IDA C++ SDK 9.2
Loading...
Searching...
No Matches
idp.hpp File Reference

Contains definition of the interface to IDP modules. More...

Go to the source code of this file.

Classes

struct  bytes_t
 Structure used to describe byte streams (for "ret" instruction and empirics) More...
struct  instruc_t
 Internal representation of processor instructions. More...
struct  asm_t
 Describes the target assembler. More...
struct  event_listener_t
struct  processor_t
 Describes a processor module (IDP). More...
struct  ignore_micro_t
struct  modctx_t
struct  procmod_t
struct  plugmod_t
struct  reg_info_t
 Get register number and size from register name. More...
struct  reg_access_t
 Information about a register accessed by an instruction. More...
struct  reg_accesses_t

Namespaces

namespace  idb_event
 IDB event group.

Typedefs

typedef qvector< reg_info_treginfovec_t
 vector of register info objects
typedef qvector< reg_access_treg_access_vec_t

Enumerations

enum  setproc_level_t { SETPROC_IDB = 0 , SETPROC_LOADER = 1 , SETPROC_LOADER_NON_FATAL = 2 , SETPROC_USER = 3 }
 Flags passed as 'level' parameter to set_processor_type() More...
enum  local_type_change_t {
  LTC_NONE , LTC_ADDED , LTC_DELETED , LTC_EDITED ,
  LTC_ALIASED , LTC_COMPILER , LTC_TIL_LOADED , LTC_TIL_UNLOADED ,
  LTC_TIL_COMPACTED
}
enum  idb_event::event_code_t {
  idb_event::closebase , idb_event::savebase , idb_event::upgraded , idb_event::auto_empty ,
  idb_event::auto_empty_finally , idb_event::determined_main , idb_event::extlang_changed , idb_event::idasgn_loaded ,
  idb_event::kernel_config_loaded , idb_event::loader_finished , idb_event::flow_chart_created , idb_event::compiler_changed ,
  idb_event::changing_ti , idb_event::ti_changed , idb_event::changing_op_ti , idb_event::op_ti_changed ,
  idb_event::changing_op_type , idb_event::op_type_changed , idb_event::segm_added , idb_event::deleting_segm ,
  idb_event::segm_deleted , idb_event::changing_segm_start , idb_event::segm_start_changed , idb_event::changing_segm_end ,
  idb_event::segm_end_changed , idb_event::changing_segm_name , idb_event::segm_name_changed , idb_event::changing_segm_class ,
  idb_event::segm_class_changed , idb_event::segm_attrs_updated , idb_event::segm_moved , idb_event::allsegs_moved ,
  idb_event::func_added , idb_event::func_updated , idb_event::set_func_start , idb_event::set_func_end ,
  idb_event::deleting_func , idb_event::frame_deleted , idb_event::thunk_func_created , idb_event::func_tail_appended ,
  idb_event::deleting_func_tail , idb_event::func_tail_deleted , idb_event::tail_owner_changed , idb_event::func_noret_changed ,
  idb_event::stkpnts_changed , idb_event::updating_tryblks , idb_event::tryblks_updated , idb_event::deleting_tryblks ,
  idb_event::sgr_changed , idb_event::make_code , idb_event::make_data , idb_event::destroyed_items ,
  idb_event::renamed , idb_event::byte_patched , idb_event::changing_cmt , idb_event::cmt_changed ,
  idb_event::changing_range_cmt , idb_event::range_cmt_changed , idb_event::extra_cmt_changed , idb_event::item_color_changed ,
  idb_event::callee_addr_changed , idb_event::bookmark_changed , idb_event::sgr_deleted , idb_event::adding_segm ,
  idb_event::func_deleted , idb_event::dirtree_mkdir , idb_event::dirtree_rmdir , idb_event::dirtree_link ,
  idb_event::dirtree_move , idb_event::dirtree_rank , idb_event::dirtree_rminode , idb_event::dirtree_segm_moved ,
  idb_event::local_types_changed , idb_event::lt_udm_created , idb_event::lt_udm_deleted , idb_event::lt_udm_renamed ,
  idb_event::lt_udm_changed , idb_event::lt_udt_expanded , idb_event::frame_created , idb_event::frame_udm_created ,
  idb_event::frame_udm_deleted , idb_event::frame_udm_renamed , idb_event::frame_udm_changed , idb_event::frame_expanded ,
  idb_event::idasgn_matched_ea , idb_event::lt_edm_created , idb_event::lt_edm_deleted , idb_event::lt_edm_renamed ,
  idb_event::lt_edm_changed , idb_event::local_type_renamed
}
 IDB event codes. More...

Functions

THREAD_SAFE bool has_cf_chg (uint32 feature, uint opnum)
 Does an instruction with the specified feature modify the i-th operand?
THREAD_SAFE bool has_cf_use (uint32 feature, uint opnum)
 Does an instruction with the specified feature use a value of the i-th operand?
idaman bool ida_export has_insn_feature (uint16 icode, uint32 bit)
 Does the specified instruction have the specified feature?
idaman bool ida_export is_call_insn (const insn_t &insn)
 Is the instruction a "call"?
idaman bool ida_export is_ret_insn (const insn_t &insn, uchar flags=IRI_STRICT)
idaman bool ida_export is_indirect_jump_insn (const insn_t &insn)
 Is the instruction an indirect jump?
idaman bool ida_export is_basic_block_end (const insn_t &insn, bool call_insn_stops_block)
 Is the instruction the end of a basic block?
 CASSERT (sizeof(asm_t)==416)
idaman bool ida_export hook_event_listener (hook_type_t hook_type, event_listener_t *cb, const void *owner, int hkcb_flags=0)
 Install an event listener.
idaman bool ida_export unhook_event_listener (hook_type_t hook_type, event_listener_t *cb)
 Uninstall an event listener.
idaman void ida_export remove_event_listener (event_listener_t *cb)
 remove all hooks in all databases for specified event_listener object
 CASSERT (sizeof(processor_t)==144)
idaman processor_t *ida_export get_ph ()
idaman asm_t *ida_export get_ash ()
idaman ea_helper_t *ida_export get_eah ()
idaman hexdsp_t *ida_export get_hexdsp ()
idaman int ida_export str2reg (const char *p)
 Get any register number (-1 on error)
idaman int ida_export is_align_insn (ea_t ea)
 If the instruction at 'ea' looks like an alignment instruction, return its length in bytes.
idaman ssize_t ida_export get_reg_name (qstring *buf, int reg, size_t width, int reghi=-1)
 Get text representation of a register.
 DECLARE_TYPE_AS_MOVABLE (reg_info_t)
idaman bool ida_export parse_reg_name (reg_info_t *ri, const char *regname)
 Get register info by name.
enum access_type_t ENUM_SIZE (uchar)
 Possible memory and register access types.
 DECLARE_TYPE_AS_MOVABLE (reg_access_t)
idaman bool ida_export set_processor_type (const char *procname, setproc_level_t level)
 Set target processor type.
idaman char *ida_export get_idp_name (char *buf, size_t bufsize)
 Get name of the current processor module.
idaman bool ida_export set_target_assembler (int asmnum)
 Set target assembler.
void gen_idb_event (idb_event::event_code_t code,...)
 the kernel will use this function to generate idb_events
idaman void *ida_export set_module_data (int *data_id, void *data_ptr)
 Starting from IDA v7.5 all modules should use the following 3 functions to handle idb specific static data because now the kernel supports opening and working with multiple idbs files simultaneously.
idaman void *ida_export clr_module_data (int data_id)
 Unregister pointer to database specific module data.
idaman void *ida_export get_module_data (int data_id)
 Get pointer to the database specific module data.

Detailed Description

Contains definition of the interface to IDP modules.

The interface consists of two structures:

  • definition of target assembler: ::ash
  • definition of current processor: ::ph

These structures contain information about target processor and assembler features.

It also defines two groups of kernel events:

The processor related events are used to communicate with the processor module. The database related events are used to inform any interested parties, like plugins or processor modules, about the changes in the database.

Typedef Documentation

◆ reginfovec_t

typedef qvector<reg_info_t> reginfovec_t

vector of register info objects

◆ reg_access_vec_t

typedef qvector<reg_access_t> reg_access_vec_t

Enumeration Type Documentation

◆ setproc_level_t

enum setproc_level_t

Flags passed as 'level' parameter to set_processor_type()

Enumerator
SETPROC_IDB 

set processor type for old idb

SETPROC_LOADER 

set processor type for new idb; if the user has specified a compatible processor, return success without changing it.

if failure, call loader_failure()

SETPROC_LOADER_NON_FATAL 

the same as SETPROC_LOADER but non-fatal failures.

SETPROC_USER 

set user-specified processor used for -p and manual processor change at later time

◆ local_type_change_t

enum local_type_change_t
Enumerator
LTC_NONE 

no event (internal use)

LTC_ADDED 

added a local type

LTC_DELETED 

deleted a local type

LTC_EDITED 

edited a local type

LTC_ALIASED 

added a type alias

LTC_COMPILER 

changed the compiler and calling convention

LTC_TIL_LOADED 

loaded a til file

LTC_TIL_UNLOADED 

unloaded a til file

LTC_TIL_COMPACTED 

numbered types have been compacted compact_numbered_types()

Function Documentation

◆ has_cf_chg()

THREAD_SAFE bool has_cf_chg ( uint32 feature,
uint opnum )
inline

Does an instruction with the specified feature modify the i-th operand?

◆ has_cf_use()

THREAD_SAFE bool has_cf_use ( uint32 feature,
uint opnum )
inline

Does an instruction with the specified feature use a value of the i-th operand?

◆ has_insn_feature()

idaman bool ida_export has_insn_feature ( uint16 icode,
uint32 bit )

Does the specified instruction have the specified feature?

◆ is_call_insn()

idaman bool ida_export is_call_insn ( const insn_t & insn)

Is the instruction a "call"?

◆ is_ret_insn()

idaman bool ida_export is_ret_insn ( const insn_t & insn,
uchar flags = IRI_STRICT )

◆ is_indirect_jump_insn()

idaman bool ida_export is_indirect_jump_insn ( const insn_t & insn)

Is the instruction an indirect jump?

◆ is_basic_block_end()

idaman bool ida_export is_basic_block_end ( const insn_t & insn,
bool call_insn_stops_block )

Is the instruction the end of a basic block?

◆ CASSERT() [1/2]

CASSERT ( sizeof(asm_t) = =416)

◆ hook_event_listener()

idaman bool ida_export hook_event_listener ( hook_type_t hook_type,
event_listener_t * cb,
const void * owner,
int hkcb_flags = 0 )

Install an event listener.

The installed listener will be called for all kernel events of the specified type (hook_type_t).

Parameters
hook_typeone of hook_type_t constants
cbThe event listener object
ownerThe listener owner. Points to an instance of: plugin_t, processor_t, or loader_t. Can be nullptr, which means undefined owner. The owner is used by the kernel for automatic removal of the event listener when the owner is unloaded from the memory.
hkcb_flagscombination of Hook installation bits. bits
Returns
success

◆ unhook_event_listener()

idaman bool ida_export unhook_event_listener ( hook_type_t hook_type,
event_listener_t * cb )

Uninstall an event listener.

Parameters
hook_typeone of hook_type_t constants
cbthe listener object
Returns
success A listener is uninstalled automatically when the owner module is unloaded or when the listener object is being destroyed

◆ remove_event_listener()

idaman void ida_export remove_event_listener ( event_listener_t * cb)

remove all hooks in all databases for specified event_listener object

◆ CASSERT() [2/2]

CASSERT ( sizeof(processor_t) = =144)

◆ get_ph()

idaman processor_t *ida_export get_ph ( )

◆ get_ash()

idaman asm_t *ida_export get_ash ( )

◆ get_eah()

idaman ea_helper_t *ida_export get_eah ( )

◆ get_hexdsp()

idaman hexdsp_t *ida_export get_hexdsp ( )

◆ str2reg()

idaman int ida_export str2reg ( const char * p)

Get any register number (-1 on error)

◆ is_align_insn()

idaman int ida_export is_align_insn ( ea_t ea)

If the instruction at 'ea' looks like an alignment instruction, return its length in bytes.

Otherwise return 0.

◆ get_reg_name()

idaman ssize_t ida_export get_reg_name ( qstring * buf,
int reg,
size_t width,
int reghi = -1 )

Get text representation of a register.

For most processors this function will just return processor_t::reg_names[reg]. If the processor module has implemented processor_t::get_reg_name, it will be used instead

Parameters
bufoutput buffer
reginternal register number as defined in the processor module
widthregister width in bytes
reghiif specified, then this function will return the register pair
Returns
length of register name in bytes or -1 if failure

◆ DECLARE_TYPE_AS_MOVABLE() [1/2]

DECLARE_TYPE_AS_MOVABLE ( reg_info_t )

◆ parse_reg_name()

idaman bool ida_export parse_reg_name ( reg_info_t * ri,
const char * regname )

Get register info by name.

Parameters
[out]riresult
regnamename of register
Returns
success

◆ ENUM_SIZE()

enum access_type_t ENUM_SIZE ( uchar )

Possible memory and register access types.

◆ DECLARE_TYPE_AS_MOVABLE() [2/2]

DECLARE_TYPE_AS_MOVABLE ( reg_access_t )

◆ set_processor_type()

idaman bool ida_export set_processor_type ( const char * procname,
setproc_level_t level )

Set target processor type.

Once a processor module is loaded, it cannot be replaced until we close the idb.

Parameters
procnamename of processor type (one of names present in processor_t::psnames)
levelSETPROC_
Returns
success

◆ get_idp_name()

idaman char *ida_export get_idp_name ( char * buf,
size_t bufsize )

Get name of the current processor module.

The name is derived from the file name. For example, for IBM PC the module is named "pc.w32" (windows version), then the module name is "PC" (uppercase). If no processor module is loaded, this function will return nullptr

Parameters
bufthe output buffer, should be at least #QMAXFILE length
bufsizesize of output buffer

◆ set_target_assembler()

idaman bool ida_export set_target_assembler ( int asmnum)

Set target assembler.

Parameters
asmnumnumber of assembler in the current processor module
Returns
success

◆ gen_idb_event()

void gen_idb_event ( idb_event::event_code_t code,
... )
inline

the kernel will use this function to generate idb_events

◆ set_module_data()

idaman void *ida_export set_module_data ( int * data_id,
void * data_ptr )

Starting from IDA v7.5 all modules should use the following 3 functions to handle idb specific static data because now the kernel supports opening and working with multiple idbs files simultaneously.

See the source code of the processor modules in the SDK for the usage examples. Register pointer to database specific module data.

Parameters
data_idinitially the pointed-to value must be 0, the kernel will fill it with a unique id. once assigned, the data_id does not change.
data_ptrpointer to the data to register
Returns
data_ptr. The registered pointer can later be retrieved using get_module_data()

◆ clr_module_data()

idaman void *ida_export clr_module_data ( int data_id)

Unregister pointer to database specific module data.

Parameters
data_idan data_id that was assigned by set_module_data()
Returns
previously registered pointer for the current database. it can be deallocated now. Multiple calls to this function with the same id are forbidden.

◆ get_module_data()

idaman void *ida_export get_module_data ( int data_id)

Get pointer to the database specific module data.

Parameters
data_iddata id that was initialized by set_module_data()
Returns
previously registered pointer for the current database