def _read_struct_member(struct, sid, union, ea, offset, name, size, asobject):
"""Read a member into a struct for read_struct."""
flags = idc.GetMemberFlag(sid, offset)
assert flags != -1
# Extra information for parsing a struct.
member_sid, member_ssize = None, None
if idc.isStruct(flags):
member_sid = idc.GetMemberStrId(sid, offset)
member_ssize = idc.GetStrucSize(member_sid)
# Get the address of the start of the member.
member = ea
if not union:
member += offset
# Now parse out the value.
array = []
processed = 0
while processed < size:
value, read = _read_struct_member_once(member + processed, flags, size,
member_sid, member_ssize,
asobject)
assert size % read == 0
array.append(value)
processed += read
if len(array) == 1:
value = array[0]
else:
value = array
struct[name] = value
def get_struc_offset(ea, opn):
path = idaapi.tid_array(1)
delta = idaapi.sval_pointer()
idaapi.get_stroff_path(ea, opn, path.cast(), delta.cast())
struct = path[0]
if idaapi.decode_insn(ea) == 0:
print 'error in {0}'.format(GetDisasm(ea))
else:
op = idaapi.cmd.Operands[opn]
offset = op.value
result = []
idaapi.get_stroff_path(ea, opn, path.cast(), delta.cast())
struct = path[0]
while offset:
member_id = idc.GetMemberId(struct, offset)
member_name = idc.GetMemberName(member_id)
field_struct_id = idc.GetMemberStrId(struct, offset)
if field_struct_id != idc.BADADDR:
result.append(
[field_struct_id,
idc.GetStrucName(field_struct_id)])
else:
result.append([member_name, idc.GetMemberFlag(struct, offset)])
return result
offset -= idc.GetMemberOffset(member_name)
def __init__(self, sid, offs):
self.offs = offs
#sid = struc
name = None
substruct = -1
size = 0
if not warnBad(sid):
#struc = idaapi.get_struc(sid)
#member = idaapi.get_member(struc, offs)
name = idc.GetMemberName(sid, offs)
substruct = idc.GetMemberStrId(sid, offs)
size = idc.GetMemberSize(sid, offs)
#name = idaapi.get_member_name(member.id)
#substruct = idaapi.get_sptr(member)
#size = idaapi.get_member_size(member)
self.name = name
self.struc = substruct
self.size = size
def member_str_id(mem, parent):
if idaapi.isStruct(mem.flag):
return idc.GetMemberStrId(parent.id, mem.soff)
else:
return None