Module ida_loader

IDA Plugin SDK API wrapper: loader

Classes
	idp_desc_t Proxy of C++ idp_desc_t class.
	idp_name_t Proxy of C++ idp_name_t class.
	loader_t Proxy of C++ loader_t class.
	plugin_info_t Proxy of C++ plugin_info_t class.
	qvector_snapshotvec_t Proxy of C++ qvector< snapshot_t * > class.
	snapshot_t Proxy of C++ snapshot_t class.

Functions

int

base2file(fp, pos, ea1, ea2)
Unload database to a binary file.

bool

build_snapshot_tree(root)
Build the snapshot tree.

clr_database_flag(dbfl)

PyObject *

extract_module_from_archive(fname, is_remote=False)
Extract a module for an archive file.

int

file2base(li, pos, ea1, ea2, patchable)
Load portion of file into the database.

plugin_t *

find_plugin(name, load_if_needed=False)
Find a user-defined plugin and optionally load it.

int

flush_buffers()
Flush buffers to the disk.

int

gen_exe_file(fp)
Generate an exe file (unload the database in binary form).

int

gen_file(otype, fp, ea1, ea2, flags)
Generate an output file.

filetype_t

get_basic_file_type(li)
Get the input file type.

char const *

get_elf_debug_file_directory()
Get the value of the ELF_DEBUG_FILE_DIRECTORY configuration directive.

str

get_file_type_name()
Get name of the current file type.

ea_t

get_fileregion_ea(offset)
Get linear address which corresponds to the specified input file offset.

qoff64_t

get_fileregion_offset(ea)
Get offset in the input file which corresponds to the given ea.

char const *

get_path(pt)
Get the file path

char const *

get_plugin_options(plugin)
Get plugin options from the command line.

bool

is_database_flag(dbfl)
Get the current database flag

bool

is_trusted_idb()
Is the database considered as trusted?

bool

load_and_run_plugin(name, arg)
Load & run a plugin.

bool

load_binary_file(filename, li, _neflags, fileoff, basepara, binoff, nbytes)
Load a binary file into the database.

int

load_ids_module(fname)
Load and apply IDS file.

PyObject *

load_plugin(name)
Loads a plugin

int

mem2base(py_mem, ea, fpos=-1)
Load database from the memory.

str

process_archive(temp_file, li, module_name, neflags, defmember, loader)
Calls 'loader_t::process_archive()' For parameters and return value description look at 'loader_t::process_archive()' .

bool

reload_file(file, is_remote)
Reload the input file.

bool

run_plugin(plg, arg)
Runs a plugin

bool

save_database(outfile, flags, root=None, attr=None)
Save current database using a new file name.when both root and attr are not NULL then the snapshot attributes will be updated, otherwise the snapshot attributes will be inherited from the current database.

set_database_flag(dbfl, cnd=True)
Set or clear database flag

set_path(pt, path)
Set the file path

Variables
	ACCEPT_ARCHIVE = `8192`
	ACCEPT_CONTINUE = `16384`
	ACCEPT_FIRST = `32768`
	DBFL_BAK = `4`
	DBFL_COMP = `2`
	DBFL_KILL = `1`
	DBFL_TEMP = `8`
	DLLEXT = `'so'`
	FILEREG_NOTPATCHABLE = `0`
	FILEREG_PATCHABLE = `1`
	GENFLG_ASMINC = `64`
	GENFLG_ASMTYPE = `16`
	GENFLG_GENHTML = `32`
	GENFLG_IDCTYPE = `8`
	GENFLG_MAPDMNG = `4`
	GENFLG_MAPLOC = `8`
	GENFLG_MAPNAME = `2`
	GENFLG_MAPSEG = `1`
	IDP_DLL = `'*.so'`
	LDRF_RELOAD = `1`
	LDRF_REQ_PROC = `2`
	LOADER_DLL = `'*.so'`
	MAX_DATABASE_DESCRIPTION = `128`
	MODULE_ENTRY_IDP = `'_LPH'`
	MODULE_ENTRY_LOADER = `'_LDSC'`
	MODULE_ENTRY_PLUGIN = `'_PLUGIN'`
	NEF_CODE = `256`
	NEF_FILL = `16`
	NEF_FIRST = `128`
	NEF_FLAT = `1024`
	NEF_IMPS = `32`
	NEF_LALL = `8192`
	NEF_LOPT = `4096`
	NEF_MAN = `8`
	NEF_MINI = `2048`
	NEF_NAME = `4`
	NEF_RELOAD = `512`
	NEF_RSCS = `2`
	NEF_SEGS = `1`
	OFILE_ASM = `4`
	OFILE_DIF = `5`
	OFILE_EXE = `1`
	OFILE_IDC = `2`
	OFILE_LST = `3`
	OFILE_MAP = `0`
	PATH_TYPE_CMD = `0`
	PATH_TYPE_ID0 = `2`
	PATH_TYPE_IDB = `1`
	PLUGIN_DLL = `'*.so'`
	SSF_AUTOMATIC = `1`
	SSUF_DESC = `1`
	SSUF_FLAGS = `4`
	SSUF_PATH = `2`
	SWIG_PYTHON_LEGACY_BOOL = `1`
	__package__ = `None`

Function Details

base2file(fp, pos, ea1, ea2)

Unload database to a binary file. This function works for wide byte processors too.

Parameters:

fp - pointer to file (C++: FILE *)
pos - position in the file (C++: qoff64_t)
ea1 - range of source linear addresses (C++: ea_t)
ea2 - range of source linear addresses (C++: ea_t)

Returns: int

1-ok(always), write error leads to immediate exit

build_snapshot_tree(root)

Build the snapshot tree.

Parameters:

root - snapshot root that will contain the snapshot tree elements. (C++: snapshot_t *)

Returns: bool

success

extract_module_from_archive(fname, is_remote=False)

Extract a module for an archive file. Parse an archive file, show the list of modules to the user, allow him to select a module, extract the selected module to a file (if the extract module is an archive, repeat the process). This function can handle ZIP, AR, AIXAR, OMFLIB files. The temporary file will be automatically deleted by IDA at the end.

Parameters:

is_remote - is the input file remote? (C++: bool)

Returns: PyObject *

file2base(li, pos, ea1, ea2, patchable)

Load portion of file into the database. This function will include (ea1..ea2) into the addressing space of the program (make it enabled)

Parameters:

li - pointer of input source (C++: linput_t *)
pos - position in the file (C++: qoff64_t)
ea1 - range of destination linear addresses (C++: ea_t)
ea2 - range of destination linear addresses (C++: ea_t)
patchable - should the kernel remember correspondence of file offsets to linear addresses. (C++: int)

Returns: int

find_plugin(name, load_if_needed=False)

Find a user-defined plugin and optionally load it.

Parameters:

name - short plugin name without path and extension, or absolute path to the file name (C++: const char *)
load_if_needed - if the plugin is not present in the memory, try to load it (C++: bool)

Returns: plugin_t *

pointer to plugin description block

gen_exe_file(fp)

Generate an exe file (unload the database in binary form).

Parameters:

fp, (C++ - FILE *)

Returns: int

fp the output file handle. if fp == NULL then return: 1: can generate an executable file 0: can't generate an executable file

gen_file(otype, fp, ea1, ea2, flags)

Generate an output file. 'OFILE_EXE' :

Parameters:

otype - type of output file. (C++: ofile_type_t)
fp - the output file handle (C++: FILE *)
ea1 - start address. For some file types this argument is ignored (C++: ea_t)
ea2 - end address. For some file types this argument is ignored as usual in ida, the end address of the range is not included (C++: ea_t)
flags - Generate file flags (C++: int)

Returns: int

number of the generated lines. -1 if an error occurred

get_basic_file_type(li)

Get the input file type. This function can recognize libraries and zip files.

Parameters:

li, (C++ - linput_t *)

Returns: filetype_t

get_file_type_name()

Get name of the current file type. The current file type is kept in \inf{filetype}.

Returns: str: size of answer, this function always succeeds

get_fileregion_ea(offset)

Get linear address which corresponds to the specified input file offset. If can't be found, return 'BADADDR'

Parameters:

offset, (C++ - qoff64_t)

Returns: ea_t

get_fileregion_offset(ea)

Get offset in the input file which corresponds to the given ea. If the specified ea can't be mapped into the input file offset, return -1.

Parameters:

ea, (C++ - ea_t)

Returns: qoff64_t

get_path(pt)

Get the file path

Parameters:

pt - file path type Types of the file pathes (C++: path_type_t)

Returns: char const *

file path, never returns NULL

get_plugin_options(plugin)

Get plugin options from the command line. If the user has specified the options in the -Oplugin_name:options format, them this function will return the 'options' part of it The 'plugin' parameter should denote the plugin name Returns NULL if there we no options specified

Parameters:

plugin, (C++ - const char *)

Returns: char const *

is_database_flag(dbfl)

Get the current database flag

Parameters:

dbfl - flag Database flags (C++: uint32)

Returns: bool

the state of the flag (set or cleared)

load_and_run_plugin(name, arg)

Load & run a plugin.

Parameters:

name, (C++ - const char *)
arg, (C++ - size_t)

Returns: bool

load_binary_file(filename, li, _neflags, fileoff, basepara, binoff, nbytes)

Load a binary file into the database. This function usually is called from ui.

Parameters:

filename - the name of input file as is (if the input file is from library, then this is the name from the library) (C++: const char *)
li - loader input source (C++: linput_t *)
_neflags - Load file flags . For the first file, the flag NEF_FIRST must be set. (C++: ushort)
fileoff - Offset in the input file (C++: qoff64_t)
basepara - Load address in paragraphs (C++: ea_t)
binoff - Load offset (load_address=(basepara<<4)+binoff) (C++: ea_t)
nbytes - Number of bytes to load from the file. 0: up to the end of the file (C++: uint64)

Returns: bool

load_ids_module(fname)

Load and apply IDS file. This function loads the specified IDS file and applies it to the database. If the program imports functions from a module with the same name as the name of the ids file being loaded, then only functions from this module will be affected. Otherwise (i.e. when the program does not import a module with this name) any function in the program may be affected.

Parameters:

fname - name of file to apply (C++: char *)

Returns: int

load_plugin(name)

Loads a plugin

Returns: PyObject *

None if plugin could not be loaded
An opaque object representing the loaded plugin

mem2base(py_mem, ea, fpos=-1)

Load database from the memory.

Parameters:

mem - the buffer
ea - start linear addresses
fpos - position in the input file the data is taken from. if == -1, then no file position correspond to the data.

Returns: int

Returns zero if the passed buffer was not a string
Otherwise 1 is returned

process_archive(temp_file, li, module_name, neflags, defmember, loader)

Calls 'loader_t::process_archive()' For parameters and return value description look at 'loader_t::process_archive()' . Additional parameter:

Parameters:

temp_file, (C++ - qstring *)
li, (C++ - linput_t *)
module_name, (C++ - qstring *)
neflags, (C++ - ushort *)
defmember, (C++ - const char *)
loader - pointer to load_info_t structure. (C++: const load_info_t *)

Returns: str

reload_file(file, is_remote)

Reload the input file. This function reloads the byte values from the input file. It doesn't modify the segmentation, names, comments, etc.

Parameters:

file - name of the input file. if file == NULL then returns: 1: can reload the input file 0: can't reload the input file (C++: const char *)
is_remote - is the file located on a remote computer with the debugger server? (C++: bool)

Returns: bool

success

run_plugin(plg, arg)

Runs a plugin

Parameters:

plg - A plugin object (returned by load_plugin())

Returns: bool

Boolean

save_database(outfile, flags, root=None, attr=None)

Save current database using a new file name.when both root and attr are not NULL then the snapshot attributes will be updated, otherwise the snapshot attributes will be inherited from the current database.

Parameters:

outfile - output database file name (C++: const char *)
flags - Database flags (C++: uint32)
root - optional: snapshot tree root. (C++: const snapshot_t *)
attr - optional: snapshot attributes (C++: const snapshot_t *)

Returns: bool

success

set_database_flag(dbfl, cnd=True)

Set or clear database flag

Parameters:

dbfl - flag Database flags (C++: uint32)
cnd - set if true or clear flag otherwise (C++: bool)

set_path(pt, path)

Set the file path

Parameters:

pt - file path type Types of the file pathes (C++: path_type_t)
path - new file path, use NULL or empty string to clear the file path (C++: const char *)