Thread: Question: IDAPython how to call bin_search ?
View Single Post
  #5  
Old 01-06-2010, 23:23
winndy winndy is offline
VIP
  
Join Date: Sep 2005
Posts: 236
Rept. Given: 104
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 27
Thanks Rcvd at 16 Times in 13 Posts
winndy Reputation: 26
I think I figured it out.

idaapi.i

change
Code:
%array_class(uchar, uchar_array);
to
Code:
%array_class(unsigned char, uchar_array);
recompile idapython,then call it in python like this:

Code:
func = idaapi.get_func(idaapi.get_screen_ea())

patternlen = 3
pattern = idaapi.uchar_array(patternlen)
pattern[0] = 0x18;
pattern[1] = 0x00;
pattern[2] = 0x89;

print pattern

mask = idaapi.uchar_array(patternlen)
mask[0] = 0xFF
mask[1] = 0xFF
mask[2] = 0xFF

print mask

ea = idaapi.bin_search(func.startEA,func.endEA,pattern,mask,patternlen,idaapi.BIN_SEARCH_FORWARD,idaapi.BIN_SEARCH_NOCASE)

print '%08lx'%(ea)
Reply With Quote