CATCH()
}