本文整理汇总了Python中idc.FUNCATTR_END属性的典型用法代码示例。如果您正苦于以下问题:Python idc.FUNCATTR_END属性的具体用法?Python idc.FUNCATTR_END怎么用?Python idc.FUNCATTR_END使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类idc
的用法示例。
在下文中一共展示了idc.FUNCATTR_END属性的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _get_func_length
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def _get_func_length(func_addr):
"""
Return function's length.
"""
logger.debug('_get_func_length: {}'.format(func_addr))
# First check if this is a chunked function.
# If so, we abort.
if _is_func_chunked(func_addr):
return None
# raise FCatalogClientError('Function {:X} is chunked. Can not calculate'
# ' length.'.format(func_addr))
# Get the end of the function:
func_end = idc.GetFunctionAttr(func_addr,idc.FUNCATTR_END)
if func_end < func_addr:
return None
# raise FCatalogClientError('Function {:X} has end lower than start'.\
# format(func_addr))
# Calculate length and return:
return func_end - func_addr
示例2: get_function_end_address
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def get_function_end_address(ea):
"""
Get function end address
@param ea: function start_ea.
@return: The function end ea. If no function end ea found returns None.
"""
try:
if ea is None:
return None
func_attr_end = idc.GetFunctionAttr(ea, idc.FUNCATTR_END)
if func_attr_end == idc.BADADDR:
return None
return idc.PrevHead(func_attr_end, ea)
except Exception as ex:
raise RuntimeError("Count not locate end address for function %s: %s" % (hex(ea), ex))
示例3: enumerate_function_chunks
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def enumerate_function_chunks(f_start):
"""
The function gets a list of chunks for the function.
@f_start - first address of the function
@return - list of chunks
"""
# Enumerate all chunks in the function
chunks = list()
first_chunk = idc.FirstFuncFchunk(f_start)
chunks.append((first_chunk, idc.GetFchunkAttr(first_chunk, idc.FUNCATTR_END)))
next_chunk = first_chunk
while next_chunk != 0xffffffffL:
next_chunk = idc.NextFuncFchunk(f_start, next_chunk)
if next_chunk != 0xffffffffL:
chunks.append((next_chunk, idc.GetFchunkAttr(next_chunk, idc.FUNCATTR_END)))
return chunks
示例4: enumerate_function_chunks
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def enumerate_function_chunks(self, f_start):
"""
The function gets a list of chunks for the function.
@f_start - first address of the function
@return - list of chunks
"""
# Enumerate all chunks in the function
chunks = list()
first_chunk = idc.FirstFuncFchunk(f_start)
chunks.append((first_chunk, idc.GetFchunkAttr(first_chunk, idc.FUNCATTR_END)))
next_chunk = first_chunk
while next_chunk != 0xffffffffL:
next_chunk = idc.NextFuncFchunk(f_start, next_chunk)
if next_chunk != 0xffffffffL:
chunks.append((next_chunk, idc.GetFchunkAttr(next_chunk, idc.FUNCATTR_END)))
return chunks
示例5: getFuncRanges
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def getFuncRanges(ea, doAllFuncs):
if using_ida7api:
return getFuncRanges_ida7(ea, doAllFuncs)
if doAllFuncs:
funcs = []
funcGen = idautils.Functions(idc.SegStart(ea), idc.SegEnd(ea))
for i in funcGen:
funcs.append(i)
funcRanges = []
for i in range(len(funcs) - 1):
funcRanges.append( (funcs[i], funcs[i+1]) )
funcRanges.append( (funcs[-1], idc.SegEnd(ea)) )
return funcRanges
else:
#just get the range of the current function
fakeRanges = [( idc.GetFunctionAttr(idc.here(), idc.FUNCATTR_START), idc.GetFunctionAttr(idc.here(), idc.FUNCATTR_END)), ]
return fakeRanges
示例6: output_symbols
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def output_symbols(out):
"""Dump symbols."""
try:
from idaapi import get_func_name2 as get_func_name
# Since get_func_name is deprecated (at least from IDA 6.9)
except ImportError:
from idaapi import get_func_name
# Older versions of IDA don't have get_func_name2
# so we just use the older name get_func_name
def func_name_propagate_thunk(ea):
current_name = get_func_name(ea)
if current_name[0].isalpha():
return current_name
func = idaapi.get_func(ea)
temp_ptr = idaapi.ea_pointer()
ea_new = idaapi.BADADDR
if func.flags & idaapi.FUNC_THUNK == idaapi.FUNC_THUNK:
ea_new = idaapi.calc_thunk_func_target(func, temp_ptr.cast())
if ea_new != idaapi.BADADDR:
ea = ea_new
propagated_name = get_func_name(ea) or '' # Ensure it is not `None`
if len(current_name) > len(propagated_name) > 0:
return propagated_name
else:
return current_name
# Fallback to non-propagated name for weird times that IDA gives
# a 0 length name, or finds a longer import name
for ea in idautils.Segments():
fs = idautils.Functions(idc.SegStart(ea), idc.SegEnd(ea))
for f in fs:
out.write('("%s" 0x%x 0x%x)\n' % (
func_name_propagate_thunk(f),
idc.GetFunctionAttr(f, idc.FUNCATTR_START),
idc.GetFunctionAttr(f, idc.FUNCATTR_END)))
示例7: getMinorDispatchTableAddress
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def getMinorDispatchTableAddress(ea):
"""find address of last lea in function"""
start = idc.get_func_attr(ea, idc.FUNCATTR_START)
end = idc.prev_head( idc.get_func_attr(ea, idc.FUNCATTR_END), start)
res = prevMnemonic(end, 'lea', start)
assert res != idc.BADADDR
return idc.get_operand_value(res, 1)
示例8: getMajorDispatchTableAddress
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def getMajorDispatchTableAddress():
"""find quicktime major dispatch table"""
res = idc.get_name_ea_simple('theQuickTimeDispatcher')
res = nextMnemonic(res, 'lea', idc.get_func_attr(res, idc.FUNCATTR_END))
assert res != idc.BADADDR
return idc.get_operand_value(res, 1)
示例9: __init__
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def __init__(self, show_extra_fields):
self.addr = None
self.flags = None
self.show_extra_fields = show_extra_fields
self.names = [
'Name', 'Address', 'Segment', 'Length', 'Locals', 'Arguments'
]
self.handlers = {
0: lambda: None,
1: lambda: self.fmt(self.addr),
2: lambda: '{}'.format(idc.get_segm_name(self.addr)),
3: lambda: self.fmt(idc.get_func_attr(self.addr, idc.FUNCATTR_END) - self.addr),
4: lambda: self.fmt(idc.get_func_attr(self.addr, idc.FUNCATTR_FRSIZE)),
5: lambda: self.fmt(idc.get_func_attr(self.addr, idc.FUNCATTR_ARGSIZE))
}
if self.show_extra_fields:
self.names.extend(['R', 'F', 'L', 'S', 'B', 'T', '='])
# TODO: add Lumina column info
self.handlers.update({
6: lambda: self.is_true(not self.flags & idc.FUNC_NORET, 'R'),
7: lambda: self.is_true(self.flags & idc.FUNC_FAR, 'F'),
8: lambda: self.is_true(self.flags & idc.FUNC_LIB, 'L'),
9: lambda: self.is_true(self.flags & idc.FUNC_STATIC, 'S'),
10: lambda: self.is_true(self.flags & idc.FUNC_FRAME, 'B'),
11: lambda: self.is_true(idc.get_type(self.addr), 'T'),
12: lambda: self.is_true(self.flags & idc.FUNC_BOTTOMBP, '=')
})
示例10: getFuncRanges_ida7
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def getFuncRanges_ida7(ea, doAllFuncs):
if doAllFuncs:
funcs = []
funcGen = idautils.Functions(idc.get_segm_start(ea), idc.get_segm_end(ea))
for i in funcGen:
funcs.append(i)
funcRanges = []
for i in range(len(funcs) - 1):
funcRanges.append( (funcs[i], funcs[i+1]) )
funcRanges.append( (funcs[-1], idc.get_segm_end(ea)) )
return funcRanges
else:
#just get the range of the current function
fakeRanges = [( idc.get_func_attr(idc.here(), idc.FUNCATTR_START), idc.get_func_attr(idc.here(), idc.FUNCATTR_END)), ]
return fakeRanges
示例11: getIvarTypeFromFunc
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def getIvarTypeFromFunc(self, eh, va):
if va in self.ivarSetters:
return self.ivarSetters[va]
elif va in self.notIvarSetters:
return UNKNOWN
addr = va
endVa = idc.get_func_attr(va, idc.FUNCATTR_END)
if endVa - va < 0x20:
ivarVa = None
while addr <= endVa:
srcOpnd = idc.print_operand(addr, 1)
# if ivar is the src op for an instruction, assume this function will return it
if eh.arch == unicorn.UC_ARCH_ARM and "_OBJC_IVAR_$_" in srcOpnd:
oploc = idc.get_name_ea_simple(
srcOpnd[srcOpnd.find("_OBJC_IVAR_$_"):srcOpnd.find(" ")])
if oploc != idc.BADADDR:
ivarVa = oploc
break
elif eh.arch == unicorn.UC_ARCH_ARM64:
for x in idautils.XrefsFrom(addr):
if (idc.get_segm_name(x.to) == "__objc_ivar" and
idc.get_name(x.to, idc.ida_name.GN_VISIBLE)[:13] == "_OBJC_IVAR_$_"):
ivarVa = x.to
break
elif eh.arch == unicorn.UC_ARCH_X86:
if "_OBJC_IVAR_$_" in srcOpnd:
ivarVa = idc.get_operand_value(addr, 1)
break
addr = idc.next_head(addr, idc.get_inf_attr(idc.INF_MAX_EA))
if ivarVa:
for x in idautils.XrefsTo(ivarVa):
if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
typeStr = eh.getIDBString(
eh.derefPtr(x.frm + eh.size_pointer * 2))
self.ivarSetters[va] = typeStr[2:-1]
logging.debug("%s is an ivar getter function, returning type %s" % (
eh.hexString(va), typeStr[2:-1]))
return typeStr[2:-1]
else:
logging.debug(
"%s determined not to be an ivar getter function", eh.hexString(va))
self.notIvarSetters.append(va)
else:
logging.debug(
"%s determined not to be an ivar getter function", eh.hexString(va))
self.notIvarSetters.append(va)
return UNKNOWN
# returns class or sel name from IDA name
示例12: _emit_fnbytes
# 需要导入模块: import idc [as 别名]
# 或者: from idc import FUNCATTR_END [as 别名]
def _emit_fnbytes(emit_instr_cb, header, footer, indent, fva=None, warn=True):
"""Emit function bytes in a format defined by the callback and
headers/footers provided.
Warns if any instruction operands are not consistent with
position-independent code, in which case the user may need to templatize
the position-dependent portions.
"""
fva = fva or idc.here()
fva = idc.get_func_attr(fva, idc.FUNCATTR_START)
va_end = idc.get_func_attr(fva, idc.FUNCATTR_END)
# Operand types observed in position-independent code:
optypes_position_independent = set([
ida_ua.o_reg, # 1: General Register (al,ax,es,ds...)
ida_ua.o_phrase, # 3: Base + Index
ida_ua.o_displ, # 4: Base + Index + Displacement
ida_ua.o_imm, # 5: Immediate
ida_ua.o_near, # 7: Immediate Near Address
])
# Notably missing because I want to note and handle these if/as they are
# encountered:
# ida_ua.o_idpspec0 = 8: FPP register
# ida_ua.o_idpspec1 = 9: 386 control register
# ida_ua.o_idpspec2 = 10: 386 debug register
# ida_ua.o_idpspec3 = 11: 386 trace register
va = fva
nm = idc.get_name(fva)
optypes_found = set()
s = header.format(name=nm)
while va not in (va_end, idc.BADADDR):
size = idc.get_item_size(va)
the_bytes = idc.get_bytes(va, size)
for i in range(0, 8):
optype = idc.get_operand_type(va, i)
if optype:
optypes_found.add(optype)
s += indent + emit_instr_cb(va, the_bytes, size)
va = idc.next_head(va)
s += footer
position_dependent = optypes_found - optypes_position_independent
if position_dependent:
msg = ('This code may have position-dependent operands (optype %s)' %
(', '.join([str(o) for o in position_dependent])))
if warn:
Warning(msg)
else:
logger.warn(msg)
return s