Bitfield resolution in MLIL/HLIL

[emesare]

What is the feature you'd like to have? I would like to see resolved accesses to bitfields in HLIL, since we now can express them (bitfields) in our type system.

Is your feature request related to a problem? Currently you must do math in your head to determine the accessed bitfield, for example:

The above is setting the first member a to 1 and 4 respectively for each structure.

Another, more annotated example:

MLIL listing:

Types:

Additional Information: We also likely want to stop showing the first member being accessed, e.g. a in the examples above, and show either no access (the structure itself is loaded into the register) or some anonymous access, so that users do not get confused as to what is really getting accessed.

The above binary is available with: echo nebula rises persistently

[theevilbit]

Hi!

Would this cover support for bit/flag type argument representation? For example: open(const char *path, int oflag, ...); function call has a bitfield as the second argument. so instead of showing: _open(&__s, 0x100000); could you display: _open(&__s, O_DIRECTORY);

or in case of multiple values _open(&__s, 0x202); then something like: _open(&__s, O_RDWR | O_CREAT);

or should this be a separate feature request?

/Also flags for standard API calls from public headers (like this is from fcntl.h) could be supported out of the box without the need for the user defining them/

Thanks, Csaba