Hex Rays
Hex Rays Blog —  State of the art code analysis

Double renaming

Quite often I have to revise old code in IDA Pro. Given its age, it happens almost every time a new feature is added (two exceptions: the bTree and the virtual memory manager are basically the same as about 17 years ago).

One usual approach to is to use grep to find all references to the function or variable of interest and verify the code surrounding each occurrence. While this approach gives very good results, I prefer to not use it. If for some reason I get distracted and forget to revise a couple of locations, a new bug might be added to previously correct code.
There is another technique I use for such code revisions. I temporarily rename the revised object to a new name. For example, I add an underscore to it.
After that I launch make and get a long list of error messages from the compiler. Each location must be revised and corrected before the application can be built. Even if I get interrupted and have to continue tomorrow (or take my vacations), no single occurrence will be missed.
The tedious part of the method is the second renaming: now I revert to the original name and remove the underscores from the code. Sometimes I automate it with the editor’s search/replace command but, however, it is better to be prudent and not to surrender to the temptation of replacing everything at once.
This technique is excellent for global code revisions. There are some limitations, though: it won’t work for virtual or overloaded functions. Maybe this is the reason why you will find so few of them in IDA 🙂

Go to top of page