📄 cfunc.cpp
字号:
out->ident_sub1();
out->ident();
out->prtt(hlcode_name(p->type));
if (p->var_w.type != 0)
{
out->prtt(" w=");
out->XMLbegin(XT_Symbol, p->var_w.thevar);
out->prtt(this->m_exprs->BareVarName(&p->var_w));
out->XMLend(XT_Symbol);
}
if (p->var_r1.type != 0)
{
out->prtt(" r1=");
out->XMLbegin(XT_Symbol, p->var_r1.thevar);
out->prtt(PrtAddOn_internal(this->m_exprs->BareVarName(&p->var_r1), p->va_r1.pao));
out->XMLend(XT_Symbol);
}
if (p->var_r2.type != 0)
{
out->prtt(" r2=");
out->XMLbegin(XT_Symbol, p->var_r2.thevar);
out->prtt(PrtAddOn_internal(this->m_exprs->BareVarName(&p->var_r2), p->va_r2.pao));
out->XMLend(XT_Symbol);
}
if (p->type == i_Address)
{
out->prtf(" i1=%d", p->i1);
out->prtf(" i2=0x%x", p->i2);
}
if (p->type == i_CallApi)
{
out->prtt(p->call.papi->name);
}
out->EOL();
if (p->type == i_Begin || p->type == i_CplxBegin)
out->ident_add1();
}
}
void CFunc::DeleteUnusedVar()
{
if (m_instr_list == NULL)
return;
this->m_exprs->ClearUse();
assert(m_instr_list != NULL);
POSITION pos = m_instr_list->GetHeadPosition();
while (pos)
{
PINSTR p = m_instr_list->GetNext(pos);
M_t* pt;
pt = p->var_r1.thevar; if (pt != NULL) pt->tem_useno++;
pt = p->var_r2.thevar; if (pt != NULL) pt->tem_useno++;
pt = p->var_w .thevar; if (pt != NULL) pt->tem_useno++;
}
this->m_exprs->DeleteUnuse_VarList(this->m_exprs->vList);
}
VarTypeID GetMemDataType(VAR* pvar)
{
/*
assert(pvar);
assert(pvar->thevar);
assert(pvar->thevar->m_DataType);
assert(pvar->thevar->m_DataType->m_type == vtt_class);
*/
Class_st* pstruc = g_VarTypeManage->is_class(pvar->thevar->m_DataTypeID);
assert(pstruc);
if (pvar->part_flag == 0)
{//只有一种可能,就是结构只有一个元素,就这么大
assert(pstruc->m_nDataItem == 1);
return pstruc->GetClassItem(0)->m_vartypeid;
}
else
{
return pstruc->GetClassItem(pvar->part_flag-1)->m_vartypeid;
}
}
CString CFunc::Instr_prt_simple(PINSTR p)
{
CString s = hlcode_name(p->type);
if (p->var_w.type != 0)
{
s += " w=";
s += this->m_exprs->BareVarName(&p->var_w);
}
if (p->var_r1.type != 0)
{
s += " r1=";
s += PrtAddOn_internal(this->m_exprs->BareVarName(&p->var_r1), p->va_r1.pao);
}
if (p->var_r2.type != 0)
{
s += " r2=";
s += PrtAddOn_internal(this->m_exprs->BareVarName(&p->var_r2), p->va_r2.pao);
}
return s;
}
bool CFuncOptim::DataType_Check(VAR_ADDON* pva, CFuncType* pftype)
{
M_t* pvar = pva->pv->thevar;
if (pvar->m_DataTypeID == 0)
return false;
assert(pvar);
if (!pftype->m_varpar)
{
int i1 = GG_VarType_ID2Size(pvar->m_DataTypeID);
int i2 = pftype->para_total_size();
if (pva->pao == NULL)
{
assert(i1 == i2);
}
else if (pva->pao->type == IA_GetAddress)
{
assert(i2 == 4);
}
}
//这是把i_CallPara的参数的数据类型改了
POSITION pos = Q->m_instr_list->GetHeadPosition();
while (pos)
{
PINSTR p = Q->m_instr_list->GetNext(pos);
if (p->var_w.thevar == pvar && p->type == i_Assign)
{
if (p->var_r1.thevar != NULL
&& g_VarTypeManage->is_simple(p->var_r1.thevar->m_DataTypeID)
)
{
VarTypeID id;
if (p->var_w.part_flag == 0)
{//说明只有一个参数
assert(pftype->m_args == 1);
id = pftype->m_partypes[0];
}
else
{
id = pftype->SearchPara(p->var_w.part_flag - 1);
}
if (id != 0)
{
if (p->va_r1.pao == NULL)
{
if (p->var_r1.thevar->type != MTT_immed)
{
int size1 = p->var_r1.thevar->size;
int size2 = GG_VarType_ID2Size(id);
assert(size1 == size2);
}
VarTypeID oldid = p->var_r1.thevar->m_DataTypeID;
p->var_r1.thevar->m_DataTypeID = id;
log_prtl("1: %s datatype %s -> %s",
p->var_r1.thevar->GetName(),
::GG_VarType_ID2Name(oldid),
::GG_VarType_ID2Name(id));
return true;
}
else if (p->va_r1.pao->type == IA_GetAddress)
{
VarTypeID oldid = p->var_r1.thevar->m_DataTypeID;
VarTypeID id2 = g_VarTypeManage->GetPointTo(id);
p->var_r1.thevar->m_DataTypeID = id2;
UINT size1 = p->var_r1.thevar->size; //原来的size
UINT size2 = GG_VarType_ID2Size(id2); //新的size
if (size1 < size2)
{//变大了
p->var_r1.thevar->size = size2;
this->Q->m_exprs->Enlarge_Var(p->var_r1.thevar, Q->m_instr_list);
}
log_prtl(this->Q->Instr_prt_simple(p));
log_prtl("& X = TYPE *, so X = TYPE");
log_prtl("2: %s datatype %s -> %s",
p->var_r1.thevar->GetName(),
::GG_VarType_ID2Name(oldid),
::GG_VarType_ID2Name(id2));
return true;
}
}
}
}
}
return false;
}
bool CFuncOptim::SetParaType(UINT offset, UINT sizepara, enum_CallC conv,
PCSTR paraname, VarTypeID paraid)
{
if (conv == enum_cdecl || conv == enum_stdcall)
{
UINT par_off = offset + 4; //对不对呢
M_t* pmt = this->Q->m_exprs->SearchMT(MTT_par, par_off);
if (pmt == NULL)
return false;
if (pmt->m_DataTypeID != 0 && !g_VarTypeManage->is_simple(pmt->m_DataTypeID))
return false; //已经有类型了,就不必再做了
strcpy(pmt->namestr, paraname);
//现在,要把pmt->m_DataType换为paratype
if (pmt->size == GG_VarType_ID2Size(paraid))
{
pmt->m_DataTypeID = paraid;
}
else
{
M_t* pnew = new M_t; //new_M_t
*pnew = *pmt;
pnew->m_DataTypeID = paraid;
Q->m_exprs->vList->AddTail(pnew);
this->Q->m_exprs->Enlarge_Var(pnew, Q->m_instr_list);
assert(pnew->size == GG_VarType_ID2Size(paraid));
}
return true;
}
else
assert(0);
return false;
}
bool CFuncOptim::VarDataType_analysis_mydefine()
{//我的函数定义已经有了,从中取参数名及类型
if (this->Q->m_functype == NULL)
return false;
CFuncType* pftype = this->Q->m_functype;
UINT sizepara = pftype->para_total_size();
int offset = 0;
for (int i=0; i<pftype->m_args; i++)
{
if (this->SetParaType(offset,
sizepara,
this->Q->m_functype->m_callc,
pftype->m_parnames[i],
pftype->m_partypes[i]))
return true;
offset += GG_VarType_ID2Size(pftype->m_partypes[i]);
while (offset % 4)
offset++;
}
return false;
}
bool CFuncOptim::VarDataType_analysis()
{
POSITION pos = Q->m_instr_list->GetHeadPosition();
while (pos)
{
PINSTR p = Q->m_instr_list->GetNext(pos);
if (p->type == i_CallThis)
{
PINSTR pcall = p->call_addon.p_thecall;
assert(pcall);
if (pcall->type == i_Call)
{
CFuncType* pft = pcall->call.call_func->m_functype;
assert(pft != NULL);
assert(pft->m_class != NULL);
if (p->var_r1.thevar != NULL
&& g_VarTypeManage->is_simple(p->var_r1.thevar->m_DataTypeID)
)
{
VarTypeID id = g_VarTypeManage->Class2VarID(pft->m_class);
VarTypeID oldid = p->var_r1.thevar->m_DataTypeID;
if (p->va_r1.pao == NULL)
{
id = g_VarTypeManage->GetAddressOfID(id);
p->var_r1.thevar->m_DataTypeID = id;
}
else if (p->va_r1.pao->type == IA_GetAddress)
{
p->var_r1.thevar->m_DataTypeID = id;
}
log_prtl("3: %s datatype %s -> %s",
p->var_r1.thevar->GetName(),
::GG_VarType_ID2Name(oldid),
::GG_VarType_ID2Name(id));
return true;
}
}
}
if (p->type == i_CallPara)
{
PINSTR pcall = p->call_addon.p_thecall;
assert(pcall);
if (pcall->type == i_CallApi)
{
CFuncType* pft = pcall->call.papi->m_functype;
if (pft != NULL)
if (this->DataType_Check(&p->va_r1, pft))
return true;
}
if (pcall->type == i_Call)
{
CFuncType* pft = pcall->call.call_func->m_functype;
if (pft != NULL)
if (this->DataType_Check(&p->va_r1, pft))
return true;
}
}
if (p->type == i_CallRet)
{
PINSTR pcall = p->call_addon.p_thecall;
assert(pcall);
if (pcall->type == i_Call)
{
CFuncType* pdf = pcall->call.call_func->m_functype;
if (pdf != NULL
&& p->var_w.thevar != NULL
&& g_VarTypeManage->is_simple(p->var_w.thevar->m_DataTypeID)
)
{
VarTypeID oldid = p->var_w.thevar->m_DataTypeID;
VarTypeID id = pdf->m_retdatatype_id;
p->var_w.thevar->m_DataTypeID = pdf->m_retdatatype_id;
log_prtl("4: %s datatype %s -> %s",
p->var_w.thevar->GetName(),
::GG_VarType_ID2Name(oldid),
::GG_VarType_ID2Name(id));
return true;
}
}
if (pcall->type == i_CallApi)
{
CApi* papi = pcall->call.papi;
VarTypeID retid = papi->m_functype->m_retdatatype_id;
assert(retid);
if (p->var_w.thevar != NULL
&& g_VarTypeManage->is_simple(p->var_w.thevar->m_DataTypeID)
)
{
VarTypeID oldid = p->var_w.thevar->m_DataTypeID;
p->var_w.thevar->m_DataTypeID = retid;
log_prtl("5: %s datatype %s -> %s",
p->var_w.thevar->GetName(),
::GG_VarType_ID2Name(oldid),
::GG_VarType_ID2Name(retid));
return true;
}
}
}
}
return false;
}
bool CFunc::Var_analysis()
{
//这函数只能调用一遍
POSITION pos = m_instr_list->GetHeadPosition();
while (pos)
{
POSITION savpos = pos;
PINSTR p = m_instr_list->GetNext(pos);
if (p->type == i_EspReport)
{
this->m_exprs->EspReport(p->espreport.esp_level);
//m_instr_list->RemoveAt(savpos); //这语句再没用了,删掉算了
continue;
}
this->m_exprs->AddRef(&p->var_r1);
this->m_exprs->AddRef(&p->var_r2);
this->m_exprs->AddRef(&p->var_w);
}
return true;
}
PINSTR CFunc_InstrList::instr_next_in_func(PINSTR p)
{
return instr_next(this->m_instr_list,p);
}
PINSTR CFunc_InstrList::instr_prev_in_func(PINSTR p)
{
return instr_prev(this->m_instr_list, p);
}
PINSTR CFunc_InstrList::skip_compl(PINSTR p)
{
//p是一个begin,返回是end后一条
assert(p->type == i_Begin);
return instr_next_in_func(p->begin.m_end);
}
void CFunc::ReType(M_t* p, PCSTR newtype)
{
VarTypeID vid = get_DataType(newtype);
if (vid == 0)
return;
if (GG_VarType_ID2Size(vid) <= p->size)
{//大变小,一般不会发生
p->size = GG_VarType_ID2Size(vid);
p->m_DataTypeID = vid;
}
else
{//小变大,这可复杂了
p->size = GG_VarType_ID2Size(vid);
p->m_DataTypeID = vid;
this->m_exprs->Enlarge_Var(p, this->m_instr_list);
}
}
#include "ParseHead.h"
CString GetToken(PCSTR &p)
{
CString s;
while (*p != 0 && *p != ' ')
{
s += *p++;
}
while (*p == ' ')
p++;
return s;
}
void CFunc::Restart()
{//要再分析,保留 this->m_funcdefine
this->m_nStep = STEP_IDA_4;
//this->ll.m_asmlist = new AsmCodeList; //new_AsmCodeList
this->m_exprs = new CExprManage; //new_CExprManage
this->m_exprs->m_VarRange_H = this->m_VarRange_H;
this->m_exprs->m_VarRange_L = this->m_VarRange_L;
this->m_instr_list = NULL;
}
bool CFunc::Step_Label_Analysis()
{
CJxxLabel the(this->ll.m_asmlist);
the.Label_Analysis();
return true;
}
bool CFunc::Step_1()
{
bool bCreateNewFunc = true;
if (this->m_IfLibFunc)
return false;
if (this->m_nStep != STEP_Init)
return false;
CFuncStep1 the(this->ll.m_asmlist);
if (the.Step_1(this->m_head_off))
{
this->m_end_off = the.Get_end_off();
if (bCreateNewFunc)
the.CreateNewFunc_if_CallNear();
return true;
}
return false;
}
void CFunc::Fill_this_ECX(VarTypeID id)
{
// 意思是说,这是一个class的子函数,把ECX改名为 'this'
M_t* p = this->m_exprs->SearchMT(MTT_reg, enum_ECX);
if (p == NULL || p->size != BIT32_is_4)
return; // why ?
strcpy(p->namestr, "this");
p->m_DataTypeID = id;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -