SeqPat doesn't work

Question

SeqPat doesn't work

gnole opened this issue 3 months ago · comments

gnole commented 3 months ago

start_from = container.index(instructions) in check(...) always None.

Semyon Sokolov · Answer 1 · Thu Apr 18 2024 11:42:47 GMT+0800 (China Standard Time)

Could you please provide your IDA Pro version and the code you're trying to use pattern on?

gnole · Answer 2 · Fri Apr 19 2024 01:15:02 GMT+0800 (China Standard Time)

I use Ida pro 8.3 (32bit). I have this source code:

#include <iostream>
#include <fstream>

class FileHandler {
private:
    std::ofstream file;

public:
    FileHandler(const std::string& filename) {
        file.open(filename);
    }

    ~FileHandler() {
        file.close();
    }

    template <typename T>
    FileHandler& write(const T& data) {
        file << data;
        return *this;
    }

    template <typename T>
    FileHandler& operator<<(const T& data) {
        return write(data);
    }

};
int callDebug(){return 0;}

int main() {
    volatile int debug;
    FileHandler fh("output.txt");
    fh << "start";
    debug = callDebug();
    fh << "q"
       << "w" << "e"
       << "r" << "t"
       << "y" << "!";
    return debug;
}

I compile it with this command:

g++ -o intel32 test.cpp -g0 -m32

Output Ida pro:

  ...
  v11 = callDebug();
  v3 = FileHandler::operator<<<char [3]>(v13, "q\n");
  v4 = FileHandler::operator<<<char [3]>(v3, "w\n");
  v5 = FileHandler::operator<<<char [3]>(v4, "e\n");
  v6 = FileHandler::operator<<<char [3]>(v5, "r\n");
  v7 = FileHandler::operator<<<char [3]>(v6, "t\n");
  v8 = FileHandler::operator<<<char [3]>(v7, "y\n");
  FileHandler::operator<<<char [3]>(v8, "!\n");
  ...

I want to output the first FileHandler::operator<<<char [3]> after callDebug . I used the old version (Aug 2023) and this pattern worked, but in the new version it doesn't return anything.
my code:

import idaapi
from herapi import *
from pprint import pprint


class FunctionRenamer(Scheme):
    def __init__(self, func):
        print("[herast] Init FunctionRenamer")
        pattern = SeqPat(
                            AsgInsnPat(AnyPat(), CallPat(0x0000133D, ignore_arguments=True)), #v11 = callDebug();
                            AsgInsnPat(AnyPat(), CallPat(func, AnyPat(), DeepExprPat(AnyPat(),  bind_name="a1"), skip_missing=True)) #v3 = FileHandler::operator<<<char [2]>(v13, "q");
                        )             
        super().__init__(pattern) 
  
    def on_matched_item(self, item, ctx: MatchContext) ->  ASTPatch|None:       
        func_ea = ctx.ast_ctx.func_addr
        s = ctx.get_item("a1")
        name = s.print1(None)       
        name = idaapi.tag_remove(name)
        name = idaapi.str2user(name)
        name = name[2:-2]
        print(hex(func_ea), name)        
        return None

def do_renames(func):
    scheme = FunctionRenamer(func)
    match_objects_xrefs(scheme, func)
  
do_renames(0x00001834) #FileHandler::operator<<<char [2]>
print("[herast] end")

gnole · Answer 3 · Mon Apr 22 2024 22:59:40 GMT+0800 (China Standard Time)

container.index(instruction) cannot find the correct index and always returns none