import idcimport idautilsimport idaapiFUNCTIONS_REGISTERS = {"g_log": "rcx",

1. import idc
2. import idautils
3. import idaapi
4.  
5. FUNCTIONS_REGISTERS = {"g_log": "rcx", "g_log_error": "rdx"}
6.  
7.  
8. def get_string_for_function(call_func_addr, register):
9. """
10. :param start_addr: The function call address
11. :return: the string offset name from the relevant register
12. """
13. cur_addr = call_func_addr
14. str_func = ""
15. start_addr = idc.GetFunctionAttr(cur_addr, idc.FUNCATTR_START)
16. cur_addr = idc.PrevHead(cur_addr)
17. # go through previous opcodes looking for assignment to the register
18. while cur_addr >= start_addr:
19. if idc.GetMnem(cur_addr)[:3] == "lea" and idc.GetOpnd(cur_addr, 0) == register:
20. str_func = idc.GetOpnd(cur_addr, 1)
21. return str_func
22. cur_addr = idc.PrevHead(cur_addr)
23. return str_func
24.  
25.  
26. def get_fixed_source_filename(addr):
27. """
28. :param addr: The address of the source filename string
29. :return: The fixed source filename's string
30. """
31. # replace " " or "/" with "_"
32. func_name = idc.GetString(idc.LocByName(addr)).replace("/", "_").replace(" ", "_")
33. func_name = "AutoFunc_" + func_name
34. # if the debug print is a path, delete the extension
35. if func_name.endswith(".c") or func_name.endswith(".h"):
36. func_name = func_name[:-2]
37. # you can add whatever you want here in order to have your preferred function name
38. return func_name
39.  
40. def is_function_name(cur_func_name):
41. """
42. :param cur_func_name: the current function name
43. :return: True/ False - depends if the name is the default name or auto-generated one,
44. Names that were chosen by the user will stay the same
45. """
46. if cur_func_name.startswith("AutoFunc_"):
47. return True
48. elif cur_func_name.startswith("sub_"):
49. return True
50. else:
51. return False
52.  
53.  
54. def search_function():
55. curr_addr = MinEA()
56. end = MaxEA()
57. current_func_name = ""
58. while curr_addr < end:
59. if curr_addr == idc.BADADDR:
60. break
61. elif idc.GetMnem(curr_addr) == 'call':
62. if idc.GetOpnd(curr_addr, 0) in FUNCTIONS_REGISTERS.keys():
63. func_name_addr= get_string_for_function(curr_addr,
64. FUNCTIONS_REGISTERS[idc.GetOpnd(curr_addr, 0)].lower())
65. if func_name_addr:
66. try:
67. function_start = idc.GetFunctionAttr(curr_addr, idc.FUNCATTR_START)
68. new_filename = get_fixed_source_filename(func_name_addr)
69. current_func_name = idc.GetFunctionName(function_start)
70. if is_function_name(current_func_name):
71. idaapi.set_name(function_start, new_filename, idaapi.SN_FORCE)
72. else:
73. print "Function:", current_func_name, "was not changed"
74. except:
75. print "failed at address " + hex(curr_addr), "function:", \
76. current_func_name, "call:", idc.GetOpnd(curr_addr, 0)
77. curr_addr = idc.NextHead(curr_addr)
78.  
79. search_function()