 |
IDAPython 8.4
|
|
IDAPython 8.4
|
Functions that deal with C-like expressions and built-in IDC language. Functions marked THREAD_SAFE may be called from any thread. No simultaneous calls should be made for the same variable. We protect only global structures, individual variables must be protected manually.
Classes | |
| class | _IdcFunction |
| class | highlighter_cbs_t |
| Proxy of C++ highlighter_cbs_t class. More... | |
| class | idc_global_t |
| Proxy of C++ idc_global_t class. More... | |
| class | idc_value_t |
| Proxy of C++ idc_value_t class. More... | |
| class | idc_values_t |
| Proxy of C++ qvector< idc_value_t > class. More... | |
Functions | |
| "qstring *" | compile_idc_file (*args) |
| compile_idc_file(nonnul_line) -> str | |
| "qstring *" | compile_idc_text (*args) |
| compile_idc_text(nonnul_line) -> str | |
| "size_t" | py_get_call_idc_func (*args) |
| py_get_call_idc_func() -> size_t | |
| "size_t" | pyw_register_idc_func (*args) |
| pyw_register_idc_func(name, args, py_fp) -> size_t | |
| "bool" | pyw_unregister_idc_func (*args) |
| pyw_unregister_idc_func(ctxptr) -> bool | |
| "bool" | pyw_convert_defvals (*args) |
| pyw_convert_defvals(out, py_seq) -> bool | |
| "bool" | py_add_idc_func (*args) |
| py_add_idc_func(name, fp_ptr, args, defvals, flags) -> bool | |
| "qstring *" | eval_expr (*args) |
| eval_expr(rv, where, line) -> str Compile and calculate an expression. | |
| "qstring *" | eval_idc_expr (*args) |
| eval_idc_expr(rv, where, line) -> str Same as eval_expr(), but will always use the IDC interpreter regardless of the currently installed extlang. | |
| "error_t" | idcv_long (*args) |
| idcv_long(v) -> error_t Convert IDC variable to a long (32/64bit) number. | |
| "error_t" | idcv_int64 (*args) |
| idcv_int64(v) -> error_t Convert IDC variable to a 64bit number. | |
| "error_t" | idcv_num (*args) |
| idcv_num(v) -> error_t Convert IDC variable to a long number. | |
| "error_t" | idcv_string (*args) |
| idcv_string(v) -> error_t Convert IDC variable to a text string. | |
| "error_t" | idcv_float (*args) |
| idcv_float(v) -> error_t Convert IDC variable to a floating point. | |
| "error_t" | idcv_object (*args) |
| idcv_object(v, icls=None) -> error_t Create an IDC object. | |
| "error_t" | move_idcv (*args) |
| move_idcv(dst, src) -> error_t Move 'src' to 'dst'. | |
| "error_t" | copy_idcv (*args) |
| copy_idcv(dst, src) -> error_t Copy 'src' to 'dst'. | |
| "error_t" | deep_copy_idcv (*args) |
| deep_copy_idcv(dst, src) -> error_t Deep copy an IDC object. | |
| "void" | free_idcv (*args) |
| free_idcv(v) Free storage used by VT_STR/VT_OBJ IDC variables. | |
| "void" | swap_idcvs (*args) |
| swap_idcvs(v1, v2) Swap 2 variables. | |
| "qstring *" | get_idcv_class_name (*args) |
| get_idcv_class_name(obj) -> str Retrieves the IDC object class name. | |
| "error_t" | get_idcv_attr (*args) |
| get_idcv_attr(res, obj, attr, may_use_getattr=False) -> error_t Get an object attribute. | |
| "error_t" | set_idcv_attr (*args) |
| set_idcv_attr(obj, attr, value, may_use_setattr=False) -> error_t Set an object attribute. | |
| "error_t" | del_idcv_attr (*args) |
| del_idcv_attr(obj, attr) -> error_t Delete an object attribute. | |
| "char const *" | first_idcv_attr (*args) |
| first_idcv_attr(obj) -> char const * | |
| "char const *" | last_idcv_attr (*args) |
| last_idcv_attr(obj) -> char const * | |
| "char const *" | next_idcv_attr (*args) |
| next_idcv_attr(obj, attr) -> char const * | |
| "char const *" | prev_idcv_attr (*args) |
| prev_idcv_attr(obj, attr) -> char const * | |
| "qstring *" | print_idcv (*args) |
| print_idcv(v, name=None, indent=0) -> str Get text representation of idc_value_t. | |
| "error_t" | get_idcv_slice (*args) |
| get_idcv_slice(res, v, i1, i2, flags=0) -> error_t Get slice. | |
| "error_t" | set_idcv_slice (*args) |
| set_idcv_slice(v, i1, i2, _in, flags=0) -> error_t Set slice. | |
| "idc_class_t *" | add_idc_class (*args) |
| add_idc_class(name, super=None) -> idc_class_t * Create a new IDC class. | |
| "idc_class_t *" | find_idc_class (*args) |
| find_idc_class(name) -> idc_class_t * Find an existing IDC class by its name. | |
| "idc_value_t *" | deref_idcv (*args) |
| deref_idcv(v, vref_flags) -> idc_value_t Dereference a VT_REF variable. | |
| "bool" | create_idcv_ref (*args) |
| create_idcv_ref(ref, v) -> bool Create a variable reference. | |
| "idc_value_t *" | add_idc_gvar (*args) |
| add_idc_gvar(name) -> idc_value_t Add global IDC variable. | |
| "idc_value_t *" | find_idc_gvar (*args) |
| find_idc_gvar(name) -> idc_value_t Find an existing global IDC variable by its name. | |
| "qstring *" | find_idc_func (*args) |
| find_idc_func(prefix, n=0) -> str | |
| "bool" | set_header_path (*args) |
| set_header_path(path, add) -> bool Set or append a header path. | |
| "char const *" | get_idc_filename (*args) |
| get_idc_filename(file) -> str Get full name of IDC file name. | |
| "bool" | exec_system_script (*args) |
| exec_system_script(file, complain_if_no_file=True) -> bool Compile and execute "main" function from system file. | |
| "qstring *" | compile_idc_snippet (*args) |
| compile_idc_snippet(func, text, resolver=None, only_safe_funcs=False) -> str Compile text with IDC statements. | |
| "qstring *" | exec_idc_script (*args) |
| exec_idc_script(result, path, func, args, argsnum) -> str Compile and execute IDC function(s) from file. | |
| "error_t" | throw_idc_exception (*args) |
| throw_idc_exception(r, desc) -> error_t Create an idc execution exception object. | |
| del_idc_func (name) | |
| Unregisters the specified IDC function. | |
| add_idc_func (name, fp, args, defvals=(), flags=0) | |
| Extends the IDC language by exposing a new IDC function that is backed up by a Python function. | |
Variables | |
| IDC_LANG_EXT = _ida_expr.IDC_LANG_EXT | |
| VARSLICE_SINGLE = _ida_expr.VARSLICE_SINGLE | |
| VREF_LOOP = _ida_expr.VREF_LOOP | |
| VREF_ONCE = _ida_expr.VREF_ONCE | |
| VREF_COPY = _ida_expr.VREF_COPY | |
| VT_LONG = _ida_expr.VT_LONG | |
| VT_FLOAT = _ida_expr.VT_FLOAT | |
| VT_WILD = _ida_expr.VT_WILD | |
| VT_OBJ = _ida_expr.VT_OBJ | |
| VT_FUNC = _ida_expr.VT_FUNC | |
| VT_STR = _ida_expr.VT_STR | |
| VT_PVOID = _ida_expr.VT_PVOID | |
| VT_INT64 = _ida_expr.VT_INT64 | |
| VT_REF = _ida_expr.VT_REF | |
| eExecThrow = _ida_expr.eExecThrow | |
| HF_DEFAULT = _ida_expr.HF_DEFAULT | |
| HF_KEYWORD1 = _ida_expr.HF_KEYWORD1 | |
| HF_KEYWORD2 = _ida_expr.HF_KEYWORD2 | |
| HF_KEYWORD3 = _ida_expr.HF_KEYWORD3 | |
| HF_STRING = _ida_expr.HF_STRING | |
| HF_COMMENT = _ida_expr.HF_COMMENT | |
| HF_PREPROC = _ida_expr.HF_PREPROC | |
| HF_NUMBER = _ida_expr.HF_NUMBER | |
| HF_MAX = _ida_expr.HF_MAX | |
| CPL_DEL_MACROS = _ida_expr.CPL_DEL_MACROS | |
| CPL_USE_LABELS = _ida_expr.CPL_USE_LABELS | |
| CPL_ONLY_SAFE = _ida_expr.CPL_ONLY_SAFE | |
| int | EXTFUN_BASE = 0x0001 |
| int | EXTFUN_NORET = 0x0002 |
| int | EXTFUN_SAFE = 0x0004 |
| "idc_class_t *" add_idc_class | ( | * | args | ) |
| name | (C++: const char *) name of the new class |
| super | (C++: const idc_class_t *) the base class for the new class. if the new class is not based on any other class, pass nullptr |
| add_idc_func | ( | name, | |
| fp, | |||
| args, | |||
| defvals = (), | |||
| flags = 0 ) |
Add an IDC function. This function does not modify the predefined kernel functions. Example: static error_t idaapi myfunc5(idc_value_t *argv, idc_value_t *res) { msg("myfunc is called with arg0=%a and arg1=%s\n", argv[0].num, argv[1].str); res->num = 5; // let's return 5 return eOk; } static const char myfunc5_args[] = { VT_LONG, VT_STR, 0 }; static const ext_idcfunc_t myfunc_desc = { "MyFunc5", myfunc5, myfunc5_args, nullptr, 0, EXTFUN_BASE }; // after this: add_idc_func(myfunc_desc); // there is a new IDC function which can be called like this: MyFunc5(0x123, "test");
| "idc_value_t *" add_idc_gvar | ( | * | args | ) |
| name | (C++: const char *) name of the global variable |
| "qstring *" compile_idc_file | ( | * | args | ) |
| nonnul_line | char const * |
| "qstring *" compile_idc_snippet | ( | * | args | ) |
| func | (C++: const char *) name of the function to create out of the snippet |
| text | (C++: const char *) text to compile |
| resolver | (C++: idc_resolver_t *) callback object to get values of undefined variables This object will be called if IDC function contains references to undefined variables. May be nullptr. |
| only_safe_funcs | (C++: bool) if true, any calls to functions without EXTFUN_SAFE flag will lead to a compilation error. |
| true | ok |
| false | error, see errbuf |
| "qstring *" compile_idc_text | ( | * | args | ) |
| nonnul_line | char const * |
| "error_t" copy_idcv | ( | * | args | ) |
For idc objects only a reference is copied.
| dst | (C++: idc_value_t *) |
| src | (C++: const idc_value_t &) idc_value_t const & |
| "bool" create_idcv_ref | ( | * | args | ) |
Currently only references to global variables can be created.
| ref | (C++: idc_value_t *) ptr to the result |
| v | (C++: const idc_value_t *) variable to reference |
| "error_t" deep_copy_idcv | ( | * | args | ) |
This function performs deep copy of idc objects. If 'src' is not an object, copy_idcv() will be called
| dst | (C++: idc_value_t *) |
| src | (C++: const idc_value_t &) idc_value_t const & |
| del_idc_func | ( | name | ) |
Delete an IDC function
| "error_t" del_idcv_attr | ( | * | args | ) |
| obj | (C++: idc_value_t *) variable that holds an object reference |
| attr | (C++: const char *) attribute name |
| "idc_value_t *" deref_idcv | ( | * | args | ) |
| v | (C++: idc_value_t *) variable to dereference |
| vref_flags | (C++: int) Dereference IDC variable flags |
| "qstring *" eval_expr | ( | * | args | ) |
| rv | (C++: idc_value_t *) pointer to the result |
| where | (C++: ea_t) the current linear address in the addressing space of the program being disassembled. If will be used to resolve names of local variables etc. if not applicable, then should be BADADDR. |
| line | (C++: const char *) the expression to evaluate |
| true | ok |
| false | error, see errbuf |
| "qstring *" eval_idc_expr | ( | * | args | ) |
| rv | (C++: idc_value_t *) |
| where | (C++: ea_t) |
| line | char const * |
| "qstring *" exec_idc_script | ( | * | args | ) |
| result | (C++: idc_value_t *) ptr to idc_value_t to hold result of the function. If execution fails, this variable will contain the exception information. You may pass nullptr if you are not interested in the returned value. |
| path | (C++: const char *) text file containing text of IDC functions |
| func | (C++: const char *) function name to execute |
| args | (C++: const idc_value_t) array of parameters |
| argsnum | (C++: size_t) number of parameters to pass to 'fname' This number should be equal to number of parameters the function expects. |
| true | ok |
| false | error, see errbuf |
| "bool" exec_system_script | ( | * | args | ) |
| file | (C++: const char *) file name with IDC function(s). The file will be searched using get_idc_filename(). |
| complain_if_no_file | (C++: bool) * 1: display warning if the file is not found
|
| 1 | ok, file is compiled and executed |
| 0 | failure, compilation or execution error, warning is displayed |
| "idc_class_t *" find_idc_class | ( | * | args | ) |
| name | (C++: const char *) name of the class |
| "qstring *" find_idc_func | ( | * | args | ) |
| prefix | char const * |
| n | int |
| "idc_value_t *" find_idc_gvar | ( | * | args | ) |
| name | (C++: const char *) name of the global variable |
| "char const *" first_idcv_attr | ( | * | args | ) |
| obj | idc_value_t const * |
| "void" free_idcv | ( | * | args | ) |
After this call the variable has a numeric value 0
| v | (C++: idc_value_t *) |
| "char const *" get_idc_filename | ( | * | args | ) |
Search for file in list of include directories, IDCPATH directory and system directories.
| file | (C++: const char *) file name without full path |
| "error_t" get_idcv_attr | ( | * | args | ) |
| res | (C++: idc_value_t *) buffer for the attribute value |
| obj | (C++: const idc_value_t *) variable that holds an object reference. if obj is nullptr it searches global variables, then user functions |
| attr | (C++: const char *) attribute name |
| may_use_getattr | (C++: bool) may call getattr functions to calculate the attribute if it does not exist |
| "qstring *" get_idcv_class_name | ( | * | args | ) |
| obj | (C++: const idc_value_t *) class instance variable |
| "error_t" get_idcv_slice | ( | * | args | ) |
| res | (C++: idc_value_t *) output variable that will contain the slice |
| v | (C++: const idc_value_t *) input variable (string or object) |
| i1 | (C++: uval_t) slice start index |
| i2 | (C++: uval_t) slice end index (excluded) |
| flags | (C++: int) IDC variable slice flags or 0 |
| "error_t" idcv_float | ( | * | args | ) |
| v | (C++: idc_value_t *) |
| "error_t" idcv_int64 | ( | * | args | ) |
| v | (C++: idc_value_t *) |
| "error_t" idcv_long | ( | * | args | ) |
| v | (C++: idc_value_t *) |
| "error_t" idcv_num | ( | * | args | ) |
| v | (C++: idc_value_t *) |
| "error_t" idcv_object | ( | * | args | ) |
The original value of 'v' is discarded (freed).
| v | (C++: idc_value_t *) variable to hold the object. any previous value will be cleaned |
| icls | (C++: const idc_class_t *) ptr to the desired class. nullptr means "object" class this ptr must be returned by add_idc_class() or find_idc_class() |
| "error_t" idcv_string | ( | * | args | ) |
| v | (C++: idc_value_t *) |
| "char const *" last_idcv_attr | ( | * | args | ) |
| obj | idc_value_t const * |
| "error_t" move_idcv | ( | * | args | ) |
This function is more effective than copy_idcv since it never copies big amounts of data.
| dst | (C++: idc_value_t *) |
| src | (C++: idc_value_t *) |
| "char const *" next_idcv_attr | ( | * | args | ) |
| obj | idc_value_t const * |
| attr | char const * |
| "char const *" prev_idcv_attr | ( | * | args | ) |
| obj | idc_value_t const * |
| attr | char const * |
| "qstring *" print_idcv | ( | * | args | ) |
| v | (C++: const idc_value_t &) idc_value_t const & |
| name | (C++: const char *) char const * |
| indent | (C++: int) |
| "bool" py_add_idc_func | ( | * | args | ) |
| name | char const * |
| fp_ptr | size_t |
| args | char const * |
| defvals | idc_values_t const & |
| flags | int |
| "size_t" py_get_call_idc_func | ( | * | args | ) |
| "bool" pyw_convert_defvals | ( | * | args | ) |
| out | idc_values_t * |
| py_seq | PyObject * |
| "size_t" pyw_register_idc_func | ( | * | args | ) |
| name | char const * |
| args | char const * |
| py_fp | PyObject * |
| "bool" pyw_unregister_idc_func | ( | * | args | ) |
| ctxptr | size_t |
| "bool" set_header_path | ( | * | args | ) |
IDA looks for the include files in the appended header paths, then in the ida executable directory.
| path | (C++: const char *) list of directories to add (separated by ';') may be nullptr, in this case nothing is added |
| add | (C++: bool) true: append. false: remove old paths. |
| true | success |
| false | no memory |
| "error_t" set_idcv_attr | ( | * | args | ) |
| obj | (C++: idc_value_t *) variable that holds an object reference. if obj is nullptr then it tries to modify a global variable with the attribute name |
| attr | (C++: const char *) attribute name |
| value | (C++: const idc_value_t &) new attribute value |
| may_use_setattr | (C++: bool) may call setattr functions for the class |
| "error_t" set_idcv_slice | ( | * | args | ) |
| v | (C++: idc_value_t *) variable to modify (string or object) |
| i1 | (C++: uval_t) slice start index |
| i2 | (C++: uval_t) slice end index (excluded) |
| in | (C++: const idc_value_t &) new value for the slice |
| flags | (C++: int) IDC variable slice flags or 0 |
| "void" swap_idcvs | ( | * | args | ) |
| v1 | (C++: idc_value_t *) |
| v2 | (C++: idc_value_t *) |
| "error_t" throw_idc_exception | ( | * | args | ) |
This helper function can be used to return an exception from C++ code to IDC. In other words this function can be called from idc_func_t() callbacks. Sample usage: if ( !ok ) return throw_idc_exception(r, "detailed error msg");
| r | (C++: idc_value_t *) object to hold the exception object |
| desc | (C++: const char *) exception description |
| CPL_DEL_MACROS = _ida_expr.CPL_DEL_MACROS |
| CPL_ONLY_SAFE = _ida_expr.CPL_ONLY_SAFE |
| CPL_USE_LABELS = _ida_expr.CPL_USE_LABELS |
| eExecThrow = _ida_expr.eExecThrow |
| int EXTFUN_BASE = 0x0001 |
| int EXTFUN_NORET = 0x0002 |
| int EXTFUN_SAFE = 0x0004 |
| HF_COMMENT = _ida_expr.HF_COMMENT |
| HF_DEFAULT = _ida_expr.HF_DEFAULT |
| HF_KEYWORD1 = _ida_expr.HF_KEYWORD1 |
| HF_KEYWORD2 = _ida_expr.HF_KEYWORD2 |
| HF_KEYWORD3 = _ida_expr.HF_KEYWORD3 |
| HF_MAX = _ida_expr.HF_MAX |
| HF_NUMBER = _ida_expr.HF_NUMBER |
| HF_PREPROC = _ida_expr.HF_PREPROC |
| HF_STRING = _ida_expr.HF_STRING |
| IDC_LANG_EXT = _ida_expr.IDC_LANG_EXT |
| VARSLICE_SINGLE = _ida_expr.VARSLICE_SINGLE |
| VREF_COPY = _ida_expr.VREF_COPY |
| VREF_LOOP = _ida_expr.VREF_LOOP |
| VREF_ONCE = _ida_expr.VREF_ONCE |
| VT_FLOAT = _ida_expr.VT_FLOAT |
| VT_FUNC = _ida_expr.VT_FUNC |
| VT_INT64 = _ida_expr.VT_INT64 |
| VT_LONG = _ida_expr.VT_LONG |
| VT_OBJ = _ida_expr.VT_OBJ |
| VT_PVOID = _ida_expr.VT_PVOID |
| VT_REF = _ida_expr.VT_REF |
| VT_STR = _ida_expr.VT_STR |
| VT_WILD = _ida_expr.VT_WILD |
1.12.0