Exetools - Hex-Rays and virtual functions

Exetools (https://forum.exetools.com/index.php)

- General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)

- - Hex-Rays and virtual functions (https://forum.exetools.com/showthread.php?t=11314)

jonwil

12-03-2007 23:15

Hex-Rays and virtual functions

Does anyone know the magic you have to do to get virtual functions to work in Hex-Rays, i.e. where it recognizes it as a call to abc->def(xyz) instead of something like return (*(int (__stdcall **)(signed int, signed int))(v3 + 56))(3, 1);

Git	12-04-2007 01:41

As a start I would think you would have to define a struct for the class and choose the function as the struct offset for the 'n' in call(eax + n). These are the sort of things you would expect to be in the manual if you had paid £'0000s for it.

Anybody know what __SETO__ is ?

Git

jonwil

12-04-2007 06:27

Actually, there is a manual (or something resembling one) here:
http://www.hex-rays.com/manual/

upb	12-04-2007 09:09

it works like in normal ida without hexrays, you define the vtable for each class as a struct and then define the class itself (as struct) so that the first member of it is a pointer to the vtable struct. Then define each instance of that class as pointer to class struct.

And as ReWolf mentioned to me there is a way in IDA 5.2 to define struct members as pointers to functions _with function signature_.

NeOXOeN

12-04-2007 23:01

i have one simple question did anyone make patch for Hex-Rays splash screen alwasy opening up when you start IDA maybe??
its quite annoying alwasy pressing yes..

i didnt have time to do it myself yet :P

_Sigma

12-05-2007 00:44

There is a little check box in the lower left. Uncheck (or check I don't remember) it.

aliali

12-05-2007 01:06

1 Attachment(s)

Quote:

Originally Posted by NeOXOeN

See the picture ;)

All times are GMT +8. The time now is 15:04.