本文整理汇总了Python中idc.Demangle方法的典型用法代码示例。如果您正苦于以下问题:Python idc.Demangle方法的具体用法?Python idc.Demangle怎么用?Python idc.Demangle使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.Demangle方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_function_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def get_function_name(ea):
"""
Get the real function name
"""
# Try to demangle
function_name = idc.Demangle(idc.GetFunctionName(ea), idc.GetLongPrm(idc.INF_SHORT_DN))
if function_name:
function_name = function_name.split("(")[0]
# Function name is not mangled
if not function_name:
function_name = idc.GetFunctionName(ea)
if not function_name:
function_name = idc.Name(ea)
# If we still have no function name, make one up. Format is - 'UNKN_FNC_4120000'
if not function_name:
function_name = "UNKN_FNC_%s" % hex(ea)
return function_name
示例2: demangled_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def demangled_name(name):
"""Tries to demangle a functin name."""
try:
dname = idc.Demangle(name, idc.GetLongPrm(INF_SHORT_DN))
if dname and len(dname) and "::" not in dname:
dname = dname.split("(")[0]
dname = dname.split(" ")[-1]
if re.match(r"^[a-zA-Z0-9_]+$", dname):
return dname
return name
except:
return name
示例3: class_from_vtable_method_symbol
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def class_from_vtable_method_symbol(method_symbol):
"""Get the base class in a vtable method symbol.
Extract the name of the base class from a canonical method symbol.
"""
demangled = idc.Demangle(method_symbol, idc.GetLongPrm(idc.INF_SHORT_DN))
if not demangled:
return None
classname = demangled.split('::', 1)[0]
if classname == demangled:
return None
return classname
示例4: method_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def method_name(symbol):
"""Get the name of the C++ method from its symbol.
If the symbol demangles to 'Class::method(args)', this function returns 'method'.
"""
try:
demangled = idc.Demangle(symbol, idc.GetLongPrm(idc.INF_SHORT_DN))
func = demangled.split('::', 1)[1]
base = func.split('(', 1)[0]
return base or None
except:
return None
示例5: method_arguments_string
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def method_arguments_string(symbol):
"""Get the arguments string of the C++ method from its symbol.
If the symbol demangles to 'Class::method(arg1, arg2)', this function returns 'arg1, arg2'.
"""
try:
demangled = idc.Demangle(symbol, idc.GetLongPrm(idc.INF_LONG_DN))
func = demangled.split('::', 1)[1]
args = func.split('(', 1)[1]
args = args.rsplit(')', 1)[0].strip()
return args
except:
return None
示例6: vtable_symbol_get_class
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def vtable_symbol_get_class(symbol):
"""Get the class name for a vtable symbol."""
try:
demangled = idc.Demangle(symbol, idc.GetLongPrm(idc.INF_SHORT_DN))
pre, post = demangled.split("`vtable for'", 1)
assert pre == ''
return post
except:
return None
示例7: _demangle
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def _demangle(name, short=True):
dtype = idc.INF_LONG_DN
if short:
dtype = idc.INF_SHORT_DN
tmp = idc.Demangle(name, idc.GetLongPrm(dtype))
if tmp:
name = tmp
name = name.replace('__', '::')
return name
示例8: _get_imported_names
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def _get_imported_names(self):
'''Create and return a list of imported function names.'''
tmp = []
for _, imp_entries in self._build_imports().items():
for imp_name in imp_entries:
tmp_name = idc.Demangle(imp_name, idc.GetLongPrm(idc.INF_SHORT_DN))
if tmp_name:
imp_name = tmp_name
tmp.append(imp_name)
return tmp
示例9: demangle_name
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def demangle_name(cls, name):
'''Demangle name.'''
tmp = idc.Demangle(name, idc.GetLongPrm(idc.INF_SHORT_DN))
if tmp:
name = tmp
if not name:
return name
matches = re.match(r'^(.*?)\(.*?\)', name)
if matches:
name = matches.group(1)
return name
示例10: get_con2_var_or_num
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def get_con2_var_or_num(i_cnt, cur_addr):
"""
:param i_cnt: the register of the virtual call
:param cur_addr: the current address in the memory
:return: "success" string and the address of the vtable's location. if it fails it sends the reason and -1
"""
start_addr = idc.get_func_attr(cur_addr, idc.FUNCATTR_START)
virt_call_addr = cur_addr
cur_addr = idc.prev_head(cur_addr)
dct_arch = get_arch_dct()
if dct_arch == -1:
return 'Wrong Architechture', "-1", cur_addr
while cur_addr >= start_addr:
if idc.print_insn_mnem(cur_addr)[:3] == dct_arch["opcode"] and idc.print_operand(cur_addr, 0) == i_cnt: # TODO lea ?
opnd2 = idc.print_operand(cur_addr, 1)
place = opnd2.find(dct_arch["separator"])
if place != -1: # if the function is not the first in the vtable
register = opnd2[opnd2.find('[') + 1: place]
if opnd2.find('*') == -1:
offset = opnd2[place + dct_arch["val_offset"]: opnd2.find(']')]
else:
offset = "*"
return register, offset, cur_addr
else:
offset = "0"
if opnd2.find(']') != -1:
register = opnd2[opnd2.find('[') + 1: opnd2.find(']')]
else:
register = opnd2
return register, offset, cur_addr
elif idc.print_insn_mnem(cur_addr)[:4] == "call":
intr_func_name = idc.print_operand(cur_addr, 0)
# In case the code has CFG -> ignores the function call before the virtual calls
if "guard_check_icall_fptr" not in intr_func_name:
if "nullsub" not in intr_func_name:
# intr_func_name = idc.Demangle(intr_func_name, idc.GetLongPrm(idc.INF_SHORT_DN))
print("Warning! At address 0x%08x: The vtable assignment might be in another function (Maybe %s),"
" could not place BP." % (virt_call_addr, intr_func_name))
cur_addr = start_addr
cur_addr = idc.prev_head(cur_addr)
return "out of the function", "-1", cur_addr
return '', 0, cur_addr
示例11: kernelcache_find_virtual_method_overrides
# 需要导入模块: import idc [as 别名]
# 或者: from idc import Demangle [as 别名]
def kernelcache_find_virtual_method_overrides(classname=None, method=None):
import idc
import idaapi
import ida_kernelcache as kc
# Define the form to ask for the arguments.
class MyForm(idaapi.Form):
def __init__(self):
swidth = 40
idaapi.Form.__init__(self, r"""STARTITEM 0
Find virtual method overrides
<#The class#Class :{classname}>
<#The virtual method#Method:{method}>""", {
'classname': idaapi.Form.StringInput(tp=idaapi.Form.FT_IDENT, swidth=swidth),
'method': idaapi.Form.StringInput(tp=idaapi.Form.FT_IDENT, swidth=swidth),
})
def OnFormChange(self, fid):
return 1
kc.collect_class_info()
if any(arg is None for arg in (classname, method)):
f = MyForm()
f.Compile()
f.classname.value = classname or ''
f.method.value = method or ''
ok = f.Execute()
if ok != 1:
print 'Cancelled'
return False
classname = f.classname.value
method = f.method.value
f.Free()
if classname not in kc.class_info:
print 'Not a valid class: {}'.format(classname)
return False
print 'Subclasses of {} that override {}:'.format(classname, method)
baseinfo = kc.class_info[classname]
found = False
for classinfo in baseinfo.descendants():
for _, override, _ in kc.vtable.class_vtable_overrides(classinfo, superinfo=baseinfo,
methods=True):
name = idc.NameEx(idc.BADADDR, override)
demangled = idc.Demangle(name, idc.GetLongPrm(idc.INF_SHORT_DN))
name = demangled if demangled else name
if method in name:
print '{:#x} {}'.format(override, classinfo.classname)
found = True
if not found:
print 'No subclass of {} overrides {}'.format(classname, method)
return found