Release 3.6.0 - EGO · radareorg/radare2

http://radare.mikelloc.com/release/3.6.0

Release Notes

Version: 3.6.0
From: 3.5.1
To: 3.6.0
Commits: 365
Contributors: 30

Authors

Наташа [email protected]
Alex Gaines [email protected]
Anton Kochkov [email protected]
David Carlier [email protected]
Dorian Wouters [email protected]
Florian Märkl [email protected]
Francesco Tamagni [email protected]
Giovanni Dante Grazioli [email protected]
Grant Douglas [email protected]
GustavoLCR [email protected]
Itay Cohen [email protected]
Khairul Kasmiran [email protected]
Lowly Worm [email protected]
Maijin [email protected]
MapleLeaf-X [email protected]
Martin Brunner [email protected]
MatejKastak [email protected]
Paul I [email protected]
Purdea Andrei [email protected]
Riccardo Schirone [email protected]
Srimanta Barua [email protected]
Vanellope [email protected]
Yevgeny Pats [email protected]
bart1e [email protected]
condret [email protected]
dodococo [email protected]
erfur [email protected]
pancake [email protected]
ricardoapl [email protected]
vane11ope [email protected]

Changes

anal

Fix syscall resolutions for s110 operating system
wzr/zr/xzr register on arm64 is wired to ground
Fix naming of entrypoint symbols in files with class information (DEX/C++)
Fix #13668 - Implement a* as an alias for afl*;ah*;ax*
Fix and improve ESIL for arm64
Fix #10567 - Implement afl. command
Fix afl* not saving function bits
Add experimental `axm command
Implement refs for iget/iput Dalvik instructions
Implement esil for OR and MUL dalvik instructions
RAnalOp.Type.CAST.toString() and implicit refptr init
Improve af performance affected by `aflc
Honor R_ANAL_OP_MASK_ESIL in anal.dalvik
Improvements in dalvik analysis
Add Stackframe Anal Hint
Add opcode mask field in ao and aoj
Add opcode description in ao
Show pseudo in ao and aoj
Improve anal and parse plugins for Thumb
Implement ESIL for stxb and stxh THUMB instructions
Fix issue when analyzing the last DEX method

asm

Handle LEA operand rip in x86.nz

bin

Fix code section size in dex files
Handle mod_init/mod_fini as word sections in mach-o
Handle the interpos section as words in the disasm
Fix ObjC detection in macho binaries
Get rid of the ELF-specific C++ detection
Add -O a/l/ for macho to add libraries
Honor more segments vs sections, for jmptbl, fatmacho, zeropage
Fix iS/iSS in macho and kernelcache
For #14268: Implement ob= listing bin map coverage
A couple of fixes for base address support
Add missing ARM64v8 and ARM64e defines for the mach0 parser
Kill RBinFile.objs RList
Implement RBinFile.at and make it work with e bin.at
Fix some RBin file format crashes
Speedup loading fuzzed ELF files with huge nrel field
Faster macho loading by reusing symbol parsing for getMain()
Remove symbol table size hard limit in macho
Fix regressions in dyldcache and xnu_kernelcache plugins
Completely eliminate the bytes apis in RBin
Fix #14147 - Honor -qq for classes and imports
Initial extermination of the *_bytes methods in RBin
Fix #12600 - Implement .ic** command to import bin.class info as anal.class
Handle DEX files with no entrypoint properly
Properly handle ELFs with no entrypoint defined
Little ELF segment labelling change UNKNOWN -> NONE

build

Continuous Fuzzing Integration with Fuzzit
Add sys/build-shlib.sh and fix static builds

config

Improve the list of supported decompilers in e cmd.pdc=?

cons

Little va_list leaking
Fix #14046 - Don't use ansi with aaa notifications if no ansicon
Add bold to eco bright items that were originally bold in default palette
Fix #14254 - Add eco bright (r2 default palette but with bright colors for all)
Add bright colors to the colors table
Fix #14101 - Fix non-ansicon UTF printing
Fix THE glitch affecting panels box colors
Default to scr.color=COLOR_MODE_16 for Alacritty on Windows
Dfferent color for up and down in disasm reflines
Implement reset command to reset the terminal settings
Enable color prompt on Windows
Fix Color_GRAY/BGGRAY
palloc return checks

core

Fix #14335 - Add sort, join and uniq
Simplify RConfig.eval and improve e with e, for csv
Add r_sys_exit to proper quit
Honor hashbang and PATH when interpretting extension-less scripts
Honor ^C in @@@F and @@@s
Implement $O variable pointing at cursor
Implement |. (alias for .)

debug

Improvements to windows heap parsing
Set cmd.gprompt=.dr* when cfg.debug=true
Initial implementation GetSingleBlock for Windows heap
Initial implementation of heap parsing for Windows (#14218)

debugger

Improvements to windows heap parsing

disasm

Avoid printing nulls on invalid code or missing bin info for Dalvik
Add asm.movlea configuration option
Improve comments alignment in the disassembly
Fix arm64 parse for BL instructions
fix, improve and add some sh pseudo
Support asm.hint.pos=-1 for leftish key hints
Initial cleanup in RParse, delete mreplace plugin
Toggle asm.dwarf in V# and pds
Add support for base64 in CL command
Faster dtd (trace disassembling) using API instead of RCore.cmd
Fix #14258: Issue with upgoing refline at XREFS
Fix CL command and make asm.dwarf work without source files
Fix asm.varsub in a hacky way to fix the disasm output
Fix project's asm.cpu behaviour
Priorize strings in case multiple metas match
Set the RBinSection.format as dwords for the constpool in DEX
Initial import of the RISCV capstone plugins for asm and anal

esil

Skip {urc}{jmp,call,ret} in aesou
Fix issues with negative esil.timeout values
Fixes related to ARM64 ESIL emulation
Make $r{} work without the debugger
Add cmd.esil.stepout to run r2 commands (before and after emulation)
Fix recursivity issue when calling aes in cmd.esil.step
Fix cmd.esil.step handling of return value

graph

Implement fg command to create a graph of flags (WIP)
Implement graph.ntitles to toggle graph title nodes

hash

Initial implementation of pasasword generators under /Cc
Fixes for fletcher8
Add support for fletcher8, 16, 32 and 64 hash algorithms

heap

Implement GetSingleSegmentBlock for LFH and VS Windows heap

json

Use asserts in pj api to catch this issue earlier

meta

Fix CC-, CC-* and CCf- commands to work as expected

network

Handle R2_CURL env var in RSocket.httpGet

panels

Add more configs for disassembly are supported in the menu
Emulate menu is added
Settings menu is added, and decompiler is configurable in there
Something like Ctrl w + T in vim implemented
Almighty menu has got debug items too if it is in debug mode
Search->Cursor->Xref/Ref enabled
Cursor works better in many panels
izz~ and iz~ available from both the menu and " modal
Force cache the result of Decompiler and Graph panels plus better auto updating, and refactoring
Cut out the widget as a struct and name it Modal
Enable deleting an item from the list in " widget
New item can be created and inserted to the '"' widget.
Centered the '"' widget plus v and h commands are added to it.
Added l command to the console which works like Ctrl l and Refactoring
dwm style default layout
Implement Console frame in visual panels
Enable creating a panel from the list of all kind of the panels and replace the current panel with it
Autocompletion is supported for Breakpoints and so is cursor to seek to and del them
Cursor is available in strings panel
Cursor is supported in Symbols panel

performance

More code cleanup in RBin, speedup method resolution

print

Honor hex.section in prc and pxa
Implement pV command - like pv but for bytes instead of values
Fix pv [arg] behaviour
Added support for pd and px without space
Honor hex.section in pxW and pxQ
Honor hex.section in pxb
Improve pxr for null words and relocs and use hex.section in pxs+pxr
Fix #14250 - ps[puzwW+]j
Fix #14263 - Add hex.section option for the hexdump
Add Objective-C and Rust (pco, pcr)
Add Kotlin, Java and Swift pc sub-commands

r2pm

Honor the 2nd arg of R2PM_TGZ with ZIP files

refactor

Change the signature of r_str_trim to avoid confusions
Deprecate the RBinObject.id field
Rewrite the RBuffer API to make it safer and adjust the codebase

refactoring

Deprecate the RBinObject.id field

remote

Improve the r2web:// IO plugin and fix a couple of bugs in there
Speedup r2web://
Make -C http work like the tcp and rap remotes, expose the shell via ==
Honor rap.loop in rap server and add examples in =?
Fix issues with the tcp server .: and =+tcp, use index instead of fd
Fix some UAF in rap server, handle HTTP over rap and tcp properly

search

Fix #14403 - Fix search on multiple maps (#14405)
Add /cc for case insensitive instruction
Add search.in=bin.segment[.s[rwx]] and fix bin.section[.s[rwx]]
Fix hexpairs search containing whitespace
Fix /r for dalvik and enable VA

shell

Handle e cmd.pdc=<tab> and improve e cmd.pdc=? autocompletion

signatures

Improve zignatures
Make zignature comparison fuzzy
Implement the zc command

trace

Sort dte output

visual

Improve the vv mode for editing variables

windows

Fix command redirection
Dynamically find radare2 install dir on Windows
Add mfc100u and a script to generate them
Set scr.ansicon=1 if running under Windows 10 Creators Update or later
scr.ansicon=2: Show esc seqs (for debugging) if using non-ConEmu-hosted cmd.exe
Fix QueryDosDevice returned length check
Fix ood; ood bug on winxp->win10
Fix r_sys_pid_to_path (supports winxp -> win10)

To Review

Release 3.6.0
Add a cool fortune (#14409)
Fix 1 byte oob write bug in RBin.Strings coverity
Breakpoints can be added with the cursor (#14404)
Simplify ds_begin_nl_comment()
Use a thread to prevent hang
Add some checks and fix some bugs
Fix an unrelated json for the greens
Fix pdJ for asm.cmt.right=0+asm.cmt.refs
Fix some color and newline issues
Fix ds_begin_nl_comment()
Do not assert when cursor is disabled
Fix #14286 - Initial implementation of the pp (print-pattern) command
Some tweaks related to pj/disasm
Fixes #13628: cmd.hexcursor now works with selections! (#14394)
Fix asm.lines.right in disasm
Fix trailing space in MOV disasm comments
by pancake and kazarmy
Remove dup ds_align_simple()
Remove unnecessary ds_align_comment()
ds_align_simple -> ds_begin_nl_comment
ds_comment (ds, true, ...) for comment start
Remove blank line before flag comment when asm.cmt.right=0
Remove blank line before refaddr comment when asm.cmt.right=0
Fix comment color when asm.cmt.right=1
Use ds_pre_xrefs() instead of ds_pre_line()
Fix null name issue in axtj
Improve r_sys_setenv on Windows
(cherry picked from commit fd43d41)
Upgrade spp from git
Also put r2.bat under \bin on Windows install
Fix io/self vm mapping late calculations.
Calculation must be done before getting the aligned data, most likely missing few
entries...
fixed regression on !!!foo
Fix Warnings
Handle more dalvik invokes via esil
Drop precision to double before comparing (#14379)
Upgrade capstone-next
Wrong path
Add mingw to PATH in the Appveyor test script
Fix esil harder, thx @radare
Return bool instead of ints in esil-ops
Fix esil
add type information to esil-ops
add meta-information to esil-ops
Add more registers for Dalvik, despite that should be dynamic (#14375)
Fix null cmd.esil.stepout issue on som ESIL initializers
Add path completion for join, uniq, sort (#14373)
Fix r2pm -H output
Fix UB ASAN crash in 'pv'
More spelling fixes in the code
"e cmd.esil.step=sr PC;aepc ?v $$;q 0"
if q == 0 { successful replacement, do not emulate }
} else { emulate the instruction with esil }
Ignore anal.gpfixed fo non-mips in disasm
Add anal.gpfixed instead of anal.gp2 and use in aae
Honor scr.wideoff in $?
I recommend reading SH operands right-to-left
tst is checking for zero (!)
Add a space or two
autocomplete when there's a space between the eval var and the = char
!!!$eval and !!! $eval are invalid
added afn as flags
Fix UAF in e asm.cpu=
Fix visual bug on Windows
Rename r_cons_get_ansicon() since it's confusing (#14347)
Fix more grammar
Fix grammar across the code
Add codespell script
Fix Appveyor (#14346)
Add afn. command for consistency
Fix #14215 - invalid JSON in pdJ with Cf #14342
Arm64: Handling of XZR registers in assembler (#14343)
Handle ^C in pz which may be holding on slow IO backends
Fixed oob in rgb.c (#14339)
Fix crash when obj && !obj->info is null
Fix #14334 - Double-free in ms command
Implement r2p r2pipe commandline tool and !* as an alias for #!pipe (#14336)
Also voidify and boolify anal, parse, cons, bin, ..
Fix build
Rename r_bin_file_set_cur_binfile_obj to r_bin_file_set_obj
- add ESIL for LDURSW instruction
- fix ESIL shift for TBZ, TBNZ
- fix condition computation for LE, LS
Trim before comparing pseudo asm (#14313)
The almighty modal is available even when it is in the menu mode, and refactoring (#14318)
Call r_anal_op_free after acquiring RAnalOp pointer (#14317)
Add R_DEBUG_ASSERT in DEVELOPERS.md
Use id16 instead of id256 for color id (#14316)
Fix color after piping on Windows (#14314)
Enable r_stdin_slurp on Windows (#14312)
Restyling (#14311)
Open disas panel if it is not there when the cursor selects some offset (#14310)
Reset inverse video first before anything else (#14309)
Fix #14296 - Segfault in ragg2 (#14308)
Fix #14303 - oob crash in RParse api usage, needs API redesign (#14307)
Fix eip inverse under cmd.exe (#14304)
verify that maps is a list before trying to deref the pointer
This fixes cases where saving and loading a project of a mixed-mode
binary (e.g. ARM with Thumb parts) reverted functions back to only one
of the modes.
WIP: Really basic implementation of esil.timeout. (#14297)
Really basic implementation of esil.timeout.
Fixed style issues
Converted timing to r_sys_now() to keep consistency with other timing based solutions throughtout src
Fixed spacing issue and removed use of CLOCKS_PER_SEC const
Shift right to equate to seconds
Fix linehl color for Windows ecd (#14301)
Refactoring (#14298)
Fixed crash on CL (#14299)
s/CORELIB/R2_PLUGIN_INCORE/g (#14295)
Move some R_ANAL_OP_MASK_DISASM outside RCore (#14294)
Fix linehl color for eco bright and ecd (#14292)
Fix crash in macho parser with bin with md5=0e32e7e3b8c2895bbdeb986eedda3dd6
That should fix the MSVC build
Fix ARM64 MOVK shift boundaries to 48 instead of 47
Fix small bug fix in trace (#14291)
Use a less dark color scheme by default on scr.color=3 on non-Windows (#14289)
Add also bold to default palette items that are bright
Handle segment sections in dyldcache
Fix masked check
- avoid emitting malformed r2 commands in z*, by adding the n type for the realname field
- use bytes:mask format instead of combining the mask with bytes, to support sub-nibble masks
- fix and improve anal_mask() for arm64
Fixed a critical issue of the almighty menu
Minor tweak for maps changes and aav
Fix iSS= iS=, iSS* and iS* issues
Symptom: Search often failes when hexpairs are separated by spaces, e.g. "01 02 03" vs. "010203".
Affected: radare2 and rafind2 at least
Description: While parse-function r_hex_str2bin handles whitespace, auto-generated binmask
(function r_hex_str2binmask, called when no mask is provided) does not, creates oversized mask,
increases byte count, finally causing search for additional undefined bytes.
Self documentation in ob= (#14272)
Added r_listinfo_new and refactored to use it
ignore ccls cache
Code cleanup in RCons
Split types-windows.sdb.txt and add cc info
Refactoring panels (#14181)
Little memory usage fixes in esil
Fix asserts and memleak in RBin.classses
Upgrade capstone from git
Fix #14233 - Fix 1byte oobread in wasm analysis
Bring back the old behaviour but add some warning messages for debugging
Fix local var clobbering regression
Fix class initialization and simplify some paths (-10LOC)
More RBin refactoring and cleanup
Mark r_bin_class_new/free as internal (#14239)
Add a parenthesis
Honor asm.var.submin in disasm.c and use RNum.get instead of .math
Fix build and add snprintf_chk function signature
Fix assert in objc demangler and kill r_core_bin_cur
Fix another UB in flitcher32
Fix UB issue in fletcher hash
Fix crash in zo
Use bright colors instead of bold in default palette (#14232)
Fix cmd_ah asan crashes
Fix #14228 - oob-read by one in wasm disasm/analysis
Fix crash when parsing 1 byte truncated omf files (#14227)
Add bright color support to scr.ansicon=0 (#14224)
Fix OOB Write in langFromHashbang (#14222)
Fix a bug in panels with disasm (#14221)
Refactoring (#14216)
Avoid an assert regression that must be checked back at some point
patch #14211 heap buffer overflow in large ragg2
inputs. this should be refactored to use an RBuffer to enable dynamic
resizing, but for now just patching it to bail out if we are about to
overwrite the allocated statically sized buffer
Completely kill all the check_bytes (-100LOC)
Fix grep sorting (#14207)
Fix warning when using r2frida (#14201)
Fix the BG glitch ()
Add usec precission for RSocket.blocTime() and improve r2web:// a bit
Remove last load/load_bytes methods (#14196)
Fix r2web block times
Colors menu should be moved under Edit parent menu (#14194)
Fix #14186 - aarj was throwing invalid json
Fix some compiler warnings (#14191)
Minor fixes for the white themes
Fix typo (#14192)
- it will match zignatures which similarity is >= the given threshold
- different thresholds for bytes and graph
- by default thresholds are 1.0, which means it matches only if it’s the exact same
- zign.diff.gthresh and zign.diff.bthresh are the new eval configs to control that
- the output of zc[n!] now contains the similarity value as well
Use st64 and ut64 instead of size_t
Fix mach0 parsing issue
Fix OOB write in PE parsing
Fix crash in bin_xbe parser
Fix crash in bin_java
Fixes clusterfuzz-testcase-minimized-ia_fuzz-5740477602594816.dms
Set bin_obj on bios_bin load_buffer method (#14188)
Fix a few bugs and the speed in the graph (#14187)
Added python utility to convert from "dumpbin /exports" output file format, to the .sdb.txt formatted files that radare2 uses.
Usage:
First run 'dumpbin /exports your_file.dll/.lib > your_file_dumpbin.txt'
Then run 'python convert_dumpbin_exports_to_sdb_txt.py your_file_dumpbin.txt > your_file.sdb.txt'
#define ENABLE_VIRTUAL_TERMINAL_PROCESSING if it's not defined (#14185)
Old behaviour: if you bump asm.arch it resets asm.cpu to default of that arch
New behaviout: if you bump asm.arch it keeps asm.cpu if it is set and valid for that architecture
Refactoring (#14181)
Clean up the part of the code that fixed the glitch in ansi code (#14180)
Fix r_cons_get_ansicon leak (#14179)
Add r2preload demo program
Add missing =SN in the dalvik reg profile
Update capstone from Git (#14175)
Fix string ref regression in dalvik
More refactoring in panels (#14169)
Fix invoke-virtual method+X dalvik to be UCALL
Solve xrefs to address 0
Fix Windows build (#14167)
Fix ansicon detection with UTF enabled (#14166)
Huge bytes->buffer on almost all the plugins, break API and ABI \o/
Changed the way RBinFiles are created
Changed the structure of the Sdb instance
Improve ELF and MZ detection mechanisms to reduce false positives
Change all the free/destroy methods to return void
Fix "ks" shell
Simplify and change the way RBinWrite apis work
Fix #14157 - Fix buf regression in debugger (#14162)
A few bug fixes and refactoring for panels
Use shorter esc seqs for fg and bg gray (#14155)
Fix a few bugs of the widget (#14156)
Fix a few bugs of the widget
A hack for the smoother move in the widget
Implement r_cons_show_cursor for Windows (#14151)
The current panel can be added to the list in '"' widget (#14145)
Add #ifdef ENABLE_VIRTUAL_TERMINAL_PROCESSING (#14144)
scr.ansicon: Set/unset flags that enable ANSI esc seq support in Windows console (#14137)
Refactor and Complete Anal Hint Printing (#14138)
Support scr.fps on non-ansicon Windows
Fix assert in wai trying to write an empty buffer
Fix null deref in rasm2 -L
Do not close IO when RBuffer is freed (#14123)
Given the RBuffer_io does not open the file itself, it does not make
sense to close it. It's not its responsability to do it.
Use r_cons_win_printf instead in dietline.c (#14127)
Fix uninitialized bytes issue in 'ao' command when seeking around
Minor code cleanup
Fix UTF r_sys_pid_to_path Windows (#14121)
Fix selection widget on Windows (#14118)
Update doc/capstone
Update capstone5 from git
Fix is.j and implement Cs.j to please r2dec (#14113)
Add funny fortune
Do not double define typedef RBuffer (#14112)
It should be enough to define struct r_buf_t, since the typedef to
RBuffer is already specified.
scr.ansicon updates r_line_singleton as well (#14111)
Fix inverse video esc handling in r_cons_w32_print (#14110)
Fix 786af1f
It apparently was causing strange keyboard behaviour and crashing Windows.
Removed some spaces and spaces->tabs in output.c
Use bool instead of int in calls to r_cons_w32_print
Fix bg esc handling in r_cons_w32_print (#14106)
Use r_cons_w32_printf instead in dietline.c (#14105)
Wait ~10s for response to qSupported packet. Send another qSupported (#14104)
packet on timeout. Do this 5 times, and then bail out.
A few fix for hexdump and disassembly
Small typo in =? output
Initial band-aid fix for a UAF with two seperate desc pointers (#14094)
Also add zcn, zcn! to compare only signatures with the same name.
r_socket_connect_unix() is false on non-Unix
Fixes AppVeyor build.
Refactoring and fix a bug concerned with the cursor (#14089)
Deprecate the is_valid_offset() anal callback, that's task for IO!
WIP: Fix the Dalvik analysis by skipping fields and imports
Fix #14082 - dte output to RCons, not stderr
Fix rip-relative lea tests (#14083)
Fix and reorder bindings languages
Rephrase the README
Honor rap.loop on the tcp server when an invalid packet is received
Fix 2 problematic format strings on 32bit systems for asm.rsp
Upgrade cs5 to fix the arm64 disasm crash
Reimplement r_buf_fread/fwrite
Add slice buffer and introduce readonly field
Do nothing if size is 0
Prevents an overflow when 8 is subtracted from size.
Fix ragg2 when patching outside currently existing buffer
Implement r_mem_mmap_resize for systems where mremap is not defined
r_buf_buffer can be called with no size arg as well
Use size_t instead of ut64
Fix rpush regression
Track pushed register (note: immediately after lea/mov) to resolve push-ret (#14034)
For mov reg, , only track if is immediate value
Add R_ANAL_OP_TYPE_RPUSH (UPUSH | REG)
Changed so that "rpush" is printed instead of "upush" in case of register push
Post release version bump

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

3.6.0 - EGO

Release Notes

Authors

Changes

To Review