[Feature request] In-memory patching

[anzz1]

First of all, commendations on your great work ! The built-in assembler for IDA was pretty much unusable so the patching had to be done with an external program, making the whole process really tedious (load file in IDA -> debug -> patch in another app -> reload file in IDA -> reanalyze the whole thing -> debug -> rinse and repeat). This finally lets me drop the external app from the workflow and no reloading required, simply awesome !

As far as binary patching goes, it currently works as-is. Finally also the "patched bytes" section actually works since your plugin keeps the backup file, and IDA does not get confused anymore on what is actually patched and what is original.

I have a request though which would make it even better, incorporate the in-memory patching option from (currently defunct and unmaintained, unfortunately) https://github.com/scottmudge/DebugAutoPatch . The "About" section outlines well some of the grievances with the IDA built-in patching system and fixes them. I do not know how non-trivial it would be to add those features to this patcher plugin though

[anzz1]

Also the ability of directly changing the bytes in the assembler window (the field is currently read-only) would be great.

Keep up the good work !

[gaasedelen]

Thanks for the kind words.

I honestly never use the IDA debugger, which partially explains my lack of movement on this. It looks like the plugin you linked is reasonably documented though (as is mine), so it might be a fun exercise for you to explore what it might take to develop the debugging-aware patching workflow you desire.

If you do, I certainly would consider a PR.

PS: there is a secret section that gives a few tips for hacking on my plugin:

patching/plugins/patching/core.py

Lines 983 to 1014 in 5a8c621

	#--------------------------------------------------------------------------
	# Temp / DEV / Tests
	#--------------------------------------------------------------------------
	#
	# HACKER'S SECRET
	#
	# this section is purely for testing / development / profiling. it may be
	# messy, out of place, transient, incomplete, broken, unsupported etc.
	#
	# if you want to hack on this plugin or are trying to edit / dev on the
	# codebase, you can quickly 'reload' the plugin without actually having
	# to restart IDA to test your changes in *most* cases.
	#
	# in the IDA console, you can use:
	#
	# patching.reload()
	#
	# additionally, you can call into parts of the loaded plugin instance
	# from the IDA console for testing certain parts:
	#
	# patching.core.nop_item(here())
	#
	# finally, to 'test' assembling all of the instructions in your IDB (to
	# try and identify assembly issues or unsupported instructions) you can
	# run the following command:
	#
	# patching.core.assemble_all()
	#
	# this may be slow and take several minutes (sometimes much longer) to
	# run depending on the size of the IDB
	#