Module ida_nalt
[frames] | no frames]

Module ida_nalt

IDA Plugin SDK API wrapper: nalt

Classes
  custom_data_type_ids_fids_array
Proxy of C++ wrapped_array_t<(int16,8)> class
  strpath_ids_array
Proxy of C++ wrapped_array_t<(tid_t,32)> class
  array_parameters_t
Proxy of C++ array_parameters_t class
  custom_data_type_ids_t
Proxy of C++ custom_data_type_ids_t class
  refinfo_t
Proxy of C++ refinfo_t class
  strpath_t
Proxy of C++ strpath_t class
  enum_const_t
Proxy of C++ enum_const_t class
  opinfo_t
Proxy of C++ opinfo_t class
  printop_t
Proxy of C++ printop_t class
  switch_info_t
Functions
nodeidx_t
ea2node(ea)
ea_t
node2ea(ndx)
netnode
getnode(ea)
 
set_aflags(ea, flags)
 
set_abits(ea, bits)
 
clr_abits(ea, bits)
uint32
get_aflags(ea)
 
del_aflags(ea)
bool
is_hidden_item(ea)
 
hide_item(ea)
 
unhide_item(ea)
bool
is_hidden_border(ea)
 
hide_border(ea)
 
unhide_border(ea)
bool
uses_modsp(ea)
 
set_usemodsp(ea)
 
clr_usemodsp(ea)
bool
is_zstroff(ea)
 
set_zstroff(ea)
 
clr_zstroff(ea)
bool
is__bnot0(ea)
 
set__bnot0(ea)
 
clr__bnot0(ea)
bool
is__bnot1(ea)
 
set__bnot1(ea)
 
clr__bnot1(ea)
bool
is_libitem(ea)
 
set_libitem(ea)
 
clr_libitem(ea)
bool
has_ti(ea)
 
set_has_ti(ea)
 
clr_has_ti(ea)
bool
has_ti0(ea)
 
set_has_ti0(ea)
 
clr_has_ti0(ea)
bool
has_ti1(ea)
 
set_has_ti1(ea)
 
clr_has_ti1(ea)
bool
has_lname(ea)
 
set_has_lname(ea)
 
clr_has_lname(ea)
bool
is_tilcmt(ea)
 
set_tilcmt(ea)
 
clr_tilcmt(ea)
bool
is_usersp(ea)
 
set_usersp(ea)
 
clr_usersp(ea)
bool
is_lzero0(ea)
 
set_lzero0(ea)
 
clr_lzero0(ea)
bool
is_lzero1(ea)
 
set_lzero1(ea)
 
clr_lzero1(ea)
bool
is_colored_item(ea)
 
set_colored_item(ea)
 
clr_colored_item(ea)
bool
is_terse_struc(ea)
 
set_terse_struc(ea)
 
clr_terse_struc(ea)
bool
is__invsign0(ea)
 
set__invsign0(ea)
 
clr__invsign0(ea)
bool
is__invsign1(ea)
 
set__invsign1(ea)
 
clr__invsign1(ea)
bool
is_noret(ea)
 
set_noret(ea)
 
clr_noret(ea)
bool
is_fixed_spd(ea)
 
set_fixed_spd(ea)
 
clr_fixed_spd(ea)
bool
is_align_flow(ea)
 
set_align_flow(ea)
 
clr_align_flow(ea)
bool
is_userti(ea)
 
set_userti(ea)
 
clr_userti(ea)
bool
is_retfp(ea)
 
set_retfp(ea)
 
clr_retfp(ea)
bool
is_notproc(ea)
 
set_notproc(ea)
 
clr_notproc(ea)
 
set_notcode(ea)
 
clr_notcode(ea)
bool
is_notcode(ea)
 
set_visible_item(ea, visible)
bool
is_visible_item(ea)
bool
is_finally_visible_item(ea)
 
set_source_linnum(ea, lnnum)
uval_t
get_source_linnum(ea)
 
del_source_linnum(ea)
ea_t
get_absbase(ea)
 
set_absbase(ea, x)
 
del_absbase(ea)
ea_t
get_ind_purged(ea)
 
del_ind_purged(ea)
uint32
get_str_type(ea)
 
set_str_type(ea, x)
 
del_str_type(ea)
uchar
get_str_type_code(strtype)
char
get_str_term1(strtype)
char
get_str_term2(strtype)
uchar
get_str_encoding_idx(strtype)
bool
is_pascal(strtype)
uint32
get_alignment(ea)
 
set_alignment(ea, x)
 
del_alignment(ea)
 
set_item_color(ea, color)
bgcolor_t
get_item_color(ea)
 
del_item_color(ea)
ssize_t
get_array_parameters(out, ea)
 
set_array_parameters(ea, _in)
 
del_array_parameters(ea)
ea_t
get_switch_parent(ea)
 
set_switch_parent(ea, x)
 
del_switch_parent(ea)
int
get_custom_data_type_ids(cdis, ea)
 
set_custom_data_type_ids(ea, cdis)
 
del_custom_data_type_ids(ea)
bool
is_reftype_target_optional(type)
reftype_t
get_reftype_by_size(size)
int
find_custom_refinfo(name)
custom_refinfo_handler_t const *
get_custom_refinfo(crid)
int
set_refinfo_ex(ea, n, ri)
int
set_refinfo(ea, n, type, target=BADADDR, base=0, tdelta=0)
int
get_refinfo(ri, ea, n)
int
del_refinfo(ea, n)
bool
get_tinfo(tif, ea)
bool
set_tinfo(ea, tif)
 
del_tinfo(ea)
bool
get_op_tinfo(tif, ea, n)
bool
set_op_tinfo(ea, n, tif)
 
del_op_tinfo(ea, n)
ssize_t
get_input_file_path()
ssize_t
get_root_filename()
 
set_root_filename(file)
uint32
retrieve_input_file_size()
uint32
retrieve_input_file_crc32()
bool
retrieve_input_file_md5()
bool
retrieve_input_file_sha256()
ssize_t
get_asm_inc_file()
bool
set_asm_inc_file(file)
ea_t
get_imagebase()
 
set_imagebase(base)
netnode
get_ids_modnode()
 
set_ids_modnode(id)
ssize_t
dbg_get_input_path()
ssize_t
get_abi_name()
ssize_t
get_archive_path()
bool
set_archive_path(file)
int
get_encoding_qty()
char const *
get_encoding_name(idx)
int
add_encoding(encoding)
bool
del_encoding(idx)
bool
rename_encoding(idx, encoding)
int
get_encoding_bpu(idx)
int
get_strtype_bpu(strtype)
int
get_default_encoding_idx(bpu)
bool
set_default_encoding_idx(bpu, idx)
char const *
encoding_from_strtype(strtype)
uint
get_import_module_qty()
 
delete_imports()
int
validate_idb_names()
 
set_gotea(gotea)
ea_t
get_gotea()
PyObject *
get_import_module_name(mod_index)
Returns the name of an imported module given its index
PyObject *
get_switch_info(ea)
Returns the a switch_info_t structure containing the information about the switch.
bool
set_switch_info(ea, py_swi)
Saves the switch information in the database Please refer to the SDK sample 'uiswitch'
 
del_switch_info(ea)
Deletes stored switch information
int
enum_import_names(mod_index, py_cb)
Enumerate imports from a specific module.
PyObject *
switch_info_t_create()
bool
switch_info_t_destroy(py_obj)
bool
switch_info_t_assign(self, other)
PyObject *
switch_info_t_get_regdtype(self)
 
switch_info_t_set_regdtype(self, value)
PyObject *
switch_info_t_get_flags(self)
 
switch_info_t_set_flags(self, value)
PyObject *
switch_info_t_get_jcases(self)
 
switch_info_t_set_jcases(self, value)
PyObject *
switch_info_t_get_regnum(self)
 
switch_info_t_set_regnum(self, value)
PyObject *
switch_info_t_get_ncases(self)
 
switch_info_t_set_ncases(self, value)
PyObject *
switch_info_t_get_defjump(self)
 
switch_info_t_set_defjump(self, value)
PyObject *
switch_info_t_get_jumps(self)
 
switch_info_t_set_jumps(self, value)
PyObject *
switch_info_t_get_elbase(self)
 
switch_info_t_set_elbase(self, value)
PyObject *
switch_info_t_get_startea(self)
 
switch_info_t_set_startea(self, value)
PyObject *
switch_info_t_get_custom(self)
 
switch_info_t_set_custom(self, value)
PyObject *
switch_info_t_get_ind_lowcase(self)
 
switch_info_t_set_ind_lowcase(self, value)
PyObject *
switch_info_t_get_values_lowcase(self)
 
switch_info_t_set_values_lowcase(self, value)
Variables
  NALT_SWITCH = 1
  NALT_STRUCT = 3
  NALT_AFLAGS = 8
  NALT_LINNUM = 9
  NALT_ABSBASE = 10
  NALT_ENUM0 = 11
  NALT_ENUM1 = 12
  NALT_PURGE = 15
  NALT_STRTYPE = 16
  NALT_ALIGN = 17
  NALT_COLOR = 20
  NSUP_CMT = 0
  NSUP_REPCMT = 1
  NSUP_FOP1 = 2
  NSUP_FOP2 = 3
  NSUP_JINFO = 4
  NSUP_ARRAY = 5
  NSUP_OMFGRP = 6
  NSUP_FOP3 = 7
  NSUP_SWITCH = 8
  NSUP_REF0 = 9
  NSUP_REF1 = 10
  NSUP_REF2 = 11
  NSUP_OREF0 = 12
  NSUP_OREF1 = 13
  NSUP_OREF2 = 14
  NSUP_STROFF0 = 15
  NSUP_STROFF1 = 16
  NSUP_SEGTRANS = 17
  NSUP_FOP4 = 18
  NSUP_FOP5 = 19
  NSUP_FOP6 = 20
  NSUP_REF3 = 21
  NSUP_REF4 = 22
  NSUP_REF5 = 23
  NSUP_OREF3 = 24
  NSUP_OREF4 = 25
  NSUP_OREF5 = 26
  NSUP_XREFPOS = 27
  NSUP_CUSTDT = 28
  NSUP_GROUPS = 29
  NSUP_ARGEAS = 30
  NSUP_FOP7 = 31
  NSUP_FOP8 = 32
  NSUP_REF6 = 33
  NSUP_REF7 = 34
  NSUP_OREF6 = 35
  NSUP_OREF7 = 36
  NSUP_POINTS = 4096
  NSUP_MANUAL = 8192
  NSUP_TYPEINFO = 12288
  NSUP_REGVAR = 16384
  NSUP_LLABEL = 20480
  NSUP_REGARG = 24576
  NSUP_FTAILS = 28672
  NSUP_GROUP = 32768
  NSUP_OPTYPES = 36864
  NALT_CREF_TO = 'X'
  NALT_CREF_FROM = 'x'
  NALT_DREF_TO = 'D'
  NALT_DREF_FROM = 'd'
  NSUP_GR_INFO = 'g'
  NALT_GR_LAYX = 'p'
  NSUP_GR_LAYT = 'l'
  PATCH_TAG = 'P'
  AFL_LINNUM = 1
  AFL_USERSP = 2
  AFL_PUBNAM = 4
  AFL_WEAKNAM = 8
  AFL_HIDDEN = 16
  AFL_MANUAL = 32
  AFL_NOBRD = 64
  AFL_ZSTROFF = 128
  AFL_BNOT0 = 256
  AFL_BNOT1 = 512
  AFL_LIB = 1024
  AFL_TI = 2048
  AFL_TI0 = 4096
  AFL_TI1 = 8192
  AFL_LNAME = 16384
  AFL_TILCMT = 32768
  AFL_LZERO0 = 65536
  AFL_LZERO1 = 131072
  AFL_COLORED = 262144
  AFL_TERSESTR = 524288
  AFL_SIGN0 = 1048576
  AFL_SIGN1 = 2097152
  AFL_NORET = 4194304
  AFL_FIXEDSPD = 8388608
  AFL_ALIGNFLOW = 16777216
  AFL_USERTI = 33554432
  AFL_RETFP = 67108864
  AFL_USEMODSP = 134217728
  AFL_NOTCODE = 268435456
  AFL_NOTPROC = 536870912
  STRWIDTH_1B = 0
  STRWIDTH_2B = 1
  STRWIDTH_4B = 2
  STRWIDTH_MASK = 3
  STRLYT_TERMCHR = 0
  STRLYT_PASCAL1 = 1
  STRLYT_PASCAL2 = 2
  STRLYT_PASCAL4 = 3
  STRLYT_MASK = 252
  STRLYT_SHIFT = 2
  STRTYPE_TERMCHR = 0
  STRTYPE_C = 0
  STRTYPE_C_16 = 1
  STRTYPE_C_32 = 2
  STRTYPE_PASCAL = 4
  STRTYPE_PASCAL_16 = 5
  STRTYPE_LEN2 = 8
  STRTYPE_LEN2_16 = 9
  STRTYPE_LEN4 = 12
  STRTYPE_LEN4_16 = 13
  STRENC_DEFAULT = 0
  STRENC_NONE = 255
  AP_ALLOWDUPS = 1
  AP_SIGNED = 2
  AP_INDEX = 4
  AP_ARRAY = 8
  AP_IDXBASEMASK = 240
  AP_IDXDEC = 0
  AP_IDXHEX = 16
  AP_IDXOCT = 32
  AP_IDXBIN = 48
  cvar = _ida_nalt.cvar
  V695_REF_OFF8 = 0
  REF_OFF16 = 1
  REF_OFF32 = 2
  REF_LOW8 = 3
  REF_LOW16 = 4
  REF_HIGH8 = 5
  REF_HIGH16 = 6
  V695_REF_VHIGH = 7
  V695_REF_VLOW = 8
  REF_OFF64 = 9
  REF_OFF8 = 10
  REF_LAST = 10
  REFINFO_TYPE = 15
  REFINFO_RVAOFF = 16
  REFINFO_PASTEND = 32
  REFINFO_CUSTOM = 64
  REFINFO_NOBASE = 128
  REFINFO_SUBTRACT = 256
  REFINFO_SIGNEDOP = 512
  MAXSTRUCPATH = 32
  RIDX_FILE_FORMAT_NAME = 1
  RIDX_SELECTORS = 2
  RIDX_GROUPS = 64
  RIDX_H_PATH = 65
  RIDX_C_MACROS = 66
  RIDX_SMALL_IDC_OLD = 67
  RIDX_NOTEPAD = 68
  RIDX_INCLUDE = 1100
  RIDX_SMALL_IDC = 1200
  RIDX_DUALOP_GRAPH = 1300
  RIDX_DUALOP_TEXT = 1301
  RIDX_MD5 = 1302
  RIDX_IDA_VERSION = 1303
  RIDX_STR_ENCODINGS = 1305
  RIDX_SRCDBG_PATHS = 1306
  RIDX_SELECTED_EXTLANG = 1327
  RIDX_DBG_BINPATHS = 1328
  RIDX_SHA256 = 1349
  RIDX_ABINAME = 1350
  RIDX_ARCHIVE_PATH = 1351
  RIDX_PROBLEMS = 1352
  BPU_1B = 1
  BPU_2B = 2
  BPU_4B = 4
  SWI_SPARSE = 1
sparse switch ( value table present ) otherwise lowcase present
  SWI_V32 = 2
32-bit values in table
  SWI_J32 = 4
32-bit jump offsets
  SWI_VSPLIT = 8
value table is split (only for 32-bit values)
  SWI_DEFAULT = 16
default case is present
  SWI_DEF_IN_TBL = 32
default case is an entry in the jump table.
  SWI_JMP_INV = 64
jumptable is inversed (last entry is for first entry in values table)
  SWI_SHIFT_MASK = 384
use formula (element*shift + elbase) to find jump targets
  SWI_ELBASE = 512
elbase is present (if not and shift!=0, endof(jumpea) is used)
  SWI_JSIZE = 1024
jump offset expansion bit
  SWI_VSIZE = 2048
value table element size expansion bit
  SWI_SEPARATE = 4096
do not create an array of individual dwords
  SWI_SIGNED = 8192
jump table entries are signed
  SWI_CUSTOM = 16384
custom jump table.
  SWI_INDIRECT = 65536
value table elements are used as indexes into the jump table
  SWI_SUBTRACT = 131072
table values are subtracted from the elbase instead of being addded
  SWI_HXNOLOWCASE = 262144
lowcase value should not be used by the decompiler (internal flag)
  SWI_STDTBL = 524288
custom jump table with standard table formatting.
  SWI_DEFRET = 1048576
return in the default case (defjump==BADADDR)
  __package__ = None
Function Details

get_import_module_name(mod_index)

 

Returns the name of an imported module given its index

Returns: PyObject *
None or the module name

get_switch_info(ea)

 

Returns the a switch_info_t structure containing the information about the switch. Please refer to the SDK sample 'uiswitch'

Returns: PyObject *
None or switch_info_t instance

set_switch_info(ea, py_swi)

 

Saves the switch information in the database Please refer to the SDK sample 'uiswitch'

Returns: bool
Boolean

enum_import_names(mod_index, py_cb)

 

Enumerate imports from a specific module. Please refer to ex_imports.py example.

Parameters:
  • mod_index - The module index
  • callback - A callable object that will be invoked with an ea, name (could be None) and ordinal.
Returns: int
1-finished ok, -1 on error, otherwise callback return value (<=0)

Variables Details

SWI_DEF_IN_TBL

default case is an entry in the jump table. This flag is only applicable in the case of a sparse nonindirect switch (i.e. a switch with a values table). <jump table size> == <value table size> + 1. The default case entry is the last one in the table (or the first one in the case of an inversed jump table).

Value:
32

SWI_CUSTOM

custom jump table. \ph{create_switch_xrefs} will be called to create code xrefs for the table. Custom jump table must be created by the module (see also #SWI_STDTBL)

Value:
16384

SWI_STDTBL

custom jump table with standard table formatting. ATM IDA doesn't use SWI_CUSTOM for switches with standard table formatting. So this flag can be considered as obsolete.

Value:
524288