Skip to content

Commit

Permalink
Merge pull request #105 from KulaGGin/idb2patUpdate
Browse files Browse the repository at this point in the history 
Update idb2pat for IDA 7.4+
  • Loading branch information
@williballenthin
williballenthin authored Apr 14, 2021
2 parents 451742c + 4e004b1 commit 964e8c9
Showing 1 changed file with 35 additions and 35 deletions.
70 changes: 35 additions & 35 deletions python/flare/idb2pat.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,9 +137,9 @@ def get_func_at_ea(ea):
if _g_function_cache is None:
_g_function_cache = {}
for f in get_functions():
_g_function_cache[f.startEA] = f
_g_function_cache[f.start_ea] = f

return _g_function_cache.get(f.startEA, None)
return _g_function_cache.get(f.start_ea, None)


def find_ref_loc(config, ea, ref):
Expand All @@ -156,12 +156,12 @@ def find_ref_loc(config, ea, ref):
logger.debug("Bad parameter: ref")
return BADADDR

if idc.GetOpType(ea, 0) == o_near:
if idc.get_operand_type(ea, 0) == o_near:
ref = (ref - get_item_end(ea)) & ((1<<config.pointer_size*8)-1)

if isCode(getFlags(ea)):
if is_code(get_full_flags(ea)):
for i in zrange(ea, max(ea, 1 + get_item_end(ea) - config.pointer_size)):
if get_long(i) == ref:
if get_dword(i) == ref:
return i

return BADADDR
Expand Down Expand Up @@ -189,16 +189,16 @@ def make_func_sig(config, func):
"""
logger = logging.getLogger("idb2pat:make_func_sig")

if func.endEA - func.startEA < config.min_func_length:
if func.end_ea - func.start_ea < config.min_func_length:
logger.debug("Function is too short")
raise FuncTooShortException()

ea = func.startEA
ea = func.start_ea
publics = [] # type: idc.ea_t
refs = {} # type: dict(idc.ea_t, idc.ea_t)
variable_bytes = set([]) # type: set of idc.ea_t

while ea != BADADDR and ea < func.endEA:
while ea != BADADDR and ea < func.end_ea:
logger.debug("ea: %s", hex(ea))

name = get_name(ea)
Expand Down Expand Up @@ -235,7 +235,7 @@ def make_func_sig(config, func):
ref = get_first_fcref_from(ea)
if ref != BADADDR:
logger.debug("has code ref")
if ref < func.startEA or ref >= func.endEA:
if ref < func.start_ea or ref >= func.end_ea:
# code ref is outside function
ref_loc = find_ref_loc(config, ea, ref)
if BADADDR != ref_loc:
Expand All @@ -249,23 +249,23 @@ def make_func_sig(config, func):

sig = ""
# first 32 bytes, or til end of function
for ea in zrange(func.startEA, min(func.startEA + 32, func.endEA)):
for ea in zrange(func.start_ea, min(func.start_ea + 32, func.end_ea)):
if ea in variable_bytes:
sig += ".."
else:
sig += "%02X" % (get_byte(ea))

sig += ".." * (32 - (len(sig) / 2))

if func.endEA - func.startEA > 32:
if func.end_ea - func.start_ea > 32:
crc_data = [0 for i in zrange(256)]

# for 255 bytes starting at index 32, or til end of function, or variable byte
for loc in zrange(32, min(func.endEA - func.startEA, 32 + 255)):
if func.startEA + loc in variable_bytes:
for loc in zrange(32, min(func.end_ea - func.start_ea, 32 + 255)):
if func.start_ea + loc in variable_bytes:
break

crc_data[loc - 32] = get_byte(func.startEA + loc)
crc_data[loc - 32] = get_byte(func.start_ea + loc)
else:
loc += 1

Expand All @@ -274,14 +274,14 @@ def make_func_sig(config, func):

crc = crc16(to_bytestring(crc_data[:alen]), crc=0xFFFF)
else:
loc = func.endEA - func.startEA
loc = func.end_ea - func.start_ea
alen = 0
crc = 0

sig += " %02X" % (alen)
sig += " %04X" % (crc)
# TODO: does this need to change for 64bit?
sig += " %04X" % (func.endEA - func.startEA)
sig += " %04X" % (func.end_ea - func.start_ea)

# this will be either " :%04d %s" or " :%08d %s"
public_format = " :%%0%dX %%s" % (config.pointer_size)
Expand All @@ -290,28 +290,28 @@ def make_func_sig(config, func):
if name is None or name == "":
continue

sig += public_format % (public - func.startEA, name)
sig += public_format % (public - func.start_ea, name)

for ref_loc, ref in refs.iteritems():
# TODO: what is the first arg?
name = get_true_name(0, ref)
if name is None or name == "":
continue

if ref_loc >= func.startEA:
if ref_loc >= func.start_ea:
# this will be either " ^%04d %s" or " ^%08d %s"
addr = ref_loc - func.startEA
addr = ref_loc - func.start_ea
ref_format = " ^%%0%dX %%s" % (config.pointer_size)
else:
# this will be either " ^-%04d %s" or " ^-%08d %s"
addrs = func.startEA - ref_loc
addrs = func.start_ea - ref_loc
ref_format = " ^-%%0%dX %%s" % (config.pointer_size)
sig += ref_format % (addr, name)

# Tail of the module starts at the end of the CRC16 block.
if loc < func.endEA - func.startEA:
if loc < func.end_ea - func.start_ea:
tail = " "
for ea in zrange(func.startEA + loc, min(func.endEA, func.startEA + 0x8000)):
for ea in zrange(func.start_ea + loc, min(func.end_ea, func.start_ea + 0x8000)):
if ea in variable_bytes:
tail += ".."
else:
Expand All @@ -330,8 +330,8 @@ def make_func_sigs(config):
if f is None:
logger.error("No function selected")
return []
jumpto(f.startEA)
if not has_any_name(getFlags(f.startEA)):
jumpto(f.start_ea)
if not has_any_name(get_full_flags(f.start_ea)):
logger.error("Function doesn't have a name")
return []

Expand All @@ -341,43 +341,43 @@ def make_func_sigs(config):
logger.exception(e)
# TODO: GetFunctionName?
logger.error("Failed to create signature for function at %s (%s)",
hex(f.startEA), get_name(f.startEA) or "")
hex(f.start_ea), get_name(f.start_ea) or "")

elif config.mode == NON_AUTO_FUNCTIONS:
for f in get_functions():
if has_name(getFlags(f.startEA)) and f.flags & FUNC_LIB == 0:
if has_name(get_full_flags(f.start_ea)) and f.flags & FUNC_LIB == 0:
try:
sigs.append(make_func_sig(config, f))
except FuncTooShortException:
pass
except Exception as e:
logger.exception(e)
logger.error("Failed to create signature for function at %s (%s)",
hex(f.startEA), get_name(f.startEA) or "")
hex(f.start_ea), get_name(f.start_ea) or "")

elif config.mode == LIBRARY_FUNCTIONS:
for f in get_functions():
if has_name(getFlags(f.startEA)) and f.flags & FUNC_LIB != 0:
if has_name(get_full_flags(f.start_ea)) and f.flags & FUNC_LIB != 0:
try:
sigs.append(make_func_sig(config, f))
except FuncTooShortException:
pass
except Exception as e:
logger.exception(e)
logger.error("Failed to create signature for function at %s (%s)",
hex(f.startEA), get_name(f.startEA) or "")
hex(f.start_ea), get_name(f.start_ea) or "")

elif config.mode == PUBLIC_FUNCTIONS:
for f in get_functions():
if is_public_name(f.startEA):
if is_public_name(f.start_ea):
try:
sigs.append(make_func_sig(config, f))
except FuncTooShortException:
pass
except Exception as e:
logger.exception(e)
logger.error("Failed to create signature for function at %s (%s)",
hex(f.startEA), get_name(f.startEA) or "")
hex(f.start_ea), get_name(f.start_ea) or "")

elif config.mode == ENTRY_POINT_FUNCTIONS:
for i in zrange(get_func_qty()):
Expand All @@ -390,20 +390,20 @@ def make_func_sigs(config):
except Exception as e:
logger.exception(e)
logger.error("Failed to create signature for function at %s (%s)",
hex(f.startEA), get_name(f.startEA) or "")
hex(f.start_ea), get_name(f.start_ea) or "")

elif config.mode == ALL_FUNCTIONS:
n = get_func_qty()
for i, f in enumerate(get_functions()):
try:
logger.info("[ %d / %d ] %s %s", i + 1, n, get_name(f.startEA), hex(f.startEA))
logger.info("[ %d / %d ] %s %s", i + 1, n, get_name(f.start_ea), hex(f.start_ea))
sigs.append(make_func_sig(config, f))
except FuncTooShortException:
pass
except Exception as e:
logger.exception(e)
logger.error("Failed to create signature for function at %s (%s)",
hex(f.startEA), get_name(f.startEA) or "")
hex(f.start_ea), get_name(f.start_ea) or "")

return sigs

Expand All @@ -413,7 +413,7 @@ def get_pat_file():
name, extension = os.path.splitext(get_input_file_path())
name = name + ".pat"

filename = askfile_c(1, name, "Enter the name of the pattern file")
filename = ask_file(1, name, "Enter the name of the pattern file")
if filename is None:
logger.debug("User did not choose a pattern file")
return None
Expand Down

0 comments on commit 964e8c9

Please sign in to comment.