IDA Pro 6.5 support

What's new:
- Proper multi-threaded support 
- Better PyObject reference counting with ref_t and newref_t helper classes
- Improved the pywraps/deployment script
- Added IDAViewWrapper class and example
- Added idc.GetDisasmEx()
- Added idc.AddSegEx()
- Added idc.GetLocalTinfo()
- Added idc.ApplyType()
- Updated type information implementation
- Introduced the idaapi.require() - see http://www.hexblog.com/?p=749
- set REMOVE_CWD_SYS_PATH=1 by default in python.cfg (remove current directory from the import search path).

Various bugfixes:
- fixed various memory leaks
- asklong/askaddr/asksel (and corresponding idc.py functions) were returning results truncated to 32 bits in IDA64
- fix wrong documentation for idc.SizeOf
- GetFloat/GetDouble functions did not take into account endianness of the processor
- idaapi.NO_PROCESS was not defined, and was causing GetProcessPid() to fail
- idc.py: insert escape characters to string parameter when call Eval()
- idc.SaveFile/savefile were always overwriting an existing file instead of writing only the new data
- PluginForm.Close() wasn't passing its arguments to the delegate function, resulting in an error.

Author: elias.bachaalany@gmail.com

AUTHORS.txt

@@ -8,8 +8,11 @@ The IDAPython Team:
 * Hex-Rays - http://www.hex-rays.com/ - <support@hex-rays.com>
 
     Hex-Rays joined the IDAPython project in September 2009 and started contributing.
-    It is primarily maintained by Elias Bachaalany.
+    It is primarily maintained by Arnaud Diederen.
 
+* Elias Bachaalany - http://0xeb.wordpress.com/
+
+    Current project owner and maintainer
 
 * Ero Carrera - http://dkbza.org/
 

Scripts/callstack_test.py

@@ -0,0 +1,91 @@
+import sys
+import os
+
+def __sys(cmd, fmt=None, echo=True):
+    """Executes a string of OS commands and returns the a list of tuples (return code,command executed)"""
+    if not fmt:
+        fmt = {}
+    r = []
+    for cmd in [x for x in (cmd % fmt).split("\n") if len(x)]:
+        if echo:
+            print ">>>", cmd
+        r.append((os.system(cmd), cmd))
+    return r
+
+body = r"""/// Autogenerated file
+#include <stdio.h>
+#include <conio.h>
+#include <ctype.h>
+#include <windows.h>
+
+void want_break(int n)
+{
+    printf("do you want to DebugBreak in func%d()?", n);
+    char ch = _toupper(_getch());
+    printf("\n");
+    if (ch == 'Y')
+        DebugBreak();
+    else if (ch == 'X')
+        ExitProcess(n);
+}
+%FUNCS%
+int main(int /*argc*/, char * /*argv[]*/)
+{
+  func1();
+  return 0;
+}
+"""
+
+funcs_body = []
+
+func_body = r"""
+void func%(n)d()
+{
+  printf("%(ident)senter %(n)d\n");%(pause)s
+  func%(n1)d();
+  printf("%(ident)sleave %(n)d\n");
+}
+"""
+
+if len(sys.argv) < 2:
+    print "usage: gen nb_calls pause_frequency"
+    sys.exit(0)
+
+n = int(sys.argv[1])
+if n < 1:
+    print "at least one call should be passed!"
+    sys.exit(1)
+
+m = int(sys.argv[2])
+
+func_params = {'n': 0, 'n1': 0, 'ident': '', 'pause' : ''}
+
+for i in xrange(1, n + 1):
+    func_params['n'] = i
+    func_params['n1'] = i+1
+    func_params['ident'] = "  " * i
+    func_params['pause'] = ("\n  want_break(%d);" % i) if (i % m) == 0 else ''
+
+    funcs_body.append(func_body % func_params)
+funcs_body.append(r"""
+void func%(n)d()
+{
+  printf("that's it #%(n)d!\n");
+}
+""" % {'n':i+1})
+funcs_body.reverse()
+
+# write the file
+body = body.replace('%FUNCS%', ''.join(funcs_body))
+f = file('src.cpp', 'w')
+f.write(body)
+f.close()
+
+  
+__sys("""
+if exist src.exe del src.exe
+bcc32 src
+if exist src.exe move src.exe src_bcc.exe
+if exist src.obj del src.obj
+cl32 src.cpp /Zi /Od
+""")

build.py

@@ -24,7 +24,7 @@
 VERBOSE = True
 
 IDA_MAJOR_VERSION = 6
-IDA_MINOR_VERSION = 4
+IDA_MINOR_VERSION = 5
 
 if 'IDA' in os.environ:
     IDA_SDK = os.environ['IDA']
@@ -35,8 +35,8 @@
 
 # IDAPython version
 VERSION_MAJOR  = 1
-VERSION_MINOR  = 5
-VERSION_PATCH  = 6
+VERSION_MINOR  = 6
+VERSION_PATCH  = 0
 
 # Determine Python version
 PYTHON_MAJOR_VERSION = int(platform.python_version()[0])
@@ -50,7 +50,7 @@
 S_NO_OPT       = 'no-opt'
 
 # Swig command-line parameters
-SWIG_OPTIONS = '-modern -python -c++ -w451 -shadow -D__GNUC__ -DNO_OBSOLETE_FUNCS'
+SWIG_OPTIONS = '-modern -python -threads -c++ -w451 -shadow -D__GNUC__'
 
 # Common macros for all compilations
 COMMON_MACROS = [
@@ -169,8 +169,8 @@ def parse_options(args):
     with_hexrays = '--' + S_WITH_HEXRAYS in sys.argv
 
     return {
-            S_EA64: ea64, 
-            S_WITH_HEXRAYS: with_hexrays, 
+            S_EA64: ea64,
+            S_WITH_HEXRAYS: with_hexrays,
             S_NO_OPT: no_opt
            }
 
@@ -335,9 +335,9 @@ def build_distribution(manifest, distrootdir, ea64, nukeold):
 
 # -----------------------------------------------------------------------
 def build_plugin(
-        platform, 
-        idasdkdir, 
-        plugin_name, 
+        platform,
+        idasdkdir,
+        plugin_name,
         options):
 
     # Get the arguments
@@ -401,7 +401,7 @@ def build_plugin(
         platform_macros.append("PLUGINFIX")
 
     # Turn off obsolete functions
-    platform_macros.append("NO_OBSOLETE_FUNCS")
+    #platform_macros.append("NO_OBSOLETE_FUNCS")
 
     # Build the wrapper from the interface files
     ea64flag = ea64 and "-D__EA64__" or ""
@@ -467,17 +467,17 @@ def build_binary_package(options, nukeold):
                                                              platform_string)
     # Build the plugin
     build_plugin(platform_string, IDA_SDK, plugin_name, options)
-    
+
     # Build the binary distribution
     binmanifest = []
     if nukeold:
         binmanifest.extend(BINDIST_MANIFEST)
-    
+
     if not ea64 or nukeold:
       binmanifest.extend([(x, "python") for x in "python/init.py", "python/idc.py", "python/idautils.py", "idaapi.py"])
-    
+
     binmanifest.append((plugin_name, "plugins"))
-    
+
     build_distribution(binmanifest, BINDISTDIR, ea64, nukeold)
 
 

examples/ex_gdl_qflow_chart.py

@@ -15,11 +15,11 @@ def raw_main(p=True):
 
         for ns in xrange(0, q.nsucc(n)):
             if p:
-                print "  %d->%d" % (n, q.succ(n, ns))
+                print "SUCC:  %d->%d" % (n, q.succ(n, ns))
 
         for ns in xrange(0, q.npred(n)):
             if p:
-                print "  %d->%d" % (n, q.pred(n, ns))
+                print "PRED:  %d->%d" % (n, q.pred(n, ns))
 
 # -----------------------------------------------------------------------
 # Using the class

examples/ex_idagraph.py

@@ -0,0 +1,114 @@
+# -----------------------------------------------------------------------
+# This is an example illustrating how to manipulate an existing IDA-provided
+# view (and thus its graph), in Python.
+# (c) Hex-Rays
+#
+from idaapi import IDAViewWrapper
+from time import sleep
+import threading
+
+class Worker(threading.Thread):
+    def __init__(self, w):
+        threading.Thread.__init__(self)
+        self.w = w
+
+    def req_SetCurrentRendererType(self, switch_to):
+        w = self.w
+        def f():
+            print "Switching.."
+            w.SetCurrentRendererType(switch_to)
+        idaapi.execute_sync(f, idaapi.MFF_FAST)
+
+    def req_SetNodeInfo(self, node, info, flags):
+        w = self.w
+        def f():
+            print "Setting node info.."
+            w.SetNodeInfo(node, info, flags)
+        idaapi.execute_sync(f, idaapi.MFF_FAST)
+
+    def req_DelNodesInfos(self, *nodes):
+        w = self.w
+        def f():
+            print "Deleting nodes infos.."
+            w.DelNodesInfos(*nodes)
+        idaapi.execute_sync(f, idaapi.MFF_FAST)
+
+    def run(self):
+        # Note, in order to leave the UI available
+        # to the user, we'll perform UI operations
+        # in this thread.
+        #
+        # But.
+        #
+        # Qt expects that all UI operations be performed from
+        # the main thread. Therefore, we'll have to use
+        # 'idaapi.execute_sync' to send requests to the main thread.
+
+        # Switch back & forth to & from graph view
+        for i in xrange(3):
+            self.req_SetCurrentRendererType(idaapi.TCCRT_FLAT)
+            sleep(1)
+            self.req_SetCurrentRendererType(idaapi.TCCRT_GRAPH)
+            sleep(1)
+
+        # Go to graph view, and set the first node's color
+        self.req_SetCurrentRendererType(idaapi.TCCRT_GRAPH)
+        ni = idaapi.node_info_t()
+        ni.bg_color    = 0x00ff00ff
+        ni.frame_color = 0x0000ff00
+        self.req_SetNodeInfo(0, ni, idaapi.NIF_BG_COLOR|idaapi.NIF_FRAME_COLOR)
+        sleep(3)
+
+        # This was fun. But let's revert it.
+        self.req_DelNodesInfos(0)
+        sleep(3)
+
+        print "Done."
+
+class MyIDAViewWrapper(IDAViewWrapper):
+    # A wrapper around the standard IDA view wrapper.
+    # We'll react to some events and print the parameters
+    # that were sent to us, that's all.
+    def __init__(self, viewName):
+        IDAViewWrapper.__init__(self, viewName)
+
+    # Helper function, to be called by "On*" event handlers.
+    # This will print all the arguments that were passed!
+    def printPrevFrame(self):
+        import inspect
+        stack = inspect.stack()
+        frame, _, _, _, _, _ = stack[1]
+        args, _, _, values = inspect.getargvalues(frame)
+        print "EVENT: %s: args=%s" % (
+            inspect.getframeinfo(frame)[2],
+            [(i, values[i]) for i in args[1:]])
+
+    def OnViewKeydown(self, key, state):
+        self.printPrevFrame()
+
+    def OnViewClick(self, x, y, state):
+        self.printPrevFrame()
+
+    def OnViewDblclick(self, x, y, state):
+        self.printPrevFrame()
+
+    def OnViewSwitched(self, rt):
+        self.printPrevFrame()
+
+    def OnViewMouseOver(self, x, y, state, over_type, over_data):
+        self.printPrevFrame()
+
+
+
+viewName = "IDA View-A"
+w = MyIDAViewWrapper(viewName)
+if w.Bind():
+    print "Succesfully bound to %s" % viewName
+
+    # We'll launch the sequence of operations in another thread,
+    # so that sleep() calls don't freeze the UI
+    worker = Worker(w)
+    worker.start()
+
+else:
+    print "Couldn't bind to view %s. Is it available?" % viewName

examples/vds1.py

@@ -1,27 +1,27 @@
 import idaapi
 
 def main():
-  if not idaapi.init_hexrays_plugin():
-    return False
+    if not idaapi.init_hexrays_plugin():
+        return False
 
-  print "Hex-rays version %s has been detected" % idaapi.get_hexrays_version()
+    print "Hex-rays version %s has been detected" % idaapi.get_hexrays_version()
 
-  f = idaapi.get_func(idaapi.get_screen_ea());
-  if f is None:
-    print "Please position the cursor within a function"
-    return True
-  
-  cfunc = idaapi.decompile(f);
-  if cfunc is None:
-    print "Failed to decompile!"
-    return True
-  
-  sv = cfunc.get_pseudocode();
-  for i in xrange(0, sv.size()):
-    line = idaapi.tag_remove(str(sv[i]));
-    print line
+    f = idaapi.get_func(idaapi.get_screen_ea());
+    if f is None:
+        print "Please position the cursor within a function"
+        return True
+
+    cfunc = idaapi.decompile(f);
+    if cfunc is None:
+        print "Failed to decompile!"
+        return True
 
-  return True
+    sv = cfunc.get_pseudocode();
+    for i in xrange(0, sv.size()):
+        line = idaapi.tag_remove(str(sv[i]));
+        print line
+
+    return True
 
 if main():
-  idaapi.term_hexrays_plugin();
+    idaapi.term_hexrays_plugin();