-
Notifications
You must be signed in to change notification settings - Fork 85
/
Copy pathfunction_arguments.py
36 lines (31 loc) · 1.16 KB
/
function_arguments.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
''' Make comment to function, using it's argument (using x86 mnemonics)
'''
def get_function_arg_value(addr):
''' Find first function argument as an argument to PUSH before function call
From command `PUSH 0x138` it will return integer value 312 (0x138)
From command `PUSH EBX` it will return integer value 3 (as EBX is 3-rd register)
'''
while True:
addr = PrevHead(addr)
if GetMnem(addr) == "push":
break
res = GetOperandValue(addr, 0)
return addr, res
def get_function_arg(addr):
''' Find first function argument as an argument to PUSH before function call
From command `PUSH 0x138` it will return string value '0x138'
From command `PUSH EBX` it will return string value 'EBX'
'''
while True:
addr = PrevHead(addr)
if GetMnem(addr) == "push":
break
res = GetOpnd(addr, 0)
return addr, res
def comment_func(func_ea):
''' Make comment to function
'''
i = 0
for x in XrefsTo(func_ea, flags=0):
addr, val = get_function_arg_value(x.frm)
MakeComm(x.frm, "func_name(0x%08x)" % val)