How to add/modify a function with instructions from plugin

[jiaton]

Hello everyone!

I'm working on the plugin these days and want to figure how to modify instructions within a function.

Here's what I got:

1. A function starting from a specific address in a binary view that has been analyzed.
2. A modified version of function from 1. which has some different instructions.

My goal is to show the modified function flow graph in a new tab or window (to make some comparison, split tabs are preferred).

My way of thinking:

Method 1. Initialize a new function and fill it with assembly instructions so that the Binja can analyze it and generate a flow graph (preferred method)
Method 2. Draw the flow graph (analyze needed) and show it in a new tab.

However, I didn't find an API to modify the instructions of a function. I think there will be some way to modify or 'new' a Function with instructions.

I really appreciate it if someone can give me any hint!

[rssor]

Are you interested in modifying the original function in the binary, or modifying a function in a way that only affects some hypothetical copy for analysis?

The first can be accomplished by assembling/editing an instruction (in graph view, highlight and hit 'e'), or otherwise assembling (cmd-option-a) a sequence of instructions into a given location. Or otherwise using bv.write to write binary instructions directly.

If you're looking to do this as part of some kind of mutable-copy-during-analysis, there's not really a good option at the moment. The closest that would be possible is creating a new binaryview, copying bytes into it, and then creating a function there, but then you'll lose out on accesses to globals/ro memory/location dependent code.

[jiaton]

Hi @rssor , Thank you for your reply!
I'd like to edit an instruction by python code in my plugin. Is there any way to do that? As far as I know, the bv.write can only write binaries.

[amimo]

if you just want to patch the binary, here is my approach:

use "bv.arch.assemble(asm_str) " or keystone in case some instruction sets that are not supported by binja to get the machine code of the asm_str, then use "bv.write" to patch the binary, reanalyze these patched fucntions.