本文整理汇总了Python中idc.SetType方法的典型用法代码示例。如果您正苦于以下问题:Python idc.SetType方法的具体用法?Python idc.SetType怎么用?Python idc.SetType使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.SetType方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _propagate_virtual_method_type_for_method
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def _propagate_virtual_method_type_for_method(classinfo, class_vindex, vmethod):
"""Propagate the type of a class's virtual method to the vtable struct."""
if not idau.is_function_start(vmethod):
_log(2, 'Not a function start: {:x}', vmethod)
return False
vmethod_type = idc.GuessType(vmethod)
if not vmethod_type:
_log(2, 'No guessed type: {:x}', vmethod)
return False
vmethod_ptr_type = symbol.convert_function_type_to_function_pointer_type(vmethod_type)
if not vmethod_ptr_type:
_log(2, 'Could not convert to function pointer type: {:x}', vmethod)
return False
vmethods_sid = idau.struct_open(classinfo.classname + '::vmethods')
vmethod_offset = class_vindex * idau.WORD_SIZE
vmethod_mid = idc.GetMemberId(vmethods_sid, vmethod_offset)
if not bool(idc.SetType(vmethod_mid, vmethod_ptr_type)):
_log(2, 'Could not set vmethod field type: {:x}, {}, {}', vmethod, classinfo.classname,
class_vindex)
return False
return True
示例2: _find_est
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def _find_est(self, gvar, start, end):
RAX = 0
BS_OFFSET = 0x60
EFI_SYSTEM_TABLE = 'EFI_SYSTEM_TABLE *'
if self.arch == 'x86':
BS_OFFSET = 0x3c
ea = start
while (ea < end):
if ((idc.print_insn_mnem(ea) == 'mov')
and (idc.get_operand_value(ea, 0) == RAX)
and (idc.get_operand_value(ea, 1) == BS_OFFSET)):
if idc.SetType(gvar, EFI_SYSTEM_TABLE):
idc.set_name(gvar, 'gSt_{addr:#x}'.format(addr=gvar))
return True
ea = idc.next_head(ea)
return False
示例3: make_names
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def make_names(self):
"""make names in idb"""
EFI_GUID = 'EFI_GUID *'
EFI_GUID_ID = idc.get_struc_id('EFI_GUID')
self.get_boot_services()
self.get_protocols()
self.get_prot_names()
data = self.Protocols['all']
empty = True
for element in data:
try:
idc.SetType(element['address'], EFI_GUID)
self.apply_struct(element['address'], 16, EFI_GUID_ID)
name = '{prot_name}_{addr:#x}'.format(prot_name=element['protocol_name'], addr=element['address'])
idc.set_name(element['address'], name)
empty = False
print('[ {ea} ] {name}'.format(
ea='{addr:#010x}'.format(addr=element['address']),
name=name))
except:
continue
if empty:
print(' * list is empty')
示例4: signature
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def signature(self, c_signature):
success = idc.SetType(self.start_ea, c_signature)
if not success:
raise exceptions.SetTypeFailed(self.start_ea, c_signature)
示例5: struct_add_ptr
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def struct_add_ptr(sid, name, offset, count=1, type=None):
"""Add a pointer to a structure.
If sid is a union, offset must be -1.
"""
ptr_flag = idc.FF_DATA | word_flag(WORD_SIZE) | idaapi.offflag()
ret = idc.AddStrucMember(sid, name, offset, ptr_flag, 0, WORD_SIZE)
if ret == 0 and type is not None:
if offset == -1:
offset = struct_member_offset(sid, name)
assert offset is not None
mid = idc.GetMemberId(sid, offset)
idc.SetType(mid, type)
return ret
示例6: apply
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def apply(self, data):
# TODO: deserialize type info and apply it
prototype = data['type_info']
if idc.SetType(self.offset, prototype) is None:
log('annotation_prototype').warn("Setting prototype failed at %s with "
"%s", self.offset, data)
示例7: import_function
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def import_function(self, function):
"""
Creates a function using the FUNCTION attributes.
Args:
function: XML element containing the function address and
attributes.
"""
if self.options.Functions.checked == False:
return
try:
entry_point = self.get_address(function, ENTRY_POINT)
name = ''
if self.has_attribute(function, NAME):
name = self.get_attribute(function, NAME)
libfunc = 'n'
if self.has_attribute(function, LIBRARY_FUNCTION):
libfunc = self.get_attribute(function, LIBRARY_FUNCTION)
if idc.is_mapped(entry_point) == False:
msg = ("import_function: address %X not enabled in database"
% entry_point)
print(msg)
return
idc.add_func(entry_point, BADADDR)
self.update_counter(FUNCTION)
func = ida_funcs.get_func(entry_point)
if libfunc == 'y':
func.flags |= idc.FUNC_LIB
ranges = function.findall(ADDRESS_RANGE)
for addr_range in ranges:
(start, end) = self.import_address_range(addr_range)
ida_funcs.append_func_tail(func, start, end)
# TODO: auto_wait is probably not needed...
if AUTO_WAIT:
ida_auto.auto_wait()
regcmt = function.find(REGULAR_CMT)
if regcmt != None:
self.update_counter(FUNCTION + ':' + REGULAR_CMT)
ida_funcs.set_func_cmt(func, regcmt.text, False)
rptcmt = function.find(REPEATABLE_CMT)
if rptcmt != None:
self.update_counter(FUNCTION + ':' + REPEATABLE_CMT)
ida_funcs.set_func_cmt(func, rptcmt.text, True)
typecmt = function.find(TYPEINFO_CMT)
if typecmt != None:
self.update_counter(FUNCTION + ':' + TYPEINFO_CMT)
# TODO: TYPECMTs
#idc.SetType(entry_point, typecmt.text + ';')
sf = function.find(STACK_FRAME)
if sf != None:
self.import_stack_frame(sf, func)
register_vars = function.findall(REGISTER_VAR)
for register_var in register_vars:
self.import_register_var(register_var, func)
except:
msg = "** Exception occurred in import_function **"
print("\n" + msg + "\n", sys.exc_type, sys.exc_value)
示例8: get_data_guids
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def get_data_guids(self):
"""rename GUIDs in idb"""
EFI_GUID = 'EFI_GUID *'
EFI_GUID_ID = idc.get_struc_id('EFI_GUID')
segments = ['.text', '.data']
for segment in segments:
seg_start, seg_end = 0, 0
for seg in idautils.Segments():
if idc.get_segm_name(seg) == segment:
seg_start = idc.get_segm_start(seg)
seg_end = idc.get_segm_end(seg)
break
ea = seg_start
while (ea <= seg_end - 15):
prot_name = ''
if idc.get_name(ea, ida_name.GN_VISIBLE).find('unk_') != -1:
find = False
cur_guid = []
cur_guid.append(idc.get_wide_dword(ea))
cur_guid.append(idc.get_wide_word(ea + 4))
cur_guid.append(idc.get_wide_word(ea + 6))
for addr in range(ea + 8, ea + 16, 1):
cur_guid.append(idc.get_wide_byte(addr))
if cur_guid == [0] * 11:
ea += 1
continue
for guid_place in [
'ami_guids', 'asrock_guids', 'dell_guids',
'edk_guids', 'edk2_guids', 'lenovo_guids'
]:
for name in self.Protocols[guid_place]:
if self.Protocols[guid_place][name] == cur_guid:
prot_name = '{}_{:#x}'.format(name, ea)
record = {
'address': ea,
'service': 'unknown',
'guid': cur_guid,
'protocol_name': name,
'protocol_place': guid_place
}
find = True
break
if find:
break
if find and (idc.get_name(ea, ida_name.GN_VISIBLE) !=
prot_name):
idc.SetType(ea, EFI_GUID)
self.apply_struct(ea, 16, EFI_GUID_ID)
idc.set_name(ea, prot_name)
self.Protocols['data'].append(record)
ea += 1
示例9: set_types
# 需要导入模块: import idc [as 别名]
# 或者: from idc import SetType [as 别名]
def set_types(self):
"""
handle (EFI_BOOT_SERVICES *) type
and (EFI_SYSTEM_TABLE *) for x64 images
"""
RAX = 0
O_REG = 1
O_MEM = 2
EFI_BOOT_SERVICES = 'EFI_BOOT_SERVICES *'
EFI_SYSTEM_TABLE = 'EFI_SYSTEM_TABLE *'
empty = True
for service in self.gBServices:
for address in self.gBServices[service]:
ea = address
num_of_attempts = 10
for _ in range(num_of_attempts):
ea = idc.prev_head(ea)
if (idc.print_insn_mnem(ea) == 'mov'
and idc.get_operand_type(ea, 1) == O_MEM):
if (idc.get_operand_type(ea, 0) == O_REG
and idc.get_operand_value(ea, 0) == RAX):
gvar = idc.get_operand_value(ea, 1)
gvar_type = idc.get_type(gvar)
# if (EFI_SYSTEM_TABLE *)
if ((gvar_type != 'EFI_SYSTEM_TABLE *')
and (idc.print_operand(
address, 0).find('rax') == 1)):
if self._find_est(gvar, ea, address):
# yapf: disable
print('[ {0} ] Type ({type}) successfully applied'.format(
'{addr:#010x}'.format(addr=gvar),
type=EFI_SYSTEM_TABLE))
empty = False
break
# otherwise it (EFI_BOOT_SERVICES *)
if (gvar_type != 'EFI_BOOT_SERVICES *'
and gvar_type != 'EFI_SYSTEM_TABLE *'):
if idc.SetType(gvar, EFI_BOOT_SERVICES):
empty = False
idc.set_name(
gvar,
'gBs_{addr:#x}'.format(addr=gvar))
# yapf: disable
print('[ {0} ] Type ({type}) successfully applied'.format(
'{addr:#010x}'.format(addr=gvar),
type=EFI_BOOT_SERVICES))
break
if empty:
print(' * list is empty')