本文整理汇总了Python中ida_bytes.get_full_flags方法的典型用法代码示例。如果您正苦于以下问题:Python ida_bytes.get_full_flags方法的具体用法?Python ida_bytes.get_full_flags怎么用?Python ida_bytes.get_full_flags使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ida_bytes的用法示例。
在下文中一共展示了ida_bytes.get_full_flags方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _ins2color
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def _ins2color(self, addr):
col = _len = 0
acc = -1
head = get_item_head(addr)
if can_decode(head):
f = get_full_flags(head)
if is_code(f):
_len = decode_insn(self.insn, head)
if _len:
if self.insn.itype in [ida_allins.NN_mov]: # TODO: add more instructions
if self.insn.Op1.type in [o_mem, o_phrase, o_displ]:
acc = ACC_WRITE
col = self.insn_colors[acc]
elif self.insn.Op2.type in [o_mem, o_phrase, o_displ]:
acc = ACC_READ
col = self.insn_colors[acc]
else:
acc = -1
return (col, _len, acc) 示例2: check_if_seg_contents
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def check_if_seg_contents(self, seg):
"""
Determines if any address in a segment contains a value.
Args:
seg: IDA segment object
Returns:
True if any address in a segment contains a value.
False if no address in a segment contains a value.
"""
for addr in idautils.Heads(seg.start_ea, seg.end_ea):
if idc.has_value(idc.get_full_flags(addr)) == True:
return True
return False 示例3: export_comments
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_comments(self):
"""
Exports all comments in the IDA database as <COMMENT> elements.
"""
addr = self.min_ea
if ida_bytes.has_cmt(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea, ida_bytes.has_cmt)
if (addr == BADADDR):
return
self.update_status(COMMENTS)
timer = time.clock()
self.start_element(COMMENTS, True)
while (addr != BADADDR):
cmt = idc.get_cmt(addr, False)
if (cmt != None):
self.export_comment(addr, "end-of-line", cmt)
cmt = idc.get_cmt(addr, True)
if (cmt != None):
self.export_comment(addr, "repeatable", cmt)
addr = ida_bytes.next_that(addr, self.max_ea, ida_bytes.has_cmt)
addr = self.min_ea
if ida_bytes.has_extra_cmts(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(
addr, self.max_ea, ida_bytes.has_extra_cmts)
while (addr != BADADDR):
extra = idc.get_extra_cmt(addr, idc.E_PREV)
if (extra != None):
self.export_extra_comment(addr, "pre", idc.E_PREV)
extra = idc.get_extra_cmt(addr, idc.E_NEXT)
if (extra != None):
self.export_extra_comment(addr, "post", idc.E_NEXT)
addr = ida_bytes.next_that(
addr, self.max_ea, ida_bytes.has_extra_cmts)
self.export_c_comments()
self.end_element(COMMENTS)
self.display_cpu_time(timer) 示例4: export_enum_references
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_enum_references(self, addr):
"""
Finds and exports enum references at an address.
Args:
addr: Integer representing the instruction address.
"""
f = idc.get_full_flags(addr)
for op in range(2):
if ida_bytes.is_enum(f, op) == True:
self.export_enum_reference(addr, op) 示例5: export_markup
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_markup(self):
"""
Exports markup for instructions and data items including references
and manual instructions and operands.
"""
self.update_status(MARKUP)
timer = time.clock()
self.start_element(MARKUP, True)
addr = self.min_ea
while addr != BADADDR:
f = idc.get_full_flags(addr)
if self.options.MemoryReferences.checked == True:
if ida_bytes.has_xref(f) == True:
self.export_user_memory_reference(addr)
if ida_bytes.is_off(f, ida_bytes.OPND_ALL) == True:
self.export_memory_references(addr)
if (self.options.Functions.checked == True and
self.options.StackReferences.checked == True and
ida_bytes.is_stkvar(f, ida_bytes.OPND_ALL) == True):
self.export_stack_reference(addr)
if (self.options.DataTypes.checked == True and
ida_bytes.is_enum(f, ida_bytes.OPND_ALL) == True):
self.export_enum_references(addr)
if self.options.Manual.checked == True:
# TODO: Ask about OPND_ALL and retrieving additional manual operands
# if ida_bytes.is_forced_operand(addr, ida_bytes.OPND_ALL) ==
# True:
if (ida_bytes.is_forced_operand(addr, 0) == True or
ida_bytes.is_forced_operand(addr, 1) == True):
self.export_manual_operand(addr)
if ida_bytes.is_manual_insn(addr) == True:
self.export_manual_instruction(addr)
addr = idc.next_head(addr, self.max_ea)
self.end_element(MARKUP)
self.display_cpu_time(timer) 示例6: export_memory_contents
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_memory_contents(self, binfilename, binfile, start, end):
"""
Exports the binary memory contents in the database.
A MEMORY_CONTENTS element is generated for each contiguous address
range where each address in the range contains a value.
The binary values are store in a separate file (not the XML file),
and the MEMORY_CONTENTS element identifies the file and the
offset in the file where the address range is located.
Args:
binfilename: String containing the absolute filepath
binfile: IDA file instance for binary file
start: Integer representing the starting address
end: Integer representing the ending address
"""
length = 0
startaddr = start
for addr in range(start, end):
# reset start address when length == 0
if (length == 0):
startaddr = addr
has_val = ida_bytes.has_value(idc.get_full_flags(addr))
if has_val == True:
length += self.cbsize
next_address = idc.next_addr(addr)
if ((has_val == False) or (next_address != addr + 1) or
(next_address == end)):
if length > 0:
offset = binfile.tell()
ida_loader.base2file(binfile.get_fp(), offset, startaddr,
startaddr + length)
self.start_element(MEMORY_CONTENTS)
self.write_address_attribute(START_ADDR, startaddr)
self.write_attribute(FILE_NAME, binfilename)
self.write_numeric_attribute(FILE_OFFSET, offset)
self.write_numeric_attribute(LENGTH, length)
self.close_tag(False)
length = 0 示例7: export_memory_reference
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_memory_reference(self, addr, op):
"""
Exports the memory reference for operand at the address.
Args:
addr: Integer representing the instruction address.
op: Integer representing the operand index (0-based)
"""
f = idc.get_full_flags(addr)
ri = ida_nalt.refinfo_t()
if ida_nalt.get_refinfo(ri, addr, op) == 1:
if ri.target != BADADDR:
target = ri.target
elif idc.is_code(f) == True:
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, addr)
target = (insn.ops[op].value - ri.tdelta + ri.base) & ((1 << 64) - 1)
elif idc.is_data(f) == True:
target = (self.get_data_value(addr) - ri.tdelta + ri.base) & ((1 << 64) - 1)
else:
return
else:
return
if ida_bytes.is_mapped(target) == False:
return
self.start_element(MEMORY_REFERENCE)
self.write_address_attribute(ADDRESS, addr)
self.write_numeric_attribute(OPERAND_INDEX, op, 10)
self.write_address_attribute(TO_ADDRESS, target)
self.write_attribute(PRIMARY, "y")
self.close_tag() 示例8: export_memory_references
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_memory_references(self, addr):
"""
Exports the memory references for any operands at the address.
Args:
addr: Integer representing the instruction address.
"""
f = idc.get_full_flags(addr)
for op in range(ida_ida.UA_MAXOP):
if ida_bytes.is_off(f, op) == True and (idc.is_data(f) == True or
(idc.is_code(f) == True and
self.is_imm_op(addr, op) == True)):
self.export_memory_reference(addr, op) 示例9: export_stack_reference
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_stack_reference(self, addr):
"""
Exports references to stack variables at the address.
Args:
addr: Integer containing instruction address.
"""
f = idc.get_full_flags(addr)
for op in range(ida_ida.UA_MAXOP):
if idc.is_code(f) == True and ida_bytes.is_stkvar(f, op) == True:
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, addr)
opnd = insn.ops[op]
# TODO:How to handle opnd.type for stack references
optype = opnd.type
if optype == idc.o_void:
continue
# TODO:How to handle op_t_get_addr for stack references
SV = ida_frame.get_stkvar(insn, opnd, opnd.value)
if SV == None:
continue
(sv, actval) = SV
function = ida_funcs.get_func(addr)
self.start_element(STACK_REFERENCE)
self.write_address_attribute(ADDRESS, addr)
self.write_numeric_attribute(OPERAND_INDEX, op, 10)
offset = opnd.addr
spoff = offset - function.frregs
if offset > 0x7FFFFFFF:
offset -= 0x100000000
if spoff > 0x7FFFFFFF:
spoff -= 0x100000000
self.write_numeric_attribute(STACK_PTR_OFFSET, spoff,
16, True)
if (function.flags & idc.FUNC_FRAME) != 0:
self.write_numeric_attribute(FRAME_PTR_OFFSET,
offset, 16, True)
self.close_tag() 示例10: get_datatype
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def get_datatype(self, addr):
"""
Returns the datatype at an address.
The type could be a basic type (byte, word, dword, etc.),
a structure, an array, a pointer, or a string type.
Args:
addr: Integer representing a program address.
"""
f = idc.get_full_flags(addr)
t = self.get_type(f)
if ida_bytes.is_struct(f) == True:
opndbuf = ida_nalt.opinfo_t()
opnd = ida_bytes.get_opinfo(opndbuf, addr, 0, f)
return idc.get_struc_name(opnd.tid)
if idc.is_strlit(f) == True:
str_type = idc.get_str_type(addr)
# print(ida_bytes.print_strlit_type(str_type))
if str_type == ida_nalt.STRTYPE_TERMCHR:
return "string"
if str_type == ida_nalt.STRTYPE_PASCAL:
return "string1"
if str_type == ida_nalt.STRTYPE_LEN2:
return "string2"
if str_type == ida_nalt.STRTYPE_LEN4:
return "string4"
if str_type == ida_nalt.STRTYPE_C_16:
return "unicode"
if str_type == ida_nalt.STRTYPE_C_16:
return "unicode2"
if str_type == ida_nalt.STRTYPE_C_32:
return "unicode4"
return "string"
if ida_bytes.is_off0(f) == True:
return "pointer"
return t 示例11: export_code
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_code(self):
"""
Exports the address ranges of code sequences as CODE_BLOCK(s)
with START and END address attributes.
"""
addr = self.min_ea
if idc.is_code(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea, idc.is_code)
if (addr == BADADDR):
return
self.update_status(CODE)
timer = time.clock()
data = ida_bytes.next_that(addr, self.max_ea, idc.is_data)
unknown = ida_bytes.next_unknown(addr, self.max_ea)
self.start_element(CODE, True)
while (addr != BADADDR):
start = addr
end = min(data, unknown)
if (end == BADADDR):
if (ida_segment.getseg(start).end_ea < self.max_ea):
codeend = ida_segment.getseg(start).end_ea - 1
addr = ida_segment.getseg(idc.next_addr(codeend)).start_ea
if idc.is_code(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea,
idc.is_code)
else:
codeend = self.max_ea - 1
addr = BADADDR
else:
if (ida_segment.getseg(start).end_ea < end):
codeend = ida_segment.getseg(start).end_ea - 1
addr = ida_segment.getseg(idc.next_addr(codeend)).start_ea
if idc.is_code(ida_bytes.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea,
idc.is_code)
else:
codeend = idc.get_item_end(ida_bytes.prev_that(end,
start, idc.is_code)) - 1
addr = ida_bytes.next_that(end, self.max_ea, idc.is_code)
if (data < addr):
data = ida_bytes.next_that(addr, self.max_ea,
idc.is_data)
if (unknown < addr):
unknown = ida_bytes.next_unknown(addr, self.max_ea)
self.start_element(CODE_BLOCK)
self.write_address_attribute(START, start)
self.write_address_attribute(END, codeend)
self.close_tag()
self.end_element(CODE)
self.display_cpu_time(timer) 示例12: export_data
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def export_data(self):
"""
Exports the data items in the database as <DEFINED_DATA> elements.
"""
addr = self.min_ea
if idc.is_data(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea, idc.is_data)
if (addr == BADADDR):
return
timer = time.clock()
self.update_status(DATA)
self.start_element(DATA, True)
while (addr != BADADDR):
f = idc.get_full_flags(addr)
if ida_bytes.is_align(f) == True:
addr = ida_bytes.next_that(addr, self.max_ea, idc.is_data)
continue
dtype = self.get_datatype(addr)
size = idc.get_item_size(addr)
ti = ida_nalt.opinfo_t()
msize = ida_bytes.get_data_elsize(addr, f, ti)
if ida_bytes.is_struct(f) == True:
s = idc.get_struc_id(dtype)
msize = idc.get_struc_size(s)
if msize == 0:
msize = 1
if idc.is_strlit(f) == False and size != msize:
dtype = "%s[%d]" % (dtype, size / msize)
self.start_element(DEFINED_DATA)
self.write_address_attribute(ADDRESS, addr)
self.write_attribute(DATATYPE, dtype)
self.write_numeric_attribute(SIZE, size * self.cbsize)
# TODO consider using GetTrueNameEx and Demangle
demangled = ida_name.get_demangled_name(addr,
DEMANGLED_TYPEINFO, self.inf.demnames, idc.GN_STRICT)
outbuf = ''
# TODO: How to handle print_type for data mangled names?
#outbuf = idaapi.print_type(addr, False)
if demangled == "'string'":
demangled == None
has_typeinfo = ((demangled != None and len(demangled) > 0) or
(outbuf != None and len(outbuf) > 0))
# TODO export_data: add DISPLAY_SETTINGS
self.close_tag(has_typeinfo)
if has_typeinfo == True:
if demangled != None and len(demangled) > 0:
self.export_typeinfo_cmt(demangled)
elif len(outbuf) > 0:
self.export_typeinfo_cmt(outbuf)
self.end_element(DEFINED_DATA)
addr = ida_bytes.next_that(addr, self.max_ea, idc.is_data)
self.end_element(DATA)
self.display_cpu_time(timer) 示例13: _is_address_of_struct_field
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def _is_address_of_struct_field(ea):
prev_head_ea = idc.prev_head(ea)
if is_invalid_ea(prev_head_ea):
return False
prev_item_size = idc.get_item_size(prev_head_ea)
if ea >= (prev_head_ea + prev_item_size):
return False
# Try to get a type for the last item head.
flags = ida_bytes.get_full_flags(ea)
ti = ida_nalt.opinfo_t()
oi = ida_bytes.get_opinfo(ti, ea, 0, flags)
if not oi:
return False
# Get the size of the struct, and keep going if the suze of the previous
# item is a multiple of the struct's size (e.g. one struct or an array
# of that struct).
struct_size = idc.get_struc_size(oi.tid)
if not struct_size or 0 != (prev_item_size % struct_size):
return False
# Figure out the offset of `ea` within its structure, which may belong to
# an array of structures, and then check if that offset is associated with
# a named field.
arr_index = int((ea - prev_head_ea) / struct_size)
struct_begin_ea = (arr_index & struct_size) + prev_head_ea
off_in_struct = ea - struct_begin_ea
if not idc.get_member_name(oi.tid, off_in_struct):
return False
field_begin_ea = struct_begin_ea + off_in_struct
if field_begin_ea != ea:
return False
field_size = idc.GetMemberSize(oi.tid, off_in_struct)
if not field_size:
return False
return True 示例14: op_type_changed
# 需要导入模块: import ida_bytes [as 别名]
# 或者: from ida_bytes import get_full_flags [as 别名]
def op_type_changed(self, ea, n):
def gather_enum_info(ea, n):
id = ida_bytes.get_enum_id(ea, n)[0]
serial = ida_enum.get_enum_idx(id)
return id, serial
extra = {}
mask = ida_bytes.MS_0TYPE if not n else ida_bytes.MS_1TYPE
flags = ida_bytes.get_full_flags(ea) & mask
def is_flag(type):
return flags == mask & type
if is_flag(ida_bytes.hex_flag()):
op = "hex"
elif is_flag(ida_bytes.dec_flag()):
op = "dec"
elif is_flag(ida_bytes.char_flag()):
op = "chr"
elif is_flag(ida_bytes.bin_flag()):
op = "bin"
elif is_flag(ida_bytes.oct_flag()):
op = "oct"
elif is_flag(ida_bytes.offflag()):
op = "offset"
elif is_flag(ida_bytes.enum_flag()):
op = "enum"
id, serial = gather_enum_info(ea, n)
ename = ida_enum.get_enum_name(id)
extra["ename"] = Event.decode(ename)
extra["serial"] = serial
elif is_flag(flags & ida_bytes.stroff_flag()):
op = "struct"
path = ida_pro.tid_array(1)
delta = ida_pro.sval_pointer()
path_len = ida_bytes.get_stroff_path(
path.cast(), delta.cast(), ea, n
)
spath = []
for i in range(path_len):
sname = ida_struct.get_struc_name(path[i])
spath.append(Event.decode(sname))
extra["delta"] = delta.value()
extra["spath"] = spath
elif is_flag(ida_bytes.stkvar_flag()):
op = "stkvar"
# FIXME: No hooks are called when inverting sign
# elif ida_bytes.is_invsign(ea, flags, n):
# op = 'invert_sign'
else:
return 0 # FIXME: Find a better way to do this
self._send_packet(evt.OpTypeChangedEvent(ea, n, op, extra))
return 0