GP-1315 Added options to allow removal of replaced class structure data types when replaced with ones created by RecoverClassesFromRTTIScript.

2025-10-05 02:39:44 +02:00 · 2021-11-10 20:01:05 +00:00 · 2021-11-10 20:01:05 +00:00 · 8610e23ae0
commit 8610e23ae0
parent d9788c0094
2 changed files with 85 additions and 0 deletions
--- a/Ghidra/Features/Decompiler/ghidra_scripts/RecoverClassesFromRTTIScript.java
+++ b/Ghidra/Features/Decompiler/ghidra_scripts/RecoverClassesFromRTTIScript.java
@ -121,6 +121,7 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {
 	// show shortened class template names in class structure field names
 	private static final boolean USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS = true;

+
 	private static final String CLASS_DATA_STRUCT_NAME = "_data";

 	private static final String CONSTRUCTOR_BOOKMARK = "CONSTRUCTOR";
@ -128,6 +129,24 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {

 	private static final String INDETERMINATE_BOOKMARK = "INDETERMINATE";

+	// If replacedClassStructuresOption is set to the following, no replaced structures will be removed
+	// from the data type manager
+	private static final int DO_NOT_REMOVE_REPLACED_CLASS_STRUCTURES = 0;
+
+	// If replacedClassStructuresOption is set to the following, only empty existing class structures 
+	// that were replaced by this script will be removed from the data type manager 
+	private static final int REMOVE_EMPTY_REPLACED_CLASS_STRUCTURES = 1;
+
+	// If replacedClassStructuresOption is set to the following, all existing class structures that 
+	// were replaced by this script, including non-emtpy ones, will be removed from the data type 
+	// manager 
+	private static final int REMOVE_ALL_REPLACED_CLASS_STRUCTURES = 2;
+
+	// NEW OPTION - 
+	// This option allows the user to decide whether and how to remove replaced existing class structures
+	// using one of the above three flags
+	int replacedClassStructuresOption = DO_NOT_REMOVE_REPLACED_CLASS_STRUCTURES;
+
 	boolean programHasRTTIApplied = false;
 	boolean hasDebugSymbols;
 	boolean isGcc = false;
@ -275,6 +294,17 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {
 			showGraph(graph);
 		}

+		if (replacedClassStructuresOption == REMOVE_EMPTY_REPLACED_CLASS_STRUCTURES) {
+			println("Removing all empty replaced class structures from the data type manager");
+			recoverClassesFromRTTI.removeReplacedClassStructures(recoveredClasses, false);
+		}
+
+		if (replacedClassStructuresOption == REMOVE_ALL_REPLACED_CLASS_STRUCTURES) {
+			println(
+				"Removing all replaced class structures from the data type manager, including non-empty ones");
+			recoverClassesFromRTTI.removeReplacedClassStructures(recoveredClasses, true);
+		}
+

 		decompilerUtils.disposeDecompilerInterface();
 	}
--- a/Ghidra/Features/Decompiler/ghidra_scripts/classrecovery/RecoveredClassUtils.java
+++ b/Ghidra/Features/Decompiler/ghidra_scripts/classrecovery/RecoveredClassUtils.java
@ -3505,6 +3505,61 @@ public class RecoveredClassUtils {
 		}
 	}

+	/**
+	 * Method to remove existing class structures from the data type manager that were replaced by 
+	 * newly created class structures and that have the "_REPLACED" suffix on them
+	 * @param recoveredClasses list of given recovered classes
+	 * @param removeNonEmpty if true, remove not only the empty replaced class structures but
+	 * also the non-empty ones.
+	 * @throws CancelledException if cancelled
+	 */
+	public void removeReplacedClassStructures(List<RecoveredClass> recoveredClasses,
+			boolean removeNonEmpty) throws CancelledException {
+
+		if (recoveredClasses.isEmpty()) {
+			return;
+		}
+
+		for (RecoveredClass recoveredClass : recoveredClasses) {
+			monitor.checkCanceled();
+
+			// first get the new class structure and verify it exists - don't remove others if 
+			// new one doesn't exist
+			DataType classStructureDataType = dataTypeManager.getDataType(
+				recoveredClass.getClassPath(), recoveredClass.getName());
+			if (classStructureDataType == null) {
+				continue;
+			}
+			// then find all class structures with name "<className>_REPLACED"
+			List<DataType> replacedClassDataTypes = new ArrayList<DataType>();
+			dataTypeManager.findDataTypes(recoveredClass.getName() + "_REPLACED",
+				replacedClassDataTypes);
+
+			if (replacedClassDataTypes.isEmpty()) {
+				continue;
+			}
+
+			for (DataType replacedClassDataType : replacedClassDataTypes) {
+				monitor.checkCanceled();
+
+				if (!(replacedClassDataType instanceof Structure)) {
+					continue;
+				}
+
+				if (removeNonEmpty) {
+					dataTypeManager.remove(replacedClassDataType, monitor);
+				}
+				else {
+					Structure replacedStructure = (Structure) replacedClassDataType;
+					if (replacedStructure.isNotYetDefined()) {
+						dataTypeManager.remove(replacedClassDataType, monitor);
+					}
+				}
+			}
+
+		}
+	}
+
 	/**
 	 * Method to create a new symbol at the given function
 	 * @param function the given function