- UID
- 2198
注册时间2005-6-29
阅读权限255
最后登录1970-1-1
副坛主
该用户从未签到
|
|
Highlights Welcome to IDA 7.4! We are happy to announce that the new version of IDA is available! Complete changelist- Processor Modules
- + 68K: allow using special labels A5BASE and A4BASE for a5- and a4-relative addressing in any file format, not just Palm PRC
- + ARM: add PLDW A32/T32 instruction
- + ARM: add support for A32 and T32 instructions from ARMv8 Cryptographic Extension
- + ARM: implemented ARMv8 FPU instructions for AArch32 state (floating-point conditional select etc.)
- + ARM: implement ARMv8 SIMD instructions for AArch32
- + ARM: ARMv8.1 AArch32 rdma extension support (VQRDMLAH/VQRDMLSH)
- + ARM: assume that BRK stops execution on iOS
- + ARM: support for new A64 switch variation from iOS 13
- + ARM: support AArch64 ILP32 files (A64 code in ELF32 container)
- + PC: added option that controls recognition of thunk functions
- + PPC: added support for Power ISA Version 3.0 B
- + PPC: support switches that use e_slwi instruction
- + PPC: support switches that use 'lr' register instead of 'ctr' for branching
- + S390: new processor module for the IBM S/390 and z/Architecture processors (only ELF format is supported for now)
- + M16C/80: new processor family from the Renesas M16C series
- + R32C: new processor family from the Renesas M16C series
- File Formats
- + ELF: added basic support for MSP430 files (no handling of e_flags, no relocations)
- + PDB: automatically fallback to MSDIA for old MSF 2.0 PDB files (Windows only)
- + Amiga: load hunk files to 0x10000 by default since area around 0 is used by the OS
- + MACHO: mark sections of the __DATA_CONST segment as read-only
- Debugger
- + DEBUGGER: added support for Motorola 68K processors
- + DEBUGGER: added support for Renesas RH850 processors
- + DEBUGGER: added support for Tricore processors
- + DEBUGGER: GDB: added support for Lauterbach's TRACE32 simulator
- + DEBUGGER: iOS: added support for iPadOS 13
- Kernel/Misc
- + kernel: improved data coagulation
- + kernel: improved function recognition
- + kernel: producing HTML will now put the colors in CSS classes rather than hardcoding them for each element
- + kernel: the function with a tail cannot be a thunk function
- + kernel: use NaN, +Inf or -Inf for floating-point numbers
- + kernel: use regular expressions to beautify the IDA names (e.g. STL template names). See cfg/goodname.cfg for details
- + kernel: added new ABI bit ABI_HUGEARG_ALIGN: use natural type alignment for an argument even if its alignment exceeds double native word size
- + FLAIR: PCF: support more TMS320C55 COFF relocations
- + FLAIR: removed support for parsing omf166 files
- + FLIRT: Added signatures for vc1422, vc1423 (Visual Studio 2019.2, 2019.3)
- + FLIRT: Added MFC signatures for vc1422,vc1423 (Visual Studio 2019.2, 2019.3)
- User Interface
- + ui/qt: added "Clone" command to the "Execute script" widget
- + ui/qt: added get_custom_viewer_location() to retrieve locations that are suitable to be used with custom_viewer_jump()
- + ui/qt: added user-contributed 'darcula' theme
- + ui/qt: mouse Ctrl+clicking in the navigation band will cause IDA to add an entry to the navigation history
- + ui/qt: mouse Shift+clicking in the navigation band will cause IDA to select text in the disassembly listing
- + ui/qt: pressing <Alt+Enter> in choosers with addresses will jump to that address in a new disassembly view
- + ui/qt: refactored both the "Edit", and the context menu for setting custom data types and formats
- + ui/qt: the 'Colors' dialog now provides an "Apply" button, making it easier to see the real impact of changes on the application's widgets
- + ui/qt: Local Types editor now shows sizes and offsets of structure and its fields during editing
- + ui: by default do not ask for a confirmation of actions which can be easily reverted by Undo, e.g. ('detach function tail', 'Undefine' and 'Set function end').
- + ui: log "Don't display this message again" messages into the Output Window
- Scripts & SDK
- + IDAPython: added support for Python 3.x (default is still 2.7)
- + IDAPython: Python script and plugin samples are now shipped with IDA in "python/examples" subdirectory
- + IDAPython: added an example how to use show_wait_box()/hide_wait_box()
- + IDAPython: exposed place_t::serialize() & place_t::deserialize()
- + IDAPython: the IDA < 7.0 compatibility layer is now turned off by default; please see here for more information
- SDK: added HIF_NOCASE to set_highlight() for programmatically setting a case-insensitive highlight.
- Decompilers
- + hexrays: added 'show global xrefs'; it works for struct and enum members
- + hexrays: added support for highlighting matching parentheses pairs
- + hexrays: added shortcut "%" to jump to the matching parenthesis or (curly/square) bracket in the pseudocode window
- + hexrays: added config var COLLAPSE_LVARS to collapse local variables declarations by default
- + hexrays: added support for the "format" attribute when parsing ellipsis args for called functions
- + hexrays: added support for _m_prefetch, _m_prefetchw intrinsics
- + hexrays: added support for the _InterlockedCompareExchange64 intrinsic
- + hexrays: added support for more software floating-point helpers (floatdidf etc.)
- + hexrays: try to automatically convert numbers to symbolic constants in expressions involving enum types
- + hexrays: better removal of the references to __security cookie
- + hexrays: create arrays more agressively using heuristic rules
- + hexrays: now we try to rename the variables that receive the return value of GetProcAddress
- + hexrays: decompiler may automatically create variable mapping in simple cases (e.g. for copies of input arguments)
- + hexrays: sdk: added DECOMP_ALL_BLKS to include unreachable blocks in the microcode
- + hexrays: sdk: added modify_user_lvar_info()
- + hexrays: stop hiding read accesses to fs:0
- + hexrays: user may enter pointer shift delta in "Convert to struct *..." action to prepare the shifted pointer
- + hexrays: x86: int 3/__debugbreak() now only stops execution flow in case it happens in disassembly (controlled by the "Analyze int 3 instructions" processor-specific options)
- BUGFIXES
- BUGFIX: 6816: IDA could crash when opening saved IDBs for the 6816 processor (and potentially some others)
- BUGFIX: ARC: function arguments initialized in delay slots were not commented properly
- BUGFIX: ARM64: in some cases invalid instructions could be erroneously decoded as SMOV/UMOV
- BUGFIX: ARM: analysis could loop endlessly if a location could be interpreted as both an offset and an OWORD. This was common in iOS 13.1 kernelcaches.
- BUGFIX: ARM: registers S0-S31 could not be used in __usercall function prototypes
- BUGFIX: EBC: IDA could fail to disassemble some EBC instructions
- BUGFIX: M16C: PUSHC instruction was not changing the stack pointer value as it should
- BUGFIX: MIPS: ABI selection could be set incorrectly on reopening a saved database
- BUGFIX: MIPS: mftr/mttr instructions could be decoded incorrectly
- BUGFIX: MSP430: function flow graphs were wrong because call instructions were not marked as such
- BUGFIX: MSP430: instructions with .rpt prefix could not be decoded
- BUGFIX: MSP430: suba and incda instructions were not handled properly when tracking SP changes
- BUGFIX: PIC16: relative jump/call destination address was being truncated to 16 bits
- BUGFIX: PPC: fixed incorrect value of LR after the VLE call in the regtracker
- BUGFIX: PPC: ida was creating 16-bit stack variables instead of 8-bit stack variables in some cases; the difference in the listings is very minor
- BUGFIX: DWARF: IDA could fail to determine the proper type for some prototypes arguments
- BUGFIX: DWARF: IDA could INTERR with code 30304 with certain types of constructs in the debug information
- BUGFIX: PDB: IDA could crash when parsing a debug entry with size 0
- BUGFIX: PE: IDA could complain about "invalid unwind data" in valid files (such as Windows kernel)
- BUGFIX: SWIFT: IDA would fail to demangle names with "j_" prefixes and "_N" suffixes
- BUGFIX: DBG: gdb: check for network error when setting the resume mode
- BUGFIX: DBG: ios,xnu debuggers used incorrect flag names for arm64 CPSR register
- BUGFIX: DBG: linux_server could crash (nullptr dereference) because of a malicious client
- BUGFIX: DBG: linux_server would crash if a malicious copy of ida would send 'close_file' request on an unopened channel
- BUGFIX: DBG: malicious copy of ida could crash the debugger server
- BUGFIX: DBG: password protected debug server could crash if a malicious copy of IDA was sending a packet without a password
- BUGFIX: kernel: IDA (32-bit) could hang when analyzing data close to the maximum address (0xFFFFFFFF)
- BUGFIX: kernel: IDA could generate too many empty lines for an unnamed entry in a special segment
- BUGFIX: kernel: IDA could truncate Delphi strings representation
- BUGFIX: kernel: now we delete info about patched bytes when segment bounds were changed and addresses disabled
- BUGFIX: kernel: on an updgrade from a pre-7.0 database, Unicode strings in structures would be converted incorrectly
- BUGFIX: kernel: saving more than 65535 segment selectors was impossible
- BUGFIX: idat: cursor was positioned wrongly on a chooser line when using fast search
- BUGFIX: idat: disassembly listing was not refreshed after changing the listing options
- BUGFIX: idat: ida was truncating the beginning of all too long names in choosers, but this logic should be applied only to file paths
- BUFGIX: UI: "Switch debugger" dialog would not show up if only one debugger was available for current database (in fact it can be also used to set "No debugger" as the default)
- BUGFIX: UI: the Functions window could reload unnecessarily when dealing with collapsed functions
- BUGFIX: ui/qt: "hints" background color, and "highlight" color were not converted from IDA 7.2's registry to IDA 7.3 CSS
- BUGFIX: ui/qt: chooser actions would not be updated when context menu was invoked
- BUGFIX: ui/qt: depending on where the cursor was placed on a line, switching to the graph view could cause an animation to be triggered, even when not justified
- BUGFIX: ui/qt: double-clicking on an entry in "Local types" to synchronize it with the IDB, was not undo-able
- BUGFIX: ui/qt: dragging around a widget that was previously in a splitter could crash IDA
- BUGFIX: ui/qt: file dialogs were broken for ida64.app on macOS 10.15
- BUGFIX: ui/qt: IDA could crash when "IDA View-A" and "Pseudocode-A" were synchronized
- BUGFIX: ui/qt: IDA could crash when switching desktops
- BUGFIX: ui/qt: IDA could sometimes hang upon "Desktop reset"
- BUGFIX: ui/qt: in the "Output window" Ctrl+Left/Right was not navigating through words as it should have
- BUGFIX: ui/qt: initial autoanalysis could take significantly longer than in previous versions of IDA, for the same file
- BUGFIX: ui/qt: on OSX IDA could crash if very fast drag & drop operations were performed on tabbed widgets
- BUGFIX: ui/qt: snippets view: we have to save the current script before running it, otherwise undo will destroy it
- BUGFIX: ui/qt: The color buttons could be missing a 'reset' companion button once a color was set
- BUGFIX: ui/qt: The "Load file" dialog could be misplaced, especially when opening a new file in an existing IDA instance.
- BUGFIX: ui/qt: the "Output window" could jump to the wrong place when navigating to the end, or when selecting (and with long lines, the problem was even more visible)
- BUGFIX: ui/qt: the "Output window" could jump when selection was going beyond bounds
- BUGFIX: ui/qt: the "Output window" would always come up visible after restoring a desktop where it was not visible
- BUGFIX: ui/qt: the dark theme would cause regular tabular views to hide their vertical header (on the left)
- BUGFIX: ui/qt: undoing an action would erroneously reset the navbar zoom level
- BUGFIX: ui/qt: when creating choosers, IDA could ignore some columns properties in case the chooser was modified earlier and the database was saved
- BUGFIX: ui/qt: when creating modal choosers, IDA could miscompute the best size, and make a horizontal scrollbar visible even when not needed
- BUGFIX: ui/qt: when docking widgets around, it could happen that some widget end up unexpectedly scrolled to the right
- BUGFIX: ui/qt: when selecting with the mouse in the "Output window", the cursor wouldn't scroll the view if the selection was going out of the viewport
- BUGFIX: ui/qt: IDA would unnecessarily ask for Accessibility permissions on OSX 10.14 Mojave
- BUGFIX: ui: after returning a borrowed license, IDA would complain about a failure to connect to the license server; change behavior so that IDA exits immediately after returning the license (since it doesn't have a license anymore)
- BUGFIX: ui: clicking "OK" instead of using Enter when trying to detach a function chunk with multiple parents would not work
- BUGFIX: ui: signed enums members were printed as unsigned numbers in the Enums window
- BUGFIX: IDAPython: in custom graphs, it was impossible to reset the selection
- BUGFIX: IDAPython: do not trigger the "Running Python script" wait dialog when the script itself has already called show_wait_box()
- BUGFIX: IDAPython: GraphViewer.SetNodeInfos could trigger errors if the 'node_info_t.ea' field was not set
- BUGFIX: IDAPython: keeping references of the type field of udt_member_t could crash IDA
- BUGFIX: IDAPython: mbl_array_t.deserialize() was unusable
- BUGFIX: IDAPython: some return types in the SWiG-generated docstrings were wrong
- BUGFIX: IDAPython: using argloc_t::consume_scattered() could crash IDA
- BUGFIX: IDAPython: when some attributes were missing from a ida_kernwin.Choose instance, the Show() method could return -1 without indicating what the error was
- BUGFIX: IDC: idc.idc had wrong definitions of dt_ldbl, dt_byte32, dt_byte64
- BUGFIX: hexrays: an explicitly unsynchronized "Pseudocode" view, could re-synchronize itself with a "IDA View-A" the next time <Tab> was pressed (if PSEUDOCODE_SYNCED was set to YES)
- BUGFIX: hexrays: arm: fixed incorrect decompilation of CDP, CDP2 instructions (CRd was erroneously represented as Rd in the intrinsic function call)
- BUGFIX: hexrays: arm64: fixed incorrect translation of instruction CSINV
- BUGFIX: hexrays: decompiler could crash when browsing the pseudocode
- BUGFIX: hexrays: decompiler could erroneously convert into _cdecl functions with scattered register arguments
- BUGFIX: hexrays: fixed a division by zero
- BUGFIX: hexrays: fixed interr 50194 (happened when a shifted pointer is a member of a structure)
- BUGFIX: hexrays: fixed mbl_array_t serialization bugs
- BUGFIX: hexrays: fixed the value of the 'ea' field of some cexpr_t objects
- BUGFIX: hexrays: hxe_curpos was generated too early, and 'vdui_t::cpos' could hold outdated information
- BUGFIX: hexrays: in some cases inlined 'strcpy' could be incorrectly combined on Big Endian platforms
- BUGFIX: hexrays: in some cases the switch value was miscalculated
- BUGFIX: hexrays: leave 64-bit negated constant as is, output it as unsigned
- BUGFIX: hexrays: some undefined variables were not marked as such
- BUGFIX: hexrays: when using Hexrays_Hooks, returning code 2 from 'create_hint' (to instruct the decompiler to append its own hints) would fail to display any hint at all in case the decompiler didn't add its own
- BUGFIX: hexrays: some push/pop sequences could be wrongly optimized away
HomePage:https://hex-rays.com/products/ida/7.4/index.shtml
|
|
IP卡
发表于 2019-10-8 09:50:49
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2019-10-8 15:51:24
发表于 2019-10-8 15:54:53
发表于 2019-10-8 16:13:11
发表于 2019-10-10 09:51:42
