chizui/Il2CppInspectorRedux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Python: Allow creation of typed arrays in IDA and Ghidra

Browse Source
This commit is contained in:
Katy Coe
2020-09-06 05:23:28 +02:00
parent 658896f6d6
commit e341f8886b
3 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
Il2CppInspector.Common/Outputs/ScriptResources/Targets/Ghidra.py
View File

@@ -2,6 +2,7 @@
from ghidra.app.cmd.function import ApplyFunctionSignatureCmd from ghidra.app.cmd.function import ApplyFunctionSignatureCmd
from ghidra.app.script import GhidraScriptUtil from ghidra.app.script import GhidraScriptUtil
from ghidra.app.util.cparser.C import CParserUtils from ghidra.app.util.cparser.C import CParserUtils
from ghidra.program.model.data import ArrayDataType
from ghidra.program.model.symbol import SourceType from ghidra.program.model.symbol import SourceType
def SetName(addr, name): def SetName(addr, name):
@@ -21,6 +22,16 @@ def MakeFunction(start, name=None):
if name is not None: if name is not None:
setPlateComment(addr, name) setPlateComment(addr, name)
def MakeArray(addr, numItems, cppType):
if cppType.startswith('struct '):
cppType = cppType[7:]
t = getDataTypes(cppType)[0]
a = ArrayDataType(t, numItems, t.getLength())
addr = toAddr(addr)
removeDataAt(addr)
createData(addr, a)
def DefineCode(code): def DefineCode(code):
# Code declarations are not supported in Ghidra # Code declarations are not supported in Ghidra
# This only affects string literals for metadata version < 19 # This only affects string literals for metadata version < 19
@@ -32,11 +43,11 @@ def SetFunctionType(addr, sig):
typeSig = CParserUtils.parseSignature(None, currentProgram, sig) typeSig = CParserUtils.parseSignature(None, currentProgram, sig)
ApplyFunctionSignatureCmd(toAddr(addr), typeSig, SourceType.USER_DEFINED, False, True).applyTo(currentProgram) ApplyFunctionSignatureCmd(toAddr(addr), typeSig, SourceType.USER_DEFINED, False, True).applyTo(currentProgram)
def SetType(addr, type): def SetType(addr, cppType):
if type.startswith('struct '): if cppType.startswith('struct '):
type = type[7:] cppType = cppType[7:]
t = getDataTypes(type)[0] t = getDataTypes(cppType)[0]
addr = toAddr(addr) addr = toAddr(addr)
removeDataAt(addr) removeDataAt(addr)
createData(addr, t) createData(addr, t)

4
Il2CppInspector.Common/Outputs/ScriptResources/Targets/IDA.py
View File

@@ -10,6 +10,10 @@ def SetName(addr, name):
def MakeFunction(start): def MakeFunction(start):
ida_funcs.add_func(start) ida_funcs.add_func(start)
def MakeArray(addr, numItems, cppType):
SetType(addr, cppType)
idc.make_array(addr, numItems)
def DefineCode(code): def DefineCode(code):
idc.parse_decls(code) idc.parse_decls(code)

10
Il2CppInspector.Common/Outputs/ScriptResources/shared-main.py
View File

@@ -38,6 +38,11 @@ def DefineField(addr, name, type, ilType = None):
if (ilType is not None): if (ilType is not None):
SetComment(addr, AsUTF8(ilType)) SetComment(addr, AsUTF8(ilType))
def DefineArray(jsonDef):
addr = ParseAddress(jsonDef)
MakeArray(addr, int(jsonDef['count']), AsUTF8(jsonDef['type']))
SetName(addr, AsUTF8(jsonDef['name']))
# Process JSON # Process JSON
def ProcessJSON(jsonData): def ProcessJSON(jsonData):
@@ -105,6 +110,11 @@ def ProcessJSON(jsonData):
for d in jsonData['functionMetadata']: for d in jsonData['functionMetadata']:
DefineCppFunction(d) DefineCppFunction(d)
# IL2CPP array metadata
print('Processing IL2CPP array metadata')
for d in jsonData['arrayMetadata']:
DefineArray(d)
# IL2CPP API functions # IL2CPP API functions
print('Processing IL2CPP API functions') print('Processing IL2CPP API functions')
for d in jsonData['apis']: for d in jsonData['apis']: