feat: Compatible with version 9.2

.github/workflows/ci-windows.yml

@@ -14,63 +14,57 @@ jobs:
         with:
           submodules: true
 
+      - name: Restore vcpkg cache
+        uses: actions/cache/restore@v3
+        id: vcpkg-cache
+        with:
+          path: |
+            C:/vcpkg/installed
+            C:/vcpkg/packages
+            C:/vcpkg/buildtrees
+          key: vcpkg-cache-${{ runner.os }}
+
       - name: Install Triton
         run: |
           "`r`nset(VCPKG_BUILD_TYPE release)" | Add-Content "$env:VCPKG_INSTALLATION_ROOT\triplets\x64-windows-static.cmake"
           vcpkg install triton --triplet x64-windows-static
 
-      - name: Clone IDA-SDKs repo
-        run: |
-            git clone https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/illera88/IDA-SDKs.git IDA_SDKs
+      - name: Save vcpkg cache
+        uses: actions/cache/save@v3
+        if: always()
+        with:
+          path: |
+            C:/vcpkg/installed
+            C:/vcpkg/packages
+            C:/vcpkg/buildtrees
+          key: vcpkg-cache-${{ runner.os }}
 
-      - name: List SDK zips and extract versions
-        id: sdk_versions
-        shell: bash
+      - name: Download IDA SDK 9.2
         run: |
-          cd IDA_SDKs
-          versions=()
-          for f in idasdk*.zip; do
-            if [[ "$f" =~ idasdk([0-9])([0-9])\.zip ]]; then
-              major="${BASH_REMATCH[1]}"
-              minor="${BASH_REMATCH[2]}"
-              echo "Found SDK version $major.$minor"
-              versions+=("${major}.${minor}")
-              # Unzip each SDK to its own folder
-              7z.exe x "$f" -o"../idasdk${major}${minor}"
-            fi
-          done
-          echo "VERSIONS=${versions[*]}" >> $GITHUB_ENV
+          Invoke-WebRequest -Uri "https://codeload.github.com/HexRaysSA/ida-sdk/zip/refs/tags/v9.2" -OutFile "ida-sdk-9.2.zip"
+          Expand-Archive -Path "ida-sdk-9.2.zip" -DestinationPath "."
+          New-Item -ItemType Directory -Force -Path "sdk"
+          Move-Item -Path "ida-sdk-9.2" -Destination "sdk/ida-sdk-9.2"
 
-      - name: Build Ponce for all SDKs
-        shell: bash
+      - name: Build Ponce for IDA SDK 9.2
         run: |
-          for version in $VERSIONS; do
-            major="${version%%.*}"
-            minor="${version##*.}"
-            sdkdir="idasdk${major}${minor}"
-            builddir="build_x64_${major}.${minor}"
-            echo "Building for IDA SDK $major.$minor"
-            cmake -S . -B $builddir -DIDASDK_ROOT_DIR="./$sdkdir" -DSTATICLIB=ON -DCMAKE_BUILD_TYPE=Release -G "Visual Studio 16 2019" -A x64 -DVCPKG_TARGET_TRIPLET="x64-windows-static" -DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake"
-            cmake --build $builddir --config Release --parallel 2
-            # Optionally, upload artifact here or collect for later
-          done
+          cmake -S . -B build_x64_9.2 -DIDASDK_ROOT_DIR="./sdk/ida-sdk-9.2/src" -DSTATICLIB=ON -DCMAKE_BUILD_TYPE=Release -G "Visual Studio 16 2019" -A x64 -DVCPKG_TARGET_TRIPLET="x64-windows-static" -DCMAKE_TOOLCHAIN_FILE="$env:VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake"
+          cmake --build build_x64_9.2 --config Release --parallel 2
 
-      # To upload the artifacts dynamically we need to do a little hack
-      - name: Upload all built DLLs
-        uses: actions/upload-artifact@v3
+      - name: Upload built DLLs
+        uses: actions/upload-artifact@v4
         with:
           name: ponce-windows-artifacts
           path: |
-            build_x64_*/Release/Ponce.dll
-            build_x64_*/Release/Ponce64.dll
+            build_x64_9.2/Release/Ponce64.dll
 
   release:
     runs-on: ubuntu-latest
     if: github.event_name == 'release'
     needs: build
     steps:
       - name: Download all Windows arifacts
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v4
         with:
           path: ./my_artifacts
 

CMakeLists.txt

@@ -28,8 +28,25 @@ file(GLOB PONCE_HEADER_FILES
     src/*.hpp
 )
 
-add_library(${PROJECT_NAME} SHARED ${PONCE_SOURCE_FILES} ${PONCE_HEADER_FILES})
-add_library(${PROJECT_NAME}64 SHARED ${PONCE_SOURCE_FILES} ${PONCE_HEADER_FILES})
+# Check if 32-bit library exists (SDK 9.2+ doesn't have it)
+if(WIN32)
+    set(ida32_lib_path "${IDASDK_ROOT_DIR}/lib/x64_win_vc_32/ida.lib")
+elseif(APPLE)
+    set(ida32_lib_path "${IDASDK_ROOT_DIR}/lib/x64_mac_clang_32/libida.dylib")
+elseif(UNIX)
+    set(ida32_lib_path "${IDASDK_ROOT_DIR}/lib/x64_linux_gcc_32/libida.so")
+endif()
+
+if(EXISTS "${ida32_lib_path}")
+    message(STATUS "32-bit IDA library found - building both 32-bit and 64-bit plugins")
+    set(BUILD_32BIT_PLUGIN TRUE)
+    add_library(${PROJECT_NAME} SHARED ${PONCE_SOURCE_FILES} ${PONCE_HEADER_FILES})
+    add_library(${PROJECT_NAME}64 SHARED ${PONCE_SOURCE_FILES} ${PONCE_HEADER_FILES})
+else()
+    message(STATUS "32-bit IDA library not found - building 64-bit plugin only")
+    set(BUILD_32BIT_PLUGIN FALSE)
+    add_library(${PROJECT_NAME}64 SHARED ${PONCE_SOURCE_FILES} ${PONCE_HEADER_FILES})
+endif()
 
 #                       #
 # Look for dependencies #
@@ -101,8 +118,10 @@ find_file(HEXRAYS_PATH hexrays.hpp PATHS ${IDA_INCLUDE_DIR} NO_DEFAULT_PATH)
 if(BUILD_HEXRAYS_SUPPORT)	
 	if (NOT HEXRAYS_PATH)	
 		message(FATAL_ERROR "You should add hexrays.hpp to ${IDA_INCLUDE_DIR}")	
-	else()	
-		target_compile_definitions(${PROJECT_NAME} PRIVATE BUILD_HEXRAYS_SUPPORT)	
+	else()
+		if(BUILD_32BIT_PLUGIN)
+			target_compile_definitions(${PROJECT_NAME} PRIVATE BUILD_HEXRAYS_SUPPORT)
+		endif()
 		target_compile_definitions(${PROJECT_NAME}64 PRIVATE BUILD_HEXRAYS_SUPPORT)	
 	endif()	
 endif()
@@ -112,15 +131,18 @@ get_filename_component(a_dir ${IDASDK_ROOT_DIR} DIRECTORY)
 
 
 # Now we create the projects (one for x86 and other for x64)
-target_include_directories(${PROJECT_NAME} PRIVATE ${IDA_INCLUDE_DIR})
-target_include_directories(${PROJECT_NAME}64 PRIVATE ${IDA_INCLUDE_DIR})
+if(BUILD_32BIT_PLUGIN)
+	target_include_directories(${PROJECT_NAME} PRIVATE ${IDA_INCLUDE_DIR})
+	target_link_libraries(
+		${PROJECT_NAME}
+		PRIVATE
+		triton::triton
+		${idasdk_ea32}
+	)
+	target_compile_definitions(${PROJECT_NAME} PRIVATE __X64__ __IDP__)
+endif()
 
-target_link_libraries(
-    ${PROJECT_NAME}
-	PRIVATE
-    triton::triton
-	${idasdk_ea32}
-)
+target_include_directories(${PROJECT_NAME}64 PRIVATE ${IDA_INCLUDE_DIR})
 
 target_link_libraries(
     ${PROJECT_NAME}64
@@ -129,35 +151,40 @@ target_link_libraries(
 	${idasdk_ea64}
 )
 
-target_compile_definitions(${PROJECT_NAME} PRIVATE __X64__ __IDP__)
 target_compile_definitions(${PROJECT_NAME}64 PRIVATE __X64__ __IDP__ __EA64__)
 
 if(WIN32)
-	target_compile_definitions(${PROJECT_NAME} PRIVATE __NT__)
+	if(BUILD_32BIT_PLUGIN)
+		target_compile_definitions(${PROJECT_NAME} PRIVATE __NT__)
+		set_property(TARGET ${PROJECT_NAME} PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
+	endif()
 	target_compile_definitions(${PROJECT_NAME}64 PRIVATE __NT__)
 	set(PLUGIN_EXTENSION dll)
 	add_definitions(/MP)
 	# If using the static library we should use the static runtime too
-	set_property(TARGET ${PROJECT_NAME} PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
 	set_property(TARGET ${PROJECT_NAME}64 PROPERTY MSVC_RUNTIME_LIBRARY "MultiThreaded")
 elseif (APPLE)
-	set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS_RELEASE -dead_strip)
+	if(BUILD_32BIT_PLUGIN)
+		set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS_RELEASE -dead_strip)
+		target_compile_definitions(${PROJECT_NAME} PRIVATE __MAC__ USE_DANGEROUS_FUNCTIONS USE_STANDARD_FILE_FUNCTIONS)
+		SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "")
+	endif()
 	set_target_properties(${PROJECT_NAME}64 PROPERTIES LINK_FLAGS_RELEASE -dead_strip)
-	target_compile_definitions(${PROJECT_NAME} PRIVATE __MAC__ USE_DANGEROUS_FUNCTIONS USE_STANDARD_FILE_FUNCTIONS)
 	target_compile_definitions(${PROJECT_NAME}64 PRIVATE __MAC__ USE_DANGEROUS_FUNCTIONS USE_STANDARD_FILE_FUNCTIONS)
 	# Prevent creating ponce binaries as libPonce.so but do Ponce.so
-	SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "")
 	SET_TARGET_PROPERTIES(${PROJECT_NAME}64 PROPERTIES PREFIX "")
 	set(PLUGIN_EXTENSION dylib)
 elseif (UNIX AND NOT APPLE)
-	set_target_properties(${PROJECT_NAME} PROPERTIES COMPILE_FLAGS "-ffunction-sections -fdata-sections" )
+	if(BUILD_32BIT_PLUGIN)
+		set_target_properties(${PROJECT_NAME} PROPERTIES COMPILE_FLAGS "-ffunction-sections -fdata-sections" )
+		set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS_RELEASE "-s -Wl,--gc-sections")
+		target_compile_definitions(${PROJECT_NAME} PRIVATE __LINUX__ USE_DANGEROUS_FUNCTIONS)
+		SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "")
+	endif()
 	set_target_properties(${PROJECT_NAME}64 PROPERTIES COMPILE_FLAGS "-ffunction-sections -fdata-sections" )
-	set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS_RELEASE "-s -Wl,--gc-sections")
 	set_target_properties(${PROJECT_NAME}64 PROPERTIES LINK_FLAGS_RELEASE "-s -Wl,--gc-sections")
-	target_compile_definitions(${PROJECT_NAME} PRIVATE __LINUX__ USE_DANGEROUS_FUNCTIONS)
 	target_compile_definitions(${PROJECT_NAME}64 PRIVATE __LINUX__ USE_DANGEROUS_FUNCTIONS)
 	# Prevent creating ponce binaries as libPonce.so but do Ponce.so
-	SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES PREFIX "")
 	SET_TARGET_PROPERTIES(${PROJECT_NAME}64 PROPERTIES PREFIX "")
 	set(PLUGIN_EXTENSION so)
 endif()
@@ -169,9 +196,11 @@ if(NOT WIN32)
 		message(STATUS "[-] Symbols will be stripped using strip after build")
 		# Strip binary for release builds
 		if (CMAKE_BUILD_TYPE STREQUAL Release)
-			add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
-					COMMAND strip -S $<TARGET_FILE:${PROJECT_NAME}>
-					COMMENT "Symbols stripped from ${PROJECT_NAME}")
+			if(BUILD_32BIT_PLUGIN)
+				add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
+						COMMAND strip -S $<TARGET_FILE:${PROJECT_NAME}>
+						COMMENT "Symbols stripped from ${PROJECT_NAME}")
+			endif()
 			add_custom_command(TARGET ${PROJECT_NAME}64 POST_BUILD
 					COMMAND strip -S $<TARGET_FILE:${PROJECT_NAME}64>
 					COMMENT "Symbols stripped from ${PROJECT_NAME}64")
@@ -181,10 +210,12 @@ endif()
 
 if(IDA_INSTALLED_DIR)
 	message(STATUS "[-] Ponce built plugin and pdb file will be moved to '${IDA_INSTALLED_DIR}/plugins/'. The build system should have permisions to write there or it will error.")
-	add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
-		COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_FILE:${PROJECT_NAME}> ${IDA_INSTALLED_DIR}/plugins/Ponce.${PLUGIN_EXTENSION}
-		COMMENT "Created ${IDA_INSTALLED_DIR}/plugins/${PROJECT_NAME}.${PLUGIN_EXTENSION}"
-	)
+	if(BUILD_32BIT_PLUGIN)
+		add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
+			COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_FILE:${PROJECT_NAME}> ${IDA_INSTALLED_DIR}/plugins/Ponce.${PLUGIN_EXTENSION}
+			COMMENT "Created ${IDA_INSTALLED_DIR}/plugins/${PROJECT_NAME}.${PLUGIN_EXTENSION}"
+		)
+	endif()
 
 	add_custom_command(TARGET ${PROJECT_NAME}64 POST_BUILD
 			COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_FILE:${PROJECT_NAME}64> ${IDA_INSTALLED_DIR}/plugins/Ponce64.${PLUGIN_EXTENSION}
@@ -193,10 +224,12 @@ if(IDA_INSTALLED_DIR)
 
 	# Move symbols for debugging in Windows
 	if(WIN32)
-		add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
-		COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_BINARY_DIR}/Debug/${PROJECT_NAME}.pdb ${IDA_INSTALLED_DIR}/plugins/Ponce.pdb
-		COMMENT "Created ${IDA_INSTALLED_DIR}/plugins/${PROJECT_NAME}.${PLUGIN_EXTENSION}"
-		)
+		if(BUILD_32BIT_PLUGIN)
+			add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD
+			COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_BINARY_DIR}/Debug/${PROJECT_NAME}.pdb ${IDA_INSTALLED_DIR}/plugins/Ponce.pdb
+			COMMENT "Created ${IDA_INSTALLED_DIR}/plugins/${PROJECT_NAME}.${PLUGIN_EXTENSION}"
+			)
+		endif()
 
 		add_custom_command(TARGET ${PROJECT_NAME}64 POST_BUILD
 			COMMAND ${CMAKE_COMMAND} -E copy ${CMAKE_BINARY_DIR}/Debug/${PROJECT_NAME}64.pdb ${IDA_INSTALLED_DIR}/plugins/Ponce64.pdb

src/actions.cpp

@@ -174,7 +174,7 @@ struct ah_taint_symbolize_memory_t : public action_handler_t
                 current_ea = ctx->cur_value;
         }
 #endif
-        else if (ctx->widget_type == BWN_DUMP) {
+        else if (ctx->widget_type == BWN_DUMP_COMPAT) {
             if (ctx->cur_flags & ACF_HAS_SELECTION){ // Only if there has been a valid selection
                 //We get the selection bounds from the action activation context
                 auto selection_starts = ctx->cur_sel.from.at->toea();
@@ -253,7 +253,7 @@ struct ah_taint_symbolize_memory_t : public action_handler_t
             }
             action_to_take = is_debugger_on() ? AST_ENABLE : AST_DISABLE;
         }
-        else if (action_update_ctx_t->widget_type == BWN_DUMP) {
+        else if (action_update_ctx_t->widget_type == BWN_DUMP_COMPAT) {
             action_to_take = is_debugger_on() ? AST_ENABLE : AST_DISABLE;    
         }
 #if IDA_SDK_VERSION >= 730

src/actions.hpp

@@ -13,18 +13,25 @@
 #define __END__ -1
 
 /* Depending on the IDA version the SDK allows or not using some of the fetures we have*/
+#if IDA_SDK_VERSION >= 900
+// In SDK 9.0+, BWN_DUMP was renamed to BWN_HEXVIEW
+#define BWN_DUMP_COMPAT BWN_HEXVIEW
+#else
+#define BWN_DUMP_COMPAT BWN_DUMP
+#endif
+
 #if IDA_SDK_VERSION < 730
-const int ponce_banner_views[] = { BWN_DISASM, BWN_DUMP, BWN_CHOOSER, __END__ };
-const int ponce_taint_symbolize_mem_views[] = { BWN_DISASM, BWN_DUMP, __END__ };
-const int ponce_taint_symbolize_reg_views[] = { BWN_DISASM, BWN_DUMP, __END__ };
+const int ponce_banner_views[] = { BWN_DISASM, BWN_DUMP_COMPAT, BWN_CHOOSER, __END__ };
+const int ponce_taint_symbolize_mem_views[] = { BWN_DISASM, BWN_DUMP_COMPAT, __END__ };
+const int ponce_taint_symbolize_reg_views[] = { BWN_DISASM, BWN_DUMP_COMPAT, __END__ };
 #elif IDA_SDK_VERSION == 730
-const int ponce_banner_views[] = { BWN_DISASM, BWN_DUMP, BWN_STKVIEW, BWN_CHOOSER, __END__ };
-const int ponce_taint_symbolize_mem_views[] = { BWN_DISASM, BWN_DUMP, BWN_STKVIEW, __END__ };
-const int ponce_taint_symbolize_reg_views[] = { BWN_DISASM, BWN_DUMP, BWN_STKVIEW, __END__ };
+const int ponce_banner_views[] = { BWN_DISASM, BWN_DUMP_COMPAT, BWN_STKVIEW, BWN_CHOOSER, __END__ };
+const int ponce_taint_symbolize_mem_views[] = { BWN_DISASM, BWN_DUMP_COMPAT, BWN_STKVIEW, __END__ };
+const int ponce_taint_symbolize_reg_views[] = { BWN_DISASM, BWN_DUMP_COMPAT, BWN_STKVIEW, __END__ };
 #elif IDA_SDK_VERSION >= 740
-const int ponce_banner_views[] = { BWN_DISASM, BWN_CPUREGS, BWN_DUMP, BWN_STKVIEW, BWN_CHOOSER, __END__ };
-const int ponce_taint_symbolize_mem_views[] = { BWN_DISASM, BWN_CPUREGS, BWN_DUMP, BWN_STKVIEW, __END__ };
-const int ponce_taint_symbolize_reg_views[] = { BWN_DISASM, BWN_CPUREGS, BWN_DUMP, BWN_STKVIEW, __END__ };
+const int ponce_banner_views[] = { BWN_DISASM, BWN_CPUREGS, BWN_DUMP_COMPAT, BWN_STKVIEW, BWN_CHOOSER, __END__ };
+const int ponce_taint_symbolize_mem_views[] = { BWN_DISASM, BWN_CPUREGS, BWN_DUMP_COMPAT, BWN_STKVIEW, __END__ };
+const int ponce_taint_symbolize_reg_views[] = { BWN_DISASM, BWN_CPUREGS, BWN_DUMP_COMPAT, BWN_STKVIEW, __END__ };
 #endif
 
 struct IDA_actions {

src/triton_logic.cpp

@@ -8,6 +8,7 @@
 #include <ida.hpp>
 #include <dbg.hpp>
 #include <auto.hpp>
+#include <idp.hpp>
 
 /*This function will create and fill the Triton object for every instruction
     Returns:
@@ -154,6 +155,10 @@ int tritonize(ea_t pc, thid_t threadID)
 }
 
 bool ponce_set_triton_architecture() {
+#if IDA_SDK_VERSION >= 900
+    // In SDK 9.0+, ph is accessed via PH macro or get_ph() function
+    #define ph PH
+#endif
     if (ph.id == PLFM_386) {
         if (ph.use64())
             tritonCtx.setArchitecture(triton::arch::ARCH_X86_64);
@@ -178,6 +183,9 @@ bool ponce_set_triton_architecture() {
         msg("[e] Architecture not supported by Ponce\n");
         return false;
     }
+#if IDA_SDK_VERSION >= 900
+    #undef ph
+#endif
     return true;
 }