#!/usr/bin/env ruby
# vx_sym2idc.rb:
#
# Parse a VxWorks symbol table to produce an IDC script for IDA
#
# emonti@matasano.com 
# 4/28/2008
#
# KNOWN_BUGS:
# - Yea... I should have probably used idarub

require 'stringio'

# Define offsets here
load_addr = 0x10005000  # load offset
first = 0x4d5f20        # *real* beginning of sym table
last  = 0x516ba0        # *real* end of sym table

# read the raw file into a buffer
dat = File.read("app.bin")

# Larger than any function name should need to be:
MAX_NAME = 512

# isolate the symbol table:
syms = StringIO.new(dat[first..(last-1)])

# print an IDC script prolog:
puts "#include <idc.idc>",
     "static main() {"

# Loop through symbol table elements
while sym = syms.read(16) and sym.size == 16
  # Get the bits we want out of each symtable member
  sym_name_p = sym[4,4].unpack("N").first
  sym_addr_p = sym[8,4].unpack("N").first
  sym_type = sym[12,4].unpack("N").first

  # read the symbol name out of the file at the specified address
  sym_name = dat[(sym_name_p - load_addr), MAX_NAME].unpack("Z*").first

  ## Good to go. Spit out some IDC
  # Name the object for IDA
  puts "  MakeNameEx(0x%x, \"%s\", 0);" %[ sym_addr_p, sym_name ]

  # If type is function, make it so for IDA:
  if sym_type == 0x500
    puts "  MakeFunction(0x%x, BADADDR);" % sym_addr_p
  end
end

# Close off the IDC script
puts "}"