Topic created on: May 16, 2008 20:26 CDT by
cmiller 
.
I have an IDA Pro plugin that iterates through all the functions and does something to each. Sometimes this "something" causes something bad to happen, such as reading from address zero. At this point the plugin just stops. I'd like it to continue because it works for MOST functions. Is there such a thing as a try/catch or something in the in the IDA API or in IDC?
who reads zero-pointer? your code? IDA-Pro? passing incorrect args to an external function is a good way to get an access violation - if IDA-Pro uses her own handlers, she stops your plug-in or... just mystically disappears leaving the database open. this happens quite often, especially with console version. if an exception occurs in your code, well, use try/catch, or check pointers before using them.
IDC is C-like lang. no way to use try/catch over there, and there is a problem. for example: fprintf(f,"%s",0); Message("ok, done\n"); doesn't produce error or raise any exception; IDA doesn't even stop the IDC-script and we see "ok, done", but there is no way to execute fprintf(f,"%s",0). IDA-Pro just forces fprintf() to return error and continue executing the script. btw, IDC-functions don't work with memory directly, so in common case they don't generate exceptions, however, there're undocumented _peek() and _poke() functions working with a real memory (not virtual IDA one), so this is easy to blow IDA up, using them as well as set up your own SEH-handler (very ugly hack!!!).
|
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}