rizinorg / rizin Goto Github PK
View Code? Open in Web Editor NEWUNIX-like reverse engineering framework and command-line toolset.
Home Page: https://rizin.re
License: GNU Lesser General Public License v3.0
rizin's People
Contributors
Stargazers
Watchers
Forkers
yossizap gr3yr0n1n 0pendev 4144 xvilka dukebarman ps1337 officialcjunior maijin kazarmy flaviupopescu ifygecko raymondseger ssgaur bartoszek xarkes mscherer karliss gitmesam fcasal inspectordidi kakuye teasp00n 6un9-h0-dan pelijah gustavolcr oloar ntauth sporgj arya2331 itayc0hen 96radhikajadhav yashomer1994 ralexe pointedgroup fangxlmr davendu tabarnhack kz9 pinknoize heersin tianstcht 4thel00z chinggg ret2libc yuuoniy malhotrapulak basstorm suryagowda rareseanu athulcodes sandhrabino jbrjake gaurav2255 seanachao e888llll nishantpuri99 grix90 no1rr bambooeric tabhay smac89 ksrijansingh herrgahr xambroz nx6110a5100 theopechli majodu ice-tong kanika-banga tralivali1234 mymistoe rot127 st-rnd rbrishabh smartether hasheddan lgq2015 warmilk rootx007 pparmin oznog pratyushd35 gnole jajajasalu2 sylv-io dmaroo sarav18302 arryboom haystack-ia borzacchiello nicebikes kingking888 zha0 cutff nirmalmanoj abhimnc sudojarvis ogre2007 sergasterrizin's Issues
[question] how to drop `-git` from `rizin_libversion`
Quick question from meson newbie: how to remove -git suffix form rizin_libversion (need for packaging to AUR)
Currently have:
...
rizin-git usr/lib/librz_parse.so
rizin-git usr/lib/librz_parse.so.4.6.0-git
rizin-git usr/lib/librz_reg.so
rizin-git usr/lib/librz_reg.so.4.6.0-git
rizin-git usr/lib/librz_search.so
rizin-git usr/lib/librz_search.so.4.6.0-git
rizin-git usr/lib/librz_socket.so
rizin-git usr/lib/librz_socket.so.4.6.0-git
rizin-git usr/lib/librz_syscall.so
rizin-git usr/lib/librz_syscall.so.4.6.0-git
rizin-git usr/lib/librz_util.so
rizin-git usr/lib/librz_util.so.4.6.0-git
btw. consider enabling github/discussions to handle similar non-issues 🤔
Better representation of the long function names (e.g. from C++)
Currently rizin uses symbol name in its whole length as is. Moreover, the demangled comment shown as the right-aligned comment near the first instruction, not the near the function name.
We should:
- Think about better way to represent such a long names
- Move demangled version closer to the function name
Meaningless strings are printed
Description
It is quite frequent to see many "obviously-not-a-string" cluttering the output of the disassembly.
For example, what are these not-strings "z\x16\n" "HJ\n" "`\x18\n"?
I recommend try to (somehow) avoid printing strings that look meaningless
Binary:
1042f400ed776bc5d2c68becb386fb2ef3116417f96a67c14e8ca5b421ae7bc9.zip
Visual `p==` mode
Currently it looks like this:
It would be awesome to provide the similar looking visual mode, but with the hotkeys for each columns.
For example on the screenshot you see the 7th column with high entropy, which might be of our interest. But there is no indication how to get there. So in the visual alternative to p== command there are will be hotkeys to go for the each section, like we have the hotkeys in the visual disasm or graph modes.
What I meant is to have the whole-file overview of the p== mode, withe the ability to jump quickly to the corresponding place, and showing where we are on it, with some kind of cursor. Like a map of the file in Cutter, but with entropy. For visual mode it might be:
- At the top of the view is the
p==output for the whole file with cursor and navigation - At the left/right part of the view is the
p=output for the current block (or on-screen content?) - And the hexdump or whatever you want in the main part of the screen.
See also:
- Add visual
p=scrolling mode (similar problem, just more detailed - vertical mode, while this issue is for horizontal mode) - Add a ruler to horizontal histogram output (e.g.
p==) - librz/cons/histogram.c
- librz/cons/bar.c
Go binaries - breakpoint does not work
Environment information
- Operating System: Remnux v7, Fedora 36 x86_64
- Rizin version: 46eb79f
- File format: elf (golang)
Describe the bug
Even if I set a breakpoint, it may not work.
However, it works with edb and radare2.
To Reproduce
Steps to reproduce the behavior:
- Extract sample.zip
- Open sample with Cutter
- Start debugging
- Set breakpoint on sym.main.main(0x482070)
- Click F5
Expected behavior
Debugging stop on 0x44fb43 and [+] SIGNAL 19 errno=0 addr=0x00000000 code=0 ret=0 is displayed on the console.
0x0044fb3c mov eax, 0xca ; sys_linux_amd64.s:529 ; 202
0x0044fb41 syscall ; sys_linux_amd64.s:530
0x0044fb43 mov dword [arg_30h], eax ; sys_linux_amd64.s:531
Screenshots
The image below is a working radare2.
Additional context
The source code of sample is as follows.
package main
import "fmt"
func main() {
fmt.Println("hello, world")
}remove annoying [0xabcdef:4]=0x1234 from comments
Add Windows and Jemalloc heap parsing tests
Currently only glibc heap is tested with
NAME=dmh/dmha with memory dump
FILE=bins/heap/linux_glibc-2.30_x64.bin
ARGS=-n
CMDS=<<EOF
#re-map arena and [heap]
om 3 0x7ffff7f8a000 0x898 0x0 rw- arena
om 3 0x555555559000 0x3200 0x898 rw- [heap]
dmha~?0x7ffff7f8a000
e dbg.glibc.tcache=0
dmh~?allocated
e dbg.glibc.tcache=1
dmh~?allocated
EOF
EXPECT=<<EOF
1
3
2
EOF
RUN
Note, that this static test probably should be moved under a separate category heap, since not really dependent from the operating system.
We need add this static tests for Windows heap parser and jemalloc too.
Provide SVD handling out of the box.
There is some script already but maybe can be redone from scratch:
cmd_identifier with `\` are not supported ##newshell
\ should be always used to escape characters.
pd\@0xdeadbeef should be interpreted as a single cmd_identifier by tree-sitter, instead of pd\, @, 0xdeadbeef.
Test external tools separately, without running `rizin` first
It will reduce tests running time.
For example:
NAME=rz-asm arm asm/dis endian
FILE=-
CMDS=<<EOF
!rz-asm -a arm -b32 "mov r0, 3"
!rz-asm -a arm -b32 -e "mov r0, 3"
!rz-asm -a arm -b32 -d 0300a0e3
!rz-asm -a arm -b32 -e -d e3a00003
EOF
EXPECT=<<EOF
0300a0e3
e3a00003
mov r0, 3
mov r0, 3
EOF
RUN
Here rz-test runs 1) rizin first 2) runs rz-asm every time separately. Likely, the need to run rizin for these kind of test can be gone.
Update shellforge (for rz-gg/rzegg)
See https://github.com/whatsbcn/shellforge4 for more architectures/platforms and various bugfixes
See librz/include/sflib and librz/egg on where it should be updated/improved.
Rename all *_anal_* to Analysis
Expand the testsuite
Current rizin testsuite is not extensive in regard to different compilers, optimization options, formats and programming languages. We need to expand it to cover more cases, platforms, ABIs, operating systems. Here are a few example where we can import some tests from:
Add entropy edges printing mode
We currently have per-block entropy printing with p=e. Would be nice to have the more condensed mode of printing only the rising/falling edges, like in the binwalk -E mode:
[i] ℤ binwalk -E hugo_elf 17:14:18
DECIMAL HEXADECIMAL ENTROPY
--------------------------------------------------------------------------------
0 0x0 Falling entropy edge (0.669811)
33920000 0x2059400 Falling entropy edge (0.500119)
34128896 0x208C400 Falling entropy edge (0.814289)
34181120 0x2099000 Falling entropy edge (0.739773)
[i] ℤ binwalk -E hugo_gz 17:14:32
DECIMAL HEXADECIMAL ENTROPY
--------------------------------------------------------------------------------
0 0x0 Rising entropy edge (0.995563)
3024896 0x2E2800 Rising entropy edge (0.965233)
5500928 0x53F000 Rising entropy edge (0.990217)
5543936 0x549800 Rising entropy edge (0.970625)
5672960 0x569000 Rising entropy edge (0.957641)
6060032 0x5C7800 Rising entropy edge (0.978857)
7462912 0x71E000 Rising entropy edge (0.961115)
7530496 0x72E800 Rising entropy edge (0.958497)
7591936 0x73D800 Rising entropy edge (0.952436)
7622656 0x745000 Rising entropy edge (0.953014)
See librz/core/cmd_print.c as a good starting point for implementing this.
Split-view visual hex diff mode for rz-diff
With synchronized scrolling and highlight, like in dhex:
- Split view
- Ability to synchronise the scroll between splits
- Highlight the differences
- In hex view
- In asm view
grep regex
Seems that the ~ (grep) command do not support properly regexes.
It would be nice to have a proper regex support to allow for example one of the following actions:
ii~\bsomeimport1234\bthe syntax could be the same as for the linux grep command or even better like the pcre one.
r2 -q -c 'ii' ipa://test.ipa | grep "\bsomeimport1234\b"Cleanup RzThread
RzThread should be no more than a light abstraction of pthreads or what other platforms use instead.
- remove
running - remove
lock - ...
Show possible variable values in `Ve` interface
Currently it's possible to list possible variable values in the CLI with e search.in=?.
But in Ve visual configuration options navigator the feature is missing:
$ rizin -
[0x0000000]> Ve
[EvalSpace < Variables: search.align]
search.align = 0
search.chunk = 0
search.contiguous = true
search.distance = 0
search.esilcombo = 8
search.flags = true
search.from = 0xffffffffffffffff
> search.in = io.maps
search.kwidx = 0
search.maxhits = 0
search.overlap = false
search.prefix = hit
search.show = true
search.to = 0xffffffffffffffff
Selected: search.in (Specify search boundaries)
If you press ? in this mode it will show the help menu
Ve: Visual Eval help:
q - quit menu
j/k - down/up keys
h/b - go back
$ - same as ?$ - show values of vars
e/' ' - edit/toggle current variable
E - edit variable with 'cfg.editor' (vi?)
+/- - increase/decrease numeric value (* and /, too)
: - enter command
--press any key--
How it works in CLI:
[0x00006b60]> e search.in=?
raw
block
bin.section
bin.sections
bin.sections.rwx
bin.sections.r
bin.sections.rw
bin.sections.rx
bin.sections.wx
bin.sections.x
io.map
io.maps
io.maps.rwx
io.maps.r
io.maps.rw
io.maps.rx
io.maps.wx
io.maps.x
dbg.stack
dbg.heap
dbg.map
dbg.maps
dbg.maps.rwx
dbg.maps.r
dbg.maps.rw
dbg.maps.rx
dbg.maps.wx
dbg.maps.x
anal.fcn
anal.bb
[0x00006b60]>
I suggest to add a key for visual Ve mode to list possible values as e search.in=? does. Maybe * key or TAB in the value input field.
See librz/core/visual.c for the code that should be enhanced.
Function names are shown in comments when realname enabled
Smart correction of flags usage
Is your feature request related to a problem? Please describe.
As a result of #15702, the disassembly will change how flags are displayed:
For example, this:
call dword [sym.imp.user32.dll_CreateWindowExA]
To this:
call CreateWindowExA
Thus, users will try to use CreateWindowExA as the name of the flags in their commands.
Things like s CreateWindowExA or pdf @ CreateWindowExA. This will not work for them because this is not the name of the flag.
Describe the solution you'd like
A clear and concise description of what you want to happen.
For UI requests, don't hesitate to post some draws.
Describe alternatives you've considered
Say the user will want to do s LoadLibraryA or pdf @ LoadLibraryA, rizin will behave like this:
If only one flag contains this substring in its name or in its realname (e.g. only imp.kernel32_dll.LoadLibraryA will contain LoadLibraryA), then the seek will be to this address. There is no doubt that this is what the user expects so it's an easy decision and we can simply apply it for them.
If there are more then one option, then rizin will show something like this:
Multiple flags matched 'LoadLibraryA'. Did you mean to one of the following flags that contain this string:
0x4001234 imp.kernel32_dll.LoadLibraryA
0x7e01133 imp.someOther_dll.LoadLibraryA
This change will help in other cases as well and make the usage more friendly
The idea is that when a user will use realname and see something like "call VirtualAlloc" they will be able to perform "s VirtualAlloc" without having to specify the whole "sym.imp.kernel32_dll" thing.
A usage of a string (flag) in command will go this way:
- string == flag name
- string == flag real name
- string contained in flag name
so if the user will do
pd 3 @ sym.imp.user32.dll_CreateWindowExA + 5
then it's easy, rizin will behave is it behaves now.
But if it will do
pd 3 @ CreateWindowExA + 5
then we want rizin to understand it as well.
Fix Windows installer icon, path and info
Right now the windows installer still uses the radare2 icon and it install under a path with radare2. Moreover, it's still quite hidden and hard to know where the installer installs the binaries.
Autocomplete for `e asm.` doesn't work
Work environment
| Questions | Answers |
|---|---|
| OS/arch/bits (mandatory) | - |
| File format of the file you reverse (mandatory) | - |
| Architecture/bits of the file (mandatory) | - |
| rizin -v full output, not truncated (mandatory) | c5021f7 |
Expected behavior
e asm. then press <TAB> it should show available options or autocomplete their names when you start typing, like it was before the new shell.
Actual behavior
No autocompletion.
Weird output for dotnet files
file
File:
457f40119d53d558b87aaeee58dce19fb3ba969c913353fa02bf18a5c7dcf445.zip
r2 /home/beet/security/malware/misc/457f40119d53d558b87aaeee58dce19fb3ba969c913353fa02bf18a5c7dcf445
Metadata Signature: 0x65ed4 0x10001424a5342 12
.NET Version: v4.0.30319
Number of Metadata Streams: 5
DirectoryAddress: 6c Size: 11d8
Stream name: MZ� 4
DirectoryAddress: 1244 Size: c14
Stream name: MZ� 4
DirectoryAddress: 73676e69 Size: 0
Stream name: MZ� 4
DirectoryAddress: 50 Size: 535523
Stream name: MZ� 4
DirectoryAddress: 10 Size: 49554723
Stream name: MZ� 4
-- Mind the tab
[0x0046a35e]> q
macOS homebrew support
Having (mostly) everything scripted when (re-)provisioning my laptop, it would be nice for rizin to be added to homebrew like radare2 https://github.com/Homebrew/homebrew-core/blob/master/Formula/radare2.rb.
That way it's easy to just add another brew install and it'll be updated upon every brew update.
Use clang-format to format code and make an automatic check on PRs
Add visual `p=` scrolling mode
Current p= output takes a lot of the space, so it makes sense to add this mode into the visual interface too, allowing scrolling.
Refactor heap parsing code
Currently some of the heap parsing depends on how rizin is compiled. While it will work for the local native debugging it will inevitably fail in cases of the remote debugging or coredump/minidump files opening. Thus, some of the heap parsing code should be made not conditionally compiled but able to detect the target endianess, bitness, libc version, other parameters in the runtime, and call the corresponding routines accordingly. It is especially the case for jemalloc heap parsing.
See these files:
librz/core/linux_heap_glibc.clibrz/core/linux_heap_jemalloc.clibrz/core/windows_heap.csubprojects/rzheap/*.
Note, a part of this task would be adding jemalloc-5.x heap parsing which has a different structure (currently Rizin can parse only jemalloc-4.x heap structure).
Rewrite/remove GPL-only code from core Rizin parts
-
bin/mangling/cxx- moved to libdemangle #1656 -
shlr/qnx- written by madprogrammer and defragger (can we ask them to relicense?) - libopcodes in various places, see #209
To prevent the breakage it would be required to cover these pieces by tests a bit more than they are currently now.
[i] ℤ rg "SPDX-License-Identifier: GPL" 17:53:38
binrz/rz-gg/shellcodes.c.src
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/z80/z80asm.h
3:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/riscv/riscv.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/z80/z80asm.c
4:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/z80/expressions.c
3:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/riscv/riscv.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/riscv/riscv-opc.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/riscv/riscv-opc.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/vax/vax.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/vax/vax-dis.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/sysdep.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-opc.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-tbl.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-dis.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-opc-2.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-opc.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-dis.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/arm/aarch64/aarch64-dis-2.c
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/libhppa.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/symcat.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/opintl.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/sysdep.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/xtensa-isa-internal.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/libiberty.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/mybfd.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/xtensa-isa.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/ansidecl.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/bfdlink.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/disas-asm.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/elf/reloc-macros.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/elf/xtensa.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/elf/internal.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/opcode/nios2.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/elf/common.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/elf/external.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/opcode/lanai.h
2:// SPDX-License-Identifier: GPL-2.0-only
librz/asm/arch/include/elf/mips.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/elf-bfd.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/opcode/mips.h
2:// SPDX-License-Identifier: GPL-1.0-or-later
librz/asm/arch/include/opcode/tricore.h
2:// SPDX-License-Identifier: GPL-1.0-or-later
librz/asm/arch/include/opcode/sparc.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
librz/asm/arch/include/opcode/ppc.h
2:// SPDX-License-Identifier: GPL-1.0-or-later
librz/asm/arch/include/opcode/cris.h
2:// SPDX-License-Identifier: GPL-2.0-or-later
librz/asm/arch/include/opcode/hppa.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
shlr/qnx/include/arch.h
2:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/utils.h
2:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/sigutil.h
2:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/packet.h
2:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/core.h
2:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/libqnxr.h
2:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/gdb_signals.h
2:// SPDX-License-Identifier: GPL-3.0-or-later
shlr/qnx/src/utils.c
3:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/src/sigutil.c
3:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/src/packet.c
3:// SPDX-License-Identifier: GPL-2.0-only
shlr/qnx/include/dsmsgs.h
3:// SPDX-License-Identifier: GPL-2.0-or-later
shlr/qnx/src/core.c
4:// SPDX-License-Identifier: GPL-2.0-only
disable asm.bytes by default
[XX] db/archos/darwin-x64/http rizin remote webserver two
https://github.com/rizinorg/rizin/runs/1391649124#step:15:680
[XX] db/archos/darwin-x64/http rizin remote webserver two
RZ_NOPLUGINS=1 rizin -escr.utf8=0 -escr.color=0 -escr.interactive=0 -N -Qc '& !rz-run timeout=3 daemon=1 system="rizin -e http.root=/404 -e http.port=9292 -c=h -qcq -"
sleep 1
=+ http://127.0.0.1:9292/cmd/
=
=0 ?e hello remote world
' --
-- stdout
@@ -1,2 +1 @@
0 fd:-1 http://127.0.0.1:9292/cmd/
-hello remote world
-- stderr
@@ -2,3 +2,4 @@
Starting http server...
open http://localhost:9292/
rizin -C http://localhost:9292/cmd/
+Error while executing command: =0 ?e hello remote world
Consider to use external library for the web-server
Currently, Rizin implements all features for the Web server by itself, thus prone to more mistakes in handling network protocols, lagging behind SSL/TLS evolution, etc.
I propose to consider to use existing and wide-spread small embeddable C library that implements all of that and is being updated in lockstep with the Web/protocols progress. Ideally, we should find something that is LGPL/MIT/BSD-licensed.
Possible candidates are:
- https://www.gnu.org/software/libmicrohttpd/ (LGPLv2.1+)
- https://github.com/davidmoreno/onion (dual GPLv2+ and Apache)
- https://gitlab.gnome.org/GNOME/libsoup (LGPL2) - though this one kind of heavy
See these files that are to be changed:
librz/core/rtr_http.clibrz/socket/socket_http.clibrz/socket/socket_http_server.c
Note, that we should avoid too many unnecessary dependencies and still be able to build the rizin statically and be sure it works the same under all supported platforms - Linux, Windows, MacOS, *BSD, Haiku, etc.
Speaking of libmicrohttpd it is relatively small:
rizin/misc/libmicrohttpd-0.9.71
[i] ℤ cloc src 12:48:38
253 text files.
238 unique files.
32 files ignored.
github.com/AlDanial/cloc v 1.82 T=0.17 s (1263.8 files/s, 532382.2 lines/s)
-------------------------------------------------------------------------------
Language files blank comment code
-------------------------------------------------------------------------------
C 159 6186 12553 53536
C/C++ Header 54 2570 10394 6377
make 8 221 44 1213
-------------------------------------------------------------------------------
SUM: 221 8977 22991 61126
-------------------------------------------------------------------------------
rizin/misc/libmicrohttpd-0.9.71
[i] ℤ cloc lib . 12:48:42
418 text files.
381 unique files.
120 files ignored.
1 error:
Unable to read: lib
github.com/AlDanial/cloc v 1.82 T=0.34 s (864.2 files/s, 539316.6 lines/s)
-----------------------------------------------------------------------------------
Language files blank comment code
-----------------------------------------------------------------------------------
C 167 6455 12815 54953
Bourne Shell 15 7674 7985 42745
m4 34 1536 483 16484
TeX 1 814 3708 7205
C/C++ Header 55 2625 10451 6435
make 14 255 52 1366
Pascal 7 281 451 996
SVG 1 1 1 112
Windows Resource File 1 2 1 39
PowerShell 1 7 0 31
sed 2 0 0 16
-----------------------------------------------------------------------------------
SUM: 298 19650 35947 130382
-----------------------------------------------------------------------------------
rizin/misc/libmicrohttpd-0.9.71
.(? wrongly parsed by newshell
Work environment
| Questions | Answers |
|---|---|
| OS/arch/bits (mandatory) | any |
| File format of the file you reverse (mandatory) | any |
| Architecture/bits of the file (mandatory) | any |
| rizin -v full output, not truncated (mandatory) | rizin 4.6.0-git 25541 @ linux-x86-64 git.4.4.0-973-ga75b19c18 commit: a75b19c build: 2020-11-04__11:10:26 |
Expected behavior
(commands [0, 0] - [1, 0]
(help_command [0, 0] - [0, 3]
command: (cmd_identifier [0, 0] - [0, 3])))
Actual behavior
(commands [0, 0] - [1, 0]
(arged_command [0, 0] - [0, 3]
command: (cmd_identifier [0, 0] - [0, 2])
args: (macro_call_content [0, 2] - [0, 3]
(args [0, 2] - [0, 3]
(arg [0, 2] - [0, 3]
(arg_identifier [0, 2] - [0, 3]))))))
/tmp/tt 0 ms (MISSING ")" [0, 3] - [0, 3])
Steps to reproduce the behavior
~/rizinorg/rizin/shlr/rizin-shell-parser$ cat /tmp/tt
.(?
~/rizinorg/rizin/shlr/rizin-shell-parser$ ./node_modules/.bin/tree-sitter parse /tmp/tt
Consistency of coding styles
Is your feature request related to a problem? Please describe.
Currently, Rizin has a coding style and a clang format file. But the project is not formatted correctly.
find -name "*.c" -o -name "*.h" | xargs clang-format -i
git diff
And the IC does not check the coding style.
Describe the solution you'd like
find -name "*.c" -o -name "*.h" | xargs clang-format -i
and add a CI check
Describe alternatives you've considered
Change the clang format file to match the current coding style
We need a consistent style and the only solution is automation, because manual review is unreliable.
Additional context
...
Default page of this project now says "anal" many times, as well as git history.
There were a couple commits trying to PC up the potty language in r2. As a result, now a dozen or so files on the default page for this repo show "anal".
Adapt release pipeline to include submodules code in the src tarball
SDB is now a submodule and it is not automatically included in the github-generated tarball.
PE files with function names "section..text"
Description
It is common to see a weird call to section..text in PE because there is a function in the same address.
$ rizin garbage_unpacked.exe
[0x00401473]> pd 1 @ 0x00401198
0x00401198 call section..text
Example: garbage_unpacked.zip
Remove `system` from RzIoPlugins and use RzCorePlugins
Right now there are many plugins that use the RzIoPlugin.system field to handle special commands added when you open a particular file (e.g. io_gdb, io_ptrace, etc.). This has few drawbacks:
- to talk with the IO plugin you have to use a special "mode", see
=! - the IO plugin has to parse the input to deal with arguments and what not, so it cannot take advantage of the rizin parser
- the commands added in this way are limited in what they can do, because they don't have full access to RzCore
I suggest we convert these plugins to RzCorePlugin. The core plugin could register the related IO plugin in the init callback and share a state between the core and the IO plugin. When the IO plugin is used to open a particular file (e.g. gdb:// for io_gdb), it can trigger the code in the Core plugin to add commands through the regular RzCmd interface. When the IO plugin is closed, it can trigger the code in the Core plugin to remove commands through the RzCmd interface. Commands can be implemented in the RzCorePlugin and they can use features provided by the RzIOPlugin layer.
In this way, the IO plugin just deal with regular IO-related operations (open, read, close, seek, etc.) while the core plugin can deal with commands and it can use the full power of rizin commands. This probably requires some PoC of the idea and it should also be well documented because it's probably a common thing.
create a new Readme file
Remove IP (Instruction Pointer) flag pointed to entry point when not in debug mode
- remove
EIPflag that is printed in above the function - remove the highlighting of the first offset
/bin/ls's entry function:
newshell: when details are available for a group, they should be shown/added for all sub-commands
Some commands are very similar (e.g. wv, wv2, wv8, etc.) so it may not have a lot of sense to duplicate all the examples for all subcommands of wv. Instead we may just define a details section at the wv level and "inherit" it in all subcommands (wv1, wv2, wv4, wv8).
- name: wv
summary: Write value of given size
subcommands:
- name: wv
cname: write_value
summary: Write value as 4-bytes/8-bytes based on value
args:
- name: value
type: RZ_CMD_ARG_TYPE_NUM
- name: wv1
cname: write_value1
summary: Write value of 1 byte
args:
- name: value
type: RZ_CMD_ARG_TYPE_NUM
- name: wv2
cname: write_value2
summary: Write value of 2 byte
args:
- name: value
type: RZ_CMD_ARG_TYPE_NUM
- name: wv4
cname: write_value4
summary: Write value of 4 byte
args:
- name: value
type: RZ_CMD_ARG_TYPE_NUM
- name: wv8
cname: write_value8
summary: Write value of 8 byte
args:
- name: value
type: RZ_CMD_ARG_TYPE_NUM
details:
- name: Examples
entries:
- text: wv
arg_str: " 0xdeadbeef"
comment: Write the value 0xdeadbeef at current offset
- text: wv2
arg_str: " 0xdead"
comment: Write the word 0xdead at current offset
- text: wv1
arg_str: " 0xde"
comment: Write the byte 0xde at current offsetAdd higher order functions in rizin shell
As an extension of the classical iterators (see Rizin Book - Loops) it might be interesting to add these higher kinded constructs in rizin scripting language:
- map
- fold
- filter
Since rizin is quite close to the shell, see the example of them in ZSH:
$ filterl 'echo $1|grep a >/dev/null' ab cd ef ada
ab
ada
$ folda '$1+$2' {1..5}
15
$ folda '$1*$2' {1..20}
2432902008176640000
$ mapl 'echo X $1:t Y' ~/.zsh/functional/src/*
X each Y
X filter Y
X fold Y
X map Y
$ mapa '$1*2' {1..3}
2
4
6
$ mapl 'echo result $1' $(mapa '$1+5' $(mapa '$1*2' {1..3}))
result 7
result 9
result 11We can introduce even JSON-focused mapj, foldj, filterj, that operate on the JSON output instead
cc @thestr4ng3r
PLT stub names not being resolved properly
When a function exported by a shared object file is called from within that shared object file, the function name for the stub in the `plt section should be named properly.
Example: in libcurl, the function Curl_getaddrinfo_ex is called from the function Curl_ipv4_resolve_r. That function call should appear as sym.imp.Curl_getaddrinfo_ex.
Actual behavior
Instead of sym.imp.Curl_getaddrinfo_ex, the function is flagged fcn.000074fc. This makes analysis a bit painful.
The address that the plt stub points to is correctly identified as reloc.Curl_getaddrinfo_ex, so the relocation is being correctly ID'd (I've also double-checked with Ghidra).
Steps to reproduce the behavior
Asciinema: https://asciinema.org/a/o4UkBFPskH5rhJZ8lwjuNTKJC
Representative file here: libcurl.zip
Here is a screenshot from ghidra showing the same address (though, interestingly, it's mapped at 0x174fc instead of 0x74fc):
Add a ruler to horizontal histogram output (e.g. `p==`)
Show also the value ranges on the right, like here:
Note, if scr.utf8=true is enabled, the ruler line should use vertical Unicode line character to be continuous. Also there is no need to name the axes. And no need for horizontal ruler, just vertical one.
See:
- librz/cons/histogram.c
Document how to update or remove the installation of Rizin
Is your feature request related to a problem? Please describe.
Updating Rizin, and removing the installation, are two processes that are missing from README, BUILDING.md and rizin book.
Describe the solution you'd like
- Document how to update Rizin
- Document how to uninstall Rizin
It will be good to have in README.md, BUILDING.md and rizin book.
For example, to update radare2 one had to use ./sys/install.sh.
Remove pdc
Remove pdc, since it's awful and useless. we have external plugins for a reason.
Save linked files into the project database.
Currently Rizin can attach the "link" to the text file (or any kind of file) using command CC,.
I suggest to have the option prj.links = true to be able to save them together with the serialized metainformation inside the .rzdb file.
[0x00006b60]> CC, qwe.txt
[0x00006b60]> pd 4
;-- entry0:
;-- rip:
0x00006b60 f30f1efa endbr64 ; ,(qwe.txt)
0x00006b64 31ed xor ebp, ebp
0x00006b66 4989d1 mov r9, rdx
0x00006b69 5e pop rsi
[0x00006b60]> CC,
/home/user/qwe.txt
Tons of flags are shown at offset 0x00
$ rizin /bin/ls
[0x00000000]> s 0
[0x00000000]> pd 1
;-- section.:
;-- section..comment:
;-- section..shstrtab:
;-- segment.LOAD0:
;-- segment.GNU_STACK:
;-- segment.ehdr:
;-- __ctype_toupper_loc:
;-- getenv:
;-- cap_to_text:
;-- sigprocmask:
;-- __snprintf_chk:
;-- raise:
;-- free:
;-- abort:
;-- __errno_location:
;-- strncmp:
;-- _ITM_deregisterTMCloneTable:
;-- localtime_r:
;-- _exit:
;-- strcpy:
;-- __fpending:
;-- isatty:
;-- sigaction:
;-- iswcntrl:
;-- wcswidth:
;-- localeconv:
;-- mbstowcs:
;-- readlink:
;-- clock_gettime:
;-- setenv:
;-- textdomain:
;-- fclose:
;-- opendir:
;-- getpwuid:
;-- bindtextdomain:
;-- dcgettext:
;-- __ctype_get_mb_cur_max:
;-- strlen:
;-- __lxstat:
;-- __stack_chk_fail:
;-- getopt_long:
;-- mbrtowc:
;-- strchr:
;-- getgrgid:
;-- __fxstatat:
;-- snprintf:
;-- __overflow:
;-- strrchr:
;-- gmtime_r:
;-- lseek:
;-- __assert_fail:
;-- __strtoul_internal:
;-- fnmatch:
;-- memset:
;-- ioctl:
;-- getcwd:
;-- strspn:
;-- closedir:
;-- __libc_start_main:
;-- memcmp:
;-- _setjmp:
;-- fputs_unlocked:
;-- calloc:
;-- strcmp:
;-- signal:
;-- dirfd:
;-- fputc_unlocked:
;-- getpwnam:
;-- __memcpy_chk:
;-- syscall:
;-- sigemptyset:
;-- __gmon_start__:
;-- memcpy:
;-- getgrnam:
;-- tzset:
;-- fileno:
;-- tcgetpgrp:
;-- __xstat:
;-- readdir:
;-- wcwidth:
;-- malloc:
;-- fflush:
;-- nl_langinfo:
;-- strcoll:
;-- mktime:
;-- __freading:
;-- fwrite_unlocked:
;-- realloc:
;-- stpncpy:
;-- setlocale:
;-- __printf_chk:
;-- statx:
;-- timegm:
;-- strftime:
;-- mempcpy:
;-- memmove:
;-- error:
;-- fseeko:
;-- cap_get_file:
;-- unsetenv:
;-- cap_free:
;-- wcstombs:
;-- getxattr:
;-- gethostname:
;-- sigismember:
;-- exit:
;-- fwrite:
;-- __fprintf_chk:
;-- _ITM_registerTMCloneTable:
;-- fflush_unlocked:
;-- mbsinit:
;-- iswprint:
;-- __cxa_finalize:
;-- sigaddset:
;-- __ctype_tolower_loc:
;-- __ctype_b_loc:
;-- __sprintf_chk:
;-- rax:
;-- rbx:
;-- rcx:
;-- rdx:
;-- rsi:
;-- rdi:
;-- r8:
;-- r9:
;-- r10:
;-- r11:
;-- r12:
;-- r13:
;-- r14:
;-- r15:
;-- rflags:
0x00000000 7f45 jg 0x47 ; [26] ---- section size 247 named .shstrtab
Make sure to use the x64 Command Prompt for Visual studio
The GitHub CI that builds windows uses the x32 command prompt and it generates 32bit binaries. This issue is to make sure we use the x64 environment and we generate 64 bit binaries.
Is a rizin installation side by side possible with radare2?
I want to package rizin for gentoo. Before installing rizin, do I have to uninstall radare2 first or they are separate installations?
Automatically use RPATH when not installing in /usr prefix
Is your feature request related to a problem? Please describe.
People seems to have problems with the installation of the tool, because by default /usr/local prefix is used on most systems and that is not always included in the LD_LIBRARY_PATH nor in /etc/ld.so.conf. Moreover, libraries are installed in slightly different path based on the system (e.g. ubuntu uses /usr/local/lib/x86-64-linux-gnu, while fedora and others just use /usr/local/lib).
Describe the solution you'd like
Detect when rizin is installed in prefixes that are not in LD_LIBRARY_PATH nor in /etc/ld.so.conf(.d) and automatically enable the -Dlocal option, so that RPATHs are used and the binary is linked to the installed libraries.
Describe alternatives you've considered
There is already the alternative, which is explaining things in the documentation, but it is probably better to provide a default install that works for people, to make it easier for everyone.
Additional context
See https://github.com/libvirt/libvirt/blob/master/meson.build#L148
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.