diff options
| author | n0p <0x90@n0p.cc> | 2017-02-18 23:40:01 +0100 |
|---|---|---|
| committer | n0p <0x90@n0p.cc> | 2017-02-18 23:40:01 +0100 |
| commit | 91f639c74e0bbf28c4b06be2dc73f96bf51b568a (patch) | |
| tree | 742f55ccdc8130a5bfe0d40f78c30e916fdfb7c0 | |
| parent | ea58960fcf277354d0f50b421a7f1a3f342c1a64 (diff) | |
| download | idaSystemCalls-91f639c74e0bbf28c4b06be2dc73f96bf51b568a.tar.gz idaSystemCalls-91f639c74e0bbf28c4b06be2dc73f96bf51b568a.zip | |
Basic blocks without an entry, e.g., exception handler basic blocks in IDA, containing a system call are supported, now.
| -rw-r--r-- | idaSystemCalls.py | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/idaSystemCalls.py b/idaSystemCalls.py index 3bd9258..88bb374 100644 --- a/idaSystemCalls.py +++ b/idaSystemCalls.py @@ -882,6 +882,8 @@ class SystemCall(): def getSystemCallNumber(self, addr): """ Get the value of rax/eax at the time of the system call. """ + + sol = list() # Init machine = guess_machine() @@ -898,12 +900,30 @@ class SystemCall(): mdis.symbol_pool.add_label(name, ad) # Get the current function - func = idaapi.get_func(addr) - blocs = mdis.dis_multibloc(func.startEA) - + f = get_func(addr) + + if not f: + return sol + + blocs = mdis.dis_multibloc(f.startEA) + # Generate IR for bloc in blocs: ir_arch.add_bloc(bloc) + + # Check if addr is in a basic block without an entry. + if len(ir_arch.getby_offset(addr)) == 0: + fc = qflow_chart_t("", f, BADADDR, BADADDR, FC_PREDS) + + # Iterate through all basic blocks. + for i in xrange(0, fc.size()): + if fc[i].startEA <= addr and addr < fc[i].endEA: + # Basic block without entry found. + blocs = mdis.dis_multibloc(fc[i].startEA) + + # Generate IR + for bloc in blocs: + ir_arch.add_bloc(bloc) cur_bloc = list(ir_arch.getby_offset(addr))[0] cur_label = cur_bloc.label @@ -917,10 +937,7 @@ class SystemCall(): # Get dependency graphs dg = DependencyGraph(ir_arch, follow_call=False) graphs = dg.get(cur_label, elements, line_nb, - set([ir_arch.symbol_pool.getby_offset(func.startEA)])) - - # Display the result - sol = list() + set([ir_arch.symbol_pool.getby_offset(f.startEA)])) while 1: try: |