Add constant renderer API

D0ntPanic · D0ntPanic · commit 4e851c2ad235 · 2025-09-10T12:13:15.000-04:00
diff --git a/binaryninjacore.h b/binaryninjacore.h
@@ -309,6 +309,7 @@ extern "C"
 	typedef struct BNStringRef BNStringRef;
 	typedef struct BNIndirectBranchInfo BNIndirectBranchInfo;
 	typedef struct BNArchitectureAndAddress BNArchitectureAndAddress;
+	typedef struct BNConstantRenderer BNConstantRenderer;
 
 	typedef bool(*BNProgressFunction)(void*, size_t, size_t);
 
@@ -3778,6 +3779,15 @@ extern "C"
 		char* value;
 	} BNTypeAttribute;
 
+	typedef struct BNCustomConstantRenderer
+	{
+		void* context;
+		void (*freeObject)(void* ctxt);
+		bool (*isValidForType)(void* ctxt, BNHighLevelILFunction* hlil, BNType* type);
+		bool (*renderConstantPointer)(void* ctxt, BNHighLevelILFunction* hlil, size_t expr, BNType* type, int64_t val,
+			BNHighLevelILTokenEmitter* tokens, BNDisassemblySettings* settings, BNOperatorPrecedence precedence);
+	} BNCustomConstantRenderer;
+
 	BINARYNINJACOREAPI char* BNAllocString(const char* contents);
 	BINARYNINJACOREAPI char* BNAllocStringWithLength(const char* contents, size_t len);
 	BINARYNINJACOREAPI void BNFreeString(char* str);
@@ -8584,6 +8594,14 @@ extern "C"
 	BINARYNINJACOREAPI const char* BNGetStringRefContents(BNStringRef* ref);
 	BINARYNINJACOREAPI size_t BNGetStringRefSize(BNStringRef* ref);
 
+	// Constant Renderers
+	BINARYNINJACOREAPI BNConstantRenderer* BNRegisterConstantRenderer(
+		const char* name, BNCustomConstantRenderer* renderer);
+	BINARYNINJACOREAPI BNConstantRenderer* BNGetConstantRendererByName(const char* name);
+	BINARYNINJACOREAPI BNConstantRenderer** BNGetConstantRendererList(size_t* count);
+	BINARYNINJACOREAPI void BNFreeConstantRendererList(BNLanguageRepresentationFunctionType** renderers);
+	BINARYNINJACOREAPI char* BNGetConstantRendererName(BNConstantRenderer* renderer);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/python/__init__.py b/python/__init__.py
@@ -82,6 +82,7 @@
 from .languagerepresentation import *
 from .lineformatter import *
 from .renderlayer import *
+from .constantrenderer import *
 # We import each of these by name to prevent conflicts between
 # log.py and the function 'log' which we don't import below
 from .log import (
diff --git a/python/constantrenderer.py b/python/constantrenderer.py
@@ -0,0 +1,83 @@
+# Copyright (c) 2015-2025 Vector 35 Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to
+# deal in the Software without restriction, including without limitation the
+# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+# sell copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+# IN THE SOFTWARE.
+
+import traceback
+import ctypes
+from typing import Optional
+
+import binaryninja
+from . import _binaryninjacore as core
+from . import function
+from . import enums
+from .log import log_error_for_exception
+from . import types
+from . import highlevelil
+from . import languagerepresentation
+
+
+class ConstantRenderer:
+	_registered_renderers = []
+	renderer_name = None
+
+	def __init__(self, handle=None):
+		if handle is not None:
+			self.handle = core.handle_of_type(handle, core.BNConstantRenderer)
+
+	def register(self):
+		if self.__class__.renderer_name is None:
+			raise ValueError("Renderer name is missing")
+		self._cb = core.BNCustomConstantRenderer()
+		self._cb.context = 0
+		self._cb.isValidForType = self._cb.isValidForType.__class__(self._is_valid_for_type)
+		self._cb.renderConstantPointer = self._cb.renderConstantPointer.__class__(self._render_constant_pointer)
+		self.handle = core.BNRegisterConstantRenderer(self.__class__.renderer_name, self._cb)
+		self.__class__._registered_renderers.append(self)
+
+	def _is_valid_for_type(self, ctxt, hlil, type):
+		try:
+			hlil = highlevelil.HighLevelILFunction(handle=core.BNNewHighLevelILFunctionReference(hlil))
+			type = types.Type.create(handle=core.BNNewTypeReference(type))
+			return self.is_valid_for_type(hlil, type)
+		except:
+			log_error_for_exception("Unhandled Python exception in ConstantRenderer._is_valid_for_type")
+			return False
+
+	def _render_constant_pointer(self, ctxt, hlil, expr, type, val, tokens, settings, precedence):
+		try:
+			hlil = highlevelil.HighLevelILFunction(handle=core.BNNewHighLevelILFunctionReference(hlil))
+			type = types.Type.create(handle=core.BNNewTypeReference(type))
+			tokens = languagerepresentation.HighLevelILTokenEmitter(core.BNNewHighLevelILTokenEmitterReference(tokens))
+			if settings is not None:
+				settings = function.DisassemblySettings(core.BNNewDisassemblySettingsReference(settings))
+			instr = hlil.get_expr(highlevelil.ExpressionIndex(expr))
+			return self.render_constant_pointer(instr, type, val, tokens, settings, precedence)
+		except:
+			log_error_for_exception("Unhandled Python exception in ConstantRenderer._render_constant_pointer")
+			return False
+
+	def is_valid_for_type(self, func: 'highlevelil.HighLevelILInstruction', type: 'types.Type') -> bool:
+		return False
+
+	def render_constant_pointer(
+			self, instr: 'highlevelil.HighLevelILInstruction', type: 'types.Type', val: int,
+			tokens: 'languagerepresentation.HighLevelILTokenEmitter',
+			settings: Optional['function.DisassemblySettings'], precedence: 'enums.OperatorPrecedence'
+	) -> bool:
+		return False
diff --git a/python/examples/xor_strings.py b/python/examples/xor_strings.py
@@ -0,0 +1,36 @@
+from binaryninja import (ConstantRenderer, PointerType, InstructionTextToken, InstructionTextTokenType, DataBuffer)
+
+class XorStringConstantRenderer(ConstantRenderer):
+    renderer_name = "xor_strings"
+
+    def is_valid_for_type(self, func, type):
+        if not isinstance(type, PointerType):
+            return False
+        return "xor_encoded" in type.target.attributes
+
+    def render_constant_pointer(self, instr, type, val, tokens, settings, precedence):
+        if not isinstance(type, PointerType):
+            return False
+        try:
+            xor_value = int(type.target.attributes["xor_encoded"], 16)
+        except:
+            return False
+
+        result = b""
+        i = 0
+        while True:
+            byte = instr.function.view.read(val + i, 1)
+            if len(byte) != 1:
+                return False
+            byte = byte[0] ^ xor_value
+            if byte == 0:
+                break
+            result += bytes([byte])
+            i += 1
+
+        tokens.append(InstructionTextToken(InstructionTextTokenType.BraceToken, "\""))
+        tokens.append(InstructionTextToken(InstructionTextTokenType.StringToken, DataBuffer(result).escape()))
+        tokens.append(InstructionTextToken(InstructionTextTokenType.BraceToken, "\"_enc"))
+        return True
+
+XorStringConstantRenderer().register()
