Python idaapi.set_name() Examples
The following are 7
code examples of idaapi.set_name().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
idaapi
, or try the search function
.
.
Example #1
| Source File: core.py From Sark with MIT License | 5 votes |
|
def set_name(address, name, anyway=False):
"""Set the name of an address.
Sets the name of an address in IDA.
If the name already exists, check the `anyway` parameter:
True - Add `_COUNTER` to the name (default IDA behaviour)
False - Raise an `exceptions.SarkErrorNameAlreadyExists` exception.
Args
address: The address to rename.
name: The desired name.
anyway: Set anyway or not. Defualt ``False``.
"""
success = idaapi.set_name(address, name, idaapi.SN_NOWARN | idaapi.SN_NOCHECK)
if success:
return
if anyway:
success = idaapi.force_name(address, name)
if success:
return
raise exceptions.SarkSetNameFailed("Failed renaming 0x{:08X} to {!r}.".format(address, name))
raise exceptions.SarkErrorNameAlreadyExists(
"Can't rename 0x{:08X}. Name {!r} already exists.".format(address, name))
Example #2
| Source File: ida_prefix.py From prefix with MIT License | 5 votes |
|
def recursive_prefix(addr):
"""
Recursively prefix a function tree with a user defined string.
"""
func_addr = idaapi.get_name_ea(idaapi.BADADDR, idaapi.get_func_name(addr))
if func_addr == idaapi.BADADDR:
idaapi.msg("Prefix: 0x%08X does not belong to a defined function\n" % addr)
return
# prompt the user for a prefix to apply to the selected functions
tag = idaapi.ask_str(PREFIX_DEFAULT, 0, "Function Tag")
# the user closed the window... ignore
if tag == None:
return
# the user put a blank string and hit 'okay'... notify & ignore
elif tag == '':
idaapi.warning("[ERROR] Tag cannot be empty [ERROR]")
return
# recursively collect all the functions called by this function
nodes_xref_down = graph_down(func_addr, path=set([]))
# graph_down returns the int address needs to be converted
tmp = []
tmp1 = ''
for func_addr in nodes_xref_down:
tmp1 = idaapi.get_func_name(func_addr)
if tmp1:
tmp.append(tmp1)
nodes_xref_down = tmp
# prefix the tree of functions
for rename in nodes_xref_down:
func_addr = idaapi.get_name_ea(idaapi.BADADDR, rename)
if tag not in rename:
idaapi.set_name(func_addr,'%s%s%s' % (str(tag), PREFIX_SEPARATOR, rename), idaapi.SN_NOWARN)
# refresh the IDA views
refresh_views()
Example #3
| Source File: ida_prefix.py From prefix with MIT License | 5 votes |
|
def bulk_prefix():
"""
Prefix the Functions window selection with a user defined string.
"""
# prompt the user for a prefix to apply to the selected functions
tag = idaapi.ask_str(PREFIX_DEFAULT, 0, "Function Tag")
# the user closed the window... ignore
if tag == None:
return
# the user put a blank string and hit 'okay'... notify & ignore
elif tag == '':
idaapi.warning("[ERROR] Tag cannot be empty [ERROR]")
return
#
# loop through all the functions selected in the 'Functions window' and
# apply the user defined prefix tag to each one.
#
for func_name in get_selected_funcs():
# ignore functions that already have the specified prefix applied
if func_name.startswith(tag):
continue
# apply the user defined prefix to the function (rename it)
new_name = '%s%s%s' % (str(tag), PREFIX_SEPARATOR, func_name)
func_addr = idaapi.get_name_ea(idaapi.BADADDR, func_name)
idaapi.set_name(func_addr, new_name, idaapi.SN_NOWARN)
# refresh the IDA views
refresh_views()
Example #4
| Source File: ida_prefix.py From prefix with MIT License | 5 votes |
|
def clear_prefix():
"""
Clear user defined prefixes from the selected functions in the Functions window.
"""
#
# loop through all the functions selected in the 'Functions window' and
# clear any user defined prefixes applied to them.
#
for func_name in get_selected_funcs():
#
# locate the last (rfind) prefix separator in the function name as
# we will want to keep everything that comes after it
#
i = func_name.rfind(PREFIX_SEPARATOR)
# if there is no prefix (separator), there is nothing to trim
if i == -1:
continue
# trim the prefix off the original function name and discard it
new_name = func_name[i+1:]
func_addr = idaapi.get_name_ea(idaapi.BADADDR, func_name)
idaapi.set_name(func_addr, new_name, idaapi.SN_NOWARN)
# refresh the IDA views
refresh_views()
#------------------------------------------------------------------------------
# IDA Util
#------------------------------------------------------------------------------
Example #5
| Source File: ida_api.py From lighthouse with MIT License | 5 votes |
|
def set_function_name_at(self, function_address, new_name):
idaapi.set_name(function_address, new_name, idaapi.SN_NOWARN)
#--------------------------------------------------------------------------
# Hooks API
#--------------------------------------------------------------------------
Example #6
| Source File: findcrypt3.py From findcrypt-yara with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
def yarasearch(self, memory, offsets, rules):
print(">>> start yara search")
values = list()
matches = rules.match(data=memory)
for match in matches:
for string in match.strings:
name = match.rule
if name.endswith("_API"):
try:
name = name + "_" + idc.GetString(self.toVirtualAddress(string[0], offsets))
except:
pass
value = [
self.toVirtualAddress(string[0], offsets),
match.namespace,
name + "_" + hex(self.toVirtualAddress(string[0], offsets)).lstrip("0x").rstrip("L").upper(),
string[1],
repr(string[2]),
]
idaapi.set_name(value[0], name
+ "_"
+ hex(self.toVirtualAddress(string[0], offsets)).lstrip("0x").rstrip("L").upper()
, 0)
values.append(value)
print("<<< end yara search")
return values
Example #7
| Source File: __init__.py From flare-ida with Apache License 2.0 | 5 votes |
|
def add_arg_descr(function, segment_ea, arg_description_format):
""" Name address in added segment annotated with argument descriptions.
Arguments:
function -- function object
segment_ea -- start looking for empty byte to annotate from this ea
Return:
next possible free address to add information to
"""
# No arguments
if len(function.arguments) == 0:
return segment_ea
for argument in function.arguments:
try:
free_ea = get_segment_end_ea(segment_ea)
except FailedToExpandSegmentException as e:
raise e
fields = {
"function_name": function.name,
"function_dll": function.dll,
"argument_name": argument.name,
}
name = arg_description_format.format(**fields).encode('utf-8')
if not name_exists(name):
g_logger.debug(' Adding name {} at {}'.format(name, hex(free_ea)))
idaapi.set_name(free_ea, name)
description = argument.description[:MAX_ARG_DESCR_LEN]
idc.MakeComm(free_ea, format_comment(description))
else:
g_logger.debug(' Name %s already exists' % name)
return (free_ea + 1)
