Hi there...

I am just making my first steps into IDA Plugin development, and I am already stuck
I am just trying to do the following: given a line of disasm like

...
loc_401235:
mov eax, ebx
...
I would like to have access to the string representation of all the line components (label, instruction, op1,op2).
While for retrieving names there's no problem (by using the GetName function) for retrieving ins and operands I am having no luck. I tried to use the fields of the insn_t built-in IDA type like
msg("Instruction code is %i",current.itype);
but the results are not correct. For 2 pushes I get 2 different values!
The same applies with the op_t field type.

Any help?

Can you please explain a little better what exactly you want to do?

A test for you to do:
Make simple assembly program:

push eax
push ebx
call RetRightAway
exitProcess

And check it's binary values in Hiew.
Now check what you get in return to cmd->itype,cmd->size, cmd->ea,...


Check the info you get against the binary values in Hiew.
Just for a notice:
Be carefull as cmd->itype is instruction code of IDA representatives (ins.hpp ->if I understood corectly) and not the right binary code.


2nd:
For op_t check if offb and offo values have the right offset to command start->it could happen that you are not at the right address or some register in IDA is not at the right address??? You never know.

Check also op_t->type if you got the right type,....


Report what you'll find.


Just a small idea(it helped me many times)->if you can't get the reason why the things aren't right reverse
IDA.wll check in sice what values does idaImport procedure get ->...F8s...->you'll soon discover what is wrong.

Peace
Mostek

Hi there Mostek!

thanks for your help! I resolved my problem by using the two functions:

idaman int ida_export ua_outop(ulong ea,char *buf,int n);
idaman const char *ida_export ua_mnem(ea_t ea, char *buf, size_t bufsize);

that return the string representation of instruction & operands.
It took only some "careful" reading of hpp files

Does anybody know how to debug IDA Pro plugins? I am using VC6.0 sample skeleton.

I tried the classical way:
Shift-F5 in VC++ (Start Debug)
Locate IDA main executable (idag.exe)
Load an old database
Execute Plugin
The Plugin runs, causes an error and the VC debugger don't even break!!!

Any help? Mostek?

I use over lovely SoftIce.

Build a bat file that converts and loads the nms file to Sice after successful build (check post linking commands).
(Well it copies the file to IDA plugIn dir also.)

That is it.
bpx and here you go.

Peace
Mostek

Again ... Thanks!

I really don't know why I wanted to use the VC debugger even if I had SoftICE... Maybe Microsoft is injecting into my little brain !