Skip to content

Functions

functions

Classes:

  • Functions

    Provides access to function-related operations within the IDA database.

Functions 

Functions(database: 'Database')

Provides access to function-related operations within the IDA database.

This class handles function discovery, analysis, manipulation, and provides access to function properties like names, signatures, basic blocks, and pseudocode.

Constructs a functions handler for the given database.

Args: database: Reference to the active IDA database.

Methods:

  • create

    Creates a new function at the specified address.

  • get_all

    Retrieves all functions in the database.

  • get_at

    Retrieves the function that contains the given address.

  • get_basic_blocks

    Retrieves the basic blocks that compose the given function.

  • get_between

    Retrieves functions within the specified address range.

  • get_callees

    Gets all functions called by this function.

  • get_callers

    Gets all functions that call this function.

  • get_disassembly

    Retrieves the disassembly lines for the given function.

  • get_instructions

    Retrieves all instructions within the given function.

  • get_microcode

    Retrieves the microcode of the given function.

  • get_name

    Retrieves the function's name.

  • get_pseudocode

    Retrieves the decompiled pseudocode of the given function.

  • get_signature

    Retrieves the function's type signature.

  • matches_signature

    Checks if a function matches the given signature.

  • remove

    Removes the function at the specified address.

  • set_name

    Renames the given function.

Attributes:

m_database instance-attribute 

m_database = database

create 

create(ea: ea_t) -> bool

Creates a new function at the specified address.

Args: ea: The effective address where the function should start.

Returns: True if the function was successfully created, False otherwise.

get_all 

get_all() -> Iterator[func_t]

Retrieves all functions in the database.

Returns: An iterator over all functions in the database.

get_at 

get_at(ea: ea_t) -> Optional[func_t]

Retrieves the function that contains the given address.

Args: ea: An effective address within the function body.

Returns: The function object containing the address, or None if no function exists at that address.

get_basic_blocks 

get_basic_blocks(func: func_t)

Retrieves the basic blocks that compose the given function.

Args: func: The function instance.

Returns: An iterator over the function's basic blocks, or empty iterator if function is invalid.

get_between 

get_between(start: ea_t, end: ea_t) -> Iterator[func_t]

Retrieves functions within the specified address range.

Args: start: Start address of the range (inclusive). end: End address of the range (exclusive).

Yields: Function objects whose start address falls within the specified range.

get_callees 

get_callees(func: func_t) -> List[func_t]

Gets all functions called by this function.

Args: func: The function instance.

Returns: List of called functions.

get_callers 

get_callers(func: func_t) -> List[func_t]

Gets all functions that call this function.

Args: func: The function instance.

Returns: List of calling functions.

get_disassembly 

get_disassembly(func: func_t) -> List[str]

Retrieves the disassembly lines for the given function.

Args: func: The function instance.

Returns: A list of strings, each representing a line of disassembly. Returns empty list if function is invalid.

get_instructions 

get_instructions(func: func_t)

Retrieves all instructions within the given function.

Args: func: The function instance.

Returns: An iterator over all instructions in the function, or empty iterator if function is invalid.

get_microcode 

get_microcode(
    func: func_t, remove_tags: bool = True
) -> List[str]

Retrieves the microcode of the given function.

Args: func: The function instance. remove_tags: If True, removes IDA color/formatting tags from the output.

Returns: A list of strings, each representing a line of microcode. Returns empty list if function is invalid or decompilation fails.

get_name 

get_name(func: func_t) -> str

Retrieves the function's name.

Args: func: The function instance.

Returns: The function name as a string, or empty string if no name is set.

get_pseudocode 

get_pseudocode(
    func: func_t, remove_tags: bool = True
) -> List[str]

Retrieves the decompiled pseudocode of the given function.

Args: func: The function instance. remove_tags: If True, removes IDA color/formatting tags from the output.

Returns: A list of strings, each representing a line of pseudocode. Returns empty list if function is invalid or decompilation fails.

get_signature 

get_signature(func: func_t) -> str

Retrieves the function's type signature.

Args: func: The function instance.

Returns: The function signature as a string, or empty string if unavailable or function is invalid.

matches_signature 

matches_signature(func: func_t, signature: str) -> bool

Checks if a function matches the given signature.

Args: func: The function instance. signature: The signature string to compare against.

Returns: True if the function signature matches, False otherwise.

remove 

remove(ea: ea_t) -> bool

Removes the function at the specified address.

Args: ea: The effective address of the function to remove.

Returns: True if the function was successfully removed, False otherwise.

set_name 

set_name(
    func: func_t, name: str, auto_correct: bool = True
) -> bool

Renames the given function.

Args: func: The function instance. name: The new name to assign to the function. auto_correct: If True, allows IDA to replace invalid characters automatically.

Returns: True if the function was successfully renamed, False otherwise.