implement routines to extract function signature

[williballenthin]

via @xedi25:

hm I think I basically I want the result of GetType/get_type, https://www.hex-rays.com/products/ida/support/idapython_docs/idc-module.html#get_type

in IDA Pro Python you can simply say: GetType(ea_addr) to get the C like prototype: GetType(ea) --> DWORD __stdcall(LPVOID lpThreadParameter)

I'm trying to replicate it with:

def get_prototype(self, db, ea):
       prototype = ""
       try:
           my_function = idb.analysis.Function(db, ea)
           sig = my_function.get_signature()

           args = ""
           for p in sig.parameters:
               args += '{} {}, '.format(p.type, http://p.name )

           if len(args) > 1:
               args = args[:-2]

           prototype = "{} {} {}({}):".format(sig.rtype, sig.calling_convention, my_function.get_name(), args)
       except:
           prototype = self.get_alternative_prototype(db, ea)  # don't need this one

       return prototype

[williballenthin]

information that we need:

• return type
• calling convention
• function name
• argument type
• argument name

[williballenthin]

here's what we have:

• idb.analysis.Function.get_signature()
  • return type*
  • calling convention**
  • argument type
  • argument name*
• idb.analysis.Function.get_name()
  • function name

with this info, we should be able to render a C-style function prototype.

*: i think not all types are supported, and not sure how structures are handled. needs work. #17. **: the current implementation is just a guess, and only stdcall is implemented. needs work. #18.

[williballenthin]

closed in 1e4975024b085c87bc17572762c87f63b8b71017

only supports basic __stdcall calling convention until i build some test binaries with other calling conventions and see how they are represented.