----------------------------------------------------------
在头文件中
1、定义枚举:
typedef enum _DEVICE_PNP_STATE {
NotStarted = 0,
Started,
...
UnKnown
} DEVICE_PNP_STATE;
2、定义结构:
typedef struct _VUL {
DEVICE_PNP_STATE DevicePnPState;
DEVICE_PNP_STATE PreviousPnPState;
}VUL,*PVUL;
3、定义宏:
#define INITIALIZE_PNP_STATE(_Data_) \
(_Data_)->DevicePnPState = NotStarted;\
(_Data_)->PreviousPnPState = NotStarted;
----------------------------------------------------------
在C代码中使用:
PVUL pVul;
INITIALIZE_PNP_STATE(pVul);
编译为EXE文件。
-----------------------------------------------------------
使用 IDA_Pro_v6.8_and_Hex-Rays_Decompiler_(ARM,x64,x86), 信息为:
Python 2.7.6 (default, Nov 10 2013, 19:24:18) [MSC v.1500 32 bit (Intel)]
IDAPython v1.7.0 final (serial 0) (c) The IDAPython Team <idapython@googlegroups.com>
将上面编译的EXE,用IDA pro 的F5反成C,显示为:
pVul->DevicePnPState = 0;
pVul->PreviousPnPState = 0;
它的汇编代码显示为:
........ mov edi, 0
........; pVul->DevicePnPState = 0;
........
mov [esi+8], edi
........; pVul->PreviousPnPState = 0;
........
mov [esi+0Ch], edi
请问:
IDA pro
Hex-Rays
的F5反成C代码, 怎样用Python命令将它显示为:
INITIALIZE_PNP_STATE(pVul);
??
[培训]内核驱动高级班,冲击BAT一流互联网大厂工
作,每周日13:00-18:00直播授课
