Your Only Decompiler API Lib - A generic API to script in and out of decompilers
Project description
YODALib
Your Only Decompiler API Library (YODALib)!
YODALib is an abstracted decompiler API that enables you to write plugins/scripts that work, with minimal edit, in every decompiler supported by YODALib.
Install
pip install -e .
Usage
YODALib exposes all decompiler API through the abstract class DecompilerInterface. The DecompilerInterface
can be used in either the default mode, which assumes a GUI, or headless mode. In headless mode, the interface will
start a new process using a specified decompiler.
UI Mode (default)
To use the same script everywhere, use the convenience function DecompilerInterface.discover_interface(), which will
auto find the correct interface. Copy the below code into any supported decompiler and it should run without edit.
from yodalib.api import DecompilerInterface
deci = DecompilerInterface.discover_interface()
for function in deci.functions:
if function.header.type == "void *":
function.header.type = "long long"
deci.functions[function.addr] = function
Headless Mode
To use headless mode you must specify a decompiler to use. You can get the traditional interface using the following:
from yodalib.api import DecompilerInterface
deci = DecompilerInterface.discover_interface(force_decompiler="ida", headless=True)
Artifact Access Caveats
In designing the dictionaries that contain all Artifacts in a decompiler, we had a clash between ease-of-use and speed.
When accessing some artifacts like a Function, we must decompile the function. Decompiling is slow. Due to this issue
we slightly changed how these dictionaries work to fast accessing.
The only way to access a full artifact is to use the getitem interface of a dictionary. In practice this
looks like the following:
for func_addr, light_func in deci.functions.items():
full_function = deci.function[func_addr]
Notice, when using the items function the function is light, meaning it does not contain stack vars and other
info. This also means using keys, values, or list on an artifact dictionary will have the same affect.
TODO
G/S: Getters/Setters
- Add all decompilers to auto-detect interface
ALL
- Move hook-inits to inside the
Interfacecreation for all decompilers?- This could cause issues. What happens when this is done twice?
IDA
- Change Callbacks
- G/S Comments
Binja
- Change Callbacks
Ghidra
- Generic Interface Outline & Stubs
- Every G/S
- Change Callbacks
angr
- Change Callbacks
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file yodalib-0.2.0.tar.gz.
File metadata
- Download URL: yodalib-0.2.0.tar.gz
- Upload date:
- Size: 57.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.9.18
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ee9ac34388c2079ebee1eadee4c88e7850454bc59042f8bf5b4e6a9ef894b99e |
|
| MD5 | c0eff4c95d22acb36d6932c8c61c1173 |
|
| BLAKE2b-256 | f23880c8e70eb65f682bf2f44448924cae67d2ba486889c00aabd6fb4631001c |
File details
Details for the file yodalib-0.2.0-py3-none-any.whl.
File metadata
- Download URL: yodalib-0.2.0-py3-none-any.whl
- Upload date:
- Size: 72.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.9.18
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a57b9ff625fdca8afc30221a848741031f4103a22f2db738da23342b79b30b45 |
|
| MD5 | 6476760740623cce82bbd0eb9d98d3a8 |
|
| BLAKE2b-256 | 0232323cfe1ba9919f7984e5d7350bc9bb29c99a6f34193aeedf2f9099996ad4 |
