XEXLoaderWV
XEXLoaderWV copied to clipboard
zeroKilo
The loadpdb functionality is somewhat broken
The load pdb functionality does not load datatypes or the function names properly for the .xex executable.
Apologies for not uploading any images. In the example below you could see that the parameter is undefined, and the names of the functions contain ??@UAAXZ etc
This is the example of a struct from the same pdb file loaded in IDA.
Here also data structure/type info should be present. Also the names of "PTR_Function_.... should be available.
ok I will take a look, this can take a while, pls be patient or find me on discord if you wanna chat in the meantime. greetz
about demangling, I found this, maybe it solves the mangled name problem already:
https://github.com/NationalSecurityAgency/ghidra/issues/1103
PDB support for types is coming, but dont expect too much, documentation for both PDBs and Ghidra are very hard to come by
Understandable. Hopefully you manage to make it with the types. It's pretty tricky because you have to represent CPP classes as C-Structs with v-tables
result: https://github.com/zeroKilo/XEXLoaderWV/commit/754cca3daf48c5bdc61cfff88734d660561b10a0
well I dont have more time to spend on this, that commit and current release are as good as it gets:
- there is now an option to load a pdb in general, it will open a dialog where you can choose between ghidras builtin parser and m$'s DIA parser (essentially using pdb.exe to produce a xml and parse that)
- theres also an option to use my experimental loader (ignoring the choice in the dialog), which is not complete, but im happy to take in outside help :)
essentially my code can read pretty much every typerecord from the pdb, but the code to apply/import it into ghidra is as best a hack of mine, it needs serious improvement, starting here: https://github.com/zeroKilo/XEXLoaderWV/blob/master/XEXLoaderWV/src/main/java/xexloaderwv/TPIStream.java#L141
greetz
