-
Notifications
You must be signed in to change notification settings - Fork 12
/
pcode_inspector.py
76 lines (60 loc) · 2.3 KB
/
pcode_inspector.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#Prints information about pcode. Click on a function in the decompiler window, run this.
#@author Karl Sickendick kc0bfv@gmail.com
#@category PCode
#@keybinding
#@menupath
#@toolbar
from __future__ import print_function
import logging
from ghidra_pcode_interpreter.mem import InvalidAddrException
from ghidra_pcode_interpreter.state import State
from ghidra_pcode_interpreter.utils import get_api_base, get_func_extents
logger = logging.getLogger(__name__)
logging.basicConfig(level=logging.DEBUG)
def print_pcode_info(func, state, stop_addr):
cur_loc = state.get_pc()
while cur_loc <= stop_addr:
logging.info("Current location: 0x{:x}".format(cur_loc))
try:
cur_loc = state.inspect_cur_location()
except InvalidAddrException as e:
logging.info("No code at location")
state.set_pc(state.get_pc() + 1)
cur_loc = state.get_pc()
def main():
logging.basicConfig(level=logging.DEBUG)
curr_addr = 0
if currentLocation is None:
curr_addr = askAddress("Starting Address", "Provide starting address:")
else:
curr_addr = currentLocation.address
# Build the emulator state
state = State(get_api_base(getInstructionAt))
# Determine the function of concern
containing_func = None
try:
containing_func = getFunctionContaining(curr_addr)
except:
pass
if containing_func is None:
logger.error("Could not get containing function for selection")
exit(1)
# Print some function info
start_point, func_end = get_func_extents(containing_func)
logger.debug("Func body {} - {}".format(start_point, func_end))
state.setup_stack()
state.fake_function_call(start_point.offset)
# Print state and architecture information
logging.info("State info: {}".format(state))
logging.info("Architecture info: {}".format(state.arch))
# Print some parameter info
params = containing_func.getParameters()
logger.info("Parameter Information")
for param in params:
logger.info("Paramter ordinal {} storage {} varnode {}".format(
param.getOrdinal(), param.getVariableStorage(),
param.getFirstStorageVarnode())
)
print_pcode_info(containing_func, state, func_end.offset)
if __name__ == "__main__":
main()