void make_vtbl_entry(ea_t ea)
{
ea_t ref;
do_unknown_range(ea, sizeof(ea), false);
#ifdef __EA64__
doQwrd(ea, sizeof(ea));
ref = get_long(ea);
#else
doDwrd(ea, sizeof(ea));
ref = get_qword(ea);
#endif /* __EA64__ */
do_dref(ea, ref);
}
//--------------------------------------------------------------------------
ea_t getPtr(ea_t ea)
{
return ptrSz == 4 ? get_long(ea) : get_qword(ea);
}
static AVP_dword DATA_PARAM ReadPropertyItem( Serialize* sz, AVP_byte type, void* val ) {
AVP_word size;
AVP_byte tmp;
AVP_Bin_Item* v;
switch( type ) {
case avpt_nothing : return 1;
// Byte-sized types
case avpt_char :
case avpt_byte :
case avpt_group : return get_byte(sz, (AVP_byte *) val);
case avpt_bool :
size = (AVP_word)get_byte( sz, &tmp);
*(AVP_bool *)val = tmp;
return size;
// Word-sized types
case avpt_wchar :
case avpt_short :
case avpt_word : return get_word(sz, (AVP_word *) val);
// Dword-sized types
case avpt_long :
case avpt_dword :
case avpt_int :
case avpt_uint : return get_dword( sz, (AVP_dword*)val );
// QWord-sized types
case avpt_qword :
case avpt_longlong: return get_qword( sz, (AVP_qword*)val );
// size_t-sized types
case avpt_size_t : return get_size_t( sz, (AVP_size_t*)val );
// Custom structures
case avpt_date : return get_date(sz, (AVP_date *)val);
case avpt_time : return get_time(sz, (AVP_time *)val);
case avpt_datetime: return get_datetime(sz, (AVP_datetime *) val);
// String
case avpt_str :
if ( get_word( sz, &size) == sizeof(size) ) {
if ( size != USHRT_MAX ) {
AVP_char * ptr = allocator( size + sizeof(AVP_char) );
_ASSERT( ptr );
*(AVP_char **)val = ptr;
if ( get_bytes(sz,ptr,size) == size ) {
ptr[size] = 0;
return sizeof(size) + size;
}
else {
ptr[0] = 0;
return 0;
}
}
else
return sizeof(size);
}
else
return 0;
// Windows unicode string
case avpt_wstr :
if ( get_word( sz, &size) == sizeof(size) ) {
if ( size != USHRT_MAX ) {
AVP_wchar * ptr = allocator( size + sizeof(AVP_wchar) );
_ASSERT( ptr );
*(AVP_wchar **)val = ptr;
if ( get_bytes(sz,ptr,size) == size ) {
ptr[size/sizeof(AVP_wchar)] = 0;
convert_wchar_string ((wchar_t*) ptr);
return sizeof(size) + size;
}
else {
ptr[0] = 0;
return 0;
}
}
else
return sizeof(size);
}
else
return 0;
case avpt_bin :
v = val;
v->size = 0;
if ( get_word( sz, &size) == sizeof(size) )
{
v->size = size;
if ( v->size ) {
v->data = allocator( v->size );
_ASSERT( v->data );
}
else
v->data = 0;
if ( !v->size || (get_bytes(sz,v->data,v->size) == v->size) )
return sizeof(v->size) + v->size;
else
return 0;
}
else
return 0;
default :
_RPT0( _CRT_ASSERT, "Bad property type" );
return 0;
}
return size ? size + sizeof(AVP_Property) : 0;
}
void __stdcall out( void )
{
char buf[MAXSTR];
init_output_buffer(buf, sizeof(buf));
OutMnem();
if (cmd.Op1.type != o_void)
{
// output first operand
out_one_operand( 0 );
}
if( cmd.Op2.type != o_void )
{
//pading
out_symbol( ',' );
OutChar( ' ' );
// output second operand
out_one_operand( 1 );
}
if( cmd.Op3.type != o_void )
{
//pading
out_symbol( ',' );
OutChar( ' ' );
// output third operand
out_one_operand( 2 );
}
if( cmd.Op4.type != o_void )
{
//pading
out_symbol( ',' );
OutChar( ' ' );
// output fourth operand
out_one_operand( 3 );
}
if( cmd.Op5.type != o_void )
{
//pading
out_symbol( ',' );
OutChar( ' ' );
// output fifth operand
out_one_operand( 4 );
}
if( cmd.Op6.type != o_void )
{
//pading
out_symbol( ',' );
OutChar( ' ' );
// output sixth operand
out_one_operand( 5 );
}
//more processing due to instructions
//having more than 6 operands
op_t op;
op.flags = OF_SHOW;
switch(cmd.insnpref)
{
case SWFACTION_PUSH:
{
uint16 length = get_word(cmd.ea + 1) + 3;
uint16 p = cmd.auxpref;
uint8 error = 0;
while((length - p) > 0 && error == 0)
{
switch(get_byte(cmd.ea + p++))
{
case 0: //string
op.type = o_string;
op.dtyp = dt_string;
op.addr = cmd.ea + p;
//increment the pointer past the string
while((length - p) > 0 && get_byte(cmd.ea + p)){ p++; }
if ((length - p) > 0)
{
p++; //adjust for the null caracter
}
else
{
error = 1;
}
break;
case 1: //float
op.type = o_imm;
//op.dtyp = dt_float;
op.dtyp = dt_dword;
if ((length - p) >= 4)
{
op.value = get_long(cmd.ea + p);
p += 4;
}
else
{
error = 1;
}
break;
case 2: //null
op.type = o_null;
op.dtyp = dt_void;
break;
case 3: //undefined
op.type = o_undefined;
op.dtyp = dt_void;
break;
case 4: //register
op.type = o_reg;
op.dtyp = dt_byte;
if ((length - p) >= 1)
{
op.reg = get_byte(cmd.ea + p++);
}
else
{
error = 1;
}
break;
case 5: //bool
op.type = o_bool;
op.dtyp = dt_byte;
if ((length - p) >= 1)
{
op.value = get_byte(cmd.ea + p++);
}
else
{
error = 1;
}
break;
case 6: //double
op.type = o_imm;
op.dtyp = dt_double;
if ((length - p) >= 8)
{
double d = (double)(get_qword(cmd.ea + p));
op.value = d;
p += 8;
}
else
{
error = 1;
}
break;
case 7: //integer
op.type = o_imm;
op.dtyp = dt_dword;
if ((length - p) >= 4)
{
op.value = get_long(cmd.ea + p);
p += 4;
}
else
{
error = 1;
}
break;
case 8: //constant 8
op.type = o_const;
op.dtyp = dt_byte;
if ((length - p) >= 1)
{
op.value = get_byte(cmd.ea + p++);
}
else
{
error = 1;
}
break;
case 9: //constant 16
op.type = o_const;
op.dtyp = dt_word;
if ((length - p) >= 2)
{
op.value = get_word(cmd.ea + p);
p += 2;
}
else
{
error = 1;
}
default: //unknown type, will not search for more items if this happens
error = 1;
} //switch
if (error == 0)
{
//pading
out_symbol( ',' );
OutChar( ' ' );
// output extra operand
outop(op);
}
} //while
} //case
break;
case SWFACTION_TRY:
//ToDo
break;
case SWFACTION_DEFINEFUNCTION:
// Todo: highlight somehow the function body
// this must be written some other place because
// every time IDA rephreshes the view a duplicate line appears. :(
//describe(cmd.ea + cmd.size, true, "%s {", cmd.segpref ? (char*)cmd.Op1.addr : "<anonymous>");
//describe(cmd.ea + cmd.size + get_word(cmd.ea + cmd.size - 2), true, " }");
break;
default:;
}
term_output_buffer();
// attach a possible user-defined comment to this instruction
gl_comm = 1;
MakeLine( buf );
//multiline instruction printing
switch (cmd.insnpref)
{
case SWFACTION_CONSTANTPOOL:
{
uint16 length = get_word(cmd.ea + 1);
uint8 c = 0,
count = 0;
if(cmd.Op1.value == 0)
break;
//limit printed lines to 499
//IDA does not suport more than 500 per item
if (cmd.Op1.value > 498)
{
cmd.Op1.value = 498;
msg ("\nWarning: CONSTANTPOOL instruction ar %X has more that 498 declared constants!\n", cmd.ea);
}
char line[MAXSTR], buf[MAXSTR];
init_output_buffer(line, sizeof(line));
OutChar( ' ' );
out_char('0', COLOR_NUMBER);
out_line(": \"",COLOR_SYMBOL);
for (uint16 i = 2; i < length; i++)
{
c = get_byte(cmd.ea + i + 3);
if (c == 0)
{
if (count++ < (cmd.Op1.value - 1))
{
out_line("\"", COLOR_SYMBOL);
//terminate buffer for current constant
//and print it
term_output_buffer(); MakeLine(line);
//initialize buffer for next constant
init_output_buffer(line, sizeof(line));
OutChar( ' ' );
qsnprintf(buf, MAXSTR, "%d", count);
out_line(buf, COLOR_NUMBER);
out_line(": \"", COLOR_SYMBOL);
}
else
break;
}
else
{
if (is_printable(c))
out_char(c, COLOR_CHAR);
else
{
qsnprintf(buf, MAXSTR, "\\x%02X", c);
out_line(buf, COLOR_STRING);
}
}//else
}//for
out_char('"',COLOR_SYMBOL);
//terminate buffer for last constant
//and print it
term_output_buffer(); MakeLine(line);
}
break;
}
}