From b8b0f79060d34ff35e6b3b6dd60a755d2ab0e8e7 Mon Sep 17 00:00:00 2001 From: n-o-o-n Date: Fri, 16 Feb 2018 16:53:45 +0000 Subject: [PATCH 1/2] Fixed 64-bit fixup issue idaapi.get_name_value returns only 32-bit addresses, and this is IDA.DLL limitation. Because of that we have to use idaapi.get_name_ea. --- keypatch.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/keypatch.py b/keypatch.py index 8d90cee..4c9d3da 100644 --- a/keypatch.py +++ b/keypatch.py @@ -282,13 +282,12 @@ def _resolve(_op, ignore_kw=True): if parts[2] != '': sym = parts[2] - (t, v) = idaapi.get_name_value(address, sym) - - # skip if name doesn't exist or segment / segment registers - if t in (idaapi.NT_SEG, idaapi.NT_NONE): + ea = idaapi.get_name_ea(address, sym) + # skip if name doesn't exist + if ea == idaapi.BADADDR: continue - _op = _op.replace(sym, '0x{0:X}'.format(v)) + _op = _op.replace(sym, '0x{0:X}'.format(ea)) return _op From 36cdc9497644f68b887fff41d31bf0002129d06e Mon Sep 17 00:00:00 2001 From: n-o-o-n Date: Fri, 16 Feb 2018 16:59:49 +0000 Subject: [PATCH 2/2] Fixed issue #34 (Excessive IDA analysis) --- keypatch.py | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/keypatch.py b/keypatch.py index 4c9d3da..7f10819 100644 --- a/keypatch.py +++ b/keypatch.py @@ -668,14 +668,8 @@ def patch(self, address, patch_data, len): return (None, None) # ask IDA to re-analyze the patched area - if orig_func_end == idc.BADADDR: - # only analyze patched bytes, otherwise it would take a lot of time to re-analyze the whole binary - idaapi.analyze_area(address, address + patched_len + 1) - else: - idaapi.analyze_area(address, orig_func_end) - - # try to fix IDA function re-analyze issue after patching - idaapi.func_setend(address, orig_func_end) + # only analyze patched bytes, otherwise it would take a lot of time to re-analyze the whole binary + idaapi.analyze_area(address, address + patched_len + 1) return (patched_len, orig_data)