IDA Python / x86_RE_lib

[Joel Eriksson <je () bitnux com>]

Hi Halvar & the rest of the list,

I've determined the problem now. When there was a jmp/call into the middle of an
instruction (that IDA writes as jmp label+X) or into an invalid address, since
ua_mnem() returns None in that case and this was not handled correctly. This
caused IDA to hang. The issue with the python interpreter getting an exception
and reloading was caused by me calling tag_remove() with a None argument.

After figuring this out I decided to use the classes I wrote before I got
problems with IDA hanging etc. I fixed the problem by adding a check for if
ua_mnem() returns None in the Instruction-class I have defined.

It was easy to search for the code sequence that occured in the checks once
I had extracted the basic blocks and merged adjacent blocks separated with
jmp block2: ; l<junk> ; block2:. Now it's only a matter of using x86emu to
determine the value that is calculated in each block and set it explicitly
(assuming I've found all checks). Hmm, would be neat to integrate the
x86emu-plugin with IDAPython.. :)

Anyway, for those who like to play with it I've made it available at:

   https://sec.bitnux.com/idacls.py

-- 
Best Regards,
   Joel Eriksson
-------------------------------------------------
Cellphone: +46-70 228 64 16 Home: +46-18-30 35 55
Security Research & Systems Development at Bitnux
PGP Key Server pgp.mit.edu, PGP Key ID 0x08811B44
DF38 5806 0EFB 196E E4B6 34B5 4C01 73BB 0881 1B44
-------------------------------------------------