Radare2 Versions Save

UNIX-like reverse engineering framework and command-line toolset

5.9.0

3 weeks ago

Release Notes

Version: 5.9.0 Previous: 5.8.8 Commits: 1316 Contributors: 65

curl -Ls https://github.com/radareorg/radare2/releases/download/5.9.0/radare2-5.9.0.tar.xz | tar xJv
radare2-5.9.0/sys/install.sh

Highlights

More details

Authors

ApkUnpacker Armin Weihbold Armin Weihbold Azox Begasus Chiller Dragon Dennis Goodlett Dennis Goodlett Dirk Eibach Dāvis Mosāns Erik Griese Francesco Tamagni François Revol GravisZro Hertatijanto Hartono Kacper Słomiński Lars Haukli Lazula Luc Tielen Luc Tielen Luc Tielen Madghostek Mewt R MewtR Michael Ortmann Murphy Nathan Nikolaos Chatzikonstantinou Omvpatil Pau RE Pikachu Rami ReWithMe Richard Patel RoboSchmied Sergi Àlvarez i Capilla Sylvain Pelissier Sándor Oroszi Tony O Tronciu Vlad Vasilyy Yiheng Cao Yuvraj Saxena aemmitt-ns ashamedbit astralia condret dvertx gogolovefish junchao-loongson kyufie lasek0 meme micronn neo-one0873 overmyerD pancake pancake phix33 ripatel-fd solid-snail syheliel toni yep zengwei2000

Changes

abi

Use RPluginMeta in RCryptoPlugin
Use RPluginMeta in RFS
Remove dead code
Initial deprecation of the current RAnalPlugin
Refactor show flags into single showMode bitset
Change return type for r_bin_dwarf_parse_aranges
Update signature of patch_relocs callback
Make r_cons_grep_expression public, rm r_cons_grep_process
Rename r_str_next_split -> r_str_tok_next; make public
Remove grep for 570 (all fixed), update older R2_580 to 590
Rename REsil.address -> .addr for consistency
Remove several R2_590 ifdefs
RArch now depends on REsil
Use RPluginMeta in RArchPlugin

anal

Fix #22552 - Fix variable access direction for arm64 store instruction
Fix aac bug caused by anal.in on binaries with sections
Add anfl command and anal.slow to bring back the old autoname functionality
Improve sigdb file format detection
Run .afna@@c:afla in aaaaa
Implement afba like afla but for basic blocks
Implement afla command to list function in the inverse call dependency order
Parse len argument in aaex
Initial support for xref sizes
Use base64 in "ax," and also show ref size column
Implement axt, - for table listing xrefs
Implement axtf - list function xrefs
Improve aan/afna/afns add json and use emulation
Permit partial block reads on analsearch loops
Remove noisy log message in aap
Add scr.analbar config var to have progressbar without scr.demo
Fix ap command using real fcn prelude info from arch plugin
Implement aax command to make a function on each CALL xref
Implement aaex command, like aae, but does not analyze any function
Fix /rc, document argument handling and add test
Improve JSON output for the afsvj command
Implement afsvj command
Implement afs- to delete a function signature
Implement r_anal_function_del_signature
Consider null bytes as invalid instructions too
Support 'aaa' in frida:// targets
Initial backtrace API and commands (abt)
Another improvement for aaaa
Take invalid instructions in consideration for the bitfield decoding
Implement aobv command for visual instruction decoding
Show function colors in afl
Plant the seed for the tlocal bool in RAnalOp
Fix warning in aar when checking icod refs on unallocated memory
Implement CL+ and CLf, show info in afi/afij
Dont fall into calls surrounded by traps
Better (more verbose) output for aaaaa
Add Cb - bind metadata type to draw reflines for data pointers
Add progressbar in 'aaa' when scr.demo is set
Show bb->esil in ab and abj
Add 'afbd' to emulate bb regstates in the correct order
Add RAnalBlock.esil and abe command to manipulate it
Initial support for D calling convention
Add r_anal_function_get_graph
Add two missing log lines for aaa
Implement more swapped conditionals support in type propagation
Refactor aaft to use less allocations for buffer
Sort blocks only once in aaft
Reuse more allocated memory during aaft
Add test for a bug spotted in the aac command
Cleanup rebasing refs during oo
Add r_anal_xrefs_has_xrefs_at function
Remove duplicate xrefs delete function
R_API function to count xrefs at a specific address
Cleanup xrefs code
Optimize xrefs using swisstable
Reimplement the a2f core plugin into an analysis one
Analyze methods after parsing the C++ vtables
Fix #22100 - Dont compute disp refs when ptr is set
Honor anal.jmp.ref in aar
Compute depth and save it in the bb
Save a bit of memory in xrefs implementation
Fix timeout and move possible slow test
Skipping empty blocks is now a warning
Show color field in the afbj output
Accept asm.bits=16/asm.os=android for syscalls + tests
Reduce false positives when scanning for syscalls on thumb code
Honor codealign, speedup syscall search emulation
Add anal.imports to analyze them early in aa
Honor RArchInfo.codealign in aar
Honor 'rsym.' flag prefix
Implement the abc- command to unset a bb color
Minor optimization in r_anal_block_op_starts_at
Use r_anal_ref_typemask() to sanitize xref types and update tests
Add and use the new Indirect Code XREF type to improve code coverage
Add the new r_anal_data_type() for better data type detection
Smol ref->type masked improvements
Add more function preludes for arm32
Fix some missing xrefs in /re $$
Handle 'asm.os=android' syscall as an alias for 'linux'
More verbose and clearer output for abl
Add RAnalFunction.traceCoverage() api and info in afi/afl/abi/..
Minor bugfix/improvement when ninstr == 0
Dont show function diff info when not diffing
Don't add more instructions than the ones we can handle in the basic blocks
Faster RAnal.bbTrace()
Add afix subcommand to list function info + xrefs
Add all-xrefs listings in 'afi' and 'afij'
Optimize: reg 32 <-> 64 conversion iterates over gpr only
Optimize anal.roregs
anal.gp also sets the reg value
Do not accept invalid xrefs (-1 <-> -1)
anal.strings does not disable bin.strings
RAnalValue no longer refs an RRegItem

analysis

Fix #22552 - Fix variable access direction for arm64 store instruction
Fix aac bug caused by anal.in on binaries with sections
Add anfl command and anal.slow to bring back the old autoname functionality
Run .afna@@c:afla in aaaaa
Implement afba like afla but for basic blocks
Implement afla command to list function in the inverse call dependency order
Parse len argument in aaex
Initial support for xref sizes
Use base64 in "ax," and also show ref size column
Implement axt, - for table listing xrefs
Implement axtf - list function xrefs
Improve aan/afna/afns add json and use emulation
Permit partial block reads on analsearch loops
Remove noisy log message in aap
Add scr.analbar config var to have progressbar without scr.demo
Fix ap command using real fcn prelude info from arch plugin
Implement aax command to make a function on each CALL xref
Implement aaex command, like aae, but does not analyze any function
Fix /rc, document argument handling and add test
Improve JSON output for the afsvj command
Implement afsvj command
Implement afs- to delete a function signature
Implement r_anal_function_del_signature
Consider null bytes as invalid instructions too
Support 'aaa' in frida:// targets
Initial backtrace API and commands (abt)
Another improvement for aaaa
Take invalid instructions in consideration for the bitfield decoding
Implement aobv command for visual instruction decoding
Show function colors in afl
Plant the seed for the tlocal bool in RAnalOp
Fix warning in aar when checking icod refs on unallocated memory
Implement CL+ and CLf, show info in afi/afij
Dont fall into calls surrounded by traps
Better (more verbose) output for aaaaa
Add Cb - bind metadata type to draw reflines for data pointers
Add progressbar in 'aaa' when scr.demo is set
Show bb->esil in ab and abj
Add 'afbd' to emulate bb regstates in the correct order
Add RAnalBlock.esil and abe command to manipulate it
Initial support for D calling convention
Add two missing log lines for aaa
Implement more swapped conditionals support in type propagation
Add test for a bug spotted in the aac command
Reimplement the a2f core plugin into an analysis one
Analyze methods after parsing the C++ vtables
Fix #22100 - Dont compute disp refs when ptr is set
Honor anal.jmp.ref in aar
Compute depth and save it in the bb
Save a bit of memory in xrefs implementation
Fix timeout and move possible slow test
Skipping empty blocks is now a warning
Show color field in the afbj output
Accept asm.bits=16/asm.os=android for syscalls + tests
Reduce false positives when scanning for syscalls on thumb code
Honor codealign, speedup syscall search emulation
Add anal.imports to analyze them early in aa
Honor RArchInfo.codealign in aar
Honor 'rsym.' flag prefix
Implement the abc- command to unset a bb color
Minor optimization in r_anal_block_op_starts_at
Use r_anal_ref_typemask() to sanitize xref types and update tests
Add and use the new Indirect Code XREF type to improve code coverage
Add the new r_anal_data_type() for better data type detection
Smol ref->type masked improvements
Add more function preludes for arm32
Fix some missing xrefs in /re $$
Handle 'asm.os=android' syscall as an alias for 'linux'
More verbose and clearer output for abl
Add RAnalFunction.traceCoverage() api and info in afi/afl/abi/..
Minor bugfix/improvement when ninstr == 0
Dont show function diff info when not diffing
Don't add more instructions than the ones we can handle in the basic blocks
Faster RAnal.bbTrace()
Add afix subcommand to list function info + xrefs
Add all-xrefs listings in 'afi' and 'afij'
Optimize: reg 32 <-> 64 conversion iterates over gpr only
Optimize anal.roregs
anal.gp also sets the reg value
Do not accept invalid xrefs (-1 <-> -1)
anal.strings does not disable bin.strings
RAnalValue no longer refs an RRegItem

api

Implement RFile.newf()
Expose call as as a public r_core_cmd_call_str_at
Boolify the RCore.yank
Deprecate r_bin_get_fields
Make r_debug_num_callback internal and remove two R2_590
Use RPluginMeta in RLangPlugin
Rename RCons.chop() into .trim()
Rename RStrpool.ansiChop to ansiTrim()
RFlag.free() must return void
Use RPluginMeta in RBinPlugins
RBinPlugin.loadBuffer() -> load() .. and checkBuffer() too
Add .help() callback for the RCoreBind
Keep RCons.strcat defines for backward compat
Implement the new RAnal.cmd()
Eliminate RBin.a2b()
Deprecate r_anal_op_hexstr()
Ship our own thread safe and portable r_str_tok_r in r_util
Move the base36 api from .h to .c
Delete unused r_cache from rutil

arch

Implement 'wao recj' for 'tbz/tbnz' arm64 instructions
Fix assembling 'mov ax, bx' for x86-16
Add Initial Support for assembling ARM MTE Instructions
Fix type confusion in pyc
Fix infinite loop exposed in iaito when selecting mcore
Add support for compressed nops in riscv
Add support for fslsp/QorIQ
Fix some op types m680x
Pre-fill op type depending on insn group info m680x
Fill more op fields in m680x
Strip some special chars for intel syntax in m680x
Fix registers description for m680x
List valid CPUs for m680x, specify endianness
Add UB check in the loongarch decoder
Add RArch.esilCb() and register a new op for x86
Implement r_arch_find() and use it from CoreBin
Fix arch.riscv.vs plugin (decoding always failed)
Move the brainfuck arch platform description into a script
Add missing space after comma in 6502 disasm
Implement arch.platform eval var + nes scripts
nds32: Fix esil for sethi, dummy BP for the regprofile and fix rcall/ret5
Initial register profile definition for nds32
Implement esil expressions for some nds32 instructions
Add "intel" syntax support for the nds32 plugin
Implement 'add r#, K' in the x86 assembler
Initial support for nds32
Update arch from Config while finding best matches
Fix rasm2 -a arm.v35 tests on x86
Define more op.type for pyc
Fix #22061 - Add 'auipc' instruction for the RV64 assembler
Properly define the conditional software interrupts
Improve SPARC control flow and code coverage
Fix bad esil on arm32 shift-reg instruction
Uncomment the new R_ARCH_INFO enum replacing R_ANAL_ARCHINFO
Handle xrefs from vector instructions on x86
Migrate the LAST and final boss X86 plugin
Unsigned capstone init option only for x86
Improve plugin resolution
Mark init, fini, and decode arch callbacks as const
Remove global state from qjs plugins
Fix division by zero when pcalign is 0
Fix sparc.{cs|gnu} endian behaviour and add tests
s390 b instruction in an UJMP because it depends on a reg
Mark java tests as broken until the arch refactor is done
Unify the invalid instruction behaviour
Make all arch plugins const (better perf)
Remove global state from arm gnu plugin
Removed deprecated variable for gb plugin
Migrate arm_cs plugin
Migrate dalvik plugin
Migrate 8051 plugin
Migrate libr/asm/arch/include
Migrate the mips.cs plugin
Migrate the AVR plugin
Migrate the arm.gnu plugin
Migrate the gameboy plugin

asan

Fix oobread in the java disassembler

asm

Fix linenum error message when failing to assemble
Use a hashtable fo the .equ rasm2 directive
Null deref in rasm2
Deprecate r_asm_op_get_buf and make r_asm_code_equ_get public

bin

Expose numeric reloc type for PE, NE, LE, BFLT, MACH0 and ELF in ir and irj
Rebase LE objects independently
Implement R_X86_64_DTPOFF64 reloc type for ELF
Implement R_X86_64_DTPMOD64 reloc for type for ELF
Fix #22742 - Implement R_X86_64_TPOFF64 reloc type for ELF
Fix 'reloc conversion failed' on some ELFs
Fix #22737 - Honor endianness in ih for elf + tests
Fix LE sections sizes and add zerofills
Fix handling of LE cross-page relocs
Fix entry point field name discrepancy in .ih* between 32bit and 64bit ELF
Support arm64 type 1026 relocs
Patch relocs in LE
Implement irqq and move the command handler out of the subcommand loop
Do not report bad imports addresses in elf objects
Better logging for unsupported arm64 elf relocs
Initial import of the RBin.io plugin
Improve uricheck to avoid bin.relocs.apply mess things up
Support unlimited buffer size for PE format
Fix kernelcache sections vaddr offset
Fix rebasing of dyld cache pointers at page boundary
Add support for iOS Simulator dyld caches
Fix/respect bin demangle macho c++ bins v3
Walk Mach-O exports from LC_DYLD_EXPORTS_TRIE too
Update pyc magic detection
Fix #22539 - Remove 2044 max hard limit in string scan
Implement the ciE command to compare exports between two objects
Add initial support for vsf dialect produced by C64 Debugger app
Handle ^C when loading/filtering symbols just in case
Use RBinName in RBinSymbol
Support coff objects
Fix security issues in coff plugin
Support XCOFF entrypoint and imports via loader
Fix how local symbols are matched to images in dyldcache
Allow images to be repeated with different names in dyldcache
Fix "alien dep" infinite loop carving deps in dyldcache
Basic XCOFF32 section handling
Support WinNT RISC COFF and AIX XCOFF32
Support DWARF section names for XCOFF64
Refactor ih outside the awful i loop, add ihh and fix ihq/ihj..
Improve RBinField to hold and expose the value in the flag names
Fix pf format size warnings in .ih* for ELF
Use RBinName for RBinClass too
Add support for list-of-lists in ObjC class parsing
Fail loading dyldcache if not using dsc://
Move dyld cache rebasing logic to io plugin
Improved ia tests and trim trailing spaces in strings
Refactor to use RBinName for RBinField(s)
Use RBinPlugin.symbolsVec() in Kernelcache
Handle R_KERNELCACHE_FILTER env in RBin.kernelCache
Deprecate addrline2, it's only used internally
Implement iSqq and iSSqq commands
m68k is 32 bit
Fix entry point determination and info for HUNK file parser
Revert "Initial part of a large refactoring using RBinName, unified attributes
Fix bin.limit for macho imports
Initial part of a large refactoring using RBinName, unified attributes
Handle Kotlin as an alias for Java in icc classdump
Initial implementation of RBinName and RBinAttr
Handle Swift demangling for __C. symbols
Hide visibility string if empty and show more Swift super-classes
Parse Swift super classes
Parse Swift field types
Fix symbol range bug in isq.
Support symbolic symbols in the swift demangler
Reintroduce RBinPlugin->{init/fini} for plugins that need to initialize a third party global runtime
Initial implementation of iic and improved symclass
Import safetiness symbol name database from iaito
Show base address associated with the binobj in obj
Handle more builtin types in the swift demangler and be more flexible
Faster ASAN CI by improving parsing checks in LE bins
Add C++ classdumper
Fix warning spotted in latest gcc failing msvc demangler
Prepend dynamically loaded bin plugins befor static bin plugins
Implement ick to dump classes in k=v form
Implement Swift formatter for icc and change some objc things
Fix header miscalculation
Introduce some memleaks in order to fix ownership later and avoid UAF now
Add support for qdsp6 elf relocs
Add test and avoid double path concats in some dwarfs
Honor baddr in the dwarf parsing
Some more code cleanup in the swift metadata parser
Demangle Swift methods and support __s types
Detect nds32 arch in ELF binaries
Support demangling swift types
Demangle Swift superclass names earlier and laterer in the popaline
Don't push NULL into the klass->super empty list
Add ic+/ic- to register new classes and methods
Shrink dynstr section size to file bounds if needed
Fix null deref in the ELF parser when dynstr section is too large
Bring back the bin.cache, and warn about bin.relocs.apply too
Support RVec in mangling/swift
Demangle dynamic attributes for Swift
Move dyldcache symbols to symbols_vec
Fix uninitialized mach0 opts in dyldcache loading
Fix type confussion bug in the RBin.loadLangs()
Remove the boffset callback from the ninds and z64 plugins
Remove init/fini from RBinPlugin
Remove unnecessary arguments to RBin.loadBuffer()
Fix early bail out in dwarf-only Mach-O symbol parsing
Revert buggy "Fix ub in macho classparsing" and add test
Take .got and .rela.plt into account as wordable sections
Rename RBinFile->o => RBinFile->bo
Fix visibility of r_bin_class_{new/free}
Fix #22096 - Stop on zero vernext for ELF
Optimize mach0 va2pa by using vec
Don't load macho segments over and over, use vec
Fix #16531 - vaddr of strings in kernelcaches
Fix canary check in mach0 binaries
Fix elf tests
Use symbols_vec in the ELF parser
Improvements on the rust and c++ mangling detection
RBinSymbol api now works with RVec for mach0
Fix #22080 - Segfault in xtr.sep64 parser
Add support for PT_OPENBSD_NOBTCFI in the ELF parser
Deprecate RBin.isString() API
Initial public vector api for rbin
Add RABIN2_NOFUNCSTARTS env var to speedup macho parsing ignoring the FUNCSTART info
Handle bin.limit in ELF and support strings, imports, ..
Warn when finding compressed dwarf sections
Honor io.va in class/method/field listing
Add bin.limit eval var and use it for macho
Fix ELF variable scope UB issue causing asan CI to fail
Introduce RBinImport.lsymbol and move the rsym. logic from core
ElfObject now takes a user-defined base address
ELF's .rel.plt is also a wordable section
More debug logs and less strictness in the ELF parser
Dont show the demangled relocs when no name in json
Fix null deref in the dyldcache parser
Use the internal RVector in mach0.vapa
Rename internal function
Import the bin.pcap plugin from extras
Support bin details from non-arch bin files
Use more overlay for relocs
Make RBinSymbol.clone() API public
The addr2line function, now also returns the column
Unresolved elf symbols are now debug logs
Use ut64 for bin bind offsets

bin"

Revert "Initial part of a large refactoring using RBinName, unified attributes

bug

Fix invalid macro identifiers in r_print

build

Fix #22745 - Fix Android static builds and autodetect NDK on Ubuntu
Honor --prefix in /sys/install.sh
Fix static linking on macOS
Add --disable-debugstuff to build without R_LOG_DEBUG, ^C and other stuff
Less default plugins for the custom meson
Fix regression in capstone 5.0.1 (--with-syscapstone)
Support static linkages via pkg-config
Add --without-syscapstone commandline flag, needed for asan
Fix mrproper on BSD systems (max args for rm)
Add support for cs5 and csnext
Initialize xtensa_default_isa to fix clang's linker bug
Honor nogpl for xtensa in the meson
Use capstone-5.0 release tarball (instead of 4.0.2)
Use realpath to force absolute path in sys/install.sh prefix
LZ4 removal for make and meson, relates to #19849
Use relative includes instead of assuming libr/arch/include
Haiku have ptrace but not sys/ptrace.h
Fix 'missing setsockopt' issue on HaikuOS

Add copilot support for pull requests

config

PDB server list is now space separated instead of using semicolons
Rename asm.usercomments to asm.cmt.user
Check cons->line is there in scr.demo setter
Introduce bin.relocs.apply config var

cons

Revert "Minor optimization by avoiding one unnecessary clearline in the dietline
Minor optimization by avoiding one unnecessary clearline in the dietline
Add log.cons option to log errors through the RCons buffer
Add missing r_cons_canvas_goto_write
Make it possible to use Enter to submit the command in dietline vi-mode
fix minor bugs
simplify code
Implement vi horizontal motions (f/F & t/T) + more di (delete in) vi commands in dietline
Implement ~ (swap case) dietline vi-mode command + fix color bug in prompt
Refactor d (delete) commands and implement c (change) commands in dietline vi-mode
Fix word deletion bugs in dietline vi-mode
Improve dietline vi-mode word motion commands (b, e, d)
Make behaviour of some dietline vi commands closer to vim's
Don't print empty lines via io.system
Make r_cons_pal_parse to always return ansi + RColor
Fix XML indent
Initial support for sixel graphics
VC and VVC rotate over 0,1,2,3 values in scr.color
Support bold attribute for the scr.html filter
Minor scr.demo improvements on startup
Implement the golden platinum shiny prompt
Fix ~{}~foo grepping indented json
Rename gui.alt_background -> gui.background2
Fix RCons.pal varnames to make them all follow the same syntax
Add ec func_var_name in the color palette
Disable the RConsMark api because getCursor is too slow
Add the monochrome theme
Free cons context marks during deinit
Better default colors that works for light and dark terminals
Initial implementation of the RConsMark API
Eliminate some globals

cons"

Revert "Minor optimization by avoiding one unnecessary clearline in the dietline

core

Use size or vsize consistently in iS.
Fix iS. paddr vaddr confusion
Add sd command to show the delta seek relative to different bases
Faster RCoreCall via RCoreCmd
Add more RCore.cmd_at() variants
Remove global state in visual UI
Refactor structure of metadata for core plugins
Fix removing core plugins from Lc after L-
Only have 1 generic qjs plugin
Add cursor mark to ds_print_data_type
Add cons mark for cursor in ds_print_show_cursor
Add column info to print_meta_offset
Add hello world text box on visual refresh
Expose injprot value in bin_info
Speedup plugin loading and startup times
Add the new RCore.cmdCallAt() and cmdfAt() APIS

crash

Fix #22767 - Some UB when malloc(0) in RBuffer api
Dont use the COFF symtable if the initalization fails
Fix segfault when loading a python rlang plugin after a qjs one
Dim symbol and section count to avoid future coff issues
Add null terminator in symbol name union, fixes two tests
Add test for the fuzzed coff file
Fix large offset passed to the pascal demangler
Fix double free in the io.gprobe plugin
Fix oobread on the inline metadata used in disasm
Fix another oobread in the nds32 disassembler and add tests
Fix index out of bounds in the nds32 disassembler
Fix heap buffer overflow in the mach0 parser
Fix oobread in dalvik disassembler
Fix negative index and oobread in array in pyc
Fix negative realloc in the ELF parser
Fix 1 byte oobread in the h8300 by defining the archinfo details
Fix 1 byte overflow in pyc parser
Use the safe r_str_scanf instead of scanf to parse gdb profile
Fix op_pos oobread crash in ollvm'd binary
Fix #22523 - 1 byte oobread in the java disassembler
Fix #22349 - oobread in xnu kernelcache
Fix #22333 - Fix oob index in global variable for nds32
Fix #22334 - oob index in global for nds32 causing segfault
Improve the situation in the non-null terminated string handling in mach0land
Fix oobread in the ELF parser. Spotted by clusterfuzz
Fix null deref assert in pdj
Fix #21970 - Null checks in the R_LOG api
Fix crash in emu.ssa reproducible even when disabled
Fix oobs in the java parser, use RLOG and stop earlier

crypto

Add json and hexpairs output to encryption modes in rahash2
Support numeric seed/key values via rahash2 -S and honor endianness via -e

debug

Fix the fix for dmh after ood
adapt get_main_arena_offset_with_relocs to different libc versions
Fix #22667 - do not call drx() on non-intel chips
Add new way to resolve main_arena
Refactor resolve_glibc_version, improve libc regex
Fix call to thread_set_state in armv7
Fix armv7 build for xnu native
Avoid failing reg read if conversion fails on xnu native
Fix thread_set_state on arm64e
Improve argument parsing for the dmp command
Fix #22563 - fix 'cannot assemble' in dmp, using egg shellcodes
Autodetect libc version and support manual specification
Import the debug.evm plugin from radare2-extras
Fix bad parsing, uaf and other crashes in the dts command
dcco steps over the function call after finding the call
Fix bitsize when listing regs via ar=
Debug plugin fallbacks
Add the missing bp.null plugin
Assume sysgdb:// implies -d
Add support for macos-x86-64 in sysgdb://
Initial support for arm64 via lldb (local and remote) in sysgdb://
No warnings when /proc/pid/maps is not available on remote gdb targets
Revert "Dont dupe map file and name if not necessary
Dont dupe map file and name if not necessary
Prefix 0x hex values in drr
Fix dptj and add dpt? help match
Implement 'dpq' command to just show the current pid
Add dbg.glibc.path eval var to override magic guessing
dce is no longer a windows-specific command
Refactor r_debug_trace_list
Store tracepoints in vec
Migrate rv32ima plugin
Migrate gdb plugin
Migrate winkd plugin
Migrate qnx plugin
Migrate bochs plugin
Store current debug plugin session, migrate plugin
Improve naming for callback functions to reduce confusion
Add cleanup of plugins
Redesign plugins to have user data
Add RRegType "privileged" and use it from the gdb profile

debug"

Revert "Dont dupe map file and name if not necessary

diff

Analysis diffing warnings are now debug messages
Implement EXPERIMENTAL radiff2 -T to analyze bins in parallel
Handle one more level of -A in radiff2

disasm

Fix #22576 - Add esil object in pdJ with detailed info
Dont show asm.emu comments when asm.comments is off
Rename asm.calls to asm.cmt.calls
Fix glitch in asm.bytes.space
Implement pdsq and pdsfq commands. Improve help message
Fix glitch when asm.bytes.space+asm.bytes.align+asm.nbytes%2
Improve asm.offset.relto only via pd
Avoid double disasm in some situations
Emulate previous basic block instructions when emu.bb is set
Implement emu.bb and honor it in pd
More stable asm.indent, but still experimental
Add asm.flags.inoffset
Add asm.flags.prefix (true by default)
Show basic block color even if asm.trace is false
Show noreturn attribute in the function signature
Add asm.lines.limit config variable to hide asm.lines if disasm is larger
Fix glitch + tests asm.bytes.{align,space}
Improved unaligned cases in the listings
Add asm.trace.{stats|color} and better trace visualization in graph and disasm

doc

Update rax2 manpage and fix help
Add r2pipe2.md RFC
Extend the manpage reader to support more attributes
Update manpage for rasign2
Update ESIL manpage
Update rafind2 manpage
Update documentation for macOS/arm64e
README: Fix unit tests target after fd9f8d631
Add r2diaphora reference in the readme

emulation

Implement arAj and show help in arA?
Fix aesou - not stop on calls and properly parse argument
abpe now runs the commands and old abpe is now abpe*

esil

Add the esil.forth plugin to support the basic ops for the language to work
Initial implementation of the ESIL compiler in the ae! command
Move esil2c from core to libr.esil
New command 'aeae', like aea, but taking an esil expression as argument
Add '= ' and ':= ' esil ops as a workaround for ae oneliners
Implement dre/are to list regs in esil format
Add loopcounts to ESIL trace
Remove global state for old callbacks
Reintroduce r_esil_plugin_remove to satisfy generic plugin management in core
Fix esil_plugin_remove
anal->esil can't be null now, improve default initialization
Improve aesue feedback and add tests
Fix 'ae 1,xmm0,=', bug in '=' esil op with 128bit regs
Fix x86 XOR ESIL for 64bit registers
Fix #22029 ESIL for REP[Z] RET
Fix esil plugins by removing leftover and adding aeL command

fix

Fix mnemonic output in m680x plugin

Expose ownership and permissions to the posix filesystem
Show error when unmounting not mounted mountponts

globals

Remove globals from bin.avr

graph

Fix graph title not current
Honor colors in graphviz output
Add graph.bb.maxwidth eval var and VV[] keys to adjust it
Use VisualMark in the interactive graphs
Honor pal.title color in the interactive graph
Add '%' key in the interactive graph to hud over function code
Fix segfault and wrong graph layout in aegv

hash

Add missing authors for the crypto plugins, update manpage

Add dyld shared cache rebase info v5
Fix potential double free in io_map_overlay and io_treebuf
Bring seek error back to UT64_MAX in dsc
Fix #22269 - RAP seek over 2GiB
Support whole address space for IO
Show error when user applies relocs on urified ios
Remove unused undo field in RIOPlugin
Fix r_io_v2p
Revert "Large null:// allocation causing negative pointer issues on iobank
Improve map tying support
Move dyld cache rebasing logic to io plugin
Add dsc:// io plugin for dyld cache
Adjust map boundaries on RIODesc resize
Assure map boundary sanity on creation
Faster frida://0 startup times
Add gprobe:// flash commands
Properly handle gprobe:// Print-messages
gprobe:// receiving is fixed, so checksums can be verified
Make sure that gprobe:// data is completely sent before receiving
Fix gprobe:// serial port setup, so no CR/LF conversion happens
Implement :j for ihex:// (json info)
Implement :i in ihex:// to generate a new ihex
Add system callback for the ihex:// plugin to get the written ranges
Fix infinite loop in io.ihex
Honor r2 -n with frida:// targets
Add x86-32 support to sysgdb://
Initial import of the sysgdb:// plugin
Implement r_io_bank_get_byname and the omnb= command
Implement the new cyclic:// plugin
om handles the '.' as an alias for the current fd
Implement "o=num|flag" to change current fd
Implement o** and om** to jsut get the flags
Fix io.seek bug in self://
Relax =+rap://ip/ (missing file) assert check
Fix type of enabled field in io cache
Refactor structure of metadata for io plugins
Fix memory leak with cleaning up qjs io plugins
Implement qjs bridge for r2frida via io->system
Add r_io_bank_get_region_at and r_io_get_region_at
Harden some makros
Add map overlay support to r_io_bank_write_to_submap_at
Add r_io_map_drain_overlay and r_io_drain_overlay
Some hardening for r_io_map_write_to_overlay
Deprecate RIORelocMap; Introduce RIOMap overlay
Add wc--* command to purge all cache layers
Redesigned IO cache with layers
Fix bug in io_treebuf plugin
Add r_io_{desc/fd}_system
Switch to the new io cache implementation, remove old code

io"

Revert "Large null:// allocation causing negative pointer issues on iobank

Add JSON output to /e
Honor cfg.json in axt and other a subcommands
Honor cfg.json.num in pj_n too
Upgrade r2papi to the latest 0.2.2 adding Process and Module objects
Only show fields and methods json objects if not empty
Improve Ldj and Lcj outputs

json

Add JSON output to /e
Honor cfg.json in axt and other a subcommands
Honor cfg.json.num in pj_n too
Only show fields and methods json objects if not empty
Improve Ldj and Lcj outputs

lang

To use r2pipe-ts we depend on nodejs, so ts scripts need node now
Implement r2pipe on the r2js lang plugin
Use the core api to run home scripts and handle more extensions
Fix nim and typescript plugins
Implement r2.callAt and speedup r2.call for the qjs
Fix js warnings when R2_DEBUG_NOPAPI is set
Expose the global 'ptr' function like in Frida
Update r2papi.ts to 0.1.2: add new apis
Add js example converting json zignatures into r2 scripts
Add r2.syscmd and r2.syscmds for lang.qjs
Support qjs.io.close callback
Add initial support for writing IO plugins in QJS
Refactor qjs code
Allow N > 5 qjs plugins
RLangPluginInit now returns bool

optimization

Slight code improvement for init_ehdr

panels

Add 'Full Version' entry in the help menu

perf

Inline sdb.hash improve performance in hash

port

Fix MSVC Arm support
Fix archos detection on AIX
Portability fixes
mangling/microsoft: Fix dollar in identifier
AIX configure support
Don't use /dev/stderr
Fix lock_init sym collision on AIX
Add AIX config support

print

Add colors and improve the pie chart rendering a bit
Add pf2 using util/format2.c as wip refactoring
Fix hexdump with half rows filled and pairs=false
Fix inter basic block goto loc in pdc
Implement afsv command to visualize function signature with given args
Implement pv1d vs pv1u
Reduce cache misses in JSON parsing apis
Implement pso in sync with /az to search strings constructed with code
Implement pvd command (pv2d, pv4d), like pv, but in decimal
Add support for 16 and 32bit pascal strings
Implement p8d command to print bytes in decimal
Implement psn command to print string until newline

r2pm

Fix r2pm on some windows (packages contain \r\n instead of \n
Make R2PM_PLUGDIR point to the system directory in global mode
Add support for R2PM_CONFLICT
Dont load r2 plugins when called from packaging
Add R2PM_LIBDIR env var
Fix update requirements to make startup faster
Make -U implicit when there's no dbdir cloned yet
Don't reinstall pkg dependencies when not doing clean installs if thay are already there
r2pm -t now tags tags/commits and it's now strict
R2PM_SUDO + SUDO just in case
Set library path for r2 prefix and r2pm prefix in r2pm -r
Deprecate the wordish arguments in r2pm

r2r

Load plugins when running extra tests
Add R2R_TIMEOUT env for r2r and use it from the CI
Add missing error code checks in chdir calls

rax2

Add RPrint.binFromStr and RStr.binstr2bin and RStr.binstr2str

refactor

Renaming r_num_get_float to r_num_get_double
Make clear that r_return* is a macro!
elf_init: Clean up the code a little bit
Use .inc.c in libr/core

reg

Implement 24bit regwrite support
Add =TR to reference the thread register in the register profile
Optimize r_reg_cond_from_string
Add GP and RA register alias names

sdb

Fix undefined behavior in swisstable impl

search

Add support for globbing flags for search.in
Honor search.badpages in RCore.analSearchXrefs
Add search.named option (disabled by default)
Improve syscall search results on x86 (/as)

shell

Support using the question mark in rlang plugin calls
Add base64 for CC (not only CCu)
Add "b=" command as an alias for "b "
Handle ^F and ^B in RCons.less
Handle -jv and make that logic generic across all tools
Make rahash2 -qc really quiet (report only via return code)
Support internal files in the tac command
Bring back the multiline macro support
Fix #22656 - Handle quoted pipes
Add scr.timeout covering the ^C blocks
Fix #22652 - Handle ^C in pdj
Improve help message for afl,?
Initial WIP implementation of pl
Fix #22594 - Handle long flags in r_getopt as an alias for help
Implement support for json and r2 output for %env
Fix #22588 - Support multiple redirections in the same line
Fix error and add missing help for r2 -qc '?*~abcd' --
afbt -> afb,
Refactor ie outside the subcommand loop
Move 'ic?' help into a separate listing
Add support for wide pascal strings
Fix dc derivatives causing unintended seek
Initial ic, ia refactor and make icc take lang as argument
Fix ?*> dumping to screen
Implement ~$$ for internal sort+uniq grep filter
Port iaj fixing some invalid json bugs
Fix iiqq confussion and start delooping the i subcommands
Add afn* command
0x command also saves seek history
Verbose R2_ARGS for debugging purposes
pdua now takes a math arg, not just a number
Keep r2 short help under 80 columns
Implement sfp and sff commands to seek nearest function or flag
Fix popd warning when there's only 1 pushed folder
Fix #22344 - Fix invalid json in ax.j command
Hide the rasm2/rabin2/.. unrelated plugin loading errors
Add afcj as an alias for afcfj
Add help for arb?
Fix code instead of help message for the yank command
Add more emojis for ls -e
Fallback to 'o.' when running dpe without debugger
Implement iE, command to table-query exported symbols
Fix glitch iterating script files provided via -i
Honor bin.lang in the icc command
Recognize the 'yr' command as owned by r2yara
Show bools as bools and ints as ints in ej json output
Fix 'unknown subcommand' error in ?* .. aet?
Add im* subcommand and honor bin->mem callback
Add obi as an alias for i
Expand r2 -Vj output to include all plugins, thirdparty and other version info
Implement 'Lbj' to list bin plugins in json
Bring back the r2 -Lj, and fix -LLj
Add scr.prompt.code to display return code in the prompt
Add signed subcommand for the pv family
List analysis plugins with the 'a:' command
Implement missing Lb command
Fix |H and temporal scr.html
Add 'aet' +help, fix assert in 'r2 -d XXX' and RConfig.getB
Support 'e key.?' syntax as alternative to 'e?key.'
Fix ?vi [1:$$] to read 1 byte from current offset
Add ~<> cons filter to indent XML
Reference abc command in the afbc help message
abt->abp (path between bbs) and add the new abt for tracing tags
Fix some bugs in the ls command parsing
Fix 'ar=32' vs 'ar= 32' both are valid
Fix autocompletion for pfc.
Add file.anal times in ?T

shlr

Fix qjs MSVC support
sdb-sync
Improve quickjs portability

signatures

Fix #22132 - Add support for loading zignatures in multiple formats

test

Fix running arch/debug specific tests in r2r
Implement the NORUN directive for r2r
Some more tests for the COFF bigobj binary
Add 'F' in r2r to fix all tests, fix fgets usage
Fix mnemonic output in m680x plugin
Implement ENV directive for r2r
Implement they REPEAT directive for r2r
Use meson in the perf suite, add GHA scripts and 'make some'
Add memory log parser
Initial implementation of the benchmark suite
Fix cd test/db/cmd && r2r .
Document R2R_OFFLINE
Fix return code when running r2r against .c files
Accept .c files as argument to r2r

tests

Fix running arch/debug specific tests in r2r
Implement the NORUN directive for r2r
Add 'F' in r2r to fix all tests, fix fgets usage
Implement ENV directive for r2r
Implement they REPEAT directive for r2r
Use meson in the perf suite, add GHA scripts and 'make some'
Add memory log parser
Initial implementation of the benchmark suite
Fix cd test/db/cmd && r2r .
Document R2R_OFFLINE
Fix return code when running r2r against .c files
Accept .c files as argument to r2r

thread

Current cmd.depth depends on core, not on the global cons context now

tools

Fix #22698 - Implement rax2 -j flag for json output
Rename rax2 -l to rax2 -n
Rename rax2 -n/-N to rax2 -x/-c
Rename rax2 -x to rax2 -X
Support quiet json plugin listing in rahash2 via -qjL or -jjL
Implement rahash2 -Lj to list plugins in JSON
Fix rax2 -l behaviour
Implement R2_ARGS environment
Handle RARUN2_ARGS env var in rarun2
Swap -a and -A in rasign2

util

Handle URL safe base64 decoding
Implement the sub-beats computation in RTime.beats()
Improve RStr.rwx permission string parsing
Implement scansets support in RStr.scanf
Initial import of our custom and safe r_str_scanf
Fix diff command
Fix r_print_hexdump() when called with RPrint *=NULL
Fix bug in r_str_split_list
Implement RRange.toString()
Joyful RStringSplit.asVector()
Swiss htuu / htpu / htsu
Add last function to vec
Fix issue with creating vec of pointer type
Cleanup swisstable code
Add cwisstable headers + support headers
Add hacky implementation of r_graph_pdom_tree
Fix domtree graph
JSON is not happy with \x
Allow append in vec to deep copy
Rework vec macros to inline finalizer function
Implement small vec optimization
Refactor vec generate macro
Do not sort vec if empty
Fix memory leaks in diffing code
Add more vector algorithms (partition, uniq, eraseback, ..)
Add sort function RVec, const correctness
Add find_index function to RVec
Update find to take any value type for more general use
Add find function to Vec
Cosmetic patch
Add r_graph_dom_tree
Add new optimized vector implementation
RFile.path() returns NULL if not found
Get rid of the unused skyline data structure

visual

Fix #22706 - Honor dbg.follow in F7/F8
Follow r:SP in the stack panel
Fix #22640 - improve sidepanels in limited space
Show proper help in VT and support tab and body scroll
Fix vbl and add vbL for the old one
Handle [] keys in VT
Add cmd.vprompt2 to run a command after the visual prompt
Use pdr instead of pdf to show non-linear functions in Vv
Fix regression in visual hex cursor
Implement scrolling in current r2slide
Fix visual marks commands: fV* and fV-#
Unify the visual_find() code with graph and visual
Implement VV% for the plain V%
Integrate Cb with disasm asmq key hints
Improve usability of Vdr - show disasm while renaming function names
Make V/ update the highlights in realtime

vuln

Patch Escape Sequence Injection Bypass

write

Implement 'wao+' command and remove RCore.hackHelp()

zignatures

Add rasign2 -i to run a script before generating signatures
Mangled function signatures for za
Hide duplicated xrefs in zg
Fix missing zignature xrefs, resolving source function name instead of flag
Enumerate any kind of refs/xrefs not just call/code ones

5.8.8

10 months ago

Release Notes

Version: 5.8.8 Previous: 5.8.6 Commits: 192 Contributors: 11

curl -Ls https://github.com/radareorg/radare2/releases/download/5.8.8/radare2-5.8.8.tar.xz | tar xJv
radare2-5.8.8/sys/install.sh

Highlights

More details

Authors

Dennis Goodlett Dennis Goodlett Hertatijanto Hartono Luc Tielen Luc Tielen Murphy condret pancake pancake phix33 rgc

Changes

anal

Small improvement on tail call detection
Check for noret destinations in afbr listings
Consider zero pages as invalid code
Dont enable debug tracing from type propagation
Implement ahb-* missing command
Make macos/ios targets inherit types from darwin
Fix aod command for pickle arch

analysis

Small improvement on tail call detection
Check for noret destinations in afbr listings
Consider zero pages as invalid code
Dont enable debug tracing from type propagation
Implement ahb-* missing command

arch

Improve tricore.cs handling jumps/rets/movs/
Fix ESIL MIPS64 NOR instruction
Migrate java plugin
Migrate i8080 with full refactor
Fix max asm len in pickle
Fix cs4 build of the sh arch plugin
Honor endianness without messing with capstone initialization in ppc.cs
Remove global state in ppc_cs plugin
Migrate ppc_cs plugin
Update to the latest capstone for new sh and tricore
Remove global state in v850 plugin
Remove global state from loongarch dis
Remove globals/duplicate code in riscv plugin
Remove global state in lua5.3 plugin
Remove global state from 6502_cs plugin
Remove global state from xtensa plugin
Cleanup global state in riscv plugin
Remove thread local state from m68k_cs plugin
Remove global state in loongarch plugin
Refactor z80 plugin to not have global state
Migrate sparc_cs plugin
Add more call level registers for i4004
Dont abuse asm.bits in bin.pyc and honor asm.cpu
Add support for 4bit registers
Initial support for the Sharp SM5xx MCUs

asm

Improve adrp instruction assembler and add more tests

bin

Warn on unresolved symbols/relocs in ELF and better handle -1 addresses
Parse more CodeSignature fields for mach0
Parse CodeSignatureDirectory entries for mach0
Faster Css using the api instead of Cz with tmpseek
Use Css in ELF (instead of section.has_strings) to avoid flags
Apply section formats in a second iteration
Fix #21823 - tag static elfs as non libinjectables
Fix #19964 - show relro:no even if no dyn section is found
Add support for even more elf reloc types
Add support for more elf reloc types
Refactor elf get_import_addr checks
Fix #21715 - Add baddr to the class info from DEX
Add missing flags for the internal ELF symbol relocactions
Check for PT_LOAD segments before fully reading elf phdr
Iterate over vector i.s.o. list in elf entries
Speed up loading of elf relocs
Refactor even more parts of elf loader
Refactor more of elf loader
Refactor more elf loader code
Use main=-1 instead of 0 before finding the symbol in mach0
Handling ELF symbols with no name
Refactor more functions in elf loader
Refactorings for elf loader
Add RBinInfo.libinjprot field for mach0 at least
Infer asm.os from platform's LC_BUILD_VERSION
Improve performance when loading mach0 classes
Implement basic pdp11 binary parser and a bit better disasm
Add support for more ELF SPARC relocs
Implement ELF relocs for SPARC and MIPS and avoid duplicates

build

Update and improve r2docker as well as publish the new image into the hub
Add r2pm build-arg to the r2docker with r2frida,r2ghidra,r2dec packages
Install r2frida and use /usr as prefix for r2docker
Apply fixes from the Termux package and update acr
Add wasm to the default meson builds

apt-get update before install in the syslibs job

cons

Faster ~? rcons filtering
Improve the twilight theme
Fix #21772 - Ensure RCons.raw after reading from user in ~/
Early return on RCons.flush() when nothing to do
Detect too large input strings in RCons.prompt
Fix RCons.readCharTimeout()
Remove globals from 2048
Remove global state in stiv
Fix ::pd and ::? glitch with (null) colors

core

Make fortune file selection random
Make all the RCoreCmdStr functions R_MUSTUSE its return
Refactor global state in vslides

crash

Fix UAF in 8051 analysis on fuzzed code
Fix out-of-memory allocation on a fuzzed plan9 binary
Fix oob write in dyldcache accel loading
Store the vector index instead of a weak pointer for the ELF
Prevent an oobread in the lua bin parser
Fix UAF read in the LUA bin parser
Fix UAF in RNumCalc

debug

Fix reading and parsing /proc/pid/maps from remote gdb on android
Fix #21813 - parsing reg profiles from android-gdbserver
Don't run dmh on macOS when not debugging
Fix null deref in get_base_from_maps
Add initial debug heap support for macOS
Initial import of the rv32ima debug plugin

disasm

Implement asm.cmt.token to choose the comment prefix token
Fix '*' cursor mark on some addresses
Implement hint color for nicer disasm comments
Implement asm.offset.focus to show addrs ofs interest
Add ahi36 and asm.offset.base36=true
Implement asm.bytes.asbits to display instruction bits in binary

egg

Initial support for arm64 eggs

esil

Fix null derefs and memleaks in {esil,debug}traces
Improvements in the visual esil debugger and documentation

graph

Set terminal in raw mode before entering visual graph mode

Remove meaningless optimization leftover in io.cache
Fix and prevent null assert on RIODesc fixing zip0://
Fix hypothetical arbitrary code execution vuln in r_io

lang

Implement RLangPlugin.init for Go,Rust,Typescript and Zig
Make RLangPlugin.init() actually define if can be instantiated
Fix RCons.noflush issue when using '-i foo.c'
Improve r2js module loading, honoring relatve and absolute paths
Update r2papi.ts 0.1.1
Support relative module resolution in qjs
Fix alias marker parser in the qjs loader
Handle .r2.js file extension

main

Move .inc files to .inc.c for editor support
Remove global state and fix memory leak in rabin2

print

Fix invalid json on 'pfj x[1]z'
Fix assert on null deref with the 'pf E' command
Let 'pxr' follow tagged pointers

qjs

Handle multiple ../ imports

r2pm

Implement r2pm -t for timeless packages
Fix r2pm when launching it from a deleted working directory

search

Implement Css (section string scan) and Csz (same as Cz)
String search no longer requires a keyword

shell

Show log.level=? help message
Merge all R*2_NOPLUGINS as R2_NOPLUGINS
Ship and use our own manpage reader
Implement man command for launching "man pages"
Autocomplete -i command
Fix help message for idp?
Show capstone version in r2 -v
Show build system used (meson|make) in r2 -v
r2pm search is case insensitive
Fix the r2p tool and add a test
Fix help for ?:? and show its links with =!

shlr

Fix undefined behavior when reading java uints

tests

Implement r2r -g to run the tests associated with the files changed

tools

Implement rax2 -rS and update manpage

util

Add support for base36 numbers
Remove global state in time.c

visual

Visual ESIL debugger improvements
Improve and simplify Vv ascii art, and make it available from panels
Call more setraw() to fix a recent visual regression
Improve interactive config and color editors

windows

Fix stty windows warning

5.8.6

11 months ago

Release Notes

Version: 5.8.6 Previous: 5.8.4 Commits: 295 Contributors: 23

Highlights

More details

Authors

AlexanderKucherov CorruptedVor Francesco Tamagni Hripsimee Ildar Ildar Sadykov Leopold Luc Tielen Luc Tielen Mewt R MewtR R Sylvain Pelissier Yedidyah Bar David Yuvraj Saxena Zhipeng Xue echel0n pancake pancake rgc semgrep.dev on behalf of @trufae theNKCode tsunekoh

Changes

anal

Handle 'int 0x20' as eob on x86-16 (assume DOS)
Fix null deref in arm32 calling conventions via 'aaef'
Handle more noreturn functions
RAnal.cur can be now set to NULL
Fix aae logic for mem read xrefs
Fix #21576 - Function stack frame size in case of FP register in a Thumb's PUSH
Improved instruction mask using the new aobm and anal.mask
Support big endian value search analysis (aav)
Fix null deref in signatures when using corrupted analysis info
Hide meaningless AnalOp fields in ao/aoj

analysis

Handle 'int 0x20' as eob on x86-16 (assume DOS)
Fix null deref in arm32 calling conventions via 'aaef'
Handle more noreturn functions

api

Deprecate r_str_cmp()
Rename R_CONST to R_TAG and add unit tests for them

arch

Migrate tms320 plugin
Cleanup global state in mips gnu plugin
Migrate mips gnu plugin
Migrate chip8
Handle the arch.decode default size and mnemonic on failure
Migrate xcore plugin
Migrate m68k_cs plugin
Migrate 6502_cs plugin
Migrate m68k_cs plugin
Refactor global state in loongarch plugin
Migrate loongarch plugin
Handle RArch.getRegProfile() from RAnal.setRegProfile
Fix the wrong plugin used after failed arch.encoding
Rename arch.arm plugin 'arch.arm.nz'
Use plugin name instead of arch name to fallback
Propagate endian settings
Honor RArch.setBits via RAnal.setBits
Support fatmachos with slices using arch plugins
Improve automatch plugin with encoder support
Resolve ${arch}.nz as fallback when finding an assembler peer
Remove '#' sign before immediates in the snes9x disassembler
Fix 1 byte oobread in the wasm disassembler
Migrate s390.cs and fix the abidiff suppression rules
Migrate the ppc.gnu plugin
Migrate m68k_gnu plugin
Improve the riscv analysis
- Fix esil emulation for riscv's jr/li/mv
Migrate S390 GNU plugin
Dont use strtok in the riscv plugin
Migrate the hppa.gnu
Migrate the sparc.gnu plugin
Improve brainfuck VM using ESIL and arch restrictions
Migrate the brainfuck
Remove unneeded line in meson build after plugin migration
Migrate h8300 plugin
Migrate the pyc plugin
Migrate msp430 plugin
Fix archinfo for v810
Add wip archinfo and wip regs and make mcs96 an arch plugin
Migrate ebc plugin
Migrate lh5801 plugin + add missing regprofile
Migrate the pdp11 plugin
Migrate arc
Expose the value of arm's ADD in op.val
Implement wao nop for riscv
Migrate arm.v35

asm

Implement 'call [rip+X]' for x86.nz and add tests
Fix UB in signed type shift left on arm64 assembler
Fix tb instruction for ARM assembler

bin

Fix double free in elf loader
Fix memory leak in mach0 relocs
Fix memory leak in xtr fatmach0 metadata
Fix memory leak in elf loader
Fix compile warnings for elf loader
Improve handling of nindirectsyms for corrupt macho binaries
Fix crash due to int overflow loading mach0
Refactor / improve loading of ELF symbols + imports
Shorten path on invalid fatmachos fixing a recent null precondition check
Better use of preconditions and r_log in fatmach0
Refactor loading of elf fields
Refactor loading of elf libs
Refactor elf loading of relocs
Refactor even more loading of elf sections
Refactor elf loading of sections
Refactor mach0 loading of relocs
Silent warning on empty dwarf blocks
Unused var had a meaning in the xnu kernelcache parser
Refactor loading of mach0 sections
Conditionally parse mach0 start symbols
Fix bug wrongly casting dyld/kernelcache to mach0
Remove code, port dyld + kernel cache to new API
Fix UAF in the p9 parser
Refactor loading of mach0 symbols
Refactor loading of mach0 libraries
Implement review remarks for mach0 import parsing
Refactor mach0 loading of imports
Refactor string comparisons in macho parser
Add demangled column in the symbol listing
Add LC_AOT_METADATA parsing support for mach0
Reuse recusion in c++ demangling with lower bounds
Fix some oobread bugs in the ELF parser
Initial steps to support column details in dbginfo
Optimize dwarf parser reducing getsection for strp
Remove global in the DWARF parser
More ELF cleanups on the symbol allocation logic
Minor cleanup in the ELF parser
Fix Mach-O symbol parsing in dyldcache
Blind ELF fixes
ZeroPad addresses in iSq and iSSq

build

Fix some -fvisibility=hidden issues
Fix meson -Dnogpl=true compilation
Update to the latest wasi-sdk-20
Fix R_SYS_ARCH name for native s390x
Fix r2r build when doing static linking
Fix SocketNotificationRetrieveEvents already defined issue
Make sys/sanitize be aware of the memory sanitize check
Fix #21375 also for linux-arm-64.sdb syscalls with meson
getcpu is reserved by linux's sched.h
meson support for smallz4, relates to #19849
Use Smallz4 instead of liblz4 which is optional

Add crosscompiled arm64 debian builds
Add arm64, riscv64 and s390x qemu builds
Move the tarball distribution code into dist/tarball

cons

Fix #17194 - Fix 'e scr.pager=..' to set the internal pager
Add greepy color theme (green + pink + white) glitch-style
Add support for ""ec in theme files

core

Fixes the bfbug losing arch setup after o malloc

crash

Fix double-free in r2pm when no python bin in path
Fix oobread in /v
Fix 2byte oobread in /a subcommands
Fix null deref on null :: command via fuzzing
Fix null deref on fuzzed thready command execution
Fix null deref in unaligned arm thumb instruction via /ad
Fix oom bugs in the XTAC parser
Fix large memory allocations on corrupted LE binaries
Fix infinite loop in the GNU C++ demangler
Track recursivity calls in the HFS parser to prevent stack exhaution
Fix oobread bug in asn1/pkcs7 parser
Fix uninitialized field accesses on corrupted DEX
Fix UB with uninitialized read in dwarf parser
Fix infinite loading time in minidump file
Fix unaligned pointer access in sha256
Fix division by zero in the HFS parser
Fix oobread segfault in the grub's HFS parser
Fix ininite loop in the ext2 grub code (DDoS)
Fix 8 byte oobread on pkcs7 parser
Fix UAF in the dwarf parser
Fix non-null-terminated string in dwarf
Fix null deref in the dyldcache
Fix oobread in swift field parser
Fix 4 byte oobread in objc analysis on 32bit binaries
Fix oobread in dwarf parser
Fix oobread crash in the visual bit pixel editor
Another dwarf null deref
Fix oobread in the xcoff64 parser
Fix an 1byte oobread in the pyc plugin
Avoid large allocation in the elf parser
Check for null pointers in uleb and dwarf
Fix oobread in omu command
Fix large allocation bug in the elf version parser
Fix null derefs in the dwarf parser
Fix oobread in the msvc demangler

dalvik

Fix two UB bugs doing left-shift on signed type

debug

Warn the user when using dd/dm/di without a child
Fix 64bit column register listing glitch
Allow 'dcu main' even if there's a 'db main' already set
Implement dtj command to list debug traces in JSON format
Fix null deref in dtd when the process is dead
Fix status register in the regprofile for darwin-arm64
Dont display the cpu flags if the arch doesn't support them
Adjust bpcount and use typedefs instead of structs in bps
Define RISCV breakpoint instructions
Native debugger for OpenBSD and NetBSD on arm64
Add cmd.step config var to run a command after every debugger step
Partial fixes for better register profile and arch switching handling

diff

Initial implementation of the 'cgfa' command

disasm

Do not draw ref lines of invalid branches
Fix asm.pseudo for arm64's stur instruction
Implement pseudo for riscv's 'auipc' instruction
Fix '\xff' strings issue in bsd-rv64/arm64

dwarf

Implement parsing optimization for dwarf5
Store column information in the addr2line database

esil

Fix UB when shifting value too far left
Fix bounds checks for ESIL and reg values
Implement 128bit regstore esil emulation
Dont emulate null instruction types, causing invalid analysis
Fix #21564 - 128bit support via [16] and RReg for arm64
Implement 'aoem' command to show memory refs via emulation
Move the esil #! r2 command as an op instead of parse

Add test and fix oobread in the hfs parser

graph

Improve color support in graphviz, still wip

hash

Add elf hash planned for r2-5.9.0

Fix #21705 - check r_io_plugin_add return value and freed unused allocated memory
Implement zip0:// uri handler
Large null:// allocation causing negative pointer issues on iobank
Support wcu command for new io cache
Implement wcf command for new io cache
Fix segmentation fault when listing cache entries before init
Fix usage of cache in pde command
Prevent multiple initializations of cache
Fix cloning of cache
Retain order of writes to cache during clone
Fix list bug in new cache
- Change written flag to a bool in new cache
Fix memcpy bug in the new cache

json

Fix wrong json key string (refs to name) in anal_axg

lang

Better typescript entrypoint support and fake r2pipe
Support running typescript files without r2's Gmain
frida-compile bundles can contain anything, we only interpret/load the .js ones

panels

Support JK scrolling (+-5 lines) in modals

performance

Branch prediction optimizations (3/3)
Branch prediction optimizations (2/3)
Branch prediction optimizations (1/3)

print

Improve RTable trailing spaces
Fix trailing spaces in table
Implement 'piE' command, like 'pie' but for bytes instead of ops

r2pm

Move and update r2docker into dist/docker
- Update to Debian:11, add README for r2docker
Prefix tar flags with a dash for portability reasons

reg

Fix bounds checks for ESIL and reg values
Add support for LE/BE 24 bit registers
Fix RReg.setValue on 128bit registers

search

Faster aap on large empty maps
Add search.badpage to customize badpage scan

shell

Better LA/Ll listings
Implement the -L command
Autocomplete -e inside r2
Sync output from rax2 -r and r2's ? val
Implement jq command as an alias for !jq
Add build optimization and precondition check levels in -v
Reuse RStr.version() from r2's '?V'/'-v'
Show '(asan)' in r2 -v when runnin sanitized builds
Implement 'uname -a' flag
Add -v, -vj and the 'r2.' command as a short for js oneliners
Add ?ee and ?ei command for stderr echos
Always use the return value of RTable.query()
Dont list symbols when using is,:help
Add rasm2 -N to mimmic the r2 -N flag
Use r2 -NN from r2r and extend the env for rasm2/rabin2
Use more R_LOG instead of eprintfs in some commands
Fix null deref in dte
Add -V command as an alias for ?V

signatures

Add experimental zign.mangled to not use demmangled symbol names
Use "" command syntax for the z* output
Filter zignature names before validation

util

Fix UAF in RStr.replaceIcase() spotted by coverity

visual

Experimental graph debugger layout
Fix #21658 - Fix zoom mode glitch in panels
Only run 'diq' in visual when cfg.debug

webui

Add r2bolt webui PoC

write

Implement wao recj for arm64

5.8.4

1 year ago

Release Notes

Version: 5.8.4 Previous: 5.8.2 Commits: 277 Contributors: 29

Highlights

More details

Authors

Dennis Goodlett Dennis Goodlett Francesco Tamagni Jose Antonio Romero Jules Maselbas Jules Maselbas Koh M. Nakagawa Lazula Mewt R MewtR Mohamed Lemine Ould El-Hadj Murphy Murphy Murphy Pau Rodriguez-Estivill Richard Patel Siguza Sylvain Pelissier Sören Tempel Teutates Yaroslav Yuvraj Saxena Zhipeng Xue condret icy17 ksen-lin meme pancake

Changes

anal

Support function arguments without a name
Optimize RCore.analOp() lowers aa from 1m23 to 1m19
Make aab even faster (39s -> 32s)
Fix #21340 - fix list of callrefs in afij
Add some recently seen x86-32 preludes
New 'aarr' command to reanalize all function refs
Add support for DUP in esil_dfg
Add fake =SN for gb to fix the missing =SN warning
Implement esil-dfg support for POP
Initial implementation of the aob/aobj commands
Do not override anal.calls user settings in aaa
Use a visited check to speedup recursive reference analysis
Invalid call from warning is now a debug message
Handle missing LDURH on arm.v35
Add refs column in aflt listing and fix refs&xrefs counting apis
Remove duplicated code adding a string reference during analysis
Set refptr for Xtensa l32r opcode for better disassembly output

api

Introduce the new R_CONST macros

arch

Migrate cr16
Migrate cris from anal to
Update to the latest capstone for SH and arm64 improvements
Move the riscv.cs plugin
Improve v850 esil support
Move the pic
Move the anal.tricore
Improve the NIOS arch plugin with regs, archinfo and invalid
Move and improve the anal.alpha
Move Vax plugin from anal
Add Inferno Dis VM
Move the bpf plugins
Move anal.lm32
Move the z80 plugin
Add support for all-bits-set registers needed for LANAI
Move the lanai plugin
Fix the type used for the fini callback in r_arch_plugin_t
Move the mcs96 plugin
Fix #21325 - Do not assert when instantiating empty plugins
Convert kvx analysis plugin into arch
Add esil support for satadd, satadd_imm5, satsub and satsubr v850 instruction
Handle wasm control flow errors better
Wasm accept br out of if/else
Refactor wasm into arch
Move xtensa into the
Initial re-import of the LUA bin parser and disassembler from extras
Move the ws plugin and annotate the plans for 5.9
Move or1k into the arch
Add evm.sdb.txt with description
Add esil support for mulh reg, reg v850 instruction
Move anal.evm.cs into arch.evm
Rename evm.cs to evm
Add esil support for v850 stb, sth and stw instruction
Add esil support for v850 ldb, ldh and ldw instruction

asm

Add more conditional branch instructions for the arm64 assembler
Implement conditional branch instruction for the arm64 assembler
Improve armass64 for tbz/tbnz to handle relative instructions

bin

Report errors when failing to patch relocs in the internal buffer
Implement qword to better display patched relocs in macho
Fix #21451 - Support IDREF in cf_dict parsing
Apply macho relocs on the swizzled buffer if bin.cache is not set
Find libswiftCore and libswiftDemangle in linux paths too
Fix wrong check in dyldcache rebase v2 logic
Add new fuzz.bin2 program and fix integer overflow for XTAC
Prevent an oom in the macho when corrupted fields are involved
Fix infinite loop in the xtac parser
Fix oom in the LE parser
Fix ELF parser hang on malformed .plt.got header
Fix sign warnings in the elf parser spotted by msvc
Fix absolute path resolution for dwarf source files
Remove globals from the MSVC demangler
Blindfix for some msvc demangling characters
Fix Dis fuzz failure
Add missing S_INIT_FUNC_OFFSETS definition for macho
Add Inferno Dis VM
Improve checks parsing dyldcache headers
Fix missing types and paddr/vaddr issue in ihj
Fix double free in class method handling
Update dyld shared cache parser
Better header checks for the MSX plugin
Some fixes for the bin.msx plugin
Add support for the XTAC file format
Add XCOFF64 support
Refix another null deref after 586af3fc6e1
Improve code quality in some RBin plugins (1/n)
Fix null deref when no signature is found
Minor improvements to elf parse
Fix memory leak when parsing DW_FORM_line_strp
Use correct compilation directory for binaries that use DWARF before version 5
Fix heap overflow in the swift parser

build

Add --with-new-io-cache configure and meson flags
Use acr-2.1.0 new PKGCFG_DO to speedup pkg-config file generation
Fix libdir and includedir in the pkgconfig templates with latest acr
Fix #21375 - Generate .sdb files properly for syscalls with meson
Fix #21332 - Add missing use_sys_openssl option for meson
Fix #21287 - compilation with .c in path
Clear SSL (C|LD)FLAGS if not willing to use SSL at all
Fix 'no rule to make libcapstone.a' error
Fix meson build with x86 option arch
Check for linux/can.h at configure time
meson: install rasign2.1 man page too
Fixes for the offline tarball generation

Abidiff shouldnt check internal structs like the capstone ones
Remove broken github counters and introduce the sys/counters.sh
Add pkg-config for macos-test
Add pkg-config for macOS via brew
Upgrade to abidiff 2.2
Remove LGTM, it's no longer available

cleanup

Remove all char* casts in free

cons

Fix scr.html when using bold attribute in scr.color=1

core

Support R2_PREFIX env var to override compile-time PREFIX
Use single quote instead of "" for RCore.call()
Fix command injection bugs in patch scripts

crash

Fix oob in we command
Fix null deref in omr with no maps
Fix null deref in fuzzed omt command
Fix uaf in r_asm_op_get_hex
Fix UAF in y-;q and assert with 0 size functions
Fix uaf caused by RRegItem.free instead of .unref
Fix oom in the nso parser
Fix uaf in xtac and check for more vector allocation failures
Fix unchecked vector allocation in wasm
Fix oom spotted in the wasm bin parser and other stylish things
Fix segfault when saving a project with no write perms in home
Fix oobread in dwarf5 parser
Fix #21363 - null deref in the wasm disassembler
Fix use after free in RStr.replaceAll()
Fix null deref in aeg command

debug

Fix setting registers in linux/rv64
Fix retrieving registers on Linux/RV64
Fix #21329 - do not include the privileged registers from the gdb profile

disasm

Dont try to resolve strings on call destinations
Fix instruction colors when '0' is at the end
Deprecate the asm.minicols config variable
Truncate invalid strings in disasm

dwarf

Add CLLf command as an alias for 'list' and fix @@i

esil

Avoid >64 bit shift left on 128bit registers
Implement esil for arm64's brk and clarify TRAP usage
Simplify the ESIL for x86 shift instruction
Better nullchk and reduce dereferences in esil

globals

Remove 2 globals from arch.or1k
Remove 1 global from arch.snes

Initial implementation of the io-write-cache command

json

iCj always renders valid json, fixing a warning in iaito

lang

Run the pending jobs in the qjs repl and expose r2pipe module
Add fake 'r2papi' module for r2frida-compile scripts
Implement ESM module loader for the QJS runtime
Initial support for r_arch plugins via qjs
Add support for NIM scripting on top of the QJS engine

magic

Add Inferno Dis

panels

Move Stack into Debug menu, and add Register columns output

print

Improve the pseudo-decompilation output for !x86 and inlined gotos
Fix duplicated source lines in CLLf output
Honor hex.offset + hex.header
Initial support for custom bitmap images

projects

Add Pz[ie] command to import/export project in zip format

r2pm

Fix support for builddir-less packages
mkdir home plugin directory
Add R2PM_DIR directive needed for tarball/zip packages
mkdir(R2PM_BINDIR) before pkg install, so packages dont have to mkdir

search

Magic depth starts at 0 now
Remove global magic depth
Honor esil.* options in RAnal.search
Improve syscall detection in /as
Fix #21339 - Fix syscall search when executed twice

shell

Fix help message when write fails (omp -> omf)
Fix #21380 - Refer to "? in /R for escaping chars
Correctly align r_core_cmd_help_match output in inexact mode
Update help message for ""? for ""@""
Drastically reduce eUsage counter
Fix signed integer treated as unsigned in the wX command
Fix oobread in load_zign
Fix assert in wd command
Add ?Tj and get rid of all the eprintf("Usage in cmd.egg
Fix #21412 - Implement segment iterator
Add help message and improve the ahs command
Add support for calling commands with a temporal seek
Implement the 'wget' command to download files from http://
Autocomplete file argument in wff command

test

Load the bin.types again from r2r

tools

Fix #21333 - Update radiff2 manpage, add mermaid mode

types

Add some basic swift and objc function signatures

util

Return NULL on miss in r_file_path
Move filter_shell and filter_quoted_shell into RName

visual

Honor stack.size in the Stack panel
Compute the opcode operand index in the bit editor
Handle 'R' key to refresh the slides from disk

5.8.2

1 year ago

Release Notes

Version: 5.8.2 Previous: 5.8.0 Commits: 172 Contributors: 17

Highlights

More details

Authors

0x8ff Apkunpacker Dennis Goodlett Fraser Price Jules Maselbas MewtR Mohamed Lemine Ould El-Hadj Ole André Vadla Ravnås Richard Patel Sylvain Pelissier Vitaly Bogdanov condret kyufie meme nmeum pancake pancake

Changes

anal

Honor the micromips codealign, add missing =SN and cc
Set indirect code refs from load instructions
Make r_anal_optype_{to,from}_string use the same optypes array
Rework of the function merging
Add Plan 9 calling conventions
Basic blocks are not modified if not initialized
Add test for gb srcs/dsts json and valtype
Fix multiple typos in ios-syscalls.txt

analysis

Make r_anal_optype_{to,from}_string use the same optypes array
Rework of the function merging

api

Make r_str_casecmp() null-proof to fix weird crash on windows
Implement RCore.cmdCallAt() + minor improve internal cmd calls
Fix RFile.path() when $PATH contains no colon

arch

Add esil support for v850 ei and di instructions
Add esil support for v850 reti instruction
Add esil support for v850 stsr instruction
Add esil support for v850 ldsr instruction
Blindfix for a glitch in the v850 disassembler
Simplify esil generation of v850 bcond instructions
Add esil support for v850 setf instruction
Improve v850 esil support and fix some related bugs
Fix asm.cpu=? when using arch plugins
Fix rasm2 -a mips{.gnu} -b16 -e -c micro -d '4fe5'
Move mcore into the arch
Support micromips on both gnu and capstone plugins
Move anal.propeller
Add micromips cpu for the mips.gnu plugin
Move nios2 away from anal
Register RArch plugins to be loaded dynamically

asm

Implement .extern directive in rasm2, fix other directives
Fix ARM assembler for blt, ble, cmn, tst, and teq instructions

bin

Fix null deref assert in the TE parser
Fix unnecessary memory exhaustion in the elf parser
Fix allocation crash in bin.symbols
Support elf-micromips auto detection
DWARF5 line header parsing
License Plan 9 code as MIT
Add Plan 9 line number information
Fix load address of arm64 kernel

build

Do not depend on strcasecmp in libzip, build fail on Centos7
Upgrade v35arm64 to fix non-c99 compilation
Update to the latest tinycc in the CI
Remove the need for ios-include.tar.gz
Use an authorized API call for the abi job to increase the rate limit
Remove condition on 'linux-static' job
Integrate ABI diffing into CI scripts
Add --with-ssl-crypto, rename --with-openssl to --with-ssl
meson: Install various missing files
Use fakeroot if available when packaging for debian

build,

Integrate ABI diffing into CI scripts

Upgrade CodeQL actions from v1 to v2
Update the SPEC file and build RPM packages in the CI
- Update the SPEC file and build RPM packages in the CI

crash

Fix infinite loop and null derefs when calling pd from pd in Cr
Blindfix with a hack and a workaround to fix an UAF in Cr
Fix an UAF in the visual bit editor
Fix null deref segfault in Vd1
Fix UAF in oc
Fix null deref in io.bank

debug

Fix #8992 - Apply command line settings before initializing debug plugin
Add required A0 register into x86 register profile provided by GDB
Use proper type for the XMM register inside profile recieved
Implement dpt. command to print the current selected process

disasm

Optimize RAnal.kind() as its called many times with a large buffer from pd
Bring back and improve the Cr command

doc

Reference abidiff's ci usage in doc/abi.md
Reference doc/abi in DEVELOPERS

esil

Fix emulation of the arm64 tst instruction

Improve json output for mlj - mountpoint type and delta

globals

Remove global in util/lib and just use RLogLevel

indent

Balance spacings in braces

Add experimental r2.cmd0 and r2.call0 for qjs
Enable stack overflow check when recursive calls
Improve error messages in the qjs repl
Rename qjs's dir function to dump
Support loading/unloading multiple QJS plugins
Update typescript compiler and move r2plugin into r2
Fix undefined behaviour in quickjs when casting double to int64
Fix #21205 - Missing object definition for aoj
Fix undefined behaviour in double->int cast
Extra checks and enforce the singleton core plugin
Improve typescript entrypoint logic detection
Initial support for javascript core plugins
Upgrade r2papi-ts from 0.0.4 to 0.0.10
Support typescript Main namespace and pass --allowJs

json

Fix #21205 - Missing object definition for aoj

lang

Initial implementation of lang.s assembly scripting
R_TH_LOCAL two globals in RLang.c
Reestructure lib dependencies, add lang.asm plugin

perf

Massage the bottleneck that was making r2dec super slow
Some more likely hints in RCore.cmd from valgrind

print

Fix pA and pA? (/A was moved into /a)
Implement pvp and wvp to print and write pointers
Fix fortune message for #md5 and add ph: variant of "ph "

qjs

Add QJS_NOABORT option to avoid aborts

r2pm

Improvements for r2pm when getcwd is null
Add R2PM_NEEDS and auto-install system build deps if possible
Fix git check before cloning the repo
Fix R2PM_DEPS first time issue
Report better errors on first r2pm setup
Initial experimental support for portable qjs packages

search

Implement tire algorithm in

shell

Fix assert in ph
Initial skeleton integration with GNU/Poke
Fix profiling RCore.cmdCall() via ?t""
Add help message for the quote command "?
Implement LAj and LAq commands to list arch plugins
Implement uname -h, -m, -b, -j ...
Handle unknown subcommands for t
pdrj shouldnt be modifying the current seek
Add -j command as an alias for js:
Add the ability to run qjs scripts with r2 -je

slides:xa

Improve r2slides with title, colors and 2 column mode

test

Update libfuzz build instructions
Add the dwarf fuzzer program
Add some test for ARM assembler

tools

Add R2_DEBUG_NOPAPI env var
Show error when passing un-even hexpair to rasm2

visual

Fix (null) regression in visual bit editor's disasm
Handle JK in bit editor to move 8 bytes fwd/backward

vuln

Fix ANSI Escape Sequence Injection vulns via DWARF

5.8.0

1 year ago

Release Notes

Version: 5.8.0 Previous: 5.7.8 Commits: 745 Contributors: 36

Highlights

More details

Authors

0x8ff Alex Bender Anton Kochkov Axel Iota DaKnig Dennis Goodlett Dennis Goodlett Ernest Deák (Tino) Francesco Tamagni HighW4y2H3ll Hors Lars Haukli Lazula Matthias MewtR Miles Liu Mohamed Lemine Ould El-Hadj Murphy Ole André Vadla Ravnås Paul B Mahol Peter Meerwald-Stadler Quentin Kaiser RHL120 Sylvain Pelissier Sylvain Pelissier TheAllSeeingOwl condret iTrooz_ meme pancake pancake rax2 rhl120 schrotthaufen schrotthaufen singurty

Changes

abi

RAnalOp.srcs,dsts are not pointers

anal

Working apt and add apl to list function preludes
Rename axj to axlj, because axj is for jmp refs
Introduce anal.tailcall.delta and use flags for better metrics
Improve the tailcall detection logic
Improve warning that only seems to happen when anal.nopskip is set
Always show all the archinfo, even when not provided by the plug
Dont show analysis progress on non-interactive shells
Add esil.dfg.mapinfo and esil.dfg.maps config vars
Some more improvements to esil_dfg
Fix size returned from r_anal_op
Fix warning in aflj when parsing vargarg signatures
Add register computed const pointer support for esil dfg
Add memory computed const pointer support for esil dfg
Introduce R_ANAL_ESIL_DFG_TAG_{REG,MEM}
Use treebuf io plugin as memory access backed for esil_dfg
Fix pickle asm rejecting empty strings
Do not recurse noreturn inspection when !addr or -1
Generalize vector instruction types instead of following intel-specific
Add /au to search for unknown destination jmp/call
Add anal.noret and refactor anal.noret.refs
Fix #20827 - Show srcs/dsts in aoj
Fix aae argument parsing regression in and improve help
Add support for stack-computed const pointers in esil_dfg
Fix anal.a2f in aac
Increase default anal.depth from 64 to 128
Clarify which commands are used on each aaaa line
Fix anal.depth usage when analyzing one basic block
Loongarch analysis bug fixes (bl, race condition)
Implement aflxv and aflx? commands
Run /azq in aaaa
Fix long1,long4 pickle opcodes
Fix #20798 - Fix bx after add lr,pc,0 in arm32
Fix null pointer in aflxj
Implement aflxj
Add noreturn column in afll
Use RPVector in RAnalOp src/dst to support ldm/stm/simd
Fix pickle arch thinking 0 is 64 bit
Don't show the linearsize in the afl output
Add anal.vars.newstack - configurable improved stack-relative var

analysis

Working apt and add apl to list function preludes
Rename axj to axlj, because axj is for jmp refs
Introduce anal.tailcall.delta and use flags for better metrics
Improve the tailcall detection logic
Improve warning that only seems to happen when anal.nopskip is set
Always show all the archinfo, even when not provided by the plug
Dont show analysis progress on non-interactive shells
Do not recurse noreturn inspection when !addr or -1
Generalize vector instruction types instead of following intel-specific
Add /au to search for unknown destination jmp/call
Add anal.noret and refactor anal.noret.refs
Fix #20827 - Show srcs/dsts in aoj
Fix aae argument parsing regression in and improve help
Fix anal.a2f in aac
Increase default anal.depth from 64 to 128
Clarify which commands are used on each aaaa line
Loongarch analysis bug fixes (bl, race condition)
Implement aflxv and aflx? commands
Run /azq in aaaa
Add noreturn column in afll
Add anal.vars.newstack - configurable improved stack-relative var

api

Make RReg refcounted
Implement {ctz|clz}{32|64} RNum
Define RPluginMeta and RPluginStatus
Add new RCore.cmdCallf() helper function
Merge RParse into RAsm
Refactor RLang api to use the new design
Fix null deref on wrong api usage for RCore.cmdStr
Moving more logic between asm, arch, parse and anal
RAnalEsil -> REsil api refactor
Deprecate reil and sysarch defines
More refactorings and api redesigns in r_arch
Remove eprintf calls in favor of R_LOG
Implement RReg.clone()
Deprecate r_str_dup() - related to #20959
Rename RVector.len to RVector.length for consistency
Remove the unnecessary RThread.CpuAffinity()
Add portable NaN and INF defines for different float sizes
Deprecate r_cons_eprintf and use R_LOG instead
Rename RStr.home() to RFile.home() as part of the Plan
Rename r_mem_memzero to r_mem_zero
Prefer _tostring() instead of _to_string()
Improve r_ref implementation with debugging support
R_BIN_NM -> R_BIN_LANG
Implement thread-safe refcounting - but disabled by default
Deprecate the unused RFList
Implement r_str_ntrim() and speedup r_str_trim() with it
Initial implementation of RString (30% faster than RStrBuf)
Implement r_sys_getenv_asint
Add r_cons_is_initialized
Boolify r_core_yank_file_all() and fix shadow var bug
Add r_file_is_executable and r_file_extension apis
Fix UB bug when using r_vector random access
Change R_LOG_INFO to R_LOG_TODO where suitable
Merge rhash into rcrypto and improve apis
Fix memory leak in r_str_list_join()
Boolify and rename some methods and fields from RFS
Add .author field in all the RLang plugins
Add a public api for the yank-unset action
Constify the help

arch

Add the arch.preludes() callback and new RSearchKeyword constructor
Move anal.v850 to arch
Fix counted string bug in pickle
Fix negative unsigned cast in the xtensa disassembler
Add RAnalOp.weakbytes() and move more analop apis to arch
Move anal.xap into the arch
Update tests and better arch.patch/modify callback
Move anal.{6502,snes} into arch
Kill RAsmOp, we can reuse RAnalOp in here
Improve pickle disasm on invalid instructions
Remove RAsmPlugin struct and add the 'aia' command to show archinfo
Move the remaining asm plugins into the arch
Minor plugin selection improvements
Move asm.nasm into the arch
Move asm.vasm into arch.any_vasm
Assemble large pickle instructions
Fix and move failing tests, reorder lib build
Move the arm assembler plugin from asm to arch
Temporary add RAnal as dependency for REgg
Improve x86.nz assembler parsing and other bugs in rnum
Initial implementation of the arch.any.as plugin
Better handle of RNum errors for egg and arch.x86.nz
Support reg+idx and idx+reg in x86.nz assembler
Move the x86.nz plugin
Fix asm.acur supporting arch, anal and asm plugins
- Fix asm.acur supporting arch, anal and asm plugins
Move anal_riscv to arch_riscv
Fix rasm2 -LLL using the new multi-bits macros
Introduce RSysBits and its packing/checking macros
Implement archinfo() in RAnal.Plugin.tms320
Deprecate the unused RArchPlugin.esil field
Use PJ to return the list of mnemonics aoml in arm.v35
Move anal.rsp to the new home
Move anal.v810 into arch.v810
Move pickle from anal to arch and add it to meson
Remove anal.malbolge and fix CI r_esil issues
Move the 'sh' plugin to the new home
Honor plugin name in rate matching for RArch.use
Move jdh8 from asm/anal to arch
Unify RArchOp into RAnalOp using common include files
Fix RArchOp.refptr from bool to int
Bump cs5 to support FNOP on m68k
Wire-up RArch into RAnalOp
Fix arm64 plugin to work well with latest arm64 changes in capstone
Use the latest capstone5-next with updated aarch64 support
Copy anal_amd29k.c to rarch
Change arch plugin definition
Add some more arch config vars
Introduce arch.endian config var
Instantiate RArch in anal
Introduce RArchConfig->decoder
Add R_LIB_TYPE_ARCH and i4004 arch-plugin
First arch plugin (arch.null), implement basic lib api
Start moving EVM analysis from extras to core
First implementation of r_arch decoder api
Introduce the new r_arch library, just the skeleton
Add some r_arch api declarations
Initial commit on RArch structs

asm

Deprecate more unused fields from RAsmPlugin
Fix the parse.z80.pseudo plugin and add a test
Remove the unused RAsm.binb
Internal cleanup of asm.c, deprecate the disassembly callback
Load cpu descriptions for multiarch plugins
Fix rasm2 x86.nz for "xchg eax,eax" and add tests

bin

Fix JSON encoding of section addresses
Add test for cwd source listing, CLL and list
Add warning when loading DWARF5 files (not supported)
Add test for the obm with CL, support noncwd paths
Use obm when spotting a companion dwarf file on macOS
Implement RBinFile.merge() and obm command to use it
Initial implementation of the ob-- command to close the last binobj
Autoload the dwarf companion file on macOS systems if available
Use rabin2 -rO for raw dump operations
Use glob expressions to specify section name to dump
Fix #14540 - klass->super must be an RList instead of char*
Support for Xbox 360 PE32 architecture (PPC BE)
Fix wrong detection of main in elf-arm32
Fix rabin2 -gj and add tests
Add bin.types and disable by default for CI reasons
Support loading Plan 9 kernels
Use API instead of commands to autoload a pdb
Fix #21020 - fix json format for rabin2 -jM when no main is found
Expose section type for coff, elf and macho formats
Fix #18375 - Only patch arm64 relocs when not initialized
Add experimental bin.str.nofp config for less false positives
Parse the PT_DYNAMIC elf section for the preinit pointers
Fix validation check in xnu
Initialize macho header pf definitions
Speedup class bin loading with bin.filter=false
Implement 'ic.' command
Fix initial seek for Rosetta2 aot binaries
Silent noisy warning in dwarfprocess
Expose klass->super details for objc categories
Include fields in the ic output
Enable the swift metadata parser by default and import classinfo
Add lang field for classes, symbols and methods, expose it via ic
Warn about unpatched relocs when no bin.cache is set for macho fixups
Add support for 32bit Mach-O fixups
Expose the macho reloc fixups and use internal buffer for parsing
Fix obf and add tests for it
Fix Cd4[ invalid syntax used in macho _const section
Expose the id_dylib macho command info into the bin kv
Enlarge the c++ demangler stack limit to solve a warning
Implement Dwarf.register identifier mapping for v850
Infuse asm.cpu from the elf flags for v850 ELFs
Remove asm.features, improve RBinInfo with flags and abi details
Improve brainfuck detection to reduce false positives
Implement dwarf.regName() for arm64
Import the free pascal symbol demangler from rizin

build

Double lowerdash defines should be defined only by the compiler
Fix and improve static build, faster libr.a with libtool if available
Improve libr.a creation with ar -rcT instead of ar -x
Speedup tcc builds by not using -g
Move esil one level up in libs.mk
Update sdb to remove double include paths
Fix compilation with -lcrypto
Do not use macos-latest (macos-11 is fine for LTS)
Update the capstone4 support to 4.0.2
Fix zig's @cInclude of r_th.h
Add crosscompiling support with sys/zig.sh
Do not install the v35 archives (-50MB) in make install
Fix capstone dynamic memory allocation setup issue
Support sys/debian.sh crossbuilds
Remove unused lc-printscan-long-double wasi flag
Check if CWD contain spaces in sys/install.sh
Add the acr --enable-threadsafety flag and the same for meson
Fix meson infinite loop
Disable libuv by default on meson and acr
Change build order as long as now bin depends on fs

Test r2 build with all sysdependencies enabled
Upgrade al-cheb/configure-pagefile-action to the v1.3
Run unit tests in parallel
Upgrade github actions/checkout from v2 to v3
Upgrade actions/upload-artifact from v2 to v3

cmd

Fix bugs in aeg command parser

config

Deprecate the use of comma in e: as stated in the r2580 prophecy
Deprecate graph.web eval config var
Remove the file.offset unused config variable

cons

Fix static themes listing
Add support for statically compiled themes
Fix Ctrl+Arrow dietline shortcut for word cursor
Fix console history log path regression

core

Enable cmd.undo by default
Rename many bin.str evars into bin.str.
Use XDG instead of R2_HOME_CACHEDIR and R2_HOME_HISTORY
Initial support for XDG env vars and paths
Fix RConfig.setB when the key doesnt exist
Deprecate scr.seek configuration variable
Initial implementation of R_LOG_TODO

crash

Fix segfault in poa 1
Fix integer overflow in fuzzed dwarf rendering in graphs
Fix use-after-free after @@@e spotted by meme
Fix UAF in aaft when the BB is removed during the loop
Fix UAF on quit exposed by r2frida

crypto

Initial abi breaking changes in RCrypto/RHash
Fix rahash2 -L listing full hash
Initial work on the way RCrypto handles plugins
Separate SM4 algorithm from plugin
Implement the SIP hash algorithm

debug

Bring back the 'dms' command
Fixed incorrect thread arena output
IO uses PID to read from child, tid is just for regs
Fix r2 -d foo\bar.exe and r2 -d bar.exe on windows
Make RDebug.regRead() and regWrite() return bool

decompiler

Improve the outpuf of pdc by trimming the addresses of inline nops and colorize numbers
Add colorization support to pdc output

disasm

Implement asm.bytes.align to justify them to the right
Fix char auto-comment in cmp instructions
Improve pseudodisasm for arm64
Improve arm.pseudo when no function information is available
Fix mips.pseudo shortpath when function is null
Fix x86.pseudo shortpath when function is null
Fix NULL function xrefs in pd
Implement asm.flags.right option
Add dummy parse.evm plugin to fix portability of test
Add a dummy bpf pseudo plugin
Add RParse.justify() to easily fix commas and spaces
Better spacing in arm.pseudo parse plugin

esil

Initial support for threads in esil
Fix #21052 - wrong emulation for pop rsp
Move anal.esil into the new esil
Add aegb command as an alias for 'aeg pieq $Fi'
Add aegn command to combine N esil instructions into one dfg
Use a function instead for the spaguetti code in all cmp esil opcodes -30LOC

globals

Remove one global variable in RCore.cmdEval()
Remove two globals from RCons.cpipe
Remove the 3 globals in anal.xtensa
Remove 3 globals from anal.tricore
Remove the 3 globals from anal.vax
Remove 3 globals from anal.nios2
Remove 3 globals from anal.arc
Remove 3 globals from anal.sparc.gnu
Remove 3 globals from anal.sh
Remove 3 globals from anal.alpha
Remove 3 globals from anal.lanai.gnu
Remove 3 more globals from anal.pdp11
Remove 3 globals from anal.hppa
Remove 3 globals from anal.m68k.gnu
Remove the 3 globals in anal.ppc.gnu
Remove 3 globals from anal.cris
Remove 4 globals from anal.mips.gnu
Deglob 4 vars in the arm.gnu disassembler
Remove 3 globals in s390.gnu
Remove 10 more globals from analysis and capstone
Remove 3 globals in ccarg analysis
Remove all global variables from RCrypto
Move colortable global into the RConsContext
Remove global from utf8
Remove the last global variable in libmagic
Remove in_log_process global
Remove global in bin.obj.reloc_patch
Remove global variable in esil loop

graph

Initial work in graph.bubble for custom bg color in nodes
Honor graph.layout in aegv too, instead of harcoding horizontal one
Deprecate aegi and aggi, those were dupes for aegv and aggv
Fix null deref in agg and avoid destructive manners of 'V ,'

help

Make the anal.depth warning more useful

indent

Balance spacings in braces

Initial implementation of the generic io-stream api
Fix UAF in streaming io plugins when used with io.va=1
Remove invocation of v layer cache in r_io_desc_read
Start rewriting io_cache.c
Kill r_io_read_at_mapped
Initial import of the serial plugin
Kill io->buffer
Remove unused fcn declarations
omfg runs omm if no map is set
New o++ command to create and open a new file
Add "reset" system command to treebuf io plugin
Minor bugfix in treebuf io plugin
Add treebuf io plugin
Fix free-before-use on r_io_reopen of a rbuf:// fd/desc
Handle reloc maps properly in r_io_map_remap and r_io_map_resize
Fix reloc map memleak
Add rio reloc maps
[5.8.0] Disable the default io.basemap

json

Fix tj ttj tfj outputs
Fix invalid json in tj command
Fix #20772 - ihj rendering an invalid json because of pfj

lang

Make r2 -j work as a hashbang handler for qjs
Enable BigNum in qjs
Use r2papi 0.0.4 with base64 and R2Api is now known as R2Papi
Add requirejs, simplify compilation and add js_ prefix to all the c files
Add typescript support
Minor improvements for js: with r2.call() and r2.cmdj
Enable Bignum support to the QJS interpreter
Import the alpha r2papi 0.0.2 api for qjs
Integrate the qjs repl into the js: command
Initial import of the interactive QJS repl
Import the quickjs rlang plugin
Implement py command and add stdin slurp support for js- too
Add 'js' and 'js:' commands, as well as improve help for #!?
Fix null deref in rlang
Add "lua" as an alias for "#!lua"

leaks

Fix leaks in pdc
Fix more memory leaks in rbin and ranal for arm64
Patch more leaks in the analysis and rbin
Some safe memleaks related to analysis and registers refcounting
Fix memory leak in dietline

lint

Enable the leading spaces linter rule and fix them all
Use more tabs and add a (disabled for now) linter for it

logs

Redirect RLog messages into the Corelog
Add base64 support to the T and T* commands

panels

Add ve command to set fg/bg colors for current panel

print

New RPrint.spinBar() API used from scr.demo for now
Fix pcc trifids confussion issue
New command CLL (aka list) show function source using addrline (dwarf) info
Fix #21080 - Add cfg.codevar to change the buffer varname from pc
ASN.1 and x509: correct OCTET_STRING and Public key info parsing
Add ASN1 Algorithm Identifiers for Edwards curves
Fix #20993 - Correct ASN.1 BIT_STRING parsing
Implement pcn command to print bytes as space separated numbers
Add support for the swatch dot-beat internet time
Workaround for "too large buffer" in formats
px* is an alias for pc*
Implement pFoj command
Implement pFaj for asn1 json decoding
Initial refactoring/cleanup of ASN1 parser api
Add pFxj command to print x509 certificates in JSON format
Add pFpj command to print PKCS7 files as JSON
Fix issue in 'pdc' that was showing empty orphan nodes
Implement new 'pcq' command, like pc, but inline-include-friendly
Implement the new pieb command as an alias for pie $Fi
Fix read buffer overflow in pxq -272
Implement pFbJ command with quiet and verbose json formats
Implemen pFbj for json printing of protobuf
Set hex.hdroff=true by default
Implement pFAj to render android xml in JSON (abi break)
Implement TSV output format for RTable

projects

Fix some problems when renaming projects
Fix some bugs in projects
Quote commit message to avoid git error when saving project
@radare Do changes in Px->Pc, Pc->PS* as planned

r2pipe

Check magic header before assuming an interpreted file is executable

r2pm

Fix assert in Str.Trim() when r2 is not installed
Add support for tarball and zip packages
Honor EDITOR in r2pm -e
Remove all the references to the old r2pm.sh
Implement R2PM_FAIL and mark it as deprecation for r2-5.9.x
Implement r2pm -cp like it was in r2pm.sh
Fix clean installations with r2pm -c
Expose R2PM_SUDO and list R2PM_PREFIX in -H
Handle -HH in r2pm for verbose env listing and remove unused R2PM_GITSKIP
Fixes pull/install/uninstall on windows
r2pm -Ui can be combined now and fix extras package building
Honor R2PM_DBDIR env var
Honor -f in r2pm -U to force clean the r2pm db
Support XDG on r2pm and expose the PKG_CONFIG_PATH
Expose R2_LIBEXT for r2pm packages
Update r2pm manpage and add -q and -a flags
Show package source with r2pm -d
Implement r2pm -H to make more packages build
Fixes parsing the GIT URL on some packages
Test the new default native r2pm fix flushing and using RLOG
Make R2PM_NATIVE the default and provide R2PM_LEGACY

r2r

Fix rvector assert when indexing empty ones

refactor

Move the RParse.cparse into RAnal.cparse
Stop aeg from abusing agg
Rename R_ANAL_ESIL_DFG_BLOCK_ to R_ANAL_ESIL_DFG_TAG_
Rename EsilDFGRegVar to EsilDFGVar and introduce EsilDFGVarType
Avoid using RArchConfig->big_endian
Add addr_bits to RArchPlugins and make info and decode cbs cfg aware
Add archcond api to rarch, some small cleanup in anal
Make bitness, endianess and esil-support fields of RArchPlugin again
Copy value.c and op.c from anal to arch
Copy switch.c from anal to arch
Add some more typedefs and enums to r_arch
Rename r_arch_set_ to r_arch_config_set_
Rename R_ASM_SYNTAX to R_ARCH_SYNTAX
Simplify x86_cs BSR and BSF esil
Use r_strbuf_replacef in anal_mips_gnu esil generation
Use r_strbuf_replacef in anal_mips_cs esil generation

rvc

Initial refactoring of the version control api
Move rvc from core to util
Fix rvc.commit when non-interactive with a default message

scan

Fix crash in the swift metadata parser spotted by coverity

search

Fix JSON encoding of unsigned search values
Fix /au after aeim
Fix /w and /wi, add tests, minor code cleanup
Add r_anal_optype_index to make /atl and /at use full listings of optypes
Support space separated instruction types and family in /at and /af
Improve json output for /asj and /atj
Fix calling /re twice after ^C
/az uses anal.in instead of search.in to improve scan results
Make /az faster after aeim, skipping unrelated regions
Fix last char bug in swift strings found with /az
Add x86-64 support to /az
Add flags under the asm.str flag prefix when doing /az
Honor bin.minsz in /az is no argument is provided
Implement /azq to search for assembly strings and add tests
Implement the new /az command to find assembly constructed strings
Superseed #20447 - remove some magic globals

shell

Fix ?vi:123 and ?v:123 commands
Print whatever is taken from io_system to rcons
Fix runtime warning after leaving an rlang session
Add "" command to run RCore.cmdCall()
Fix #21136 - o <tab> autocompletion not working
Show help when using invalid subcommand of afi
Implement abo and afbo commands to list opcode offsets in function or bb
Implement o-. command, add help for future o-$
Expose RCore.cmdCall() and fix b64: command + add tests
Show number conversion error messages in ?v command
Fixes for the line editor using live save/load with new RFile apis
Implement oe command to open a file using cfg.editor
Add quiet and table listing for lang plugins
Implement Ll, Llq and #!?q commands for better rlang listing
Fix r2 /directory behaviour
Support $r:REGNAME syntax and document it
Implement cmd.usr1 and cmd.usr2 to handle signals on unix
Add #!qjs and #!tiny for autocompletion
Fix behaviour of -a and -b flags (no arg= show current, append? for help)
Rename the drm command to drv for consistency
Add -s -i -f r2 commands
Implement -a, -b, -c and -e commands in r2
Add tabhelp exception for pf.
Add r2 -LL to list core plugins
Improve help message for f subcommands
Take into account static themes when listing
Add ot command as an alias for touch
Implement the ji: command as an alternative to ~{} without cons filtering
Also handle (j) and (*), more syntax-consistent and add a test
Implement (j for json output of macro commands
Initial implementation of ?ie
Add missing help for the '?i?' command
Use RCoreHelp for /ca?
Fix #20760 - Implement native gron via ~{=}
Remove RPrintRowlog and use R_LOG isntead
Allow changing number of saved input lines
Implement log.source and log.origin
Add the new ucu and ucd commands using the new core-undo apis
Rename asm.{off} variables to asm.offset

syntax

Move the preincrement and void arg from tests to lint.sh

threads

Initial ref-counted RRegItems, needed for threadsafety
Move the readahead logic to a local variable
Guard more critical sections in cons and core
Analysis now waits in background for the bin parsing to finish
Add some RThreadLocks and start to use the critical sections

thready

Dont call RCore.seek() and read a new buffer in disasm

tools

rax2: corrects base64 encoding for null bytes
Fix r2 -2
Fix broken tests for long number conversion
Fix base64 null byte decoding bug in rax2
Implement rasm2 -LLL to list arch plugins
Add Ls to list assemblers, and LA to list analysis plugins
Bring back the r2 -t for parsing bin and analysing in background
rarun2 supports multiple preload directives

util

Fix the XML parser
shlr/yxml -> libr/util/rxml - fork the abandoned yxml parser and expose it
Add RStr.ansiStrip() and RStr.insert()
Improve internal RBuffer API checks
Add log error when pj depth limit reached
Add R_SYS_BITS_12
Introduce R_SYS_BITS_4
Add :header and :noheader in RTable
Fix crash in r_vector_shrink
Minor COV fix in r_str_char_count
Fix return type of r_str_char_count
Add new RStr.replaceAll() api
Use R_PRINTF_CHECK for r_strbuf_replacef
Add r_strbuf_replace{f}

Initial rvc refactoring and cleanup of the api
Move rvc apis into callbacks
Make ravc2 accessible via blob and r2 shell

visual

Use RAnalOp instead of RAsmOp in r_core_visual_bit_editor
Fix issue with cursor disappearing towards the bottom of the screen
Don't draw two cursors when too many bytes are on disasm panels
Make j/k movement in panels' cursor mode more consistent with it's visual counterpart
Don't skip byte when moving left/right in cursor mode (disassembly panel)
Fix pdc glitching in panels
Handle arrow keys in VT
Handle JK0 keys in VT
Honor cmd.vprompt and scr.notch in VT
RStr.wrap() supports ansi and use it in VT
Implement Tv command and use it from VT
Fix the cache and other bugs in panels
Override scr.maxpage in panels to avoid undesired prompts

wasm

Upgrade to the latest wasi16 sdk

5.7.8

1 year ago

Release Notes

Version: 5.7.8 Previous: 5.7.6 Commits: 307 Contributors: 17

Highlights

More details

Authors

Axel Iota Ben L Denis Ovsienko Dennis Goodlett Dennis Goodlett Francesco Tamagni Nikhil Saxena Paul B Mahol Richard Patel Seunghwan Chun Sylvain Pelissier adwait1-g condret erfur pancake pancake rax64

Changes

anal

Define =SN for the sparc register profile and improve warning message
Include bb instruction addresses in an array for abj
Fix more tests to run outside x86-64
Implement aflx and aflx* commands to re-analyze function callers
Implement aflm. and aflm? to print the makefile-style function call summary
Fix bug in esil_cfg
Implement r_anal_esil_dfg_reg_is_const
Fix quotes in pickle assembly
Improve aab results by using section size
Refactor esil new in cmd_anal
Refactor ar set command to static func
Fix '/gg' output
Fix duplicate aarch64 syscalls
Fix leak in 'aex' command.
Fix compilation warning
Silence compilation warning in show_reg_args()
Fix leak in r_core_esil_step()
Check list allocation return value
Fix leak of RAnalBlock in false return code path
Check that vector length is not 0
Fix leak of list when using asj command
Fix leaks caused by not calling r_anal_op_fini()
Add pickle descriptions

analysis

Define =SN for the sparc register profile and improve warning message
Include bb instruction addresses in an array for abj
Implement aflx and aflx* commands to re-analyze function callers
Fix duplicate aarch64 syscalls

arch

Support assembler plugin resolution by aproximated name
Rename asm.arm_cs to asm.arm
Merge asm.sparc_gnu into anal.sparc_gnu
Lowercase all pickle instructions
Upgrade to the latest capstone-next for ppc purposes

asm

Fix integer overflow in match_c_lui()

bin

Fix boundary check in mach0 fixups reconstruction
Fix two oobreads in coresymbolication and dyldcache
Update coresymbolication cache parser
Add table's :help and ignore commas in i subcommand parsing
Fix incorrect relocs=false in macho
Fix regressions affecting dyldcache parsing
Fix #20624 - Implement ic, command to query klass information
Fix oba $$ in frida://0 global
Add support for REL file format plugin
Support powerpc coffs
Handle RABIN2_MACHO_SKIPFIXUPS env var in the macho parser
Add wasm globals to symbols
Fix leak in bin_sections

build

if != ifdef on msvc
Add lint for C++ include support

Fix #20655 - Zip the blob for windows

config

Fix prj.alwasyprompt description text

cons

Fix a couple of coverities in canvas and dietline
Fix 'num' display with gentoo theme on 256 term
Add to all themes 'ecd' at start
Remove duplicate entry for basic theme
Fix background color for dark theme
Simplify ansi color mapping
Fix several bugs when interacting in VE mode
Fix leak in nextpal()
Fix leaks in VE mode
Fix leak of memory returned by r_str_ansi_crop()

core

Fix leaks when calling r_flag_all_list()
Fix leak in error path of r_core_anal_search_xrefs()
Fix leak of pointer left behind

crash

Fix stack exhaustion bug in the c++ gnu demangler
Fix oobread in protobuf parser
Fix oobread in r_str_is_printable_limited
Fix UB bug in afi command causing random segfaults
Harden swift demangler
Harden msvc demangler
Fill null deref check in the x509 parser
Fix two more bugs in pdb found by libfuzzer
Some safe fixes in rbin
More r_run_parseline fixes
Fix #9782 - r_run_parseline OOB read
Fix oob write in dyldcache
Fix null deref on non-capstone builds

crypto

Add SM4 block cipher

debug

Add new 'drp*' 'arp*' commands to flag the reg arena
Fix build for 32bit iOS debugger
Fix process detach in the xnu debugger
Fix arm64 register access in xnu debugger
Initial blind support for io.self for serenity

diff

Implement radiff2 -B to specify base address
Emit json when radiff2 is run with -Cj

disasm

Fix #20202 - pd-55 showing invalid instructions

esil

Fix tests and emulation for x86_cs BSR and BSF instructions
Add warning for esil op $$ deprecation
Tag dfg nodes that are vars with constant values properly in esil_dfg.c

Implement mdd, mdq and ms's ls -l
Add initial fs.zip plugin, listing only for now

fuzz

Fix another crash in the protobuf parser
Fix too much time spent loading corrupted dyldcaches
Fix negative allocation in the dex parser
Fix infinite loop in dyldcache parser
Fix large allocation bug in wasm parser
Fuzz pdb
Fuzz protobuf
Fuzz pkcs7, punycode, x509
libFuzzer demangler target
libFuzzer bin target
add libFuzzer integration, r_run_parseline test

globals

Remove two global variables in the anal.ppc.cs plugin
Remove global in cons.rgb
Remove globals in bin.sms
Remove globals in flirt and apply some extra cleanups

graph

Implement new toyish visualization command agt
Implement aggb command, like agfb but for agn/age
Add cmd.bbgraph to use a different command to render the basic blocks
Remove hack fixing a bug that is now gone for agn

Initial implementation of the reg:// io plugin
Fix #20616 - Fix analysis when using io.cache
Implement wcu command to undo cached writes
Initial implementation of the xattr io plugin
Fix leaks on error path in r_io_zip_open_many()

lint

Enable linting for trailing tabs

panels

Fix #20651 - Decompiler panel was disapearing after clicking

print

Implement pxu{1,2,4,8} like pxd but unsigned
Fix w6e and w6d, Add w6x, p6[e|d][s|z] + tests
Fix #20540 - pc should use an unsigned char buffer
Implement p8x and p8* similar to y*

refactor

Add linting to spot misuses of r_strbuf_appendf and fix them all
Minor optimization of generated esil expressions
Remove some unused macros in anal_riscv_cs
Remove occurences of $$ in riscv esil
Remove occurences of $$ in mips_gnu esil
Remove occurences of $$ in bf and mips_cs esil
Move the asm.m68k.gnu into the anal
move asm.arm_windebg to anal.arm_wd
Remove occurences of $$ in v810/v850 esil
Minor optimization of generated esil in anal_arm_cs.c
Minor optimization of esil generation in anal_arm_cs.c
Avoid =[*] in arm_cs esil
Remove occurences of $$ in arm_cs esil
Move lanai from asm to anal
Move the hppa plugin from asm to anal
Use more R_LOG in cmd.open
Merge asm.arm.gnu into anal.arm.gnu
Move asm.ppc.cs into anal.ppc.cs
Merge asm_arm_cs disassembler into anal_arm_cs

search

Add help message for /at?
/at accepts a comma separated list of optypes
Enable emulation in /as, it's fast enough and results are better
Test and benchmark --with-sysmagic in the CI

shell

Add open command as a wrapper for the system launcher
Fix #20387 - woa 1 confusing error message
Honor autocompletion in the of command
Use RCoreHelp for j? and uc? to fix a lint
Add |E |D |J pipe aliases for base64 command execution and encoding
Support interpreting executable binaries with r2 -i or '.'
Don't print eol chars for now to fix an r2pipe issue
Make command repeat behave as expected with the foreach operator
Improve the yank command and help
Honor : table modifiers in om,
omt->om, and make omr print map size with no args
Implement s** for proper seek history parseable output
Implement ics command to list address of class methods
Protect ms shell with scr.interactive
Fix null deref crash in RTable and improve C,
Implement 'e,' for table format, old e, is now e:
Use RCore.help instead of eprintf in more commands under aa
Implement y- command and some other indentation fixes
Use : instead of =! in all the io plugin help messages
Fix autocompletion for :. for r2frida

tests

Fix total amount count of tests in r2r output
Add test index progress in default output
Support REQUIRE in r2r tests
Add a few tests for cBPF conditional jumps.

tools

Remove all global variables in rahash2
Implement native r2pm pkg registry, buffer r2pm -s
Enable r2pm-native when calling it from r2
Use R_LOG in libr.main and fix RLogLevelMatch
Allow rasm2 -f to open files with r_io files
Fix ragg2 -C for pe64
Fix memory leak on error path of rabin_do_operation()
Fix leaks of allocated memory for duplicate plugins
Check return value of r_list_new()
Improve pid directive in rarun2, better info reporting

types

Fix #16492 - Handle - suffix in te and ts, add tests

util

Tests for the "standard" splist() implementation
Minor bugfix in strbuf.c
Add some more asn1 oids from apple
Check for RGraph in r_graph_free()
Fix several issues in r_syscmd_join()
Fix leak of char* in r_table_visual_list()
Fix leak in some yanking cases
Fix possible leak of list after each loop iteration
Move eprintf message to debug log
Check if RList* is available before calling r_list_get_n()
Fix leak in r_log_vmessage()

visual

Add 'pxu' mode to
Improve visual text editor navigation ('j' moves to next line)
Fix #20602 - Insert and cursor glitching in hex panel
Implement interactive text editor mode in VPi command
Fix insert nibbles in visual hex editor
Use p8x and remove pcj from visual list

windows

Implement r_cons_is_tty for w32

write

Warn when bypassing the word bounds of numeric arguments in wo
New syntax for wox to differentiate hex and numbers
Implement wa+ command to assemble + seek

5.7.6

1 year ago

Release Notes

Version: 5.7.6 Previous: 5.7.4 Commits: 167 Contributors: 19

Highlights

More details

Authors

Adwaith V Gautham Alessandro Carminati Axel Iota ChoobieDesu Denis Ovsienko Dennis Goodlett Ilya Trukhanov Lazula Maurizio Papini Paul B Mahol RHL120 Richard Patel Sergi Àlvarez i Capilla Seunghwan Chun condret mrmacete pancake pancake pluswave

Changes

anal

Add mnemonic API to pickle arch
Add last opcodes to pickle assembler
Add python pickle machine (pypm) dissassembler
In cBPF jt and jf are unsigned, fix the code
Handle arm64's BTI instruction as a nop
- Revert "ARM disassembler: don't compute [pc, reg] memory location
ARM disassembler: don't compute [pc, reg] memory location
Updated syscalls for aarch64 to linux 5.19.0-rc1
Update syscall table for linux-x64 from kernel 5.19-rc1
Fix leak in wasm opcode disassembly
- Fix leak in wasm opcode disassembly

analysis

Handle arm64's BTI instruction as a nop
- Revert "ARM disassembler: don't compute [pc, reg] memory location
ARM disassembler: don't compute [pc, reg] memory location

analysis"

- Revert "ARM disassembler: don't compute [pc, reg] memory location

arch

Fix riscv left shift bugs and implement archinfo
Revert "Update capstone which improves the PPC support
Update capstone which improves the PPC support
Add pickle assembler

arch"

Revert "Update capstone which improves the PPC support

asm

Fix for riscv

bin

Fix returning imports table
Fix use-after-free in the macho swizzler
Add RABIN2_MACHO_NOFUNCSTARTS option for testing purposes
Expose dbgInfo.LineNum on macho files
Fix macho swizzle bug by cloning the plugin struct
Early check to avoid null deref on files with missing buffer
Workaround for the fatbin slice selection regression
Refactor wasm custom name parsing

build

GIT_TAP=$R2_VERSION if no .git is found
Initial work towards onifying r_util

Build r2 with muon+samu
Publish m1 packages automatically on release time
Add line count history helper scripts

cons

Speed up rendering by caching context pointer
Fix picking colors for 256 colors terminals
Fix display issues with pss visual mode

core

Add cmd.undo and handles it for w and CC commands

crash

Fix double free when shrinking vectors
Fix oobread in iOS arm64 kernel parsing
Fix FPE crash in p2 visual mode
Fix buffer overrun in pd reported by durandal_1707
Fix crash when calling strcmp on NULL
Fix heap oobread in the macho parser
Fix asan heap oobread in the tms320 disassembler

disasm

Dont show asm.describe on strings

doc

Increase maximum recommended line length

esil

Fix x86 - ROL RCL ROR RCR with memory locations

Fix last covs and support mount in ms
Refactor the RFS.Shell and add the getall command
Add fs.cwd to define default path in ms

globals

Remove time_t now global variable for magic

Update the embedded libzip under shlr/zip
Tiny optimization in RBuffer -0.01s speedup

lint

Fix a new linting to remove the double error message in RLOG calls

magic

Add RSA/DSA key magic

panels

Add Assembler entry in Tools/

print

Fix color changing for same block and prc=f
Fix p=F output
Allow to change entropy bars width with '[]' keys
Fix p=e output

projects

Fix two more projects tests with the new onnu

r2pm

Fix r2pm.sh path resolution issue

refactor

Refactor a few eprintf to R_LOG_ERROR
Merge asm.riscv into anal.riscv
Remove unused daylight logic in magic/mdump
Remove optyp global variable for magic
Ignore asm->immdisp
Merge arc from asm into anal and build it with meson
Merge v850.np into v850
Use arch/bits info from anal if asm is not available in r_core_bin_update_arch_bits
Merge asm_x86_cs into anal_x86_cs
Merge asm.mips(cs,gnu) into anal.mips
Merge asm.tms320 into anal.tms320

search

Fix /rx
mbr magic is not good for deltified matches
Remove noisy mail.news magic file
Fix /as on arm64-linux and add missing tests to cover it
Improve little and big endian LZMA header magic matching

shell

Add the infamous command tac
Implement ~$!! as a tac replacement and clarify the ~$! use
Handle the s# command as in 's #'
Partial #19887 - Refactor c[248], add and test c[248]*

tests

Fix ARC tests and improve r2r.asm output

tools

Fix #20439 - rafind2 -V search for values like in /v
Fix #16209 - ragg2 on macOS
Use of RNum.calc in rax2 to honor error code
Honor opasm in rasm2 -LL output

util

Be more strict when parsing numbers
The RThread.start(true) had racy deadlocks, re-enable the bg http server
Use R_LIKELY and r_return in the skiplist api
Optimized implementation of rand for skiplist

view

Fix r_cons_printf call in calculator
Add FPU/XMM/YMM panel displays

visual

Fix recently introduced stack buffer overflow
Make PageUp/Down keys less laggy
Allow seek to previous result item when it is at 0 offset

5.7.4

1 year ago

Release Notes

Version: 5.7.4 Previous: 5.7.2 Commits: 79 Contributors: 11

Highlights

More details

Authors

Alex Bender Baldanos Dennis Goodlett Richard Patel Richard Patel Sergi Àlvarez i Capilla condret gitcolt pancake pancake tbodt

Changes

anal

Honor syntax cfg in cs anal plugins
SPARC ignores cfg.bigendian because all instruction fetches are BE
Add big endian support for arm prelude search

arch

Re-enable the bpf.mr assembler

asm

Remove all instances of "ptr " in x86 cs assembly output
Move the lm32 plugin into the anal

bin

Fix o-- issue on macho-arm64
Don't hash files when loading, that's too heavy! 1.2s -> 0.8s
Fix wasm function offset lookup
Split wasm imports by types

Ignore odr-violations by default when running asanified r2r

cleanup

Lint for x""

cons

Add r_sys_signable() and use it from r_cons_thready

core

Fix loading xtr bins without arch dedicated asm plugin loaded

doc

Correct help msg fro ph command

Fix mountpoint listing in the rfs shell

Add omu command to create a unique map
Miniscule optimization of io vread and mapping operations

lint

Add R_MUSTUSE hint
Add a linting to avoid R_LOG calls ending with a dot
Use r_str_startswith() in libr/io/p instead of strncmp

print

Fix (null) printing on pi command

projects

Fix #20405 - Multiple fixes and improvements in projects

refactor

More eprintf -> RLOG here and there
Merge asm.java into anal.java
Move asm.sh disassembler into the anal.sh
Add another source linting to avoid newlines in RCore.cmd()
Minor simplification of meson build files
Merge asm_rsp into anal_rsp
Merge asm_propeller into anal_propeller
Merge asm_m680x_cs into anal_m680x_cs
Merge asm gb into anal
Merge the asm.mcs96 plugin into anal
Merge asm.cris into anal.cris
Use more R_LOG instead of eprintfs and add more linting checks
Add sys/lint.sh and run it in the CI
Merge asm.8051 into anal.8051
Merge asm.sparc into anal.sparc
Merge asm.alpha into anal.alpha

shell

Fix #16395 - Add open file command to the ms shell

tests

Remove the -r and -m flags from r2r

tools

Down with capitalism - lowercase all capitalized strings in r*2 -h
Add RABIN2_VERBOSE env var to set bin.verbose=true in rabin2
rabin2 -qqqqqq doesnt swap between simple and simplest now

web

Few http webserver improvements

5.7.2

1 year ago

Release Notes

Twitter thread: https://twitter.com/radareorg/status/1539561234453987328?s=21&t=RMA5QEUIJoG6tdVvPCc-Cg

Version: 5.7.2 Previous: 5.7.0 Commits: 192 Contributors: 26

Highlights

More details

Authors

Aleksey Kislitsa Apkunpacker Ben Demick Denis Ovsienko Dennis Goodlett Dennis Goodlett GiulioL GiulioLyons HighW4y2H3ll Lazula RHL120 Richard Patel Richard Patel Sergi Àlvarez i Capilla aemmitt aemmitt-ns colt condret lazymio meme pancake pancake pipothebit rax2 rax64 ypsvlq

Changes

anal

Add op->cycles for M68K move
Set data alignment of m68k CPUs
Use r10 as SP and as an sp alias on arm64
Fix archinfo for BPF
Add icg str argument for filtering classes to graph
Add z vector registers for ARM64 in the register profile
Add R_REG_TYPE_VEC
Remove dead code
Add esil support for VMOVDQU in anal_x86_cs.c
Fix ARM ujmp op type with rjmp & mjmp
Fix #20215 - Handle op->direction in XOR x86 instructions
Reduce LOC of i4004 assembler (only use gperf for 1 byte instructions)
Move i4004 asm to anal

analysis

Set data alignment of m68k CPUs
Use r10 as SP and as an sp alias on arm64
Fix archinfo for BPF
Add icg str argument for filtering classes to graph
Fix ARM ujmp op type with rjmp & mjmp

arch

Fix reg profile, add archinfo and opinfo for bpf.cs
Initial import of the asm.bpf plugin from extras
Add initial anal.bpf.cs plugin + disasm tests

asm

Support tbz,tbnz,rev16,rev32 instructions in the arm64 assembler
Support cset and sxt(b,h,w) instructions in the arm64 assembler
Support mnemonic list for all Capstone-based plugins
Support ccmn and csel instructions in the arm64 assembler
Support more arm64 instructions

bin

Fix #17174 - Add the flagname and real symbol name details in the output of icj
Better handling of invalid/corrupted wasm files
Use RPVector for wasm imports
Use RPVector for wasm data section
Refactor wasm start section parsing
Move RBinWasmObj-code to RPVector
Wasm use rpvector on elements
WASM use RBinWasmObj in vector parsing
Update wasm tests for exports
Fix wasm iE duplicates
Rename wasm subection index member to sec_i
Change wasm subsections into RPVectors
- Use RPVector for wasm tables entries
- Use RPVector for wasm memmories entries
- Use RPVector for wasm global entries
Refactor wasm and add function section parsing
- Remove unsed buf_read_new from wasm parser
- Refactor wasm vector sub-section parsing
- Add wasm function sub-section parsering
Fix ELF default arch of x86
Avoid false positives when loading s390 modules
Refactor wasm function types
Wasm allow partial custom name parsing
Wasm iE improvment

build

Windows builds include debug information by default
Add macos-m1 GHCI builds
Update v35arm64 to fix build on riscv
Massage MAKE_JOBS for sys/debian.sh too
Remove the r2p symlink on Make purge

cons

Fix/clarify the use of cons.vtmode/line.vtmode/vmode
Reduce stack in RLine.histLoad() and early return on windows to fix a crash

core

Fix fortune file detection
Make the gnu disassemblers thread safe

crash

Fix oobread in RTable exposed via an ELF reproducer
Fix #20336 - wasm bin parser
Fix oobread in wv
Fix #20248 - DoubleFree in RCons.pop() triggered via RCore.cmdStr()
Fix infinite loop in gdbserver =g
Fix several bugs in the RStack API

disasm

Fix negative on unsigned value in v850.pseudo
Update to the latest capstone to fix a bug for BPF
Fix #17961 - missing flags in asm.reloff=1 + scr.color=0

doc

Rename doc/crosscompile to doc/cross-compile.md
Add ABI stability explanation

esil

Fix SHRD instruction ESIL
Add ESIL to the anal.bpf.cs plugin

Fix bug in io_ihex
Optimize io.open() by skipping plugin iteration if no uri found
Add stdin:// uri handler in the io.malloc plugin

parse

Make existing types available to r_parse_c_string

print

Fix #20310 - Handle help suffix on more pd subcommands
Convert pf d specifier to hex dword

r2pipe

Fix: pthread_create: Resource temporarily unavailable

r2pm

Handle R2PM_UNINSTALL on Windows
Fix environment message for the package manager
Improvements in the native r2pm, being able to install samu and muon

refactor

Merge asm.avr into anal.avr
Merge asm.xap into anal.xap
Merge asm.i8080 into anal.i8080 and add a test
Merge asm.xcore_cs into anal.xcore_cs
Merge asm.amd29k into anal.amd29k
Merge asm.h8300 into anal.h8300
Merge asm.lh5801 into anal.lh5801
Merge asm.cr16 into anal.cr16
Merge asm.v850 into anal.v850 and add a test
Merge asm.malbolge into anal.malbolge
Merge asm.v810 into anal.v810
Merge asm.pdp11 into anal.pdp11
Merge asm.6502 into anal.6502
Remove more R_TH_LOCAL in TCC
Remove excess zeroing in anal_bpf.c
Merge asm.riscv.cs into anal.risc.cs
Move asm.pyc to anal.pyc
Merge asm.nios2 into anal.nios2

search

Honor cfg.bigendian in /v subcommands

shell

Fixes for the R2_FORTUENS system and home paths
Fix history file path construction
Fix error message in e- when resetting in debugger
Remove newline in date and pt. output
Expose R2_HISTORY in r2 -hh and r2 -H to locate history file

tests

Add Capstone aoml cases
Generate r2r.json for profiling the testsuite
Sort lines in r2r -h
Use absolute path for r2r -o

tools

Fix disalignment glitch in rasm2 -L and rasm2 -LL

util

Compile-time optimization for r_str_startswith()

visual

Fix arrows in visual prompt on windows cmd V:

windows

Autoset vtmode=1 or 2 depending on shell or visual
Detect cmd.exe as vtmode=2
vmode fixes visual shift issue in cmd.exe
Support building windbg plugin under mingw