Ghidra: Function pointer type as structure field

Problem also is that FindTask accepts first argument in A1 register (Motorola) which is not default for the first argument passing.

You can override the function call locally in the calling function

How to do that?
There is no option for that

yeah, I'd like to know too how do you add a vtable member to a custom struct. I was using FARPROC* type but it behaves pretty much just like if I had undefined in it:

@ddbb2017 that is different. You want to create a function type (in the data types window), and then use this as data type here.

@lab313ru I dont have ghidra available right now, but if I remember correctly you rightclick on the function call in the disassembly, there should be an option "override function call" or similar

There is no such option for the structure field

Yep, in the Data Type Manager, New -> Function Definition; enter the function you want to reference later (so for the struct member int (*hdr_func)(P_STP_PARAMS_CONFIG pStpParamsConfig); enter int hdr_func(P_STP_PARAMS_CONFIG pStpParamsConfig)), and use that function in the Structure Editor

Just to help others who may stumble across this ticket when looking for help defining/using function pointers in Ghidra; If you are trying to define a function pointer where the C equivalent is something like:

typedef void (*ATTACK_FUNC) (uint8_t, struct attack_target *, uint8_t, struct attack_option *);

Assuming you've defined the attack_target and attack_option structures in Ghidra, the function should be defined using:

void ATTACK_FUNC (uint8_t, attack_target *, uint8_t, attack_option *)

@recvfrom Does that still work in latest? I'm getting the following:

defined as

typedef FSResult (*FS_ARCHIVE_PROC_FUNC) (struct FSFile *, FSCommandType);

FSResult, FSFile and FSCommandType are all registered types.

@martmists Use New->Function Definition... instead of New->Typedef.... So for the example I posted above, the popup should look like: