State-of-the-art binary code analysis tools
nalt.hpp File Reference

Detailed Description

Definitions of various information kept in netnodes.

Each address in the program has a corresponding netnode: netnode(ea).

If we have no information about an address, the corresponding netnode is not created. Otherwise we will create a netnode and save information in it. All variable length information (names, comments, offset information, etc) is stored in the netnode.

Don't forget that some information is already stored in the flags (bytes.hpp)

Many of the functions in this file are very low level (they are marked as low level functions). Use them only if you can't find higher level function to set/get/del information.

You can create your own nodes in IDP module and store information in them. See netnode.


struct  xrefpos_t
 Position of cursor in the window with cross-references to the address. More...
struct  array_parameters_t
 Describes how to display an array. More...
struct  switch_info_t
 Information about a switch statement. More...
struct  custom_data_type_ids_t
 Information about custom data types. More...
struct  refinfo_t
 Information about a reference. More...
struct  custom_refinfo_handler_t
 Manage a custom refinfo type Custom refinfos are usually used to handle custom fixups, but can also be used to display non-standard references. More...
struct  refinfo_desc_t
 Get descriptions of all standard and custom refinfo types. More...
struct  strpath_t
 Information for structure offsets. More...
struct  enum_const_t
 See opinfo_t::ec. More...
union  opinfo_t
 Additional information about an operand type. More...
struct  printop_t


idaman nodeidx_t ida_export ea2node (ea_t ea)
 Get netnode for the specified address.
idaman ea_t ida_export node2ea (nodeidx_t ndx)
netnode getnode (ea_t ea)
idaman void ida_export set_notcode (ea_t ea)
 Mark address so that it cannot be converted to instruction.
void clr_notcode (ea_t ea)
 Clear not-code mark.
bool is_notcode (ea_t ea)
 Is the address marked as not-code?
void set_visible_item (ea_t ea, bool visible)
 Change visibility of item at given ea.
bool is_visible_item (ea_t ea)
 Test visibility of item at given ea.
bool is_finally_visible_item (ea_t ea)
 Is instruction visible?
bool is_reftype_target_optional (reftype_t type)
 Can the target be calculated using operand value?
idaman reftype_t ida_export get_reftype_by_size (size_t size)
 Get REF_... More...
idaman int ida_export register_custom_refinfo (const custom_refinfo_handler_t *crh)
 Register a new custom refinfo type.
idaman bool ida_export unregister_custom_refinfo (int crid)
 Unregister a new custom refinfo type.
idaman int ida_export find_custom_refinfo (const char *name)
 Get id of a custom refinfo type.
idaman const custom_refinfo_handler_t *ida_export get_custom_refinfo (int crid)
 Get definition of a registered custom refinfo type.
const custom_refinfo_handler_t *idaapi get_custom_refinfo_handler (const refinfo_t &ri)
 Get refinfo handler.
idaman void ida_export get_refinfo_descs (refinfo_desc_vec_t *descs)
idaman ssize_t ida_export get_root_filename (char *buf, size_t bufsize)
 Get file name only of the input file.
idaman ssize_t ida_export dbg_get_input_path (char *buf, size_t bufsize)
 Get debugger input file name/path (see LFLG_DBG_NOPATH)
ssize_t idaapi get_input_file_path (char *buf, size_t bufsize)
 Get full path of the input file.
void set_root_filename (const char *file)
 Set full path of the input file.
size_t idaapi retrieve_input_file_size (void)
 Get size of input file in bytes.
uint32 idaapi retrieve_input_file_crc32 (void)
 Get input file crc32 stored in the database. More...
bool idaapi retrieve_input_file_md5 (uchar hash[16])
 Get input file md5.
bool idaapi retrieve_input_file_sha256 (uchar hash[32])
 Get input file sha256.
ssize_t idaapi get_asm_inc_file (qstring *buf)
 Get name of the include file.
bool idaapi set_asm_inc_file (const char *file)
 Set name of the include file.
ea_t idaapi get_imagebase (void)
 Get image base address.
void idaapi set_imagebase (ea_t base)
 Set image base address.
netnode idaapi get_ids_modnode (void)
 Get ids modnode.
void idaapi set_ids_modnode (netnode id)
 Set ids modnode.
ssize_t idaapi get_archive_path (qstring *buf)
 Get archive file path from which input file was extracted.
bool set_archive_path (const char *file)
 Set archive file path from which input file was extracted.
ssize_t idaapi get_loader_format_name (qstring *buf)
 Get file format name for loader modules.
void set_loader_format_name (const char *name)
 Set file format name for loader modules.
ssize_t idaapi get_initial_ida_version (qstring *ver)
 Get version of ida which created the database (string format like "7.5")
ssize_t idaapi get_ida_notepad_text (qstring *text)
 Get notead text.
void idaapi set_ida_notepad_text (const char *text, size_t size=0)
 Set notead text.
ssize_t idaapi get_srcdbg_paths (qstring *paths)
 Get source debug paths.
void idaapi set_srcdbg_paths (const char *paths)
 Set source debug paths.
ssize_t idaapi get_srcdbg_undesired_paths (qstring *paths)
 Get user-closed source files.
void idaapi set_srcdbg_undesired_paths (const char *paths)
 Set user-closed source files.
ushort idaapi get_initial_ida_version ()
 Get version of ida which created the database (numeric format like 750)
time_t idaapi get_idb_ctime ()
 Get database creation timestamp.
size_t idaapi get_elapsed_secs ()
 Get seconds database stayed open.
size_t idaapi get_idb_nopens ()
 Get number of times the database is opened.
idaman int ida_export validate_idb_names2 (bool do_repair)
 Check consistency of name records, return number of bad ones.
void set_gotea (ea_t gotea)
ea_t get_gotea (void)
Get structure ID

Returns the struct id of the struct type at the specified address.

Use this function when is_struct()==true

idaman tid_t ida_export get_strid (ea_t ea)
idaman ssize_t ida_export get_xrefpos (xrefpos_t *out, ea_t ea)
idaman void ida_export set_xrefpos (ea_t ea, const xrefpos_t *in)
void idaapi del_xrefpos (ea_t ea)
Source line numbers

They are sometimes present in object files.

idaman void ida_export set_source_linnum (ea_t ea, uval_t lnnum)
idaman uval_t ida_export get_source_linnum (ea_t ea)
idaman void ida_export del_source_linnum (ea_t ea)
Absolute segment base address

These functions may be used if necessary (despite of the AFLNOTE above).

ea_t get_absbase (ea_t ea)
void set_absbase (ea_t ea, ea_t x)
void del_absbase (ea_t ea)
Purged bytes

Number of bytes purged from the stack when a function is called indirectly get_ind_purged() may be used if necessary (despite of the AFLNOTE above).

Use set_purged() to modify this value (do not use set_ind_purged())

ea_t get_ind_purged (ea_t ea)
void set_ind_purged (ea_t ea, ea_t x)
void del_ind_purged (ea_t ea)
Get type of string

Use higher level function get_opinfo().

uint32 get_str_type (ea_t ea)
void set_str_type (ea_t ea, uint32 x)
void del_str_type (ea_t ea)
Work with string type codes
THREAD_SAFE uchar idaapi get_str_type_code (int32 strtype)
THREAD_SAFE char get_str_term1 (int32 strtype)
THREAD_SAFE char get_str_term2 (int32 strtype)
THREAD_SAFE uchar idaapi get_str_encoding_idx (int32 strtype)
 Get index of the string encoding for this string.
THREAD_SAFE bool is_pascal (int32 strtype)
THREAD_SAFE size_t get_str_type_prefix_length (int32 strtype)
Alignment value

(should be power of 2) These functions may be used if necessary (despite of the AFLNOTE above).

uint32 get_alignment (ea_t ea)
void set_alignment (ea_t ea, uint32 x)
void del_alignment (ea_t ea)
Instruction/Data background color
idaman void ida_export set_item_color (ea_t ea, bgcolor_t color)
idaman bgcolor_t ida_export get_item_color (ea_t ea)
idaman bool ida_export del_item_color (ea_t ea)
Array representation
idaman ssize_t ida_export get_array_parameters (array_parameters_t *out, ea_t ea)
idaman void ida_export set_array_parameters (ea_t ea, const array_parameters_t *in)
void idaapi del_array_parameters (ea_t ea)
Switch info

See switch_info_t, xref.hpp for related functions

idaman ssize_t ida_export get_switch_info (switch_info_t *out, ea_t ea)
idaman void ida_export set_switch_info (ea_t ea, const switch_info_t &in)
idaman void ida_export del_switch_info (ea_t ea)
Switch parent

Address which holds the switch info (switch_info_t).

Used at the jump targets.

ea_t get_switch_parent (ea_t ea)
void set_switch_parent (ea_t ea, ea_t x)
void del_switch_parent (ea_t ea)
Custom data types
idaman int ida_export get_custom_data_type_ids (custom_data_type_ids_t *cdis, ea_t ea)
idaman void ida_export set_custom_data_type_ids (ea_t ea, const custom_data_type_ids_t *cdis)
void idaapi del_custom_data_type_ids (ea_t ea)
Get/Set refinfo

n may be 0, 1, 2, OPND_MASK.

OPND_OUTER may be used too. Don't use these functions, see get_opinfo(), set_opinfo()

idaman bool ida_export set_refinfo_ex (ea_t ea, int n, const refinfo_t *ri)
idaman bool ida_export set_refinfo (ea_t ea, int n, reftype_t type, ea_t target=BADADDR, ea_t base=0, adiff_t tdelta=0)
idaman bool ida_export get_refinfo (refinfo_t *ri, ea_t ea, int n)
idaman bool ida_export del_refinfo (ea_t ea, int n)
Structure paths

Structure paths for unions and structures with unions (strpath) a structure path is an array of id's.

the first id is the id of the structure itself. additional id's (if any) specify which member of a union we should select the maximal size of array is MAXSTRUCPATH. strpaths are used to determine how to display structure offsets.

idaman void ida_export write_struc_path (ea_t ea, int idx, const tid_t *path, int plen, adiff_t delta)
idaman int ida_export read_struc_path (tid_t *path, adiff_t *delta, ea_t ea, int idx)

Work with function/data types These functions may be used if necessary (despite of the AFLNOTE above).

idaman bool ida_export get_tinfo (tinfo_t *tif, ea_t ea)
idaman bool ida_export set_tinfo (ea_t ea, const tinfo_t *tif)
void idaapi del_tinfo (ea_t ea)
Operand types

These functions may be used if necessary (despite of the AFLNOTE above).

idaman bool ida_export get_op_tinfo (tinfo_t *tif, ea_t ea, int n)
idaman bool ida_export set_op_tinfo (ea_t ea, int n, const tinfo_t *tif)
void idaapi del_op_tinfo (ea_t ea, int n)

Work with additional location flags

See Additional flags for the location

using aflags_t = flags_t
idaman void ida_export set_aflags (ea_t ea, aflags_t flags)
idaman void ida_export upd_abits (ea_t ea, aflags_t clr_bits, aflags_t set_bits)
idaman void ida_export set_abits (ea_t ea, aflags_t bits)
idaman void ida_export clr_abits (ea_t ea, aflags_t bits)
idaman aflags_t ida_export get_aflags (ea_t ea)
idaman void ida_export del_aflags (ea_t ea)
bool has_aflag_linnum (aflags_t flags)
bool is_aflag_usersp (aflags_t flags)
bool is_aflag_public_name (aflags_t flags)
bool is_aflag_weak_name (aflags_t flags)
bool is_aflag_hidden_item (aflags_t flags)
bool is_aflag_manual_insn (aflags_t flags)
bool is_aflag_hidden_border (aflags_t flags)
bool is_aflag_zstroff (aflags_t flags)
bool is_aflag__bnot0 (aflags_t flags)
bool is_aflag__bnot1 (aflags_t flags)
bool is_aflag_libitem (aflags_t flags)
bool has_aflag_ti (aflags_t flags)
bool has_aflag_ti0 (aflags_t flags)
bool has_aflag_ti1 (aflags_t flags)
bool has_aflag_lname (aflags_t flags)
bool is_aflag_tilcmt (aflags_t flags)
bool is_aflag_lzero0 (aflags_t flags)
bool is_aflag_lzero1 (aflags_t flags)
bool is_aflag_colored_item (aflags_t flags)
bool is_aflag_terse_struc (aflags_t flags)
bool is_aflag__invsign0 (aflags_t flags)
bool is_aflag__invsign1 (aflags_t flags)
bool is_aflag_noret (aflags_t flags)
bool is_aflag_fixed_spd (aflags_t flags)
bool is_aflag_align_flow (aflags_t flags)
bool is_aflag_userti (aflags_t flags)
bool is_aflag_retfp (aflags_t flags)
bool uses_aflag_modsp (aflags_t flags)
bool is_aflag_notcode (aflags_t flags)
bool is_aflag_notproc (aflags_t flags)
bool is_aflag_type_guessed_by_ida (aflags_t flags)
bool is_aflag_func_guessed_by_hexrays (aflags_t flags)
bool is_aflag_data_guessed_by_hexrays (aflags_t flags)
bool is_aflag_type_determined_by_hexrays (aflags_t flags)
bool is_aflag_type_guessed_by_hexrays (aflags_t flags)
bool is_hidden_item (ea_t ea)
void hide_item (ea_t ea)
void unhide_item (ea_t ea)
bool is_hidden_border (ea_t ea)
void hide_border (ea_t ea)
void unhide_border (ea_t ea)
bool uses_modsp (ea_t ea)
void set_usemodsp (ea_t ea)
void clr_usemodsp (ea_t ea)
bool is_zstroff (ea_t ea)
void set_zstroff (ea_t ea)
void clr_zstroff (ea_t ea)
bool is__bnot0 (ea_t ea)
void set__bnot0 (ea_t ea)
void clr__bnot0 (ea_t ea)
bool is__bnot1 (ea_t ea)
void set__bnot1 (ea_t ea)
void clr__bnot1 (ea_t ea)
bool is_libitem (ea_t ea)
void set_libitem (ea_t ea)
void clr_libitem (ea_t ea)
bool has_ti (ea_t ea)
void set_has_ti (ea_t ea)
void clr_has_ti (ea_t ea)
bool has_ti0 (ea_t ea)
void set_has_ti0 (ea_t ea)
void clr_has_ti0 (ea_t ea)
bool has_ti1 (ea_t ea)
void set_has_ti1 (ea_t ea)
void clr_has_ti1 (ea_t ea)
bool has_lname (ea_t ea)
void set_has_lname (ea_t ea)
void clr_has_lname (ea_t ea)
bool is_tilcmt (ea_t ea)
void set_tilcmt (ea_t ea)
void clr_tilcmt (ea_t ea)
bool is_usersp (ea_t ea)
void set_usersp (ea_t ea)
void clr_usersp (ea_t ea)
bool is_lzero0 (ea_t ea)
void set_lzero0 (ea_t ea)
void clr_lzero0 (ea_t ea)
bool is_lzero1 (ea_t ea)
void set_lzero1 (ea_t ea)
void clr_lzero1 (ea_t ea)
bool is_colored_item (ea_t ea)
void set_colored_item (ea_t ea)
void clr_colored_item (ea_t ea)
bool is_terse_struc (ea_t ea)
void set_terse_struc (ea_t ea)
void clr_terse_struc (ea_t ea)
bool is__invsign0 (ea_t ea)
void set__invsign0 (ea_t ea)
void clr__invsign0 (ea_t ea)
bool is__invsign1 (ea_t ea)
void set__invsign1 (ea_t ea)
void clr__invsign1 (ea_t ea)
bool is_noret (ea_t ea)
void set_noret (ea_t ea)
void clr_noret (ea_t ea)
bool is_fixed_spd (ea_t ea)
void set_fixed_spd (ea_t ea)
void clr_fixed_spd (ea_t ea)
bool is_align_flow (ea_t ea)
void set_align_flow (ea_t ea)
void clr_align_flow (ea_t ea)
bool is_userti (ea_t ea)
void set_userti (ea_t ea)
void clr_userti (ea_t ea)
bool is_retfp (ea_t ea)
void set_retfp (ea_t ea)
void clr_retfp (ea_t ea)
bool is_notproc (ea_t ea)
void set_notproc (ea_t ea)
void clr_notproc (ea_t ea)
bool is_type_guessed_by_ida (ea_t ea)
bool is_func_guessed_by_hexrays (ea_t ea)
bool is_data_guessed_by_hexrays (ea_t ea)
bool is_type_determined_by_hexrays (ea_t ea)
bool is_type_guessed_by_hexrays (ea_t ea)
void set_type_guessed_by_ida (ea_t ea)
void set_func_guessed_by_hexrays (ea_t ea)
void set_data_guessed_by_hexrays (ea_t ea)
void set_type_determined_by_hexrays (ea_t ea)

String encodings

Encoding names can be a codepage names (CP1251, windows-1251), charset name (Shift-JIS, UTF-8), or just codepage number (866, 932).

user-accessible encodings are counted from 1 (index 0 is reserved)

#define BPU_1B   1
#define BPU_2B   2
#define BPU_4B   4
idaman int ida_export get_encoding_qty ()
 Get total number of encodings (counted from 0)
idaman const char *ida_export get_encoding_name (int idx)
 Get encoding name for specific index (1-based). More...
idaman int ida_export add_encoding (const char *encoding)
 Add a new encoding (e.g. More...
idaman bool ida_export del_encoding (int idx)
 Delete an encoding (1-based)
idaman bool ida_export rename_encoding (int idx, const char *encoding)
 Change name for an encoding (1-based)
idaman int ida_export get_encoding_bpu (int idx)
 Get the amount of bytes per unit (e.g., 2 for UTF-16, 4 for UTF-32) for the encoding with the given index. More...
int get_strtype_bpu (int32 strtype)
idaman int ida_export get_default_encoding_idx (int bpu)
 Get default encoding index for a specific string type. More...
idaman bool ida_export set_default_encoding_idx (int bpu, int idx)
 set default encoding for a string type More...
const char *idaapi encoding_from_strtype (int32 strtype)
 Get encoding name for this strtype.
idaman int ida_export get_outfile_encoding_idx ()
 Get the index of the encoding used when producing files 0 means no that the IDB's default 1 byte-per-unit encoding is used.
idaman bool ida_export set_outfile_encoding_idx (int idx)
 set encoding to be used when producing files More...

Functions to work with imports

typedef int idaapi import_enum_cb_t(ea_t ea, const char *name, uval_t ord, void *param)
 Callback for enumerating imports. More...
idaman uint ida_export get_import_module_qty ()
 Get number of import modules.
idaman bool ida_export get_import_module_name (qstring *buf, int mod_index)
 Get import module name. More...
idaman int ida_export enum_import_names (int mod_index, import_enum_cb_t *callback, void *param=NULL)
 Enumerate imports from specific module. More...
idaman void ida_export delete_imports (void)
 Delete all imported modules information.


#define NALT_ENUM   uval_t(-2)
 reserved for enums, see enum.hpp
#define NALT_WIDE   uval_t(-1)
 16-bit byte value
#define NALT_SWITCH   1
 switch idiom address (used at jump targets)
#define NALT_STRUCT   3
 struct id
#define NALT_AFLAGS   8
 additional flags for an item
#define NALT_LINNUM   9
 source line number
#define NALT_ABSBASE   10
 absolute segment location
#define NALT_ENUM0   11
 enum id for the first operand
#define NALT_ENUM1   12
 enum id for the second operand
#define NALT_PURGE   15
 number of bytes purged from the stack when a function is called indirectly
#define NALT_STRTYPE   16
 type of string item
#define NALT_ALIGN   17
 alignment value if the item is FF_ALIGN More...
#define NALT_COLOR   20
 instruction/data background color
#define NSUP_CMT   0
 regular comment
#define NSUP_REPCMT   1
 repeatable comment
#define NSUP_FOP1   2
 forced operand 1
#define NSUP_FOP2   3
 forced operand 2
#define NSUP_JINFO   4
 jump table info
#define NSUP_ARRAY   5
 array parameters
#define NSUP_OMFGRP   6
 OMF: group of segments (not used anymore)
#define NSUP_FOP3   7
 forced operand 3
#define NSUP_SWITCH   8
 switch information
#define NSUP_REF0   9
 complex reference information for operand 1
#define NSUP_REF1   10
 complex reference information for operand 2
#define NSUP_REF2   11
 complex reference information for operand 3
#define NSUP_OREF0   12
 outer complex reference information for operand 1
#define NSUP_OREF1   13
 outer complex reference information for operand 2
#define NSUP_OREF2   14
 outer complex reference information for operand 3
#define NSUP_STROFF0   15
 stroff: struct path for the first operand
#define NSUP_STROFF1   16
 stroff: struct path for the second operand
#define NSUP_SEGTRANS   17
 segment translations
#define NSUP_FOP4   18
 forced operand 4
#define NSUP_FOP5   19
 forced operand 5
#define NSUP_FOP6   20
 forced operand 6
#define NSUP_REF3   21
 complex reference information for operand 4
#define NSUP_REF4   22
 complex reference information for operand 5
#define NSUP_REF5   23
 complex reference information for operand 6
#define NSUP_OREF3   24
 outer complex reference information for operand 4
#define NSUP_OREF4   25
 outer complex reference information for operand 5
#define NSUP_OREF5   26
 outer complex reference information for operand 6
#define NSUP_XREFPOS   27
 saved xref address and type in the xrefs window
#define NSUP_CUSTDT   28
 custom data type id
#define NSUP_GROUPS   29
 SEG_GRP: pack_dd encoded list of selectors.
#define NSUP_ARGEAS   30
 instructions that initialize call arguments
#define NSUP_FOP7   31
 forced operand 7
#define NSUP_FOP8   32
 forced operand 8
#define NSUP_REF6   33
 complex reference information for operand 7
#define NSUP_REF7   34
 complex reference information for operand 8
#define NSUP_OREF6   35
 outer complex reference information for operand 7
#define NSUP_OREF7   36
 outer complex reference information for operand 8
#define NSUP_POINTS   0x1000
 SP change points blob (see funcs.cpp). More...
#define NSUP_MANUAL   0x2000
 manual instruction. More...
#define NSUP_TYPEINFO   0x3000
 type information. More...
#define NSUP_REGVAR   0x4000
 register variables. More...
#define NSUP_LLABEL   0x5000
 local labels. More...
#define NSUP_REGARG   0x6000
 register argument type/name descriptions values NSUP_REGARG..NSUP_REGARG+0x1000 are reserved
#define NSUP_FTAILS   0x7000
 function tails or tail referers values NSUP_FTAILS..NSUP_FTAILS+0x1000 are reserved
#define NSUP_GROUP   0x8000
 graph group information values NSUP_GROUP..NSUP_GROUP+0x1000 are reserved
#define NSUP_OPTYPES   0x9000
 operand type information. More...
#define NSUP_ORIGFMD   0x109000
 function metadata before lumina information was applied values NSUP_ORIGFMD..NSUP_ORIGFMD+0x1000 are reserved
#define NALT_CREF_TO   'X'
 code xref to, idx: target address
#define NALT_CREF_FROM   'x'
 code xref from, idx: source address
#define NALT_DREF_TO   'D'
 data xref to, idx: target address
#define NALT_DREF_FROM   'd'
 data xref from, idx: source address
#define NSUP_GR_INFO   'g'
 group node info: color, ea, text
#define NALT_GR_LAYX   'p'
 group layout ptrs, hash: md5 of 'belongs'
#define NSUP_GR_LAYT   'l'
 group layouts, idx: layout pointer
#define PATCH_TAG   'P'
 Patch netnode tag.
#define AFL_LINNUM   0x00000001L
 has line number info
#define AFL_USERSP   0x00000002L
 user-defined SP value
#define AFL_PUBNAM   0x00000004L
 name is public (inter-file linkage)
#define AFL_WEAKNAM   0x00000008L
 name is weak
#define AFL_HIDDEN   0x00000010L
 the item is hidden completely
#define AFL_MANUAL   0x00000020L
 the instruction/data is specified by the user
#define AFL_NOBRD   0x00000040L
 the code/data border is hidden
#define AFL_ZSTROFF   0x00000080L
 display struct field name at 0 offset when displaying an offset. More...
#define AFL_BNOT0   0x00000100L
 the 1st operand is bitwise negated
#define AFL_BNOT1   0x00000200L
 the 2nd operand is bitwise negated
#define AFL_LIB   0x00000400L
 item from the standard library. More...
#define AFL_TI   0x00000800L
 has typeinfo? (NSUP_TYPEINFO); used only for addresses, not for member_t
#define AFL_TI0   0x00001000L
 has typeinfo for operand 0? (NSUP_OPTYPES)
#define AFL_TI1   0x00002000L
 has typeinfo for operand 1? (NSUP_OPTYPES+1)
#define AFL_LNAME   0x00004000L
 has local name too (FF_NAME should be set)
#define AFL_TILCMT   0x00008000L
 has type comment? (such a comment may be changed by IDA)
#define AFL_LZERO0   0x00010000L
 toggle leading zeroes for the 1st operand
#define AFL_LZERO1   0x00020000L
 toggle leading zeroes for the 2nd operand
#define AFL_COLORED   0x00040000L
 has user defined instruction color?
#define AFL_TERSESTR   0x00080000L
 terse structure variable display?
#define AFL_SIGN0   0x00100000L
 code: toggle sign of the 1st operand
#define AFL_SIGN1   0x00200000L
 code: toggle sign of the 2nd operand
#define AFL_NORET   0x00400000L
 for imported function pointers: doesn't return. More...
#define AFL_FIXEDSPD   0x00800000L
 sp delta value is fixed by analysis. More...
#define AFL_ALIGNFLOW   0x01000000L
 the previous insn was created for alignment purposes only
#define AFL_USERTI   0x02000000L
 the type information is definitive. More...
#define AFL_RETFP   0x04000000L
 function returns a floating point value
#define AFL_USEMODSP   0x08000000L
 insn modifes SP and uses the modified value More...
#define AFL_NOTCODE   0x10000000L
 autoanalysis should not create code here
#define AFL_NOTPROC   0x20000000L
 autoanalysis should not create proc here
#define AFL_TYPE_GUESSED   0xC2000000L
 who guessed the type information?
#define AFL_IDA_GUESSED   0x00000000L
 the type is guessed by IDA
#define AFL_HR_GUESSED_FUNC   0x40000000L
 the function type is guessed by the decompiler
#define AFL_HR_GUESSED_DATA   0x80000000L
 the data type is guessed by the decompiler
#define AFL_HR_DETERMINED   0xC0000000L
 the type is definitely guessed by the decompiler
#define STRWIDTH_1B   0
#define STRWIDTH_2B   1
#define STRWIDTH_4B   2
#define STRWIDTH_MASK   0x03
#define STRLYT_TERMCHR   0
#define STRLYT_PASCAL1   1
#define STRLYT_PASCAL2   2
#define STRLYT_PASCAL4   3
#define STRLYT_MASK   0xFC
#define STRLYT_SHIFT   2
 < Character-terminated string. More...
 Zero-terminated 16bit chars.
 Zero-terminated 32bit chars.
 Pascal-style, one-byte length prefix.
 Pascal-style, 16bit chars, one-byte length prefix.
 Pascal-style, two-byte length prefix.
 Pascal-style, 16bit chars, two-byte length prefix.
 Pascal-style, four-byte length prefix.
 Pascal-style, 16bit chars, four-byte length prefix.
#define STRENC_DEFAULT   0x00
 use default encoding for this type (see get_default_encoding_idx())
#define STRENC_NONE   0xFF
 force no-conversion encoding
#define AP_ALLOWDUPS   0x00000001L
 use 'dup' construct
#define AP_SIGNED   0x00000002L
 treats numbers as signed
#define AP_INDEX   0x00000004L
 display array element indexes as comments
#define AP_ARRAY   0x00000008L
 create as array (this flag is not stored in database)
#define AP_IDXBASEMASK   0x000000F0L
 mask for number base of the indexes
#define AP_IDXDEC   0x00000000L
 display indexes in decimal
#define AP_IDXHEX   0x00000010L
 display indexes in hex
#define AP_IDXOCT   0x00000020L
 display indexes in octal
#define AP_IDXBIN   0x00000030L
 display indexes in binary
#define SWI_SPARSE   0x00000001
 sparse switch (value table present) More...
#define SWI_V32   0x00000002
 32-bit values in table
#define SWI_J32   0x00000004
 32-bit jump offsets
#define SWI_VSPLIT   0x00000008
 value table is split (only for 32-bit values)
#define SWI_USER   0x00000010
 user specified switch (starting from version 2)
#define SWI_DEF_IN_TBL   0x00000020
 default case is an entry in the jump table. More...
#define SWI_JMP_INV   0x00000040
 jumptable is inversed. More...
#define SWI_SHIFT_MASK   0x00000180
 use formula (element<<shift) + elbase to find jump targets
#define SWI_ELBASE   0x00000200
 elbase is present (otherwise the base of the switch More...
#define SWI_JSIZE   0x00000400
 jump offset expansion bit
#define SWI_VSIZE   0x00000800
 value table element size expansion bit
#define SWI_SEPARATE   0x00001000
 create an array of individual elements (otherwise separate items)
#define SWI_SIGNED   0x00002000
 jump table entries are signed
#define SWI_CUSTOM   0x00004000
 custom jump table. More...
#define SWI_INDIRECT   0x00010000
 value table elements are used as indexes into the jump table More...
#define SWI_SUBTRACT   0x00020000
 table values are subtracted from the elbase instead of being added
#define SWI_HXNOLOWCASE   0x00040000
 lowcase value should not be used by the decompiler (internal flag)
#define SWI_STDTBL   0x00080000
 custom jump table with standard table formatting. More...
#define SWI_DEFRET   0x00100000
 return in the default case (defjump==BADADDR)
#define SWI_SELFREL   0x00200000
 jump address is relative to the element not to ELBASE
#define SWI_JMPINSN   0x00400000
 jump table entries are insns. More...
#define SWI_VERSION   0x00800000
 the structure contains the VERSION member
#define REFINFO_TYPE   0x000F
 reference type (reftype_t), or custom More...
#define REFINFO_RVAOFF   0x0010
 based reference (rva) More...
#define REFINFO_PASTEND   0x0020
 reference past an item More...
#define REFINFO_CUSTOM   0x0040
 a custom reference. More...
#define REFINFO_NOBASE   0x0080
 don't create the base xref More...
#define REFINFO_SUBTRACT   0x0100
 the reference value is subtracted from the base value instead of (as usual) being added to it
#define REFINFO_SIGNEDOP   0x0200
 the operand value is sign-extended (only supported for REF_OFF8/16/32/64)
#define RHF_TGTOPT   0x0001
 can the target be calculated using More...
#define MAXSTRUCPATH   32
 maximal inclusion depth of unions
#define POF_VALID_TI   0x1
#define POF_VALID_AFLAGS   0x2
 file format name for loader modules
#define RIDX_SELECTORS   2
 2..63 are for selector_t blob (see init_selectors())
#define RIDX_GROUPS   64
 segment group information (see init_groups())
#define RIDX_H_PATH   65
 C header path.
#define RIDX_C_MACROS   66
 C predefined macros.
#define RIDX_SMALL_IDC_OLD   67
 Instant IDC statements (obsolete)
#define RIDX_NOTEPAD   68
 notepad blob, occupies 1000 indexes (1MB of text)
#define RIDX_INCLUDE   1100
 assembler include file name
#define RIDX_SMALL_IDC   1200
 Instant IDC statements, blob.
#define RIDX_DUALOP_GRAPH   1300
 Graph text representation options.
#define RIDX_DUALOP_TEXT   1301
 Text text representation options.
#define RIDX_MD5   1302
 MD5 of the input file.
#define RIDX_IDA_VERSION   1303
 version of ida which created the database
#define RIDX_STR_ENCODINGS   1305
 a list of encodings for the program strings
#define RIDX_SRCDBG_PATHS   1306
 source debug paths, occupies 20 indexes
#define RIDX_DBG_BINPATHS   1328
 unused (20 indexes)
#define RIDX_SHA256   1349
 SHA256 of the input file.
#define RIDX_ABINAME   1350
 ABI name (processor specific)
#define RIDX_ARCHIVE_PATH   1351
 archive file path
#define RIDX_PROBLEMS   1352
 problem lists
 user-closed source files, occupies 20 indexes
#define RIDX_ALT_VERSION   uval_t(-1)
 initial version of database
#define RIDX_ALT_CTIME   uval_t(-2)
 database creation timestamp
#define RIDX_ALT_ELAPSED   uval_t(-3)
 seconds database stayed open
#define RIDX_ALT_NOPENS   uval_t(-4)
 how many times the database is opened
#define RIDX_ALT_CRC32   uval_t(-5)
 input file crc32
#define RIDX_ALT_IMAGEBASE   uval_t(-6)
 image base
#define RIDX_ALT_IDSNODE   uval_t(-7)
 ids modnode id (for import_module)
#define RIDX_ALT_FSIZE   uval_t(-8)
 input file size
#define RIDX_ALT_OUTFILEENC   uval_t(-9)
 output file encoding index


typedef uchar reftype_t
 see Types of references
typedef qvector< refinfo_desc_trefinfo_desc_vec_t
typedef uchar type_t
typedef uchar p_list


const reftype_t V695_REF_OFF8 = 0
const reftype_t REF_OFF16 = 1
 16bit full offset
const reftype_t REF_OFF32 = 2
 32bit full offset
const reftype_t REF_LOW8 = 3
 low 8bits of 16bit offset
const reftype_t REF_LOW16 = 4
 low 16bits of 32bit offset
const reftype_t REF_HIGH8 = 5
 high 8bits of 16bit offset
const reftype_t REF_HIGH16 = 6
 high 16bits of 32bit offset
const reftype_t V695_REF_VHIGH = 7
const reftype_t V695_REF_VLOW = 8
const reftype_t REF_OFF64 = 9
 64bit full offset
const reftype_t REF_OFF8 = 10
 8bit full offset
const reftype_t REF_LAST = REF_OFF8

Typedef Documentation

◆ import_enum_cb_t

typedef int idaapi import_enum_cb_t(ea_t ea, const char *name, uval_t ord, void *param)

Callback for enumerating imports.

eaimport address
nameimport name (NULL if imported by ordinal)
ordimport ordinal (0 for imports by name)
paramuser parameter passed to enum_import_names()
Return values
0stop enumeration

Function Documentation

◆ get_reftype_by_size()

idaman reftype_t ida_export get_reftype_by_size ( size_t  size)

Get REF_...

constant from size Supported sizes: 1,2,4,8,16 For other sizes returns reftype_t(-1)

◆ retrieve_input_file_crc32()

uint32 idaapi retrieve_input_file_crc32 ( void  )

Get input file crc32 stored in the database.

it can be used to check that the input file has not been changed.

◆ get_encoding_name()

idaman const char* ida_export get_encoding_name ( int  idx)

Get encoding name for specific index (1-based).

NULL if idx is out of bounds

◆ add_encoding()

idaman int ida_export add_encoding ( const char *  encoding)

Add a new encoding (e.g.


its index (1-based) if it's already in the list, return its index

◆ get_encoding_bpu()

idaman int ida_export get_encoding_bpu ( int  idx)

Get the amount of bytes per unit (e.g., 2 for UTF-16, 4 for UTF-32) for the encoding with the given index.

idxthe encoding index
the number of bytes per units (1/2/4); -1 means error

◆ get_default_encoding_idx()

idaman int ida_export get_default_encoding_idx ( int  bpu)

Get default encoding index for a specific string type.

bputhe amount of bytes per unit (e.g., 1 for ASCII, CP1252, UTF-8..., 2 for UTF-16, 4 for UTF-32) 0 means no specific encoding is set - byte values are displayed without conversion.

◆ set_default_encoding_idx()

idaman bool ida_export set_default_encoding_idx ( int  bpu,
int  idx 

set default encoding for a string type

bputhe amount of bytes per unit
idxthe encoding index idx can be 0 to disable encoding conversion

◆ set_outfile_encoding_idx()

idaman bool ida_export set_outfile_encoding_idx ( int  idx)

set encoding to be used when producing files

idxthe encoding index idx can be 0 to use the IDB's default 1-byte-per-unit encoding

◆ get_import_module_name()

idaman bool ida_export get_import_module_name ( qstring buf,
int  mod_index 

Get import module name.

Return values
falsebad index

◆ enum_import_names()

idaman int ida_export enum_import_names ( int  mod_index,
import_enum_cb_t callback,
void *  param = NULL 

Enumerate imports from specific module.

Return values
1finished ok
othercallback return value (<=0)