Query on IDA appcall

[Briti Sundar Mondal]

Hi,

How can I use Appcall features to call a function which receives “stuct type” as an argument.

Here is my example code, where my function receives two “int” value.

from idaapi import *

test = Appcall.proto("sub_B31000", " int func(int , int);")

val = test( 10,20 )

print "%d.."%val

But what I have to do, if I want to pass struct.

My target function prototype is: char* myfun (struct *t);

Where struct is

struct client {

  int id;

  char name[20];

};

I would be very grateful to you, if you can provide me a solution of this problem.

Thank you,

[Elias Bachaalany]

Please check the appcall PDF manual on the hex-rays site. AFAIR, it shows an example of that.

--
You received this message because you are subscribed to the Google Groups "idapython" group.
To unsubscribe from this group and stop receiving emails from it, send an email to idapython+...@googlegroups.com.
To post to this group, send email to idap...@googlegroups.com.
Visit this group at http://groups.google.com/group/idapython.
For more options, visit https://groups.google.com/d/optout.

[Briti Sundar Mondal]

Hi,

I saw the example. But I am little bit confused about their implementation. When I am putting struct in parameter type like: Appcall.proto("sub_B31000", " int func(struct , int);")

then I was having below error: 

"variable not is an idc object"

I am not sure what wrong I am doing. 

Waiting for your valuable feedback. Thank you.

[Elias Bachaalany]

I think you have to pass by reference. Make sure you try “struct *” …is “struct” your structure name by the way?

—

Elias

[Briti Sundar Mondal]

Hi Elias,

 

According to that documentation, I wrote the example given below.  

       

auto test;
 test = object(); // Create an empty object
 test.id = 77;
 test.name = "test";
 
 auto p = LocByName("sub_81000");
 auto ret = Appcall(p, "char* fun(struct *)",&test);
 Message("after the call=%s\n", ret);

My structure name is : client

struct client {

  int id;

  char name[20];

};

Again I am having the same error. Please, can you look into it and give me way out from here.

Thank you.

[Elias Bachaalany]

Hi,

As we said, “struct*” in the prototype is incorrect. The function’s real prototype is “char *fun(client *)” ….

—

Elias

[Briti Sundar Mondal]

Hi,

By replacing struct * with client *, I am having the same error :(

auto ret = Appcall(p, "char* fun(client *)",&test);

--
You received this message because you are subscribed to a topic in the Google Groups "idapython" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/idapython/sfIAHzbbl3Y/unsubscribe.
To unsubscribe from this group and all its topics, send an email to idapython+...@googlegroups.com.

To post to this group, send email to idap...@googlegroups.com.
Visit this group at http://groups.google.com/group/idapython.
For more options, visit https://groups.google.com/d/optout.

--

Briti Sundar Mondal

Masters Student

Concordia Institute of Information Systems Engineering 

Concordia University, Montreal

Quebec, Canada