From 25e7b9b107e846e54e0b772c8cc738ae89a9a156 Mon Sep 17 00:00:00 2001
From: kat <katherine@vector35.com>
Date: Sat, 31 Dec 2022 05:40:41 -0500
Subject: [PATCH] CFString Data Renderer

---
 DataRenderers.cpp | 39 +++++++++++++++++++++++++++++++++++++++
 DataRenderers.h   | 18 ++++++++++++++++++
 Plugin.cpp        |  1 +
 3 files changed, 58 insertions(+)

diff --git a/DataRenderers.cpp b/DataRenderers.cpp
index 0fe0447..6479d45 100644
--- a/DataRenderers.cpp
+++ b/DataRenderers.cpp
@@ -157,3 +157,42 @@ void RelativePointerDataRenderer::Register()
 {
     DataRendererContainer::RegisterTypeSpecificDataRenderer(new RelativePointerDataRenderer());
 }
+
+/* ---- CFString ------------------------------------------------------------ */
+
+bool CFStringDataRenderer::IsValidForData(BinaryView* bv, uint64_t address,
+    Type* type, DataRendererContext& context)
+{
+    return isType(context, CustomTypes::CFString);
+}
+
+std::vector<DisassemblyTextLine> CFStringDataRenderer::GetLinesForData(
+    BinaryView* bv, uint64_t address, Type*,
+    const std::vector<InstructionTextToken>& prefix, size_t,
+    std::vector<std::pair<Type*, size_t>>&)
+{
+    BinaryReader reader(bv);
+    reader.Seek(address + 0x10);
+
+    auto dataPointer = reader.Read64();
+    auto size = reader.Read64();
+
+    // Data pointer can be tagged, need to decode it before jumping to it.
+    dataPointer = ObjectiveNinja::ABI::decodePointer(dataPointer, bv->GetStart());
+    reader.Seek(dataPointer);
+    auto string = reader.ReadString(size);
+
+    DisassemblyTextLine line;
+    line.addr = address;
+    line.tokens = prefix;
+    line.tokens.emplace_back(StringToken, "@\"" + string + "\"", dataPointer);
+    line.tokens.emplace_back(TextToken, ", ");
+    line.tokens.emplace_back(IntegerToken, std::to_string(size), dataPointer);
+
+    return { line };
+}
+
+void CFStringDataRenderer::Register()
+{
+    DataRendererContainer::RegisterTypeSpecificDataRenderer(new CFStringDataRenderer());
+}
diff --git a/DataRenderers.h b/DataRenderers.h
index 372b8b8..78bf5d5 100644
--- a/DataRenderers.h
+++ b/DataRenderers.h
@@ -64,3 +64,21 @@ class RelativePointerDataRenderer : public BinaryNinja::DataRenderer {
 
     static void Register();
 };
+
+/**
+ * Data renderer for CFString data variables.
+ */
+class CFStringDataRenderer : public BinaryNinja::DataRenderer {
+    CFStringDataRenderer() = default;
+
+public:
+    bool IsValidForData(BinaryViewPtr, uint64_t address, TypePtr,
+        DataRendererContext&) override;
+
+    std::vector<BinaryNinja::DisassemblyTextLine> GetLinesForData(
+        BinaryViewPtr, uint64_t address, TypePtr,
+        const std::vector<BinaryNinja::InstructionTextToken>& prefix,
+        size_t width, std::vector<std::pair<TypePtr, size_t>>& context) override;
+
+    static void Register();
+};
diff --git a/Plugin.cpp b/Plugin.cpp
index ea6a7a3..e7ce24e 100644
--- a/Plugin.cpp
+++ b/Plugin.cpp
@@ -19,6 +19,7 @@ BINARYNINJAPLUGIN bool CorePluginInit()
     TaggedPointerDataRenderer::Register();
     FastPointerDataRenderer::Register();
     RelativePointerDataRenderer::Register();
+    CFStringDataRenderer::Register();
 
     Workflow::registerActivities();
     Commands::registerCommands();