Advertisement
Guest User

Untitled

a guest
Sep 28th, 2017
2,092
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 63.76 KB | None
  1.  
  2. NOTE:
  3. * uppercase items: changed/fixed since 6.95
  4.  
  5. * lowercase items: changed/fixed since previous beta
  6.  
  7. Changes from beta5 (170825) to beta6 (170901):
  8.  
  9. Major changes:
  10.  
  11. - Fixed reported bugs
  12. - Public beta; will expire in a few weeks
  13. - signed mac remote debuggers
  14. - The API is again changed and may be incompatible with beta5; make sure to update SDK and rebuild all your plugins
  15.  
  16. Detailed changes:
  17.  
  18. sdk: get_long -> get_dword
  19. sdk: get_full_byte -> get_wide_byte
  20. sdk: get_full_word -> get_wide_word
  21. sdk: get_full_long -> get_wide_dword
  22. bugfix: ui/qt: creating a script snippet without saving it, then starting & stopping a debugging session, and finally clicking on the snippets entries chooser, could crash IDA
  23. sdk: ua_stkvar -> insn_t::create_stkvar
  24. elf: added recognition of EM_QDSP6 machine code (try to load processor with name "QDSP6")
  25. BUGFIX: ui/qt: double-clicking on the 1st member of a struct, would cause the view to jump
  26. bugfix: debugger: win32: fixed handling of ntdll bpts in wow64 under win10
  27. sdk: ua_add_cref -> insn_t::add_cref
  28. sdk: ua_add_off_drefs ->insn_t::add_off_drefs
  29. sdk: ua_add_dref -> insn_t::add_dref
  30. bugfix: hexarm: BL instructions could be decompiled incorrectly in the presence of user-defined additional xrefs
  31. sdk: get_predef_insn_cmt() moved to bytes.hpp (removed ints.hpp)
  32. sdk: ua_dodata -> insn_t::create_op_data
  33. sdk: renamed switch_info_ex to switch_info (type and related functions)
  34. bugfix: ios: debugger could hang at startup.
  35. ui: when non-ascii text found in IDB during upgrade, show the user the result of guessed conversion and allow to abort upgrade if they don't look correct
  36. bugfix: ui/qt: while dragging widgets around, in and out of the main window, their fonts could change
  37. sdk: renamed ua_next_...() functions
  38. bugfix: idapython: init_hexrays_plugin() returned True even if decompiler is not loaded
  39. bugfix: ui: the calculator would display empty string instead of "0"
  40. BUGFIX: TMS320C28: do not create a redundant variable at the start of DP page
  41. BUGFIX: ui: ExportData action would silently overwite the output file if it already existed
  42. + DEBUG/MAC: remote mac debuggers are signed and don't have to be run as root
  43. + UI: on Windows, use "Consolas" font by default, as the venerable "FixedSys" is lacking glyphs for many Unicode characters
  44. + IDAPython: exposed get_predef_insn_cmt()
  45. bugfix: ui/qt: double-clicking on a search result produced from a "Pseudocode" view, but which points to address that's not a function, wouldn't work
  46. bugfix: IDAPython: cexpr_t::get_const_value() was unusable
  47. BUGFIX: the navband could disappear when using a debugger that uses manual memory regions (e.g. iOS or GDB).
  48. BUGFIX: decompiler: in some cases combining rule for 64bit addition could produce incorrect results
  49. bugfix: sdk: restored exec_idc_script() to the SDK
  50. BUGFIX: TMS320C28: removed the obsolete hints when reanalazing a program
  51. bugfix: opening a binary file, would automatically write its .idb file into the registry, even w/o the user ever saving it.
  52. sdk: added inf.lflags: LFLG_KERNMODE - is kernel mode binary?, set it in the PE loader and use it in the hexrays
  53. bugfix: sdk: get_output_curline(mouse=true) would return the wrong line data
  54. bugfix: sdk: get_output_curline() was not providing UTF-8, but rather latin1 data.
  55. bugfix: ui: clicking 'Help' in a form opened by ask_form() (i.e., the form is in a dialog), could cause IDA to freeze (windows only)
  56. decompiler: check for direct calls (not only indirect ones) when looking for guard_dispatch/guard_check_icall calls
  57. sdk: ui: added BWN_PSEUDOCODE twidget_type_t, making it simpler for plugins to add actions to the decompiler's views
  58. bugfix: ui: navigating left/right by word in non-ASCII characters, could place the cursor in the wrong position.
  59. sdk: Updated doxygen comment for the 'area'->'range' rename.
  60. BUGFIX: fixed display of required DIA SDK for x64
  61. bugfix: ui: replace "idaq" by "ida" in error message when decompiling x86 file in ida64
  62. bugfix: ui: the "Functions window" could end up refreshing constantly, and jumping back to the selected index in case the disassembly was in graph view & the current function had chunks.
  63. macho: if env var IDA_KCACHE_IGNORE_XML is present, ignore prelink XML when loading kernelcaches and fall back to mach-O header scanning.
  64. ui/qt: Trying to focus the CLI from some widgets (i.e., non-listing widgets) would fail. One can now use "Ctrl+." to do just that.
  65.  
  66. Changes from beta4 (170718) to beta5 (170825):
  67.  
  68. Major changes:
  69.  
  70. - Fixed reported bugs
  71. - The "-o" command-line option must now be passed before the file name,
  72. in order to be taken into consideration.
  73. - Worked more in the API and again made it incompatible
  74.  
  75. Detailed changes:
  76. + ARM: extended LDRB switch pattern
  77. + ARM: added a fix for Thumb switches with full addresses
  78. + MACHO: allow the user to override the ASLR slide for dyld_shared_cache files.
  79. + FLIRT: mingw, mingw-w64: added detection of 32- and 64-bit mingw-w64 startup functions from the sourceforge builds (7.1.0rev2 and 7.2.0rev0)
  80. 700_x86: fixed a bug with pascal strings in utf8 mode
  81. BUGFIX: setting a breakpoint condition through "update_bpt()" could cause the condition to be unusable at breakpoint trigger-time.
  82. BUGFIX: ui/qt: it was impossible to select the font from some listing widgets
  83. BUGFIX: decompiler: fixed interr 50770
  84. BUGFIX: decompiler: "reset all local function info" was broken
  85. IDAPython/bc695: many fixes/bwcompat for CL#78346
  86. IDAPython/bc695: restored keyword arguments to data_type_t & data_format_t
  87. SDK: added default =NULL value to last parameter to some functions
  88. SDK: changed all internal netnode_* functions to take "int tag" instead of "uchar tag"
  89. SDK: changed some parameters in jumptable-related code
  90. SDK: converted idt_format_error() to fill a qstring and reordered arguments
  91. SDK: fixed doc, qstring::find() returns npos, not -1
  92. SDK: removed '*' from function pointer typedefs
  93. SDK: removed obsolete calc_basevalue(), calc_target() callbacks from `custom_refinfo_handler_t`
  94. SDK: reordered arguments of many functions
  95. SDK: added GCC60, GCC70 to allmake.unx
  96. SDK: added ldr/elf/elfr_ia64.h & elfr_mips.h to successfully build plugins/debugger/ under Linux
  97. bugfix: api: fixed a call of the data_format_t::analyze() callback during emulating data
  98. bugfix: DWARF: some line numbers could show up erroneously
  99. bugfix: IDA could crash at startup if started with empty '-o' switch
  100. bugfix: IDA could fail to demangle objc names at load time
  101. bugfix: IDA could fail to split embedded kexts in recent OSX kernelcaches
  102. bugfix: IDA tried to upgrade already upgraded bookmarks
  103. bugfix: IDA would 'transfer' breakpoints from one IDB to another, in case the second was created from a new binary file.
  104. bugfix: IDA would crash if the user checked "Octaword" in the "Setup data types" dialog
  105. bugfix: Local Mac OSX Debugger was broken for x64 builds of IDA
  106. bugfix: allow switch '-o' only when loading a new file
  107. bugfix: switching to sparse storage would yield somehow different results (very minor diffs)
  108. bugfix: osx debugger could fail to retrieve the correct bitness of the target process
  109. bugfix: show correct database name (with respect to '-o' flag) in the 'Overwrite/Load existing/Cancel' dialog
  110. bugfix: ui/qt: after running the debugger, IDA View-A could be scrolled to the right
  111. bugfix: ui/qt: docking a floating widget back into the main window, could cause it to scroll to the right
  112. bugfix: ui/qt: navigating up, down, left & right in the "locals" or "watches" view during a debugging session, was broken
  113. bugfix: ui/txt: could crash in the file selection dialog after pressing '.'
  114. bugfix: ui/txt: idat/idal could crash at exit-time
  115. improved speed of applying signatures for broken databases
  116. noret.cfg: corrected gnueabi names (they had garbage at the end of very long lines) and added a couple more names
  117. pc: now we sign extend immediate values for group 83 up to 64bits; for some reason this group was handled in a special way and we were sign extending values only to the operand size, not to 64bit
  118. removed 'tribyte' from help page 'Setup data types'
  119. renamed window state nodes in the text version (prepend '$ ' to the beginning)
  120. ui/text: added empty line between checkboxes and buttons in the "comment options" dialog
  121. ui: filtered loader list according to the processor specified in command line
  122. decompiler: fixed interr 51635
  123. decompiler: optimize scattered vdlocs (merge adjacent parts) before comparing
  124. win32 local dbg: fixed the problem with empty module names reported for 64-bit modules in Wow64 process
  125. win32 local dbg: fixed problems with debugging WOW64 processes
  126.  
  127. Changes from beta3 (170724) to beta4 (170818):
  128.  
  129. Major changes:
  130. SDK: many more APIs have been renamed/removed/had their arguments changed. You may need to port your plugins/modules again, sorry :(
  131. IDAPython: same point applies, though we tried to keep 6.95 compatibility working.
  132.  
  133. Detailed changes:
  134. SDK: renamed more functions to use snake_case
  135. bugfix: ui: setting "No debugger" as default wouldn't work, meaning once a debugger has been selected as default, there was no way of going back
  136. SDK: removed the following fields from idainfo: tribyte_order, lprefix, lprefixlen, cc.flags
  137. SDK: tag_remove now works with a qstring
  138. SDK: removed tag_on/tag_off functions
  139. bugfix: ui/txt: if the exact address space of the binary being analyzed was 0x10000, the vbar wouldn't be properly initialized, leading to a jumpy cursor during AA
  140. bugfix: ui/txt: reopening an IDB wouldn't reopen the "Structures" or "Enums" view
  141. debugger: gdb: demoted some warning()s to msg()s
  142. BUGFIX: TMS320C28: added tracking of DP register value in 'mov DP,#10bit' instruction
  143. BUGFIX: IDAPython: some ARM-specific operand type definitions were incorrect
  144. BUGFIX: IDAPython: remove_tinfo_pointer() was unusable
  145. + kernel: added separate "mingw" abi name; it can be specified for the visual studio compiler
  146. SDK: renamed outctx_t::OutLong -> out_btoa
  147. SDK: removed tag_addchr
  148. kernel: removed support for 3byte data items; custom data type can be used instead
  149. + SDK: added module/custdata.cpp with 3byte custom data type implementation
  150. SDK: removed tag_addstr
  151. SDK: removed tag_addprntbyte()
  152. SDK: tag_addr works on qstring now
  153. SKD: added outctx_t::set_comment_addr() to be used by processor modules to generate additional dynamic comments; for example, to specify an address referenced by the current instruction but without an explicit xref to it.
  154. bugfix: IDAPython: autocomments in Python processor modules did not work
  155. macho: improved the way we handle large chunks of dyld_shared_cache files that are not analyzed.
  156. SDK: deleted some obsolete ui events and renamed some
  157. SDK: get_enum_width now returns size in bytes instead of log2(width)+1
  158. bugfix: IDAPython: getn_selector() was unusable
  159. SDK: renamed wasBreak -> user_cancelled, also renamed other Break-related functions
  160. SDK: removed dual_text_options_t-related functions
  161. + CFG: ida.cfg: document ABANDON_DATABASE
  162. + MSP430: added simplification "movx @SP+, dst" -> "popx dst"
  163. BUGFIX: backward binary search would hang on debugger segments
  164. bugfix: UI: the "ida as system debugger" debugger setting was checking for old idaq/idaw/idag executable names
  165. SDK: forms: added 'i' type (identifier passed in qstring, with max len 32K bytes)
  166. bugfix: ui: it was impossible to set processor specific options for metapc
  167. bugfix: is_ident() was broken, it would accept a digit as the first character
  168. bugfix: macho loader could create a massive DYLD_CACHE_HEADER segment (~500MB) for full-sized dyld_shared_cache files, which would slow analysis down to a crawl.
  169. bugfix: macho: IDA could appear to hang while loading large symbol tables from dyld_shared_cache files
  170. sdk: renamed ask_selector -> sel2para
  171. sdk: renamed ask... functions to have an underscore. example: askstr -> ask_str()
  172. + SDK: added ev_demangle_name IDP event to allow intercepting and modifying results of demangle_name() API
  173. + OBJC: implement demangling of objective-C methods in Swift classes
  174. + FLIRT: sigmake: document -v (verbose) switch
  175. IDAPython: renamed chooser functions from choose2... to choose...;
  176. sdk: get_strlit_contents(): simplify the prototype.
  177. sdk: renamed to_utf8_char -> put_utf8_char
  178. bugfix:ui: removing the entry corresponding to the "quick filter" from the "Modify filters..." dialog, would leave the text present in the quick filter editor, leading to confusion.
  179. gdb: fixed parsing of library list received by cygwin's gdbserver
  180. bugfix:ui: for _selected_ matching items in choosers, the text in the column that matched wasn't using the proper color.
  181. bugfix: hexview: some codepoints above 0xFF could be shown as invalid characters
  182. rtti: improved heuristic to detect valid gnu type id
  183. bugfix: ui: IDA could show wrong free disk space on OS X
  184. bugfix:debugger: win32: handle truncation of native addresses for EA32 build. This fixed hangs and bogus breakpoint events when debuging wow64 apps on Win10.
  185. bugfix: ui: ColorButton instances would show empty on Windows
  186. SDK: set_segm_name() now accepts a simple string, not a format string (same as set_name())
  187. bugfix: ui: when saving files, default extension would not be appended to the entered file name
  188. + UI/debugging: improve the formatting of the Call Stack window.
  189. + UI: do not ask permission to overwrite empty files, no info will be lost anyway
  190. kernel: added checks that the processor is set in APIs that require it
  191. bugfix: IDAPython: idc.split_sreg_range was trying to call non-existent function
  192. eh_parse: added support of __except_handler3 for x86 SEH
  193. ui: bugfix: IDA would fail to set the cursor in the correct position if the user clicked near the right boundary of the IDA View
  194. sdk: improved the callback prototype for form buttons, now it uses form_actions_t as well.
  195. bugfix: ui: setup strlits: clicking on "manage defaults" could crash ida
  196. ida.cfg: added an example how to add more cultures to NameChars
  197. SDK: changed the loader api so that accept_file() returns the desired processor;
  198. ui: correct processor is preselected if the loader returns it
  199. bugfix:ui: scrolling in the Stack Trace window was broken.
  200. BUGFIX: PC: fixed "mov sreg, r/m16" to always uses 16-bit memory references
  201. BUGFIX: debugger: win32: IDA would fail to properly restore page breakpoints when restarting a process
  202. BUGFIX: if the user cancels the attach-process selection dialog and then terminates the debugger server, then ida would continue to assume that the connection to the debugger server is intact
  203. BUGFIX: NTAPI: the wrong calling convention was used for InterlockedIncrement() from ntdll.dll
  204. + TIL: Updated NTAPI type library
  205. +ARM: added support of the new clang's switch pattern for arm64;
  206. eh_parse: add SEH finally filter as nested function to owner
  207. bugfix:kernel: interr 953 could occur when not really necessary
  208. sdk: all calls to ask_... functions generate ui events; this way they can be hooked, if necessary
  209. + FLIRT: upgraded ulink signatures
  210. eh_parse: added support for x86 SEH via _excpt_handler4
  211. sdk: got rid of askfile2() and improved askfile() to be able to handle file name filters
  212. bugfix: ui: struct offset operand ('T') chooser would show extra deltas even for exactly matching fields
  213. rtti: changed class offset output to hex in gnu's hierarchy display
  214. bugfix: corrupted idbs with overlapping sparse and va ranges could lead to interr 68 (and other problems)
  215. eh_parse: added support of personality routine detection with namespace
  216. x64: disabled the limit on the size of the xref cache; with x64 we do not need it anymore
  217. bugfix: IDBs created by IDA 7.0 b1-b3 would cause "Please use older version of IDA" message when opened in 6.95 or earlier.
  218. + ELF: recognize PLT stub functions from R_386_GLOB_DAT relocations
  219. bugfix: IDA could interr with 1135 on corrupted idbs with incorrect custom fixup type; now they're simply ignored
  220. bugfix: corrupted local type lib could cause interr 1400; removed this interr
  221. bugfix: ida could interr with 953 on corrupted idbs with undeserializable ordinal type references
  222. kernel: improved the -a switch: it is possible to re-enable analysis by specifying -a-
  223. sdk: maximum number of instruction operands (UA_MAXOP) was increased to 8
  224. BUGFIX: debugger:win32: read/write breakpoints of length 8 were not supported on x64
  225. decompiler: do not convert signed comparison to bitcheck in case of arithmetic expression
  226. BUGFIX: ELF: IDA could fail to apply relative relocations for FreeBSD
  227. bugfix: DWARF: line number information was associated to the wrong file
  228. bugfix: ui: ColorButton wouldn't be colorized on Windows
  229. sdk: renamed insn_t::Operands to insn_t::ops
  230. ui/qt: on windows, enbale font antialiasing by default
  231. + ui: on Windows, use "Lucida Console" font by default, as the venerable "FixedSys" is lacking glyphs for many Unicode characters
  232. bugfix: dwarf: source-level debugging on iOS could be broken when debugging fat Mach-O files.
  233. + decompiler: the current ea_t is printed as part of the current location information (in the statusbar)
  234. ui: improved printing of automatic comments: now we always attach them to the main instruction line
  235. sdk: upgraded insn_t::auxpref to uint32
  236. decompiler: arm64: promote function return values to SPWIDTH
  237. sdk: renamed choose2 plugin to choose
  238. bugfix:ui: pressing <Enter> (or double-clicking) on an address or a name, that is further to the right from non-ASCII sequences in a line, would fail
  239. bugfix: ui: clicking on a line with wide characters (e.g., Chinese glyphs), could cause the cursor to end up in the wrong X position
  240. bugfix:ui: during debugging, it was impossible to switch from a source view, to the trace window (or many other widgets, for that matter)
  241. BUGFIX: MSP430: fixed display of 20-bit values from instructions with extension word
  242. bugfix: kernel: IDA could display bogus "Error: bad call add_dref" messages due to running out of private netnode addresses; now this situation is detected and range is extended automatically
  243. + ui/qt: the Python/IDC command line auto-completion now responds to "Shift+Tab" appropriately, and goes back in history.
  244. bugfix: 6.95 databases w/ "Local Win32 debugger" selected, would be opened with "No debugger" selected in 7.0, due to renaming to "Local Windows debugger"
  245. + UI: pressing F9 with no debugger selected now starts the process automatically after user selects a debugger
  246.  
  247. Changes from beta2 (170717) to beta3 (170724):
  248.  
  249. ui: try block info display is enabled by default
  250. sdk: added tryblks.hpp
  251. sdk: removed 'pragma pack' from some more files
  252. bugfix: IDAPython: an exception thrown in certain PyQt5 contexts (e.g., in the scope of a QProcess handler), could cause IDA to abort()
  253. decompiler: under certain conditions Ctrl-Enter behaved as Enter and inserted empty line.
  254. sdk: renamed OutChar to out_char, OutValue to out_value; removed OutLine, use out_line() with the default color=0 instead
  255. bugfix: UI/OSX: IDA would crash if the dock menu was used to quit IDA while the Welcome dialog was still displayed.
  256. bugfix: dummy-named procedures would have their name colored differently at the end than at the start
  257. bugfix: it could be impossible to switch to graph view because of accessibility
  258. BUGFIX: WINDBG: double-clicking on an empty line in output window during a windbg session would crash IDA
  259. rtti: improved vtable detection
  260. IDAPython/bc695: read_selection() is back
  261. IDAPython/bc695: added support for action_update_ctx_t::form_type
  262. IDAPython/bc695: inf.procName is back
  263. bugfix: it was impossible to create 32-bit (e.g. UTF-32) strings from the "String literal" dialog
  264. bugfix: changing the "Default string type" did not have any effect
  265. decompiler: ppc: fixed interr 10243
  266. bugfix: IDA could crash when upgrading some databases
  267. bugfix: iOS/OSX debugger: IDA could fail to rebase the UNDEF segment, which could cause subsequent rebasing attempts to fail.
  268. sdk: renamed inf.is_mf()/set_mf() -> is_be()/set_be()
  269. sdk: renamed out_mnemonics -> out_mnemonic; OutMnem -> out_mnem
  270. sdk: added outctx_t::out_custom_mnem()
  271. bugfix: in snippets, <Tab> (or <Shift+Tab>) would count for many operations in the undo/redo history.
  272. bugfix: in snippets, selecting by block and pressing <Tab> could cause spaces to be inserted at the wrong place in the text, and end up with modified text
  273. idc: added SEGM_PERM_... constants
  274. rtti: improved gnu type descriptor detection for vmi_type_info variant (virtual multiple inheritance)
  275. bugfix: snippets: deleting selected text (or replacing it with any character) wouldn't work.
  276. bugfix: snippets: when deleting text, the deletion of multiple characters at once could, in some cases, appear as multiple steps in the undo/redo history
  277. decompiler: don't print base class name when accessing struct members
  278. bugfix: objc: RunUntilMessageReceived would fail in rare occasions for x86_64 binaries.
  279. BUGFIX: IDA could fail to display first lines of disassembly for IDBs created in pre-4.0 IDA versions
  280. bugfix: "Break on access" in "Program Segmentation" would break on the segment prior to the one that was selected
  281. bugfix: on OSX retina (or any HiDPI device, really) the nodes sizes would be miscalculated (missing device pixel ratio)
  282. bugfix: decompiler: renaming fields of some types would not work
  283. bugfix: jumping through xrefs to a global variable in the same function, wouldn't push the current address to the navigation history
  284. decompiler: renamed action 'Split assignment' -> 'Split expression' and allow to split any combined expression (e.g. a comparison).
  285. bugfix: switch info could be rebased incorrectly
  286. bugfix: graph edges hints captions, could have color tags embedded, looking like garbled text.
  287. rtti: improved gnu rtti typeinfo detection
  288. bugfix: an IDB created with IDA <4.0 could crash IDA when displaying the listing header
  289. bugfix: on OSX retina (or any HiDPI device, really) the nodes sizes would be miscalculated (missing device pixel ratio)
  290. bugfix: IDA could crash when single stepping while the Stack Trace window was visible.
  291. decompiler: do not eliminate 'memset' calls because some of them can play role of SecureZeroMemory() calls
  292. decompiler: recognize and resolve floating constants
  293. bugfix: hexview was not printing all replacement bytes
  294. sdk: added stub libida.so/dylib libraries so Linux/OS X plugins could be built without a copy of IDA for that platform
  295. ui: bugfix: hexview: harmonize the display of undecodable bytes when UTF-8 is used.
  296. rtti: added display of type as demangled string in hierarchy if possible
  297.  
  298. Changes from beta1 (170710) to beta 2 (170717):
  299.  
  300. decompiler: user name for a va_list variable could be lost
  301. sdk: get rid of 'pragma pack' in more files
  302. IDAPython/bc695: demangle_name() would return an empty string on failure, instead of None like in 6.95
  303. IDAPython/bc695: reinstated GraphViewer.GetTForm
  304. bugfix: the graph nodes widths were miscomputed in case wide characters (e.g., Chinese) were used
  305. tryblks: display '__unwind' instead of '__try' for system regions
  306. installer: handle python x64 better on Windows (use python27-x64 directory, mention x64 in install screen)
  307. bugfix: chinese (or any wide) characters would cause the cursor to land in the middle of a glyph
  308. + MACHO: added processing of the ARM64_RELOC_ADDEND relocation;
  309. bugfix: ui: "Functions window" could flicker during autoanalysis
  310. decompiler: it was impossible to change variable name by keyboard('N') but possible using popup menu.
  311. BUGFIX: PDB: the pdb plugin could cause _guard_dispatch_icall_nop to be incorrectly marked as noreturn, leading to broken code flow in some x64 PE files with PDB information
  312. + UI: create/add/delete segment messages could be mixed up in the log
  313. + ELF: process .ctors/.dtors sections for all architectures
  314. BUGFIX: MACHO: fixed processing of the ARM64_RELOC_SUBTRACTOR relocation;
  315. eh_parse: fixed parsing of MSVC' C++ EH block with multiple catches for non-x64 architectures
  316. bugfix: macho: fixed processing of the PAGE21 relocations
  317. api-7.0: removed doASCI (use create_strlit instead)
  318. rtti: improved annotation of MSVC's throw information
  319. ui/dbg: renamed local win32/win64 debugger to "Local Windows debugger" (similar to what was done to the remote win32/win64 debugger)
  320. help: added missing link "Structures submenu" -> "Copy field info to pointers"
  321. bugfix: ui: "Set tab size" would be present, but disabled, in decompiler views; removed it.
  322. bugfix: kernel: a detected function which resides after the noret function could be destroyed
  323. ui/qt: make "link" buttons shortcuts visible
  324. ui: "Manage defaults" option of the "String literal" (Alt+A) dialog now focuses on the string style immediately.
  325. + rtti: added type information to comment for catchable types
  326. IDAPython/bc695: some IDC functions were missing previously default arguments
  327. rtti: removed comment about virtual function address (it was hiding auto comments with demangled names)
  328. + rtti: added detection for MSVC's ThrowInfo and related sub structures
  329. IDAPython/bc695: 'cmd' is back, and filled by decode_insn() in case only 1 argument (i.e., an ea_t) is passed.
  330. IDAPython/bc695: added support for calling is_call_insn is_ret_insn is_indirect_jump_insn is_basic_block_end with ea_t's.
  331. bugfix: ida64 wouldn't load .idc or .py plugins
  332. bugfix: IDAPython: many netnode operations were still broken w/ the 'char'->'uchar' transition
  333. bugfix: IDA could crash when opening a segment chooser and current address is not in a segment
  334. bugfix: in IDAPython plugin's run(), 'arg' is now a simple long instead of PyIdc_cvt_int64__
  335. Fixed error "Could not rename Python plugin" in Windows x64 installer without installing Python.
  336. bugfix: it was possible for the "Execute script" dialog to lose some content (typically when launching & stopping debugging sessions)
  337. chooser: fixed long rebuilding of the "Strings window";
  338. decompiler: recognition of many string literals could stop early
  339. bugfix: script snippets could lose some content
  340. build: fixed missing help file on Linux
  341. bugfix: changing the language of the snippets, wouldn't cause the chooser to refresh (and thus the old icon remained.)
  342. decompiler: fixed crash with intrinsic bextr
  343. bugfix: specify BPU when creating non-1BPU strings from actions.
  344. api70: removed 'pragma pack(n)' from more files
  345. bugfix: the "String window" chooser should not be refreshing after any process_command() call;
  346. decompiler: added vds8 to sdk.
  347. bugfix: AskUsingForm, with the letter 'M' (meaning: hexadecimal, output to uval_t) would let the user enter negative numbers.
  348. bugfix: Pseudocode windows would have the wrong icon
  349. BUGFIX: IDAPython: use_regarg_type3 was impossible to use
  350. + GDB: show the full path to be run if the user enabled "Run external program before debugging" before actually executing it.
  351.  
  352. Changes from 6.95 to beta1 (170710):
  353.  
  354. + ARM: added one more pattern of thumb->arm transition
  355. + ARM: arm64: use simplified aliases for UBFM/SBFM instructions when applicable
  356. + ARM: handle vfp instructions: VMOV immediate, VCVTB, VCVTT, VCVT with a fixed point operand
  357. + ARM: reduced complexity of the SP-analysis from quadratic to linear;
  358. + arm64: take into account instruction STP can load callee arguments into stack - add corresponding comments to such instructions
  359. + BOCHS: Bochs 2.6.9 support
  360. + dbg: debug servers can now be launched with '-kk' to specify that in case the connection between IDA & them is broken, the process should be terminated immediately.
  361. + DBG: iOS: added support for ARM(64) FPU/NEON registers
  362. + DBG: iOS: always allow the user to specify a pid when attaching to a process
  363. + dbg: linux: try to load separate debug info file for libpthread.so, if environment variable DEBUG_FILE_DIRECTORY is set
  364. + DBG: OSX/iOS: improved support for debugging dylibs from dyld_shared_cache.
  365. + DBG: support Appcall in Remote iOS Debugger
  366. + DBG: support source-level debugging in Remote iOS Debugger
  367. + dbg:linux_server: added environment variable IDA_SKIP_SYMS to ignore the exported names from the main module
  368. + debugger: iOS: more detailed segment mapping for dylibs from dyld_shared_cache.
  369. + debugger: mac: support OSX Sierra
  370. + debugger: OSX: more detailed segment mapping for dylibs from dyld_shared_cache
  371. + DWARF: Store file/line number information in IDB (only if requested, since it comes with a performance penalty)
  372. + eh_parse: new plugin to parse EH (exception handling) information present in ELF, COFF, Mach-O, and PE files. NOTE: enable display in Options-General-Try block lines.
  373. + ELF: added processing of many previously unsupported PPC64 relocations
  374. + ELF: annotate headers (ELF, PHT, SHT) and convert more known data to structs (symtab, strtab, relocations, dynamic information)
  375. + ELF: annotate preinit/init/fini function arrays
  376. + ELF: convert all strtab entries to ascii strings (even the ones that are not referenced)
  377. + ELF: describe DT_HASH and DT_GNU_HASH
  378. + ELF: describe symbols using symtab from DYNAMIC section
  379. + ELF: detect overlapping sections in SHT and prevent them from processing data (but still load them in the database)
  380. + ELF: don't obliterate data when patching PLT
  381. + ELF: don't skip processing relocations if symbol index is 0 (happens with IRELATIVE relocs)
  382. + ELF: IDA now uses the PHT by default instead of the SHT to load segments from ELF files
  383. + elf: improved support for TLS variables in relocatable files
  384. + ELF: load symbols using symtab from DYNAMIC section when .dynamic section yields no symbols
  385. + ELF: PLT relocations for pc are now processed at relocation-application-time, instead of relying on the presence of a .plt section
  386. + ELF: ppc: added new ida.cfg variable PPC_FIX_GNU_VLEADRELOC_BUG to work around binutils bug 20744
  387. + FLIRT: Added detection of 32-bit mingw/mingw-w64 startup functions
  388. + FLIRT: Added detection of 64-bit mingw-w64 startup functions
  389. + FLIRT: Added detection of Android Bionic libc startup for ARM
  390. + FLIRT: Added MFC signatures for vc1410 (Visual Studio 2017)
  391. + FLIRT: Added MFC signatures for vc143 (Visual Studio 2015 Update 3)
  392. + FLIRT: Added signatures for Android NDK/ARM (up to version 13b)
  393. + FLIRT: BC: added signatures for xe102 (RAD Studio 10.2 Tokyo)
  394. + FLIRT: DM: added signatures for Digital Mars 2.073.0
  395. + FLIRT: ICL: Added signatures for icl164 (Intel C++ 16.4)
  396. + FLIRT: ICL: Added signatures for icl170 (Intel C++ 17.0)
  397. + FLIRT: ICL: Added signatures for icl171 (Intel C++ 17.1)
  398. + FLIRT: ICL: Added signatures for icl174 (Intel C++ 17.4)
  399. + FLIRT: pcf/pelf/plb/...: added option to modify pattern using regex (-E)
  400. + FLIRT: pcf/pelf/plb/...: added option to skip bytes before first label at pattern beginning
  401. + flirt: remove __ehhandler and __unwindfunclet pseudo-functions from signatures
  402. + flirt: the parser tools now remove by default any bytes before the first label (unset with -L)
  403. + FLIRT: upgraded ulink signatures
  404. + FLIRT: VC/VC64: added signatures for ucrt 15063 (Windows 10 Creators Update SDK)
  405. + FLIRT: VC: Added signatures for vc1410 (Visual Studio 2017)
  406. + FLIRT: VC: Added signatures for vc1410 x64 (Visual Studio 2017)
  407. + GDB: added software breakpoint for powerpc
  408. + GDB: added support for banked ARM register layouts
  409. + GDB: added support for no-acknowledgment mode (QStartNoAckMode) for reliable connections (set by default; unset by changing the stub options)
  410. + GDB: added support for uploading files to the server
  411. + GDB: enable "run a program before starting debugging" option and "Choose a configuration" for all processors including x86/x64
  412. + GDB: fetch processes list from gdbserver if supported
  413. + GDB: fetch target description from gdb stub as early as possible (mimic GDB behavior)
  414. + IDAPython: ability to programmatically query or set the graph position + zoom level
  415. + IDAPython: ability to store attributes on tinfo_t objects
  416. + IDAPython: added example showing how to synchronize two graph views (i.e., IDA View-B follows IDA View-A, at another zoom level)
  417. + IDAPython: added IDAPython module ida_dex to access loaded DEX file information
  418. + IDAPython: hexrays: cexpr_t & cinsn_t are now writeable, allowing many modifications of the C tree.
  419. + IDAPython: opened many low-level graphviewer-related functions (those were previously unavailable)
  420. + IDAPython: support for microcode_filter_t (see vds8.py example)
  421. + IDAPython: added View_Hooks for hooking IDAView events
  422. + IDAPython: fix idaapi.py dependencies
  423. + IDC: fix documentation for the StepUntilRet() function
  424. + IDC: support 64bit file/linput size/offset
  425. + IDS: Added IDS files for MFC120 and MFC140
  426. + KERNEL/UI: switched to PCRE2 for the regular expression engine. Now Perl extensions (\s, \d, \w and so on) can be used in regular expressions
  427. + kernel: improved handling of 'noret' function attribute (fix endless looping in some cases);
  428. + MACHO: added an option to load for single module plus its dependencies for dyld cache
  429. + MACHO: fixed incorrect resolution of Mach-O import table entries in files using both LC_DYLD_INFO_ONLY and LC_SYMTAB
  430. + MACHO: improved speed of objc metadata parsing
  431. + MACHO: support dyld cache slide info v2. This should improve analysis for dyld_shared_cache files from iOS 10 and OSX 10.12.
  432. + MACHO: support for apple-protected binaries from OSX versions < 10.6
  433. + MACHO: support x64 macOS kernelcaches with ketxs relocated at runtime
  434. + MIPS: recover more cross-references from stripped statically-linked PIC ELF files
  435. + OBJC/MACHO: IDA can now extract Objective-C type info via 'Load debug info' in the Modules view during debugging
  436. + OBJC: added a new debugger action, called "objc:RunUntilMessageRecevied" to jump directly to the receiver function of objc_msgSend..
  437. + OBJC: added Objective-C Analysis Plugin; the plugin tries to create an xref between calls to objc_msgSend and the function that will ultimately be called by msgSend.
  438. + OBJC: moved code for parsing Objective-C out of the macho loader and into the objc plugin; now objc metadata can be parsed on demand, not just at load time.
  439. + PC: added decoding of Control-flow Enforcement extension
  440. + PC: added decoding of newer AVX-512 extensions (4FMAPS, 4VNNIW, and VPOPCNTDQ)
  441. + PC: added new switch pattern
  442. + PC: decode PTWRITE instruction
  443. + PC: decode VMFUNC instruction
  444. + PC: detect more switch patterns from clang
  445. + PC: improved epilog detection
  446. + PC: improved prolog detection
  447. + PC: improved stack frame analysis in x64 files
  448. + PC: support another variation of x64 table-based switch with switch variable stored on the stack
  449. + PCF: added option to specify startup segment name
  450. + PCF: the -s option (skip unknown relocations) has been renamed to -k
  451. + PDB: added an explicit check for odd paths (e.g. UNC) of pdb files; if such a path is detected, we display one more warning to the user
  452. + PIN: support application function calls
  453. + PPC: added missed extended mnemonics 'rotld'
  454. + PPC: added new config flag PPC_ABI_EMBEDDED/ISA_EABI;
  455. + PPC: added support of PowerPC64 ELF V2 ABI
  456. + PPC: improved switch patterns;
  457. + PPC: r13-based operands are printed using simplified @sda suffix
  458. + renamed environment variable NONAMES to be IDA_NONAMES
  459. + RTTI: new plugin for parsing RTTI (run-time type information) produced by MSVC, GCC and LLVM in PE, COFF and ELF files.
  460. + script snippets: Pressing <Tab> or <Shift+Tab> while there is a selection, will cause that selection to be "block indented" (or unindented)
  461. + SDK: added BIN_SEARCH_NOSHOW flag for bin_search()
  462. + SDK: added get_ip_val/get_sp_val convenience functions
  463. + SDK: added notion of archive loader, its parse_archive() callback will be called instead of load_file()
  464. + SDK: added outinsn_t and outctx_t classes to be used when generating the disassembly text
  465. + SDK: added tinfo_t::is_int() and is_decl_int() functions
  466. + SDK: AES cryptographic functions
  467. + SDK: apply_idasgn_to() accepts full paths as well
  468. + SDK: changed the prototype of set_processor_type(), please revise your plugins
  469. + SDK: extended size of inf.procName to 16 bytes; now this buffer is zero terminated
  470. + SDK: moved mapping functions from mapping.cpp to bytes.hpp
  471. + SDK: the call argument initialization addresses are stored in the database; added get_arg_addrs() and arg_addrs_ready notification.
  472. + SDK: ui: added set_highlight() allowing the user to programmatically control the highlight
  473. + SH3: improved detection of functions when addresses are calculated with movi20s + add/sub
  474. + SIG: added signatures for VS ucrt 14393 (Windows 10 Anniversary Update SDK)
  475. + SuperH: added register definitions for SH7256
  476. + TDS: added support for executable with debug info appended to the end of the file
  477. + TIL: Updated UEFI TILs to version 2.5
  478. + TILS: Added type library for Android NDK
  479. + TMS320C3: improved stack tracing
  480. + tricore: added TRICORE_DEVICE and TRICODE_IORESP config parameters so that they can be set from scripts
  481. + ui/qt: ability to delete breakpoints by group
  482. + ui/qt: ability to toggle between mangled & demangled versions of "Imports" & "Exports"
  483. + ui/qt: added fuzzy-searching in choosers
  484. + ui/qt: implemented ability to write custom actions for individual registers in the "General registers" (and similar) view (E.g., during a debugging session).
  485. + ui/qt: on Windows, text in message boxes (and warnings, errors, ...) can now be selected with the mouse, and copied to clipboard (it was already the case on OSX & Linux)
  486. + ui/qt: when copying tabular data (e.g. from choosers) to the clipboard, IDA now generates tab-separated values instead of aligning the text with spaces
  487. + ui/qt: when running on Linux/X11, selecting parts of the disassembly with the mouse (or Shift+navigation), will update the X11 'selection' clipboard (limited to what's visible on the screen.)
  488. + ui: added a new action "copy field info to pointers"; it copies name and type info from a struct definition to the pointed locations for the current struct variable;
  489. + ui: all navigation actions are now proper actions, allowing their shortcuts to be overriden (and to be triggered programmatically.)
  490. + UI: many cursor movement actions can now be assigned another user-defined shortcuts
  491. + UI: mention that selector values are in paragraphs
  492. + UI: proximity view: option to not show the collapsed nodes
  493. + ui: script snippets are now automatically saved to the database (and thus persisted to disk when the user presses Ctrl+W)
  494. + decompiler: added MAX_FUNCSIZE option to limit the input function size; the default value is 64KB
  495. + decompiler: added support for "call gs:10" linux32 syscalls
  496. + decompiler: added vds8 sample to demonstrate usage of udc_filter_t class (generate custom call instructions)
  497. + decompiler: arm: handle instructions FTOUIZD, FTOUIZS, translate FTOSIZD, FTOSIZS into m_f2i, FTOSID, FTOSIS into calls lrint, lrintf
  498. + decompiler: basic support for thread local variables in some situations
  499. + decompiler: decompiler tries to replace all fs/gs based memory accesses with intrinsic calls (for windows)
  500. + decompiler: decompiler version is now in sync with IDA's
  501. + decompiler: hexppc64 : new decompiler
  502. + decompiler: improve varargs recognition
  503. + decompiler: improved conversion of if comparison chains into a switch statement
  504. + decompiler: improved inlined strcpy recognition
  505. + decompiler: improved recognition of .got based address calculations
  506. + decompiler: improved recognition of abs() and div/mod of power2
  507. + decompiler: improved the decompiler to handle array references with mismatching access size. for example, if we read only a byte of a word array. we now use a nice index expression like arr[idx]
  508. + decompiler: pressing Enter at the end of a line adds an empty line after it (since it is not possible to add empty lines everywhere, sometimes it is added to somewhere else or not added at all)
  509. + decompiler: remove identical if branches
  510. + decompiler: generate memcpy when handling strcpy33 rule in case a string is copied without terminating zero
  511. + decompiler: improved inlined memcpy recognition
  512. + decompiler: slightly improved recognition of variadic function types
  513. + decompiler: the user can jump to a lvar by double clicking on it when the debugger is suspended
  514. BUGFIX: "Dump to IDC" command could create incorrect idc files (the entry point of some functions would not be marked as code)
  515. BUGFIX: "step into" debugger action would fail for ARM64 BR/BLR instructions.
  516. BUGFIX: 32-bit iOS targets would erroneously segfault on iOS 10.
  517. BUGFIX: accessing Aarch64 decompiler plugin (hexarm64) in a script passed with '-S' would crash IDA, because that plugin wasn't pre-loaded.
  518. BUGFIX: AD218X: Direct Instruction Type 27 was being incorrectly decoded
  519. BUGFIX: AD218X: some branch instructions would refer to data instead of code memory
  520. BUGFIX: ad218x: the "Modify Flag Out" (ena/dis) instruction was disassembled incorrectly
  521. BUGFIX: analyze_area() would hang if analysis was enabled
  522. BUGFIX: arm: analysis could loop endlessly on a trivial "b self" loop
  523. BUGFIX: arm: IDA could generate incorrect instruction VMOV Rt, Rt2, S31, CF
  524. BUGFIX: arm64: request calc_arglocs3 could return wrong size of stack arguments
  525. BUGFIX: arm64: request calc_arglocs3 did not reject functions with wrong argument types
  526. BUGFIX: AskUsingForm could crash if a space was present in the form's description, before the field type.
  527. BUGFIX: base2file() could hang when given erroneous input
  528. BUGFIX: calling ida_dbg.enable_[func|insn]_trace() with no debugger loaded, could crash IDA.
  529. BUGFIX: choose_enum_by_value() should display symbols that correspond to the sign extended value in addition to the specified value
  530. BUGFIX: COFF (mips): the relocations REL_MIPS_REFHI, REL_MIPS_PAIR, REL_MIPS_REFLO was processed incorrectly when the relocation value (addend) is non zero;
  531. BUGFIX: COFF: fixed recognition of files produced by TI's Code Composer Studio 6
  532. BUGFIX: dalvik: xref from the call instruction was wrongly marked as jump xref
  533. BUGFIX: dbg: dalvik: get method accessibility flags from DEX-method description, not from Java properties
  534. BUGFIX: dbg: fixed the value of ptrace request for ARM architecture
  535. BUGFIX: decompiler could hang (loop endlessly) a builtin function matching was failing at the very end
  536. BUGFIX: DWARF could erroneously deduce calling conventions as __fastcall even if some registers that take part in a __fastcall were skipped.
  537. BUGFIX: DWARF could fail to set the function prototype in some Mach-O files, in case Obj-C parser already typed it.
  538. BUGFIX: dwarf plugin could fail to retrieve the register number from a location entry (off by 1 error)
  539. BUGFIX: DWARF: Better handling of types whose DW_AT_byte_size is a (improper) unsigned 32-bit 0xffffffff value.
  540. BUGFIX: DWARF: clang 3.8.0 emits DWARF relocations to symbols of type 'STT_NOTYPE' in relocatable files. Those were not properly handled for relocations to DWARF sections.
  541. BUGFIX: DWARF: could fail loading DWARF info with 'R_X86_64_DTPOFF32' relocations
  542. BUGFIX: DWARF: Could fail with INTERR 782 with some variable-sized structures constructs.
  543. BUGFIX: DWARF: could override '__noreturn' attribute of functions
  544. BUGFIX: DWARF: Don't rename function F with name N, if there is already an item with name N of type data+offset pointing to F
  545. BUGFIX: DWARF: During debugging, performing "Load module symbols" on multiple modules could cause the DWARF plugin to complain about invalid types.
  546. BUGFIX: DWARF: handle gcc's bogus "typedef __va_list_tag __va_list_tag" structure names
  547. BUGFIX: DWARF: MinGW/Cygwin-produced PE x64 files could show __fastcall's as __usercall, even though the code does respect Microsoft's x64 ABI convention.
  548. BUGFIX: DWARF: some register aliases could be lost because complex location descriptors were improperly handled
  549. BUGFIX: DWARF: Support for scattered arglocs was broken
  550. BUGFIX: DWARF: When it encountered certain DWARF attributes (only used by LLVM8 so far) which it couldn't handle, the DWARF plugin would stop.
  551. BUGFIX: DWARF: Don't apply TINFO_DEFINITE to __usercall prototypes
  552. BUGFIX: DWARF: Don't mark function prototypes as TINFO_DEFINITE if producer is clang <= clang-500.2.79 (it produces bogus info)
  553. BUGFIX: elf files with wrong arm attribute section could not be loaded
  554. BUGFIX: elf, ppc: fixed processing relocation R_PPC_JMP_SLOT from the dynamic table;
  555. BUGFIX: ELF: ida could hang trying to load a ppc64 elf file with unknown bits in the elf flags
  556. BUGFIX: elf: in some cases reloc R_ARM_THM_PC8 could be computed incorrectly
  557. BUGFIX: fix processoing of the R_AARCH64_ADR_GOT_PAGE/R_AARCH64_LD64_GOT_LO12_NC relocations
  558. BUGFIX: fixed a crash in some rare cases
  559. BUGFIX: fixed a potential vulnerability in davlik_debmod
  560. BUGFIX: Fixed DWARF->IDA register mappings for ARM64
  561. BUGFIX: fixed interr 50856
  562. BUGFIX: fixed interr 50902
  563. BUGFIX: fixed interr 51264
  564. BUGFIX: floating licesense build of IDA could crash on systems using the latest glibc compiled with SSE optimizations enabled
  565. BUGFIX: For processor modules that aren't capable of reporting the minEA/maxEA, IDA wouldn't show scrollbars to scroll through the disassembly.
  566. BUGFIX: gdb: ARM: IDA could fail to stop while single-stepping in Thumb mode
  567. BUGFIX: gdb: ARM: software breakpoints in Thumb mode could fail with SIGBUS signal
  568. BUGFIX: gdb: IDA could fail to start debugging a 64-bit process with error "unknown register 'rax'" if "Intel x64" wasn't explicitly set in the gdb options
  569. BUGFIX: gdb: IDA would not remember some options set in the gdb configuration dialog
  570. BUGFIX: gdb: IDA would use stepping by default for non-x86 if the options dialog wasn't used
  571. BUGFIX: gdb: start gdb connection by sending an ack for any possible packet sent by the remote side (mimic GDB)
  572. BUGFIX: GDB: the 64-bit ELF files created by IDA for snippet debugging were using incorrect layout of program header entries
  573. BUGFIX: GDB: the ELF files created by IDA for snippet debugging were missing information about BSS segments
  574. BUGFIX: gdb: the gdb debugger could misdetect some files as 64-bit for some architectures
  575. BUGFIX: GDB: the GDB plugin would not activate for big-endian ARM binaries.
  576. BUGFIX: gdb: the PacketSize feature was not being respected
  577. BUGFIX: get_import_module_name() could return true and empty module name
  578. BUGFIX: hexview: rendering, and synchronization between an IDA View & an Hex View, could be erroneous for processors with bytes that consist of more than 8 bits.
  579. BUGFIX: hexview: when a line starts by blanks (because it is the beginning of a segment, and that segment is not aligned on the same alignment of the view), the line contents could be shifted.
  580. BUGFIX: hexview: when scrolling, some lines could be duplicated if they started at an unaligned address.
  581. BUGFIX: hexview: when standing on an invalid position (i.e., BADADDR), pressing <F2> twice in a row would successfully enter edit mode (it should not).
  582. BUGFIX: IDA could crash at startup on OSX 10.8.
  583. BUGFIX: IDA could crash when editing code in the "Scripts snippets" dialog.
  584. BUGFIX: ida could crash when parsing corrupted codeview data
  585. BUGFIX: ida could crash when saving types with attributes
  586. BUGFIX: IDA could crash while in proximity view, when performing path-related operations
  587. BUGFIX: ida could die with a fatal error during sp analysis
  588. BUGFIX: IDA could fail to distinguish between ARM VCVT/VCVTR instructions.
  589. BUGFIX: IDA could fail to load some elf core files
  590. BUGFIX: IDA could fail to set a breakpoint at an address inside dyld_shared_cache
  591. BUGFIX: IDA could fail to step over ARM64 TBZ/TBNZ instructions
  592. BUGFIX: IDA could fail with interr 1263 if 2 different definitions of the same enum group were encountered
  593. BUGFIX: IDA could hang momentarily at startup when many iOS devices were connected, even if the iOS Debugger was not being used.
  594. BUGFIX: ida could hang trying to load a corrupted pe file
  595. BUGFIX: ida could hang trying to load corrupted elf file
  596. BUGFIX: ida could hang while loading corrupted macho files
  597. BUGFIX: IDA could interr 20016 on corrupted dyld_shared_cache files.
  598. BUGFIX: IDA could interr when loading pdb info for mozilla's xul.dll
  599. BUGFIX: IDA could sometimes crash at startup (or after a debugging session) when the IDA View-A is a graph.
  600. BUGFIX: IDA would display a not-so-useful error message when trying to attach to a process on iOS 10 if fetching process list failed; now user can enter a PID to attachh.
  601. BUGFIX: IDA would fail to launch on OSX case-sensitive volumes because it couldn't find the cocoa plugin.
  602. BUGFIX: IDA would fail to step over ARM BR/BLR instructions.
  603. BUGFIX: ida32 could try to load PE+ files and fail; now we explicitly advise to use ida64 for these files
  604. BUGFIX: IDA64 could accept invalid files correctly rejected by ida32
  605. BUGFIX: IDAPython: 'delay_slot_insn' was not usable
  606. BUGFIX: IDAPython: "atoa" was returning erroneous results for programs with a real segmentation.
  607. BUGFIX: IDAPython: 6.95 introduced a regression in idc.GetMarkedPos()
  608. BUGFIX: IDAPython: back/front in qvector's were not usable.
  609. BUGFIX: IDAPython: don't rely on internal qcp.sh tool for building on OSX.
  610. BUGFIX: IDAPython: FindImmediate() was broken and could not be called
  611. BUGFIX: IDAPython: hexrays callbacks could not handle the 'hxe_create_hint' notification
  612. BUGFIX: IDAPython: IDA could crash at exit-time when no IDB was opened, and a timer fires right during the closing sequence.
  613. BUGFIX: IDAPython: IDA could crash if a simplecustviewer_t subclass closed itself by reacting to the "Escape" key.
  614. BUGFIX: IDAPython: ida_idaapi.require() would set a binding to the imported module as attribute on the importing module's globals(), only if no the imported module was not already present (and possibly require()d by another module.)
  615. BUGFIX: IDAPython: ida_ua.get_dtyp_by_size() would return a python 'str', incompatible with the 'dt_*' enumeration.
  616. BUGFIX: IDAPython: ida_ua.get_operand_immvals() wasn't functional
  617. BUGFIX: IDAPython: idc.ExtLinA() & idc.ExtLinB() were broken
  618. BUGFIX: IDAPython: idc.GetMarkedPos() & idc.GetMarkComment() couldn't be called with '-1' to prompt for the position
  619. BUGFIX: IDAPython: idc.GetStringType() could return something other than None for locations that have offsets (but no strings.)
  620. BUGFIX: IDAPython: netnode.get_name() was broken
  621. BUGFIX: IDAPython: simplecustviewer_t::AddLine wouldn't apply the fg/bg colors unless they were provided as long
  622. BUGFIX: IDAPython: simplecustviewer_t::RefreshCurrent() was not refreshing the view
  623. BUGFIX: IDAPython: some SDK functions could cause IDA to crash if NULL pointers were passed (through 'None'.)
  624. BUGFIX: IDAPython: the makefile was unconditionally trying to build the hexrays module, even when no '--with-hexrays' was specified to build.py
  625. BUGFIX: IDAPython: using ida_graph.GraphViewer with 'close_open=True' would cause an error because '_ida_kernwin' wasn't imported.
  626. BUGFIX: IDAPython: was not exposing ida_bytes.update_hidden_area() anymore (on which idc.SetHiddenArea relies)
  627. BUGFIX: idaq64: IDC's SetCharPrm(INF_TRIBYTE_ORDER, ...) was not working.
  628. BUGFIX: idc expression "GetLocalTinfo(-1)" would cause interr 952
  629. BUGFIX: idc: %f format specifier was not honoring the width and precision
  630. BUGFIX: idc: ida could crash when adding a struct member which is a pointer to the struct itself
  631. BUGFIX: if the same enum member was present in different tils but it had different values, it was not always possible to select it
  632. BUGFIX: in rare cases IDA could crash during rebasing
  633. BUGFIX: in the "Structures" view, allow changing the type of an array of elements, if that type can fit in the size of the array
  634. BUGFIX: installer: installation on a Windows machine without installed Python would fail to install Python
  635. BUGFIX: iOS Debugger could fail to retrieve the remote process list in some cases
  636. BUGFIX: iOS debugger could produce incomplete stack traces when the process was stopped in the epilogue of a function
  637. BUGFIX: iOS debugger would demand a remote hostname, even when AUTOLAUNCH was enabled in dbg_ios.cfg
  638. BUGFIX: iOS debugger would fail to step after attaching to a process that needed to be rebased.
  639. BUGFIX: It was impossible to change the font for the 'Execute script' window
  640. BUGFIX: kernel: search_* functions were not honoring the SEARCH_NOSHOW flag
  641. BUGFIX: Launching remote debug sessions could fail at the second attempt (and later ones) in case the 'Directory' where to start the application didn't exist
  642. BUGFIX: Launching remote debug sessions could fail at the second attempt (and later ones) in case the file was not initially present on the remote host & IDA had to push it there
  643. BUGFIX: Launching remote debug sessions could fail at the second attempt (and later ones) in case the file was not present in the specified location, but found in the debug server's directory.
  644. BUGFIX: load_plugin(<name>) could fail to load a plugin from an alternate plugin directory
  645. BUGFIX: loading of some PE+ files was taking too long time
  646. BUGFIX: mach-o: fixed incorrect handling of ARM64_RELOC_PAGEOFF12 and ARM64_RELOC_PAGE21
  647. BUGFIX: MACHO: analysis of dyld_shared_cache files could fail due to miscalculated dyld slide values
  648. BUGFIX: MACHO: classic relocations could be applied incorrectly for x86_64 MH_BUNDLE files
  649. BUGFIX: MACHO: corrupted macho-o files could hang ida
  650. BUGFIX: MACHO: dyld pcrel32 relocations were applied incorrectly in some cases
  651. BUGFIX: MACHO: IDA could crash on bad data in dyld export info
  652. BUGFIX: macho: IDA could hang on corrupted bind info
  653. BUGFIX: macho: ida could loop endlessly when loading corrupted files
  654. BUGFIX: MACHO: objc class structure could be reconstructed incorrectly
  655. BUGFIX: MACHO: stubs for weak imports could be incorrectly converted to infinite loops
  656. BUGFIX: move_segm() would not move a segment into a free area under debugger in some cases
  657. BUGFIX: moving the vertical scrollbar's thumb in Hex-Rays (or source-level debugging) views, could cause the view to jump to unexpected locations.
  658. BUGFIX: moving the vertical scrollbar's thumb to the very bottom in Hex-Rays (or source-level debugging) views, could fail to show the last line of code.
  659. BUGFIX: nec v850: IDA could generate wrong xrefs for some of reg+N operands
  660. BUGFIX: noType() on an instruction operand, could remove the 'sign' or 'bitwise-negation' representation of the other operand in the process.
  661. BUGFIX: objc parser would not decode long types properly.
  662. BUGFIX: OBJC: objc parser did not handle anonymous structures properly.
  663. BUGFIX: OMF: corrupted omf file could lead to interr 20066
  664. BUGFIX: on Linux, the installer would unpack most of the precompiled Python runtime, even when asked not to
  665. BUGFIX: On Windows, "File > Produce file > Create XXX file" would fail to add the extension to a file name that is entered without it.
  666. BUGFIX: Opening a stack frame and programmatically changing the function stack's extents, would not update the scroller of the view nor allow jumping to the new beginning/endings of the stack frame
  667. BUGFIX: Opening decompilation for small functions whose body fits in the view, could cause the first few lines to not be shown until manually scrolled to.
  668. BUGFIX: PC: some invalid VEX/EVEX/XOP instructions would be decoded as if they were valid
  669. BUGFIX: PC: some XOP instructions could be incorrectly decoded in 32-bit mode
  670. BUGFIX: pc: SP analysis could fail in functions with basic blocks unreachable from entry point such as exception handlers.
  671. BUGFIX: PC: the crc32 instruction could be incorrectly decoded in 64-bit mode
  672. BUGFIX: PC: the rdmsr and wrmsr instructions were decoded by "Intel Pentium real with MMX" (they're only available in protected mode)
  673. BUGFIX: PCF: the "skip unknown relocations" option was being ignored
  674. BUGFIX: PDB: Could cause IDA to crash on some files.
  675. BUGFIX: PDB: in some situations IDA did not release PDB symbols after debugging sessions
  676. BUGFIX: PDB: the remote win32 server could crash when closing connections while opening pdb files
  677. BUGFIX: PE: fixed endless loop when analyzing SEH handlers
  678. BUGFIX: PE: IDA would ask about loading segments twice in manual loading mode
  679. BUGFIX: ppc: a conversion of the pair of immediates value to the dword which is displayed as a comment did not work after the initial phase of the analysis;
  680. BUGFIX: ppc: incorrect call of add_dref occurred when emulating an indexed access to an array;
  681. BUGFIX: ppc: restored displaying a comment for xrefs from the current instruction as it was done in IDA 6.9
  682. BUGFIX: ppc: segments registers incorrectly converted from v.6.8 (from v.6.9 everything is OK);
  683. BUGFIX: PPC: some instructions were incorrectly disassembled (r0 should be treated as zero instead of a register)
  684. BUGFIX: ppc: the referencing address (from) in the call of add_dref should be a head
  685. BUGFIX: Pressing left or right while in Pseudocode view and auto-analysis was not finished, could eat the key and not move the cursor.
  686. BUGFIX: Pressing Shift+Up/Down while at a listing boundary, wouldn't move the cursor's X position to the beginning or end of the line (for start & end of listings, respectively, allowing selection of text to comfortably reach the beginning or end of the view.)
  687. BUGFIX: Proximity: collapsing children of nodes that are part of a 'path' could cause IDA to INTERR
  688. BUGFIX: SDK: arm.hpp was attempting to include non-existent files
  689. BUGFIX: set_member_type() was not checking for recursive struct nesting and could crash
  690. BUGFIX: setting a struct member type as an array without explicit size (like int[]) would set the member size to be zero; this is not what we usually want
  691. BUGFIX: source debugging: the line number printed in the status bar was off by 1 from the number printed in the leftmost column
  692. BUGFIX: source debugging: the status bar would show the file offset, but not the current address
  693. BUGFIX: stack tracing was broken for x86_64
  694. BUGFIX: the decompiler would not take into account wide user-specified variables and would create additional variables that would overlap with them
  695. BUGFIX: the PDB plugin could cause internal error if called with invalid data (now it only results in a non-fatal warning)
  696. BUGFIX: the presence of the decompiler plugin on the disk without a license in ida.key would lead to error
  697. BUGFIX: the SNES loader could interfere and cause IDA to exit on very large files (> 2GB)
  698. BUGFIX: TMS32028: fixed the plain binary file loading, the bytes in the word were swapped
  699. BUGFIX: TMS320C28x: added decoding for 'CLRC/SETC CNF' instructions
  700. BUGFIX: TMS320C28x: instruction 'MPY ACC,loc16,#16bit' was wrongly decoded
  701. BUGFIX: TMS320C3: graph view could be wrong
  702. BUGFIX: TMS320C3: instructions LDI||LDI and LDF||LDF were incorrectly decoded
  703. BUGFIX: tms320c6: branch detection for bnop instructions was flawed
  704. BUGFIX: Toggling fullscreen (F11) in a disassembly view and back, could result in IDA not realizing that the number of displayed lines became smaller and make the cursor invisible.
  705. BUGFIX: type information propagation from unnamed array function parameters would result in incorrectly named data
  706. BUGFIX: ui/qt: "Jump in new hex window" wouldn't jump to the right address
  707. BUGFIX: ui/qt: deleting a script snippet would mark the one that gets selected afterwards as 'modified'
  708. BUGFIX: ui/qt: IDA could leave F11-style fullscreen while navigating around and/or performing other actions.
  709. BUGFIX: ui/qt: If IDA encountered an error at startup, it might not have had time to create the taskbar icon yet, sometimes leaving that error/warning dialog hard to reach.
  710. BUGFIX: ui/qt: on Windows or OSX when a screen reader is used (e.g., JAWS or VoiceOver), the IDA View-A will automatically switch to flat listing since graph views are not accessible
  711. BUGFIX: ui/qt: Using special mouse buttons 4 & 5 to move forward & backward in history, would change the cursor coordinates
  712. BUGFIX: UI: IDA could lose the preferences for synchronization between views (and possibly registers, in case of debugging.)
  713. BUGFIX: UI: On Windows, the "Load a new file" dialog wouldn't create a taskbar entry, meaning it could be hard to find it on the desktop if another window showed up in front
  714. BUGFIX: UI: re-enabled building graph of code and data xrefs to current address
  715. BUGFIX: UI: Renaming an unsaved script snippet could lose its contents
  716. BUGFIX: UI: The 'Default CLI' wouldn't be applied if IDA opened w/o a database.
  717. BUGFIX: ui: the "Functions window" could spend too much time refreshing the list of function names, even when no functions were modified
  718. BUGFIX: UI: the "Segment registers" view had fixed minimum size, meaning it was impossible to resize other tabs in case it was opened in a tabbed view.
  719. BUGFIX: Using enums (or names) in IDC snippets could lead to a compilation error, while it would work if the same code was run from an .idc file.
  720. BUGFIX: Using the "Shortcuts" editor to save a shortcut such as '\', will cause IDA to complain at next startup
  721. BUGFIX: decompiler: a pair of push/pop instructions could be annihilated even if there was a direct access (e.g. via 'mov [sp], ...' instruction) to the corresponding stack slot
  722. BUGFIX: decompiler: a truncating cast of argument of abs() could be erroneously deleted
  723. BUGFIX: decompiler: arm: fixed interr 50766
  724. BUGFIX: decompiler: arm: incorrect translation of instructions sxtb, sxth, sxtab, sxtah, sxtw, uxtw, uxtb, uxth, uxtab, uxtah (wrong operand size)
  725. BUGFIX: decompiler: changing of a global variable type did not initiate re-decompilation of some functions depending on the type
  726. BUGFIX: decompiler: combining low/high ldx instructions could lead to wrong microcode in some cases for big endian processors
  727. BUGFIX: decompiler: could display &data instead of plain integer in some cases
  728. BUGFIX: decompiler: decompiler could fail with interr 51483 on corrupted idbs
  729. BUGFIX: decompiler: division by zero could be erroneously produced in some cases
  730. BUGFIX: decompiler: fixed incorrect printing of low part of 128bit value when high part is not zero
  731. BUGFIX: decompiler: fixed interr 50873
  732. BUGFIX: decompiler: fix interr 50766 in case of bad switch information (conver it to a non-fatal error message)
  733. BUGFIX: decompiler: fixed interr 50288
  734. BUGFIX: decompiler: fixed interr 50348
  735. BUGFIX: decompiler: fixed interr 50498
  736. BUGFIX: decompiler: fixed interr 50498
  737. BUGFIX: decompiler: fixed interr 50586
  738. BUGFIX: decompiler: fixed interr 50707
  739. BUGFIX: decompiler: fixed interr 50710
  740. BUGFIX: decompiler: fixed interr 50778
  741. BUGFIX: decompiler: fixed interr 50815
  742. BUGFIX: decompiler: fixed interr 50831
  743. BUGFIX: decompiler: fixed interr 50836
  744. BUGFIX: decompiler: fixed interr 50836 (hexppc)
  745. BUGFIX: decompiler: fixed interr 50854
  746. BUGFIX: decompiler: fixed interr 50854
  747. BUGFIX: decompiler: fixed interr 50873
  748. BUGFIX: decompiler: fixed interr 50920
  749. BUGFIX: decompiler: fixed interr 51091
  750. BUGFIX: decompiler: fixed interr 51292
  751. BUGFIX: decompiler: fixed interr 51549
  752. BUGFIX: decompiler: fixed interrs 50831, 50836
  753. BUGFIX: decompiler: in 64-bit mode, all segment registers except fs/gs always map to zero
  754. BUGFIX: decompiler: in some cases 64bit addition rule could produce incorrect results
  755. BUGFIX: decompiler: in some cases 64bit multiplication by 2 could be transformed into incorrect expression
  756. BUGFIX: decompiler: in some cases decompiler could produce pointer subtract expressions with swapped operands (y-x instead of x-y)
  757. BUGFIX: decompiler: in some cases magic 'mod' operation could be recognized incorrectly (truncated constant divisor)
  758. BUGFIX: decompiler: in some cases x86 FPU registers could be handled incorrectly
  759. BUGFIX: decompiler: necessary casts to int128 would be missing from the output
  760. BUGFIX: decompiler: patching a function byte would not mark the function as requiring a new decompilation output
  761. BUGFIX: decompiler: ppc: 'bclrl' used for indirect calls would not be decompiled
  762. BUGFIX: decompiler: removed incorrect optimization rule (low == 0 || high == 0) --> (full == 0)
  763. BUGFIX: decompiler: some registers were incorrectly translated into scattered arglocs on Big Endian platforms
  764. BUGFIX: decompiler: swapped arguments for intrinsic 'atan2', fixed target for intrinsics '__FPREM__', '__FPREM1__'
  765. BUGFIX: decompiler: the conversion of the floating constant from the bits should ignore the endianness, it was accounted already
  766. BUGFIX: decompiler: try sign-extended value if zero-extended value does not correspond to any enum member but the user asked to use the enum
  767. BUGFIX: decompiler: use/def chains could not calculated incorrectly in some rare cases
  768. BUGFIX: decompiler:hexppc: fixed the decoding of the se_btsti (VLE) insn
  769. BUGFIX: version info in idaq for windows was stored incorrectly
  770. BUGFIX: when debugging, toggling breakpoints could become impossible if the last closed widget was a hex view or stack view.
  771. BUGFIX: When evaluating low-level conditions, the debugger module could fail reporting some events
  772. BUGFIX: When no enumerations were present in the "Enums" view, pressing 'PageDown' would result in the comment being duplicated.
  773. BUGFIX: windbg: some registers (typically ST0) could lose their value after stepping
  774. BUGFIX: WinDbg: when run under text IDA (idaw.exe), console processes could share the same stdout as idaw.exe itself, causing a possible deadlock any time a debug event happens
  775. BUGFIX:ui: OSX: idaq64 would always launch idaq if a file was dragged onto the dock icon
Advertisement
RAW Paste Data Copied
Advertisement