Welcome to IDA 8.2!

IDA 8.2 Highlights

32-bit support in IDA64

As another step towards sunsetting 32-bit IDA which we started with 8.1, 32-bit debugging and decompilation is now possible in IDA64. For decompilation, you need to have a corresponding 32-bit decompiler license. IDA Home and IDA Free now also support decompilation of 32-bit binaries using the cloud decompiler.

Processor module improvements

• Xtensa module has been extensively reworked with the addition of various optional and macro instructions (number of supported instructions almost tripled) Most common switch patterns are recognized and marked up.

Stack variables are now tracked and created in functions.

• RISC-V module can now disassemble vector extension instructions.

Swift

Metadata structures generated by the Swift compiler are parsed, fomatted and labeled. Some of the simple types which can be represented in IDA are imported into Local Types.

t

picture_search

A new plugin which can search for and display images(pictures) embedded in the current binary.

UI candy

CSS-based IDA themes now support background images in many of IDA's views

Full list of changes and new features:

IDA Teams and Lumina

• lumina: added support for recent MySQL versions which default to TLS connection
• teams: the password for Vault is now saved securely in the OS-specific keychain
• vault/lumina: allow any local MAC address to match the one specified in .lic file

Procesor modules

• XTENSA: added support for many additional instructions, registers, stack variables (thanks to Zak Escano)
• XTENSA: added support for many standard switch patterns (thanks to Zak Escano)
• XTENSA: detect used ABI (CALL0 or windowed)
• RISC-V: added support for vector extension instructions
• TRICORE: decode FTOHP and HPTOF instructions from TC1.6.2

File formats

• macho: added USE_SEG_PREFIXES option to macho.cfg, which instructs IDA to use the Mach-O segment name as a prefix for IDA segment names, e.g. "__TEXT:__text"

FLIRT / TILS / IDS

• FLIRT: added signatures for vc1434 (Visual Studio 16.11)
• FLIRT: added MFC signatures for vc1434 (Visual Studio 16.11)
• FLIRT: added signatures for icl 222 (Intel C++ 2021.2)
• FLIRT: added signatures for icl 2221 (Intel C++ 2021.2.1)
• TIL: added a type library for Aarch64 (ARM64) UEFI 2.5
• idaclang: added "--idaclang-mangle-format" switch. it works similarly to the -G option for tilib when the user wants to set a custom name mangling format

Standard plugins

• PDB: on Windows, enabled fallback mode by default so that MSDIA is used to load legacy PDB files
• picture_search: new plugin for finding and displaying raster images embedded in the binary
• svdimport: added support for cluster, derivedFrom and dim/dimIncrement peripheral attributes
• svdimport: use a folder-based tree for the plugin's UI
• swift: parse and format Swift metadata
• swift: import simple types (enums, structs) into Local Types

Kernel

• kernel: added a new flag REFINFO_SELFREF for offsets (base is equal to the address of the current element)

Scripting & SDK

• IDAPython: expose the C++ SDK's processor_t (as ida_idp._processor_t)
• SDK: added capture_process_output() to capture output of an external program;
• SDK: added support for lazy-loaded dirtree choosers. CH2_LAZY_LOADED flag can be used with dirtree-based choosers to load contents of a directory when it's expanded.
• SDK: deprecated qerrcode() (errno can be accessed directly instead)

UI

• UI: added an easy way to take memory snapshot of current segment
• UI: improved highlighting of matching registers on platforms which use various prefixes (e.g. @r1)
• UI: in the disassembly, addresses in the line prefixes of structure or array members now increase with those members' offsets.
• UI: it is now possible to attribute an image as background to the listings (IDA View, Pseudocode, ...) using CSS in themes
• UI: jumping to an address in the middle of a struct or an array now positions cursor on the correct line of the disassembly listing
• UI: the "Wait" dialog now only shows after a certain timeout (thereby reducing the number of interfering popping dialogs)

Decompilers

• decompiler: added an action to jump to a new pseudocode windows with 'alt+enter' shortcut
• decompiler: enabled decompiling of 32-bit files in IDA64 if a corresponding 32-bit decompiler license is available

Bugfixes

• BUGFIX: arm: "set callee" (Alt-F11) failed to create cross-references for BLR instructions
• BUGFIX: alpha: 'lda' instructions could cause wrong sized stack variables to be created
• BUGFIX: DWARF: Debug information present in .dwz companion files (pointed to by .gnu_debugaltlink) would be skipped when the link is absolute
• BUGFIX: FLAIR: The pelf utility could crash when used with incorrect 'pelf.rtb' files
• BUGFIX: IDA could crash if an array typedef was replaced by a structure of the same size
• BUGFIX: IDA could fail to detect dyld (and any loaded modules) after attaching to a process on macOS 13.
• BUGFIX: IDA could fail to parse Objective-C method data during debugging.
• BUGFIX: IDAPython: cfunc_t.arguments array could have function arguments in wrong order
• BUGFIX: IDAPython: documentation for ida_kernwin.Choose callbacks was missing
• BUGFIX: IDAPython: get_reg_vals() was not usable
• BUGFIX: IDAPython: using values in the range [128,255) as 'tag' for ida_netnode functions, would fail
• BUGFIX: ios_deploy "symbols" phase would fail on iOS 14-16.
• BUGFIX: lumina: private lumina server could fail starting with certain MySQL setups, due to case sensitivity in INFORMATION_SCHEMA.COLUMNS fields
• BUGFIX: PC: callee target was not printed for some call instructions
• BUGFIX: svdimport: fixed problem with odd (+1) start addresses in segments
• BUGFIX: ui/qt: IDA could crash when passed the wrong widget to ida_kernwin.get_highlight()
• BUGFIX: ui: "size" expressions in 'Structure offset' context menu differed from 'T' hotkey
• BUGFIX: ui: exporting data from hex view with non-default item width could produce wrong output
• BUGFIX: UI: IDA on Windows would hang if the accessibilty option "Use text cursor indicator" was enabled
• BUGFIX: ui: improvements for accessibility under Windows for "Text Cursor Indicator" on "Output" widget
• BUGFIX: vault: 'hv purge' command was not usable
• BUGFIX: xtensa: write acccesses for stack variables were not shown properly