#----------------------------------------------------------------------------

#                T Y P E  L I B R A R I E S

#----------------------------------------------------------------------------

def LoadTil(name):

    """

    Load a type library

    @param name: name of type library.

    @return: 1-ok, 0-failed.

    """

    til = idaapi.add_til2(name, idaapi.ADDTIL_DEFAULT)

    if til:

        return 1

    else:

        return 0

def Til2Idb(idx, type_name):

    """

    Copy information from type library to database

    Copy structure, union, or enum definition from the type library

    to the IDA database.

    @param idx: the position of the new type in the list of

                types (structures or enums) -1 means at the end of the list

    @param type_name: name of type to copy

    @return: BADNODE-failed, otherwise the type id (structure id or enum id)

    """

    return idaapi.import_type(idaapi.cvar.idati, idx, type_name)

def GetType(ea):

    """

    Get type of function/variable

    @param ea: the address of the object

    @return: type string or None if failed

    """

    return idaapi.idc_get_type(ea)

def SizeOf(typestr):

    """

    Returns the size of the type. It is equivalent to IDC's sizeof().

    Use name, tp, fld = idc.ParseType() ; SizeOf(tp) to retrieve the size

    @return: -1 if typestring is not valid otherwise the size of the type

    """

    return idaapi.calc_type_size(idaapi.cvar.idati, typestr)

def GetTinfo(ea):

    """

    Get type information of function/variable as 'typeinfo' object

    @param ea: the address of the object

    @return: None on failure, or (type, fields) tuple.

    """

    return idaapi.idc_get_type_raw(ea)

def GetLocalTinfo(ordinal):

    """

    Get local type information as 'typeinfo' object

    @param ordinal:  slot number (1...NumberOfLocalTypes)

    @return: None on failure, or (type, fields, name) tuple.

    """

    return idaapi.idc_get_local_type_raw(ordinal)

def GuessType(ea):

    """

    Guess type of function/variable

    @param ea: the address of the object, can be the structure member id too

    @return: type string or None if failed

    """

    return idaapi.idc_guess_type(ea)

TINFO_GUESSED   = 0x0000 # this is a guessed type

TINFO_DEFINITE  = 0x0001 # this is a definite type

TINFO_DELAYFUNC = 0x0002 # if type is a function and no function exists at ea,

                            # schedule its creation and argument renaming to

                            # auto-analysis otherwise try to create it immediately

def ApplyType(ea, py_type, flags = TINFO_DEFINITE):

    """

    Apply the specified type to the address

    @param ti: Type info. 'idaapi.cvar.idati' can be passed.

    @param py_type: typeinfo tuple (type, fields) as GetTinfo() returns

                 or tuple (name, type, fields) as ParseType() returns

                 or None

                if specified as None, then the

                item associated with 'ea' will be deleted.

    @param ea: the address of the object

    @param flags: combination of TINFO_... constants or 0

    @return: Boolean

    """

    if py_type is None:

        py_type = ""

    if isinstance(py_type, basestring) and len(py_type) == 0:

        pt = ("", "")

    else:

        if len(py_type) == 3:

            pt = py_type[1:]      # skip name component

        else:

            pt = py_type

    return idaapi.apply_type(idaapi.cvar.idati, pt[0], pt[1], ea, flags)

def SetType(ea, newtype):

    """

    Set type of function/variable

    @param ea: the address of the object

    @param newtype: the type string in C declaration form.

                Must contain the closing ';'

                if specified as an empty string, then the

                item associated with 'ea' will be deleted.

    @return: 1-ok, 0-failed.

    """

    if newtype is not '':

        pt = ParseType(newtype, 1) # silent

        if pt is None:

            # parsing failed

            return None

    else:

        pt = None

    return ApplyType(ea, pt, TINFO_DEFINITE)

def ParseType(inputtype, flags):

    """

    Parse type declaration

    @param inputtype: file name or C declarations (depending on the flags)

    @param flags: combination of PT_... constants or 0

    @return: None on failure or (name, type, fields) tuple

    """

    if len(inputtype) != 0 and inputtype[-1] != ';':

        inputtype = inputtype + ';'

    return idaapi.idc_parse_decl(idaapi.cvar.idati, inputtype, flags)

def ParseTypes(inputtype, flags = 0):

    """

    Parse type declarations

    @param inputtype: file name or C declarations (depending on the flags)

    @param flags: combination of PT_... constants or 0

    @return: number of parsing errors (0 no errors)

    """

    return idaapi.idc_parse_types(inputtype, flags)

PT_FILE =   0x0001  # input if a file name (otherwise contains type declarations)

PT_SILENT = 0x0002  # silent mode

PT_PAKDEF = 0x0000  # default pack value

PT_PAK1 =   0x0010  # #pragma pack(1)

PT_PAK2 =   0x0020  # #pragma pack(2)

PT_PAK4 =   0x0030  # #pragma pack(4)

PT_PAK8 =   0x0040  # #pragma pack(8)

PT_PAK16 =  0x0050  # #pragma pack(16)

PT_HIGH  =  0x0080  # assume high level prototypes

                    # (with hidden args, etc)

PT_LOWER =  0x0100  # lower the function prototypes

def GetMaxLocalType():

    """

    Get number of local types + 1

    @return: value >= 1. 1 means that there are no local types.

    """

    return idaapi.get_ordinal_qty(idaapi.cvar.idati)

def SetLocalType(ordinal, input, flags):

    """

    Parse one type declaration and store it in the specified slot

    @param ordinal:  slot number (1...NumberOfLocalTypes)

                     -1 means allocate new slot or reuse the slot

                     of the existing named type

    @param input:  C declaration. Empty input empties the slot

    @param flags:  combination of PT_... constants or 0

    @return: slot number or 0 if error

    """

    return idaapi.idc_set_local_type(ordinal, input, flags)

def GetLocalType(ordinal, flags):

    """

    Retrieve a local type declaration

    @param flags: any of PRTYPE_* constants

    @return: local type as a C declaration or ""

    """

    (type, fields) = GetLocalTinfo(ordinal)

    if type:

        name = GetLocalTypeName(ordinal)

        return idaapi.idc_print_type(type, fields, name, flags)

    return ""

PRTYPE_1LINE  = 0x0000 # print to one line

PRTYPE_MULTI  = 0x0001 # print to many lines

PRTYPE_TYPE   = 0x0002 # print type declaration (not variable declaration)

PRTYPE_PRAGMA = 0x0004 # print pragmas for alignment

def GetLocalTypeName(ordinal):

    """

    Retrieve a local type name

    @param ordinal:  slot number (1...NumberOfLocalTypes)

    returns: local type name or None

T Y P E L I B R A R I E S库加载的更多相关文章

  1. 设置R启动时自动加载常用的包或函数

    在我前面的文章(http://www.cnblogs.com/homewch/p/5749850.html)中有提到R可以自定义启动环境,需要修改R安装文件中的ect文件夹下的配置文件Rprofile ...

  2. 用​M​y​E​c​l​i​p​s​e​ ​打​包​J​A​R文件

    用​M​y​E​c​l​i​p​s​e​ ​将自己定义标签打​成​J​A​R​包 1.新建一个javaproject 2.将标签有关的java代码拷贝到新建javaproject的一个包中,这时会报错 ...

  3. T​h​e​ ​v​a​l​u​e​ ​f​o​r​ ​t​h​e​ ​u​s​e​B​e​a​n​ ​c​l​a​s​s​ ​a​t​t​r​i​b​u​t​e​ ​i​s​ ​invalied

    JSP: T​h​e​ ​v​a​l​u​e​ ​f​o​r​ ​t​h​e​ ​u​s​e​B​e​a​n​ ​c​l​a​s​s​ ​a​t​t​r​i​b​u​t​e​ ​X​X​X​ ​i​s ...

  4. R(七): R开发实例-map热力图

    第四章通过REmap包完成基于map分布图示例,前面提到REmap基于Echart2.0, 一方面在移动终端适应效果差,另一方面REmap提供的热力图仅支持全国及省市大版块map,基于上面的原因,参考 ...

  5. R(四): R开发实例-map分布图

    前几章对R语言的运行原理.基本语法.数据类型.环境部署等基础知识作了简单介绍,本节将结合具体案例进行验证测试. 案例场景:从互联网下载全国三甲医院数据,以地图作为背景,展现各医院在地图上的分布图.全国 ...

  6. Ubuntu安装R及R包

    安装R $sudo apt-get update $sudo apt-get install r-base $sudo apt-get install r-base-dev 安装一些可能的依赖包 $s ...

  7. Linux环境下R和R包安装及其管理

    前言 R对windows使用很友好,对Linux来说充满了敌意.小数据可以在windows下交互操作,效果很好很棒.可是当我们要处理大数据,或者要在集群上搭建pipeline时,不得不面对在Linux ...

  8. R(八): R分词统计-老九门

    分析文本内容基本的步骤:提取文本中的词语 -> 统计词语频率 -> 词频属性可视化.词频:能反映词语在文本中的重要性,一般越重要的词语,在文本中出现的次数就会越多.词云:让词语的频率属性可 ...

  9. R(三): R包原理及安装

    包(package)是多个函数的集合,常作为分享代码的基本单元,代码封装成包可以方便其他用户使用.越来越多的R包正在由世界上不同的人所创建并分发,这些分发的R包,可以从CRAN 或 github 上获 ...

随机推荐

  1. vue进阶用法-深入响应式原理

    异步更新队列 当vue异步执行更新DOM时,只要观察到数据变化,vue经开启一个队列,并缓冲在同一时间循环中发生的所有数据改变.如果同一个watch被多次触发,只会一次推入到队列中.然后在下一个事件循 ...

  2. [No0000162]如何不靠运气致富|来自硅谷著名天使投资人的40条致富经

    1. Seek wealth, not money or status. Wealth is having assets that earn while you sleep. Money is how ...

  3. 深度学习中将类别标签映射到one_hot向量

    有时我们的样本标签,都是标记从0开始直至到类别的个数.在模型训练的时候,这些标签需要变成one_hot向量,这样才能够跟softmax出来的概率做互熵损失,计算loss. 那么,映射的方法如下: de ...

  4. iOS调用第三方导航和线路规划

    线路规划: https://blog.csdn.net/qq_19979539/article/details/51938995 百度地图:baidumap: 高德地图:iosamap: 腾讯地图:q ...

  5. c#加"\n\r"不换行,变成字符串

    质检模块,本想将每个错误分行, 比如:lyrerrormess += lyrname + "图层" + "缺少" + xmlFieldName + " ...

  6. DBCHART

    dbchart1.Series[0].DataSource := adoquery1; dbchart1.Series[0].XLabelsSource := 'aaaa'; dbchart1.Ser ...

  7. 转:Eclipse快捷键和实用技巧

    原文地址:Eclipse快捷键和实用技巧 工欲善其事,必先利其器.对于程序员来说,Eclipse便是其中的一个“器”.本文会从Eclipse快捷键和实用技巧这两个篇章展开介绍.Eclipse快捷键用熟 ...

  8. Anaconda 虚拟环境安装及应用

    首先要安装Anaconda 下载网址:https://www.anaconda.com/distribution/#download-section      Miniconda下载网址:https: ...

  9. 并查集——合作网络D306

    合作网络D306             运行时间限制:1000ms: 运行空间限制:51200KB: 试题描述 有n个结点,初始时每个结点的父结点都不存在.你的任务是执行若干次Set操作和Query ...

  10. spring学习(03)之bean实例化的三种方式

    bean实体例化的三种方式 在spring中有三中实例化bean的方式: 一.使用构造器实例化:(通常使用的一个方法,重点) 二.使用静态工厂方法实例化: 三.使用实例化工厂方法实例化 第一种.使用构 ...