ghidra script for read script.py from Il2CppDumper

ildumper_script_reader.py

# -*- coding: utf-8 -*-
import ghidra.program.model.symbol.SourceType
import re

functionManager = currentProgram.getFunctionManager()
#minAddress = currentProgram.getMinAddress()
baseAddress = currentProgram.getImageBase()

USER_DEFINED = ghidra.program.model.symbol.SourceType.USER_DEFINED

index = 1

def _convert_arg_addr(arg):
    return baseAddress.add(int(arg, 0))

def _convert_arg_string(arg):
    if arg.startswith('r'):
        return arg[2:-1] # remove prefix 'r' and quote
    return arg[1:-1] # remove quote

def do_SetName(arg1, arg2):
    addr = _convert_arg_addr(arg1)
    name = _convert_arg_string(arg2)
    createLabel(addr, name, True, USER_DEFINED)

def do_idc_MakeComm(arg1, arg2):
    addr = _convert_arg_addr(arg1)
    text = _convert_arg_string(arg2)
    setEOLComment(addr, text)

def do_SetString(arg1, arg2):
    addr = _convert_arg_addr(arg1)
    text = _convert_arg_string(arg2)
    
    global index
    name = "StringLiteral_" + str(index);
    createLabel(addr, name, True, USER_DEFINED)
    setEOLComment(addr, text)
    index += 1

def do_MakeFunction(arg1, arg2):
    addr = _convert_arg_addr(arg1)
    addr2 = _convert_arg_addr(arg2)
    
    body = createAddressSet()
    body.addRange(addr, addr2.subtract(1))
    func = functionManager.getFunctionAt(addr)
    if func is None:
        try:
            #func = functionManager.createFunction(None, addr, body, USER_DEFINED)
            # many of MakeFunction body range is wrong. just use function entry point and let ghidra find the boundary
            func = createFunction(addr, None)
        except:
            pass
    else:
        oldBody = func.getBody()
        if not oldBody.hasSameAddresses(body):
            # no update body range info. info from dump script.py might be wrong
            #print('Function {} has different body address range'.format(func.getName(True)))
            pass


f = askFile("script.py from Il2cppdumper", "Open")
for line in file(f.absolutePath):
    match = re.search(r"^([\w+\.]+)\((\w+),\s*(.*)\)$", line)
    if match:
        name, arg1, arg2 = match.groups()
        res = globals()['do_'+name.replace('.', '_')](arg1, arg2)

Script is not working anymore with il2cppdumper newer than 4.6.0. With and without fix.

Traceback (most recent call last):
File "C:\Users\Marek\ghidra_scripts\ildumper_script_reader.py", line 68, in
res = globals()['do_'+name.replace('.', '_')](arg1, arg2)
KeyError: 'do_idc_set_cmt'

Traceback (most recent call last):
File "C:\Users\Marek\ghidra_scripts\ildumper_script_reader.py", line 68, in
res = globals()['do_'+name.replace('.', '_')](arg1, arg2.replace(' ', '-'))
KeyError: 'do_idc_set_cmt'

i am new to ghidra could you give few steps tutor how to load it to ghidra?

@masagrator that can be fixed by changing line 21:

def do_SetName(arg1, arg2):

to

def do_idc_set_cmt(arg1, arg2):

@masagrator that can be fixed by changing line 21:

def do_SetName(arg1, arg2):

to

def do_idc_set_cmt(arg1, arg2):

I did it and now I got error:

Traceback (most recent call last):
File "C:\Users\Marek\ghidra_scripts\ildumper_script_reader.py", line 68, in
res = globals()['do_'+name.replace('.', '_')](arg1, arg2.replace(' ', '-'))
KeyError: 'do_SetName'

I've managed to do it different way.

added

def do_idc_set_cmt(arg1, arg2):
return

https://gist.github.com/masagrator/f21a0bb7b882b509c34beba7d2258b5d

it's working with 5.0.4
SetName and idc.set_cmt are almost the same thing, just idc.set_cmt has sometimes additional line for I don't know what. :P

Two examples

SetName(0x3ECACE0, 'Class$List<MAUUIAnimation>')
idc.set_cmt(0x3ECACE0, r'List<MAUUIAnimation>', 1)

doing the same thing

SetName(0x3ED4B78, 'Method$ContextAttribute.IsContextOK()')
idc.set_cmt(0x3ED4B78, 'Method$ContextAttribute.IsContextOK()', 1)
idc.set_cmt(0x3ED4B78, '0xB7D9A0', 0)

first two are doing the same thing, third line is doing something extra