我们从Python开源项目中,提取了以下10个代码示例,用于说明如何使用idc.Comment()。
def push_comment(self, address=0, comment=None): """ Push a standard comment """ if comment is None: return False data = {"address": address, "comment": comment} endpoint = self.prepare_endpoint('comments') res = self.poli_post(endpoint, data) if res["result"]: g_logger.debug( "Comment %s sent for address 0x%x", comment, address) else: g_logger.error("Cannot send comment %s ( 0x%x )", comment, address) return res["result"]
def filter_coms_blacklist(cmt): """ These are standards coms, we don't want them in the DB """ if cmt is None: g_logger.error("No comment provided to filter_coms") return True black_list = [ "size_t", "int", "LPSTR", "char", "char *", "lpString", "dw", "lp", "Str", "Dest", "Src", "cch", "Dst", "jumptable", "switch ", "unsigned int", "void *", "Size", "indirect table for switch statement", "this", "jump table for", "switch jump", "nSize", "hInternet", "hObject", "SEH", "Exception handler", "Source", "Size", "Val", "Time", "struct", "unsigned __int", "__int32", "void (", "Memory", "HINSTANCE", "jumptable" ] for elem in black_list: if cmt.lower().startswith(elem.lower()): g_logger.debug("Comment %s has been blacklisted", cmt) return True return False
def execute_comment(comment): """ Thread safe comment wrapper """ def make_rpt(): idc.MakeRptCmt( comment["address"], comment["data"].encode( 'ascii', 'replace')) cmt = idc.Comment(comment["address"]) if cmt != comment["data"] and idc.RptCmt( comment["address"]) != comment["data"]: g_logger.debug( "[x] Adding comment %s @ 0x%x ", comment["data"], comment["address"]) return idaapi.execute_sync(make_rpt, idaapi.MFF_WRITE) else: pass
def send_comments(self): """ Initial sync of comments """ cmt_types = [idc.Comment, idc.RptCmt] # Maybe GetFunctionCmt also? for head in idautils.Heads(): send_cmt = "" for cmt_type in cmt_types: cmt = None cmt = cmt_type(head) if cmt and not SkelUtils.filter_coms_blacklist(cmt): if cmt not in send_cmt: send_cmt += cmt if len(send_cmt) > 0: try: self.skel_conn.push_comment(head, send_cmt) except Exception as e: g_logger.exception(e)
def AppendComment(ea, s, repeatable=False): # see williutils and http://blogs.norman.com/2011/security-research/improving-ida-analysis-of-x64-exception-handling if repeatable: string = idc.RptCmt(ea) else: string = idc.Comment(ea) if not string: string = s # no existing comment else: if s in string: # ignore duplicates return string = string + "\n" + s if repeatable: idc.MakeRptCmt(ea, string) else: idc.MakeComm(ea, string)
def visit_line(self, line): comm = {} for address in line.extract_addresses(): idacomm = idc.Comment(address) newcomm = idacomm and bap_comment.parse(idacomm) or {} union(comm, newcomm) if comm: line.widget.line += COLOR_START line.widget.line += bap_comment.dumps(comm) line.widget.line += COLOR_END
def cmt_changed(self, *args): """ A comment changed somewhere """ addr, rpt = args if rpt: cmt = idc.RptCmt(addr) else: cmt = idc.Comment(addr) if not SkelUtils.filter_coms_blacklist(cmt): self.skel_conn.push_comment(addr, cmt) return idaapi.IDB_Hooks.cmt_changed(self, *args)
def append_comment(ea, s, repeatable=False): ''' add the given string as a (possibly repeating) comment to the given address. does not add the comment if it already exists. adds the comment on its own line. Args: ea (int): the address at which to add the comment. s (str): the comment text. repeatable (bool): if True, set a repeatable comment. Raises: UnicodeEncodeError: if the given string is not ascii. ''' # see: http://blogs.norman.com/2011/security-research/improving-ida-analysis-of-x64-exception-handling s = s.encode('ascii') if repeatable: string = idc.RptCmt(ea) else: string = idc.Comment(ea) if not string: string = s # no existing comment else: if s in string: # ignore duplicates return string = string + "\\n" + s if repeatable: idc.MakeRptCmt(ea, string) else: idc.MakeComm(ea, string)
def make_comment(pos, string): """ Creates a comment with contents `string` at address `pos`. If the address is already commented append the new comment to the existing comment """ current_comment = idc.Comment(pos) if not current_comment: idc.MakeComm(pos, string) elif string not in current_comment: idc.MakeComm(pos, current_comment + " " + string)
def activate(self, ctx): pos = idc.ScreenEA() # Get current comment for this instruction and remove the C define from it, if present comment = idc.Comment(pos) code = get_operand_value(pos) define = ioctl_decoder.get_define(code) comment = comment.replace(define, "") idc.MakeComm(pos, comment) # Remove the ioctl from the valid list and add it to the invalid list to avoid 'find_all_ioctls' accidently re-indexing it. ioctl_tracker.remove_ioctl(pos)
