News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: IDA : naming fields  (Read 2651 times)

tryphon

  • Hero Member
  • *****
  • Posts: 722
    • View Profile
IDA : naming fields
« on: July 10, 2014, 12:12:34 pm »
Hi,

I use a lot IDA for 68000 disassembling (Megadrive hacking) and I encounter regularly this (the example if fictive) :

from a certain RAM adress (say 0xFF0000), you find some C-style structs of, say, 128 bytes, each corresponding to one moving object (playable or non-playable characters in a RPG, or ennemies in an action game, or whatever), and for each 128-byte entry, data is sorted the same way, let's say :
* offset 00 : word, x coord
* offset 02 : word, y coord
* offset 04 : long, pointer to the moving routine
* etc.

So, in the code, you'll find sequence such as :

Code: [Select]
  move    #nbr_of_objects, d6
  lea     0xFF0000, a0
next:
  jsr     check_one_object
  lea     0x80(a0), a0 ; offset to next_entry
  dbra    d6, next

and elsewhere :

Code: [Select]
check_one_object:
  move.w  0(a0), d0
  move.w  2(a0), d1
; do something with coordinates
  move.l  4(a0), a2
  jsr     (a2) ; execute moving routine
; etc.

So my question :

Is there a way to show, in the disassembled output (in the comments for example), that :
*v0(a0) refers to the x coordinate
* 2(a0) to the y coordinate
* etc.
?



henke37

  • Hero Member
  • *****
  • Posts: 643
    • View Profile
Re: IDA : naming fields
« Reply #1 on: July 10, 2014, 03:51:07 pm »
Sure is! Open the structures window and create the structure definition there. You can then use it when assigning a data type to something in the disassembly. You can even mark arrays of the struct (better get the struct length right).

tryphon

  • Hero Member
  • *****
  • Posts: 722
    • View Profile
Re: IDA : naming fields
« Reply #2 on: July 10, 2014, 05:34:51 pm »
Thanks, it helps a lot!  :beer:

Sorry to ask for more, but for the moment I have to manually select struct-representation for each line of the form 'xxx(a0)'.

Is there a way to force this for all line, say from the current cursor to the next 'rts' (or better, the end of the current routine, IDA doing a decent job in identifying start and end of routines) ?

henke37

  • Hero Member
  • *****
  • Posts: 643
    • View Profile
Re: IDA : naming fields
« Reply #3 on: July 11, 2014, 06:33:32 am »
As I said, you can mark it as an array. This requires you to know the length of the array. In my experience IDA has been crap at guessing array lengths.

MarkGrass

  • Jr. Member
  • **
  • Posts: 65
    • View Profile
Re: IDA : naming fields
« Reply #4 on: July 11, 2014, 02:35:49 pm »
As I said, you can mark it as an array. This requires you to know the length of the array. In my experience IDA has been crap at guessing array lengths.

Yup, I'll second this.

Also, be on the lookout for allocation size - IDA can be crap with that, as well. Often, you may have to add padding/unused data for structs and such. Trust me when I say that this may save a lot of time.

Ti_

  • Jr. Member
  • **
  • Posts: 39
    • View Profile
Re: IDA : naming fields
« Reply #5 on: July 11, 2014, 03:08:06 pm »
You can create structures(arrays) and  enums .
here's example of my dune2 disasm:

Code: [Select]
cmpi.b #harvester,unit.type(a2)
bne.s loc_4888A
move.w unit.w_target_index(a2),building.angle(a3) ; spice cnt?

loc_4888A: ; ...
move.b unit.house(a2),d0
ext.w d0
move.w d0,(sp)
move.b building.house(a3),d0
ext.w d0
move.w d0,-(sp)
jsr house_test_enemies ; Џа®ўҐаЄ  ¤®¬  б®о§­ЁЄ Ё«Ё Їа®вЁў­ЄЁЄ
addq.l #2,sp
tst.w d0
beq.w vs_enemy_build
moveq #0,d0
move.w build_cfg.flags(a4),d0
btst #can_recieve_airdrop,d0
beq.s loc_488BA
move.w #Ready,(sp)
bra.s loc_488BE
; ---------------------------------------------------------------------------

loc_488BA: ; ...
move.w #Busy,(sp)

loc_488BE: ; ...
move.l a3,-(sp)
jsr building_set_state ; state.w, build_adress.l
addq.l #4,sp
cmpi.b #repair,building.type(a3)
bne.s loc_4893E
lea (unit_types).l,a4
move.b unit.type(a2),d0
ext.w d0
lsl.w #2,d0
movea.l (a4,d0.w),a4
move.w unit_cfg.life(a4),d0
ext.l d0
move.w unit.life(a2),d2

unit.life(ax) , unit.type(ax)  - vars of unit structure
#harvester -  enum (with different unit ids) , also you can make it bitsfield.

First you create structures and enums,  after that when right-click on any code, there will be  'strutruce offset'  and 'symbolic constant' selection (if 2 or more structures/enums created).




tryphon

  • Hero Member
  • *****
  • Posts: 722
    • View Profile
Re: IDA : naming fields
« Reply #6 on: July 13, 2014, 05:48:35 am »
Thanks a lot!