Skip to content

Releases: radareorg/radare2

5.1.0 - codename lasagna

25 Jan 14:50
@trufae trufae
5.1.0
a8f9be9
Compare
Choose a tag to compare
5.1.0 - codename lasagna

Release Notes

  • Version: 5.1.0 (2021-01-26)
  • Previous: 5.0.0 (2020-12-21)
  • Commits: 291
  • CommitsFromRizin: 35
  • TotalContributors: 45

I will try to be more verbose with the release notes this time, it could help everyone to understand better the changes that happen, project directions and new features, as well as be more entertaining, even readable by Siri.

As I'm writing these lines I know I will be missing something, so please, if you think this summary is missing any important details let us know and our apologize in advance!

Updates from r2land

This is the second release after the fork, we are still putting things in place and optimizing the development for what we had in mind. Probably many people expected a public statement about the events, but this post end up being used as a therapy and focused on spending the time for what it matters: have fun, move fast and code for what matters most for the users and contributors without losing time and nerves in personal conflicts or strict roadmaps, just fixing, improving and keep vibing the amazing community in r2land.

There are frequent back and forth pulls of changes from both projects (see sys/derizin.sh for more details), and future directions of both projects will probably differ enough to lower that pace. If you are curious about other side projects:

About r2ghidra, it was rebranded (previously named r2ghidra-dec), and has been updated with all the changes in rz-ghidra, but adds ACR build support (which works on FreeBSD), removes the need for bison and flex, See https://github.com/radareorg/r2ghidra for more details about the 5.1.0 release.

On r2cutter, the repository, project and icon has been renamed from Cutter to r2Cutter as well as updated the r2 dependency to the latest 5.1.0, but the CI hasnt been massaged yet
to do the release builds, so no release of r2cutter is planned until this issue gets fixed.

r2dec is still available and working, just remember to update your package database with r2pm update.

Contributors

Alexander von Gluck IV Alexis Ehret Allen McIntosh Anton Kochkov Aswin C Briand Djoko Carson McManus ChD1 Dennis Goodlett Eduard Eduard MURESAN Fangrui Song Florian Maerkl Francesco Tamagni Fredrik Fornwall Giovanni GustavoLCR Kamil Rytarowski Khairul Azhar Kasmiran Liumeo Murphy Paul I Qijia Liu RHL120 Riccardo Schirone Riccardo Schirone Sahil Siddiq Sylvain Pelissier aemmitt-ns aemmitt-ns condret eagleoflqj gogo gogo2464 ivan tkachenko laohuai liumeo mrglm pancake pancake pancake ratijas wargio yossizap yossizap

TLDR

Highlights

This release comes with a large list of bug fixes, many of them you may probably not even noticed, but some of them are important for users and packagers, it has been
tested on a large list of platforms, not just in the CI, but also in sparc, mips, powerpc and other funky hardware (Thanks @unixfreaxjp !). We are not forgetting the new Macs, and
this release comes with few fixes for fat binaries, kernel caches and arm64 floating point emulation (kudos to @mrmacete and @aemmitt-ns for them!).

Projects: One of the most awaited feature is now finally available for testing, the git
support has been enabled by default and some options and backward compatibility transitional
code have been removed. Please test this out and let us know if you spot any issue! thanks @trufae for this!

The CI have been rewritten for simplicity and it's now building and publishing Android, iOS, macOS, Linux and Windows artifacts on every commit, ASAN, LGTM and COVERITY are still there, but all jobs run in github actions.

Lots of improvements in the support for JSON have been added by @liumeo also, several memory leaks have been cutted down, which are always welcome.

Support for streaming large files over mg, and added support in r2frida is now available thanks to @as0ler!

r2wars

The r2wars game runs on top of r2, but it needs some tweaks for the esil vm to work,
this version optimizes this by checking configuration options outside hot loops.

  • Cache cfg.r2wars value outside the eval loop

Those 'hacks' will be eventually removed when r2wars gets able to emulate syscalls,
traps and low level stepping for context switching at esil-expression level.

  • Support sbfm/ubfm in arm64
  • Initial support for arm64 asm extendtype
  • Add test and update arm.winedbg (#18117)

The arm64 assembler has been extended support more instructions and be more formal and correct.

  • Implement i4004 assembler

It's always great to welcome a new supported architecture for assembling code (disassembler for i4004 was already available). Kudos to Liumeo for this nice addition!

bin

  • COFF: handle empty sections (#447)

  • Dont demangle with libs unless requested

  • Add bin.cache evar to use io.cache when bins need to patch relocs

  • Fix Mach-O rebase on fat slices

  • Add additional ELF header fields to rz-bin output

  • Fix PE Delay Imports for multiple delayed DLLs (rizin)

  • Lowercase DEX method attributes and move r_num_bit_count()

  • Initial implementation of the DEX annotation parser

The DEX annotation metadata is now parsed in the DEX plugin, this means, that parsing is actually a bit slower (it's parsing more information) but provides more context and information of the application classes and methods. Use bin.verbose=true to get that information.

This metadata must be imported into r2 somehow, but this interface hasnt been defined yet, so only plaintext representation is supported at load time. Probably finding a good tree representation for an Sdb instance could work.

radiff2

  • Add more checks on the passed files and fail early.
  • Honor graph.font in diffing graphs too
  • Remove buggy Levenshtein diff algorithm and rename the original code

Some confusing usage and documentation have been updated and the default diffing algorithm is now faster. (Thanks MaskRay for spotting it and Liumeo for massaging it)

ci

The whole CI scripts have been rewritten to run everything in GithubActions, and adjust the test of PRs to 20min, ASAN is only running in master (takes 1h), and every commit is compiled for linux, macos, windows, ios and android. No breaking commits can be merged. And all artifacts are available to download for every single commit and architecture.

As long as the Sanitized build takes 1h to run the testsuite we decided to make it run only in the master branch, if any regression happens there it's easy to fix with the crash logs in GHA.

This is the setup of jobs in the current CI:

  • Add android-arm64 target to build release artifacts
  • Add TCC ci task which is able to build and run the testuite
  • Added cydia builds for arm64
  • Add job to test build and install with spaces in builddir and installdir
  • Add job to test install, uninstall, symstall for proper purgation and avoid disasters
  • Fix the badge in the README
  • Add asan ci job to run all fuzzed bins with a sanitized build (takes 1h)
  • linux-test builds with acr and takes about 20min to run all tests
  • CoverityScan service find vulnerabilities with advanced source code analysis.
  • LGTM service spots static source analysis good practices
  • Initial attempt to switch to Capstone 5, needs more

RTable

  • Dashes in RTable with X format
  • Implement RTable:sql and add RTable.name

You may not know about RTable yet, but it's an api and command modifier that will be used more and more over time. In short, RTable provides an API to create tables with columns with types and rows with data and an api and query syntax to operate over those tables in the same way as you would do in an SQL database but using the cryptic syntax of commands we like in r2land.

This release introduces a new output for SQL. This means that any information stored in r2 can be exported in SQL statements and processed in your favourite SQL database. This is an example usage:

$ r2 -AA /bin/ls
> afl,:sql > functions.sql
> !sqlite3
sqlite> .read functions.sql
sqlite> .tables
fcns
sqlite> select count(name) from fcns;
128

RISCV

  • Fix #18212 - Detect RISCV gdb servers
  • Add riscv in RSysArch and make it an enum, not a bitmask
  • Update RISC-V ESIL with sign extentio...
Read more
Assets 12
Loading

5.0.0 - codename: phoenix

21 Dec 08:43
@trufae trufae
5.0.0
a476454
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
5.0.0 - codename: phoenix

r2-5.0

Commits: 510
Contributors: 65

Interface

  • Added the Comma API
  • Added r_str_wrap() and r_cons_printat() APIs
  • Fix adding comments in panels
  • Improved help messages
  • Removed problematic fortunes
  • Add ?et command to change terminal title
  • Fix double-click issue in vte terminals
  • Formalize the flag names and its filtering APIs
  • Fix return code when using q!. Fixes r2pipe.go
  • Add experimental asm.flags.real to get strings from bin.str.real
  • Removed unmaintained enyo and panels webuis (-2MB)
  • Set realname on all bin strings for better asm.flags.real when bin.str.real is set
  • Fix ansi colors embedded inside json output formatting
  • Improve socket and http server APIs
  • Add opn/opr/opp commands to rotate between opened files
  • Initial implementation of scr.cursor for keyboard accessibility in visual and panels
  • Add asm.hint.call.indirect to make indirect calls follow the target address (#17968)

Performance

  • Use sdb_set instead of sdb_querys (aaaa is 7x faster)
  • Optimize IO.cache (makes bins with relocs much faster)

Signatures

Debugger

  • Sync anal and debug tracing information
  • Fix a crash in dts+ command with empty register arenas
  • Attach to target pid/tid on remote lldb connect
  • Add a warning when a breakpoint is placed in an invalid map
  • Add commands to parse mangling pointers glibc heap

Analysis

  • Improve signature matching, threshold, refactor and optimize related code

  • Directly apply Callee Args in Type Matching

  • Takeover variables when splitting functions

  • Always register the derived CC from the reg profile

  • Add bbhash to detect modifications in functions (and reanalize if patched)

  • Implement basic block listing commands (abl*)

  • Implement tcc-* commmand to unload all calling conventions

  • X86

    • Add amd64syscall and anal.cc evar
    • Fix esil for cmp/sub instructions
    • Add amd64syscall calling convention
    • Fix ELF R_X86_64_PLT32 relocation entries patching (#17587)
    • Fix x86 CMC instruction

  • MIPS

    • Improves mips.gnu esil
    • Add JALR JR when the address can be computed
    • Fix GP calculation when there are multiple entries
    • Fix MIPS C-TYPE instruction check
    • Set asm.cpu for mips.gnu derived from the ISA defined in the ELF

  • ARM

    • arm mte addg/subg decoding
    • fix arm it block analysis
    • BLR arm64 is type=RCALL (before it was UCALL)
    • ARM64 assembler can now assemble AND and BIC instructions (Thanks @mrmacete!)
    • Add initial support for arm and arm64 ELF relocs
    • Handle RELATIVE (todo) and IRELATIVE relocs in ARM64 ELFs
    • COFF: add ARMNT and ARM64 support
    • All testsuite run on arm32 and arm64

  • v850

    • Improve invalid instruction detection
    • Implement the pseudo disassembler plugin
    • Fallback to anal=v850 when using asm=v850.gnu
    • Add ep, sp, gp lp register aliases for v850
    • Added function preludes (aap finds much more functions)
    • Fix calling convention argument register usage for v850
    • Add all instruction descriptions
    • Set v850 disassembler when opening v800 ELF files

  • TMS320

    • Implement pseudo disassembler plugin

  • PowerPC

    • Initial assembler support
    • Improve reg profile to support calling conventions

  • RISC-V

    • Add all instruction descriptions
    • Add Fix shift instruction analysis
    • Fix ESIL for JALR and AUIPC instruction

  • SPC700 plugins moved to extras

ESIL

  • Add sign-extension operations
  • Implement aof to filter expressions using the dfg api
  • Fix unexpected FPU exception in ESIL emulation bug
  • Enlarge ESIL VM stack from 32 to 256

BSD

  • Support pkgconf (BSD alternative to pkg-config)
  • Fix build with tinycc, unfortunely the final binary segfaults
  • Fix debugger support in FreeBSD
  • Implements r_sys_aslr for NetBSD
  • Fixing r_sys_pid_to_path for DragonFlyBSD
  • Setting ASLR support for DragonFlyBSD

Windows

  • Fix r_core_editor() on Windows (#17887)
  • Fix MSVC template demangling symbols
  • Expose TEB address as a flag on Windows
  • Add network support to WinDbg/KD (KDNET)

Apple

  • Support ObjC small method lists
  • Support iOS 14.x dyld shared cache
  • Add support for new macOS kernelcache

Changes

  • Rename asm.filter to asm.sub.names
  • Rename asm.var.sub to asm.sub.var
  • Deprecate the afc= command.
  • Removed all globals from main functions
  • afc= -> e anal.cc
  • Fix big endian DWARF parsing
  • labels no longer stored in sdb
  • Refactor Variable Constraints out of SDB
  • Fix r_anal_block_automerge incorrectly merging blocks

Thanks to

Authors

Assets 3
Loading

Release 4.5.1

03 Sep 13:54
@github-actions github-actions
4.5.1
4bc96b8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 4.5.1

Release Notes

Version: 4.5.1
Previous: 4.5.0
Commits: 20
Contributors: 9

Highlights

bin

  • PE
    • Fix null dereference in Pe64_bin_pe_compute_authentihash
  • ELF
    • Avoid buffer overflow while identifying imports

build

  • Fix Cydia/iOS packaging and compilation issues
  • Enable LTO in sys/static.sh
  • Install ldid2 as well, to sign packages for cydia
  • Use meson install instead of manual installation in meson.py

core

  • Add Function Name, Constants, Globals and Local Variables to RAnnotatedCode

port

  • Backtrace support for haiku

util

  • Add r_sys_now_mono() and use in r2r
  • Fix NULL dereference in r_pkcs7_parse_spcinfo()
More details

Authors

Assets 15
Loading

4.5.0 Codename: Organized Chaos

18 Jul 14:50
@github-actions github-actions
4.5.0
9d7eda5
Compare
Choose a tag to compare
4.5.0 Codename: Organized Chaos

Release Notes

Version: 4.5.0
Previous: 4.4.0
Commits: 426
Contributors: 58

Highlights

Analysis

  • Initial API for base type kinds (enum, struct, union)
  • Rename PowerPC to PPC
  • Improve RISC-V analysis for compressed instructions
  • Add endbr64 as a function prelude for x86-64 binaries
  • Improve BP vars/args detection
  • Detect register args used only by callee
  • Match args name/types from function definition
  • Improve itanium RTTI parsing and vtable search
  • Refactor Variables out of SDB
  • Implement basic concept of signature bestmatch

asm

  • Add support for WebAssembly SIMD extension
  • Boolify r_asm_is_valid and r_asm_set_syntax API
  • x86_64/x86_32: Implement assembler endbr32 and endbr64 instructions
  • x86_64: Support mov r64, 0xffffffffffffffff
  • x86_64: Fix mov r32, -imm32 encoding
  • Move inferior GNU Hexagon plugin to extras

bin

  • Apple Symbols file
    • Improve Xcode symbols parser
  • COFF
    • Improve relocation support on COFF file format
  • DEX
    • Fix several crashes when loading corrupted files
    • Performance improvements in DEX parsing
  • DWARF
    • DWARF 4 and 5 line parsing additions
    • Several improvements/fixes in parsing
  • ELF
    • Use Dynamic segment entries instead of sections to find relocations
    • Add support for BA2 ELF
    • Add support for relocation entries for AARCH64 and PPC
    • Print a warning when the entrypoint cannot be found and it is automatically set somewhere else
    • Make glibc heap commands faster by resolving main_arena symbol
    • Add support for glibc heap tcache pre/post glibc version 2.30
    • Add missing reloc definitions for C-SKY, RISCV and AARCH64
  • kernelcache
    • Fix rebasing offset
  • Mach-O
    • Fix symbol names truncation issue when dealing with overly long strings
    • Support arbitrary length identifiers
    • Fix relocations on ARM Thumb
    • Support Mach-O threaded binding for arm64e
    • Rebase and strip pointers on Mach-O arm64e
    • Fix parsing of objc class data pointer
    • Do not automatically set the entrypoint of libraries
  • PDB
    • Add support for multiple PDB symbol servers
    • Add function for reading PDB from buffer
    • Fix command injection on PDB download (CVE-2020-15121, advisory GHSA-r552-vp94-9358)
  • Pyc
    • Move to radare2 core repository and improve/clean it
  • PE
    • Fix crash when resolving corrupted ordinal exports
    • Speedup parsing PE exports

build

  • Various fixes for Haiku
  • Add support for binr/blob and fix android build in meson
  • Add --without-dylink configure flag to disable libdl features
  • Add Debian 8 Jessie to GitHub CI
  • CentOS tree sitter fix using gnu99 when available
  • Fix the static build by dynamically resolving libutil symbols
  • Add release Github workflow to create all the release artifacts
  • Introduce --without-r2r configure option to disable compilation of r2r

cons

  • Add VT sequences input support for Windows

crypto

  • Remove hardcoded supported encoders names (e.g. base64, base91, punycode)

debug

  • Fixes for windows debugger
    • Improve exception logging
    • Fix inconsistencies in killing/restarting a process
    • Fix detaching without killing debuggee
    • Expose exception reason for di

io

  • Add new fd:// (handle:// on windows) plugin
  • Support self:// plugin for Solaris and Haiku OS
  • Fix regression while loading large files (>2GB) on 32bit systems

lang

  • Fix C/Cpipe when non standard library paths are used
  • Implement RLang.spp for templated scripting
  • Move #!v out of core (it's now available via r2pm)
  • Fix usage of #!python, #rust, and #cpipe
  • Do not include C/cpipe RLangPlugins on windows

magic

  • Add Android boot image signature

socket

  • Fix socket connect with SSL

util

  • Move RAnnotatedCode API from r2ghidra to r_util so it can be reused
  • Refactor r_big for gmp and SSL
  • Remove unused RConstr API
  • Remove unused RRangeTiny API
  • Add support for weakref RStrBuf and add r_strbuf_setptr API
  • Add r_vector_fini and r_pvector_new_with_len API and add bound checks on all RVector APIs
  • Add support for n# in pfc
  • Add generic reference counting implementation

rabin2

  • Fix go detection in non-elf binaries

radare2

  • Config variables
    • Renamed variables
      • asm.jmpsub -> asm.sub.jmp
      • asm.var.submin -> asm.sub.varmin
      • asm.tailsub -> asm.sub.tail
      • asm.section.sub -> asm.sub.section
      • asm.var.subonly -> asm.sub.varonly
      • asm.regsub -> asm.sub.reg
      • asm.relsub -> asm.sub.rel
      • anal.in=raw -> anal.in=range
      • asm.bytespace -> asm.bytes.space
      • scr.ansicon -> scr.vtmode (only on Windows build)
    • New variables/options
      • anal.vars.stackname: (true/false) Name variables based on their offset on the stack
      • asm.bytes.right: (true/false) Display the bytes at the right of the disassembly
      • bin.str.enc=ascii is a new option
  • Commands
    • Add axv and afvx and afv= commands to visualize var R/W accesses
    • Add afvxj to print JSON output of afvx
    • Add dmia command to list all info of a target lib and accept more print modes in dmi
    • Fix invalid json output for drtj command
    • Add key to highlight and go-to highlighted text in graph mode
    • Add JSON print to /E command with /Ej
    • Add zb command to find n closest matching graph zignature
  • Initial refactoring to generate commands help automatically and support argv-style command handlers (e cfg.newshell=true)
  • Add API to print decompiled code
  • Optimize aao objc analysis
  • Display file associated to the current file in the visual title
  • Fix runaway scrolling in Visual mode after mashing down movement key on Windows Terminal
  • Add F9 continue key to ESIL

rafind2

  • Implement rafind2 -F to find the contents of the file

rasign2

  • Add dumping of FLIRT signatures to rasign2
  • Move main code to r_main

r2pm

  • Initial support for git tags in r2pm

Details

More details

This release could not be done without the help of several people, who
contributed with many fixes and improvements. Above you can only find some short
highlights of what was done in this release, but many more important changes
have been committed and you can find them in our git log.

Authors

Assets 15
Loading

4.4.0 Codename: pangolin

14 Apr 02:54
@radare radare
4.4.0
9ea0b7c
Compare
Choose a tag to compare
4.4.0 Codename: pangolin

Release Notes

Version: 4.4.0
Previous: 4.3.1
Commits: 328
Contributors: 41

Highlights

  • Replace shellscript, nodejs and V testsuites with r2r.c which is shipped by default
  • Added initial analysis plugins for super-h and tricore
  • Fix build and some runtime issues on IBM s390x
  • Updated rap:// cleaned up implementation inside RSocket for client and server
  • Speedup type linking (300x faster)
  • Fixed all the timeouts and crashes from bins/fuzz
  • Add support for retpoline switch table analysis (spectre/meltdown)
    • Fix #16418 - Implement blind main detection on endbr+mov files
  • Add commands to emulate a basic block or the whole path until reaching an address
  • Fix support for the latest GLIBC for heap parsing
  • Improved automatic function signature association for the imports
    • Fixed afs command to show proper footprint
    • Add support for typedef and added NSString type on darwin binaries
    • Fixed all the t subcommands to print all types as C
  • Improved visual class browser and the visual bit editor
  • ragg2 now allows to change the path of the shellcode to run
  • Graph visualization is now faster
  • Use RPVector for io->maps - speedup map traversal (overall speedup)
  • Lots of code cleanup and refactorings reducing memory usage and performance
  • DEX loading is now 2x faster
  • Fix assembler: MOV for x86 and LDR for arm64
  • Improved the bin loader to support iOS 13.4 dyldcache files
  • Improved support for ObjC IVAR fields loading them as C structs
  • Add improved icc subcommands to print as classes as C, ObjC or Java
  • Automated Emscripten (JS/WASM) builds in CI
  • Fixed static build by defining a new file naming policy
  • Default installation path with sys/install.sh is now always /usr/local
    • Previous installations in /usr will be purged
  • Only check for major and minor version numbers when loading plugins
More details

Authors

Changes

anal

  • Add initial SuperH and Tricore analysis plugins
  • Added option to search all vtables
  • Fix infinite loop in aae - check if address is valid
  • If possible use symbol name instead of entry name for function name (#16528)
  • makes the local variable access detection work on arm64
  • Fix asserts when trying to use a unexistant or wrong analysis plugin
  • Minor Fixes for XRefs counting (#16546
  • Fix #16413 - Analyze code refs spotted with aae
  • Implement x86 anal.jmp.retpoline switch tables (spectre/meltdown)
  • Tweak arm64 ldr ESIL for var access
  • Add opaddr field in ab/abj output
  • Improve noreturn and aesu times, show it in afi & afij
  • Fix dup af+ removing function from hts (#16526)
  • Fix #16308 - Add fcn arg in r_core_anal_propagate_noreturn to avoid O(n) in af
  • Fix ao~bytes and add test
  • Improve aef by skipping calls and improving the logic
  • Improve aeg command and add aaef as an alias for aef@@@f
  • Fix #16225 - Remove the unused fcn_locs causing an UAF
  • Implement Shortest Path between BBs and add tests for abt (#16200)
  • Implement aesB command to step until the given basic block
  • Implement afsj command to get the JSON definition of the function signature
  • Add acvf command and devirtualizing vtable method calls (#16157)
  • Implement aeb command to emulate a basic block (#16174)
  • Guess a better name for functions when multiple flags point there

asm

  • Fix #16433 - Use MOV opcode B8+ for MOV r64, <0x80000000 to 0xffffffff> #16572
  • Fix #16433 - Support movabs for x86_64's MOV r64, imm64 (#16527)
  • x86_64: Use MOV opcode C7 for MOV r64, -<1 to 0x80000000> (#16551)
  • Fix arm64 branch assemble (#16205
  • Support asm.cpu for Tricore architecture (#16161)

bin

  • Fix infinite loop in macho commands parser (#16562)
  • Fix heap overflow in the relocs ELF parser
  • Improve COFF symbol info (#16523)
  • Fix crash issue induced by an integer overflow in the mach0 parser
  • Fix #16455 - iij asserts for ld-uclibc with a null import
    • Fix asserts in iij for ld-uclibc with a null import
  • Add rust lang support to iD command (#16490)
  • Fix #16418 - Implement blind main detection on endbr+mov files
  • Fix COFF symbols/imports info (#16446)
  • When computing ELF relocations, use DYNAMIC segment if available (#16419)
  • Make dyldcache accelerator info optional
    • Make dyldcache accelerator info optional
  • Do not use r_buf_data in DEX results in 1.5x faster parsing (22s vs 33s)
  • Implement icc*, in sync with ic* to get C strcuts from mach0 classes into r2
  • Add mach0 class fields with padding and sorted by offset
  • WIP: Improve ObjC's IVAR fields support
  • Fix #16265 - Segfault in rabin2 -O e/123 with ELF
  • Fix memory leak in RBin. NE relocations
  • This allows to open dyld cache files from iOS 13.4 for which
  • Idea for fixing id? and idp? etc commands (#16244)
  • Fix PE endian and alignment issues spotted by ASAN
  • Strip minuses from the hash names for sha256 PE signatures (#16156)
  • Fix heap overflow in the relocs ELF parser
  • Fix crash issue induced by an integer overflow in the mach0 parser
  • Fix #16455 - iij asserts for ld-uclibc with a null import
  • Make dyldcache accelerator info optional
  • Fix memory leak in RBin. NE relocations
  • Fix PE endian and alignment issues spotted by ASAN

build

  • Fix Build on NetBSD (#16520)
  • Update SDB
  • Make msbuild quieter (#16482)
  • Create more GitHub Actions jobs for meson and gcc/clang
  • Build fixes to make emscripten builds happy (#16406)
  • Avoid duplicated module filenames to fix static.sh
  • Rename util/diff.c to udiff.c to avoid libr.a collission
  • Build *.deb packages only for master branch (#16320)
  • Run sys/static in the Debian task
  • Fix #9240 - sys/install.sh uses always /usr/local + rpath now

core

  • Remove asm.linesup (#16293)
  • Fix wen command for io.va=true, add two tests
  • Fix #16281 - Do not load system-wide plugins twice
  • Only check for major and minor version numbers when loading plugins
  • Add cmd: acvf [offset] ([class name])
  • Add r2 -NN to not load plugins
  • Always use r_getopt, do not depend on libc (not just on windows)
  • Use r_core_cmd_lines() for -c (#16290)
  • Use @{} instead of @() and fix this modifier
  • Implement @v: value modifier, like @x: but with endian and size
  • Fix #15978 - segfault when using r2pipe webserver + local visual (#16508)
    • Makes r2 interop more stable

debug

  • Fix tcache address and offset in print_tcache_instance()
  • Fix dmht for glibc caused by wrong tcache offset and definition (#16247)
  • Fix tcache_perthread_struct definition
  • Test dmha/dmh for glibc x64 (#16307)
  • Fix #16432 - openbsd fork+attach EBUSY issue
  • Decouple shlr/gdb registers profile from code (#16312)
  • Minor fix to get dmh to work with riomap (#16286)
  • Detect glibc version and set dbg.glibc.tcache accordingly (#16255)
  • Fix chunk listing with tcache and add test (#16239)
  • Fix #16219 - Add $DB variable for dbg.baddr
  • Add tests for rebasing in debug
  • Fix debug rebase regressions
  • Clean drx/drt/drp help message (#16203)

diff

  • Fix print string in radiff -qu (#16212)

disasm

  • Show realnames on function's signature when enabled
  • Fix #16263 - Do not newline after showing switch cases

egg

  • Fix shellcode path customization (#16384)

graph

  • Optimize r_anal_get_bbaddr() to make graph navigation faster

io

  • Fix #16210 - Show error message and update help for we
  • Fix #14371 - Make wfs paired with wts, rename wfs to wfx
  • Use RPVector for io->maps - speedup map traversal
  • Fix #16347: o+ sets maps as writable like oo+ (#16381)

json

  • Fix #16233 - ~{} works on colorized JSONs
    • Fix #16233 - ~{} works on colorized JSONs
  • Use pj in zj (#16321)
  • Use pj in ilj
  • Add pj_ad api to print raw data

lang

  • Update support for V in libr/lang

ports

  • Fix #16109 - Add R_SYS_ARCH for s390x

print

  • Fix #16394 - Make pm [file] work again
    • Fix #16394 - Make pm [file] work again
  • Implement hex.offset config variable to hide address column from hex-dump (#16373)

refactor

  • Initial r_anal_fcn_* purge (#16238

reg

  • Make r_reg_get_list() search harder (#16202)

search

  • /ad/ in /bin/ls ate 9 extra MB that was never ...
Read more
Assets 6
Loading

4.3.1

05 Mar 18:48
@radare radare
4.3.1
e7f940d
Compare
Choose a tag to compare
4.3.1

Binaries: http://radare.mikelloc.com/release/4.3.1

Screenshot 2020-03-10 at 15 23 46

  • Fix segfault in om= command
  • Fix dead process issue with ood/doo command
  • Fix build with ancient capstone3
  • Fix build with pre-c99 compilers
  • Some more code cleanups + refactorings

See 4.3.0 changelog for full details compared to 4.2.0

Assets 2
Loading

4.3.0 - Codename llentia

04 Mar 00:21
@radare radare
4.3.0
bb78ef3
Compare
Choose a tag to compare
4.3.0 - Codename llentia

Release Notes

Version: 4.3.0
From: 4.2.1
To: 4.3.0
Commits: 214
Contributors: 33

Authors

Changes

anal

  • Rename the Function Flag on afn (#16078)
  • Fix 'af' missing lines bug when analyzing in frida://0
  • Implement function names with dots in signatures
  • Remove more members from RAnalBlock
  • Remove prev, jumpbb and failbb from RAnalBlock
  • Refactor Anal Hints (#15876)
  • Skip empty esil expressions in 'aeab' to fix partial results issue
  • Add 'aba' command as an alias for aeab
  • Fix aeab and add V (values) in aea outputs
  • Implement aeab command

asm

  • Fix #13908 - x86 aoj for instruction with hidden operand
  • Add 'wao jinf' for Dalvik
  • Determine Gameboy hardware registers in disassembly (#15909)

bin

  • Add new BIND_OPCODE_THREADED constant for MACHO binaries (arm64e)
  • Add Windows Crash Dump format support (#16087)
  • Minor Fixes and Tests for NSO/NRO (#16053)
  • Fix iS hash outputs (#16044)
  • Add Authentihash support for PE (#15987)
  • Fix ELF symbols for names just before the end of strtab
  • Parse dyldcache local symbols
  • Fix some out of bound accesses in LE (#15943)
  • Fix #14325 - Honor segments in DEX files (#15920)
  • Many FLIRT handling fixes

build

  • Fix debugger build on Linux/s390x
  • 'sign' as an alias for ios-sign and macos-sign
  • Build debian package in CI

cons

  • Fix again the EOL bgcolor issue (and improve scr.html) (#16120)
  • Implement ecHj to list highlight rules in json format
  • Fix r_table_tostring for string with ansi escape code (#16069)
  • Fix #16063 - bgcolor not reset on newlines
  • Fix ecH- deleting ecHi and deleting meta highlight items
  • Fix #15359 - Enable key.f# keys to be used in the shell
  • Improve the gentoo theme

core

  • tree-sitter: support iter commands (#16111)
  • Initial implementation of the 'rb' command to rebase all the things
  • Use state struct and start handling cmd_substition_arg in tree-sitter (#15966)

debug

  • Use RTable API in r_core_debug_rr (#16066)
  • Fix show register value in column (#16010)
  • Add 'dbH' to set hardware breakpoints (#15933)

disasm

  • Improve ecH (ecH-* dels them all, ecH- doesnt segfault, ecH list)

esil

  • If esil.addr.stack is mapped find an available one
  • When esil.stack.addr is -1 set it to the next unallocated address
  • Code cleanup for r_core_esil_step() (#16017)

graph

  • Add graph.aeab to show esil stats instead of disasm

json

panels

  • Fix a bug on clicking in panels (on Mac and Linux)

projects

  • Preserve "functions" flagspace when saving projects (#16057)

refactor

  • Revert "Avoidify the RUtil.strTrim() APIs, rename trimHeadTail() and add asserts in RConfig
  • Avoidify the RUtil.strTrim() APIs, rename trimHeadTail() and add asserts in RConfig
  • Fix consecutive call to r_table_sort (#16049)
  • Kill all globals in rabin2.c
  • Remove globals from main.r2
  • Remove globals from rax2

refactor"

  • Revert "Avoidify the RUtil.strTrim() APIs, rename trimHeadTail() and add asserts in RConfig

test

  • Add tests for RList (set, get, reverse, clone, append, prepend) and remove legacy
  • Add initial sparc regression tests
  • Handle ^C in r2r.v and support threads in fuzz tests
  • r2r.v: Assume BROKEN=1 if not 0 or "" (#15936)
  • Add Unit Tests to Meson (#15926)

types

  • Fix tccj, tccl, tcc* output errors and add tests (#15931)

util

  • Avoidify the strTrim() APIs + cleanup/refactor
  • Memory leak fix proposal in syscmd_join

visual

  • Fix #15963 - Handle / in Vx (visual xrefs)

To Review

  • Fix #15211 - null deref in calling convention analysis
  • Fix crash in elf parser found in the mtk-su binary with asan
  • Add support for number_command and recursive help
  • cmd_ignbithints should be set everywhere for consistency
  • Save rnum->value before doing a cmd substitution
  • Update radare2-shell-parser to fix null deref in html_disable_command
  • Fix last coverity issues (#16114)
  • Make r_strbuf_fini() safer (#16115)
  • Add test for loading typedefs with to (#16101)
  • Add test for long ESIL bug (#16102)
  • [ppc] Only free op->esil if ESIL not requested (#16102)
  • Fix #16093 - support syscall redefinition in REgg (#16106)
  • Upgrade to node-r2r-0.4.0 (#16098)
  • Add test for yara in extras (#16090)
  • Fix #14647 - Add output of sections to segments mapping for ELFs (#16045)
  • Add output of sections to segments mapping for ELFs
  • Create RReg test unit (#16081)
  • Fix some anal cmd handlers (#16085)
  • Do not use the elvis operator for bool expressions (#16073)
  • Upgrade node-r2r to 0.3.1 to fix the <<EOF -i issue (#16072)
  • Fix null-deref on afv[rbs]-* without function (#16071)
  • Use RString and minor cleanup (#16070)
  • r2r.v path/to/cmdtest works now
  • Convert NAME='name' to NAME=name in tests (#16067)
  • Fix r_cons_rgb_parse() harder (#16061)
  • Also fix init of some ret args in r_meta_print()
  • Boolify try_walkthrough_jmptbl
  • Add R_ANAL_RET_NOP constant
  • Add test case
  • Replace O(n2) ELF symbol matching with hashmaps (#16052)
  • Replace O(n2) ELF symbol matching with hashmaps
  • Swap loop order to ensure that all phdr_symbols are marked.
  • Use name, size and offset as hashmap keys.
  • Add [?] to fd help entry (#16058)
  • Allow function names containing dots in tcc
  • Add some very basic tests for NSO/NRO
  • Remove broken readLE* functions from NSO/NRO
  • This reverts commit 38b61c7.
  • Run 'r2r fuzz' from anywhere
  • Remove stray pancake activity ;) (#16054)
  • Fix a segfault in libmagic when error string > 4096 (#16050)
  • Fix address representation minbound maxbound in afij (#16051)
  • Force sorting of rows in the event of consecutive sort
  • Remove global Gdec and use r_list_reverse for decreasing sort
  • Add test for r_table_tostring and r_table_sort
  • Upgrade capstone v4 and next branches
  • Simplify travis oneliner
  • Fix r_table_sort segfault when column type is NULL (#16047)
  • Rename argument to 'dec' (decreasing) to reflect existing output
  • Add test
  • Refactor bin_sections function
  • Add filter_hash_string function
  • Fix segfault in Authenticode hash check (#16042) (#16043)
  • I noticed that r2 will crash when loading a PE file with
  • Authenticode digest algorithm other than SHA-1 or MD5. I traced
  • it down to the PE_(bin_pe_compute_authentihash) function returning
  • NULL if it encounters an unsupported digest function. This results
  • in NULL being passed to strcmp which causes the segfault.
  • Solution was to add a check for PE_(bin_pe_compute_authentihash)
  • returning NULL and to set bin->is_authhash_valid to NULL.
  • The real solution is to add support for more algorithms but this will
  • stop crashes for now.
  • Greenify AppVeyor on master by using different tag name (#16041)
  • Greenify AppVeyor on master by using different tag name
  • Co-authored-by: Itay Cohen [email protected]
  • Fix read stack-based buffer overflow when using str with pk_js (#16040)
  • In some cases I noticed str is not correctly terminated, so when it is
  • later used in pk_js, that function reads a very long string, outside
  • of the memory bounds of the original buffer.
  • Add support for @* commands in new r2-shell-parser (#16038)
  • Use TSSymbol instead of comparing type strings
  • This patch uses ts_node_symbol instead of ts_node_type to check whether
  • a node is of a given type. Since TSSymbol is just an integer, the check
  • will be much faster. Also, it allows to store commands handler in an
  • hashtable, instead of having if-cascade.
  • Make sure r_config_hold works even when keys do not exist or are freed
  • Add support for all _tmp_commands
  • Make sure to always reuse the same TSLanguage
  • Update both tree-sitter and radare2-shell-parser
  • This way we use TSLanguage version 11, which fixes some problems with
  • TSSymbols.
  • Compute is_last_cmd on each single command and fix logging
  • is_last_cmd should be set on a per-command basis, so if you analyze
  • things like pd 3; .; .; .; the . refers to pd 3.
  • This also fixes logging, so when an invalid command is parsed, it is
  • still available in the history.
  • Add comment about directly using r2-shell-parser in r_core_cmd_lines
  • r_core_cmd_lines tries to parse the input and split it in lines, but at
  • least in theory, we don't need it as the new parser can already handle
  • full scripts.
  • Allow other tasks to run between commands even in the new ...
Read more
Assets 2
Loading

4.2.1

20 Feb 11:45
@radare radare
4.2.1
08478fd
Compare
Choose a tag to compare
4.2.1 
Release r2-4.2.1
Assets 2
Loading

Arctic World Archive

21 Jan 05:34
@radare radare
4.2.0
57a60ba
Compare
Choose a tag to compare
Arctic World Archive

On February 2, 2020, GitHub will capture a snapshot of every active public repository, to be preserved in the GitHub Arctic Code Vault. This data will be stored on 3,500-foot film reels, provided and encoded by Piql, a Norwegian company that specializes in very-long-term data storage. The film technology relies on silver halides on polyester. This medium has a lifespan of 500 years as measured by the ISO; simulated aging tests indicate Piql’s film will last twice as long.

csm_Svalbard_Global_Seed_Vault_f25d850445

Release Notes

Version: 4.2.0
From: 4.1.1
To: 4.2.0
Commits: 175
Contributors: 23

Authors

Changes

anal

  • Fix #15091 - Make 0 fcnsize warning more meaningful and verbose-only (#15866)
  • Fix jumptable size #13812 (#15822)
  • Fix afs not working without rettype
  • Fix a null deref in fcn_recurse
  • Remove Custom Analysis for Java (#15817)
  • Refactor RAnal Basic Blocks and Functions (#15169)
  • Change RAnalBlock.size to ut64
  • Make type matching independent of bb list order
  • Improve the op.type text representation when unhandled modifiers are used
  • Remove dupped basic block analysis in core (#15714)

asm

  • 'push rip' is not a valid instruction

bin

  • Improve realname support for symbols (#15702)
  • Add test for #15727 (smd strings) (#15777)
  • r_str_unescape: Support all izz esc seqs (#15770)
  • Force read permissions on all load maps in ELF
  • Initial implementation of LX/LE file plugin

cons

  • Implement ar, and dr, commands to list registers in table format
  • Fix #14424 - Handle ~ operator in the ms shell
  • Implement r_strbuf_slice and use it in panels to solve a glitch

core

  • Add ?V0 ?V1 ?V2 - for semver support
  • Upgrade to acr-1.8.1 to get semver support
  • Add pkgname in RLibStruct for r2pm on outdated plugins

debug

  • Added reverse step and continue support to gdbr
  • Moved drC to drpC for profile comments and added drC for reg comments
  • Added register specific comment parsing to register profiles
  • Fix crash caused by rebasing a file without sections
  • Set cfg.debug to true before running oodf in doof
  • Fix multithreaded breakpoint behavior in linux
  • Attach to new linux threads on creation
  • Fix debugger build on linux-s390x
  • Always unset bps after continue and step hard
  • Add detailed location info to dpt using pc instead of path
  • Add packed sizes to gdb vector registers and improve mapping of target description to r2 regs
  • Fix drt not printing non 64bit/32bit registers and flags
  • Refactor breakpoint validation (#15754)
    • Refactor breakpoint validation
  • Revert "Validate bp addr on rebase and restore instead of preventing creation
  • Validate bp addr on rebase and restore instead of preventing creation
  • Fix hardware bp restoring and fix hwbp repeating errors
  • Add location in file to linux dpt output
  • Fix var rebasing by saving regname info
  • Refactoring ptrace register write for BSD
  • Implement bsd_thread_list for FreeBSD
  • Fix reopening of windows debug after detaching not working
  • Fix windows breakpoint rebasing
  • Prevent the restoration of disabled breakpoints

diff

  • Add explicit fingerprint_size to RAnalFunction
  • Add ccdd command to diff decompiler output of two functions
  • Add ccdd command to diff using decompiler (experimental)

disasm

  • Remove realname from strings (#15841)
  • Show flag realname when finding a function and realname is enabled
  • Hide flag comments when realname is shown (#15801
  • asm.symbol: Improve code/test a bit more (#15798)
  • asm.symbol: Fix flag name when disasm from non-flag addr with no anal

esil

  • Add RISC-V 64 word instructions and test (#15742)
  • Correct RISC-V division and add test (#15712)

io

json

  • Use PJ api in the output of isj and show realname
  • Fix issues in iCj, drlj and arlj
  • Fix izzzj json output
  • Fix gen json dwarf with pj api (#15755)
  • Fix is.j iEj and iaj json validation issue in r2 -- (#15724)

panels

  • More fix for resizing issue (#15844)
  • Performance improvements for the cursor mode
  • Code clean-up and a little performance improvement for decompiler cache
  • All the available decompilers outputs will be properly shown with this
  • Make the decompiler cache work properly
  • Add H key for cursor mode which works like the one in vim

print

r_debug

  • Debug, BSD systems refactoring

search

  • Add elliptic curve private key search in /cr command (#15761)
  • izzzj: Add izzj attributes (#15759)

signatures

  • Apply types on matching zignature data

table

  • Add f, command to list flags in table format

test

  • Fix V testsuite build with latest V from git (#15867)
  • Convert cmd_pd* tests from <<KEYWORD to <<EOF (#15823)
  • Support extras tests in r2r.v (#15821)
  • r2r.v, -j 0: Allocate 1 job per test (#15807)
  • Improve unit test execution using the new V suite and makefiles
  • Many improvements in the V testsuite (#15722)

tests

  • r2r.v, -j 0: Allocate 1 job per test (#15807)

util

  • Fix r_list_set_n() to allow empty element (#15820)

visual

  • Limit panel tabs to 9 to avoid keybinding and click issues

windows

  • Fix reading on invalid process memory

To Review

  • Release 4.2.0 - Arctic World Archive
  • Fix resizing issue (#15863)
  • Fix pkgname version check for real now (#15862)
  • Enable V testsuite on GitHub CI (#15796)
  • Enable V testsuite on GitHub CI
  • Check version for pkgname correctly (#15860)
  • dot can be null
  • Using R2_VERSION_MAJOR/MINOR is wrong because they will be continuously updated and we want to check for exactly 4.2.0
  • The version check logic itself was wrong
  • Fix afb test (#15861)
  • Fix #15833 - Only print pkgname if the plugin is for r2 >= 4.2
  • Update/improve jmptbl size tests
  • Use specific commit of V to avoid build issues
  • A bit more picky fix
  • Add test for afs without type
  • Fix #15767 - Temporarily disable colors in drrj
  • Fix warnings
  • Update radare2-shell-parser
  • Use void because we don't do anything with the return value
  • Coverity fixes
  • Remove the wrong test
  • More tests fixes
  • Resizing works not perfectly yet but close
  • Fix #15604: Convert all tests from <<KEYWORD to <<EOF
  • Fix wrong tests (#15834)
  • Add test for env variables boolification
  • Introduce SETBPREF to handle "boolish" vars like asm.cmt.off
  • Do not try to convert to true/false, as it breaks integer vars
  • See discussion at #15681 .
  • Unfortunately the change cannot be done for non-int vars only, because
  • right now vars are not statically typed, so a var that is initially
  • CN_INT can then become CN_STR if you set a string.
  • Changing vars to assign them a static type when they are created would
  • require a much bigger change and discussion.
  • A bit of refactoring in r_config.h
  • Move all version defines into r_version.h and handle it from meson too
    • R2_VERSION_MAJOR
    • R2_VERSION_MINOR
    • R2_VERSION_PATCH
    • R2_VERSION_NUMBER
  • Mach-O io: mem leak fix proposal. (#15829)
  • C89 Fixup for r_sign_fcn_types function (#15824)
  • Fix error: for loop initial declarations are only allowed in C99 mode
  • Implement new zignature types format
  • Adapt zignature types deserialization to new format
  • Integrate fcn types when zignatures match
  • Use node->i_value in the log.level/log.traplevel callbacks
  • Basic Blocks are now global instead of owned by a single function.
  • Fix dbg_bps tests that always succeeded (#15763)
  • Approved-by: Riccardo Schirone [email protected]
  • This feature only works with server implementations that have ReverseStep
  • and ReverseContinue enabled, such as rr. The official gdbserver doesn't support it.
  • Remove opt->sz checks and operations in r_bin_open_buf
  • opt->sz is not used anyway in r_bin_open_buf, so there's no need to
  • check its value or compute it.
  • Fix last coverities related to cbin
  • Add test for a8 command
  • Some more coverity fixes (#15802)
  • Implement pcV command to print byte array in Vlang
  • Fix a small bug by removing some useless codes (#15795)
  • Initial implementation of libname for flags in imports
  • Initial support for PE and real flag
  • Read libname for PE exports
  • implement pj for imports
  • Remove imp. prefix from symbol names
  • Fix r_core_bin_impaddr()
  • Fix some mdmp import stuff
  • Print libname in ii
  • Fix some imp. checks and reloc meta
  • Fix r_bin_filter_sym() for imports
  • Use realname for noreturn check
  • Fix asm.flags.real for direct calls
  • Fix realname for direct calls with fcn
  • Fix resolving names from ordinal
  • Co-author...
Read more
Assets 2
Loading

4.1.1 - reantull

20 Dec 12:29
@radare radare
4.1.1
c6d0c4a
Compare
Choose a tag to compare
4.1.1 - reantull 
Release 4.1.1 - Codename 'reantull'
Assets 2
Loading