memory.helpers module

Provides helper classes/functions for memory functionality.

class memory.helpers.Array(manager, is_ptr, type_name, ptr, length=None)

Bases: memory.helpers.BasePointer

Wrap an array.

__init__(manager, is_ptr, type_name, ptr, length=None)

Initialize the array wrapper.

Parameters:

• manager (TypeManager) – The manager that should be used to retrieve classes.
• is_ptr (bool) – Set to True if the array contains pointers.
• type_name (str) – The name of the array type. E.g. ‘Vector’ or ‘bool’.
• ptr (Pointer) – The base address of the array (the very first array entry).
• length (int|None) – Length of the array. Setting this value allows you to iterate over the array.

get_offset(index)

Return the offset of the given index.

class memory.helpers.BasePointer

Bases: _memory.Pointer

Pointer extension class.

class memory.helpers.Key

Bases: object

Holds some constants and provides converters for parse_data().

static as_args_tuple(manager, value)

Convert a string into a tuple containing <DataType> elements.

static as_attribute_type(manager, value)

Convert a string into a <Type> value.

static as_bool(manager, value)

Convert a string to a boolean.

Raises a ValueError if the string doesn’t represent such a value.

static as_convention(manager, value)

Convert a string into a <Convention> object.

static as_identifier(manager, value)

Convert a string into a byte string.

If no spaces in the string, the string itself will be returned.

static as_int(manager, value)

Convert the value to an integer.

static as_return_type(manager, value)

Convert a string into a <Return> object.

If the conversion fails, the string itself will be returned.

static as_str(manager, value)

Convert the value to a string.

ACCESSOR = 'accessor'

ACCESSOR_OFFSET = 'accessor_offset'

ARGS = 'arguments'

BINARY = 'binary'

CONVENTION = 'convention'

DOC = 'doc'

IDENTIFIER = 'identifier'

LENGTH = 'length'

LEVEL = 'level'

OFFSET = 'offset'

RETURN_TYPE = 'return_type'

SIZE = 'size'

SRV_CHECK = 'srv_check'

TYPE_NAME = 'type'

class memory.helpers.MemberFunction(manager, return_type, func, this)

Bases: _memory.Function

Use this class to create a wrapper for member functions.

It passes the this pointer automatically to the wrapped function.

__init__(manager, return_type, func, this)

Initialize the instance.

call_trampoline(*args)

Call the trampoline dynamically.

skip_hooks(*args)

Call the function, but skip hooks if there are any.

class memory.helpers.Type

Bases: object

Stores attribute/array types.

static is_native(type_name)

Return True if the given type name is a native type.

BOOL = 'bool'

CHAR = 'char'

DOUBLE = 'double'

FLOAT = 'float'

INT = 'int'

LONG = 'long'

LONG_LONG = 'long_long'

POINTER = 'pointer'

SHORT = 'short'

STRING_ARRAY = 'string_array'

STRING_POINTER = 'string_pointer'

UCHAR = 'uchar'

UINT = 'uint'

ULONG = 'ulong'

ULONG_LONG = 'ulong_long'

USHORT = 'ushort'

memory.helpers.parse_data(manager, raw_data, keys)

Parse the data dictionary.

Parses by converting the values of the given keys into the proper type or assigning them default values. Raises a KeyError if a key does not exist and if no default value is available.

Returns a generator: (<name>, [<value of key0>, <value of key1>, ...])

<keys> must have the following structure: ((<key name>, <converter>, <default value>), ...)

The convert function must accept 2 arguments:

1. An instance of the TypeManager class
2. The value to convert

Information about data that comes from a file:

You can specialize every key by adding ‘’_windows’’ (for Windows) or ‘’_linux’’ (for Linux) to the end a key.

For example: If you are using a signature on Windows, but a symbol on Linux, you have three possibilities to do that:

1. identifier_windows = <signature for Windows> identifier = <symbol for Linux>

2. identifier = <signature for Windows> identifier_linux = <symbol for Linux>

3. identifier_windows = <signature for Windows> identifier_linux = <symbol for Linux>