 |
IDA C++ SDK 9.2
|
|
IDA C++ SDK 9.2
|
Functions that deal with cross-references (xrefs). More...
Go to the source code of this file.
Classes | |
| struct | xrefblk_t |
| Structure to enumerate all xrefs. More... | |
Typedefs | |
| typedef qvector< svalvec_t > | casevec_t |
| Vector of case values - see calc_switch_cases() | |
Enumerations | |
| enum | cref_t { fl_U , fl_CF = 16 , fl_CN , fl_JF , fl_JN , fl_USobsolete , fl_F } |
| CODE xref types. More... | |
| enum | dref_t { dr_U , dr_O , dr_W , dr_R , dr_T , dr_I , dr_S } |
| DATA xref types. More... | |
Functions | |
| idaman char ida_export | xrefchar (char xrtype) |
| Get character describing the xref type. | |
| idaman bool ida_export | add_cref (ea_t from, ea_t to, cref_t type) |
| Create a code cross-reference. | |
| idaman bool ida_export | del_cref (ea_t from, ea_t to, bool expand) |
| Delete a code cross-reference. | |
| idaman bool ida_export | add_dref (ea_t from, ea_t to, dref_t type) |
| Create a data cross-reference. | |
| idaman void ida_export | del_dref (ea_t from, ea_t to) |
| Delete a data cross-reference. | |
| idaman ea_t ida_export | get_first_dref_from (ea_t from) |
| Get first data referenced from the specified address. | |
| idaman ea_t ida_export | get_next_dref_from (ea_t from, ea_t current) |
| Get next data referenced from the specified address. | |
| idaman ea_t ida_export | get_first_dref_to (ea_t to) |
| Get address of instruction/data referencing to the specified data. | |
| idaman ea_t ida_export | get_next_dref_to (ea_t to, ea_t current) |
| Get address of instruction/data referencing to the specified data. | |
| idaman ea_t ida_export | get_first_cref_from (ea_t from) |
| Get first instruction referenced from the specified instruction. | |
| idaman ea_t ida_export | get_next_cref_from (ea_t from, ea_t current) |
| Get next instruction referenced from the specified instruction. | |
| idaman ea_t ida_export | get_first_cref_to (ea_t to) |
| Get first instruction referencing to the specified instruction. | |
| idaman ea_t ida_export | get_next_cref_to (ea_t to, ea_t current) |
| Get next instruction referencing to the specified instruction. | |
| idaman bool ida_export | has_external_refs (func_t *pfn, ea_t ea) |
| Does 'ea' have references from outside of 'pfn'? | |
| idaman bool ida_export | has_jump_or_flow_xref (ea_t ea) |
| Are there jump or flow references to EA? | |
| idaman bool ida_export | create_switch_table (ea_t insn_ea, const switch_info_t &si) |
| Create switch table from the switch information. | |
| idaman void ida_export | create_switch_xrefs (ea_t insn_ea, const switch_info_t &si) |
| Create code xrefs for the switch table. | |
| idaman bool ida_export | calc_switch_cases (casevec_t *casevec, eavec_t *targets, ea_t insn_ea, const switch_info_t &si) |
| Get detailed information about the switch table cases. | |
| idaman void ida_export | delete_switch_table (ea_t jump_ea, const switch_info_t &si) |
| Delete information created by the call of create_switch_table(). | |
Helper functions | |
Should not be called directly! | |
| idaman bool ida_export | xrefblk_t_first_from (xrefblk_t *, ea_t from, int flags) |
| idaman bool ida_export | xrefblk_t_next_from (xrefblk_t *) |
| idaman bool ida_export | xrefblk_t_first_to (xrefblk_t *, ea_t to, int flags) |
| idaman bool ida_export | xrefblk_t_next_to (xrefblk_t *) |
Far code references | |
The following functions are similar to get_{first|next}_cref_{from|to} functions. The only difference is that they don't take into account ordinary flow of execution. Only jump and call xrefs are returned. (fcref means "far code reference") | |
| idaman ea_t ida_export | get_first_fcref_from (ea_t from) |
| idaman ea_t ida_export | get_next_fcref_from (ea_t from, ea_t current) |
| idaman ea_t ida_export | get_first_fcref_to (ea_t to) |
| idaman ea_t ida_export | get_next_fcref_to (ea_t to, ea_t current) |
Functions that deal with cross-references (xrefs).
There are 2 groups of xrefs: CODE and DATA references. All xrefs are kept in the bTree except the ordinary execution flow to the next instruction. The ordinary execution flow to the next instruction is kept in flags (see bytes.hpp)
The source address of an xref must be an item head (is_head) or a structure member id. Even if an xref is generated by an element in the middle of the item, the item head address must be used. There are some exceptions to the rule but they are not worth mentioning here.
Xrefs are automatically sorted by addresses. However, the flow to the next instruction is always at the beginning of the list.
Xrefs are usually created by the processor module, as a reaction to the ev_emu_insn event. Plugins may create xrefs too but please note that upon a reanalysis of an item, all its xrefs, except the ones marked with XREF_USER, are deleted by the kernel.
Vector of case values - see calc_switch_cases()
Create a code cross-reference.
| from | linear address of referencing instruction |
| to | linear address of referenced instruction |
| type | cross-reference type |
Delete a code cross-reference.
| from | linear address of referencing instruction |
| to | linear address of referenced instruction |
| expand | policy to delete the referenced instruction
|
| true | if the referenced instruction will be deleted |
Create a data cross-reference.
| from | linear address of referencing instruction or data |
| to | linear address of referenced data |
| type | cross-reference type |
Delete a data cross-reference.
| from | linear address of referencing instruction or data |
| to | linear address of referenced data |
Get first data referenced from the specified address.
| from | linear address of referencing instruction or data |
Get next data referenced from the specified address.
| from | linear address of referencing instruction or data |
| current | linear address of current referenced data. This value is returned by get_first_dref_from() or previous call to get_next_dref_from() functions. |
Get address of instruction/data referencing to the specified data.
| to | linear address of referencing instruction or data |
Get address of instruction/data referencing to the specified data.
| to | linear address of referencing instruction or data |
| current | current linear address. This value is returned by get_first_dref_to() or previous call to get_next_dref_to() functions. |
Get first instruction referenced from the specified instruction.
If the specified instruction passes execution to the next instruction then the next instruction is returned. Otherwise the lowest referenced address is returned (remember that xrefs are kept sorted!).
| from | linear address of referencing instruction |
Get next instruction referenced from the specified instruction.
| from | linear address of referencing instruction |
| current | linear address of current referenced instruction This value is returned by get_first_cref_from() or previous call to get_next_cref_from() functions. |
Get first instruction referencing to the specified instruction.
If the specified instruction may be executed immediately after its previous instruction then the previous instruction is returned. Otherwise the lowest referencing address is returned. (remember that xrefs are kept sorted!).
| to | linear address of referenced instruction |
Get next instruction referencing to the specified instruction.
| to | linear address of referenced instruction |
| current | linear address of current referenced instruction This value is returned by get_first_cref_to() or previous call to get_next_cref_to() functions. |
Does 'ea' have references from outside of 'pfn'?
| idaman bool ida_export create_switch_table | ( | ea_t | insn_ea, |
| const switch_info_t & | si ) |
Create switch table from the switch information.
Usually there is no need to call this function directly because the kernel will call it for the result of processor_t::is_switch().
| insn_ea | address of the 'indirect jump' instruction |
| si | switch information |
| idaman void ida_export create_switch_xrefs | ( | ea_t | insn_ea, |
| const switch_info_t & | si ) |
Create code xrefs for the switch table.
This function creates xrefs from the indirect jump. Usually there is no need to call this function directly because the kernel will call it for switch tables
| insn_ea | address of the 'indirect jump' instruction |
| si | switch information |
| idaman bool ida_export calc_switch_cases | ( | casevec_t * | casevec, |
| eavec_t * | targets, | ||
| ea_t | insn_ea, | ||
| const switch_info_t & | si ) |
Get detailed information about the switch table cases.
| casevec | vector of case values... |
| targets | ...and corresponding target addresses |
| insn_ea | address of the 'indirect jump' instruction |
| si | switch information |
| idaman void ida_export delete_switch_table | ( | ea_t | jump_ea, |
| const switch_info_t & | si ) |
Delete information created by the call of create_switch_table().
It delete parent address for each switch target.
| insn_ea | address of the 'indirect jump' instruction |
| si | switch information |