Python ida_bytes.create_data() Examples

The following are 6 code examples of ida_bytes.create_data(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module ida_bytes , or try the search function .
Example #1
Source File: refs.py    From mcsema with Apache License 2.0 6 votes vote down vote up 
def _make_array_entry(ea, item_size):
  if item_size == 4:
    item_type = idc.FF_DWORD
  elif item_size == 8:
    item_type = idc.FF_QWORD
  else:
    raise ValueError("Invalid item size")

  ida_bytes.create_data(ea, item_type, item_size, ida_idaapi.BADADDR)

# Try to create an array at `ea`, that extends into something that also looks
# like an array down the line. The idea is that sometimes there are arrays,
# but prefixes of those arrays are missed by IDA (curiously, idaq will sometimes
# correctly get these, but idal64 won't). If we find an immediate that looks
# like it could point at an array entry, then we want to treat it as a
# reference. To do that, we may need to make an array.
#
# TODO(pag): For now, we will assume that items must be at least 4 or 8 bytes
#            i.e. pointer or offset sized entries.
#
# TODO(pag): Should we check that all the entries agree in terms of zero-ness?
#            i.e. if the next entry is zero, then everything up to it should be
#            zero, and if the next entry is non-zero, then everything up to it
#            should be non-zero.
Example #2
Source File: analyzer.py    From Karta with MIT License 5 votes vote down vote up 
def __init__(self, logger, num_bits, is_elf, data_fptr_alignment=4, mixed_code_and_data=False):
        """Create the analyzer's base class instance.

        Args:
            logger (logger): logger instance
            num_bits (int): bitness of the CPU (32 bits by default)
            data_fptr_alignment (int, optional): byte alignment needed for global fptrs (4 by default)
            mixed_code_and_data (bool, optional): True iff the main code section includes RO data constants (False by default)
        """
        self.logger = logger
        self._num_bits = num_bits
        self._is_elf = is_elf
        self.data_fptr_alignment = data_fptr_alignment
        self._mixed_code_and_data = mixed_code_and_data
        if num_bits == 64:
            self._address_parse_fn = idc.get_qword
            self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_QWORD, 8, idc.BADADDR)
            self.address_pack_format = "Q"
        elif num_bits == 32:
            self._address_parse_fn = idc.get_wide_dword
            self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_DWORD, 4, idc.BADADDR)
            self.address_pack_format = "L"
        else:
            self._address_parse_fn = idc.get_wide_word
            self._address_make_fn = lambda x: ida_bytes.create_data(x, idc.FF_WORD, 2, idc.BADADDR)
            self.address_pack_format = "H"
        # fields to be linked later on
        self.func_classifier = None
        self.fptr_identifier = None
        self.str_identifier = None
        self.locals_identifier = None
        self.switch_identifier = None
        # code types
        self._active_code_types = list(self.codeTypes())
Example #3
Source File: events.py    From IDArling with GNU General Public License v3.0 5 votes vote down vote up 
def __call__(self):
        ida_bytes.create_data(self.ea, self.flags, self.size, self.tid)
Example #4
Source File: IdaProxy.py    From apiscout with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
def MakeDWord(self, ea):
        if idaapi.IDA_SDK_VERSION < 700:
            return idc.MakeDword(ea)
        else:
            return ida_bytes.create_data(ea, FF_DWORD, 4, idaapi.BADADDR)
Example #5
Source File: IdaProxy.py    From apiscout with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
def MakeQWord(self, ea):
        if idaapi.IDA_SDK_VERSION < 700:
            return idc.MakeQword(ea)
        else:
            return ida_bytes.create_data(ea, FF_QWORD, 8, idaapi.BADADDR)
Example #6
Source File: mclf_loader.py    From mclf-ida-loader with GNU General Public License v3.0 4 votes vote down vote up 
def load_file(f, neflags, format):
	f.seek(0)
	
	magic 		 	= f.read(4);
	version 	 	= struct.unpack("<I", f.read(4))[0];
	flags 		 	= struct.unpack("<I", f.read(4))[0];
	memType 	 	= struct.unpack("<I", f.read(4))[0];
	serviceType  	= struct.unpack("<I", f.read(4))[0];
	numInstances 	= struct.unpack("<I", f.read(4))[0];
	uuid 		 	= struct.unpack("<IIII", f.read(16));
	driverId 	 	= struct.unpack("<I", f.read(4))[0];
	numThreads 	 	= struct.unpack("<I", f.read(4))[0];
	textVA  	 	= struct.unpack("<I", f.read(4))[0];
	textLen 	 	= struct.unpack("<I", f.read(4))[0];
	dataVA  	 	= struct.unpack("<I", f.read(4))[0];
	dataLen 	 	= struct.unpack("<I", f.read(4))[0];
	bssLen 	 	 	= struct.unpack("<I", f.read(4))[0];
	entry 	 	 	= struct.unpack("<I", f.read(4))[0];

	f.seek(MCLF_TEXT_INFO_OFFSET)
	
	idaapi.set_processor_type("arm", ida_idp.SETPROC_LOADER)

	# Set VA for .text and add the segment
	f.file2base(0, textVA, textVA + textLen, True)
	idaapi.add_segm(0, textVA, textVA + textLen, ".text", "CODE")

	# Set VA for .data and add the segment
	f.file2base(textLen, dataVA, dataVA + dataLen, True)
	idaapi.add_segm(0, dataVA, dataVA + dataLen, ".data", "DATA")
	
	# Add BSS segment after .text and .data
	idaapi.add_segm(0, dataVA + dataLen, dataVA + dataLen + bssLen, ".bss", "BSS")

	if entry % 4 == 1: 
		#Thumb address is always +1 to set the T bit
		idaapi.add_entry(entry-1, entry-1, "_entry", 1)
		split_sreg_range(entry-1, "T", 0x1, ida_segregs.SR_user)
	else:
		idaapi.add_entry(entry, entry, "_entry", 1)
		split_sreg_range(entry, "T", 0x0, ida_segregs.SR_user)

	ida_bytes.create_data(tlApiLibEntry, FF_DWORD, 4, ida_idaapi.BADADDR)
	set_name(tlApiLibEntry,"tlApiLibEntry", SN_CHECK)
	return 1