dece
/
Scripts
1
0
Fork 0
Code Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Scripts/ida-demangle.py

85 lines
2.4 KiB
Raw Permalink Blame History

"""IDAPython plugin to demangle strings.
It demangles the string under the cursor and set the result as comment. This
relies on the DbgHelp DLL on your system, so it should work for most recent VC
versions. This can be run as a standalone tool as well (Python 2).
"""
import argparse
import ctypes
import ctypes.util
import platform
try:
import idaapi
import idc
IS_IDAPYTHON = True
except ImportError:
IS_IDAPYTHON = False
MAX_DEMANGLED_LEN = 2**12
def main():
if IS_IDAPYTHON:
setup_ida()
else:
run_standalone()
def setup_ida():
bindings = {
"Shift-G": demangle_str_at_screen_ea
}
for binding in bindings:
idaapi.add_hotkey(binding, bindings[binding])
print "Bound " + ", ".join(bindings.keys())
def run_standalone():
argparser = argparse.ArgumentParser()
argparser.add_argument("name", type = str, help = "mangled name")
args = argparser.parse_args()
demangled = demangle_vc(args.name)
if demangled:
print demangled.decode("utf8", errors = "replace")
def demangle_str_at_screen_ea():
ea = idc.ScreenEA()
string = idc.GetString(ea)
if not string:
print "Couldn't get any string at {}.".format(hex(ea))
return
demangled = demangle_vc(string)
if not demangled:
print "Demangling failed."
return
idc.MakeComm(ea, demangled)
def demangle_vc(name, flags = 0x2800):
""" Call DbgHelp.UnDecorateSymbolName and return the demangled name bytes.
Default flags are UNDNAME_32_BIT_DECODE | UNDNAME_NO_ARGUMENTS because it
seems to work only this way?! """
if platform.system() != "Windows":
print "DbgHelp is only available on Windows!"
return ""
dbghelp_path = ctypes.util.find_library("dbghelp")
dbghelp = ctypes.windll.LoadLibrary(dbghelp_path)
name = name.lstrip(".")
mangled = ctypes.c_char_p(name.encode("utf8"))
demangled = ctypes.create_string_buffer("\x00" * MAX_DEMANGLED_LEN)
demangled_len = ctypes.c_int(MAX_DEMANGLED_LEN)
flags = ctypes.c_int(flags)
ret = dbghelp.UnDecorateSymbolName(mangled, demangled, demangled_len, flags)
if ret == 0:
error_code = ctypes.windll.kernel32.GetLastError()
print "UnDecorateSymbolName failed ({})".format(error_code)
return ""
else:
return demangled.value
if __name__ == "__main__":
main()
View Git Blame Copy Permalink