Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
artifacts-asiaccs20
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Andrea Gussoni
artifacts-asiaccs20
Commits
2dde45e9
Commit
2dde45e9
authored
4 years ago
by
Andrea Gussoni
Browse files
Options
Downloads
Patches
Plain Diff
Add IDA script for ad-hoc normalizations
parent
be2e4245
No related branches found
No related tags found
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
scripting/ida-extraction-scripts/clang-parser/ida-normalizer-pre.sh
+183
-0
183 additions, 0 deletions
...ida-extraction-scripts/clang-parser/ida-normalizer-pre.sh
with
183 additions
and
0 deletions
scripting/ida-extraction-scripts/clang-parser/ida-normalizer-pre.sh
0 → 100755
+
183
−
0
View file @
2dde45e9
#!/bin/bash
# Remove all multiline asm snippets
perl
-0777
-pi
-e
's/__asm.[^}]*{.[^}]*}/imperfection_wrapper();/sg'
$1
# Purge references to @<rax>
sed
-i
-e
's/@<[a-zA-Z0-9: ]\{2,7\}>//g'
$1
# Purge references to @<rax> for ARM
sed
-i
-e
's/<[a-zA-Z0-9, ]\{5,40\}>//g'
$1
# Custom assembly after goto label handling
sed
-i
-e
's/__asm { fstp st }/v21 = v21;/g'
$1
# Purge __asm annotations
sed
-i
-e
's/__asm.*//g'
$1
# Purge '' characters
sed
-i
-e
's/ '
\'
''
\'
'/'
\'
' '
\'
'/g'
$1
# Purge STCL beginning lines
sed
-i
-e
's/STCL.*//g'
$1
# Purge STC2 beginning lines
sed
-i
-e
's/STC2.*//g'
$1
# Purge #error lines
sed
-i
-e
's/#error.*//g'
$1
# Remove default namespace for argc and argv
sed
-i
-e
's/::argv/argv/g'
$1
sed
-i
-e
's/::argc/argc/g'
$1
# Purge ::argc ::argv
sed
-i
-e
's/::arg*//g'
$1
# Purge strange touple assignement
sed
-i
-e
's/__ptr32 off_41093E/stderr[3]/g'
$1
sed
-i
-e
's/__ptr32 off_41463E/stderr[3]/g'
$1
sed
-i
-e
's/__ptr32 off_4148FE/stderr[3]/g'
$1
# Purge strange ARM struct decl
sed
-i
-e
's/__attribute__((__org_arrdim(0,1)))//g'
$1
# Purge missing namespace
sed
-i
-e
's/memcmp(::s1/memcmp(s1/g'
$1
sed
-i
-e
's/\&::src/\&src/g'
$1
sed
-i
-e
's/\&::s/\&s/g'
$1
sed
-i
-e
's/::s/s/g'
$1
sed
-i
-e
's/::src/src/g'
$1
sed
-i
-e
's/::offset/offset/g'
$1
sed
-i
-e
's/::s1/s1/g'
$1
sed
-i
-e
's/::nptr/nptr/g'
$1
sed
-i
-e
's/::ptr/ptr/g'
$1
sed
-i
-e
's/::nbytes/nbytes/g'
$1
# Remove undefined struct
sed
-i
-e
's/timespec v12/int v12/g'
$1
# Purge __asm annotations
sed
-i
-e
's/__ptr32//g'
$1
# Add the lib inclusions
sed
-i
-e
's/#include <defs.h>/#include "defs.h"\n#include "custom_defs.h"/g'
$1
# Remove the comment from lines declaring nullsub and unk_
sed
-i
-e
'/\/\/.*_UNKNOWN*; weak/ s/\(\/\/ \|weak\)//g'
$1
sed
-i
-e
'/\/\/.*__fastcall.*; weak/ s/\(\/\/ \|weak\)//g'
$1
sed
-i
-e
'/\/\/.*__usercall.*;/ s/\(\/\/ \)//g'
$1
sed
-i
-e
'/\/\/.*unk_.*; weak/ s/\(\/\/ \|weak\)//g'
$1
sed
-i
-e
'/\/\/.*; idb/ s/\(\/\/ \|idb\)//g'
$1
# Remove the comment from lines which declare functions
sed
-i
-e
's/\/\/ unsigned int/unsigned int/g'
$1
# Remove the comment from lines which declare functions
sed
-i
-e
's/\/\/ signed __int64/signed __int64/g'
$1
# Remove the comment from lines which declare functions
sed
-i
-e
's/\/\/ unsigned __int64/unsigned __int64/g'
$1
# Fix specific recursive call with wrong number of arguments
sed
-i
-e
's/rpl_fcntl(a1)/rpl_fcntl(a1, a2)/g'
$1
sed
-i
-e
's/strftime_internal(0LL, -1)/strftime_internal(0LL, -1, a3, a4, a5, a6, a7, a8)/g'
$1
sed
-i
-e
's/strftime_internal(v74, v70)/strftime_internal(v74, v70, a3, a4, a5, a6, a7, a8)/g'
$1
sed
-i
-e
's/strftime_internal(0)/strftime_internal(0, a2, a3, a4, a5, a6, a7)/g'
$1
sed
-i
-e
's/strftime_internal(v16)/strftime_internal(v16, a2, a3, a4, a5, a6, a7)/g'
$1
sed
-i
-e
's/_strftime_internal_0(0LL, -1)/strftime_internal_0(0LL, -1, a3, a4, a5, a6, a7)/g'
$1
sed
-i
-e
's/_strftime_internal_0(v70, v66)/_strftime_internal_0(v70, v66, a3, a4, a5, a6, a7)/g'
$1
sed
-i
-e
's/_strftime_internal_0(v70, v66, a3, a4, a5, a6, a7);/_strftime_internal_0(v70, v66, a3, a4, a5, a6, a7, a8);/g'
$1
sed
-i
-e
's/calc_eclosure_iter(\&v24, v4)/calc_eclosure_iter(\&v24, a2, a3, v4)/g'
$1
sed
-i
-e
's/quotearg_buffer_restyled(v45, v44, v73)/quotearg_buffer_restyled(v45, v44, v73, a4, a5, a6, a7, a8, a9, a10, a11)/g'
$1
sed
-i
-e
's/quotearg_buffer_restyled((__int64)v17, v79, v73)/quotearg_buffer_restyled((__int64)v17, v79, v73, a4, a5, a6, a7, a8, a9, a10, a11)/g'
$1
sed
-i
-e
's/quotearg_buffer_restyled(v45, v44, v71)/quotearg_buffer_restyled((__int64)v45, v44, v71, a4, a5, a6, a7, a8, a9, a10, a11)/g'
$1
sed
-i
-e
's/quotearg_buffer_restyled((__int64)v18, v77, v71)/quotearg_buffer_restyled((__int64)v18, v77, v71, a4, a5, a6, a7, a8, a9, a10, a11)/g'
$1
sed
-i
-e
's/quotearg_buffer_restyled(v45, v44, v72)/quotearg_buffer_restyled(v45, v44, v72, a4, a5, a6, a7, a8, a9, a10, a11)/g'
$1
sed
-i
-e
's/quotearg_buffer_restyled((__int64)v17, v78, v72)/quotearg_buffer_restyled((__int64)v17, v78, v72, a4, a5, a6, a7, a8, a9, a10, a11)/g'
$1
sed
-i
-e
's/return quotearg_buffer_restyled(v46, v45, v72);/return quotearg_buffer_restyled(v46, v45, v72, a4, a5, a6, a7, a8, a9, a10, a11, a12);/g'
$1
sed
-i
-e
's/return quotearg_buffer_restyled((__int64)v19, v78, v72);/return quotearg_buffer_restyled((__int64)v19, v78, v72, a4, a5, a6, a7, a8, a9, a10, a11, a12);/g'
$1
sed
-i
-e
's/parse_integer(\*(_QWORD \*)v11 + 1LL, a2, v2)/parse_integer(\*(_QWORD \*)v11 + 1LL, a2)/g'
$1
sed
-i
-e
's/print_uintmaxes(v7, v5, v7, v6, v8);/print_uintmaxes(v7, v5);/g'
$1
sed
-i
-e
's/return factor_using_pollard_rho2(v4, v5, v54 + 1, v60, v36);/return factor_using_pollard_rho2(v4, v5, v54 + 1, v60);/g'
$1
sed
-i
-e
's/factor_using_pollard_rho2(v64, v55, v54 + 1, v60, v55);/factor_using_pollard_rho2(v64, v55, v54 + 1, v60);/g'
$1
sed
-i
-e
's/v5 = parse_integer(\*(_QWORD \*)v11 + 1LL, a2, v2);/v5 = parse_integer(\*(_QWORD \*)v11 + 1LL, a2);/g'
$1
sed
-i
-e
's/return write_output();/write_output();/g'
$1
sed
-i
-e
's/sequential_sort(\&a1\[-4 * (a2 >> 1)\]);/sequential_sort(\&a1\[-4 * (a2 >> 1)\], a2, a3, a4);/g'
$1
sed
-i
-e
's/sortlines((__int64)\&a1\[-4 \* (_QWORD)v8\[5\]\]);/sortlines((__int64)\&a1\[-4 \* (_QWORD)v8\[5\]\], a2, a3, a4, a5, a6, a7);/g'
$1
sed
-i
-e
's/sequential_sort(\&a1\[-4 \* (a2 >> 1)\]);/sequential_sort(\&a1\[-4 \* (a2 >> 1)\], a2, a3, a4);/g'
$1
sed
-i
-e
's/sequential_sort(a1);/sequential_sort(a1, a2, a3, a4);/g'
$1
sed
-i
-e
's/return sub_40B8D5(v19, v18, v17);/return 0;/g'
$1
sed
-i
-e
's/return sub_[a-zA-Z0-9]\{6\}(v19, v18, v17);/return 0;/g'
$1
sed
-i
-e
's/return sub_404D90();/return 0;/g'
$1
# Add specific local variable which is not declared
sed
-i
-e
's/_FST7 = a7;/int _FST7 = a7;/g'
$1
# Specific variable declaration
sed
-i
-e
's/__int64 (\*outlist_end)\[2\] = \&outlist_head; \/\/ weak/__int64 outlist_head;\n__int64 (\*outlist_end)\[2\] = \&outlist_head; \/\/ weak/g'
$1
sed
-i
-e
's/__int64 \*temptail = \&temphead; \/\/ weak/__int64 temphead;\n__int64 \*temptail = \&temphead; \/\/ weak/g'
$1
# Fix pointer taken before variable definition
sed
-i
-e
's/\/\/ Data declarations/\/\/ Data declarations\nextern __int64 slotvec0;\nextern __int64 slot0[32];\nextern __int64 tm_zero_buffer[7];/g'
$1
# Change the custom gcc_va_list to simply va_list
sed
-i
-e
's/gcc_va_list/va_list/g'
$1
sed
-i
-e
's/typedef __va_list_tag va_list\[1\];/typedef struct __va_list_tag va_list\[1\];/g'
$1
# Specific variable type correction
sed
-i
-e
's/const char \*v9; \/\/ r13/_BYTE \*v9; \/\/ r13/g'
$1
sed
-i
-e
's/char \*v2; \/\/ r12/_BYTE \*v2; \/\/ r12/g'
$1
sed
-i
-e
's/char \*v3; \/\/ rbx/_BYTE \*v3; \/\/ rbx/g'
$1
sed
-i
-e
's/_QWORD \*v3; \/\/ r15/__int64 \*v3; \/\/ r15/g'
$1
# Remove `Elf64_Dyn DYNAMIC = { 1uLL, 1uLL };` lines
sed
-i
-e
's/Elf64_Dyn DYNAMIC = { 1uLL, 1uLL }; \/\/ weak//g'
$1
sed
-i
-e
's/Elf64_Dyn stru_620028 = {1uLL, 1uLL};*//g'
$1
sed
-i
-e
's/Elf64_Dyn stru_[a-zA-Z0-9]\{6\} = {1uLL, 1uLL};*//g'
$1
# Standardize type of `postorder` variable
sed
-i
-e
's/$003F63A829E52477BDB4080710A1139D postorder = 2303284289;/__int64 postorder = 2303284289;/g'
$1
# Add the union tag for the __m128i type
sed
-i
-e
's/__m128 /union __m128 /g'
$1
sed
-i
-e
's/__m128)/union __m128)/g'
$1
sed
-i
-e
's/__m128i/union __m128i/g'
$1
sed
-i
-e
's/__m128d/struct __m128d/g'
$1
# Remove subtractions with errroneous operand types
sed
-i
-e
's/v10 = v7 - v5;/\/\/v10 = v7 - v5;/g'
$1
sed
-i
-e
's/v10 = v9 - v8;/\/\/v10 = v9 - v8;/g'
$1
sed
-i
-e
's/v9 = v6 - v4;/\/\/v9 = v6 - v4;/g'
$1
sed
-i
-e
's/if ( v8 - v4 == 1 )/if ( v8 == 1 )/g'
$1
sed
-i
-e
's/if ( v8 - v4 == 2 \&\& \*v4 == 46 \&\& v4\[1\] == 46 )/if ( v8 == 2 \&\& \*v4 == 46 \&\& v4\[1\] == 46 )/g'
$1
sed
-i
-e
's/v8 - v3 > 4095;/v8 > 4095;/g'
$1
sed
-i
-e
's/v4 = (char \*)((char \*)&v7 - v2 + 20);/\/\/v4 = (char \*)((char \*)&v7 - v2 + 20);/g'
$1
sed
-i
-e
's/v3 = qword_6157D8 - ((char \*)&v7 - v2) + a2 - 20;/\/\/v3 = qword_6157D8 - ((char \*)&v7 - v2) + a2 - 20;/g'
$1
sed
-i
-e
's/result = nullsub_12(v3, v2, (char \*)&v7 - v2 + 20);/\/\/result = nullsub_12(v3, v2, (char \*)&v7 - v2 + 20);/g'
$1
# Remove unhandled assignements
sed
-i
-e
's/v8\[3\] = _mm_loadu_si128(a5);/\/\/v8\[3\] = _mm_loadu_si128(a5);/g'
$1
sed
-i
-e
's/v109 = _mm_loadu_si128(v50 + 1);/\/\/v109 = _mm_loadu_si128(v50 + 1);/g'
$1
sed
-i
-e
's/DWORD2(v41) = v27;/\/\/DWORD2(v41) = v27;/g'
$1
sed
-i
-e
's/v23 = rpl_memchr(v3 + 3, 0x2Fu, v8 - (v3 + 3));/\/\/v23 = rpl_memchr(v3 + 3, 0x2Fu, v8 - (v3 + 3));/g'
$1
sed
-i
-e
's/v4 = (char \*)((char \*)&v7 - v2 + 20);/\/\/v4 = (char \*)((char \*)&v7 - v2 + 20);/g'
$1
sed
-i
-e
's/v3 = qword_6157D8 - ((char \*)&v7 - v2) + a2 - 20;/\/\/v3 = qword_6157D8 - ((char \*)&v7 - v2) + a2 - 20;/g'
$1
sed
-i
-e
's/v66 = rpl_memchr(v64, v62, (char \*)v58 + v61 - v64);/\/\/v66 = rpl_memchr(v64, v62, (char \*)v58 + v61 - v64);/g'
$1
sed
-i
-e
's/v57 = (__int64 \*)rpl_memchr(v54, v55, (char \*)v56 - v54 + 1);/\/\/v57 = (__int64 \*)rpl_memchr(v54, v55, (char \*)v56 - v54 + 1);/g'
$1
sed
-i
-e
's/return mktime_internal(a1, (__int64 (__fastcall \*)(__int64 \*, __int64))\&nullsub_24, \&gmtime_offset_1931);/\/\/return mktime_internal(a1, (__int64 (__fastcall \*)(__int64 \*, __int64))\&nullsub_24, \&gmtime_offset_1931);/g'
$1
# Fix declaration not in order
sed
-i
-e
's/__int64 (\*off_6204B8)\[32\] = \&qword_620680;/__int64 qword_620680\[32\];\n__int64 (\*off_6204B8)\[32\] = \&qword_620680;/g'
$1
sed
-i
-e
's/__int64 (\*off_\([a-zA-Z0-9]\{6\}\))\[\(.*\)\] = \&qword_\([a-zA-Z0-9]\{6\}\);/__int64 qword_\3\[\2\];\n__int64 (\*off_\1)\[\2\] = \&qword_\3;/g'
$1
sed
-i
-e
's/__int64 \*off_\([a-zA-Z0-9]\{6\}\) = \&qword_\([a-zA-Z0-9]\{6\}\);/__int64 qword_\2;\n__int64 (\*off_\1) = \&qword_\2;/g'
$1
# Assignement
sed
-i
-e
's/v5 = \*(_DWORD \*)nullsub_57(a1, a2);/v5 = v5;/g'
$1
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment