aerosoul94/arm_mov_ext.py

## arm_mov_ext.py
import idaapi
from idc import *

class Reg:
    def __init__(self, ea, value):
        self.ea = ea
        self.value = value
        #self.cmd = cmd

class arm_mov_hook_t(idaapi.IDP_Hooks):

    def __init__(self):
        idaapi.IDP_Hooks.__init__(self)
        self.cmd = idaapi.cmd
        self.movwCmd = None
        self.movwEa  = 0
        self.movwReg = 0
        self.movwVal = 0

    def custom_emu(self):
        cmd = self.cmd
        #print "%#x" % cmd.ea

        if cmd.itype == idaapi.ARM_movl:
            print "%#x: mov %i(type=%i) %i(type=%i)" % (cmd.ea, cmd.Op1.value, cmd.Op1.type, cmd.Op2.value, cmd.Op2.type)
            if idaapi.getseg(cmd.Op2.value):
                idaapi.op_offset(cmd.ea, 1, idaapi.REF_OFF32)

        elif cmd.itype == idaapi.ARM_mov:
            if cmd.Op2.type == idaapi.o_imm and cmd.auxpref & 0x8000: # movw
                self.movwEa  = cmd.ea
                self.movwReg = cmd.Op1.reg
                self.movwVal = cmd.Op2.value
                print "%#x: movw %#x %#x" % (self.movwEa, self.movwReg, self.movwVal)
                #return False

        elif cmd.itype == idaapi.ARM_movt:
            if cmd.Op2.type == idaapi.o_imm:
                targEa = ((cmd.Op2.value << 16) | self.movwVal)
                print "%#x: movt %#x %#x ; %#x from %#x" % (cmd.ea, cmd.Op1.reg, cmd.Op2.value, targEa, self.movwEa)
                ti = idaapi.opinfo_t()
                idaapi.get_opinfo(self.movwEa, 1, idaapi.getFlags(self.movwEa), ti)
                if ti.ri.target != targEa:
                    ret = OpOffEx(self.movwEa, 1, idaapi.REF_LOW16, targEa, 0, 0)
                    print "movw ret: %i" % ret
                idaapi.get_opinfo(cmd.ea, 1, idaapi.getFlags(cmd.ea), ti)
                if ti.ri.target != targEa:
                    ret = OpOffEx(cmd.ea, 1, idaapi.REF_HIGH16, targEa, 0, 0)
                    print "movt ret: %i" % ret
                    print "XREF created to %#x" % targEa
                    return True

        return False

class arm_mov_ext_t(idaapi.plugin_t):

    flags = idaapi.PLUGIN_PROC | idaapi.PLUGIN_HIDE
    comment = ""
    wanted = ""
    wanted_hotkey = ""
    wanted_name = "arm_mov_ext"
    help = "Corrects mov x-refs."

    def init(self):
        self.prochook = None
        if idaapi.ph_get_id() != idaapi.PLFM_ARM:
            print "arm_mov_ext_t.init() skipped!"
            return idaapi.PLUGIN_SKIP

        self.prochook = arm_mov_hook_t()
        self.prochook.hook()

        print "arm_mov_ext_t.init() called!"
        return idaapi.PLUGIN_KEEP

    def run(self, arg):
        print "arm_mov_ext running"
        pass

    def term(self):
        print "arm_mov_ent_t.term() called!"
        if self.prochook:
            self.prochook.unhook()


def PLUGIN_ENTRY():
    return arm_mov_ext_t()
	import idaapi
	from idc import *

	class Reg:
	def __init__(self, ea, value):
	self.ea = ea
	self.value = value
	#self.cmd = cmd

	class arm_mov_hook_t(idaapi.IDP_Hooks):

	def __init__(self):
	idaapi.IDP_Hooks.__init__(self)
	self.cmd = idaapi.cmd
	self.movwCmd = None
	self.movwEa = 0
	self.movwReg = 0
	self.movwVal = 0

	def custom_emu(self):
	cmd = self.cmd
	#print "%#x" % cmd.ea

	if cmd.itype == idaapi.ARM_movl:
	print "%#x: mov %i(type=%i) %i(type=%i)" % (cmd.ea, cmd.Op1.value, cmd.Op1.type, cmd.Op2.value, cmd.Op2.type)
	if idaapi.getseg(cmd.Op2.value):
	idaapi.op_offset(cmd.ea, 1, idaapi.REF_OFF32)

	elif cmd.itype == idaapi.ARM_mov:
	if cmd.Op2.type == idaapi.o_imm and cmd.auxpref & 0x8000: # movw
	self.movwEa = cmd.ea
	self.movwReg = cmd.Op1.reg
	self.movwVal = cmd.Op2.value
	print "%#x: movw %#x %#x" % (self.movwEa, self.movwReg, self.movwVal)
	#return False

	elif cmd.itype == idaapi.ARM_movt:
	if cmd.Op2.type == idaapi.o_imm:
	targEa = ((cmd.Op2.value << 16) \| self.movwVal)
	print "%#x: movt %#x %#x ; %#x from %#x" % (cmd.ea, cmd.Op1.reg, cmd.Op2.value, targEa, self.movwEa)
	ti = idaapi.opinfo_t()
	idaapi.get_opinfo(self.movwEa, 1, idaapi.getFlags(self.movwEa), ti)
	if ti.ri.target != targEa:
	ret = OpOffEx(self.movwEa, 1, idaapi.REF_LOW16, targEa, 0, 0)
	print "movw ret: %i" % ret
	idaapi.get_opinfo(cmd.ea, 1, idaapi.getFlags(cmd.ea), ti)
	if ti.ri.target != targEa:
	ret = OpOffEx(cmd.ea, 1, idaapi.REF_HIGH16, targEa, 0, 0)
	print "movt ret: %i" % ret
	print "XREF created to %#x" % targEa
	return True

	return False

	class arm_mov_ext_t(idaapi.plugin_t):

	flags = idaapi.PLUGIN_PROC \| idaapi.PLUGIN_HIDE
	comment = ""
	wanted = ""
	wanted_hotkey = ""
	wanted_name = "arm_mov_ext"
	help = "Corrects mov x-refs."

	def init(self):
	self.prochook = None
	if idaapi.ph_get_id() != idaapi.PLFM_ARM:
	print "arm_mov_ext_t.init() skipped!"
	return idaapi.PLUGIN_SKIP

	self.prochook = arm_mov_hook_t()
	self.prochook.hook()

	print "arm_mov_ext_t.init() called!"
	return idaapi.PLUGIN_KEEP

	def run(self, arg):
	print "arm_mov_ext running"
	pass

	def term(self):
	print "arm_mov_ent_t.term() called!"
	if self.prochook:
	self.prochook.unhook()


	def PLUGIN_ENTRY():
	return arm_mov_ext_t()