本文整理汇总了Python中ida_bytes.del_items方法的典型用法代码示例。如果您正苦于以下问题:Python ida_bytes.del_items方法的具体用法?Python ida_bytes.del_items怎么用?Python ida_bytes.del_items使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ida_bytes的用法示例。
在下文中一共展示了ida_bytes.del_items方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: markCodePtr
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def markCodePtr(self, src, dest, aggressive=True):
"""Mark a code pointer from src to dest.
Args:
src (int): effective address for the pointer's location
dest (int): effective address for the pointed code address
aggressive (bool, optional): True iff should redefine the src & dest (True by default)
"""
clean_dest = self.cleanPtr(dest)
if aggressive:
ida_bytes.del_items(src, 0, self.addressSize())
if self.makeAddress(src):
idc.add_dref(src, clean_dest, idc.XREF_USER | idc.dr_O)
idc.add_cref(src, clean_dest, idc.XREF_USER | idc.dr_O)
ida_offset.op_offset(src, 0, idc.REF_OFF32)
if aggressive:
ida_bytes.del_items(dest, 0, self.addressSize())
idc.create_insn(self.cleanPtr(dest)) 示例2: import_codeblock
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def import_codeblock(self, code_block):
"""
Processes a CODE_BLOCK element by disassembling the address range.
Args:
code_block: XML element containing codeblock start and end
addresses.
"""
if self.options.CodeBlocks.checked == False:
return
start = self.get_address(code_block, START)
end = self.get_address(code_block, END)
ida_bytes.del_items(start, 3, end - start + 1)
addr = start
while (addr <= end):
length = ida_ua.create_insn(addr)
addr += ida_bytes.get_item_size(addr) * self.get_cbsize()
self.update_counter(CODE_BLOCK) 示例3: markSwitchTables
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def markSwitchTables(self, sc, aggressive=True):
"""Help IDA by marking all of the needed information from the observed switch tables.
Args:
sc (segment): (sark) code segment in which we are interested right now
aggressive (bool, optional): True iff the marking operation should be aggressive, see notes. (True by default)
Notes
-----
1. Make sure the switch case jump instruction is indeed a code line
2. Make sure the jump instruction has a code reference to all of the switch cases
3. (Aggressive) Make sure each switch table entry is a proper code pointer to it's matching case
4. (Aggressive) Enforce the correct code type over the entire gap between the minimal and maximal case
"""
for switch_instr, table_start, table_end in filter(lambda x: sc.start_ea <= x[0] and x[1] < sc.end_ea, self._switch_case_entries):
cases = []
if not sark.Line(switch_instr).is_code:
ida_bytes.del_items(switch_instr, 0, self._analyzer.addressSize())
idc.create_insn(switch_instr)
for ea in range(table_start, table_end, self._analyzer.addressSize()):
entry = self._analyzer.parseAdderss(ea)
if aggressive:
self._analyzer.markCodePtr(ea, entry)
fixed_entry = self._analyzer.cleanPtr(entry)
cases.append(fixed_entry)
idc.add_cref(switch_instr, fixed_entry, idc.XREF_USER | idc.dr_O)
if aggressive:
self._analyzer.setCodeType(min(cases), max(cases), self._analyzer.ptrCodeType(entry)) 示例4: defineAsciiString
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def defineAsciiString(self, ea):
r"""Define an ascii string at the given address.
Args:
ea (int): effective start address of the wanted ascii string
Return Value:
The length of the defined string + 1 for the '\0' terminator
"""
content = idc.get_strlit_contents(ea, -1, -1)
if not sark.Line(ea).is_string:
self._analyzer.logger.debug("Defined a unique ascii string at: 0x%x (Length of %d)", ea, len(content) + 1)
ida_bytes.del_items(ea, 0, len(content) + 1)
idc.create_strlit(ea, ea + len(content) + 1)
return len(content) + 1 示例5: markDataPtr
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def markDataPtr(self, src, dest, aggressive=True):
"""Mark a data pointer from src to dest.
Args:
src (int): effective address for the pointer's location
dest (int): effective address for the pointed data address
aggressive (bool, optional): True iff should redefine the src (True by default)
"""
if aggressive:
ida_bytes.del_items(src, 0, self.addressSize())
if self.makeAddress(src):
idc.add_dref(src, dest, idc.XREF_USER | idc.dr_O)
ida_offset.op_offset(src, 0, idc.REF_OFF32) 示例6: delCodePtr
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def delCodePtr(self, src, dest):
"""Delete a code pointer (probably was found to be a False Positive).
Args:
src (int) effective address for the pointer's location
dest (int): effective address for the (assumed) pointed code address
"""
idc.del_dref(src, dest)
idc.del_cref(src, dest, 0)
ida_bytes.del_items(src, 0, self.addressSize()) 示例7: resizeRegion
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def resizeRegion(analyzer, start_ea, end_ea, new_start_ea, new_end_ea):
"""Resize a given code region, according to the new dimensions.
Args:
analyzer (instance): analyzer instance to be used
start_ea (int): effective start address of the original region
end_ea (int): effective end address of the original region
new_start_ea (int): effective start address for the new region
new_end_ea (int): effective end address for the new region
"""
analyzer.logger.info("Resizing code region of type %d: 0x%x (0x%x) - 0x%x (0x%x)", analyzer.codeType(start_ea), new_start_ea, start_ea, end_ea, new_end_ea)
code_type_before = analyzer.codeType(min(start_ea, new_start_ea) - 1)
code_type_middle = analyzer.codeType(start_ea)
code_type_after = analyzer.codeType(max(end_ea, new_end_ea))
# Make sure it will be treated as code
fix_regions = []
if new_start_ea < start_ea:
fix_regions.append((new_start_ea, start_ea))
elif new_start_ea != start_ea:
fix_regions.append((start_ea, new_start_ea))
if end_ea < new_end_ea:
fix_regions.append((end_ea, new_end_ea))
elif end_ea != new_end_ea:
fix_regions.append((new_end_ea, end_ea))
# Make the changed parts unknown, before re-analyzing them
for region_start, region_end in fix_regions:
ida_bytes.del_items(region_start, 0, region_end - region_start)
# manually set the wanted value over the entire region
if start_ea < new_start_ea:
analyzer.setCodeType(start_ea, new_start_ea, code_type_before)
elif start_ea != new_start_ea:
analyzer.setCodeType(new_start_ea, start_ea, code_type_middle)
if end_ea < new_end_ea:
analyzer.setCodeType(end_ea, new_end_ea, code_type_middle)
elif end_ea != new_end_ea:
analyzer.setCodeType(new_end_ea, end_ea, code_type_after)
# now reanalyze the new section
for region_start, region_end in fix_regions:
idc.plan_and_wait(region_start, region_end) 示例8: make_ptr
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def make_ptr(ea):
# TODO: arch
ida_bytes.del_items(ea, 0, psize)
return ida_bytes.create_dword(ea, psize) 示例9: apply_struct
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def apply_struct(ea, size, sid):
ida_bytes.del_items(ea, size, idc.DELIT_DELNAMES)
ida_bytes.create_struct(ea, size, sid)
return size 示例10: __call__
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def __call__(self):
ida_bytes.del_items(self.ea) 示例11: make_xref
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import del_items [as 别名]
def make_xref(from_ea, to_ea, data_type, xref_size):
"""Force the data at `from_ea` to reference the data at `to_ea`."""
if not idc.get_full_flags(to_ea) or is_invalid_ea(to_ea):
DEBUG(" Not making reference (A) from {:x} to {:x}".format(from_ea, to_ea))
return False
make_head(from_ea)
if is_code(from_ea):
_CREFS_FROM[from_ea].add(to_ea)
_CREFS_TO[to_ea].add(from_ea)
else:
_DREFS_FROM[from_ea].add(to_ea)
_DREFS_TO[to_ea].add(from_ea)
# If we can't make a head, then it probably means that we're at the
# end of the binary, e.g. the last thing in the `.extern` segment.
# or in the middle of structure. Return False in such case
#
# NOTE(artem): Commenting out since this breaks recovery of C++ applications
# with IDA7. The failure occurs when processign references in .init_array
# when the below code is enabled, those references are not treated as
# references because make_head fails.
#
#if not make_head(from_ea + xref_size):
# return False
ida_bytes.del_items(from_ea, idc.DELIT_EXPAND, xref_size)
if data_type == idc.FF_QWORD:
data_size = 8
elif data_type == idc.FF_DWORD:
data_size = 4
else:
raise ValueError("Invalid data type")
idc.create_data(from_ea, data_type, data_size, idaapi.BADADDR)
if not is_code_by_flags(from_ea):
idc.add_dref(from_ea, to_ea, idc.XREF_USER|idc.dr_O)
else:
DEBUG(" Not making reference (B) from {:x} to {:x}".format(from_ea, to_ea))
return True