Python idaapi.get_name() Examples

The following are 6 code examples of idaapi.get_name(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module idaapi , or try the search function .
Example #1
Source File: interesting_xor.py    From idataco with GNU General Public License v3.0 6 votes vote down vote up 
def find_interesting_xors(self):
        next_xor = idc.FindText(idc.MinEA(), idc.SEARCH_DOWN|idc.SEARCH_NEXT, 0, 0, "xor")
        while next_xor != idc.BADADDR:
            if idc.GetOpnd(next_xor, 0) != idc.GetOpnd(next_xor, 1):
                entry = {"func":"", "addr": next_xor, "loop":False, "disasm": idc.GetDisasm(next_xor)}
                func = idaapi.get_func(next_xor)
                if func:
                    entry["func"] = idaapi.get_name(idc.BADADDR, func.startEA)
                    heads = idautils.Heads(next_xor, func.endEA)
                    lxors = []
                    for head in heads:
                        if idc.GetMnem(head).startswith('j'):
                            jmp_addr = idc.GetOperandValue(head,0)
                            if jmp_addr < next_xor and jmp_addr > func.startEA:
                                entry["loop"] = True
                                break
                self._interesting_xors.append(entry)
            next_xor = idc.FindText(idc.NextHead(next_xor), idc.SEARCH_DOWN|idc.SEARCH_NEXT, 0, 0, "xor")
Example #2
Source File: colorizer.py    From deREferencing with GNU General Public License v3.0 6 votes vote down vote up 
def get_area_name(self, ea, val_type):
        name = None
        if val_type == T_CODE:
            fcn_name = idc.get_func_off_str(ea)
            if fcn_name:
                name = fcn_name
            else:
                symbol_name = idaapi.get_name(ea)
                if symbol_name:
                    name = symbol_name
        else:
            symbol_name = idaapi.get_name(ea)
            if symbol_name:
                name = symbol_name

        seg_name = idc.get_segm_name(ea)
        if seg_name is not None:
            if name:
                name = "%s ! %s" % (seg_name, name)
            else:
                name = seg_name
        return name
Example #3
Source File: enumerators.py    From idascripts with MIT License 5 votes vote down vote up 
def Texts(*args):
    """
    Enumerate text search matches

    @param <range>: see getrange
    @param searchstr:    string or regex
    @param flags:        for instance SEARCH_REGEX

    @return: list of addresses matching searchstr

    Example::

        for ea in Texts((FirstSeg(), BADADDR), "LDR *PC, =", SEARCH_REGEX):
            f = idaapi.get_func(ea)
            if f and f.start_ea==ea:
                n= idaapi.get_name(BADADDR, ea)
                if not n.startswith("sub_"):
                    MakeName(ea, "j_%s" %n)

    Will search for functions containing only  "LDR PC, =xxxxx",
    and rename them as j_XXXXX.
    """
    (first, last)= getrange(args)
    i= getstringpos(args)
    if i<0:
        raise Exception("missing searchstring")

    searchstr= args[i]
    flags = args[i+1] if i+1<len(args) else 0

    ea= idaapi.find_text(first, idaapi.SEARCH_DOWN|flags, 0, 0, searchstr)
    while ea!=idaapi.BADADDR and ea<last:
        yield ea
        ea= idaapi.find_text(idaapi.next_head(ea, last), idaapi.SEARCH_DOWN|flags, 0, 0, searchstr)
Example #4
Source File: ida_api.py    From lighthouse with MIT License 5 votes vote down vote up 
def get_function_raw_name_at(self, function_address):
        return idaapi.get_name(function_address)
Example #5
Source File: switch_jumps.py    From idataco with GNU General Public License v3.0 5 votes vote down vote up 
def get_jlocs(self, sw):
        jlocs = []
        ncases = sw.ncases if sw.jcases == 0 else sw.jcases
        for i in range(ncases):
            addr = idc.Dword(sw.jumps+i*4)
            name = idaapi.get_name(idc.BADADDR, addr)
            comm = idc.GetCommentEx(idc.LocByName(name), 1)
            comm = comm[comm.find('case'):] if comm is not None and comm.startswith('jumptable') else comm
            jlocs.append((name, idc.LocByName(name), comm))
        return jlocs
Example #6
Source File: function.py    From ida-minsc with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up 
def name(func):
    '''Return the name of the function `func`.'''
    get_name = functools.partial(idaapi.get_name, idaapi.BADADDR) if idaapi.__version__ < 7.0 else idaapi.get_name

    # check to see if it's a runtime-linked function
    rt, ea = interface.addressOfRuntimeOrStatic(func)
    if rt:
        name = get_name(ea)

        # decode the string from IDA's UTF-8
        # XXX: how does demangling work with unicode? this would be implementation specific, no?
        res = utils.string.of(name)

        # demangle it if necessary
        return internal.declaration.demangle(res) if internal.declaration.mangledQ(res) else res
        #return internal.declaration.extract.fullname(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res

    # otherwise it's a regular function, so try and get its name in a couple of ways
    name = idaapi.get_func_name(ea)
    if not name: name = get_name(ea)
    if not name: name = idaapi.get_true_name(ea, ea) if idaapi.__version__ < 6.8 else idaapi.get_ea_name(ea, idaapi.GN_VISIBLE)

    # decode the string from IDA's UTF-8
    # XXX: how does demangling work with unicode? this would be implementation specific, no?
    res = utils.string.of(name)

    # demangle it if we need to
    return internal.declaration.demangle(res) if internal.declaration.mangledQ(res) else res
    #return internal.declaration.extract.fullname(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res
    #return internal.declaration.extract.name(internal.declaration.demangle(res)) if internal.declaration.mangledQ(res) else res