BinExport¶

ProgramBackendBinExport¶

class qbindiff.loader.backend.binexport.ProgramBackendBinExport(file: str, *, arch: str | None = None)[source]¶

Bases: AbstractProgramBackend

property callgraph: DiGraph¶: The callgraph of the program.

property capabilities: ProgramCapability¶: Returns the supported capabilities

property exec_path: str¶: Guess the raw binary name by removing the final .BinExport

property fun_names: dict[str, int]¶: Returns a dictionary with function name as key and the function address as value

property functions: Iterator[FunctionBackendBinExport]¶: Returns an iterator over backend function objects

property name¶: The name of the program.

property structures: list[Structure]¶: Returns the list of structures defined in program. WARNING: Not supported by BinExport

FunctionBackendBinExport¶

class qbindiff.loader.backend.binexport.FunctionBackendBinExport(program: ReferenceType[ProgramBackendBinExport], be_func: FunctionBinExport)[source]¶

Bases: AbstractFunctionBackend

property addr: Addr¶: The address of the function

property basic_blocks: Iterator[BasicBlockBackendBinExport]¶: Returns an iterator over backend basic blocks objects

property children: set[Addr]¶: Set of function children in the call graph

property graph: DiGraph¶: The Control Flow Graph of the function

is_import() → bool[source]¶: True if the function is imported

property name¶: The name of the function.

property parents: set[Addr]¶: Set of function parents in the call graph

property type: FunctionType¶: The type of the function (as defined by IDA)

unload_blocks() → None¶: Unload basic blocks from memory

BasicBlockBackendBinExport¶

class qbindiff.loader.backend.binexport.BasicBlockBackendBinExport(program: ReferenceType[ProgramBackendBinExport], be_block: BasicBlockBinExport)[source]¶

Bases: AbstractBasicBlockBackend

property addr: Addr¶: The address of the basic block

property bytes: bytes¶: Returns the bytes representation of the basic block

property instructions: Iterator[InstructionBackendBinExport]¶: Returns an iterator over backend instruction objects

property program: ProgramBackendBinExport¶: Wrapper on weak reference on ProgramBackendBinExport

InstructionBackendBinExport¶

class qbindiff.loader.backend.binexport.InstructionBackendBinExport(cs: Cs, cs_instruction: CsInsn)[source]¶

Bases: AbstractInstructionBackend

MAX_ID = 3000¶: Max instruction ID. All the instruction IDs will be in the range [0, MAX_ID]

property addr: Addr¶: The address of the instruction

property bytes: bytes¶: Returns the bytes representation of the instruction

property comment: str¶: Comment associated with the instruction

property groups: list[InstructionGroup]¶: Returns a list of groups of this instruction.

property id: int¶: Return the capstone instruction ID

property mnemonic: str¶: Returns the instruction mnemonic as a string

property operands: Iterator[OperandBackendBinExport]¶: Returns an iterator over backend operand objects

property pcode_ops: list[PcodeOp]¶: List of PcodeOp associated with the instruction. Provided with the PCODE capability

property references: dict[ReferenceType, list[Data | Structure | StructureMember]]¶: Returns all the references towards the instruction BinExport only exports data references’ address so no data type nor value.

OperandBackendBinExport¶

class qbindiff.loader.backend.binexport.OperandBackendBinExport(cs: Cs, cs_instruction: CsInsn, cs_operand: Any, cs_operand_position: int)[source]¶

Bases: AbstractOperandBackend

is_immediate() → bool[source]¶: Returns whether the operand is an immediate value (not considering addresses)

property type: OperandType¶: Returns the capstone operand type

property value: int | None¶: Return the immediate value (not addresses) used by the operand.