Module `ida_fixup`

Functions that deal with fixup information.

A loader should setup fixup information using set_fixup().

Global variables

var FIXUPF_CREATED

fixup was not present in the input file

var FIXUPF_EXTDEF

target is a location (otherwise - segment). Use this bit if the target is a symbol rather than an offset from the beginning of a segment.

var FIXUPF_LOADER_MASK

additional flags. The bits from this mask are not stored in the database and can be used by the loader at its discretion.

var FIXUPF_REL

fixup is relative to the linear address `base'. Otherwise fixup is relative to the start of the segment with `sel' selector.

var FIXUPF_UNUSED

fixup is ignored by IDA

disallows the kernel to convert operands
this fixup is not used during output

var FIXUP_CUSTOM

start of the custom types range

var FIXUP_HI16

high 16 bits of 32bit offset

var FIXUP_HI8

high 8 bits of 16bit offset

var FIXUP_LOW16

low 16 bits of 32bit offset

var FIXUP_LOW8

low 8 bits of 16bit offset

var FIXUP_OFF16

16-bit offset

var FIXUP_OFF16S

16-bit signed offset

var FIXUP_OFF32

32-bit offset

var FIXUP_OFF32S

32-bit signed offset

var FIXUP_OFF64

64-bit offset

var FIXUP_OFF8

8-bit offset

var FIXUP_OFF8S

8-bit signed offset

var FIXUP_PTR16

32-bit long pointer (16-bit base:16-bit offset)

var FIXUP_PTR32

48-bit pointer (16-bit base:32-bit offset)

var FIXUP_SEG16

16-bit base-logical segment base (selector)

var V695_FIXUP_VHIGH

obsolete

var V695_FIXUP_VLOW

obsolete

Functions

def calc_fixup_size(*args) ‑> int: calc_fixup_size(type) -> int
Calculate size of fixup in bytes (the number of bytes the fixup patches)

retval -1: means error

type: (C++: fixup_type_t)
def contains_fixups(*args) ‑> bool: contains_fixups(ea, size) -> bool
Does the specified address range contain any fixup information?

ea: (C++: ea_t)

size: (C++: asize_t)
def del_fixup(*args) ‑> void: del_fixup(source)
Delete fixup information.

source: (C++: ea_t)
def exists_fixup(*args) ‑> bool: exists_fixup(source) -> bool
Check that a fixup exists at the given address.

source: (C++: ea_t)
def find_custom_fixup(*args) ‑> fixup_type_t: find_custom_fixup(name) -> fixup_type_t
Get id of a custom fixup handler.

name: (C++: const char *) name of the custom fixup handler

return: id with FIXUP_CUSTOM bit set or 0
def gen_fix_fixups(*args) ‑> void: gen_fix_fixups(_from, to, size)
Relocate the bytes with fixup information once more (generic function). This function may be called from loader_t::move_segm() if it suits the goal. If loader_t::move_segm is not defined then this function will be called automatically when moving segments or rebasing the entire program. Special parameter values (from = BADADDR, size = 0, to = delta) are used when the function is called from rebase_program(delta).

from: (C++: ea_t)

to: (C++: ea_t)

size: (C++: asize_t)
def get_first_fixup_ea(*args) ‑> ea_t: get_first_fixup_ea() -> ea_t
def get_fixup(*args) ‑> bool: get_fixup(fd, source) -> bool
Get fixup information.

fd: (C++: fixup_data_t *)

source: (C++: ea_t)
def get_fixup_desc(*args) ‑> fixup_data_t const &: get_fixup_desc(source, fd) -> str
Get FIXUP description comment.

source: (C++: ea_t)

fd: (C++: const fixup_data_t &) fixup_data_t const &
def get_fixup_handler(*args) ‑> fixup_handler_t const *: get_fixup_handler(type) -> fixup_handler_t const *
Get handler of standard or custom fixup.

type: (C++: fixup_type_t)
def get_fixup_value(*args) ‑> uval_t: get_fixup_value(ea, type) -> uval_t
Get the operand value. This function get fixup bytes from data or an instruction at `ea' and convert them to the operand value (maybe partially). It is opposite in meaning to the patch\_fixup\_value(). For example, FIXUP_HI8 read a byte at `ea' and shifts it left by 8 bits, or AArch64's custom fixup BRANCH26 get low 26 bits of the insn at `ea' and shifts it left by 2 bits. This function is mainly used to get a relocation addend.

ea: (C++: ea_t) address to get fixup bytes from, the size of the fixup bytes depends
on the fixup type.

see: fixup_handler_t::size

type: (C++: fixup_type_t) fixup type

retval operand: value
def get_fixups(*args) ‑> bool: get_fixups(out, ea, size) -> bool
out: fixups_t *

ea: ea_t

size: asize_t
def get_next_fixup_ea(*args) ‑> ea_t: get_next_fixup_ea(ea) -> ea_t
Find next address with fixup information

ea: (C++: ea_t) current address

return: the next address with fixup information, or BADADDR
def get_prev_fixup_ea(*args) ‑> ea_t: get_prev_fixup_ea(ea) -> ea_t
Find previous address with fixup information

ea: (C++: ea_t) current address

return: the previous address with fixup information, or BADADDR
def handle_fixups_in_macro(*args) ‑> bool: handle_fixups_in_macro(ri, ea, other, macro_reft_and_flags) -> bool
Handle two fixups in a macro. We often combine two instruction that load parts of a value into one macro instruction. For example: ARM: ADRP X0, #var@PAGE ADD X0, X0, #var@PAGEOFF --> ADRL X0, var MIPS: lui $v0, %hi(var) addiu $v0, $v0, %lo(var) --> la $v0, var When applying the fixups that fall inside such a macro, we should convert them to one refinfo. This function does exactly that. It should be called from the apply() callback of a custom fixup.

ri: (C++: refinfo_t *)

ea: (C++: ea_t)

other: (C++: fixup_type_t)

macro_reft_and_flags: (C++: uint32)

return: success ('false' means that RI was not changed)
def is_fixup_custom(*args) ‑> bool: is_fixup_custom(type) -> bool
Is fixup processed by processor module?

type: (C++: fixup_type_t)
def patch_fixup_value(*args) ‑> bool: patch_fixup_value(ea, fd) -> bool
Patch the fixup bytes. This function updates data or an instruction at `ea' to the fixup bytes. For example, FIXUP_HI8 updates a byte at `ea' to the high byte of `fd->off', or AArch64's custom fixup BRANCH26 updates low 26 bits of the insn at `ea' to the value of `fd->off' shifted right by 2.

ea: (C++: ea_t) address where data are changed, the size of the changed data depends
on the fixup type.

see: fixup_handler_t::size

fd: (C++: const fixup_data_t &) fixup data

retval false: the fixup bytes do not fit (e.g. `fd->off' is greater than
0xFFFFFFC for BRANCH26). The database is changed even in this case.
def set_fixup(*args) ‑> void: set_fixup(source, fd)
Set fixup information. You should fill fixup_data_t and call this function and the kernel will remember information in the database.

source: (C++: ea_t) the fixup source address, i.e. the address modified by the fixup

fd: (C++: const fixup_data_t &) fixup data

Classes

class fixup_data_t (*args)

Proxy of C++ fixup_data_t class.

__init__(self) -> fixup_data_t

__init__(self, type_, flags_=0) -> fixup_data_t

type_: fixup_type_t

flags_: uint32

Instance variables

var displacement: displacement (offset from the target)
var off: target offset

note: The target is calculated as `get_base() + off`.
var sel: selector of the target segment. BADSEL means an absolute (zero based) target.

see: FIXUPF_REL

Methods

def calc_size(self, *args) ‑> int: calc_size(self) -> int

calc_fixup_size()
def clr_extdef(self, *args) ‑> void: clr_extdef(self)
def clr_unused(self, *args) ‑> void: clr_unused(self)
def get(self, *args) ‑> bool: get(self, source) -> bool

get_fixup()
source: (C++: ea_t)
def get_base(self, *args) ‑> ea_t: get_base(self) -> ea_t
Get base of fixup.

note: The target is calculated as `get_base() + off`.

see: FIXUPF_REL
def get_desc(self, *args) ‑> char const *: get_desc(self, source) -> char const *

get_fixup_desc()
source: (C++: ea_t)
def get_flags(self, *args) ‑> uint32: get_flags(self) -> uint32
Fixup flags Fixup flags.
def get_handler(self, *args) ‑> fixup_handler_t const *: get_handler(self) -> fixup_handler_t const *

get_fixup_handler()
def get_type(self, *args) ‑> fixup_type_t: get_type(self) -> fixup_type_t
Fixup type Types of fixups.
def get_value(self, *args) ‑> uval_t: get_value(self, ea) -> uval_t

get_fixup_value()
ea: (C++: ea_t)
def has_base(self, *args) ‑> bool: has_base(self) -> bool
Is fixup relative?
def is_custom(self, *args) ‑> bool: is_custom(self) -> bool

is_fixup_custom()
def is_extdef(self, *args) ‑> bool: is_extdef(self) -> bool
def is_unused(self, *args) ‑> bool: is_unused(self) -> bool
def patch_value(self, *args) ‑> bool: patch_value(self, ea) -> bool

patch_fixup_value()
ea: (C++: ea_t)
def set(self, *args) ‑> void: set(self, source)

set_fixup()
source: (C++: ea_t)
def set_base(self, *args) ‑> void: set_base(self, new_base)
Set base of fixup. The target should be set before a call of this function.

new_base: (C++: ea_t)
def set_extdef(self, *args) ‑> void: set_extdef(self)
def set_sel(self, *args) ‑> void: set_sel(self, seg)
seg: segment_t const *
def set_target_sel(self, *args) ‑> void: set_target_sel(self)
Set selector of fixup to the target. The target should be set before a call of this function.
def set_type(self, *args) ‑> void: set_type(self, type_)
type_: fixup_type_t
def set_type_and_flags(self, *args) ‑> void: set_type_and_flags(self, type_, flags_=0)
type_: fixup_type_t

flags_: uint32
def set_unused(self, *args) ‑> void: set_unused(self)
def was_created(self, *args) ‑> bool: was_created(self) -> bool
Is fixup artificial?

class fixup_info_t (*args)

Proxy of C++ fixup_info_t class.

__init__(self) -> fixup_info_t

Instance variables

var ea: ea
var fd: fd