Bitfields

There is a special kind of enums:
bitfields. A bitfield is an enum where the 32bits are divided into groups.
When you define a new symbolic constant in a bitfield, you need to specify
the group to which the constant will belong to.

By default, IDA proposes groups containing one bit each.
If a group is not defined yet, it is automatically created
when the first constant in the group is defined. For example:

        name    CONST1

        value   0x1

        mask    0x1

will define a constant named CONST1 with value 1 and will create a group containing only one bit.
Another example. Let's consider the following definitions:

 #define OOF_SIGNMASK    0x0003

 #define   OOFS_IFSIGN   0x0000

 #define   OOFS_NOSIGN   0x0001

 #define   OOFS_NEEDSIGN 0x0002

 #define OOF_SIGNED      0x0004

 #define OOF_NUMBER      0x0008

 #define OOF_WIDTHMASK   0x0030

 #define   OOFW_IMM      0x0000

 #define   OOFW_16       0x0010

 #define   OOFW_32       0x0020

 #define   OOFW_8        0x0030

 #define OOF_ADDR        0x0040

 #define OOF_OUTER       0x0080

 #define OOF_ZSTROFF     0x0100

How do we describe this?

   name             value       mask          maskname

   OOFS_IFSIGN      0x0000      0x0003        OOF_SIGNMASK

   OOFS_NOSIGN      0x0001      0x0003        OOF_SIGNMASK

   OOFS_NEEDSIGN    0x0002      0x0003        OOF_SIGNMASK

 OOF_SIGNED         0x0004      0x0004

 OOF_NUMBER         0x0008      0x0008        

   OOFW_IMM         0x0000      0x0030        OOF_WIDTHMASK

   OOFW_16          0x0010      0x0030        OOF_WIDTHMASK

   OOFW_32          0x0020      0x0030        OOF_WIDTHMASK

   OOFW_8           0x0030      0x0030        OOF_WIDTHMASK

 OOF_ADDR           0x0040      0x0040

 OOF_OUTER          0x0080      0x0080

 OOF_ZSTROFF        0x0100      0x0100

If a mask consists of more than one bit, it can have a name and a comment.
A mask name can be set when a constant with the mask is being defined.
IDA will display the mask names in a different color.
In order to use a bitfield in the program, just convert an instruction operand to enum.
IDA will display the operand like this:

mov ax, 70h

will be replaced by

mov ax, OOFS_IFSIGN or OOFW_8 or OOF_ADDR

最新文章

  1. iOS之数据持久化方案
  2. [读书笔记] java类初始化
  3. ffplay mini 媒体播放器
  4. SSH开发实践part1:Spring与Hibernate整合
  5. iOS 生成随机数 重复 不重复
  6. android上的缓存、缓存算法和缓存框架
  7. SqlBulkCopy高效能批量插入SQL SERVER
  8. io流之写文件
  9. -_-#【video】
  10. Cortex依赖管理
  11. JS-商品图片放大器
  12. 字符串匹配算法之Sunday算法
  13. JavaScript优化参考
  14. 将1、2、3、……、n这n个连续自然数分成g组,使每组的和相等。g组中个数最多的一组有几个?
  15. node.js系列:(调试工具)node-inspector调试Node.js应用
  16. Linux中创建Daemon进程的三种方法
  17. CDH5.16.1的maven依赖版本查询地址
  18. C编程技巧资源
  19. 关于Struts2的多文件上传
  20. leetcode 123. 买卖股票的最佳时机 III JAVA

热门文章

  1. 教你如何修改FireFox打开新标签页(NewTab Page)的行列数
  2. Gitlab部署及汉化操作
  3. Funny Car Racing(最短路变形)
  4. CSU 1425 Prime Summation
  5. wondows下安装pytho&pip
  6. OpenSSL 给自己颁发根证书,由根证书签发下级证书的步骤。
  7. cocos2dx2.x 创建项目
  8. 解决IE的背景颜色透明子元素不透明问题
  9. 搭建简单的CGI应用程序
  10. SQL Server Connection Pooling (ADO.NET)