package ghidra.app.plugin.prototype.MicrosoftCodeAnalyzerPlugin;

import ghidra.app.cmd.comments.SetCommentCmd;
import ghidra.app.cmd.data.CreateDataCmd;
import ghidra.app.services.AbstractAnalyzer;
import ghidra.app.services.AnalysisPriority;
import ghidra.app.services.AnalyzerType;
import ghidra.app.util.importer.MessageLog;
import ghidra.program.model.address.Address;
import ghidra.program.model.address.AddressIterator;
import ghidra.program.model.address.AddressSet;
import ghidra.program.model.address.AddressSetView;
import ghidra.program.model.data.DataType;
import ghidra.program.model.data.Undefined;
import ghidra.program.model.listing.CodeUnit;
import ghidra.program.model.listing.CodeUnitIterator;
import ghidra.program.model.listing.Data;
import ghidra.program.model.listing.Function;
import ghidra.program.model.listing.FunctionManager;
import ghidra.program.model.listing.Instruction;
import ghidra.program.model.listing.Listing;
import ghidra.program.model.listing.Parameter;
import ghidra.program.model.listing.Program;
import ghidra.program.model.symbol.Reference;
import ghidra.program.model.symbol.ReferenceManager;
import ghidra.program.model.symbol.SourceType;
import ghidra.program.model.symbol.Symbol;
import ghidra.program.model.symbol.SymbolTable;
import ghidra.program.model.symbol.SymbolType;
import ghidra.util.Msg;
import ghidra.util.exception.CancelledException;
import ghidra.util.exception.InvalidInputException;
import ghidra.util.task.TaskMonitor;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:ghidra/app/plugin/prototype/MicrosoftCodeAnalyzerPlugin/PropagateExternalParametersAnalyzer.class */
public class PropagateExternalParametersAnalyzer extends AbstractAnalyzer {
    private static final String NAME = "WindowsPE x86 Propagate External Parameters";
    private static final String DESCRIPTION = "This analyzer uses external Windows function call parameter information to populate comments next to pushed parameters. In some cases, data is labeled and commented as well";
    private List<PushedParamInfo> results;
    private Program currentProgram;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ghidra/app/plugin/prototype/MicrosoftCodeAnalyzerPlugin/PropagateExternalParametersAnalyzer$PushedParamInfo.class */
    public class PushedParamInfo {
        private String name;
        private DataType dataType;
        private Address addr;
        private String calledFunctionName;

        PushedParamInfo(PropagateExternalParametersAnalyzer propagateExternalParametersAnalyzer, String str, DataType dataType, Address address, String str2) {
            this.name = str;
            this.dataType = dataType;
            this.addr = address;
            this.calledFunctionName = str2;
        }

        String getName() {
            return this.name;
        }

        DataType getDataType() {
            return this.dataType;
        }

        Address getAddress() {
            return this.addr;
        }

        String getCalledFunctionName() {
            return this.calledFunctionName;
        }
    }

    public PropagateExternalParametersAnalyzer() {
        super(NAME, DESCRIPTION, AnalyzerType.BYTE_ANALYZER);
        this.results = new ArrayList();
        setSupportsOneTimeAnalysis();
        setPriority(AnalysisPriority.DATA_TYPE_PROPOGATION.after().after().after().after().after());
    }

    private void processExternalFunction(Listing listing, ReferenceManager referenceManager, Reference[] referenceArr, Function function, Parameter[] parameterArr) {
        String name = function.getName();
        for (Reference reference : referenceArr) {
            Address fromAddress = reference.getFromAddress();
            Function functionContaining = listing.getFunctionContaining(fromAddress);
            if (functionContaining != null) {
                String mnemonicString = listing.getCodeUnitAt(fromAddress).getMnemonicString();
                if (mnemonicString.equals("JMP") && functionContaining.isThunk()) {
                    processThunkReference(listing, referenceManager, function, parameterArr, functionContaining);
                } else if (mnemonicString.equals("CALL") && hasEnoughPushes(getCodeUnitsFromFunctionStartToRef(functionContaining, fromAddress), parameterArr.length)) {
                    propogateParams(parameterArr, getCodeUnitsFromFunctionStartToRef(functionContaining, fromAddress), name);
                }
            }
        }
    }

    private void processThunkReference(Listing listing, ReferenceManager referenceManager, Function function, Parameter[] parameterArr, Function function2) {
        Iterator<Reference> it = referenceManager.getReferencesTo(function2.getEntryPoint()).iterator();
        while (it.hasNext()) {
            Address fromAddress = it.next().getFromAddress();
            Function functionContaining = listing.getFunctionContaining(fromAddress);
            if (functionContaining != null && listing.getCodeUnitAt(fromAddress).getMnemonicString().equals("CALL") && hasEnoughPushes(getCodeUnitsFromFunctionStartToRef(functionContaining, fromAddress), parameterArr.length)) {
                propogateParams(parameterArr, getCodeUnitsFromFunctionStartToRef(functionContaining, fromAddress), function.getName());
            }
        }
    }

    private int numParams(CodeUnit codeUnit) {
        Reference[] referencesFrom = codeUnit.getReferencesFrom();
        if (referencesFrom.length == 0) {
            return 0;
        }
        Function referencedFunction = this.currentProgram.getFunctionManager().getReferencedFunction(referencesFrom[0].getToAddress());
        if (referencedFunction != null) {
            return referencedFunction.getParameters().length;
        }
        return 0;
    }

    private CodeUnitIterator getCodeUnitsFromFunctionStartToRef(Function function, Address address) {
        if (function == null) {
            return null;
        }
        Listing listing = this.currentProgram.getListing();
        AddressIterator addresses = function.getBody().getAddresses(listing.getCodeUnitBefore(listing.getCodeUnitAt(address).getMinAddress()).getMinAddress(), false);
        AddressSet addressSet = new AddressSet();
        while (addresses.hasNext()) {
            Address next = addresses.next();
            addressSet.addRange(next, next);
        }
        return listing.getCodeUnits((AddressSetView) addressSet, false);
    }

    private boolean hasEnoughPushes(CodeUnitIterator codeUnitIterator, int i) {
        if (codeUnitIterator == null) {
            return false;
        }
        int i2 = 0;
        int i3 = 0;
        while (codeUnitIterator.hasNext() && i2 < i) {
            CodeUnit next = codeUnitIterator.next();
            if (i3 > 0) {
                i3--;
            } else if (next.getMnemonicString().equals("CALL")) {
                i += numParams(next);
            } else if (next.getMnemonicString().equals("PUSH")) {
                i2++;
            }
        }
        return i2 >= i;
    }

    private void propogateParams(Parameter[] parameterArr, CodeUnitIterator codeUnitIterator, String str) {
        int i = 0;
        int i2 = 0;
        while (codeUnitIterator.hasNext() && i < parameterArr.length) {
            CodeUnit next = codeUnitIterator.next();
            boolean z = next.getLabel() != null;
            if (next.getMnemonicString().equals("CALL")) {
                i2 += numParams(next);
            } else if (next.getMnemonicString().equals("PUSH")) {
                if (i2 > 0) {
                    i2--;
                } else {
                    Parameter parameter = parameterArr[i];
                    DataType dataType = parameter.getDataType();
                    String name = parameter.getName();
                    new SetCommentCmd(next.getAddress(), 0, dataType.getDisplayName() + " " + name + " for " + str).applyTo(this.currentProgram);
                    addResult(name, dataType, next.getMinAddress(), str);
                    i++;
                }
            }
            if (z) {
                return;
            }
        }
    }

    private void addResult(String str, DataType dataType, Address address, String str2) {
        this.results.add(new PushedParamInfo(this, str, dataType, address, str2));
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public boolean canAnalyze(Program program) {
        return PEUtil.canAnalyze(program);
    }

    @Override // ghidra.app.services.Analyzer
    public boolean added(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor, MessageLog messageLog) throws CancelledException {
        Address referencedAddress;
        this.currentProgram = program;
        Listing listing = program.getListing();
        FunctionManager functionManager = program.getFunctionManager();
        ReferenceManager referenceManager = program.getReferenceManager();
        SymbolTable symbolTable = program.getSymbolTable();
        for (Symbol symbol : symbolTable.getExternalSymbols()) {
            if (symbol.getSymbolType() == SymbolType.FUNCTION) {
                Function functionAt = functionManager.getFunctionAt(symbol.getAddress());
                Parameter[] parameters = functionAt.getParameters();
                if (parameters.length != 0) {
                    processExternalFunction(listing, referenceManager, symbol.getReferences(), functionAt, parameters);
                }
            }
        }
        Msg.trace(this, "Processing propagation results - count: " + this.results.size());
        for (int i = 0; i < this.results.size(); i++) {
            PushedParamInfo pushedParamInfo = this.results.get(i);
            Address address = pushedParamInfo.getAddress();
            Instruction instructionAt = listing.getInstructionAt(address);
            if (instructionAt.getOperandRefType(0).isData() && isAddressReferenceOperand(instructionAt.getOperandType(0)) && (referencedAddress = getReferencedAddress(address)) != null) {
                String name = pushedParamInfo.getName();
                addSymbol(symbolTable, referencedAddress, name + "_" + referencedAddress.toString());
                String str = name + " parameter of " + pushedParamInfo.getCalledFunctionName();
                Msg.trace(this, "External Function Call at " + String.valueOf(address) + " : " + str + " at " + referencedAddress.toString());
                createComment(referencedAddress, str + "\n", pushedParamInfo);
                clearUndefinedDataType(referencedAddress, taskMonitor);
                createData(pushedParamInfo, referencedAddress);
            }
        }
        return true;
    }

    private void createComment(Address address, String str, PushedParamInfo pushedParamInfo) {
        String comment = this.currentProgram.getListing().getComment(3, address);
        if (comment == null) {
            new SetCommentCmd(address, 3, str).applyTo(this.currentProgram);
        } else {
            if (comment.contains(pushedParamInfo.getCalledFunctionName())) {
                return;
            }
            new SetCommentCmd(address, 3, comment + "\n" + str).applyTo(this.currentProgram);
        }
    }

    private void createData(PushedParamInfo pushedParamInfo, Address address) {
        Listing listing = this.currentProgram.getListing();
        DataType dataType = pushedParamInfo.getDataType();
        if (listing.isUndefined(address, address.add(dataType.getLength() - 1))) {
            CreateDataCmd createDataCmd = new CreateDataCmd(address, dataType);
            if (createDataCmd.applyTo(this.currentProgram)) {
                return;
            }
            Msg.error(this, "Error making data: " + createDataCmd.getStatusMsg());
        }
    }

    private void clearUndefinedDataType(Address address, TaskMonitor taskMonitor) throws CancelledException {
        Listing listing = this.currentProgram.getListing();
        Data definedDataAt = listing.getDefinedDataAt(address);
        if (definedDataAt != null && Undefined.isUndefined(definedDataAt.getDataType())) {
            listing.clearCodeUnits(address, address, false, taskMonitor);
        }
    }

    private void addSymbol(SymbolTable symbolTable, Address address, String str) {
        Data definedDataAt = this.currentProgram.getListing().getDefinedDataAt(address);
        if (definedDataAt == null || !definedDataAt.hasStringValue()) {
            try {
                symbolTable.createLabel(address, str, SourceType.USER_DEFINED).setPrimary();
            } catch (InvalidInputException e) {
                Msg.trace(this, "Unexpected exception", e);
            }
        }
    }

    private Address getReferencedAddress(Address address) {
        Reference[] operandReferences = this.currentProgram.getListing().getCodeUnitAt(address).getOperandReferences(0);
        if (operandReferences.length <= 0 || !operandReferences[0].isMemoryReference()) {
            return null;
        }
        return operandReferences[0].getToAddress();
    }

    private boolean isAddressReferenceOperand(int i) {
        if ((i & 8192) == 0) {
            return false;
        }
        return ((i & 128) == 0 && (i & 16384) == 0 && (i & 4194304) == 0) ? false : true;
    }
}
