hexrays_sample16.cpp
/*
* Hex-Rays Decompiler project
* Copyright (c) 2007-2024 by Hex-Rays, support@hex-rays.com
* ALL RIGHTS RESERVED.
*
* Sample plugin for Hex-Rays Decompiler.
* It installs a custom instruction optimization rule:
*
* mov #N, var.4 mov #N, var.4
* xor var@1.1, #M, var@1.1 => mov #NM, var@1.1
* where NM == (N>>8)^M
*
* We need this rule because the decompiler cannot propagate the second
* byte of VAR into the xor instruction.
*
* The XOR opcode can be replaced by any other, we do not rely on it.
* Also operand sizes can vary.
*
* This improves the decompiler output for some obfuscated code.
*/
#include <hexrays.hpp>
//--------------------------------------------------------------------------
// find backwards the instruction that defines anything from LST
const minsn_t *ins)
{
const minsn_t *p = ins;
{
break;
}
return p;
}
//--------------------------------------------------------------------------
{
{
return 0; // we want a constant as the second operand
return 0; // bigger sizes are handled by the decompiler without problems
// build list of data used by INS
// find the instruction that defines anything from USE
const minsn_t *di = find_prev_def(blk, use, ins);
if ( di == nullptr )
return 0; // not found
return 0; // must be 'mov #N, ...'
// compare the destination of DI and the left operand of INS
return 0; // operand types are different
// if operand sizes are the same, hexrays can handle it without our help
// if the size of INS->L is bigger than the size of DI->D, may not propagate
// we handle only the case where the size of INS->L is less than the size
// of DI->D because the hexrays sometimes has problems with it.
return 0;
// this is not very efficient... but acceptable
int off = 0;
{
if ( ++off >= v2.size )
return 0;
return 0;
}
// found a match! shift N in order to propagate the correct part of it
// we don't truncate the high bits, it will happen in make_number()
N >>= (off * 8);
// store the new value in INS
// optimize the instruction, it is highly likely that we will get
// a much simpler instruction like 'mov'
ins->optimize_solo();
return 1; // success, we made one change
}
};
//--------------------------------------------------------------------------
struct plugin_ctx_t : public plugmod_t
{
glbprop_t glbprop;
plugin_ctx_t()
{
install_optinsn_handler(&glbprop);
}
~plugin_ctx_t()
{
remove_optinsn_handler(&glbprop);
}
virtual bool idaapi run(size_t) override;
};
//--------------------------------------------------------------------------
bool idaapi plugin_ctx_t::run(size_t)
{
warning("The '%s' plugin is fully automatic", PLUGIN.wanted_name);
return false;
}
//--------------------------------------------------------------------------
static plugmod_t *idaapi init()
{
return nullptr; // no decompiler
msg("Hex-rays version %s has been detected, %s ready to use\n",
hxver, PLUGIN.wanted_name);
return new plugin_ctx_t;
}
//--------------------------------------------------------------------------
static const char comment[] = "Sample16 plugin for Hex-Rays decompiler";
//--------------------------------------------------------------------------
//
// PLUGIN DESCRIPTION BLOCK
//
//--------------------------------------------------------------------------
plugin_t PLUGIN =
{
IDP_INTERFACE_VERSION,
PLUGIN_HIDE // Plugin should not appear in the Edit, Plugins menu
| PLUGIN_MULTI, // The plugin can work with multiple idbs in parallel
init, // initialize
nullptr,
nullptr,
comment, // long comment about the plugin
nullptr, // multiline help about the plugin
"Propagation helper", // the preferred short name of the plugin
nullptr, // the preferred hotkey to run the plugin
};
mlist_t build_def_list(const minsn_t &ins, maymust_t maymust) const
Build def-list of an instruction.
Definition: hexrays.hpp:11157
mlist_t build_use_list(const minsn_t &ins, maymust_t maymust) const
Build use-list of an instruction.
Definition: hexrays.hpp:11149
int optimize_solo(int optflags=0)
Optimize one instruction without context.
Definition: hexrays.hpp:3609
void make_number(uint64 _value, int _size, ea_t _ea=BADADDR, int opnum=0)
Create an integer constant operand.
Definition: hexrays.hpp:10605
uint64 value(bool is_signed) const
Retrieve value of a constant integer operand.
Definition: hexrays.hpp:2834
HexRays SDK header file.
bool init_hexrays_plugin(int flags=0)
Check that your plugin is compatible with hex-rays decompiler.
Definition: hexrays.hpp:8601
void install_optinsn_handler(optinsn_t *opt)
Install an instruction level custom optimizer.
Definition: hexrays.hpp:10477
bool remove_optinsn_handler(optinsn_t *opt)
Remove an instruction level custom optimizer.
Definition: hexrays.hpp:10483
Definition: hexrays.hpp:2011
User defined callback to optimize individual microcode instructions.
Definition: hexrays.hpp:2109
virtual int func(mblock_t *blk, minsn_t *ins, int optflags)=0
Optimize an instruction.