yetangitu/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2025-10-03 09:49:23 +02:00
Code Issues Releases Wiki Activity

GP-5764 added option to RecoverClassesFromRTTIScript enabling users to not force vfunctions to be thiscalls.

Browse source
This commit is contained in:
ghidra007 2025-07-25 22:15:27 +00:00
parent 0bd8870da3
commit cee04048cb
7 changed files with 30 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Ghidra/Features/Decompiler/ghidra_scripts/ApplyClassFunctionDefinitionUpdatesScript.java
View file

@ -47,7 +47,7 @@ public class ApplyClassFunctionDefinitionUpdatesScript extends GhidraScript {
} }
RecoveredClassHelper classHelper = new RecoveredClassHelper(currentProgram, state.getTool(), RecoveredClassHelper classHelper = new RecoveredClassHelper(currentProgram, state.getTool(),
this, false, false, false, monitor); this, false, false, false, true, monitor);
DataTypeManagerService dtms = state.getTool().getService(DataTypeManagerService.class); DataTypeManagerService dtms = state.getTool().getService(DataTypeManagerService.class);
List<DataType> selectedDatatypes = dtms.getSelectedDatatypes(); List<DataType> selectedDatatypes = dtms.getSelectedDatatypes();

2
Ghidra/Features/Decompiler/ghidra_scripts/ApplyClassFunctionSignatureUpdatesScript.java
View file

@ -47,7 +47,7 @@ public class ApplyClassFunctionSignatureUpdatesScript extends GhidraScript {
} }
RecoveredClassHelper classHelper = new RecoveredClassHelper(currentProgram, state.getTool(), RecoveredClassHelper classHelper = new RecoveredClassHelper(currentProgram, state.getTool(),
this, false, false, false, monitor); this, false, false, false, true, monitor);
if (currentAddress == null) { if (currentAddress == null) {
println("Cursor must be in a class function."); println("Cursor must be in a class function.");

9
Ghidra/Features/Decompiler/ghidra_scripts/RecoverClassesFromRTTIScript.java
View file

@ -123,6 +123,9 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {
// bookmark all constructor/destructor functions recognized by script // bookmark all constructor/destructor functions recognized by script
private static final boolean BOOKMARK_FOUND_FUNCTIONS = true; private static final boolean BOOKMARK_FOUND_FUNCTIONS = true;
// make vfunctions this calls
private static final boolean MAKE_VFUNCTIONS_THISCALLS = true;
// show a graph of class hierarchies after script is complete // show a graph of class hierarchies after script is complete
// no parent = blue vertex // no parent = blue vertex
// single parent = green vertex // single parent = green vertex
@ -193,7 +196,7 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {
nameVfunctions = !hasDebugSymbols; nameVfunctions = !hasDebugSymbols;
recoverClassesFromRTTI = new RTTIWindowsClassRecoverer(currentProgram, state.getTool(), recoverClassesFromRTTI = new RTTIWindowsClassRecoverer(currentProgram, state.getTool(),
this, BOOKMARK_FOUND_FUNCTIONS, USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS, this, BOOKMARK_FOUND_FUNCTIONS, USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS,
nameVfunctions, hasDebugSymbols, monitor); nameVfunctions, MAKE_VFUNCTIONS_THISCALLS, hasDebugSymbols, monitor);
} }
else if (isPE() && isGcc()) { else if (isPE() && isGcc()) {
@ -214,7 +217,7 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {
recoverClassesFromRTTI = new RTTIGccClassRecoverer(currentProgram, state.getTool(), recoverClassesFromRTTI = new RTTIGccClassRecoverer(currentProgram, state.getTool(),
this, BOOKMARK_FOUND_FUNCTIONS, USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS, this, BOOKMARK_FOUND_FUNCTIONS, USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS,
nameVfunctions, hasDebugSymbols, monitor); nameVfunctions, MAKE_VFUNCTIONS_THISCALLS, hasDebugSymbols, monitor);
} }
else if (isGcc()) { else if (isGcc()) {
@ -242,7 +245,7 @@ public class RecoverClassesFromRTTIScript extends GhidraScript {
nameVfunctions = !hasDebugSymbols; nameVfunctions = !hasDebugSymbols;
recoverClassesFromRTTI = new RTTIGccClassRecoverer(currentProgram, state.getTool(), recoverClassesFromRTTI = new RTTIGccClassRecoverer(currentProgram, state.getTool(),
this, BOOKMARK_FOUND_FUNCTIONS, USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS, this, BOOKMARK_FOUND_FUNCTIONS, USE_SHORT_TEMPLATE_NAMES_IN_STRUCTURE_FIELDS,
nameVfunctions, hasDebugSymbols, monitor); nameVfunctions, MAKE_VFUNCTIONS_THISCALLS, hasDebugSymbols, monitor);
} }
else { else {
println("This script will not work on this program type"); println("This script will not work on this program type");

5
Ghidra/Features/Decompiler/ghidra_scripts/classrecovery/RTTIClassRecoverer.java
View file

@ -41,10 +41,11 @@ public class RTTIClassRecoverer extends RecoveredClassHelper {
RTTIClassRecoverer(Program program, ServiceProvider serviceProvider, FlatProgramAPI api, RTTIClassRecoverer(Program program, ServiceProvider serviceProvider, FlatProgramAPI api,
boolean createBookmarks, boolean useShortTemplates, boolean nameVfunctions, boolean createBookmarks, boolean useShortTemplates, boolean nameVfunctions,
boolean hasDebugSymbols, TaskMonitor monitor) throws Exception { boolean makeVfunctionsThisCalls,boolean hasDebugSymbols, TaskMonitor monitor)
throws Exception {
super(program, serviceProvider, api, createBookmarks, useShortTemplates, nameVfunctions, super(program, serviceProvider, api, createBookmarks, useShortTemplates, nameVfunctions,
monitor); makeVfunctionsThisCalls,monitor);
this.hasDebugSymbols = hasDebugSymbols; this.hasDebugSymbols = hasDebugSymbols;

5
Ghidra/Features/Decompiler/ghidra_scripts/classrecovery/RTTIGccClassRecoverer.java
View file

@ -107,10 +107,11 @@ public class RTTIGccClassRecoverer extends RTTIClassRecoverer {
public RTTIGccClassRecoverer(Program program, ServiceProvider serviceProvider, public RTTIGccClassRecoverer(Program program, ServiceProvider serviceProvider,
FlatProgramAPI api, boolean createBookmarks, boolean useShortTemplates, FlatProgramAPI api, boolean createBookmarks, boolean useShortTemplates,
boolean nameVfunctions, boolean isDwarfLoaded, TaskMonitor monitor) throws Exception { boolean nameVfunctions, boolean makeVfunctionsThisCalls, boolean isDwarfLoaded,
TaskMonitor monitor) throws Exception {
super(program, serviceProvider, api, createBookmarks, useShortTemplates, nameVfunctions, super(program, serviceProvider, api, createBookmarks, useShortTemplates, nameVfunctions,
isDwarfLoaded, monitor); makeVfunctionsThisCalls,isDwarfLoaded, monitor);
this.isDwarfLoaded = isDwarfLoaded; this.isDwarfLoaded = isDwarfLoaded;

5
Ghidra/Features/Decompiler/ghidra_scripts/classrecovery/RTTIWindowsClassRecoverer.java
View file

@ -72,10 +72,11 @@ public class RTTIWindowsClassRecoverer extends RTTIClassRecoverer {
public RTTIWindowsClassRecoverer(Program program, ServiceProvider serviceProvider, public RTTIWindowsClassRecoverer(Program program, ServiceProvider serviceProvider,
FlatProgramAPI api, boolean createBookmarks, boolean useShortTemplates, FlatProgramAPI api, boolean createBookmarks, boolean useShortTemplates,
boolean nameVFunctions, boolean isPDBLoaded, TaskMonitor monitor) throws Exception { boolean nameVFunctions, boolean makeVfunctionsThisCalls, boolean isPDBLoaded,
TaskMonitor monitor) throws Exception {
super(program, serviceProvider, api, createBookmarks, useShortTemplates, nameVFunctions, super(program, serviceProvider, api, createBookmarks, useShortTemplates, nameVFunctions,
isPDBLoaded, monitor); makeVfunctionsThisCalls, isPDBLoaded, monitor);
this.isPDBLoaded = isPDBLoaded; this.isPDBLoaded = isPDBLoaded;
} }

12
Ghidra/Features/Decompiler/ghidra_scripts/classrecovery/RecoveredClassHelper.java
View file

@ -137,11 +137,14 @@ public class RecoveredClassHelper {
protected final boolean createBookmarks; protected final boolean createBookmarks;
protected final boolean useShortTemplates; protected final boolean useShortTemplates;
protected final boolean nameVfunctions; protected final boolean nameVfunctions;
protected final boolean makeVfunctionsThisCalls;
public HashMap<Address, Set<Function>> allVfunctions = new HashMap<>(); public HashMap<Address, Set<Function>> allVfunctions = new HashMap<>();
public RecoveredClassHelper(Program program, ServiceProvider serviceProvider, public RecoveredClassHelper(Program program, ServiceProvider serviceProvider,
FlatProgramAPI api, boolean createBookmarks, boolean useShortTemplates, FlatProgramAPI api, boolean createBookmarks, boolean useShortTemplates,
boolean nameVunctions, TaskMonitor monitor) throws Exception { boolean nameVunctions, boolean makeVfunctionsThisCalls, TaskMonitor monitor)
throws Exception {
this.monitor = monitor; this.monitor = monitor;
this.program = program; this.program = program;
@ -156,6 +159,7 @@ public class RecoveredClassHelper {
this.createBookmarks = createBookmarks; this.createBookmarks = createBookmarks;
this.useShortTemplates = useShortTemplates; this.useShortTemplates = useShortTemplates;
this.nameVfunctions = nameVunctions; this.nameVfunctions = nameVunctions;
this.makeVfunctionsThisCalls = makeVfunctionsThisCalls;
globalNamespace = (GlobalNamespace) program.getGlobalNamespace(); globalNamespace = (GlobalNamespace) program.getGlobalNamespace();
@ -4770,8 +4774,10 @@ public class RecoveredClassHelper {
// can't put external functions into a namespace from this program // can't put external functions into a namespace from this program
if (!vfunction.isExternal()) { if (!vfunction.isExternal()) {
// if not already, make it a this call // check script option and if not already, make it a this call
makeFunctionThiscall(vfunction); if (makeVfunctionsThisCalls) {
makeFunctionThiscall(vfunction);
}
// put symbol on the virtual function // put symbol on the virtual function
Symbol vfunctionSymbol = vfunction.getSymbol(); Symbol vfunctionSymbol = vfunction.getSymbol();