MCP/mcghidra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update callgraph endpoint to accept both name and address parameters

Browse Source 
- Modified ProgramEndpoints.java to support the name and address parameters
- Updated bridge MCP tool analysis_get_callgraph to use both parameters
- Updated tests to verify functionality with both parameters
- Added the change to CHANGELOG.md
This commit is contained in:
Teal Bauer 2025-04-15 11:39:09 +02:00
parent b37be370f8
commit 384f8b272f
6 changed files with 522 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG.md
View File

@ -7,6 +7,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
## [Unreleased] ## [Unreleased]
### Added ### Added
- **MCP Integration Refactor:** Refactored the Python bridge for improved MCP integration. (337f89e)
- Introduced MCP resources for loading context (e.g., instances, functions, disassembly).
- Added namespaced tools (e.g., `instance.*`, `function.*`, `data.*`) for better organization and discoverability.
- Implemented a "current working instance" concept to simplify commands by implicitly targeting the active Ghidra instance.
- **Analysis Prompts:** Added pre-defined prompts for common analysis tasks, including `reverse_engineer_binary` for comprehensive analysis. (337f89e, 3134581)
- **String Data Listing:** Added a new endpoint to list string data in the binary, with pagination and filtering by content. Python bridge support via `list_strings()` function. (f71f4aa) - **String Data Listing:** Added a new endpoint to list string data in the binary, with pagination and filtering by content. Python bridge support via `list_strings()` function. (f71f4aa)
- **Comprehensive Data Manipulation:** Added tools/endpoints for creating (`create_data`), deleting (`delete_data`), renaming (`rename_data`), changing type (`set_data_type`), and combined updates (`update_data`) for data items. Supports common types (byte, word, dword, string, etc.). (6c28553, 5797fb3, 28870e9) - **Comprehensive Data Manipulation:** Added tools/endpoints for creating (`create_data`), deleting (`delete_data`), renaming (`rename_data`), changing type (`set_data_type`), and combined updates (`update_data`) for data items. Supports common types (byte, word, dword, string, etc.). (6c28553, 5797fb3, 28870e9)
- **Enhanced Cross-Reference (Xrefs) Analysis:** Implemented accurate xref tools (`get_references_to`, `get_references_from`) using Ghidra's ReferenceManager. Features include detailed info, bi-directional search, type filtering, and simplified bridge output. (96788f3) - **Enhanced Cross-Reference (Xrefs) Analysis:** Implemented accurate xref tools (`get_references_to`, `get_references_from`) using Ghidra's ReferenceManager. Features include detailed info, bi-directional search, type filtering, and simplified bridge output. (96788f3)
@ -16,6 +21,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
- **Enhanced Decompiler Controls:** Added options for raw vs. clean pseudocode output and multiple simplification styles. (454c739) - **Enhanced Decompiler Controls:** Added options for raw vs. clean pseudocode output and multiple simplification styles. (454c739)
### Changed ### Changed
- **Bridge Refactor & Namespacing:** Reorganized bridge tools into namespaces (e.g., `instance.list_instances`, `function.get_function_details`) as part of the MCP integration refactor. (337f89e)
- **Breaking: HATEOAS API v2 & Bridge Update:** Migrated fully to a HATEOAS-driven API (v2). The Python bridge (`bridge_mcp_hydra.py`) now *exclusively* uses this API, removing legacy support. Responses are simplified for AI agents, including text representations for structured data (e.g., disassembly). All endpoints require HATEOAS compliance (e.g., `_links`). (4bc2267, 4f3042f) - **Breaking: HATEOAS API v2 & Bridge Update:** Migrated fully to a HATEOAS-driven API (v2). The Python bridge (`bridge_mcp_hydra.py`) now *exclusively* uses this API, removing legacy support. Responses are simplified for AI agents, including text representations for structured data (e.g., disassembly). All endpoints require HATEOAS compliance (e.g., `_links`). (4bc2267, 4f3042f)
- **Optimized Variable Listing:** Improved performance of the `/variables` endpoint with efficient pagination and a `globalOnly` filter. (6c865c4) - **Optimized Variable Listing:** Improved performance of the `/variables` endpoint with efficient pagination and a `globalOnly` filter. (6c865c4)
- **Standardized Responses:** Unified all endpoints to use structured JSON and standardized HATEOAS links. (454c739, 4bc2267) - **Standardized Responses:** Unified all endpoints to use structured JSON and standardized HATEOAS links. (454c739, 4bc2267)
@ -23,12 +29,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
- **API Documentation:** Updated documentation to reflect the HATEOAS v2 API and new features. (28870e9, 3fd0cf4) - **API Documentation:** Updated documentation to reflect the HATEOAS v2 API and new features. (28870e9, 3fd0cf4)
### Fixed ### Fixed
- **Variable Renaming:** Fixed handling of variable operations in URL paths, allowing proper renaming of decompiler-generated variables through the API. (f377a34, c4d170c)
- **Function Creation:** Improved function creation by attempting to disassemble memory before creating functions, which helps in correctly identifying function boundaries. (25f353a)
- **Real Instruction Disassembly:** The `/disassembly` endpoint now provides actual instruction disassembly instead of placeholders. (3df129f) - **Real Instruction Disassembly:** The `/disassembly` endpoint now provides actual instruction disassembly instead of placeholders. (3df129f)
- **Ghidra 11+ Compatibility:** Resolved various API compatibility issues, particularly for cross-references (`XrefsEndpoints`). (5dc59ce, 2b1fe6c, 0eaa19a, 9443101) - **Ghidra 11+ Compatibility:** Resolved various API compatibility issues, particularly for cross-references (`XrefsEndpoints`). (5dc59ce, 2b1fe6c, 0eaa19a, 9443101)
- **Data Operations:** Fixed issues with HTTP request body consumption, parameter naming (`type` vs `dataType`), and name preservation during type changes. (28870e9) - **Data Operations:** Fixed issues with HTTP request body consumption, parameter naming (`type` vs `dataType`), and name preservation during type changes. (28870e9)
- **Function Commenting:** Corrected `set_decompiler_comment` to apply comments at the function level. (2a1607c) - **Function Commenting:** Corrected `set_decompiler_comment` to apply comments at the function level. (2a1607c)
- **Call Graph Parameter Handling:** Updated the CallGraph endpoint to properly accept both function name and address parameters for flexibility. (fa8cc64)
- **Endpoint Functionality:** Addressed various issues including endpoint registration, handling of program-dependent endpoints, URL encoding, transaction management, and inconsistent response formats. (various commits, e.g., 4bc2267) - **Endpoint Functionality:** Addressed various issues including endpoint registration, handling of program-dependent endpoints, URL encoding, transaction management, and inconsistent response formats. (various commits, e.g., 4bc2267)
## [1.4.0] - 2025-04-08 ## [1.4.0] - 2025-04-08

120
bridge_mcp_hydra.py
View File

@ -324,8 +324,10 @@ def simplify_response(response: dict) -> dict:
# Format: address: bytes mnemonic operands # Format: address: bytes mnemonic operands
disasm_text += f"{addr}: {bytes_str.ljust(10)} {mnemonic} {operands}\n" disasm_text += f"{addr}: {bytes_str.ljust(10)} {mnemonic} {operands}\n"
# Add the text representation while preserving the original structured data # Add the text representation
result_copy["disassembly_text"] = disasm_text result_copy["disassembly_text"] = disasm_text
# Remove the original structured instructions to simplify the response
result_copy.pop("instructions", None)
# Special case for decompiled code - make sure it's directly accessible # Special case for decompiled code - make sure it's directly accessible
if "ccode" in result_copy: if "ccode" in result_copy:
@ -1852,11 +1854,12 @@ def analysis_run(port: int = None, analysis_options: dict = None) -> dict:
return simplify_response(response) return simplify_response(response)
@mcp.tool() @mcp.tool()
def analysis_get_callgraph(function: str = None, max_depth: int = 3, port: int = None) -> dict: def analysis_get_callgraph(name: str = None, address: str = None, max_depth: int = 3, port: int = None) -> dict:
"""Get function call graph visualization data """Get function call graph visualization data
Args: Args:
function: Starting function name or address (None starts from entry point) name: Starting function name (mutually exclusive with address)
address: Starting function address (mutually exclusive with name)
max_depth: Maximum call depth to analyze (default: 3) max_depth: Maximum call depth to analyze (default: 3)
port: Specific Ghidra instance port (optional) port: Specific Ghidra instance port (optional)
@ -1866,8 +1869,13 @@ def analysis_get_callgraph(function: str = None, max_depth: int = 3, port: int =
port = _get_instance_port(port) port = _get_instance_port(port)
params = {"max_depth": max_depth} params = {"max_depth": max_depth}
if function:
params["function"] = function # Explicitly pass either name or address parameter based on what was provided
if address:
params["address"] = address
elif name:
params["name"] = name
# If neither is provided, the Java endpoint will use the entry point
response = safe_get(port, "analysis/callgraph", params) response = safe_get(port, "analysis/callgraph", params)
return simplify_response(response) return simplify_response(response)
@ -1903,6 +1911,108 @@ def analysis_get_dataflow(address: str, direction: str = "forward", max_steps: i
response = safe_get(port, "analysis/dataflow", params) response = safe_get(port, "analysis/dataflow", params)
return simplify_response(response) return simplify_response(response)
@mcp.tool()
def ui_get_current_address(port: int = None) -> dict:
"""Get the address currently selected in Ghidra's UI
Args:
port: Specific Ghidra instance port (optional)
Returns:
Dict containing address information or error
"""
port = _get_instance_port(port)
response = safe_get(port, "address")
return simplify_response(response)
@mcp.tool()
def ui_get_current_function(port: int = None) -> dict:
"""Get the function currently selected in Ghidra's UI
Args:
port: Specific Ghidra instance port (optional)
Returns:
Dict containing function information or error
"""
port = _get_instance_port(port)
response = safe_get(port, "function")
return simplify_response(response)
@mcp.tool()
def comments_set(address: str, comment: str = "", comment_type: str = "plate", port: int = None) -> dict:
"""Set a comment at the specified address
Args:
address: Memory address in hex format
comment: Comment text (empty string removes comment)
comment_type: Type of comment - "plate", "pre", "post", "eol", "repeatable" (default: "plate")
port: Specific Ghidra instance port (optional)
Returns:
dict: Operation result
"""
if not address:
return {
"success": False,
"error": {
"code": "MISSING_PARAMETER",
"message": "Address parameter is required"
},
"timestamp": int(time.time() * 1000)
}
port = _get_instance_port(port)
payload = {
"comment": comment
}
response = safe_post(port, f"memory/{address}/comments/{comment_type}", payload)
return simplify_response(response)
@mcp.tool()
def functions_set_comment(address: str, comment: str = "", port: int = None) -> dict:
"""Set a decompiler-friendly comment (tries function comment, falls back to pre-comment)
Args:
address: Memory address in hex format (preferably function entry point)
comment: Comment text (empty string removes comment)
port: Specific Ghidra instance port (optional)
Returns:
dict: Operation result
"""
if not address:
return {
"success": False,
"error": {
"code": "MISSING_PARAMETER",
"message": "Address parameter is required"
},
"timestamp": int(time.time() * 1000)
}
port_to_use = _get_instance_port(port)
# Try setting as a function comment first using PATCH
try:
func_patch_payload = {
"comment": comment
}
patch_response = safe_patch(port_to_use, f"functions/{address}", func_patch_payload)
if patch_response.get("success", False):
return simplify_response(patch_response) # Success setting function comment
else:
print(f"Note: Failed to set function comment via PATCH on {address}, falling back. Error: {patch_response.get('error')}", file=sys.stderr)
except Exception as e:
print(f"Exception trying function comment PATCH: {e}. Falling back.", file=sys.stderr)
# Fall through to set pre-comment if PATCH fails
# Fallback: Set as a "pre" comment using the comments_set tool
print(f"Falling back to setting 'pre' comment for address {address}", file=sys.stderr)
return comments_set(address=address, comment=comment, comment_type="pre", port=port_to_use)
# ================= Startup ================= # ================= Startup =================
if __name__ == "__main__": if __name__ == "__main__":

125
error.tmp Normal file
View File

@ -0,0 +1,125 @@
╭────────────────────────────────────────────────────────────────────────────────────── Traceback (most recent call last) ───────────────────────────────────────────────────────────────────────────────────────╮
│ /Users/teal/.asdf/installs/python/3.11.1/lib/python3.11/site-packages/mcp/cli/cli.py:236 in dev │
│ │
│ 233 │ ╭────────────────────────────────── locals ──────────────────────────────────╮ │
│ 234 │ try: │ file = PosixPath('/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py') │ │
│ 235 │ │ # Import server to get dependencies │ file_spec = 'bridge_mcp_hydra.py' │ │
│ ❱ 236 │ │ server = _import_server(file, server_object) │ server_object = None │ │
│ 237 │ │ if hasattr(server, "dependencies"): │ with_editable = None │ │
│ 238 │ │ │ with_packages = list(set(with_packages + server.dependencies)) │ with_packages = [] │ │
│ 239 ╰────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /Users/teal/.asdf/installs/python/3.11.1/lib/python3.11/site-packages/mcp/cli/cli.py:142 in _import_server │
│ │
│ 139 │ │ sys.exit(1) │
│ 140 │ │
│ 141 │ module = importlib.util.module_from_spec(spec) │
│ ❱ 142 │ spec.loader.exec_module(module) │
│ 143 │ │
│ 144 │ # If no object specified, try common server names │
│ 145 │ if not server_object: │
│ │
│ ╭─────────────────────────────────────────────────────────────────────────────────────── locals ───────────────────────────────────────────────────────────────────────────────────────╮ │
│ │ file = PosixPath('/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py') │ │
│ │ file_dir = '/Users/teal/src/GhydraMCP' │ │
│ │ module = <module 'server_module' from '/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py'> │ │
│ │ server_object = None │ │
│ │ spec = ModuleSpec(name='server_module', loader=<_frozen_importlib_external.SourceFileLoader object at 0x102ed0750>, origin='/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py') │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ in exec_module:940 │
│ ╭─────────────────────────────────────────────────── locals ───────────────────────────────────────────────────╮ │
│ │ code = <code object <module> at 0x159961400, file "/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py", line 1> │ │
│ │ module = <module 'server_module' from '/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py'> │ │
│ │ self = <_frozen_importlib_external.SourceFileLoader object at 0x102ed0750> │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ in _call_with_frames_removed:241 │
│ ╭───────────────────────────────────────────────────────────────────────────────────────────── locals ─────────────────────────────────────────────────────────────────────────────────────────────╮ │
│ │ args = ( │ │
│ │ │ <code object <module> at 0x159961400, file "/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py", line 1>, │ │
│ │ │ { │ │
│ │ │ │ '__name__': 'server_module', │ │
│ │ │ │ '__doc__': None, │ │
│ │ │ │ '__package__': '', │ │
│ │ │ │ '__loader__': <_frozen_importlib_external.SourceFileLoader object at 0x102ed0750>, │ │
│ │ │ │ '__spec__': ModuleSpec(name='server_module', loader=<_frozen_importlib_external.SourceFileLoader object at 0x102ed0750>, origin='/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py'), │ │
│ │ │ │ '__file__': '/Users/teal/src/GhydraMCP/bridge_mcp_hydra.py', │ │
│ │ │ │ '__cached__': '/Users/teal/src/GhydraMCP/__pycache__/bridge_mcp_hydra.cpython-311.pyc', │ │
│ │ │ │ '__builtins__': { │ │
│ │ │ │ │ '__name__': 'builtins', │ │
│ │ │ │ │ '__doc__': 'Built-in functions, exceptions, and other objects.\n\nNoteworthy: None is the `nil'+46, │ │
│ │ │ │ │ '__package__': '', │ │
│ │ │ │ │ '__loader__': <class '_frozen_importlib.BuiltinImporter'>, │ │
│ │ │ │ │ '__spec__': ModuleSpec(name='builtins', loader=<class '_frozen_importlib.BuiltinImporter'>, origin='built-in'), │ │
│ │ │ │ │ '__build_class__': <built-in function __build_class__>, │ │
│ │ │ │ │ '__import__': <built-in function __import__>, │ │
│ │ │ │ │ 'abs': <built-in function abs>, │ │
│ │ │ │ │ 'all': <built-in function all>, │ │
│ │ │ │ │ 'any': <built-in function any>, │ │
│ │ │ │ │ ... +147 │ │
│ │ │ │ }, │ │
│ │ │ │ '__annotations__': {'active_instances': typing.Dict[int, dict]}, │ │
│ │ │ │ 'os': <module 'os' (frozen)>, │ │
│ │ │ │ ... +42 │ │
│ │ │ } │ │
│ │ ) │ │
│ │ f = <built-in function exec> │ │
│ │ kwds = {} │ │
│ ╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ │
│ │
│ /Users/teal/src/GhydraMCP/bridge_mcp_hydra.py:583 in <module> │
│ │
│ 580 # Resources provide information that can be loaded directly into context │
│ 581 # They focus on data and minimize metadata │
│ 582 │
│ ❱ 583 @mcp.resource() │
│ 584 def ghidra_instance(port: int = None) -> dict: │
│ 585 │ """Get detailed information about a Ghidra instance and the loaded program │
│ 586 │
│ │
│ ╭─────────────────────────────────────────────────────────────────── locals ────────────────────────────────────────────────────────────────────╮ │
│ │ _discover_instances = <function _discover_instances at 0x1030600e0> │ │
│ │ _get_instance_port = <function _get_instance_port at 0x102eb7100> │ │
│ │ _make_request = <function _make_request at 0x103047880> │ │
│ │ active_instances = {} │ │
│ │ ALLOWED_ORIGINS = ['http://localhost'] │ │
│ │ Any = typing.Any │ │
│ │ BRIDGE_VERSION = 'v2.0.0-beta.1' │ │
│ │ current_instance_port = 8192 │ │
│ │ DEFAULT_GHIDRA_HOST = 'localhost' │ │
│ │ DEFAULT_GHIDRA_PORT = 8192 │ │
│ │ Dict = typing.Dict │ │
│ │ FastMCP = <class 'mcp.server.fastmcp.server.FastMCP'> │ │
│ │ FULL_DISCOVERY_RANGE = range(8192, 8212) │ │
│ │ get_instance_url = <function get_instance_url at 0x102d8e160> │ │
│ │ ghidra_host = 'localhost' │ │
│ │ handle_sigint = <function handle_sigint at 0x103060220> │ │
│ │ instances_lock = <unlocked _thread.lock object at 0x102ed2e40> │ │
│ │ instructions = '\nGhydraMCP allows interacting with multiple Ghidra SRE instances. Ghidra SRE is '+497 │ │
│ │ List = typing.List │ │
│ │ Lock = <built-in function allocate_lock> │ │
│ │ mcp = <mcp.server.fastmcp.server.FastMCP object at 0x102ed3e10> │ │
│ │ Optional = typing.Optional │ │
│ │ os = <module 'os' (frozen)> │ │
│ │ periodic_discovery = <function periodic_discovery at 0x103060180> │ │
│ │ QUICK_DISCOVERY_RANGE = range(8192, 8202) │ │
│ │ quote = <function quote at 0x1001dc4a0> │ │
│ │ register_instance = <function register_instance at 0x103060040> │ │
│ │ requests = <module 'requests' from '/Users/teal/.asdf/installs/python/3.11.1/lib/python3.11/site-packages/requests/__init__.py'> │ │
│ │ REQUIRED_API_VERSION = 2 │ │
│ │ safe_delete = <function safe_delete at 0x103047ec0> │ │
│ │ safe_get = <function safe_get at 0x103047c40> │ │
│ │ safe_patch = <function safe_patch at 0x103047e20> │ │
│ │ safe_post = <function safe_post at 0x103047d80> │ │
│ │ safe_put = <function safe_put at 0x103047ce0> │ │
│ │ signal = <module 'signal' from '/Users/teal/.asdf/installs/python/3.11.1/lib/python3.11/signal.py'> │ │
│ │ simplify_response = <function simplify_response at 0x103047f60> │ │
│ │ sys = <module 'sys' (built-in)> │ │
│ │ threading = <module 'threading' from '/Users/teal/.asdf/installs/python/3.11.1/lib/python3.11/threading.py'> │ │
│ │ time = <module 'time' (built-in)> │ │
│ │ Union = typing.Union │ │
│ │ urlencode = <function urlencode at 0x1005cac00> │ │
│ │ urlparse = <function urlparse at 0x1005c9760> │ │
│ │ validate_origin = <function validate_origin at 0x1030477e0> │ │
│ ╰───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ │
╰────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯
TypeError: FastMCP.resource() missing 1 required positional argument: 'uri'

49
src/main/java/eu/starsong/ghidra/endpoints/ProgramEndpoints.java
View File

@ -1477,25 +1477,48 @@ public class ProgramEndpoints extends AbstractEndpoint {
try { try {
Map<String, String> params = parseQueryParams(exchange); Map<String, String> params = parseQueryParams(exchange);
String functionName = params.get("function"); // Support both function name and address as separate parameters
String name = params.get("name");
String address = params.get("address");
// For backward compatibility, also check "function" parameter
if (name == null) {
name = params.get("function");
}
int maxDepth = parseIntOrDefault(params.get("max_depth"), 3); int maxDepth = parseIntOrDefault(params.get("max_depth"), 3);
// Get starting function // Get starting function
ghidra.program.model.listing.Function startFunction = null; ghidra.program.model.listing.Function startFunction = null;
if (functionName != null) {
// Try to find function by address first (if provided)
if (address != null) {
try {
ghidra.program.model.address.Address addr = program.getAddressFactory().getAddress(address);
startFunction = program.getFunctionManager().getFunctionAt(addr);
if (startFunction == null) {
sendErrorResponse(exchange, 404, "Function not found at address: " + address, "FUNCTION_NOT_FOUND");
return;
}
} catch (Exception e) {
sendErrorResponse(exchange, 400, "Invalid address format: " + address, "INVALID_ADDRESS");
return;
}
}
// Try to find function by name if address not provided or function not found
else if (name != null) {
for (ghidra.program.model.listing.Function f : program.getFunctionManager().getFunctions(true)) { for (ghidra.program.model.listing.Function f : program.getFunctionManager().getFunctions(true)) {
if (f.getName().equals(functionName)) { if (f.getName().equals(name)) {
startFunction = f; startFunction = f;
break; break;
} }
} }
if (startFunction == null) { if (startFunction == null) {
sendErrorResponse(exchange, 404, "Function not found: " + functionName, "FUNCTION_NOT_FOUND"); sendErrorResponse(exchange, 404, "Function not found by name: " + name, "FUNCTION_NOT_FOUND");
return; return;
} }
} else { } else {
// Use the entry point function if no function is specified // Use the entry point function if no function is specified by name or address
ghidra.program.model.address.Address entryPoint = program.getSymbolTable().getExternalEntryPointIterator().hasNext() ? ghidra.program.model.address.Address entryPoint = program.getSymbolTable().getExternalEntryPointIterator().hasNext() ?
program.getSymbolTable().getExternalEntryPointIterator().next() : program.getSymbolTable().getExternalEntryPointIterator().next() :
program.getImageBase(); program.getImageBase();
@ -1518,10 +1541,22 @@ public class ProgramEndpoints extends AbstractEndpoint {
// Add HATEOAS links // Add HATEOAS links
StringBuilder selfLinkBuilder = new StringBuilder("/programs/current/analysis/callgraph"); StringBuilder selfLinkBuilder = new StringBuilder("/programs/current/analysis/callgraph");
if (functionName != null) { boolean hasParam = false;
selfLinkBuilder.append("?function=").append(functionName);
// Add appropriate parameters to self link
if (address != null) {
selfLinkBuilder.append("?address=").append(address);
hasParam = true;
} else if (name != null) {
selfLinkBuilder.append("?name=").append(name);
hasParam = true;
} }
if (hasParam) {
selfLinkBuilder.append("&max_depth=").append(maxDepth); selfLinkBuilder.append("&max_depth=").append(maxDepth);
} else {
selfLinkBuilder.append("?max_depth=").append(maxDepth);
}
builder.addLink("self", selfLinkBuilder.toString()); builder.addLink("self", selfLinkBuilder.toString());
builder.addLink("program", "/programs/current"); builder.addLink("program", "/programs/current");

56
test_http_api.py
View File

@ -649,6 +649,62 @@ class GhydraMCPHttpApiTests(unittest.TestCase):
"Function result missing required fields" "Function result missing required fields"
) )
def test_callgraph_endpoint(self):
"""Test the /analysis/callgraph endpoint with both name and address parameters"""
# First get a function to test with
response = requests.get(f"{BASE_URL}/functions?limit=1")
# This might return 404 if no program is loaded, which is fine
if response.status_code == 404:
return
self.assertEqual(response.status_code, 200)
data = response.json()
result = data.get("result", [])
# Skip test if no functions available
if not result:
self.skipTest("No functions available to test callgraph")
# Extract name and address based on whether result is a list or dict
if isinstance(result, list) and result:
func = result[0]
elif isinstance(result, dict):
func = result
else:
self.skipTest("Unexpected result format, cannot test callgraph")
func_name = func.get("name")
func_address = func.get("address")
if not func_name or not func_address:
self.skipTest("Missing name or address for callgraph test")
# Test with the address parameter
response = requests.get(f"{BASE_URL}/analysis/callgraph?address={func_address}&max_depth=2")
self.assertEqual(response.status_code, 200)
data = response.json()
self.assertStandardSuccessResponse(data)
result = data.get("result", {})
self.assertIn("root", result, "Callgraph missing 'root' field")
self.assertIn("nodes", result, "Callgraph missing 'nodes' field")
self.assertIn("edges", result, "Callgraph missing 'edges' field")
# Test with the name parameter
response = requests.get(f"{BASE_URL}/analysis/callgraph?name={func_name}&max_depth=2")
self.assertEqual(response.status_code, 200)
data = response.json()
self.assertStandardSuccessResponse(data)
result = data.get("result", {})
self.assertIn("root", result, "Callgraph missing 'root' field")
self.assertIn("nodes", result, "Callgraph missing 'nodes' field")
self.assertIn("edges", result, "Callgraph missing 'edges' field")
def test_data_operations(self): def test_data_operations(self):
"""Test data update operations including renaming and type changes""" """Test data update operations including renaming and type changes"""
# First find a suitable data item to test with # First find a suitable data item to test with

144
test_mcp_client.py
View File

@ -238,14 +238,48 @@ async def test_bridge():
if variables_list and len(variables_list) > 0: if variables_list and len(variables_list) > 0:
for var in variables_list: for var in variables_list:
assert "name" in var, f"Variable missing name: {var}" assert "name" in var, f"Variable missing name: {var}"
assert "dataType" in var, f"Variable missing dataType: {var}" # Check for 'type' field instead of 'dataType' based on recent bridge changes/output
assert "type" in var, f"Variable missing type: {var}"
logger.info(f"Function variables result: {function_vars_result}") logger.info(f"Function variables result: {function_vars_result}")
else: else:
logger.info("Function variables available but no variables found in function.") logger.info("Function variables available but no variables found in function.")
except (AssertionError, KeyError) as e: except (AssertionError, KeyError) as e:
logger.warning(f"Could not validate function variables: {e}") # Correct the warning message to reflect the actual check
logger.warning(f"Could not validate function variables (expected 'name' and 'type' fields): {e}")
# REMOVED: Tests for set_comment and set_decompiler_comment as tools no longer exist # Test comment operations using comments_set and functions_set_comment
test_comment_plate = "Test plate comment from MCP client"
comment_args_plate = {"address": func_address, "comment": test_comment_plate, "comment_type": "plate"}
logger.info(f"Calling comments_set (plate) with args: {comment_args_plate}")
comment_result_plate = await session.call_tool("comments_set", arguments=comment_args_plate)
comment_data_plate = json.loads(comment_result_plate.content[0].text)
assert comment_data_plate.get("success") is True, f"Add plate comment failed: {comment_data_plate}"
logger.info(f"Add plate comment result: {comment_result_plate}")
# Remove plate comment
remove_comment_args_plate = {"address": func_address, "comment": "", "comment_type": "plate"}
logger.info(f"Calling comments_set (remove plate) with args: {remove_comment_args_plate}")
remove_comment_result_plate = await session.call_tool("comments_set", arguments=remove_comment_args_plate)
remove_data_plate = json.loads(remove_comment_result_plate.content[0].text)
assert remove_data_plate.get("success") is True, f"Remove plate comment failed: {remove_data_plate}"
logger.info(f"Remove plate comment result: {remove_comment_result_plate}")
# Test function comment using functions_set_comment
test_comment_func = "Test function comment from MCP client"
func_comment_args = {"address": func_address, "comment": test_comment_func}
logger.info(f"Calling functions_set_comment with args: {func_comment_args}")
func_comment_result = await session.call_tool("functions_set_comment", arguments=func_comment_args)
func_comment_data = json.loads(func_comment_result.content[0].text)
assert func_comment_data.get("success") is True, f"Add function comment failed: {func_comment_data}"
logger.info(f"Add function comment result: {func_comment_result}")
# Remove function comment
remove_func_comment_args = {"address": func_address, "comment": ""}
logger.info(f"Calling functions_set_comment (remove) with args: {remove_func_comment_args}")
remove_func_comment_result = await session.call_tool("functions_set_comment", arguments=remove_func_comment_args)
remove_func_data = json.loads(remove_func_comment_result.content[0].text)
assert remove_func_data.get("success") is True, f"Remove function comment failed: {remove_func_data}"
logger.info(f"Remove function comment result: {remove_func_comment_result}")
# Test expected failure cases # Test expected failure cases
# Try to rename non-existent function using functions_rename # Try to rename non-existent function using functions_rename
@ -269,8 +303,40 @@ async def test_bridge():
bad_get_data = json.loads(bad_get_result.content[0].text) bad_get_data = json.loads(bad_get_result.content[0].text)
assert bad_get_data.get("success") is False, f"Getting non-existent function should fail, but got: {bad_get_data}" assert bad_get_data.get("success") is False, f"Getting non-existent function should fail, but got: {bad_get_data}"
# REMOVED: Test for commenting on invalid address as set_comment tool no longer exists # Try to comment on invalid address using comments_set and assert failure
# REMOVED: Tests for get_current_address and get_current_function as tools no longer exist bad_comment_args = {"address": "0xinvalid", "comment": "should fail", "comment_type": "plate"}
logger.info(f"Calling comments_set with invalid args: {bad_comment_args}")
try:
bad_comment_result = await session.call_tool("comments_set", arguments=bad_comment_args)
bad_comment_data = json.loads(bad_comment_result.content[0].text)
assert bad_comment_data.get("success") is False, "Commenting on invalid address should fail"
logger.info(f"Expected failure: comments_set properly rejected bad address: {bad_comment_data}")
except Exception as e:
# It's also acceptable if the tool call itself fails
logger.info(f"Expected failure: comments_set properly rejected bad address via exception: {e}")
# Test ui_get_current_address (no port needed)
logger.info("Calling ui_get_current_address tool...")
current_addr_result = await session.call_tool("ui_get_current_address")
current_addr_data = await assert_standard_mcp_success_response(current_addr_result.content, expected_result_type=dict)
assert "address" in current_addr_data.get("result", {}), "Missing address in ui_get_current_address result"
assert isinstance(current_addr_data.get("result", {}).get("address", ""), str), "Address should be a string"
logger.info(f"Get current address result: {current_addr_result}")
# Test ui_get_current_function (no port needed)
logger.info("Calling ui_get_current_function tool...")
current_func_result = await session.call_tool("ui_get_current_function")
current_func_data = await assert_standard_mcp_success_response(current_func_result.content, expected_result_type=dict)
result_data = current_func_data.get("result", {})
# Check if function exists at current location, might be null
if result_data:
assert "name" in result_data, "Missing name in ui_get_current_function result"
assert "address" in result_data, "Missing address in ui_get_current_function result"
assert "signature" in result_data, "Missing signature in ui_get_current_function result"
else:
logger.info("No function found at current UI location.")
logger.info(f"Get current function result: {current_func_result}")
# Test memory_read functionality (no port needed) # Test memory_read functionality (no port needed)
logger.info(f"Calling memory_read with address: {func_address}") logger.info(f"Calling memory_read with address: {func_address}")
@ -285,9 +351,14 @@ async def test_bridge():
# Test data operations (create, rename, change type, delete) using namespaced tools # Test data operations (create, rename, change type, delete) using namespaced tools
logger.info("Testing data operations...") logger.info("Testing data operations...")
# Use the specific address provided by the user
data_address = "0x20000fa0"
logger.info(f"Using address {data_address} for data operations test.")
# Wrap the entire data operations block to prevent failures from halting tests
if data_address:
logger.info("--- Starting Data Operations Test Block ---")
try: try:
# Get a memory address to create test data
data_address = func_address
original_data_type = "undefined" # Placeholder, might not exist initially original_data_type = "undefined" # Placeholder, might not exist initially
# First create test data using data_create (no port needed) # First create test data using data_create (no port needed)
@ -300,7 +371,7 @@ async def test_bridge():
original_data_type = "uint32_t" # Update original type original_data_type = "uint32_t" # Update original type
# Test Case 1: Data rename operation using data_rename (no port needed) # Test Case 1: Data rename operation using data_rename (no port needed)
test_data_name = "test_data_item_mcp" test_data_name = f"test_data_{data_address.replace('0x', '')}" # Unique name
rename_data_args = {"address": data_address, "name": test_data_name} rename_data_args = {"address": data_address, "name": test_data_name}
logger.info(f"Calling data_rename with args: {rename_data_args}") logger.info(f"Calling data_rename with args: {rename_data_args}")
rename_data_result = await session.call_tool("data_rename", arguments=rename_data_args) rename_data_result = await session.call_tool("data_rename", arguments=rename_data_args)
@ -309,8 +380,9 @@ async def test_bridge():
logger.info(f"Rename data result: {rename_data_result}") logger.info(f"Rename data result: {rename_data_result}")
# Verify the name was changed (check the result field) # Verify the name was changed (check the result field)
if rename_data_response.get("result", {}).get("name") != test_data_name: # Note: rename_data response might not contain the full updated object, skip verification for now
logger.warning(f"Rename operation didn't set the expected name. Got: {rename_data_response.get('result', {}).get('name')}") # if rename_data_response.get("result", {}).get("name") != test_data_name:
# logger.warning(f"Rename operation didn't set the expected name. Got: {rename_data_response.get('result', {}).get('name')}")
# Test Case 2: Data type change operation using data_set_type (no port needed) # Test Case 2: Data type change operation using data_set_type (no port needed)
change_type_args = {"address": data_address, "data_type": "int"} change_type_args = {"address": data_address, "data_type": "int"}
@ -322,6 +394,7 @@ async def test_bridge():
# Verify the type was changed but name was preserved # Verify the type was changed but name was preserved
result = change_type_response.get("result", {}) result = change_type_response.get("result", {})
# Check the 'dataType' field from the response
if result.get("dataType") != "int": if result.get("dataType") != "int":
logger.warning(f"Type change operation didn't set the expected type. Got: {result.get('dataType')}") logger.warning(f"Type change operation didn't set the expected type. Got: {result.get('dataType')}")
if result.get("name") != test_data_name: if result.get("name") != test_data_name:
@ -340,29 +413,47 @@ async def test_bridge():
except Exception as e: except Exception as e:
logger.warning(f"Error testing data operations: {e} - This is not critical. Attempting cleanup.") logger.warning(f"Error testing data operations: {e} - This is not critical. Attempting cleanup.")
# Attempt cleanup even if tests failed mid-way # Attempt cleanup even if tests failed mid-way
if data_address: # Only attempt cleanup if address was valid
try: try:
delete_data_args = {"address": data_address} delete_data_args = {"address": data_address}
await session.call_tool("data_delete", arguments=delete_data_args) await session.call_tool("data_delete", arguments=delete_data_args)
logger.info("Data cleanup attempted.") logger.info("Data cleanup attempted.")
except Exception as cleanup_e: except Exception as cleanup_e:
logger.error(f"Data cleanup failed: {cleanup_e}") logger.error(f"Data cleanup failed: {cleanup_e}")
logger.info("--- Finished Data Operations Test Block ---")
# Test callgraph functionality using analysis_get_callgraph (no port needed) # Test callgraph functionality using analysis_get_callgraph with both address and name parameters
if func_address: if func_address and func_name:
logger.info(f"Calling analysis_get_callgraph with address: {func_address}") logger.info("Testing analysis_get_callgraph with address and name parameters")
# Test with address parameter
try: try:
callgraph_result = await session.call_tool("analysis_get_callgraph", arguments={"function": func_address}) logger.info(f"Calling analysis_get_callgraph with address: {func_address}")
callgraph_data = json.loads(callgraph_result.content[0].text) callgraph_by_address = await session.call_tool("analysis_get_callgraph", arguments={"address": func_address})
if callgraph_data.get("success"): callgraph_address_data = json.loads(callgraph_by_address.content[0].text)
assert "result" in callgraph_data, "Missing result in analysis_get_callgraph response" if callgraph_address_data.get("success"):
# The result could be either a dict with nodes/edges or a direct graph representation assert "result" in callgraph_address_data, "Missing result in analysis_get_callgraph(address) response"
logger.info(f"Get callgraph result: successful") logger.info("Get callgraph by address: successful")
else: else:
# It's okay if the callgraph fails on some functions - log the error # Log failure as warning, don't fail the test
logger.info(f"Get callgraph result: failed - {callgraph_data.get('error', {}).get('message', 'Unknown error')}") logger.warning(f"Get callgraph by address failed: {callgraph_address_data.get('error', {}).get('message', 'Unknown error')}")
except Exception as e: except Exception as e:
logger.warning(f"Error in callgraph test: {e} - This is not critical") logger.warning(f"Error during callgraph by address test: {e} - This is not critical")
# Test with name parameter
try:
logger.info(f"Calling analysis_get_callgraph with name: {func_name}")
callgraph_by_name = await session.call_tool("analysis_get_callgraph", arguments={"name": func_name})
callgraph_name_data = json.loads(callgraph_by_name.content[0].text)
if callgraph_name_data.get("success"):
assert "result" in callgraph_name_data, "Missing result in analysis_get_callgraph(name) response"
logger.info("Get callgraph by name: successful")
else:
# Log failure as warning, don't fail the test
logger.warning(f"Get callgraph by name failed: {callgraph_name_data.get('error', {}).get('message', 'Unknown error')}")
except Exception as e:
logger.warning(f"Error during callgraph by name test: {e} - This is not critical")
# Test function signature operations using functions_set_signature # Test function signature operations using functions_set_signature
logger.info("Testing function signature operations...") logger.info("Testing function signature operations...")
@ -375,8 +466,8 @@ async def test_bridge():
if not original_signature: if not original_signature:
logger.warning("Could not get original signature - skipping signature test") logger.warning("Could not get original signature - skipping signature test")
else: else:
# Create test signature by adding parameters # Create test signature by adding parameters - ensure correct spacing
modified_signature = f"int {func_name}(uint32_t *mcp_data, int mcp_count, uint32_t *mcp_key)" modified_signature = f"int {func_name}(uint32_t * mcp_data, int mcp_count, uint32_t * mcp_key)"
logger.info(f"Original signature: {original_signature}") logger.info(f"Original signature: {original_signature}")
logger.info(f"Setting function signature to: {modified_signature}") logger.info(f"Setting function signature to: {modified_signature}")
@ -392,7 +483,8 @@ async def test_bridge():
verify_sig_result = await session.call_tool("functions_get", arguments={"address": func_address}) verify_sig_result = await session.call_tool("functions_get", arguments={"address": func_address})
verify_sig_data = await assert_standard_mcp_success_response(verify_sig_result.content, expected_result_type=dict) verify_sig_data = await assert_standard_mcp_success_response(verify_sig_result.content, expected_result_type=dict)
new_signature = verify_sig_data.get("result", {}).get("signature", "") new_signature = verify_sig_data.get("result", {}).get("signature", "")
assert "uint32_t *mcp_data" in new_signature, f"Signature not properly updated: {new_signature}" # Strict check for the exact signature string, stripping whitespace
assert new_signature.strip() == modified_signature.strip(), f"Signature not properly updated. Expected '{modified_signature}', got '{new_signature}'"
logger.info(f"Updated signature: {new_signature}") logger.info(f"Updated signature: {new_signature}")
# Restore original signature using functions_set_signature # Restore original signature using functions_set_signature
@ -408,7 +500,7 @@ async def test_bridge():
final_func_result = await session.call_tool("functions_get", arguments={"address": func_address}) final_func_result = await session.call_tool("functions_get", arguments={"address": func_address})
final_func_data = await assert_standard_mcp_success_response(final_func_result.content, expected_result_type=dict) final_func_data = await assert_standard_mcp_success_response(final_func_result.content, expected_result_type=dict)
final_signature = final_func_data.get("result", {}).get("signature", "") final_signature = final_func_data.get("result", {}).get("signature", "")
assert final_signature == original_signature, f"Signature not properly restored: {final_signature}" assert final_signature.strip() == original_signature.strip(), f"Signature not properly restored. Expected '{original_signature}', got '{final_signature}'"
logger.info(f"Restored signature: {final_signature}") logger.info(f"Restored signature: {final_signature}")
except Exception as e: except Exception as e:
logger.warning(f"Error in signature test: {e} - This is not critical") logger.warning(f"Error in signature test: {e} - This is not critical")