If the accept_file function returns a nonzero
value, then the name of the loader will be displayed for the user to choose
from. Figure 13-3 shows an example in which the user is being offered the
choice of three different ways to load the program. In this case, two different
loaders (pe.ldw and dos.ldw) have claimed to recognize the file format while
IDA always offers the option to load a file as a raw binary file.
2. If the user elects to utilize a given loader, the loader??™s load_file function is called
to load the file content into the database. The job of the loader can be as complex
as parsing files, creating program segments within IDA, and populating those
segments with the correct content from the file, or it can be as simple as passing
off all of that work to an appropriate processor module.
Loaders are built in much the same manner as plug-ins, the primary difference being the
file extension, which is .ldw for Windows loaders, and .llx for Linux loaders. Install compiled
loaders into the loaders subdirectory of your IDA distribution.
IDA processor modules are perhaps the most complicated modules to build. Processor
modules require the declaration of a global processor_t (defined in idp.hpp) structure
named LPH.
Pages:
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599