several unclear things
223 views
Skip to first unread message
kr.d...@gmail.com
Oct 10, 2017, 5:02:18 PM10/10/17
to idapython
Hi.
I have some issues for IDAPython.
[Bugs]
1. To get the second operand for 'imul' instruction, we need to give operand index 2, not 1.
2. bb.preds() always returns empty list.
[Questions]
1. mov [rsp+18h+var_18], eax
Why does IDAPython sometimes say that the type of [rsp+18h+var_18] is idc.o_phrase, instead of idc.o_displ?
Could you give me the references for the difference between idc.o_phrase and idc.o_displ?
2. What is the meaning or definition of return values of idc.get_operand_value() for each type?
3. I've heard that there was some change in naming convention. (CamelCase -> snake_case)
Why does latest IDAPython still have CamelCase functions like idc.GetMnem?
Elias Bachaalany
Oct 10, 2017, 8:19:21 PM10/10/17
to idap...@googlegroups.com
What IDA and IDAPython versions are you using?
Sent from my iPhone
Sent from my iPhone
--
You received this message because you are subscribed to the Google Groups "idapython" group.
To unsubscribe from this group and stop receiving emails from it, send an email to idapython+...@googlegroups.com.
To post to this group, send email to idap...@googlegroups.com.
Visit this group at https://groups.google.com/group/idapython.
For more options, visit https://groups.google.com/d/optout.
DoHyeok Kim
Oct 11, 2017, 3:43:10 AM10/11/17
to idap...@googlegroups.com
I tested bugs on 6.8x ~ 7.x.
2017년 10월 11일 (수) 오전 9:19, Elias Bachaalany <elias.ba...@gmail.com>님이 작성:
You received this message because you are subscribed to a topic in the Google Groups "idapython" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/idapython/cUg-hJH7WuE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to idapython+...@googlegroups.com.
kr.d...@gmail.com
Oct 12, 2017, 1:59:26 PM10/12/17
to idapython
Well, if there is anyone who thinks that these are not bugs, please let me know my mistakes.
2017년 10월 11일 수요일 오전 6시 2분 18초 UTC+9, kr.d...@gmail.com 님의 말:
2017년 10월 11일 수요일 오전 6시 2분 18초 UTC+9, kr.d...@gmail.com 님의 말:
Message has been deleted
kr.d...@gmail.com
Oct 12, 2017, 5:36:55 PM10/12/17
to idapython
[To reproduce bugs]
1. To get the second operand for 'imul' instruction, we need to give operand index 2, not 1.
Step 1.
Open any binary
Step 2.
Run inline script:
map(lambda f: map(lambda ea: '{:x}'.format(ea), filter(lambda ea: idc.GetMnem(ea) == 'imul', idautils.Heads(f.startEA, f.endEA))), map(lambda f_ea: idaapi.get_func(f_ea), idautils.Functions()))
Step 3.
Jump to any 'imul' instruction by clicking beautified ea.
Step 4.
Compare the results of these inline script:
a. idc.GetOpnd(idc.ScreenEA(), 1) --> empty string
b. idc.GetOpnd(idc.ScreenEA(), 2) --> expected value
2. bb.preds() always returns empty list.
Step 1.
Open any binary
Step 2.
Compare the results of these inline script:
a. map(lambda bbs: map(lambda bb: list(bb.succs()), bbs), map(lambda f_ea: idaapi.FlowChart(idaapi.get_func(f_ea)), idautils.Functions())) --> tons of basic blocks
b. map(lambda bbs: map(lambda bb: list(bb.preds()), bbs), map(lambda f_ea: idaapi.FlowChart(idaapi.get_func(f_ea)), idautils.Functions())) --> tons of empty lists
2017년 10월 13일 금요일 오전 2시 59분 26초 UTC+9, kr.d...@gmail.com 님의 말:
Reply all
Reply to author
Forward
0 new messages