Thread: Research: Asm-scanner
View Single Post
Old July 26th, 2010 (9:37 AM).
knizz's Avatar
knizz knizz is offline
Join Date: Aug 2007
Posts: 192
Originally Posted by HackMew View Post
Well, the non-ASM code in the picture is actually more confusing to read than pure ASM code from my point of view...

All those "+00" could be easily skipped to remove unuseful complexity, for example. Pointer dereferencing is not a very good idea as well. Oh, and brackets could help too.
Atm that's true. The +00 are there because I use string templates instead of operation-trees. To solve that I'll add a flag to each register to indicate that this value is static and can be calculated without emulating. But to do that I'll have to reimplement all opcodes.

And the brackets are missing for the same reason. Because I save the add-instruction like this: "1+2". The numbers are substituted by the strings from previous instructions or with the register names. For this problem I'll make a operator-priority list. The other way would be to make the patterns like "(1)+(2)" but that would be a mess. (*((((4)+(35))*(((4)-(3))+(4))/(4)))... no thanks.
Firered IDA 6.6 DB:
VBA-M with lua scripting support
Reply With Quote