Convenience function to load a type into a type library.
'name' may be empty for anonymous types.

     flags   -  combination of LOADTYPE_ constants,
                in case of 0 the LOADTYPE_DEFAULT is used
     ordinal -  slot number (1...NumberOfLocalTypes), is ignored if LOADTYPE_USEORD is clear
     name    -  type name
     type    -  serialized type string (internal type represenation)
     fields  -  serialized field names
     cmt     -  type comment
     fldcmts -  serialized field comments
     sclass  -  storage class of the type

Get number of local types + 1
returns: value >= 1. 1 means that there are no local types.

long get_ordinal_limit();

Check the variable type
Returns true if the variable type is the expected one
Thread-safe functions.

success value_is_string(var);
success value_is_long(var);
success value_is_float(var);
success value_is_object(var);
success value_is_func(var);
success value_is_pvoid(var);
success value_is_int64(var);

delete a structure type
     id - structure type ID
returns: 0 if bad structure type ID is passed
         1 otherwise the structure type is deleted. All data
           and other structure types referencing to the
           deleted structure type will be displayed as array of bytes.

success del_struc(long id);

get width of enum elements
     enum_id - ID of enum
returns: size of enum elements in bytes
         (0 if enum_id is bad or the width is unknown).

long get_enum_width(long enum_id);

get size of a member
     id            - structure type ID
     member_offset - member offset. The offset can be
                     any offset in the member. For example,
                     is a member is 4 bytes long and starts
                     at offset 2, then 2, 3, 4, 5 denote
                     the same structure member.
returns: -1 if bad structure type ID is passed
            or no such member in the structure
         otherwise returns size of the specified member in bytes.

long get_member_size(long id, long member_offset);

Sanitize the file name.
Remove the directory path, and replace wildcards ? * and chars<' ' with underscore.

string sanitize_file_name(string filename);

Display an UTF-8 encoded message in the message window
     format - printf() style format string
     ...    - additional parameters if any
This function can be used to debug IDC scripts
The result of the stringification of the arguments
will be treated as an UTF-8 string.
Thread-safe function.

void msg(string format, ...);

// Print variables in the message window
// This function print text representation of all its arguments to the output window.
// This function can be used to debug IDC scripts

void print(...);

// Display a message in a message box
//      format - printf() style format string
//      ...    - additional parameters if any
// This function can be used to debug IDC scripts
// The user will be able to hide messages if they appear twice in a row on the screen

void warning(string format, ...);

// Display a fatal message in a message box and quit IDA
//      format - printf() style format string
//      ...    - additional parameters if any

void error(string format, ...);

get structure type comment
     id         - structure type ID
     repeatable - 1: get repeatable comment
                  0: get regular comment
returns: 0 if bad structure type ID is passed
         otherwise returns comment.

string get_struc_cmt(long id, long repeatable);

get value of the IP (program counter) register for the current thread

long get_ip_val();

create array
     name - name of array. There are no restrictions
            on the name (its length should be less than
            120 characters, though)
returns: -1 - can't create array (it already exists)
         otherwise returns id of the array

long create_array(string name);

read 2 bytes from file
     handle    - file handle
     mostfirst - 0 least significant byte is first (intel)
                 1 most  significant byte is first
returns: -1 - error
         otherwise: a 16-bit value
Thread-safe function.

long readshort(long handle, long mostfirst);

Delete a segment
  ea      - any address in the segment
  flags   - combination of SEGMOD_... flags

success del_segm(long ea, long flags);

#define SEGMOD_KILL    0x0001 // disable addresses if segment gets shrinked or deleted
#define SEGMOD_KEEP    0x0002 // keep information (code & data, etc)
#define SEGMOD_SILENT  0x0004 // be silent
#define SEGMOD_KEEP0   0x0008 // flag for internal use, don't set
#define SEGMOD_KEEPSEL 0x0010 // do not try to delete unused selector
#define SEGMOD_NOMOVE  0x0020 // don't move info from the start of segment to
                              // the new start address (for set_segment_bounds())
#define SEGMOD_SPARSE  0x0040 // use sparse storage if extending the segment
                              // (for set_segment_bounds())
                              

Return the debugger event condition

returns: event condition

string get_debugger_event_cond();

Change IDA indicator.
Returns the previous status.

long set_ida_state(long status);

#define IDA_STATUS_READY    0 // READY     IDA is idle
#define IDA_STATUS_THINKING 1 // THINKING  Analyzing but the user may press keys
#define IDA_STATUS_WAITING  2 // WAITING   Waiting for the user input
#define IDA_STATUS_WORK     3 // BUSY      IDA is busy

Select the given thread as the current debugged thread.
     tid - ID of the thread to select
The process must be suspended to select a new thread.
returns: success

success select_thread(long tid);

get flag of enum
     enum_id - ID of enum
returns: flags of enum. These flags determine representation
         of numeric constants (binary, octal, decimal, hex)
         in the enum definition. See start of this file for
         more information about flags.
         Returns 0 if enum_id is bad.

long get_enum_flag(long enum_id);

Del object attribute
     self  - object
     attr  - attribute name
Thread-safe function.

success delattr(object self, string attr);

Convert string to lowercase
     str    - input string
returns: lowercase string
Thread-safe function.

string tolower(string str);

Read one byte from the input file
Returns -1 if no more bytes

long loader_input_t.getc();

get id of enum by id of constant
     const_id - id of symbolic constant
returns: id of enum the constant belongs to.
                        -1 if const_id is bad.

long get_enum_member_enum(long const_id);

set string value of array element
     id      - array id
     idx     - index of an element
     str     - string to store in array element
returns: 1-ok, 0-failed

success set_array_string(long id, long idx, string str);

Demangle a name
     name - name to demangle
     disable_mask - a mask that tells how to demangle the name
                    it is a good idea to get this mask using
                    get_inf_attr(INF_SHORT_DN) or get_inf_attr(INF_LONG_DN)
Returns: a demangled name
If the input name cannot be demangled, returns 0

string demangle_name(string name, long disable_mask);

Generate a function call graph GDL file
     outfile - output file name. GDL extension will be used
     title   - graph title
     ea1     - beginning of the range to flow chart
     ea2     - end of the range to flow chart. if ea2 == BADADDR
               then ea1 is treated as an address within a function.
               That function will be flow charted.
     flags   - combination of CHART_GEN_GDL, CHART_WINGRAPH, CHART_NOLIBFUNCS

success gen_simple_call_chart(string outfile, string title, long flags);

Read from debugger memory
     ea - linear address
     size - size of data to read
returns: data as a string. If failed, If failed, throws an exception
Thread-safe function (may be called only from the main thread and debthread)

string read_dbg_memory(long ea, long size);

read one byte from file
     handle  - file handle
returns: -1 - error
         otherwise a byte read.
Thread-safe function.

long fgetc(long handle);

Get extra comment line
     ea - linear address
     n  - number of line (0..MAX_ITEM_LINES)
          MAX_ITEM_LINES is defined in IDA.CFG
To get anterior  line #n use (E_PREV + n)
To get posterior line #n use (E_NEXT + n)
Returns number 0 if the comment line does not exit

string get_extra_cmt(long ea, long n);

Get address of the specified field using the type information
     ea         - address of the structure
     field_name - name of the structure field
If the database contains a structure at the specified ea and the
type information is present, this function will return the address of the
structure field.

long get_field_ea(long ea, string field_name);

For example:

  .data:00413060 errtable        dd 1   ; oscode
  .data:00413060                 dd 16h ; errnocode

        msg("address is: %x\n", _errtable.errnocode);

delete structure member
     id            - structure type ID
     member_offset - offset of the member
returns: !=0 - ok.
NOTE: IDA allows 'holes' between members of a structure.
      It treats these 'holes' as unnamed arrays of bytes.

long del_struc_member(long id, long member_offset);

Create a structure data item at the specified address
     ea      - linear address
     size    - structure size in bytes. -1 means that the size
               will be calculated automatically
     strname - name of a structure type
returns: 1-ok, 0-failure

success create_struct(long ea, long size, string strname);

Load (plan to apply) a FLIRT signature file
     name - signature name without path and extension
returns: 0 if could not load the signature file, !=0 otherwise

success plan_to_apply_idasgn(string name);

get file length
     handle - file handle
returns: -1 - error
         otherwise file length in bytes
Thread-safe function.

long filelength(long handle);

rename a file
     oldname - existing file name
     newname - new file name
returns: error code from the system
Thread-safe function.

long rename(string oldname, string newname);

get next bitmask in the enum (bitfield)
     enum_id - id of enum
     bmask   - value of the current bitmask
returns: value of a bitmask with value higher than the specified
         value. -1 if no such bitmasks exist.
         All bitmasks are sorted by their values as unsigned longs.

long get_next_bmask(long enum_id, long value);

delete a selector
        arguments:      sel - the selector number to delete
        returns:        nothing
        note:           if the selector is found, it will
                        be deleted

void del_selector(long sel);

get structure ID by structure name
     structure type name
returns: -1 if bad structure type name is passed
         otherwise returns structure ID.

long get_struc_id(string name);

get size of a structure
     id         - structure type ID
returns: 0 if bad structure type ID is passed
         otherwise returns size of structure in bytes.

long get_struc_size(long id);

find next address with fixup information
     ea - current address
returns: -1 - no more fixups
         otherwise returns the next address with fixup information

long get_next_fixup_ea(long ea);

change structure member name
     id            - structure type ID
     member_offset - offset of the member
     name          - new name of the member
returns: !=0 - ok.

long set_member_name(long id, long member_offset, string name);

Return length of a string in bytes
     str - input string
Returns: length (0..n)
Thread-safe function.

long strlen(string str);

Get id of a custom data format
     name - name of the custom data format
Returns: id or -1

long find_custom_data_format(string name);

Enable step tracing
     trace_level - what kind of trace to modify
     enable      - 0: turn off, 1: turn on
Returns: success

success enable_tracing(long trace_level, long enable);

#define TRACE_STEP 0x0  // lowest level trace. trace buffers are not maintained
#define TRACE_INSN 0x1  // instruction level trace
#define TRACE_FUNC 0x2  // function level trace (calls & rets)
#define TRACE_BBLK 0x4  // basic block level trace

Is a member id?
     id         - any id
returns: 1 there is structure member with the specified ID
         0 otherwise

long is_member_id(id);

Get value of program quadro word (8 bytes) using the debugger memory
     ea - linear address
returns: the value of the quadro word. If failed, throws an exception
Thread-safe function (may be called only from the main thread and debthread)

long read_dbg_qword(long ea);

Get base address of the input file

long get_imagebase();

Get disassembly line
     ea - linear address of instruction
     flags - combination of the GENDSM_ flags, or 0
returns: "" - could not decode instruction at the specified location
note: this function may return not exactly the same mnemonics
as you see on the screen.

string generate_disasm_line(long ea, long flags);  // get disassembly line

// flags for generate_disasm_line
#define GENDSM_FORCE_CODE 1     // generate a disassembly line as if
                                // there is an instruction at 'ea'
#define GENDSM_MULTI_LINE 2     // if the instruction consists of several lines,
                                // produce all of them(useful for parallel instructions)

get name of enum
     enum_id - ID of enum
returns: name of enum or empty string

string get_enum_name(long enum_id);

get index of the last existing array element
     tag     - tag of array (AR_LONG or AR_STR)
     id      - array id
returns: -1 - array is empty
         otherwise returns index of the last array element

long get_last_index(long tag, long id);

Get the extension of file name

string get_file_ext(string filename);

Plan to perform an action in the future.
This function will put your request to a special autoanalysis queue.
Later IDA will retrieve the request from the queue and process
it. There are several autoanalysis queue types. IDA will process all
queries from the first queue and then switch to the second queue, etc.

// plan/unplan range of addresses
void auto_mark_range(long start, long end, long queuetype);
void auto_unmark(long start, long end, long queuetype);

// plan to analyze an address
#define auto_mark(ea, qtype)      auto_mark_range(ea, (ea)+1, qtype)

#define AU_UNK  10      // make unknown
#define AU_CODE 20      // convert to instruction
#define AU_PROC 30      // make function
#define AU_USED 40      // reanalyze
#define AU_LIBF 60      // apply a flirt signature (the current signature!)
#define AU_FINAL 200    // coagulate unexplored items

Specify instruction representation manually.
     ea   - linear address
     insn - a string representation of the operand
IDA will not check the specified instruction, it will simply display
it instead of the original representation.

void set_manual_insn(long ea, string insn);

Generate an output file
     type  - type of output file. One of OFILE_... symbols. See below.
     fp    - the output file handle
     ea1   - start address. For some file types this argument is ignored
     ea2   - end address. For some file types this argument is ignored
     flags - bit combination of GENFLG_...
returns: number of the generated lines.
         -1 if an error occurred
         OFILE_EXE: 0-can't generate exe file, 1-ok

int gen_file(long type, long file_handle, long ea1, long ea2, long flags);

// output file types:

#define OFILE_MAP  0
#define OFILE_EXE  1
#define OFILE_IDC  2
#define OFILE_LST  3
#define OFILE_ASM  4
#define OFILE_DIF  5

// output control flags:

#define GENFLG_MAPSEGS 0x0001          // map: generate map of segments
#define GENFLG_MAPNAME 0x0002          // map: include dummy names
#define GENFLG_MAPDMNG 0x0004          // map: demangle names
#define GENFLG_MAPLOC  0x0008          // map: include local names
#define GENFLG_IDCTYPE 0x0008          // idc: gen only information about types
#define GENFLG_ASMTYPE 0x0010          // asm&lst: gen information about types too
#define GENFLG_GENHTML 0x0020          // asm&lst: generate html (gui version only)
#define GENFLG_ASMINC  0x0040          // asm&lst: gen information only about types
#define GENFLG_TIPLACE 0x0080          // asm&lst: dump tiplace (c syntax)
#define GENFLG_TIPLACE_ASM 0x0100      // asm&lst: dump tiplace (asm syntax)