static void handle_file_context_action(madshelf_state_t* state, const char* filename, int item_num, bool is_alt) { if(ecore_file_is_dir(filename)) item_num--; if(item_num == -1) /* "open directory" */ { go_to_directory(state, filename); close_file_context_menu(state->canvas, false); } if(item_num == 0) { if(has_tag(state->tags, "hidden", filename)) tag_remove(state->tags, "hidden", filename); else tag_add(state->tags, "hidden", filename); close_file_context_menu(state->canvas, true); } if(item_num == 1) { if(has_tag(state->tags, "favorites", filename)) tag_remove(state->tags, "favorites", filename); else tag_add(state->tags, "favorites", filename); close_file_context_menu(state->canvas, true); } }
//--------------------------------------------------------------------------- uchar putVal(const op_t &x, uchar mode, uchar warn) { char *ptr = get_output_ptr(); { flags_t sv_uFlag = uFlag; uFlag = 0; OutValue(x, mode); uFlag = sv_uFlag; } char str[MAXSTR]; char *end = set_output_ptr(ptr); size_t len = end - ptr; qstrncpy(str, ptr, qmin(len+1, sizeof(str))); if ( warn ) out_tagon(COLOR_ERROR); if ( warn ) len = tag_remove(str, str, 0); else len = tag_strlen(str); if ( chkOutLine(str, len) ) return 0; if ( warn ) out_tagoff(COLOR_ERROR); return 1; }
int idaapi type_builder_t::visit_expr(cexpr_t *e) { // check if the expression being visited is variable if(e->op == cot_var) { // get the variable name char expr_name[MAXSTR]; e->print1(expr_name, MAXSTR, NULL); tag_remove(expr_name, expr_name, 0); // check for the target variable if(match_expression(expr_name)) { struct_filed str_fld; if(check_ptr(e, str_fld)) { std::pair<std::map<int,struct_filed>::iterator,bool> ret; ret = structure.insert(std::pair<int,struct_filed>(str_fld.offset, str_fld)); if ((ret.second == false) && (str_fld.vftbl != BADADDR)) { structure[str_fld.offset] = str_fld; } } } } return 0; }
int idaapi type_builder_t::visit_expr(cexpr_t *e) { // check if the expression being visited is variable if(e->op == cot_var) { // get the variable name char expr_name[MAXSTR]; e->print1(expr_name, MAXSTR, NULL); tag_remove(expr_name, expr_name, 0); // check for the target variable if(!strcmp(expr_name, highl_expr_name)) { struct_filed str_fld; if(check_memptr(str_fld)) structure.push_back(str_fld); else if(check_idx(str_fld)) structure.push_back(str_fld); else if(check_ptr(str_fld)) structure.push_back(str_fld); } } return 0; }
int get_disasm(ea_t addr, char *buf, int bufsz) { char mnem[32]; char *ptr = buf; decode_insn(addr); ua_mnem(addr, mnem, sizeof(mnem) - 1); qsnprintf(buf, bufsz - 1, "%08x: %-5s ", addr, mnem); ptr += strlen(buf); for(int opnum = 0; cmd.Operands[opnum].type != o_void; opnum++) { char op_str[128]; if(opnum != 0) qsnprintf(op_str, sizeof(op_str), ", "); ua_outop2(addr, op_str, sizeof(op_str) - 3, opnum); tag_remove(op_str, op_str, 0); qsnprintf(ptr, bufsz - 1 - (ptr - buf), "%s", op_str); ptr += strlen(op_str); } return 0; }
//--------------------------------------------------------------------------- uchar putVal(op_t &x, uchar mode, uchar warn) { char str[MAXSTR]; uint32 sv_bufsize = bufsize; char *sv_bufbeg = bufbeg, *sv_ptr = get_output_ptr(); init_output_buffer(str, sizeof(str)); { flags_t sv_uFlag = uFlag; uFlag = 0; OutValue(x, mode); uFlag = sv_uFlag; } out_zero(); init_output_buffer(sv_bufbeg, sv_bufsize); set_output_ptr(sv_ptr); if ( warn) out_tagon(COLOR_ERROR ); { register size_t i; if ( !warn) i = tag_strlen(str ); else i = tag_remove(str, str, 0); if ( chkOutLine(str, i)) return(0 ); } if ( warn) out_tagoff(COLOR_ERROR ); return(1); }
/* #<pydoc> def tag_remove(colstr): """ Remove color escape sequences from a string @param colstr: the colored string with embedded tags @return: a new string w/o the tags """ pass #</pydoc> */ PyObject *py_tag_remove(const char *instr) { PYW_GIL_CHECK_LOCKED_SCOPE(); qstring qbuf; tag_remove(&qbuf, instr); return PyString_FromString(qbuf.c_str()); }
/* #<pydoc> def generate_disassembly(ea, max_lines, as_stack, notags): """ Generate disassembly lines (many lines) and put them into a buffer @param ea: address to generate disassembly for @param max_lines: how many lines max to generate @param as_stack: Display undefined items as 2/4/8 bytes @return: - None on failure - tuple(most_important_line_number, tuple(lines)) : Returns a tuple containing the most important line number and a tuple of generated lines """ pass #</pydoc> */ PyObject *py_generate_disassembly( ea_t ea, int max_lines, bool as_stack, bool notags) { PYW_GIL_CHECK_LOCKED_SCOPE(); if ( max_lines <= 0 ) Py_RETURN_NONE; qstring qbuf; qstrvec_t lines; int lnnum; int nlines = generate_disassembly(&lines, &lnnum, ea, max_lines, as_stack); newref_t py_tuple(PyTuple_New(nlines)); for ( int i=0; i < nlines; i++ ) { const qstring &l = lines[i]; const char *s = l.c_str(); if ( notags ) { tag_remove(&qbuf, l); s = qbuf.c_str(); } PyTuple_SetItem(py_tuple.o, i, PyString_FromString(s)); } return Py_BuildValue("(iO)", lnnum, py_tuple.o); }
static char* get_vtbl_hint(int line_num) { current_line_pos = line_num; char tag_lines[4096]; ZeroMemory(tag_lines, sizeof(tag_lines)); if (isEnabled(vtbl_t_list[line_num].ea_begin)) { int flags = calc_default_idaplace_flags(); linearray_t ln(&flags); idaplace_t pl; pl.ea = vtbl_t_list[line_num].ea_begin; pl.lnnum = 0; ln.set_place(&pl); int used = 0; int n = ln.get_linecnt(); for (int i = 0; i < n; i++) { char buf[MAXSTR]; char *line = ln.down(); tag_remove(line, buf, sizeof(buf)); used += sprintf_s(tag_lines + used, sizeof(tag_lines) - used, "%s\n", buf); } } return qstrdup(tag_lines); }
int analyze_struct_size (ea_t addr) { int size = -1; #if 0 // this code is now obsolete because functions // are hooked in emufuncs.cpp. char fname[128]; struct _alloc_function *func = &alloc_functions[0]; // check if this ea is a call // if call, check if call is an allocator function we know of ua_outop(addr, fname, sizeof(fname) - 1, 0); tag_remove(fname, fname, 0); while(func) { if(!strncmp(func->name, fname, strlen(func->name))) return readMem(esp + func->offset, SIZE_DWORD); func++; } #endif return size; }
/* #<pydoc> def generate_disassembly(ea, max_lines, as_stack, notags): """ Generate disassembly lines (many lines) and put them into a buffer @param ea: address to generate disassembly for @param max_lines: how many lines max to generate @param as_stack: Display undefined items as 2/4/8 bytes @return: - None on failure - tuple(most_important_line_number, tuple(lines)) : Returns a tuple containing the most important line number and a tuple of generated lines """ pass #</pydoc> */ PyObject *py_generate_disassembly( ea_t ea, int max_lines, bool as_stack, bool notags) { PYW_GIL_CHECK_LOCKED_SCOPE(); if ( max_lines <= 0 ) Py_RETURN_NONE; qstring qbuf; char **lines = new char *[max_lines]; int lnnum; int nlines = generate_disassembly(ea, lines, max_lines, &lnnum, as_stack); newref_t py_tuple(PyTuple_New(nlines)); for ( int i=0; i<nlines; i++ ) { const char *s = lines[i]; size_t line_len = strlen(s); if ( notags ) { qbuf.resize(line_len+5); tag_remove(s, &qbuf[0], line_len); s = (const char *)&qbuf[0]; } PyTuple_SetItem(py_tuple.o, i, PyString_FromString(s)); qfree(lines[i]); } delete [] lines; return Py_BuildValue("(iO)", lnnum, py_tuple.o); }
void tag_set(struct tag * tag, struct screen * screen) { if (tag->screen == screen) return; tag_remove(tag, tag->screen); tag_add(tag, screen); }
LPCTSTR get_text_disasm(ea_t ea) { static char disasm_buff[MAXSTR]; disasm_buff[0] = disasm_buff[MAXSTR - 1] = 0; if (generate_disasm_line(ea, disasm_buff, (sizeof(disasm_buff) - 1))) tag_remove(disasm_buff, disasm_buff, (sizeof(disasm_buff) - 1)); return(disasm_buff); }
int idaapi obj_fint_t::visit_expr(cexpr_t *e) { // check if the expression being visited is variable if (e->op != cot_obj) return 0; // get the variable name qstring s; print1wrapper(e, &s, NULL); tag_remove(&s); // check for the target variable if (s != vtbl_name) return 0; size_t max_parents = 3; if (parents.size() < max_parents) { max_parents = parents.size(); } for (size_t i = 1; i <= max_parents; i++) { citem_t *parent = parents.back(); if (parent->is_expr() && parent->op == cot_asg) { cexpr_t * target_expr = (cexpr_t *)parent; while (target_expr->x != NULL && target_expr->op != cot_var && target_expr->op != cot_obj) target_expr = target_expr->x; if (target_expr->op == cot_var) { s.clear(); print1wrapper(target_expr, &s, NULL); tag_remove(&s); var_name = s; bFound = true; break; } } } return 0; }
bool idaapi reconstruct_type(void *ud) { vdui_t &vu = *(vdui_t *)ud; // Determine the ctree item to highlight vu.get_current_item(USE_KEYBOARD); citem_t *highlight = vu.item.is_citem() ? vu.item.e : NULL; // highlight == NULL might happen if one chooses variable at local variables declaration statement if(highlight != NULL) { // the chosen item must be an expression and of 'variable' type if(highlight->is_expr() && (highlight->op == cot_var)) { cexpr_t *highl_expr = (cexpr_t *)highlight; // initialize type rebuilder type_builder_t type_bldr; type_bldr.highl_expr = highl_expr; highl_expr->print1(type_bldr.highl_expr_name, MAXSTR, NULL); tag_remove(type_bldr.highl_expr_name, type_bldr.highl_expr_name, 0); // traverse the ctree structure type_bldr.apply_to(&vu.cfunc->body, NULL); tid_t struct_type_id = type_bldr.get_structure(NULL); if(struct_type_id != 0 || struct_type_id != -1) { qstring struct_name; struct_name = get_struc_name(struct_type_id); va_list va; va_end(va); char * type_name = vaskstr(0, struct_name.c_str(), "Enter type name", va); if(type_name != NULL) { set_struc_name(struct_type_id, type_name); // get the structure description char buffr[MAXSTR*10]; type_bldr.get_structure(type_name, buffr, sizeof(buffr)); msg("%s", buffr); } } } } else { msg("Invalid item is choosen"); } return true; }
bool idaapi type_builder_t::check_helper(citem_t *parent, int &off, int &num) { if(parent->op == cot_call) { cexpr_t *expr_2 = (cexpr_t *)parent; if(!strcmp(get_ctype_name(expr_2->x->op), "helper")) { char buff[MAXSTR]; expr_2->x->print1(buff, MAXSTR, NULL); tag_remove(buff, buff, 0); if(!strcmp(buff, "LOBYTE")) { num = 1; off = 0; } else if(!strcmp(buff, "HIBYTE") || !strcmp(buff, "BYTE3")) { num = 1; off = 3; } else if(!strcmp(buff, "BYTE1")) { num = 1; off = 1; } else if(!strcmp(buff, "BYTE2")) { num = 1; off = 2; } else if(!strcmp(buff, "LOWORD")) { num = 2; off = 0; } else if(!strcmp(buff, "HIWORD")) { num = 2; off = 2; } else { return false; } return true; } } return false; }
int idaapi obj_fint_t::visit_expr(cexpr_t *e) { // check if the expression being visited is variable if (e->op == cot_obj) { // get the variable name char expr_name[MAXSTR]; e->print1(expr_name, MAXSTR, NULL); tag_remove(expr_name, expr_name, sizeof(expr_name)); // check for the target variable if (!strcmp(expr_name, vtbl_name.c_str())) { size_t max_parents = 3; if (parents.size() < max_parents) { max_parents = parents.size(); } for (size_t i = 1; i <= max_parents; i++) { citem_t *parent = parents[parents.size() - i]; if (parent->is_expr() && (parent->op == cot_asg)) { cexpr_t * target_expr = (cexpr_t *)parent; while ((target_expr->x != NULL) && (target_expr->op != cot_var) && (target_expr->op != cot_obj)) target_expr = target_expr->x; if (target_expr->op == cot_var) { target_expr->print1(expr_name, MAXSTR, NULL); tag_remove(expr_name, expr_name, sizeof(expr_name)); var_name = expr_name; bFound = true; break; } } } } } return 0; }
bool idaapi find_var(void *ud) { vdui_t &vu = *(vdui_t *)ud; // Determine the ctree item to highlight vu.get_current_item(USE_KEYBOARD); citem_t *highlight = vu.item.is_citem() ? vu.item.e : NULL; // highlight == NULL might happen if one chooses variable at local variables declaration statement if (highlight != NULL) { // the chosen item must be an expression and of 'variable' type if (highlight->is_expr() && (highlight->op == cot_obj)) { cexpr_t *highl_expr = (cexpr_t *)highlight; char expr_name[MAXSTR]; highlight->print1(expr_name, MAXSTR, NULL); tag_remove(expr_name, expr_name, sizeof(expr_name)); // initialize type rebuilder obj_fint_t obj_find; obj_find.vtbl_name = expr_name; // traverse the ctree structure obj_find.apply_to(&vu.cfunc->body, NULL); if (obj_find.bFound) { logmsg(DEBUG, obj_find.var_name.c_str()); // Using this horrible code to remove warnings on GCC 4.9.2. Fix this later. qstring temp_var2 = qstring(obj_find.var_name.c_str()); qstring &temp_var = temp_var2; reset_pointer_type(vu.cfunc, temp_var); vu.refresh_ctext(); } else { warning("Failed to find variable..."); logmsg(DEBUG, "Failed to find variable..."); } } } else { logmsg(DEBUG, "Invalid item is choosen"); } return true; }
//------------------------------------------------------------------------- // function that generates the list line static void idaapi desc(void *obj,uint32 n,char * const *arrptr) { if ( n == 0 ) // generate the column headers { for ( int i=0; i < qnumber(header); i++ ) qstrncpy(arrptr[i], header[i], MAXSTR); return; } netnode *node = (netnode *)obj; ea_t ea = node->altval(n-1); generate_disasm_line(ea, arrptr[1], MAXSTR, 0); tag_remove(arrptr[1], arrptr[1], MAXSTR); // remove the color coding qsnprintf(arrptr[0], MAXSTR, "%08a", ea); }
int __stdcall GetAsm(__int64 addr, char* buf, int bufLen){ flags_t flags; int sLen=0; flags = getFlags(addr); if(isCode(flags)) { generate_disasm_line((ea_t)addr, buf, bufLen, GENDSM_MULTI_LINE ); sLen = tag_remove(buf, buf, bufLen); } return sLen; }
//---------------------------------------------------------------------- //---------------------------------------------------------------------- void instr_beg(char str[MAXSTR*2], int mode) { static const char *const addonce[] = { "", "_w", "_quick", "2_quick", "_quick_w" }; init_prompted_output(str, 4); OutMnem(2, addonce[uchar(cmd.wid)]); out_zero(); if ( mode) outcnt = tag_strlen(str ); else { char *ptr = str + (outcnt = tag_remove(str, str, 0)); set_output_ptr(ptr); *ptr = '\0'; } }
static char* get_expr_name(citem_t *citem) { static char citem_name[MAXSTR]; memset(citem_name, 0x00, sizeof(citem_name)); if (citem->is_expr()) { cexpr_t *e = (cexpr_t *)citem; // retrieve the name of the routine e->print1(citem_name, sizeof(citem_name), NULL); tag_remove(citem_name, citem_name, MAXSTR); return citem_name; } return citem_name; }
bool idaapi find_var(void *ud) { vdui_t &vu = *(vdui_t *)ud; // Determine the ctree item to highlight vu.get_current_item(USE_KEYBOARD); citem_t *highlight = vu.item.is_citem() ? vu.item.e : NULL; // highlight == NULL might happen if one chooses variable at local variables declaration statement if (!highlight) { logmsg(DEBUG, "Invalid item is choosen"); return false; } // the chosen item must be an expression and of 'variable' type if (highlight->is_expr() && (highlight->op == cot_obj)) { cexpr_t *highl_expr = (cexpr_t *)highlight; qstring s; print1wrapper(highlight, &s, NULL); tag_remove(&s); // initialize type rebuilder obj_fint_t obj_find; obj_find.vtbl_name = s; // traverse the ctree structure obj_find.apply_to(&vu.cfunc->body, NULL); if (obj_find.bFound) { logmsg(DEBUG, (obj_find.var_name + "\n").c_str()); reset_pointer_type(vu.cfunc, obj_find.var_name); vu.refresh_ctext(); } else { warning("Failed to find variable...\n"); logmsg(DEBUG, "Failed to find variable...\n"); } } return true; }
//---------------------------------------------------------------------- static int outnum(ushort type, const ConstOpis *co) { char str[40]; op_t x; x.value = co->value; x.addr = co->value2; #ifdef __EA64__ x.value = make_ulonglong((uint32)x.value, (uint32)x.addr); #endif x.type = o_imm; x.dtyp = (uchar)(type - 3); x.offb = 0; init_output_buffer(str, sizeof(str)); OutValue(x, OOF_NUMBER | OOF_SIGNED | OOFW_IMM); term_output_buffer(); tag_remove(str, str, 0); qfprintf(myFile, "value = %s\n", str); return(1); }
static bool idaapi decompile_func(vdui_t &vu) { // Determine the ctree item to highlight vu.get_current_item(USE_KEYBOARD); citem_t *highlight = vu.item.is_citem() ? vu.item.e : NULL; if(highlight != NULL) { if(highlight->is_expr()) //if(highlight->op == cot_call) { cexpr_t *e = (cexpr_t *)highlight; char tmp[512]; memset(tmp, 0x00, sizeof(tmp)); e->print1(tmp, sizeof(tmp), NULL); tag_remove(tmp, tmp, sizeof(tmp)); char *proc_name = tmp + strlen(tmp); while((proc_name > tmp) && (*(proc_name - 1) != '>')) proc_name --; msg("Function %s is choosen\n", proc_name); func_t * func = get_func_by_name(proc_name); if(func != NULL) { vdui_t * decompiled_window = open_pseudocode(func->startEA, -1); /* hexrays_failure_t error; cfuncptr_t decompiled = decompile(func, &error); if(decompiled != NULL) switch_to(decompiled); */ } } } return true; // Success! }
void uicb_tag_del(Uicb cmd) { struct infobar *i; struct tag *t = W->screen->seltag; (void)cmd; if(SLIST_EMPTY(&t->clients) && TAILQ_NEXT(TAILQ_FIRST(&W->screen->tags), next)) { tag_screen(W->screen, TAILQ_NEXT(t, next)); tag_remove(t); W->screen->flags |= SCREEN_TAG_UPDATE; SLIST_FOREACH(i, &W->screen->infobars, next) infobar_elem_reinit(i); W->screen->flags ^= SCREEN_TAG_UPDATE; } }
/* #<pydoc> def tag_remove(colstr): """ Remove color escape sequences from a string @param colstr: the colored string with embedded tags @return: None on failure or a new string w/o the tags """ pass #</pydoc> */ PyObject *py_tag_remove(const char *instr) { PYW_GIL_CHECK_LOCKED_SCOPE(); size_t sz = strlen(instr); char *buf = new char[sz + 5]; if ( buf == NULL ) Py_RETURN_NONE; ssize_t r = tag_remove(instr, buf, sz); PyObject *res; if ( r < 0 ) { Py_INCREF(Py_None); res = Py_None; } else { res = PyString_FromString(buf); } delete [] buf; return res; }
// extract ctree custom view static bool idaapi ctree_into_custom_view(void *ud) // TODO { vdui_t &vu = *(vdui_t *)ud; vu.get_current_item(USE_KEYBOARD); citem_t *highlight = vu.item.is_citem() ? vu.item.e : NULL; if (highlight != NULL) { // if it is an expression if (highlight->is_expr()) { cexpr_t *e = (cexpr_t *)highlight; // retrieve the name of the routine char tmp[1024]; memset(tmp, 0x00, sizeof(tmp)); e->print1(tmp, sizeof(tmp), NULL); tag_remove(tmp, tmp, sizeof(tmp)); } } return true; }
bool idaapi type_builder_t::check_idx(struct_filed &str_fld) { // check if it has at least two parents if ( parents.size() > 1 ) { citem_t *parent_1 = parents.back(); // if its parrent is if(parent_1->is_expr() && (parent_1->op == cot_memptr)) { citem_t *parent_2 = parents[parents.size() - 2]; if(parent_2->op == cot_idx) { cexpr_t *expr_2 = (cexpr_t *)parent_2; // get index_value char buff[MAXSTR]; expr_2->y->print1(buff, MAXSTR, NULL); tag_remove(buff, buff, 0); int num = atoi(buff); citem_t *parent_3 = parents[parents.size() - 3]; if(parent_3->is_expr() && (parent_3->op == cot_asg)) { cexpr_t *expr_1 = (cexpr_t *)parent_1; str_fld.offset = expr_1->m + num; str_fld.size = get_idx_type_size(expr_2); return true; } } } } return false; }
//-------------------------------------------------------------------------- void run(int /*arg*/) { ea_t ea = get_screen_ea(); if ( askaddr(&ea, "Please enter the disassembly address") && isEnabled(ea) ) // address belongs to disassembly { int flags = calc_default_idaplace_flags(); linearray_t ln(&flags); idaplace_t pl; pl.ea = ea; pl.lnnum = 0; ln.set_place(&pl); msg("printing disassembly lines:\n"); int n = ln.get_linecnt(); // how many lines for this address? for ( int i=0; i < n; i++ ) // process all of them { char *line = ln.down(); // get line char buf[MAXSTR]; tag_remove(line, buf, sizeof(buf)); // remove color codes msg("%d: %s\n", i, buf); // display it on the message window } msg("total %d lines\n", n); } }