def GetStrLitContents(ea): potential_len = ida_bytes.get_max_strlit_length(ea, ida_nalt.STRTYPE_C_16) if(potential_len > 0): # If we get a non zero length, this is likely our string return ida_bytes.get_strlit_contents(ea, potential_len, ida_nalt.STRTYPE_C_16) # If we didn't get a good length out of C_16, try 8 bit strings potential_len = ida_bytes.get_max_strlit_length(ea, ida_nalt.STRTYPE_C) if(potential_len > 0): return ida_bytes.get_strlit_contents(ea, potential_len, ida_nalt.STRTYPE_C) #print("Error! %lu not a string" % (ea)) return ""
def get_string(self, string_idx): addr = self.nn_strtab.altval(string_idx, Dex.STRTAB_TAB) if addr is 0: return None length = ida_bytes.get_max_strlit_length( addr, STRTYPE_C, ida_bytes.ALOPT_IGNHEADS | ida_bytes.ALOPT_IGNPRINT) return ida_bytes.get_strlit_contents(addr, length, STRTYPE_C)
def get_string(self, from_ea, string_idx): addr = self.idx_to_ea(from_ea, string_idx, Dex.DEXVAR_STRING_IDS) if addr == ida_idaapi.BADADDR: return None length = ida_bytes.get_max_strlit_length( addr, idc.STRTYPE_C, ida_bytes.ALOPT_IGNHEADS | ida_bytes.ALOPT_IGNPRINT) return ida_bytes.get_strlit_contents(addr, length, idc.STRTYPE_C)
def create_and_get_typec_string(ea): size = ida_bytes.get_max_strlit_length( ea, ida_nalt.STRTYPE_C, ida_bytes.ALOPT_IGNCLT | ida_bytes.ALOPT_IGNHEADS | ida_bytes.ALOPT_IGNPRINT) if size == 0: return "" ida_bytes.create_strlit(ea, size, ida_nalt.STRTYPE_C) string = str(ida_bytes.get_strlit_contents(ea, size, ida_nalt.STRTYPE_C), encoding="utf-8") return string
def op_type_changed(self, ea, n): flags = ida_bytes.get_flags(ea) self.log("op_type_changed(ea=0x%08X, n=%d). Flags now: 0x%08X" % (ea, n, flags)) buf = ida_nalt.opinfo_t() opi = ida_bytes.get_opinfo(buf, ea, n, flags) if opi: if ida_bytes.is_struct(flags): self.log("New struct: 0x%08X (name=%s)" % ( opi.tid, ida_struct.get_struc_name(opi.tid))) elif ida_bytes.is_strlit(flags): encidx = ida_nalt.get_str_encoding_idx(opi.strtype) if encidx == ida_nalt.STRENC_DEFAULT: encidx = ida_nalt.get_default_encoding_idx(ida_nalt.get_strtype_bpu(opi.strtype)) encname = ida_nalt.get_encoding_name(encidx) strlen = ida_bytes.get_max_strlit_length( ea, opi.strtype, ida_bytes.ALOPT_IGNHEADS | ida_bytes.ALOPT_IGNCLT) raw = ida_bytes.get_strlit_contents(ea, strlen, opi.strtype) or b"" self.log("New strlit: 0x%08X, raw hex=%s (encoding=%s)" % ( opi.strtype, binascii.hexlify(raw), encname)) elif ida_bytes.is_off(flags, n): self.log("New offset: refinfo={target=0x%08X, base=0x%08X, tdelta=0x%08X, flags=0x%X}" % ( opi.ri.target, opi.ri.base, opi.ri.tdelta, opi.ri.flags)) elif ida_bytes.is_enum(flags, n): self.log("New enum: 0x%08X (enum=%s), serial=%d" % ( opi.ec.tid, ida_enum.get_enum_name(opi.ec.tid), opi.ec.serial)) pass elif ida_bytes.is_stroff(flags, n): parts = [] for i in range(opi.path.len): tid = opi.path.ids[i] parts.append("0x%08X (name=%s)" % (tid, ida_struct.get_struc_name(tid))) self.log("New stroff: path=[%s] (len=%d, delta=0x%08X)" % ( ", ".join(parts), opi.path.len, opi.path.delta)) elif ida_bytes.is_custom(flags) or ida_bytes.is_custfmt(flags, n): self.log("New custom data type") # unimplemented else: print("Cannot retrieve opinfo_t")
def read_cstring(ea): len = ida_bytes.get_max_strlit_length(ea, ida_nalt.STRTYPE_C) return ida_bytes.get_strlit_contents(ea, len, ida_nalt.STRTYPE_C)
def get_str_literal(addr): type = ida_nalt.get_str_type(addr) length = ida_bytes.get_max_strlit_length(addr, type, ida_bytes.ALOPT_IGNHEADS) return ida_bytes.get_strlit_contents(addr, length, type).decode('ascii')
def read_str(ea: int) -> Optional[str]: length = ida_bytes.get_max_strlit_length(ea, ida_nalt.STRTYPE_C) value = ida_bytes.get_strlit_contents(ea, length, ida_nalt.STRTYPE_C) return value.decode("utf-8") if value else value
def get_string(self, from_ea, string_idx): addr = self.idx_to_ea(from_ea, string_idx, Dex.DEXVAR_STRING_IDS) if addr == ida_idaapi.BADADDR: return None length = ida_bytes.get_max_strlit_length(addr, idc.STRTYPE_C, ida_bytes.ALOPT_IGNHEADS|ida_bytes.ALOPT_IGNPRINT) return ida_bytes.get_strlit_contents(addr, length, idc.STRTYPE_C)