pwndbg/pwndbg 2023.03.19

on GitHub

Here is the 2023.03.19 release. Thanks to everyone who contributed!

TL;DR what this release brings

• New or edited commands:
  • kbase, kchecksec, slab - kernel debugging only commands to get kernel base address, checksec for kernel and list kernel slabs
  • valist - dumps arguments of a va_list structure on given address
  • ai - ask AI about the current debugging session (requires openAI API key)
  • cunwatch now operates on the index/number of expression instead of requiring the user to pass the whole expression to unwatch
  • cyclic - improved UX by adding nicer info/error messages
  • the tls command now leverages GDB's scheduler locking so now when it calls a function to obtain TLS address it won't allow any other target threads to run, which could previously cause issues on targets with multiple threads
• We added command categories and refactored the display of pwndbg help :)
• Added support for riscv:rv64 architecture
• Lots of glibc heap commands fixes and improvements
  • Better support for 32-bit and big-endian architectures
  • Better heap heuristics
  • largebins now display bin size ranges instead of indexes
  • arena displays thread id
  • vis_heap_chunks has now --all-chunks to display all chunks
  • we renamed two flags in the vis_heap_chunks command (--naive -> --beyond-top and --display_all -> --no_truncate)
• It is now possible to display instruction opcodes in the disasm context by setting set nearpc-num-opcode-bytes 9
• Fixes for vmmap recursion errors
• Fixes for Rust binaries debugging
• Support for Rizin
• Unicorn emulation is now disabled if mmap(1GB, RWX) fails due Unicorn Engine aborts on environments with low memory
• Improved virtualenv detection and warnings
• Fixed message when locales are wrong: in fact, Pwndbg requires LC_CTYPE=C.UTF-8 environment variable and not LC_ALL=en_US.UTF-8 PYTHONIOENCODING=UTF-8 as it previously suggested

What's Changed

• Fail tests if an error occurs by @gsingh93 in #1445
• Add ArchOps by @gsingh93 in #1444
• Make it easier to remove cwatch expressions by @gsingh93 in #1421
• Move some event hooks to hooks.py by @gsingh93 in #1431
• Start a env_parallel session to avoid argument too long errors by @gsingh93 in #1446
• Use RawTextHelpFormatter for more commands by @gsingh93 in #1448
• Add kchecksec command by @gsingh93 in #1441
• Add x86_64ArchOps by @gsingh93 in #1449
• Add kbase command by @gsingh93 in #1450
• Remove redundant struct.unpack formats by @gsingh93 in #1451
• Fix gdb-pt-dump exception when attaching to x86 QEMU by @gsingh93 in #1452
• Added command to list slabs by @gsingh93 in #1442
• Add paging_enabled function and OnlyWhenPagingEnabled decorator by @gsingh93 in #1454
• Cleanup command docstrings by @gsingh93 in #1461
• Annotate some vmmap methods with @OnlyWhenRunning by @gsingh93 in #1463
• Don't print aliases as commands in pwndbg output by @gsingh93 in #1460
• Better error handling in bugreport command when no command history by @gsingh93 in #1464
• Fix issue #1466 by @QueenEleanor in #1467
• Add mypy configuration to pyproject.toml by @gsingh93 in #1468
• Add safe type hints by @gsingh93 in #1469
• Remove dependency to python-future (#1250) by @hamarituc in #1470
• Automatically add types with pyannotate by @gsingh93 in #1471
• More type hints by @gsingh93 in #1472
• More type fixes by @gsingh93 in #1473
• Fix type issue in ida.py by @gsingh93 in #1474
• Upgrade dependencies by @gsingh93 in #1476
• Add support for command categories by @gsingh93 in #1477
• Add commands to categories by @gsingh93 in #1478
• Add slab info command by @gsingh93 in #1447
• Rename elfheader command to elfsections by @gsingh93 in #1481
• Fix reload command by @disconnect3d in #1491
• Fix #1457 - warn if monitor info mem is invalid by @disconnect3d in #1480
• Add commands to Linux category by @gsingh93 in #1483
• gdbinit.py: improve virtualenv detection and warnings by @disconnect3d in #1489
• gdblib/symbol.py: remove symbol autofetch by @disconnect3d in #1494
• Minor improvements (some of #1465) by @disconnect3d in #1493
• Fix #855: Rust binaries debugging by @disconnect3d in #1495
• gdb-tests/tests.sh: don't do make clean on each run by @disconnect3d in #1497
• Remove commands/gdbinit.py by @gsingh93 in #1499
• Add start command category by @gsingh93 in #1500
• Add commands to memory category by @gsingh93 in #1492
• Don't assign result of fetch_lazy by @gsingh93 in #1501
• Fix some easy type errors by @hauntsaninja in #1502
• Fix is_memory_mapped_file by @gsingh93 in #1503
• Refactor nearpc by @gsingh93 in #1498
• Implement contains for reg module by @gsingh93 in #1504
• Run lint CI job and Ubuntu 22.04 and 18.04 by @gsingh93 in #1505
• More type fixes by @gsingh93 in #1506
• pwndbg.gdb.regs type fixes by @gsingh93 in #1508
• Fix some misc type errors by @gsingh93 in #1509
• Fix memoize debug path by @disconnect3d in #1510
• Add gdbserver dependency to Ubuntu build by @CptGibbon in #1514
• Fix optimize color memoization by @disconnect3d in #1511
• Remove Arch.signed and Arch.unsigned by @gsingh93 in #1516
• Fix some type and pylint errors by @gsingh93 in #1515
• Type fixes by @gsingh93 in #1517
• Fix memoize type issues and enable mypy in lint script by @gsingh93 in #1518
• Update pylint config and fix lint issues by @gsingh93 in #1519
• Fix more pylint warnings by @gsingh93 in #1520
• Remove useless statement in procinfo.py by @gsingh93 in #1521
• cyclic command: improve UX by @disconnect3d in #1522
• Add valist command by @gsingh93 in #1524
• Improve cwatch formatting by @gsingh93 in #1525
• Improve hexdump collapse display by @disconnect3d in #1526
• requirements.txt: bump pwntools to 4.0.9 by @disconnect3d in #1527
• Update qemu test scripts and images by @gsingh93 in #1529
• Don't fail CI if codecov upload fails by @gsingh93 in #1532
• Finalize QEMU testing scripts by @gsingh93 in #1531
• TLS related enhancements by @lebr0nli in #1536
• Run QEMU tests on CI by @gsingh93 in #1533
• Support showing opcodes in the disassembly by @lebr0nli in #1537
• Bug fix for error handling of the heap commands by @lebr0nli in #1543
• Fix procinfo command (#1544) on QEMU targets and with abstract UDS by @disconnect3d in #1545
• lint.sh vermin: use -vvv --no-tips by @disconnect3d in #1552
• Fix #1534: disable emulation if mmap(1G,RWX) fails by @disconnect3d in #1546
• lint.sh: vermin -vvv instead of -vvvv by @disconnect3d in #1556
• Fix configfile by @gsingh93 in #1569
• Enhance the checks before accessing the memory for the heap heuristics by @lebr0nli in #1558
• gdbinit.py: fix message when locales are wrong by @disconnect3d in #1573
• Fix OnlyWithArch invocations (cymbol command) by @disconnect3d in #1574
• Fix #1572: fsbase/gsbase commands on x86 32-bit archs by @disconnect3d in #1575
• Add support for Rizin by @mariaWitch in #1571
• Support using the rich module to print the full stacktrace by @lebr0nli in #1578
• Remove /foo file by @disconnect3d in #1582
• arena command: display thread id (fixes #1562) by @disconnect3d in #1583
• Use pwnlib.util.misc.which instead of gdblib.which.which by @disconnect3d in #1584
• Fix plt and gotplt commands by @disconnect3d in #1576
• Fix auxv memory access error by @disconnect3d in #1586
• Added support for riscv:rv64 by @zommiommy in #1588
• Rewrite some unreliable methods for the heap heuristics by @lebr0nli in #1579
• GPT-3 Command for Pwndbg by @oblivia-simplex in #1589
• Make the output of the heap-related commands consistent by @lebr0nli in #1590
• Avoid downloading files from remote server in some cases by @lebr0nli in #1593
• Hopefully fix vmmap recursion issues by @disconnect3d in #1585
• Add i686 heap alignment heuristic by @CptGibbon in #1595
• A few last-minute fixes for the ai command by @oblivia-simplex in #1594
• Hopefully fix the bug when using LD_PRELOAD to load libc by @lebr0nli in #1602
• Fixes #1600, #752: invalid symbol.get results by @disconnect3d in #1605
• tests.sh: check for parallel_env requirement (closes #1606) by @disconnect3d in #1607
• symbol.py: remove _add_main_symbol_to_exe by @disconnect3d in #1609
• Fix #1610: symbol.get with duplicated symbols by @disconnect3d in #1611
• Add print all chunks in vis_heap_chunks by @neryaz in #1604
• feature: Add headers to arenas command output by @CptGibbon in #1612
• Display bin size range in largebins command output by @CptGibbon in #1613
• ai tool now uses ChatGPT model by @oblivia-simplex in #1614
• Add largebin_index_32_big macro by @CptGibbon in #1617
• Fix #808: set search-memory-packet off only on GDB<=9 by @disconnect3d in #1619
• Correct smallbins alignment on i386 by @CptGibbon in #1621
• Correct largebin size lookups on i386 by @CptGibbon in #1623
• Fix #1394: Improve installation process by @Cycatz in #1620
• Bump Zig version by @CptGibbon in #1629
• Fix the bug when using the heap heuristic on big-endian architectures by @lebr0nli in #1627
• Fix the issues when finding tcache for some 32-bit architectures by @lebr0nli in #1625
• fetch GDB version via regex to fit Fedora format by @disconnect3d in #1632

New Contributors

• @QueenEleanor made their first contribution in #1467
• @hamarituc made their first contribution in #1470
• @hauntsaninja made their first contribution in #1502
• @mariaWitch made their first contribution in #1571
• @oblivia-simplex made their first contribution in #1589
• @neryaz made their first contribution in #1604
• @Cycatz made their first contribution in #1620

Full Changelog: 2022.12.19...2023.03.19