Пример #1
0
def _read_struct_member(struct, sid, union, ea, offset, name, size, asobject):
    """Read a member into a struct for read_struct."""
    flags = idc.GetMemberFlag(sid, offset)
    assert flags != -1
    # Extra information for parsing a struct.
    member_sid, member_ssize = None, None
    if idc.isStruct(flags):
        member_sid = idc.GetMemberStrId(sid, offset)
        member_ssize = idc.GetStrucSize(member_sid)
    # Get the address of the start of the member.
    member = ea
    if not union:
        member += offset
    # Now parse out the value.
    array = []
    processed = 0
    while processed < size:
        value, read = _read_struct_member_once(member + processed, flags, size,
                                               member_sid, member_ssize,
                                               asobject)
        assert size % read == 0
        array.append(value)
        processed += read
    if len(array) == 1:
        value = array[0]
    else:
        value = array
    struct[name] = value
Пример #2
0
def get_struc_offset(ea, opn):
    path = idaapi.tid_array(1)
    delta = idaapi.sval_pointer()
    idaapi.get_stroff_path(ea, opn, path.cast(), delta.cast())
    struct = path[0]
    if idaapi.decode_insn(ea) == 0:
        print 'error in {0}'.format(GetDisasm(ea))
    else:
        op = idaapi.cmd.Operands[opn]
        offset = op.value
        result = []
        idaapi.get_stroff_path(ea, opn, path.cast(), delta.cast())
        struct = path[0]
        while offset:
            member_id = idc.GetMemberId(struct, offset)
            member_name = idc.GetMemberName(member_id)
            field_struct_id = idc.GetMemberStrId(struct, offset)
            if field_struct_id != idc.BADADDR:
                result.append(
                    [field_struct_id,
                     idc.GetStrucName(field_struct_id)])
            else:
                result.append([member_name, idc.GetMemberFlag(struct, offset)])
                return result
            offset -= idc.GetMemberOffset(member_name)
Пример #3
0
    def __init__(self, sid, offs):
        self.offs = offs
        #sid = struc
        name = None
        substruct = -1
        size = 0

        if not warnBad(sid):
            #struc = idaapi.get_struc(sid)
            #member = idaapi.get_member(struc, offs)

            name = idc.GetMemberName(sid, offs)
            substruct = idc.GetMemberStrId(sid, offs)
            size = idc.GetMemberSize(sid, offs)
            #name = idaapi.get_member_name(member.id)
            #substruct = idaapi.get_sptr(member)
            #size = idaapi.get_member_size(member)

        self.name = name
        self.struc = substruct
        self.size = size
Пример #4
0
def member_str_id(mem, parent):
    if idaapi.isStruct(mem.flag):
        return idc.GetMemberStrId(parent.id, mem.soff)
    else:
        return None