pyhidra icon indicating copy to clipboard operation
pyhidra copied to clipboard

Published 20 hours ago verified publisher icon dod-cyber-crime-center

Can't enable or disable specific analysers?

Open serek8 opened this issue 2 years ago • 2 comments

Hey, is there any way to set analysers? I am trying to set Options before calling analyzeAll but it doesn't work.

with pyhidra.open_program(filepath, analyze=False) as flat_api:
      program = flat_api.getCurrentProgram()
      program.getOptions(program.ANALYSIS_PROPERTIES).setBoolean("Aggressive Instruction Finder", True)
      flat_api.analyzeAll(program)

Apparently, it should be possible according to https://github.com/NationalSecurityAgency/ghidra/issues/2179 Thanks!

serek8 avatar Feb 24 '23 15:02 serek8

I have run into this before... the following code seems to work for me.

    def get_analysis_options(
        self,
        prog: "ghidra.program.model.listing.Program"
    ) -> dict:
        """
        Generate dict from program analysis options
        Inspired by: Ghidra/Features/Base/src/main/java/ghidra/app/script/GhidraScript.java#L1272
        """

        from ghidra.program.model.listing import Program

        prog_options = prog.getOptions(Program.ANALYSIS_PROPERTIES)
        options = {}

        for propName in prog_options.getOptionNames():
            options[propName] = prog_options.getValueAsString(propName)

        return options

    def set_analysis_option_bool(
        self,
        prog: "ghidra.program.model.listing.Program",
        option_name: str,
        value: bool
    ) -> None:
        """
        Set boolean program analysis options
        Inspired by: Ghidra/Features/Base/src/main/java/ghidra/app/script/GhidraScript.java#L1272
        """

        from ghidra.program.model.listing import Program

        prog_options = prog.getOptions(Program.ANALYSIS_PROPERTIES)

        prog_options.setBoolean(option_name, value)

The code you have looks OK. Try my get_analysis_options method to read out the options and see if your change has taken effect.

clearbluejar avatar Feb 24 '23 23:02 clearbluejar

Thanks @clearbluejar for a quick answer!

get_analysis_options gives me updated values but the analysis doesn't disassemble all the instructions. E.g. when I use flat_api.getInstructionContaining(flat_api.toAddr("0x100006114")) on a valid opcode, None is returned. If I set Aggressive Instruction Finder manually in Ghidra window and use this command in the Python window, it works fine.

Maybe I should use something else than flat_api.analyzeAll(program)? Maybe analyzeAll discards the custom options?

serek8 avatar Mar 07 '23 08:03 serek8