def getBuiltinGlobalTypePython(self): logger.debug('Getting GlobalType the Python way') sym = idaapi.til_symbol_t() if using_ida7api: ret = idaapi.choose_named_type(sym, idaapi.get_idati(), 'Choose type to apply', idaapi.NTF_SYMM, None) else: ret = idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, None, sym) if not ret: logger.debug('User canceled. Bailing out') return tuple = idaapi.get_named_type(sym.til, sym.name, 0) if tuple == None: logger.debug('Could not find %s', sym.name) return tinfo = idaapi.tinfo_t() tinfo.deserialize(sym.til, tuple[1], tuple[2]) return tinfo
def getBuiltinGlobalTypePython(self): self.logger.debug('Getting GlobalType the Python way') sym = idaapi.til_symbol_t() ret = idaapi.choose_named_type2(idaapi.cvar.idati, 'Choose type to apply', idaapi.NTF_SYMM, None, sym) if not ret: self.logger.debug('User canceled. Bailing out') return tuple = idaapi.get_named_type(sym.til, sym.name, 0) if tuple == None: self.logger.debug('Could not find %s', sym.name) return tinfo = idaapi.tinfo_t() tinfo.deserialize(sym.til, tuple[1], tuple[2]) return tinfo
def get_winapi_decl(name): ''' fetch the C function declaration for the given Windows API function. ''' tup = idaapi.get_named_type(None, name, idaapi.NTF_SYMM) if tup is None: raise ValueError("failed to fetch type") code, type_str, fields_str, cmt, field_cmts, sclass, value = tup ti = idaapi.tinfo_t() ti.deserialize(None, type_str, fields_str, cmt) # the rendered declaration from IDA doesn't include the function name, # so insert the function name, naively. # # for example; # # > DWORD (DWORD a, DWORD b) # < DWORD foo(DWORD a, DWORD b); decl = str(ti).replace("(", " " + name + "(") + ";" return decl
def processStructIDA7(self, regPrefix, struc, sid): members = loadMembers(struc, sid) foundFunctions = 0 for off, name, memb in members: funcname = self.filterName(regPrefix, name) tup = idaapi.get_named_type(None, funcname, idaapi.NTF_SYMM) if tup is None: continue code, type_str, fields_str, cmt, field_cmts, sclass, value = tup foundFunctions += 1 tif = idaapi.tinfo_t() tif.deserialize(None, type_str, fields_str, cmt) if not tif.is_func(): logger.debug('Found named type, but not a function: %s', funcname) continue tif.create_ptr(tif) ret = idaapi.set_member_tinfo(struc, memb, off, tif, 0) if ret != idaapi.SMT_OK: logger.info("Got set_member_tinfo ret code: %d" % ret) else: logger.info('set_member_tinfo: %s', tif.dstr())