Module ida_xref

There are 2 types of xrefs: CODE and DATA references. All xrefs are kept in the bTree except ordinary execution flow to the next instruction. Ordinary execution flow to the next instruction is kept in flags (see bytes.hpp)

The source address of a cross-reference must be an item head (is_head) or a structure member id.

Cross-references are automatically sorted.

Global Variables

XREF_ALL

XREF_ALL = 0

XREF_BASE

XREF_BASE = 128

XREF_DATA

XREF_DATA = 2

XREF_FAR

XREF_FAR = 1

XREF_MASK

XREF_MASK = 31

XREF_PASTEND

XREF_PASTEND = 256

XREF_TAIL

XREF_TAIL = 64

XREF_USER

XREF_USER = 32

dr_I

dr_I = 5

dr_O

dr_O = 1

dr_R

dr_R = 3

dr_S

dr_S = 6

dr_T

dr_T = 4

dr_U

dr_U = 0

dr_W

dr_W = 2

fl_CF

fl_CF = 16

fl_CN

fl_CN = 17

fl_F

fl_F = 21

fl_JF

fl_JF = 18

fl_JN

fl_JN = 19

fl_U

fl_U = 0

fl_USobsolete

fl_USobsolete = 20

Functions

add_cref(frm: ea_t, to: ea_t, type: cref_t) ‑> bool

add_cref(frm, to, type) -> bool Create a code cross-reference.

from: (C++: ea_t) linear address of referencing instruction
to: (C++: ea_t) linear address of referenced instruction
type: (C++: cref_t) cross-reference type
return: success

add_dref(frm: ea_t, to: ea_t, type: dref_t) ‑> bool

add_dref(frm, to, type) -> bool Create a data cross-reference.

from: (C++: ea_t) linear address of referencing instruction or data
to: (C++: ea_t) linear address of referenced data
type: (C++: dref_t) cross-reference type
return: success (may fail if user-defined xref exists from->to)

calc_switch_cases(ea: ea_t, si: switch_info_t) ‑> cases_and_targets_t *

calc_switch_cases(ea, si) -> cases_and_targets_t Get information about a switch's cases.

The returned information can be used as follows:

   for idx in range(len(results.cases)):
       cur_case = results.cases[idx]
       for cidx in range(len(cur_case)):
           print("case: %d" % cur_case[cidx])
       print("  goto 0x%x" % results.targets[idx])

ea: address of the 'indirect jump' instruction
si: switch information

return: a structure with 2 members: 'cases', and 'targets'.

create_switch_table(ea: ea_t, si: switch_info_t) ‑> bool

create_switch_table(ea, si) -> bool Create switch table from the switch information

ea: address of the 'indirect jump' instruction
si: switch information

return: Boolean

create_switch_xrefs(ea: ea_t, si: switch_info_t) ‑> bool

create_switch_xrefs(ea, si) -> bool This function creates xrefs from the indirect jump.

Usually there is no need to call this function directly because the kernel will call it for switch tables

Note: Custom switch information are not supported yet.

ea: address of the 'indirect jump' instruction
si: switch information

return: Boolean

del_cref(frm: ea_t, to: ea_t, expand: bool) ‑> bool

del_cref(frm, to, expand) -> bool Delete a code cross-reference.

from: (C++: ea_t) linear address of referencing instruction
to: (C++: ea_t) linear address of referenced instruction
expand: (C++: bool) policy to delete the referenced instruction

  • 1: plan to delete the referenced instruction if it has no more references.

  • 0: don't delete the referenced instruction even if no more cross-references point to it retval true: if the referenced instruction will be deleted

del_dref(frm: ea_t, to: ea_t) ‑> void

del_dref(frm, to) Delete a data cross-reference.

from: (C++: ea_t) linear address of referencing instruction or data
to: (C++: ea_t) linear address of referenced data

delete_switch_table(jump_ea: ea_t, si: switch_info_t) ‑> void

delete_switch_table(jump_ea, si)

jump_ea: ea_t
si: switch_info_t const &

get_first_cref_from(frm: ea_t) ‑> ea_t

get_first_cref_from(frm) -> ea_t Get first instruction referenced from the specified instruction. If the specified instruction passes execution to the next instruction then the next instruction is returned. Otherwise the lowest referenced address is returned (remember that xrefs are kept sorted!).

from: (C++: ea_t) linear address of referencing instruction
return: first referenced address. If the specified instruction doesn't
        reference to other instructions then returns BADADDR.

get_first_cref_to(to: ea_t) ‑> ea_t

get_first_cref_to(to) -> ea_t Get first instruction referencing to the specified instruction. If the specified instruction may be executed immediately after its previous instruction then the previous instruction is returned. Otherwise the lowest referencing address is returned. (remember that xrefs are kept sorted!).

to: (C++: ea_t) linear address of referenced instruction
return: linear address of the first referencing instruction or BADADDR.

get_first_dref_from(frm: ea_t) ‑> ea_t

get_first_dref_from(frm) -> ea_t Get first data referenced from the specified address.

from: (C++: ea_t) linear address of referencing instruction or data
return: linear address of first (lowest) data referenced from the specified
        address. Return BADADDR if the specified instruction/data doesn't
        reference to anything.

get_first_dref_to(to: ea_t) ‑> ea_t

get_first_dref_to(to) -> ea_t Get address of instruction/data referencing to the specified data.

to: (C++: ea_t) linear address of referencing instruction or data
return: BADADDR if nobody refers to the specified data.

get_first_fcref_from(frm: ea_t) ‑> ea_t

get_first_fcref_from(frm) -> ea_t

from: ea_t

get_first_fcref_to(to: ea_t) ‑> ea_t

get_first_fcref_to(to) -> ea_t

to: ea_t

get_next_cref_from(frm: ea_t, current: ea_t) ‑> ea_t

get_next_cref_from(frm, current) -> ea_t Get next instruction referenced from the specified instruction.

from: (C++: ea_t) linear address of referencing instruction
current: (C++: ea_t) linear address of current referenced instruction This value is
               returned by get_first_cref_from() or previous call to
               get_next_cref_from() functions.
return: next referenced address or BADADDR.

get_next_cref_to(to: ea_t, current: ea_t) ‑> ea_t

get_next_cref_to(to, current) -> ea_t Get next instruction referencing to the specified instruction.

to: (C++: ea_t) linear address of referenced instruction
current: (C++: ea_t) linear address of current referenced instruction This value is
               returned by get_first_cref_to() or previous call to
               get_next_cref_to() functions.
return: linear address of the next referencing instruction or BADADDR.

get_next_dref_from(frm: ea_t, current: ea_t) ‑> ea_t

get_next_dref_from(frm, current) -> ea_t Get next data referenced from the specified address.

from: (C++: ea_t) linear address of referencing instruction or data
current: (C++: ea_t) linear address of current referenced data. This value is
               returned by get_first_dref_from() or previous call to
               get_next_dref_from() functions.
return: linear address of next data or BADADDR.

get_next_dref_to(to: ea_t, current: ea_t) ‑> ea_t

get_next_dref_to(to, current) -> ea_t Get address of instruction/data referencing to the specified data

to: (C++: ea_t) linear address of referencing instruction or data
current: (C++: ea_t) current linear address. This value is returned by
               get_first_dref_to() or previous call to get_next_dref_to()
               functions.
return: BADADDR if nobody refers to the specified data.

get_next_fcref_from(frm: ea_t, current: ea_t) ‑> ea_t

get_next_fcref_from(frm, current) -> ea_t

from: ea_t
current: ea_t

get_next_fcref_to(to: ea_t, current: ea_t) ‑> ea_t

get_next_fcref_to(to, current) -> ea_t

to: ea_t
current: ea_t

has_external_refs(pfn: func_t *, ea: ea_t) ‑> bool

has_external_refs(pfn, ea) -> bool Does 'ea' have references from outside of 'pfn'?

pfn: (C++: func_t *)
ea: (C++: ea_t)

has_jump_or_flow_xref(ea: ea_t) ‑> bool

has_jump_or_flow_xref(ea) -> bool Are there jump or flow references to EA?

ea: (C++: ea_t)

xrefchar(xrtype: char) ‑> char

xrefchar(xrtype) -> char Get character describing the xref type.

xrtype: (C++: char) combination of Cross-Reference type flags and a cref_t of dref_t
              value

Classes

cases_and_targets_t()

: Proxy of C++ cases_and_targets_t class.

__init__(self) -> cases_and_targets_t

Instance variables

  • cases: casevec_t cases

  • targets: eavec_t targets

casevec_t(*args)

: Proxy of C++ qvector< qvector< sval_t > > class.

__init__(self) -> casevec_t
__init__(self, x) -> casevec_t

 x: qvector< qvector< long long > > const &

Methods

  • add_unique(self, x: qvector< long long > const &) ‑> bool add_unique(self, x) -> bool

    x: qvector< long long > const &

  • append(self, *args) ‑> qvector< long long > & push_back(self, x)

    x: qvector< long long > const &

    push_back(self) -> qvector< long long > &

  • at(self, i: size_t) ‑> qvector< long long > const & getitem(self, i) -> qvector< long long > const &

    i: size_t

  • back(self)

  • begin(self, *args) ‑> qvector< qvector< long long > >::const_iterator begin(self) -> qvector< qvector< long long > >::iterator begin(self) -> qvector< qvector< long long > >::const_iterator

  • capacity(self) ‑> size_t capacity(self) -> size_t

  • clear(self) ‑> void clear(self)

  • empty(self) ‑> bool empty(self) -> bool

  • end(self, *args) ‑> qvector< qvector< long long > >::const_iterator end(self) -> qvector< qvector< long long > >::iterator end(self) -> qvector< qvector< long long > >::const_iterator

  • erase(self, *args) ‑> qvector< qvector< long long > >::iterator erase(self, it) -> qvector< qvector< long long > >::iterator

    it: qvector< qvector< long long > >::iterator

    erase(self, first, last) -> qvector< qvector< long long > >::iterator

    first: qvector< qvector< long long > >::iterator last: qvector< qvector< long long > >::iterator

  • extract(self) ‑> qvector< long long > * extract(self) -> qvector< long long > *

  • find(self, *args) ‑> qvector< qvector< long long > >::const_iterator find(self, x) -> qvector< qvector< long long > >::iterator

    x: qvector< long long > const &

    find(self, x) -> qvector< qvector< long long > >::const_iterator

    x: qvector< long long > const &

  • front(self)

  • grow(self, *args) ‑> void grow(self, x=qvector< long long >())

    x: qvector< long long > const &

  • has(self, x: qvector< long long > const &) ‑> bool has(self, x) -> bool

    x: qvector< long long > const &

  • inject(self, s: qvector< long long > *, len: size_t) ‑> void inject(self, s, len)

    s: qvector< long long > * len: size_t

  • insert(self, it: qvector< qvector< long long > >::iterator, x: qvector< long long > const &) ‑> qvector< qvector< long long > >::iterator insert(self, it, x) -> qvector< qvector< long long > >::iterator

    it: qvector< qvector< long long > >::iterator x: qvector< long long > const &

  • pop_back(self) ‑> void pop_back(self)

  • push_back(self, *args) ‑> qvector< long long > & push_back(self, x)

    x: qvector< long long > const &

    push_back(self) -> qvector< long long > &

  • qclear(self) ‑> void qclear(self)

  • reserve(self, cnt: size_t) ‑> void reserve(self, cnt)

    cnt: size_t

  • resize(self, *args) ‑> void resize(self, _newsize, x)

    _newsize: size_t x: qvector< long long > const &

    resize(self, _newsize)

    _newsize: size_t

  • size(self) ‑> size_t size(self) -> size_t

  • swap(self, r: casevec_t) ‑> void swap(self, r)

    r: qvector< qvector< long long > > &

  • truncate(self) ‑> void truncate(self)

xrefblk_t()

: Proxy of C++ xrefblk_t class.

__init__(self) -> xrefblk_t

Instance variables

  • frm: ea_t frm

  • iscode: uchar iscode

  • to: ea_t to

  • type: uchar type

  • user: uchar user

Methods

  • crefs_from(self, ea) Provide an iterator on code references from ea including flow references

  • crefs_to(self, ea) Provide an iterator on code references to ea including flow references

  • drefs_from(self, ea) Provide an iterator on data references from ea

  • drefs_to(self, ea) Provide an iterator on data references to ea

  • fcrefs_from(self, ea) Provide an iterator on code references from ea

  • fcrefs_to(self, ea) Provide an iterator on code references to ea

  • first_from(self, _from: ea_t, flags: int) ‑> bool first_from(self, _from, flags) -> bool Get first xref from the given address (store in to)

    _from: (C++: ea_t) flags: (C++: int)

  • first_to(self, _to: ea_t, flags: int) ‑> bool first_to(self, _to, flags) -> bool Get xref to given address (store in from)

    _to: (C++: ea_t) flags: (C++: int)

  • next_from(self, *args) ‑> bool next_from(self) -> bool Get xref from '_from' that comes after '_to'. next_from(self, _from, _to, flags) -> bool

    _from: ea_t _to: ea_t flags: int

  • next_to(self, *args) ‑> bool next_to(self) -> bool Get xref to '_to' that comes after '_from'. next_to(self, _from, _to, flags) -> bool

    _from: ea_t _to: ea_t flags: int

  • refs_from(self, ea, flag) Provide an iterator on from reference represented by flag

  • refs_to(self, ea, flag) Provide an iterator on to reference represented by flag

PreviousModule ida_undoNextModule idautils

Last updated