Python源码示例:idaapi.BADADDR
示例1
def Addrs(*args):
"""
Enumerate all addresses
@param <range>: see getrange
@return: list of all addresses in range
"""
(first, last)= getrange(args)
# note: problem when using range(...) for ea>=2^31
# TODO: problem when last == BADADDR
ea = first
while ea!=BADADDR and ea<last:
yield ea
ea = idc.NextAddr(ea)
示例2
def BytesThat(*args):
"""
Enumerate array items
@param <range>: see getrange
@param callable: function which tests the flags
@return: list of all addresses where callable(GetFlags(ea)) is True
"""
(first, last)= getrange(args)
i= getcallablepos(args)
if i<0:
raise Exception("missing callable")
callable= args[i]
ea= first
if ea<last and not callable(idaapi.get_full_flags(ea)):
ea= idaapi.nextthat(ea, last, callable)
while ea!=BADADDR and ea<last:
yield ea
ea= idaapi.nextthat(ea, last, callable)
示例3
def Heads(*args):
"""
Enumerate array items
@param <range>: see getrange
@return: list of all heads
"""
(first, last)= getrange(args)
ea= first
if ea<last and not idaapi.is_head(idaapi.get_full_flags(ea)):
ea= idaapi.next_head(ea, last)
while ea!=BADADDR and ea<last:
yield ea
ea= idaapi.next_head(ea, last)
示例4
def NotTails(*args):
"""
Enumerate array items
@param <range>: see getrange
@return: list of all not-tails
Note that NotTails includes all Heads plus all undefined bytes
"""
(first, last)= getrange(args)
ea= first
if ea<last and idaapi.is_tail(idaapi.get_full_flags(ea)):
ea= idaapi.next_not_tail(ea)
while ea!=BADADDR and ea<last:
yield ea
ea= idaapi.next_not_tail(ea)
示例5
def Heads(start=None, end=None):
"""
Get a list of heads (instructions or data)
@param start: start address (default: inf.minEA)
@param end: end address (default: inf.maxEA)
@return: list of heads between start and end
"""
if not start: start = idaapi.cvar.inf.minEA
if not end: end = idaapi.cvar.inf.maxEA
ea = start
if not idc.isHead(idc.GetFlags(ea)):
ea = idaapi.next_head(ea, end)
while ea != idaapi.BADADDR:
yield ea
ea = idaapi.next_head(ea, end)
示例6
def StructMembers(sid):
"""
Get a list of structure members information (or stack vars if given a frame).
@param sid: ID of the structure.
@return: List of tuples (offset, name, size)
@note: If 'sid' does not refer to a valid structure,
an exception will be raised.
@note: This will not return 'holes' in structures/stack frames;
it only returns defined structure members.
"""
m = idc.GetFirstMember(sid)
if m == -1:
raise Exception("No structure with ID: 0x%x" % sid)
while (m != idaapi.BADADDR):
name = idc.GetMemberName(sid, m)
if name:
yield (m, name, idc.GetMemberSize(sid, m))
m = idc.GetStrucNextOff(sid, m)
示例7
def IsPrevInsnCall(ea):
"""
Given a return address, this function tries to check if previous instruction
is a CALL instruction
"""
global CallPattern
if ea == idaapi.BADADDR or ea < 10:
return None
for delta, opcodes in CallPattern:
# assume caller's ea
caller = ea + delta
# get the bytes
bytes = [x for x in GetDataList(caller, len(opcodes), 1)]
# do we have a match? is it a call instruction?
if bytes == opcodes and idaapi.is_call_insn(caller):
return caller
return None
# -----------------------------------------------------------------------
示例8
def read_leb128(ea, signed):
""" Read LEB128 encoded data
"""
val = 0
shift = 0
while True:
byte = idc.get_wide_byte(ea)
val |= (byte & 0x7F) << shift
shift += 7
ea += 1
if (byte & 0x80) == 0:
break
if shift > 64:
DEBUG("Bad leb128 encoding at {0:x}".format(ea - shift/7))
return idc.BADADDR
if signed and (byte & 0x40):
val -= (1<<shift)
return val, ea
示例9
def fix_addresses(start=None, end=None):
"""Set missing addresses to start and end of IDB.
Take a start and end addresses. If an address is None or `BADADDR`,
return start or end addresses of the IDB instead.
Args
start: Start EA. Use `None` to get IDB start.
end: End EA. Use `None` to get IDB end.
Returns:
(start, end)
"""
if start in (None, idaapi.BADADDR):
start = idaapi.cvar.inf.minEA
if end in (None, idaapi.BADADDR):
end = idaapi.cvar.inf.maxEA
return start, end
示例10
def create_struct(name):
"""Create a structure.
Args:
name: The structure's name
Returns:
The sturct ID
Raises:
exceptions.SarkStructAlreadyExists: A struct with the same name already exists
exceptions.SarkCreationFailed: Struct creation failed
"""
sid = idaapi.get_struc_id(name)
if sid != idaapi.BADADDR:
# The struct already exists.
raise exceptions.SarkStructAlreadyExists("A struct names {!r} already exists.".format(name))
sid = idaapi.add_struc(idaapi.BADADDR, name, 0)
if sid == idaapi.BADADDR:
raise exceptions.SarkStructCreationFailed("Struct creation failed.")
return sid
示例11
def get_struct(name):
"""Get a struct by it's name.
Args:
name: The name of the struct
Returns:
The struct's id
Raises:
exceptions.SarkStructNotFound: is the struct does not exist.
"""
sid = idaapi.get_struc_id(name)
if sid == idaapi.BADADDR:
raise exceptions.SarkStructNotFound()
return sid
示例12
def _uninstall_load_file(self):
"""
Remove the 'File->Load file->Code coverage file...' menu entry.
"""
# remove the entry from the File-> menu
result = idaapi.detach_action_from_menu(
"File/Load file/",
self.ACTION_LOAD_FILE
)
if not result:
return False
# unregister the action
result = idaapi.unregister_action(self.ACTION_LOAD_FILE)
if not result:
return False
# delete the entry's icon
idaapi.free_custom_icon(self._icon_id_file)
self._icon_id_file = idaapi.BADADDR
logger.info("Uninstalled the 'Code coverage file' menu entry")
示例13
def _uninstall_load_batch(self):
"""
Remove the 'File->Load file->Code coverage batch...' menu entry.
"""
# remove the entry from the File-> menu
result = idaapi.detach_action_from_menu(
"File/Load file/",
self.ACTION_LOAD_BATCH
)
if not result:
return False
# unregister the action
result = idaapi.unregister_action(self.ACTION_LOAD_BATCH)
if not result:
return False
# delete the entry's icon
idaapi.free_custom_icon(self._icon_id_batch)
self._icon_id_batch = idaapi.BADADDR
logger.info("Uninstalled the 'Code coverage batch' menu entry")
示例14
def _uninstall_open_coverage_xref(self):
"""
Remove the right click 'Coverage Xref' context menu entry.
"""
self._ui_hooks.unhook()
# unregister the action
result = idaapi.unregister_action(self.ACTION_COVERAGE_XREF)
if not result:
return False
# delete the entry's icon
idaapi.free_custom_icon(self._icon_id_xref)
self._icon_id_xref = idaapi.BADADDR
logger.info("Uninstalled the 'Coverage Xref' menu entry")
示例15
def activate(self, ctx):
if self.action == ACTION_HX_REMOVERETTYPE:
vdui = idaapi.get_widget_vdui(ctx.widget)
self.remove_rettype(vdui)
vdui.refresh_ctext()
elif self.action == ACTION_HX_COPYEA:
ea = idaapi.get_screen_ea()
if ea != idaapi.BADADDR:
copy_to_clip("0x%X" % ea)
print("Address 0x%X has been copied to clipboard" % ea)
elif self.action == ACTION_HX_COPYNAME:
name = idaapi.get_highlight(idaapi.get_current_viewer())[0]
if name:
copy_to_clip(name)
print("%s has been copied to clipboard" % name)
elif self.action == ACTION_HX_GOTOCLIP:
loc = parse_location(clip_text())
print("Goto location 0x%x" % loc)
idc.jumpto(loc)
else:
return 0
return 1
示例16
def callback(self, event, *args):
if event == idaapi.hxe_populating_popup:
form, phandle, vu = args
if vu.item.citype == idaapi.VDI_FUNC or (vu.item.citype == idaapi.VDI_EXPR and vu.item.e.is_expr() and vu.item.e.type.is_funcptr()):
idaapi.attach_action_to_popup(form, phandle, ACTION_HX_REMOVERETTYPE, None)
elif event == idaapi.hxe_double_click:
vu, shift_state = args
# auto jump to target if clicked item is xxx->func();
if vu.item.citype == idaapi.VDI_EXPR and vu.item.e.is_expr():
expr = idaapi.tag_remove(vu.item.e.print1(None))
if "->" in expr:
# find target function
name = expr.split("->")[-1]
addr = idc.get_name_ea_simple(name)
if addr == idaapi.BADADDR:
# try class::function
e = vu.item.e
while e.x:
e = e.x
addr = idc.get_name_ea_simple("%s::%s" % (str(e.type).split()[0], name))
if addr != idaapi.BADADDR:
idc.jumpto(addr)
return 1
return 0
示例17
def extract_addresses(self):
'''A set of addresses associated with the line'''
anchor = idaapi.ctree_anchor_t()
line = copy(self.widget.line)
addresses = set()
while len(line) > 0:
skipcode_index = idaapi.tag_skipcode(line)
if skipcode_index == 0: # No code found
line = line[1:] # Skip one character ahead
else:
if tag_addrcode(line):
addr_tag = int(line[2:skipcode_index], 16)
anchor.value = addr_tag
if anchor.is_citem_anchor() \
and not anchor.is_blkcmt_anchor():
address = self.parent.treeitems.at(addr_tag).ea
if address != idaapi.BADADDR:
addresses.add(address)
line = line[skipcode_index:] # Skip the colorcodes
return addresses
示例18
def dissolve(cls, flag, typeid, size):
'''Convert the specified `flag`, `typeid`, and `size` into a pythonic type.'''
FF_STRUCT = idaapi.FF_STRUCT if hasattr(idaapi, 'FF_STRUCT') else idaapi.FF_STRU
dt = flag & cls.FF_MASKSIZE
sf = -1 if flag & idaapi.FF_SIGN == idaapi.FF_SIGN else +1
if dt == FF_STRUCT and isinstance(typeid, six.integer_types):
# FIXME: figure out how to fix this recursive module dependency
t = sys.modules.get('structure', __import__('structure')).by_identifier(typeid)
sz = t.size
return t if sz == size else [t, size // sz]
if dt not in cls.inverted:
raise internal.exceptions.InvalidTypeOrValueError(u"{:s}.dissolve({!r}, {!r}, {!r}) : Unable to locate a pythonic type that matches the specified flag.".format('.'.join(('internal', __name__, cls.__name__)), dt, typeid, size))
t, sz = cls.inverted[dt]
# if the type and size are the same, then it's a string or pointer type
if not isinstance(sz, six.integer_types):
count = size // idaapi.get_data_elsize(idaapi.BADADDR, dt, idaapi.opinfo_t())
return [t, count] if count > 1 else t
# if the size matches, then we assume it's a single element
elif sz == size:
return t, (sz*sf)
# otherwise it's an array
return [(t, sz*sf), size // sz]
示例19
def Texts(*args):
"""
Enumerate text search matches
@param <range>: see getrange
@param searchstr: string or regex
@param flags: for instance SEARCH_REGEX
@return: list of addresses matching searchstr
Example::
for ea in Texts((FirstSeg(), BADADDR), "LDR *PC, =", SEARCH_REGEX):
f = idaapi.get_func(ea)
if f and f.start_ea==ea:
n= idaapi.get_name(BADADDR, ea)
if not n.startswith("sub_"):
MakeName(ea, "j_%s" %n)
Will search for functions containing only "LDR PC, =xxxxx",
and rename them as j_XXXXX.
"""
(first, last)= getrange(args)
i= getstringpos(args)
if i<0:
raise Exception("missing searchstring")
searchstr= args[i]
flags = args[i+1] if i+1<len(args) else 0
ea= idaapi.find_text(first, idaapi.SEARCH_DOWN|flags, 0, 0, searchstr)
while ea!=idaapi.BADADDR and ea<last:
yield ea
ea= idaapi.find_text(idaapi.next_head(ea, last), idaapi.SEARCH_DOWN|flags, 0, 0, searchstr)
示例20
def NonFuncs(*args):
"""
Enumerate code which is not in a function
@param <range>: see getrange
@return: list of addresses containing code, but not in a function
Example::
for ea in NonFuncs((FirstSeg(), BADADDR)):
if not MakeFunction(ea):
Jump(ea)
break
Wait()
Will try to change non-function code to function
until MakeFunction fails
"""
(first, last)= getrange(args)
ea = first
while ea!=idaapi.BADADDR and ea<last:
nextcode= idaapi.find_code(ea, idaapi.SEARCH_NEXT|idaapi.SEARCH_DOWN)
thischunk= idaapi.get_fchunk(ea)
nextchunk= idaapi.get_next_fchunk(ea)
if thischunk:
ea= thischunk.end_ea
elif idaapi.is_code(idaapi.get_full_flags(ea)):
yield ea
ea= idaapi.next_head(ea, last)
elif nextchunk is None:
return
elif nextcode<nextchunk.start_ea:
yield nextcode
ea= nextcode
else:
ea= nextchunk.end_ea
示例21
def Undefs(*args):
"""
Enumerate undefined bytes
@param <range>: see getrange
@return: list of addresses of undefined bytes
Example::
for ea in Undefs((FirstSeg(), BADADDR)):
if isCode(GetFlags(PrevHead(ea))) and (ea%4)!=0 and iszero(ea, 4-(ea%4)):
MakeAlign(ea, 4-(ea%4), 2)
Will add alignment directives after code.
"""
(first, last)= getrange(args)
ea= first
# explicitly testing first byte, since find_unknown
# implicitly sets SEARCH_NEXT flag
if ea<last and not ida_bytes.is_unknown(idaapi.get_full_flags(ea)):
ea= idaapi.find_unknown(ea, idaapi.SEARCH_DOWN)
while ea!=idaapi.BADADDR and ea<last:
yield ea
ea= idaapi.find_unknown(ea, idaapi.SEARCH_DOWN)
示例22
def Code(*args):
"""
Enumerate code bytes
@param <range>: see getrange
@return: list of addresses of code bytes
Example::
for ea in Code():
MakeUnkn(ea, DOUNK_EXPAND)
Wait()
Will delete all code in the selected area.
len(list(MakeUnkn(ea, DOUNK_EXPAND) and Wait() for ea in enumerators.Code(idaapi.getseg(here()))))
will delete all code in the current segment, and can be pasted in the command area of ida
"""
(first, last)= getrange(args)
ea= first
# explicitly testing first byte, since find_code
# implicitly sets SEARCH_NEXT flag
if ea<last and not idaapi.is_code(idaapi.get_full_flags(ea)):
ea= idaapi.find_code(ea, idaapi.SEARCH_DOWN)
while ea!=idaapi.BADADDR and ea<last:
yield ea
ea= idaapi.find_code(ea, idaapi.SEARCH_DOWN)
示例23
def refs(ea, funcfirst, funcnext):
"""
Generic reference collector - INTERNAL USE ONLY.
"""
ref = funcfirst(ea)
while ref != idaapi.BADADDR:
yield ref
ref = funcnext(ea, ref)
示例24
def Structs():
"""
Get a list of structures
@return: List of tuples (idx, sid, name)
"""
idx = idc.GetFirstStrucIdx()
while idx != idaapi.BADADDR:
sid = idc.GetStrucId(idx)
yield (idx, sid, idc.GetStrucName(sid))
idx = idc.GetNextStrucIdx(idx)
示例25
def DecodePrecedingInstruction(ea):
"""
Decode preceding instruction in the execution flow.
@param ea: address to decode
@return: (None or the decode instruction, farref)
farref will contain 'true' if followed an xref, false otherwise
"""
prev_addr, farref = idaapi.decode_preceding_insn(ea)
if prev_addr == idaapi.BADADDR:
return (None, False)
else:
return (idaapi.cmd.copy(), farref)
示例26
def is_invalid_ea(ea):
"""Returns `True` if `ea` is not valid, i.e. it doesn't point into any
valid segment."""
if (idc.BADADDR == ea) or \
(idc.get_segm_name(ea) == "LOAD"):
return True
try:
idc.get_segm_attr(idc.get_segm_start(ea), idc.SEGATTR_TYPE)
return False # If we get here, then it must be a valid ea!
except:
return True
示例27
def drefs_from(ea, only_one=False, check_fixup=True):
seen = False
has_one = only_one
fixup_ea = idc.BADADDR
if check_fixup:
fixup_ea = idc.get_fixup_target_off(ea)
if not is_invalid_ea(fixup_ea) and not is_code(fixup_ea):
seen = only_one
has_one = True
yield fixup_ea
if has_one and _stop_looking_for_xrefs(ea):
return
for target_ea in _xref_generator(ea, idaapi.get_first_dref_from, idaapi.get_next_dref_from):
if target_ea != fixup_ea and not is_invalid_ea(target_ea):
seen = only_one
yield target_ea
if seen:
return
if not seen and ea in _DREFS_FROM:
for target_ea in _DREFS_FROM[ea]:
yield target_ea
seen = only_one
if seen:
return
示例28
def crefs_from(ea, only_one=False, check_fixup=True):
flags = idc.get_full_flags(ea)
if not idc.is_code(flags):
return
fixup_ea = idc.BADADDR
seen = False
has_one = only_one
if check_fixup:
fixup_ea = idc.get_fixup_target_off(ea)
if not is_invalid_ea(fixup_ea) and is_code(fixup_ea):
seen = only_one
has_one = True
yield fixup_ea
if has_one and _stop_looking_for_xrefs(ea):
return
for target_ea in _xref_generator(ea, idaapi.get_first_cref_from, idaapi.get_next_cref_from):
if target_ea != fixup_ea and not is_invalid_ea(target_ea):
seen = only_one
yield target_ea
if seen:
return
if not seen and ea in _CREFS_FROM:
for target_ea in _CREFS_FROM[ea]:
seen = only_one
yield target_ea
if seen:
return
示例29
def make_head(ea):
flags = idc.get_full_flags(ea)
if not idc.is_head(flags):
# idc.SetFlags(ea, flags | idc.FF_DATA)
idc.create_data(ea, idc.FF_BYTE, 1, idc.BADADDR)
idaapi.auto_wait()
return is_head(ea)
return True
示例30
def add_func(func_ea,func_end=idaapi.BADADDR):
return idaapi.add_func(func_ea,func_end)
