mediumlevelil module

binaryninja.mediumlevelil.CoreMediumLevelILInstruction(...)

binaryninja.mediumlevelil.MediumLevelILAdc(...)

binaryninja.mediumlevelil.MediumLevelILAdd(...)

binaryninja.mediumlevelil.MediumLevelILAddOverflow(...)

binaryninja.mediumlevelil.MediumLevelILAddressOf(...)

binaryninja.mediumlevelil.MediumLevelILAddressOfField(...)

binaryninja.mediumlevelil.MediumLevelILAnd(...)

binaryninja.mediumlevelil.MediumLevelILAsr(...)

binaryninja.mediumlevelil.MediumLevelILBasicBlock(...)

The MediumLevelILBasicBlock object is returned during analysis and should not be directly instantiated.

binaryninja.mediumlevelil.MediumLevelILBinaryBase(...)

binaryninja.mediumlevelil.MediumLevelILBoolToInt(...)

binaryninja.mediumlevelil.MediumLevelILBp(...)

binaryninja.mediumlevelil.MediumLevelILCall(...)

binaryninja.mediumlevelil.MediumLevelILCallBase(...)

binaryninja.mediumlevelil.MediumLevelILCallOutput(...)

binaryninja.mediumlevelil.MediumLevelILCallOutputSsa(...)

binaryninja.mediumlevelil.MediumLevelILCallParam(...)

binaryninja.mediumlevelil.MediumLevelILCallParamSsa(...)

binaryninja.mediumlevelil.MediumLevelILCallSsa(...)

binaryninja.mediumlevelil.MediumLevelILCallUntyped(...)

binaryninja.mediumlevelil.MediumLevelILCallUntypedSsa(...)

binaryninja.mediumlevelil.MediumLevelILCarryBase(...)

binaryninja.mediumlevelil.MediumLevelILCeil(...)

binaryninja.mediumlevelil.MediumLevelILCmpE(...)

binaryninja.mediumlevelil.MediumLevelILCmpNe(...)

binaryninja.mediumlevelil.MediumLevelILCmpSge(...)

binaryninja.mediumlevelil.MediumLevelILCmpSgt(...)

binaryninja.mediumlevelil.MediumLevelILCmpSle(...)

binaryninja.mediumlevelil.MediumLevelILCmpSlt(...)

binaryninja.mediumlevelil.MediumLevelILCmpUge(...)

binaryninja.mediumlevelil.MediumLevelILCmpUgt(...)

binaryninja.mediumlevelil.MediumLevelILCmpUle(...)

binaryninja.mediumlevelil.MediumLevelILCmpUlt(...)

binaryninja.mediumlevelil.MediumLevelILComparisonBase(...)

binaryninja.mediumlevelil.MediumLevelILConst(...)

binaryninja.mediumlevelil.MediumLevelILConstBase(...)

binaryninja.mediumlevelil.MediumLevelILConstData(...)

binaryninja.mediumlevelil.MediumLevelILConstPtr(...)

binaryninja.mediumlevelil.MediumLevelILDivs(...)

binaryninja.mediumlevelil.MediumLevelILDivsDp(...)

binaryninja.mediumlevelil.MediumLevelILDivu(...)

binaryninja.mediumlevelil.MediumLevelILDivuDp(...)

binaryninja.mediumlevelil.MediumLevelILExpr(index)

class MediumLevelILExpr hold the index of IL Expressions.

binaryninja.mediumlevelil.MediumLevelILExternPtr(...)

binaryninja.mediumlevelil.MediumLevelILFabs(...)

binaryninja.mediumlevelil.MediumLevelILFadd(...)

binaryninja.mediumlevelil.MediumLevelILFcmpE(...)

binaryninja.mediumlevelil.MediumLevelILFcmpGe(...)

binaryninja.mediumlevelil.MediumLevelILFcmpGt(...)

binaryninja.mediumlevelil.MediumLevelILFcmpLe(...)

binaryninja.mediumlevelil.MediumLevelILFcmpLt(...)

binaryninja.mediumlevelil.MediumLevelILFcmpNe(...)

binaryninja.mediumlevelil.MediumLevelILFcmpO(...)

binaryninja.mediumlevelil.MediumLevelILFcmpUo(...)

binaryninja.mediumlevelil.MediumLevelILFdiv(...)

binaryninja.mediumlevelil.MediumLevelILFloatConst(...)

binaryninja.mediumlevelil.MediumLevelILFloatConv(...)

binaryninja.mediumlevelil.MediumLevelILFloatToInt(...)

binaryninja.mediumlevelil.MediumLevelILFloor(...)

binaryninja.mediumlevelil.MediumLevelILFmul(...)

binaryninja.mediumlevelil.MediumLevelILFneg(...)

binaryninja.mediumlevelil.MediumLevelILFreeVarSlot(...)

binaryninja.mediumlevelil.MediumLevelILFreeVarSlotSsa(...)

binaryninja.mediumlevelil.MediumLevelILFsqrt(...)

binaryninja.mediumlevelil.MediumLevelILFsub(...)

binaryninja.mediumlevelil.MediumLevelILFtrunc(...)

binaryninja.mediumlevelil.MediumLevelILFunction([...])

class MediumLevelILFunction contains the list of ExpressionIndex objects that make up a function.

binaryninja.mediumlevelil.MediumLevelILGoto(...)

binaryninja.mediumlevelil.MediumLevelILIf(...)

binaryninja.mediumlevelil.MediumLevelILImport(...)

binaryninja.mediumlevelil.MediumLevelILInstruction(...)

class MediumLevelILInstruction Medium Level Intermediate Language Instructions are infinite length tree-based instructions.

binaryninja.mediumlevelil.MediumLevelILIntToFloat(...)

binaryninja.mediumlevelil.MediumLevelILIntrinsic(...)

binaryninja.mediumlevelil.MediumLevelILIntrinsicSsa(...)

binaryninja.mediumlevelil.MediumLevelILJump(...)

binaryninja.mediumlevelil.MediumLevelILJumpTo(...)

binaryninja.mediumlevelil.MediumLevelILLabel([...])

binaryninja.mediumlevelil.MediumLevelILLoad(...)

binaryninja.mediumlevelil.MediumLevelILLoadSsa(...)

binaryninja.mediumlevelil.MediumLevelILLoadStruct(...)

binaryninja.mediumlevelil.MediumLevelILLoadStructSsa(...)

binaryninja.mediumlevelil.MediumLevelILLowPart(...)

binaryninja.mediumlevelil.MediumLevelILLsl(...)

binaryninja.mediumlevelil.MediumLevelILLsr(...)

binaryninja.mediumlevelil.MediumLevelILMemPhi(...)

binaryninja.mediumlevelil.MediumLevelILMemoryIntrinsicOutputSsa(...)

binaryninja.mediumlevelil.MediumLevelILMemoryIntrinsicSsa(...)

binaryninja.mediumlevelil.MediumLevelILMods(...)

binaryninja.mediumlevelil.MediumLevelILModsDp(...)

binaryninja.mediumlevelil.MediumLevelILModu(...)

binaryninja.mediumlevelil.MediumLevelILModuDp(...)

binaryninja.mediumlevelil.MediumLevelILMul(...)

binaryninja.mediumlevelil.MediumLevelILMulsDp(...)

binaryninja.mediumlevelil.MediumLevelILMuluDp(...)

binaryninja.mediumlevelil.MediumLevelILNeg(...)

binaryninja.mediumlevelil.MediumLevelILNop(...)

binaryninja.mediumlevelil.MediumLevelILNoret(...)

binaryninja.mediumlevelil.MediumLevelILNot(...)

binaryninja.mediumlevelil.MediumLevelILOperationAndSize(...)

binaryninja.mediumlevelil.MediumLevelILOr(...)

binaryninja.mediumlevelil.MediumLevelILRet(...)

binaryninja.mediumlevelil.MediumLevelILRetHint(...)

binaryninja.mediumlevelil.MediumLevelILRlc(...)

binaryninja.mediumlevelil.MediumLevelILRol(...)

binaryninja.mediumlevelil.MediumLevelILRor(...)

binaryninja.mediumlevelil.MediumLevelILRoundToInt(...)

binaryninja.mediumlevelil.MediumLevelILRrc(...)

binaryninja.mediumlevelil.MediumLevelILSbb(...)

binaryninja.mediumlevelil.MediumLevelILSeparateParamList(...)

binaryninja.mediumlevelil.MediumLevelILSetVar(...)

binaryninja.mediumlevelil.MediumLevelILSetVarAliased(...)

binaryninja.mediumlevelil.MediumLevelILSetVarAliasedField(...)

binaryninja.mediumlevelil.MediumLevelILSetVarField(...)

binaryninja.mediumlevelil.MediumLevelILSetVarSplit(...)

binaryninja.mediumlevelil.MediumLevelILSetVarSplitSsa(...)

binaryninja.mediumlevelil.MediumLevelILSetVarSsa(...)

binaryninja.mediumlevelil.MediumLevelILSetVarSsaField(...)

binaryninja.mediumlevelil.MediumLevelILSharedParamSlot(...)

binaryninja.mediumlevelil.MediumLevelILStore(...)

binaryninja.mediumlevelil.MediumLevelILStoreSsa(...)

binaryninja.mediumlevelil.MediumLevelILStoreStruct(...)

binaryninja.mediumlevelil.MediumLevelILStoreStructSsa(...)

binaryninja.mediumlevelil.MediumLevelILSub(...)

binaryninja.mediumlevelil.MediumLevelILSx(...)

binaryninja.mediumlevelil.MediumLevelILSyscall(...)

binaryninja.mediumlevelil.MediumLevelILSyscallSsa(...)

binaryninja.mediumlevelil.MediumLevelILSyscallUntyped(...)

binaryninja.mediumlevelil.MediumLevelILSyscallUntypedSsa(...)

binaryninja.mediumlevelil.MediumLevelILTailcall(...)

binaryninja.mediumlevelil.MediumLevelILTailcallSsa(...)

binaryninja.mediumlevelil.MediumLevelILTailcallUntyped(...)

binaryninja.mediumlevelil.MediumLevelILTailcallUntypedSsa(...)

binaryninja.mediumlevelil.MediumLevelILTestBit(...)

binaryninja.mediumlevelil.MediumLevelILTrap(...)

binaryninja.mediumlevelil.MediumLevelILUnaryBase(...)

binaryninja.mediumlevelil.MediumLevelILUndef(...)

binaryninja.mediumlevelil.MediumLevelILUnimpl(...)

binaryninja.mediumlevelil.MediumLevelILUnimplMem(...)

binaryninja.mediumlevelil.MediumLevelILVar(...)

binaryninja.mediumlevelil.MediumLevelILVarAliased(...)

binaryninja.mediumlevelil.MediumLevelILVarAliasedField(...)

binaryninja.mediumlevelil.MediumLevelILVarField(...)

binaryninja.mediumlevelil.MediumLevelILVarPhi(...)

binaryninja.mediumlevelil.MediumLevelILVarSplit(...)

binaryninja.mediumlevelil.MediumLevelILVarSplitSsa(...)

binaryninja.mediumlevelil.MediumLevelILVarSsa(...)

binaryninja.mediumlevelil.MediumLevelILVarSsaField(...)

binaryninja.mediumlevelil.MediumLevelILXor(...)

binaryninja.mediumlevelil.MediumLevelILZx(...)

binaryninja.mediumlevelil.SSAVariable(var, ...)

class CoreMediumLevelILInstruction(operation: MediumLevelILOperation, attributes: int, source_operand: int, size: int, operands: Tuple[ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex], address: int)[source]

Bases: object

Parameters:

  • operation (MediumLevelILOperation) –

  • attributes (int) –

  • source_operand (int) –

  • size (int) –

  • operands (Tuple[ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex]) –

  • address (int) –

classmethod from_BNMediumLevelILInstruction(instr: BNMediumLevelILInstruction) CoreMediumLevelILInstruction[source]
Parameters:

instr (BNMediumLevelILInstruction) –

Return type:

CoreMediumLevelILInstruction

address: int
attributes: int
operands: Tuple[ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex]
operation: MediumLevelILOperation
size: int
source_operand: int
class MediumLevelILAdc(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCarryBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILAdd(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILAddOverflow(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILAddressOf(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: Variable
property vars_address_taken: List[Variable]

Non-unique list of variables whose address is taken by instruction

class MediumLevelILAddressOfField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: Variable
class MediumLevelILAnd(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILAsr(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILBasicBlock(handle: LP_BNBasicBlock, owner: MediumLevelILFunction, view: BinaryView | None = None)[source]

Bases: BasicBlock

The MediumLevelILBasicBlock object is returned during analysis and should not be directly instantiated.

Parameters:
property il_function: MediumLevelILFunction
property instruction_count: int
class MediumLevelILBinaryBase(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, BinaryOperation

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property left: MediumLevelILInstruction
property right: MediumLevelILInstruction
class MediumLevelILBoolToInt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
class MediumLevelILBp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCall(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Localcall

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable]
property params: List[MediumLevelILInstruction]
class MediumLevelILCallBase(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Call

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable | SSAVariable]
property params: List[SSAVariable | Variable | MediumLevelILInstruction]
property vars_read: List[Variable | SSAVariable]

List of variables read by instruction

property vars_written: List[Variable | SSAVariable]

List of variables written by instruction

class MediumLevelILCallOutput(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property dest: List[Variable]
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property vars_written: List[Variable]

List of variables written by instruction

class MediumLevelILCallOutputSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property dest: List[SSAVariable]
property dest_memory: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILCallParam(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: List[Variable]
class MediumLevelILCallParamSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: List[SSAVariable]
property src_memory: int
class MediumLevelILCallSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Localcall, SSA

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
property output_dest_memory: int
property params: List[MediumLevelILInstruction]
property src_memory: int
class MediumLevelILCallUntyped(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Localcall

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable]
property params: List[Variable]
property stack: MediumLevelILInstruction
class MediumLevelILCallUntypedSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Localcall, SSA

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
property output_dest_memory: int
property params: List[SSAVariable]
property params_src_memory
property stack: MediumLevelILInstruction
class MediumLevelILCarryBase(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Carry

Parameters:
property carry: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property left: MediumLevelILInstruction
property right: MediumLevelILInstruction
class MediumLevelILCeil(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpE(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpNe(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpSge(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpSgt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpSle(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpSlt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpUge(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpUgt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpUle(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILCmpUlt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILComparisonBase(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Comparison

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILConst(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILConstBase

Parameters:
property constant: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILConstBase(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Constant

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILConstData(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILConstBase

Parameters:
property constant_data: ConstantData
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILConstPtr(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILConstBase

Parameters:
property constant: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property string: Tuple[str, StringType] | None
class MediumLevelILDivs(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILDivsDp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, DoublePrecision, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILDivu(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILDivuDp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, DoublePrecision

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILExpr(index)[source]

Bases: object

class MediumLevelILExpr hold the index of IL Expressions.

Note

Deprecated. Use ExpressionIndex instead

property index
class MediumLevelILExternPtr(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILConstBase

Parameters:
property constant: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
class MediumLevelILFabs(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFadd(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpE(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpGe(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpGt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpLe(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpLt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpNe(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpO(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFcmpUo(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFdiv(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFloatConst(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILConstBase, FloatingPoint

Parameters:
property constant: float
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFloatConv(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFloatToInt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFloor(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFmul(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFneg(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFreeVarSlot(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, RegisterStack

Parameters:
property dest: Variable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFreeVarSlotSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA, RegisterStack

Parameters:
property dest: SSAVariable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property prev: SSAVariable
class MediumLevelILFsqrt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFsub(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFtrunc(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILFunction(arch: Architecture | None = None, handle: BNMediumLevelILFunction | None = None, source_func: Function | None = None)[source]

Bases: object

class MediumLevelILFunction contains the list of ExpressionIndex objects that make up a function. ExpressionIndex objects can be added to the MediumLevelILFunction by calling append and passing the result of the various class methods which return ExpressionIndex objects.

Parameters:

  • arch (Architecture | None) –

  • handle (BNMediumLevelILFunction | None) –

  • source_func (Function | None) –

add_label_map(labels: Mapping[int, MediumLevelILLabel]) ExpressionIndex[source]

add_label_map returns a label list expression for the given list of MediumLevelILLabel objects.

Parameters:

labels (dict(int, MediumLevelILLabel)) – the list of MediumLevelILLabel to get a label list expression from

Returns:

the label list expression

Return type:

ExpressionIndex

add_operand_list(operands: List[ExpressionIndex]) ExpressionIndex[source]

add_operand_list returns an operand list expression for the given list of integer operands.

Parameters:

operands (list(int)) – list of operand numbers

Returns:

an operand list expression

Return type:

ExpressionIndex

append(expr: ExpressionIndex) int[source]

append adds the ExpressionIndex expr to the current MediumLevelILFunction.

Parameters:

expr (ExpressionIndex) – the ExpressionIndex to add to the current MediumLevelILFunction

Returns:

number of ExpressionIndex in the current function

Return type:

int

copy_expr(original: MediumLevelILInstruction) ExpressionIndex[source]

copy_expr adds an expression to the function which is equivalent to the given expression

Parameters:

original (MediumLevelILInstruction) – the original IL Instruction you want to copy

Returns:

The index of the newly copied expression

Return type:

ExpressionIndex

create_graph(settings: DisassemblySettings | None = None) CoreFlowGraph[source]
Parameters:

settings (DisassemblySettings | None) –

Return type:

CoreFlowGraph

expr(operation: MediumLevelILOperation, a: int = 0, b: int = 0, c: int = 0, d: int = 0, e: int = 0, size: int = 0) ExpressionIndex[source]
Parameters:
Return type:

ExpressionIndex

finalize() None[source]

finalize ends the function and computes the list of basic blocks.

Return type:

None

generate_ssa_form(analyze_conditionals: bool = True, handle_aliases: bool = True, known_not_aliases: List[Variable] | None = None, known_aliases: List[Variable] | None = None) None[source]

generate_ssa_form generate SSA form given the current MLIL

Parameters:

  • analyze_conditionals (bool) – whether or not to analyze conditionals, defaults to True

  • handle_aliases (bool) – whether or not to handle aliases, defaults to True

  • known_not_aliases (list(Variable)) – optional list of variables known to be not aliased

  • known_aliases (list(Variable)) – optional list of variables known to be aliased

Return type:

None

get_basic_block_at(index: int) BasicBlock | None[source]

get_basic_block_at returns the BasicBlock at the given MLIL instruction index.

Parameters:

index (int) – Index of the MLIL instruction of the BasicBlock to retrieve.

Example:
>>> current_il_function.get_basic_block_at(current_il_index)
<mlil block: x86@40-60>
Return type:

BasicBlock | None

get_expr(index: ExpressionIndex) MediumLevelILInstruction | None[source]

get_expr retrieves the IL expression at a given expression index in the function.

Warning

Not all IL expressions are valid, even if their index is within the bounds of the function, they might not be used by the function and might not contain properly structured data.

Parameters:

index (ExpressionIndex) – Index of desired expression in function

Returns:

A MediumLevelILInstruction object for the expression, if it exists. Otherwise, None

Return type:

MediumLevelILInstruction | None

get_expr_count() int[source]

get_expr_count gives a the total number of expressions in this IL function

You can use this to enumerate all expressions in conjunction with get_expr

Warning

Not all IL expressions are valid, even if their index is within the bounds of the function, they might not be used by the function and might not contain properly structured data.

Returns:

The number of expressions in the function

Return type:

int

get_expr_type(expr_index: int) Type | None[source]

Get type of expression

Parameters:

expr_index (int) – index of the expression to retrieve

Return type:

Optional[’types.Type’]

get_high_level_il_expr_index(expr: ExpressionIndex) ExpressionIndex | None[source]
Parameters:

expr (ExpressionIndex) –

Return type:

ExpressionIndex | None

get_high_level_il_expr_indexes(expr: ExpressionIndex) List[ExpressionIndex][source]
Parameters:

expr (ExpressionIndex) –

Return type:

List[ExpressionIndex]

get_high_level_il_instruction_index(instr: InstructionIndex) InstructionIndex | None[source]
Parameters:

instr (InstructionIndex) –

Return type:

InstructionIndex | None

get_instruction_start(addr: int, arch: Architecture | None = None) int | None[source]
Parameters:
Return type:

int | None

get_live_instructions_for_var(var: Variable, include_last_use: bool = True) List[MediumLevelILInstruction][source]

get_live_instructions_for_var computes the list of instructions for which var is live. If include_last_use is False, the last use of the variable will not be included in the list (this allows for easier computation of overlaps in liveness between two variables). If the variable is never used, this function will return an empty list.

Parameters:

  • var (SSAVariable) – the variable to query

  • include_last_use (bool) – whether to include the last use of the variable in the list of instructions

Returns:

list of instructions for which var is live

Return type:

list(MediumLevelILInstruction)

get_low_level_il_expr_index(expr: ExpressionIndex) ExpressionIndex | None[source]
Parameters:

expr (ExpressionIndex) –

Return type:

ExpressionIndex | None

get_low_level_il_expr_indexes(expr: ExpressionIndex) List[ExpressionIndex][source]
Parameters:

expr (ExpressionIndex) –

Return type:

List[ExpressionIndex]

get_low_level_il_instruction_index(instr: InstructionIndex) InstructionIndex | None[source]
Parameters:

instr (InstructionIndex) –

Return type:

InstructionIndex | None

get_non_ssa_instruction_index(instr: InstructionIndex) InstructionIndex[source]
Parameters:

instr (InstructionIndex) –

Return type:

InstructionIndex

get_ssa_instruction_index(instr: InstructionIndex) InstructionIndex[source]
Parameters:

instr (InstructionIndex) –

Return type:

InstructionIndex

get_ssa_memory_definition(version: int) MediumLevelILInstruction | None[source]
Parameters:

version (int) –

Return type:

MediumLevelILInstruction | None

get_ssa_memory_uses(version: int) List[MediumLevelILInstruction][source]
Parameters:

version (int) –

Return type:

List[MediumLevelILInstruction]

get_ssa_var_definition(ssa_var: SSAVariable | MediumLevelILVarSsa) MediumLevelILInstruction | None[source]

Gets the instruction that contains the given SSA variable’s definition.

Since SSA variables can only be defined once, this will return the single instruction where that occurs. For SSA variable version 0s, which don’t have definitions, this will return None instead.

Parameters:

ssa_var (SSAVariable | MediumLevelILVarSsa) –

Return type:

MediumLevelILInstruction | None

get_ssa_var_uses(ssa_var: SSAVariable | MediumLevelILVarSsa) List[MediumLevelILInstruction][source]

Gets all the instructions that use the given SSA variable.

Parameters:

ssa_var (SSAVariable | MediumLevelILVarSsa) –

Return type:

List[MediumLevelILInstruction]

get_ssa_var_value(ssa_var: SSAVariable) RegisterValue[source]
Parameters:

ssa_var (SSAVariable) –

Return type:

RegisterValue

get_var_definitions(var: Variable) List[MediumLevelILInstruction][source]
Parameters:

var (Variable) –

Return type:

List[MediumLevelILInstruction]

get_var_uses(var: Variable) List[MediumLevelILInstruction][source]
Parameters:

var (Variable) –

Return type:

List[MediumLevelILInstruction]

goto(label: MediumLevelILLabel) ExpressionIndex[source]

goto returns a goto expression which jumps to the provided MediumLevelILLabel.

Parameters:

label (MediumLevelILLabel) – Label to jump to

Returns:

the ExpressionIndex that jumps to the provided label

Return type:

ExpressionIndex

if_expr(operand: ExpressionIndex, t: MediumLevelILLabel, f: MediumLevelILLabel) ExpressionIndex[source]

if_expr returns the if expression which depending on condition operand jumps to the MediumLevelILLabel t when the condition expression operand is non-zero and f when it’s zero.

Parameters:
Returns:

the ExpressionIndex for the if expression

Return type:

ExpressionIndex

is_ssa_var_live(ssa_var: SSAVariable) bool[source]

is_ssa_var_live determines if ssa_var is live at any point in the function

Parameters:

ssa_var (SSAVariable) – the SSA variable to query

Returns:

whether the variable is live at any point in the function

Return type:

bool

is_ssa_var_live_at(ssa_var: SSAVariable, instr: InstructionIndex) bool[source]

is_ssa_var_live_at determines if ssa_var is live at a given point in the function; counts phi’s as uses

Parameters:

  • ssa_var (SSAVariable) –

  • instr (InstructionIndex) –

Return type:

bool

is_var_live_at(var: Variable, instr: InstructionIndex) bool[source]

is_var_live_at determines if var is live at a given point in the function

Parameters:

  • var (Variable) –

  • instr (InstructionIndex) –

Return type:

bool

mark_label(label: MediumLevelILLabel) None[source]

mark_label assigns a MediumLevelILLabel to the current IL address.

Parameters:

label (MediumLevelILLabel) –

Return type:

None

replace_expr(original: MediumLevelILInstruction | ExpressionIndex | InstructionIndex, new: MediumLevelILInstruction | ExpressionIndex | InstructionIndex) None[source]

replace_expr allows modification of MLIL expressions

Parameters:

  • original (ExpressionIndex) – the ExpressionIndex to replace (may also be an expression index)

  • new (ExpressionIndex) – the ExpressionIndex to add to the current LowLevelILFunction (may also be an expression index)

Return type:

None

set_current_address(value: int, arch: Architecture | None = None) None[source]
Parameters:
Return type:

None

set_expr_attributes(expr: MediumLevelILInstruction | ExpressionIndex | InstructionIndex, value: Set[ILInstructionAttribute] | List[ILInstructionAttribute])[source]

set_expr_attributes allows modification of instruction attributes but ONLY during lifting.

Warning

This function should ONLY be called as a part of a lifter. It will otherwise not do anything useful as there’s no way to trigger re-analysis of IL levels at this time.

Parameters:

  • expr (ExpressionIndex) – the ExpressionIndex to replace (may also be an expression index)

  • value (set(ILInstructionAttribute)) – the set of attributes to place on the instruction

Return type:

None

set_expr_type(expr_index: int, expr_type: str | Type | TypeBuilder) None[source]

Set type of expression

This API is only meant for workflows or for debugging purposes, since the changes they make are not persistent and get lost after a database save and reload. To make persistent changes to the analysis, one should use other APIs to, for example, change the type of variables. The analysis will then propagate the type of the variable and update the type of related expressions.

Parameters:

  • expr_index (int) – index of the expression to set

  • StringOrType – new type of the expression

  • expr_type (str | Type | TypeBuilder) –

Return type:

None

traverse(cb: Callable[[MediumLevelILInstruction, Any], Any], *args: Any, **kwargs: Any) Iterator[Any][source]

traverse iterates through all the instructions in the MediumLevelILInstruction and calls the callback function for each instruction and sub-instruction. See the Developer Docs for more examples.

Parameters:

  • cb (Callable[[MediumLevelILInstruction, Any], Any]) – Callback function that takes a HighLevelILInstruction and returns a value

  • args (Any) – Custom user-defined arguments

  • kwargs (Any) – Custom user-defined keyword arguments

  • cb

Returns:

An iterator of the results of the callback function

Return type:

Iterator[Any]

Example:
>>> def find_constants(instr) -> Optional[int]:
...     if isinstance(instr, Constant):
...         return instr.constant
>>> print(list(current_il_function.traverse(find_constants)))
visit(cb: Callable[[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str, MediumLevelILInstruction | None], bool]) bool[source]

Iterates over all the instructions in the function and calls the callback function for each instruction and each sub-instruction.

Parameters:

cb (MediumLevelILVisitorCallback) – Callback function that takes the name of the operand, the operand, operand type, and parent instruction

Returns:

True if all instructions were visited, False if the callback function returned False.

Return type:

bool

Deprecated since version 4.0.4907: Use MediumLevelILFunction.traverse instead.

visit_all(cb: Callable[[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str, MediumLevelILInstruction | None], bool]) bool[source]

Iterates over all the instructions in the function and calls the callback function for each instruction and their operands.

Parameters:

cb (MediumLevelILVisitorCallback) – Callback function that takes the name of the operand, the operand, operand type, and parent instruction

Returns:

True if all instructions were visited, False if the callback function returned False.

Return type:

bool

Deprecated since version 4.0.4907: Use MediumLevelILFunction.traverse instead.

visit_operands(cb: Callable[[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str, MediumLevelILInstruction | None], bool]) bool[source]
Iterates over all the instructions in the function and calls the callback function for each operand and

the operands of each sub-instruction.

Parameters:

cb (MediumLevelILVisitorCallback) – Callback function that takes the name of the operand, the operand, operand type, and parent instruction

Returns:

True if all instructions were visited, False if the callback function returned False.

Return type:

bool

Deprecated since version 4.0.4907: Use MediumLevelILFunction.traverse instead.

property aliased_vars: List[Variable]

This returns a list of Variables that are taken reference to and used elsewhere. You may also wish to consider MediumLevelIlFunction.vars and MediumLevelIlFunction.source_function.parameter_vars

property arch: Architecture
property basic_blocks: MediumLevelILBasicBlockList
property current_address: int

Current IL Address (read/write)

property high_level_il: HighLevelILFunction | None

High level IL for this medium level IL.

property hlil: HighLevelILFunction | None
property il_form: FunctionGraphType
property instructions: Generator[MediumLevelILInstruction, None, None]

A generator of mlil instructions of the current function

property llil: LowLevelILFunction | None

Alias for low_level_il

property low_level_il: LowLevelILFunction | None

Low level IL for this function

property non_ssa_form: MediumLevelILFunction | None

Medium level IL in non-SSA (default) form (read-only)

property source_function: Function
property ssa_form: MediumLevelILFunction | None

Medium level IL in SSA form (read-only)

property ssa_vars: List[SSAVariable]

This gets just the MLIL SSA variables - you may be interested in the union of MediumLevelIlFunction.aliased_vars and MediumLevelIlFunction.source_function.parameter_vars for all the variables used in the function

property vars: List[Variable]

This gets just the MLIL variables - you may be interested in the union of MediumLevelIlFunction.aliased_vars and MediumLevelIlFunction.source_function.parameter_vars for all the variables used in the function

property view: BinaryView
class MediumLevelILGoto(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
property dest: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILIf(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
property condition: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
property false: int
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property true: int
class MediumLevelILImport(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILConstBase

Parameters:
property constant: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILInstruction(function: MediumLevelILFunction, expr_index: ExpressionIndex, instr: CoreMediumLevelILInstruction, instr_index: InstructionIndex)[source]

Bases: BaseILInstruction

class MediumLevelILInstruction Medium Level Intermediate Language Instructions are infinite length tree-based instructions. Tree-based instructions use infix notation with the left hand operand being the destination operand. Infix notation is thus more natural to read than other notations (e.g. x86 mov eax, 0 vs. MLIL eax = 0).

Parameters:
classmethod create(func: MediumLevelILFunction, expr_index: ExpressionIndex, instr_index: InstructionIndex | None = None) MediumLevelILInstruction[source]
Parameters:

  • func (MediumLevelILFunction) –

  • expr_index (ExpressionIndex) –

  • instr_index (InstructionIndex | None) –

Return type:

MediumLevelILInstruction

get_branch_dependence(branch_instr: int) ILBranchDependence[source]
Parameters:

branch_instr (int) –

Return type:

ILBranchDependence

get_flag_value(flag: FlagName | ILFlag | FlagIndex) RegisterValue[source]
Parameters:

flag (FlagName | ILFlag | FlagIndex) –

Return type:

RegisterValue

get_flag_value_after(flag: FlagName | ILFlag | FlagIndex) RegisterValue[source]
Parameters:

flag (FlagName | ILFlag | FlagIndex) –

Return type:

RegisterValue

get_possible_flag_values(flag: FlagName | ILFlag | FlagIndex, options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:
Return type:

PossibleValueSet

get_possible_flag_values_after(flag: FlagName | ILFlag | FlagIndex, options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:
Return type:

PossibleValueSet

get_possible_reg_values(reg: RegisterName | ILRegister | RegisterIndex, options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:
Return type:

PossibleValueSet

get_possible_reg_values_after(reg: RegisterName | ILRegister | RegisterIndex, options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:
Return type:

PossibleValueSet

get_possible_stack_contents(offset: int, size: int, options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:
Return type:

PossibleValueSet

get_possible_stack_contents_after(offset: int, size: int, options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:
Return type:

PossibleValueSet

get_possible_values(options: List[DataFlowQueryOption] | None = None) PossibleValueSet[source]
Parameters:

options (List[DataFlowQueryOption] | None) –

Return type:

PossibleValueSet

get_reg_value(reg: RegisterName | ILRegister | RegisterIndex) RegisterValue[source]
Parameters:

reg (RegisterName | ILRegister | RegisterIndex) –

Return type:

RegisterValue

get_reg_value_after(reg: RegisterName | ILRegister | RegisterIndex) RegisterValue[source]
Parameters:

reg (RegisterName | ILRegister | RegisterIndex) –

Return type:

RegisterValue

get_split_var_for_definition(var: Variable) Variable[source]

Gets the unique variable for a definition instruction. This unique variable can be passed to Function.split_var to split a variable at a definition. The given var is the assigned variable to query.

Parameters:

var (Variable) – variable to query

Return type:

Variable

get_ssa_var_possible_values(ssa_var: SSAVariable, options: List[DataFlowQueryOption] = [])[source]
Parameters:
get_ssa_var_version(var: Variable) int[source]
Parameters:

var (Variable) –

Return type:

int

get_stack_contents(offset: int, size: int) RegisterValue[source]
Parameters:

  • offset (int) –

  • size (int) –

Return type:

RegisterValue

get_stack_contents_after(offset: int, size: int) RegisterValue[source]
Parameters:

  • offset (int) –

  • size (int) –

Return type:

RegisterValue

get_var_for_flag(flag: FlagName | ILFlag | FlagIndex) Variable[source]
Parameters:

flag (FlagName | ILFlag | FlagIndex) –

Return type:

Variable

get_var_for_reg(reg: RegisterName | ILRegister | RegisterIndex) Variable[source]
Parameters:

reg (RegisterName | ILRegister | RegisterIndex) –

Return type:

Variable

get_var_for_stack_location(offset: int) Variable[source]
Parameters:

offset (int) –

Return type:

Variable

static show_mlil_hierarchy()[source]

Opens a new tab showing the MLIL hierarchy which includes classes which can easily be used with isinstance to match multiple types of IL instructions.

traverse(cb: Callable[[MediumLevelILInstruction, Any], Any], *args: Any, **kwargs: Any) Iterator[Any][source]

traverse is a generator that allows you to traverse the MediumLevelILInstruction in a depth-first manner. It will yield the result of the callback function for each node in the tree. Arguments can be passed to the callback function using args and kwargs. See the Developer Docs for more examples.

Parameters:

  • cb (Callable[[MediumLevelILInstruction, Any], Any]) – The callback function to call for each node in the MediumLevelILInstruction

  • args (Any) – Custom user-defined arguments

  • kwargs (Any) – Custom user-defined keyword arguments

  • cb

Returns:

An iterator of the results of the callback function

Return type:

Iterator[Any]

Example:
>>> def get_constant_less_than_value(inst: MediumLevelILInstruction, value: int) -> int:
>>>     if isinstance(inst, Constant) and inst.constant < value:
>>>         return inst.constant
>>>
>>> list(inst.traverse(get_constant_less_than_value, 10))
visit(cb: Callable[[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str, MediumLevelILInstruction | None], bool], name: str = 'root', parent: MediumLevelILInstruction | None = None) bool[source]

Visits all MediumLevelILInstructions in the operands of this instruction and any sub-instructions. In the callback you provide, you likely only need to interact with the second argument (see the example below).

Parameters:

  • cb (MediumLevelILVisitorCallback) – Callback function that takes the name of the operand, the operand, operand type, and parent instruction

  • name (str) –

  • parent (MediumLevelILInstruction | None) –

Returns:

True if all instructions were visited, False if the callback returned False

Example:
>>> def visitor(_a, inst, _c, _d) -> bool:
>>>     if isinstance(inst, Constant):
>>>         print(f"Found constant: {inst.constant}")
>>>         return False # Stop recursion (once we find a constant, don't recurse in to any sub-instructions (which there won't actually be any...))
>>>     # Otherwise, keep recursing the subexpressions of this instruction; if no return value is provided, it'll keep descending
>>>
>>> # Finds all constants used in the program
>>> for inst in current_mlil.instructions:
>>>     inst.visit(visitor)
Return type:

bool

Deprecated since version 4.0.4907: Use MediumLevelILInstruction.traverse instead.

visit_all(cb: Callable[[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str, MediumLevelILInstruction | None], bool], name: str = 'root', parent: MediumLevelILInstruction | None = None) bool[source]

Visits all operands of this instruction and all operands of any sub-instructions. Using pre-order traversal.

Parameters:

  • cb (MediumLevelILVisitorCallback) – Callback function that takes the name of the operand, the operand, operand type, and parent instruction

  • name (str) –

  • parent (MediumLevelILInstruction | None) –

Returns:

True if all instructions were visited, False if the callback returned False

Return type:

bool

Deprecated since version 4.0.4907: Use MediumLevelILInstruction.traverse instead.

visit_operands(cb: Callable[[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str, MediumLevelILInstruction | None], bool], name: str = 'root', parent: MediumLevelILInstruction | None = None) bool[source]

Visits all leaf operands of this instruction and any sub-instructions.

Parameters:

  • cb (MediumLevelILVisitorCallback) – Callback function that takes the name of the operand, the operand, operand type, and parent instruction

  • name (str) –

  • parent (MediumLevelILInstruction | None) –

Returns:

True if all instructions were visited, False if the callback returned False

Return type:

bool

Deprecated since version 4.0.4907: Use MediumLevelILInstruction.traverse instead.

ILOperations: ClassVar[Mapping[MediumLevelILOperation, List[Tuple[str, str]]]] = {MediumLevelILOperation.MLIL_NOP: [], MediumLevelILOperation.MLIL_SET_VAR: [('dest', 'var'), ('src', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_FIELD: [('dest', 'var'), ('offset', 'int'), ('src', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_SPLIT: [('high', 'var'), ('low', 'var'), ('src', 'expr')], MediumLevelILOperation.MLIL_LOAD: [('src', 'expr')], MediumLevelILOperation.MLIL_LOAD_STRUCT: [('src', 'expr'), ('offset', 'int')], MediumLevelILOperation.MLIL_STORE: [('dest', 'expr'), ('src', 'expr')], MediumLevelILOperation.MLIL_STORE_STRUCT: [('dest', 'expr'), ('offset', 'int'), ('src', 'expr')], MediumLevelILOperation.MLIL_VAR: [('src', 'var')], MediumLevelILOperation.MLIL_VAR_FIELD: [('src', 'var'), ('offset', 'int')], MediumLevelILOperation.MLIL_VAR_SPLIT: [('high', 'var'), ('low', 'var')], MediumLevelILOperation.MLIL_ADDRESS_OF: [('src', 'var')], MediumLevelILOperation.MLIL_ADDRESS_OF_FIELD: [('src', 'var'), ('offset', 'int')], MediumLevelILOperation.MLIL_CONST: [('constant', 'int')], MediumLevelILOperation.MLIL_CONST_DATA: [('constant_data', 'constant_data')], MediumLevelILOperation.MLIL_CONST_PTR: [('constant', 'int')], MediumLevelILOperation.MLIL_EXTERN_PTR: [('constant', 'int'), ('offset', 'int')], MediumLevelILOperation.MLIL_FLOAT_CONST: [('constant', 'float')], MediumLevelILOperation.MLIL_IMPORT: [('constant', 'int')], MediumLevelILOperation.MLIL_ADD: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_ADC: [('left', 'expr'), ('right', 'expr'), ('carry', 'expr')], MediumLevelILOperation.MLIL_SUB: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_SBB: [('left', 'expr'), ('right', 'expr'), ('carry', 'expr')], MediumLevelILOperation.MLIL_AND: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_OR: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_XOR: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_LSL: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_LSR: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_ASR: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_ROL: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_RLC: [('left', 'expr'), ('right', 'expr'), ('carry', 'expr')], MediumLevelILOperation.MLIL_ROR: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_RRC: [('left', 'expr'), ('right', 'expr'), ('carry', 'expr')], MediumLevelILOperation.MLIL_MUL: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_MULU_DP: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_MULS_DP: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_DIVU: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_DIVU_DP: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_DIVS: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_DIVS_DP: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_MODU: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_MODU_DP: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_MODS: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_MODS_DP: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_NEG: [('src', 'expr')], MediumLevelILOperation.MLIL_NOT: [('src', 'expr')], MediumLevelILOperation.MLIL_SX: [('src', 'expr')], MediumLevelILOperation.MLIL_ZX: [('src', 'expr')], MediumLevelILOperation.MLIL_LOW_PART: [('src', 'expr')], MediumLevelILOperation.MLIL_JUMP: [('dest', 'expr')], MediumLevelILOperation.MLIL_JUMP_TO: [('dest', 'expr'), ('targets', 'target_map')], MediumLevelILOperation.MLIL_RET_HINT: [('dest', 'expr')], MediumLevelILOperation.MLIL_CALL: [('output', 'var_list'), ('dest', 'expr'), ('params', 'expr_list')], MediumLevelILOperation.MLIL_CALL_UNTYPED: [('output', 'expr'), ('dest', 'expr'), ('params', 'expr'), ('stack', 'expr')], MediumLevelILOperation.MLIL_CALL_OUTPUT: [('dest', 'var_list')], MediumLevelILOperation.MLIL_CALL_PARAM: [('src', 'expr_list')], MediumLevelILOperation.MLIL_SEPARATE_PARAM_LIST: [('params', 'expr_list')], MediumLevelILOperation.MLIL_SHARED_PARAM_SLOT: [('params', 'expr_list')], MediumLevelILOperation.MLIL_RET: [('src', 'expr_list')], MediumLevelILOperation.MLIL_NORET: [], MediumLevelILOperation.MLIL_IF: [('condition', 'expr'), ('true', 'int'), ('false', 'int')], MediumLevelILOperation.MLIL_GOTO: [('dest', 'int')], MediumLevelILOperation.MLIL_CMP_E: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_NE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_SLT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_ULT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_SLE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_ULE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_SGE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_UGE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_SGT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_CMP_UGT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_TEST_BIT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_BOOL_TO_INT: [('src', 'expr')], MediumLevelILOperation.MLIL_ADD_OVERFLOW: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_SYSCALL: [('output', 'var_list'), ('params', 'expr_list')], MediumLevelILOperation.MLIL_SYSCALL_UNTYPED: [('output', 'expr'), ('params', 'expr'), ('stack', 'expr')], MediumLevelILOperation.MLIL_TAILCALL: [('output', 'var_list'), ('dest', 'expr'), ('params', 'expr_list')], MediumLevelILOperation.MLIL_TAILCALL_UNTYPED: [('output', 'expr'), ('dest', 'expr'), ('params', 'expr'), ('stack', 'expr')], MediumLevelILOperation.MLIL_INTRINSIC: [('output', 'var_list'), ('intrinsic', 'intrinsic'), ('params', 'expr_list')], MediumLevelILOperation.MLIL_FREE_VAR_SLOT: [('dest', 'var')], MediumLevelILOperation.MLIL_BP: [], MediumLevelILOperation.MLIL_TRAP: [('vector', 'int')], MediumLevelILOperation.MLIL_UNDEF: [], MediumLevelILOperation.MLIL_UNIMPL: [], MediumLevelILOperation.MLIL_UNIMPL_MEM: [('src', 'expr')], MediumLevelILOperation.MLIL_FADD: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FSUB: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FMUL: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FDIV: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FSQRT: [('src', 'expr')], MediumLevelILOperation.MLIL_FNEG: [('src', 'expr')], MediumLevelILOperation.MLIL_FABS: [('src', 'expr')], MediumLevelILOperation.MLIL_FLOAT_TO_INT: [('src', 'expr')], MediumLevelILOperation.MLIL_INT_TO_FLOAT: [('src', 'expr')], MediumLevelILOperation.MLIL_FLOAT_CONV: [('src', 'expr')], MediumLevelILOperation.MLIL_ROUND_TO_INT: [('src', 'expr')], MediumLevelILOperation.MLIL_FLOOR: [('src', 'expr')], MediumLevelILOperation.MLIL_CEIL: [('src', 'expr')], MediumLevelILOperation.MLIL_FTRUNC: [('src', 'expr')], MediumLevelILOperation.MLIL_FCMP_E: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_NE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_LT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_LE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_GE: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_GT: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_O: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_FCMP_UO: [('left', 'expr'), ('right', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_SSA: [('dest', 'var_ssa'), ('src', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_SSA_FIELD: [('dest', 'var_ssa_dest_and_src'), ('prev', 'var_ssa_dest_and_src'), ('offset', 'int'), ('src', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_SPLIT_SSA: [('high', 'var_ssa'), ('low', 'var_ssa'), ('src', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_ALIASED: [('dest', 'var_ssa_dest_and_src'), ('prev', 'var_ssa_dest_and_src'), ('src', 'expr')], MediumLevelILOperation.MLIL_SET_VAR_ALIASED_FIELD: [('dest', 'var_ssa_dest_and_src'), ('prev', 'var_ssa_dest_and_src'), ('offset', 'int'), ('src', 'expr')], MediumLevelILOperation.MLIL_VAR_SSA: [('src', 'var_ssa')], MediumLevelILOperation.MLIL_VAR_SSA_FIELD: [('src', 'var_ssa'), ('offset', 'int')], MediumLevelILOperation.MLIL_VAR_ALIASED: [('src', 'var_ssa')], MediumLevelILOperation.MLIL_VAR_ALIASED_FIELD: [('src', 'var_ssa'), ('offset', 'int')], MediumLevelILOperation.MLIL_VAR_SPLIT_SSA: [('high', 'var_ssa'), ('low', 'var_ssa')], MediumLevelILOperation.MLIL_CALL_SSA: [('output', 'expr'), ('output_dest_memory', 'int'), ('dest', 'expr'), ('params', 'expr_list'), ('src_memory', 'int')], MediumLevelILOperation.MLIL_CALL_UNTYPED_SSA: [('output', 'expr'), ('dest', 'expr'), ('params', 'expr'), ('stack', 'expr')], MediumLevelILOperation.MLIL_SYSCALL_SSA: [('output', 'expr'), ('params', 'expr_list'), ('src_memory', 'int')], MediumLevelILOperation.MLIL_SYSCALL_UNTYPED_SSA: [('output', 'expr'), ('params', 'expr'), ('stack', 'expr')], MediumLevelILOperation.MLIL_TAILCALL_SSA: [('output', 'expr'), ('output_dest_memory', 'int'), ('dest', 'expr'), ('params', 'expr_list'), ('src_memory', 'int')], MediumLevelILOperation.MLIL_TAILCALL_UNTYPED_SSA: [('output', 'expr'), ('dest', 'expr'), ('params', 'expr'), ('stack', 'expr')], MediumLevelILOperation.MLIL_CALL_PARAM_SSA: [('src_memory', 'int'), ('src', 'expr_list')], MediumLevelILOperation.MLIL_CALL_OUTPUT_SSA: [('dest_memory', 'int'), ('dest', 'var_ssa_list')], MediumLevelILOperation.MLIL_MEMORY_INTRINSIC_OUTPUT_SSA: [('dest_memory', 'int'), ('output', 'var_ssa_list')], MediumLevelILOperation.MLIL_LOAD_SSA: [('src', 'expr'), ('src_memory', 'int')], MediumLevelILOperation.MLIL_LOAD_STRUCT_SSA: [('src', 'expr'), ('offset', 'int'), ('src_memory', 'int')], MediumLevelILOperation.MLIL_STORE_SSA: [('dest', 'expr'), ('dest_memory', 'int'), ('src_memory', 'int'), ('src', 'expr')], MediumLevelILOperation.MLIL_STORE_STRUCT_SSA: [('dest', 'expr'), ('offset', 'int'), ('dest_memory', 'int'), ('src_memory', 'int'), ('src', 'expr')], MediumLevelILOperation.MLIL_INTRINSIC_SSA: [('output', 'var_ssa_list'), ('intrinsic', 'intrinsic'), ('params', 'expr_list')], MediumLevelILOperation.MLIL_MEMORY_INTRINSIC_SSA: [('output', 'expr'), ('intrinsic', 'intrinsic'), ('params', 'expr_list'), ('src_memory', 'int')], MediumLevelILOperation.MLIL_FREE_VAR_SLOT_SSA: [('prev', 'var_ssa_dest_and_src')], MediumLevelILOperation.MLIL_VAR_PHI: [('dest', 'var_ssa'), ('src', 'var_ssa_list')], MediumLevelILOperation.MLIL_MEM_PHI: [('dest_memory', 'int'), ('src_memory', 'int_list')]}
property address: int
property attributes: Set[ILInstructionAttribute]

The set of optional attributes placed on the instruction

property branch_dependence: Mapping[int, ILBranchDependence]

Set of branching instructions that must take the true or false path to reach this instruction

property core_operands: Tuple[ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex]
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
property expr_type: Type | None

Type of expression

function: MediumLevelILFunction
property high_level_il: HighLevelILInstruction | None

High level IL form of this expression

property hlil: HighLevelILInstruction | None

Alias for high_level_il

property hlils: List[HighLevelILInstruction]
property il_basic_block: MediumLevelILBasicBlock

IL basic block object containing this expression (read-only) (only available on finalized functions)

instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property instruction_operands: List[MediumLevelILInstruction]
property llil: LowLevelILInstruction | None

Alias for low_level_il

property llils: List[LowLevelILInstruction]
property low_level_il: LowLevelILInstruction | None

Low level IL form of this expression

property non_ssa_form: MediumLevelILInstruction

Non-SSA form of expression (read-only)

property operands: List[int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData]

Operands for the instruction

Consider using more specific APIs for src, dest, params, etc where appropriate.

property operation: MediumLevelILOperation
property possible_values: PossibleValueSet

Possible values of expression using path-sensitive static data flow analysis (read-only)

property postfix_operands: List[int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData]

All operands in the expression tree in postfix order

property prefix_operands: List[int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData]

All operands in the expression tree in prefix order

property raw_operands: Tuple[ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex, ExpressionIndex]

Raw operand expression indices as specified by the core structure (read-only)

property size: int
property source_operand: ExpressionIndex
property ssa_form: MediumLevelILInstruction

SSA form of expression (read-only)

property ssa_memory_version: int

Version of active memory contents in SSA form for this instruction

property tokens: List[InstructionTextToken]

MLIL tokens (read-only)

property value: RegisterValue

Value of expression if constant or a known value (read-only)

property vars_address_taken: List[Variable | SSAVariable]

Non-unique list of variables whose address is taken by instruction

property vars_read: List[Variable | SSAVariable]

List of variables read by instruction

property vars_written: List[Variable | SSAVariable]

List of variables written by instruction

class MediumLevelILIntToFloat(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILIntrinsic(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Intrinsic

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property intrinsic: ILIntrinsic
property output: List[Variable]
property params: List[MediumLevelILInstruction]
property vars_read: List[Variable]

List of variables read by instruction

property vars_written: List[Variable]

List of variables written by instruction

class MediumLevelILIntrinsicSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property intrinsic: ILIntrinsic
property output: List[SSAVariable]
property params: List[MediumLevelILInstruction]
property vars_read: List[SSAVariable]

List of variables read by instruction

property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILJump(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILJumpTo(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property targets: Dict[int, int]
class MediumLevelILLabel(handle: BNMediumLevelILLabel | None = None)[source]

Bases: object

Parameters:

handle (BNMediumLevelILLabel | None) –

property operand: InstructionIndex
property ref: bool
property resolved: bool
class MediumLevelILLoad(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Load

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
class MediumLevelILLoadSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Load, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
property src_memory: int
class MediumLevelILLoadStruct(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Load

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: MediumLevelILInstruction
class MediumLevelILLoadStructSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Load, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: MediumLevelILInstruction
property src_memory: int
class MediumLevelILLowPart(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILLsl(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILLsr(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILMemPhi(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Memory, Phi

Parameters:
property dest_memory: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src_memory: List[int]
class MediumLevelILMemoryIntrinsicOutputSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property dest_memory: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
class MediumLevelILMemoryIntrinsicSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property dest_memory: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property intrinsic: ILIntrinsic
property output: List[SSAVariable]
property params: List[MediumLevelILInstruction]
property src_memory: int
class MediumLevelILMods(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILModsDp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, DoublePrecision, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILModu(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILModuDp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, DoublePrecision

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILMul(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILMulsDp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, DoublePrecision, Signed

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILMuluDp(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, DoublePrecision

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILNeg(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILNop(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILNoret(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILNot(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILOperationAndSize(operation: MediumLevelILOperation, size: int)[source]

Bases: object

Parameters:
operation: MediumLevelILOperation
size: int
class MediumLevelILOr(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILRet(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Return

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: List[MediumLevelILInstruction]
class MediumLevelILRetHint(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, ControlFlow

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILRlc(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCarryBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILRol(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILRor(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILRoundToInt(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic, FloatingPoint

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILRrc(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCarryBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILSbb(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCarryBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILSeparateParamList(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: List[Variable]
class MediumLevelILSetVar(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar

Parameters:
property dest: Variable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
property vars_read: List[Variable | SSAVariable]

List of variables read by instruction

property vars_written: List[Variable]

List of variables written by instruction

class MediumLevelILSetVarAliased(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar, SSA

Parameters:
property dest: SSAVariable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property prev: SSAVariable
property src: MediumLevelILInstruction
property vars_read: List[Variable | SSAVariable]

List of variables read by instruction

property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILSetVarAliasedField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar, SSA

Parameters:
property dest: SSAVariable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property prev: SSAVariable
property src: MediumLevelILInstruction
property vars_read: List[SSAVariable]

List of variables read by instruction

class MediumLevelILSetVarField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar

Parameters:
property dest: Variable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: MediumLevelILInstruction
class MediumLevelILSetVarSplit(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
property high: Variable
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property low: Variable
property src: MediumLevelILInstruction
property vars_written: List[Variable]

List of variables written by instruction

class MediumLevelILSetVarSplitSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
property high: SSAVariable
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property low: SSAVariable
property src: MediumLevelILInstruction
property vars_read: List[Variable | SSAVariable]

List of variables read by instruction

property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILSetVarSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar, SSA

Parameters:
property dest: SSAVariable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
property vars_read: List[Variable | SSAVariable]

List of variables read by instruction

property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILSetVarSsaField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar, SSA

Parameters:
property dest: SSAVariable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property prev: SSAVariable
property src: MediumLevelILInstruction
property vars_read: List[SSAVariable]

List of variables read by instruction

property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILSharedParamSlot(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: List[Variable]
class MediumLevelILStore(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Store

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
class MediumLevelILStoreSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Store, SSA

Parameters:
property dest: MediumLevelILInstruction
property dest_memory: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
property src_memory: int
class MediumLevelILStoreStruct(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Store

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: MediumLevelILInstruction
class MediumLevelILStoreStructSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Store, SSA

Parameters:
property dest: MediumLevelILInstruction
property dest_memory: int
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: MediumLevelILInstruction
property src_memory: int
class MediumLevelILSub(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILSx(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILSyscall(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Syscall

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable]
property params: List[MediumLevelILInstruction]
class MediumLevelILSyscallSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Syscall, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
property output_dest_memory: int
property params: List[MediumLevelILInstruction]
property src_memory: int
class MediumLevelILSyscallUntyped(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Syscall

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable]
property params: List[Variable]
property stack: MediumLevelILInstruction
class MediumLevelILSyscallUntypedSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Syscall, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
property output_dest_memory: int
property params: List[SSAVariable]
property params_src_memory: int
property stack: MediumLevelILInstruction
class MediumLevelILTailcall(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Tailcall

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable]
property params: List[MediumLevelILInstruction]
class MediumLevelILTailcallSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Tailcall, SSA

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
property output_dest_memory: int
property params: List[MediumLevelILInstruction]
property src_memory: int
class MediumLevelILTailcallUntyped(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Tailcall

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[Variable]
property params: List[Variable]
property stack: MediumLevelILInstruction
class MediumLevelILTailcallUntypedSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILCallBase, Tailcall, SSA

Parameters:
property dest: MediumLevelILInstruction
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property output: List[SSAVariable]
property output_dest_memory: int
property params: List[SSAVariable]
property stack: MediumLevelILInstruction
class MediumLevelILTestBit(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILComparisonBase

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILTrap(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Terminal

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property vector: int
class MediumLevelILUnaryBase(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, UnaryOperation

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
class MediumLevelILUndef(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILUnimpl(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILUnimplMem(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, Memory

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: MediumLevelILInstruction
class MediumLevelILVar(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, VariableInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: Variable
property var: Variable
class MediumLevelILVarAliased(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA, AliasedVariableInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: SSAVariable
class MediumLevelILVarAliasedField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: SSAVariable
class MediumLevelILVarField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: Variable
class MediumLevelILVarPhi(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SetVar, Phi, SSA

Parameters:
property dest: SSAVariable
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: List[SSAVariable]
property vars_read: List[SSAVariable]

List of variables read by instruction

property vars_written: List[SSAVariable]

List of variables written by instruction

class MediumLevelILVarSplit(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
property high: Variable
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property low: Variable
class MediumLevelILVarSplitSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
property high: SSAVariable
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property low: SSAVariable
class MediumLevelILVarSsa(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSAVariableInstruction

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property src: SSAVariable
property var: SSAVariable
class MediumLevelILVarSsaField(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILInstruction, SSA

Parameters:
property detailed_operands: List[Tuple[str, int | float | MediumLevelILOperationAndSize | MediumLevelILInstruction | ILIntrinsic | Variable | SSAVariable | List[int] | List[Variable] | List[SSAVariable] | List[MediumLevelILInstruction] | Dict[int, int] | ConstantData, str]]

Returns a list of tuples containing the name of the operand, the operand, and the type of the operand. Useful for iterating over all operands of an instruction and sub-instructions.

expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
property offset: int
property src: SSAVariable
class MediumLevelILXor(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILBinaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class MediumLevelILZx(function: 'MediumLevelILFunction', expr_index: <function NewType.<locals>.new_type at 0x1055ddf70>, instr: binaryninja.mediumlevelil.CoreMediumLevelILInstruction, instr_index: <function NewType.<locals>.new_type at 0x1045fef70>)[source]

Bases: MediumLevelILUnaryBase, Arithmetic

Parameters:
expr_index: ExpressionIndex
function: MediumLevelILFunction
instr: CoreMediumLevelILInstruction
instr_index: InstructionIndex
class SSAVariable(var: 'variable.Variable', version: int)[source]

Bases: object

Parameters:
property dead_store_elimination: DeadStoreElimination

returns the dead store elimination setting for this variable (read-only)

property def_site: MediumLevelILInstruction | HighLevelILInstruction | None

Gets the IL instructions where this SSAVariable is defined.

property function: Function

returns the source Function object which this variable belongs to

property il_function: function.ILFunctionType

returns the il Function object which this variable belongs to

property name: str
property type: Type
property use_sites: List[MediumLevelILInstruction | HighLevelILInstruction]

Gets the list of IL instructions where this SSAVariable is used inside of this function.

var: Variable
version: int