我们从Python开源项目中,提取了以下8个代码示例,用于说明如何使用idaapi.get_segm_by_name()。
def resolveStackAddress(self, address, symbol): if symbol[0] == "0x0": return None info = {} info['module'] = str(symbol[1]) segm = get_segm_by_name(info['module']) if segm is not None: locEA = segm.startEA delta = address - int(symbol[0], 16) + locEA func = get_func(delta) if func is not None: info['symbol'] = str(get_func_name(delta)) else: info['symbol'] = str(GetDisasm(delta)) elif symbol[2] != '': if symbol[2] == '<redacted>': info['symbol'] = "+0x%X" % (address - int(symbol[0], 16)) else: info['symbol'] = str(symbol[2]) else: info['symbol'] = '' return info
def by_name(name): '''Return the segment with the given ``name``.''' s = idaapi.get_segm_by_name(name) if s is None: raise LookupError("{:s}.by_name({!r}) : Unable to locate segment".format(__name__, name)) return s
def __init__(self): self.sym_file_path = idc.AskFile(0, "*.map;*.txt", "open symbol file") self.sym_file = None self.seg = idaapi.get_segm_by_name(".text") if self.seg is None: self.seg = idaapi.getnseg(0) self.base = self.seg.startEA
def SegByName(segname): """ Get segment by name @param segname: name of segment @return: segment selector or BADADDR """ seg = idaapi.get_segm_by_name(segname) if not seg: return BADADDR return seg.sel
def _get_seg(possible_seg_names): seg = None for seg_name in possible_seg_names: seg = idaapi.get_segm_by_name(seg_name) if seg: return seg return seg # Indicators of runtime_morestack # mov large dword ptr ds:1003h, 0 # most I've seen # mov qword ptr ds:1003h, 0 # some
def getIdbModuleBase(self, module): segm = get_segm_by_name(str(module).replace(' ', '_')) return segm.startEA
def new(offset, size, name, **kwds): """Create a segment at ``offset`` with ``size`` and name it according to ``name``. ``bits`` can be used to specify the bit size of the segment ``comb`` can be used to specify any flags (idaapi.sc*) ``align`` can be used to specify paragraph alignment (idaapi.sa*) ``org`` specifies the origin of the segment (must be paragraph aligned due to ida) """ s = idaapi.get_segm_by_name(name) if s is not None: logging.fatal("{:s}.new({:x}, {:x}, {!r}, {!r}) : a segment with the specified name already exists : {:s}".format(__name__, offset, size, name, kwds, name)) return None bits = kwds.get( 'bits', 32 if idaapi.getseg(offset) is None else idaapi.getseg(offset).abits()) # FIXME: use disassembler default bit length instead of 32 if bits == 16: ## create a selector with the requested origin org = kwds.get('org',0) if org&0xf > 0: logging.fatal("{:s}.new({:x}, {:x}, {!r}, {!r}) : origin (.org) is not aligned to the size of a paragraph (0x10) : {:x}".format(__name__, offset, size, name, kwds, org)) return None para = offset/16 sel = idaapi.allocate_selector(para) idaapi.set_selector(sel, (para-kwds.get('org',0)/16)&0xffffffff) else: ## auto-create a selector for everything else sel = idaapi.setup_selector(kwds['selector']) if 'selector' in kwds else idaapi.find_free_selector() # create segment. ripped from idc s = idaapi.segment_t() s.startEA = offset s.endEA = offset+size s.sel = sel s.bitness = {16:0,32:1,64:2}[bits] s.comb = kwds.get('comb', idaapi.scPub) # public s.align = kwds.get('align', idaapi.saRelByte) # paragraphs res = idaapi.add_segm_ex(s, name, "", idaapi.ADDSEG_NOSREG|idaapi.ADDSEG_SPARSE) if res == 0: logging.warn("{:s}.new({:x}, {:x}, {!r}, {!r}) : unable to add a new segment".format(__name__, offset, size, name, kwds)) res = idaapi.del_selector(sel) #assert res != 0 return None return s
def LoadModule(platform, name, path): global g_NextLibBase if platform is not None: os_type = platform[:3] if os_type == "iOS": # check if it is custom or system framework app_idx = path.find(".app") if app_idx >=0: # custom framework local_path = path[app_idx+4:] bin_path = os.path.dirname(get_input_file_path()) path = bin_path + local_path else: # system framework os_ver = platform[4:] home = os.path.expanduser("~") path = home + "/Library/Developer/Xcode/iOS DeviceSupport/" + os_ver + "/Symbols" + path # check if framework exists if os.path.exists(path) == False: fl_log("FridaLink: invalid path [ " + path + " ]\n") return fl_log("FridaLink: loading module '" + name + "' from [ " + path + " ]\n") res = load_loader_module(None, "macho", str(path), False) if res != 0: Wait() seg = get_segm_by_name("HEADER").startEA set_segm_name(getseg(seg), name) Wait() fl_log("FridaLink: set first sector name for loaded module to '" + name + "'\n") if seg < g_AppBase: fl_log("FridaLink: move module '" + name + "' to " + ('0x%012x' % g_NextLibBase) + "\n") # Move back all segments before main one (usually for OSX modules) while seg < g_AppBase: fl_log((' 0x%012x' % SegStart(seg)) + " -> " + ('0x%012x' % (SegStart(seg) + g_NextLibBase)) + ": " + SegName(seg) + "\n") MoveSegm(SegStart(seg), SegStart(seg) + g_NextLibBase, 0) Wait() seg = FirstSeg() g_NextLibBase += kModuleAlignment fl_log("FridaLink: next module base = " + ("0x%012x" % g_NextLibBase) + "\n")
