Just upgraded to the latest version, went from 1.1 to 1.6. The improvements are very subtle at best. About 1-2% reduced decompiled code size, simplified some trivial shit, but the output is basically the same. Can't recommend. It would probably get rid of OP's while ( 1 )s, but that's hardly an improvement (I don't know why you people throw a fit over that, the exit conditions are perfectly clear, there's exactly one if (cond) break; per nesting level.) It still doesn't do C++ well at all.
Name:
Anonymous2011-11-10 18:28
WHO THE FUCK NESTS WHILE(1) LOOPS
Name:
Anonymous2011-11-10 19:01
>>6 Horrible decompiler. It would be easier to understand the asm.
But it's easy to maker errors translating code manually!
Name:
Anonymous2011-11-10 19:05
>>9 ITT /prog/ solves NP-complete problems for breakfast, producing a perfect automated decompiler.
That crap works only on simple compiler produced code. It wont decompile handwritten assembly, Lisp fasls or Forth code.
>>15
They don't analyze the stack since the majority of the code doesn't use it to its full power.
Name:
Anonymous2011-11-10 20:29
>>19
Good code doesnt use stack. It uses generational garbage collector.
Name:
Anonymous2011-11-10 21:06
Good code doesnt use stack.
Thus, Forth was never good code.
Name:
Anonymous2011-11-10 22:39
>>21
Forth cant do continuations and all control constructs look uglier than a retarded jew. Kinda brainfuck.
Name:
Anonymous2011-11-11 1:02
Here is a manually disassembled version. Note the obsence of memcpy (which were erroneously supplied by decompiler)
static int decodeLZ(u1 *Dst, u1 *Src) {
u4 A=0, B=0, C=0, D=0;
u1 *P, *O = Dst;
for (AL = *Src++; AL != 0xFF; AL = *Src++) {
if (!(AL&0x80)) {
DL = AL;
AL = *Src++;
AH = AL;
AL &= 0x18;
if (AL) {
AL >>= 3;
for (CL=AL; CL; CL--) *Dst++ = *Src++;
}
CL = (AH&7)+3; //backref len
AL = AH;
P = Dst - (((AX<<2)&0x380)|DL) - 1; //backref off
for (; CL; CL--) *Dst++ = *P++;
} else if (!(AL&0x40)) {
DL = AL;
AL = *Src++;
AH = AL;
AL = *Src++;
DH = AL;
AL &= 3;
for (CL=AL; CL; CL--) *Dst++ = *Src++;
CL = (AH&0x1F)+3;
DH = (DH>>1)&0x7E;
DL = 0x3F;
AL = AH;
P = Dst - (((AX<<1)&0x1C0)|DX) - 1;
for (; CL; CL--) *Dst++ = *P++;
} else if (!(AL&0x30)) {
CL = ((AL&0xF)+1)<<2;
for (; CL; CL--) *Dst++ = *P++;
} else {
for (CL=AL&0xF; CL; CL--) *Dst++ = *Src++;
}
}
>>15
char byte_curbits;
short word_maxvalue;
short word_dicreset;
short word_incbits;
unsigned short *dword_buff2;
char *dword_buff3;
char *dword_buff4;
unsigned int dword_427B51;
char byte_427B4C;
unsigned short word_nextcode;
int dword_427B4D;
short word_427ABE;
short word_427AC2;
short word_427AC0;
char *dword_stack;
int dword_usize;
int dword_psize;
int dword_outbf;
int dword_input;
unsigned short dword_buff2_b[0x4680];
char dword_buff3_b[0x4680];
char dword_buff4_b[0xFA0];
>>31
It's currently not public but we have plans to release it as open-source/public domain sometime in the future.
It is a part of a larger system/analysis framework, intended to replace IDA. IDA is certainly not the greatest, being too windows/x86-centric and closed-source, making use of proprietary formats.
>>37
You're very ambitious, considering that IDA took 20 years to develop into it's current state, while the best crackers contributed to it's development. Good luck.
>>40
Considering that IDA took 20 years to accrue mostly frivolous features (OVER 20 TOOLBARS!!!111), I'd say we're not too ambitious. IDA's control flow analyser is still tripped up by the simplest of irregular-looking code, especially those dealing with the stack. It's been 20 years and they still have not powerful simulation facility.
Loading custom file formats in IDA is horrible. We have to slice and create the memory image outside of it, while our analysis system supports loadmaps (CSV format). This is another point of advantage - all analysis information in our system is stored in relational format, making it easy to manage using databases and easy to interoperate. The small parts that aren't in relational format (e.g. instruction semantics) are XML. I guess IDA was deliberately designed to be difficult to extend in ways the authors did not intend it to be, while our system was designed from the beginning to be extensible and very flexible.
If you want to add a new CPU or just instructions to existing one, with IDA you need to compile a new DLL with their horrifically underdocumented SDK and write your own disassembler, etc. With our system, adding an instruction is little more than adding rows to the disassembler table and semantics to an XML file, all (relatively) human-readable. This is how we do VN script disassembly too.
I also love how they comment every line:
chkmsg: MACRO
lea OnlyPort_(BP),A3 ;my port's on my base page, easy, quick.
lea MP_MSGLIST(A3),A3 ;TOP of list
cmp.l 8(A3),A3 ;super qwick, NASTY check for msg
bne.s stopblitting ;gotta msg, dont doablit
endm
movem.l d0-d7/a0-a2,-(sp)
move.l a3,-(sp)
lea OnlyPort_(BP),A3 ;my port's on my base page, easy, quick.
lea MP_MSGLIST(A3),A3 ;TOP of list
cmp.l 8(A3),A3 ;super qwick, NASTY check for msg
moveM.l (sp)+,a3 ;no flag effect with move*M*
beq.s fullblit ;no msg, do all 6 bitplanes
xref PasteRastPort_
lea PasteRastPort_(BP),A0 ;rastport for flooding (singlebitplane)
;move.b #%00000001,d7 ;bitplane mask bottom 4
moveq #%001,d7 ;bitplane mask bottom 4
move.b #$60,d6 ;flip destination based on mask
CALLIB Graphics,ClipBlit ;mask->screen, then check
xref FlagSingleBit_
st FlagSingleBit_(BP) ;only need undo of single bitplane
bra.s stopblitting ;gotta msg, dont doablit
Name:
Anonymous2013-03-20 20:21
>>40 while the best crackers contributed to it's development.
Dass right. None dem niggas done did nuffin. Jus da crackas.