RzAnalysis#

class RzAnalysis#

property addr_hints: HtUP#

property arch_hints: RBTree#

property arch_target: RzPlatformTarget#

property bb_tree: RBTree#

property big_endian: int#

property binb: RzBinBind#

property bits: int#

property bits_hints: RBTree#

property cb: RzAnalysisCallbacks#

property columnSort: RzListComparator#

property constpool: RzStrConstPool#

property core: Any#

property coreb: RzCoreBind#

property cpp_abi: RzAnalysisCPPABI#

property cpu: str#

property cur: RzAnalysisPlugin#

property diff_ops: int#

property diff_thbb: float#

property diff_thfcn: float#

property esil: RzAnalysisEsil#

property esil_goto_limit: int#

property ev: RzEvent#

property fcns: RzList[RzAnalysisFunction]#

property flag_get: RzFlagGetAtAddr#

property flb: RzFlagBind#

property flg_class_get: RzFlagGet#

property flg_class_set: RzFlagSet#

property flg_fcn_set: RzFlagSet#

property global_var_tree: RBTree#

property gp: int#

property hash: RzHash#

property hint_cbs: RHintCb#

property ht_addr_fun: HtUP#

property ht_global_var: HtPP#

property ht_name_fun: HtPP#

property ht_xrefs_from: HtUP#

property ht_xrefs_to: HtUP#

property il_vm: RzAnalysisILVM#

property imports: RzList[char]#

property iob: RzIOBind#

property last_disasm_reg: int#

property limit: RzAnalysisRange#

property lineswidth: int#

property log: CFunction[[RzAnalysis, str], bool]#

property maxreflines: int#

property meta: RzIntervalTree#

property meta_spaces: RzSpaces#

property opt: RzAnalysisOptions#

property os: str#

property pcalign: int#

property platform_target: RzPlatformTargetIndex#

property plugin_data: Any#

property plugins: RzList[RzAnalysisPlugin]#

property read_at: CFunction[[RzAnalysis, int, int, int], bool]#

property recursive_noreturn: bool#

property reflines: RzList[RzAnalysisRefline]#

property reg: RzReg#

property sdb: Sdb#

property sdb_cc: Sdb#

property sdb_classes: Sdb#

property sdb_classes_attrs: Sdb#

property sdb_fmts: Sdb#

property sdb_noret: Sdb#

property seggrn: int#

property sleep: int#

property stackptr: int#

property syscall: RzSyscall#

property _type_links: HtUP#

property typedb: RzTypeDB#

property visited: SetU#

static add_device_peripheral_map(analysis: RzAnalysis) → bool#

Calls function rz_analysis_add_device_peripheral_map (defined in canalysis.c)

Maps the device peripherals as sections.

Gets the ROM_ADDRESS and ROM_SIZE from the corresponding CPU Profile and adds it as a section (RzBinSection) named “.rom” which will appear when you run iS.

Parameters:

o – reference to RzBinObject
analysis – reference to RzAnalysis

static block_add_switch_case(switch_addr: int, case_value: int, case_addr: int) → None#: Calls function rz_analysis_block_add_switch_case (defined in block.c)

static block_analyze_ops() → None#

Calls function rz_analysis_block_analyze_ops (defined in block.c)

Successively disassemble the ops in this block and update the contained op addrs. This will not move or resize the block itself or touch anything else around it, it is primarily useful when creating or editing blocks after full function analysis.

static block_automerge() → None#: Calls function rz_analysis_block_automerge (defined in block.c)

static block_chop_noreturn(addr: int) → RzAnalysisBlock#: Calls function rz_analysis_block_chop_noreturn (defined in block.c)

static block_get_op_addr(i: size_t) → int#

Calls function rz_analysis_block_get_op_addr (defined in block.c)

Returns:: the absolute address of the i-th instruction in block or UT64_MAX if i is invalid.

static block_get_op_addr_in(off: int) → int#

Calls function rz_analysis_block_get_op_addr_in (defined in block.c)

Returns:: the address of the instruction that occupies a given offset or UT64_MAX if off is not in the block.

static block_get_op_offset(i: size_t) → int#

Calls function rz_analysis_block_get_op_offset (defined in block.c)

Returns:: the offset of the i-th instruction in the basicblock bb or U16_MAX if i is invalid.

static block_get_op_size(i: size_t) → int#

Calls function rz_analysis_block_get_op_size (defined in block.c)

Returns:: the size of the i-th instruction in a basic block

static block_merge(b: RzAnalysisBlock) → bool#: Calls function rz_analysis_block_merge (defined in block.c)

static block_op_starts_at(addr: int) → bool#: Calls function rz_analysis_block_op_starts_at (defined in block.c)

static block_recurse(cb: RzAnalysisBlockCb, user: Any) → bool#: Calls function rz_analysis_block_recurse (defined in block.c)

static block_recurse_depth_first(cb: RzAnalysisBlockCb, on_exit: RzAnalysisBlockCb, user: Any) → bool#: Calls function rz_analysis_block_recurse_depth_first (defined in block.c)

static block_recurse_followthrough(cb: RzAnalysisBlockCb, user: Any) → bool#: Calls function rz_analysis_block_recurse_followthrough (defined in block.c)

static block_recurse_list() → RzList[RzAnalysisBlock]#: Calls function rz_analysis_block_recurse_list (defined in block.c)

static block_ref() → None#: Calls function rz_analysis_block_ref (defined in block.c)

static block_relocate(addr: int, size: int) → bool#: Calls function rz_analysis_block_relocate (defined in block.c)

static block_set_op_offset(i: size_t, v: int) → bool#

Calls function rz_analysis_block_set_op_offset (defined in block.c)

set the offset of the i-th instruction in the basicblock bb

static block_set_size(size: int) → None#: Calls function rz_analysis_block_set_size (defined in block.c)

static block_shortest_path(dst: int) → RzList[RzAnalysisBlock]#: Calls function rz_analysis_block_shortest_path (defined in block.c)

static block_split(addr: int) → RzAnalysisBlock#: Calls function rz_analysis_block_split (defined in block.c)

static block_successor_addrs_foreach(cb: RzAnalysisAddrCb, user: Any) → bool#: Calls function rz_analysis_block_successor_addrs_foreach (defined in block.c)

static block_unref() → None#: Calls function rz_analysis_block_unref (defined in block.c)

static block_update_hash() → None#: Calls function rz_analysis_block_update_hash (defined in block.c)

static block_was_modified() → bool#: Calls function rz_analysis_block_was_modified (defined in block.c)

static class_base_fini() → None#: Calls function rz_analysis_class_base_fini (defined in class.c)

static class_method_fini() → None#: Calls function rz_analysis_class_method_fini (defined in class.c)

static class_vtable_fini() → None#: Calls function rz_analysis_class_vtable_fini (defined in class.c)

static cond_fini() → None#: Calls function rz_analysis_cond_fini (defined in cond.c)

static cond_free() → None#: Calls function rz_analysis_cond_free (defined in cond.c)

static cond_new() → RzAnalysisCond#: Calls function rz_analysis_cond_new (defined in cond.c)

static cond_new_from_op() → RzAnalysisCond#: Calls function rz_analysis_cond_new_from_op (defined in cond.c)

static cond_new_from_string() → RzAnalysisCond#: Calls function rz_analysis_cond_new_from_string (defined in cond.c)

static cond_to_string() → str#: Calls function rz_analysis_cond_to_string (defined in cond.c)

static cycle_frame_free() → None#: Calls function rz_analysis_cycle_frame_free (defined in cycles.c)

static cycle_frame_new() → RzAnalysisCycleFrame#: Calls function rz_analysis_cycle_frame_new (defined in cycles.c)

static data_free() → None#: Calls function rz_analysis_data_free (defined in data.c)

static data_new(type: int, n: int, buf: int, len: int) → RzAnalysisData#: Calls function rz_analysis_data_new (defined in data.c)

static data_new_string(p: str, size: int, wide: int) → RzAnalysisData#: Calls function rz_analysis_data_new_string (defined in data.c)

static data_to_string(pal: RzConsPrintablePalette) → str#: Calls function rz_analysis_data_to_string (defined in data.c)

static datatype_to_string() → str#: Calls function rz_analysis_datatype_to_string (defined in data.c)

static delete_block() → None#: Calls function rz_analysis_delete_block (defined in block.c)

static diff_free() → None#: Calls function rz_analysis_diff_free (defined in diff.c)

static diff_new() → RzAnalysisDiff#: Calls function rz_analysis_diff_new (defined in diff.c)

static esil_claim_source(src_id: int) → bool#: Calls function rz_analysis_esil_claim_source (defined in esil_sources.c)

static esil_condition(str: str) → int#: Calls function rz_analysis_esil_condition (defined in esil.c)

static esil_fire_interrupt(intr_num: int) → int#: Calls function rz_analysis_esil_fire_interrupt (defined in esil_interrupt.c)

static esil_free() → None#: Calls function rz_analysis_esil_free (defined in esil.c)

static esil_get_instruction_trace(idx: int) → RzILTraceInstruction#

Calls function rz_analysis_esil_get_instruction_trace (defined in esil_trace.c)

Get instruction trace from ESIL trace by index

Parameters:

etrace – RzAnalysisEsilTrace *, ESIL trace
idx – int, index of instruction

Returns:

RzILTraceInstruction *, instruction trace at index

static esil_get_parm(str: str, num: int) → int#: Calls function rz_analysis_esil_get_parm (defined in esil.c)

static esil_get_parm_type(str: str) → int#: Calls function rz_analysis_esil_get_parm_type (defined in esil.c)

static esil_get_source(src_id: int) → Any#: Calls function rz_analysis_esil_get_source (defined in esil_sources.c)

static esil_interrupt_free(intr: RzAnalysisEsilInterrupt) → None#: Calls function rz_analysis_esil_interrupt_free (defined in esil_interrupt.c)

static esil_interrupt_new(src_id: int, ih: RzAnalysisEsilInterruptHandler) → RzAnalysisEsilInterrupt#: Calls function rz_analysis_esil_interrupt_new (defined in esil_interrupt.c)

static esil_interrupts_fini() → None#: Calls function rz_analysis_esil_interrupts_fini (defined in esil_interrupt.c)

static esil_interrupts_init() → None#: Calls function rz_analysis_esil_interrupts_init (defined in esil_interrupt.c)

static esil_load_interrupts(handlers: Pointer[Pointer[RzAnalysisEsilInterruptHandler]], src_id: int) → bool#: Calls function rz_analysis_esil_load_interrupts (defined in esil_interrupt.c)

static esil_load_interrupts_from_lib(path: str) → bool#: Calls function rz_analysis_esil_load_interrupts_from_lib (defined in esil_interrupt.c)

static esil_load_source(path: str) → int#: Calls function rz_analysis_esil_load_source (defined in esil_sources.c)

static esil_mem_read(addr: int, buf: int, len: int) → int#: Calls function rz_analysis_esil_mem_read (defined in esil.c)

static esil_mem_ro(mem_readonly: int) → None#: Calls function rz_analysis_esil_mem_ro (defined in esil_stats.c)

static esil_mem_write(addr: int, buf: int, len: int) → int#: Calls function rz_analysis_esil_mem_write (defined in esil.c)

static esil_new(iotrap: int, addrsize: int) → RzAnalysisEsil#: Calls function rz_analysis_esil_new (defined in esil.c)

static esil_parse(str: str) → bool#: Calls function rz_analysis_esil_parse (defined in esil.c)

static esil_pop() → str#: Calls function rz_analysis_esil_pop (defined in esil.c)

static esil_push(str: str) → bool#: Calls function rz_analysis_esil_push (defined in esil.c)

static esil_pushnum(num: int) → bool#: Calls function rz_analysis_esil_pushnum (defined in esil.c)

static esil_reg_read(regname: str, num: int, size: int) → int#: Calls function rz_analysis_esil_reg_read (defined in esil.c)

static esil_reg_write(dst: str, num: int) → int#: Calls function rz_analysis_esil_reg_write (defined in esil.c)

static esil_release_source(src_id: int) → None#: Calls function rz_analysis_esil_release_source (defined in esil_sources.c)

static esil_runword(word: str) → bool#: Calls function rz_analysis_esil_runword (defined in esil.c)

static esil_set_interrupt(intr: RzAnalysisEsilInterrupt) → bool#: Calls function rz_analysis_esil_set_interrupt (defined in esil_interrupt.c)

static esil_set_op(op: str, code: RzAnalysisEsilOpCb, push: int, pop: int, type: int) → bool#: Calls function rz_analysis_esil_set_op (defined in esil.c)

static esil_set_pc(addr: int) → bool#: Calls function rz_analysis_esil_set_pc (defined in esil.c)

static esil_setup(analysis: RzAnalysis, romem: int, stats: int, nonull: int) → bool#: Calls function rz_analysis_esil_setup (defined in esil.c)

static esil_sources_fini() → None#: Calls function rz_analysis_esil_sources_fini (defined in esil_sources.c)

static esil_sources_init() → None#: Calls function rz_analysis_esil_sources_init (defined in esil_sources.c)

static esil_stack_free() → None#: Calls function rz_analysis_esil_stack_free (defined in esil.c)

static esil_stats(enable: int) → None#: Calls function rz_analysis_esil_stats (defined in esil_stats.c)

static esil_trace_free() → None#: Calls function rz_analysis_esil_trace_free (defined in esil_trace.c)

static esil_trace_list() → None#

Calls function rz_analysis_esil_trace_list (defined in esil_trace.c)

List all traces

Parameters:: esil – RzAnalysisEsil *, ESIL instance

static esil_trace_new() → RzAnalysisEsilTrace#: Calls function rz_analysis_esil_trace_new (defined in esil_trace.c)

static esil_trace_op(op: RzAnalysisOp) → None#: Calls function rz_analysis_esil_trace_op (defined in esil_trace.c)

static esil_trace_restore(idx: int) → None#: Calls function rz_analysis_esil_trace_restore (defined in esil_trace.c)

static esil_trace_show(idx: int) → None#

Calls function rz_analysis_esil_trace_show (defined in esil_trace.c)

Display an ESIL trace at index idx

Parameters:

esil – RzAnalysisEsil *, ESIL instance
idx – int, index of trace

static esil_trapstr() → str#: Calls function rz_analysis_esil_trapstr (defined in esil.c)

static fcn_invalidate_read_ahead_cache() → None#: Calls function rz_analysis_fcn_invalidate_read_ahead_cache (defined in fcn.c)

static fcn_vars_cache_fini() → None#: Calls function rz_analysis_fcn_vars_cache_fini (defined in var.c)

static fcntype_tostring() → str#: Calls function rz_analysis_fcntype_tostring (defined in fcn.c)

static function_free() → None#: Calls function rz_analysis_function_free (defined in function.c)

static function_is_autonamed() → bool#

Calls function rz_analysis_function_is_autonamed (defined in function.c)

Checks if the function name was generated by Rizin automatically.

static function_name_guess(name: str) → str#

Calls function rz_analysis_function_name_guess (defined in function.c)

Checks if varions function name variations present in the database.

Tries to remove different prefixes from the Rizin autonames, standard libraries prefixes, various Windows-specific prefixes and checks every attempt in the function database. If there is a match - returns it.

Parameters:

typedb – RzTypeDB instance
name – Function name to check

static hint_free() → None#: Calls function rz_analysis_hint_free (defined in hint.c)

static il_config_add_label(label: RzILEffectLabel) → None#

Calls function rz_analysis_il_config_add_label (defined in analysis_il.c)

Add label to the IL config cfg to describe that it is globally available in a vm

static il_config_free() → None#: Calls function rz_analysis_il_config_free (defined in analysis_il.c)

static il_config_new(big_endian: bool, mem_key_size: int) → RzAnalysisILConfig#

Calls function rz_analysis_il_config_new (defined in analysis_il.c)

Create an IL config and initialize it with the given minimal mandatory info

static il_get_mem_op_trace(addr: int, op_type: RzILTraceOpType) → RzILTraceMemOp#

Calls function rz_analysis_il_get_mem_op_trace (defined in il_trace.c)

Find the memory change in an instruction by given address

Parameters:

trace – RzILTraceInstruction *, instruction trace
addr – ut64, memory address
is_write – bool, true if you want to find a write operation to address, else find a read operation

Returns:

RzILTraceMemOp *, info of memory change

static il_get_reg_op_trace(regname: str, op_type: RzILTraceOpType) → RzILTraceRegOp#

Calls function rz_analysis_il_get_reg_op_trace (defined in il_trace.c)

Find the register change in an instruction by register name

Parameters:

trace – RzILTraceInstruction *, instruction trace
regname – const char *, name of register
is_write – bool, true if you want to find a write operation to register, else find a read operation

Returns:

RzILTraceRegOp *, info of register change

static il_init_state_free() → None#: Calls function rz_analysis_il_init_state_free (defined in analysis_il.c)

static il_init_state_new() → RzAnalysisILInitState#: Calls function rz_analysis_il_init_state_new (defined in analysis_il.c)

static il_init_state_set_var(name: str, val: RzILVal) → None#

Calls function rz_analysis_il_init_state_set_var (defined in analysis_il.c)

Set the value of the global variable called name name to val in the initial state state

static il_mem_trace_contains(addr: int, op_type: RzILTraceOpType) → bool#

Calls function rz_analysis_il_mem_trace_contains (defined in il_trace.c)

Check if instruction contains a read/write to given address

Parameters:

trace – RzILTraceInstruction *, instruction trace
addr – ut64, Address of memory
is_write – bool, set true to find if it contains a write to address, else read

Returns:

bool, true if contains, else return a false

static il_reg_trace_contains(regname: str, op_type: RzILTraceOpType) → bool#

Calls function rz_analysis_il_reg_trace_contains (defined in il_trace.c)

Check if instruction contains a read/write to given register

Parameters:

trace – RzILTraceInstruction *, instruction trace
regname – const char *, name of register
is_write – bool, set true to find if it contains a write to the register, else read

Returns:

bool, true if contains, else return a false

static il_trace_add_mem(mem: RzILTraceMemOp) → bool#

Calls function rz_analysis_il_trace_add_mem (defined in il_trace.c)

add memory change to an instruction trace

Parameters:

trace – RzILTraceInstruction *, trace of instruction which triggers a memory change
mem – RzILTraceMemOp *, info of memory change

Returns:

true if succeed

static il_trace_add_reg(reg: RzILTraceRegOp) → bool#

Calls function rz_analysis_il_trace_add_reg (defined in il_trace.c)

add register change to an instruction trace

Parameters:

trace – RzILTraceInstruction *, trace of instruction which triggers a register change
mem – RzILTraceRegOp *, info of register change

Returns:

true if succeed

static il_trace_instruction_free() → None#

Calls function rz_analysis_il_trace_instruction_free (defined in il_trace.c)

clean an IL trace

Parameters:: instruction – RzILTraceInstruction, trace to be cleaned

static il_trace_instruction_new() → RzILTraceInstruction#

Calls function rz_analysis_il_trace_instruction_new (defined in il_trace.c)

create and init a trace structure for an instruction at address

Parameters:: addr – ut64, address of instruction
Returns:: RzILTraceInstruction, trace structure of an instruction

static il_vm_free() → None#

Calls function rz_analysis_il_vm_free (defined in analysis_il.c)

Frees an RzAnalysisILVM instance

static il_vm_sync_from_reg(reg: RzReg) → None#

Calls function rz_analysis_il_vm_sync_from_reg (defined in analysis_il.c)

Set the values of all variables in vm that are bound to registers and PC to the respective contents from reg.

This is like the low-level rz_il_vm_sync_from_reg(), but uses the binding that is part of vm. See its documentation for details.

static il_vm_sync_to_reg(reg: RzReg) → bool#

Calls function rz_analysis_il_vm_sync_to_reg (defined in analysis_il.c)

Set the values of all bound regs in reg to the respective variable or PC contents in vm.

This is like the low-level rz_il_vm_sync_to_reg(), but uses the binding that is part of vm. See its documentation for details.

Returns:: whether the sync was cleanly applied without errors or adjustments

static new() → RzAnalysis#: Calls function rz_analysis_new (defined in analysis.c)

static op_family_from_string() → int#

Calls function rz_analysis_op_family_from_string (defined in op.c)

Return the op family id given its name

Parameters:: name – string, name of the op family
Returns:: id int, id of the operation family (one of RzAnalysisOpFamily)

static op_family_to_string() → str#

Calls function rz_analysis_op_family_to_string (defined in op.c)

Return the name of the given op family

Parameters:: id – int, id of the operation family (one of RzAnalysisOpFamily)
Returns:: name string, name of the op family

static op_fini() → bool#: Calls function rz_analysis_op_fini (defined in op.c)

static op_free() → None#: Calls function rz_analysis_op_free (defined in op.c)

static op_hint(hint: RzAnalysisHint) → int#: Calls function rz_analysis_op_hint (defined in op.c)

static op_init() → None#: Calls function rz_analysis_op_init (defined in op.c)

static op_is_eob() → bool#: Calls function rz_analysis_op_is_eob (defined in analysis.c)

static op_ismemref() → bool#: Calls function rz_analysis_op_ismemref (defined in op.c)

static op_list_new() → RzList[RzAnalysisOp]#: Calls function rz_analysis_op_list_new (defined in op.c)

static op_new() → RzAnalysisOp#: Calls function rz_analysis_op_new (defined in op.c)

static op_nonlinear() → bool#: Calls function rz_analysis_op_nonlinear (defined in op.c)

static optype_from_string() → int#

Calls function rz_analysis_optype_from_string (defined in op.c)

Return the op type corresponding the given name

Parameters:: name – string, name of the optype
Returns:: type int, id of the op type (one of _RzAnalysisOpType)

static optype_to_string() → str#

Calls function rz_analysis_optype_to_string (defined in op.c)

Return the name of the given op type

Parameters:: type – int, id of the op type (one of _RzAnalysisOpType)
Returns:: name string, string, name of the optype

static ref_type_tostring() → str#: Calls function rz_analysis_ref_type_tostring (defined in xrefs.c)

static reflines_str(addr: int, opts: int) → RzAnalysisRefStr#: Calls function rz_analysis_reflines_str (defined in reflines.c)

static reflines_str_free() → None#: Calls function rz_analysis_reflines_str_free (defined in reflines.c)

static rtti_itanium_demangle_class_name(name: str) → str#: Calls function rz_analysis_rtti_itanium_demangle_class_name (defined in rtti_itanium.c)

static rtti_itanium_print_at_vtable(addr: int, mode: RzOutputMode) → bool#: Calls function rz_analysis_rtti_itanium_print_at_vtable (defined in rtti_itanium.c)

static rtti_itanium_recover_all(vtables: RzList[RVTableInfo]) → None#: Calls function rz_analysis_rtti_itanium_recover_all (defined in rtti_itanium.c)

static rtti_msvc_demangle_class_name(name: str) → str#

Calls function rz_analysis_rtti_msvc_demangle_class_name (defined in rtti_msvc.c)

Demangle a class name as found in MSVC RTTI type descriptors.

Examples: .?AVClassA@ => ClassA .?AVClassInInnerNamespace@InnerNamespace@OuterNamespace@ => OuterNamespace::InnerNamespace::AVClassInInnerNamespace

static rtti_msvc_print_at_vtable(addr: int, mode: RzOutputMode, strict: bool) → bool#: Calls function rz_analysis_rtti_msvc_print_at_vtable (defined in rtti_msvc.c)

static rtti_msvc_print_base_class_descriptor(addr: int, mode: int) → None#: Calls function rz_analysis_rtti_msvc_print_base_class_descriptor (defined in rtti_msvc.c)

static rtti_msvc_print_class_hierarchy_descriptor(addr: int, mode: int) → None#: Calls function rz_analysis_rtti_msvc_print_class_hierarchy_descriptor (defined in rtti_msvc.c)

static rtti_msvc_print_complete_object_locator(addr: int, mode: int) → None#: Calls function rz_analysis_rtti_msvc_print_complete_object_locator (defined in rtti_msvc.c)

static rtti_msvc_print_type_descriptor(addr: int, mode: int) → None#: Calls function rz_analysis_rtti_msvc_print_type_descriptor (defined in rtti_msvc.c)

static rtti_msvc_recover_all(vtables: RzList[RVTableInfo]) → None#: Calls function rz_analysis_rtti_msvc_recover_all (defined in rtti_msvc.c)

static run_tasks() → int#

Calls function rz_analysis_run_tasks (defined in fcn.c)

Runs analysis on the task items.

Runs control-flow and variable usage analysis on each of the task items until tasks vector becomes empty. Items are removed from the tasks vector as they are processed. Items are added to the tasks vector as new basic blocks are found to be analyzed.

Parameters:: tasks – Pointer to RzVector of RzAnalysisTaskItem to be performed analysis on.

static rzil_trace_free() → None#

Calls function rz_analysis_rzil_trace_free (defined in analysis_il_trace.c)

Free an IL trace

Parameters:: trace – trace to be free

static stackop_tostring() → str#: Calls function rz_analysis_stackop_tostring (defined in op.c)

static switch_op_add_case(addr: int, value: int, jump: int) → RzAnalysisCaseOp#: Calls function rz_analysis_switch_op_add_case (defined in switch.c)

static switch_op_free() → None#: Calls function rz_analysis_switch_op_free (defined in switch.c)

static switch_op_new(min_val: int, max_val: int, def_val: int) → RzAnalysisSwitchOp#: Calls function rz_analysis_switch_op_new (defined in switch.c)

static value_copy() → RzAnalysisValue#: Calls function rz_analysis_value_copy (defined in value.c)

static value_free() → None#: Calls function rz_analysis_value_free (defined in value.c)

static value_new() → RzAnalysisValue#: Calls function rz_analysis_value_new (defined in value.c)

static value_new_from_string() → RzAnalysisValue#: Calls function rz_analysis_value_new_from_string (defined in value.c)

static value_to_string() → str#: Calls function rz_analysis_value_to_string (defined in value.c)

static var_add_constraint(constraint: RzTypeConstraint) → None#: Calls function rz_analysis_var_add_constraint (defined in var.c)

static var_addr() → int#: Calls function rz_analysis_var_addr (defined in var.c)

static var_clear_accesses() → None#: Calls function rz_analysis_var_clear_accesses (defined in var.c)

static var_delete() → None#: Calls function rz_analysis_var_delete (defined in var.c)

static var_get_access_at(addr: int) → RzAnalysisVarAccess#: Calls function rz_analysis_var_get_access_at (defined in var.c)

static var_get_argnum() → int#: Calls function rz_analysis_var_get_argnum (defined in var.c)

static var_get_constraints_readable() → str#: Calls function rz_analysis_var_get_constraints_readable (defined in var.c)

static var_get_dst_var() → RzAnalysisVar#: Calls function rz_analysis_var_get_dst_var (defined in var.c)

static var_global_add_constraint(constraint: RzTypeConstraint) → None#

Calls function rz_analysis_var_global_add_constraint (defined in var_global.c)

Add a constaint to global variable.

Parameters:

glob – Global variable instance
constraint – RzTypeConstraint

Returns:

void

static var_global_free() → None#

Calls function rz_analysis_var_global_free (defined in var_global.c)

Free the global variable instance.

Parameters:: glob – Global variable instance
Returns:: void

static var_global_get_constraints_readable() → str#

Calls function rz_analysis_var_global_get_constraints_readable (defined in var_global.c)

Get the pritable string of global variable constraints.

Parameters:: glob – Global variable instance
Returns:: char *

static var_global_get_flag_item() → RzFlagItem#

Calls function rz_analysis_var_global_get_flag_item (defined in var_global.c)

Get the flag item corresponding to the given variable.

This will search for the matching flag that has been created along with the global variable. It can happen that the flag has manually been deleted, in which case this returns NULL.

Returns:: a flag item or NULL

static var_global_new(addr: int) → RzAnalysisVarGlobal#

Calls function rz_analysis_var_global_new (defined in var_global.c)

Create a new instance of global variable.

Parameters:

name – variable name
addr – variable address
comment – variable comment

Returns:

RzAnalysisVarGlobal *

static var_global_set_type(type: RzType) → None#

Calls function rz_analysis_var_global_set_type (defined in var_global.c)

Set the type of the global variable.

Parameters:

glob – Global variable instance
type – The type to set. RzType*

Returns:

void

static var_remove_access_at(address: int) → None#: Calls function rz_analysis_var_remove_access_at (defined in var.c)

static var_rename(new_name: str, verbose: bool) → bool#: Calls function rz_analysis_var_rename (defined in var.c)

static var_resolve_overlaps() → None#: Calls function rz_analysis_var_resolve_overlaps (defined in var.c)

static var_set_access(reg: str, access_addr: int, access_type: int, stackptr: int) → None#: Calls function rz_analysis_var_set_access (defined in var.c)

static var_set_type(type: RzType, resolve_overlaps: bool) → None#: Calls function rz_analysis_var_set_type (defined in var.c)

static vtable_info_free() → None#: Calls function rz_analysis_vtable_info_free (defined in vtable.c)

static vtable_info_get_size(vtable: RVTableInfo) → int#: Calls function rz_analysis_vtable_info_get_size (defined in vtable.c)

static vtable_parse_at(addr: int) → RVTableInfo#: Calls function rz_analysis_vtable_parse_at (defined in vtable.c)

static vtable_search() → RzList[RVTableInfo]#: Calls function rz_analysis_vtable_search (defined in vtable.c)

static xref_list_new() → RzList[RzAnalysisXRef]#: Calls function rz_analysis_xref_list_new (defined in xrefs.c)

static xrefs_type() → RzAnalysisXRefType#: Calls function rz_analysis_xrefs_type (defined in xrefs.c)

static xrefs_type_tostring() → str#: Calls function rz_analysis_xrefs_type_tostring (defined in xrefs.c)

add(foo: RzAnalysisPlugin) → int#: Calls function rz_analysis_add (defined in analysis.c)

add_function(fcn: RzAnalysisFunction) → bool#: Calls function rz_analysis_add_function (defined in function.c)

add_import(imp: str) → None#: Calls function rz_analysis_add_import (defined in analysis.c)

addr_hints_at(addr: int) → RzVector[RzAnalysisAddrHintRecord]#: Calls function rz_analysis_addr_hints_at (defined in hint.c)

addr_hints_foreach(cb: RzAnalysisAddrHintRecordsCb, user: Any) → None#: Calls function rz_analysis_addr_hints_foreach (defined in hint.c)

arch_hints_foreach(cb: RzAnalysisArchHintCb, user: Any) → None#: Calls function rz_analysis_arch_hints_foreach (defined in hint.c)

archinfo(query: int) → int#: Calls function rz_analysis_archinfo (defined in analysis.c)

bind(bnd: RzAnalysisBind) → None#: Calls function rz_analysis_bind (defined in analysis.c)

bits_hints_foreach(cb: RzAnalysisBitsHintCb, user: Any) → None#: Calls function rz_analysis_bits_hints_foreach (defined in hint.c)

blocks_foreach_in(addr: int, cb: RzAnalysisBlockCb, user: Any) → bool#: Calls function rz_analysis_blocks_foreach_in (defined in block.c)

blocks_foreach_intersect(addr: int, size: int, cb: RzAnalysisBlockCb, user: Any) → None#: Calls function rz_analysis_blocks_foreach_intersect (defined in block.c)

calling_conventions() → RzList[char]#: Calls function rz_analysis_calling_conventions (defined in cc.c)

cc_arg(convention: str, n: int) → str#: Calls function rz_analysis_cc_arg (defined in cc.c)

cc_default() → str#: Calls function rz_analysis_cc_default (defined in cc.c)

cc_del(name: str) → None#: Calls function rz_analysis_cc_del (defined in cc.c)

cc_error(convention: str) → str#: Calls function rz_analysis_cc_error (defined in cc.c)

cc_exist(convention: str) → bool#: Calls function rz_analysis_cc_exist (defined in cc.c)

cc_func(func_name: str) → str#: Calls function rz_analysis_cc_func (defined in cc.c)

cc_get(name: str) → str#: Calls function rz_analysis_cc_get (defined in cc.c)

cc_max_arg(cc: str) → int#: Calls function rz_analysis_cc_max_arg (defined in cc.c)

cc_ret(convention: str) → str#: Calls function rz_analysis_cc_ret (defined in cc.c)

cc_self(convention: str) → str#: Calls function rz_analysis_cc_self (defined in cc.c)

cc_set(expr: str) → bool#: Calls function rz_analysis_cc_set (defined in cc.c)

cc_set_error(convention: str, error: str) → None#: Calls function rz_analysis_cc_set_error (defined in cc.c)

cc_set_self(convention: str, _self: str) → None#: Calls function rz_analysis_cc_set_self (defined in cc.c)

check_fcn(buf: int, bufsz: int, addr: int, low: int, high: int) → bool#: Calls function rz_analysis_check_fcn (defined in fcn.c)

class_base_delete(class_name: str, base_id: str) → RzAnalysisClassErr#: Calls function rz_analysis_class_base_delete (defined in class.c)

class_base_get(class_name: str, base_id: str, base: RzAnalysisBaseClass) → RzAnalysisClassErr#: Calls function rz_analysis_class_base_get (defined in class.c)

class_base_get_all(class_name: str) → RzVector[RzAnalysisBaseClass]#: Calls function rz_analysis_class_base_get_all (defined in class.c)

class_base_set(class_name: str, base: RzAnalysisBaseClass) → RzAnalysisClassErr#: Calls function rz_analysis_class_base_set (defined in class.c)

class_create(name: str) → RzAnalysisClassErr#: Calls function rz_analysis_class_create (defined in class.c)

class_delete(name: str) → None#: Calls function rz_analysis_class_delete (defined in class.c)

class_exists(name: str) → bool#: Calls function rz_analysis_class_exists (defined in class.c)

class_foreach(cb: SdbForeachCallback, user: Any) → None#: Calls function rz_analysis_class_foreach (defined in class.c)

class_get_all(sorted: bool) → SdbList#: Calls function rz_analysis_class_get_all (defined in class.c)

class_get_inheritance_graph() → RzGraph#

Calls function rz_analysis_class_get_inheritance_graph (defined in class.c)

Creates RzGraph from class inheritance information where each node has RzGraphNodeInfo as generic data.

Parameters:: analysis –
Returns:: RzGraph* NULL if failure

class_method_delete(class_name: str, meth_name: str) → RzAnalysisClassErr#: Calls function rz_analysis_class_method_delete (defined in class.c)

class_method_exists(class_name: str, meth_name: str) → bool#: Calls function rz_analysis_class_method_exists (defined in class.c)

class_method_exists_by_addr(class_name: str, addr: int) → bool#: Calls function rz_analysis_class_method_exists_by_addr (defined in class.c)

class_method_get(class_name: str, meth_name: str, meth: RzAnalysisMethod) → RzAnalysisClassErr#: Calls function rz_analysis_class_method_get (defined in class.c)

class_method_get_all(class_name: str) → RzVector[RzAnalysisMethod]#: Calls function rz_analysis_class_method_get_all (defined in class.c)

class_method_get_by_addr(class_name: str, addr: int, method: RzAnalysisMethod) → RzAnalysisClassErr#: Calls function rz_analysis_class_method_get_by_addr (defined in class.c)

class_method_recover(cls: RzBinClass, methods: RzList[RzBinSymbol]) → None#: Calls function rz_analysis_class_method_recover (defined in class.c)

class_method_rename(class_name: str, old_meth_name: str, new_meth_name: str) → RzAnalysisClassErr#: Calls function rz_analysis_class_method_rename (defined in class.c)

class_method_set(class_name: str, meth: RzAnalysisMethod) → RzAnalysisClassErr#: Calls function rz_analysis_class_method_set (defined in class.c)

class_recover_all() → None#: Calls function rz_analysis_class_recover_all (defined in class.c)

class_recover_from_rzbin() → None#: Calls function rz_analysis_class_recover_from_rzbin (defined in class.c)

class_rename(old_name: str, new_name: str) → RzAnalysisClassErr#: Calls function rz_analysis_class_rename (defined in class.c)

class_vtable_delete(class_name: str, vtable_id: str) → RzAnalysisClassErr#: Calls function rz_analysis_class_vtable_delete (defined in class.c)

class_vtable_get(class_name: str, vtable_id: str, vtable: RzAnalysisVTable) → RzAnalysisClassErr#: Calls function rz_analysis_class_vtable_get (defined in class.c)

class_vtable_get_all(class_name: str) → RzVector[RzAnalysisVTable]#: Calls function rz_analysis_class_vtable_get_all (defined in class.c)

class_vtable_set(class_name: str, vtable: RzAnalysisVTable) → RzAnalysisClassErr#: Calls function rz_analysis_class_vtable_set (defined in class.c)

cond_eval(cond: RzAnalysisCond) → int#: Calls function rz_analysis_cond_eval (defined in cond.c)

create_block(addr: int, size: int) → RzAnalysisBlock#: Calls function rz_analysis_create_block (defined in block.c)

create_function(name: str, addr: int, type: int, diff: RzAnalysisDiff) → RzAnalysisFunction#: Calls function rz_analysis_create_function (defined in function.c)

data(addr: int, buf: int, size: int, wordsize: int) → RzAnalysisData#: Calls function rz_analysis_data (defined in data.c)

data_kind(addr: int, buf: int, len: int) → str#: Calls function rz_analysis_data_kind (defined in data.c)

del_jmprefs(fcn: RzAnalysisFunction) → None#: Calls function rz_analysis_del_jmprefs (defined in fcn.c)

diff_bb(fcn: RzAnalysisFunction, fcn2: RzAnalysisFunction) → bool#: Calls function rz_analysis_diff_bb (defined in diff.c)

diff_eval() → int#: Calls function rz_analysis_diff_eval (defined in diff.c)

diff_fcn(fcns: RzList[RzAnalysisFunction], fcns2: RzList[RzAnalysisFunction]) → int#: Calls function rz_analysis_diff_fcn (defined in diff.c)

diff_fingerprint_bb(bb: RzAnalysisBlock) → int#: Calls function rz_analysis_diff_fingerprint_bb (defined in diff.c)

diff_fingerprint_fcn(fcn: RzAnalysisFunction) → size_t#: Calls function rz_analysis_diff_fingerprint_fcn (defined in diff.c)

diff_setup(doops: int, thbb: float, thfcn: float) → None#: Calls function rz_analysis_diff_setup (defined in diff.c)

diff_setup_i(doops: int, thbb: int, thfcn: int) → None#: Calls function rz_analysis_diff_setup_i (defined in diff.c)

dwarf_integrate_functions(flags: RzFlag, dwarf_sdb: Sdb) → None#

Calls function rz_analysis_dwarf_integrate_functions (defined in dwarf_process.c)

Use parsed DWARF function info from Sdb in the function analysis XXX right now we only save parsed name and variables, we can’t use signature now XXX refactor to be more readable.

Parameters:

analysis –
dwarf_sdb –

dwarf_process_info(ctx: RzAnalysisDwarfContext) → None#

Calls function rz_analysis_dwarf_process_info (defined in dwarf_process.c)

Parses type and function information out of DWARF entries and stores them to the sdb for further use.

Parameters:

analysis –
ctx –

extract_rarg(op: RzAnalysisOp, fcn: RzAnalysisFunction, reg_set: int, count: int) → None#: Calls function rz_analysis_extract_rarg (defined in var.c)

extract_vars(fcn: RzAnalysisFunction, op: RzAnalysisOp) → None#: Calls function rz_analysis_extract_vars (defined in var.c)

fcn(fcn: RzAnalysisFunction, addr: int, len: int, reftype: int) → int#: Calls function rz_analysis_fcn (defined in fcn.c)

fcn_add_bb(fcn: RzAnalysisFunction, addr: int, size: int, jump: int, fail: int, diff: RzAnalysisDiff) → bool#: Calls function rz_analysis_fcn_add_bb (defined in fcn.c)

fcn_bbget_at(fcn: RzAnalysisFunction, addr: int) → RzAnalysisBlock#: Calls function rz_analysis_fcn_bbget_at (defined in fcn.c)

fcn_bbget_in(fcn: RzAnalysisFunction, addr: int) → RzAnalysisBlock#: Calls function rz_analysis_fcn_bbget_in (defined in fcn.c)

fcn_count(from: int, to: int) → int#: Calls function rz_analysis_fcn_count (defined in fcn.c)

fcn_del(addr: int) → int#: Calls function rz_analysis_fcn_del (defined in fcn.c)

fcn_del_locs(addr: int) → int#: Calls function rz_analysis_fcn_del_locs (defined in fcn.c)

fcn_format_sig(fcn: RzAnalysisFunction, fcn_name: str, reuse_cache: RzAnalysisFcnVarsCache, fcn_name_pre: str, fcn_name_post: str) → str#: Calls function rz_analysis_fcn_format_sig (defined in var.c)

fcn_next(addr: int) → RzAnalysisFunction#: Calls function rz_analysis_fcn_next (defined in fcn.c)

fcn_vars_add_types(fcn: RzAnalysisFunction) → None#

Calls function rz_analysis_fcn_vars_add_types (defined in var.c)

Updates the types database for function arguments.

Searches if the types database has the function with the same name. if there is a match - updates the RzCallable type of the function by adding the new function arguments’ types.

Parameters:

analysis – RzAnalysis instance
fcn – Function which arguments we should save into the types database

fcn_vars_cache_init(cache: RzAnalysisFcnVarsCache, fcn: RzAnalysisFunction) → None#: Calls function rz_analysis_fcn_vars_cache_init (defined in var.c)

find_most_relevant_block_in(off: int) → RzAnalysisBlock#

Calls function rz_analysis_find_most_relevant_block_in (defined in block.c)

Find a single block that seems to be the “most relevant” one that contains the given offset. This should only be used when explicitly only a single basic block should be considered, for example for user-exposed features, since it can always be that multiple blocks overlap. Use rz_analysis_get_blocks_in() in all other cases!

free() → RzAnalysis#: Calls function rz_analysis_free (defined in analysis.c)

function_arg_count(fcn: RzAnalysisFunction) → size_t#

Calls function rz_analysis_function_arg_count (defined in fcn.c)

Returns the argument count of a function.

Parameters:

a – RzAnalysis instance
f – Function

function_args(fcn: RzAnalysisFunction) → RzPVector[RzAnalysisVar]#

Calls function rz_analysis_function_args (defined in fcn.c)

Returns vector of all function arguments.

Parameters:

a – RzAnalysis instance
f – Function

function_derive_type(f: RzAnalysisFunction) → RzCallable#

Calls function rz_analysis_function_derive_type (defined in fcn.c)

Derives the RzCallable type for the given function.

Checks if the type is defined already for this function, if yes - it returns pointer to the one stored in the types database. If not - it creates a new RzCallable instance based on the function name, its arguments’ names and types.

Parameters:

analysis – RzAnalysis instance
f – Function to update

function_list() → RzList[RzAnalysisFunction]#: Calls function rz_analysis_function_list (defined in function.c)

function_new() → RzAnalysisFunction#: Calls function rz_analysis_function_new (defined in function.c)

function_rebase_vars(fcn: RzAnalysisFunction) → bool#: Calls function rz_analysis_function_rebase_vars (defined in var.c)

function_set_type(f: RzAnalysisFunction, callable: RzCallable) → bool#

Calls function rz_analysis_function_set_type (defined in fcn.c)

Sets the RzCallable type for the given function.

Checks if the type is defined already for this function, if yes - it removes the existing one and sets the one defined by the RzCallable. If there is a mismatch between existing arguments - it overwrites their types and names, removes arguments if necessary.

Parameters:

a – RzAnalysis instance
f – Function to update
callable – A function type

function_set_type_str(f: RzAnalysisFunction, sig: str) → bool#

Calls function rz_analysis_function_set_type_str (defined in fcn.c)

Parses the function type and sets it for the given function.

Checks if the type is defined already for this function, if yes - it removes the existing one and parses the one defined in the signature. The function type should be valid C syntax supplied with name, like int *func(char arg0, const int *arg1, float foo[]);

Parameters:

a – RzAnalysis instance
f – Function to update
sig – A function type (“signature” or “prototype”)

get_address_bits() → int#

Calls function rz_analysis_get_address_bits (defined in analysis.c)

The actual size of an address in bits.

This may differ from analysis.bits in some cases such as arm thumb being identified as bits=16, but still using 32-bit addresses, or “8-bit” architectures like 6502 which still use 16-bit addresses.

get_block_at(addr: int) → RzAnalysisBlock#: Calls function rz_analysis_get_block_at (defined in block.c)

get_blocks_in(addr: int) → RzList[RzAnalysisBlock]#: Calls function rz_analysis_get_blocks_in (defined in block.c)

get_blocks_intersect(addr: int, size: int) → RzList[RzAnalysisBlock]#: Calls function rz_analysis_get_blocks_intersect (defined in block.c)

get_delta_jmptbl_info(fcn: RzAnalysisFunction, jmp_address: int, lea_address: int, params: RzAnalysisJmpTableParams) → bool#

Calls function rz_analysis_get_delta_jmptbl_info (defined in jmptbl.c)

Gets some necessary information about a jump table to perform analysis on.

Gets amount of cases inside a jump table, the default case address and the case shift amount

Parameters:

analysis – Pointer to RzAnalysis instance
fcn – Pointer to RzAnalysisFunction where jump table ocurred
jmp_address – Address of jump intruction that uses the table
lea_addr – Address of lea instruction that loads the address of the jump table base
params – Pointer to RzAnalysisJmpTableParams where the results of the function are stored

get_fcn_in(addr: int, type: int) → RzAnalysisFunction#: Warning

Calls deprecated function rz_analysis_get_fcn_in

Calls function rz_analysis_get_fcn_in (defined in fcn.c)

get_fcn_in_bounds(addr: int, type: int) → RzAnalysisFunction#: Warning

Calls deprecated function rz_analysis_get_fcn_in_bounds

Calls function rz_analysis_get_fcn_in_bounds (defined in fcn.c)

get_fcns() → RzList[RzAnalysisFunction]#: Calls function rz_analysis_get_fcns (defined in analysis.c)

get_function_at(addr: int) → RzAnalysisFunction#: Calls function rz_analysis_get_function_at (defined in function.c)

get_function_byname(name: str) → RzAnalysisFunction#: Calls function rz_analysis_get_function_byname (defined in fcn.c)

get_functions_in(addr: int) → RzList[RzAnalysisFunction]#: Calls function rz_analysis_get_functions_in (defined in function.c)

get_jmptbl_info(fcn: RzAnalysisFunction, block: RzAnalysisBlock, jmp_address: int, params: RzAnalysisJmpTableParams) → bool#

Calls function rz_analysis_get_jmptbl_info (defined in jmptbl.c)

Gets some necessary information about a jump table to perform analysis on.

Gets amount of cases inside a jump table, the default case address and the case shift amount

Parameters:

analysis – Pointer to RzAnalysis instance
fcn – Pointer to RzAnalysisFunction where jump table ocurred
block – Pointer to RzAnalysisBlock where the jump instruction related to the jump table ocurred
jmp_address – Address of jump intruction that uses the table
params – Pointer to RzAnalysisJmpTableParams where the results of the function are stored

get_reflines(addr: int, buf: int, len: int, nlines: int, linesout: int, linescall: int) → RzList[RzAnalysisRefline]#: Calls function rz_analysis_reflines_get (defined in reflines.c)

get_reg_profile() → str#: Calls function rz_analysis_get_reg_profile (defined in analysis.c)

get_used_function_var(addr: int) → RzAnalysisVar#: Warning

Calls deprecated function rz_analysis_get_used_function_var

Calls function rz_analysis_get_used_function_var (defined in var.c)

hint_arch_at(addr: int, hint_addr: int) → str#: Calls function rz_analysis_hint_arch_at (defined in hint.c)

hint_bits_at(addr: int, hint_addr: int) → int#: Calls function rz_analysis_hint_bits_at (defined in hint.c)

hint_clear() → None#: Calls function rz_analysis_hint_clear (defined in hint.c)

hint_del(addr: int, size: int) → None#: Calls function rz_analysis_hint_del (defined in hint.c)

hint_get(addr: int) → RzAnalysisHint#: Calls function rz_analysis_hint_get (defined in hint.c)

hint_set_arch(addr: int, arch: str) → None#: Calls function rz_analysis_hint_set_arch (defined in hint.c)

hint_set_bits(addr: int, bits: int) → None#: Calls function rz_analysis_hint_set_bits (defined in hint.c)

hint_set_esil(addr: int, str: str) → None#: Calls function rz_analysis_hint_set_esil (defined in hint.c)

hint_set_fail(addr: int, fail: int) → None#: Calls function rz_analysis_hint_set_fail (defined in hint.c)

hint_set_high(addr: int) → None#: Calls function rz_analysis_hint_set_high (defined in hint.c)

hint_set_immbase(addr: int, base: int) → None#: Calls function rz_analysis_hint_set_immbase (defined in hint.c)

hint_set_jump(addr: int, jump: int) → None#: Calls function rz_analysis_hint_set_jump (defined in hint.c)

hint_set_newbits(addr: int, bits: int) → None#: Calls function rz_analysis_hint_set_newbits (defined in hint.c)

hint_set_nword(addr: int, nword: int) → None#: Calls function rz_analysis_hint_set_nword (defined in hint.c)

hint_set_offset(addr: int, typeoff: str) → None#: Calls function rz_analysis_hint_set_offset (defined in hint.c)

hint_set_opcode(addr: int, str: str) → None#: Calls function rz_analysis_hint_set_opcode (defined in hint.c)

hint_set_pointer(addr: int, ptr: int) → None#: Calls function rz_analysis_hint_set_pointer (defined in hint.c)

hint_set_ret(addr: int, val: int) → None#: Calls function rz_analysis_hint_set_ret (defined in hint.c)

hint_set_size(addr: int, size: int) → None#: Calls function rz_analysis_hint_set_size (defined in hint.c)

hint_set_stackframe(addr: int, size: int) → None#: Calls function rz_analysis_hint_set_stackframe (defined in hint.c)

hint_set_syntax(addr: int, syn: str) → None#: Calls function rz_analysis_hint_set_syntax (defined in hint.c)

hint_set_type(addr: int, type: int) → None#: Calls function rz_analysis_hint_set_type (defined in hint.c)

hint_set_val(addr: int, v: int) → None#: Calls function rz_analysis_hint_set_val (defined in hint.c)

hint_unset_arch(addr: int) → None#: Calls function rz_analysis_hint_unset_arch (defined in hint.c)

hint_unset_bits(addr: int) → None#: Calls function rz_analysis_hint_unset_bits (defined in hint.c)

hint_unset_esil(addr: int) → None#: Calls function rz_analysis_hint_unset_esil (defined in hint.c)

hint_unset_fail(addr: int) → None#: Calls function rz_analysis_hint_unset_fail (defined in hint.c)

hint_unset_high(addr: int) → None#: Calls function rz_analysis_hint_unset_high (defined in hint.c)

hint_unset_immbase(addr: int) → None#: Calls function rz_analysis_hint_unset_immbase (defined in hint.c)

hint_unset_jump(addr: int) → None#: Calls function rz_analysis_hint_unset_jump (defined in hint.c)

hint_unset_newbits(addr: int) → None#: Calls function rz_analysis_hint_unset_newbits (defined in hint.c)

hint_unset_nword(addr: int) → None#: Calls function rz_analysis_hint_unset_nword (defined in hint.c)

hint_unset_offset(addr: int) → None#: Calls function rz_analysis_hint_unset_offset (defined in hint.c)

hint_unset_opcode(addr: int) → None#: Calls function rz_analysis_hint_unset_opcode (defined in hint.c)

hint_unset_pointer(addr: int) → None#: Calls function rz_analysis_hint_unset_pointer (defined in hint.c)

hint_unset_ret(addr: int) → None#: Calls function rz_analysis_hint_unset_ret (defined in hint.c)

hint_unset_size(addr: int) → None#: Calls function rz_analysis_hint_unset_size (defined in hint.c)

hint_unset_stackframe(addr: int) → None#: Calls function rz_analysis_hint_unset_stackframe (defined in hint.c)

hint_unset_syntax(addr: int) → None#: Calls function rz_analysis_hint_unset_syntax (defined in hint.c)

hint_unset_type(addr: int) → None#: Calls function rz_analysis_hint_unset_type (defined in hint.c)

hint_unset_val(addr: int) → None#: Calls function rz_analysis_hint_unset_val (defined in hint.c)

il_vm_cleanup() → None#

Calls function rz_analysis_il_vm_cleanup (defined in analysis_il.c)

Destroy the global user-faced vm

il_vm_new(init_state_reg: RzReg) → RzAnalysisILVM#

Calls function rz_analysis_il_vm_new (defined in analysis_il.c)

Create and initialize an RzAnalysisILVM with the current arch/cpu/bits configuration and plugin init_state_reg optional RzReg to take variable values from, unless the plugin overrides them using RzAnalysisILInitState

Returns:: RzAnalysisRzil* a pointer to RzAnalysisILVM instance

il_vm_setup() → bool#

Calls function rz_analysis_il_vm_setup (defined in analysis_il.c)

(Re)initialize the global user-faced vm

Returns:: whether the init succeeded

il_vm_step(vm: RzAnalysisILVM, reg: RzReg) → RzAnalysisILStepResult#

Calls function rz_analysis_il_vm_step (defined in analysis_il.c)

Perform a single step in the VM

If given, this syncs the contents of reg into the vm. Then it disassembles an instruction at the program counter of the vm and executes it. Finally, if no error occured, the contents are optionally synced back to reg.

Returns:: and indicator for which error occured, if any

is_prelude(data: int, len: int) → bool#: Calls function rz_analysis_is_prelude (defined in analysis.c)

jmptbl(fcn: RzAnalysisFunction, block: RzAnalysisBlock, jmpaddr: int, table: int, tablesize: int, default_addr: int) → bool#: Calls function rz_analysis_jmptbl (defined in jmptbl.c)

list_vtables(mode: RzOutputMode) → None#: Calls function rz_analysis_list_vtables (defined in vtable.c)

mask(size: int, data: int, at: int) → int#: Calls function rz_analysis_mask (defined in analysis.c)

noreturn_add(name: str, addr: int) → bool#: Calls function rz_analysis_noreturn_add (defined in analysis.c)

noreturn_at(addr: int) → bool#: Calls function rz_analysis_noreturn_at (defined in analysis.c)

noreturn_at_addr(addr: int) → bool#: Calls function rz_analysis_noreturn_at_addr (defined in analysis.c)

noreturn_drop(expr: str) → bool#: Calls function rz_analysis_noreturn_drop (defined in analysis.c)

noreturn_functions() → RzList[char]#: Calls function rz_analysis_noreturn_functions (defined in analysis.c)

op(op: RzAnalysisOp, addr: int, data: int, len: int, mask: RzAnalysisOpMask) → int#: Calls function rz_analysis_op (defined in op.c)

op_hexstr(addr: int, hexstr: str) → RzAnalysisOp#: Calls function rz_analysis_op_hexstr (defined in analysis.c)

op_reg_delta(addr: int, name: str) → int#: Calls function rz_analysis_op_reg_delta (defined in op.c)

op_to_string(op: RzAnalysisOp) → str#: Calls function rz_analysis_op_to_string (defined in op.c)

preludes() → RzList[RzSearchKeyword]#: Calls function rz_analysis_preludes (defined in analysis.c)

purge() → None#: Calls function rz_analysis_purge (defined in analysis.c)

purge_imports() → None#: Calls function rz_analysis_purge_imports (defined in analysis.c)

reflines_middle(list: RzList[RzAnalysisRefline], addr: int, len: int) → int#: Calls function rz_analysis_reflines_middle (defined in reflines.c)

remove_import(imp: str) → None#: Calls function rz_analysis_remove_import (defined in analysis.c)

rtti_demangle_class_name(name: str) → str#: Calls function rz_analysis_rtti_demangle_class_name (defined in rtti.c)

rtti_print_all(mode: RzOutputMode) → None#: Calls function rz_analysis_rtti_print_all (defined in rtti.c)

rtti_print_at_vtable(addr: int, mode: RzOutputMode) → None#: Calls function rz_analysis_rtti_print_at_vtable (defined in rtti.c)

rtti_recover_all() → None#: Calls function rz_analysis_rtti_recover_all (defined in rtti.c)

rzil_trace_new(rzil: RzAnalysisILVM) → RzAnalysisRzilTrace#

Calls function rz_analysis_rzil_trace_new (defined in analysis_il_trace.c)

Create a new trace to collect infos

Parameters:

analysis – pointer to RzAnalysis
rzil – RZ_IL instance

Returns:

pointer to RzilTrace

rzil_trace_op(rzil: RzAnalysisILVM, op: RzAnalysisLiftedILOp) → None#

Calls function rz_analysis_rzil_trace_op (defined in analysis_il_trace.c)

This function should be called after executing the IL op Collect trace info (target and data of mem/reg read/write)

Parameters:

analysis – RzAnalysis
rzil – IL instance
op – RzAnalysisRzilOp, a general IL op structure (Designed for switching between different implementations of IL op struct)

set_big_endian(boolean: int) → int#: Calls function rz_analysis_set_big_endian (defined in analysis.c)

set_bits(bits: int) → bool#: Calls function rz_analysis_set_bits (defined in analysis.c)

set_cc_default(convention: str) → None#: Calls function rz_analysis_set_cc_default (defined in cc.c)

set_cpu(cpu: str) → None#: Calls function rz_analysis_set_cpu (defined in analysis.c)

set_limits(from: int, to: int) → None#: Calls function rz_analysis_set_limits (defined in analysis.c)

set_os(os: str) → bool#: Calls function rz_analysis_set_os (defined in analysis.c)

set_reg_profile() → bool#: Calls function rz_analysis_set_reg_profile (defined in analysis.c)

set_syscc_default(convention: str) → None#: Calls function rz_analysis_set_syscc_default (defined in cc.c)

set_triplet(os: str, arch: str, bits: int) → bool#: Calls function rz_analysis_set_triplet (defined in analysis.c)

syscc_default() → str#: Calls function rz_analysis_syscc_default (defined in cc.c)

task_item_new(tasks: RzVector[RzAnalysisTaskItem], fcn: RzAnalysisFunction, block: RzAnalysisBlock, address: int) → bool#

Calls function rz_analysis_task_item_new (defined in fcn.c)

Adds a new task item to the tasks parameter.

Used to create a new item to the tasks parameter that can be worked on later by the rz_analysis_run_tasks function.

Parameters:

analysis – Pointer to RzAnalysis instance.
tasks – Pointer to RzVector to add a new RzAnalysisTaskItem to.
fcn – Pointer to RzAnalysisFunction in which analysis will be performed on.
block – Pointer to RzAnalysisBlock in which analysis will be performed on. If null, analysis will take care of block creation.
address – Address where analysis will start from

trace_bb(addr: int) → None#: Calls function rz_analysis_trace_bb (defined in analysis.c)

trim_jmprefs(fcn: RzAnalysisFunction) → None#: Calls function rz_analysis_trim_jmprefs (defined in fcn.c)

type_link_at(addr: int) → RzType#

Calls function rz_analysis_type_link_at (defined in typelink.c)

Returns the RzType linked to the given address.

Parameters:

analysis – RzAnalysis instance
addr – The address to check the link at

type_link_exists(addr: int) → bool#

Calls function rz_analysis_type_link_exists (defined in typelink.c)

Checks if the RzType linked to the given address.

Parameters:

analysis – RzAnalysis instance
addr – The address to check the link at

type_links() → RzList[RzType]#

Calls function rz_analysis_type_links (defined in typelink.c)

Returns the list of all linked types.

Parameters:: analysis – RzAnalysis instance

type_links_by_offset(offset: int) → RzList[RzTypePath]#

Calls function rz_analysis_type_links_by_offset (defined in typelink.c)

Returns the list of all structured types that are linked and have members matching the offset.

Parameters:

analysis – RzAnalysis instance
offset – The offset of the member to match against

type_paths_by_address(addr: int) → RzList[RzTypePath]#

Calls function rz_analysis_type_paths_by_address (defined in typelink.c)

Returns the list of all type paths that are linked to some address and have suitable offset.

Parameters:

analysis – RzAnalysis instance
addr – The address to check against possible matches

type_set_link(type: RzType, addr: int) → bool#

Calls function rz_analysis_type_set_link (defined in typelink.c)

Links the given RzType to the address.

Parameters:

analysis – RzAnalysis instance
type – RzType to link
addr – The address to add the type link

type_unlink(addr: int) → bool#

Calls function rz_analysis_type_unlink (defined in typelink.c)

Removes the type link given the address.

Parameters:

analysis – RzAnalysis instance
addr – The address to remove the type link from

type_unlink_all() → bool#

Calls function rz_analysis_type_unlink_all (defined in typelink.c)

Removes all type links.

Parameters:: analysis – RzAnalysis instance

types_from_fcn(fcn: RzAnalysisFunction) → RzList[RzType]#: Calls function rz_analysis_types_from_fcn (defined in fcn.c)

unset_limits() → None#: Calls function rz_analysis_unset_limits (defined in analysis.c)

update_analysis_range(addr: int, size: int) → None#: Calls function rz_analysis_update_analysis_range (defined in fcn.c)

use(name: str) → bool#: Calls function rz_analysis_use (defined in analysis.c)

value_set_ut64(val: RzAnalysisValue, num: int) → int#: Calls function rz_analysis_value_set_ut64 (defined in value.c)

value_to_ut64(val: RzAnalysisValue) → int#: Calls function rz_analysis_value_to_ut64 (defined in value.c)

var_all_list(fcn: RzAnalysisFunction) → RzList[RzAnalysisVar]#: Warning

Calls deprecated function rz_analysis_var_all_list

Calls function rz_analysis_var_all_list (defined in var.c)

var_count(fcn: RzAnalysisFunction, kind: int, type: int) → int#: Calls function rz_analysis_var_count (defined in var.c)

var_global_add(global_var: RzAnalysisVarGlobal) → bool#

Calls function rz_analysis_var_global_add (defined in var_global.c)

Add the global variable into hashtable.

Parameters:

analysis – RzAnalysis
global_var – Global variable instance

Returns:

true if succeed

var_global_delete(glob: RzAnalysisVarGlobal) → bool#

Calls function rz_analysis_var_global_delete (defined in var_global.c)

Delete and free the global variable.

Parameters:

analysis – RzAnalysis
glob – global variable to be deleted

Returns:

true if succeed

var_global_delete_byaddr_at(addr: int) → bool#

Calls function rz_analysis_var_global_delete_byaddr_at (defined in var_global.c)

Same as rz_analysis_var_global_delete_byname at the address.

Parameters:

analysis – RzAnalysis
addr – Global Variable address

Returns:

true if succeed

var_global_delete_byaddr_in(addr: int) → bool#

Calls function rz_analysis_var_global_delete_byaddr_in (defined in var_global.c)

Same as rz_analysis_var_global_delete_byname in the address.

Parameters:

analysis – RzAnalysis
addr – Global Variable address

Returns:

true if succeed

var_global_delete_byname(name: str) → bool#

Calls function rz_analysis_var_global_delete_byname (defined in var_global.c)

Delete and free the global variable by its name.

Parameters:

analysis – RzAnalysis
name – Global Variable name

Returns:

true if succeed

var_global_get_all() → RzList[RzAnalysisVarGlobal]#

Calls function rz_analysis_var_global_get_all (defined in var_global.c)

Get all of the added global variables.

Parameters:: analysis – RzAnalysis
Returns:: RzList *

var_global_get_byaddr_at(addr: int) → RzAnalysisVarGlobal#

Calls function rz_analysis_var_global_get_byaddr_at (defined in var_global.c)

Get the instance of global variable at the address.

Parameters:

analysis – RzAnalysis
addr – Global variable address

Returns:

RzAnalysisVarGlobal *

var_global_get_byaddr_in(addr: int) → RzAnalysisVarGlobal#

Calls function rz_analysis_var_global_get_byaddr_in (defined in var_global.c)

Get the instance of global variable contains the address.

Parameters:

analysis – RzAnalysis
addr – Global variable address

Returns:

RzAnalysisVarGlobal *

var_global_get_byname(name: str) → RzAnalysisVarGlobal#

Calls function rz_analysis_var_global_get_byname (defined in var_global.c)

Get the instance of global variable by its name.

Parameters:

analysis – RzAnalysis
name – Global variable name

Returns:

RzAnalysisVarGlobal *

var_global_rename(old_name: str, newname: str) → bool#

Calls function rz_analysis_var_global_rename (defined in var_global.c)

Rename the global variable.

Parameters:

analysis – RzAnalysis
old_name – The old name of the global variable
newname – The new name of the global variable

Returns:

true if succeed

var_list(fcn: RzAnalysisFunction, kind: int) → RzList[RzAnalysisVar]#: Calls function rz_analysis_var_list (defined in var.c)

vtable_begin(context: RVTableContext) → bool#: Calls function rz_analysis_vtable_begin (defined in vtable.c)

walkthrough_arm_jmptbl_style(fcn: RzAnalysisFunction, block: RzAnalysisBlock, params: RzAnalysisJmpTableParams) → bool#

Calls function rz_analysis_walkthrough_arm_jmptbl_style (defined in jmptbl.c)

Marks for analysis ARM specific jump table cases.

This function works similarly to rz_analysis_walkthrough_jmptbl, but is specific to ARM

Parameters:

analysis – Pointer to RzAnalysis instance
fcn – Pointer to RzAnalysisFunction to add the new cases
block – Pointer to RzAnalysisBlock that originates the switch table
params – Pointer to RzAnalysisJmpTableParams necessary to analyze the jump table

walkthrough_casetbl(fcn: RzAnalysisFunction, block: RzAnalysisBlock, params: RzAnalysisJmpTableParams) → bool#

Calls function rz_analysis_walkthrough_casetbl (defined in jmptbl.c)

Marks for analysis jump table cases with a space optimization for multiple cases corresponding to the same address.

This function works similarly to rz_analysis_walkthrough_jmptbl, with the difference that jump targets are hidden behind a indirection in the case table

Parameters:

analysis – Pointer to RzAnalysis instance
fcn – Pointer to RzAnalysisFunction to add the new cases
block – Pointer to RzAnalysisBlock that originates the switch table
params – Pointer to RzAnalysisJmpTableParams necessary to analyze the jump table

walkthrough_jmptbl(fcn: RzAnalysisFunction, block: RzAnalysisBlock, params: RzAnalysisJmpTableParams) → bool#

Calls function rz_analysis_walkthrough_jmptbl (defined in jmptbl.c)

Marks the jump table cases for analysis.

Goes through each case on the jump table, adds necessary flags/metadata and a new RzAnalysisTaskItem to params->tasks to be analyzed later.

Parameters:

analysis – Pointer to RzAnalysis instance
fcn – Pointer to RzAnalysisFunction to add the new cases
block – Pointer to RzAnalysisBlock that originates the switch table
params – Pointer to RzAnalysisJmpTableParams necessary to analyze the jump table

xref_del(from: int, to: int) → bool#: Calls function rz_analysis_xref_del (defined in xrefs.c)

xrefs_count() → int#: Calls function rz_analysis_xrefs_count (defined in xrefs.c)

xrefs_deln(from: int, to: int, type: RzAnalysisXRefType) → bool#: Calls function rz_analysis_xrefs_deln (defined in xrefs.c)

xrefs_get_from(addr: int) → RzList[RzAnalysisXRef]#: Calls function rz_analysis_xrefs_get_from (defined in xrefs.c)

xrefs_get_to(addr: int) → RzList[RzAnalysisXRef]#: Calls function rz_analysis_xrefs_get_to (defined in xrefs.c)

xrefs_init() → bool#: Calls function rz_analysis_xrefs_init (defined in xrefs.c)

xrefs_list() → RzList[RzAnalysisXRef]#

Calls function rz_analysis_xrefs_list (defined in xrefs.c)

Get list of all xrefs.

Parameters:: analysis – RzAnalysis instance
Returns:: RzList <RzAnalysisXRef *>

xrefs_set(from: int, to: int, type: RzAnalysisXRefType) → bool#: Calls function rz_analysis_xrefs_set (defined in xrefs.c)