-
Notifications
You must be signed in to change notification settings - Fork 9
/
main.cpp
152 lines (127 loc) · 4.09 KB
/
main.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
// Plugin main
#include "StdAfx.h"
#define SETTINGS_FILE "MissingLink.ini"
#define OPTION_USE_TAG (1 << 0)
#define OPTION_JSON_DB (1 << 1)
// MissingLink.cpp
extern BOOL ProcessTraceFile(LPCSTR tracefile, LPCSTR winDbgXPath, LPCSTR jsonDbPath, BOOL useTag);
static void idaapi OnRepoLink(int button_code, form_actions_t &fa) { open_url("https://github.com/kweatherman/ida_missinglink/"); }
static bool idaapi run(size_t arg)
{
static const char mainDialog[] =
{
"BUTTON YES* Continue\n" // 'Continue' instead of 'okay'
// Dialog title on bar
"Missing Link\n\n"
// Message text
"Missing Link: Time Travel Debug (TTD) trace file - indirect branch info comment plugin.\n"
"%q\n"
"\t\xC2\xA9 2023 Kevin Weatherman\n"
"<#Click to open IDA Missing Link repo page.#Missing Link Github:k::>\n\n"
"<DbgX AMD64 TTD folder:F:0:62::>\n\n"
"Options:\n"
"<#Prefix indrect branch comments with 'ML' tags.#Place 'ML' comment tags.:C:36::>\n"
"<#Save the module and indirect branch data into a JSON DB file.#Save JSON DB.:C:36::>>\n"
};
qstring version, tmp;
try
{
// IDA must be IDLE
if (!auto_is_ok())
{
msg("** Wait for IDA to finish processing before starting plugin! **\n** Aborted **\n\n");
goto exit;
}
// Get .ini settings path based on our plugin DLL path
char settingsFilePath[QMAXPATH] = {};
HMODULE myModule = NULL;
GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, (LPCSTR) run, &myModule);
GetModuleFileNameA(myModule, settingsFilePath, QMAXPATH);
LPSTR fileName = PathFindFileNameA(settingsFilePath);
if (!fileName)
{
msg("** Failed to build the settings file path! **\n");
goto exit;
}
*fileName = 0;
strcat_s(settingsFilePath, QMAXPATH, SETTINGS_FILE);
// Get saved WinDbgX path, or use a default
char winDbgXPath[QMAXPATH] = {};
GetPrivateProfileStringA("settings", "windbgx_path", "C:\\Program Files\\WindowsApps\\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\\amd64\\ttd", winDbgXPath, QMAXPATH, settingsFilePath);
// Do main dialog
version.sprnt("v%s, built %s.", GetVersionString(MY_VERSION, tmp).c_str(), __DATE__);
msg("\n>> " MSG_TAG "%s\n", version.c_str());
REFRESH();
WORD optionFlags = OPTION_USE_TAG;
//int result = ask_form(mainDialog, &version, OnRepoLink, traceFile, winDbgXPath, &optionFlags);
int result = ask_form(mainDialog, &version, OnRepoLink, winDbgXPath, &optionFlags);
if (!result)
{
msg(" - Canceled -\n\n");
goto exit;
}
// Verify the WinDbgX folder exists
if (!PathFileExistsA(winDbgXPath))
{
msg("** WinDbg preview (aka \"WinDbgX\" folder doesn't exist! **\nSet the path in the plug-in dialog first.\n** Aborted **\n\n");
goto exit;
}
// Ask for trace file path
LPSTR traceFileAsk = ask_file(FALSE, "*.run;*.zip;*.cab", "Missing Link: Select trace file");
if(!traceFileAsk)
{
msg(" - Canceled -\n\n");
goto exit;
}
char traceFile[MAX_PATH];
strncpy_s(traceFile, MAX_PATH, traceFileAsk, MAX_PATH-1);
// Get optional JSON DB save path
LPSTR jsonFile = NULL;
if (optionFlags & OPTION_JSON_DB)
{
jsonFile = ask_file(TRUE, "*.json", "Missing Link:: Select JSON DB save file");
if (!jsonFile)
{
msg(" - Canceled -\n\n");
goto exit;
}
}
// Load and process trace file..
TIMESTAMP startTime = GetTimestamp();
if (ProcessTraceFile(traceFile, winDbgXPath, jsonFile, ((optionFlags & OPTION_USE_TAG) ? TRUE : FALSE)))
{
// On success, save the WinDbgX path for next time
WritePrivateProfileStringA("settings", "windbgx_path", winDbgXPath, settingsFilePath);
char buffer[64];
msg("Done, total time: %s.\n", TimestampString((GetTimestamp() - startTime), buffer));
refresh_idaview_anyway();
}
else
msg("** Aborted **\n\n");
}
CATCH("run()");
exit:;
return true;
}
static plugmod_t* idaapi init()
{
MH_Initialize();
return PLUGIN_OK;
}
static void idaapi term()
{
MH_Uninitialize();
}
__declspec(dllexport) plugin_t PLUGIN =
{
IDP_INTERFACE_VERSION,
PLUGIN_PROC,
init,
term,
run,
"TTD trace file - indirect branch info comment plugin.",
"Missing Link plugin",
"Missing Link",
""
};