In Chapter 8 we discussed C++ Runtime Type Identification (RTTI) and the fact that no standard exists for the manner in which RTTI is implemented by a compiler. Automatic recognition of RTTI-related constructs within a binary is another area in which IDA’s capabilities vary across compilers. Not surprisingly, IDA’s capabilities in this area are strongest with binaries compiled using Borland compilers. Readers interested in automated recognition of Microsoft RTTI data structures may want to try Igor Skochinsky’s IDC script available at The IDA Palace^[142] or the Class Informer plug-in by Sirmabus,^[143] which will be discussed further in Chapter 23.

A simple strategy for understanding how a specific compiler embeds type information ...