共5条
1/1 1 跳转至页
IDA PRO Disassembler v4.5.0.762 release by edw
呵呵,IDA Pro 总算增加Debug功能了!赶快学习吧。
Windows PE Integrated debugger
官方介绍如下:
New features in version 4.50 (12/02/2003)
Processors
new processor: Intel xScale
new processor: Mitsubishi M32R (advanced)
new processor: Mitsubishi MELPS740
new processor: Mitsubishi M7700 family (advanced)
new processor: NEC 78K0 (advanced)
new processor: NEC 78K0S (advanced)
new processor: Fujitsu FR family
new processor: STMicroelectronics ST9+ (advanced)
IBM PC: borland RTTI-templates with GUID are supported
IBM PC: rep prefix is used when the Intel manual says it should be
IBM PC: the current compiler is taken into account when using the __fastcall calling convention (before only Borland was supported)
IBM PC: better handling of indirect calls (mov offset func-add-call is detected)
ARM: call sequences like "mov lr, pc; ldr pc, something" are recognized by ida and don't interrupt the execution flow
ARM: SUB Rx, PC, #imm is replaced by ADR Rx, label; ARM module is commented
ARM: stack variables are supported
ARM: option to disable pointer dereferencing is added
AVR: better configuration file; config file management is improved
AVR: interrupt vectors are supported
AVR: EEPROM file extension by default is BIN
MIPS: memory mapping is supported
PowerPC little-endian mode can be specified by the user
MC68K: respect the user-defined offsets for o_mem and o_near addressing modes
ST7: new config file
FILE FORMATS
COFF loader sets up the default data segment (better analysis)
better recognition of VxD driver files
HEX: added support of extended segment information record type
PE: better support of invalid files
PE: FS and GS register values are set to unknown at the loading time
PE: If the debug information is corrupted (in packed files, for example), IDA doesn't die but gracefully skips it
PE: section permissions are loaded into the database
LX: IDA always uses "metapc" processor and ignores the processor type specified in the file header
PSX object files: additional fixup record types are supported (26 and 30)
PSX object files: ida knows how to skip record type 60. We still don't know what this record type means, but at least we can load files with this record present.
Memory dump loader: now it accepts dumps with one digit per byte
Mitsubishi HEX file extended address records are supported
palmpilot loader: better check of time stamp
New XBE file format is supported
stricter check of PalmPilot files
the pdb plugin has been rewritten (requires VC++ to be compiled)
USER INTERFACE
flow chart: option to print block labels
'jump in a new window' command added in context and main menus
'jump to file offset' command
new command: move a segment which allows to move an existing segment to another address
it is possible to hide/unhide arbitrary regions
command to toggle leading zeroes on a number
value of an enum member can now be changed
graphs: now supports recursion depth
new dialog box to easily assign structure offsets/union paths to a selection "en masse"
previous & next drop-down menus for navigation stack (as in the Internet Explorer)
options in 'Browser' to set maximum lines & auto clean of upper items
cursor for search/auto-analysis in the navigation toolbar + associated color option
customizable background color for memo hints (Options -> Colors 1)
hexview: better handling of highlight-background combinations
hide/unhide all now works on functions, structs & enums for GUI & TXT
highlight the problematic line in a 'problem hint' on the navigation toolbar
hints on "Address" & "Called function" columns in callees
hints on hidden functions, structures & enumerations
hints on navigation toolbar (on stars, after a search)
hints on structures in a struct window
hints on xrefs in a struct window
hints on xrefs now print preceding lines and highlight the destination name
input text fields are in Courier font
jump commands (using the lists in the search toolbar) now open a new disassembly window if needed
xrefs in structure and enumeration windows are not displayed because they confuse the users
notepad now automatically popups at start if it was saved as opened in the database
register hints now print the associated comment
the function prototype is linked to the function stack argument definitions
the input database name is displayed in the title bar
the welcome dialog box can be resized
ida displays the welcome form is the input file is not specified in the command line
user defined graphs: option to print function comments (use the same color as regular comments)
desktop/top commands added to tabs popup menu
the 'show flags' command displays all information about the structure members
faster arrows management
ida runs faster
KERNEL IMPROVEMENTS
new switch -o to specify the output database from the command line
WinCE: several IDS files were updated/added
FLAIR: plb supports wildcards in the file names
c parser: multiple byte character constants are supported
c parser: better handling of pointer modifiers; several bugs are fixed
ida looks for the referenced DLLs in the input file directory
it is possible to autoload a til file when a dll is referenced (see ids\idsnames)
vc6win.til is not loaded for pe files with subsystem==native (usually they are system drivers and they don't need vc6win.til)
the annoying "can't add structure member cx" message removed
the default loading address for all file types is 0 (this can be overridden by the file format)
ids files with '-' is idsnames do not prevent the kernel from using the corresponding dll from the system directory
IDC and SDK
IDC: GetFloat(), GetDouble() functions are added
IDC: GetOriginalByte() function is added
IDC: GetStringType() function
IDC: descriptions of NextHead, PrevHead, AskFile IDC functions are updated+ IDA environment variable is not required to build modules anymore
added comments about filling the op_t structure; fixed some typos in netnode.hpp
COLOR_INV is added
hidden plugins are supported: PLUGIN_HIDE flag is introduced
idaw choose() function respects the batch mode
negative buffer sizes are handled properly (str2user, user2str, pack_ds)
new function flag FUNC_BOTTOMBP. It means that the frame pointer is equal to the stack pointer in the function and it points to the bottom of the stack frame.
ph.flag PR_CHK_XREF: don't allow near xrefs between segments with different bases. This flag is used for IBM PC only.
read_ioport_device() function reports about configuration files with no devices
renamed FIXUP_PTR32->FIXUP_PTR16, FIXUP_PTR48->FIXUP_PTR32
the user-defined data supplied to linearray_t is documented in kernwin.hpp
up to 16 source files for plugins
setBreak() function is added
the processor extension callbacks are called for all instructions, not only when cmd.itype >= CUSTOM_CMD_ITYPE
find_ioport_bit() returns NULL is the bit name is NULL
rebase_program() is added. This function allows to shift the whole program in the memory. Since rebasing the program involves correcting the relocated bytes, the file loader takes part of the job. File loaders may have "move_segm" callback functions now.
now a good behaving procesor module handles the ph.move_segm event
numop2str(): output instruction operand with optional leading zeroes; is_lzero(),toggle_lzero() to modify the display of leading zeroes; inf.s_genflags introduced; atoa, b2a32, b2a64, b2_width function parameters has been changed
move_segm_start(), set_segm_start(), set_segm_end() may destroy the adjacent segment if necessary; ADDSEG_QUIET flas has been added
new type of segments: SEGM_DEBUG. Used in the debugger.
get_sourcefile() function prototype has been changed. Now it returns the range information.
hidden_area_t and functions to work with it are introduced
byteValue() function is renamed to _byteValue(); this function should not be used anymore if possible. The reason is that it works only with 8-bit processors and doesn't take into account possible debugger side-effects.
BUGFIXES
BUGFIX: MIPS R5900 madd/msub instructions were not disassembled
BUGFIX: C166: ida would create strange references if the first segment of the program was not loaded at the address 0; .end start would display garbage if there was no start address
BUGFIX: ARM switch jumps were recognizied only for R0BUGFIX: Intel HEX files could be loaded incorrectly
BUGFIX: MS DOS executables with the entry point at FFF0:0100 are loaded correctly
BUGFIX: Amiga: zero sized hunks caused problems
BUGFIX: COFF: skip .stab* debug information sections
BUGFIX: IDA would fail to load some invalid PE filesBUGFIX: "Create"/"Edit" (purged bytes)/"End of" function actions are now updated properly
BUGFIX: can now rename a register for one instruction
BUGFIX: can now rename everywhere (externs, ...)
BUGFIX: copy to clipboard from the list views could hang
BUGFIX: correct work on multiple monitor desktops
BUGFIX: cursor disappearing if using CTRL-TAB
BUGFIX: hints on local labels weren't always highlighted
BUGFIX: ida could crash if several standard enums were added without uncollapsing them
BUGFIX: ida would go to the top of the screen during analysis even if it was put to the bottom (z-order)
BUGFIX: if the messages window was minimized to invisibility, then the next start of ida would not display messages on the status bar.
BUGFIX: infinite scrolling enum window
BUGFIX: it is impossible to rename a register to another register name
BUGFIX: it is possible to open xrefs window even the current item has no xrefs
BUGFIX: it was impossible to use the function name at the function header to double click, jump to xrefs, etc. if the name contained undisplayable characters (ibm pc, mips, mc68k)
BUGFIX: navigation toolbar not updated once displaying after undock+hide
BUGFIX: opening a database without closing the current one could leave the names, functions, or strings window unopened even if they should have been opened for the new databases; this could also lead to a crash
BUGFIX: pressing the down arrow of the scrollbar now stops once no more lines
BUGFIX: the collect garbage flag would stay once set until ida exits
BUGFIX: the width of the ordinals field in the "jump to entry point" was 3 positions which was not enough to display big ordinals. made it 8.
BUGFIX: window98 resources were depleted fast
BUGFIX: "jump to the beginning" with home-home-home key was not working if used twice with "jump to address" in between
BUGFIX: after repeatedly closing/opening the structs/enums window the renaming of a struct/enum member could lead to an access violation
BUGFIX: no more "list index out of bounds" message if the number of columns in a chooser changedBUGFIX: type specification was printed incorrectly: int (*fnc1(void))[5];
BUGFIX: some borland thunk mangled names were not demangled
BUGFIX: truncated names from gnu compiler would cause problems during demangling
BUGFIX: verification of the new manual operand would fail for 32-bit operands if the old operand didn't have a segment register and the new one has
BUGFIX: unions were not displayed in the list of standard structures
BUGFIX: IDA was marking the return instructions of some functions as "unknown_libname"
BUGFIX: it was not possible to disable the plugin hotkey
BUGFIX: pcf was not detecting coff files properly
BUGFIX: autoload vc6win.til only for IBM PC PE filesBUGFIX: IDC function GetSegmentAttr() was broken
BUGFIX: refresh the screen after IDC scripts
BUGFIX: manual execution of VXD.IDC could hang ida
BUGFIX: qmakepath() could generate file names with several backslashes in them[upload=gif]UploadFile/200342313252418864.gif[/upload]
关键词: Disassembler v4.5.0.762 r
共5条
1/1 1 跳转至页