Releases: radareorg/radare2
5.9.6
Release Notes
Version: 5.9.6
Previous: 5.9.4
Commits: 311
Contributors: 27
curl -Ls https://github.com/radareorg/radare2/releases/download/5.9.6/radare2-5.9.6.tar.xz | tar xJv
radare2-5.9.6/sys/install.sh
Highlights
More details
Authors
3393304070 Abhi Adam Satko Azox Chédotal Julien Dennis Goodlett Dennis Goodlett John Sebastian Peterson Juho Kuisma Juho Kuisma Keegan Saunders Lzu Tao Marcel Alexandru Nitan Ole André Vadla Ravnås Pau RE Sarveshwaar SS Sylvain Pelissier Valentin Obst Valentin Obst astralia condret kcdq maliByatzes pancake pancake satk0 satk0
Changes
Analysis
- Fix #21171 - Infinite loop with -e anal.slow=false workaround
- Support fixed x27 as global pointer reference on Dart binaries
- Fix some arm64 instruction types and LOADs not LEAs for arm64
- Fix memory direction and permissions detection in xref
- Support for jump table constructions for arm64 (Swift binaries)
- Fix invalid esil for add+shift on arm64
- Fix #23286 - Add ESIL translation for the MIPS movn instruction
- Fix ESIL for TST and AND v850 instructions
- Expose imm value on ADD/SUB arm64 instructions
- Implement ESIL and reg details for BRAA instructions on arm64
- Default jumptable word size is 32bit if not defined
- Fill the op.val for stm8 ref analysis
- Fix for xrefs permission indicator: -w- r--
- Use flags check esil references on flags in 'aae'
Architecture Support
- Assembler support for m68k
- Fix more x86 assembler instructions
- Added new Dalvik disassembler contribution by Keegan from NowSecure
- Capstone6 support: PowerPC, MIPS, ARM64
- Better TriCore support: fix control-flow-graph, calling conventions, asm.cpu, opex, pseudodisasm support, basic ESIL, and fixed register profile
- Handle asm.syntax=regnum for the arm.cs plugin
- Expose asm.cpu options for bpf, not just depend on asm.bits
- Generic pseudo disasm for non-supported archs
- Fix stm8 pseudo return
- Improvements for the tricore, arm, stm8 and x86 pseudo
- Colorize more stdint types in the ~:)) operator
- Check if value for rasm2 -c asm.cpu is valid and warn the user
- Make rasm2 flags more coherent (-s,-S,-o,-O)
- Fix .ascii and .asciiz directives for rasm2
Binary file formats
- Fix resizing ELF sections
- Detect Dart ELFs
- Fix duplicated and large swift symbol demangling issues
- Clarify bin.demangle.libs -> bin.demangle.pfxlib
- Speedup macho parser by reducing repetitive calls to RConfig.get
- Move lua bin parser, remove globals and refactor its code
- Detect VisionOS binaries
- Better bin.str.(min/max) defaults
Shell
- Replace ia with iA, deprecated 'ia'
- Add help for $?, ?$?, -, ' and improve other command helps
- Enforce valid value for asm.offset.relto
- Handle ^C in agf and afr
- Add -A and -H commands
- Replace "" with ' in more * subcommands, wip deprecation for safetiness
- Fix .! multiline quoted scripts with the shouting dot
- Add 'test' command with -s, -f, -x and -d flags
- Accept '@ expressions that dont start with '0x'
- Use RCore.returnInvalidCommand in many commands for better error handling
- Add @@f (alias for @@c:afla) inverse recursive function list
- Add f-0x f-? and other flag removal missing commands
- Improved syntax error handling on tmpseek expressions
Build
- Fixes for the webassembly builds for the Frida-trace UI
- Fix preconfigure.bat setuptools installation
- Install setuptools if needed in preconfigure.bat
- Undevilize preconfigure.bat and add MSBuild 2022 Community support
- Use the latest capstone 5.0.3
Crypto
- New commands poE and poD
- Add type definition for CCCrypt import for ios-arm64
- Add new command to print signature of a block
- Refactor listing crypto algorithms into a single function
- Fix rahash2 -B behavior
- Fix more bugs in /ck tire
- Fix oobread in /ck for search/tire
- Add CRC search to magic
- Add ed25519 private key search
Charset
- Add space character ascii.sdb.txt
- Support no string decoding/filtering in disasm, needed for chinese string references
Console
- Also export scr.color via R2_COLOR env var
- Horziontal scrolling with control+wheel i graph and visual modes
- Emit span instead of font in the scr.html filter
- Add scr.css and scr.css.prefix used in 'ecc' for now
- New dark theme: gruvbox
- Fix eco* and refactor theme loading logic
Debugger
- Use hwbp by default on mac-x64 (m1 fails)
- Fix xmm?[hl] (dbg_drt test) for Linux x64
- Add xmm registers for the FreeBSD debugger
- Added registers st0 to st7, mm0 to mm7 while debugging under FreeBSD
- Fix #23357 - Add missing flag registers for the freebsd profile
- Fix bug when calling dr8 in the debug.io
- Fix #23298 - Breakpoints recoil not working on FreeBSD
Disassembly
- Use sumarized variable listing by default (asm.var.summary=4)
- Support tail addresses in pdua..
- Implement the ano command to manage function annotations
- Fix #23273 - Honor scr.strconv in emustr, fncarg and add tests
- Fix #23012 - Make pduoj json consistent with pdj
- Improved function argument emulation listing
IO
- Fix #23405 - Implement multibyte binary write support in the 'pb' command
- Fix wb single byte write behavior
- Add io.mapinc config variable
- Fix #23313 - aeim stack locate
- Fix #23313 - overlapping maps after aeim
- Improve and document pfb bitfield printing in C, ascii art, oneliner
- Handle multiline comments in pdsf
- Display strings with 'ps' until first non-printable character instead of escaping
Projects
- Make -p/-P available from the r2 shell and better subcommand handling
- Honor absolute and relative paths in Pze
- Add scr.prompt.prj to show project name
- Save and restore annotations
r2pm
- Honor user env variables, Use git clone depth=1
- Fix radareorg/radare2-pm#164 - Verboser database/package upgrade r2pm -U / r2pm -UU
- Remove r2pm -HH, use r2pm -H (without argument), same as r2 and in sync with doc
Search
- Add /V value range support in rafind2
- Honor quiet mode to not set noisy flags in /azs
- Implement /xn command to search for repeated patterns
- Implement the /xv[s] value array search command
- Find longer computed strings with /az
- Add comments (to replace flags) for asm strings
- Implement /azj and add a test
Types
- Fix null format when displaying unknown argument types
- Ignore "signed " prefixed types. signed is the default
- Add missing setuid/setgid signature type definition
Visual
- Better visual xrefs layout
- Fix some emulated reference hints
- Show function name when scrolling inside the function
- Fix the q; function signature bug in Vdf
Other
- Sync $R2_FILE with 'o.' output
- Add -e cmd.exit to run commands before leaving
- Fix log level details in r2pipe output
- Add script to symbolicate iOS kernels using IPSW
- Update lang.qjs and use quickjs-ng instead
- Update the /m and /t webuis
- Initial implementation of the http sessions
- Deprecate the IS_DIGIT/IS_UPPER/IS_LOWER, we have posix
- Initial pavement for RCorePriv opaque struct
Security
- Fix segfault in hex2bin when length is zero
- Fix assert in some title-less graphs
- Fix null deref in poS
- Fix timeout bug in r2r when fd is closed
- Fix double free in lua bin parser
- Fix /cp segfault on missing key
- Fix invalid free in 'icc'
- Fix a 1 byte overflow in r2cmd and improve logic checks
- Fix another assert in the tricore.cs because of capstone bugs
- Fix null deref bug in the swift demangler
- Dont shift left signed types as reported in bug8 from #23278
- Fix large left shift in buf.sleb as reported in bug7 from #23278
- Fix another left shift UB in uleb aka bug5 from #23278
- Fix addition overflow in ELF relocs as reported in #23278 (bug4)
- Fix large left int shift in TE as reported in #23278
- Fix multiplication overflow in PE as reported in #23278
- Fix UB in uleb128 left shift reported in #23278
- Fix #23277 - invalid allocation on verdef struct for ELF
- Sometimes functions end up asserting with empty names
- Fix assert in the omni command
- Fix segfault when deallocating arch plugins
- Fix null deref in Lcj
- Fix command injection bug in search hit bug exposed by bad asm string
- Fix memory leak in RLangSession.fini
- Implement ahb*, use more single quote, fix codeinj vuln and more
5.9.4
Release Notes
Version: 5.9.4
Previous: 5.9.2
Commits: 276
Contributors: 18
curl -Ls https://github.com/radareorg/radare2/releases/download/5.9.4/radare2-5.9.4.tar.xz | tar xJv
radare2-5.9.4/sys/install.sh
Highlights
More details
Authors
Adel Brandon Lin Claudio Jeker Enno T. Boland Francesco Tamagni Lars Haukli Richard Patel Sylvain Pelissier Xavi Artigas astralia aviciano condret ffg53 meme pancake pancake satk0 shurizzle
Changes
analysis
- Ignore NEVER bit in branch instructions on SPARC
- Fix SPARC call instruction branches
- Expose mem delta on store variables
- Improved default function names
- Add anal.flagends to stop a functions when flags are found
- Fix aac on rebased files
- Fix aae behaviour on invalid instructions
- Optimize RAnalOp.setBytes with extra sauce for NEWABI
- Fix help for 'abt?'
- Honor codealign in nopskiHonor codealign in nopskip
- Reuse R_PERM in RAnalVarAccess.type instead of custom enum
- Make anal.vinfun false by default
- Show jmptbl bb cases in
ab
output (not just for abj) - Initial support for MIPS jump tables (anal.jmp.tbl)
- Fix missing arm reference regression in aaaa
- Early stop with breakoninvalid reducing warning logs in 'aaaa'
- More type fixes
- Add more types from posix
- Fix missing entries in the afla matching with aflq
- Add anal.emu to run aaef in aaa and aef in af, for now optional
- Implement missing but documented abi and refactor ab/ap
- Only use anal hints in aac on arm 16/32
- Dont list vars in afij output
- Fix bb outputs computation in afij
- Fix #22995 - Dont list vars in afi, we have afv for this
- Register strtonum function type
- Improvements in aaa output and initial work towards twice afva checks
- The sixref command shouldnt change current seek
- Add op-count / bb-ratio info in afi/afij
api
- Implement r_base32 APIs for my future self
arch
- Initial support for the UXN machine
- Fix few instruction type issues for mips.gnu
- Expose missing cpus list in the ARM plugin
- Add support for sfence.vma instruction for riscv
- Missing read callbacks are now debug messages
bin
- Make dynsym and hash sections wordable
- Implement RBin.attr(str2bits)
- Implement RBinPlugin Commands in the new abi via i:
- Return earlier when bin.classes is false
- Use callAt instead of cmdAt for section formats
- Fix #23064 - Implemented iclc command
- Fix parsing dmp binaries on big endian systems
- Fix incorrect parsing of MZ headers in big-endian machines
- Tweak the custom swift demangler and fix tests
- Fix Objective-C classes Swift demangling
- Fix #23110 - Improve the swift demangler to handle more constructions
- Create sections for dyldcache stub islands
- Set dyldcache entry point to the first map
- Run the native swift demangler tests on darwin-x64 too
- Initial support for RBin->RIO redirections
- Early stop on corrupted macho method storage
- Early catch some missbehaves in the macho class parsing
- Fix iej/ilj on ob* and remove ieee (use ie;iee instead)
- Fix the symbol parsing in Plan9
- Add dir.sourcebase newabi + faster bin.dbginfo on macOS
- Fix RABIN2_SWIFTLIB and add tests from r2 and rabin2
- Fix dyldcache deps carving logic
- Make Mach-O size ut64
- Bring back the ig command to guess binary size
- Support resizing the BSS section with rabin2 -O
- Fix hash limit and fix segment hashing iSS
- Fix section hashing and clarify help
- Reduce memory dereferences in the macho parser and more cleanups
- More cleanups on the objc parser, with minor optimizations
- Minor optimizations in the ObjC demangler
build
- Also compile for WASI reactor
- Fix cwisstable on ppc-le
ci
- Muon build fixes
- Get rid of the deprecated macos-11 github targets
cons
- Reimplement internal cfg.editor line editor
- Few fixes for the line editor
- Highlight code modifier ~:))
- Support multiline RCons.message()
- Fix scr.html in pdc
core
- Avoid over-unsetting fixed arch / bits
- Add anal.fixed.* (move anal.gpfixed and add arch/bits ones)
- Don't ask sections if fixed arch / bits set
- Show io and core plugin version in the json listing
- Honor log callback return value on custom callback calls
crash
- Fix null deref in
r2 -d l
- Fix huge allocation when casting int to ut64
- Fix a recently introduced uaf in pdc
- Fix null deref in dbtj
- Fix null deref when running iS without any binobject loaded
- Fix stack overflow in strings search
- Fix infinite loop in the afla command spawned by a^5
- Fix #22972 - deadlock in :: fixed by handling ^C
- Each RLogCallback have its own user pointer
- Fix #22969 - segfault when running
axt@j>$f
crypto
- Expose the ELF hash algorithm in
rahash2 -a elf
- Initial support for Ed25519 signatures
debug
- Adjust OpenBSD code to set the process state to be less wrong
- Fix drr - register periscoping on arm-thumb
- Better output for dL command
- Fix infinite loops in the heap parser and fix 2 broken tests
- Initial support for native debugger on Linux/s390x
- Fix the double-increment in the debug traces, avoid double tracing
- Add missing rv64 case for the native debugger
decompilation
- Initial support for stm8 pseudo
decompiler
- Pseudo for arm64 replacing xzr with zero
- Fix unmatching brace in pdc output
- Add few missing arm64 fpu instructions for pseudo
- Minor fixes for the x86 pseudo parsing
- Remove empty lines and onelinify the comments in pdc
- Better syntax for conditionals and switch/case constructions
- Implement pseudo for arm64 br and ldruh
- One more orphaned basic block in pdc
- bhi and ldrsw for arm64.pseudo
-
- More refined goto statements in pdc and add and colorize missing returns
diff
- Check and early fail if symbol existance in radiff2-g
disasm
- Improve sparc.cs disasm replacing +- with -
- Add test and fix for the arm64 varsub issue
- Fix asm.emu derefenced word issue on big endian
- Fix improper display of IPv4 addresses in big-endian machines
- Store operations also deserve a place for asm.emu
- Honor cfg.json.num in pdbj
- Implement madd/msub/mneg support for arm64.pseudo
- Replace wzr with 0 in the arm.pseudo
- Fix asm.pseudo for arm64's movk
- Display instruction addresses on each switch blocks in pdco
- Initial support for small integer (SMI) anal hints in disasm (ahi)
- Add support for pascal strings meta type Csp
- Honor kernel crash hints in hexpairs for rasm2 -D
doc
- Add info about single module recompilation
emulation
- Use codeAlign instead of dataAlign for thumb stepping
endian
- Fix mdmp list sz
esil
- Fix dbg.trace behaviour with emulation
fs
- Build fs.squashfs with the make build system too
graph
- Remove non-id code from the gml graph output
help
- Fix afv help to make it accessible through tghe af?*
io
- Fix io.cache
- Add :iF command to dsc
- Initial support for the UF2 file format
- Improve :iP command usability in dsc
- Refactor the io/oi commands and fix io behaviour
- Add iP command to dsc to get authenticated pointer info
- Fix dsc subcache format detection
- Dont seek from the server side rap
json
- Improve the smile operator code tokenizer ~:)
- Use RCorePJ if possible instead of PJ
lang
- Support base64 encoded r2js scripts
- Python goes before Python2 in the rlang plugin now
- Fix TS usage by making the exports object point to globals
- Add R2_PAPI_SCRIPT env var for custom r2papi testing
panels
- Add manpage submenus under the Help
- Implement menu separators, project and analysis options
- Better key hints visualization
- Better key hints in for menu, tabs and title selected panel
- Honor hex.cols in pxb bitdump view
- Add phl/phL as an alias for Lh and update help
projects
- Implement prj.history to save/load the per-project command history
qjs
- Fix loading some r2frida-compiled scripts
r2js
- Fallback the default r2papi when not loaded from disk
- Update r2papi from git, use src from /tmp instead of npm
- Add Visual Studio "map" file parser script
r2pipe
- Add missing command to r2
?
- Fix r2pipe2 json format not being trimmed
- Add r2.cmd2[j] APIs for r2js
r2pm
- Do not check for updates when r2pm -r, -h and -H
ragg
- Fix ragg2 foo.c on macOS
refactor
- Replace other r_return_* uses and update DEVELOPERS.md
- Deprecate r_str_new and R_STR_DUP
scripts
- Add an r2js script to import il2cpp metadata
search
- Fix ^C in /ac
- Show offset of the truncated large strings
- Fix #22974 - minimum blocksize to reduce missing matches in /ad
- Reduce false positive on "java source" magic
- Add a magic file for flutter magics
- /ad supports glob matching now
shell
- Fix 'r2pm -r false' because
exit(system("false"))
is a lie - !! for session history, !. for history save
- Fix move cursor right with arrow keys issue in dietline
- Support '0x, not just '@0x and improve "'?'" help
- Add -D as an alias for iD
- Improve the multiline comment user experience
- Better parsing for the "join" command
- Fix 'rm $foo' and '$foo+=N'
- Improve argument parsing logic for 'tail'
- Fix the tail syscmd
- Rename ib as ooi
- Hono...
5.9.2
Release Notes
Version: 5.9.2
Previous: 5.9.0
Commits: 237
Contributors: 15
curl -Ls https://github.com/radareorg/radare2/releases/download/5.9.2/radare2-5.9.2.tar.xz | tar xJv
radare2-5.9.2/sys/install.sh
Highlights
More details
Authors
3B85A591 Jules Maselbas Kenny Shen Mewt R MewtR Mikael Berthe Richard Patel Roshanlal Sevan Janiyan Sylvain Pelissier astralia condret kyufie pancake pancake
Changes
abi
- Initial implementation of RBuffer.cache
- Add a --with-new-abi, use_new_abi meson option and a CI job
analysis
- Fix #22947 - afbij now returns an array
- Fix #22939 - ub shifts on sixref
- VAX maxinstrsize is 56, assume 64 bytes as maximum valid size
- Dont do aav via aaa on dalvik/java/python
- Fix invalid instructions on mips not recognized as invalid
- SWIs can define branches too
- Honor the optype to fill the opjump field
- Consider that software interrupt sometimes branch
- Honor maxopsz and minopsz in aae, speeding up emulation a little
- Reduce fp, do not run aav when minaddr is zero
- Suggest -B when finding invalid icod refs
- Speedup
ao
by blocksize orders of magnitude - Catch invalid references earlier
- Fix type confussion bug side effecting arm64 on BE
- Add test for ARM-style jmptbl analysis
- Fix jmptable analysis on ARM
- 0707 is used as padding for the s390 compiler
- Add few function preludes for s390x - aap
arch
- Implement R_ARCH_INFO_ISVM
- Implement archinfo callback for Dalvik
- Initial support for stm8
- Add nor in the RAnalOp.toString()
- Provide proper archinfo details for xtensa
- Add missing =BP in the ppc regprofile
- Define aop.type for more s390 instructions
- Fix destination address for the brasil s390 instruction
asm
- Add a bunch of tests (ARM)
- Add support for writeback on indexed ldst (ARM)
- Fix mvn (ARM)
- Fix for register-operand shifts (ARM)
bin
- Handle another double string case for the lowerdash swift mangling
- Handle more Swift demangler tail attributes
- Improve osabi detection for android
- Handle deinit/dealloc swift mangling attributes
- Implement conformsToProtocol mangling logic for Swift
- Support the 'O' element in the swift demangler
- Improved stripped mach0 detection logic
- Do not parse beyond the end of the ELF dynplt section
- RBinFile.setCurBinFile() accepts null now
- Separate the arm vs arm64 reloc import logic
- Fix #22865 - Autodetect thumb main on arm16 elf binaries
- Fix #22804 - Implement a couple of relocs for ppc64
- Fix macho strip checks and add more tests
- Honor bin.filter on vectored symbols
- Use RBuffer.cache for mach0 swizzling
- Experiment with ir* providing reloc write scripts
- Show utf8-blocks details as a separate column in strings listing
- Handle R_390_GLOB_DAT R_390_RELATIVE relocs for ELF/S390
- Load imports on ELF/s390 from the GOT section
build
- Fix git breaking the terminal
- Now sys/user.sh uses rpath and xdg prefix
- Honor NOSUDO and --prefix in sys/install.sh
- Honor --without-syscapstone in pkgconfig even when capstone is found
- Add user-purge target to rimraf user's r2 directories
- Update Windows's preconfigure.bat to autodetect host arch
- Move sys/osx-pkg into dist/macos/pkg
- Fix compilation on native linux-powerpc
- Guard off parts which do no apply to Darwin/PowerPC
- Add rabin2, radiff2 ragg2 and rahash2 to the wapm
ci
- Keep Ubuntu20, disable ASLR to workaround a racy asan bug caused by a kernel change
- Upgrade to ubuntu22 for the fuzz jobs
- Bring back the abidiff into the CI pipeline
cons
- Remove cursor move on Ctrl-l
- Add support for arrow keys on some terminals
core
- Remove the RCconfig(arch.arch) option
crash
- Fix some vulns spotted in the swift demangler
- Fix possible strlen (NULL) and reduce few dereferences in RConsGrep
- Fix two format strings receiving less arguments
- Fix #22932 - null deref in b64:
- Fix null deref in Vbc
- Fix null deref in CL when no binfile is loaded
- Fix oobread and oobwrite caused by an intovf in coff
- Fix #22808 - null deref in r2 -a riscv -c "/ad li a7, 227" clue
- Fix oobreads on fmt of RStr.scanf
- Fix for the infinite loop on windows RCore.fileOpen
- Fix invalid free in 'afl'
debug
- Fix segfault in 'drf' command
- Fix #22831 - Proper baddr on the FreeBSD debugger
- Add ^be|^le|^me rule in reg profiles to support little, big and middle endianness
- Specify endianness in the RReg instance
- Fix RReg endian bug, fixes debugger in s390 and ppc at least
- Fix unaligned ptrace reads - spotted on s390
diff
- Add
wcd
command for patch diffing instruction and sortwc?
lines
disasm
- Don't show zero values as comments
- Fix aii package imports trick when scr.color
- Do not slurp absolute path sources on Apple
- Fix regression in asm.trace.times
- Handle 32 and 64 bit big endian data references (Vdrr1)
- Add asm.bytes.ascii to display instruction bytecodes as text
- Implement soft esil pins, only executed in the disasm loop
endian
- Fix #22933 - fix endian for c4 comparison
- Fix ahi i for .ipaddr casting instruction arguments in BE
- Fix mips.gnu on BE host
- Fix sparc disassembler for big endian hosts
- Fix reading segment count for ELF
- Fix endian bugs in the tcc enum parser
- Big endian RISC-V dis fix
- Big endian AVR encode fix
- Big endian fix for FLIRT
- Big endian fix for ESIL pokes
esil
- Dont use $$ in xtensa
fun
- Add some fun fortunes from GLaDOS//portal
globals
- Remove all globals from search
- Remove one global from the the esil emulation loop
graph
- Hide asm.dwarf.file in the summary graph
help
- Improve /?* and /ad/? helps with 20 more lines
lang
- Initial support for Dart in rlang via system
- Initial support for RParse r2js plugins
port
- Fix pic_pic18 endian bug
- Fix bpf.mr endian
- Fix ebc_disas endian bugs
- Fix pfb and RBitmap in big endian
- Implement pdsfs command for strings-only listings
- Implement pdsfj - as the json output for pdsf
- Use proper color palette for prcn/prcb
- Nibble colordump under prcn/prcb. Idea by Patrick Hurd
- Add EBCDIC-ascii table for the new abi via ?ae
projects
- Add -P command in the shell and error code on project load
r2js
- Initial import of the tags.r2.js script (CTAGS support)
r2pm
- Honor R_SYS_DIRSEP in r2pm env var settings for Windows
ragg2
- Fix #22859 - saving returns w/ immediate string in args + tests
refactor
- Fix some memory leak issues in libr/core/cbin.c flagged by coverity
- Replace RaxActions enum with a struct
- Fixing some coverity issues in libr/core/panels.c
scripts
- Add unzip script example
search
- Make search.verbose=false
shell
- iX -> idx, also refactor some i? lines on subcommand helps
- Fix i subcommand help messages
- Fix o
- Show ledec+bedec instruction decoding results from
?
- mal: manpage listing, markdown renderer, doc/ via man
- Add -k command that mimics r2 -k
- Show 'newabi' in r2 -v
- Show ASAN in -v options when compiling via
gcc
- Add help for the afii command
- Fix command macro parsing and calling and add another test
- Register command calls in the history logs
- Fix ftw flag tags, broken after the RStr.glob refactoring
test
- Fix concurrency issue (improves 71f57c6)
- Fix concurrency issue
tools
- Rename rax2 -L to rax2 -X
- Rename rax2 -I to rax2 -i
- Rename rax2 -B to rax2 -z
- Rename rax2 -l to rax2 -Z
- Rename rax2 -X to rax2 -H
- Rename rax2 -i to rax2 -C
- Rename rax2 = to -b
- Rename rax2 -b to rax2 -l
visual
- Fix VA Visual Assembler in debug mode when io.va is false
- Support live hexpairs input in the visual assembler
webui
- Fix #22818 - Add more mimetypes and avoid (null) from the webserver
zignatures
- Fix #22894 - Add z, to print zignatures in table format
- Implement 'z[j*] ' to show only 1 zignature
5.9.0 - Codename "Hyperborean"
Release Notes
Version: 5.9.0
Previous: 5.8.8
Commits: 1316
Contributors: 65
curl -Ls https://github.com/radareorg/radare2/releases/download/5.9.0/radare2-5.9.0.tar.xz | tar xJv
radare2-5.9.0/sys/install.sh
Highlights
More details
Authors
ApkUnpacker Armin Weihbold Armin Weihbold Azox Begasus Chiller Dragon Dennis Goodlett Dennis Goodlett Dirk Eibach Dāvis Mosāns Erik Griese Francesco Tamagni François Revol GravisZro Hertatijanto Hartono Kacper Słomiński Lars Haukli Lazula Luc Tielen Luc Tielen Luc Tielen Madghostek Mewt R MewtR Michael Ortmann Murphy Nathan Nikolaos Chatzikonstantinou Omvpatil Pau RE Pikachu Rami ReWithMe Richard Patel RoboSchmied Sergi Àlvarez i Capilla Sylvain Pelissier Sándor Oroszi Tony O Tronciu Vlad Vasilyy Yiheng Cao Yuvraj Saxena aemmitt-ns ashamedbit astralia condret dvertx gogolovefish junchao-loongson kyufie lasek0 meme micronn neo-one0873 overmyerD pancake pancake phix33 ripatel-fd solid-snail syheliel toni yep zengwei2000
Changes
abi
- Use RPluginMeta in RCryptoPlugin
- Use RPluginMeta in RFS
- Remove dead code
- Initial deprecation of the current RAnalPlugin
- Refactor show flags into single showMode bitset
- Change return type for r_bin_dwarf_parse_aranges
- Update signature of patch_relocs callback
- Make r_cons_grep_expression public, rm r_cons_grep_process
- Rename r_str_next_split -> r_str_tok_next; make public
- Remove grep for 570 (all fixed), update older R2_580 to 590
- Rename REsil.address -> .addr for consistency
- Remove several R2_590 ifdefs
- RArch now depends on REsil
- Use RPluginMeta in RArchPlugin
anal
- Fix #22552 - Fix variable access direction for arm64 store instruction
- Fix aac bug caused by anal.in on binaries with sections
- Add anfl command and anal.slow to bring back the old autoname functionality
- Improve sigdb file format detection
- Run .afna@@c:afla in aaaaa
- Implement
afba
like afla but for basic blocks - Implement afla command to list function in the inverse call dependency order
- Parse len argument in aaex
- Initial support for xref sizes
- Use base64 in "ax," and also show ref size column
- Implement axt, - for table listing xrefs
- Implement axtf - list function xrefs
- Improve aan/afna/afns add json and use emulation
- Permit partial block reads on analsearch loops
- Remove noisy log message in aap
- Add scr.analbar config var to have progressbar without scr.demo
- Fix
ap
command using real fcn prelude info from arch plugin - Implement
aax
command to make a function on each CALL xref - Implement aaex command, like aae, but does not analyze any function
- Fix /rc, document argument handling and add test
- Improve JSON output for the afsvj command
- Implement
afsvj
command - Implement
afs-
to delete a function signature - Implement r_anal_function_del_signature
- Consider null bytes as invalid instructions too
- Support 'aaa' in frida:// targets
- Initial backtrace API and commands (abt)
- Another improvement for
aaaa
- Take invalid instructions in consideration for the bitfield decoding
- Implement aobv command for visual instruction decoding
- Show function colors in afl
- Plant the seed for the tlocal bool in RAnalOp
- Fix warning in aar when checking icod refs on unallocated memory
- Implement CL+ and CLf, show info in afi/afij
- Dont fall into calls surrounded by traps
- Better (more verbose) output for
aaaaa
- Add Cb - bind metadata type to draw reflines for data pointers
- Add progressbar in 'aaa' when scr.demo is set
- Show bb->esil in
ab
andabj
- Add 'afbd' to emulate bb regstates in the correct order
- Add RAnalBlock.esil and abe command to manipulate it
- Initial support for D calling convention
- Add r_anal_function_get_graph
- Add two missing log lines for aaa
- Implement more swapped conditionals support in type propagation
- Refactor aaft to use less allocations for buffer
- Sort blocks only once in aaft
- Reuse more allocated memory during aaft
- Add test for a bug spotted in the aac command
- Cleanup rebasing refs during oo
- Add r_anal_xrefs_has_xrefs_at function
- Remove duplicate xrefs delete function
- R_API function to count xrefs at a specific address
- Cleanup xrefs code
- Optimize xrefs using swisstable
- Reimplement the a2f core plugin into an analysis one
- Analyze methods after parsing the C++ vtables
- Fix #22100 - Dont compute disp refs when ptr is set
- Honor anal.jmp.ref in aar
- Compute depth and save it in the bb
- Save a bit of memory in xrefs implementation
- Fix timeout and move possible slow test
- Skipping empty blocks is now a warning
- Show color field in the afbj output
- Accept asm.bits=16/asm.os=android for syscalls + tests
- Reduce false positives when scanning for syscalls on thumb code
- Honor codealign, speedup syscall search emulation
- Add anal.imports to analyze them early in aa
- Honor RArchInfo.codealign in aar
- Honor 'rsym.' flag prefix
- Implement the abc- command to unset a bb color
- Minor optimization in r_anal_block_op_starts_at
- Use r_anal_ref_typemask() to sanitize xref types and update tests
- Add and use the new Indirect Code XREF type to improve code coverage
- Add the new r_anal_data_type() for better data type detection
- Smol ref->type masked improvements
- Add more function preludes for arm32
- Fix some missing xrefs in /re $$
- Handle 'asm.os=android' syscall as an alias for 'linux'
- More verbose and clearer output for abl
- Add RAnalFunction.traceCoverage() api and info in afi/afl/abi/..
- Minor bugfix/improvement when ninstr == 0
- Dont show function diff info when not diffing
- Don't add more instructions than the ones we can handle in the basic blocks
- Faster RAnal.bbTrace()
- Add afix subcommand to list function info + xrefs
- Add all-xrefs listings in 'afi' and 'afij'
- Optimize: reg 32 <-> 64 conversion iterates over gpr only
- Optimize anal.roregs
- anal.gp also sets the reg value
- Do not accept invalid xrefs (-1 <-> -1)
- anal.strings does not disable bin.strings
- RAnalValue no longer refs an RRegItem
analysis
- Fix #22552 - Fix variable access direction for arm64 store instruction
- Fix aac bug caused by anal.in on binaries with sections
- Add anfl command and anal.slow to bring back the old autoname functionality
- Run .afna@@c:afla in aaaaa
- Implement
afba
like afla but for basic blocks - Implement afla command to list function in the inverse call dependency order
- Parse len argument in aaex
- Initial support for xref sizes
- Use base64 in "ax," and also show ref size column
- Implement axt, - for table listing xrefs
- Implement axtf - list function xrefs
- Improve aan/afna/afns add json and use emulation
- Permit partial block reads on analsearch loops
- Remove noisy log message in aap
- Add scr.analbar config var to have progressbar without scr.demo
- Fix
ap
command using real fcn prelude info from arch plugin - Implement
aax
command to make a function on each CALL xref - Implement aaex command, like aae, but does not analyze any function
- Fix /rc, document argument handling and add test
- Improve JSON output for the afsvj command
- Implement
afsvj
comma...
5.8.8
Release Notes
Version: 5.8.8
Previous: 5.8.6
Commits: 192
Contributors: 11
curl -Ls https://github.com/radareorg/radare2/releases/download/5.8.8/radare2-5.8.8.tar.xz | tar xJv
radare2-5.8.8/sys/install.sh
Highlights
More details
Authors
Dennis Goodlett Dennis Goodlett Hertatijanto Hartono Luc Tielen Luc Tielen Murphy condret pancake pancake phix33 rgc
Changes
anal
- Small improvement on tail call detection
- Check for noret destinations in afbr listings
- Consider zero pages as invalid code
- Dont enable debug tracing from type propagation
- Implement ahb-* missing command
- Make macos/ios targets inherit types from darwin
- Fix aod command for pickle arch
analysis
- Small improvement on tail call detection
- Check for noret destinations in afbr listings
- Consider zero pages as invalid code
- Dont enable debug tracing from type propagation
- Implement ahb-* missing command
arch
- Improve tricore.cs handling jumps/rets/movs/
- Fix ESIL MIPS64 NOR instruction
- Migrate java plugin
- Migrate i8080 with full refactor
- Fix max asm len in pickle
- Fix cs4 build of the sh arch plugin
- Honor endianness without messing with capstone initialization in ppc.cs
- Remove global state in ppc_cs plugin
- Migrate ppc_cs plugin
- Update to the latest capstone for new sh and tricore
- Remove global state in v850 plugin
- Remove global state from loongarch dis
- Remove globals/duplicate code in riscv plugin
- Remove global state in lua5.3 plugin
- Remove global state from 6502_cs plugin
- Remove global state from xtensa plugin
- Cleanup global state in riscv plugin
- Remove thread local state from m68k_cs plugin
- Remove global state in loongarch plugin
- Refactor z80 plugin to not have global state
- Migrate sparc_cs plugin
- Add more call level registers for i4004
- Dont abuse asm.bits in bin.pyc and honor asm.cpu
- Add support for 4bit registers
- Initial support for the Sharp SM5xx MCUs
asm
- Improve adrp instruction assembler and add more tests
bin
- Warn on unresolved symbols/relocs in ELF and better handle -1 addresses
- Parse more CodeSignature fields for mach0
- Parse CodeSignatureDirectory entries for mach0
- Faster Css using the api instead of Cz with tmpseek
- Use Css in ELF (instead of section.has_strings) to avoid flags
- Apply section formats in a second iteration
- Fix #21823 - tag static elfs as non libinjectables
- Fix #19964 - show relro:no even if no dyn section is found
- Add support for even more elf reloc types
- Add support for more elf reloc types
- Refactor elf get_import_addr checks
- Fix #21715 - Add baddr to the class info from DEX
- Add missing flags for the internal ELF symbol relocactions
- Check for PT_LOAD segments before fully reading elf phdr
- Iterate over vector i.s.o. list in elf entries
- Speed up loading of elf relocs
- Refactor even more parts of elf loader
- Refactor more of elf loader
- Refactor more elf loader code
- Use main=-1 instead of 0 before finding the symbol in mach0
- Handling ELF symbols with no name
- Refactor more functions in elf loader
- Refactorings for elf loader
- Add RBinInfo.libinjprot field for mach0 at least
- Infer asm.os from platform's LC_BUILD_VERSION
- Improve performance when loading mach0 classes
- Implement basic pdp11 binary parser and a bit better disasm
- Add support for more ELF SPARC relocs
- Implement ELF relocs for SPARC and MIPS and avoid duplicates
build
- Update and improve r2docker as well as publish the new image into the hub
- Add r2pm build-arg to the r2docker with r2frida,r2ghidra,r2dec packages
- Install r2frida and use /usr as prefix for r2docker
- Apply fixes from the Termux package and update acr
- Add wasm to the default meson builds
ci
- apt-get update before install in the syslibs job
cons
- Faster ~? rcons filtering
- Improve the twilight theme
- Fix #21772 - Ensure RCons.raw after reading from user in ~/
- Early return on RCons.flush() when nothing to do
- Detect too large input strings in RCons.prompt
- Fix RCons.readCharTimeout()
- Remove globals from 2048
- Remove global state in stiv
- Fix ::pd and ::? glitch with (null) colors
core
- Make fortune file selection random
- Make all the RCoreCmdStr functions R_MUSTUSE its return
- Refactor global state in vslides
crash
- Fix UAF in 8051 analysis on fuzzed code
- Fix out-of-memory allocation on a fuzzed plan9 binary
- Fix oob write in dyldcache accel loading
- Store the vector index instead of a weak pointer for the ELF
- Prevent an oobread in the lua bin parser
- Fix UAF read in the LUA bin parser
- Fix UAF in RNumCalc
debug
- Fix reading and parsing /proc/pid/maps from remote gdb on android
- Fix #21813 - parsing reg profiles from android-gdbserver
- Don't run dmh on macOS when not debugging
- Fix null deref in get_base_from_maps
- Add initial debug heap support for macOS
- Initial import of the rv32ima debug plugin
disasm
- Implement asm.cmt.token to choose the comment prefix token
- Fix '*' cursor mark on some addresses
- Implement hint color for nicer disasm comments
- Implement asm.offset.focus to show addrs ofs interest
- Add ahi36 and asm.offset.base36=true
- Implement asm.bytes.asbits to display instruction bits in binary
egg
- Initial support for arm64 eggs
esil
- Fix null derefs and memleaks in {esil,debug}traces
- Improvements in the visual esil debugger and documentation
graph
- Set terminal in raw mode before entering visual graph mode
io
- Remove meaningless optimization leftover in io.cache
- Fix and prevent null assert on RIODesc fixing zip0://
- Fix hypothetical arbitrary code execution vuln in r_io
lang
- Implement RLangPlugin.init for Go,Rust,Typescript and Zig
- Make RLangPlugin.init() actually define if can be instantiated
- Fix RCons.noflush issue when using '-i foo.c'
- Improve r2js module loading, honoring relatve and absolute paths
- Update r2papi.ts 0.1.1
- Support relative module resolution in qjs
- Fix alias marker parser in the qjs loader
- Handle .r2.js file extension
main
- Move .inc files to .inc.c for editor support
- Remove global state and fix memory leak in rabin2
- Fix invalid json on 'pfj x[1]z'
- Fix assert on null deref with the 'pf E' command
- Let 'pxr' follow tagged pointers
qjs
- Handle multiple ../ imports
r2pm
- Implement r2pm -t for timeless packages
- Fix r2pm when launching it from a deleted working directory
search
- Implement Css (section string scan) and Csz (same as Cz)
- String search no longer requires a keyword
shell
- Show log.level=? help message
- Merge all R*2_NOPLUGINS as R2_NOPLUGINS
- Ship and use our own manpage reader
- Implement
man
command for launching "man pages" - Autocomplete -i command
- Fix help message for idp?
- Show capstone version in r2 -v
- Show build system used (meson|make) in r2 -v
- r2pm search is case insensitive
- Fix the r2p tool and add a test
- Fix help for ?:? and show its links with =!
shlr
- Fix undefined behavior when reading java uints
tests
- Implement r2r -g to run the tests associated with the files changed
tools
- Implement rax2 -rS and update manpage
util
- Add support for base36 numbers
- Remove global state in time.c
visual
- Visual ESIL debugger improvements
- Improve and simplify Vv ascii art, and make it available from panels
- Call more setraw() to fix a recent visual regression
- Improve interactive config and color editors
windows
- Fix stty windows warning
5.8.6
Release Notes
Version: 5.8.6
Previous: 5.8.4
Commits: 295
Contributors: 23
Highlights
More details
Authors
AlexanderKucherov CorruptedVor Francesco Tamagni Hripsimee Ildar Ildar Sadykov Leopold Luc Tielen Luc Tielen Mewt R MewtR R Sylvain Pelissier Yedidyah Bar David Yuvraj Saxena Zhipeng Xue echel0n pancake pancake rgc semgrep.dev on behalf of @trufae theNKCode tsunekoh
Changes
anal
- Handle 'int 0x20' as eob on x86-16 (assume DOS)
- Fix null deref in arm32 calling conventions via 'aaef'
- Handle more noreturn functions
- RAnal.cur can be now set to NULL
- Fix aae logic for mem read xrefs
- Fix #21576 - Function stack frame size in case of FP register in a Thumb's PUSH
- Improved instruction mask using the new aobm and anal.mask
- Support big endian value search analysis (aav)
- Fix null deref in signatures when using corrupted analysis info
- Hide meaningless AnalOp fields in
ao/aoj
analysis
- Handle 'int 0x20' as eob on x86-16 (assume DOS)
- Fix null deref in arm32 calling conventions via 'aaef'
- Handle more noreturn functions
api
- Deprecate r_str_cmp()
- Rename R_CONST to R_TAG and add unit tests for them
arch
- Migrate tms320 plugin
- Cleanup global state in mips gnu plugin
- Migrate mips gnu plugin
- Migrate chip8
- Handle the arch.decode default size and mnemonic on failure
- Migrate xcore plugin
- Migrate m68k_cs plugin
- Migrate 6502_cs plugin
- Migrate m68k_cs plugin
- Refactor global state in loongarch plugin
- Migrate loongarch plugin
- Handle RArch.getRegProfile() from RAnal.setRegProfile
- Fix the wrong plugin used after failed arch.encoding
- Rename arch.arm plugin 'arch.arm.nz'
- Use plugin name instead of arch name to fallback
- Propagate endian settings
- Honor RArch.setBits via RAnal.setBits
- Support fatmachos with slices using arch plugins
- Improve automatch plugin with encoder support
- Resolve ${arch}.nz as fallback when finding an assembler peer
- Remove '#' sign before immediates in the snes9x disassembler
- Fix 1 byte oobread in the wasm disassembler
- Migrate s390.cs and fix the abidiff suppression rules
- Migrate the ppc.gnu plugin
- Migrate m68k_gnu plugin
- Improve the riscv analysis
-
- Fix esil emulation for riscv's jr/li/mv
- Migrate S390 GNU plugin
- Dont use strtok in the riscv plugin
- Migrate the hppa.gnu
- Migrate the sparc.gnu plugin
- Improve brainfuck VM using ESIL and arch restrictions
- Migrate the brainfuck
- Remove unneeded line in meson build after plugin migration
- Migrate h8300 plugin
- Migrate the pyc plugin
- Migrate msp430 plugin
- Fix archinfo for v810
- Add wip archinfo and wip regs and make mcs96 an arch plugin
- Migrate ebc plugin
- Migrate lh5801 plugin + add missing regprofile
- Migrate the pdp11 plugin
- Migrate arc
- Expose the value of arm's ADD in op.val
- Implement
wao nop
for riscv - Migrate arm.v35
asm
- Implement 'call [rip+X]' for x86.nz and add tests
- Fix UB in signed type shift left on arm64 assembler
- Fix tb instruction for ARM assembler
bin
- Fix double free in elf loader
- Fix memory leak in mach0 relocs
- Fix memory leak in xtr fatmach0 metadata
- Fix memory leak in elf loader
- Fix compile warnings for elf loader
- Improve handling of nindirectsyms for corrupt macho binaries
- Fix crash due to int overflow loading mach0
- Refactor / improve loading of ELF symbols + imports
- Shorten path on invalid fatmachos fixing a recent null precondition check
- Better use of preconditions and r_log in fatmach0
- Refactor loading of elf fields
- Refactor loading of elf libs
- Refactor elf loading of relocs
- Refactor even more loading of elf sections
- Refactor elf loading of sections
- Refactor mach0 loading of relocs
- Silent warning on empty dwarf blocks
- Unused var had a meaning in the xnu kernelcache parser
- Refactor loading of mach0 sections
- Conditionally parse mach0 start symbols
- Fix bug wrongly casting dyld/kernelcache to mach0
- Remove code, port dyld + kernel cache to new API
- Fix UAF in the p9 parser
- Refactor loading of mach0 symbols
- Refactor loading of mach0 libraries
- Implement review remarks for mach0 import parsing
- Refactor mach0 loading of imports
- Refactor string comparisons in macho parser
- Add demangled column in the symbol listing
- Add LC_AOT_METADATA parsing support for mach0
- Reuse recusion in c++ demangling with lower bounds
- Fix some oobread bugs in the ELF parser
- Initial steps to support column details in dbginfo
- Optimize dwarf parser reducing getsection for strp
- Remove global in the DWARF parser
- More ELF cleanups on the symbol allocation logic
- Minor cleanup in the ELF parser
- Fix Mach-O symbol parsing in dyldcache
- Blind ELF fixes
- ZeroPad addresses in iSq and iSSq
build
- Fix some -fvisibility=hidden issues
- Fix
meson -Dnogpl=true
compilation - Update to the latest wasi-sdk-20
- Fix R_SYS_ARCH name for native s390x
- Fix r2r build when doing static linking
- Fix SocketNotificationRetrieveEvents already defined issue
- Make sys/sanitize be aware of the memory sanitize check
- Fix #21375 also for linux-arm-64.sdb syscalls with meson
- getcpu is reserved by linux's sched.h
- meson support for smallz4, relates to #19849
- Use Smallz4 instead of liblz4 which is optional
ci
- Add crosscompiled arm64 debian builds
- Add arm64, riscv64 and s390x qemu builds
- Move the tarball distribution code into dist/tarball
cons
- Fix #17194 - Fix 'e scr.pager=..' to set the internal pager
- Add greepy color theme (green + pink + white) glitch-style
- Add support for ""ec in theme files
core
- Fixes the bfbug losing arch setup after
o malloc
crash
- Fix double-free in r2pm when no python bin in path
- Fix oobread in /v
- Fix 2byte oobread in /a subcommands
- Fix null deref on null :: command via fuzzing
- Fix null deref on fuzzed thready command execution
- Fix null deref in unaligned arm thumb instruction via /ad
- Fix oom bugs in the XTAC parser
- Fix large memory allocations on corrupted LE binaries
- Fix infinite loop in the GNU C++ demangler
- Track recursivity calls in the HFS parser to prevent stack exhaution
- Fix oobread bug in asn1/pkcs7 parser
- Fix uninitialized field accesses on corrupted DEX
- Fix UB with uninitialized read in dwarf parser
- Fix infinite loading time in minidump file
- Fix unaligned pointer access in sha256
- Fix division by zero in the HFS parser
- Fix oobread segfault in the grub's HFS parser
- Fix ininite loop in the ext2 grub code (DDoS)
- Fix 8 byte oobread on pkcs7 parser
- Fix UAF in the dwarf parser
- Fix non-null-terminated string in dwarf
- Fix null deref in the dyldcache
- Fix oobread in swift field parser
- Fix 4 byte oobread in objc analysis on 32bit binaries
- Fix oobread in dwarf parser
- Fix oobread crash in the visual bit pixel editor
- Another dwarf null deref
- Fix oobread in the xcoff64 parser
- Fix an 1byte oobread in the pyc plugin
- Avoid large allocation in the elf parser
- Check for null pointers in uleb and dwarf
- Fix oobread in omu command
- Fix large allocation bug in the elf version parser
- Fix null derefs in the dwarf parser
- Fix oobread in the msvc demangler
dalvik
- Fix two UB bugs doing left-shift on signed type
debug
- Warn the user when using dd/dm/di without a child
- Fix 64bit column register listing glitch
- Allow 'dcu main' even if there's a 'db main' already set
- Implement dtj command to list debug traces in JSON format
- Fix null deref in dtd when the process is dead
- Fix status register in the regprofile for darwin-arm64
- Dont display the cpu flags if the arch doesn't support them
- Adjust bpcount and use typedefs instead of structs in bps
- Define RISCV breakpoint instructions
- Native debugger for OpenBSD and NetBSD on arm64
- Add cmd.step config var to run a command after every debugger step
- Partial fixes for better register profile and arch switching handling
diff
- Initial implementation of the 'cgfa' command
disasm
- Do not draw ref lines of invalid branches
- Fix asm.pseudo for arm64's stur instruction
- Implement pseudo for riscv's 'auipc' instruction
- Fix '\xff' strings issue in bsd-rv64/arm64
dwarf
- Implement parsing optimization for dwarf5
- Store column information in the addr2line database
esil
- Fix UB when shifting value too far left
- Fix bounds checks for ESIL and reg values
- Implement 128bit regstore esil emulation
- Dont emulate null instruction types, causing invalid analysis
- Fix #21564 - 128bit support via [16] and RReg for arm64
- Implement 'aoem' command to show memory refs via emulation
- Move the esil #! r2 command as an op instead of parse
fs
- Add test and fix oobread in the hfs parser
graph
- Improve color support in graphviz, still wip
hash
- Add elf hash planned for r2-5.9.0
io
- Fix #21705 - check r_io_plugin_add ...
5.8.4
Release Notes
Version: 5.8.4
Previous: 5.8.2
Commits: 277
Contributors: 29
Highlights
More details
Authors
Dennis Goodlett Dennis Goodlett Francesco Tamagni Jose Antonio Romero Jules Maselbas Jules Maselbas Koh M. Nakagawa Lazula Mewt R MewtR Mohamed Lemine Ould El-Hadj Murphy Murphy Murphy Pau Rodriguez-Estivill Richard Patel Siguza Sylvain Pelissier Sören Tempel Teutates Yaroslav Yuvraj Saxena Zhipeng Xue condret icy17 ksen-lin meme pancake
Changes
anal
- Support function arguments without a name
- Optimize RCore.analOp() lowers aa from 1m23 to 1m19
- Make aab even faster (39s -> 32s)
- Fix #21340 - fix list of callrefs in afij
- Add some recently seen x86-32 preludes
- New 'aarr' command to reanalize all function refs
- Add support for DUP in esil_dfg
- Add fake =SN for gb to fix the missing =SN warning
- Implement esil-dfg support for POP
- Initial implementation of the aob/aobj commands
- Do not override anal.calls user settings in
aaa
- Use a visited check to speedup recursive reference analysis
- Invalid call from warning is now a debug message
- Handle missing LDURH on arm.v35
- Add refs column in aflt listing and fix refs&xrefs counting apis
- Remove duplicated code adding a string reference during analysis
- Set refptr for Xtensa l32r opcode for better disassembly output
api
- Introduce the new R_CONST macros
arch
- Migrate cr16
- Migrate cris from anal to
- Update to the latest capstone for SH and arm64 improvements
- Move the riscv.cs plugin
- Improve v850 esil support
- Move the pic
- Move the anal.tricore
- Improve the NIOS arch plugin with regs, archinfo and invalid
- Move and improve the anal.alpha
- Move Vax plugin from anal
- Add Inferno Dis VM
- Move the bpf plugins
- Move anal.lm32
- Move the z80 plugin
- Add support for all-bits-set registers needed for LANAI
- Move the lanai plugin
- Fix the type used for the fini callback in r_arch_plugin_t
- Move the mcs96 plugin
- Fix #21325 - Do not assert when instantiating empty plugins
- Convert kvx analysis plugin into arch
- Add esil support for satadd, satadd_imm5, satsub and satsubr v850 instruction
- Handle wasm control flow errors better
- Wasm accept br out of if/else
- Refactor wasm into arch
- Move xtensa into the
- Initial re-import of the LUA bin parser and disassembler from extras
- Move the ws plugin and annotate the plans for 5.9
- Move or1k into the arch
- Add
evm.sdb.txt
with description - Add esil support for mulh reg, reg v850 instruction
- Move anal.evm.cs into arch.evm
- Rename evm.cs to evm
- Add esil support for v850 stb, sth and stw instruction
- Add esil support for v850 ldb, ldh and ldw instruction
asm
- Add more conditional branch instructions for the arm64 assembler
- Implement conditional branch instruction for the arm64 assembler
- Improve armass64 for tbz/tbnz to handle relative instructions
bin
- Report errors when failing to patch relocs in the internal buffer
- Implement qword to better display patched relocs in macho
- Fix #21451 - Support IDREF in cf_dict parsing
- Apply macho relocs on the swizzled buffer if bin.cache is not set
- Find libswiftCore and libswiftDemangle in linux paths too
- Fix wrong check in dyldcache rebase v2 logic
- Add new fuzz.bin2 program and fix integer overflow for XTAC
- Prevent an oom in the macho when corrupted fields are involved
- Fix infinite loop in the xtac parser
- Fix oom in the LE parser
- Fix ELF parser hang on malformed .plt.got header
- Fix sign warnings in the elf parser spotted by msvc
- Fix absolute path resolution for dwarf source files
- Remove globals from the MSVC demangler
- Blindfix for some msvc demangling characters
- Fix Dis fuzz failure
- Add missing S_INIT_FUNC_OFFSETS definition for macho
- Add Inferno Dis VM
- Improve checks parsing dyldcache headers
- Fix missing types and paddr/vaddr issue in ihj
- Fix double free in class method handling
- Update dyld shared cache parser
- Better header checks for the MSX plugin
- Some fixes for the bin.msx plugin
- Add support for the XTAC file format
- Add XCOFF64 support
- Refix another null deref after 586af3f
- Improve code quality in some RBin plugins (1/n)
- Fix null deref when no signature is found
- Minor improvements to elf parse
- Fix memory leak when parsing DW_FORM_line_strp
- Use correct compilation directory for binaries that use DWARF before version 5
- Fix heap overflow in the swift parser
build
- Add --with-new-io-cache configure and meson flags
- Use acr-2.1.0 new PKGCFG_DO to speedup pkg-config file generation
- Fix libdir and includedir in the pkgconfig templates with latest acr
- Fix #21375 - Generate .sdb files properly for syscalls with meson
- Fix #21332 - Add missing use_sys_openssl option for meson
- Fix #21287 - compilation with .c in path
- Clear SSL (C|LD)FLAGS if not willing to use SSL at all
- Fix 'no rule to make libcapstone.a' error
- Fix meson build with x86 option arch
- Check for linux/can.h at configure time
- meson: install rasign2.1 man page too
- Fixes for the offline tarball generation
ci
- Abidiff shouldnt check internal structs like the capstone ones
- Remove broken github counters and introduce the sys/counters.sh
- Add pkg-config for macos-test
- Add pkg-config for macOS via brew
- Upgrade to abidiff 2.2
- Remove LGTM, it's no longer available
cleanup
- Remove all char* casts in free
cons
- Fix scr.html when using bold attribute in scr.color=1
core
- Support R2_PREFIX env var to override compile-time PREFIX
- Use single quote instead of "" for RCore.call()
- Fix command injection bugs in patch scripts
crash
- Fix oob in we command
- Fix null deref in omr with no maps
- Fix null deref in fuzzed omt command
- Fix uaf in r_asm_op_get_hex
- Fix UAF in y-;q and assert with 0 size functions
- Fix uaf caused by RRegItem.free instead of .unref
- Fix oom in the nso parser
- Fix uaf in xtac and check for more vector allocation failures
- Fix unchecked vector allocation in wasm
- Fix oom spotted in the wasm bin parser and other stylish things
- Fix segfault when saving a project with no write perms in home
- Fix oobread in dwarf5 parser
- Fix #21363 - null deref in the wasm disassembler
- Fix use after free in RStr.replaceAll()
- Fix null deref in aeg command
debug
- Fix setting registers in linux/rv64
- Fix retrieving registers on Linux/RV64
- Fix #21329 - do not include the privileged registers from the gdb profile
disasm
- Dont try to resolve strings on call destinations
- Fix instruction colors when '0' is at the end
- Deprecate the asm.minicols config variable
- Truncate invalid strings in disasm
dwarf
- Add CLLf command as an alias for 'list' and fix @@i
esil
- Avoid >64 bit shift left on 128bit registers
- Implement esil for arm64's brk and clarify TRAP usage
- Simplify the ESIL for x86 shift instruction
- Better nullchk and reduce dereferences in esil
globals
- Remove 2 globals from arch.or1k
- Remove 1 global from arch.snes
io
- Initial implementation of the io-write-cache command
json
- iCj always renders valid json, fixing a warning in iaito
lang
- Run the pending jobs in the qjs repl and expose r2pipe module
- Add fake 'r2papi' module for r2frida-compile scripts
- Implement ESM module loader for the QJS runtime
- Initial support for r_arch plugins via qjs
- Add support for NIM scripting on top of the QJS engine
magic
- Add Inferno Dis
panels
- Move Stack into Debug menu, and add Register columns output
- Improve the pseudo-decompilation output for !x86 and inlined gotos
- Fix duplicated source lines in CLLf output
- Honor hex.offset + hex.header
- Initial support for custom bitmap images
projects
- Add Pz[ie] command to import/export project in zip format
r2pm
- Fix support for builddir-less packages
- mkdir home plugin directory
- Add R2PM_DIR directive needed for tarball/zip packages
- mkdir(R2PM_BINDIR) before pkg install, so packages dont have to mkdir
search
- Magic depth starts at 0 now
- Remove global magic depth
- Honor esil.* options in RAnal.search
- Improve syscall detection in /as
- Fix #21339 - Fix syscall search when executed twice
shell
- Fix help message when write fails (omp -> omf)
- Fix #21380 - Refer to "? in /R for escaping chars
- Correctly align r_core_cmd_help_match output in inexact mode
- Update help message for ""? for ""@""
- Drastically reduce eUsage count...
5.8.2 - codename "Jonesy"
Release Notes
Version: 5.8.2
Previous: 5.8.0
Commits: 172
Contributors: 17
Highlights
More details
Authors
0x8ff Apkunpacker Dennis Goodlett Fraser Price Jules Maselbas MewtR Mohamed Lemine Ould El-Hadj Ole André Vadla Ravnås Richard Patel Sylvain Pelissier Vitaly Bogdanov condret kyufie meme nmeum pancake pancake
Changes
anal
- Honor the micromips codealign, add missing =SN and cc
- Set indirect code refs from load instructions
- Make r_anal_optype_{to,from}_string use the same optypes array
- Rework of the function merging
- Add Plan 9 calling conventions
- Basic blocks are not modified if not initialized
- Add test for gb srcs/dsts json and valtype
- Fix multiple typos in ios-syscalls.txt
analysis
- Make r_anal_optype_{to,from}_string use the same optypes array
- Rework of the function merging
api
- Make r_str_casecmp() null-proof to fix weird crash on windows
- Implement RCore.cmdCallAt() + minor improve internal cmd calls
- Fix RFile.path() when $PATH contains no colon
arch
- Add esil support for v850 ei and di instructions
- Add esil support for v850 reti instruction
- Add esil support for v850 stsr instruction
- Add esil support for v850 ldsr instruction
- Blindfix for a glitch in the v850 disassembler
- Simplify esil generation of v850 bcond instructions
- Add esil support for v850 setf instruction
- Improve v850 esil support and fix some related bugs
- Fix asm.cpu=? when using arch plugins
- Fix
rasm2 -a mips{.gnu} -b16 -e -c micro -d '4fe5'
- Move mcore into the arch
- Support micromips on both gnu and capstone plugins
- Move anal.propeller
- Add micromips cpu for the mips.gnu plugin
- Move nios2 away from anal
- Register RArch plugins to be loaded dynamically
asm
- Implement .extern directive in rasm2, fix other directives
- Fix ARM assembler for blt, ble, cmn, tst, and teq instructions
bin
- Fix null deref assert in the TE parser
- Fix unnecessary memory exhaustion in the elf parser
- Fix allocation crash in bin.symbols
- Support elf-micromips auto detection
- DWARF5 line header parsing
- License Plan 9 code as MIT
- Add Plan 9 line number information
- Fix load address of arm64 kernel
build
- Do not depend on strcasecmp in libzip, build fail on Centos7
- Upgrade v35arm64 to fix non-c99 compilation
- Update to the latest tinycc in the CI
- Remove the need for ios-include.tar.gz
- Use an authorized API call for the abi job to increase the rate limit
- Remove condition on 'linux-static' job
- Integrate ABI diffing into CI scripts
- Add --with-ssl-crypto, rename --with-openssl to --with-ssl
- meson: Install various missing files
- Use fakeroot if available when packaging for debian
build,
- Integrate ABI diffing into CI scripts
ci
- Upgrade CodeQL actions from v1 to v2
- Update the SPEC file and build RPM packages in the CI
-
- Update the SPEC file and build RPM packages in the CI
crash
- Fix infinite loop and null derefs when calling pd from pd in Cr
- Blindfix with a hack and a workaround to fix an UAF in Cr
- Fix an UAF in the visual bit editor
- Fix null deref segfault in Vd1
- Fix UAF in
oc
- Fix null deref in io.bank
debug
- Fix #8992 - Apply command line settings before initializing debug plugin
- Add required A0 register into x86 register profile provided by GDB
- Use proper type for the XMM register inside profile recieved
- Implement
dpt.
command to print the current selected process
disasm
- Optimize RAnal.kind() as its called many times with a large buffer from
pd
- Bring back and improve the Cr command
doc
- Reference abidiff's ci usage in doc/abi.md
- Reference doc/abi in DEVELOPERS
esil
- Fix emulation of the arm64
tst
instruction
fs
- Improve json output for mlj - mountpoint type and delta
globals
- Remove global in util/lib and just use RLogLevel
indent
- Balance spacings in braces
js
- Add experimental r2.cmd0 and r2.call0 for qjs
- Enable stack overflow check when recursive calls
- Improve error messages in the qjs repl
- Rename qjs's
dir
function todump
- Support loading/unloading multiple QJS plugins
- Update typescript compiler and move r2plugin into r2
- Fix undefined behaviour in quickjs when casting double to int64
- Fix #21205 - Missing object definition for aoj
- Fix undefined behaviour in double->int cast
- Extra checks and enforce the singleton core plugin
- Improve typescript entrypoint logic detection
- Initial support for javascript core plugins
- Upgrade r2papi-ts from 0.0.4 to 0.0.10
- Support typescript Main namespace and pass --allowJs
json
- Fix #21205 - Missing object definition for aoj
lang
- Initial implementation of lang.s assembly scripting
- R_TH_LOCAL two globals in RLang.c
- Reestructure lib dependencies, add lang.asm plugin
perf
- Massage the bottleneck that was making r2dec super slow
- Some more likely hints in RCore.cmd from valgrind
- Fix pA and pA? (/A was moved into /a)
- Implement
pvp
andwvp
to print and write pointers - Fix fortune message for #md5 and add ph: variant of "ph "
qjs
- Add QJS_NOABORT option to avoid aborts
r2pm
- Improvements for r2pm when getcwd is null
- Add R2PM_NEEDS and auto-install system build deps if possible
- Fix git check before cloning the repo
- Fix R2PM_DEPS first time issue
- Report better errors on first r2pm setup
- Initial experimental support for portable qjs packages
search
- Implement tire algorithm in
shell
- Fix assert in ph
- Initial skeleton integration with GNU/Poke
- Fix profiling RCore.cmdCall() via ?t""
- Add help message for the quote command
"?
- Implement LAj and LAq commands to list arch plugins
- Implement uname -h, -m, -b, -j ...
- Handle unknown subcommands for
t
- pdrj shouldnt be modifying the current seek
- Add -j command as an alias for js:
- Add the ability to run qjs scripts with
r2 -je
slides:xa
- Improve r2slides with title, colors and 2 column mode
test
- Update libfuzz build instructions
- Add the dwarf fuzzer program
- Add some test for ARM assembler
tools
- Add R2_DEBUG_NOPAPI env var
- Show error when passing un-even hexpair to rasm2
visual
- Fix (null) regression in visual bit editor's disasm
- Handle JK in bit editor to move 8 bytes fwd/backward
vuln
- Fix ANSI Escape Sequence Injection vulns via DWARF
5.8.0
Release Notes
Version: 5.8.0
Previous: 5.7.8
Commits: 745
Contributors: 36
Highlights
More details
Authors
0x8ff Alex Bender Anton Kochkov Axel Iota DaKnig Dennis Goodlett Dennis Goodlett Ernest Deák (Tino) Francesco Tamagni HighW4y2H3ll Hors Lars Haukli Lazula Matthias MewtR Miles Liu Mohamed Lemine Ould El-Hadj Murphy Ole André Vadla Ravnås Paul B Mahol Peter Meerwald-Stadler Quentin Kaiser RHL120 Sylvain Pelissier Sylvain Pelissier TheAllSeeingOwl condret iTrooz_ meme pancake pancake rax2 rhl120 schrotthaufen schrotthaufen singurty
Changes
abi
- RAnalOp.srcs,dsts are not pointers
anal
- Working apt and add apl to list function preludes
- Rename axj to axlj, because axj is for jmp refs
- Introduce anal.tailcall.delta and use flags for better metrics
- Improve the tailcall detection logic
- Improve warning that only seems to happen when anal.nopskip is set
- Always show all the archinfo, even when not provided by the plug
- Dont show analysis progress on non-interactive shells
- Add esil.dfg.mapinfo and esil.dfg.maps config vars
- Some more improvements to esil_dfg
- Fix size returned from r_anal_op
- Fix warning in aflj when parsing vargarg signatures
- Add register computed const pointer support for esil dfg
- Add memory computed const pointer support for esil dfg
- Introduce R_ANAL_ESIL_DFG_TAG_{REG,MEM}
- Use treebuf io plugin as memory access backed for esil_dfg
- Fix pickle asm rejecting empty strings
- Do not recurse noreturn inspection when !addr or -1
- Generalize vector instruction types instead of following intel-specific
- Add /au to search for unknown destination jmp/call
- Add anal.noret and refactor anal.noret.refs
- Fix #20827 - Show srcs/dsts in aoj
- Fix
aae
argument parsing regression in and improve help - Add support for stack-computed const pointers in esil_dfg
- Fix anal.a2f in aac
- Increase default anal.depth from 64 to 128
- Clarify which commands are used on each
aaaa
line - Fix anal.depth usage when analyzing one basic block
- Loongarch analysis bug fixes (bl, race condition)
- Implement
aflxv
andaflx?
commands - Run /azq in aaaa
- Fix long1,long4 pickle opcodes
- Fix #20798 - Fix bx after add lr,pc,0 in arm32
- Fix null pointer in aflxj
- Implement aflxj
- Add noreturn column in afll
- Use RPVector in RAnalOp src/dst to support ldm/stm/simd
- Fix pickle arch thinking 0 is 64 bit
- Don't show the linearsize in the
afl
output - Add anal.vars.newstack - configurable improved stack-relative var
analysis
- Working apt and add apl to list function preludes
- Rename axj to axlj, because axj is for jmp refs
- Introduce anal.tailcall.delta and use flags for better metrics
- Improve the tailcall detection logic
- Improve warning that only seems to happen when anal.nopskip is set
- Always show all the archinfo, even when not provided by the plug
- Dont show analysis progress on non-interactive shells
- Do not recurse noreturn inspection when !addr or -1
- Generalize vector instruction types instead of following intel-specific
- Add /au to search for unknown destination jmp/call
- Add anal.noret and refactor anal.noret.refs
- Fix #20827 - Show srcs/dsts in aoj
- Fix
aae
argument parsing regression in and improve help - Fix anal.a2f in aac
- Increase default anal.depth from 64 to 128
- Clarify which commands are used on each
aaaa
line - Loongarch analysis bug fixes (bl, race condition)
- Implement
aflxv
andaflx?
commands - Run /azq in aaaa
- Add noreturn column in afll
- Add anal.vars.newstack - configurable improved stack-relative var
api
- Make RReg refcounted
- Implement {ctz|clz}{32|64} RNum
- Define RPluginMeta and RPluginStatus
- Add new RCore.cmdCallf() helper function
- Merge RParse into RAsm
- Refactor RLang api to use the new design
- Fix null deref on wrong api usage for RCore.cmdStr
- Moving more logic between asm, arch, parse and anal
- RAnalEsil -> REsil api refactor
- Deprecate reil and sysarch defines
- More refactorings and api redesigns in r_arch
- Remove eprintf calls in favor of R_LOG
- Implement RReg.clone()
- Deprecate r_str_dup() - related to #20959
- Rename RVector.len to RVector.length for consistency
- Remove the unnecessary RThread.CpuAffinity()
- Add portable NaN and INF defines for different float sizes
- Deprecate r_cons_eprintf and use R_LOG instead
- Rename RStr.home() to RFile.home() as part of the Plan
- Rename r_mem_memzero to r_mem_zero
- Prefer _tostring() instead of _to_string()
- Improve r_ref implementation with debugging support
- R_BIN_NM -> R_BIN_LANG
- Implement thread-safe refcounting - but disabled by default
- Deprecate the unused RFList
- Implement r_str_ntrim() and speedup r_str_trim() with it
- Initial implementation of RString (30% faster than RStrBuf)
- Implement r_sys_getenv_asint
- Add r_cons_is_initialized
- Boolify r_core_yank_file_all() and fix shadow var bug
- Add r_file_is_executable and r_file_extension apis
- Fix UB bug when using r_vector random access
- Change R_LOG_INFO to R_LOG_TODO where suitable
- Merge rhash into rcrypto and improve apis
- Fix memory leak in r_str_list_join()
- Boolify and rename some methods and fields from RFS
- Add .author field in all the RLang plugins
- Add a public api for the yank-unset action
- Constify the help
arch
- Add the arch.preludes() callback and new RSearchKeyword constructor
- Move anal.v850 to arch
- Fix counted string bug in pickle
- Fix negative unsigned cast in the xtensa disassembler
- Add RAnalOp.weakbytes() and move more analop apis to arch
- Move anal.xap into the arch
- Update tests and better arch.patch/modify callback
- Move anal.{6502,snes} into arch
- Kill RAsmOp, we can reuse RAnalOp in here
- Improve pickle disasm on invalid instructions
- Remove RAsmPlugin struct and add the 'aia' command to show archinfo
- Move the remaining asm plugins into the arch
- Minor plugin selection improvements
- Move asm.nasm into the arch
- Move asm.vasm into arch.any_vasm
- Assemble large pickle instructions
- Fix and move failing tests, reorder lib build
- Move the arm assembler plugin from asm to arch
- Temporary add RAnal as dependency for REgg
- Improve x86.nz assembler parsing and other bugs in rnum
- Initial implementation of the arch.any.as plugin
- Better handle of RNum errors for egg and arch.x86.nz
- Support reg+idx and idx+reg in x86.nz assembler
- Move the x86.nz plugin
- Fix asm.acur supporting arch, anal and asm plugins
-
- Fix asm.acur supporting arch, anal and asm plugins
- Move anal_riscv to arch_riscv
- Fix rasm2 -LLL using the new multi-bits macros
- Introduce RSysBits and its packing/checking macros
- Implement archinfo() in RAnal.Plugin.tms320
- Deprecate the unused RArchPlugin.esil field
- Use PJ to return the list of mnemonics
aoml
in arm.v35 - Move anal.rsp to the new home
- Move anal.v810 into arch.v810
- Move pickle from anal to arch and add it to meson
- Remove anal.malbolge and fix CI r_esil issues
- Move the 'sh' plugin to the new home
- Honor plugin name in rate matching for RArch.use
- Move jdh8 from asm/anal to arch
- Unify RArchOp into RAnalOp using common include files
- Fix RArchOp.refptr from bool to int
- Bump cs5 to support FNOP on m68k
- Wire-up RArch into RAnalOp
- Fix arm64 plugin to work well with latest arm64 changes in capstone
- Use the latest capstone5-next with updated aarch64 support
- Copy anal_amd29k.c to rarch
- Change arch plugin definition
- Add some more arch config vars
- Introduce arch.endian config var
- Instantiate RArch in anal
- Introduce RArchConfig->decoder
- Add R_LIB_TYPE_ARCH and i4004 arch-plugin
- First arch plugin (arch.null), implement basic lib api
- Start moving EVM analysis from extras to core
- First implementation of r_arch decoder api
- Introduce the new r_arch library, just the skeleton
- Add some r_arch api declarations
- Initial commit on RArch structs
asm
- Deprecate more unused fields from RAsmPlugin
- Fix the parse.z80.pseudo plugin and add a test
- Remove the unused RAsm.binb
- Internal cleanup of asm.c, deprecate the disassembly callback
- Load cpu descriptions for multiarch plugins
- Fix rasm2 x86.nz for "xchg eax,eax" and add tests
bin
- Fix JSON encoding of section addresses
- Add test for cwd source listing, CLL and l...
5.7.8 - codename "boredom"
Release Notes
Version: 5.7.8
Previous: 5.7.6
Commits: 307
Contributors: 17
Highlights
More details
Authors
Axel Iota Ben L Denis Ovsienko Dennis Goodlett Dennis Goodlett Francesco Tamagni Nikhil Saxena Paul B Mahol Richard Patel Seunghwan Chun Sylvain Pelissier adwait1-g condret erfur pancake pancake rax64
Changes
anal
- Define =SN for the sparc register profile and improve warning message
- Include bb instruction addresses in an array for
abj
- Fix more tests to run outside x86-64
- Implement
aflx
andaflx*
commands to re-analyze function callers - Implement
aflm.
andaflm?
to print the makefile-style function call summary - Fix bug in esil_cfg
- Implement r_anal_esil_dfg_reg_is_const
- Fix quotes in pickle assembly
- Improve
aab
results by using section size - Refactor esil new in cmd_anal
- Refactor
ar
set command to static func - Fix '/gg' output
- Fix duplicate aarch64 syscalls
- Fix leak in 'aex' command.
- Fix compilation warning
- Silence compilation warning in show_reg_args()
- Fix leak in r_core_esil_step()
- Check list allocation return value
- Fix leak of RAnalBlock in false return code path
- Check that vector length is not 0
- Fix leak of list when using asj command
- Fix leaks caused by not calling r_anal_op_fini()
- Add pickle descriptions
analysis
- Define =SN for the sparc register profile and improve warning message
- Include bb instruction addresses in an array for
abj
- Implement
aflx
andaflx*
commands to re-analyze function callers - Fix duplicate aarch64 syscalls
arch
- Support assembler plugin resolution by aproximated name
- Rename asm.arm_cs to asm.arm
- Merge asm.sparc_gnu into anal.sparc_gnu
- Lowercase all pickle instructions
- Upgrade to the latest capstone-next for ppc purposes
asm
- Fix integer overflow in match_c_lui()
bin
- Fix boundary check in mach0 fixups reconstruction
- Fix two oobreads in coresymbolication and dyldcache
- Update coresymbolication cache parser
- Add table's :help and ignore commas in
i
subcommand parsing - Fix incorrect relocs=false in macho
- Fix regressions affecting dyldcache parsing
- Fix #20624 - Implement ic, command to query klass information
- Fix oba $$ in frida://0 global
- Add support for REL file format plugin
- Support powerpc coffs
- Handle RABIN2_MACHO_SKIPFIXUPS env var in the macho parser
- Add wasm globals to symbols
- Fix leak in bin_sections
build
- if != ifdef on msvc
- Add lint for C++ include support
ci
- Fix #20655 - Zip the blob for windows
config
- Fix prj.alwasyprompt description text
cons
- Fix a couple of coverities in canvas and dietline
- Fix 'num' display with gentoo theme on 256 term
- Add to all themes 'ecd' at start
- Remove duplicate entry for basic theme
- Fix background color for dark theme
- Simplify ansi color mapping
- Fix several bugs when interacting in VE mode
- Fix leak in nextpal()
- Fix leaks in VE mode
- Fix leak of memory returned by r_str_ansi_crop()
core
- Fix leaks when calling r_flag_all_list()
- Fix leak in error path of r_core_anal_search_xrefs()
- Fix leak of pointer left behind
crash
- Fix stack exhaustion bug in the c++ gnu demangler
- Fix oobread in protobuf parser
- Fix oobread in
r_str_is_printable_limited
- Fix UB bug in
afi
command causing random segfaults - Harden swift demangler
- Harden msvc demangler
- Fill null deref check in the x509 parser
- Fix two more bugs in pdb found by libfuzzer
- Some safe fixes in rbin
- More r_run_parseline fixes
- Fix #9782 - r_run_parseline OOB read
- Fix oob write in dyldcache
- Fix null deref on non-capstone builds
crypto
- Add SM4 block cipher
debug
- Add new 'drp*' 'arp*' commands to flag the reg arena
- Fix build for 32bit iOS debugger
- Fix process detach in the xnu debugger
- Fix arm64 register access in xnu debugger
- Initial blind support for io.self for serenity
diff
- Implement radiff2 -B to specify base address
- Emit json when radiff2 is run with -Cj
disasm
- Fix #20202 - pd-55 showing invalid instructions
esil
- Fix tests and emulation for x86_cs BSR and BSF instructions
- Add warning for esil op $$ deprecation
- Tag dfg nodes that are vars with constant values properly in esil_dfg.c
fs
- Implement mdd, mdq and ms's ls -l
- Add initial fs.zip plugin, listing only for now
fuzz
- Fix another crash in the protobuf parser
- Fix too much time spent loading corrupted dyldcaches
- Fix negative allocation in the dex parser
- Fix infinite loop in dyldcache parser
- Fix large allocation bug in wasm parser
- Fuzz pdb
- Fuzz protobuf
- Fuzz pkcs7, punycode, x509
- libFuzzer demangler target
- libFuzzer bin target
- add libFuzzer integration, r_run_parseline test
globals
- Remove two global variables in the anal.ppc.cs plugin
- Remove global in cons.rgb
- Remove globals in bin.sms
- Remove globals in flirt and apply some extra cleanups
graph
- Implement new toyish visualization command
agt
- Implement
aggb
command, like agfb but for agn/age - Add cmd.bbgraph to use a different command to render the basic blocks
- Remove hack fixing a bug that is now gone for agn
io
- Initial implementation of the reg:// io plugin
- Fix #20616 - Fix analysis when using io.cache
- Implement wcu command to undo cached writes
- Initial implementation of the xattr io plugin
- Fix leaks on error path in r_io_zip_open_many()
lint
- Enable linting for trailing tabs
panels
- Fix #20651 - Decompiler panel was disapearing after clicking
- Implement pxu{1,2,4,8} like pxd but unsigned
- Fix w6e and w6d, Add w6x, p6[e|d][s|z] + tests
- Fix #20540 - pc should use an unsigned char buffer
- Implement p8x and p8* similar to y*
refactor
- Add linting to spot misuses of r_strbuf_appendf and fix them all
- Minor optimization of generated esil expressions
- Remove some unused macros in anal_riscv_cs
- Remove occurences of $$ in riscv esil
- Remove occurences of $$ in mips_gnu esil
- Remove occurences of $$ in bf and mips_cs esil
- Move the asm.m68k.gnu into the anal
- move asm.arm_windebg to anal.arm_wd
- Remove occurences of $$ in v810/v850 esil
- Minor optimization of generated esil in anal_arm_cs.c
- Minor optimization of esil generation in anal_arm_cs.c
- Avoid =[*] in arm_cs esil
- Remove occurences of $$ in arm_cs esil
- Move lanai from asm to anal
- Move the hppa plugin from asm to anal
- Use more R_LOG in cmd.open
- Merge asm.arm.gnu into anal.arm.gnu
- Move asm.ppc.cs into anal.ppc.cs
- Merge asm_arm_cs disassembler into anal_arm_cs
search
- Add help message for /at?
- /at accepts a comma separated list of optypes
- Enable emulation in /as, it's fast enough and results are better
- Test and benchmark --with-sysmagic in the CI
shell
- Add
open
command as a wrapper for the system launcher - Fix #20387 - woa 1 confusing error message
- Honor autocompletion in the
of
command - Use RCoreHelp for j? and uc? to fix a lint
- Add |E |D |J pipe aliases for base64 command execution and encoding
- Support interpreting executable binaries with r2 -i or '.'
- Don't print eol chars for now to fix an r2pipe issue
- Make command repeat behave as expected with the foreach operator
- Improve the yank command and help
- Honor : table modifiers in om,
- omt->om, and make omr print map size with no args
- Implement s** for proper seek history parseable output
- Implement
ics
command to list address of class methods - Protect
ms
shell with scr.interactive - Fix null deref crash in RTable and improve C,
- Implement 'e,' for table format, old e, is now e:
- Use RCore.help instead of eprintf in more commands under aa
- Implement y- command and some other indentation fixes
- Use : instead of =! in all the io plugin help messages
- Fix autocompletion for :. for r2frida
tests
- Fix total amount count of tests in r2r output
- Add test index progress in default output
- Support REQUIRE in r2r tests
- Add a few tests for cBPF conditional jumps.
tools
- Remove all global variables in rahash2
- Implement native r2pm pkg registry, buffer r2pm -s
- Enable r2pm-native when calling it from r2
- Use R_LOG in libr.main and fix RLogLevelMatch
- Allow rasm2 -f to open files with r_io files
- Fix ragg2 -C for pe64
- Fix memory leak on error path of rabin_do_operation()
- Fix leaks of allocated memory for duplicate plugins
- Check return value of r_list_new()
- Improve pid directive in rarun2, better info reporting
types
- Fix #16492 - Handle
-
suffix inte
andts
, add tests
util
- Tests for the "standard" splist() implementation
- Minor bugfix in strbuf.c
- Add some more asn1 oids from apple
- Check for RGraph in r_graph_free()
- Fix several issues in r_syscmd_join()
- Fix leak of char* in r_table_visual_list()
- Fix leak in some yanking cases
- Fix possible leak of list after each loop iteration
- Move eprintf...