Python源码示例:idaapi.get_name()
示例1
def find_interesting_xors(self):
next_xor = idc.FindText(idc.MinEA(), idc.SEARCH_DOWN|idc.SEARCH_NEXT, 0, 0, "xor")
while next_xor != idc.BADADDR:
if idc.GetOpnd(next_xor, 0) != idc.GetOpnd(next_xor, 1):
entry = {"func":"", "addr": next_xor, "loop":False, "disasm": idc.GetDisasm(next_xor)}
func = idaapi.get_func(next_xor)
if func:
entry["func"] = idaapi.get_name(idc.BADADDR, func.startEA)
heads = idautils.Heads(next_xor, func.endEA)
lxors = []
for head in heads:
if idc.GetMnem(head).startswith('j'):
jmp_addr = idc.GetOperandValue(head,0)
if jmp_addr < next_xor and jmp_addr > func.startEA:
entry["loop"] = True
break
self._interesting_xors.append(entry)
next_xor = idc.FindText(idc.NextHead(next_xor), idc.SEARCH_DOWN|idc.SEARCH_NEXT, 0, 0, "xor")
示例2
def get_area_name(self, ea, val_type):
name = None
if val_type == T_CODE:
fcn_name = idc.get_func_off_str(ea)
if fcn_name:
name = fcn_name
else:
symbol_name = idaapi.get_name(ea)
if symbol_name:
name = symbol_name
else:
symbol_name = idaapi.get_name(ea)
if symbol_name:
name = symbol_name
seg_name = idc.get_segm_name(ea)
if seg_name is not None:
if name:
name = "%s ! %s" % (seg_name, name)
else:
name = seg_name
return name
示例3
def Texts(*args):
"""
Enumerate text search matches
@param <range>: see getrange
@param searchstr: string or regex
@param flags: for instance SEARCH_REGEX
@return: list of addresses matching searchstr
Example::
for ea in Texts((FirstSeg(), BADADDR), "LDR *PC, =", SEARCH_REGEX):
f = idaapi.get_func(ea)
if f and f.start_ea==ea:
n= idaapi.get_name(BADADDR, ea)
if not n.startswith("sub_"):
MakeName(ea, "j_%s" %n)
Will search for functions containing only "LDR PC, =xxxxx",
and rename them as j_XXXXX.
"""
(first, last)= getrange(args)
i= getstringpos(args)
if i<0:
raise Exception("missing searchstring")
searchstr= args[i]
flags = args[i+1] if i+1<len(args) else 0
ea= idaapi.find_text(first, idaapi.SEARCH_DOWN|flags, 0, 0, searchstr)
while ea!=idaapi.BADADDR and ea<last:
yield ea
ea= idaapi.find_text(idaapi.next_head(ea, last), idaapi.SEARCH_DOWN|flags, 0, 0, searchstr)
示例4
def get_function_raw_name_at(self, function_address):
return idaapi.get_name(function_address)
示例5
def get_jlocs(self, sw):
jlocs = []
ncases = sw.ncases if sw.jcases == 0 else sw.jcases
for i in range(ncases):
addr = idc.Dword(sw.jumps+i*4)
name = idaapi.get_name(idc.BADADDR, addr)
comm = idc.GetCommentEx(idc.LocByName(name), 1)
comm = comm[comm.find('case'):] if comm is not None and comm.startswith('jumptable') else comm
jlocs.append((name, idc.LocByName(name), comm))
return jlocs
示例6
def name(func):
'''Return the name of the function `func`.'''
get_name = functools.partial(idaapi.get_name, idaapi.BADADDR) if idaapi.__version__ < 7.0 else idaapi.get_name
# check to see if it's a runtime-linked function
rt, ea = interface.addressOfRuntimeOrStatic(func)
if rt:
name = get_name(ea)
# decode the string from IDA's UTF-8
# XXX: how does demangling work with unicode? this would be implementation specific, no?
res = utils.string.of(name)
# demangle it if necessary
return internal.declaration.demangle(res) if internal.declaration.mangledQ(res) else res
#return internal.declaration.extract.fullname(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res
# otherwise it's a regular function, so try and get its name in a couple of ways
name = idaapi.get_func_name(ea)
if not name: name = get_name(ea)
if not name: name = idaapi.get_true_name(ea, ea) if idaapi.__version__ < 6.8 else idaapi.get_ea_name(ea, idaapi.GN_VISIBLE)
# decode the string from IDA's UTF-8
# XXX: how does demangling work with unicode? this would be implementation specific, no?
res = utils.string.of(name)
# demangle it if we need to
return internal.declaration.demangle(res) if internal.declaration.mangledQ(res) else res
#return internal.declaration.extract.fullname(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res
#return internal.declaration.extract.name(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res
