pdb_class *try_find_by_name(ea_t ea, char **name, bool *free_name, bool is_deref_name = true) { pdb_class *res = NULL; char buf[256]; *free_name = false; char *t_name = NULL; if ( is_deref_name ) t_name = get_true_name(ea, get_long(ea), buf, 255); else t_name = get_true_name(ea, ea, buf, 255); if ( t_name ) { *name = get_parent_class(t_name); if ( *name ) { res = p_pool->find_class(*name); if ( !res ) qfree(*name); else *free_name = true; return res; } } return NULL; }
QStringList Ida2db::getAllNamedFunctions() { QStringList output; int numOfFuncs = get_func_qty(); if (numOfFuncs <= 0) { (void) msg("IDB2SIG: Not found any functions\n"); return output; } int i = 0; //size_t len = 0; func_t* pFunc = NULL; for (i = 0; i < numOfFuncs; i++) { pFunc = getn_func(i); if ((NULL != pFunc) && has_name(getFlags(pFunc->startEA)) && !(pFunc->flags & FUNC_LIB)) { char buf[512]; get_true_name(BADADDR, pFunc->startEA, buf, sizeof(buf)); //get_segm_name(pFunc->startEA, buf, sizeof buf); output.append(buf); //len += make_func_sig(pFunc->startEA, // (ulong) (pFunc->endEA - pFunc->startEA), // &pSigBuf[len]); } } return output; }
//---------------------------------------------------------------------- static void fixup(uint32 ea, uint32 delta, int extdef) { fixup_data_t fd; fd.type = FIXUP_OFF32; if ( extdef ) fd.type |= FIXUP_EXTDEF; segment_t *s = getseg(delta); fd.displacement = get_long(ea); if ( s == NULL ) { fd.sel = 0; fd.off = delta; } else { fd.sel = (ushort)s->sel; fd.off = delta - get_segm_base(s); } set_fixup(ea, &fd); uint32 target = get_long(ea) + delta; put_long(ea, target); set_offset(ea, 0, 0); cmd.ea = ea; ua_add_dref(0, target, dr_O); cmd.ea = BADADDR; if ( target != toc_ea && !has_name(get_flags_novalue(ea)) && has_name(get_flags_novalue(target)) ) { char buf[MAXSTR]; if ( get_true_name(BADADDR, target, &buf[3], sizeof(buf)-3) != NULL ) { buf[0] = 'T'; buf[1] = 'C'; buf[2] = '_'; do_name_anyway(ea, buf); make_name_auto(ea); } } // toc.charset(ea,XMC_TC+1,1); }
//------------------------------------------------------------------------- // callback for enumerating imports // ea: import address // name: import name (NULL if imported by ordinal) // ord: import ordinal (0 for imports by name) // param: user parameter passed to enum_import_names() // return: 1-ok, 0-stop enumeration static int idaapi py_import_enum_cb( ea_t ea, const char *name, uval_t ord, void *param) { // If no name, try to get the name associated with the 'ea'. It may be coming from IDS char name_buf[MAXSTR]; if ( name == NULL ) name = get_true_name(BADADDR, ea, name_buf, sizeof(name_buf)); PYW_GIL_CHECK_LOCKED_SCOPE(); ref_t py_name; if ( name == NULL ) py_name = borref_t(Py_None); else py_name = newref_t(PyString_FromString(name)); newref_t py_ord(Py_BuildValue(PY_FMT64, pyul_t(ord))); newref_t py_ea(Py_BuildValue(PY_FMT64, pyul_t(ea))); newref_t py_result( PyObject_CallFunctionObjArgs( (PyObject *)param, py_ea.o, py_name.o, py_ord.o, NULL)); return py_result != NULL && PyObject_IsTrue(py_result.o) ? 1 : 0; }
bool is_connective(name const & n) const { return n == get_or_name() || n == get_and_name() || n == get_not_name() || n == get_iff_name() || n == get_not_name() || n == get_ite_name() || n == get_true_name() || n == get_false_name(); }
//retrieves function names and jump labels void __stdcall GetName(__int64 offset, char* buf, int bufsize){ get_true_name( BADADDR, (ea_t)offset, buf, bufsize ); if(strlen(buf) == 0){ func_t* f = get_func((ea_t)offset); for(int i=0; i < f->llabelqty; i++){ if( f->llabels[i].ea == offset ){ int sz = strlen(f->llabels[i].name); if(sz < bufsize) strcpy(buf,f->llabels[i].name); return; } } } }
//-------------------------------------------------------------------------- static bool create_impdir(const area_t &impdir) { // now rename all entries in impdir do_unknown_range(impdir.startEA, impdir.size(), DOUNK_EXPAND); if ( !create_idata_segm(impdir) ) return false; char dll[MAXSTR]; char buf[MAXSTR]; dll[0] = '\0'; module_info_t mi; mi.base = BADADDR; mi.size = 0; size_t len = 0; for ( ea_t ea=impdir.startEA; ea < impdir.endEA; ea += ptrSz ) { doPtr(ea); ea_t func = is_9x ? win9x_find_thunk(ea) : getPtr(ea); if ( !get_true_name(BADADDR, func, buf, sizeof(buf)) ) continue; if ( !area_t(mi.base, mi.base+mi.size).contains(func) ) { find_module(func, &mi); qstrncpy(dll, qbasename(mi.name), sizeof(dll)); char *ptr = strrchr(dll, '.'); if ( ptr != NULL ) *ptr = '\0'; len = strlen(dll); } const char *name = buf; if ( strnicmp(dll, buf, len) == 0 && buf[len] == '_' ) name += len + 1; if ( !do_name_anyway(ea, name) ) msg("%a: can not rename to imported name '%s'\n", ea, name); } return true; }
//---------------------------------------------------------------------- bool outop(op_t &x) { ea_t ea; char buf[MAXSTR]; if ( x.type == o_imm ) out_symbol('#'); switch ( x.type ) { case o_void: return 0; case o_imm: if ( x.amode & amode_signed ) OutValue(x, OOF_SIGNED|OOFW_IMM); else OutValue(x, OOFS_IFSIGN|OOFW_IMM); break; case o_reg: outreg(x.reg); break; case o_mem: // no break; ea = calc_mem(x); if ( ea != BADADDR ) out_address(ea, x); else { out_tagon(COLOR_ERROR); OutValue(x, OOFW_IMM|OOF_ADDR|OOFW_16); out_tagoff(COLOR_ERROR); } break; case o_near: { ea_t ea = calc_mem(x); // xmem ioports if ( x.amode & (amode_x) && out_port_address(x.addr) ) { char nbuf[MAXSTR]; const char *pnam = find_port(x.addr); const char *name = get_true_name(BADADDR, ea, nbuf, sizeof(nbuf)); if ( name == NULL || strcmp(name, pnam) != 0 ) set_name(ea, pnam); break; } if ( ea == cmd.ea+cmd.size ) out_ip_rel(cmd.size); else if ( !out_name_expr(x, ea, x.addr) ) out_bad_address(x.addr); } break; case o_phrase: { if ( x.phtype < 4 ) { qsnprintf(buf, sizeof(buf), formats[x.phtype], x.phrase); out_colored_register_line(buf); } if ( x.phtype == 4 ) { out_symbol('('); outreg(x.reg); out_symbol(')'); } } break; case o_local: { out_colored_register_line(formats2[x.phtype]); OutValue(x, OOF_SIGNED|OOF_ADDR); if ( x.phtype == 0 ) out_symbol(')'); break; } case o_textphrase: { char buf[MAXSTR]; switch ( x.textphtype ) { case text_swap: out_line(swap_formats[x.phrase], COLOR_REG); break; case text_banke: int comma; char r0[10], r1[10], r4[10], cfgi[10]; comma = 0; r0[0]=r1[0]=r4[0]=cfgi[0]='\0'; if ( x.phrase & 0x01 ) //cfgi { qsnprintf(cfgi, sizeof(cfgi), "cfgi"); comma = 1; } if ( x.phrase & 0x02 ) //r4 { qsnprintf(r4, sizeof(r4), "r4%s", (comma?", ":"")); comma = 1; } if ( x.phrase & 0x04 ) //r1 { qsnprintf(r1, sizeof(r1), "r1%s", (comma?", ":"")); comma = 1; } if ( x.phrase & 0x08 ) //r0 qsnprintf(r0, sizeof(r0), "r0%s", (comma?", ":"")); qsnprintf(buf, sizeof(buf), "%s%s%s%s", r0, r1, r4, cfgi ); out_line(buf, COLOR_REG); break; case text_cntx: out_symbol( (x.phrase ? 'r': 's') ); break; case text_dmod: if ( x.phrase ) qsnprintf(buf, sizeof(buf), " no modulo"); else qsnprintf(buf, sizeof(buf), " modulo"); out_line(buf, COLOR_REG); break; case text_eu: qsnprintf(buf, sizeof(buf), " eu"); out_line(buf, COLOR_REG); break; } } break; default: interr("out"); break; } return 1; }
//-------------------------------------------------------------------------- void run(int /*arg*/) { if ( !autoIsOk() && askyn_c(-1, "HIDECANCEL\n" "The autoanalysis has not finished yet.\n" "The result might be incomplete. Do you want to continue?") < 0 ) return; // gather information about the entry points entrylist_t *li = new entrylist_t; size_t n = get_entry_qty(); for ( size_t i=0; i < n; i++ ) { asize_t ord = get_entry_ordinal((int)i); ea_t ea = get_entry(ord); if ( ord == ea ) continue; qtype type, fnames; char decl[MAXSTR]; char true_name[MAXSTR]; asize_t argsize = 0; get_entry_name(ord, true_name, sizeof(true_name)); if ( get_tinfo(ea, &type, &fnames) && print_type_to_one_line( decl, sizeof(decl), idati, type.c_str(), true_name, NULL, fnames.c_str()) == T_NORMAL ) { // found type info -- calc the args size func_type_info_t fi; int a = build_funcarg_info(idati, type.c_str(), fnames.c_str(), &fi, 0); if ( a != 0 ) { for ( int k=0; k < a; k++ ) { const type_t *ptr = fi[k].type.c_str(); int s1 = (int)get_type_size(idati, ptr); s1 = qmax(s1, inf.cc.size_i); argsize += s1; } } } else if ( get_long_name(BADADDR, ea, decl, sizeof(decl)) != NULL && get_true_name(BADADDR, ea, true_name, sizeof(true_name)) != NULL && strcmp(decl, true_name) != 0 ) { // found mangled name } else { // found nothing, just show the name const char *name = get_name(BADADDR, ea, true_name, sizeof(true_name)); if ( name == NULL ) continue; qstrncpy(decl, name, sizeof(decl)); } if ( argsize == 0 ) { func_t *pfn = get_func(ea); if ( pfn != NULL ) argsize = pfn->argsize; } item_t x; x.ord = (int)ord; x.ea = ea; x.decl = decl; x.argsize = (uint32)argsize; li->push_back(x); } // now open the window choose2(false, // non-modal window -1, -1, -1, -1, // position is determined by Windows li, // pass the created array qnumber(header), // number of columns widths, // widths of columns sizer, // function that returns number of lines desc, // function that generates a line "Exported functions", // window title -1, // use the default icon for the window 0, // position the cursor on the first line NULL, // "kill" callback NULL, // "new" callback NULL, // "update" callback NULL, // "edit" callback enter_cb, // function to call when the user pressed Enter destroy_cb, // function to call when the window is closed NULL, // use default popup menu items NULL); // use the same icon for all lines }
bool has_meaningful_name(ea_t ea) { _ASSERTE(isEnabled(ea)); char tmp[MAXNAMESIZE]; return has_name(get_flags_novalue(ea)) && get_true_name(BADADDR, ea, CPY(tmp)) != 0 && !pcre_match("^unknown_libname_\\d+$", tmp); }