feat: Implement Structor plugin for automated structure synthesis

This commit introduces the initial codebase for Structor, an IDA Pro/Hex-Rays plugin designed to reconstruct C structures from raw pointer arithmetic found in decompiled code. The plugin analyzes access patterns (e.g., `*(ptr + 8)`) to infer field offsets, sizes, and types, automatically generating and applying structure definitions to the IDB.

include/structor/access_collector.hpp:
- Implements AccessPatternVisitor, a ctree_visitor_t subclass that traverses Hex-Rays ASTs.
- Collects memory access patterns (dereferences, member pointers, array indices) relative to a specific variable.
- Records offset, size, and semantic context (read/write/call) for every access.

include/structor/layout_synthesizer.hpp:
- Implements the logic to transform raw access patterns into a coherent structure layout.
- Handles conflict resolution for overlapping accesses (detecting unions).
- Automatically inserts padding bytes to maintain alignment.
- Infers field types based on usage context (e.g., float vs int, pointer vs value).

include/structor/vtable_detector.hpp:
- Adds logic to recognize C++ virtual table patterns (double dereferences followed by calls).
- Synthesizes vtable structures with function pointer slots based on call indices.
- Attempts to recover function signatures for vtable slots from call sites.

include/structor/type_propagator.hpp:
- Implements recursive type propagation to spread synthesized structures to callers and callees.
- Supports configurable depth and direction (forward/backward) to maximize coverage.

include/structor/pseudocode_rewriter.hpp:
- Provides mechanisms to refresh the decompiler view and apply user comments.
- Includes logic to highlight transformed expressions for visual feedback.

include/structor/ui_integration.hpp:
- Registers the "Synthesize Structure" action and binds it to Shift+S.
- Installs Hex-Rays callback hooks to enable context menu integration.

include/structor/api.hpp, src/python_bindings.cpp:
- Exposes core functionality via IDC and IDAPython (structor_synthesize).
- Allows headless/batch operation for automated analysis pipelines.

CMakeLists.txt, Makefile:
- Sets up the build system for the plugin, targeting the IDA SDK.
- Configures GoogleTest integration for unit testing.

integration_tests/:
- Adds a comprehensive suite of C test binaries (vtable, linked list, nested structs) and IDAPython scripts to validate synthesis accuracy.

Impact:
- Users can now position the cursor on a void* variable in the decompiler and press Shift+S to automatically generate a typed structure.
- Reduces manual effort required to reverse engineer complex data structures.
- Introduces a new binary dependency (structor64.dylib/so/dll) to the plugin directory.

Author: 19h

.github/workflows/build.yml

@@ -0,0 +1,181 @@
+name: Build Structor Plugin
+
+on:
+  push:
+    branches: [ master, main ]
+    tags: [ 'v*' ]
+  pull_request:
+    branches: [ master, main ]
+  workflow_dispatch:
+
+env:
+  IDA_SDK_REPO: HexRaysSA/ida-sdk
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - os: macos-latest
+            name: macos-x86_64
+            cmake_arch: x86_64
+          - os: macos-latest
+            name: macos-arm64
+            cmake_arch: arm64
+          - os: ubuntu-latest
+            name: linux-x86_64
+          - os: windows-latest
+            name: windows-x86_64
+            cmake_arch: x64
+
+    runs-on: ${{ matrix.os }}
+    name: Build ${{ matrix.name }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Checkout IDA SDK
+        uses: actions/checkout@v4
+        with:
+          repository: ${{ env.IDA_SDK_REPO }}
+          path: ida-sdk
+
+      - name: Setup MSVC (Windows)
+        if: runner.os == 'Windows'
+        uses: ilammy/msvc-dev-cmd@v1
+        with:
+          arch: ${{ matrix.cmake_arch }}
+
+      - name: Install dependencies (Linux)
+        if: runner.os == 'Linux'
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y build-essential cmake
+
+      - name: Configure CMake (macOS)
+        if: runner.os == 'macOS'
+        run: |
+          mkdir -p build
+          cd build
+          cmake .. \
+            -DCMAKE_BUILD_TYPE=Release \
+            -DCMAKE_OSX_ARCHITECTURES=${{ matrix.cmake_arch }} \
+            -DIDA_SDK_DIR=${{ github.workspace }}/ida-sdk/src
+
+      - name: Configure CMake (Linux)
+        if: runner.os == 'Linux'
+        run: |
+          mkdir -p build
+          cd build
+          cmake .. \
+            -DCMAKE_BUILD_TYPE=Release \
+            -DIDA_SDK_DIR=${{ github.workspace }}/ida-sdk/src
+
+      - name: Configure CMake (Windows)
+        if: runner.os == 'Windows'
+        run: |
+          mkdir build -Force
+          cd build
+          cmake .. -G "Visual Studio 17 2022" -A ${{ matrix.cmake_arch }} -DIDA_SDK_DIR=${{ github.workspace }}/ida-sdk/src
+
+      - name: Build (Unix)
+        if: runner.os != 'Windows'
+        run: |
+          cd build
+          cmake --build . --config Release -j$(nproc 2>/dev/null || sysctl -n hw.ncpu)
+
+      - name: Build (Windows)
+        if: runner.os == 'Windows'
+        run: |
+          cd build
+          cmake --build . --config Release
+
+      - name: Find built plugin (Unix)
+        if: runner.os != 'Windows'
+        id: find_plugin_unix
+        run: |
+          if [ "${{ runner.os }}" = "macOS" ]; then
+            PLUGIN_FILE=$(find build -name "structor64.dylib" -type f | head -1)
+            EXT="dylib"
+          else
+            PLUGIN_FILE=$(find build -name "structor64.so" -type f | head -1)
+            EXT="so"
+          fi
+
+          if [ -z "$PLUGIN_FILE" ]; then
+            echo "ERROR: Could not find built plugin"
+            find build -type f -name "structor*"
+            exit 1
+          fi
+
+          echo "plugin_file=$PLUGIN_FILE" >> $GITHUB_OUTPUT
+          echo "extension=$EXT" >> $GITHUB_OUTPUT
+          echo "Found plugin: $PLUGIN_FILE"
+
+      - name: Find built plugin (Windows)
+        if: runner.os == 'Windows'
+        id: find_plugin_windows
+        shell: pwsh
+        run: |
+          $plugin = Get-ChildItem -Path build -Recurse -Filter "structor64.dll" | Select-Object -First 1
+          if ($null -eq $plugin) {
+            Write-Error "Could not find built plugin"
+            Get-ChildItem -Path build -Recurse -Filter "structor*"
+            exit 1
+          }
+          echo "plugin_file=$($plugin.FullName)" >> $env:GITHUB_OUTPUT
+          echo "extension=dll" >> $env:GITHUB_OUTPUT
+          Write-Host "Found plugin: $($plugin.FullName)"
+
+      - name: Prepare artifact (Unix)
+        if: runner.os != 'Windows'
+        run: |
+          mkdir -p artifacts
+          cp "${{ steps.find_plugin_unix.outputs.plugin_file }}" "artifacts/structor64_${{ matrix.name }}.${{ steps.find_plugin_unix.outputs.extension }}"
+
+      - name: Prepare artifact (Windows)
+        if: runner.os == 'Windows'
+        shell: pwsh
+        run: |
+          New-Item -ItemType Directory -Force -Path artifacts
+          Copy-Item "${{ steps.find_plugin_windows.outputs.plugin_file }}" "artifacts/structor64_${{ matrix.name }}.${{ steps.find_plugin_windows.outputs.extension }}"
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: structor-${{ matrix.name }}
+          path: artifacts/
+          retention-days: 30
+
+  release:
+    if: startsWith(github.ref, 'refs/tags/v')
+    needs: build
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+
+    steps:
+      - name: Download all artifacts
+        uses: actions/download-artifact@v4
+        with:
+          path: artifacts
+
+      - name: Prepare release files
+        run: |
+          mkdir -p release
+          find artifacts -type f \( -name "*.dylib" -o -name "*.so" -o -name "*.dll" \) -exec cp {} release/ \;
+          ls -la release/
+
+      - name: Create Release
+        uses: softprops/action-gh-release@v1
+        with:
+          files: release/*
+          generate_release_notes: true
+          draft: false
+          prerelease: ${{ contains(github.ref, '-') }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,96 @@
+# Build directories
+build/
+cmake-build-*/
+out/
+
+# CMake generated files
+CMakeCache.txt
+CMakeFiles/
+cmake_install.cmake
+install_manifest.txt
+CTestTestfile.cmake
+*.ninja
+.ninja_deps
+.ninja_log
+
+# Compiled Object files
+*.o
+*.obj
+*.lo
+*.slo
+
+# Precompiled Headers
+*.gch
+*.pch
+
+# Compiled Dynamic libraries
+*.so
+*.dylib
+*.dll
+
+# Compiled Static libraries
+*.a
+*.lib
+*.la
+
+# Executables
+*.exe
+*.out
+*.app
+
+# IDA Pro files
+*.i64
+*.idb
+*.id0
+*.id1
+*.id2
+*.nam
+*.til
+*.bnm
+
+# macOS
+.DS_Store
+.AppleDouble
+.LSOverride
+._*
+
+# Linux
+*~
+.directory
+
+# Windows
+Thumbs.db
+Desktop.ini
+
+# IDEs and editors
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.project
+.cproject
+.settings/
+*.code-workspace
+
+# Logs and databases
+*.log
+*.sql
+*.sqlite
+
+# Temporary files
+*.tmp
+*.temp
+*.bak
+*.orig
+
+# Temporary test files
+foo
+foo.c
+
+# Test binaries
+tests/string_obfuscation/test_strings
+*.dSYM/
+
+.cache
+.claude