IDA 6.7
Highlights
A lot of work was done on the UI internals to improve the speed and responsiveness, and reduce unnecessary screen redrawing
UI: no more resetting to the default desktop layout when moving your IDB to another PC/monitor - the saved layout is scaled to fit the new resolution
SDK/UI: new set of functions for dealing with user-provided actions
[un]register_action
[at|de]tach_action_[to|from]_menu
attach_action_to_custom_viewer_popup
attach_action_to_output_popup
[at|de]tach_action_[to|from]_toolbar
All of them are also available in IDAPython
DWARF: much improved support for DWARF4, and added support for DWZ (compressed DWARF) files
MIPS: support for microMIPS, DSP extensions and Cavium Octeon II instructions
PIN and Dalvik debuggers were improved considerably to be faster, more robust and easier to use
Position-independent build of ARM Android remote debugger server (required for Android Lollipop)
UEFI type libraries and TE (Terse Executable) file format support
Many vulnerabilities fixed thanks to the submissions to our bug bounty program
Complete changelist
Processor Modules
6809: added support for data page segment register (DP)
ARM: detect several additional variations of the __rt_switch8 helper in binaries produced by the ARM compiler (armcc)
ARM: improve no-ret analysis for calls performed using BX and BLX instructions
Dalvik: 'T' can be used to apply structure offsets to odex "quick" instruction operands
Dalvik: decode return-void-barrier (opcode 0xf1) instruction
f2mc: Added PCB to the list of segment registers
m740: added I/O port definitions for m3804x
Mach-O: add init pointers as entrypoints (similar to PE's TLS callbacks)
Mach-O: improve the loader to handle unusual and deliberately modified files
Mach-O: use the LC_MAIN command, if present, to determine the program entrypoint
MIPS: added support for Cavium Octeon II instructions
MIPS: added DSP ASE support
MIPS: added MSA ASE support
MIPS: added microMIPS instruction set support
MIPS: provide auto-comment for floating point and dword-sized stack args
MIPS: resolve gp-relative references on N64 ABI
MIPS: simplify some instruction sequences to dla/dli on N32/N64 ABIs
MIPS: Support for R_MIPS_TLS_TPREL relocations
PC/PE/kernel: define entrypoint prototype for UEFI files NB: DXE entrypoint is used for all UEFI files, since it's impossible to distingish PEI and DXE files by the header flags
PC: decode FMA4 instructions
PC: handle switches produced by the Sun C compiler
PC: improve recognition of GCC switches in non-PIC x64 binaries
PC: improve switch analysis (again)
PC: improved frame analysis (some 'lea ebp' insns were recognized as part of prolog while they were not)
PC: improved prolog recognition
PE: handle unwind info version 2 in x64 .pdata sections
PE: support ARM64 files
PE: when applying relocations, mark relocations which apply to code as such (improves autoanalysis)
PPC: PPC_TOC, PPC_SDA_BASE, PPC_MMIO_BASE can now be set from IDC scripts
PPC: support for SPE 2.0 instructions
Tricore: apply mapping to offsets recognized in standard instruction sequences
File Formats
IDA automatically uses sparse storage for uninitialized segments
ELF: add support for R_MIPS_64 reloc
ELF: DT_MIPS_LOCAL_GOTNO-declared relocations in MIPS shared libraries will now be properly handled on rebasing/segment move
ELF: handle x86/x64 files with bogus EI_CLASS and EI_DATA values (these fields are ignored by Linux kernel)
ELF: if a dynamic shared object file has ".interp" section, do not mark it as DLL (it's a position-independent executable)
ELF: MIPS: detect microMIPS functions
ELF: MIPS: try to find initial gp value even when DT_MIPS_GP_VALUE is missing
ELF: PPC: handle R_PPC_ADDR24 relocation
ELF: support files that use bogus R_ARM_REL32 relocations for self-decryption
ELF: Support for R_386_TLS_TPOFF32 relocation
HEX: split the file being loaded into several segments if there are big gaps in addressing
Java: support loading of .class files produced by Java 8
CLI: IDA on Windows can now make use of the built-in CLI metadata loader, if the environment variable 'PE_CLI_FORCE_RAW' is set
TE: added support for TE (Terse Executable) file format, used in UEFI firmwares
Debugger
BOCHS: enabled manual memory regions in disk image mode
BOCHS: support for Bochs 2.6.6
debugger: Android: added a position-independent build of the debugging server (android_server_pie); necessary for Android Lollipop
Debugger: Dalvik: added an ability to preset breakpoints at methods of Activity to start with, controlled by Debug specific options
Debugger: linux: try to detect if the dynamic interpreter (ld.so) is loaded at runtime and start reporting shared libraries at that time This helps with debugging of compressed programs
DWARF: Don't try and use DWARF info from files that have a .gnu_debugaltlink companion file
DWARF: Golang: Better handling of some poorly-defined arrays dimensions
DWARF: Initial support for CFA(Call Frame Activation)-based stack arguments
DWARF: Moved to libdwarf 20140805, which provides much better DWARF V4 support
DWARF: Support for decimal floating point values
DWARF: Support for ELF files with a companion 'DWZ' file (i.e., "compressed" DWARF information.)
DWARF: Support for Free Pascal-style UDT-member-as-subroutine (lacks a '*' DIE)
PIN: implemented write memory request
PIN: print PIN toolkit version when starting pintool
PIN: provide access to FPU/XMM registers
PIN: support PIN toolkin version 2.14
PIN: support register modification
Kernel/Misc
demangler: added support for the .eh suffix
demangler: handle rvalue reference and nullptr_t in VC++ mangled names
generate a xref to the target struct type when 'struct offset' applied to a struct member
installer: enable SEHOP and Force ASLR mitigations on Windows at install time
kernel: reimplemented storage of segment register changepoints. Now ARM files with many ARM-Thumb changepoints consume much less memory
Linux installer will warn the user about missing 32-bit support instead of failing silently on pure x64 distros
show string tail as a comment if cross-refence points into the middle of the string
sync all imported types from loaded tils to the local til file; we need this to ensure that an imported type does not suddently change because of til manipulations
PELF: add support for ARCompact relocations
TIL: added a type library for UEFI (x86 and x64, version 2.4)
kernel: virtual array was flushing pages to the disk every time we changed its size; removed that
User Interface
UI/QT: When holding Shift or Ctrl while mouse wheel scrolling, entire pages are scrolled at once. When doing so in hint windows, they are grown/reduced faster, too
UI: add 'Undefine operand', and 'Alignment' to the context menu, when applicable
UI: Added "Copy to clipboard" functionality to "Export Data"
UI: added a setting for the number of xrefs for structs/enums in the Options dialog
UI: distinguish the main entrypoint in the list of exports/entry points
UI: double-clicking on a register value during debugging allows to edit it
UI: force randomization of Python DLLs load addresses, to reduce the risk of vulnerabilities; also enable Force ASLR if available (Windows 8 or later)
UI: handle gracefully lack of disk space when trying to save the database - allow the user to retry saving
UI: if one of the recent file entries in the File menu is selected while Shift key is held down, the file is opened in a new IDA instance
UI: improved the "Edit Segment" form; segment access permissions can be edited now
UI: on Windows, offer to create a minidump in case of an internal error
UI: options dialog: added a "graph" or "nongraph" suffix to the settings which are mode-specific
UI: print detailed function argument information when the user presses 'F'
UI: QT: remove requirement for compatible screen resolution when loading desktop from IDB. If some floating windows do not fit into the screen, they're resized
UI: remember the last used directory for the "Script file..." dialog (if OPEN_DEFAULT_IDC_PATH is not set)
Scripts & SDK
IDAPython: add idaapi.get_kernel_version()
IDAPython: added ability to build IDAPython with Hex-Rays bindings by specifying a path to a directory where to find the 'hexrays.hpp' file
IDAPython: added APIs for accessing the registry
IDAPython: added APIs for working with breakpoint groups
IDAPython: added umsg() for printing UTF-8 text into the Output Window
IDAPython: construct_macro() is now available to IDAPython processor modules
IDAPython: export get_custom_viewer_place(), and allow place_t clone() & related functions
IDAPython: expose QueueDel(qtype_t, ea_t), to complete APIs for manipulating entries from the "known list of problems"
IDAPython: get_tform_type()/get_tform_title(), & current_tform_changed callback
IDAPython: give users the ability to access the underlying TForm/TCutsomControl objects that back higher-level Pythony wrappers, so that the rest of the SDK API can be used as well
IDAPython: improve stability and error reporting for Python processor modules
IDAPython: Scripts can use OnViewMouseMoved() callback to be notified of mouse movement on views (both user-created, as well as core IDA views)
IDAPython: User graphs: double-clicking on a graph edge, will (by default) jump to the node on the other side of that edge
IDC: Added UMessage(), to print UTF-8 strings
IDC: 'Dump Database to IDC' now exports function comments too
IDC: SetType/ApplyType can be used with struct member IDs
SDK: Added 'umsg', which is in all aspects similar to 'msg', except that it works exclusively with UTF-8 strings
SDK: added build_stkvar_xrefs(), to get a list of all the xrefs in a function for a given argument/variable in that function's stack frame
SDK: added function to retrieve action attributes
SDK: added lower_type2(), that accepts a helper capable of providing additional information about the function, that lower_type2() itself doesn't know about
SDK: Added patch_qword(), (and PatchQword for IDC.)
SDK: added qfindclose64() to the destructor of qffblk64_t; there is no need to call it explicitly anymore
SDK: added qfstat64()
SDK: added unpack_xleb128() to read sleb/uleb128 values
SDK: attach_action_to_popup()/detach_action_from_popup() can now be used to register and remove 'permanent' popup actions
SDK: deprecated 32-bit findfirst/findnext functions and qstat()
SDK: deprecated guess_func_tinfo2 (use guess_tinfo2)
SDK: deprecated ui_showauto and ui_setstate
SDK: extend APIs for working with breakpoint groups
SDK: extended set_dock_pos usage. Now it can be applied for the complex widgets by specifying the window title, f.e. "IDA View-B, Enums, Exports"
SDK: extensive reworking of comments in the headers (converted to Doxygen format). HTML documentation is avilable for
SDK: introduced debugger_t::set_resume_mode to be able to specify various resuming kinds (it replaces 'thread_set_step')
SDK: new set of functions for dealing with user-provided actions
SDK: qfileexist() now returns false if the specified path is a directory (use qisdir() for directories)
SDK: since the return value of malloc/calloc with zero size is implementation dependent, the qalloc/qcalloc functions check for zero and return NULL
SDK: added qgetcwd()
BUGFIXES
BUGFIX: IDAPython: made 'extract_name' available again
BUGFIX: 32bit offsets in 16-bit segments were interpreted as seg:off pairs for all processors (should happen only for x86)
BUGFIX: 64bit windows debugger: read/write of FPU/MMX was handled incorrectly
BUGFIX: 6809: low/high offset expressions were displayed incorrectly
BUGFIX: a signed comparison was used to validate the 'maxord' field of .til files; this is a vulnerability that can be exploited by creating a specially crafted .idb file, at least in theory
BUGFIX: AOF: AOF loader could access out-of-bounds memory
BUGFIX: AOUT: IDA could crash trying to load a corrupted a.out file
BUGFIX: ARC: ARC4 ld/st were incorrectly treated as having delay slots
BUGFIX: ARC: brCC and bbitX instructions were printed incorrectly (no delay slot and unnecessary period)
BUGFIX: ARC: some ARCompact instructions were missing flag-setting bits
BUGFIX: ARM: IDA could hang if there were three or more thunk functions calling each other in a loop
BUGFIX: ARM: IDA could loop endlessly on some files (if the byte sequence would be resemble valid code but still had many inconsistencies)
BUGFIX: ARM: instructions belonging to TBH/TBB switches were not properly marked
BUGFIX: ARM: instructions inside IT blocks would lose their condition suffixes on rebasing
BUGFIX: ARM: single stepping inside IT blocks was broken
BUGFIX: autoanalysis could endlessly loop in some (rare) cases
BUGFIX: BOCHS: IDA could fail to start debugging in snippet mode (IDB mode) if there was a big .bss segment at the end of address space in the database
BUGFIX: BOCHS: IDB mode would work incorrectly with files that have many small, non-page-aligned segments (e.g. many ELF files)
BUGFIX: BOCHS: in protected mode (disk image mode), mappping of segment selectors that use LDT (and not GDT) was done incorrectly
BUGFIX: check_process_exit() could not handle the processes that were terminated by a signal (unix)
BUGFIX: choose2() in batch mode could return wrong answer (if the default answer was wrong)
BUGFIX: CLI: IDA could crash when loading a corrupted .NET file on Linux/OS X (double free)
BUGFIX: CLI: IDA could hang on some corrupted .net files
BUGFIX: CLI: IDA could spend enormous amount of time trying to load some corrupted .net files
BUGFIX: CLI: Incorrect .net metadata could cause IDA to quit on Linux & OSX
BUGFIX: CLI: specially crafted .net file could crash IDA on unix
BUGFIX: Closing the IDB and calling 'get_import_module_name()' (e.g., through a PLUGIN_FIX plugin) would crash IDA
BUGFIX: COFF: corrupted file could crash IDA
BUGFIX: COFF: IDA could crash on some corrupted files
BUGFIX: COFF: truncated string tables could lead to memory corruption
BUGFIX: Dalvik debugger could crash when switching to the debugger desktop
BUGFIX: Dalvik: move/16 and move-object/16 instructions were decoded incorrectly
BUGFIX: DBG/COFF: IDA could crash when parsing a COFF symbol with bogus count of aux records
BUGFIX: debugger: Android debugger could miss some memory areas (if the same starting address was listed twice in 'maps')
BUGFIX: debugger: in some cases debugger could not continue execution after suspending on 'start process' event
BUGFIX: debugger: it was impossible to read MMX registers from 64bit linux debugger
BUGFIX: debugger: mac: IDA would fail to read debuggee's memory at or close to address 0 even when it was valid
BUGFIX: Debugger: some debugger modules could still send BREAKPOINT events after receiving the termination request; IDA should ignore them
BUGFIX: DEX: a specially crafted DEX could crash ida
BUGFIX: DEX: fixed a buffer overflow in the DEX loader
BUGFIX: DEX: IDA could crash trying to load a corrupted DEX file
BUGFIX: DOS: MZ EXE relocations with values >0x8000 were processed incorrectly
BUGFIX: DWARF: could fail recognizing some types as being equivalent, and end up in an INTERR
BUGFIX: DWARF: could crash when generating some variations of a type, to make its size suitable for inheritance
BUGFIX: DWARF: some badly corrupted DWARF data could cause IDA to quit
BUGFIX: ELF: bogus PT_NOTE entries could cause IDA to hang for a long time
BUGFIX: ELF: could crash on corrupted elf files
BUGFIX: ELF: IDA could crash when loading a specially crafted ELF file
BUGFIX: ELF: MIPS HI16 RELA relocations were incorrectly applied
BUGFIX: ELF: specially crafted file could result in stack buffer overrun
BUGFIX: ELF: STB_WEAK symbols were not listed in the 'exports' window
BUGFIX: EPOC: handcrafted EPOC files could cause an endless recursion and eventual crash (but IDA would ask for a confirmation at each iteration)
BUGFIX: EPOC: IDA could crash trying to load corrupted EPOC files
BUGFIX: EPOC: malicious deflate-compressed EPOC files could crash IDA
BUGFIX: EPOC: specially crafted .sis file may cause memory corruption
BUGFIX: fixed behavior of highlight + scrolling to be like IDA pre-6.6
BUGFIX: Fixed exporting to C header file of types with fileds of referenced by name type
BUGFIX: GDB: the "Use CS:IP in real mode" option was treated as always active, leading to incorrect EIP values in real mode in some stubs (e.g. VMWare)
BUGFIX: HPSOM: HP-UX SOM loader could access out-of-boundary memory
BUGFIX: IDA could crash at the exit time if tinfo_t objects were leaked by a plugin or script
BUGFIX: IDA could crash if an attempt to match a jump table instruction sequence was made on an ea without a segment
BUGFIX: IDA could crash on specially crafted DEX file (trying to allocate a huge segment)
BUGFIX: IDA could crash trying to guess a function type (stack overflow)
BUGFIX: IDA could crash trying to load corrupted PharLap extender files
BUGFIX: IDA could hang trying to move a segment from the top of the addressing space
BUGFIX: IDA could interr if the program was rebased in the presence of orphan bytes (bytes that do not belong to any segment)
BUGFIX: IDA could not parse 'static int inline x;'
BUGFIX: IDAPython Decompiler bindings could abort IDA because of some uncaught C++ exception
BUGFIX: IDAPython processor modules' outop-produced op_t references were leaked
BUGFIX: IDAPython: Activate() callback was not functional
BUGFIX: IDAPython: Exceptions in GraphViewer.OnRefresh() were silently ignored
BUGFIX: IDAPython: exceptions thrown inside the code called by SWIG wrappers must be caught, or IDA might abort
BUGFIX: IDAPython: Form.Close() was not working in most cases
BUGFIX: IDAPython: gen_disasm_text() was expecting a 'text_t' instance, which is not exposed
BUGFIX: IDAPython: get_ascii_contents2() was not honoring the possible output encoding request
BUGFIX: IDAPython: GetLocalType() could produce errors with some local types
BUGFIX: IDAPython: GraphViewer would not allow grouping of nodes, unless OnCreatingGroup was implemented
BUGFIX: IDAPython: GraphViewer.Select() method was always selecting node 0 regardless of the argument
BUGFIX: IDAPython: It was not possible to use 'tag' and 'reg' functions of a segreg_t instance returned by get_srarea()
BUGFIX: IDAPython: Some char arrays-derived Python strings could contain garbage in some cases
BUGFIX: IDAPython: some functions which returned a ssize_t, were wrapped incorrectly and were unusable
BUGFIX: IDAPython: udt_type_data_t was not exposed as a qvector, and thus couldn't be iterated on
BUGFIX: IDAPython: When using the Strings() class, bytes could be erroneously retrieved
BUGFIX: IDC's SetShortPrm(INF_BINPREF, <nbytes>) would not properly change the current renderer's amount of displayed bytes
BUGFIX: IDC: GetLocalTinfo() would return a non-zero number upon failure (must return 0)
BUGFIX: IDC: IDA could interr if an IDC function was called with wrong number of arguments
BUGFIX: IDC: SetMemberType() with struct offset would use wrong struct offset delta
BUGFIX: IDC: the function SetRegValue() could set incorrect value for FPU registers
BUGFIX: it was possible to create an item across function chunk boundaries (only in some cases)
BUGFIX: kernel: instruction emulator could destroy the current insn in some cases and this would cause an interr later
BUGFIX: LE: LE files without the MZ header could not be loaded
BUGFIX: linux debmod could interr on low-level conditions
BUGFIX: Mach-O: __stubs section was processed incorrectly for x64 files
BUGFIX: Mach-O: corrupted export data could cause buffer overflow and crash IDA
BUGFIX: Mach-O: Fixed crash in Mach-O loader (endless recursion)
BUGFIX: Mach-O: fixed off-by-one bug in many places; efd was crashing on the sample files we received today; probably IDA too
BUGFIX: Mach-O: Fixed potential endless recursion
BUGFIX: Mach-O: IDA could crash on some corrupted Mach-O files the number of sections or section boundaries are bad
BUGFIX: Mach-O: IDA could crash when loading Mach-O files with malformed LC_LOAD_DYLIB commands
BUGFIX: Mach-O: IDA could not load files with over-sized sections
BUGFIX: MIPS: building mips16 macro instructions could consume too many bytes, preventing some following instructions from being decoded
BUGFIX: MIPS: registers could be tracked incorrectly for mips16 code
BUGFIX: MIPS: some references to local symbols loaded from the GOT could not be converted to offsets
BUGFIX: msp430: was using 16-bit segments by default
BUGFIX: MSP430: some BRA instructions were decoded incorrectly
BUGFIX: NE: IDA could crash on specially crafted NE file (zero pointer dereference)
BUGFIX: on Linux some of concurrently started instances of IDA could fail to load the registry
BUGFIX: our C parser was supporting only "ui64" suffix for 64-bit constants; the 'll' prefix was silently skipped
BUGFIX: Patched bytes are now reverted before the segment and its data are deleted
BUGFIX: PC: 'ymmword' keyword was not defined for PC module which caused 32-byte data items to be displayed with (null) prefix
BUGFIX: PC: AVX instructions that refer to r8..r15 should not be decoded in 32-bit mode
BUGFIX: PC: some instructions using repeated 66 and 67 prefixes (operand/address size override) were not decoded correctly
BUGFIX: PDB: IDA could fail to load a PDB file when using File->gt;Load additional file->gt;PDB file... dialog
BUGFIX: PE: files with corrupted CodeView debug info could trigger a double free
BUGFIX: PE: heap overwrite in processing of x64 .pdata entries
BUGFIX: PE: IDA could access invalid memory when a corrupted COFF symbol table was present
BUGFIX: PE: IDA could take a very long time loading a file with bad debug directory
BUGFIX: PE: specially crafted PE file could lead to memory corruption
BUGFIX: PEF: fixed multiple vulnerabilities
BUGFIX: PEF: specially crafted PEF files could crash IDA
BUGFIX: PIN: get rid of duplicates in trace buffer (basic block tracing mode)
BUGFIX: PIN: in some cases IDA tried to launch pintool even if 'autolaunch' option was disabled by the user
BUGFIX: PIN: in some cases pintool could provide incorrect memory configuration
BUGFIX: PIN: incorrect tooltips for memory operands in the disassembly window
BUGFIX: PIN: not all threads appeared in IDA after initial attach to a process
BUGFIX: PIN: register values/threads could be lost when debugger stops on "Process start"/"Library loaded" events (in case 'Suspend on debugging start' or "Suspend on library load/unload' option is enabled)
BUGFIX: PIN: take into account actual flags of segments/function when enabled options 'Trace over debugger segments', 'Trace over library functions'
BUGFIX: PPC: undecorating a name could yield an empty name and that could cause a crash
BUGFIX: PPC: VLE instruction se_addi was incorrectly simplified into se_li when r0 was used as a source operand
BUGFIX: Producing files with only structures/enums gave erroneous feedback on the line count
BUGFIX: Proximity view could crash when asked to expand/collapse multiple nodes, when some of those are "(+)" nodes
BUGFIX: qrealloc() with BADMEMSIZE could succeed on some flavors of linux64 (it should fail)
BUGFIX: qwingraph: could crash on some huge graphs; now we nicely display a message and exit
BUGFIX: references to unexisting types would be saved with explicit struct/union/enum keywords even if the reference was simply by name; the keyword would be derived on the fly from the forward declaration, if it existed
BUGFIX: renaming a struct/enum would break references to it because IDA was using references by name instead of by ordinal
BUGFIX: SDK: tinfo_t::is_forward_decl() could incorrectly return false in some cases
BUGFIX: searching for the next unknown byte in sparse storage was buggy
BUGFIX: some -D command line options could be effectively ignored because IDA could load a new processor module immediately after applying them; now we apply -D switches after loading the input file
BUGFIX: some anonymous unions of bitfields could be handled incorrectly in pdb files
BUGFIX: some register names were duplicated by some debugger backends
BUGFIX: SPARC: IDA would miss delay slots in little endian mode
BUGFIX: structure alignment was incorrectly calculated when copying from the struct window to the local types;
BUGFIX: switch idioms that had the default jump target inside (but unmarked) would still be decompiled incorrectly
BUGFIX: Syncing a Hex-View to the value of a register would cause an interr
BUGFIX: the 'local types' window was not refreshed after importing some types to the IDB
BUGFIX: tilib: could interr when trying to calculate the alignment of a 'long double' type when the compiler is set to 'Borland' (long double is 10 bytes but has alignment of 8)
BUGFIX: tinfo_t::print() could crash if PRTYPE_DEF was passed for a trivial type
BUGFIX: tracing, basic block tracing mode: broken order of instructions in the trace buffer
BUGFIX: Tricore: some ld16/st16 instructions were decoded incorrectly
BUGFIX: UI: after switching Hex View to one-column it was not displaying anything
BUGFIX: UI: IDA could confuse structs with members when renaming in the structures view
BUGFIX: UI: IDA could crash when showing proximity graph coming from a trace
BUGFIX: UI: IDA could crash when trying to display a proximity view graph for a newly opened file, if that graph exceeded the max node limit
BUGFIX: UI: IDA could show "undefined type" message when loading some PE files into IDB
BUGFIX: UI: IDA was generating bogus idb_event::op_type_changed when showing the context menu
BUGFIX: UI: in some cases picking a standard numeric constants (enum) for the value in the disassembly did not work
BUGFIX: UI: load-time warnings could be shown again even if the user checked "Don't show again in current session"
BUGFIX: UI: Pressing '.' when in the "Output window"'s messages widget wouldn't switch control to the CLI widget
BUGFIX: ui: qt: Changed meaning of 'width' field parameter in forms descriptions. Now it is buffer size -1 for text fields and the number of characters for digital fields
BUGFIX: UI: QT: Open... file dialog was displaying only "All files(*)"; now extensions idagui.cfg are used
BUGFIX: UI: Right-clicking on a graph view, and then clicking on the "Zoom 100%" action could lead the view to zoom to the wrong place
BUGFIX: UI: Right-clicking on an edge, and requesting a grouping of nodes while none are selected could crash IDA
BUGFIX: UI: some IDBs created on Windows and used on Unix could have problems with the 'struct offset' command in the gui verion
BUGFIX: UI: switching from graph view to flat view and back would change the current disassembly position if the current node was a group node
BUGFIX: UI: the import window would display wrong library names if a new database was opened without quitting IDA
BUGFIX: UI: tracing actions (Instruction tracing etc.) were not enabled for some debuggers which do support tracing (e.g. Bochs)
BUGFIX: UI: TXT: Changed meaning of 'width' field parameter in forms descriptions. Now it is buffer size -1 for text fields and the number of characters for digital fields
BUGFIX: UI: Using IDA in a Windows 8 RDP session might cause a freeze of the session when dragging & dropping widgets
BUGFIX: UI: When animations were turned off, IDA could temporarily freeze
BUGFIX: UI: when creating 32-bit segments with base 0, a selector was not allocated for it, leading to various issues
BUGFIX: UI: when creating a new script snippet, the previous snippet text was not always cleared from text field
BUGFIX: UI: When double-clicking a result in a non-modal "Xrefs to ..." view, in order to jump in the (previously hidden) tabbed graph view, the graph view might center on an incorrect place
BUGFIX: uiswitch: it was impossible to specify a switch with zero elbase but nonzero shift
BUGFIX: unreachable meaningless fpu instructions could hinder fpu stack analysis
BUGFIX: User graphs: paint nodes background even when text is not painted (i.e., zoom level is too far away.)
BUGFIX: when a struct was deleted, the corresponding type was not always deleted from the local types
BUGFIX: When changing a variable/argument type in a function frame, 'Structures' xrefs might not be updated
BUGFIX: when debugging, the cursor could be positioned on a multiline comment line in the pseudocode view, instead of the line with the real code
BUGFIX: When horizontally scrolled, IDA View-A could fail to highlight the word on which the cursor is currently placed
BUGFIX: When in graph view, jumping to the current function's call sites through the node title's "Jump to xref" icon could focus on the wrong node in the calling function
BUGFIX: when opening an old IDB for a processor without the type system there could be a significant delay (a dozen of seconds or more)
BUGFIX: When performing some keyboard shortcut sequences very fast, and then moving up/down with the keyboard's line up/down, or page up/down, the disassembly listing could show a single line (or jump one page off)
BUGFIX: While grouping/ungrouping some nodes, IDA could freeze until 'Esc' is pressed
BUGFIX: WinDbg: windbg debugger could not write FPU register values
BUGFIX: 64bit linux debugger: Incorrect reading of FPU registers
BUGFIX: ARM: arm module would display 'LDR R0, =0xFFFFFFFF' or similar in case the LDR instruction was referrring to a non-existing or uninitialized memory address
BUGFIX: DWARF: Could misinterpret very large types (> 0x1fffffff bytes-large)
BUGFIX: GDB: a malicious GDB stub could cause heap memory overwrite in IDA during debugging
BUGFIX: IDA could abort with message "index file is bad" when compressing database
BUGFIX: IDA could crash at DWARF-loading time, because the DWARF plugin would try and retrieve too many bytes from the file
BUGFIX: IDA could crash/hang on corrupted databases
BUGFIX: IDA could hang trying to load corrupted input files
BUGFIX: IDA could hang trying to read symbols from an erroneously-large symbols table
BUGFIX: IDAPython: internal_get_sreg_base() wasn't usable
BUGFIX: IDAPython: set_nav_colorizer() was not accepting Python callables as implementation. Issue 1370
BUGFIX: PC: some FPU instructions were not decoded if they had a REX prefix
BUGFIX: Pressing 'p' to create a procedure, then keyboard-navigating to another piece of code and pressing 'p' again could not work (unless something caused the actions to be updated again; e.g., opening a dialog.)
BUGFIX: IDA could interr when guessing a function prototype if the stack was growing up for the current processor
BUGFIX: IDA could spend too much time generating the listing if there were too many lines in .net files
BUGFIX: kernel: handling of switches with SWI_JMP_INV flag set was broken
BUGFIX: specially crafted .sig files could crash IDA
BUGFIX: PPC: some simplified instruction forms were missed
Last updated