├── IDAPython-7x_cheatsheet_en.svg
├── IDAPython-7x_cheatsheet_web_en.png
├── IDAPython_cheatsheet_en.svg
├── IDAPython_cheatsheet_web_en.png
├── README.md
├── cheatsheet_logo.png
├── debugger_hooks
    └── breakpoints.py
├── listing
    ├── disasm_transform.py
    └── function_arguments.py
├── misc
    ├── parse_gdt.py
    └── parse_idt.py
├── types
    ├── apply_types.py
    ├── enums.py
    └── errno.h
└── xrefs
    └── simple_xrefs.py


/IDAPython-7x_cheatsheet_web_en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/inforion/idapython-cheatsheet/355ffd1f6e1045cb1db37ea8f0db795d11a293dd/IDAPython-7x_cheatsheet_web_en.png


--------------------------------------------------------------------------------
/IDAPython_cheatsheet_web_en.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/inforion/idapython-cheatsheet/355ffd1f6e1045cb1db37ea8f0db795d11a293dd/IDAPython_cheatsheet_web_en.png


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # idapython-cheatsheet
 2 | ![cheatsheet.png](cheatsheet_logo.png)
 3 | 
 4 | Cheatsheets and example scripts for IDAPython (7.x and 6.x).
 5 | 
 6 | It looks like this:
 7 | 
 8 | ![IDAPython-7.x](IDAPython-7x_cheatsheet_web_en.png)
 9 | 
10 | ## Printable versions
11 | 
12 | ### PDF
13 | - [English (IDA 6.x and 7.x)](https://github.com/inforion/idapython-cheatsheet/releases/download/pdf/IDAPython_cheat_sheet_.6x_7x._ENG.pdf)
14 | - [Russian (IDA 6.x and 7.x)](https://github.com/inforion/idapython-cheatsheet/releases/download/pdf/IDAPython_cheat_sheet_.6x_7x._RUS.pdf)
15 | 
16 | 
17 | ### IDAPython 7.x (PNG)
18 | 
19 | - [IDAPython 7.x cheatsheet (English)](https://github.com/inforion/idapython-cheatsheet/releases/download/7.x/IDAPython-7.x_cheatsheet_print_en.png)
20 | - [IDAPython 7.x cheatsheet (Russian)](https://github.com/inforion/idapython-cheatsheet/releases/download/7.x/IDAPython-7.x_cheatsheet_print_ru.png)
21 | 
22 | ### IDAPython 6.x (PNG)
23 | 
24 | - [IDAPython 6.x cheatsheet (English)](https://github.com/inforion/idapython-cheatsheet/releases/download/v1.0/IDAPython_cheatsheet_print_en.png)
25 | - [IDAPython 6.x cheatsheet (Russian)](https://github.com/inforion/idapython-cheatsheet/releases/download/v1.0/IDAPython_cheatsheet_print_ru.png)
26 | 
27 | ## Tips & triks & examples
28 | 
29 | ### Debugger Hooks
30 | - Work with breakpoints [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/debugger_hooks/breakpoints.py)
31 | 
32 | ### Listing 
33 | - Simple transformations in disassembler view [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/listing/disasm_transform.py) 
34 | - Make comment to function, using it's argument [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/listing/function_arguments.py) 
35 | 
36 | ### Types
37 | - Apply types to functions and data [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/types/apply_types.py) 
38 | - Work with enums [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/types/enums.py) 
39 | 
40 | ### Xrefs
41 | - Add simple code and data cross-references [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/xrefs/simple_xrefs.py) 
42 | 
43 | ### Miscellaneous
44 | - Parsing Global Descriptor Table (GDT, x86) [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/misc/parse_gdt.py)
45 | - Parsing Interrupt Descriptor Table (IDT, x86) [source code](https://github.com/inforion/idapython-cheatsheet/blob/master/misc/parse_idt.py)
46 | 
47 | ## Links
48 | 
49 | - ["The Beginner's Guide to IDAPython" by Alexander Hanel](https://leanpub.com/IDAPython-Book)
50 | - ["Introduction to IDAPython" by Ero Carrera](https://github.com/cyphunk/sectk/blob/master/docs/Software_RE/Ero-Introduction%20to%20IDAPython.pdf)
51 | - [IDAPyHelper - script that helps writing IDAPython scripts and plugins](https://github.com/patois/IDAPyHelper)
52 |   


--------------------------------------------------------------------------------
/cheatsheet_logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/inforion/idapython-cheatsheet/355ffd1f6e1045cb1db37ea8f0db795d11a293dd/cheatsheet_logo.png


--------------------------------------------------------------------------------
/debugger_hooks/breakpoints.py:
--------------------------------------------------------------------------------
 1 | ''' Short IDAPython functions to work with breakpoints
 2 | '''
 3 | 
 4 | def set_python_bpt(ea, cond):
 5 |     ''' Set conditional breakpoint with Python function 
 6 |     
 7 |         Usage:
 8 |         set_python_bpt(0x08000688, 'view_regs()')    
 9 |     '''
10 |     idaapi.add_bpt(ea, 4, BPT_DEFAULT)
11 |     bpt = idaapi.bpt_t()
12 |     idaapi.get_bpt(ea, bpt)
13 |     bpt.elang = 'Python'
14 |     bpt.condition = cond
15 |     idaapi.update_bpt(bpt)
16 | 
17 | 


--------------------------------------------------------------------------------
/listing/disasm_transform.py:
--------------------------------------------------------------------------------
 1 | ''' Short and simple transformations in disassembler view
 2 | '''
 3 | 
 4 | def make_offsets32(start_ea, end_ea):
 5 |     ''' Transform data to offsets (using 32-bit length) '''
 6 |     for addr in range(start_ea, end_ea, 4): 
 7 |         OpOff(addr, 0, 0)
 8 | 
 9 | 
10 | def make_dwords(start_ea, end_ea):
11 |     ''' Transform data to dwords in hex (using 32-bit length) '''
12 |     for addr in range(start_ea, end_ea, 4): 
13 |         OpHex(addr, 0)
14 | 
15 | 


--------------------------------------------------------------------------------
/listing/function_arguments.py:
--------------------------------------------------------------------------------
 1 | ''' Make comment to function, using it's argument (using x86 mnemonics)
 2 | '''
 3 |       
 4 | def get_function_arg_value(addr):
 5 |     ''' Find first function argument as an argument to PUSH before function call
 6 |         From command `PUSH 0x138` it will return integer value 312 (0x138)
 7 |         From command `PUSH EBX` it will return integer value 3 (as EBX is 3-rd register)
 8 |     '''
 9 |     while True:
10 |         addr = PrevHead(addr)
11 |         if GetMnem(addr) == "push":
12 |             break
13 |     res = GetOperandValue(addr, 0)
14 |     return addr, res
15 | 
16 |                  
17 | def get_function_arg(addr):
18 |     ''' Find first function argument as an argument to PUSH before function call
19 |         From command `PUSH 0x138` it will return string value '0x138'
20 |         From command `PUSH EBX` it will return string value 'EBX'
21 |     '''
22 |     while True:
23 |         addr = PrevHead(addr)
24 |         if GetMnem(addr) == "push":
25 |             break
26 |     res = GetOpnd(addr, 0)
27 |     return addr, res                
28 | 
29 |   
30 | def comment_func(func_ea):
31 |     ''' Make comment to function
32 |     '''
33 |     i = 0
34 |     for x in XrefsTo(func_ea, flags=0):
35 |         addr, val = get_function_arg_value(x.frm)
36 |         MakeComm(x.frm, "func_name(0x%08x)" % val)
37 | 


--------------------------------------------------------------------------------
/misc/parse_gdt.py:
--------------------------------------------------------------------------------
 1 | '''
 2 | Script for parsing Global Descriptor Table (x86) inside IDA Pro database
 3 | 
 4 | https://wiki.osdev.org/Global_Descriptor_Table
 5 | '''
 6 | 
 7 | from struct import pack, unpack
 8 | 
 9 | 
10 | def parse_access_byte(acc):
11 |     pr = (acc & 0x80) >> 7
12 |     privl = (acc & 0x60) >> 5
13 |     ex = (acc & 0x8) >> 3
14 |     dc = (acc & 0x4) >> 2
15 |     rw = (acc & 0x2) >> 1
16 |     ac = (acc & 0x1)
17 |     res = "      Access: Pr {:b} Privl {:02x} Ex {:b} DC {:b} RW {:b} Ac {:b}".format(pr, privl, ex, dc, rw, ac)
18 |     return res
19 | 
20 | 
21 | def parse_GDT_record(bytes):
22 |     limit_0_15, base_0_15 = unpack("HH", bytes[:4])
23 |     base_16_23, acc, flags_limit, base_24_31 = unpack("BBBB", bytes[4:])
24 |     base = pack("HBB", base_0_15, base_16_23, base_24_31)
25 |     base = unpack("<I", base)[0]
26 |     lim = flags_limit & 0x0F
27 |     limit = pack("HBB", limit_0_15, lim, 0)
28 |     limit = unpack("I", limit)[0]
29 |     flags = flags_limit & 0xF0
30 |     acc_str = parse_access_byte(acc)
31 |     base_str = "Base {:08x} Limit {:08x} Access {:02x} Flags {:02x}".format(base, limit, acc, flags)
32 |     return base_str, acc_str
33 | 
34 |     
35 | def parse_GDT_table(start_ea, end_ea):
36 |     ''' 
37 |     Parse raw GDT-data and make comments in IDA Pro database
38 |     Usage:
39 |     parse_IDT_table(0x0011D7E8, 0x0011D940)       # GDT
40 |     '''
41 |     for n, ea in enumerate(xrange(start_ea, end_ea, 8), 0):
42 |         record = GetManyBytes(ea, 8)
43 |         base, acc = parse_GDT_record(record)
44 |         
45 |         MakeComm(ea, "0x{:02x} |0x{:04x}| {}".format(n, n*8, base))
46 |         MakeComm(ea+4, acc + '\n')
47 |             
48 | 


--------------------------------------------------------------------------------
/misc/parse_idt.py:
--------------------------------------------------------------------------------
 1 | '''
 2 | Script for parsing Interrupt Descriptor Table (x86) inside IDA Pro database
 3 | 
 4 | http://wiki.osdev.org/Interrupt_Descriptor_Table
 5 | 
 6 | '''
 7 | 
 8 | from struct import pack, unpack
 9 | 
10 | 
11 | GATE_TYPE = {0x5: "32 bit task gate", 
12 |              0x6: "16-bit interrupt gate", 
13 |              0x7: "16-bit trap gate", 
14 |              0xE: "32-bit interrupt gate", 
15 |              0xF: "32-bit trap gate", 
16 |             }
17 | 
18 | 
19 | def parse_type_attr(type_attr):
20 |     p = (type_attr & 0x80) >> 7
21 |     dpl = (type_attr & 0x60) >> 5
22 |     s = (type_attr & 0x10) >> 4
23 |     gt = (type_attr & 0x0F)
24 |     res = "   cType -->   Pr {:b}, Privl {:02x}, Storage {:b}, Gate: {}".format(p, dpl, s, 
25 |                                                                   GATE_TYPE.get(gt, "None"))
26 |     return res
27 | 
28 | 
29 | def parse_IDT_record(bytes):
30 |     offset_0_15, selector = unpack("HH", bytes[:4])
31 |     zero, type_attr, offset_16_31 = unpack("BBH", bytes[4:])   
32 |     offset = pack("HH", offset_0_15, offset_16_31)
33 |     offset = unpack("<I", offset)[0]
34 |     record_str = "Offset {:08x} Selector {:04x} Type {:02x}".format(offset, selector, type_attr)
35 |     type_str = parse_type_attr(type_attr)
36 |     return record_str, type_str
37 | 
38 |     
39 | def parse_IDT_table(start_ea, end_ea):
40 |     '''
41 |     Parse raw IDT-data and make comments in IDA Pro database
42 |     Usage:
43 |     parse_IDT_table(0x0011CFE0, 0x0011D7E0)       # IDT
44 |     '''
45 |     for n, ea in enumerate(xrange(start_ea, end_ea, 8), 0):
46 |         record = GetManyBytes(ea, 8)
47 |         base, acc = parse_IDT_record(record)
48 |         
49 |         MakeComm(ea, "0x{:02x} |0x{:04x}| {}".format(n, n*8, base))
50 |         MakeComm(ea+4, acc + '\n')
51 |         
52 |         
53 |         
54 |     
55 | # print(parse_GDT_record('\xDF\xFF\x00\xD0\x10\x92\x00\x00'))
56 | 


--------------------------------------------------------------------------------
/types/apply_types.py:
--------------------------------------------------------------------------------
 1 | ''' Work with type information (set/change type for object)
 2 | 
 3 | 
 4 | ## T_INFO* constants
 5 | 
 6 | idc.TINFO_GUESSED   = 0x0000 # this is a guessed type
 7 | idc.TINFO_DEFINITE  = 0x0001 # this is a definite type
 8 | idc.TINFO_DELAYFUNC = 0x0002 # if type is a function and no function exists at ea,
 9 |                              # schedule its creation and argument renaming to
10 |                              # auto-analysis otherwise try to create it immediately
11 | 
12 | ida_typeinf.TINFO_STRICT = _ida_typeinf.TINFO_STRICT
13 | 
14 | '''
15 | 
16 | def set_type(ea, type_str):
17 |     _type = parse_decl(type_str, 0)  
18 |     apply_type(ea, _type, 0)
19 | 
20 | 
21 | # Usage:
22 | # Set type to printf-like function
23 | # set_type(0x000105E0, "int printf(const char *fmt, ...)")
24 | 


--------------------------------------------------------------------------------
/types/enums.py:
--------------------------------------------------------------------------------
 1 | ''' Work with enums
 2 | 
 3 | 
 4 | '''
 5 | 
 6 | import re
 7 | import os
 8 | import sys
 9 | 
10 | def create_enum_from_header(filename, enum_name):
11 |     ''' Parse C header file with defines, make enum from them:
12 | 
13 |     #define EPERM            1      /* Operation not permitted */
14 | 
15 |     '''
16 |     h_file_data = open(filename).read()
17 |     defines = re.findall(r'#define\s+(\w+)\s+(\d+)\s+\/\*([\w\s]+)\*\/', h_file_data)
18 |     enum_id = add_enum(idaapi.BADNODE, enum_name, 0)
19 | 
20 |     for m_name, m_value, m_comment in defines:
21 |         add_enum_member(enum_id, m_name, int(m_value), ida_enum.DEFMASK)
22 |         m_id = get_enum_member_by_name(m_name)
23 |         set_enum_member_cmt(m_id, m_comment, repeatable=1)
24 | 
25 | 
26 | def create_linux_errno_enum():
27 |     path = os.path.dirname(os.path.realpath(__file__))
28 |     filename = os.path.join(path, 'errno.h')
29 |     create_enum_from_header(filename, 'LINUX_ERRNO')
30 | 
31 | 
32 | def make_arg_enum_member(ea, enum_id):
33 |     ''' Suggest we have instruction like this:
34 | 
35 |         push    0x18
36 | 
37 |     Let's make it more pretty:
38 |         
39 |         push    EMFILE          ;  Too many open files
40 | 
41 |     '''
42 |     op_enum(ea, 0, enum_id, 0)
43 | 
44 | 


--------------------------------------------------------------------------------
/types/errno.h:
--------------------------------------------------------------------------------
  1 | 
  2 | #ifndef _ASM_GENERIC_ERRNO_BASE_H
  3 | #define _ASM_GENERIC_ERRNO_BASE_H
  4 | 
  5 | #define EPERM            1      /* Operation not permitted */
  6 | #define ENOENT           2      /* No such file or directory */
  7 | #define ESRCH            3      /* No such process */
  8 | #define EINTR            4      /* Interrupted system call */
  9 | #define EIO              5      /* I/O error */
 10 | #define ENXIO            6      /* No such device or address */
 11 | #define E2BIG            7      /* Argument list too long */
 12 | #define ENOEXEC          8      /* Exec format error */
 13 | #define EBADF            9      /* Bad file number */
 14 | #define ECHILD          10      /* No child processes */
 15 | #define EAGAIN          11      /* Try again */
 16 | #define ENOMEM          12      /* Out of memory */
 17 | #define EACCES          13      /* Permission denied */
 18 | #define EFAULT          14      /* Bad address */
 19 | #define ENOTBLK         15      /* Block device required */
 20 | #define EBUSY           16      /* Device or resource busy */
 21 | #define EEXIST          17      /* File exists */
 22 | #define EXDEV           18      /* Cross-device link */
 23 | #define ENODEV          19      /* No such device */
 24 | #define ENOTDIR         20      /* Not a directory */
 25 | #define EISDIR          21      /* Is a directory */
 26 | #define EINVAL          22      /* Invalid argument */
 27 | #define ENFILE          23      /* File table overflow */
 28 | #define EMFILE          24      /* Too many open files */
 29 | #define ENOTTY          25      /* Not a typewriter */
 30 | #define ETXTBSY         26      /* Text file busy */
 31 | #define EFBIG           27      /* File too large */
 32 | #define ENOSPC          28      /* No space left on device */
 33 | #define ESPIPE          29      /* Illegal seek */
 34 | #define EROFS           30      /* Read-only file system */
 35 | #define EMLINK          31      /* Too many links */
 36 | #define EPIPE           32      /* Broken pipe */
 37 | #define EDOM            33      /* Math argument out of domain of func */
 38 | #define ERANGE          34      /* Math result not representable */
 39 | 
 40 | #endif
 41 | 
 42 | 
 43 | #ifndef _ASM_GENERIC_ERRNO_H
 44 | #define _ASM_GENERIC_ERRNO_H
 45 | 
 46 | 
 47 | #define	EDEADLK		35	/* Resource deadlock would occur */
 48 | #define	ENAMETOOLONG	36	/* File name too long */
 49 | #define	ENOLCK		37	/* No record locks available */
 50 | #define	ENOSYS		38	/* Function not implemented */
 51 | #define	ENOTEMPTY	39	/* Directory not empty */
 52 | #define	ELOOP		40	/* Too many symbolic links encountered */
 53 | #define	EWOULDBLOCK	EAGAIN	/* Operation would block */
 54 | #define	ENOMSG		42	/* No message of desired type */
 55 | #define	EIDRM		43	/* Identifier removed */
 56 | #define	ECHRNG		44	/* Channel number out of range */
 57 | #define	EL2NSYNC	45	/* Level 2 not synchronized */
 58 | #define	EL3HLT		46	/* Level 3 halted */
 59 | #define	EL3RST		47	/* Level 3 reset */
 60 | #define	ELNRNG		48	/* Link number out of range */
 61 | #define	EUNATCH		49	/* Protocol driver not attached */
 62 | #define	ENOCSI		50	/* No CSI structure available */
 63 | #define	EL2HLT		51	/* Level 2 halted */
 64 | #define	EBADE		52	/* Invalid exchange */
 65 | #define	EBADR		53	/* Invalid request descriptor */
 66 | #define	EXFULL		54	/* Exchange full */
 67 | #define	ENOANO		55	/* No anode */
 68 | #define	EBADRQC		56	/* Invalid request code */
 69 | #define	EBADSLT		57	/* Invalid slot */
 70 | 
 71 | #define	EDEADLOCK	EDEADLK
 72 | 
 73 | #define	EBFONT		59	/* Bad font file format */
 74 | #define	ENOSTR		60	/* Device not a stream */
 75 | #define	ENODATA		61	/* No data available */
 76 | #define	ETIME		62	/* Timer expired */
 77 | #define	ENOSR		63	/* Out of streams resources */
 78 | #define	ENONET		64	/* Machine is not on the network */
 79 | #define	ENOPKG		65	/* Package not installed */
 80 | #define	EREMOTE		66	/* Object is remote */
 81 | #define	ENOLINK		67	/* Link has been severed */
 82 | #define	EADV		68	/* Advertise error */
 83 | #define	ESRMNT		69	/* Srmount error */
 84 | #define	ECOMM		70	/* Communication error on send */
 85 | #define	EPROTO		71	/* Protocol error */
 86 | #define	EMULTIHOP	72	/* Multihop attempted */
 87 | #define	EDOTDOT		73	/* RFS specific error */
 88 | #define	EBADMSG		74	/* Not a data message */
 89 | #define	EOVERFLOW	75	/* Value too large for defined data type */
 90 | #define	ENOTUNIQ	76	/* Name not unique on network */
 91 | #define	EBADFD		77	/* File descriptor in bad state */
 92 | #define	EREMCHG		78	/* Remote address changed */
 93 | #define	ELIBACC		79	/* Can not access a needed shared library */
 94 | #define	ELIBBAD		80	/* Accessing a corrupted shared library */
 95 | #define	ELIBSCN		81	/* .lib section in a.out corrupted */
 96 | #define	ELIBMAX		82	/* Attempting to link in too many shared libraries */
 97 | #define	ELIBEXEC	83	/* Cannot exec a shared library directly */
 98 | #define	EILSEQ		84	/* Illegal byte sequence */
 99 | #define	ERESTART	85	/* Interrupted system call should be restarted */
100 | #define	ESTRPIPE	86	/* Streams pipe error */
101 | #define	EUSERS		87	/* Too many users */
102 | #define	ENOTSOCK	88	/* Socket operation on non-socket */
103 | #define	EDESTADDRREQ	89	/* Destination address required */
104 | #define	EMSGSIZE	90	/* Message too long */
105 | #define	EPROTOTYPE	91	/* Protocol wrong type for socket */
106 | #define	ENOPROTOOPT	92	/* Protocol not available */
107 | #define	EPROTONOSUPPORT	93	/* Protocol not supported */
108 | #define	ESOCKTNOSUPPORT	94	/* Socket type not supported */
109 | #define	EOPNOTSUPP	95	/* Operation not supported on transport endpoint */
110 | #define	EPFNOSUPPORT	96	/* Protocol family not supported */
111 | #define	EAFNOSUPPORT	97	/* Address family not supported by protocol */
112 | #define	EADDRINUSE	98	/* Address already in use */
113 | #define	EADDRNOTAVAIL	99	/* Cannot assign requested address */
114 | #define	ENETDOWN	100	/* Network is down */
115 | #define	ENETUNREACH	101	/* Network is unreachable */
116 | #define	ENETRESET	102	/* Network dropped connection because of reset */
117 | #define	ECONNABORTED	103	/* Software caused connection abort */
118 | #define	ECONNRESET	104	/* Connection reset by peer */
119 | #define	ENOBUFS		105	/* No buffer space available */
120 | #define	EISCONN		106	/* Transport endpoint is already connected */
121 | #define	ENOTCONN	107	/* Transport endpoint is not connected */
122 | #define	ESHUTDOWN	108	/* Cannot send after transport endpoint shutdown */
123 | #define	ETOOMANYREFS	109	/* Too many references: cannot splice */
124 | #define	ETIMEDOUT	110	/* Connection timed out */
125 | #define	ECONNREFUSED	111	/* Connection refused */
126 | #define	EHOSTDOWN	112	/* Host is down */
127 | #define	EHOSTUNREACH	113	/* No route to host */
128 | #define	EALREADY	114	/* Operation already in progress */
129 | #define	EINPROGRESS	115	/* Operation now in progress */
130 | #define	ESTALE		116	/* Stale NFS file handle */
131 | #define	EUCLEAN		117	/* Structure needs cleaning */
132 | #define	ENOTNAM		118	/* Not a XENIX named type file */
133 | #define	ENAVAIL		119	/* No XENIX semaphores available */
134 | #define	EISNAM		120	/* Is a named type file */
135 | #define	EREMOTEIO	121	/* Remote I/O error */
136 | #define	EDQUOT		122	/* Quota exceeded */
137 | 
138 | #define	ENOMEDIUM	123	/* No medium found */
139 | #define	EMEDIUMTYPE	124	/* Wrong medium type */
140 | #define	ECANCELED	125	/* Operation Canceled */
141 | #define	ENOKEY		126	/* Required key not available */
142 | #define	EKEYEXPIRED	127	/* Key has expired */
143 | #define	EKEYREVOKED	128	/* Key has been revoked */
144 | #define	EKEYREJECTED	129	/* Key was rejected by service */
145 | 
146 | /* for robust mutexes */
147 | #define	EOWNERDEAD	130	/* Owner died */
148 | #define	ENOTRECOVERABLE	131	/* State not recoverable */
149 | 
150 | #define ERFKILL		132	/* Operation not possible due to RF-kill */
151 | 
152 | #endif


--------------------------------------------------------------------------------
/xrefs/simple_xrefs.py:
--------------------------------------------------------------------------------
 1 | ''' Work with cross-references (add, delete, iterate)
 2 | 
 3 | 
 4 | #      Flow types (combine with XREF_USER!):
 5 | fl_CF   = 16              # Call Far
 6 | fl_CN   = 17              # Call Near
 7 | fl_JF   = 18              # jumpto Far
 8 | fl_JN   = 19              # jumpto Near
 9 | fl_F    = 21              # Ordinary flow
10 | 
11 | XREF_USER = 32            # All user-specified xref types
12 |                           # must be combined with this bit
13 | 
14 | 
15 | # Data reference types (combine with XREF_USER!):
16 | dr_O    = ida_xref.dr_O  # Offset
17 | dr_W    = ida_xref.dr_W  # Write
18 | dr_R    = ida_xref.dr_R  # Read
19 | dr_T    = ida_xref.dr_T  # Text (names in manual operands)
20 | dr_I    = ida_xref.dr_I  # Informational
21 | 
22 | 
23 | '''
24 | 
25 | 
26 | def add_data_xref(from_ea, to_ea):
27 |     ''' Add simple xref from `from_ea` address to data at `to_ea` address '''
28 |     add_dref(from_ea, to_ea, XREF_USER | dr_O)
29 | 
30 | 
31 | def add_code_xref(from_ea, to_ea):
32 |     ''' Add simple xref from `from_ea` address to code at `to_ea` address '''
33 |     add_cref(from_ea, to_ea, XREF_USER | fl_CF)
34 | 
35 | 


--------------------------------------------------------------------------------