Getting address from instruction

[BluePython339]

I am trying to get the function at a certain address.
['call', ' ', '0x4005a0'] , grab the address and to .get_function_at(addr)
how it got to this line is:
Use binaryninja.binaryview.BinaryView to get all the functions,
grab the function i want
get all the instructions of this function
filter for the call function.
then i get a list like the one shown above.
When checking the types of the content i get the type:

InstructionTextTokenType.InstructionToken
InstructionTextTokenType.TextToken

however, when trying to get the .value of either it return 0
this makes no sence to me.
Is there something i'm not getting?

[psifertex]

There's several ways to do this. The simplest is to just pull out the last argument, wrap it in str and int:

int(str(current_basic_block[1][0][-1]), 16)

Note that I'm using current_basic_block[1][0] to get the instruction tokens here.

The better solution though would be to get the IL at that location and simply ask for the destination of the call. This will work better if the argument is a register for example whose value is known.

For example:

Notice that I have to use .value.value at the call because the first .value asks for the constant-data-flow representation. There are other possible types besides constant values (could be any of https://api.binary.ninja/binaryninja.enums-module.html#binaryninja.enums.RegisterValueType) which is why you query value twice in that instance.

Also, if you've got the address of that instruction you can use something like:

current_function.get_low_level_il_at(addr).dest.value

to directly get the LLIL instruction.

Note that MLIL will be functionally similar except it will also have handy things like .params which you can query, but I would recommend against using HLIL for this as at that point the call might be folded into a more complex expression.

Does that help?