My current target uses a deterministic pattern when calling C++ constructors, so I can use the CFG to identify object instantiation. Here are my notes about how to use Ghidra's decompiler to get the sizes of objects to be created:
We can use the parameter of operator_new()
to find the size of the objects. Instead of parsing the instructions of the relevant basic blocks (and hoping that we don't run into some unexpected instruction sequences generated by the compiler) we can use the decompiler to get the association between the call to operator_new()
and its parameter.
Ghidra/Features/Decompiler/ghidra_scripts/ShowCCallsScript.java
contains a nice example of how to use the Decompiler API. First, an instance of DecompInterface
must be created, as shown in setUpDecompiler()
. Note that this method doesn't call openProgram()
on the returned DecomInterface
object, that is necessary to run decompilation! The decompileFunction()
method works as expected - the returned DecompileResults
object con