IDA 7.3: Qt 5.6.3 configure options & patch

A handful of our users have already requested information regarding the Qt 5.6.3 build, that is shipped with IDA 7.3. Configure options Here are the options that were used to build the libraries on: Windows: …\5.6.3\configure.bat “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-opensource” “-force-debug-info” “-platform” “win32-msvc2015” “-opengl” “desktop” “-prefix” “C:/Qt/5.6.3-x64” Note that you will have to build with Visual […]

Hack of the day #2: Command-Line Interface helpers

The problem The “command-line input” (CLI), situated at the bottom of IDA’s window, is a very powerful tool to quickly execute commands in the language that is currently selected. Typically, that language will be Python, and one can use helpers such as idc.here() to retrieve the address of the cursor location. However, when some debuggers such as […]

Hack of the day #1: Decompiling selected functions

Intended audience IDA 7.2 users, who have experience with IDAPython and/or the decompiler. The problem As you may already know, the decompilers allow not only decompiling the current function (shortcut F5) but also all the functions in the database (shortcut Ctrl+F5). A somewhat less-well known feature of the “multiple” decompilation, is that if a range is selected (for example […]

IDA 7.2: Qt 5.6.3 configure options & patch

A handful of our users have already requested information regarding the Qt 5.6.3 build, that is shipped with IDA 7.2. Configure options Here are the options that were used to build the libraries on: Windows: …\5.6.3\configure.bat “-nomake” “tests” “-qtnamespace” “QT” “-confirm-license” “-accessibility” “-opensource” “-force-debug-info” “-platform” “win32-msvc2015” “-opengl” “desktop” “-prefix” “C:/Qt/5.6.3-x64” Note that you will have […]

Microcode in pictures

Since a picture is worth thousand words below are a few drawings for your perusal. Let us start at the top level, with the mbl_array_t class, which represents the entire microcode object: The above picture does not show the control flow graph. For that we use predecessor and successor lists: Pay attention to the block […]

IDAPython: wrappers are only wrappers

Intended audience IDAPython developers who enjoy the occasional headache, leaky abstraction enthousiasts, or simply the curious. TL;DR IDAPython wraps C++ types, and the lifecycle of C++ objects (and in particular members of larger objects) is not necessarily the same as that of the Python wrapper object that is wrapping it. The problem One of our users reported IDA crashes when […]