Python ida_bytes.create_data() Examples
The following are 6
code examples of ida_bytes.create_data().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
ida_bytes
, or try the search function
.
Example #1
Source File: refs.py From mcsema with Apache License 2.0 | 6 votes |
def _make_array_entry(ea, item_size): if item_size == 4: item_type = idc.FF_DWORD elif item_size == 8: item_type = idc.FF_QWORD else: raise ValueError("Invalid item size") ida_bytes.create_data(ea, item_type, item_size, ida_idaapi.BADADDR) # Try to create an array at `ea`, that extends into something that also looks # like an array down the line. The idea is that sometimes there are arrays, # but prefixes of those arrays are missed by IDA (curiously, idaq will sometimes # correctly get these, but idal64 won't). If we find an immediate that looks # like it could point at an array entry, then we want to treat it as a # reference. To do that, we may need to make an array. # # TODO(pag): For now, we will assume that items must be at least 4 or 8 bytes # i.e. pointer or offset sized entries. # # TODO(pag): Should we check that all the entries agree in terms of zero-ness? # i.e. if the next entry is zero, then everything up to it should be # zero, and if the next entry is non-zero, then everything up to it # should be non-zero.
Example #2
Source File: analyzer.py From Karta with MIT License | 5 votes |
def __init__(self, logger, num_bits, is_elf, data_fptr_alignment=4, mixed_code_and_data=False): """Create the analyzer's base class instance. Args: logger (logger): logger instance num_bits (int): bitness of the CPU (32 bits by default) data_fptr_alignment (int, optional): byte alignment needed for global fptrs (4 by default) mixed_code_and_data (bool, optional): True iff the main code section includes RO data constants (False by default) """ self.logger = logger self._num_bits = num_bits self._is_elf = is_elf self.data_fptr_alignment = data_fptr_alignment self._mixed_code_and_data = mixed_code_and_data if num_bits == 64: self._address_parse_fn = idc.get_qword self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_QWORD, 8, idc.BADADDR) self.address_pack_format = "Q" elif num_bits == 32: self._address_parse_fn = idc.get_wide_dword self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_DWORD, 4, idc.BADADDR) self.address_pack_format = "L" else: self._address_parse_fn = idc.get_wide_word self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_WORD, 2, idc.BADADDR) self.address_pack_format = "H" # fields to be linked later on self.func_classifier = None self.fptr_identifier = None self.str_identifier = None self.locals_identifier = None self.switch_identifier = None # code types self._active_code_types = list(self.codeTypes())
Example #3
Source File: events.py From IDArling with GNU General Public License v3.0 | 5 votes |
def __call__(self): ida_bytes.create_data(self.ea, self.flags, self.size, self.tid)
Example #4
Source File: IdaProxy.py From apiscout with BSD 2-Clause "Simplified" License | 5 votes |
def MakeDWord(self, ea): if idaapi.IDA_SDK_VERSION < 700: return idc.MakeDword(ea) else: return ida_bytes.create_data(ea, FF_DWORD, 4, idaapi.BADADDR)
Example #5
Source File: IdaProxy.py From apiscout with BSD 2-Clause "Simplified" License | 5 votes |
def MakeQWord(self, ea): if idaapi.IDA_SDK_VERSION < 700: return idc.MakeQword(ea) else: return ida_bytes.create_data(ea, FF_QWORD, 8, idaapi.BADADDR)
Example #6
Source File: mclf_loader.py From mclf-ida-loader with GNU General Public License v3.0 | 4 votes |
def load_file(f, neflags, format): f.seek(0) magic = f.read(4); version = struct.unpack("<I", f.read(4))[0]; flags = struct.unpack("<I", f.read(4))[0]; memType = struct.unpack("<I", f.read(4))[0]; serviceType = struct.unpack("<I", f.read(4))[0]; numInstances = struct.unpack("<I", f.read(4))[0]; uuid = struct.unpack("<IIII", f.read(16)); driverId = struct.unpack("<I", f.read(4))[0]; numThreads = struct.unpack("<I", f.read(4))[0]; textVA = struct.unpack("<I", f.read(4))[0]; textLen = struct.unpack("<I", f.read(4))[0]; dataVA = struct.unpack("<I", f.read(4))[0]; dataLen = struct.unpack("<I", f.read(4))[0]; bssLen = struct.unpack("<I", f.read(4))[0]; entry = struct.unpack("<I", f.read(4))[0]; f.seek(MCLF_TEXT_INFO_OFFSET) idaapi.set_processor_type("arm", ida_idp.SETPROC_LOADER) # Set VA for .text and add the segment f.file2base(0, textVA, textVA + textLen, True) idaapi.add_segm(0, textVA, textVA + textLen, ".text", "CODE") # Set VA for .data and add the segment f.file2base(textLen, dataVA, dataVA + dataLen, True) idaapi.add_segm(0, dataVA, dataVA + dataLen, ".data", "DATA") # Add BSS segment after .text and .data idaapi.add_segm(0, dataVA + dataLen, dataVA + dataLen + bssLen, ".bss", "BSS") if entry % 4 == 1: #Thumb address is always +1 to set the T bit idaapi.add_entry(entry-1, entry-1, "_entry", 1) split_sreg_range(entry-1, "T", 0x1, ida_segregs.SR_user) else: idaapi.add_entry(entry, entry, "_entry", 1) split_sreg_range(entry, "T", 0x0, ida_segregs.SR_user) ida_bytes.create_data(tlApiLibEntry, FF_DWORD, 4, ida_idaapi.BADADDR) set_name(tlApiLibEntry,"tlApiLibEntry", SN_CHECK) return 1