def DecodePreviousInstruction(ea):
"""
Decodes the previous instruction and returns an insn_t like class
@param ea: address to decode
@return: None or a new insn_t instance
"""
insn = ida_ua.insn_t()
prev_addr = ida_ua.decode_prev_insn(insn, ea)
return insn if prev_addr != ida_idaapi.BADADDR else None
def DecodePreviousInstruction(ea):
"""
Decodes the previous instruction and returns an insn_t like class
@param ea: address to decode
@return: None or a new insn_t instance
"""
prev_addr = ida_ua.decode_prev_insn(ea)
if prev_addr == ida_idaapi.BADADDR:
return None
return ida_ua.cmd.copy()
def PrevInstr(ea):
# TODO this will return an inst_t type. Need to figure out how to populate it/make workflow happy
return ida_ua.decode_prev_insn(ea, ea-MAX_OPCODE_LEN)
procs = {
0x18: "Create",
0x1C: "Destroy",
0x20: "Icon",
0x24: "Paint",
0x28: "Size",
0x2C: "Input",
0x30: "Focus",
0x34: "Scroll",
0x38: "Data",
0x3C: "Help"
}
if res[0] == 1:
regfunc = res[1]
regcall = ida_xref.get_first_cref_to(regfunc)
while regcall != ida_idaapi.BADADDR:
insn = ida_ua.insn_t()
ida_ua.decode_insn(insn, regcall)
for i in range(20):
if insn.get_canon_mnem() == 'mov' and insn.Op1.type == 4:
if insn.Op1.addr in procs:
ida_offset.op_plain_offset(insn.ea, 1, code_ea)
target = code_ea + insn.Op2.value
ida_funcs.add_func(target, ida_idaapi.BADADDR)
ida_name.set_name(
target, procs[insn.Op1.addr] + "_" + hex(regcall)[2:])
ida_ua.decode_prev_insn(insn, insn.ea)
regcall = ida_xref.get_next_cref_to(regfunc, regcall)
def PrevInstr(ea):
# TODO this will return an inst_t type. Need to figure out how to populate it/make workflow happy
out = ida_ua.insn_t()
ida_ua.decode_prev_insn(out, ea)
return out.ea
