Python ida_segment.getseg() Examples
The following are 17
code examples of ida_segment.getseg().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
ida_segment
, or try the search function
.
.
Example #1
| Source File: ida_export.py From bnida with MIT License | 7 votes |
|
def get_sections():
"""
Get section names and start/end addrs from IDA database
:return: Dict containing section info
"""
sections = {}
for ea in idautils.Segments():
segm = ida_segment.getseg(ea)
name = ida_segment.get_segm_name(segm)
if name == 'LOAD':
continue
curr = {}
curr['start'] = segm.start_ea
curr['end'] = segm.end_ea
sections[name] = curr
return sections
Example #2
| Source File: vrop.py From IDACyber with MIT License | 6 votes |
|
def on_get_annotations(self, address, size, mouse_offs):
caption = "Return instructions:"
spaces = 40*'-'
ann = [(None, None, caption, self.colormap[-1])]
if len(self.ret_locs):
i = 0
offs = self._get_selection_offs()
nret = len(self.ret_locs)
for x in range(offs,nret):
_, __, ret = self.ret_locs[x]
seg = getseg(ret)
textcol = self.txtcol
if seg is not None:
if not seg.perm & SEGPERM_EXEC:
# red text color if ret not within executable segment
textcol = 0xEE0000
ann.append((ret, self.ptrcol, " %X [%s]" % (ret, generate_disasm_line(ret, GENDSM_FORCE_CODE | GENDSM_REMOVE_TAGS)), textcol))
i += 1
if i > self.threshold and len(self.ret_locs) - i > 0:
ann.append((None, None, "<%d more not shown>" % (len(self.ret_locs) - i), self.colormap[-1]))
break
return ann
Example #3
| Source File: ida_export.py From bnida with MIT License | 6 votes |
|
def get_line_comments():
"""
Iterate through every address in a segment and check for comments
:return: Dict containing line comments
"""
last_comment = ''
comments = {}
for ea in idautils.Segments():
segm = ida_segment.getseg(ea)
name = ida_segment.get_segm_name(segm)
if name == 'LOAD':
continue
for i in range(segm.start_ea, segm.end_ea):
comment = get_single_line_comment(i)
if comment and comment != last_comment:
comments[i] = comment
last_comment = comment
return comments
Example #4
| Source File: idaxml.py From GhIDA with Apache License 2.0 | 6 votes |
|
def is_overlay(self, addr):
"""
Checks if memory block (segment) is an overlay.
Args:
addr: Integer representing a program address.
Returns:
True if memory block (segment) is an overlay.
"""
if ida_idp.ph_get_id() == ida_idp.PLFM_C166:
return False
s = ida_segment.getseg(addr)
if s.start_ea in self.overlay:
return self.overlay[s.start_ea]
return False
Example #5
| Source File: idaxml.py From GhIDA with Apache License 2.0 | 6 votes |
|
def translate_address(self, addr):
"""
Returns the translated logical address.
The logical address is adjusted for the segment base address.
For 16-bit segmented memory, return the 20-bit address.
Args:
addr: Integer representing a program address.
Returns:
Integer representing the logical address.
"""
if self.seg_addr == False:
return addr - ida_segment.get_segm_base(ida_segment.getseg(addr))
base = ida_segment.get_segm_para(ida_segment.getseg(addr))
return (base << 16) + (addr - (base << 4))
Example #6
| Source File: events.py From IDArling with GNU General Public License v3.0 | 5 votes |
|
def __call__(self):
seg = ida_segment.getseg(self.ea)
ida_segment.set_segm_name(seg, Event.encode(self.name))
Example #7
| Source File: IdaInterface.py From smda with BSD 2-Clause "Simplified" License | 5 votes |
|
def isExternalFunction(self, function_offset):
function_segment = ida_segment.getseg(function_offset)
function_segment_name = ida_segment.get_segm_name(function_segment)
is_extern = function_segment_name in ["extern", "UNDEF"]
return is_extern
Example #8
| Source File: ida_import.py From bnida with MIT License | 5 votes |
|
def adjust_addr(sections, addr):
"""
Adjust the address if there are differences in section base addresses
:param sections: Dictionary containing section info
:param addr: Address that might need adjusted
:return: Adjusted address
"""
bn_section_start = None
section_name = None
for name, section in sections.items():
if addr >= int(section['start']) and addr <= int(section['end']):
bn_section_start = int(section['start'])
section_name = name
break
# Make sure the section was found (this check should always pass)
if section_name is None:
print('Section not found in bnida analysis data for addr: {:08x}'.format(addr))
return None
# Retrieve section start in IDA and adjust the addr
ida_sections = idautils.Segments()
for ea in ida_sections:
segm = ida_segment.getseg(ea)
if ida_segment.get_segm_name(segm) == section_name:
return addr - bn_section_start + segm.start_ea
print('Section not found - name:{} addr:{:08x}'.format(section_name, addr))
return None
Example #9
| Source File: events.py From IDArling with GNU General Public License v3.0 | 5 votes |
|
def __call__(self):
flags = ida_segment.MFS_NETMAP if self.changed_netmap else 0
s = ida_segment.getseg(self.from_ea)
ida_segment.move_segm(s, self.to_ea, flags)
Example #10
| Source File: events.py From IDArling with GNU General Public License v3.0 | 5 votes |
|
def __call__(self):
s = ida_segment.getseg(self.ea)
s.perm = self.perm
s.bitness = self.bitness
s.update()
Example #11
| Source File: events.py From IDArling with GNU General Public License v3.0 | 5 votes |
|
def __call__(self):
seg = ida_segment.getseg(self.ea)
ida_segment.set_segm_class(seg, Event.encode(self.sclass))
Example #12
| Source File: resolve_ptrs.py From idawilli with Apache License 2.0 | 5 votes |
|
def enum_segment_ptrs(ea): seg = ida_segment.getseg(ea) for (ea, ptr) in enum_ptrs(seg.start_ea, seg.end_ea): yield (ea, ptr)
Example #13
| Source File: events.py From IDArling with GNU General Public License v3.0 | 5 votes |
|
def __call__(self):
cmt = Event.encode(self.cmt)
if self.kind == ida_range.RANGE_KIND_FUNC:
func = ida_funcs.get_func(self.start_ea)
ida_funcs.set_func_cmt(func, cmt, self.rptble)
elif self.kind == ida_range.RANGE_KIND_SEGMENT:
segment = ida_segment.getseg(self.start_ea)
ida_segment.set_segment_cmt(segment, cmt, self.rptble)
else:
raise Exception("Unsupported range kind: %d" % self.kind)
Example #14
| Source File: idaxml.py From GhIDA with Apache License 2.0 | 5 votes |
|
def get_space_name(self, addr):
"""
Returns the memory space name associated with an address.
Args:
addr: Integer representing a program address.
Returns:
String containg the memory space name.
None if single address space architecture.
Used for Harvard architectures (Intel 8051 and TMS, add others
as needed).
"""
pid = ida_idp.ph_get_id()
stype = ida_segment.segtype(addr)
if pid == ida_idp.PLFM_8051:
if stype == idc.SEG_CODE:
return "CODE"
else:
if stype == idc.SEG_IMEM:
iaddr = addr - \
ida_segment.get_segm_base(ida_segment.getseg(addr))
if iaddr < 0x80:
return "INTMEM"
else:
return "SFR"
else:
return "EXTMEM"
if pid == ida_idp.PLFM_TMS:
if stype == idc.SEG_CODE:
return "CODE"
else:
return "DATA"
return None
Example #15
| Source File: idaxml.py From GhIDA with Apache License 2.0 | 5 votes |
|
def get_address_string(self, addr):
"""
Returns a string representing the address.
The representation is typically a hex string of the address,
but may include a segment or space name prefixe based on the
processor or architecture.
Args:
addr: Integer representing a program address.
"""
temp = "0x%X" % (
addr - ida_segment.get_segm_base(ida_segment.getseg(addr)))
space = self.get_space_name(addr)
if space != None:
temp = "%s:%04X" % (space,
addr - ida_segment.get_segm_base(ida_segment.getseg(addr)))
else:
if (ida_idp.ph_get_id() == ida_idp.PLFM_386 and
ida_segment.getseg(addr).bitness == 0):
base = ida_segment.get_segm_para(ida_segment.getseg(addr))
temp = "%04X:%04X" % (base, addr - (base << 4))
if ida_idp.ph_get_id() == ida_idp.PLFM_C166:
temp = "0x%X" % addr
if self.has_overlays == True and self.is_overlay(addr) == True:
oname = ida_segment.get_segm_name(ida_segment.getseg(addr))
if len(oname) > 0:
temp = oname + "::" + temp
return temp
Example #16
| Source File: color.py From idawilli with Apache License 2.0 | 5 votes |
|
def enum_segments():
for ea in idautils.Segments():
seg = ida_segment.getseg(ea)
yield Segment(seg.start_ea, seg.end_ea, seg.name)
Example #17
| Source File: idaxml.py From GhIDA with Apache License 2.0 | 4 votes |
|
def export_code(self):
"""
Exports the address ranges of code sequences as CODE_BLOCK(s)
with START and END address attributes.
"""
addr = self.min_ea
if idc.is_code(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea, idc.is_code)
if (addr == BADADDR):
return
self.update_status(CODE)
timer = time.clock()
data = ida_bytes.next_that(addr, self.max_ea, idc.is_data)
unknown = ida_bytes.next_unknown(addr, self.max_ea)
self.start_element(CODE, True)
while (addr != BADADDR):
start = addr
end = min(data, unknown)
if (end == BADADDR):
if (ida_segment.getseg(start).end_ea < self.max_ea):
codeend = ida_segment.getseg(start).end_ea - 1
addr = ida_segment.getseg(idc.next_addr(codeend)).start_ea
if idc.is_code(idc.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea,
idc.is_code)
else:
codeend = self.max_ea - 1
addr = BADADDR
else:
if (ida_segment.getseg(start).end_ea < end):
codeend = ida_segment.getseg(start).end_ea - 1
addr = ida_segment.getseg(idc.next_addr(codeend)).start_ea
if idc.is_code(ida_bytes.get_full_flags(addr)) == False:
addr = ida_bytes.next_that(addr, self.max_ea,
idc.is_code)
else:
codeend = idc.get_item_end(ida_bytes.prev_that(end,
start, idc.is_code)) - 1
addr = ida_bytes.next_that(end, self.max_ea, idc.is_code)
if (data < addr):
data = ida_bytes.next_that(addr, self.max_ea,
idc.is_data)
if (unknown < addr):
unknown = ida_bytes.next_unknown(addr, self.max_ea)
self.start_element(CODE_BLOCK)
self.write_address_attribute(START, start)
self.write_address_attribute(END, codeend)
self.close_tag()
self.end_element(CODE)
self.display_cpu_time(timer)
