def struc_member_changed(self, sptr, mptr): extra = {} sname = ida_struct.get_struc_name(sptr.id) soff = 0 if mptr.unimem() else mptr.soff flag = mptr.flag mt = ida_nalt.opinfo_t() is_not_data = ida_struct.retrieve_member_info(mt, mptr) if is_not_data: if flag & ida_bytes.off_flag(): extra["target"] = mt.ri.target extra["base"] = mt.ri.base extra["tdelta"] = mt.ri.tdelta extra["flags"] = mt.ri.flags self._send_packet( evt.StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) elif flag & ida_bytes.enum_flag(): extra["serial"] = mt.ec.serial self._send_packet( evt.StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) elif flag & ida_bytes.stru_flag(): extra["struc_name"] = ida_struct.get_struc_name(mt.tid) if flag & ida_bytes.strlit_flag(): extra["strtype"] = mt.strtype self._send_packet( evt.StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) else: self._send_packet( evt.StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) return 0
def struc_member_changed(self, sptr, mptr): extra = {} sname = ida_struct.get_struc_name(sptr.id) soff = 0 if mptr.unimem() else mptr.soff flag = mptr.flag mt = ida_nalt.opinfo_t() is_not_data = ida_struct.retrieve_member_info(mt, mptr) if is_not_data: if flag & ida_bytes.off_flag(): extra['target'] = mt.ri.target extra['base'] = mt.ri.base extra['tdelta'] = mt.ri.tdelta extra['flags'] = mt.ri.flags self._send_event( StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) # Is it really possible to create an enum? elif flag & ida_bytes.enum_flag(): extra['serial'] = mt.ec.serial self._send_event( StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) elif flag & ida_bytes.stru_flag(): extra['id'] = mt.tid if flag & ida_bytes.strlit_flag(): extra['strtype'] = mt.strtype self._send_event( StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) else: self._send_event( StrucMemberChangedEvent(sname, soff, mptr.eoff, flag, extra)) return 0
def create_cmdref(): sid = ida_struct.add_struc(0, "cmd_ref",0) idc.add_struc_member(sid, "name", -1, ida_bytes.off_flag()|ida_bytes.FF_DATA|ida_bytes.FF_DWORD, -1, 4) idc.add_struc_member(sid, "reserve1", -1, ida_bytes.FF_DWORD, -1, 4) idc.add_struc_member(sid, "param", -1, ida_bytes.FF_WORD, -1, 4) idc.add_struc_member(sid, "id", -1, ida_bytes.FF_WORD, -1, 4) idc.add_struc_member(sid, "reserve2", -1, ida_bytes.FF_DWORD, -1, 4) return sid
def op_type_changed(self, ea, n): self._plugin.logger.debug("op_type_changed(ea = %x, n = %d)" % (ea, n)) def gather_enum_info(ea, n): id = ida_bytes.get_enum_id(ea, n)[0] serial = ida_enum.get_enum_idx(id) return id, serial extra = {} mask = ida_bytes.MS_0TYPE if not n else ida_bytes.MS_1TYPE flags = ida_bytes.get_full_flags(ea) self._plugin.logger.debug("op_type_changed: flags = 0x%X)" % flags) def is_flag(type): return flags & mask == mask & type if is_flag(ida_bytes.hex_flag()): op = "hex" elif is_flag(ida_bytes.dec_flag()): op = "dec" elif is_flag(ida_bytes.char_flag()): op = "chr" elif is_flag(ida_bytes.bin_flag()): op = "bin" elif is_flag(ida_bytes.oct_flag()): op = "oct" elif is_flag(ida_bytes.off_flag()): op = "offset" elif is_flag(ida_bytes.enum_flag()): op = "enum" id, serial = gather_enum_info(ea, n) ename = ida_enum.get_enum_name(id) extra["ename"] = Event.decode(ename) extra["serial"] = serial elif flags & ida_bytes.stroff_flag(): op = "struct" path = ida_pro.tid_array(1) delta = ida_pro.sval_pointer() path_len = ida_bytes.get_stroff_path(path.cast(), delta.cast(), ea, n) spath = [] for i in range(path_len): sname = ida_struct.get_struc_name(path[i]) spath.append(Event.decode(sname)) extra["delta"] = delta.value() extra["spath"] = spath elif is_flag(ida_bytes.stkvar_flag()): op = "stkvar" # FIXME: No hooks are called when inverting sign # elif ida_bytes.is_invsign(ea, flags, n): # op = 'invert_sign' else: return 0 # FIXME: Find a better way to do this self._send_packet(evt.OpTypeChangedEvent(ea, n, op, extra)) return 0
def struct_add_ptr(sid, name, offset, count=1, type=None): """Add a pointer to a structure. If sid is a union, offset must be -1. """ ptr_flag = idc.FF_DATA | word_flag(WORD_SIZE) | ida_bytes.off_flag() ret = idc.add_struc_member(sid, name, offset, ptr_flag, 0, WORD_SIZE) if ret == 0 and type is not None: if offset == -1: offset = struct_member_offset(sid, name) assert offset is not None mid = idc.get_member_id(sid, offset) idc.SetType(mid, type) return ret
def struc_member_created(self, sptr, mptr): extra = {} sname = ida_struct.get_struc_name(sptr.id) fieldname = ida_struct.get_member_name(mptr.id) offset = 0 if mptr.unimem() else mptr.soff flag = mptr.flag nbytes = mptr.eoff if mptr.unimem() else mptr.eoff - mptr.soff mt = ida_nalt.opinfo_t() is_not_data = ida_struct.retrieve_member_info(mt, mptr) if is_not_data: if flag & ida_bytes.off_flag(): extra["target"] = mt.ri.target extra["base"] = mt.ri.base extra["tdelta"] = mt.ri.tdelta extra["flags"] = mt.ri.flags self._send_packet( evt.StrucMemberCreatedEvent( sname, fieldname, offset, flag, nbytes, extra ) ) # Is it really possible to create an enum? elif flag & ida_bytes.enum_flag(): extra["serial"] = mt.ec.serial self._send_packet( evt.StrucMemberCreatedEvent( sname, fieldname, offset, flag, nbytes, extra ) ) elif flag & ida_bytes.stru_flag(): extra["id"] = mt.tid if flag & ida_bytes.strlit_flag(): extra["strtype"] = mt.strtype self._send_packet( evt.StrucMemberCreatedEvent( sname, fieldname, offset, flag, nbytes, extra ) ) else: self._send_packet( evt.StrucMemberCreatedEvent( sname, fieldname, offset, flag, nbytes, extra ) ) return 0
def struc_member_changed(self, sptr, mptr): print("struc member changed") extra = {} sname = ida_struct.get_struc_name(sptr.id) soff = 0 if mptr.unimem() else mptr.soff flag = mptr.flag mt = ida_nalt.opinfo_t() is_not_data = ida_struct.retrieve_member_info(mt, mptr) if is_not_data: if flag & ida_bytes.off_flag(): extra["target"] = mt.ri.target extra["base"] = mt.ri.base extra["tdelta"] = mt.ri.tdelta extra["flags"] = mt.ri.flags elif flag & ida_bytes.enum_flag(): extra["serial"] = mt.ec.serial elif flag & ida_bytes.stru_flag(): extra["struc_name"] = ida_struct.get_struc_name(mt.tid) if flag & ida_bytes.strlit_flag(): extra["strtype"] = mt.strtype return 0
def struc_member_created(self, sptr, mptr): print("struc member created") extra = {} sname = ida_struct.get_struc_name(sptr.id) fieldname = ida_struct.get_member_name(mptr.id) offset = 0 if mptr.unimem() else mptr.soff flag = mptr.flag nbytes = mptr.eoff if mptr.unimem() else mptr.eoff - mptr.soff mt = ida_nalt.opinfo_t() is_not_data = ida_struct.retrieve_member_info(mt, mptr) if is_not_data: if flag & ida_bytes.off_flag(): extra["target"] = mt.ri.target extra["base"] = mt.ri.base extra["tdelta"] = mt.ri.tdelta extra["flags"] = mt.ri.flags # Is it really possible to create an enum? elif flag & ida_bytes.enum_flag(): extra["serial"] = mt.ec.serial elif flag & ida_bytes.stru_flag(): extra["struc_name"] = ida_struct.get_struc_name(mt.tid) if flag & ida_bytes.strlit_flag(): extra["strtype"] = mt.strtype return 0
-1, 4)) print( idc.add_struc_member(msid, "member2", -1, (ida_bytes.FF_DWORD | ida_bytes.FF_DATA) & 0xFFFFFFFF, -1, 4)) msize = ida_struct.get_struc_size(msid) print( "Struct:", idc.add_struc_member(sid, "tstruct", -1, ida_bytes.FF_STRUCT | ida_bytes.FF_DATA, msid, msize)) print( "Stroff:", idc.add_struc_member(sid, "tstroff", -1, ida_bytes.stroff_flag() | ida_bytes.FF_DWORD, msid, 4)) # Test offset types print( "Offset:", idc.add_struc_member( sid, "toffset", -1, ida_bytes.off_flag() | ida_bytes.FF_DATA | ida_bytes.FF_DWORD, 0, 4)) print( "Offset:", idc.set_member_type( sid, 0, ida_bytes.off_flag() | ida_bytes.FF_DATA | ida_bytes.FF_DWORD, 0, 4)) print("Done")
def create_cmdptr(): sid = ida_struct.add_struc(0, "cmd_ptr",0) idc.add_struc_member(sid, "id", -1, ida_bytes.FF_DWORD, -1, 4) idc.add_struc_member(sid, "ptr", -1, ida_bytes.off_flag()|ida_bytes.FF_DATA|ida_bytes.FF_DWORD, -1, 4) return sid