#----------------------------------------------------------------------------

#                T Y P E  L I B R A R I E S

#----------------------------------------------------------------------------

def LoadTil(name):

    """

    Load a type library

    @param name: name of type library.

    @return: 1-ok, 0-failed.

    """

    til = idaapi.add_til2(name, idaapi.ADDTIL_DEFAULT)

    if til:

        return 1

    else:

        return 0

def Til2Idb(idx, type_name):

    """

    Copy information from type library to database

    Copy structure, union, or enum definition from the type library

    to the IDA database.

    @param idx: the position of the new type in the list of

                types (structures or enums) -1 means at the end of the list

    @param type_name: name of type to copy

    @return: BADNODE-failed, otherwise the type id (structure id or enum id)

    """

    return idaapi.import_type(idaapi.cvar.idati, idx, type_name)

def GetType(ea):

    """

    Get type of function/variable

    @param ea: the address of the object

    @return: type string or None if failed

    """

    return idaapi.idc_get_type(ea)

def SizeOf(typestr):

    """

    Returns the size of the type. It is equivalent to IDC's sizeof().

    Use name, tp, fld = idc.ParseType() ; SizeOf(tp) to retrieve the size

    @return: -1 if typestring is not valid otherwise the size of the type

    """

    return idaapi.calc_type_size(idaapi.cvar.idati, typestr)

def GetTinfo(ea):

    """

    Get type information of function/variable as 'typeinfo' object

    @param ea: the address of the object

    @return: None on failure, or (type, fields) tuple.

    """

    return idaapi.idc_get_type_raw(ea)

def GetLocalTinfo(ordinal):

    """

    Get local type information as 'typeinfo' object

    @param ordinal:  slot number (1...NumberOfLocalTypes)

    @return: None on failure, or (type, fields, name) tuple.

    """

    return idaapi.idc_get_local_type_raw(ordinal)

def GuessType(ea):

    """

    Guess type of function/variable

    @param ea: the address of the object, can be the structure member id too

    @return: type string or None if failed

    """

    return idaapi.idc_guess_type(ea)

TINFO_GUESSED   = 0x0000 # this is a guessed type

TINFO_DEFINITE  = 0x0001 # this is a definite type

TINFO_DELAYFUNC = 0x0002 # if type is a function and no function exists at ea,

                            # schedule its creation and argument renaming to

                            # auto-analysis otherwise try to create it immediately

def ApplyType(ea, py_type, flags = TINFO_DEFINITE):

    """

    Apply the specified type to the address

    @param ti: Type info. 'idaapi.cvar.idati' can be passed.

    @param py_type: typeinfo tuple (type, fields) as GetTinfo() returns

                 or tuple (name, type, fields) as ParseType() returns

                 or None

                if specified as None, then the

                item associated with 'ea' will be deleted.

    @param ea: the address of the object

    @param flags: combination of TINFO_... constants or 0

    @return: Boolean

    """

    if py_type is None:

        py_type = ""

    if isinstance(py_type, basestring) and len(py_type) == 0:

        pt = ("", "")

    else:

        if len(py_type) == 3:

            pt = py_type[1:]      # skip name component

        else:

            pt = py_type

    return idaapi.apply_type(idaapi.cvar.idati, pt[0], pt[1], ea, flags)

def SetType(ea, newtype):

    """

    Set type of function/variable

    @param ea: the address of the object

    @param newtype: the type string in C declaration form.

                Must contain the closing ';'

                if specified as an empty string, then the

                item associated with 'ea' will be deleted.

    @return: 1-ok, 0-failed.

    """

    if newtype is not '':

        pt = ParseType(newtype, 1) # silent

        if pt is None:

            # parsing failed

            return None

    else:

        pt = None

    return ApplyType(ea, pt, TINFO_DEFINITE)

def ParseType(inputtype, flags):

    """

    Parse type declaration

    @param inputtype: file name or C declarations (depending on the flags)

    @param flags: combination of PT_... constants or 0

    @return: None on failure or (name, type, fields) tuple

    """

    if len(inputtype) != 0 and inputtype[-1] != ';':

        inputtype = inputtype + ';'

    return idaapi.idc_parse_decl(idaapi.cvar.idati, inputtype, flags)

def ParseTypes(inputtype, flags = 0):

    """

    Parse type declarations

    @param inputtype: file name or C declarations (depending on the flags)

    @param flags: combination of PT_... constants or 0

    @return: number of parsing errors (0 no errors)

    """

    return idaapi.idc_parse_types(inputtype, flags)

PT_FILE =   0x0001  # input if a file name (otherwise contains type declarations)

PT_SILENT = 0x0002  # silent mode

PT_PAKDEF = 0x0000  # default pack value

PT_PAK1 =   0x0010  # #pragma pack(1)

PT_PAK2 =   0x0020  # #pragma pack(2)

PT_PAK4 =   0x0030  # #pragma pack(4)

PT_PAK8 =   0x0040  # #pragma pack(8)

PT_PAK16 =  0x0050  # #pragma pack(16)

PT_HIGH  =  0x0080  # assume high level prototypes

                    # (with hidden args, etc)

PT_LOWER =  0x0100  # lower the function prototypes

def GetMaxLocalType():

    """

    Get number of local types + 1

    @return: value >= 1. 1 means that there are no local types.

    """

    return idaapi.get_ordinal_qty(idaapi.cvar.idati)

def SetLocalType(ordinal, input, flags):

    """

    Parse one type declaration and store it in the specified slot

    @param ordinal:  slot number (1...NumberOfLocalTypes)

                     -1 means allocate new slot or reuse the slot

                     of the existing named type

    @param input:  C declaration. Empty input empties the slot

    @param flags:  combination of PT_... constants or 0

    @return: slot number or 0 if error

    """

    return idaapi.idc_set_local_type(ordinal, input, flags)

def GetLocalType(ordinal, flags):

    """

    Retrieve a local type declaration

    @param flags: any of PRTYPE_* constants

    @return: local type as a C declaration or ""

    """

    (type, fields) = GetLocalTinfo(ordinal)

    if type:

        name = GetLocalTypeName(ordinal)

        return idaapi.idc_print_type(type, fields, name, flags)

    return ""

PRTYPE_1LINE  = 0x0000 # print to one line

PRTYPE_MULTI  = 0x0001 # print to many lines

PRTYPE_TYPE   = 0x0002 # print type declaration (not variable declaration)

PRTYPE_PRAGMA = 0x0004 # print pragmas for alignment

def GetLocalTypeName(ordinal):

    """

    Retrieve a local type name

    @param ordinal:  slot number (1...NumberOfLocalTypes)

    returns: local type name or None

T Y P E L I B R A R I E S库加载的更多相关文章

  1. 设置R启动时自动加载常用的包或函数

    在我前面的文章(http://www.cnblogs.com/homewch/p/5749850.html)中有提到R可以自定义启动环境,需要修改R安装文件中的ect文件夹下的配置文件Rprofile ...

  2. 用​M​y​E​c​l​i​p​s​e​ ​打​包​J​A​R文件

    用​M​y​E​c​l​i​p​s​e​ ​将自己定义标签打​成​J​A​R​包 1.新建一个javaproject 2.将标签有关的java代码拷贝到新建javaproject的一个包中,这时会报错 ...

  3. T​h​e​ ​v​a​l​u​e​ ​f​o​r​ ​t​h​e​ ​u​s​e​B​e​a​n​ ​c​l​a​s​s​ ​a​t​t​r​i​b​u​t​e​ ​i​s​ ​invalied

    JSP: T​h​e​ ​v​a​l​u​e​ ​f​o​r​ ​t​h​e​ ​u​s​e​B​e​a​n​ ​c​l​a​s​s​ ​a​t​t​r​i​b​u​t​e​ ​X​X​X​ ​i​s ...

  4. R(七): R开发实例-map热力图

    第四章通过REmap包完成基于map分布图示例,前面提到REmap基于Echart2.0, 一方面在移动终端适应效果差,另一方面REmap提供的热力图仅支持全国及省市大版块map,基于上面的原因,参考 ...

  5. R(四): R开发实例-map分布图

    前几章对R语言的运行原理.基本语法.数据类型.环境部署等基础知识作了简单介绍,本节将结合具体案例进行验证测试. 案例场景:从互联网下载全国三甲医院数据,以地图作为背景,展现各医院在地图上的分布图.全国 ...

  6. Ubuntu安装R及R包

    安装R $sudo apt-get update $sudo apt-get install r-base $sudo apt-get install r-base-dev 安装一些可能的依赖包 $s ...

  7. Linux环境下R和R包安装及其管理

    前言 R对windows使用很友好,对Linux来说充满了敌意.小数据可以在windows下交互操作,效果很好很棒.可是当我们要处理大数据,或者要在集群上搭建pipeline时,不得不面对在Linux ...

  8. R(八): R分词统计-老九门

    分析文本内容基本的步骤:提取文本中的词语 -> 统计词语频率 -> 词频属性可视化.词频:能反映词语在文本中的重要性,一般越重要的词语,在文本中出现的次数就会越多.词云:让词语的频率属性可 ...

  9. R(三): R包原理及安装

    包(package)是多个函数的集合,常作为分享代码的基本单元,代码封装成包可以方便其他用户使用.越来越多的R包正在由世界上不同的人所创建并分发,这些分发的R包,可以从CRAN 或 github 上获 ...

随机推荐

  1. Mac上的jdk

    最近装jdk从网上找到的资料: 一.以前版本的Mac自带了的JDK6,安装在目录:/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/下.* JDK7 ...

  2. MSSQL优化之————探索MSSQL执行计划

    最近总想整理下对MSSQL的一些理解与感悟,却一直没有心思和时间写,晚上无事便写了一篇探索MSSQL执行计划,本文讲执行计划但不仅限于讲执行计划. 网上的SQL优化的文章实在是很多,说实在的,我也曾经 ...

  3. day14: 生成器进阶

    1,复习,迭代器:双下方法很少直接调用,一般都是通过其他语法触发的:迭代器一定可迭代,可迭代的通过调用iter()方法皆可以得到一个迭代器. 迭代器很方便使用,所有的数据只可以取一次,节省内存空间.生 ...

  4. Rodrigues Formula

    https://en.wikipedia.org/wiki/Rodrigues%27_formula https://en.wikipedia.org/wiki/Rodrigues%27_rotati ...

  5. 结构体地址 字符串地址 数组地址 辨析 字符char是整型 内存地址

    小结: 1.函数传参中,结构体不同数组,结构体是传值,指针和数组是传地址:2.随声明顺序,指针变量的内存地址从低到高,其他从高到低:3.char c[]字符数组,即数组的一种:char *c字符指针, ...

  6. 遇到问题无法在线上 debug,难道只能通过加日志再重新发布吗? 线上遇到某个用户的数据处理有问题,但线上同样无法 debug,线下无法重现! 是否有一个全局视角来查看系统的运行状况? 有什么办法可以监控到JVM的实时运行状态?

    https://alibaba.github.io/arthas/ Arthas 是Alibaba开源的Java诊断工具,深受开发者喜爱. 当你遇到以下类似问题而束手无策时,Arthas可以帮助你解决 ...

  7. int 4 bytes

    http://waynewhitty.ie/blog-post.php?id=19 MySQL - INT(11) vs BIGINT(11) vs TINYINT(11) This seems to ...

  8. Ubuntu16.04开机蓝屏问题解决

    写在前面:本博客为本人原创,严禁任何形式的转载!本博客只允许放在博客园(.cnblogs.com),如果您在其他网站看到这篇博文,请通过下面这个唯一的合法链接转到原文! 本博客全网唯一合法URL:ht ...

  9. static的含义

    static的含义:(1)设置变量的存储域,函数体内static变量的作用范围为该函数体,不同于auto变量,该变量的内存只被分配一次,因此其值在下次调用时仍持上次的值:(2)限制变量的作用域,在模块 ...

  10. java中组合与聚合(聚集)的区别

    组合和聚合是有很大区别的,这个区别不是在形式上,而是在本质上:  组合:比如A类中包含B类的一个引用b,当A类的一个对象消亡时,b这个引用所指向的对象也同时消亡(没有任何一个引用指向它,成了垃圾对象) ...