|
|
|
|
#1
12-03-2007, 23:15
|
|||
|
|||
|
Hex-Rays and virtual functions
Does anyone know the magic you have to do to get virtual functions to work in Hex-Rays, i.e. where it recognizes it as a call to abc->def(xyz) instead of something like return (*(int (__stdcall **)(signed int, signed int))(v3 + 56))(3, 1);
|
|
#2
12-04-2007, 01:41
|
||||
|
||||
|
As a start I would think you would have to define a struct for the class and choose the function as the struct offset for the 'n' in call(eax + n). These are the sort of things you would expect to be in the manual if you had paid £'0000s for it.
Anybody know what __SETO__ is ? Git
|
|
#4
12-04-2007, 09:09
|
||||
|
||||
|
it works like in normal ida without hexrays, you define the vtable for each class as a struct and then define the class itself (as struct) so that the first member of it is a pointer to the vtable struct. Then define each instance of that class as pointer to class struct.
And as ReWolf mentioned to me there is a way in IDA 5.2 to define struct members as pointers to functions _with function signature_.
|
|
#5
12-04-2007, 23:01
|
|||
|
|||
|
i have one simple question did anyone make patch for Hex-Rays splash screen alwasy opening up when you start IDA maybe??
its quite annoying alwasy pressing yes.. i didnt have time to do it myself yet :P
|
|
#6
12-05-2007, 01:06
|
|||
|
|||
|
Quote:
Last edited by aliali; 12-05-2007 at 01:16.
|
|
#7
12-05-2007, 00:44
|
|||
|
|||
|
There is a little check box in the lower left. Uncheck (or check I don't remember) it.
|
 |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Timer Functions | bedrock | General Discussion | 9 | 05-24-2005 23:09 |
| where are second level dll functions | raygun | General Discussion | 2 | 01-24-2005 05:56 |
| Functions within a Dll | SOLAR | General Discussion | 7 | 08-27-2004 21:00 |
Hybrid Mode
