IDA 8.3
Last updated
Last updated
IDA 8.3.230608 June 8, 2023
We have further improved IDA64 so that it can be a complete replacement for the legacy 32-bit IDA in all situations. To ease the migration, we implemented a feature to convert the legacy .idb databases to .i64 ones (codenamed CVT64).
The 32-bit IDA is now considered deprecated and will likely go away at some point.
Improved UI performance on some strategic fronts. For example, slower autoanalysis of Dyld Shared Cache's due to the "Functions" window (whether filtered or not) is a thing of the past.
It is now possible to specify a (HTTP CONNECT-style) proxy for connecting to the Vault server.
During a merging session, you can pick a chunk to resolve a conflict using context menu instead of the toolbar.
The licensing logic was improved:
Previously, when some licenses expired, the Vault server would refuse to work until the number of users was reduced to the count of the active licenses. Now it will continue working but simply refuse new license checkouts in such situation.
IDA was relying on the local ida.key file and displaying the expiration date from it, even if the license was updated on Vault server. Now IDA Teams does not use the local ida.key at all but only information from the server.
Our free offer for educational institutions gained a cloud decompiler for x86/x64 and the file size limit has been lifted.
The decompiler's IDA Python API (ida_hexrays module) now works with the cloud decompilers available in IDA Home
PPC processor module gained support for the LSP extension, as well as the new Power ISA 3.1 instructions
ARM module now shows symbolic names for well-known ARM64 system registers
MIPS and RISC-V modules have improved register value tracking which should lead to better analysis and more discovered cross-references
DEX module and loader now support the new features added in the DEX 039 format (Android 9 and 10)
PC: instructions with three or more operands (such as imul or vinsertps) can support properly distinct types for each operand. In fact, this applies to instructions with three or more operands in all processors.
ESP: a new loader, supporting the common file format used for the Espressif ESP line of chips
Cortex-M: a new loader for Cortex-M raw binary firmware, supports ARMv6-M to ARMv8-M and load base autodetection
ELF: the loader now parses PPC-specific sections with details about the instruction set used, and configures the processor module automatically
golang: added support for Go 1.20 and improved detection and parsing of Go metadata
Goomba, our open-source plugin for MBA deobfuscation is now shipped as part of IDA
DWARF: loading of DWARF debug information has been sped up significantly, especially for big files
OBJC: added support for Objective-C optimizations introduced in iOS16 (stubs for objc_msgSend with common selectors and custom wrappers for retain/release)
it is now possible to disable some optional optimizations performed by default. This may be useful for plugin writers doing their own analysis on microcode
multiple fixes were done for the outlined functions support initially introduced in 8.2
improved detection of call arguments in multiple situation, including detection of return value passed via X8 on ARM64
lumina: add a UI action to inspect a function's metadata history
lumina: allow specifying up to two Lumina servers (public or private, in any order)
lumina: metadata history can now be browsed on private Lumina servers
Teams: use licenses from vault server on IDA side (no more need for ida.key files on the client)
ARM: ARM64 system registers are now displayed using symbolic names
ARM: set offsets/xrefs for LDRD/STRD if the base register is known
Dalvik: support for const-method-handle and const-method-type bytecode instructions (DEX 039/Android 10)
MIPS: improved analysis of functions with large stack frames for MIPS16
MIPS: improved the regtracker
PPC: added Power ISA 3.0C Ultravisor-related instructions
PPC: support LSP (Lightweight Signal Processing) extension instructions, available in some MPC57xx cores
PPC: support Power ISA 3.1, including prefixed instructions
RISCV: register tracker can now be configured via settings in ida.cfg
DEX: annotate hidden API section (DEX 039)
ELF: ppc: parse and use .gnu.attributes and .PPC.EMB.apuinfo sections to detect the used ISA extension
ESP: new loader for the Espressif images, supporting images from ESP8266 (Xtensa) to ESP32-C6 (RISC-V)
TIL: added type library for Android ARM64
TIL: suppport __attribute__((flag_enum)) or __bitmask attribute on enums
DWARF: improve handling of unsigned 'char' types; now they're mapped to 'char' on IDA's side (instead of 'unsigned __int8')
DWARF: significantly speed up importing of type information
golang: added "detect and parse golang metadata" command
golang: annotate funcInfo's funcFlag field
golang: handle different functions with the same name in pclntab
golang: use full package prefix for functions dirtree
goomba: new plugin for optimizing mixed boolean expressions (MBA) in pseudocode
idaclang: added presets of predefined arguments for common platforms
idaclang: updated libclang to 16.0.0
OBJC: set prototypes for some widely used objc methods (e.g. objc_alloc_init)
OBJC: support iOS16 optimized objc_retain_xY/objc_release_xY stubs
OBJC: support objc_msgSend$... stubs
installer: Missing dependencies on Linux are now checked and reported at install time
kernel: properly support operand types for 3rd to 8th operands
licensing: the EULA has been updated and unified across all IDA editions and license types
network: added ability to use an HTTP CONNECT-style proxy
network: added support for HTTP CONNECT proxy basic authentication
IDAPython: added an example showing how to paint over an existing graph's edges
IDAPython: added support for Python 3.12
IDAPython: enable access to the global debug variable+
IDAPython: improve doc for str2ea (use text from the SDK header)
SDK/Python: added get_config_value for retrieving arbitrary JSON values in config files
SDK/Python: notepad APIs (get_ida_notepad_text/set_ida_notepad_text) now synchronize the database/UI state
SDK/UI: added ability to dynamically change values in combobox in forms
SDK: added functions validate_idb(), move_privrange()
SDK: added methods edit_named_type_details()/edit_numbered_type_details() to edit local type enum/udt details
SDK: added parse_decl_ex()
UI: "Color instruction" action now also colorizes undefined items in the selection (previously they were skipped)
UI: Added support for Unicode 15.0, now more string literals are detected and displayed correctly
UI: allow editing struct.enum comments in the type editor
UI: during autoanalysis, mark choosers with a filter and/or sorting as outdated instead of updating immediately
UI: improved performance for refreshing choosers when there is no sorting or filtering
UI: provide the ability to specify icons for actions through CSS themes
UI: show comments for strlits or mangled names on each member of a string array in the disassembly listing
UI: the graph options are now saved in the desktop
UI: teams: Allow picking a chunk to use from the context menu in addition to the toolbar button/hotkey
UI: teams: save desktop layout in the database using user's name so that each user's desktop is not overridden by others
decompiler: added a new API function change_hexrays_config() to update the hexrays configuration, e.g. to set the analysis options or disable warnings after IDA start
decompiler: added the option to disable some optimizations
decompiler: arm: detect usage of X8 for reurning structures on ARM64 and add a hidden 'retptr' argument when callee prototypes is guessed by IDA
decompiler: enable IDAPython API for the cloud decompiler (IDA Home, IDA Educational)
decompiler: exported set_lvar_name() which can be used to rename local variables
decompiler: improve callee type guessing (detect arguments passed by reference)
decompiler: improve fastcall/thiscall callee detection
decompiler: improved guessing of call types (detect more fastcall/thiscall calls without stack arguments)
decompiler: improved propagation of zero values
BUGFIX: decompiler: assignment to a stack variable used by reference in a syscall could be erroneously removed
BUGFIX: decompiler: corrupted info in the database could lead to crashes during decompilation
BUGFIX: decompiler: decompiler could cause IDA to crash if an error happened during plugin initialization
BUGFIX: decompiler: fixed a crash that could occur when deleting a function in the presence of outlined functions
BUGFIX: decompiler: fixed numerous interrs
BUGFIX: decompiler: indirect jumps in outlined code were handled incorrectly
BUGFIX: decompiler: jumps to outlined functions were handled incorrectly
BUGFIX: decompiler: the "select union member" action (Alt-Y) could fail in some cases
BUGFIX: ELF: Android ARM64 JNI files would incorrectly use 32-bit type library
BUGFIX: formatting golang metadata could fail for some 64-bit binaries if they used addresses above 32-bit address space
BUGFIX: IDA on Linux would not start if libsecret-1 or libglib-2.0 were not present
BUGFIX: idapyswitch would accept buggy Anaconda 2022 distributions which would later cause IDA to crash
BUGFIX: IDAPython: ida_dbg.get_dbg_byte() was not usable
BUGFIX: IDAPython: non-modal Python forms (using class Form) could cause crashes on the ARM macOS build of IDA
BUGFIX: IDAPython: the bookmarks_t object was not usable from IDAPython
BUGFIX: kernel: fixed printing of opcode bytes for processors which use two-byte grouping (PR_WORD_INS flag)
BUGFIX: kernel: idat64 would try to load picture_search plugin, although it only works in GUI version
BUGFIX: Lumina: fixed interr 1512 which could occur on wrong directives in lumina.conf
BUGFIX: MACHO: IDA 8.2 would fail to recover tagged pointers in arm64e dyld caches
BUGFIX: MACHO: iOS16+ branch mappings/stubs regions were not loaded in "complete" and "dependencies" modes, leading to missing symbols
BUGFIX: MACHO: when loading a complete dyld cache for iOS16, authenticated pointers would retain tagged values
BUGFIX: MIPS: TX19A-only MIPS16 BAL does not have a delay slot
BUGFIX: PDB: IDA would fail to load PDBs with page size 8192 (e.g. from recent Chrome builds)
BUGFIX: PE: Load Config Directory comments for ProcessHeapFlags and ProcessAffinityMask fields were swapped in 32-bit files
BUGFIX: PE: some files using EH4 metadata (__CxxFrameHandler4) could produce bogus "DATABASE IS CORRUPTED" warnings on load
BUGFIX: Teams: IDA would crash silently on start if the license was expired but within the grace period
BUGFIX: teams: IDA would sometime fail to save the login credentials
BUGFIX: Teams: Vault server no longer refuses to work when there are not enough licenses
BUGFIX: ui/qt: get_viewer_graph wouldn't return the mutable_graph_t instance for proximity views
BUGFIX: UI: binary search with selection would fail if cursor was at the end of selection
BUGFIX: UI: fixed an accelerator clash in the Cross-references tab of the Options dialog box
BUGFIX: UI: graph printing did not work on Windows and macOS
BUGFIX: UI: license agreement dialog was mis-interpreting UTF-8 text for Latin-1
BUGFIX: UI: renaming a structure (or an enum) from the listing, could result in the left-hand list being outdated
BUGFIX: UI: some of the search actions were not respecting user selection
