rename.py

import idaapi
import idautils
import idc
import ida_hexrays

def mod_sig(ea):
	tinfo = idaapi.tinfo_t()
	ida_typeinf.guess_tinfo(tinfo, ea)
	funcdet = idaapi.func_type_data_t()
	tinfo.get_func_details(funcdet)
	tinfo1 = idaapi.tinfo_t()
	idaapi.parse_decl(tinfo1, idaapi.get_idati(), 'struct COpenSSL *a1;', 0)
	# print(tinfo1)
	param = idaapi.funcarg_t()
	param.type = tinfo1
	param.name = 'a1'
	arg1 = idaapi.argloc_t()
	param.argloc = arg1
	if funcdet.size():
		funcdet[0] = param
	else:
		funcdet.push_back(param)
	functinfo = idaapi.tinfo_t()
	functinfo.create_func(funcdet)
	idaapi.apply_tinfo(ea, functinfo, idaapi.TINFO_DEFINITE)

def rename_func(ea):
	dec = str(ida_hexrays.decompile(ea))
	funcline = [l for l in dec.split() if '->' in l and 'pad' not in l][0]
	funcname = funcline.split('->')[1].split(';')[0]
	newname = idc.get_name(ea).replace('sub', funcname)
	idaapi.set_name(ea, newname, 1)

d = 0
regs = ['rax', 'rbx', 'rcx', 'rdx', 'rsi', 'rdi', 'rbp', 'rsp', 'r8', 'r9', 'r10', 'r11', 'r12', 'r13', 'r14', 'r15']
for ea in idautils.Functions():
	func = idaapi.get_func(ea)
	flow = idaapi.FlowChart(func)
	if flow.size == 4:
		first = 0
		if 'sub' not in idc.get_name(ea):
			continue
		# print(idc.get_name(ea))
		for idx, bb in enumerate(flow):
			if idx == 0:
				first = bb
			bbend = idc.prev_head(bb.end_ea)
			mnem = idc.print_insn_mnem(bbend)
			op1 = idc.print_operand(bbend, 0)
			if mnem == 'call' and op1 in regs:
				inst = first.start_ea
				while inst != first.end_ea:
					mnem_t = idc.print_insn_mnem(inst)
					op1_t = idc.print_operand(inst, 0)
					if '[rcx+8]' in op1_t and mnem_t == 'test':
						try:
							mod_sig(ea)
							rename_func(ea)
						except:
							pass
						print(idc.get_name(ea))
						break
					inst = idc.next_head(inst)

	if d:
		break