Flag: Tornado! Hurricane!

 Forums >>  IDA Pro  >>  Retreiving function parameter names and types

Topic created on: October 21, 2011 19:17 CDT by luckiejacky .

Hello guys,
[IDA SDK]
When I have a function pointer, how can I get the full function name with argument types?
Thanks

  prot0man   March 5, 2012 19:39.03 CST
This question doesn't make much sense. Do you mean an effective address for the function? You can get the function name using the effective address (EA) by using the GetFunctionName function in idc.py. Figuring out the argument types of a function is not an easy task, but what you might try doing is iterating each instruction in the function from function start to end looking for mov/lea instructions that index ebp as the second operand (e.g. mov eax, [ebp+c]). So iterate all instructions looking for the highest ebp index and then divide it by 4 to get the number of arguments that are used in a function.

To figure out the actual types of the arguments, you'll have to make inferences about how those arguments are used. If you find an easier way to do this, definitely let me know. I've been wondering if you can access attributes in the decompiled version of a given function (then all you could at least more easily use what IDA is telling you what type a function argument is), but i've not seen any example code that invoked the decompiler on a given effective address or anything like that.

Note: Registration is required to post to the forums.

There are 30,781 total registered users.


Recently Created Topics
How can I write olly...
Oct/05
Career: Malware Reve...
Sep/30
How to produce separ...
Sep/20
How to decompile a f...
Sep/16
How to trap mouse cl...
Sep/03
Intel pin in loaded ...
Jun/27
Going to do today wi...
Jun/27
how to create delphi...
Jun/27
enabling menu in a s...
Jun/18
How to get the Image...
Jun/17


Recent Forum Posts
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack
looking for a softwa...
raxen
Documenting reversed...
raxen
.orpc section what's...
mbin


Recent Blog Entries
hasherezade
Sep/24
IAT Patcher - new tool for ...

oleavr
Aug/27
CryptoShark: code tracer ba...

oleavr
Jun/25
Build a debugger in 5 minutes

oleavr
Apr/17
frida.re 1.2.0 is out, with...

gareebnavas
Jan/21
Android Malware Analysis

More ...


Recent Blog Comments
pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

newlulu on:
Jun/10
Branch tracing and LBR acce...

newlulu on:
Jun/10
Advanced debugging techniques

newlulu on:
Jun/10
2 anti-trace mechanisms spe...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit