IOS/Syscall IDAPython: Difference between revisions
< IOS
No edit summary |
|||
Line 1: | Line 1: | ||
<source lang="python"> | |||
== | from idc import * | ||
=== | from idautils import * | ||
a = 0 | |||
base = LocByName("syscall_base") | |||
while 1: | |||
a = FindBinary(a, SEARCH_DOWN, "E6 ? ? ? E1 2F FF 1E") | |||
if a == BADADDR: | |||
break | |||
syscall_nr = (Dword(a) & 0x00FFFFE0) >> 5 | |||
syscall_addr = Dword(base + syscall_nr * 4) &~1 | |||
MakeDword(a) | |||
MakeCode(a + 4) | |||
name = NameEx(BADADDR, syscall_addr) | |||
if name == "": | |||
name = "sc_%d" % syscall_nr | |||
segname = SegName(a) | |||
if segname == "": | |||
segname = "%08x" % SegStart(a) | |||
MakeNameEx(a, "j_%s_%s" % (name, segname), 0) | |||
AddCodeXref(a, syscall_addr, XREF_USER) | |||
MakeRptCmt(a, name) | |||
a += 4 | |||
</source> |
Revision as of 18:45, 5 March 2009
from idc import *
from idautils import *
a = 0
base = LocByName("syscall_base")
while 1:
a = FindBinary(a, SEARCH_DOWN, "E6 ? ? ? E1 2F FF 1E")
if a == BADADDR:
break
syscall_nr = (Dword(a) & 0x00FFFFE0) >> 5
syscall_addr = Dword(base + syscall_nr * 4) &~1
MakeDword(a)
MakeCode(a + 4)
name = NameEx(BADADDR, syscall_addr)
if name == "":
name = "sc_%d" % syscall_nr
segname = SegName(a)
if segname == "":
segname = "%08x" % SegStart(a)
MakeNameEx(a, "j_%s_%s" % (name, segname), 0)
AddCodeXref(a, syscall_addr, XREF_USER)
MakeRptCmt(a, name)
a += 4