本文整理匯總了Python中idaapi.tinfo_t方法的典型用法代碼示例。如果您正苦於以下問題:Python idaapi.tinfo_t方法的具體用法?Python idaapi.tinfo_t怎麽用?Python idaapi.tinfo_t使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類idaapi
的用法示例。
在下文中一共展示了idaapi.tinfo_t方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: get_winapi_decl
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def get_winapi_decl(name):
'''
fetch the C function declaration for the given Windows API function.
'''
tup = idaapi.get_named_type(None, name, idaapi.NTF_SYMM)
if tup is None:
raise ValueError("failed to fetch type")
code, type_str, fields_str, cmt, field_cmts, sclass, value = tup
ti = idaapi.tinfo_t()
ti.deserialize(None, type_str, fields_str, cmt)
# the rendered declaration from IDA doesn't include the function name,
# so insert the function name, naively.
#
# for example;
#
# > DWORD (DWORD a, DWORD b)
# < DWORD foo(DWORD a, DWORD b);
decl = str(ti).replace("(", " " + name + "(") + ";"
return decl
示例2: get_array_data
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def get_array_data(self):
"""
Extract the array data from tinfo_t object and populate all relevant class properties.
@return: True if successful, otherwise False
"""
try:
if self.type_info.is_array():
if self.type_info.get_array_details(self.array_type_data):
self.element_type = self.array_type_data.elem_type
self.element_num = self.array_type_data.nelems
self.element_size = self.element_type.get_size()
return True
return False
except Exception as ex:
self.logger.exception("Array: Error while getting array data: %s", ex)
return False
#######################################################################################################################
#
# IDA Function Argument class wrapper
#
示例3: getStructData
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def getStructData(self):
"""
Extract the struct data from tinfo_t object and populate all relevant class properties.
@return: True if successful, otherwise False
"""
if self.type_info.is_udt():
if self.type_info.get_udt_details(self.udt_type_data):
self.name = idaapi.print_tinfo('', 0, 0, idaapi.PRTYPE_1LINE, self.type_info, '', '')
self.size = self.udt_type_data.size
self.element_num = len(self.udt_type_data)
self.is_union = self.udt_type_data.is_union
return True
return False
示例4: parse
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def parse(info):
'''Parse the string `info` into an ``idaapi.tinfo_t``.'''
til, ti = idaapi.get_idati(), idaapi.tinfo_t(),
# Convert info to a string if it's a tinfo_t
info_s = "{!s}".format(info) if isinstance(info, idaapi.tinfo_t) else info
# Firstly we need to ';'-terminate the type the user provided in order
# for IDA's parser to understand it.
terminated = info_s if info_s.endswith(';') else "{:s};".format(info_s)
# Ask IDA to parse this into a tinfo_t for us. We pass the silent flag so
# that we're responsible for raising an exception if there's a parsing
# error of some sort. If it succeeds, then we can return our typeinfo.
# Otherwise we return None because of the inability to parse it.
return None if idaapi.parse_decl(ti, til, terminated, idaapi.PT_SIL) is None else ti
示例5: typeinfo
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def typeinfo(self, info):
'''Sets the typeinfo of the structure to `info`.'''
try:
ti = database.type(self.id, info)
# If we caught a TypeError, then we received a parsing error that
# we should re-raise for the user.
except E.InvalidTypeOrValueError:
cls = self.__class__
raise E.InvalidTypeOrValueError(u"{:s}({:#x}).typeinfo : Unable to parse the specified type declaration ({!s}).".format('.'.join((__name__, cls.__name__)), self.id, utils.string.repr(info)))
# If we caught an exception trying to get the typeinfo for the
# structure, then port it to our class and re-raise.
except E.DisassemblerError:
cls = self.__class__
raise E.DisassemblerError(u"{:s}({:#x}).typeinfo : Unable to apply `idaapi.tinfo_t()` to structure {:s}.".format('.'.join((__name__, cls.__name__)), self.id, self.name))
return
示例6: test_xx
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def test_xx(idx, ctx):
import ida_typeinf
uni = ctx.get_expr('union_type')
var = ctx.get_var('v1')
tname = var.typ.dstr().split(' ')[0]
tinfo = idaapi.tinfo_t()
if tname == 'class1':
idaapi.parse_decl2(idaapi.cvar.idati, 'vptr1_1 *;', tinfo, idaapi.PT_TYP)
uni[0].type = tinfo
uni[0].m = 0
elif tname == "class2":
idaapi.parse_decl2(idaapi.cvar.idati, 'struc_5 *;', tinfo, idaapi.PT_TYP)
uni[0].type = tinfo
uni[0].m = 1
else:
return False
return True
示例7: processStructIDA7
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def processStructIDA7(self, regPrefix, struc, sid):
members = loadMembers(struc, sid)
foundFunctions = 0
for off, name, memb in members:
funcname = self.filterName(regPrefix, name)
tup = idaapi.get_named_type(None, funcname, idaapi.NTF_SYMM)
if tup is None:
continue
code, type_str, fields_str, cmt, field_cmts, sclass, value = tup
foundFunctions += 1
tif = idaapi.tinfo_t()
tif.deserialize(None, type_str, fields_str, cmt)
if not tif.is_func():
logger.debug('Found named type, but not a function: %s', funcname)
continue
tif.create_ptr(tif)
ret = idaapi.set_member_tinfo(struc, memb, off, tif, 0)
if ret != idaapi.SMT_OK:
logger.info("Got set_member_tinfo ret code: %d" % ret)
else:
logger.info('set_member_tinfo: %s', tif.dstr())
示例8: getBuiltinGlobalTypePython
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def getBuiltinGlobalTypePython(self):
logger.debug('Getting GlobalType the Python way')
sym = idaapi.til_symbol_t()
if using_ida7api:
ret = idaapi.choose_named_type(sym, idaapi.get_idati(), 'Choose type to apply', idaapi.NTF_SYMM, None)
else:
ret = idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, None, sym)
if not ret:
logger.debug('User canceled. Bailing out')
return
tuple = idaapi.get_named_type(sym.til, sym.name, 0)
if tuple == None:
logger.debug('Could not find %s', sym.name)
return
tinfo = idaapi.tinfo_t()
tinfo.deserialize(sym.til, tuple[1], tuple[2])
return tinfo
示例9: activate
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def activate(self, ctx):
sel = []
for idx in ctx.chooser_selection:
# rename the function
ea = get_name_ea_simple(self.items[idx][2])
sfname = str(self.items[idx][4])
#set_name(ea, sfname)
idaapi.do_name_anyway(ea, sfname)
success('{:#x}: renamed to {}'.format(ea, sfname))
# set the function prototype
sptype = str(self.items[idx][5])
if sptype != 'None':
tinfo = idaapi.tinfo_t()
idaapi.parse_decl2(idaapi.cvar.idati, sptype, tinfo, 0)
#idaapi.apply_callee_tinfo(ea, tinfo)
if idaapi.apply_tinfo(ea, tinfo, 0):
success('{:#x}: function prototype set to {}'.format(ea, sptype))
else:
error('{:#x}: function prototype set FAILED (maybe you should import the types?)'.format(ea))
if ask_yn(0, 'Do you import types from the secondary idb?') == 1:
if self.import_types():
tinfo = idaapi.tinfo_t()
idaapi.parse_decl2(idaapi.cvar.idati, sptype, tinfo, 0)
if idaapi.apply_tinfo(ea, tinfo, 0):
success('{:#x}: function prototype set to {}'.format(ea, sptype))
else:
error('{:#x}: function prototype set FAILED again'.format(ea))
# insert the comment
score = self.items[idx][0]
mmatch = self.items[idx][1]
cmt = 'fn_fuzzy: ssdeep={}, machoc={}'.format(score, mmatch)
set_func_cmt(ea, cmt, 1)
#set_decomplier_cmt(ea, cmt) # not sure how to avoid orphan comment
# update the Choose rows
ida_kernwin.refresh_chooser(self.title)
示例10: export
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def export(self):
if self.existed() and not self.f_update:
info('{}: The sample records are present in DB. skipped.'.format(self.sha256))
return False
self.cur.execute("REPLACE INTO sample values(?, ?)", (self.sha256, self.idb_path))
pnum = tnum = 0
records = []
for fva in idautils.Functions():
fname = get_func_name(fva)
tnum += 1
if self.exclude_libthunk(fva, fname):
continue
fhd, bsize = self.calc_fn_ssdeep(fva, fname)
fhm, cfgnum = self.calc_fn_machoc(fva, fname)
if fhd and fhm:
pnum += 1
f_ana = bool(self.ana_pat.search(fname)) if self.f_ana_exp else False
tinfo = idaapi.tinfo_t()
idaapi.get_tinfo(fva, tinfo)
ptype = idaapi.print_tinfo('', 0, 0, idaapi.PRTYPE_1LINE, tinfo, fname, '')
ptype = ptype + ';' if ptype is not None else ptype
# fva is 64-bit int causing OverflowError
records.append((self.sha256, '{:#x}'.format(fva), fname, fhd, fhm, f_ana, bsize, ptype))
self.debug('EXPORT {} at {:#x}: ssdeep={} (size={}), machoc={} (num of CFG={})'.format(fname, fva, fhd, bsize, fhm, cfgnum))
self.cur.executemany("REPLACE INTO function values (?, ?, ?, ?, ?, ?, ?, ?)", records)
success ('{} of {} functions exported'.format(pnum, tnum))
return True
示例11: __init__
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def __init__(self, ea, iatEA=None, library_name=None):
"""
Ctor
"""
self.logger = logging.getLogger(__name__)
self.ea = ea # Effective Address of the function
self.iatEA = iatEA # If imported function, the address in the IAT
try:
function = sark.Function(ea)
except sark.exceptions.SarkNoFunction:
raise DIE.Lib.DIE_Exceptions.DieNoFunction("No Function at 0x%08X" % (ea, ))
self.funcName = get_function_name(function.ea)
self.func_start = function.startEA
self.func_end = function.endEA
self.proto_ea = self.getFuncProtoAdr() # Address of function prototype
self.typeInfo = idaapi.tinfo_t() # Function type info
self.funcInfo = idaapi.func_type_data_t() # Function info
self.argNum = 0 # Number of input arguments
self.args = [] # Function argument list
self.retArg = None # Return argument
self.library_name = library_name # If library function, name of containing library
self.isLibFunc = False
if self.iatEA:
self.isLibFunc = True # Is this a library function
elif sark.Function(ea).flags & (idaapi.FUNC_LIB | idaapi.FUNC_THUNK):
self.isLibFunc = True
try:
self.getArguments()
except Exception as ex:
self.logger.error("Failed to get function arguments for function %s: %s", self.funcName, ex)
示例12: __new__
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def __new__(cls):
'''Return the typeinfo for the current function as a ``idaapi.tinfo_t``.'''
return cls(ui.current.address())
示例13: format_item
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def format_item(self, num_printer, storage, item):
if item is None or isinstance(item, bool):
storage.append("{!s}".format(item))
elif isinstance(item, six.string_types):
storage.append(self.format_basestring(item))
elif isinstance(item, six.integer_types):
storage.append(num_printer(item))
elif isinstance(item, idaapi.tinfo_t):
storage.append("{!s}".format(item))
elif item.__class__ is list:
self.format_seq(num_printer, storage, item, '[', ']')
elif item.__class__ is tuple:
self.format_seq(num_printer, storage, item, '(', ')')
elif item.__class__ is set:
self.format_seq(num_printer, storage, item, 'set([', '])')
elif item.__class__ is dict:
storage.append('{')
for idx, pair in enumerate(item.items()):
if idx > 0:
storage.append(', ')
self.format_item(num_printer, storage, pair[0])
storage.append(": ")
self.format_item(num_printer, storage, pair[1])
storage.append('}')
else:
storage.append("{!r}".format(item))
示例14: helper_getTinfoOfFuncName
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def helper_getTinfoOfFuncName(self, funcName):
try:
sym = til_symbol_t()
sym.til = cvar.idati
sym.name = funcName
tinfo = idaapi.tinfo_t()
namedType = get_named_type(sym.til, sym.name, 0)
if namedType == None:
return tinfo, False
tinfo.deserialize(sym.til, namedType[1], namedType[2])
return tinfo, True
except:
return None, False
示例15: getUserDeclType
# 需要導入模塊: import idaapi [as 別名]
# 或者: from idaapi import tinfo_t [as 別名]
def getUserDeclType(self, decl):
tinfo = idaapi.tinfo_t()
#logger.debug('Trying to parse declaration: %r', decl)
ret = idaapi.parse_decl2(idaapi.cvar.idati, decl, tinfo, idaapi.PT_TYP)
#logger.debug('Return from parse_decl2: %r', ret)
if ret is None:
logger.info('parse_decl2 failed')
return None
return tinfo