Latest available version: IDA and decompilers v8.4.240527sp2 see all releases
Hex-Rays logo State-of-the-art binary code analysis tools
email icon
nalt.hpp File Reference

Definitions of various information kept in netnodes. More...

Classes

struct  xrefpos_t
 
struct  array_parameters_t
 
struct  switch_info_t
 Information about a switch statement. More...
 
struct  custom_data_type_ids_t
 
struct  refinfo_t
 Information about a reference. More...
 
struct  custom_refinfo_handler_t
 Manage a custom refinfo type Custom refinfos are usually used to handle custom fixups, but can also be used to display non-standard references. More...
 
struct  refinfo_desc_t
 Get descriptions of all standard and custom refinfo types. More...
 
struct  strpath_t
 Information for structure offsets. More...
 
struct  enum_const_t
 See opinfo_t::ec. More...
 
union  opinfo_t
 Additional information about an operand type. More...
 
struct  printop_t
 

Macros

#define NALT_ENUM   uval_t(-2)
 reserved for enums, see enum.hpp
 
#define NALT_WIDE   uval_t(-1)
 16-bit byte value
 
#define NALT_SWITCH   1
 switch idiom address (used at jump targets)
 
#define NALT_STRUCT   3
 struct id
 
#define NALT_AFLAGS   8
 additional flags for an item
 
#define NALT_LINNUM   9
 source line number
 
#define NALT_ABSBASE   10
 absolute segment location
 
#define NALT_ENUM0   11
 enum id for the first operand
 
#define NALT_ENUM1   12
 enum id for the second operand
 
#define NALT_PURGE   15
 number of bytes purged from the stack when a function is called indirectly
 
#define NALT_STRTYPE   16
 type of string item
 
#define NALT_ALIGN   17
 alignment value if the item is FF_ALIGN (should by equal to power of 2)
 
#define NALT_COLOR   20
 instruction/data background color
 
#define NSUP_CMT   0
 regular comment
 
#define NSUP_REPCMT   1
 repeatable comment
 
#define NSUP_FOP1   2
 forced operand 1
 
#define NSUP_FOP2   3
 forced operand 2
 
#define NSUP_JINFO   4
 jump table info
 
#define NSUP_ARRAY   5
 array parameters
 
#define NSUP_OMFGRP   6
 OMF: group of segments (not used anymore)
 
#define NSUP_FOP3   7
 forced operand 3
 
#define NSUP_SWITCH   8
 switch information
 
#define NSUP_REF0   9
 complex reference information for operand 1
 
#define NSUP_REF1   10
 complex reference information for operand 2
 
#define NSUP_REF2   11
 complex reference information for operand 3
 
#define NSUP_OREF0   12
 outer complex reference information for operand 1
 
#define NSUP_OREF1   13
 outer complex reference information for operand 2
 
#define NSUP_OREF2   14
 outer complex reference information for operand 3
 
#define NSUP_STROFF0   15
 stroff: struct path for the first operand
 
#define NSUP_STROFF1   16
 stroff: struct path for the second operand
 
#define NSUP_SEGTRANS   17
 segment translations
 
#define NSUP_FOP4   18
 forced operand 4
 
#define NSUP_FOP5   19
 forced operand 5
 
#define NSUP_FOP6   20
 forced operand 6
 
#define NSUP_REF3   21
 complex reference information for operand 4
 
#define NSUP_REF4   22
 complex reference information for operand 5
 
#define NSUP_REF5   23
 complex reference information for operand 6
 
#define NSUP_OREF3   24
 outer complex reference information for operand 4
 
#define NSUP_OREF4   25
 outer complex reference information for operand 5
 
#define NSUP_OREF5   26
 outer complex reference information for operand 6
 
#define NSUP_XREFPOS   27
 saved xref address and type in the xrefs window
 
#define NSUP_CUSTDT   28
 custom data type id
 
#define NSUP_GROUPS   29
 SEG_GRP: pack_dd encoded list of selectors.
 
#define NSUP_ARGEAS   30
 instructions that initialize call arguments
 
#define NSUP_FOP7   31
 forced operand 7
 
#define NSUP_FOP8   32
 forced operand 8
 
#define NSUP_REF6   33
 complex reference information for operand 7
 
#define NSUP_REF7   34
 complex reference information for operand 8
 
#define NSUP_OREF6   35
 outer complex reference information for operand 7
 
#define NSUP_OREF7   36
 outer complex reference information for operand 8
 
#define NSUP_EX_FLAGS   37
 Extended flags.
 
#define NSUP_POINTS   0x1000
 SP change points blob (see funcs.cpp). More...
 
#define NSUP_MANUAL   0x2000
 manual instruction. More...
 
#define NSUP_TYPEINFO   0x3000
 type information. More...
 
#define NSUP_REGVAR   0x4000
 register variables. More...
 
#define NSUP_LLABEL   0x5000
 local labels. More...
 
#define NSUP_REGARG   0x6000
 register argument type/name descriptions values NSUP_REGARG..NSUP_REGARG+0x1000 are reserved
 
#define NSUP_FTAILS   0x7000
 function tails or tail referers values NSUP_FTAILS..NSUP_FTAILS+0x1000 are reserved
 
#define NSUP_GROUP   0x8000
 graph group information values NSUP_GROUP..NSUP_GROUP+0x1000 are reserved
 
#define NSUP_OPTYPES   0x9000
 operand type information. More...
 
#define NSUP_ORIGFMD   0x109000
 function metadata before lumina information was applied values NSUP_ORIGFMD..NSUP_ORIGFMD+0x1000 are reserved
 
#define NALT_CREF_TO   'X'
 code xref to, idx: target address
 
#define NALT_CREF_FROM   'x'
 code xref from, idx: source address
 
#define NALT_DREF_TO   'D'
 data xref to, idx: target address
 
#define NALT_DREF_FROM   'd'
 data xref from, idx: source address
 
#define NSUP_GR_INFO   'g'
 group node info: color, ea, text
 
#define NALT_GR_LAYX   'p'
 group layout ptrs, hash: md5 of 'belongs'
 
#define NSUP_GR_LAYT   'l'
 group layouts, idx: layout pointer
 
#define PATCH_TAG   'P'
 Patch netnode tag.
 
#define IDB_DESKTOPS_NODE_NAME   "$ desktops"
 hash indexed by desktop name with dekstop netnode
 
#define IDB_DESKTOPS_TAG   'S'
 tag to store desktop blob & timestamp
 
#define IDB_DESKTOPS_TIMESTAMP   nodeidx_t(-1)
 desktop timestamp index
 
#define AFL_LINNUM   0x00000001
 has line number info
 
#define AFL_USERSP   0x00000002
 user-defined SP value
 
#define AFL_PUBNAM   0x00000004
 name is public (inter-file linkage)
 
#define AFL_WEAKNAM   0x00000008
 name is weak
 
#define AFL_HIDDEN   0x00000010
 the item is hidden completely
 
#define AFL_MANUAL   0x00000020
 the instruction/data is specified by the user
 
#define AFL_NOBRD   0x00000040
 the code/data border is hidden
 
#define AFL_ZSTROFF   0x00000080
 display struct field name at 0 offset when displaying an offset. More...
 
#define AFL_BNOT0   0x00000100
 the 1st operand is bitwise negated
 
#define AFL_BNOT1   0x00000200
 the 2nd operand is bitwise negated
 
#define AFL_LIB   0x00000400
 item from the standard library. More...
 
#define AFL_TI   0x00000800
 has typeinfo? (NSUP_TYPEINFO); used only for addresses, not for member_t
 
#define AFL_TI0   0x00001000
 has typeinfo for operand 0? (NSUP_OPTYPES)
 
#define AFL_TI1   0x00002000
 has typeinfo for operand 1? (NSUP_OPTYPES+1)
 
#define AFL_LNAME   0x00004000
 has local name too (FF_NAME should be set)
 
#define AFL_TILCMT   0x00008000
 has type comment? (such a comment may be changed by IDA)
 
#define AFL_LZERO0   0x00010000
 toggle leading zeroes for the 1st operand
 
#define AFL_LZERO1   0x00020000
 toggle leading zeroes for the 2nd operand
 
#define AFL_COLORED   0x00040000
 has user defined instruction color?
 
#define AFL_TERSESTR   0x00080000
 terse structure variable display?
 
#define AFL_SIGN0   0x00100000
 code: toggle sign of the 1st operand
 
#define AFL_SIGN1   0x00200000
 code: toggle sign of the 2nd operand
 
#define AFL_NORET   0x00400000
 for imported function pointers: doesn't return. More...
 
#define AFL_FIXEDSPD   0x00800000
 sp delta value is fixed by analysis. More...
 
#define AFL_ALIGNFLOW   0x01000000
 the previous insn was created for alignment purposes only
 
#define AFL_USERTI   0x02000000
 the type information is definitive. More...
 
#define AFL_RETFP   0x04000000
 function returns a floating point value
 
#define AFL_USEMODSP   0x08000000
 insn modifes SP and uses the modified value; example: pop [rsp+N]
 
#define AFL_NOTCODE   0x10000000
 autoanalysis should not create code here
 
#define AFL_NOTPROC   0x20000000
 autoanalysis should not create proc here
 
#define AFL_TYPE_GUESSED   0xC2000000
 who guessed the type information?
 
#define AFL_IDA_GUESSED   0x00000000
 the type is guessed by IDA
 
#define AFL_HR_GUESSED_FUNC   0x40000000
 the function type is guessed by the decompiler
 
#define AFL_HR_GUESSED_DATA   0x80000000
 the data type is guessed by the decompiler
 
#define AFL_HR_DETERMINED   0xC0000000
 the type is definitely guessed by the decompiler
 
#define STRWIDTH_1B   0
 
#define STRWIDTH_2B   1
 
#define STRWIDTH_4B   2
 
#define STRWIDTH_MASK   0x03
 
#define STRLYT_TERMCHR   0
 
#define STRLYT_PASCAL1   1
 
#define STRLYT_PASCAL2   2
 
#define STRLYT_PASCAL4   3
 
#define STRLYT_MASK   0xFC
 
#define STRLYT_SHIFT   2
 
#define STRTYPE_TERMCHR   (STRWIDTH_1B|STRLYT_TERMCHR<<STRLYT_SHIFT)
 C-style string.
 
#define STRTYPE_C   STRTYPE_TERMCHR
 Zero-terminated 16bit chars.
 
#define STRTYPE_C_16   (STRWIDTH_2B|STRLYT_TERMCHR<<STRLYT_SHIFT)
 Zero-terminated 32bit chars.
 
#define STRTYPE_C_32   (STRWIDTH_4B|STRLYT_TERMCHR<<STRLYT_SHIFT)
 Pascal-style, one-byte length prefix.
 
#define STRTYPE_PASCAL   (STRWIDTH_1B|STRLYT_PASCAL1<<STRLYT_SHIFT)
 Pascal-style, 16bit chars, one-byte length prefix.
 
#define STRTYPE_PASCAL_16   (STRWIDTH_2B|STRLYT_PASCAL1<<STRLYT_SHIFT)
 Pascal-style, 32bit chars, one-byte length prefix.
 
#define STRTYPE_PASCAL_32   (STRWIDTH_4B|STRLYT_PASCAL1<<STRLYT_SHIFT)
 Pascal-style, two-byte length prefix.
 
#define STRTYPE_LEN2   (STRWIDTH_1B|STRLYT_PASCAL2<<STRLYT_SHIFT)
 Pascal-style, 16bit chars, two-byte length prefix.
 
#define STRTYPE_LEN2_16   (STRWIDTH_2B|STRLYT_PASCAL2<<STRLYT_SHIFT)
 Pascal-style, 32bit chars, two-byte length prefix.
 
#define STRTYPE_LEN2_32   (STRWIDTH_4B|STRLYT_PASCAL2<<STRLYT_SHIFT)
 Pascal-style, four-byte length prefix.
 
#define STRTYPE_LEN4   (STRWIDTH_1B|STRLYT_PASCAL4<<STRLYT_SHIFT)
 Pascal-style, 16bit chars, four-byte length prefix.
 
#define STRTYPE_LEN4_16   (STRWIDTH_2B|STRLYT_PASCAL4<<STRLYT_SHIFT)
 Pascal-style, 32bit chars, four-byte length prefix.
 
#define STRTYPE_LEN4_32   (STRWIDTH_4B|STRLYT_PASCAL4<<STRLYT_SHIFT)
 
#define STRENC_DEFAULT   0x00
 use default encoding for this type (see get_default_encoding_idx())
 
#define STRENC_NONE   0xFF
 force no-conversion encoding
 
#define AP_ALLOWDUPS   0x00000001
 use 'dup' construct
 
#define AP_SIGNED   0x00000002
 treats numbers as signed
 
#define AP_INDEX   0x00000004
 display array element indexes as comments
 
#define AP_ARRAY   0x00000008
 create as array (this flag is not stored in database)
 
#define AP_IDXBASEMASK   0x000000F0
 mask for number base of the indexes
 
#define AP_IDXDEC   0x00000000
 display indexes in decimal
 
#define AP_IDXHEX   0x00000010
 display indexes in hex
 
#define AP_IDXOCT   0x00000020
 display indexes in octal
 
#define AP_IDXBIN   0x00000030
 display indexes in binary
 
#define SWI_SPARSE   0x00000001
 sparse switch (value table present), otherwise lowcase present
 
#define SWI_V32   0x00000002
 32-bit values in table
 
#define SWI_J32   0x00000004
 32-bit jump offsets
 
#define SWI_VSPLIT   0x00000008
 value table is split (only for 32-bit values)
 
#define SWI_USER   0x00000010
 user specified switch (starting from version 2)
 
#define SWI_DEF_IN_TBL   0x00000020
 default case is an entry in the jump table. More...
 
#define SWI_JMP_INV   0x00000040
 jumptable is inversed. More...
 
#define SWI_SHIFT_MASK   0x00000180
 use formula (element<<shift) + elbase to find jump targets
 
#define SWI_ELBASE   0x00000200
 elbase is present (otherwise the base of the switch segment will be used)
 
#define SWI_JSIZE   0x00000400
 jump offset expansion bit
 
#define SWI_VSIZE   0x00000800
 value table element size expansion bit
 
#define SWI_SEPARATE   0x00001000
 create an array of individual elements (otherwise separate items)
 
#define SWI_SIGNED   0x00002000
 jump table entries are signed
 
#define SWI_CUSTOM   0x00004000
 custom jump table. More...
 
#define SWI_INDIRECT   0x00010000
 value table elements are used as indexes into the jump table (for sparse switches)
 
#define SWI_SUBTRACT   0x00020000
 table values are subtracted from the elbase instead of being added
 
#define SWI_HXNOLOWCASE   0x00040000
 lowcase value should not be used by the decompiler (internal flag)
 
#define SWI_STDTBL   0x00080000
 custom jump table with standard table formatting. More...
 
#define SWI_DEFRET   0x00100000
 return in the default case (defjump==BADADDR)
 
#define SWI_SELFREL   0x00200000
 jump address is relative to the element not to ELBASE
 
#define SWI_JMPINSN   0x00400000
 jump table entries are insns. More...
 
#define SWI_VERSION   0x00800000
 the structure contains the VERSION member
 
#define REFINFO_TYPE   0x000F
 reference type (reftype_t), or custom reference ID if REFINFO_CUSTOM set
 
#define REFINFO_RVAOFF   0x0010
 based reference (rva); refinfo_t::base will be forced to get_imagebase(); such a reference is displayed with the asm_t::a_rva keyword
 
#define REFINFO_PASTEND   0x0020
 reference past an item; it may point to an nonexistent address; do not destroy alignment dirs
 
#define REFINFO_CUSTOM   0x0040
 a custom reference. More...
 
#define REFINFO_NOBASE   0x0080
 don't create the base xref; implies that the base can be any value. More...
 
#define REFINFO_SUBTRACT   0x0100
 the reference value is subtracted from the base value instead of (as usual) being added to it
 
#define REFINFO_SIGNEDOP   0x0200
 the operand value is sign-extended (only supported for REF_OFF8/16/32/64)
 
#define REFINFO_NO_ZEROS   0x0400
 an opval of 0 will be considered invalid
 
#define REFINFO_NO_ONES   0x0800
 an opval of ~0 will be considered invalid
 
#define REFINFO_SELFREF   0x1000
 the self-based reference; refinfo_t::base will be forced to the reference address
 
#define RHF_TGTOPT   0x0001
 can the target be calculated using operand value?
 
#define MAXSTRUCPATH   32
 maximal inclusion depth of unions
 
#define POF_VALID_TI   0x1
 
#define POF_VALID_AFLAGS   0x2
 
#define POF_IS_F64   0x4
 
#define RIDX_FILE_FORMAT_NAME   1
 file format name for loader modules
 
#define RIDX_SELECTORS   2
 2..63 are for selector_t blob (see init_selectors())
 
#define RIDX_GROUPS   64
 segment group information (see init_groups())
 
#define RIDX_H_PATH   65
 C header path.
 
#define RIDX_C_MACROS   66
 C predefined macros.
 
#define RIDX_SMALL_IDC_OLD   67
 Instant IDC statements (obsolete)
 
#define RIDX_NOTEPAD   68
 notepad blob, occupies 1000 indexes (1MB of text)
 
#define RIDX_INCLUDE   1100
 assembler include file name
 
#define RIDX_SMALL_IDC   1200
 Instant IDC statements, blob.
 
#define RIDX_DUALOP_GRAPH   1300
 Graph text representation options.
 
#define RIDX_DUALOP_TEXT   1301
 Text text representation options.
 
#define RIDX_MD5   1302
 MD5 of the input file.
 
#define RIDX_IDA_VERSION   1303
 version of ida which created the database
 
#define RIDX_STR_ENCODINGS   1305
 a list of encodings for the program strings
 
#define RIDX_SRCDBG_PATHS   1306
 source debug paths, occupies 20 indexes
 
#define RIDX_DBG_BINPATHS   1328
 unused (20 indexes)
 
#define RIDX_SHA256   1349
 SHA256 of the input file.
 
#define RIDX_ABINAME   1350
 ABI name (processor specific)
 
#define RIDX_ARCHIVE_PATH   1351
 archive file path
 
#define RIDX_PROBLEMS   1352
 problem lists
 
#define RIDX_SRCDBG_UNDESIRED   1353
 user-closed source files, occupies 20 indexes
 
#define RIDX_ALT_VERSION   uval_t(-1)
 initial version of database
 
#define RIDX_ALT_CTIME   uval_t(-2)
 database creation timestamp
 
#define RIDX_ALT_ELAPSED   uval_t(-3)
 seconds database stayed open
 
#define RIDX_ALT_NOPENS   uval_t(-4)
 how many times the database is opened
 
#define RIDX_ALT_CRC32   uval_t(-5)
 input file crc32
 
#define RIDX_ALT_IMAGEBASE   uval_t(-6)
 image base
 
#define RIDX_ALT_IDSNODE   uval_t(-7)
 ids modnode id (for import_module)
 
#define RIDX_ALT_FSIZE   uval_t(-8)
 input file size
 
#define RIDX_ALT_OUTFILEENC   uval_t(-9)
 output file encoding index
 

Typedefs

typedef uchar reftype_t
 see Types of references
 
typedef qvector< refinfo_desc_trefinfo_desc_vec_t
 
typedef uchar type_t
 
typedef uchar p_list
 

Functions

idaman nodeidx_t ida_export ea2node (ea_t ea)
 Get netnode for the specified address.
 
idaman ea_t ida_export node2ea (nodeidx_t ndx)
 
idaman nodeidx_t ida_export end_ea2node (ea_t ea)
 
netnode getnode (ea_t ea)
 
idaman void ida_export set_notcode (ea_t ea)
 Mark address so that it cannot be converted to instruction.
 
void clr_notcode (ea_t ea)
 Clear not-code mark.
 
bool is_notcode (ea_t ea)
 Is the address marked as not-code?
 
void set_visible_item (ea_t ea, bool visible)
 Change visibility of item at given ea.
 
bool is_visible_item (ea_t ea)
 Test visibility of item at given ea.
 
bool is_finally_visible_item (ea_t ea)
 Is instruction visible?
 
bool is_reftype_target_optional (reftype_t type)
 Can the target be calculated using operand value?
 
idaman reftype_t ida_export get_reftype_by_size (size_t size)
 Get REF_... constant from size Supported sizes: 1,2,4,8,16 For other sizes returns reftype_t(-1)
 
idaman int ida_export register_custom_refinfo (const custom_refinfo_handler_t *crh)
 Register a new custom refinfo type.
 
idaman bool ida_export unregister_custom_refinfo (int crid)
 Unregister a new custom refinfo type.
 
idaman int ida_export find_custom_refinfo (const char *name)
 Get id of a custom refinfo type.
 
idaman const custom_refinfo_handler_t *ida_export get_custom_refinfo (int crid)
 Get definition of a registered custom refinfo type.
 
const custom_refinfo_handler_t *idaapi get_custom_refinfo_handler (const refinfo_t &ri)
 Get refinfo handler.
 
idaman void ida_export get_refinfo_descs (refinfo_desc_vec_t *descs)
 
idaman ssize_t ida_export get_root_filename (char *buf, size_t bufsize)
 Get file name only of the input file.
 
idaman ssize_t ida_export dbg_get_input_path (char *buf, size_t bufsize)
 Get debugger input file name/path (see LFLG_DBG_NOPATH)
 
ssize_t idaapi get_input_file_path (char *buf, size_t bufsize)
 Get full path of the input file.
 
void set_root_filename (const char *file)
 Set full path of the input file.
 
size_t idaapi retrieve_input_file_size (void)
 Get size of input file in bytes.
 
uint32 idaapi retrieve_input_file_crc32 (void)
 Get input file crc32 stored in the database. More...
 
bool idaapi retrieve_input_file_md5 (uchar hash[16])
 Get input file md5.
 
bool idaapi retrieve_input_file_sha256 (uchar hash[32])
 Get input file sha256.
 
ssize_t idaapi get_asm_inc_file (qstring *buf)
 Get name of the include file.
 
bool idaapi set_asm_inc_file (const char *file)
 Set name of the include file.
 
ea_t idaapi get_imagebase (void)
 Get image base address.
 
void idaapi set_imagebase (ea_t base)
 Set image base address.
 
netnode idaapi get_ids_modnode (void)
 Get ids modnode.
 
void idaapi set_ids_modnode (netnode id)
 Set ids modnode.
 
ssize_t idaapi get_archive_path (qstring *out)
 Get archive file path from which input file was extracted.
 
bool set_archive_path (const char *file)
 Set archive file path from which input file was extracted.
 
ssize_t idaapi get_loader_format_name (qstring *out)
 Get file format name for loader modules.
 
void set_loader_format_name (const char *name)
 Set file format name for loader modules.
 
ssize_t idaapi get_initial_ida_version (qstring *out)
 Get version of ida which created the database (string format like "7.5")
 
ssize_t idaapi get_ida_notepad_text (qstring *out)
 Get notepad text.
 
void idaapi set_ida_notepad_text (const char *text, size_t size=0)
 Set notepad text.
 
ssize_t idaapi get_srcdbg_paths (qstring *out)
 Get source debug paths.
 
void idaapi set_srcdbg_paths (const char *paths)
 Set source debug paths.
 
ssize_t idaapi get_srcdbg_undesired_paths (qstring *out)
 Get user-closed source files.
 
void idaapi set_srcdbg_undesired_paths (const char *paths)
 Set user-closed source files.
 
ushort idaapi get_initial_idb_version ()
 Get initial version of the database (numeric format like 700)
 
time_t idaapi get_idb_ctime ()
 Get database creation timestamp.
 
size_t idaapi get_elapsed_secs ()
 Get seconds database stayed open.
 
size_t idaapi get_idb_nopens ()
 Get number of times the database is opened.
 
idaman int ida_export validate_idb_names2 (bool do_repair)
 Check consistency of name records, return number of bad ones.
 
void set_gotea (ea_t gotea)
 
ea_t get_gotea (void)
 
Get structure ID

Returns the struct id of the struct type at the specified address.

Use this function when is_struct()==true

idaman tid_t ida_export get_strid (ea_t ea)
 
xrefpos

Position of cursor in the window with cross-references to the address.

Used by the user-interface.

idaman ssize_t ida_export get_xrefpos (xrefpos_t *out, ea_t ea)
 
idaman void ida_export set_xrefpos (ea_t ea, const xrefpos_t *in)
 
void idaapi del_xrefpos (ea_t ea)
 
Source line numbers

They are sometimes present in object files.

idaman void ida_export set_source_linnum (ea_t ea, uval_t lnnum)
 
idaman uval_t ida_export get_source_linnum (ea_t ea)
 
idaman void ida_export del_source_linnum (ea_t ea)
 
Absolute segment base address

These functions may be used if necessary (despite of the AFLNOTE above).

ea_t get_absbase (ea_t ea)
 
void set_absbase (ea_t ea, ea_t x)
 
void del_absbase (ea_t ea)
 
Purged bytes

Number of bytes purged from the stack when a function is called indirectly get_ind_purged() may be used if necessary (despite of the AFLNOTE above).

Use set_purged() to modify this value (do not use set_ind_purged())

idaman ea_t ida_export get_ind_purged (ea_t ea)
 
void set_ind_purged (ea_t ea, ea_t x)
 
void del_ind_purged (ea_t ea)
 
Get type of string

Use higher level function get_opinfo().

idaman uint32 ida_export get_str_type (ea_t ea)
 
idaman void ida_export set_str_type (ea_t ea, uint32 x)
 
idaman void ida_export del_str_type (ea_t ea)
 
Work with string type codes
THREAD_SAFE uchar idaapi get_str_type_code (int32 strtype)
 
THREAD_SAFE char get_str_term1 (int32 strtype)
 
THREAD_SAFE char get_str_term2 (int32 strtype)
 
THREAD_SAFE uchar idaapi get_str_encoding_idx (int32 strtype)
 Get index of the string encoding for this string.
 
THREAD_SAFE int32 set_str_encoding_idx (int32 strtype, int encoding_idx)
 Set index of the string encoding in the string type.
 
THREAD_SAFE int32 make_str_type (uchar type_code, int encoding_idx, uchar term1=0, uchar term2=0)
 Get string type for a string in the given encoding.
 
THREAD_SAFE bool is_pascal (int32 strtype)
 
THREAD_SAFE size_t get_str_type_prefix_length (int32 strtype)
 
Alignment value

(should be power of 2) These functions may be used if necessary (despite of the AFLNOTE above).

uint32 get_alignment (ea_t ea)
 
void set_alignment (ea_t ea, uint32 x)
 
void del_alignment (ea_t ea)
 
Instruction/Data background color
idaman void ida_export set_item_color (ea_t ea, bgcolor_t color)
 
idaman bgcolor_t ida_export get_item_color (ea_t ea)
 
idaman bool ida_export del_item_color (ea_t ea)
 
Array representation

Describes how to display an array

idaman ssize_t ida_export get_array_parameters (array_parameters_t *out, ea_t ea)
 
idaman void ida_export set_array_parameters (ea_t ea, const array_parameters_t *in)
 
void idaapi del_array_parameters (ea_t ea)
 
Switch info

See switch_info_t, xref.hpp for related functions

idaman ssize_t ida_export get_switch_info (switch_info_t *out, ea_t ea)
 
idaman void ida_export set_switch_info (ea_t ea, const switch_info_t &in)
 
idaman void ida_export del_switch_info (ea_t ea)
 
Switch parent

Address which holds the switch info (switch_info_t).

Used at the jump targets.

ea_t get_switch_parent (ea_t ea)
 
void set_switch_parent (ea_t ea, ea_t x)
 
void del_switch_parent (ea_t ea)
 
Custom data types

Information about custom data types

idaman int ida_export get_custom_data_type_ids (custom_data_type_ids_t *cdis, ea_t ea)
 
idaman void ida_export set_custom_data_type_ids (ea_t ea, const custom_data_type_ids_t *cdis)
 
void idaapi del_custom_data_type_ids (ea_t ea)
 
Get/Set refinfo

n may be 0, 1, 2, OPND_MASK.

OPND_OUTER may be used too. Don't use these functions, see get_opinfo(), set_opinfo()

idaman bool ida_export set_refinfo_ex (ea_t ea, int n, const refinfo_t *ri)
 
idaman bool ida_export set_refinfo (ea_t ea, int n, reftype_t type, ea_t target=BADADDR, ea_t base=0, adiff_t tdelta=0)
 
idaman bool ida_export get_refinfo (refinfo_t *ri, ea_t ea, int n)
 
idaman bool ida_export del_refinfo (ea_t ea, int n)
 
Structure paths

Structure paths for unions and structures with unions (strpath) a structure path is an array of id's.

the first id is the id of the structure itself. additional id's (if any) specify which member of a union we should select the maximal size of array is MAXSTRUCPATH. strpaths are used to determine how to display structure offsets.

idaman void ida_export write_struc_path (ea_t ea, int idx, const tid_t *path, int plen, adiff_t delta)
 
idaman int ida_export read_struc_path (tid_t *path, adiff_t *delta, ea_t ea, int idx)
 
Types

Work with function/data types These functions may be used if necessary (despite of the AFLNOTE above).

idaman bool ida_export get_tinfo (tinfo_t *tif, ea_t ea)
 
idaman bool ida_export set_tinfo (ea_t ea, const tinfo_t *tif)
 
void idaapi del_tinfo (ea_t ea)
 
Operand types

These functions may be used if necessary (despite of the AFLNOTE above).

idaman bool ida_export get_op_tinfo (tinfo_t *tif, ea_t ea, int n)
 
idaman bool ida_export set_op_tinfo (ea_t ea, int n, const tinfo_t *tif)
 
void idaapi del_op_tinfo (ea_t ea, int n)
 

Variables

const reftype_t V695_REF_OFF8 = 0
 reserved
 
const reftype_t REF_OFF16 = 1
 16bit full offset
 
const reftype_t REF_OFF32 = 2
 32bit full offset
 
const reftype_t REF_LOW8 = 3
 low 8bits of 16bit offset
 
const reftype_t REF_LOW16 = 4
 low 16bits of 32bit offset
 
const reftype_t REF_HIGH8 = 5
 high 8bits of 16bit offset
 
const reftype_t REF_HIGH16 = 6
 high 16bits of 32bit offset
 
const reftype_t V695_REF_VHIGH = 7
 obsolete
 
const reftype_t V695_REF_VLOW = 8
 obsolete
 
const reftype_t REF_OFF64 = 9
 64bit full offset
 
const reftype_t REF_OFF8 = 10
 8bit full offset
 
const reftype_t REF_LAST = REF_OFF8
 

String encodings

Encoding names can be a codepage names (CP1251, windows-1251), charset name (Shift-JIS, UTF-8), or just codepage number (866, 932).

user-accessible encodings are counted from 1 (index 0 is reserved)

#define BPU_1B   1
 
#define BPU_2B   2
 
#define BPU_4B   4
 
idaman int ida_export get_encoding_qty ()
 Get total number of encodings (counted from 0)
 
idaman const char *ida_export get_encoding_name (int idx)
 Get encoding name for specific index (1-based). More...
 
idaman int ida_export add_encoding (const char *encname)
 Add a new encoding (e.g. More...
 
idaman bool ida_export del_encoding (int idx)
 Delete an encoding The encoding is not actually removed because its index may be used in strtype. More...
 
idaman bool ida_export rename_encoding (int idx, const char *encname)
 Change name for an encoding The number of bytes per unit (BPU) of the new encoding must match this number of the existing default encoding. More...
 
idaman int ida_export get_encoding_bpu (int idx)
 Get the amount of bytes per unit (e.g., 2 for UTF-16, 4 for UTF-32) for the encoding with the given index. More...
 
idaman int ida_export get_encoding_bpu_by_name (const char *encname)
 Get the amount of bytes per unit for the given encoding. More...
 
int get_strtype_bpu (int32 strtype)
 
idaman int ida_export get_default_encoding_idx (int bpu)
 Get default encoding index for a specific string type. More...
 
idaman bool ida_export set_default_encoding_idx (int bpu, int idx)
 Set default encoding for a string type. More...
 
const char *idaapi encoding_from_strtype (int32 strtype)
 Get encoding name for this strtype. More...
 
idaman int ida_export get_outfile_encoding_idx ()
 Get the index of the encoding used when producing files. More...
 
idaman bool ida_export set_outfile_encoding_idx (int idx)
 set encoding to be used when producing files More...
 

Work with additional location flags

See Additional flags for the location

using aflags_t = flags_t
 
idaman void ida_export set_aflags (ea_t ea, aflags_t flags)
 
idaman void ida_export upd_abits (ea_t ea, aflags_t clr_bits, aflags_t set_bits)
 
idaman void ida_export set_abits (ea_t ea, aflags_t bits)
 
idaman void ida_export clr_abits (ea_t ea, aflags_t bits)
 
idaman aflags_t ida_export get_aflags (ea_t ea)
 
idaman void ida_export del_aflags (ea_t ea)
 
bool has_aflag_linnum (aflags_t flags)
 
bool is_aflag_usersp (aflags_t flags)
 
bool is_aflag_public_name (aflags_t flags)
 
bool is_aflag_weak_name (aflags_t flags)
 
bool is_aflag_hidden_item (aflags_t flags)
 
bool is_aflag_manual_insn (aflags_t flags)
 
bool is_aflag_hidden_border (aflags_t flags)
 
bool is_aflag_zstroff (aflags_t flags)
 
bool is_aflag__bnot0 (aflags_t flags)
 
bool is_aflag__bnot1 (aflags_t flags)
 
bool is_aflag_libitem (aflags_t flags)
 
bool has_aflag_ti (aflags_t flags)
 
bool has_aflag_ti0 (aflags_t flags)
 
bool has_aflag_ti1 (aflags_t flags)
 
bool has_aflag_lname (aflags_t flags)
 
bool is_aflag_tilcmt (aflags_t flags)
 
bool is_aflag_lzero0 (aflags_t flags)
 
bool is_aflag_lzero1 (aflags_t flags)
 
bool is_aflag_colored_item (aflags_t flags)
 
bool is_aflag_terse_struc (aflags_t flags)
 
bool is_aflag__invsign0 (aflags_t flags)
 
bool is_aflag__invsign1 (aflags_t flags)
 
bool is_aflag_noret (aflags_t flags)
 
bool is_aflag_fixed_spd (aflags_t flags)
 
bool is_aflag_align_flow (aflags_t flags)
 
bool is_aflag_userti (aflags_t flags)
 
bool is_aflag_retfp (aflags_t flags)
 
bool uses_aflag_modsp (aflags_t flags)
 
bool is_aflag_notcode (aflags_t flags)
 
bool is_aflag_notproc (aflags_t flags)
 
bool is_aflag_type_guessed_by_ida (aflags_t flags)
 
bool is_aflag_func_guessed_by_hexrays (aflags_t flags)
 
bool is_aflag_data_guessed_by_hexrays (aflags_t flags)
 
bool is_aflag_type_determined_by_hexrays (aflags_t flags)
 
bool is_aflag_type_guessed_by_hexrays (aflags_t flags)
 
bool is_hidden_item (ea_t ea)
 
void hide_item (ea_t ea)
 
void unhide_item (ea_t ea)
 
bool is_hidden_border (ea_t ea)
 
void hide_border (ea_t ea)
 
void unhide_border (ea_t ea)
 
bool uses_modsp (ea_t ea)
 
void set_usemodsp (ea_t ea)
 
void clr_usemodsp (ea_t ea)
 
bool is_zstroff (ea_t ea)
 
void set_zstroff (ea_t ea)
 
void clr_zstroff (ea_t ea)
 
bool is__bnot0 (ea_t ea)
 
void set__bnot0 (ea_t ea)
 
void clr__bnot0 (ea_t ea)
 
bool is__bnot1 (ea_t ea)
 
void set__bnot1 (ea_t ea)
 
void clr__bnot1 (ea_t ea)
 
bool is_libitem (ea_t ea)
 
void set_libitem (ea_t ea)
 
void clr_libitem (ea_t ea)
 
bool has_ti (ea_t ea)
 
void set_has_ti (ea_t ea)
 
void clr_has_ti (ea_t ea)
 
bool has_ti0 (ea_t ea)
 
void set_has_ti0 (ea_t ea)
 
void clr_has_ti0 (ea_t ea)
 
bool has_ti1 (ea_t ea)
 
void set_has_ti1 (ea_t ea)
 
void clr_has_ti1 (ea_t ea)
 
bool has_lname (ea_t ea)
 
void set_has_lname (ea_t ea)
 
void clr_has_lname (ea_t ea)
 
bool is_tilcmt (ea_t ea)
 
void set_tilcmt (ea_t ea)
 
void clr_tilcmt (ea_t ea)
 
bool is_usersp (ea_t ea)
 
void set_usersp (ea_t ea)
 
void clr_usersp (ea_t ea)
 
bool is_lzero0 (ea_t ea)
 
void set_lzero0 (ea_t ea)
 
void clr_lzero0 (ea_t ea)
 
bool is_lzero1 (ea_t ea)
 
void set_lzero1 (ea_t ea)
 
void clr_lzero1 (ea_t ea)
 
bool is_colored_item (ea_t ea)
 
void set_colored_item (ea_t ea)
 
void clr_colored_item (ea_t ea)
 
bool is_terse_struc (ea_t ea)
 
void set_terse_struc (ea_t ea)
 
void clr_terse_struc (ea_t ea)
 
bool is__invsign0 (ea_t ea)
 
void set__invsign0 (ea_t ea)
 
void clr__invsign0 (ea_t ea)
 
bool is__invsign1 (ea_t ea)
 
void set__invsign1 (ea_t ea)
 
void clr__invsign1 (ea_t ea)
 
bool is_noret (ea_t ea)
 
void set_noret (ea_t ea)
 
void clr_noret (ea_t ea)
 
bool is_fixed_spd (ea_t ea)
 
void set_fixed_spd (ea_t ea)
 
void clr_fixed_spd (ea_t ea)
 
bool is_align_flow (ea_t ea)
 
void set_align_flow (ea_t ea)
 
void clr_align_flow (ea_t ea)
 
bool is_userti (ea_t ea)
 
void set_userti (ea_t ea)
 
void clr_userti (ea_t ea)
 
bool is_retfp (ea_t ea)
 
void set_retfp (ea_t ea)
 
void clr_retfp (ea_t ea)
 
bool is_notproc (ea_t ea)
 
void set_notproc (ea_t ea)
 
void clr_notproc (ea_t ea)
 
bool is_type_guessed_by_ida (ea_t ea)
 
bool is_func_guessed_by_hexrays (ea_t ea)
 
bool is_data_guessed_by_hexrays (ea_t ea)
 
bool is_type_determined_by_hexrays (ea_t ea)
 
bool is_type_guessed_by_hexrays (ea_t ea)
 
void set_type_guessed_by_ida (ea_t ea)
 
void set_func_guessed_by_hexrays (ea_t ea)
 
void set_data_guessed_by_hexrays (ea_t ea)
 
void set_type_determined_by_hexrays (ea_t ea)
 

Functions to work with imports

typedef int idaapi import_enum_cb_t(ea_t ea, const char *name, uval_t ord, void *param)
 Callback for enumerating imports. More...
 
idaman uint ida_export get_import_module_qty ()
 Get number of import modules.
 
idaman bool ida_export get_import_module_name (qstring *buf, int mod_index)
 Get import module name. More...
 
idaman int ida_export enum_import_names (int mod_index, import_enum_cb_t *callback, void *param=nullptr)
 Enumerate imports from specific module. More...
 
idaman void ida_export delete_imports (void)
 Delete all imported modules information.
 

Detailed Description

Definitions of various information kept in netnodes.

Each address in the program has a corresponding netnode: netnode(ea).

If we have no information about an address, the corresponding netnode is not created. Otherwise we will create a netnode and save information in it. All variable length information (names, comments, offset information, etc) is stored in the netnode.

Don't forget that some information is already stored in the flags (bytes.hpp)

Warning
Many of the functions in this file are very low level (they are marked as low level functions). Use them only if you can't find higher level function to set/get/del information.

You can create your own nodes in IDP module and store information in them. See netnode.

Typedef Documentation

◆ import_enum_cb_t

typedef int idaapi import_enum_cb_t(ea_t ea, const char *name, uval_t ord, void *param)

Callback for enumerating imports.

Parameters
eaimport address
nameimport name (nullptr if imported by ordinal)
ordimport ordinal (0 for imports by name)
paramuser parameter passed to enum_import_names()
Return values
1ok
0stop enumeration

Function Documentation

◆ retrieve_input_file_crc32()

uint32 idaapi retrieve_input_file_crc32 ( void  )
inline

Get input file crc32 stored in the database.

it can be used to check that the input file has not been changed.

◆ get_encoding_name()

idaman const char *ida_export get_encoding_name ( int  idx)

Get encoding name for specific index (1-based).

Parameters
idxthe encoding index (1-based)
Return values
nullptrif IDX is out of bounds
emptystring if the encoding was deleted

◆ add_encoding()

idaman int ida_export add_encoding ( const char *  encname)

Add a new encoding (e.g.

"UTF-8"). If it's already in the list, return its index.

Parameters
encnamethe encoding name
Returns
its index (1-based); -1 means error

◆ del_encoding()

idaman bool ida_export del_encoding ( int  idx)

Delete an encoding The encoding is not actually removed because its index may be used in strtype.

So the deletion just clears the encoding name. The default encoding cannot be deleted.

Parameters
idxthe encoding index (1-based)

◆ rename_encoding()

idaman bool ida_export rename_encoding ( int  idx,
const char *  encname 
)

Change name for an encoding The number of bytes per unit (BPU) of the new encoding must match this number of the existing default encoding.

Specifying the empty name simply deletes this encoding.

Parameters
idxthe encoding index (1-based)
encnamethe new encoding name

◆ get_encoding_bpu()

idaman int ida_export get_encoding_bpu ( int  idx)

Get the amount of bytes per unit (e.g., 2 for UTF-16, 4 for UTF-32) for the encoding with the given index.

Parameters
idxthe encoding index (1-based)
Returns
the number of bytes per units (1/2/4); -1 means error

◆ get_encoding_bpu_by_name()

idaman int ida_export get_encoding_bpu_by_name ( const char *  encname)

Get the amount of bytes per unit for the given encoding.

Parameters
encnamethe encoding name
Returns
the number of bytes per units (1/2/4); -1 means error

◆ get_default_encoding_idx()

idaman int ida_export get_default_encoding_idx ( int  bpu)

Get default encoding index for a specific string type.

Parameters
bputhe amount of bytes per unit (e.g., 1 for ASCII, CP1252, UTF-8..., 2 for UTF-16, 4 for UTF-32)
Return values
0bad BPU argument

◆ set_default_encoding_idx()

idaman bool ida_export set_default_encoding_idx ( int  bpu,
int  idx 
)

Set default encoding for a string type.

Parameters
bputhe amount of bytes per unit
idxthe encoding index. It cannot be 0

◆ encoding_from_strtype()

const char *idaapi encoding_from_strtype ( int32  strtype)
inline

Get encoding name for this strtype.

Return values
nullptrif STRTYPE has an incorrent encoding index
emptystring if the encoding was deleted

◆ get_outfile_encoding_idx()

idaman int ida_export get_outfile_encoding_idx ( )

Get the index of the encoding used when producing files.

Return values
0the IDB's default 1 byte-per-unit encoding is used

◆ set_outfile_encoding_idx()

idaman bool ida_export set_outfile_encoding_idx ( int  idx)

set encoding to be used when producing files

Parameters
idxthe encoding index IDX can be 0 to use the IDB's default 1-byte-per-unit encoding

◆ get_import_module_name()

idaman bool ida_export get_import_module_name ( qstring buf,
int  mod_index 
)

Get import module name.

Return values
trueok
falsebad index

◆ enum_import_names()

idaman int ida_export enum_import_names ( int  mod_index,
import_enum_cb_t callback,
void *  param = nullptr 
)

Enumerate imports from specific module.

Return values
1finished ok
-1error
othercallback return value (<=0)