•  10-10-2019
  •  | 
  •  

Question

I am writing a script for the IDA Pro disassembler in Python using the idapython plugin. Using this, I am able to fill in the gaps where IDA's auto-analysis falls short.

One area that has me stumped is naming locations/functions with (for want of a better term) "pretty names". An example of what I mean is illustrated below:

IDA pretty names sample screenshot

idapython and IDA Pro itself only allow me to enter basic C-ish function names. If I enter disallowed symbols (e.g. the scope resolution operator), they're replaced with underscores. However, if I enter a mangled name by hand (e.g. __ZN9IOService15powerChangeDoneEm), IDA Pro will prettify this for me.

Hence my question: how can I generate mangled names to pass through idapython? Is there a name-mangling library available? Is one available in Python? Is my only hope to tear the mangling functionality out of g++ and work around that?

Was it helpful?

Solution

I finally got around to dig a little.

Unfortunately I could not find tool, I did find resources though.

If all you want is mangle names in the gcc3 fashion, then know that gcc3 use the Itanium C++ ABI, which has a standardized name mangling scheme. I found two documents:

For reference, both come from the Wikipedia page on Name Mangling.

OTHER TIPS

One simple (alebit hacky) method would be to compile a C++ file with the symbol you want in it, then extract the necessary symbols from the .o file's symbol table. With a bit of work this might be nicely scriptable.

Here is an article that explains how mangling is done by Visual compiler. For mangling done by gcc, I think you can find the information in the source of the binutils package.

You can use the Clang AST library, which has a MangleContext class.

http://clang.llvm.org/doxygen/classclang_1_1CodeGen_1_1MangleContext.html

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top