QBDI Versions Save

A Dynamic Binary Instrumentation framework based on LLVM.

v0.10.0

1 year ago
  • Fix Ubuntu package (#217)
  • Support ARMv7 and AArch64 architecture (#222)
  • Support python 3.11 (#222)
  • Support Frida >= 15.2 (#222 and #223)

Internal update:

  • Move windows CI to Github Actions (#222)
  • Support python build with pyproject.toml (#222)
  • Update LLVM to LLVM15 (#224)
  • Add CI for ARMv7 and AArch64 (#222 and #225)

v0.9.0

2 years ago
  • Change internal log system (#174).
  • Fix templates (#186)
  • Fix Frida-QBDI for Frida 15.0.0 (#192)
  • Change behavior of addInstrumentedModuleFromAddr to work with mmap region (#193)
  • Add Priority to InstCallback API (#194).
  • Support for X86 loop, loope and loopne instructions (#200)
  • Add support for FS and GS segment in X86_64 (#190).
  • Hide LLVM symbols from shared library and QBDIPreload (#205)
  • Support python 3.10 for PyQBDI (#206)
  • Add VMAction SKIP_INST and SKIP_PATCH (#197)
  • Add tutorial for basic block VMEvent (#165)
  • Support C++ lambda with capture. (#207)
  • Fix a bug where some symbols were missing in QBDIPreload (#209)
  • Remove new name of libc in QBDIPreload (#211)
  • Support of some self-modifying code (#212).
  • Add tutorial for ExecBroker VMEvent (#166)
  • Change getVersion out parameter to return version to the form 0xMMmmpp (#214)

Internal update:

  • Add static library licenses in LICENSE.txt (#169)
  • Format code with clang-format and cmake-format (#175)
  • Fix integer overflow in cache optimisation (#168)
  • Refactor build system, add llvm build in main cmake with FetchContent, move all LLVM object in a new LLVMCPU class, split internal class, split state by architecture (#178, #179 and #188)
  • Update LLVM to LLVM 13.0.0, remove zlib dependency (#189, #196)
  • Remove empty Patch not associated to an MCInst (#195)
  • Compile assembly with --noexecstack to have a rw- stack when using QBDI on linux (#201)
  • Use build directory to build the documentation (#213)
  • Use Doxygen 1.9.2 in readthedocs (#214)

v0.8.0

3 years ago
  • Fix android compilation (#126)
  • Fix instrumentation of Pusha and Popa on X86 (#127)
  • Fix getBBMemoryAccess (#128)
  • Refactor ExecBlockManager to work with unaligned instruction on X86 and X86-64 (#129)
  • Drop early support for ARM. The support hasn't been tested since 0.6.2.
  • Rework cmake package export to import X86 and X86_64 version of QBDI in one CMake (#146 and #132)
  • Add QBDI::VM::getCachedInstAnalysis to retrieve an InstAnalysis from an address. The address must be cached in the VM. (#148)
  • Change in InstAnalysis and OperandAnalysis (#153)
  • Add Instrumentation rule callback QBDI_InstrRuleDataCBK and QBDI::InstrRuleDataCBK (#151)
  • Support SIMD MemoryAccess and change :cpp:struct:QBDI::MemoryAccess structure (#154)
  • Add VM Options. (#144)
  • Rework documentation (#156)

Internal update:

  • Update LLVM to LLVM 10.0.1 (#104 and #139)
  • Reduce LLVM library included in QBDI static library and reduce QBDI package size (#139 and #70)
  • Replace GTest by Catch2 (#140)
  • Refactor code and switch to cpp17 (#140 and #155)
  • Use Github Actions to build dev-next package of QBDI (linux, osx and android) and PyQBDI (linux and osx) (#147 and #159)
  • Rewrite frida-qbdi.js and use sphinx-js for frida-QBDI documentation (#146). A version of frida greater or equals to 14.0 is needed to run frida-qbdi.js (need support of ES2019).
  • Refactor MemoryAccess Code and add new tests (#154)
  • Handle VMCallback return value (#155)
  • Optimize Context Switch and FPRState restoration (#144)
  • Add commit hash in devel version (#158)

v0.7.1

4 years ago
  • Refactor PyQBDI, support python3, PyQBDI without Preload (#67, #121)
  • Remove ncurses dependency (#123)
  • Fix initFPRState (#114)

v0.7.0

4 years ago
  • Add support for the x86 architecture
  • Add new platforms related to Android: android-X86 and android-X86_64
  • Improve MemoryMap structure by adding the module’s full path if available (#62, #71)
  • Create docker images for QBDI (available on DockerHub qbdi/qbdi) (#56)
  • Fix and improve operands analysis involved in memory accesses (#58)

v0.6.2

5 years ago
  • Add support for a public CI (based on Travis and AppVeyor)
  • Fix instruction operands analysis (#57, #59)
  • Add missing MEMORY_READ enum value in Python bindings (#61)
  • Fix cache misbehavior on corner cases (#49, #51)
  • Add missing memory access instructions on x86_64 (#45, #47, #72)
  • Enable asserts in Debug builds (#48)

v0.6.1

6 years ago

Two major bug fixes:

  • Fixing a performance regression with the addCodeAddrCB (#42): Since 0.6, this API would trigger a complete cache flush forcing the engine to regenerate all the instrumented code after each call. Since this API is used inside VM:run(), this had the effect of completely canceling precaching optimization where used.
  • Fixing support for AVX host without AVX2 support (#19): Context switching was wrongly using AVX2 instructions instead of AVX instructions causing segfaults under hosts supporting AVX but not AVX2.

v0.6.0

6 years ago

Mostly a maintenance update:

  • Important performance improvement in the core engine (#30) This slightly changes the behavior of VMEvents.
  • Fix the addCodeAddrCB API (#37)
  • atexit and getCurrentProcessMap in python bindings (#35)
  • Fix getInstAnalysis on BASIC_BLOCK_ENTRY (#28)
  • Various documentation improvements (#34, #37, #38, #40) and an API uniformisation (#29)

v0.5.0

6 years ago

This is the first public release of QBDI. This is not perfect, there are areas of improvement, but it is a first step in the right direction :-)

v0.5-rc3

6 years ago

QBDI 0.5 Release Candidate 3. This is a limited distribution, private release before our public release. Please do not leak the packages below.