IDR
IDR copied to clipboard
crypto2011
Bug in InfoProcInfo::AddArg
In file Infos.cpp, function InfoProcInfo::AddArg(BYTE Tag, int Ofs, int Size, String Name, String TypeDef) does not initialize argInfo->Register - seems like a bug ?
It's not a bug, because this record field (ARGINFO.Register) initialized in file Misc.cpp, function void __fastcall FillArgInfo(int k, BYTE callkind, PARGINFO argInfo, BYTE** p, int* s).
This is strange - because if I remove argInfo->Register = false; from InfoProcInfo::AddArg then this field takes different non-zero values every time I load an executable and then save the project.
As You mentioned, because argInfo->Register not initialized in InfoProcInfo::AddArg, so it becomes random field. But this field takes the value in function FillArgInfo. But You are right, I need to initialize argInfo->Register.
Okay, I will be more precise then. If you look at function TAnalyzeThread::FindPrototypes, you will see the following piece of code
ARGINFO argInfo; p = pInfo->Args; int ss = 8;
for (k = 0; k < pInfo->ArgsNum; k++)
{
FillArgInfo(k, callKind, &argInfo, &p, &ss);
recN->procInfo->AddArg(&argInfo);
}
near the row 1750. If you look carefully - you will notice that FillArgInfo sets argInfo->Register properly, but then InfoProcInfo::AddArg(PARGINFO aInfo) does not care about aInfo->Register.
By the way - just for your information, no offense please - writing You with capital letter is unusual and weird for native English speakers. For Russian and Bulgarian this is a polite form - but not for English people (see http://english.stackexchange.com/questions/30185/you-versus-you-as-polite-form-of-writing). This was out of the scope, so please forgive me :)
I noticed something else. In function TFMain::StrapProc, when argInfo.Name is "MapToRunError" then variable locflags is 11 and argInfo.Register is True. But this can not be true, since MapToRunError is marked as using stdcall.