View Single Post
Old 09-22-2014, 21:23
Git's Avatar
Git Git is offline
Old Git
Join Date: Mar 2002
Location: Torino
Posts: 1,104
Rept. Given: 221
Rept. Rcvd 265 Times in 157 Posts
Thanks Given: 100
Thanks Rcvd at 218 Times in 124 Posts
Git Reputation: 200-299 Git Reputation: 200-299 Git Reputation: 200-299
Well, you finally gave me the push I needed to dabble in python scripts for the first time. I ended up with this :

from idaapi import *

ea = get_screen_ea()
seg = getseg(ea)
i = 0
while == 0xff00003e :
  adr = find_not_func(0, SEARCH_DOWN)
  jumpto(adr, -1, 0x0001)
  add_func(adr, BADADDR)
  i = i + 1
print "Finished, %d funcs created" % i
I had a disassembly with a lot of unconverted funcs. I knew there would be side effects doing it with a script but it seemed to have worked. As you can see, looping while in a specific segment (code) is a complete bodge. I couldn't find any form of == "CODE" or ".text" etc, or seg.type that it liked, except for the direct indetifier which is, I think, specific to an app?.

Next ones to tackle are

1) all those damned case/switch tables IDA leaves outside the func so it then gives each case address a global name. Really is one of my pet hates.

2) why can't it convert a huge pile of UNICODE strings to actual strings instead of leaving each one mis-identified as a table of offsets, which in turn put a load of nonsense address labels all over the place, often in code and quite often splitting an asm statement

How do other people deal with those last 2 problems?

Reply With Quote
The Following User Gave Reputation+1 to Git For This Useful Post:
Storm Shadow (09-23-2014)