1  #Export all autoanalysis MSVC functions to a Binana symbol file
 2  # @runtime Jython
 3  # @category Binana
 4  # @author Thunderbrew 
 5  # @menupath 
 6  # @toolbar logo.png
 7  
 8  from ghidra.program.model.symbol import SymbolType
 9  from java.awt import Toolkit
10  from java.awt.datatransfer import StringSelection
11  from ghidra.app.decompiler import DecompInterface
12  from ghidra.util.task import ConsoleTaskMonitor
13  from ghidra.program.model.symbol.SourceType import *
14  from ghidra.program.model.symbol import SourceType
15  
16  functionManager = currentProgram.getFunctionManager()
17  
18  file_location = askFile("Choose a file to save your Binana symbols to", "Go")
19  
20  listing = currentProgram.getListing()
21  
22  decomp_interface = DecompInterface()
23  decomp_interface.openProgram(currentProgram)
24  
25  def get_function_type(func):
26      """Uses the Decompiler to get the refined signature."""
27      if func is None:
28          return ""
29          
30      results = decomp_interface.decompileFunction(func, 30, ConsoleTaskMonitor())
31      high_func = results.getHighFunction()
32      
33      if high_func is None:
34          return "" 
35  
36      ret_type = high_func.getFunctionPrototype().getReturnType().getName().replace(" *", "*")
37  
38      call_conv = high_func.getFunctionPrototype().getModelName()
39  
40      params = []
41      num_params = high_func.getFunctionPrototype().getNumParams()
42      for i in range(num_params):
43          p = high_func.getFunctionPrototype().getParam(i)
44          params.append("{} {}".format(p.getDataType().getName().replace(" *", "*"), p.getName()))
45      
46      param_str = "(" + (", ".join(params)) + ")"
47      return ret_type + " " + call_conv + " func" + param_str
48  
49  def get_symbol_entry_for_function(func):
50      name = func.getName()
51      
52      entry_addr = func.getEntryPoint().toString().upper()[-8:]
53      body = func.getBody()
54      end_addr = (body.getMaxAddress().add(1)).toString().upper()[-8:]
55      
56      func_type = get_function_type(func)
57      # func_type = ""
58  
59      if func_type == "":
60          output = "{} {} f end={} auto".format(name, entry_addr, end_addr)
61      else:
62          output = "{} {} f end={} type=\"{}\" auto".format(
63              name, 
64              entry_addr, 
65              end_addr, 
66              func_type 
67          ) 
68      return output
69  
70  def export_function_symbols(file):
71    monitor.setMessage("Exporting MSVC autoanalysis function symbols...")
72  
73    for f in functionManager.getFunctionsNoStubs(1):
74      monitor.checkCanceled() # throws exception if canceled
75  
76      if f.isExternal() or f.isThunk():
77        continue
78  
79      symbol = f.getSymbol()
80      if symbol.getSource() == SourceType.ANALYSIS:
81          func_line = get_symbol_entry_for_function(f)
82          monitor.setMessage(func_line)
83  
84          file.write(func_line + "\n")
85  
86    return
87    
88  with open(file_location.absolutePath, "w") as file:
89    export_function_symbols(file)
90    file.close()