Radare2 Versions Save

UNIX-like reverse engineering framework and command-line toolset

4.4.0

4 years ago

Release Notes

Version: 4.4.0 Previous: 4.3.1 Commits: 328 Contributors: 41

Highlights

Replace shellscript, nodejs and V testsuites with r2r.c which is shipped by default
Added initial analysis plugins for super-h and tricore
Fix build and some runtime issues on IBM s390x
Updated rap:// cleaned up implementation inside RSocket for client and server
Speedup type linking (300x faster)
Fixed all the timeouts and crashes from bins/fuzz
Add support for retpoline switch table analysis (spectre/meltdown)
- Fix #16418 - Implement blind main detection on endbr+mov files
Add commands to emulate a basic block or the whole path until reaching an address
Fix support for the latest GLIBC for heap parsing
Improved automatic function signature association for the imports
- Fixed afs command to show proper footprint
- Add support for typedef and added NSString type on darwin binaries
- Fixed all the t subcommands to print all types as C
Improved visual class browser and the visual bit editor
ragg2 now allows to change the path of the shellcode to run
Graph visualization is now faster
Use RPVector for io->maps - speedup map traversal (overall speedup)
Lots of code cleanup and refactorings reducing memory usage and performance
DEX loading is now 2x faster
Fix assembler: MOV for x86 and LDR for arm64
Improved the bin loader to support iOS 13.4 dyldcache files
Improved support for ObjC IVAR fields loading them as C structs
Add improved icc subcommands to print as classes as C, ObjC or Java
Automated Emscripten (JS/WASM) builds in CI
Fixed static build by defining a new file naming policy
Default installation path with sys/install.sh is now always /usr/local
- Previous installations in /usr will be purged
Only check for major and minor version numbers when loading plugins

More details

Authors

Alexis Ehret [email protected]
Anton Kochkov [email protected]
Aung Khant Ko [email protected]
David CARLIER [email protected]
Disconnect3d [email protected]
Florian Märkl [email protected]
Francesco Tamagni [email protected]
Frédéric Tobias Christ [email protected]
HoundThe [email protected]
Itay Cohen [email protected]
Khairul Azhar Kasmiran [email protected]
Khairul Kasmiran [email protected]
Khairulmizam Samsudin [email protected]
Liumeo [email protected]
Lowly Worm [email protected]
Maijin [email protected]
NIRMAL MANOJ C [email protected]
Paul I [email protected]
Riccardo Schirone [email protected]
Rikard Falkeborn [email protected]
Rishi Bhatt [email protected]
Robin [email protected]
Sergey Alirzaev [email protected]
Sylvain Pelissier [email protected]
Tigre000 [email protected]
Zi Fan [email protected]
aar0nge [email protected]
curly [email protected]
davidpolverari [email protected]
gur111 [email protected]
karliss [email protected]
kuqadk3 [email protected]
luke-goddard [email protected]
mdolmen [email protected]
pancake [email protected]
philoinovsky [email protected]
yossizap [email protected]
Óscar Carrasco [email protected]

Changes

anal

Add initial SuperH and Tricore analysis plugins
Added option to search all vtables
Fix infinite loop in aae - check if address is valid
If possible use symbol name instead of entry name for function name (#16528)
makes the local variable access detection work on arm64
Fix asserts when trying to use a unexistant or wrong analysis plugin
Minor Fixes for XRefs counting (#16546)
Fix #16413 - Analyze code refs spotted with aae
Implement x86 anal.jmp.retpoline switch tables (spectre/meltdown)
Tweak arm64 ldr ESIL for var access
Add opaddr field in ab/abj output
Improve noreturn and aesu times, show it in afi & afij
Fix dup af+ removing function from hts (#16526)
Fix #16308 - Add fcn arg in r_core_anal_propagate_noreturn to avoid O(n) in af
Fix ao~bytes and add test
Improve aef by skipping calls and improving the logic
Improve aeg command and add aaef as an alias for aef@@@F
Fix #16225 - Remove the unused fcn_locs causing an UAF
Implement Shortest Path between BBs and add tests for abt (#16200)
Implement aesB command to step until the given basic block
Implement afsj command to get the JSON definition of the function signature
Add acvf command and devirtualizing vtable method calls (#16157)
Implement aeb command to emulate a basic block (#16174)
Guess a better name for functions when multiple flags point there

asm

Fix #16433 - Use MOV opcode B8+ for MOV r64, <0x80000000 to 0xffffffff> #16572
Fix #16433 - Support movabs for x86_64's MOV r64, imm64 (#16527)
x86_64: Use MOV opcode C7 for MOV r64, -<1 to 0x80000000> (#16551)
Fix arm64 branch assemble (#16205)
Support asm.cpu for Tricore architecture (#16161)

bin

Fix infinite loop in macho commands parser (#16562)
Fix heap overflow in the relocs ELF parser
Improve COFF symbol info (#16523)
Fix crash issue induced by an integer overflow in the mach0 parser
Fix #16455 - iij asserts for ld-uclibc with a null import
- Fix asserts in iij for ld-uclibc with a null import
Add rust lang support to iD command (#16490)
Fix #16418 - Implement blind main detection on endbr+mov files
Fix COFF symbols/imports info (#16446)
When computing ELF relocations, use DYNAMIC segment if available (#16419)
Make dyldcache accelerator info optional
- Make dyldcache accelerator info optional
Do not use r_buf_data in DEX results in 1.5x faster parsing (22s vs 33s)
Implement icc*, in sync with ic* to get C strcuts from mach0 classes into r2
Add mach0 class fields with padding and sorted by offset
WIP: Improve ObjC's IVAR fields support
Fix #16265 - Segfault in rabin2 -O e/123 with ELF
Fix memory leak in RBin. NE relocations
This allows to open dyld cache files from iOS 13.4 for which
Idea for fixing id? and idp? etc commands (#16244)
Fix PE endian and alignment issues spotted by ASAN
Strip minuses from the hash names for sha256 PE signatures (#16156)
Fix heap overflow in the relocs ELF parser
Fix crash issue induced by an integer overflow in the mach0 parser
Fix #16455 - iij asserts for ld-uclibc with a null import
Make dyldcache accelerator info optional
Fix memory leak in RBin. NE relocations
Fix PE endian and alignment issues spotted by ASAN

build

Fix Build on NetBSD (#16520)
Update SDB
Make msbuild quieter (#16482)
Create more GitHub Actions jobs for meson and gcc/clang
Build fixes to make emscripten builds happy (#16406)
Avoid duplicated module filenames to fix static.sh
Rename util/diff.c to udiff.c to avoid libr.a collission
Build *.deb packages only for master branch (#16320)
Run sys/static in the Debian task
Fix #9240 - sys/install.sh uses always /usr/local + rpath now

core

Remove asm.linesup (#16293)
Fix wen command for io.va=true, add two tests
Fix #16281 - Do not load system-wide plugins twice
Only check for major and minor version numbers when loading plugins
Add cmd: acvf [offset] ([class name])
Add r2 -NN to not load plugins
Always use r_getopt, do not depend on libc (not just on windows)
Use r_core_cmd_lines() for -c (#16290)
Use @{} instead of @() and fix this modifier
Implement @v: value modifier, like @x: but with endian and size
Fix #15978 - segfault when using r2pipe webserver + local visual (#16508)
- Makes r2 interop more stable

debug

Fix tcache address and offset in print_tcache_instance()
Fix dmht for glibc caused by wrong tcache offset and definition (#16247)
Fix tcache_perthread_struct definition
Test dmha/dmh for glibc x64 (#16307)
Fix #16432 - openbsd fork+attach EBUSY issue
Decouple shlr/gdb registers profile from code (#16312)
Minor fix to get dmh to work with riomap (#16286)
Detect glibc version and set dbg.glibc.tcache accordingly (#16255)
Fix chunk listing with tcache and add test (#16239)
Fix #16219 - Add $DB variable for dbg.baddr
Add tests for rebasing in debug
Fix debug rebase regressions
Clean drx/drt/drp help message (#16203)

diff

Fix print string in radiff -qu (#16212)

disasm

Show realnames on function's signature when enabled
Fix #16263 - Do not newline after showing switch cases

egg

Fix shellcode path customization (#16384)

graph

Optimize r_anal_get_bbaddr() to make graph navigation faster

Fix #16210 - Show error message and update help for we
Fix #14371 - Make wfs paired with wts, rename wfs to wfx
Use RPVector for io->maps - speedup map traversal
Fix #16347: o+ sets maps as writable like oo+ (#16381)

json

Fix #16233 - ~{} works on colorized JSONs
- Fix #16233 - ~{} works on colorized JSONs
Use pj in zj (#16321)
Use pj in ilj
Add pj_ad api to print raw data

lang

Update support for V in libr/lang

ports

Fix #16109 - Add R_SYS_ARCH for s390x

print

Fix #16394 - Make pm [file] work again
- Fix #16394 - Make pm [file] work again
Implement hex.offset config variable to hide address column from hex-dump (#16373)

refactor

Initial r_anal_fcn_* purge (#16238)

reg

Make r_reg_get_list() search harder (#16202)

search

/ad/ in /bin/ls ate 9 extra MB that was never freed
Fix memory leak in /ad/ using r_regex api wrongly
Fix #16327 - Search in range with io.va=false
Add LZMA-BE magic signatures
Display correct lengths for cryptography search commands (#16262)

socket

Initial refactoring of the rap:// protocol (-75 LOC)
Fix socket connection issue (#16218)

test

Fix all the crashes and timeouts in the fuzz tests
- Related to aav, aae, aa,
Move test/new/* into test/
Add interactive mode to r2r (#16466)
Format some missed tests
R2R for Windows (#16410)
Add Timeout to R2R.c (#16371)
Enable R2R in C for all CI except Windows (#16354)
Initial support for test categories and fix the windows build
r2r new flags: -n to not run -v for version, add manpage
Delete the r2r.v and use r2r.c
Autodetect dbdir in r2r.c (#16365)
Add ic + icc* tests for objc
R2R in C Enhancements (#16310)
Initial Implementation of R2R in C (#16216)

tests

Move test/new/* into test/
Format some missed tests
r2r new flags: -n to not run -v for version, add manpage
Add ic + icc* tests for objc

tools

Fix #16389 - r2r -qv and r2 -v to show version and quiet versions (#16472)

types

Fix #13677 - Add txt command and make txf accept an argument
Fix empty struct and add test (#16408)
Fix tp and tpx to accept types with spaces
Implement tc* and fix tc glitch
Add NSString and size_t types in tcc+r2
Optimize 'tl', r_core_link_stroff and r_type_link_at (0.01s vs 3s)
Use the proper API to find function in tl
Add R_TYPE_TYPEDEF to RTypeKind (#16243)
Enhance the way imports are processed in r_anal_function_get_signature
Implement tpv command and some random code cleannup
Fix afs not showing signatures correctly with preloaded sdb types
Fix afs not showing types and args

util

Implement r_table_uniq as API and query (#16385)
r_buffer: do not move seek when using _at APIs (#16401)
Make r_str_split_duplist() thread-safe (#16341)
Remove r_str_rmch and simplify r_str_replace_char*
Add pj_ko and pj_ka APIs

visual

Add anal classes to "Vb" (#16383)
Fix cursor visibility after leaving visual graph (#16298)
Visual bit editor now shows bits up and down
Add VdN (afs!) to edit function signature with cfg.editor

4.3.1

4 years ago

Binaries: http://radare.mikelloc.com/release/4.3.1

Fix segfault in om= command
Fix dead process issue with ood/doo command
Fix build with ancient capstone3
Fix build with pre-c99 compilers
Some more code cleanups + refactorings

See 4.3.0 changelog for full details compared to 4.2.0

4.3.0

4 years ago

Release Notes

Version: 4.3.0 From: 4.2.1 To: 4.3.0 Commits: 214 Contributors: 33

Authors

Adam Van Scyoc [email protected]
Anton Kochkov [email protected]
Clark [email protected]
David Carlier [email protected]
Drew McGowen [email protected]
Florian Märkl [email protected]
Francesco Tamagni [email protected]
Itay Cohen [email protected]
Khairul Azhar Kasmiran [email protected]
Khairul Kasmiran [email protected]
Khairulmizam Samsudin [email protected]
Manuel Prinz [email protected]
Marco Grassi [email protected]
Maxim Ivanov [email protected]
Michael Rodler [email protected]
Paul I [email protected]
Riccardo Schirone [email protected]
Roman Valls Guimera [email protected]
Sylvain Pelissier [email protected]
Vane11ope [email protected]
XYlearn [email protected]
Zi Fan [email protected]
abcSup [email protected]
bannsec [email protected]
fooxax [email protected]
haystack-ia [email protected]
karliss [email protected]
kuqadk3 [email protected]
pancake [email protected]
yossizap [email protected]
Óscar Carrasco [email protected]

Changes

anal

Rename the Function Flag on afn (#16078)
Fix 'af' missing lines bug when analyzing in frida://0
Implement function names with dots in signatures
Remove more members from RAnalBlock
Remove prev, jumpbb and failbb from RAnalBlock
Refactor Anal Hints (#15876)
Skip empty esil expressions in 'aeab' to fix partial results issue
Add 'aba' command as an alias for aeab
Fix aeab and add V (values) in aea outputs
Implement aeab command

asm

Fix #13908 - x86 aoj for instruction with hidden operand
Add 'wao jinf' for Dalvik
Determine Gameboy hardware registers in disassembly (#15909)

bin

Add new BIND_OPCODE_THREADED constant for MACHO binaries (arm64e)
Add Windows Crash Dump format support (#16087)
Minor Fixes and Tests for NSO/NRO (#16053)
Fix iS hash outputs (#16044)
Add Authentihash support for PE (#15987)
Fix ELF symbols for names just before the end of strtab
Parse dyldcache local symbols
Fix some out of bound accesses in LE (#15943)
Fix #14325 - Honor segments in DEX files (#15920)
Many FLIRT handling fixes

build

Fix debugger build on Linux/s390x
'sign' as an alias for ios-sign and macos-sign
Build debian package in CI

cons

Fix again the EOL bgcolor issue (and improve scr.html) (#16120)
Implement ecHj to list highlight rules in json format
Fix r_table_tostring for string with ansi escape code (#16069)
Fix #16063 - bgcolor not reset on newlines
Fix ecH- deleting ecHi and deleting meta highlight items
Fix #15359 - Enable key.f# keys to be used in the shell
Improve the gentoo theme

core

tree-sitter: support iter commands (#16111)
Initial implementation of the 'rb' command to rebase all the things
Use state struct and start handling cmd_substition_arg in tree-sitter (#15966)

debug

Use RTable API in r_core_debug_rr (#16066)
Fix show register value in column (#16010)
Add 'dbH' to set hardware breakpoints (#15933)

disasm

Improve ecH (ecH-* dels them all, ecH- doesnt segfault, ecH list)

esil

If esil.addr.stack is mapped find an available one
When esil.stack.addr is -1 set it to the next unallocated address
Code cleanup for r_core_esil_step() (#16017)

graph

Add graph.aeab to show esil stats instead of disasm

json

Fix #15851 /wj without arg produce '\n' (#15885)

panels

Fix a bug on clicking in panels (on Mac and Linux)

projects

Preserve "functions" flagspace when saving projects (#16057)

refactor

Revert "Avoidify the RUtil.strTrim() APIs, rename trimHeadTail() and add asserts in RConfig
Avoidify the RUtil.strTrim() APIs, rename trimHeadTail() and add asserts in RConfig
Fix consecutive call to r_table_sort (#16049)
Kill all globals in rabin2.c
Remove globals from main.r2
Remove globals from rax2

refactor"

Revert "Avoidify the RUtil.strTrim() APIs, rename trimHeadTail() and add asserts in RConfig

test

Add tests for RList (set, get, reverse, clone, append, prepend) and remove legacy
Add initial sparc regression tests
Handle ^C in r2r.v and support threads in fuzz tests
r2r.v: Assume BROKEN=1 if not 0 or "" (#15936)
Add Unit Tests to Meson (#15926)

types

Fix tccj, tccl, tcc* output errors and add tests (#15931)

util

Avoidify the strTrim() APIs + cleanup/refactor
Memory leak fix proposal in syscmd_join

visual

Fix #15963 - Handle / in Vx (visual xrefs)

To Review

Fix #15211 - null deref in calling convention analysis
Fix crash in elf parser found in the mtk-su binary with asan
Add support for number_command and recursive help
cmd_ignbithints should be set everywhere for consistency
Save rnum->value before doing a cmd substitution
Update radare2-shell-parser to fix null deref in html_disable_command
Fix last coverity issues (#16114)
Make r_strbuf_fini() safer (#16115)
Add test for loading typedefs with to (#16101)
Add test for long ESIL bug (#16102)
[ppc] Only free op->esil if ESIL not requested (#16102)
Fix #16093 - support syscall redefinition in REgg (#16106)
Upgrade to node-r2r-0.4.0 (#16098)
Add test for yara in extras (#16090)
Fix #14647 - Add output of sections to segments mapping for ELFs (#16045)
Add output of sections to segments mapping for ELFs
Create RReg test unit (#16081)
Fix some anal cmd handlers (#16085)
Do not use the elvis operator for bool expressions (#16073)
Upgrade node-r2r to 0.3.1 to fix the <<EOF -i issue (#16072)
Fix null-deref on afv[rbs]-* without function (#16071)
Use RString and minor cleanup (#16070)
r2r.v path/to/cmdtest works now
Convert NAME='name' to NAME=name in tests (#16067)
Fix r_cons_rgb_parse() harder (#16061)
Also fix init of some ret args in r_meta_print()
Boolify try_walkthrough_jmptbl
Add R_ANAL_RET_NOP constant
Add test case
Replace O(n2) ELF symbol matching with hashmaps (#16052)
Replace O(n2) ELF symbol matching with hashmaps
Swap loop order to ensure that all phdr_symbols are marked.
Use name, size and offset as hashmap keys.
Add [?] to fd help entry (#16058)
Allow function names containing dots in tcc
Add some very basic tests for NSO/NRO
Remove broken readLE* functions from NSO/NRO
This reverts commit 38b61c7bcfe55a727b9c3cedbc0f3147018e7c6b.
Run 'r2r fuzz' from anywhere
Remove stray pancake activity ;) (#16054)
Fix a segfault in libmagic when error string > 4096 (#16050)
Fix address representation minbound maxbound in afij (#16051)
Force sorting of rows in the event of consecutive sort
Remove global Gdec and use r_list_reverse for decreasing sort
Add test for r_table_tostring and r_table_sort
Upgrade capstone v4 and next branches
Simplify travis oneliner
Fix r_table_sort segfault when column type is NULL (#16047)
Rename argument to 'dec' (decreasing) to reflect existing output
Add test
Refactor bin_sections function
Add filter_hash_string function
Fix segfault in Authenticode hash check (#16042) (#16043)
I noticed that r2 will crash when loading a PE file with
Authenticode digest algorithm other than SHA-1 or MD5. I traced
it down to the PE_(bin_pe_compute_authentihash) function returning
NULL if it encounters an unsupported digest function. This results
in NULL being passed to strcmp which causes the segfault.
Solution was to add a check for PE_(bin_pe_compute_authentihash)
returning NULL and to set bin->is_authhash_valid to NULL.
The real solution is to add support for more algorithms but this will
stop crashes for now.
Greenify AppVeyor on master by using different tag name (#16041)
Greenify AppVeyor on master by using different tag name
Co-authored-by: Itay Cohen [email protected]
Fix read stack-based buffer overflow when using str with pk_js (#16040)
In some cases I noticed str is not correctly terminated, so when it is
later used in pk_js, that function reads a very long string, outside
of the memory bounds of the original buffer.
Add support for @* commands in new r2-shell-parser (#16038)
Use TSSymbol instead of comparing type strings
This patch uses ts_node_symbol instead of ts_node_type to check whether
a node is of a given type. Since TSSymbol is just an integer, the check
will be much faster. Also, it allows to store commands handler in an
hashtable, instead of having if-cascade.
Make sure r_config_hold works even when keys do not exist or are freed
Add support for all _tmp_commands
Make sure to always reuse the same TSLanguage
Update both tree-sitter and radare2-shell-parser
This way we use TSLanguage version 11, which fixes some problems with
TSSymbols.
Compute is_last_cmd on each single command and fix logging
is_last_cmd should be set on a per-command basis, so if you analyze
things like pd 3; .; .; .; the . refers to pd 3.
This also fixes logging, so when an invalid command is parsed, it is
still available in the history.
Add comment about directly using r2-shell-parser in r_core_cmd_lines
r_core_cmd_lines tries to parse the input and split it in lines, but at
least in theory, we don't need it as the new parser can already handle
full scripts.
Allow other tasks to run between commands even in the new parser
Fix #10696 - Kill r_io_map_add_next_available
The function is just renamed to be reused and we have no tests for it, but it may fall into an infinite loop
Fix #15842 - Add minimal slice for reproducible af test on anal-block branch
Highlight that 'new' is a directory name in test docs (#16035)
Use absolute URLs in pull request template (#16036)
Fix sdb API usage to avoid extra strdup() (#16028)
Make r_table_columns() faster, leak- and double free free (#16031)
Remove ARGS= from tests (#16032)
Support real names in "fd" command (#16027)
add tests for fdj and fd.j
Add support for realnames in fd
Add a Test for fd with realname
Co-authored-by: Florian Märkl [email protected]
Fix Spaces Interference in r_flag_get_at() (#16019)
Unstick Travis by using compgen instead (#16025)
Code cleanup in r_core_esil_step()
remove unnecessary call to initializeEsil()
remove another set PC register in initializeEsil()
Add test for aes without initialization
Use git clone --depth 1 as much as possible in builds (#16022)
Refactor r_bin file hashes
Add r_bin_file_compute_hashes
Add r_bin_file_set_hashes
Refactor it itj commands
Introduce hashes method to RBinPlugin
Add test for env with spaces
Make env command trim key/value strings before setting env variables
test/bins/fuzz: null_pointer__elf_init__store_versioninfo__store_versioninfo_gnu_versym
Fix crash in mach0 mach0_invalid-addr_walk_exports
Add Certificate Table parser to PE plugin
Add SpcIndirectDataContent ASN.1 structure parser
Add Authentihash calculation and check
Refactor r_bin_file_hash
Add tests for Authentihash check
Fix for ar= and dr= and add tests
increase width to accomodate register name larger than 4 chr
fix flag type register value not printed
update r_debug_reg_list() to accept '=' arg
Fix builds by installing radare.r2 manually (#16009)
Upload all generated ZIP files
Use the "concatenation" concept in radare2-shell-parser
Implement repeat_command and do not unwrap quoted args
For back-compatibility it's better to not unwrap quoted args, because
existing commands right now just understand this syntax.
sdb header file dependency for external plugin i.e. pyc (#16004)
r2r.v: Add color to BR and FX of cmd tests (#16003)
Upgrade V
Fix incorrect PPC ESIL and add testcase (#15970) (#15995)
r2r.v: Fix EXPECT_ERR check
r2r.v: Mark broken failing-only-on-EXPECT_ERR tests as BR and not FX
Add ecH. command to show highlight info in the current offset
Fix 32bit format string bug in the protobuf decoder
Fix RCons test UB issue
Add testcase for this RCons.rgbParse() crash
Fix ASAN segfault in RCons.rgbParse()
r2r.v, BROKEN=0: Check only first char
Honor rc in unit runs and fix execution path in make run
Handle return code in r2r.v and fix crashing unit test
Fix asan crash in ecH-
Echi bad color (#15986)
Outputting error on ecHi bad color
Add logic to parse unmapped local symbols.
Every macho image present in the dyldcache has all the metadata about its local symbols stripped away from the corresponding macho header. Instead, this information is present as dyldcache-specific metadata stored in unmapped parts of the cache file.
This PR, for every loaded image, takes care of adding the local symbols which are missing.
Bonus
Fix a potential use-after-free caused by r_bin_object_set_items, by rebuilding class-related hash tables after replacing the class list.
Convert ONE_STREAM tests to EXPECT_ERR (#15979)
Remove RAnalBlock.type
Remove RAnalBlock.cases
Remove RAnalBlock.label
Reorder RAnalBlock members to free 16 more bytes
Handle instructions with hidden operand
Add hidden_op() for instructions with hidden operand
Added operands info for pushf, popf, pushfd, popfd, pushfq, popfq
Add test for aoj for pushf
Fix last covs (#15976)
Fix too long var name and assert on strlen (c) > 1
Fix grep when there is also {}
r_cons_grep_strip expects the ~, otherwise it does not work well.
new parser: fix multiple words in grep and add support for > $alias
Add tests for swift-x86-64 calling convention
Update afcr, afs command
Add support for self, error register argument (Swift)
Refactor and Add Swift calling conventions to sdb
Fix escape/unescape in new shell parser
Fix UB, oobread, infinite loop and other bugs in the LE parser (#15968)
r2r.v: Slurp empty lines as well (#15964)
Cleanup some RAnalBlock Members (#15965)
Simplify ownership in the PE resource parser to fix a double free
Use RVector for Address Hints
Add Arch/Bits Hint Trees
Add Unit Tests for Addr, Arch and Bits Hints
Add unset for newbits
Fix jmptbl hint fetching
Fix r_anal_*_bits_foreach
Print grouped Anal Hints
Fix arch bit affect on disasm
Add Reset Hints to Commands
Add test for type uint64_t
r2r.v: Fix wg race
Memory leak fix for kernel cache module.
Add missing afis info in afi? and fix afis?
Fix tests
Note that ^c is only supported on unix systems for now
Some tests use the new radare.r2 api to use RCons.isBreaked()
Other tests use os.signal() to catch C.SIGINT
Add tests for assemble/disassemble neg al (#15949)
Update neg eax test (#15950)
r2r.v: Fix Success: 0 when running cmd tests (#15948)
Try V suite on FreeBSD and OpenBSD (#15852)
Try V suite on FreeBSD
Try V suite on OpenBSD
Fix V lang error
Update V lang
Fix /wj without argument produce stray \n
- Change logic to prevent unreachable branch
- Revert to R_MODE_RADARE if there is no argument
Add asm x86 neg
Upgrade V
Upgrade V
Convert '..' tests to <<EOF
Convert EXPECT_ERR= tests to <<EOF
Convert some tests to use CMDS/EXPECT without enclosing quotes (#15939)
Convert some tests to use CMDS/EXPECT without enclosing quotes
Add test version that is friendly with node-r2r, r2r.v and AppVeyor
Fix unit tests by upgrading V (#15940)
Fix /j when there is no input argument (#15935)
Return address for unknown Gameboy hardware registers
Improve warning messages in r2r.v
Convert more tests to use a strictier syntax
r2r can load test files when passed as argument
duplicated test names are reported as warnings
run tests from test/new instead of test/src (like r2r.js do)
Upgrade to the latest V
Use only BROKEN=1 in tests (#15932)
Convert cmd_i tests to <<EOF
Upgrade node-r2r to 0.3.0
Tests for concatenated greps in pd (#15925)
fixed esil for arm push/pop with conditional (#15922)
Fix Comment about RAnal.bb_tree (#15919)
Terminate on missing script when doing radare2 -i -Q (#15918)
Add realname to anj (#15917)
Fix a format string in arm (Fix #15915) (#15916)
Fix radare2 -i -Q output when script has no nl at eof (#15914)
Go back to 4.3.0-git after the minor release

4.2.1

4 years ago

4.2.0

4 years ago

On February 2, 2020, GitHub will capture a snapshot of every active public repository, to be preserved in the GitHub Arctic Code Vault. This data will be stored on 3,500-foot film reels, provided and encoded by Piql, a Norwegian company that specializes in very-long-term data storage. The film technology relies on silver halides on polyester. This medium has a lifespan of 500 years as measured by the ISO; simulated aging tests indicate Piql’s film will last twice as long.

csm_Svalbard_Global_Seed_Vault_f25d850445

Release Notes

Version: 4.2.0 From: 4.1.1 To: 4.2.0 Commits: 175 Contributors: 23

Authors

Anton Kochkov [email protected]
David CARLIER [email protected]
David Carlier [email protected]
EggUncle [email protected]
Florian Märkl [email protected]
Guillaume Valadon [email protected]
GustavoLCR [email protected]
Itay Cohen [email protected]
Jeong Jihoon [email protected]
Khairul Kasmiran [email protected]
Kārlis Seņko [email protected]
Riccardo Schirone [email protected]
Sylvain Pelissier [email protected]
Theodore Dubois [email protected]
Vane11ope [email protected]
d4em0n [email protected]
dodococo [email protected]
dok [email protected]
itayc0hen [email protected]
pancake [email protected]
vane11ope [email protected]
yossizap [email protected]
Óscar Carrasco [email protected]

Changes

anal

Fix #15091 - Make 0 fcnsize warning more meaningful and verbose-only (#15866)
Fix jumptable size #13812 (#15822)
Fix afs not working without rettype
Fix a null deref in fcn_recurse
Remove Custom Analysis for Java (#15817)
Refactor RAnal Basic Blocks and Functions (#15169)
Change RAnalBlock.size to ut64
Make type matching independent of bb list order
Improve the op.type text representation when unhandled modifiers are used
Remove dupped basic block analysis in core (#15714)

asm

'push rip' is not a valid instruction

bin

Improve realname support for symbols (#15702)
Add test for #15727 (smd strings) (#15777)
r_str_unescape: Support all izz esc seqs (#15770)
Force read permissions on all load maps in ELF
Initial implementation of LX/LE file plugin

cons

Implement ar, and dr, commands to list registers in table format
Fix #14424 - Handle ~ operator in the ms shell
Implement r_strbuf_slice and use it in panels to solve a glitch

core

Add ?V0 ?V1 ?V2 - for semver support
Upgrade to acr-1.8.1 to get semver support
Add pkgname in RLibStruct for r2pm on outdated plugins

debug

Added reverse step and continue support to gdbr
Moved drC to drpC for profile comments and added drC for reg comments
Added register specific comment parsing to register profiles
Fix crash caused by rebasing a file without sections
Set cfg.debug to true before running oodf in doof
Fix multithreaded breakpoint behavior in linux
Attach to new linux threads on creation
Fix debugger build on linux-s390x
Always unset bps after continue and step hard
Add detailed location info to dpt using pc instead of path
Add packed sizes to gdb vector registers and improve mapping of target description to r2 regs
Fix drt not printing non 64bit/32bit registers and flags
Refactor breakpoint validation (#15754)
- Refactor breakpoint validation
Revert "Validate bp addr on rebase and restore instead of preventing creation
Validate bp addr on rebase and restore instead of preventing creation
Fix hardware bp restoring and fix hwbp repeating errors
Add location in file to linux dpt output
Fix var rebasing by saving regname info
Refactoring ptrace register write for BSD
Implement bsd_thread_list for FreeBSD
Fix reopening of windows debug after detaching not working
Fix windows breakpoint rebasing
Prevent the restoration of disabled breakpoints

diff

Add explicit fingerprint_size to RAnalFunction
Add ccdd command to diff decompiler output of two functions
Add ccdd command to diff using decompiler (experimental)

disasm

Remove realname from strings (#15841)
Show flag realname when finding a function and realname is enabled
Hide flag comments when realname is shown (#15801)
asm.symbol: Improve code/test a bit more (#15798)
asm.symbol: Fix flag name when disasm from non-flag addr with no anal

esil

Add RISC-V 64 word instructions and test (#15742)
Correct RISC-V division and add test (#15712)

Fix #15789: Increment offset for reads as well (#15865)

json

Use PJ api in the output of isj and show realname
Fix issues in iCj, drlj and arlj
Fix izzzj json output
Fix gen json dwarf with pj api (#15755)
Fix is.j iEj and iaj json validation issue in r2 -- (#15724)

panels

More fix for resizing issue (#15844)
Performance improvements for the cursor mode
Code clean-up and a little performance improvement for decompiler cache
All the available decompilers outputs will be properly shown with this
Make the decompiler cache work properly
Add H key for cursor mode which works like the one in vim

print

Implemented pmj (#15864)

r_debug

Debug, BSD systems refactoring

search

Add elliptic curve private key search in /cr command (#15761)
izzzj: Add izzj attributes (#15759)

signatures

Apply types on matching zignature data

table

Add f, command to list flags in table format

test

Fix V testsuite build with latest V from git (#15867)
Convert cmd_pd* tests from <<KEYWORD to <<EOF (#15823)
Support extras tests in r2r.v (#15821)
r2r.v, -j 0: Allocate 1 job per test (#15807)
Improve unit test execution using the new V suite and makefiles
Many improvements in the V testsuite (#15722)

tests

r2r.v, -j 0: Allocate 1 job per test (#15807)

util

Fix r_list_set_n() to allow empty element (#15820)

visual

Limit panel tabs to 9 to avoid keybinding and click issues

windows

Fix reading on invalid process memory

To Review

Release 4.2.0 - Arctic World Archive
Fix resizing issue (#15863)
Fix pkgname version check for real now (#15862)
Enable V testsuite on GitHub CI (#15796)
Enable V testsuite on GitHub CI
Check version for pkgname correctly (#15860)
dot can be null
Using R2_VERSION_MAJOR/MINOR is wrong because they will be continuously updated and we want to check for exactly 4.2.0
The version check logic itself was wrong
Fix afb test (#15861)
Fix #15833 - Only print pkgname if the plugin is for r2 >= 4.2
Update/improve jmptbl size tests
Use specific commit of V to avoid build issues
A bit more picky fix
Add test for afs without type
Fix #15767 - Temporarily disable colors in drrj
Fix warnings
Update radare2-shell-parser
Use void because we don't do anything with the return value
Coverity fixes
Remove the wrong test
More tests fixes
Resizing works not perfectly yet but close
Fix #15604: Convert all tests from <<KEYWORD to <<EOF
Fix wrong tests (#15834)
Add test for env variables boolification
Introduce SETBPREF to handle "boolish" vars like asm.cmt.off
Do not try to convert to true/false, as it breaks integer vars
See discussion at https://github.com/radareorg/radare2/pull/15681 .
Unfortunately the change cannot be done for non-int vars only, because
right now vars are not statically typed, so a var that is initially
CN_INT can then become CN_STR if you set a string.
Changing vars to assign them a static type when they are created would
require a much bigger change and discussion.
A bit of refactoring in r_config.h
Move all version defines into r_version.h and handle it from meson too
- R2_VERSION_MAJOR
- R2_VERSION_MINOR
- R2_VERSION_PATCH
- R2_VERSION_NUMBER
Mach-O io: mem leak fix proposal. (#15829)
C89 Fixup for r_sign_fcn_types function (#15824)
Fix error: for loop initial declarations are only allowed in C99 mode
Implement new zignature types format
Adapt zignature types deserialization to new format
Integrate fcn types when zignatures match
Use node->i_value in the log.level/log.traplevel callbacks
Basic Blocks are now global instead of owned by a single function.
Fix dbg_bps tests that always succeeded (#15763)
Approved-by: Riccardo Schirone [email protected]
This feature only works with server implementations that have ReverseStep
and ReverseContinue enabled, such as rr. The official gdbserver doesn't support it.
Remove opt->sz checks and operations in r_bin_open_buf
opt->sz is not used anyway in r_bin_open_buf, so there's no need to
check its value or compute it.
Fix last coverities related to cbin
Add test for a8 command
Some more coverity fixes (#15802)
Implement pcV command to print byte array in Vlang
Fix a small bug by removing some useless codes (#15795)
Initial implementation of libname for flags in imports
Initial support for PE and real flag
Read libname for PE exports
implement pj for imports
Remove imp. prefix from symbol names
Fix r_core_bin_impaddr()
Fix some mdmp import stuff
Print libname in ii
Fix some imp. checks and reloc meta
Fix r_bin_filter_sym() for imports
Use realname for noreturn check
Fix asm.flags.real for direct calls
Fix realname for direct calls with fcn
Fix resolving names from ordinal
Co-authored-by: Florian Märkl [email protected]
Add sha256 hash to "it"
Refix #15331 (-nn filename with @) (#15788)
C prototypes fixed
Fix broken AppVeyor due to rejected apostrophes (#15785)
Some coverity fixes
Third fix attepmt for musl builds
Second fix attempt for Alpine/musl builds
Aim to fix the alpine build
The plugin wouldn't properly trace breakpoint hits on different threads
since they weren't switched to and the events weren't always handled.
Also, since the breakpoints are removed after they are found in one of the
threads, it's best to stop all threads for now even if dbg.threads is false.
New threads were only added after being attached to manually or if
dbg->trace_clone was true. dbg->trace_clone stops debug and switches the
new thread now.
Fix a format string vuln in the disassembly with comments (#15783)
Add s390x reg profile
Add missing pc register
Use gregset instead of regset
ww: Support esc seqs (#15780)
Breakpoints were left in disassembly after a signal/break and there
are probably other cases that may lead to it.
Offset for each panel was not correct (#15778)
Add null to pj and use for relocs (#15776)
Add pj_null() and pj_knull()
Print reloc name as null in json if not available
Omit reloc name in json
Improve shell injection check
Fix Coverity fixes (#15779)
Some coverity fixes
Fix #15331 - rabin2 -rk code injection issue (#15678)
Rewrite r_str_unescape() using switch
Do not compile radare2-shell-parser by default (#15769)
Last release (4.1.0) did compile it by default, but the build requires
internet access to download the repositories. For now, since the feature
is anyway very experimental, we disable it at compile time so that
distributions can just compile their packages without internet access.
In the future we may want to use submodules or augment the release
tarball to include the tree-sitter and radare2-shell-parser archives.
Pass 64-bit sdb_fmt parameters as 64-bit (#15758)
Fix double free in r_bp_del_index and other breakpoint index bugs
Lack of cleanup in r_bp_del_all causing use after free in other dbi
commands
Copy paste error turning dbix into dbx
Add dbi- command
Allow dbi commands to operate with index 0
izzzj: Use pj api (#15760)
Some xmm registers were printed as fpu and bnd registers were shown in
all drt categories.
dr will still only show 64bit/32bit registers to avoid printing all
of the flags and d/w/b register variants.
This fixes situations that if a read contained even a byte inside invalid memory, the entire read would fail
Added RCoreBind.syncDebugMaps() and RCoreBind.getDebugMaps() api
Reenable db tests and add new tests to check validity
Add perm check to isMapped and remove map sync to improve performance
Fix two tests
Add RCoreBind.isMapped() api
This reverts commit e503bdd9c212c2da221abe31091c6e9753ce018e.
This way it is possible to set breakpoints before starting debug through
'db' and the user will be notified when a breakpoint points to an
invalid map.
Instead of unsetting breakpoints they were set again without removing
the previous drx values, which also caused the "Invalid DRX length (0)
must be 1, 2, 4, 8 bytes" error because of the wrong len values.
Also, when resetting twice, del failed since there weren't any hw
registers to delete, which caused the "hw breakpoints not yet
Shows the module, offset and function name instead of showing the executable's
path for all threads
Upgrade node-r2r 0.2.8 (#15751)
Fix windows dp showing the parent's path for all processes (#15741)
Fix #15734 - Automatically download PDB file if pdb.autoload=1 (#15738)
Automatically download PDB file if pdb.autoload=1
Don't re-download pdb if it already exists on the symstore
Only download if file doesn't exist
Fix wrong filtering of equals sign on PDB enum define (#15745)
Fix all PDB tests
Update node-r2r 0.2.7 to solve the json lost promise issues
Hide warning message
Fix warnings
Add a fortune (#15736)
Fix Vdv start_off calculation (#15735)
Fix #15691 harder (#15733)
Fix #15691 - avoid reading invalid memory
izz: Fix printing of string with backslash if str.escbslash=false (#15731)
More improvements for the cmd tests using r2r.v (#15728)
Fix #15717 - Update scroll panel when stepping with F7
Fix infinite loop in panels - vttq (#15729)
Check for error when analyzing instructions in vmenus
Fix #15719: Reduce false negatives in 'U' strfilter
Added path escape and unescape
Unescape paths only if r_str_argv was successful
Use r_str_replace instead of r_str_arg_(un/)escape to avoid breaking escaped filenames
Fix debug and 'o' not being able to open paths with spaces #debug
After starting debug the register deltas weren't mapped to the same
registers in remote and native debug. This made wrong registers appear
as vars and in remote gdb none showed up since the remote's list is much
shorter than r2 reg lists.
Kill some more tests using <<RUN
Improve r2r.v quite a lot up to 0.2
Delete stale temporal files in the unit test
Use executable path instead of dbpath and more cleanup
Move manpage and move old bins into the attic
This api honors ansi escape characters
Delete the use and definition of "eprint" (#15716)
After release version bump
Add sys/r2env.sh: Set up env for r2 in non-standard loc (#15696)
Fix invalid JSON in rabin2 -j (#15709)
Fix Field Seek in Visual Menus (#15710)
Fix some warnings (#15705)
Fix some warnings
Remove unnecessary duplication
Co-authored-by: Anton Kochkov [email protected]
Few warning build fixes proposal.
attach_new_process was called instead of regular attach because the
saved pid and tid in core->dbg weren't reset before calling r_debug_select
in a new session. Made sure this won't be a problem when using dp= after
dp- either.
Calculate the diff ourselves since bp->delta is calculated with the
dbg->bp->baddr at the time of breakpoint creation, which may not
reflect the correct baddr and break the rebase.
Previously, disabled breakpoints were restored and then hit during
execution. The debug logic ignored them and continued but that's
an unnecessary slow down. To achieve this type of behavior the user
should use tracepoints.
Minor syntax issues in panels
Use v fmt to indent the new testsuite
Change Semantics of r_rbtree_upper_bound() and simplify Iter Fcns (#15698)
Remove RAnalBlock members only used in Java (#15679)
Remove RAnalBlock members only used in Java
Remove R_ANAL_BB_TYPE_(HEAD|BODY|LAST|FOOT)
Fix a Test
Fix afb+ help
Try to test with PowerPC and SystemZ (#15452)
When setting non-bool config var, set false/true if r_str_is_false()/_is_true() (#15681)
When setting non-bool config var, set false/true if r_str_is_false()/_is_true()
Fix for cmd_open tests
Fix for cmd_print test
Separate pure BSD calls into its separate compilation unit.
Fix #15682 - Fix getting noreturn info from invalid addr (#15693)
fix some crashes of the widget (#15694)
fix some crashes of the widget
JK moves the cursor by a page and g moves the cursor up to the first line, plus a few improvements (#15690)

4.1.1

4 years ago

4.1.0

4 years ago

Release Notes

Version: 4.1.0 From: 4.0.0 To: 4.1.0 Commits: 252 Contributors: 40

Authors

Alex Kornitzer [email protected]
Anton Kochkov [email protected]
Anton Kochkov [email protected]
Armin Weihbold [email protected]
David CARLIER [email protected]
Eli [email protected]
F3real [email protected]
Florian Märkl [email protected]
Francesco Tamagni [email protected]
Giovanni [email protected]
GustavoLCR [email protected]
Henry Eklind [email protected]
Jared [email protected]
Johannes [email protected]
Kamil Lorenc [email protected]
Khairul Azhar Kasmiran [email protected]
Khairul Kasmiran [email protected]
Kārlis Seņko [email protected]
MNayer [email protected]
MartinJM [email protected]
Paul I [email protected]
Qian [email protected]
Riccardo Schirone [email protected]
Sergi Àlvarez i Capilla [email protected]
SjRNMzU [email protected]
Sylvain Pelissier [email protected]
TheGoddessInari [email protected]
Vane11ope [email protected]
condret [email protected]
dav1901 [email protected]
dok [email protected]
erfur [email protected]
fcasal [email protected]
ilian [email protected]
karliss [email protected]
pancake [email protected]
xarkes [email protected]
yossizap [email protected]
yossizap [email protected]
Óscar Carrasco [email protected]

Changes

anal

Improve SP based variable analysis
Some more helpful messages for anal.verbose
Fix first r_anal_op call after asm.bits change
Improve SP based var analysis
Fix ms cc wrong argument analysis
Fix r_type_del() for typedefs (Fix #15337)
Add base64: for afn
Move the fcn preludes into RAnal and add anal.jmp.tailcall (-1,0,N)
Fix typo in ios-syscalls.txt (#15436)
Initial implementation of afvf - show bp-relative stackvars
Insert arguments into types SDB on function analysis

arch

Add support for or1k (OpenRISC) disasm+analysis (#15515)

asm

Fix ignored asm.bits settings because of RBin overrides
Fix for #15459 - Also set the first operant to the right value on a mov from pointer with offset
Add ARM strd support (#15388)

bin

Add 64-bit iOS SEP xtr plugin
Add PIE flag check in kernelcache detection
bin.str.enc: Accept UTF hyphen aliases (#15492)
Support UTF32-BE decoding (#15472)
Recognize Unicode BOMs (#15469)
Use pj in the izj and izzj commands
Fix #15445 - Add support for Mach-O external relocs
Add support for C64 PRG fileformat
pd: Don't abort string printing on initial null if bin.str.enc != guess (#15446)
Fix #14279 - Ignore entrypoint on non-executable ELFs
Analyse HIOS and LOOS symbol types by default. (#15411)

build

Fix #15485 - Improve argument parsing in sys/{install,build} (#15486)
FIx 32bit windows
Rename "asan" to "sanitize" (#15412)
Fix build for 32bit Linux systems
Fix build of the onefied shared lib

command

Very simple tree sitter integration (#15414)

config

Pass R2_CONFIG file to ! commands and serialize methods

cons

Fix #14197 - Don't highlight control chars on hud filter (#15552)
Include last line when greping using foo~n.. (#15524)

core

Fix some Race Conditions with the thready task scheduler (#15667)
Make Task Scheduling Explicit (#15511)
asm.cmt.off: Accept 0 & 1 as aliases for false & true respectively (#15500)
Use sigaction instead of signal
CPU affinity API introduction
Honor cfg.editor in 'vi' instead of always using 'vi'
Implement $foo:=,+=,-= and $foo to alias some flags commands
Support 'f foo+=4' and 'f foo-=4' syntax for flags

debug

Improve debug rebasing and fix partial windows rebase
Refactor debug native's wait function
Fix native debug not working with files that were opened as RW
- Add ppid to win32 debug and 'dp''s display/json
- Add process selection to w32 debug
Fixed a crash caused by reopening gdb
Fixed not killing child processes and added detach
Fixed gdbr warnings and a dpt crash after debug was over
Added an event to signal the end of the debug session
Fix 'oo' rebasing when leaving debug and add 'doc' to exit
Silence drr warning on UT64_MAX registers
Fixed an issue with detached child breakpoint inheretence
Added oodf\doof to enable rebasing for remote debug
Rebase Breakpoints for PIEs
Added dp processes info support to gdbr
Add breaking to ood in linux to avoid execvp freezing
Allow debug plugins to modify pid/tid on select
Fix linux_set_options error
Add process selection to linux native debug
Setting parent pid on pid list on BSD
Show all processes for pid 0 using dp
Improve linux native debug dp output
Fix getting DRX breakpoint size
Fixed overflow that broke remote debugger reopening
Impl. list modules for WinDbg
Fix WinDbg IO in page boundaries
Fixed windbg concurrency and added missing locks
Fixed windbg pipe timeout behavior on linux
Added rebuild rules for windbg
Fixed windbg continue on windows 7 64bit
Allow breaking for WinDbg
Update hardcoded gdbr registers for 16/32bit x86 (#15488)
Added parsing support to all gdb registers
Fix gdbr's reg_write and reg_next_diff for reverse stepping
Reduced gdbr's tcp connect timeout and added a break
Fix gdbr not closing sockets after connect failed
Add break to gdbr's read_packet and move isbreaked to libgdbr
Fix gdbr_write_registers and refactor gdbr_write_reg
Replaced lock_check with tryenter in gdbr_read_registers
Add breaking to gdbr connect to avoid waiting on invalid connections (#15442)
Add experimental ymm regs support for linux-x64 and extend drm command
Add Windows 8 and 8.1 WinDbg profiles
Fix attaching to a pid on Windows (#15406)
Fixed w32dbg breaking issues (#15386)
Add support for printing xmm* as packed floats and doubles (#15378)

disasm

Fix hidden hint.lea for hint.pos==0
Improve switch-statements in disassembly
Add refs, xrefs and esil columns to pdt
Add asm.cmt.esil to show ESIL as comment

doc

Improve macOS installation documentation (#15438)
Fix links to Doxygen documentation (#15377)

gdbclient

gdbclient reduces risk of use after free down the road

Uses the setitimer api instead for the alarm in self://
Automatically set the debug plugin when opening debug uris (#15403)

json

Add current process field to dpj

network

Fix r_socket_connect not using the given timeout in unix

print

Fix #14661 - Support parsing binary protobuf data (#15423)
Add utf-8 support in r_print_rangebar (#15389)

r_debug

Refactor signal handling for FreeBSD

search

Introduce the r_magic_load_buffer() api and boolify a bit
Update RSA key search to find larger keys (#15494)
Search for AES 128, 192 and 256-bit keys (#15426)

signatures

Add auto zignspace generation for the zg command (#15402)

test

Implement asm, fuzz and json test runner in r2r.v

util

Add RIntervalTree data structure
Added r_th_lock_tryenter API (#15454)
Use HtPP for RStrConstPool (#15424)

visual

Improve the interaction with decompilers in panels
Reduce the blocksize on some hexvisual modes

windows

Add command to identify window under cursor
Fix #15456 - Fix reopening in write mode
Fix hang when running dc in a task

To Review

Release 4.1.0 - Codename 'antull'
Fix lock ordering of RCoreTaskScheduler.lock vs. RCoreTask.dispatch_lock
Remove RThreadLock.refs
Fix a race in tasks
Make SP based variable analysis aware of changes to SP
Use delta inside stack to identify the variable used instead of offset to SP
Keep track of offsets to SP used to access the variable
Fix argument printing order for reg args
Add test
Revert pe coverity fixes to fix ihj
The format is reused for printing and internal type representation,
breaking the JSON by making the value field in ihj empty since "llx"
isn't a valid type
Fix ESIL UB
Mark fixed tests as such
Fix some FX Tests
Separate windows, linux and *bsd/apple since they have vastly different
logic and the ifdef jungle implementation was too confusing
sys/meson.py: Use == 'vs2017' instead
The FD was kept open and ptrace was prevented from opening it with the
error "Could not execvp: Text file busy". Fixes issue #15650.
Solving r_debug_handle_signals build warning issue.
Fix #15653: Silence MSVC XP deprecation warning
Use eprintf instead
Fix typo
Make it possible to use sysmagic again (#15658)
Compile tree-sitter with std=c99 flag (#15654)
SystemZ analysis logic error
Fix some MSVC warnings
Add ppid to dp and fix dp= for windows (#15649)
Previously, dp= wouldn't fully switch to the given process since it
was treated like dpt thread switching, leaving the debugger in
an undefined state.
Function r_anal_cc_arg should just return NULL when nothing is available (#15646)
Function r_anal_cc_arg should just return NULL when nothing is available
Callers should be able to handle NULLs
Fix memory leaks in unit tests
Some coverity fixes (#15643)
The plugin would try to work with an old version of desc that was already
freed by r_io_close_all after closing the session. I set debug_gdb's
global 'desc' to NULL in detach as a temporary solution. We should convert
to **desc to keep an updated copy of the pointer.
Fix warnings in or1k_disas.c
Fix #15545 - Fix NULL derefs after r_file_slurp() fails
Fix format string in windows_message.c
Replace some strstr() calls with strchr()
Fix Alignment Check in aae on bit change
RDebugPid not being initialized with NULL resulted in a free on an invalid
pointer after gdbr_threads_list failed.
Fix memleak in r_anal_free() (#15631)
Fix heap-buffer-overflow bug in get_src_regname() (#15630)
r2r.v: Fix test skipping (#15629)
r2r.v: Move threads into r2r (#15628)
Some Coverity defect fixes (#15626)
Not all of the data was rebased after reopening the original file and
there was warning message from set_baddr which isn't needed here.
Switched to __rebase_everything instead of the old methods that were used.
r2r.v: Support running of just 1 cmd testfile (#15616)
r2r.v: Fix invocation of json tests (#15624)
Fix AppVeyor (#15623)
Refix magic's bgets()
Fix another infite loop in RMagic.loadBuffer()
Fix bread in RMagic.loadBuffer()
Loading json tests is not the same as running them (#15618)
In this way 64-bit SEP kernels aren’t wrongly detected as XNU kernel caches.
Rename or1k insns global (#15613)
As in certain build configurations it conflicts with the Capstone’s symbol of the same name, raising errors in the linking phase.
The warning:
WARNING: r_core_anal_hasrefs_to_depth: assertion 'core && value != UT64_MAX'
failed (line 2062)
This way registers like 'orax' will simply have an empty reference like before,
just without an annoying warning when there really is nothing to telescope.
{"reg":"orax","value":"0xffffffffffffffff","ref":""}
Use ONE_STREAM=1 instead and assume it sets scr.onestream
Name variables based on their offset from the start of the stack frame
Fix tests
Fully implement the asm test runner in r2r.v
- Must use the native api to speedup
- TODO: Multiple cores to run in parallel
Fix N and V results in 6502 BIT ESIL (#15562)
r2r.v - better portability
Fix some more asm tests and use the same warning style for r2r.v
Fix crash on oom when command line is too long. Aim to fix #15543
Initial implementation of the asm/dis tests support in the V suite
Remove broken Threading Code from main for #12996 (#15554)
Previously, forked children would instantly die if the fork was stepped
over using a breakpoint which is accessible to the child process.
Removed deprecation messages (#15557)
Moved the information in the help messages
Add RRangeTree
Inclusive/Exclusive
Add r_interval_tree_delete and r_interval_tree_resize
Fix r_interval_tree_all_at()
Fix a bug of the tab (#15559)
Imports Tests from radare2-regressions (#15546)
Fix some warnings (#15549)
Fix signed integer overflow in r_asm_massemble (#15551)
Fix an int Overflow in r_asm_massemble() for #15543
Fix length type in r_str_trim_tail()
Aim to fix another integer overflow in r_file_slurp
Fix integer overflow when assembling a 2GB file
Blindfix for #15543 - aka CVE-2019-19590
Most servers/clients should have xml support by now so it should behave
like dp in any other debugger. vFile is the only way to get detailed pid info unfortunately.
Execvp may hang until a signal is received on some systems(reproduced in
arch linux) in case the file can't be executed for some reason(broken
symlink, different arch, etc).
Previously, when using dp=, the debug plugin would set a new tid based
on the requested pid, but r_debug_select would set the old tid as dbg->tid,
resulting in issues interacting with the current thread. This could also
be an issue when the requested pid/tid is invalid and the plugin selects
something else.
Previously, setting options would fail sometimes since PT_ATTACH's attach
SIGSTOP wasn't hit before reaching linux_set_options.
Previously, dp= wouldn't fully switch to the given process since it was
treated like dpt thread switching, leaving the debugger in an undefined state.
Add user Pointer to RBNodeFree (#15540)
Fix sj current position marker after buffer wrapping. (#15538)
Coverity Scan GitHub Action (#15539)
ONE_STREAM_HACK & scr.onestream: Force expected ONE_STREAM order if necessary (#15535)
Fix spp warning (#15530)
Try showing offset when there are no redo items.
Fix handling of many seek history items and other edge cases.
Previously, the command didn't show the pid's path, replaced the path
field with current/ppid, and showed the ppid instead of only showing the
requested process and the children of the requested process.
Fix some warnings on Windows (#15532)
opt->sz is initialized with r_buf_size at r_bin_open_io using an io
buffer if r_bin_open_io can't open a file buffer. Since the debuggers
returned unsigned values to opt->sz which is signed, opt->sz would
overflow and contain a negative value, causing r_bin_open_buf to fail.
Went ahead and modified CUR_END values for all debuggers even though this
should only affect remote debuggers. ST64_MAX should be enough.
Python and VS updates for Windows/clang (#15526)
Python and VS updates for Windows/clang
Fix labeler environment
windbg module build warning fix (#15514)
Switch labeler to periodic-labeler (#15517)
With https://github.com/actions/labeler/issues/12
being an issue, the action's labeler is useless for PRs that come from a fork.
This one runs on a cron timer instead and doesn't suffer from the same issue.
fixed bin.libs loads and dex use after free (#15522)
Fix a Double Free for Dex (Fix #15519) (#15521)
Add Comments to RCore and kill some unused Members (#15513)
Fix #15498 - Fix stdcall stack calling convention (#15508)
Remove unnecessary RConfig Members (#15509)
Fix a Double Free in tms320/c55x+ (#15505)
Before we didn't check if a virtual address read/write would go through a page boundary. This fixes it.
Also do some formatting and re-enable some useful error messages
Fix XP build
Partially decouple Tasks from RCore
Add pull request labeler (#15503)
Previously, windbg_break would freeze waiting on a lock instead of breaking,
taks other than wait weren't breakable and read regs would freeze the
process while waiting for a mutex.
Previously, linux would timeout when trying to connect and would timeout
too frequently since milliseconds were treated as microseconds.
ContinueApi2 only worked on XP 32bit while ContinueApi works on both.
Previously, continue would do a single step.
Fix OOB read in windbg_reg_read
Add locks to prevent collision
Enable timeouts on the pipe backend
Fix #15495 - show current seek history position in sj
bin.str.enc: Accept uppercase aliases (#15496)
bin.str.enc: Check for NULL (#15493)
Fix anal.timeout calculation in r_cons_break_timeout (#15490)
Remove broken Task Pausing and unnecessary RCore.lock (#15489)
Fix null deref when using waf on non-valid file
Inital GitHub Actions (#15467)
Inital GitHub Actions
Disable Windows for now
Disable tests for now
Add missing BT instruction optype for x86
There are still platforms that don't support the target xml format.
Added parsing of gdbr arm/arm64 register features and added a default to >64bit registers
Since r2 doesn't support set/get to large/vector registers (it will still work
when printing gdb's registers with dr/drt or restoring the registers
with reverse stepping), there's a possible issue that the user will get
lots of prints of "r_reg_[get/set]_value: Bit size 128 not supported"
when running various debug commands that use those functions. This fix
simply moves those registers away from gpr to avoid those prints while
still being able to view/restore the registers.
Minor Refactoring and Comments for RBTree
Fix the flags.prefix with flags.inline glitch
The previous implementation was limited to 64bit registers and didn't
parse the 'feature' field.
Writing registers with gdbr worked with single registers because
reg_next_diff started at delta 0 and only had to run the diff once for
the single register that was changed. When running reverse
stepping/continue, multiple registers are changed at once so
r_reg_next_diff would fail every time due to incorrect offset calculation.
The new r_reg_next_diff also support different register sizes to restore
all registers correctly.
The endianity swapping part from reg_write isn't needed since the arena
is the return value of 'g' which is already in the correct target byte
order (see: https://sourceware.org/gdb/onlinedocs/gdb/Packets.html#read-registers-packet)
Fix #15451 - Update Windows compilation documentation
Connect isn't effected by r_socket_block_time since it can only change the
timeout of read(and not implemented, write) actions with setsockopt.
Also, connect may wait for an unspecified amount of time so we have to use
select.
The socket object was free'd without closing the fd. In the following
gdbr_connect attempts, tcp's connect would freeze on a valid socket since
connection based protocol sockets may successfully connect only once,
any connections beyond that are undefined behavior.
Remove printf debug leftover
Some fixew for the graphviz code (#15470)
Add TODO comment for overlong strings
No more hacky base64
iz != izz, before izz was iz+izz
Fix x86 lahf instruction
Fix autocomplete
Don't contribute with patches
Emit sp-based var offset as a number
The output of afvsj shows offsets of sp-based variables as strings.
This fix changes the offset to be shown as a number, just like sp-based arguments and bp-based variables.
Since read_packet has a large number of retries you would wait for it
for a couple of seconds after breaking in functions like connect and
vcont
Previously, write_registers sent a partial string instead of the
correct register format which specifies that each byte should be
represented by two hex digits.
This change allows reading registers when calling read_registers in
a thread that holds the recursive mutex.
r_th_lock_check only returns the refcount which isn't enough to know if
the current thread is holding the mutex when a recursive mutex is enabled.
Support UTF16-BE decoding (#15450)
Support UTF16-BE decoding
Add spaces
Fix few warnings for the gdb client
Fix crash
Cleanup tab-completion initialization code
R2 will hang while waiting for any resolvable port to respond, this takes
a long while since connect is attempted twice in r_core_file_open.
Update capstone v4/next from Git
Added break to gdbserver vCont and refactored the code to use locks (#15433)
The previous gdbr implementation didn't allow interrupting background
tasks with &b since send_vcon wasn't properly configured with the cons
api. In addition to that, gdbserver doesn't support processing multiple
commands at the same time, resulting in undefined behavior once cons
were set up for vcont.
This commit adds the relevant cons api and solves the concurrency issues
by adding locks on all socket related logic.
Fix r_sys_sigaction not setting up the requested signals (#15440)
The for loop's iterator was initialized with the first member of sig[]
instead of 0. Added an error to avoid this issue going unnoticed.
r_list_free() -> r_list_free ()
r_list_new() -> r_list_new ()
__exit was listed twice with same number (1), and fork was missing.
Fix broken pkg uninstall command on macOS (#15437)
Provide a proper package ID to get rid of the following error:
No receipt for 'radare2.pkg' found at '/'.
Prepend a / for each returned path by the pkgutil command, to make
it an absolute path instead of a relative one.
Avoid invoking the sudo command for each file, which speeds up the
command significantly.
Avoid ambiguous signing certificates on macOS.
If a user manually installed a new code signing certificate into the
login keychain as documented, the install script will fail to sign r2
because the sys/macos-cert.sh script generates a new certificate in
the System keychain. This results in the following error when signing:
org.radare.radare2: ambiguous (matches "org.radare.radare2" in /Users/user/Library/Keychains/login.keychain-db and "org.radare.radare2" in /Library/Keychains/System.keychain)
To be constistent with sys/macos-cert.sh, change manual certificate
generation steps to install to System keychain instead of login
keychain.
Mention that code signing certificate generation is automated by the
install script before listing the manual steps to generate a new
code signing certificate.
r_list_newf(..) -> r_list_newf (..)
Use free() instead of R_FREE() in r_list_delete()
Same reason as #15430.
Use PJ in oj (#15434)
This fixes escaping issues
Fix Leak of Flag Zones (#15432)
Use free() instead of R_FREE() in r_list_free() (#15430)
Refactor r_flag_color() to r_flag_item_set_color() (#15429)
Add r_spaces_purge() (#15428)
Fix comment about RFlag.ht_name (#15427)
Faster interactions -- can be improved still
Add missing entry for meson
Fix r_strbuf dependency on r_cons
This allows the 'zg' command to auto generate zignspaces from function
names by utilising the ':' convention used in zignatures. Now when 'zg' is
run if any funtion names are in the format ZIGNSPACE:FUNCTION, the
zignspace will be extracted, created and the function applied under its
scope.
Fix build (#15422)
Fix #15419 - Fix bytes field in aoj
Hold this analop warning under anal.verbose
tree-sitter-integration: support tmp-seek, arged, and interpret commands
Make meson automatically download tree-sitter and radare2-shell-parser grammar
Add tree-sitter/radare2-shell-parser directories in gitignore
Add Support for tree-sitter in acr/makefile
Just use one script to download 3rd party repositories in shlr
Use cfg.newshell
Fixes for Windows debugging (#15418)
Fix error when continuing after attaching to process
Get threads correct EIP
Fix some memory corruptions and small refactor
Remove core->oobi because not used (#15413)
Fix leaddrs leak (#15417)
$foo:=123 f foo = 123
$foo+=4 f foo @ foo + 4
$foo s foo
Strip bins and libs for the Debian package
sys/meson.py: --asan accepts sanitizer list (#15405)
Fix #15407 - Fix using unexpected ACP for input on Windows (#15408)
Fill op->mnemonic in anal-gb
Use RPUSH in anal-gb
Clarifying yara-to-r2 integration documentation. (#15404)
Sync default sanitizer list of sys/asan.sh and sys/meson.py (#15397)
Sync default sanitizer list of sys/asan.sh and sys/meson.py
Keep signed-integer-overflow
Hardening esil-dfg
Modified debug_native to handle break's thread switching behavior
The user was interrupted during continue and switched to a different
thread since DebugBreakProcess creates a thread that triggers a breakpoint.
With these changes the DebugBreak thread is recorded to skip the breakpoint
event afterwards.
Modified r_debug_native_wait to avoid switching between threads for each event
The debugger should return to the requested thread after handling events
in other threads except for breakpoints.
Refactor drm to be ready for the YMM registers (#15394)
Fix Appveyor hang. (#15396)
fix linux x86 build (#15395)
Fix assert
Fix build
After release version bump
Add some asserts in rreg
Fixed w32dbg breaking issues and moved break_push to w32_dbg_wait to support stepping as well
Previously, breaking would only work during 'dc' because it was pushed
in debug.c specifically for continue. This change moves the
responsibility of pushing/popping w32_break_process_wrapper to
windows_debug.c instead to support calls to w32_dbg_wait from anywhere.
sys/meson.py: Use -fsanitize=... instead of -lasan when linking (#15390)
Use pj api in drrj (#15391)
This also solves an issue with drrj in windows since the code relied
on iter->p to know if a comma should be prepended, but windows always
has it initialized so it was always prepended - invalidating the JSON.
Make the generated r2.bat use bat path_relative syntax instead of hardcoding. (#15383)
Fix double-free in canvas.c (#15379)
stack.nl is no longer active

4.0.0

4 years ago

Release Notes

Version: 4.0.0 From: 3.9.0 To: 4.0.0 Commits: 299 Contributors: 48

Changes

anal

Bring back the MASK_DISASM because not all nanal plugins support it yet ##anal
Select default var type based on its size (#15352)
Fix #15325 - Improve af- like its done in Vdu
Deprecate anal.jmp.eob /refs #13482
Fix #15117 - honor asm.var.sub in ao/aoj
Fix #15315 - Honor RAnalOp.disp in aar and ao
Update 8051 plugin (#15321)
Avoid reloading of cc sdb - huge speedup (#15306)
Implement ESIL for arm64 UBFX
Make RAnalFunction.cc come from RAnal String Pool
Deprecate the use of anal plugins that doesnt handle mask.disasm
Add jumptable support for main() in bins/elf/analysis/ls-alxchk (#15266)
Add jumptable support for main() in bins/elf/ls.odd (#15233)
add afoj and afdj (#15254)
Fix #15235 - push [mem] not handled in /r
Add initial reg profile for sysz arch
Don't propagate noret to fcn if fcn jmps outside itself (#15190)
Fix #15004: Make meta.min rbtree more robust (#15141)
Fix memleak in r_core_anal_propagate_noreturn()
Minor speedup/cleanup/refactor of the RAnal
Implement ESIL control-flow-graph and further dfg analysis
Add anal.delay to disable delay slot analysis for testing
Fix pc-rel movs in sh's esil
Delay execution debug messages are now available via anal.verbose
Fix #15073: Disambiguate using fcn addr also in meta.min rbtree (#15077)

api

Add r_strbuf_copy API (#15186)

asm

Fix post-indexed memory access for str instructions on ARM (#15298)
Fix #15302 [rasm2/armass] Correctly propagate errors from thumb_assemble (#15303)
Add additional [indirect] access syntax for 8051 (#15272)
Fix #10651 sub sp, sp, 0x1000 not correctly assembled for ARM (#15187)
Fix #15198 (#15199) arm64 assembler const value
Add 8051 assembler plugin (#15189)
Z80's LD opcodes assembly (#15185)
Fix parsing of floating point instructions in x86_64 assembler (#15174)
Fix x86 assembler output for some memory loads (#15068)

bin

On AArch64 there is a new special symbol $x (#15362)
Fix #15152 - Support old Java attribute format (#15317)
Simplify r_bin_open_io function (#15307)
Support > 4GB ELF files
Add support for RTable.query in i
Fix #15132: Integrate table to iS,ia,ir,iz,is (RBin info) based commands (#15159)
Implement support for the RISCV PLT ELF relocs
Fixes for MSVC demangling (#15210)
Format the .rela. sections in ELF
Add NES ROM mirroring map

build

sys/asan.sh: Use -fsanitize=... instead of -lasan when linking (#15375)
Link sdb fully into r_util in meson (#15338)
Fix #15296 - *BSD builds (#15309)
Fix macOS build with latest XCode
Add MSVC 2019 for AppVeyor
- Try MSVC 2019 for AppVeyor
Set rpath if non-Windows Meson shared
Debian package fixes (#15081)

cons

Fix function key handling in visual/panels
For utf-8 locale, check LC_ALL, LC_CTYPE and LANG in sequence instead (#15326)
Also use LANG env var to check for UTF-8 output support (#15257)
Move UTF-8 setting logic to scr.utf8 config callback on Windows (#15273)
Implement 'str' operation in RTable queries

core

Fix #14247 - fn.j/fnj. show all flags in current offset, not just one
Few compiler watning fixes here and there
Fix #15114 - Implement r_sys_info() and uname
Add kitty clippy replacement :3 (#15232)
Add possibility to specify time zone with rax2 -t (#15180)
Implement cj command using the PJ api (#15168)
Add support for the V programming language
Fix #15134 - Support octal numbers like 0o666
Implement function-based plugin loading method
Add omt and help message for RTableQuery + add format column api
Move Lib already loaded check before dlopen Call (#15075)
Replace r_str_const* with RStrConstPool (#15300)
Kill r_sys_get_osinfo () (#15346) ##core

debug

Use RTable for Windows heap info output (#15368)
Add support for setting xmm registers on linux (#15365)
Fixed continue not being associated with the current thread in unix
Added a way to break while in dbg_wait (continue, step etc)
Fixed dpk
Fixed opcodes not being associated with the current thread in gdbr (#15358)
Fix drm[bwdq] command, add xmm0h/l and xmm8-15 registers (#15354)
Fix the way linux debugging options are set (#15323)
r_reg_get_pack/r_reg_set_pack are not able to deal with 128 packbits
Added support to thread switching in linux and fix r_debug_select
Fixed ptrace 'Operation not permitted' errors (#15287)
Fix debugger build for native GNU/Linux on RISC-V
Fix incomplete drr/drrj formatting when r_core_anal_hasrefs fails (#15277)
Added "dptj" and "dptj " (#15259)
Enhance drm command, add drm xmm0 functionality (#15214)
Fix drf output formatting
Implementing debug info per pid on NetBSD
Using unused map debug field on macOS
Rebase fcn/bbs, flags , comments, meta, refs when ood
Fix issues in windows thread switching (#15366) ##debug

diff

Implement radiff2 -X for hexII diffing
Fix #14845: Support radare2_rc in radiff2 for graphs (#15078)

disasm

Better pdi output when Cd is involved
Implement 'pdt' - print disasm in table, supports queries
Make asm.fcnsig more compact
Do not resolve the strings pointed by ADRP on arm64
Improve (change) sh4 disasm (lowercase regs...)

emu

anal_x86_cs fix esil expr for neg instruction (#15252)
Fix #15246 - Honor the 'u' suffix in PPC instructions in ESIL

esil

Fix #15297 - Update ESIL help message
Improve registers handling in ESIL dfg
Simplify ESIL code for ARM str instructions
Add a parameter to $s and $o (#15171)

Setting the upper address limit for OpenBSD
Improve omt and implement RTable.filterSum

io_self

Setting the upper address limit for OpenBSD

json

Show flagname and realname in json format for fnj and such
Add current thread field to dptj (#15268)

lang

Rewrite hashbang command parser, use argc & argv in hashbang (#15188)

panel

Fix #14857 - Handle 'O' key to rotate asm.pseudo/asm.esil
Another const pointer to be free fix
Handle / highlight in panels for zoom and window modes
Fix const address freeing
fix #15060 - Add xrefs and xrefs here in visual
Fix #14559 - Honor scr.fps

panels

Fix #14857 - Handle 'O' key to rotate asm.pseudo/asm.esil
Handle / highlight in panels for zoom and window modes
Fix const address freeing
fix #15060 - Add xrefs and xrefs here in visual
Fix #14559 - Honor scr.fps

print

Fix #15216 - Implement pcy command to print hexpairs in Yara format

r2pie

Implement r2pipe_open_dl() to use dlopen/dlsym

rasm2

Freeing main assembly object

script

Fix vlang plugin to run scripts and add example

search

Fix #8575 - Support stdin slurping in rafind2 -
Add support for hex escaped litterals in regular expressions (#15291)
Fix RCALL and RJMP in aop and /at
Refactor Search to use less Global State (#15076)

table

Add :json,:quiet,strlen,minlen,maxlen,sortlen in table queries
Integrate table API for p-h (#15083)

util

Fix rop inline assembly form

visual

Run .dr* in visual prompt in cfg.debug is set
Fix for VV going to V (issue 15181) (#15195)
Fix #14919: truncate long function names in Vv (#14996)

wasm

Further wasm memory leak fixes
Memory leak fixes in error code paths

windows

Print child output in pipe lang plugin

zign

Integrate types field in zignature operations (#15082)

Thanks to all the contributors

Anton Kochkov [email protected]
Armin Weihbold [email protected]
Brandon Lin [email protected]
Cyrill Leutwiler [email protected]
David CARLIER [email protected]
Dennis Goodlett [email protected]
Florian Märkl [email protected]
Francesco Tamagni [email protected]
Fritz Reese [email protected]
Giovanni [email protected]
Gordon M [email protected]
GustavoLCR [email protected]
Joseph Griego [email protected]
Khairul Kasmiran [email protected]
Maijin [email protected]
Paul I [email protected]
Paweł Łukasik [email protected]
Qian [email protected]
Quim [email protected]
Remco Verhoef [email protected]
Riccardo Schirone [email protected]
Roman Valls Guimera [email protected]
Samuel Hopstock [email protected]
Sanyam Agrawal [email protected]
Stefan [email protected]
Stefan Ilic [email protected]
Thomas Bailleux [email protected]
blenk92 [email protected]
condret [email protected]
dav1901 [email protected]
dodococo [email protected]
dok [email protected]
fcasal [email protected]
hmht [email protected]
layderv [email protected]
lzutao [email protected]
neuracr [email protected]
pancake [email protected]
the-remmer [email protected]
xarkes [email protected]
yossizap [email protected]
Óscar Carrasco [email protected]

3.9.0

4 years ago

In r2land we are happy to celebrate that the artichoke seasson is back with a new release \o/

Binaries: http://radare.mikelloc.com/release/3.9.0

Release Notes

Version: 3.9.0 PreviousVersion: 3.8.0 Commits: 102 Contributors: 31 TimeSinceLastRelease: 2 weeks

Authors

Кirils Sоlovjоvs [email protected]
Anisse Astier [email protected]
Anton Kochkov [email protected]
Chris Moore [email protected]
David CARLIER [email protected]
Eduardo Novella [email protected]
Florian Märkl [email protected]
GustavoLCR [email protected]
Igroeg Okiob [email protected]
Khairul Azhar Kasmiran [email protected]
Khairul Kasmiran [email protected]
Kārlis Seņko [email protected]
Lev Aronsky [email protected]
Lowly Worm [email protected]
Maijin [email protected]
Maxime Meignan [email protected]
Meador Inge [email protected]
Paul I [email protected]
Reviakin Evgeny [email protected]
Roman Valls Guimera [email protected]
Sergey Alirzaev [email protected]
Vane11ope [email protected]
Yanick Fratantonio [email protected]
dodococo [email protected]
jvoisin [email protected]
karliss [email protected]
kmartin36 [email protected]
lkempf [email protected]
pancake [email protected]
v45k0 [email protected]
Óscar Carrasco [email protected]

Changes

anal

Implement anal.norevisit using SetU instead of Sdb
Fix #15013 - jump/cjmp analop for m680x
Fix the infinite aac issue, reduce false positives, speedup a bit (#15015)
Fix mov.l/jsr ESIL for SuperH4 (#15039)
Fix nopskip (its not fixed at all. just random typing here and there) (#15024)
Add anal.nonull to avoid analyzing functions if starting by zeros
Fixed i4004 arch to be according to spec (#15062)
Fix zero register set issue (r2wars)
Implement types field for zignatures

cons

Fix #14611: Vi-mode indication by prompt color
Add a way to print an aliased without a trailing new line (#15031)
Fix clicking on frame borders to resize
Remove code for no-anal asm.bb.line (#14977)

core

Make -m do an implicit -s
Fix #14990 - multiple quoted command parsing issue
Fix multiple quote cmd issue
Fix #14019 - Move ta to aht, move other commands around, refactor indentation
Fix #10851 - Solve slurp messages on http/sandbox/pipe
Don't run ldconfig when installing into /usr (#15049)

debug

Fix gdb reg write byte order (#15009)
Improving slighty the process status check on Darwin
On Darwin, expose process path
ASLR check setting fix on FreeBSD

emu

Hackaround to get esil stepping on delayed execution
Fix arm32 stmia post-increment (#14983) (r2wars)

Support shm_open in shm:// and some code cleanup
Fixing perms for Darwin
Fix #15002 - Propagate write error issues into RCore.patch
Print error msg if write fails (#14978)
Fixing self:// perms issue on Darwin

3.8.0

4 years ago

Release Notes

Version: 3.8.0 From: 3.7.1 To: 3.8.0 Commits: 188 Contributors: 30

Authors

00rsiere [email protected]
Adrian Studer [email protected]
Alex Gaines [email protected]
Alexandre ZANNI [email protected]
Anton Kochkov [email protected]
Anton Kochkov [email protected]
Ayman Khamouma (ak42) [email protected]
Brenton Morris [email protected]
Carles Pey [email protected]
Chirag Jariwala [email protected]
David CARLIER [email protected]
Florian Märkl [email protected]
Giovanni [email protected]
GustavoLCR [email protected]
Khairul Azhar Kasmiran [email protected]
Maijin [email protected]
Maijin [email protected]
Paul I [email protected]
Reviakin Evgeny [email protected]
Roman Valls Guimera [email protected]
Rot127 [email protected]
Srimanta Barua [email protected]
Sylvain Pelissier [email protected]
Vane11ope [email protected]
bagginslin [email protected]
dodococo [email protected]
elouet [email protected]
fandauchytil [email protected]
pancake [email protected]
tantei3 [email protected]

Changes

analysis

Improve the aab (blaze) analysis by honoring data meta
Speedup and reduce false positives in aae by honoring code/string/format
Do not analyze functions in strings/data by honoring the meta
Fix infinite (or expensive) loop when fcnsize=0
Honor anal.strings in aav
Define argument and ret pseudo registers in the SuperH4's reg profile (#14920)
Introduce anal.in=code (2x faster aar in some big binaries)
Introduce afisaj and fix table contents for afisao and such
Implement afis[aof] - to show instruction type, family and mnemonic tables
Fix as command to resolve syscall by name, number and SN reg
Fixing ESIL for ARM architecture pre-indexed addressing mode with LDRB (issue #14850) (#14901)
Add more info in aflt and add afltj
Initial implementation of aflt (using the new RTable API)
Hide the shift overflow warnings under esil.verbose
Fix ownership issues related to cc
Add calling conventions for ARM32 and Thumb
Unify the use of R_ANAL_CC_MAXARG
Propagate noreturn information (#14793)

bin

Fix code injection issues i* commands (rabin2 -r)
Fix #14930 - handle LC_DATA_IN_CODE in macho
Fix strings on ELF bins for SH-4 with the Renesas SDK
Support deep JSON format for binary headers in iHj
Fix Cf with named formats when .iH* is used
Fix #14898 - Show warning when -B used on unknown binaries

build

Shrink the Cydia package from 512mb to only 64

core

Add single quote as alias for =! and \
Support 0X as an alias for 0x in numbers

debug

Fix crash in gdb client (#14897)
Notify user on hardware breakpoint hit

diff

AGraph integration with radiff2

disasm

Fix #14716 - Honor local flags in RParse
Implement asm.hint.emu and improve Vr reftype selection
Do not try to resolve strings pointed by adrp instructions on arm64
Honor asm.instr in pdi
Hide brackets for LEA even if operand is section flag
Add support for the amd29k architecture
pix and pdx are now aliases for pad

doc

Remove help for hud in ??

graph

Fix #14859: Enter used to update seek in visual call/ref graphs (#14906)

Fix a couple of bugs in wo* and implment wo8
Add support for io-plugin initialization via null system command =! (#14915)
Simplification of the io_self plugin for macOS/iOS
Consider endiannes when performing block write operations

panel

Few memory leaks fixes
Fix #14891 - Seek in panels after coming back from console
Fix #14883 - use[] to realign comments in disasm
O in visual is supported in panels with the "i" key
Added some asm settings and classified it

panels

Fix #14891 - Seek in panels after coming back from console
Fix #14883 - use[] to realign comments in disasm
O in visual is supported in panels with the "i" key
Added some asm settings and classified it

print

Implement pv* to completely fix #14165
Fix #14165 - Implement pVj and fix pvj with argument
Fix #14936 - Add po[..] set of commands
Implement 'cols' RTable.query to filter by column names
Use block character for p= and p== graphs (#14941)

r2pipe

Initial support for r2pipe.html

rop

Add ROP chain execution support in ragg2

search

Let search.align override arch.align if set, improves aav in SH
Bring back /ai and fix regression for SUB.val
Skip gadgets starting with a nop in /R
Fix #14755 - read-only raw search
Fix #14202 - Add support to '\d', '\w', etc. in regex

util

Initial implementation of the RTable API with filter, sorting and query APIs

visual

Fixes #14914: Mouse wheel for hud (#14940)
Improve mouse in visual (hud instead of goto and ignore cursor toggle

windows

Fix #14816 - Properly get lib path

Other Changes

add nf flag in ESIL generated for ARM thumb (#14954)
Fix regression in wo2/4/8
Fix divbyzero and garbage variable found by clang-analyzer
Fix memleak in r_strbuf_prepend
Fix logic in 2-byte endian swap used by "wo2" (#14951)
Display operand of EBC push/pop instructions (#14949)
ARM: fix order of registers in push/pop with reglist
fixing esil =[*] (poke multiple regs/values)
Fix out-of-loop issue in aae
macOs/Notes 6.8s -> 6.4s
macOS/r_core 4.3s -> 3.8s
Still wip. only works as a hint when using -e bin.verbose=true
Improve r_core_anal_hasrefs_to_depth (#14863)
Fix Win32 build patch from @sanguinawer (#14945)
Fix uninitialized variable issue related to the mouse state
Fix regressions
Fix #14380 - Fix demangling symbols containing the '?' char with iD
Fix #14889 - Implement ! and c keys in visual help
Improve vq and v!!! workflows
Break early in Cf format name failure
Fix #14939: Replace assertions about missing RReg profile registers with warnings (#14943)
fix help message of ? (#14944)
Fix #14935 - Kill harmless warning
Fix assert in aea for r2wars
Show backtrace when assert happens
Fix crash in aea* when code is ffff
Fix #14771 - Modified pdx/pix to disassemble hexpairs (blocksize-independent) (#14892)
Add frame pointer to AVR register profile (#14938)
Enable mouse only if it was prev enabled and based on scr.wheel (#14925)
Fixes #14911: Use theme colors for p= and p== (#14934)
Add fortune
1 != 0
Massage two more assertions
Fix early assert for IO
Disable Travis IRC notifications
Too much noise at IRC.
Blindfix more null derefs in reg.value
Fix another null arena deref
Assertify io.fd api
Fix aea for instructions referencing PC
Boolify the reg api a bit more
Fix null deref in reg arena
Blindfix for empty reg arenas
Add Predicate for Task Dispatch
Fix assertion when emulating invalid instructions and revert pcalign4 for sh
Update help message for Vd
Fix #14928 - vr to be in sync with Vr
Fix assert regression before it triggers
Minor cleanup and visitor cache proposal test for RAnal.fcn()
Fix #14821 - crash in td
r_str_split_list() rewritten to support nth limit
r2 -qq -c 'aac;aflt size/gt/200,addr/cols/name/nbbs,nbbs/sort/inc' /bin/ls
Fix off-by-one in RCore.lines.initCache();
Set asm.hint.emu=false by default
Fix build
Add r2con2019 svg logo
$ r2 -i doc/r2pipe.html /bin/ls
Syncing with r2hexagon (#14918)
the reference of emulation are displayed one instruction after. which is bad
Fix build
Fix Windows build (#14916)
afisa uses rtable, as well as afist@@@F
Useful for r2frida to automatically run .=!i*
This makes reading iOS apps much simpler by removing lot of false positive strings
Fixes #14900: Disable color for dot mode (#14908)
Better directory structure for the panels config file (#14903)
Fixes #14896: Enable and disable mouse based on requirement in visual/panels (#14909)
v!! = V!! - use ! to toggle between visual and panels
Fix hexdump height issue in panels
Reset mouse settings after leaving the hud
Fixes #14900: xdot type commands functional now (#14902)
Fixes #14900: xdot type commands functional now
Remove recursive handle_stop_reason call
Revert "Fixed the bug that I had fixed before (#14788)"
This reverts commit 9e271424d8805afaae06e74678bab5edf7a8e3b6.
This change was breaking panels in Mac
Fix MSVC build
Add afltj and some more fixes and improvements related to RTable
Accepts a query as argument
Fix a segfault in RStrBuf.prepend
Add lsls and ldrh thumb asm.describes
Add missing include install for meson
Improve disasm char hints
Fix some warnings from gcc
Make cmd_depth task-local (#14888)
Add neg pseudo instruction to arm assembler (#14890)
Freed some vars (#14885)
Fixes #14845: Use unicode settings in radiff2 (#14884)
Fixes #14845: Use unicode settings in radiff2
Fixed indent
Tame vayour
Fixes #14534: Ignore non-printable and non json chars (#14876)
Fix #14878 - Fix unaligned field access
Add afos command and minor cleanup for afo
Fix null derefs in afv subcommands when no function is found
Fix afvn outside of Function (#14882)
Fixes #14856: Changing visual seek behaviour in Vv (#14877)
Fix #12438 - Fixes for PDB (#14874)
Fix use after free when autoloading pdb
Use heap on td command
Fix #12438 - Fix wrong 2 byte read for char value
Fix crash on r_line_readchar_win (#14875)
Merge pull request #14868 from kazarmy/x86-cmp-disp-for-disp
Use op->disp instead of op->ptr for disp of x86 CMP (and ACMP)
Drop not needed wrapper
Fix non-unicode Windows build virtual keys not working
Fix arrows in vi mode on Windows
Merge Windows and Unix dietline implementation
Simulate escape sequences in r_line_readchar_win
Fix some bugs on Windows
Some refactoring
Fix #14854 - Fix glitch in asm.hint.pos=0
Use LTO for the Cydia build
Fix segfault in r_main_free
Add the syscall number regname for hexagon arch
Fix #14870 - Fix crash in type propagation when no cc defined
Instead, recursively going through the regions while focusing
on main addresses and grabbing pages states informations.
Fixes for the cydia static build of r2, needed for iOS12
add missing =SN for the SH analysis plugin
Fix for meson
Fix hexagon jumps second try (#14867)
Synchronized files with radareorg/r2hexagon
Fix warning, assertions and regressions in arg type handling
Add missing cc-x86-16
Fix anal.depth and remove arm16 dim
Code cleanup
Update capstone again (#14862)
Fix #14861 - Reset cursor after leaving panel's prompt ':'
Fixed the bug that I had fixed before (#14788)
Use op->disp instead of op->ptr for disp of x86 MOV (and others) (#14829)
Use op->disp instead of op->ptr for disp of x86 MOV (and others)
Fix for jumptable MOV
Fix for [] operands
Fix another Appveyor hang (#14844)
Fix coredump PC not being considered (again) (#14836)
Use r_sandbox_fopen instead of fopen (#14832)
Revert multiple layout saving regression in panels (#14792)
Some little refactoring in panels (#14798)
Fix #14522: Added g support for Vv mode (#14823)
Add a small menu tick for visibility when scr.color is 0 in panels (#14801)
Avoid disassembling the same instruction twice on rop search (#14815)
Avoid disasm the same instr. twice on rop search
Fixes for comments
fix double free
Fixes #14267: Does not print the function name for agft (#14819)
Fixes #14672: f= gives output from current flagspace (#14820)
Add @sghctoma pf definition for BIOS and NTFS
Add *BSD SourceHut builds (#14824)
Fix r_print_color_op_type param type mismatch (#14825)
Specify graph.diff colors for sepia (#14817)
Implement agd* based commands (#14809)
ag* commands fully functional
Indent and r_return usage
All agd* commands functional now
Graphs are pretty now
Refactoring the code
Fixed assertion error
Fixed broken agf
Always bracket indirect addr operand (except LEA) (#14802)
Always bracket indirect addr operand (except LEA)
Don't use RAnalOp
Add clang-cl support (#14814)
Fixes for path autocompletion on Windows (#14813)
Fix register writing on Windows (#14805)
Fix register writing on Windows
Drop unecessary use of heap
Fix stack-use-after-scope (#14811)
Fix #14804 - Make sure anon structs have unique names (#14806)
Also skip "union" to get type
Fix Appveyor hang on master (#14803)
Propagate noreturn information
Avoid infinite loop when propagating noreturn information
Avoid all recursive cases
Avoid warnings
use r_anal_bb_opaddr_i