首页
论坛
课程
招聘
[原创]Qt5--相对qt4的改动以及通过信号查找槽函数的方法
2021-3-7 00:26 2310

[原创]Qt5--相对qt4的改动以及通过信号查找槽函数的方法

2021-3-7 00:26
2310
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
关于Qt的槽函数与信号的组织逻辑可以参考站内文章“QT内部机制及逆向”和https://blog.51cto.com/9291927/2070398。珠玉在前,我做的只是锦上添花
QT中最重要的结构莫过于QMetaObject和QObjectPrivate。前者保存了一个QObject的所有函数名,参数名,参数类型以及属性。后者是查找槽函数的重要途径。
一个简单的类作为测试
class MainWindow : public QObject
{
Q_OBJECT
private:
    int value;
public:
    explicit MainWindow();
    ~MainWindow();
signals:
    int Value();
 
public slots:
    void ChangeValue(int value){
       this->value=value;
    }
 
 
};
 
 
Qt官方的源码中有一个重要的函数metaObject为我们提供了查找QMetaObject的途径。
virtual const QMetaObject *metaObject() const;
metaObject是一个虚函数,存在于QObject虚函数表的第一项,通过他,就可以查找到QMetaObject的地址。
QMetaObject在内存中的结构为
    struct { // private data
    const QMetaObject *superdata;
    const char *stringdata;
    const uint *data;
    const QMetaObject **extradata;
} ;
const QMetaObject MainWindow::staticMetaObject = {
{ &QObject::staticMetaObject,         qt_meta_stringdata_MainWindow.data,
  qt_meta_data_MainWindow,  qt_static_metacall, nullptr, nullptr}
};
 
superdata是指向父类的QMetaObject的指针,stringdata为字面元数据,data保存着关于函数及参数个数,属性等信息。extradata被填充为qt_static_metacall,qt的所有信号通过activate路由到这里,并找到对应的槽函数执行。
qt5相对qt4有一点点小改动具体在QMetaObject的QMetaObject.stringdata中。由原来static const char qt_meta_stringdata_MainWindow [] = {
"MainWindow\0SetValue\0\ChangeValue"
};
变为了
struct qt_meta_stringdata_MainWindow_t {
QByteArrayData data[4];
char stringdata0[33];
};
 
static const qt_meta_stringdata_MainWindow_t          static const qt_meta_stringdata_MainWindow_t qt_meta_stringdata_MainWindow = {
{
QT_MOC_LITERAL(0, 0, 10), // "MainWindow"
QT_MOC_LITERAL(1, 11, 5), // "Value"
QT_MOC_LITERAL(2, 17, 0), // ""
QT_MOC_LITERAL(3, 18, 11), // "ChangeValue"
QT_MOC_LITERAL(4, 30, 5) // "value"
 
    },
"MainWindow\0Value\0\0ChangeValue\0value"
};
   不讨论源码,直接看在内存中的存储方式

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
接下来发挥我们出色的数学能力, 0x404100+0x50=0x404150,刚好是QMetaObject.stringdata.stringdata0第一项的起始地址。那么QMetaObject.stringdata.data结构就可以表示为。
struct QMetaStringDataContent {
dword sep;        //分隔符0xFFFFFFF
dword len;        //字符串的长度
dword fill;        //填充为0
dword offset;    //这里的偏移是相对当前项起始地址的偏移
};
有了索引函数名的方法,那么如何分清楚槽和信号呢?大家有没有注意到QMetaObject.stringdata中有一个填充为0的项。
qt_meta_stringdata_MainWindow = {
{
QT_MOC_LITERAL(0, 0, 10), // "MainWindow"
QT_MOC_LITERAL(1, 11, 5), // "Value"
QT_MOC_LITERAL(2, 17, 0), // ""
QT_MOC_LITERAL(3, 18, 11), // "ChangeValue"
QT_MOC_LITERAL(4, 30, 5) // "value"
 
    },
这就是分割信号和槽的关键。分割项的上面为信号,下面为槽,不过也不绝对,更可靠的方法是根据data结构中的signalCount来计算。然而在QMetaObject.stringdata中还保存着函数参数名干扰视线。那么如何分清楚参数名,接下来看data结构。data分为两个部分第一部分为目录也就是QMetaObjectPrivate。
 
   static const uint qt_meta_data_MainWindow[] = {
 
 // content:
   7,       // revision
   0,       // classname
   0,    0, // classinfo
   2,   14, // 函数个数,函数偏移
   0,    0, // properties
   0,    0, // enums/sets
   0,    0, // constructors
   0,       // flags
   1,       // signalCount
 
 // signals: name, argc, parameters, tag, flags
   1,    0,   24,    2, 0x06 /* Public */,
 
 // slots: name, argc, parameters, tag, flags
   3,    1,   25,    2, 0x0a /* Public */,
 
 // signals: parameters
QMetaType::Int,
 
 // slots: parameters
QMetaType::Void, QMetaType::Int,    4,
 
   0        // eod
};
中间有两个被我标注的数据,其中函数个数为2,函数偏移为14大家可以数一数,从第一项到signalCount正好14项,下面被注释为signal和slot的项,为函数签名,其中包含两个重要信息,name(函数名的索引),argc参数大小.
 
而name为QMetaObject.stringdata.data的索引,可以看到name并不是连续的中间正好可以放一个argc的大小。并且与QMetaObject.stringdata.data中的存储方式正好相同。
那么可以通过name索引QMetaObject.stringdata.data来分别查找函数名,通过signalCount来界定信号和槽,同过QMetaObject.stringdata.data的第一项是否为0xFFFFFFFF来界定QMetaObject.stringdata.data大小,而QMetaObject.stringdata.stringdata0的第一项为类名称。通过在是否存在QMetaObject.data的函数签名,判断函数名和参数名.
 
 
到此我们已经查找到了函数名以及参数,接下来就是索引槽函数了。
qt因为松耦合的关系导致非常难以找到槽函数。qt通过QObjectPrivate中的ConnectionList来保存对应的槽函数,可以有多个槽函数,这些槽函数通过链表存储,通过信号索引ConnectionList。如此这个链表就形成了一张极其庞大的网,横向是信号,纵向是连接的槽.

1
那么先要找到QObjectPrivate.在x32dbg查找函数的时候我意外发现了一个导出函数。

1
这是一个静态函数,他被导出真的是意外之喜。通过这个函数我们可以查找到QObjectPrivate也就可以找到connectList。QObjectPrivate是QObject的私有成员,也就是说先得找到QObject。结合类在内存中的布局方式我们可以断定,我们可以直接把MainWindow传给QobjectPrivate::get.因为有些程序 x32dbg并没有解码QobjectPrivate::get的签名,所以我决定自己索引QobjectPrivate,不过QobjectPrivate的索引方式极其简单。


QObjectPrivate找到了接下来是ConnectionList。通过逆向addConnectionList函数,可以发现ConnectionList在QObjectPrivat+0x24处


1
那么接下来就是找到信号的索引计算方法了,qt中索引分为相对索引和本地索引,两个相加才能的出正确的索引。d=Qmetaobject

int QMetaObjectPrivate::indexOfSignalRelative(const QMetaObject *baseObject,
const QByteArray &name, int argc,
const QArgumentType
types)
{
int i = indexOfMethodRelative<MethodSignal>(baseObject, name, argc, types);

 

#ifndef QT_NO_DEBUG
const QMetaObject m = baseObject;
if (i >= 0 && m && m->d.superdata) {
int conflict = indexOfMethod(m->d.superdata, name, argc, types);
if (conflict >= 0) {
QMetaMethod conflictMethod = m->d.superdata->method(conflict);
qWarning("QMetaObject::indexOfSignal: signal %s from %s redefined in %s",
conflictMethod.methodSignature().constData(),
objectClassName(m->d.superdata), objectClassName(m));
}
}

 

#endif
return i;
}

 

template<int MethodType>
static inline int indexOfMethodRelative(const QMetaObject *baseObject,
const QByteArray &name, int argc,
const QArgumentType
types)
{
for (const QMetaObject m = baseObject; m; m = m->d.superdata) {
Q_ASSERT(priv(m->d.data)->revision >= 7);
int i = (MethodType == MethodSignal)
? (priv(m->d.data)->signalCount - 1) : (priv(m->d.data)->methodCount - 1);
const int end = (MethodType == MethodSlot)
? (priv(m->d.data)->signalCount) : 0;

1
2
3
4
5
6
7
8
9
    for (; i >= end; --i) {
        int handle = priv(m->d.data)->methodData + 5*i;
        if (methodMatch(m, handle, name, argc, types)) {
            *baseObject = m;
            return i;
        }
    }
}
return -1;

}

 

static bool methodMatch(const QMetaObject m, int handle,
const QByteArray &name, int argc,
const QArgumentType
types)
{
Q_ASSERT(priv(m->d.data)->revision >= 7);
if (int(m->d.data[handle + 1]) != argc)
return false;

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
if (stringData(m, m->d.data[handle]) != name)
    return false;
 
int paramsIndex = m->d.data[handle + 2] + 1;
for (int i = 0; i < argc; ++i) {
    uint typeInfo = m->d.data[paramsIndex + i];
    if (types[i].type()) {
        if (types[i].type() != typeFromTypeInfo(m, typeInfo))
            return false;
    } else {
        if (types[i].name() != typeNameFromTypeInfo(m, typeInfo))
            return false;
    }
}
 
return true;

}

1
上面为本地索引的计算,首先在本类中查找,查找不到就到父类中查找。本地索引为相对当前类的函数距离。

int QMetaObjectPrivate::signalOffset(const QMetaObject *m)
{
Q_ASSERT(m != 0);
int offset = 0;

1
2
3
for (m = m->d.superdata; m; m = m->d.superdata)
    offset += priv(m->d.data)->signalCount;
return offset;

}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
这里是相对索引的计算,到此就计算出了信号索引。
接下来又是一个难题,如何通过信号索引connectionlist。
QObjectConnectionListVector *connectionLists;
 
class QObjectConnectionListVector : public QVector<QObjectPrivate::ConnectionList>;
    QObjectPrivate::ConnectionList &operator[](int at)
{
    if (at < 0)
        return allsignals;
    return QVector<QObjectPrivate::ConnectionList>::operator[](at);
}
 
QObjectConnectionListVector仅仅只是具象化了QVector,而QVector只有一个成员QTypedArrayData,并且没有虚函数
class QObjectConnectionListVector : public QVector<QObjectPrivate::ConnectionList>;
 
template<class T>
QVector{
typedef QTypedArrayData<T> Data;
Data *d;
}
QTypedArrayData继承自QArrayData
QArrayData有四个重要的成员:
QtPrivate::RefCount ref;//引用计数
int size;    //大小
uint alloc : 31;    //预分配的大小,与std::string的分配逻辑相同
uint capacityReserved : 1;    //分配模式
qptrdiff offset;    //相对数据起始地址偏移

enum AllocationOption {
CapacityReserved = 0x1,

 

#if !defined(QT_NO_UNSHARABLE_CONTAINERS)
Unsharable = 0x2,

 

#endif
RawData = 0x4,
Grow = 0x8,
Default = 0};


 

QArrayData *QArrayData::allocate(size_t objectSize, size_t alignment,
size_t capacity, AllocationOptions options) Q_DECL_NOTHROW
{
// Alignment is a power of two
Q_ASSERT(alignment >= Q_ALIGNOF(QArrayData)
&& !(alignment & (alignment - 1)));

1
2
// Don't allocate empty headers
if (!(options & RawData) && !capacity) {

#if !defined(QT_NO_UNSHARABLE_CONTAINERS)
if (options & Unsharable)
return const_cast<QArrayData *>(&qt_array_unsharable_empty);

 

#endif
return const_cast<QArrayData *>(&qt_array_empty);
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
size_t headerSize = sizeof(QArrayData);
 
// Allocate extra (alignment - Q_ALIGNOF(QArrayData)) padding bytes so we
// can properly align the data array. This assumes malloc is able to
// provide appropriate alignment for the header -- as it should!
// Padding is skipped when allocating a header for RawData.
if (!(options & RawData))
    headerSize += (alignment - Q_ALIGNOF(QArrayData));
 
if (headerSize > size_t(MaxAllocSize))
    return 0;
 
size_t allocSize = calculateBlockSize(capacity, objectSize, headerSize, options);
QArrayData *header = static_cast<QArrayData *>(::malloc(allocSize));
if (header) {
    quintptr data = (quintptr(header) + sizeof(QArrayData) + alignment - 1)
            & ~(alignment - 1);

#if !defined(QT_NO_UNSHARABLE_CONTAINERS)
header->ref.atomic.store(bool(!(options & Unsharable)));

 

#else
header->ref.atomic.store(1);

 

#endif
header->size = 0;
header->alloc = capacity;
header->capacityReserved = bool(options & CapacityReserved);
header->offset = data - quintptr(header);
}

1
return header;

}

 

查看 QArrayData QArrayData::allocate的分配逻辑可以发现
QArrayData分为两个部分头和数据,数据连续分配,类似于windows的堆结构。
查看QTypedArrayData 的分配逻辑:
Q_REQUIRED_RESULT static QTypedArrayData
allocate(size_t capacity,
AllocationOptions options = Default)
{
Q_STATIC_ASSERT(sizeof(QTypedArrayData) == sizeof(QArrayData));
return static_cast<QTypedArrayData *>(QArrayData::allocate(sizeof(T),
Q_ALIGNOF(AlignmentDummy), capacity, options));
}

1
2
他只是重用了QArrayData的分配逻辑。而QVector并没有改变任何分配逻辑,只是将任务交给QTypedArrayData ;
接下来查看QArrayData的索引逻辑,但是QArrayData并没有索引函数,只有一个data函数来索引第一个数据结构

void data()
{
Q_ASSERT(size == 0
|| offset < 0 || size_t(offset) >= sizeof(QArrayData));
return reinterpret_cast<char
>(this) + offset;
}

 

const void data() const
{
Q_ASSERT(size == 0
|| offset < 0 || size_t(offset) >= sizeof(QArrayData));
return reinterpret_cast<const char
>(this) + offset;
}

1
可以看到只是单纯的加上offset便得到了第一个数据的地址,而QTypedArrayData只是添加了迭代器,并没有重写QArrayData::data。

iterator begin(iterator = iterator()) { return data(); }
QVector更是只重用了QTypedArrayData的迭代器来制作operator[]。

1
2
通过源码观察结合类的布局可以推测出QVector查找数据的方法。
Qvector->QTypedArrayData=QArrayData便可以找到数据存放地址,接下来验证这个猜测。

struct D{
DWORD A;
DWORD B;
};

 

int main(int argc, char *argv[])
{ D l;
l.A=0x123;
l.B=0x456;
QVector<D> d;
d.push_back(l);
d.push_back(l);
stringstream ss;
ss<<hex<<&d;
MessageBoxA(nullptr,ss.str().c_str(),"",MB_OK);
QApplication a(argc, argv);
MainWindow w;
w.Print();
return a.exec();
}


1
2
3
4
5
6
证明了我们的猜想是正确。下面是ConnectionList的结构和Connection结构的源码。
    struct ConnectionList {
    ConnectionList() : first(0), last(0) {}
    Connection *first;
    Connection *last;
};

struct Connection
{
QObject sender;
QObject
receiver;
union {
StaticMetaCallFunction callFunction;
QtPrivate::QSlotObjectBase slotObj;
};
// The next pointer for the singly-linked ConnectionList
Connection
nextConnectionList;
//senders linked list
Connection next;
Connection *
prev;
QAtomicPointer<const int> argumentTypes;
QAtomicInt ref_;
ushort method_offset;
ushort method_relative;
uint signalindex : 27; // In signal range (see QObjectPrivate::signalIndex())
ushort connectionType : 3; // 0 == auto, 1 == direct, 2 == queued, 4 == blocking
ushort isSlotObject : 1;
ushort ownArgumentTypes : 1;
Connection() : nextConnectionList(0), ref
(2), ownArgumentTypes(true) {
//ref_ is 2 for the use in the internal lists, and for the use in QMetaObject::Connection
}
~Connection();
int method() const { Q_ASSERT(!isSlotObject); return method_offset + methodrelative; }
void ref() { ref
.ref(); }
void deref() {
if (!ref_.deref()) {
Q_ASSERT(!receiver);
delete this;
}
}
};
关于Qt5的脚本暂时没有写好,我也没有想到一天就找到了索引槽函数的方法,接下来有机会会补上x32dbg qt5_resolver的脚本源码。


[2022夏季班]《安卓高级研修班(网课)》月薪三万班招生中~

收藏
点赞4
打赏
分享
最新回复 (3)
雪    币: 1012
活跃值: 活跃值 (357)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
Kingh413 活跃值 2021-3-7 10:16
2
0
感谢分享!
雪    币: 731
活跃值: 活跃值 (165)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
spman 活跃值 2021-3-7 10:23
3
0
正好需要,谢谢,mark一下
雪    币: 210
活跃值: 活跃值 (466)
能力值: ( LV9,RANK:172 )
在线值:
发帖
回帖
粉丝
vmtest 活跃值 2021-3-8 10:42
4
1

前几年写的qt5classdump,  静态分析qt5的bin文件, 附件是mac版本, 当时没有windows电脑,所以win版本没编译

找到的virtual_address地址不一定正确,不正确的情况下可尝试在类的static_metacall地址上下断点,人肉再分析。



例如分析ida.exe

./qt5classdump /Users/ye/work/tools/IDA_Pro_v7.0_Portable/ida.exe


得到

q5classdump 0.0.1, author : vmtest
for x86 x64 : elf64,macho64,pe32,pe64


//image_base 0x140000000


class DockArea{
    //static_metacall dispatch:0x1401d4a80
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void docksClosed(QList<DockWidget*> list);

    //virtual_address maybe:0x1402060c0
     void dragOccurred();

private slots:
    //virtual_address maybe:0x140008aa0
     void hideDragArrowsTimeout();

    //virtual_address maybe:0x14000ce30
     void tabDragRequest(BaseDockWidget* widget);

}

class DockAreaDragTitle{
    //static_metacall dispatch:0x1400443a0
}

class BaseDockWidget{
    //static_metacall dispatch:0x1400443a0
}

class DockWidgetTitleButton{
    //static_metacall dispatch:0x1400443a0
}

class DockWidgetTitle{
    //static_metacall dispatch:0x1400443a0
}

class DockTabBar{
    //static_metacall dispatch:0x1400443a0
}

class DockArrow{
    //static_metacall dispatch:0x1400443a0
}

class DockArrowArea{
    //static_metacall dispatch:0x1400443a0
}

class MainMsgList{
    //static_metacall dispatch:0x1401d5450
public slots:
    //virtual_address maybe:0x1400163f0
     void append(QString text);

    //virtual_address maybe:0x140209c78
     void scrollToCursor();

private slots:
    //virtual_address maybe:0x140016920
     void form_activate();

    //virtual_address maybe:0x140016930
     void form_deactivate();

    //get virtual_address maybe:0x1401d54f0
     //set virtual_address maybe:0x1400163f0
     QString append;

}

class IDAToolBar{
    //static_metacall dispatch:0x1400443a0
}

class ConsoleWidget{
    //static_metacall dispatch:0x1401d58f0
private slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

    //virtual_address maybe:0x14001ea80
     bool form_help();

}

class IDAMainWindow{
    //static_metacall dispatch:0x1401d5930
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void srcviewChanged(QWidget* to);

    //virtual_address maybe:0x1401d5540
     void caretBlinkIntervalChanged(int was,int now);

    //virtual_address maybe:0x1402060c0
     void beginTraceBufChange();

    //virtual_address maybe:0x1402060c0
     void endTraceBufChange();

public slots:
    //virtual_address maybe:0x14001f7d0
     bool make_full_screen(DockWidget* dock);

public slots:
    //virtual_address maybe:0x14001f7d0
     bool make_full_screen();

public slots:
    //virtual_address maybe:0x14001f720
     bool leave_full_screen();

    //virtual_address maybe:0x0
     bool is_full_screen();

    //virtual_address maybe:0x14001e3d0
     void execute_action(QString command);

    //virtual_address maybe:0x140088ac0
     void execute_current_action();

    //virtual_address maybe:0x140088ce0
     void execute_selected_plugin();

    //virtual_address maybe:0x14001e3c0
     void exec_requests();

    //virtual_address maybe:0x1400c03b0
     void run_debugger();

    //virtual_address maybe:0x1400a3670
     void attach_debugger();

    //virtual_address maybe:0x1400443a0
     void buyIDA();

private slots:
    //virtual_address maybe:0x14001ea70
     void focusChanged(QWidget* old,QWidget* now);

    //virtual_address maybe:0x140129d90
     void popup_operation_clicked();

    //virtual_address maybe:0x14001b080
     void console_widget_destroyed();

    //virtual_address maybe:0x14001db60
     void docksClosed(QList<DockWidget*> list);

    //virtual_address maybe:0x140019ce0
     void actionDestroyed(QObjectStar obj);

    //virtual_address maybe:0x14001e410
     void fileMenuToShow();

    //virtual_address maybe:0x1400232a0
     void toolBarsMenuToShow();

    //virtual_address maybe:0x140023650
     void windowsMenuToShow();

    //virtual_address maybe:0x1400226c0
     void returnMenuToShow();

    //virtual_address maybe:0x140023430
     void undoReturnMenuToShow();

    //virtual_address maybe:0x140020c00
     void openRecentFile(QString fileName);

    //virtual_address maybe:0x140020b30
     void navMenuClick();

    //virtual_address maybe:0x140022ea0
     void statusBarContextMenu(QPoint p);

    //virtual_address maybe:0x140022e60
     void statusBarAnalysisInd();

    //virtual_address maybe:0x140020ef0
     void procSpecAnalysisOptions();

    //virtual_address maybe:0x14001d9f0
     void displayHelp();

    //virtual_address maybe:0x1400a0dc0
     void ComboBoxDebuggersChanged();

    //virtual_address maybe:0x140019ca0
     void FlowChartLabelsClicked();

    //virtual_address maybe:0x140023520
     void viewSwitcherDisplayTimeout();

}

class ActionsInspector{
    //static_metacall dispatch:0x1401d5e40
public slots:
    //virtual_address maybe:0x140092010
     bool shortcut_edited();

    //virtual_address maybe:0x140091ae0
     bool restore_clicked();

    //virtual_address maybe:0x140091f00
     bool set_clicked();

    //virtual_address maybe:0x140091160
     bool help_clicked();

    //virtual_address maybe:0x140091900
     bool reset_clicked();

    //virtual_address maybe:0x140091c70
     bool save_clicked();

    //virtual_address maybe:0x1400922f0
     void toggle_disabled_state_changed(int );

    //virtual_address maybe:0x1400922d0
     void toggle_conflicts_state_changed(int );

private slots:
    //virtual_address maybe:0x0
     void form_activate();

    //virtual_address maybe:0x0
     void form_deactivate();

}

class AbstractRenderer{
    //static_metacall dispatch:0x1401d6140
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     bool modelLoaded();

}

class qobject_lifecycle_monitor_t{
    //static_metacall dispatch:0x1401d6870
private slots:
    //virtual_address maybe:0x0
     bool onObjectDestroyed();

}

class caret_status_t{
    //static_metacall dispatch:0x1401d6810
private slots:
    //virtual_address maybe:0x14003d750
     void onCaretBlinkIntervalChanged(int was,int new_interval);

}

class highlight_t{
    //static_metacall dispatch:0x1401d6830
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     bool changed();

}

class CustomIDAMemo{
    //static_metacall dispatch:0x1401d6620
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void placeChanged(const place_t* );

    //virtual_address maybe:0x1402060c0
     void cursorChanged();

    //virtual_address maybe:0x1402060c0
     void rendererChanged(tcc_renderer_type_t );

    //virtual_address maybe:0x1402060c0
     void resized();

private slots:
    //virtual_address maybe:0x140042d70
     void vertActionTriggered(int action);

    //virtual_address maybe:0x14003ad70
     void horizActionTriggered(int action);

    //virtual_address maybe:0x14003d7c0
     void traceBufChangeCompleted();

    //virtual_address maybe:0x14003d7c0
     void onHighlightChanged();

    //virtual_address maybe:0x14003d7f0
     void onSyncRequested();

public slots:
    //virtual_address maybe:0x0
     void on_layout_performed();

protected slots:
    //virtual_address maybe:0x0
     void form_activate();

    //virtual_address maybe:0x0
     void form_deactivate();

    //virtual_address maybe:0x0
     void form_help();

}

class IDAViewHost{
    //static_metacall dispatch:0x1401d6c00
private slots:
    //virtual_address maybe:0x14004aa10
     void onSplitterMoved(int pos,int index);

    //virtual_address maybe:0x14004aa20
     void onViewFocusAcquired();

    //virtual_address maybe:0x14004aa40
     void onViewPlaceChanged(const place_t* p);

    //virtual_address maybe:0x14004a9f0
     void onRendererChanged(tcc_renderer_type_t rt);

    //virtual_address maybe:0x0
     void on_layout_performed();

}

class blinking_t{
    //static_metacall dispatch:0x1401d72a0
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void blinkingChanged(bool state);

}

class graph_mouse_pos_t{
    //static_metacall dispatch:0x1401d7310
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void mouseOverChanged(const selection_item_t* item);

}

class highlit_t{
    //static_metacall dispatch:0x1401d7380
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     bool nodesChanged();

    //virtual_address maybe:0x1402060c0
     bool edgesChanged();

}

class CIMBridge{
    //static_metacall dispatch:0x1401d7800
public slots:
    //virtual_address maybe:0x14007d930
     void customidamemo_renderer_changed(tcc_renderer_type_t );

    //virtual_address maybe:0x14007d9a0
     void graphrenderer_graph_layout_changed();

    //virtual_address maybe:0x14007d990
     void graphrenderer_gli_changed();

}

class GraphMiniView{
    //static_metacall dispatch:0x1401d7830
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void availabilityUpdated(bool avail);

public slots:
    //virtual_address maybe:0x14007e4e0
     void traceBufChangeCompleted();

}

class uicontext_t{
    //static_metacall dispatch:0x1400443a0
}

class TChooser{
    //static_metacall dispatch:0x1401d7db0
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     bool focusNextSibling();

private slots:
    //virtual_address maybe:0x1400e3e60
     bool on_ok_clicked();

    //virtual_address maybe:0x1400e3e80
     bool on_search_clicked();

    //virtual_address maybe:0x1400e54b0
     void selectionChanged(QItemSelection selected);

    //virtual_address maybe:0x1400e3480
     void itemDoubleClicked(QModelIndex index);

    //virtual_address maybe:0x1400e23a0
     void form_activate();

    //virtual_address maybe:0x1400e24c0
     void form_deactivate();

    //virtual_address maybe:0x1400e2500
     void form_help();

    //virtual_address maybe:0x1400e4840
     void quick_filter_changed();

    //virtual_address maybe:0x1400e4940
     void quick_filter_reserved_key_press(QKeyEvent ke);

}

class TChooserItemDelegate{
    //static_metacall dispatch:0x1400443a0
}

class TMyDialog{
    //static_metacall dispatch:0x1401d81e0
private slots:
    //virtual_address maybe:0x1400ee7c0
     bool on_button_yes();

    //virtual_address maybe:0x1400e98a0
     void button_box_clicked(QAbstractButton* button);

    //virtual_address maybe:0x1400eca80
     void focus_previous_child();

    //virtual_address maybe:0x1400eca70
     void focus_next_child();

    //virtual_address maybe:0x0
     void form_activate();

    //virtual_address maybe:0x0
     void form_deactivate();

    //virtual_address maybe:0x1400f11d0
     void qtInputFieldChanged();

    //virtual_address maybe:0x1400f0d30
     void qtButtonClicked(int idx);

    //virtual_address maybe:0x1400f0f50
     void qtFileBtnClicked(int idx);

    //virtual_address maybe:0x1400f0e80
     void qtColorButtonClicked(int idx);

    //virtual_address maybe:0x1400f0dc0
     void qtChooserSelectionChanged();

    //virtual_address maybe:0x1400f0ed0
     void qtEditFieldChanged();

}

class EditContainer{
    //static_metacall dispatch:0x1401d81d0
private slots:
    //virtual_address maybe:0x0
     bool cursor_changed();

}

class text_event_filter_t{
    //static_metacall dispatch:0x1400443a0
}

class TextArrows{
    //static_metacall dispatch:0x1401d8a00
private slots:
    //virtual_address maybe:0x140155d60
     bool onFlatModelLoaded();

}

class HintProvider{
    //static_metacall dispatch:0x1400443a0
}

class ColorButtonView{
    //static_metacall dispatch:0x1401d8dc0
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void colorChanged(QColor color);

}

class ColorButton{
    //static_metacall dispatch:0x1401d8d20
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void colorChanged(QColor color);

private slots:
    //virtual_address maybe:0x140160e10
     void on_mainButton_clicked();

    //virtual_address maybe:0x140160f10
     void on_mainButton_colorChanged(QColor color);

    //virtual_address maybe:0x140160fc0
     void on_resetButton_clicked();

}

class FocusLabel{
    //static_metacall dispatch:0x1401d9030
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     bool clicked();

    //virtual_address maybe:0x1402060c0
     bool hover();

public slots:
    //virtual_address maybe:0x140161830
     bool focusLabel();

    //get virtual_address maybe:0x1401d8e50
     QString associatedWidgetName;

}

class MVCComboBox{
    //static_metacall dispatch:0x1400443a0
}

class MVCListView{
    //static_metacall dispatch:0x1400443a0
}

class TNavBand{
    //static_metacall dispatch:0x1401d9280
public slots:
    //virtual_address maybe:0x140167300
     bool refresh_all();

    //virtual_address maybe:0x140168490
     bool zoom_in();

    //virtual_address maybe:0x1401684a0
     bool zoom_out();

    //virtual_address maybe:0x1401684b0
     void zoom_scale(asize_t scale);

    //virtual_address maybe:0x140167cc0
     void scroll();

    //virtual_address maybe:0x140165e30
     void SbMouseDown();

    //virtual_address maybe:0x140165e80
     void SbMouseUp();

}

class FramedLabel{
    //static_metacall dispatch:0x1400443a0
}

class BarDockWidget{
    //static_metacall dispatch:0x1401d9940
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void dockStatusChanged(int );

private slots:
    //virtual_address maybe:0x140183440
     void dockAreaChanged(Qt::DockWidgetArea area);

    //virtual_address maybe:0x1401834e0
     void dockFloatingChanged();

}

class NoDockTitleBar{
    //static_metacall dispatch:0x1400443a0
}

class TNavBox{
    //static_metacall dispatch:0x1401d9ac0
protected slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

private slots:
    //virtual_address maybe:0x140184950
     void dockChanged(int status);

    //virtual_address maybe:0x140184790
     void displayChanged(int index);

public slots:
    //virtual_address maybe:0x140184530
     void bandHint();

}

class SOStructsAndUnions{
    //static_metacall dispatch:0x1401da420
private slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

}

class SOTypeOffsets{
    //static_metacall dispatch:0x1401da450
private slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

}

class HexSpinBox{
    //static_metacall dispatch:0x1400443a0
}

class IdaTableWidget{
    //static_metacall dispatch:0x1401da640
public slots:
    //virtual_address maybe:0x1401a1610
     void show_popup(QPoint );

}

class TCallBox{
    //static_metacall dispatch:0x1401da660
public slots:
    //virtual_address maybe:0x1401a1340
     bool callersHint();

    //virtual_address maybe:0x1401a12f0
     bool calleesHint();

    //virtual_address maybe:0x1401a13c0
     void itemActivated(QTableWidgetItem* item);

    //virtual_address maybe:0x1400443a0
     void form_activate();

    //virtual_address maybe:0x1400443a0
     void form_deactivate();

}

class TCustomIDAText{
    //static_metacall dispatch:0x1401daa20
public slots:
    //virtual_address maybe:0x1401a4070
     bool hint();

}

class RegJumpButton{
    //static_metacall dispatch:0x1400443a0
}

class RegValue{
    //static_metacall dispatch:0x1400443a0
}

class TCpuRegs{
    //static_metacall dispatch:0x1401da9f0
private slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

    //virtual_address maybe:0x1401a5bd0
     void valueContextMenu(QPoint p);

public slots:
    //virtual_address maybe:0x1401a4200
     void jump_button_click();

}

class TNoteBox{
    //static_metacall dispatch:0x1401dabd0
private slots:
    //virtual_address maybe:0x1401a6e10
     bool form_activate();

    //virtual_address maybe:0x1401a6e60
     bool form_deactivate();

    //virtual_address maybe:0x1401a6e70
     bool form_help();

    //virtual_address maybe:0x1401a6b50
     void custom_context_menu_requested(QPoint pos);

}

class CLIWidget{
    //static_metacall dispatch:0x1401dad10
private slots:
    //virtual_address maybe:0x1401a8eb0
     bool switch_cli_clicked();

    //virtual_address maybe:0x1401a7bc0
     bool button_click();

    //virtual_address maybe:0x1401a8030
     void custom_context_menu_requested(QPoint pos);

    //virtual_address maybe:0x0
     void form_activate();

    //virtual_address maybe:0x0
     void form_deactivate();

public slots:
    //virtual_address maybe:0x1401a7da0
     void complete_click_fwd();

    //virtual_address maybe:0x1401a7d80
     void complete_click_back();

    //virtual_address maybe:0x1401a8a60
     void next_cli();

    //virtual_address maybe:0x1401a8b80
     void prev_cli();

    //virtual_address maybe:0x1401a8c80
     void set_current_as_default();

    //virtual_address maybe:0x1401a8f00
     void switch_to_default_cli();

    //virtual_address maybe:0x1401a8530
     void execute_click();

}

class IDADialog{
    //static_metacall dispatch:0x1400443a0
}

class IDAFileDialog{
    //static_metacall dispatch:0x1400443a0
}

class IDAColorDialog{
    //static_metacall dispatch:0x1400443a0
}

class FixedFontDialog{
    //static_metacall dispatch:0x1401db500
private slots:
    //virtual_address maybe:0x1401b0750
     void onFontSelected(QFont font);

    //virtual_address maybe:0x1401b0660
     void onDialogButtonClicked(QAbstractButton* button);

}

class HelpViewer{
    //static_metacall dispatch:0x1401db650
private slots:
    //virtual_address maybe:0x1401b09d0
     void i_display_help(int id);

}

class PluginForm{
    //static_metacall dispatch:0x1400443a0
public slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

}

class SearchLineEdit{
    //static_metacall dispatch:0x1401dbbd0
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void reserved_key_press(QKeyEvent ke);

    //virtual_address maybe:0x1402060c0
     void search_text_changed(QString txt);

    //virtual_address maybe:0x1402060c0
     void search_history_changed(QString txt);

private slots:
    //virtual_address maybe:0x1401bf110
     void text_changed(QString txt);

}

class SearchLineEditEx{
    //static_metacall dispatch:0x1401dbd10
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     void reserved_key_press(QKeyEvent ke);

    //virtual_address maybe:0x1402060c0
     void filter_changed();

private slots:
    //virtual_address maybe:0x1401be4f0
     void on_reserved_key_press(QKeyEvent ke);

    //virtual_address maybe:0x1401be690
     void on_search_text_changed(QString txt);

    //virtual_address maybe:0x1401be530
     void on_search_history_changed(QString txt);

public slots:
    //virtual_address maybe:0x1401becf0
     void show_quick_filter();

    //virtual_address maybe:0x1401be470
     void hide_quick_filter();

}

class LineInfoWidget{
    //static_metacall dispatch:0x1401dc060
private slots:
    //virtual_address maybe:0x1401bf450
     bool check_line_info_ranges();

    //virtual_address maybe:0x1401bfd70
     void on_cim_place_changed(const place_t* );

}

class CustomCodeViewer{
    //static_metacall dispatch:0x1400443a0
}

class TextEdit{
    //static_metacall dispatch:0x1401dc240
Q_SIGNALS:
    //virtual_address maybe:0x1402060c0
     bool acceptDialog();

    //virtual_address maybe:0x1402060c0
     bool focusNextSibling();

    //virtual_address maybe:0x1402060c0
     bool focusPreviousSibling();

    //virtual_address maybe:0x1402060c0
     bool textModified();

private slots:
    //virtual_address maybe:0x1401c08d0
     bool changedText();

    //virtual_address maybe:0x1401c08e0
     void contentsChanged(int pos,int removed,int added);

}

class TAddressDetailsContainer{
    //static_metacall dispatch:0x1401dc550
public slots:
    //virtual_address maybe:0x0
     bool refresh();

}

class CollapsibleFrame{
    //static_metacall dispatch:0x1401dc540
private slots:
    //virtual_address maybe:0x0
     bool changeState();

}

class TAddressDetails{
    //static_metacall dispatch:0x1401dca30
private slots:
    //virtual_address maybe:0x0
     bool form_activate();

public slots:
    //virtual_address maybe:0x1401c5ca0
     void update(uint32 mask);

public slots:
    //virtual_address maybe:0x1401c5ca0
     void update();

}

class items_tree_model_t{
    //static_metacall dispatch:0x1401dcdc0
public slots:
    //virtual_address maybe:0x1401cbcf0
     void onItemExpanded(QModelIndex parent);

}

class watch_view_t{
    //static_metacall dispatch:0x1401dcde0
protected slots:
    //virtual_address maybe:0x0
     bool form_activate();

    //virtual_address maybe:0x0
     bool form_deactivate();

    //virtual_address maybe:0x1401ca900
     bool force_update_actions();

    //virtual_address maybe:0x0
     void currentChanged(QModelIndex current,QModelIndex previous);

private slots:
    //virtual_address maybe:0x1401cbb30
     void item_activated(QModelIndex index);

    //virtual_address maybe:0x1401ce500
     void srcview_changed(QWidget* to);

}

class IdaMenu{
    //static_metacall dispatch:0x1400443a0
}

class QtSyntaxHighlighter{
    //static_metacall dispatch:0x1400443a0
}


最后于 2021-3-8 10:46 被vmtest编辑 ,原因:
上传的附件:
游客
登录 | 注册 方可回帖
返回