diff options
-rw-r--r-- | idaSystemCalls.py | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/idaSystemCalls.py b/idaSystemCalls.py index 3bd9258..88bb374 100644 --- a/idaSystemCalls.py +++ b/idaSystemCalls.py @@ -882,6 +882,8 @@ class SystemCall(): def getSystemCallNumber(self, addr): """ Get the value of rax/eax at the time of the system call. """ + + sol = list() # Init machine = guess_machine() @@ -898,12 +900,30 @@ class SystemCall(): mdis.symbol_pool.add_label(name, ad) # Get the current function - func = idaapi.get_func(addr) - blocs = mdis.dis_multibloc(func.startEA) - + f = get_func(addr) + + if not f: + return sol + + blocs = mdis.dis_multibloc(f.startEA) + # Generate IR for bloc in blocs: ir_arch.add_bloc(bloc) + + # Check if addr is in a basic block without an entry. + if len(ir_arch.getby_offset(addr)) == 0: + fc = qflow_chart_t("", f, BADADDR, BADADDR, FC_PREDS) + + # Iterate through all basic blocks. + for i in xrange(0, fc.size()): + if fc[i].startEA <= addr and addr < fc[i].endEA: + # Basic block without entry found. + blocs = mdis.dis_multibloc(fc[i].startEA) + + # Generate IR + for bloc in blocs: + ir_arch.add_bloc(bloc) cur_bloc = list(ir_arch.getby_offset(addr))[0] cur_label = cur_bloc.label @@ -917,10 +937,7 @@ class SystemCall(): # Get dependency graphs dg = DependencyGraph(ir_arch, follow_call=False) graphs = dg.get(cur_label, elements, line_nb, - set([ir_arch.symbol_pool.getby_offset(func.startEA)])) - - # Display the result - sol = list() + set([ir_arch.symbol_pool.getby_offset(f.startEA)])) while 1: try: |