当前位置: 首页>>代码示例>>Python>>正文


Python idc.Demangle方法代码示例

本文整理汇总了Python中idc.Demangle方法的典型用法代码示例。如果您正苦于以下问题:Python idc.Demangle方法的具体用法?Python idc.Demangle怎么用?Python idc.Demangle使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在idc的用法示例。


在下文中一共展示了idc.Demangle方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: get_function_name

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def get_function_name(ea):
        """
        Get the real function name
        """
        # Try to demangle
        function_name = idc.Demangle(idc.GetFunctionName(ea), idc.GetLongPrm(idc.INF_SHORT_DN))

        if function_name:
            function_name = function_name.split("(")[0]

        # Function name is not mangled
        if not function_name:
            function_name = idc.GetFunctionName(ea)

        if not function_name:
            function_name = idc.Name(ea)

        # If we still have no function name, make one up. Format is - 'UNKN_FNC_4120000'
        if not function_name:
            function_name = "UNKN_FNC_%s" % hex(ea)

        return function_name 
开发者ID:ynvb,项目名称:DIE,代码行数:24,代码来源:IDAConnector.py

示例2: demangled_name

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def demangled_name(name):
  """Tries to demangle a functin name."""
  try:
    dname = idc.Demangle(name, idc.GetLongPrm(INF_SHORT_DN))
    if dname and len(dname) and "::" not in dname:
      dname = dname.split("(")[0]
      dname = dname.split(" ")[-1]
      if re.match(r"^[a-zA-Z0-9_]+$", dname):
        return dname
    return name
  except:
    return name 
开发者ID:lifting-bits,项目名称:mcsema,代码行数:14,代码来源:get_cfg.py

示例3: class_from_vtable_method_symbol

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def class_from_vtable_method_symbol(method_symbol):
    """Get the base class in a vtable method symbol.

    Extract the name of the base class from a canonical method symbol.
    """
    demangled = idc.Demangle(method_symbol, idc.GetLongPrm(idc.INF_SHORT_DN))
    if not demangled:
        return None
    classname = demangled.split('::', 1)[0]
    if classname == demangled:
        return None
    return classname 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:14,代码来源:vtable.py

示例4: method_name

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def method_name(symbol):
    """Get the name of the C++ method from its symbol.

    If the symbol demangles to 'Class::method(args)', this function returns 'method'.
    """
    try:
        demangled  = idc.Demangle(symbol, idc.GetLongPrm(idc.INF_SHORT_DN))
        func       = demangled.split('::', 1)[1]
        base       = func.split('(', 1)[0]
        return base or None
    except:
        return None 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:14,代码来源:symbol.py

示例5: method_arguments_string

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def method_arguments_string(symbol):
    """Get the arguments string of the C++ method from its symbol.

    If the symbol demangles to 'Class::method(arg1, arg2)', this function returns 'arg1, arg2'.
    """
    try:
        demangled  = idc.Demangle(symbol, idc.GetLongPrm(idc.INF_LONG_DN))
        func       = demangled.split('::', 1)[1]
        args       = func.split('(', 1)[1]
        args       = args.rsplit(')', 1)[0].strip()
        return args
    except:
        return None 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:15,代码来源:symbol.py

示例6: vtable_symbol_get_class

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def vtable_symbol_get_class(symbol):
    """Get the class name for a vtable symbol."""
    try:
        demangled = idc.Demangle(symbol, idc.GetLongPrm(idc.INF_SHORT_DN))
        pre, post = demangled.split("`vtable for'", 1)
        assert pre == ''
        return post
    except:
        return None 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:11,代码来源:symbol.py

示例7: _demangle

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def _demangle(name, short=True):
    dtype = idc.INF_LONG_DN
    if short:
        dtype = idc.INF_SHORT_DN
    tmp = idc.Demangle(name, idc.GetLongPrm(dtype))
    if tmp:
        name = tmp
    name = name.replace('__', '::')
    return name 
开发者ID:ax330d,项目名称:ida_pdb_loader,代码行数:11,代码来源:undname.py

示例8: _get_imported_names

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def _get_imported_names(self):
        '''Create and return a list of imported function names.'''

        tmp = []
        for _, imp_entries in self._build_imports().items():
            for imp_name in imp_entries:
                tmp_name = idc.Demangle(imp_name, idc.GetLongPrm(idc.INF_SHORT_DN))
                if tmp_name:
                    imp_name = tmp_name
                tmp.append(imp_name)
        return tmp 
开发者ID:ax330d,项目名称:hrdev,代码行数:13,代码来源:__init__.py

示例9: demangle_name

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def demangle_name(cls, name):
        '''Demangle name.'''
        tmp = idc.Demangle(name, idc.GetLongPrm(idc.INF_SHORT_DN))
        if tmp:
            name = tmp
        if not name:
            return name
        matches = re.match(r'^(.*?)\(.*?\)', name)
        if matches:
            name = matches.group(1)
        return name 
开发者ID:ax330d,项目名称:hrdev,代码行数:13,代码来源:helper.py

示例10: get_con2_var_or_num

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def get_con2_var_or_num(i_cnt, cur_addr):
    """
    :param i_cnt: the register of the virtual call
    :param cur_addr: the current address in the memory
    :return: "success" string and the address of the vtable's location. if it fails it sends the reason and -1
    """
    start_addr = idc.get_func_attr(cur_addr, idc.FUNCATTR_START)
    virt_call_addr = cur_addr
    cur_addr = idc.prev_head(cur_addr)
    dct_arch = get_arch_dct()
    if dct_arch == -1:
        return 'Wrong Architechture', "-1", cur_addr

    while cur_addr >= start_addr:
        if idc.print_insn_mnem(cur_addr)[:3] == dct_arch["opcode"] and idc.print_operand(cur_addr, 0) == i_cnt:  # TODO lea ?
            opnd2 = idc.print_operand(cur_addr, 1)
            place = opnd2.find(dct_arch["separator"])
            if place != -1:  # if the function is not the first in the vtable
                register = opnd2[opnd2.find('[') + 1: place]
                if opnd2.find('*') == -1:
                    offset = opnd2[place + dct_arch["val_offset"]: opnd2.find(']')]
                else:
                    offset = "*"
                return register, offset, cur_addr
            else:
                offset = "0"
                if opnd2.find(']') != -1:
                    register = opnd2[opnd2.find('[') + 1: opnd2.find(']')]
                else:
                    register = opnd2
                return register, offset, cur_addr
        elif idc.print_insn_mnem(cur_addr)[:4] == "call":
            intr_func_name = idc.print_operand(cur_addr, 0)
            # In case the code has CFG -> ignores the function call before the virtual calls
            if "guard_check_icall_fptr" not in intr_func_name:
                if "nullsub" not in intr_func_name:
                    # intr_func_name = idc.Demangle(intr_func_name, idc.GetLongPrm(idc.INF_SHORT_DN))
                    print("Warning! At address 0x%08x: The vtable assignment might be in another function (Maybe %s),"
                          " could not place BP." % (virt_call_addr, intr_func_name))
                cur_addr = start_addr
        cur_addr = idc.prev_head(cur_addr)
    return "out of the function", "-1", cur_addr

    return '', 0, cur_addr 
开发者ID:0xgalz,项目名称:Virtuailor,代码行数:46,代码来源:vtableAddress.py

示例11: kernelcache_find_virtual_method_overrides

# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def kernelcache_find_virtual_method_overrides(classname=None, method=None):
    import idc
    import idaapi
    import ida_kernelcache as kc

    # Define the form to ask for the arguments.
    class MyForm(idaapi.Form):
        def __init__(self):
            swidth = 40
            idaapi.Form.__init__(self, r"""STARTITEM 0
Find virtual method overrides

<#The class#Class :{classname}>
<#The virtual method#Method:{method}>""", {
                'classname': idaapi.Form.StringInput(tp=idaapi.Form.FT_IDENT, swidth=swidth),
                'method':    idaapi.Form.StringInput(tp=idaapi.Form.FT_IDENT, swidth=swidth),
            })
        def OnFormChange(self, fid):
            return 1

    kc.collect_class_info()

    if any(arg is None for arg in (classname, method)):
        f = MyForm()
        f.Compile()
        f.classname.value = classname or ''
        f.method.value    = method    or ''
        ok = f.Execute()
        if ok != 1:
            print 'Cancelled'
            return False
        classname = f.classname.value
        method    = f.method.value
        f.Free()

    if classname not in kc.class_info:
        print 'Not a valid class: {}'.format(classname)
        return False

    print 'Subclasses of {} that override {}:'.format(classname, method)
    baseinfo = kc.class_info[classname]
    found = False
    for classinfo in baseinfo.descendants():
        for _, override, _ in kc.vtable.class_vtable_overrides(classinfo, superinfo=baseinfo,
                methods=True):
            name = idc.NameEx(idc.BADADDR, override)
            demangled = idc.Demangle(name, idc.GetLongPrm(idc.INF_SHORT_DN))
            name = demangled if demangled else name
            if method in name:
                print '{:#x}  {}'.format(override, classinfo.classname)
                found = True
    if not found:
        print 'No subclass of {} overrides {}'.format(classname, method)
    return found 
开发者ID:bazad,项目名称:ida_kernelcache,代码行数:56,代码来源:find_virtual_method_overrides.py


注:本文中的idc.Demangle方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。