本文整理汇总了Python中idc.isCode方法的典型用法代码示例。如果您正苦于以下问题:Python idc.isCode方法的具体用法?Python idc.isCode怎么用?Python idc.isCode使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.isCode方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: colorize_trace
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def colorize_trace(self):
try:
index = self.traces_tab.currentIndex()
trace = self.core.traces[self.id_map[index]]
if self.colorized:
self.colorize_button.setText("Colorize trace")
color = 0xffffff
else:
self.colorize_button.setText("Uncolorize trace")
self.colorize_button.setFlat(True)
color = 0x98FF98
for inst in trace.instrs.values():
if idc.isCode(idc.GetFlags(inst.address)):
idc.SetColor(inst.address, idc.CIC_ITEM, color)
if not self.colorized:
self.colorize_button.setFlat(False)
self.colorized = True
else:
self.colorized = False
except KeyError:
print "No trace found"
示例2: heatmap_trace
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def heatmap_trace(self):
try:
index = self.traces_tab.currentIndex()
trace = self.core.traces[self.id_map[index]]
if self.heatmaped:
self.heatmap_button.setText("Heatmap")
color = lambda x: 0xffffff
else:
self.heatmap_button.setText("Heatmap undo")
self.heatmap_button.setFlat(True)
hit_map = trace.address_hit_count
color_map = self.compute_step_map(set(hit_map.values()))
print color_map
color = lambda x: color_map[hit_map[x]]
for inst in trace.instrs.values():
if idc.isCode(idc.GetFlags(inst.address)):
c = color(inst.address)
idc.SetColor(inst.address, idc.CIC_ITEM, c)
if not self.heatmaped:
self.heatmap_button.setFlat(False)
self.heatmaped = True
else:
self.heatmaped = False
except KeyError:
print "No trace found"
示例3: sign_extend
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def sign_extend(x, b):
m = 1 << (b - 1)
x = x & ((1 << b) - 1)
return (x ^ m) - m
# Returns `True` if `ea` belongs to some code segment.
#
# TODO(pag): This functon is extra aggressive, in that it doesn't strictly
# trust the `idc.isCode`. I have observed cases where data in
# `.bss` is treated as code and I am not sure why. Perhaps adding
# a reference to the data did this.
#
# I think it has something to do with ELF thunks, e.g. entries in
# the `.plt` section. When I made this function stricter,
# `mcsema-lift` would report issues where it needed to add tail-calls
# to externals.
示例4: set_start_stop
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def set_start_stop(self, ftype):
assert_ida_available()
import idc
import idaapi
import idautils
fun_mapping = {idc.GetFunctionName(x): (idaapi.get_func(x).startEA, idaapi.get_func(x).endEA-1)
for x in idautils.Functions()}
start = idc.BeginEA()
stop = 0
if ftype == PE:
start, stop = fun_mapping["start"]
else:
if not idc.isCode(idc.GetFlags(start)):
if idc.MakeCode(start) == 0:
print "Fail to decode instr !"
idaapi.autoWait()
if idc.GetFunctionName(start) == "":
if idc.MakeFunction(start) == 0:
print "Fail to create function !"
idaapi.autoWait()
fun_mapping = {idc.GetFunctionName(x): (idaapi.get_func(x).startEA, idaapi.get_func(x).endEA-1)
for x in idautils.Functions()}
if "main" in fun_mapping:
start, stop = fun_mapping["main"]
elif "start" in fun_mapping:
if "__libc_start_main" in fun_mapping:
instrs = list(idautils.FuncItems(fun_mapping["start"][0]))
instrs.reverse()
for inst in instrs:
arg1 = idc.GetOperandValue(inst, 0)
if idc.GetMnem(inst) == "push":
start, stop = arg1, fun_mapping["start"][1]
break
else:
start, stop = fun_mapping["start"]
self.config.start, self.config.stop = start, stop
示例5: disassemble_from_trace
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def disassemble_from_trace(self):
try:
index = self.traces_tab.currentIndex()
trace = self.core.traces[self.id_map[index]]
self.disassemble_button.setFlat(True)
found_match = False
for k, inst in trace.instrs.items():
if k in trace.metas:
for name, arg1, arg2 in trace.metas[k]:
if name == "wave":
self.parent.log("LOG", "Wave n°%d encountered at (%s,%x) stop.." % (arg1, k, inst.address))
prev_inst = trace.instrs[k-1]
idc.MakeComm(prev_inst.address, "Jump into Wave %d" % arg1)
self.disassemble_button.setFlat(False)
return
# TODO: Check that the address is in the address space of the program
if not idc.isCode(idc.GetFlags(inst.address)):
found_match = True
# TODO: Add an xref with the previous instruction
self.parent.log("LOG", "Addr:%x not decoded as an instruction" % inst.address)
if idc.MakeCode(inst.address) == 0:
self.parent.log("ERROR", "Fail to decode at:%x" % inst.address)
else:
idaapi.autoWait()
self.parent.log("SUCCESS", "Instruction decoded at:%x" % inst.address)
if not found_match:
self.parent.log("LOG", "All instruction are already decoded")
self.disassemble_button.setFlat(False)
except KeyError:
print "No trace found to use"
示例6: decode_here_clicked
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def decode_here_clicked(self):
inst = idc.here()
if not idc.isCode(idc.GetFlags(inst)):
print "Not code instruction"
else:
raw = idc.GetManyBytes(inst, idc.NextHead(inst)-inst)
s = to_hex(raw)
self.decode_ir(s)
示例7: type_to_string
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def type_to_string(t):
if idc.isCode(t):
return "C"
elif idc.isData(t):
return "D"
elif idc.isTail(t):
return "T"
elif idc.isUnknown(t):
return "Ukn"
else:
return "Err"
示例8: compute_nb_instr
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def compute_nb_instr(self):
return 0 # FIXME: by iterating all segments
count = 0
start, stop = self.seg_mapping[".text"] # TODO: Iterate all executable segs
current = start
while current <= stop:
if idc.isCode(idc.GetFlags(current)):
count += 1
current = idc.NextHead(current, stop)
return count
示例9: get_custom_viewer_hint
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def get_custom_viewer_hint(self, view, place):
try:
tform = idaapi.get_current_tform()
if idaapi.get_tform_type(tform) != idaapi.BWN_DISASM:
return None
curline = idaapi.get_custom_viewer_curline(view, True)
# sometimes get_custom_viewer_place() returns [x, y] and sometimes [place_t, x, y].
# we want the place_t.
viewer_place = idaapi.get_custom_viewer_place(view, True)
if len(viewer_place) != 3:
return None
_, x, y = viewer_place
ea = place.toea()
# "color" is a bit of misnomer: its the type of the symbol currently hinted
color = get_color_at_char(curline, x)
if color != idaapi.COLOR_ADDR:
return None
# grab the FAR references to code (not necessarilty a branch/call/jump by itself)
far_code_references = [xref.to for xref in idautils.XrefsFrom(ea, ida_xref.XREF_FAR)
if idc.isCode(idc.GetFlags(xref.to))]
if len(far_code_references) != 1:
return None
fva = far_code_references[0]
# ensure its actually a function
if not idaapi.get_func(fva):
return None
# this magic constant is the number of "important lines" to display by default.
# the remaining lines get shown if you scroll down while the hint is displayed, revealing more lines.
return render_function_hint(fva), DEFAULT_IMPORTANT_LINES_NUM
except Exception as e:
logger.warning('unexpected exception: %s. Get in touch with @williballenthin.', e, exc_info=True)
return None
示例10: is_code_by_flags
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def is_code_by_flags(ea):
if not is_code(ea):
return False
flags = idc.GetFlags(ea)
return idc.isCode(flags)
示例11: crefs_from
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def crefs_from(ea, only_one=False, check_fixup=True):
flags = idc.GetFlags(ea)
if not idc.isCode(flags):
return
fixup_ea = idc.BADADDR
seen = False
has_one = only_one
if check_fixup:
fixup_ea = idc.GetFixupTgtOff(ea)
if not is_invalid_ea(fixup_ea) and is_code(fixup_ea):
seen = only_one
has_one = True
yield fixup_ea
if has_one and _stop_looking_for_xrefs(ea):
return
for target_ea in _xref_generator(ea, idaapi.get_first_cref_from, idaapi.get_next_cref_from):
if target_ea != fixup_ea and not is_invalid_ea(target_ea):
seen = only_one
yield target_ea
if seen:
return
if not seen and ea in _CREFS_FROM:
for target_ea in _CREFS_FROM[ea]:
seen = only_one
yield target_ea
if seen:
return
示例12: find_xrefs
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def find_xrefs(addr):
lrefs = list(idautils.DataRefsTo(addr))
if len(lrefs) == 0:
lrefs = list(idautils.refs(addr, first, next))
lrefs = [r for r in lrefs if not idc.isCode(idc.GetFlags(r))]
return lrefs
示例13: setBPs
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def setBPs(self):
"""
Set breakpoints on all CALL and RET instructions in all of the executable sections.
"""
for seg_ea in idautils.Segments():
for head in idautils.Heads(seg_ea, idc.SegEnd(seg_ea)):
if idc.isCode(idc.GetFlags(head)):
# Add BP if instruction is a CALL
if is_call(head):
self.addBP(head)
示例14: get_called_func_data
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def get_called_func_data(self, ea):
"""
Try to get the called function name and address.
@param ea: Address to the CALL instruction
@return: On success a tuple of called function data (Function_ea, Demangled_Function_Name).
otherwise (None,None) tuple will be returned
"""
try:
func_name = None
call_dest = None
if idc.isCode(idc.GetFlags(ea)):
if is_call(ea):
operand_type = idc.GetOpType(ea, 0)
if operand_type in (5, 6, 7, 2):
call_dest = idc.GetOperandValue(ea, 0) # Call destination
func_name = get_function_name(call_dest).lower()
return call_dest, func_name
except Exception as ex:
self.logger.exception("Failed to get called function data: %s", ex)
return None, None
###############################################################################################
# Dynamic (RunTime) Breakpoints
示例15: walk_function
# 需要导入模块: import idc [as 别名]
# 或者: from idc import isCode [as 别名]
def walk_function(self, ea):
"""
Walk function and place breakpoints on every call function found within it.
@param ea: An effective address within the function.
@return: True if function walked succeeded or False otherwise
"""
try:
function_name = get_function_name(ea)
self.logger.debug("Walking function %s at address %s for breakpoints", function_name, hex(ea))
if function_name in self.walked_functions:
self.logger.debug("No breakpoints will be set in function %s, "
"since it was already walked before.", function_name)
return True
# Add function to walked function list
self.walked_functions[function_name] = ea
# function = sark.Function(ea)
# for line in function.lines:
# if line.is_code and line.insn.is_call:
# self.addBP(line.ea)
start_adrs = get_function_start_address(ea)
end_adrs = get_function_end_address(ea)
# Walk function and place breakpoints on every call instruction found.
for head in idautils.Heads(start_adrs, end_adrs):
if idc.isCode(idc.GetFlags(head)):
# Add BP if instruction is a CALL
if is_call(head):
self.addBP(head)
self.logger.debug("Function %s was successfully walked for breakpoints", function_name)
return True
except Exception as ex:
self.logger.exception("Failed walking function at address %s for breakpoints.", hex(ea))
return False