Python idc.get_inf_attr() Examples

The following are 6 code examples of idc.get_inf_attr(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module idc , or try the search function .
Example #1
Source File: get_cfg.py    From mcsema with Apache License 2.0 5 votes vote down vote up 
def is_linked_ELF_program():
  global _NOT_ELF_BEGIN_EAS
  return IS_ELF and idc.get_inf_attr(INF_START_EA) not in _NOT_ELF_BEGIN_EAS
Example #2
Source File: functions_plus.py    From functions-plus with MIT License 5 votes vote down vote up 
def demangle(cls, name):
        '''
        Demangles name.
        '''

        mask = idc.get_inf_attr(idc.INF_SHORT_DN)
        demangled = idc.demangle_name(name, mask)
        if demangled is None:
            return name
        return demangled
Example #3
Source File: functions_plus.py    From functions-plus with MIT License 5 votes vote down vote up 
def __init__(self):
        super(FunctionsPlus, self).__init__()
        if idc.get_inf_attr(idc.INF_PROCNAME).lower() != 'metapc':
            print('Functions+ warning: not tested in this configuration')
        self.tree = None
        self.icon = 135
        # Enable this if you want to see extra information about function
        self.show_extra_fields = False
        self.cols = Cols(self.show_extra_fields)
Example #4
Source File: klfdb.py    From ActionScript3 with GNU General Public License v3.0 5 votes vote down vote up 
def update(self, ctx):

			if (idc.get_inf_attr(idc.INF_PROCNAME) != "metapc"):
				return AST_DISABLE

			if (ctx.action == 'klfdb:run'):
				if (idc.get_process_state() == idc.DSTATE_SUSP):
					return AST_ENABLE
				return AST_DISABLE
	
			elif (ctx.action == 'klfdb:runnext'):
				if (idc.get_process_state() == idc.DSTATE_SUSP):
					return AST_ENABLE
				return AST_DISABLE
	
			elif (ctx.action == 'klfdb:delbpts'):
				return AST_ENABLE

			elif (ctx.action == 'klfdb:setbpts'):
				return AST_ENABLE
	
			elif (ctx.action == 'klfdb:ignore'):
				return AST_ENABLE

			elif (ctx.action == 'klfdb:loadmap'):
				return AST_ENABLE

			elif (ctx.action == 'klfdb:delmap'):
				return AST_ENABLE

			return AST_DISABLE
Example #5
Source File: objc2_analyzer.py    From flare-ida with Apache License 2.0 5 votes vote down vote up 
def selRefLocByName(self, name):
        if name[:6] == "selRef":
            addr = self.objcSelRefs[0]
            endAddr = self.objcSelRefs[1]
        else:
            addr = self.objcMsgRefs[0]
            endAddr = self.objcMsgRefs[1]
        while addr < endAddr:
            if idc.get_name(addr, idc.ida_name.GN_VISIBLE) == name:
                return addr
            addr = idc.next_head(addr, idc.get_inf_attr(idc.INF_MAX_EA))
Example #6
Source File: objc2_analyzer.py    From flare-ida with Apache License 2.0 4 votes vote down vote up 
def getIvarTypeFromFunc(self, eh, va):
        if va in self.ivarSetters:
            return self.ivarSetters[va]
        elif va in self.notIvarSetters:
            return UNKNOWN
        addr = va
        endVa = idc.get_func_attr(va, idc.FUNCATTR_END)
        if endVa - va < 0x20:
            ivarVa = None
            while addr <= endVa:
                srcOpnd = idc.print_operand(addr, 1)
                # if ivar is the src op for an instruction, assume this function will return it
                if eh.arch == unicorn.UC_ARCH_ARM and "_OBJC_IVAR_$_" in srcOpnd:
                    oploc = idc.get_name_ea_simple(
                        srcOpnd[srcOpnd.find("_OBJC_IVAR_$_"):srcOpnd.find(" ")])
                    if oploc != idc.BADADDR:
                        ivarVa = oploc
                        break
                elif eh.arch == unicorn.UC_ARCH_ARM64:
                    for x in idautils.XrefsFrom(addr):
                        if (idc.get_segm_name(x.to) == "__objc_ivar" and
                                idc.get_name(x.to, idc.ida_name.GN_VISIBLE)[:13] == "_OBJC_IVAR_$_"):
                            ivarVa = x.to
                            break
                elif eh.arch == unicorn.UC_ARCH_X86:
                    if "_OBJC_IVAR_$_" in srcOpnd:
                        ivarVa = idc.get_operand_value(addr, 1)
                        break

                addr = idc.next_head(addr, idc.get_inf_attr(idc.INF_MAX_EA))

            if ivarVa:
                for x in idautils.XrefsTo(ivarVa):
                    if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
                        typeStr = eh.getIDBString(
                            eh.derefPtr(x.frm + eh.size_pointer * 2))
                        self.ivarSetters[va] = typeStr[2:-1]
                        logging.debug("%s is an ivar getter function, returning type %s" % (
                            eh.hexString(va), typeStr[2:-1]))
                        return typeStr[2:-1]
            else:
                logging.debug(
                    "%s determined not to be an ivar getter function", eh.hexString(va))
                self.notIvarSetters.append(va)
        else:
            logging.debug(
                "%s determined not to be an ivar getter function", eh.hexString(va))
            self.notIvarSetters.append(va)
        return UNKNOWN


    # returns class or sel name from IDA name