package ghidra.app.plugin.core.string.variadic;

import ghidra.app.decompiler.DecompInterface;
import ghidra.app.decompiler.DecompileOptions;
import ghidra.app.decompiler.DecompileResults;
import ghidra.app.decompiler.parallel.DecompileConfigurer;
import ghidra.app.decompiler.parallel.DecompilerCallback;
import ghidra.app.decompiler.parallel.ParallelDecompiler;
import ghidra.app.services.AbstractAnalyzer;
import ghidra.app.services.AnalysisPriority;
import ghidra.app.services.AnalyzerType;
import ghidra.app.util.importer.MessageLog;
import ghidra.framework.options.Options;
import ghidra.program.model.address.Address;
import ghidra.program.model.address.AddressSetView;
import ghidra.program.model.data.CharDataType;
import ghidra.program.model.data.DataType;
import ghidra.program.model.data.FunctionDefinitionDataType;
import ghidra.program.model.data.ParameterDefinition;
import ghidra.program.model.data.ParameterDefinitionImpl;
import ghidra.program.model.data.Pointer;
import ghidra.program.model.data.TypeDef;
import ghidra.program.model.data.WideChar16DataType;
import ghidra.program.model.data.WideChar32DataType;
import ghidra.program.model.data.WideCharDataType;
import ghidra.program.model.listing.Data;
import ghidra.program.model.listing.Function;
import ghidra.program.model.listing.FunctionSignature;
import ghidra.program.model.listing.Program;
import ghidra.program.model.pcode.HighFunctionDBUtil;
import ghidra.program.model.pcode.PcodeOpAST;
import ghidra.program.util.DefinedDataIterator;
import ghidra.util.Msg;
import ghidra.util.exception.CancelledException;
import ghidra.util.exception.InvalidInputException;
import ghidra.util.task.TaskMonitor;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.collections4.IteratorUtils;

/* loaded from: input_file:ghidra/app/plugin/core/string/variadic/FormatStringAnalyzer.class */
public class FormatStringAnalyzer extends AbstractAnalyzer {
    private static final String NAME = "Variadic Function Signature Override";
    private static final String DESCRIPTION = "Detects variadic function calls in the bodies of each function that intersect the current selection and parses their format string arguments to infer the correct signatures. Currently, this analyzer only supports printf, scanf, and their variants (e.g., snprintf, fscanf). If the current selection is empty, it searches through every function. Once the correct signatures are inferred, they are overridden.";
    private static final boolean OPTION_DEFAULT_CREATE_BOOKMARKS_ENABLED = false;
    private static final String OPTION_NAME_CREATE_BOOKMARKS = "Create Analysis Bookmarks";
    private static final String OPTION_DESCRIPTION_CREATE_BOOKMARKS = "Select this check box if you want this analyzer to create analysis bookmarks when items of interest are created/identified by the analyzer.";
    private boolean createBookmarksEnabled;
    private Program currentProgram;
    private FormatStringParser parser;
    private static final String INPUT_FUNCTION_SUBSTRING = "scanf";
    private static final String[] VARIADIC_SUBSTRINGS = {"printf", INPUT_FUNCTION_SUBSTRING};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ghidra/app/plugin/core/string/variadic/FormatStringAnalyzer$VariadicSignatureDecompileConfigurer.class */
    public class VariadicSignatureDecompileConfigurer implements DecompileConfigurer {
        private VariadicSignatureDecompileConfigurer() {
        }

        @Override // ghidra.app.decompiler.parallel.DecompileConfigurer
        public void configure(DecompInterface decompInterface) {
            decompInterface.toggleCCode(false);
            decompInterface.toggleSyntaxTree(true);
            decompInterface.openProgram(FormatStringAnalyzer.this.currentProgram);
            decompInterface.setSimplificationStyle("normalize");
            DecompileOptions decompileOptions = new DecompileOptions();
            decompileOptions.grabFromProgram(FormatStringAnalyzer.this.currentProgram);
            decompInterface.setOptions(decompileOptions);
        }
    }

    public FormatStringAnalyzer() {
        super(NAME, DESCRIPTION, AnalyzerType.FUNCTION_SIGNATURES_ANALYZER);
        this.createBookmarksEnabled = false;
        this.currentProgram = null;
        setSupportsOneTimeAnalysis();
        setPriority(AnalysisPriority.LOW_PRIORITY);
        setDefaultEnablement(false);
        setPrototype();
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public boolean canAnalyze(Program program) {
        return true;
    }

    private synchronized FormatStringParser getParser() {
        if (this.parser == null) {
            this.parser = new FormatStringParser(this.currentProgram);
        }
        return this.parser;
    }

    private synchronized void disposeParser() {
        this.parser = null;
    }

    @Override // ghidra.app.services.Analyzer
    public boolean added(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor, MessageLog messageLog) {
        this.currentProgram = program;
        try {
            run(addressSetView, taskMonitor);
            disposeParser();
            return true;
        } catch (CancelledException e) {
            disposeParser();
            return true;
        } catch (Throwable th) {
            disposeParser();
            throw th;
        }
    }

    private void run(AddressSetView addressSetView, TaskMonitor taskMonitor) throws CancelledException {
        DefinedDataIterator definedStrings = DefinedDataIterator.definedStrings(this.currentProgram);
        HashMap hashMap = new HashMap();
        Iterator<Data> it = definedStrings.iterator();
        while (it.hasNext()) {
            Data next = it.next();
            if (next.getDefaultValueRepresentation().contains("%")) {
                hashMap.put(next.getAddress(), next);
            }
            taskMonitor.checkCancelled();
        }
        Iterator chainedIterator = IteratorUtils.chainedIterator(this.currentProgram.getListing().getFunctions(true), this.currentProgram.getListing().getExternalFunctions());
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        for (Function function : IteratorUtils.asIterable(chainedIterator)) {
            String strip = function.getName().strip();
            if (usesVariadicFormatString(function)) {
                String[] strArr = VARIADIC_SUBSTRINGS;
                int length = strArr.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (strip.contains(strArr[i])) {
                        hashSet2.add(strip);
                        hashMap2.put(strip, getParameters(function));
                        hashMap3.put(strip, function.getReturnType());
                        break;
                    }
                    i++;
                }
            }
            taskMonitor.checkCancelled();
        }
        Iterator<Function> functionsOverlapping = addressSetView != null ? this.currentProgram.getFunctionManager().getFunctionsOverlapping(addressSetView) : this.currentProgram.getFunctionManager().getFunctionsNoStubs(true);
        while (functionsOverlapping.hasNext()) {
            Function next2 = functionsOverlapping.next();
            Iterator<Function> it2 = next2.getCalledFunctions(taskMonitor).iterator();
            while (true) {
                if (it2.hasNext()) {
                    if (hashMap2.containsKey(it2.next().getName())) {
                        hashSet.add(next2);
                        break;
                    }
                } else {
                    break;
                }
            }
            taskMonitor.checkCancelled();
        }
        decompile(this.currentProgram, taskMonitor, hashMap, hashSet2, hashMap2, hashMap3, hashSet);
    }

    private void decompile(Program program, TaskMonitor taskMonitor, Map<Address, Data> map, Set<String> set, Map<String, List<DataType>> map2, Map<String, DataType> map3, Set<Function> set2) {
        DecompilerCallback<Void> initDecompilerCallback = initDecompilerCallback(program, map, set, map2, map3);
        if (set2.isEmpty()) {
            Msg.info(this, "No functions detected that make variadic function calls with format strings containing format specifiers");
            return;
        }
        try {
            try {
                ParallelDecompiler.decompileFunctions(initDecompilerCallback, set2, taskMonitor);
                initDecompilerCallback.dispose();
            } catch (Exception e) {
                Msg.error(this, "Error: could not decompile functions with ParallelDecompiler", e);
                initDecompilerCallback.dispose();
            }
        } catch (Throwable th) {
            initDecompilerCallback.dispose();
            throw th;
        }
    }

    private DecompilerCallback<Void> initDecompilerCallback(final Program program, final Map<Address, Data> map, final Set<String> set, final Map<String, List<DataType>> map2, final Map<String, DataType> map3) {
        return new DecompilerCallback<Void>(program, new VariadicSignatureDecompileConfigurer()) { // from class: ghidra.app.plugin.core.string.variadic.FormatStringAnalyzer.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // ghidra.app.decompiler.parallel.DecompilerCallback
            public Void process(DecompileResults decompileResults, TaskMonitor taskMonitor) throws Exception {
                if (decompileResults == null) {
                    return null;
                }
                Function function = decompileResults.getFunction();
                PcodeFunctionParser pcodeFunctionParser = new PcodeFunctionParser(program);
                if (decompileResults.getHighFunction() == null || decompileResults.getHighFunction().getPcodeOps() == null) {
                    return null;
                }
                Iterator<PcodeOpAST> pcodeOps = decompileResults.getHighFunction().getPcodeOps();
                ArrayList arrayList = new ArrayList();
                if (decompileResults.getHighFunction() != null && pcodeOps != null) {
                    while (pcodeOps.hasNext()) {
                        arrayList.add(pcodeOps.next());
                    }
                }
                List<FunctionCallData> parseFunctionForCallData = pcodeFunctionParser.parseFunctionForCallData(arrayList, map, set);
                if (parseFunctionForCallData != null && parseFunctionForCallData.size() > 0) {
                    FormatStringAnalyzer.this.overrideCallList(program, function, parseFunctionForCallData, map2, map3);
                }
                taskMonitor.checkCancelled();
                return null;
            }
        };
    }

    private List<DataType> getParameters(Function function) {
        ArrayList arrayList = new ArrayList();
        for (ParameterDefinition parameterDefinition : function.getSignature().getArguments()) {
            arrayList.add(parameterDefinition.getDataType());
        }
        return arrayList;
    }

    private boolean usesVariadicFormatString(Function function) {
        int parameterCount = function.getParameterCount();
        return function.hasVarArgs() && parameterCount > 0 && isCharPointer(function.getParameters()[parameterCount - 1].getDataType());
    }

    private boolean isCharPointer(DataType dataType) {
        if (dataType instanceof TypeDef) {
            dataType = ((TypeDef) dataType).getBaseDataType();
        }
        if (!(dataType instanceof Pointer)) {
            return false;
        }
        DataType dataType2 = ((Pointer) dataType).getDataType();
        return (dataType2 instanceof CharDataType) || (dataType2 instanceof WideCharDataType) || (dataType2 instanceof WideChar16DataType) || (dataType2 instanceof WideChar32DataType);
    }

    private ParameterDefinition[] parseParameters(Function function, Address address, String str, String str2, Map<String, List<DataType>> map) {
        Program program = function.getProgram();
        FormatStringParser parser = getParser();
        boolean z = !str.contains(INPUT_FUNCTION_SUBSTRING);
        List<FormatArgument> convertToFormatArgumentList = parser.convertToFormatArgumentList(str2, z);
        DataType[] convertToOutputDataTypes = z ? parser.convertToOutputDataTypes(convertToFormatArgumentList) : parser.convertToInputDataTypes(convertToFormatArgumentList);
        if (convertToOutputDataTypes != null) {
            return createParameters(str, convertToOutputDataTypes, program, map);
        }
        this.currentProgram.getBookmarkManager().setBookmark(address, "Analysis", "Unrecognized format string", "Format string could not be parsed: " + str2);
        return null;
    }

    private ParameterDefinition[] createParameters(String str, DataType[] dataTypeArr, Program program, Map<String, List<DataType>> map) {
        List<DataType> list = map.get(str);
        int size = list.size() + dataTypeArr.length;
        if (size == 0) {
            return null;
        }
        ParameterDefinition[] parameterDefinitionArr = new ParameterDefinition[size];
        for (int i = 0; i < size; i++) {
            if (i < list.size()) {
                parameterDefinitionArr[i] = new ParameterDefinitionImpl("param" + i, list.get(i), "");
            } else {
                parameterDefinitionArr[i] = new ParameterDefinitionImpl("param" + i, dataTypeArr[i - list.size()], "");
            }
        }
        return parameterDefinitionArr;
    }

    private FunctionSignature initSignature(Function function, Address address, String str, String str2, Map<String, List<DataType>> map, Map<String, DataType> map2) {
        ParameterDefinition[] parseParameters = parseParameters(function, address, str, str2, map);
        if (parseParameters == null || parseParameters.length == 0) {
            return null;
        }
        FunctionDefinitionDataType functionDefinitionDataType = new FunctionDefinitionDataType(str);
        functionDefinitionDataType.setArguments(parseParameters);
        functionDefinitionDataType.setReturnType(map2.get(str));
        return functionDefinitionDataType;
    }

    private void overrideCallList(Program program, Function function, List<FunctionCallData> list, Map<String, List<DataType>> map, Map<String, DataType> map2) {
        if (function == null || list == null) {
            return;
        }
        for (FunctionCallData functionCallData : list) {
            overrideFunctionCall(program, function, functionCallData.getAddressOfCall(), functionCallData.getCallFuncName(), functionCallData.getFormatString(), map, map2);
        }
    }

    private void overrideFunctionCall(Program program, Function function, Address address, String str, String str2, Map<String, List<DataType>> map, Map<String, DataType> map2) {
        FunctionSignature initSignature;
        if (str2 == null || (initSignature = initSignature(function, address, str, str2, map, map2)) == null || function == null || address == null) {
            return;
        }
        try {
            if (this.createBookmarksEnabled) {
                program.getBookmarkManager().setBookmark(address, "Analysis", "Function Signature Override", "Override for call to function " + str);
            }
            HighFunctionDBUtil.writeOverride(function, address, initSignature);
        } catch (InvalidInputException e) {
            Msg.warn(this, "Error applying override to " + address.toString() + ": " + e.getMessage());
        }
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public boolean removed(Program program, AddressSetView addressSetView, TaskMonitor taskMonitor, MessageLog messageLog) throws CancelledException {
        return false;
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public void registerOptions(Options options, Program program) {
        options.registerOption("Create Analysis Bookmarks", Boolean.valueOf(this.createBookmarksEnabled), null, OPTION_DESCRIPTION_CREATE_BOOKMARKS);
    }

    @Override // ghidra.app.services.AbstractAnalyzer, ghidra.app.services.Analyzer
    public void optionsChanged(Options options, Program program) {
        this.createBookmarksEnabled = options.getBoolean("Create Analysis Bookmarks", this.createBookmarksEnabled);
    }
}
