Log in

View Full Version : PVDasm v1.04

Bengaly
November 1st, 2003, 11:51
Heya Guys,

Here is a newer Release like i suggested
No Matter if you like it or not, please feel free to Speak whatever on your mind.

New Stuff (From ReadMe)

Quote:

* Debug Window is now Dock-able (Via ToolBar or Menu).

* Searching Withing the Disassembled code is no availble (be sure to check 'Match Case').

* XReferences is not supported, if an address is being Refferences from another,
ToolBar Control will be availble, or a message will be writetn in the DebugWindow.
Press Ctrl+Space, ToolBar Control or double click the Address to view XReferences to selected line,
The Window of xreferences will be opened accouring to your Mouse Pointer Position!,
idea came from the intellicase window, I kinda like it .

* HexEditor - AddIn Created for RadASM (By KetilO) Has Been 'Converted' By Me to,
be Used Inside VisualC++ (For VC Example Check: hxxp://radasm.visualassembler.com/projects/CustDemo.zip).
If AddIn Dll is not found in the AddIns\ Directory, you will not be able to access it via Proview (Run-Time).

* String Refferences & Import Refferences Dialogs has been Changed, now you can perform,
Better Search Within Them, and view 'more' Information rather than using a simple ListBox .

* Disasm Bugs Fixes (Those who has been reported.)

* Added Few More Seh Frames to avoid Crashes.

* CodePatcher - Added Inline code patcher with Assembly Preview (After Patch) in same window.
After Patch has been complete you can or not ReDisassemble your Project in order to see,
Changes, iv done it beccause i want to avoid MisData information when patching new bytes,
So better keep stuff linear insted of curved (PV is pretty fast to do ReDisassemble anyway hehe).
Access it by Double Click on Opcodes Culumn, ToolBar or Menu.

* Gui Fixes/Edits (also fixed the bug in the disassembly appearance for the background color)



Click on the www image of my profile to download latest PVDasm - Thnx

-Bengaly 2003
Polaris
November 1st, 2003, 13:24
Thanks mate, your project seems to grow really the right way! Keep working!
Bengaly
November 15th, 2003, 16:49
hi,

new stuff added, check it out.
here is the official page for PVDasm: hxxp://pvdasm.anticrack.de/
enjoy.
squidge
November 16th, 2003, 07:11
Seems to be coming on quite well, although sometimes EP is not shown as you regard it as being in the middle of an instruction, and the same with a lot of the calls, jmps in the program which are really perfectly valid - they just been disassembled wrong.

Maybe you need to adopt an IDA-style of disassembling, by running the code virtually to see what is code and what is data, and allowing the user to override?
Bengaly
November 16th, 2003, 12:19
hi squidge,

Yes i know his problem well,
thats why i added a 'force disasm' xx bytes before EP.
the default is to stop 1 instruction before the EP.
increasing this value will give a better result on invalid with 1 distance.
just to keep disasm bit aligned.
Bengaly
November 17th, 2003, 17:04
Quote:

Maybe you need to adopt an IDA-style of disassembling, by running the code virtually to see what is code and what is data, and allowing the user to override?


this is definately a problem arises.
coding a good&fast algorithm for code blocks isn't that easy.
1 way is jxx tracing and isn't very safe.
i am currently looking for some ideas, if u got some plz write it down,
mabye other members know some info.

for those who dunno what we talk about really, this will give ya the idea:

Quote:

The assembler fills in these gaps by some random (or irrelevant) value since these locations are never executed. The problem is that there is no way to distinguish data from gaps within instructions. If the normal process of disassembly is allowed to take its own course by treating these gaps as genuine code, the opcode alignment may be destroyed. Once misaligned, there is no way to recover and we may get unreliable disassembly. Thus it is absolutely essential to prevent the processing of such gaps. We do this by identifying the basic blocks in the code section. Each basic block constitutes a valid address range in the .text section. This is achieved by making one extra pass of code analysis on the .text section. Thus our disassembler is a two pass disassembler.