我们从Python开源项目中,提取了以下41个代码示例,用于说明如何使用idc.ScreenEA()。
def find_all_ioctls(): """ From the currently selected address attempts to traverse all blocks inside the current function to find all immediate values which are used for a comparison/sub immediately before a jz. Returns a list of address, second operand pairs. """ ioctls = [] # Find the currently selected function and get a list of all of it's basic blocks addr = idc.ScreenEA() f = idaapi.get_func(addr) fc = idaapi.FlowChart(f, flags=idaapi.FC_PREDS) for block in fc: # grab the last two instructions in the block last_inst = idc.PrevHead(block.endEA) penultimate_inst = idc.PrevHead(last_inst) # If the penultimate instruction is cmp or sub against an immediate value immediatly preceding a 'jz' # then it's a decent guess that it's an IOCTL code (if this is a disptach function) if idc.GetMnem(penultimate_inst) in ['cmp', 'sub'] and idc.GetOpType(penultimate_inst, 1) == 5: if idc.GetMnem(last_inst) == 'jz': ioctl_tracker.add_ioctl(penultimate_inst) for inst in ioctl_tracker.ioctl_locs: value = get_operand_value(inst) ioctls.append((inst, value)) return ioctls
def get_position_and_translate(): """ Gets the current selected address and decodes the second parameter to the instruction if it exists/is an immediate then adds the C define for the code as a comment and prints a summary table of all decoded IOCTL codes. """ pos = idc.ScreenEA() if idc.GetOpType(pos, 1) != 5: # Check the second operand to the instruction is an immediate return ioctl_tracker.add_ioctl(pos) value = get_operand_value(pos) define = ioctl_decoder.get_define(value) make_comment(pos, define) # Print summary table each time a new IOCTL code is decoded ioctls = [] for inst in ioctl_tracker.ioctl_locs: value = get_operand_value(inst) ioctls.append((inst, value)) ioctl_tracker.print_table(ioctls)
def finish_populating_tform_popup(self, form, popup): tft = idaapi.get_tform_type(form) if tft != idaapi.BWN_DISASM: return if not device_type.is_driver(): return pos = idc.ScreenEA() # If the second argument to the current selected instruction is an immediately # then give the option to decode it. if idc.GetOpType(pos, 1) == 5: register_dynamic_action(form, popup, 'Decode IOCTL', DecodeHandler()) if pos in ioctl_tracker.ioctl_locs: register_dynamic_action(form, popup, 'Invalid IOCTL', InvalidHandler()) register_dynamic_action(form, popup, 'Decode All IOCTLs in Function', DecodeAllHandler()) if len(ioctl_tracker.ioctl_locs) > 0: register_dynamic_action(form, popup, 'Show All IOCTLs', ShowAllHandler())
def handleUnhookInst(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() if self.hookedInstruction(address) == False: return entry = self.idbHookMap[address] outJSON = json.dumps({ "req_id": kFridaLink_DelHookRequest, "data": entry.genDelRequest() }) del self.idbHookMap[address] self.clientSocket.sendto(outJSON, self.clientAddress) SetColor(address, CIC_ITEM, kIDAViewColor_Reset) refresh_idaview_anyway() self.idbHooksView.setContent(self.idbHookMap)
def handleUnhookFunc(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return address = func.startEA; if self.hookedFunction(address) == False: return entry = self.idbHookMap[address] outJSON = json.dumps({ "req_id": kFridaLink_DelHookRequest, "data": entry.genDelRequest() }) del self.idbHookMap[address] self.clientSocket.sendto(outJSON, self.clientAddress) SetColor(address, CIC_FUNC, kIDAViewColor_Reset) refresh_idaview_anyway() self.idbHooksView.setContent(self.idbHookMap)
def hookedFunction(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return False; address = func.startEA; if address in self.idbHookMap: # can be start of the function, check hook type if self.idbHookMap[func.startEA].hook.type == "func": return True else: return False else: return False
def ClearorShow(self): ea = idc.ScreenEA() (startEA,endEA) = self._GetFuncRange(ea) self.ColorCompare() self._delComms(startEA,endEA) cid = [i for i,item in enumerate(self._tablelist) if item[0]==hex(startEA)] DEBUG_PRINT( 'clear or show') DEBUG_PRINT( cid) if cid != []: DEBUG_PRINT( 'in') cindex = cid[0] DEBUG_PRINT( cindex) DEBUG_PRINT( self._tablelist[cindex]) if self._tablelist[cindex][2] == '0': self._showComms(startEA,endEA,0) self._tablelist[cindex][2] = '1' else: self._tablelist[cindex][2] = '0' return
def PreIdx(self): # , DEBUG_PRINT('IN PreIdx') ea = idc.ScreenEA() # print 'Cursor is at 0x%x'%(ea) if ea not in self._dbDict.keys(): print '\n0x%x has no comments'%(ea) return if ea != self._choose_ea: self._choose_ea = ea self._choose_idx = self.GetIDX(ea) if self._choose_idx == -1: print 'no comment' return self._choose_id = self.GetID(ea,self._choose_idx) if self._choose_id == 0: print 'Already FIRST Index' return self._choose_id -= 1 id = self._choose_id; if id >= 0: self.ForwardView(ea, id,innermode = 1)
def _do_callbacks(cls, ptr_or_reg): data = { 'ea': idc.ScreenEA(), 'ptr_or_reg': ptr_or_reg } for callback in cls._callbacks[ptr_or_reg]: callback(data)
def start(self): tainter = PropagateTaint(idc.ScreenEA(), self.kind) tainter.on_finish(lambda bap: self.finish(bap)) tainter.run()
def run(self, arg): """ Ask user for BAP args to pass, BIR attributes to print; and run BAP. Allows users to also use {screen_ea} in the BAP args to get the address at the location pointed to by the cursor. """ args_msg = "Arguments that will be passed to `bap'" args = idaapi.askstr(ARGS_HISTORY, '--passes=', args_msg) if args is None: return attr_msg = "A comma separated list of attributes,\n" attr_msg += "that should be propagated to comments" attr_def = self.recipes.get(args, '') attr = idaapi.askstr(ATTR_HISTORY, attr_def, attr_msg) if attr is None: return # store a choice of attributes for the given set of arguments # TODO: store recipes in IDA's database self.recipes[args] = attr ea = idc.ScreenEA() attrs = [] if attr != '': attrs = attr.split(',') analysis = BapScripter(args, attrs) analysis.on_finish(lambda bap: self.load_script(bap, ea)) analysis.run()
def get_current_function_xrefs_from( self ): addr_in_func = idc.ScreenEA() curr_func = idc.GetFunctionName( addr_in_func ) refs = self.find_xrefs_from( addr_in_func ) return [ ref.get_row( XrefsFromFinder.XREF_TYPE2STR ) for ref in refs ] # ------------------------------------------------------------------------------
def main(): va = idc.ScreenEA() fva = get_function(va) print('-' * 80) rule = create_yara_rule_for_function(fva) print(rule) if test_yara_rule(rule): print('success: validated the generated rule') else: print('error: failed to validate generated rule')
def setupUI(self): ea = idc.ScreenEA() seg = idaapi.getseg(ea) SigmName = idc.SegName(ea) startA = idc.SegStart(ea) endA = idc.SegEnd(ea) className = idaapi.get_segm_class(seg) self.setWindowTitle("Jumper--%s %s %s" % (hex(ea - startA).upper(), SigmName, className)) self.groupBox.setLayout(self.enum_segm()) search_hbox = QHBoxLayout() search_hbox.addWidget(QLabel("search")) search_hbox.addWidget(self.search_edit) offset_hbox = QHBoxLayout() offset_hbox.addWidget(QLabel("offset")) offset_hbox.addWidget(self.off_edit) self.scroll = QScrollArea() self.scroll.setWidgetResizable(True) # Set to make the inner widget resize with scroll area self.scroll.setWidget(self.groupBox) globle_vbox = QVBoxLayout(self) globle_vbox.addWidget(self.scroll) globle_vbox.addLayout(search_hbox) globle_vbox.addLayout(offset_hbox) btn_layout = QHBoxLayout() jump = QPushButton("jump") jump.clicked.connect(self.jump_click) get_offset = QPushButton("offset") get_offset.clicked.connect(self.get_cur_offset) btn_layout.addWidget(jump) btn_layout.addWidget(get_offset) globle_vbox.addLayout(btn_layout) self.search_edit.textChanged.connect(self.search_changed)
def get_cur_offset(self): ea = idc.ScreenEA() seg = idaapi.getseg(ea) SigmName = idc.SegName(ea) startA = idc.SegStart(ea) self.off_edit.setText(hex(ea - startA).upper()) self.search_edit.setText(SigmName)
def activate(self, ctx): pos = idc.ScreenEA() # Get current comment for this instruction and remove the C define from it, if present comment = idc.Comment(pos) code = get_operand_value(pos) define = ioctl_decoder.get_define(code) comment = comment.replace(define, "") idc.MakeComm(pos, comment) # Remove the ioctl from the valid list and add it to the invalid list to avoid 'find_all_ioctls' accidently re-indexing it. ioctl_tracker.remove_ioctl(pos)
def handleHookInstOnce(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() self.handleQuickInstHook(address, True)
def handleHookInstPerm(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() self.handleQuickInstHook(address, False)
def handleHookInstBreakOnce(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() self.handleQuickInstHook(address, True, True)
def handleHookInstBreakPerm(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() self.handleQuickInstHook(address, False, True)
def handleHookFuncPerm(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return address = func.startEA; self.handleQuickFuncHook(address, False)
def handleHookInstEdit(self, screenEA = None): if self.hookedInstruction() == False: return if screenEA is not None: address = screenEA else: address = ScreenEA() entry = self.idbHookMap[address] entry.hook.mnemonic = GetDisasm(address) hookDlg = InstructionHookDialog(entry.hook.module, "%X" % entry.hook.id, entry.hook.mnemonic, entry.hook.recentSrcFile) hookDlg.Compile() hookDlg.script.value = entry.hook.script hookDlg.trigger.value = 0 if entry.hook.once == True else 1 ok = hookDlg.Execute() if ok != 1: return flags = HookEntry.UDP_NONE once = True if hookDlg.trigger.value == 0 else False if entry.hook.once != once: entry.hook.once = once flags |= HookEntry.UPD_TRIGGER entry.hook.recentSrcFile = hookDlg.recentScriptFile if entry.hook.script != hookDlg.script.value: entry.hook.script = hookDlg.script.value flags |= HookEntry.UPD_SCRIPT outJSON = json.dumps({ "req_id": kFridaLink_UpdHookRequest, "data": entry.genUpdRequest(flags) }) self.clientSocket.sendto(outJSON, self.clientAddress)
def handleHookInstShowCPU(self): if self.hookedInstruction() == False: return address = ScreenEA() if self.cpuContextViews.hasView(address) == False: entry = self.idbHookMap[address] newView = CPUContextView(self, entry.hook.id, entry.hook.mnemonic) self.cpuContextViews.addView("CPU Context", newView) self.cpuContextViews.setContent(entry.hook.id, {"arch":entry.arch, "context":entry.cpu_ctx}) self.cpuContextViews.showView(address)
def handleHookInstShowBacktrace(self): if self.hookedInstruction() == False: return address = ScreenEA() if self.backtraceViews.hasView(address) == False: entry = self.idbHookMap[address] newView = BacktraceView(self, entry.hook.id) self.backtraceViews.addView("Backtrace", newView) self.backtraceViews.setContent(entry.hook.id, entry.backtrace) self.backtraceViews.showView(address)
def handleHookFuncShowCPU(self): if self.hookedFunction() == False: return func = get_func(ScreenEA()) if func is None: return address = func.startEA; if self.cpuContextViews.hasView(address) == False: entry = self.idbHookMap[address] newView = CPUContextView(self, entry.hook.id, entry.hook.symbol) self.cpuContextViews.addView("CPU Context", newView) self.cpuContextViews.setContent(entry.hook.id, {"arch":entry.arch, "context":entry.cpu_ctx}) self.cpuContextViews.showView(address)
def handleHookFuncShowStack(self): if self.hookedFunction() == False: return func = get_func(ScreenEA()) if func is None: return address = func.startEA; if self.stackViews.hasView(address) == False: entry = self.idbHookMap[address] newView = StackView(self, entry.hook.id, entry.hook.symbol) self.stackViews.addView("Stack", newView) self.stackViews.setContent(entry.hook.id, entry.stack) self.stackViews.showView(address)
def handleHookFuncShowBacktrace(self): if self.hookedFunction() == False: return func = get_func(ScreenEA()) if func is None: return address = func.startEA; if self.backtraceViews.hasView(address) == False: entry = self.idbHookMap[address] newView = BacktraceView(self, entry.hook.id) self.backtraceViews.addView("Backtrace", newView) self.backtraceViews.setContent(entry.hook.id, entry.backtrace) self.backtraceViews.showView(address)
def handleHookInstLinkMemory(self): if self.hookedInstruction() == False: return address = ScreenEA() self.idbHookMap[address].mem_list = self.linkMemoryRanges(); entry = self.idbHookMap[address] outJSON = json.dumps({ "req_id": kFridaLink_UpdHookRequest, "data": entry.genUpdRequest(HookEntry.UPD_MEMLIST) }) self.clientSocket.sendto(outJSON, self.clientAddress)
def hookedInstruction(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() if address in self.idbHookMap: # can be start of the function, check hook type if self.idbHookMap[address].hook.type == "inst": return True else: return False else: return False
def handleGetRealAddress(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() offset, moduleName = self.getAddressDetails(address) for module in self.targetModules: if module['name'] == moduleName: moduleBase = module['base'] realAddr = int(moduleBase,16) + offset self.handleFraplLog("info", "[ %s ] 0x%X => 0x%X %s" % (moduleName, address, realAddr, GetDisasm(address))) break
def handleReplaceFuncEdit(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return repl_id = func.startEA; if repl_id not in self.funcReplaceMap: return entry = self.funcReplaceMap[repl_id] replaceDlg = FunctionReplaceDialog(entry.module, "%X" % entry.id, entry.symbol, entry.recentSrcFile) replaceDlg.Compile() replaceDlg.ret_type.value = entry.ret_type[1:-1] replaceDlg.args.value = entry.args_str replaceDlg.script.value = entry.script ok = replaceDlg.Execute() if ok != 1: return flags = FuncReplace.UDP_NONE entry.recentSrcFile = replaceDlg.recentScriptFile if entry.script != replaceDlg.script.value: entry.script = replaceDlg.script.value flags |= FuncReplace.UPD_SCRIPT outJSON = json.dumps({ "req_id": kFridaLink_UpdReplaceRequest, "data": entry.genUpdRequest(flags) }) self.clientSocket.sendto(outJSON, self.clientAddress)
def handleReplaceFuncDel(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return repl_id = func.startEA; if repl_id not in self.funcReplaceMap: return entry = self.funcReplaceMap[repl_id] outJSON = json.dumps({ "req_id": kFridaLink_DelReplaceRequest, "data": entry.genDelRequest() }) del self.funcReplaceMap[repl_id] self.clientSocket.sendto(outJSON, self.clientAddress) if entry.moduleImport == False: SetColor(repl_id, CIC_FUNC, kIDAViewColor_Reset) refresh_idaview_anyway() self.funcReplaceView.setContent(self.funcReplaceMap)
def replacedFunction(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return False; address = func.startEA; if address in self.funcReplaceMap: return True else: return False
def GlobalorLocal(self): origlobal= self._global views = ['1','2','3'] if self._global == 1: tmpglobal = 0 else: tmpglobal = 1 c_ea = idc.ScreenEA() (c_startEA,c_endEA) = self._GetFuncRange(c_ea) indexs = [i for i,item in enumerate(self._tablelist) if item[2] in views] for index in indexs: ea = int(self._tablelist[index][0],16) DEBUG_PRINT( ea) (startEA,endEA) = self._GetFuncRange(ea) if startEA == c_startEA: c_index = index continue self._delComms(startEA,endEA) self._tablelist[index][2] = '0' for ea in range(c_startEA,c_endEA+1): if ea in self._dbDict.keys(): if self._dbDict[ea]._shown == True: idx = self.GetIDX(ea) id = self.GetID(ea, idx) oldComm = str(idc.GetCommentEx(ea, 0)) startIdx = oldComm.find(self._commMarker) if(startIdx != -1): comm = oldComm[0:startIdx] idc.MakeComm(ea, str(comm).strip()) self._global = tmpglobal self._ApdComm(ea,id) self._global = origlobal self._global = tmpglobal return
def _showFunctions(self): DEBUG_PRINT('IN _showFunctions') try: ea = idc.ScreenEA() deflt_ea = idaapi.get_func(ea).startEA except: deflt_ea = int(self._tablelist[0][0],16) deflt_id = 1 views = ['0','1','2','3'] for view in views: if [hex(deflt_ea),idc.GetFunctionName(deflt_ea),view] in self._tablelist: deflt_id = self._tablelist.index([hex(deflt_ea),idc.GetFunctionName(deflt_ea),view]) + 1 # if [hex(deflt_ea),idc.GetFunctionName(deflt_ea),'0'] in self._tablelist: # deflt_id = self._tablelist.index([hex(deflt_ea),idc.GetFunctionName(deflt_ea),'0']) + 1 # if [hex(deflt_ea),idc.GetFunctionName(deflt_ea),'1'] in self._tablelist: # deflt_id = self._tablelist.index([hex(deflt_ea),idc.GetFunctionName(deflt_ea),'1']) + 1 title = "Functions with Comments" cols = [['Address',10],['Function Name',15],['Show',4]] chooser = IdxChoose2(title, cols, self._tablelist, deflt = deflt_id) id = chooser.show() if -1==id: return 0 else: ea = int(self._tablelist[id][0],16) return ea #hex(int(self._tablelist[id][0],16))
def IdxChooser(self): #'i' #THE ONLY place can change the index manually DEBUG_PRINT('in IdxChooser') ea = idc.ScreenEA() deflt_id = 1 try: deflt_id = self.GetID(ea, self.GetIDX(ea)) + 1 except: pass DEBUG_PRINT(ea) if ea not in self._dbDict.keys(): DEBUG_PRINT( '\n0x%x has no comments'%(ea)) return title = 'IndexChooser' cols = [['ID',4],['Index',10],['Comment',40]] items = [] count = 1 for item in self._dbDict[ea]._idx_list: temp = [str(count),str(item[0]),item[1]] items.append(temp) count = count + 1 chooser = IdxChoose2(title, cols, items,deflt = deflt_id) id = chooser.show() if -1==id: idc.Message('\n Index no change\n') else: self._choose_id = id self._choose_ea = ea print '0x%x %dth index is chosen'%(ea,self._choose_id) self.ForwardView(ea,self._choose_id,innermode = 1)
def handleHookInstCust(self, screenEA = None): if screenEA is not None: address = screenEA else: address = ScreenEA() # safety checks, can be start of the function if address in self.idbHookMap and self.idbHookMap[address].hook.type == "func": dlg = AskYN(0, "Address contains function hook!\nDo you want to remove it?") if dlg != 1: return # remove function hook self.handleUnhookFunc(address) offset, moduleName = self.getAddressDetails(address) hookDlg = InstructionHookDialog(moduleName, "%X" % address, GetDisasm(address), None) hookDlg.Compile() hookDlg.script.value = "" ok = hookDlg.Execute() if ok != 1: return hook = InstHook() hook.id = address hook.mnemonic = GetDisasm(address) hook.address = offset hook.module = moduleName hook.once = True if hookDlg.trigger.value == 0 else False hook.recentScriptFile = hookDlg.recentScriptFile hook.script = hookDlg.script.value entry = HookEntry(hook) outJSON = json.dumps({ "req_id": kFridaLink_SetHookRequest, "data": entry.genSetRequest() }) SetColor(address, CIC_ITEM, kIDAViewColor_HookedInst) refresh_idaview_anyway() self.clientSocket.sendto(outJSON, self.clientAddress) self.idbHookMap[address] = entry self.idbHooksView.setContent(self.idbHookMap)
def handleHookFuncCust(self, screenEA = None): if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return address = func.startEA; # safety checks, can be start of the function if address in self.idbHookMap and self.idbHookMap[address].hook.type == "inst": dlg = AskYN(0, "Address contains instruction hook!\nDo you want to remove it?") if dlg != 1: return # remove instruction hook self.handleUnhookInst(address) offset, moduleName = self.getAddressDetails(address) hookDlg = FunctionHookDialog(moduleName, "%X" % address, get_func_name(address), None, None) hookDlg.Compile() hookDlg.script_enter.value = "" hookDlg.script_leave.value = "" ok = hookDlg.Execute() if ok != 1: return hook = FuncHook() hook.id = address hook.symbol = get_func_name(address) hook.address = offset hook.module = moduleName hook.once = True if hookDlg.trigger.value == 0 else False hook.enterRecentSrcFile = hookDlg.recentScriptFileEnter hook.enterScript = hookDlg.script_enter.value hook.leaveRecentSrcFile = hookDlg.recentScriptFileLeave hook.leaveScript = hookDlg.script_leave.value entry = HookEntry(hook) outJSON = json.dumps({ "req_id": kFridaLink_SetHookRequest, "data": entry.genSetRequest() }) SetColor(address, CIC_FUNC, kIDAViewColor_HookedFunc) refresh_idaview_anyway() self.clientSocket.sendto(outJSON, self.clientAddress) self.idbHookMap[address] = entry self.idbHooksView.setContent(self.idbHookMap)
def handleHookFuncEdit(self, screenEA = None): if self.hookedFunction() == False: return if screenEA is not None: func = get_func(screenEA) else: func = get_func(ScreenEA()) if func is None: return address = func.startEA; entry = self.idbHookMap[address] entry.hook.symbol = get_func_name(address) hookDlg = FunctionHookDialog(entry.hook.module, "%X" % entry.hook.id, entry.hook.symbol, entry.hook.enterRecentSrcFile, entry.hook.leaveRecentSrcFile) hookDlg.Compile() hookDlg.script_enter.value = entry.hook.enterScript hookDlg.script_leave.value = entry.hook.leaveScript hookDlg.trigger.value = 0 if entry.hook.once == True else 1 ok = hookDlg.Execute() if ok != 1: return flags = HookEntry.UDP_NONE once = True if hookDlg.trigger.value == 0 else False if entry.hook.once != once: entry.hook.once = once flags |= HookEntry.UPD_TRIGGER entry.hook.enterRecentSrcFile = hookDlg.recentScriptFileEnter if entry.hook.enterScript != hookDlg.script_enter.value: entry.hook.enterScript = hookDlg.script_enter.value flags |= HookEntry.UPD_SCRIPT entry.hook.leaveRecentSrcFile = hookDlg.recentScriptFileLeave if entry.hook.leaveScript != hookDlg.script_leave.value: entry.hook.leaveScript = hookDlg.script_leave.value flags |= HookEntry.UPD_SCRIPT outJSON = json.dumps({ "req_id": kFridaLink_UpdHookRequest, "data": entry.genUpdRequest(flags) }) self.clientSocket.sendto(outJSON, self.clientAddress)
def ForwardView(self,ea,id, innermode = 0): # '>'. DEBUG_PRINT( 'Forward ') if innermode == 0: ea = idc.ScreenEA() id = self.GetID(ea, self.GetIDX(ea)) self._choose_ea = ea self.max_ea = ea self.min_ea = ea self.max_idx = 0 self.min_idx = 0 color = 1 (startEA,endEA) = self._GetFuncRange(ea) self.ColorCompare() self._delComms(startEA,endEA) # endEA = decode_prev_insn(endEA) (down_ea, up_ea) = (ea,ea) (down_id, up_id) = (id,id) # print 'max 0x%x end 0x%x'%(self.max_ea,endEA) # print 'min 0x%x start 0x%x'%(self.min_ea,startEA) while(self.max_ea <= endEA and self.min_ea >= startEA and color <4): DEBUG_PRINT( 'in while') self.LookDOWN(endEA,down_ea,down_id,color) self.LookUP(startEA,up_ea,up_id,color) if [] == self._dbDict[self.max_ea]._xref_from and [] == self._dbDict[self.min_ea]._xref_to: print 'max_ea and min_ea have no xref' break if [] != self._dbDict[self.max_ea]._xref_from: (down_ea, down_id) = self.Get_Down() if -1 == down_ea: (down_ea, down_id) = (ea,id) if [] != self._dbDict[self.min_ea]._xref_to: (up_ea, up_id) = self.Get_Up() if -1 == up_ea: (up_ea, up_id) = (ea,id) DEBUG_PRINT(color) color = color+1 print 'Forward View is finished' idc.Refresh() cid = [i for i,item in enumerate(self._tablelist) if item[0]==hex(startEA)] if cid != []: cindex = cid[0] self._tablelist[cindex][2] = '2' else: print 'ea not in range' return
def BackwardView(self,ea,id, innermode = 0): #'<', DEFAULT VIEW DEBUG_PRINT('Backward') if innermode == 0: ea = idc.ScreenEA() self._choose_ea = ea id = self.GetID(ea, self.GetIDX(ea)) self.max_ea = ea self.min_ea = ea self.max_idx = 0 self.min_idx = 0 color = 1 (startEA,endEA) = self._GetFuncRange(ea) self.ColorCompare() self._delComms(startEA,endEA) # endEA = decode_prev_insn(endEA) (down_ea, up_ea) = (ea,ea) (down_id, up_id) = (id,id) # print 'max 0x%x end 0x%x'%(self.max_ea,endEA) # print 'min 0x%x start 0x%x'%(self.min_ea,startEA) while(self.max_ea <= endEA and self.min_ea >= startEA and color <4): DEBUG_PRINT( 'in while') DEBUG_PRINT( 'max 0x%x'%self.max_ea) DEBUG_PRINT( 'min 0x%x'%self.min_ea) self.LookUP(startEA,up_ea,up_id,color) self.LookDOWN(endEA,down_ea,down_id,color) if [] == self._dbDict[self.max_ea]._xref_from and [] == self._dbDict[self.min_ea]._xref_to: break if [] != self._dbDict[self.max_ea]._xref_from: (down_ea, down_id) = self.Get_Down() if -1 == down_ea: (down_ea, down_id) = (ea,id) if [] != self._dbDict[self.min_ea]._xref_to: (up_ea, up_id) = self.Get_Up() if -1 == up_ea: (up_ea, up_id) = (ea,id) DEBUG_PRINT(color) color = color+1 print 'Backward View finished' cid = [i for i,item in enumerate(self._tablelist) if item[0]==hex(startEA)] if cid != []: cindex = cid[0] self._tablelist[cindex][2] = '3' else: print 'ea not in range' idc.Refresh() return
