-
Notifications
You must be signed in to change notification settings - Fork 0
/
repair_thunks.py
28 lines (23 loc) · 1.18 KB
/
repair_thunks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# Converts a jtl jump into a tjex r3 instruction to just a tjex r3, making variable-dependent calls much cleaner.
#@author Or Cyngiser
#@category Instructions
#@keybinding
#@menupath
#@toolbar
tjex_r3_instr = [24,7,-64,70]
def instr_gen():
instr = getFirstInstruction()
yield instr
while getInstructionAfter(instr):
instr = getInstructionAfter(instr)
yield instr
q = ghidra.app.script.GhidraScript
for instruction in instr_gen():
try:
if instruction.getMnemonicString() == u'tjl' and list(q.getBytes(ghidra.program.flatapi.FlatProgramAPI(currentProgram),currentAddress.getNewAddress(int(str(instruction).split(' ')[-1],16)), 2)) == tjex_r3_instr[:2]:
print 'Instruction fixup at : {}'.format(instruction.getAddress())
q.removeInstructionAt(ghidra.program.flatapi.FlatProgramAPI(currentProgram), instruction.getAddress())
q.setBytes(ghidra.program.flatapi.FlatProgramAPI(currentProgram),instruction.getAddress(),tjex_r3_instr)
q.disassemble(ghidra.program.flatapi.FlatProgramAPI(currentProgram), instruction.getAddress())
except ghidra.program.model.mem.MemoryAccessException, e:
continue