本文整理汇总了Python中idaapi.o_imm方法的典型用法代码示例。如果您正苦于以下问题:Python idaapi.o_imm方法的具体用法?Python idaapi.o_imm怎么用?Python idaapi.o_imm使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idaapi的用法示例。
在下文中一共展示了idaapi.o_imm方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _process_stub_template_1
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def _process_stub_template_1(stub):
"""A template to match the following stub pattern:
ADRP X<reg>, #<offset>@PAGE
LDR X<reg>, [X<reg>, #<offset>@PAGEOFF]
BR X<reg>
"""
adrp, ldr, br = idau.Instructions(stub, count=3)
if (adrp.itype == idaapi.ARM_adrp and adrp.Op1.type == idaapi.o_reg
and adrp.Op2.type == idaapi.o_imm
and ldr.itype == idaapi.ARM_ldr and ldr.Op1.type == idaapi.o_reg
and ldr.Op2.type == idaapi.o_displ and ldr.auxpref == 0
and br.itype == idaapi.ARM_br and br.Op1.type == idaapi.o_reg
and adrp.Op1.reg == ldr.Op1.reg == ldr.Op2.reg == br.Op1.reg):
offset = adrp.Op2.value + ldr.Op2.addr
target = idau.read_word(offset)
if target and idau.is_mapped(target):
return target 示例2: op_num
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def op_num(ea, opnum):
'''Set the type for operand `opnum` belonging to the instruction at `ea` to a number and return it.'''
t = idaapi.num_flag()
ok, signed = idaapi.set_op_type(ea, t, opnum), idaapi.is_invsign(ea, database.type.flags(ea), opnum)
if not ok:
raise E.DisassemblerError(u"{:s}.op_num({:#x}, {:d}) : Unable to restore the type of operand {:d} to a number.".format(__name__, ea, opnum, opnum))
# Extract the operand's op_t and its maximum value, as we'll use this to
# transform the value if necessary.
res, max = operand(ea, opnum), 2 ** op_bits(ea, opnum)
# If this is an immediate value, then we can treat it normally.
if res.type in {idaapi.o_imm}:
integer = res.value & (max - 1)
return 0 if integer == 0 else (integer - max) if signed else integer
# If the signed-flag is set in our operand, then convert it into its actual
# signed value.
maximum = math.trunc(2 ** math.ceil(math.log(idaapi.BADADDR, 2)))
integer = (res.addr - maximum) if res.addr & (maximum // 2) else res.addr
# Now we can return the value transformed if the operand has an inverted sign
return 0 if integer == 0 else (maximum + integer) if signed and integer < 0 else (integer - maximum) if signed else integer 示例3: op_bin
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def op_bin(ea, opnum):
'''Set the type for operand `opnum` belonging to the instruction at `ea` to binary and return it.'''
t = idaapi.bin_flag()
ok, signed = idaapi.set_op_type(ea, t, opnum), idaapi.is_invsign(ea, database.type.flags(ea), opnum)
if not ok:
raise E.DisassemblerError(u"{:s}.op_bin({:#x}, {:d}) : Unable to set the type of operand {:d} to binary.".format(__name__, ea, opnum, opnum))
# Extract the operand's op_t and its maximum value, as we'll use this to
# transform the value if necessary.
res, max = operand(ea, opnum), 2 ** op_bits(ea, opnum)
# If this is an immediate value, then we can treat it normally.
if res.type in {idaapi.o_imm}:
integer = res.value & (max - 1)
return 0 if integer == 0 else (integer - max) if signed else integer
# If the signed-flag is set in our operand, then convert it into its actual
# signed value.
maximum = math.trunc(2 ** math.ceil(math.log(idaapi.BADADDR, 2)))
integer = (res.addr - maximum) if res.addr & (maximum // 2) else res.addr
# Now we can return the value transformed if the operand has an inverted sign
return 0 if integer == 0 else (maximum + integer) if signed and integer < 0 else (integer - maximum) if signed else integer 示例4: op_oct
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def op_oct(ea, opnum):
'''Set the type for operand `opnum` belonging to the instruction at `ea` to octal and return it.'''
t = idaapi.oct_flag()
ok, signed = idaapi.set_op_type(ea, t, opnum), idaapi.is_invsign(ea, database.type.flags(ea), opnum)
if not ok:
raise E.DisassemblerError(u"{:s}.op_oct({:#x}, {:d}) : Unable to set the type of operand {:d} to octal.".format(__name__, ea, opnum, opnum))
# Extract the operand's op_t and its maximum value, as we'll use this to
# transform the value if necessary.
res, max = operand(ea, opnum), 2 ** op_bits(ea, opnum)
# If this is an immediate value, then we can treat it normally.
if res.type in {idaapi.o_imm}:
integer = res.value & (max - 1)
return 0 if integer == 0 else (integer - max) if signed else integer
# If the signed-flag is set in our operand, then convert it into its actual
# signed value.
maximum = math.trunc(2 ** math.ceil(math.log(idaapi.BADADDR, 2)))
integer = (res.addr - maximum) if res.addr & (maximum // 2) else res.addr
# Now we can return the value transformed if the operand has an inverted sign
return 0 if integer == 0 else (maximum + integer) if signed and integer < 0 else (integer - maximum) if signed else integer 示例5: op_dec
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def op_dec(ea, opnum):
'''Set the type for operand `opnum` belonging to the instruction at `ea` to decimal and return it.'''
t = idaapi.dec_flag()
ok, signed = idaapi.set_op_type(ea, t, opnum), idaapi.is_invsign(ea, database.type.flags(ea), opnum)
if not ok:
raise E.DisassemblerError(u"{:s}.op_dec({:#x}, {:d}) : Unable to set the type of operand {:d} to decimal.".format(__name__, ea, opnum, opnum))
# Extract the operand's op_t and its maximum value, as we'll use this to
# transform the value if necessary.
res, max = operand(ea, opnum), 2 ** op_bits(ea, opnum)
# If this is an immediate value, then we can treat it normally.
if res.type in {idaapi.o_imm}:
integer = res.value & (max - 1)
return 0 if integer == 0 else (integer - max) if signed else integer
# If the signed-flag is set in our operand, then convert it into its actual
# signed value.
maximum = math.trunc(2 ** math.ceil(math.log(idaapi.BADADDR, 2)))
integer = (res.addr - maximum) if res.addr & (maximum // 2) else res.addr
# Now we can return the value transformed if the operand has an inverted sign
return 0 if integer == 0 else (maximum + integer) if signed and integer < 0 else (integer - maximum) if signed else integer 示例6: op_chr
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def op_chr(ea, opnum):
'''Set the type for operand `opnum` belonging to the instruction at `ea` to a character and return it.'''
t = idaapi.char_flag()
ok, signed = idaapi.set_op_type(ea, t, opnum), idaapi.is_invsign(ea, database.type.flags(ea), opnum)
if not ok:
raise E.DisassemblerError(u"{:s}.op_chr({:#x}, {:d}) : Unable to set the type of operand {:d} to a character.".format(__name__, ea, opnum, opnum))
# Extract the operand's op_t and its maximum value, as we'll use this to
# transform the value if necessary.
res, max = operand(ea, opnum), 2 ** op_bits(ea, opnum)
# If this is an immediate value, then we can treat it normally.
if res.type in {idaapi.o_imm}:
integer = res.value & (max - 1)
result = 0 if integer == 0 else (integer - max) if signed else integer
# If the signed-flag is set in our operand, then convert it into its actual
# signed value.
else:
maximum = math.trunc(2 ** math.ceil(math.log(idaapi.BADADDR, 2)))
integer = (res.addr - maximum) if res.addr & (maximum // 2) else res.addr
# Now we can use the value transformed if the operand has an inverted sign
result = 0 if integer == 0 else (maximum + integer) if signed and integer < 0 else (integer - maximum) if signed else integer
# There's no such thing as a signed character, so if we do get a signed
# value back from our above logic, then we need to figure out its absolute
# value so we can return it properly.
absolute = abs(result)
# IDA actually returns integers larger than a byte as a string, so we'll
# first chunk our integer into octets.
octets = []
while absolute > 0:
octets.append(absolute & 0xff)
absolute //= 0x100
# Last thing to do is to join each octet together back into some bytes
return bytes().join(map(six.int2byte, reversed(bytearray(octets)))) 示例7: op_flt
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def op_flt(ea, opnum):
'''Set the type for operand `opnum` belonging to the instruction at `ea` to floating-point and return it.'''
t = idaapi.flt_flag()
# Explicitly set the operand type using idaapi.
ok = idaapi.set_op_type(ea, t, opnum)
if not ok:
raise E.DisassemblerError(u"{:s}.op_flt({:#x}, {:d}) : Unable to set the type of operand {:d} to floating-point.".format(__name__, ea, opnum, opnum))
# Read the number of bits for the operand so we can figure out how to properly
# decode this integer.
res, bits = operand(ea, opnum), op_bits(ea, opnum)
integer = res.value if res.type in {idaapi.o_imm} else res.addr
# Figure out which floating-point components to use for decoding
if bits == 64:
fraction, exponent, sign = 52, 11, 1
elif bits == 32:
fraction, exponent, sign = 23, 8, 1
elif bits == 16:
fraction, exponent, sign = 10, 5, 1
# If we couldn't find a valid encoding, then raise an exception.
else:
raise E.UnsupportedCapability(u"{:s}.op_flt({:#x}, {:d}) : Unable to decode operand {:d} for instruction due to an unsupported number of bits ({:d}).".format(__name__, ea, opnum, opnum, bits))
# Now we can decode the floating-point operand and return it.
try:
res = utils.float_of_integer(integer, fraction, exponent, sign)
# If an exception was raised, then re-raise it with our parameters prefixed.
except ValueError as message:
raise ValueError(u"{:s}.op_flt({:#x}, {:d}) : {!s}".format(__name__, ea, opnum, message))
# That's all, folks.
return res 示例8: immediate
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def immediate(ea, op):
'''Operand type decoder for ``idaapi.o_imm`` which returns an immediate integer.'''
get_dtype_attribute = operator.attrgetter('dtyp' if idaapi.__version__ < 7.0 else 'dtype')
get_dtype_size = idaapi.get_dtyp_size if idaapi.__version__ < 7.0 else idaapi.get_dtype_size
if op.type in {idaapi.o_imm, idaapi.o_phrase}:
bits = 8 * get_dtype_size(get_dtype_attribute(op))
# figure out the sign flag
sf, res = 2 ** (bits - 1), op.value
# if op.value has its sign inverted, then signify it otherwise just use it
return -2 ** bits + res if interface.node.alt_opinverted(ea, op.n) else res & (2 ** bits - 1)
optype = "{:s}({:d})".format('idaapi.o_imm', idaapi.o_imm)
raise E.InvalidTypeOrValueError(u"{:s}.immediate({:#x}, {!r}) : Expected operand type `{:s}` but operand type {:d} was received.".format('.'.join((__name__, 'operand_types')), ea, op, optype, op.type)) 示例9: get_opcodes
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def get_opcodes(addr, strict):
"""Get current bytes of the instruction pointed at addr.
Args:
addr: address of the current instruction
strict: be more restrictive when applying wildcards (True) or not (False)
Returns:
String: hex-encoded representation of the bytes obtained at addr
"""
if strict:
offsets_types = {idaapi.o_far, idaapi.o_mem, idaapi.o_imm}
else:
offsets_types = {idaapi.o_far, idaapi.o_mem}
pattern = ''
mnem = idautils.DecodeInstruction(addr)
if mnem is not None:
op1_type = mnem.Op1.type
op2_type = mnem.Op2.type
logging.debug(
'[VTGREP] Instruction: %s [%d, %d, %d]',
idc.generate_disasm_line(addr, 0),
mnem.itype,
op1_type,
op2_type
)
inst_len = idc.get_item_size(addr)
drefs = [x for x in idautils.DataRefsFrom(addr)]
# Checks if any operand constains a memory address
if (drefs and
((op1_type == idaapi.o_imm) or (op2_type == idaapi.o_imm)) or
op1_type in offsets_types or op2_type in offsets_types):
pattern = Disassembler.wildcard_instruction(addr)
# Checks if the instruction is a CALL (near or far) or
# if it's a JMP (excluding near jumps)
else:
if ((mnem.itype == idaapi.NN_call) or
(mnem.itype == idaapi.NN_jmp and op1_type != idaapi.o_near)):
pattern = Disassembler.wildcard_instruction(addr)
# In any other case, concatenate the raw bytes to the current string
else:
pattern = binascii.hexlify(idc.get_bytes(addr, inst_len))
pattern = pattern.decode('utf-8')
return pattern
else: return 0 示例10: rename_constant
# 需要导入模块: import idaapi [as 别名]
# 或者: from idaapi import o_imm [as 别名]
def rename_constant(arg_ea, fct_name, arg_name, arg_enums):
""" Rename constants to values from standard enumerations. """
instruction = idc.GetMnem(arg_ea)
if instruction == 'push':
op_num = 0
elif instruction == 'mov':
op_num = 1
else:
raise RenamingException('Constant: unhandled instruction ' +
instruction)
op_val = idc.GetOperandValue(arg_ea, op_num)
# NULL
if op_val == 0:
targetid = idc.GetConstByName('NULL_{}_{}'.format(arg_name, fct_name))
serial = 0
enumid = idc.GetEnum(NULL_ENUM_NAME)
constid = idc.GetConstEx(enumid, 0, serial, -1)
while constid != idaapi.BADADDR:
if constid == targetid:
idc.OpEnumEx(arg_ea, op_num, enumid, serial)
return
serial = serial + 1
constid = idc.GetConstEx(enumid, 0, serial, -1)
# All other constants
op_type = idc.GetOpType(arg_ea, op_num)
if op_type == idaapi.o_imm:
# only one choice
if len(arg_enums) == 1:
enumid = idc.GetEnum(arg_enums[0])
idc.OpEnumEx(arg_ea, op_num, enumid, 0)
return
for enum in arg_enums:
enumid = idc.GetEnum(enum)
constid = get_constant_id(enumid, op_val)
if constid == idaapi.BADADDR:
# Not in this enum
continue
else:
# Found the right enum
idc.OpEnumEx(arg_ea, op_num, enumid, 0)
return