http://mostek.subcultural.com/IDA/ida2sice_407.rar (fixed )

Fixed major bugs:
- if function was hidden the nms file contained the address of the function when it should a segment offset.
- start offset of source file/s was not set correctly (recreation of files definition is needed).
- source file definition loop was not aware of multi segments creation from one file segment (recreation of files definition is needed).

Fixed minor bugs:
- if 'use project saving directory' was used the path window didn't get disabled some times.
- nms saving path was not retrieved correctly.
- some registry flags weren't check correctly.

Small update to n2t utility.

Ok now I hope the symbols will finally be attached as they should be.

Well enjoy.

Peace
Mostek

I took JMI's advise and searched for the "new" release version, but did not find a location for a download.

Regards,

Well, in the hopes of preventing others from pulling out all their hair and becoming an OBC, I'll mention a little caution for anyone wanting to recompile the I2s code. Thanks to Mostek for putting up with my emails over the past few weeks...

I wanted to recompile this under VC6++ and started with the example VCSAMPLE project in the IDA/SDK/PLUGINS directory, in order to use the default .dsp settings. I had no problems compiling the code but the nms file produced from the plugin was corrupted. Softice would either not load the symbol file or would flat out crash. I then tried Mostek's N2T utility which outputs the information from the nms file to text format and it too crashed. Tracing the utility and comparing "good" and "bad" nms files pointed to a stack error caused by faulty structure data alignment.

Finally I was able to determine that USHORT values in various structures were being interpreted as ULONG. Well, bang upside of the head with a blunt object, and I finally checked under the VC6++ compiler options (under Code Generation), that the Struct Member Alignment was set at the default of 8 bytes. It should be 2 bytes for this code!!

With other code this setting might not matter, you can have USHORT values defined in a structure yet use an 8 byte alignment. However, I2s uses the size of the struct as a variable input in some sections of code, so in this case it *does* matter.

For example, DATAS_LF_ARRAY contains some USHORT members and its size *must* be properly defined here for example:

//Update NMTP memory.
return NMTP_UpdateNMTPStruct( sizeof( DATAS_LF_ARRAY ) );


Once again, make sure that the compiler structure alignment is set at 2 bytes if you want to recompile this code.

Thanks once again to Mostek for the update, this version correctly handles driver symbol files.


Regrowing my hair...
Kayaker

Maybe just a notice here. If I'm not wrong IDA SDK needs 1 byte alignment for everything to work.

Peace
Mostek

In IDASDK\include dir, I found all .h and .hpp files declared with 1 byte struct alignment: #pragma pack(push, 1) at the beginning of file and #pragma pack(pop) at the end of file.

Maybe it wouldn't be a bad thing for me to define this things also.

Thanks man.

Peace
Mostek

Done.