radare2 0.9.0

hg tag -r      1974 0.9
codename:      furoner
last commit:   Tue Dec 06 01:41:17 2011 +0100
oldest commit: Tue Nov 01 12:59:07 2011 +0100
commits:       115

Author and main developer:

email: pancake<nopcode.org>
twitter: http://twitter.com/trufae
github: http://github.com/radare

Thanks to:

• @santitox for the XOR shellcode encoder and big-gmp implemention
• Glyn Kennington's patch for the build system
• sre the Debian guy and betatester
• earada for discusing, testing, reporting and bugfixing lot of stuff
• vext01 for the OpenBSD bug reportz and packaging
• l0gic for the archlinux package and bugreporting
• Ender for bokken packaging and r2 feedback
• ash for bokken, bug reports and beers
• Nicolai Stange for the SPARCv9 (64bit) support
• Instruments, Dtrace, Valgrind, llvm-analyzer, OpenBSD
  • fixed memory leaks
  • reduced memory usage in 40%
  • optimized code analysis
  • null pointers and double frees
  • do not use alloca() anymore
  • change io.va only when needed
  • Fix two format string portability issues

Portability:

• Tested support for iOS, Windows, GNU/Hurd and GNU/kFreeBSD
• Use O_BINARY in all open() calls on Windows fixes IO
• Fix dup2 for w32

Binaries

• Various symbol resolution fixes in ELF
• Honor -o in rabin2 for dump section operation
• Add initial native support for fat binaries in r2
  • Select arch/bits with r2 -a and -b (old -b is now -B)
  • Kinda hacky, but works for osx-x86/32/64
  • Export offset information of fat bins
• add initial support for creating p9 binaries
• Add initial support for plan9 binaries
  • supports x86, arm, ppc, sparc, mips
• RBin suport new section_end flags

Filesystems

• Autodetect filesystem when mounting
• Fix signature of r_fs_name()

Bindings

• Updated bindings
• Fail build of bindings if somethings goes wrong
• Depends on valabind 0.6.4 that fixes some bugs on Python
• Added bindings for NodeJS
• Add accessors for RAnalFcn.{refs,xrefs,vars,bbs}

Visual mode

• Enhaced speed visual mode
  • Dot clear unless necessary (fix flickering)
  • Cursor is now hidden
• Add 'T' menu at visual mode to show comments and anal info
• Use x1, x2, x3... to seek between xrefs in visual mode
• S= now fits in 80 columns
• Fix P visual print rotation
• Show flag+delta on title

Assembler/disassembler

• Added assembly description API (ported from r1's rsc adict)
  • r_asm_describe(): Added api to get opcode descriptions using sdb
• Add support for SPARCv9 (64bits)
  • Disassembler and Code analysis (binutils-2.21.1)
• Use asm.size config variable to show size of opcodes
• Add new assembler directives
  • .int8 (alias of .byte)
  • .int16 (alias of .short)
  • .int32 and .int64
• Add -D flag to rasm2 (show hex and asm)

Debugger

• Execution traces are now stored as a graph
• Warn if file size != region size in dml
  • dmd and dml commands to dump/load debugger memory regions
  • Sd and Sl to dump/load debugger memory region from/to file
• Initial implementation of r_debug_map_protect()
  • Bind to dmp command
  • Only w32 + osx, needs more work

New commands

• Added dtc and dtg to draw execution call graphs
• Add /z command to search for strings
• Add /v2 /v4 /v8 and remove /q
• added 'afi' to show info of functions
• Add 'fl' command to get length of flag
• Use ?d to get description of opcode (uses asm.arch)
• Added 'pdi' command
  • Like 'pi', but showing offset and bytes
• Added 'pda' new commands
  • Disassemble code byte-per byte
  • Disobey instruction length
• afl is now less verbose
• Make 'fd' accept arguments
• Use "f name 1 off" instead of "f name @ off" in dr*
• Added 'g' command to use r_egg api from RCore

API changes

• Added r_core_file_reopen() // work in progress
• Added r_flag_get_at () to handle deltas
• New APIs in r_util
  • r_sys_run() for JIT execution
  • r_file_size()
  • r_cons_clear_line()
  • Add has_va in RBinInfo class for bindings
  • Added new api r_graph
• Added R_MEM_ALIGN()
• r_core_bin_info shows bin data from core
• rabin2 now depends on RCore as long as r_bin_info()

rasc2 deprecated

• rasc2 has been deprecated and reimplemented inside r_egg
  $ ragg2 -i x86.osx.binsh -b 64 -k osx -f mach064 -o a.out
• Added ragg2 and ragg2-cc
  • Shellcode compiler for linux-x86-32/64 and OSX-32 based on ${CC}
  • XOR encoder
• Padding data is now defined like a format string

New stuff:

• rax2 now supports hexpair <-> binary conversions (-s, -S)
• Added eval var descriptions (see e?? command)
• Add graph.font=Courier eval var to configure dot graph output
• Add support for byte patching in ragg2 (-d, -D, -w)

Search engine

• remove search.asmstr and use /a and /c
• Show progress info in search
• Rename /a to /r
• Fix search when io.va=true
  • Add search.in = file, section, raw

Changes:

• Add support for continuations in rapatch2 '+' char
• Add r2 -a arch -b bits
  • -b flag to specify blocksize is now -B
• rasc2 has been deprecated. ragg2 is the replacement
• Colorize trap instructions in bright red
• Handle int3 on x86 as a trap instruction instead of SWI

Build framework

• Magic files are distributed on Windows too
• Simplified makefiles to use absolute paths
• Add sys/static.sh
• Add install-rev.sh script to build old versions of r2

Bug fixes:

• 'oo' reopen command will
• Update file size information when requested
• Fix bug when redefining io sections
• Fix warning in R_MEM_ALIGN() macro
• Fix rabin2 -B baddr
• Fix overflow in r_cons
• Fix loading strings on a object file without io.va
• Fix for .ko and .o elf parsing
• Use UT64FMTx instead of %llx in various places (fix for w32)
• Fix AT&T x86 disassembler
• Fix negative blocksize and printidx issues in visual
• Many ugly hacks to enhace w32 console
• Various fixes in sys/
• Added dist-bin.sh and python-bindist.sh
  • Fixes paths and pkgnames
• Implement dtg (debug trace graph)
• Fix RIO seek undo with io.va