Java Code Examples for ghidra.program.model.listing.Listing#isUndefined()
The following examples show how to use
ghidra.program.model.listing.Listing#isUndefined() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: MakeFuncsAtLabelsScript.java From ghidra with Apache License 2.0 | 5 votes |
|
@Override
public void run() throws Exception {
// find all the sections of memory marked as executable
Program prog = currentProgram;
AddressSetView execMemSet = prog.getMemory().getExecuteSet();
SymbolTable sm = currentProgram.getSymbolTable();
SymbolIterator textLabels = sm.getPrimarySymbolIterator(execMemSet, true);
Listing listing = prog.getListing();
for (Symbol symbol : textLabels) {
if (symbol.getSource() == SourceType.IMPORTED &&
(symbol.getSymbolType() == SymbolType.LABEL)) {
if (!this.isRunningHeadless()) {
printf("%s %s", symbol.getAddress().toString(), symbol.toString());
}
Address labelAddress = symbol.getAddress();
//don't declare to be functions if the symbol starts with .L or LAB
if (symbol.toString().startsWith(".L") || symbol.toString().startsWith("LAB")) {
continue;
}
if (listing.isUndefined(labelAddress, labelAddress)) {
if (!this.isRunningHeadless()) {
printf("Undefined: %s", labelAddress.toString());
}
boolean result = disassemble(labelAddress);
if (result == false) {
printf("Disassembly failure at %s", labelAddress.toString());
continue; //must be data
}
}
createFunction(labelAddress, symbol.toString());
}
}
}
Example 2
| Source File: CondenseRepeatingBytes.java From ghidra with Apache License 2.0 | 4 votes |
|
@Override
public void run() throws Exception {
if (currentAddress == null) {
println("No Location.");
return;
}
MemoryBlock currentMemoryBlock = currentProgram.getMemory().getBlock(currentAddress);
if(!currentMemoryBlock.isInitialized()){
println("Script cannot run in uninitialized memory.");
return;
}
Listing listing = currentProgram.getListing();
Address currentAddr = currentAddress;
byte repeatingByte = currentProgram.getMemory().getByte(currentAddr);
int repeatLen = 1;
currentAddr = currentAddr.addNoWrap(1);
byte nextByte;
boolean sameMemoryBlock;
if(currentProgram.getMemory().getBlock(currentAddr).equals(currentMemoryBlock)) {
nextByte = currentProgram.getMemory().getByte(currentAddr);
sameMemoryBlock = true;
}
else{
sameMemoryBlock = false;
return;
}
boolean noCollisions = true;
while((sameMemoryBlock) && (nextByte == repeatingByte) && (noCollisions)){
repeatLen++;
currentAddr = currentAddr.addNoWrap(1);
if(currentProgram.getMemory().getBlock(currentAddr) != currentMemoryBlock){
sameMemoryBlock = false;
}
else{
nextByte = currentProgram.getMemory().getByte(currentAddr);
noCollisions = listing.isUndefined(currentAddr,currentAddr);
}
}
listing.createData(currentAddress, new AlignmentDataType(), repeatLen);
println("Applied Alignment datatype at " + currentAddress.toString());
}
Example 3
| Source File: CondenseRepeatingBytesAtEndOfMemory.java From ghidra with Apache License 2.0 | 4 votes |
|
@Override
public void run() throws Exception {
if (currentAddress == null) {
println("No Location.");
return;
}
MemoryBlock memoryBlock = currentProgram.getMemory().getBlock(currentAddress);
if(!memoryBlock.isInitialized()){
println("Script cannot run in uninitialized memory.");
return;
}
Listing listing = currentProgram.getListing();
Address currentAddr = currentAddress;
boolean isInitializedBlock = memoryBlock.isInitialized();
if(isInitializedBlock){
currentAddr = memoryBlock.getEnd();
println("end of byte addr is " + currentAddr);
byte repeatingByte = currentProgram.getMemory().getByte(currentAddr);
MemoryBlock currentMemoryBlock = null;
// search for next repeatedByte from the end of memory
// until it hits defined area or different byte
byte prevByte = repeatingByte;
int repeatLen = 0;
boolean noCollisions = listing.isUndefined(currentAddr,currentAddr);
boolean hasLabels = currentProgram.getSymbolTable().hasSymbol(currentAddr);
println("no collisions at end = " + noCollisions);
currentMemoryBlock = currentProgram.getMemory().getBlock(currentAddr);
while((prevByte == repeatingByte) && (noCollisions) && (currentMemoryBlock.equals(memoryBlock)) && (!hasLabels)){
repeatLen++;
currentAddr = currentAddr.addNoWrap(-1);
prevByte = currentProgram.getMemory().getByte(currentAddr);
noCollisions = listing.isUndefined(currentAddr,currentAddr);
hasLabels = currentProgram.getSymbolTable().hasSymbol(currentAddr);
currentMemoryBlock = currentProgram.getMemory().getBlock(currentAddr);
}
if(repeatLen > 0){
// this takes care of the last one tested that failed
currentAddr = currentAddr.addNoWrap(1);
listing.createData(currentAddr, new AlignmentDataType(), repeatLen);
println("Applied Alignment datatype at " + currentAddr.toString());
}
else{
println("No repeating bytes OR data already defined at end of " + memoryBlock);
}
}
else{
println("Cannot condense uninitialized memory.");
}
}
Example 4
| Source File: ArmThumbFunctionTableScript.java From ghidra with Apache License 2.0 | 4 votes |
|
@Override
public void
run() throws Exception
{
Register tmode = currentProgram.getProgramContext().getRegister("TMode");
Listing lst = currentProgram.getListing();
if (currentSelection != null)
{
AddressIterator addrIter = currentSelection.getAddresses(true);
while (addrIter.hasNext())
{
Address currAddr = addrIter.next();
// Only look at dword-aligned boundaries for function pointers
if ((currAddr.getOffset() & 3) != 0)
{
continue;
}
// Skip over entries with value 0 (null pointers)
long dstOffset = getInt(currAddr);
if (dstOffset == 0)
{
continue;
}
// Clear any defined data before applying our new type
if (!lst.isUndefined(currAddr,currAddr.add(3)))
{
clearListing(currAddr, currAddr.add(3));
}
// Apply a pointer data type
createData(currAddr, new Pointer32DataType());
// Now check out what we're pointing to
Reference ref = getReferencesFrom(currAddr)[0];
Address refAddr = ref.getToAddress();
if (!currentProgram.getMemory().contains(refAddr))
{
continue;
}
// Decide whether this is a pointer to an ARM or Thumb function
BigInteger tmodeValue;
if ((dstOffset & 1) == 1)
{
refAddr = refAddr.subtract(1);
tmodeValue = BigInteger.ONE;
}
else
{
// ARM function pointers should always be dword-aligned
if ((dstOffset & 3) != 0)
{
println("Warning: Invalid function pointer to " + refAddr);
continue;
}
tmodeValue = BigInteger.ZERO;
}
// Check current TMode at referenced address
BigInteger currVal =
currentProgram.getProgramContext().getValue(tmode, refAddr, false);
if (currVal == null)
{
currVal = BigInteger.ZERO;
}
// If the TMode isn't set correctly, fix it here
if (currVal.compareTo(tmodeValue) != 0)
{
currentProgram.getProgramContext().setValue(
tmode,
refAddr,
refAddr,
tmodeValue);
// if TMode was wrong but there is code here,
// clear the flow so we can disassemble it in the right mode
if (!lst.isUndefined(refAddr, refAddr))
{
ClearFlowAndRepairCmd cmd = new ClearFlowAndRepairCmd(refAddr, true, true, false);
runCommand(cmd);
}
}
if (lst.isUndefined(refAddr, refAddr))
{
disassemble(refAddr);
}
if (lst.getFunctionAt(refAddr) == null)
{
createFunction(refAddr, null);
}
}
}
}
