Class: Relyze::ExecutableFileModel::DataTypeFactory

Inherits:

Object

• Object
• Relyze::ExecutableFileModel::DataTypeFactory

Defined in:

C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb

Overview

The DataTypeFactory manages all data types used by a model. You can access the DataTypeFactory via #data_type_factory or for brevity we can use #dtf. Within the GUI, the Data Type Manager is a front end to the DataTypeFactory.

Examples:

Add a new type to the DTF…

# Add a new structure to the DTF...
print_message(
    cm.data_type_factory.add( "struct _FOO { int a; void * b; int c };" )
)
# Now we can get an instance of this structure _FOO
foo = cm.data_type_factory['_FOO']
# We can dump the contents of the data type, using the instance name 'bar'
print_message( foo.to_s( 'bar' ) )
# We can print the byte offset to a member in the structure
print_message( foo.offset_to( 'c' ) )

Unmangle names

# We can unmangle a name, this prints "_ThrowExceptionLDTC"
print_message( cm.dtf.unmangle_name( "@_ThrowExceptionLDTC$qpvt1t1t1uiuiuipuct1" ) )
# We can unmangle a name to a type and get back a DataType, in this case a FunctionDataType.
# This prints "void __cdecl foo( void * param1, void * param2, void * param3, void * param4, unsigned int param5, unsigned int param6, unsigned int param7, unsigned char * param8, void * param9 )"
print_message( cm.dtf.unmangle_type( "@_ThrowExceptionLDTC$qpvt1t1t1uiuiuipuct1" ).to_s( 'foo' ) )

Create a DataType and set it to a block.

target_rva = 0x00123456
# Hold the write lock, disable auto analysis until
# our block has executed, then run auto analysis.
success = cm.synchronize_analyze do
    # Get the basic block that contains this RVA.
    block = cm.block( target_rva )
    break false if block.nil?
    # If the basic block is code, then change it to data.
    if( block.code? )
        block = block.to_data
        break false if block.nil?
    end
    # If our target RVA is not the beginning of this
    # basic block, then we must split the block at
    # the desired location.
    if( block.rva != target_rva )
        block = block.split( target_rva, :data )
        break false if block.nil?
    end
    # Use the data type factory to create an array
    # of 8 floats.
    type = cm.dtf.create_array(
        8,
        cm.dtf.get( 'float' )
    )
    break false if type.nil?
    # Set this blocks data type.
    block.set_datatype( type )
end

Class Method Summary

• .hash_name(name) ⇒ Integer

  Convert a name string into a hash value for use with #exists? and #get.

Instance Method Summary

• #[](name_or_hash) ⇒ Relyze::ExecutableFileModel::DataType^?

  Get a specific data type in this data type factory.

• #add(source, lang = :c, compat = :clang) ⇒ true, false

  Add a new data type to this data type factory by describing the type via a source declaration.

• #create_array(count, data_type) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing an array of data types.

• #create_char_string(count) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing an 8bit char string.

• #create_function ⇒ Relyze::ExecutableFileModel::DataType^?

  Create an empty FunctionDataType.

• #create_pointer(data_type, target_type = :data, pointer_type = :va) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing a pointer to a data type.

• #create_utf16_string(count, endian = :little) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing a UTF-16 string.

• #create_utf32_string(count, endian = :little) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing a UTF-32 string.

• #create_utf8_string(count) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing a UTF-8 string.

• #create_wide_char_string(count) ⇒ Relyze::ExecutableFileModel::DataType^?

  Create a data type representing a 16bit wide char string.

• #exists?(name_or_hash) ⇒ true, false

  Check if a specific data type exists in this data type factory.

• #get(name_or_hash, source = nil, query_pch = true) ⇒ Relyze::ExecutableFileModel::DataType^?

  Get a data type from this data type factory, optionally adding the type via a source declaration if the type does not already exist..

• #hash_name(name) ⇒ Integer

  Convert a name string into a hash value for use with #exists? and #get.

• #items {|data_type| ... } ⇒ Object

  Get every DataType in this data type factory.

• #unmangle_name(name) ⇒ String

  Unmangle a mangled name.

• #unmangle_type(name) ⇒ Relyze::ExecutableFileModel::DataType^?

  If possible, extract type information from a mangled name in order to create a DataType instance to represent the type.

Class Method Details

.hash_name(name) ⇒ Integer

Convert a name string into a hash value for use with #exists? and #get. Using the hash of a name instead of the name itself can give a performance boost if many queries to the data type factory are performed.

Parameters:

• name (String) —

  The name to hash.

Returns:

• (Integer) —

  The hash value.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 75

def DataTypeFactory.hash_name( name )
    return nil
end

Instance Method Details

#[](name_or_hash) ⇒ Relyze::ExecutableFileModel::DataType^?

Get a specific data type in this data type factory.

Parameters:

• name_or_hash (String, Integer) —

  Either the name of the data type to get or the hash of its name.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 152

def []( name_or_hash )
    return self.get( name_or_hash )
end

#add(source, lang = :c, compat = :clang) ⇒ true, false

Add a new data type to this data type factory by describing the type via a source declaration.

Examples:

cm.data_type_factory.add( "struct _FOO { int a; void * b; int c };" )

Parameters:

• source (String) —

  The source of the type declaration, given in the language specified by the lang parameter.

• lang (Symbol) (defaults to: :c) —

  The language of the source type declaration, either :c or :cpp.

• compat (Symbol) (defaults to: :clang) —

  The compatibility level to use when parsing the source type declaration, either :msvc, :borland or :clang.

Returns:

• (true, false)

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 125

def add( source, lang=:c, compat=:clang )
    return false
end

#create_array(count, data_type) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing an array of data types.

Parameters:

• count (Integer) —

  The number of items in the array.

• data_type (Relyze::ExecutableFileModel::DataType) —

  The type of items in this array.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing an array.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 203

def create_array( count, data_type )
    return nil
end

#create_char_string(count) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing an 8bit char string.

Parameters:

• count (Integer) —

  The character count of the ANSII string to create.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing an ANSII string.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 160

def create_char_string( count )
    return nil
end

#create_function ⇒ Relyze::ExecutableFileModel::DataType^?

Create an empty FunctionDataType

Examples:

# Create an empty function data type.
func = cm.dtf.create_function
# Set the return type to be an int.
func.return = cm.dtf['int']
# Set the calling convention to be __stdcall
func.cc = :stdcall
# Add an int parameter called bar.
func.add_parameter( 'bar', cm.dtf['int']  )
# Add a pointer to a boolean parameter called qaz
func.add_parameter( 'qaz', cm.dtf.create_pointer( cm.dtf['bool'] )  )
# Prints the function decl "int __stdcall foo( int bar, bool * qaz )"
print_message( func.to_s('foo') )

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing a function.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 234

def create_function
    return nil
end

#create_pointer(data_type, target_type = :data, pointer_type = :va) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing a pointer to a data type.

Parameters:

• data_type (Relyze::ExecutableFileModel::DataType, nil) —

  If this parameter is nil then the pointer doesn't point to an explicit type.

• target_type (Symbol) (defaults to: :data) —

  The target basic block type this pointer points to, either :code or :data

• pointer_type (Symbol) (defaults to: :va) —

  The kind of pointer to create, either :va, :varef, :rva or :fileoffset

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing a pointer.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 213

def create_pointer( data_type, target_type=:data, pointer_type=:va )
    return nil
end

#create_utf16_string(count, endian = :little) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing a UTF-16 string.

Parameters:

• count (Integer) —

  The character count of the string to create.

• endian (Symbol) (defaults to: :little) —

  The endian to use, either :little or :big.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing a UTF-16 string.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 185

def create_utf16_string( count, endian=:little )
    return nil
end

#create_utf32_string(count, endian = :little) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing a UTF-32 string.

Parameters:

• count (Integer) —

  The character count of the string to create.

• endian (Symbol) (defaults to: :little) —

  The endian to use, either :little or :big.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing a UTF-32 string.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 194

def create_utf32_string( count, endian=:little )
    return nil
end

#create_utf8_string(count) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing a UTF-8 string.

Parameters:

• count (Integer) —

  The character count of the string to create.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing a UTF-8 string.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 176

def create_utf8_string( count )
    return nil
end

#create_wide_char_string(count) ⇒ Relyze::ExecutableFileModel::DataType^?

Create a data type representing a 16bit wide char string.

Parameters:

• count (Integer) —

  The character count of the string to create.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type representing an wide string.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 168

def create_wide_char_string( count )
    return nil
end

#exists?(name_or_hash) ⇒ true, false

Check if a specific data type exists in this data type factory.

Parameters:

• name_or_hash (String, Integer) —

  Either the name of the data type to check for or the hash of its name.

Returns:

• (true, false)

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 112

def exists?( name_or_hash )
    return false
end

#get(name_or_hash, source = nil, query_pch = true) ⇒ Relyze::ExecutableFileModel::DataType^?

Get a data type from this data type factory, optionally adding the type via a source declaration if the type does not already exist..

Parameters:

• name_or_hash (String, Integer) —

  Either the name of the data type to check for or the hash of its name.

• source (String, nil) (defaults to: nil) —

  An optional source of the type declaration to add this data type if it does not already exist.

• query_pch (true, false) (defaults to: true) —

  If the requested type name is not found in the models data type factory, query the models default pre-compiler header (if available) for the type, adding the queried type to the data type factory if found.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  The corresponding A data type.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 136

def get( name_or_hash, source=nil, query_pch=true )
    return nil
end

#hash_name(name) ⇒ Integer

Convert a name string into a hash value for use with #exists? and #get. Using the hash of a name instead of the name itself can give a performance boost if many queries to the data type factory are performed.

Parameters:

• name (String) —

  The name to hash.

Returns:

• (Integer) —

  The hash value.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 85

def hash_name( name )
    DataTypeFactory.hash_name( name )
end

#items {|data_type| ... } ⇒ Object

Get every Relyze::ExecutableFileModel::DataType in this data type factory.

Yields:

• (data_type) —

  yields the data_type to the block.

Yield Parameters:

• data_type (Relyze::ExecutableFileModel::DataType) —

  A data type.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 144

def items
    return []
end

#unmangle_name(name) ⇒ String

Unmangle a mangled name. Formats supported are Microsoft, LLVM and Borland style mangled names.

Parameters:

• name (String) —

  A mangled name.

Returns:

• (String) —

  The unmangled name.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 94

def unmangle_name( name )
    return nil
end

#unmangle_type(name) ⇒ Relyze::ExecutableFileModel::DataType^?

If possible, extract type information from a mangled name in order to create a Relyze::ExecutableFileModel::DataType instance to represent the type.

Parameters:

• name (String) —

  A mangled name.

Returns:

• (Relyze::ExecutableFileModel::DataType, nil) —

  A data type generated from this mangled name.

# File 'C:/Program Files/Relyze/lib/relyze/core/executable_file_model.rb', line 104

def unmangle_type( name )
    return nil
end