API

The APIs for the individual programming languages all derive from the C++ structure of src/core adapted to the native spelling of the respective programming language. As an example, all from within guile all methods are available as classname-functionname with name-components separated by dashes instead of CamelCase.

Function

class Function

Represents a function in the binary. Functions are typically the target of call instructions and are composed of BasicBlock

std::string Function::getName() const

Returns the Name of the function

void Function::setName(const std::string &new_name)

Updates the Name of the Function. Also takes care to notify all consumers of the changed name so the new name is displayed consistently

bool Function::isDynamic() const

Returns whether the Function is of the dynamic type. Dynamic functions are the ones which are imported from shared libraries and not structly part of the binary at hand.

uint64_t Function::getStartAddress() const

InformationManager *Function::getManager() const

void Function::addBasicBlock(BasicBlock *block)

const std::map<uint64_t, BasicBlock *> &Function::blocks()

BasicBlock

class BasicBlock

uint64_t BasicBlock::getStartAddress() const

uint64_t BasicBlock::getEndAddress() const

void BasicBlock::setStartAddress(uint64_t address)

void BasicBlock::setEndAddress(uint64_t address)

InformationManager *BasicBlock::getManager() const

uint64_t BasicBlock::getNextBlock(size_t index) const

index may either be 0 or 1 returning the following basic block. It will only return a value different from NULL if the last instruction was a conditional jump. In this case the Block returned for 1 is the block reached when the jump is not taken

void BasicBlock::setNextBlock(size_t index, uint64_t address)

std::string BasicBlock::getName() const

Returns a generated name for the block. This is only intended for display. Currently it is BLOCK_startaddress_endaddress. The block may not be uniqly identified by the name

std::vector<Instruction> BasicBlock::getInstructions() const

Comment

class Comment

bool Comment::isLocal() const

Comments, which are valid for every instance of an address are considered global while comments only valid within the context of the current function are considered local

void Comment::setText(const std::string &text)

Updates the text of an comment and takes care of notifying all consumers of the change.

std::string Comment::getText() const

Returns the current text of the comment without any Macros expanded.

uint64_t Comment::getAddress()

Returns address this comment talks about

Function *Comment::getLocation()

Returns the function, the comment talks about, or NULL if the function is local

InformationManager

class InformationManager

Core frida information storage. Keeps track of all known information and notifies the consumers like the GUI of all changes to its data structures

Disassembler *InformationManager::getDisassembler()

uint64_t InformationManager::getEntryAddress()

Returns the entry address of the binary as read from the ELF / COFF header or 0 if the information is not available

Function *InformationManager::getFunction(uint64_t address)

std::map<uint64_t, Function *>::const_iterator InformationManager::beginFunctions()

std::map<uint64_t, Function *>::const_iterator InformationManager::endFunctions()

BasicBlock *InformationManager::getBasicBlock(uint64_t address)

std::map<uint64_t, BasicBlock *>::const_iterator InformationManager::beginBasicBlocks()

std::map<uint64_t, BasicBlock *>::const_iterator InformationManager::endBasicBlocks()

std::pair<std::multimap<uint64_t, Comment *>::const_iterator, std::multimap<uint64_t, Comment *>::const_iterator> InformationManager::getComments(uint64_t address)

There may be several comments for a given address and some of them may be global comments while others are just local ones. getComments() therefore returns an iterator over all such Comments

std::multimap<uint64_t, Comment *>::const_iterator InformationManager::beginComments()

std::multimap<uint64_t, Comment *>::const_iterator InformationManager::endComments()

Disassembler

class Disassembler

Interface implemented by all Disassemblers. Can be used by scripts to start actions

Function *Disassembler::disassembleFunctionAt(uint64_t address)

Starts recursive disassembling starting at the given address

Function *Disassembler::disassembleFunctionAt(uint64_t address, const std::string &name)

The same as Disassmebler::disassembleFunctionAt() but also assigns the given name to the function starting at address. All further functions will get a default name again.

std::vector<Instruction> Disassembler::getInstructions(const BasicBlock *block)

Returns a stream of instructions making up the BasicBlock