本文整理汇总了Python中idc.o_imm方法的典型用法代码示例。如果您正苦于以下问题:Python idc.o_imm方法的具体用法?Python idc.o_imm怎么用?Python idc.o_imm使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类idc
的用法示例。
在下文中一共展示了idc.o_imm方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: is_imm_op
# 需要导入模块: import idc [as 别名]
# 或者: from idc import o_imm [as 别名]
def is_imm_op(self, addr, op):
"""
Returns true if instruction operand at address is an immediate value.
Args:
addr: Integer representing instruction address.
op: Integer representing operand index (0-based).
Returns:
True if instruction operand at address is an immediate value.
False otherwise.
"""
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, addr)
if (insn.ops[op].type == idc.o_imm):
return True
return False
示例2: get_stack_vars
# 需要导入模块: import idc [as 别名]
# 或者: from idc import o_imm [as 别名]
def get_stack_vars(self, start, end):
stackvars = {}
ea = start
while (ea < end):
if ("ebp" in idc.print_operand(ea, 0) and idc.get_operand_type(ea, 1) == idc.o_imm):
op0 = idc.get_operand_value(ea, 0)
op1 = idc.get_operand_value(ea, 1)
if (op0 in stackvars):
stackvars[op0]["values"].append(op1)
else:
stackvars[op0] = {"values": [], "hits": 0}
ea += idc.get_item_size(ea)
return stackvars
示例3: lookForOpArgs
# 需要导入模块: import idc [as 别名]
# 或者: from idc import o_imm [as 别名]
def lookForOpArgs(self, start, end):
for head in idautils.Heads(start, end):
try:
for i in range(2):
if using_ida7api:
t = idc.get_operand_type(head, i)
else:
t = idc.GetOpType(head, i)
if t == idc.o_imm:
if using_ida7api:
opval = idc.get_operand_value(head, i)
else:
opval = idc.GetOperandValue(head, i)
if self.params.useXORSeed:
opval = opval ^ self.params.XORSeed
for h in self.params.hashTypes:
hits = self.dbstore.getSymbolByTypeHash(h.hashType, opval)
for sym in hits:
logger.info("0x%08x: %s", head, str(sym))
self.addHit(head, sym)
self.markupLine(head, sym, self.params.useDecompiler)
except Exception as err:
logger.exception("Exception: %s", str(err))
示例4: set_jit_info
# 需要导入模块: import idc [as 别名]
# 或者: from idc import o_imm [as 别名]
def set_jit_info(self, method_id, start):
end = self.get_func_end(start)
if (end < start or end - start > self.jit_max_size):
return
method = next((x for x in self.as3dump if x["id"] == method_id), None)
if (method is None):
return
stackvars = self.get_stack_vars(start, end)
save_eip = self.get_save_eip(method, stackvars)
ea = start
while (ea < end):
if ("ebp" in idc.print_operand(ea, 0) and idc.get_operand_type(ea, 1) == idc.o_imm):
op0 = idc.get_operand_value(ea, 0)
op1 = idc.get_operand_value(ea, 1)
if (op0 == save_eip):
idc.set_cmt(ea, method["instructions"][op1], 0)
ea += idc.get_item_size(ea)
示例5: _emulate_arm64
# 需要导入模块: import idc [as 别名]
# 或者: from idc import o_imm [as 别名]
def _emulate_arm64(start, end, on_BL=None, on_RET=None):
"""A very basic partial Arm64 emulator that does just enough to find OSMetaClass
information."""
# Super basic emulation.
reg = _Regs()
def load(addr, dtyp):
if not addr:
return None
if dtyp == idaapi.dt_qword:
size = 8
elif dtyp == idaapi.dt_dword:
size = 4
else:
return None
return idau.read_word(addr, size)
def cleartemps():
for t in ['X{}'.format(i) for i in range(0, 19)]:
reg.clear(t)
for insn in idau.Instructions(start, end):
_log(11, 'Processing instruction {:#x}', insn.ea)
mnem = insn.get_canon_mnem()
if mnem == 'ADRP' or mnem == 'ADR':
reg[insn.Op1.reg] = insn.Op2.value
elif mnem == 'ADD' and insn.Op2.type == idc.o_reg and insn.Op3.type == idc.o_imm:
reg[insn.Op1.reg] = reg[insn.Op2.reg] + insn.Op3.value
elif mnem == 'NOP':
pass
elif mnem == 'MOV' and insn.Op2.type == idc.o_imm:
reg[insn.Op1.reg] = insn.Op2.value
elif mnem == 'MOV' and insn.Op2.type == idc.o_reg:
reg[insn.Op1.reg] = reg[insn.Op2.reg]
elif mnem == 'RET':
if on_RET:
on_RET(reg)
break
elif (mnem == 'STP' or mnem == 'LDP') and insn.Op3.type == idc.o_displ:
if insn.auxpref & _MEMOP_WBINDEX:
reg[insn.Op3.reg] = reg[insn.Op3.reg] + insn.Op3.addr
if mnem == 'LDP':
reg.clear(insn.Op1.reg)
reg.clear(insn.Op2.reg)
elif (mnem == 'STR' or mnem == 'LDR') and not insn.auxpref & _MEMOP_WBINDEX:
if mnem == 'LDR':
if insn.Op2.type == idc.o_displ:
reg[insn.Op1.reg] = load(reg[insn.Op2.reg] + insn.Op2.addr, insn.Op1.dtyp)
else:
reg.clear(insn.Op1.reg)
elif mnem == 'BL' and insn.Op1.type == idc.o_near:
if on_BL:
on_BL(insn.Op1.addr, reg)
cleartemps()
else:
_log(10, 'Unrecognized instruction at address {:#x}', insn.ea)
reg.clearall()