.Hi, I have been disassembling a MIPS program I pulled off a linux router. IDA Pro disassembles a lot of it correctly; however there are a couple of problems. One of the problems I�ve been fixing by hand, but it�s going to take a long time, and I thought I might try and write a IDC script to fix it for me. So if anyone could provide me with a sample solution, or just some hints, that would be great.
So the code looks like this:
.text:0040985C lw $a0, (base_420000 - 0x100087D0)($gp)
.text:00409860 nop
.text:00409864 addiu $a0, 0x8414
.text:00409868 lw $a1, (base_420000 - 0x100087D0)($gp)
.text:0040986C nop
.text:00409870 addiu $a1, 0x8468
.text:00409874 lw $t9, (nvram_set_ptr - 0x100087D0)($gp)
.text:00409878 nop
.text:0040987C jalr $t9
The problem is line 00409864, and 00409870. I want to know what $a0 and $a1 are set to. Now the location base_420000 is always set to 0x420000, and then the 0x8414 and 0x8468 are offset from this base. Both $a0 and $a1 eventually point to strings at the locations 0x428414 and 0x428468. So what I�ve been doing is going through the code and commenting every time base_42... is loaded and then added to, finding that location in the file, then placing a comment on the addiu line to say which string/int it has loaded.
I basically want a script which can do this for me manually. I could easily write a script in another language which parsed the ASM code, but I want to keep this inside IDA so I can maintain the interactive features.
I�d be grateful if anyone could help.
Thanks
Andrew
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}