radareorg/radare2 6.1.2

on GitHub

Authors

AGhebrea Adam Satko Antoni Viciano Armin Weihbold David Given Dennis Goodlett Priyanshu Kumar condret dependabot[bot] pancake pancake pancake pancake potato satk0

Changes

analysis

• Preserve anal.timeout across and iterators
• Add APIs to get/set function signatures and other attributes
• Fix selection of overlapped functions in pdc
• Unify invalid code checks and stop filler-prefix blocks early
• Dont crash when reaching large bb limits, defaults to 64KB
• Improve the jmptbl bb isvalid checks
• Shrink the default max basicblock size from 512K to 8K
• Refuse to accept invalid jmptbl blocks
• Add anal.vars.maxframe and anal.vars.maxbbsize
• Fix esil-computed refs without losing type propagation information
• Implement the 'ah=' command to copy instruction details into hints
• Optimize isString logic for anal.strings reducing heap allocations
• Minor optimization on a function called a lot of times in aae

api

• Remove all the filetype related apis from librmagic
• Remove r_name_filter_print function

arch

• Fix Thumb label resolution for b/bl
• Fix #23536 - Changing arch.endian affects cfg.bigendian
• Initial implementation of the Python pseudo plugin
• Fix overlapping registers in the dalvik profile
• Honor endian settings for the or1k disassembler
• Add ex9patch script for nds32

arm

• • Fix overlapping function selection and pdc boundary crossing on arm64 kernelcache

asm

• Use RArch instead of RAnal for consistent settings
• Fix the .fill directive wrongly using sizeof multiplier
• Add bf.pseudo plugin

bin

• Avoid redundant ELF uncaps scans in get_stripped
• Fix the ELF phdr parsing beyond symtab
• Add RBinInfo.uncaps to expose non-encapsulated symbols
• Improve stripped detection on MACHO binaries
• Improve stripped detection on ELF binaries
• Refactor and cleanup the PEF and PDB parsers
• Fix PDB parser cleanup on failed parses
• Handle empty XTAC names safely
• Pass around RBinFile in dwarf. instead of using bin->cur
• Fix Mach-O redacted symbol scanning in NUL-separated string tables
• Harden Mach-O entitlement bounds checks
• Optimize the RBinFilter code for section names
• Clamp nindirect count saves 7GB parsing corrupted macho
• Fix tons of memory leaks in the DEX parser
• Fix memory leaks in the microsoft demangler
• Fix infinite loop in walk_codesig by using blob offsets
• Fix kernelcache nested Mach-O symbol parsing under rebased IO
• Local LE optimization for the macho parser
• Speedup RBin.XnuKernelCache parser
• Improve icc's objc output to be more correct
• Fix ObjC instance/class method types when dumping via icc
• Simplify the macho header parsing to extract endianness
• Clamp code signature slots and simplify parsing checks
• Add missing CSSLOT code signature types for macho
• Refactor Mach-O bind parser to reduce nested code and improve bound checks
• FIx #25482 - Improved macho bound to avoid unparseable allocations
• Fix 'isv' error message and other code cleanups in cmd_info

build

• Support v6 as an alias for capstone-next for meson
• Fix #25607 - arm64 disassembler wasn't available for capstone-next
• Remove shlr/capstone leftovers
• Do not use LTO for static builds by default
• Zig toolchain for debian/i386 crosscompilations
• Add docker and scripts for testing on i386
• Initial bootable dist/iso machinery

ci

• Pub the r2r json artifacts for the asan jobs
• Use -j4 in a windows build instead of -j1
• Improve the wasi build machinery

cons

• Preserve cons.timeout across context stacks
• Add missing keys in color themes
• Hardened nullable context cloning

core

• Fix RConfigSet bug creating keys when storage is locked
• Defer autocomplete and envprofile setup in non-interactive startup
• Initial support for $$..XXX addressing
• Rename anal.types. config vars to be just types.

crash

• Memory ownership improvements for the http webserver
• Fix nullable outputs in r_flag_zone_around
• Fix use-after-free in bin_any filetype detection
• Fix pcap buffer unref on parse failure
• Fix 3 critical bugs in the regex engine
• Use RStrBuf in librmagic to fix two vfprintf bugs
• Add more safety bound checks in dotnet
• Fix oobread in dotnet parser
• Fix assert in '?e je|!cat' writing 0 bytes
• Fix null deref in the PEF parser
• Fix oobread exposed in the new psp tests
• Fix invalid mem free when one DIE has two or more DW_AT_name attributes
• Fix SIGCHLD deadlock for r2r 32bit systems
• Fix race condition in Linux's system causing random r2r failures
• Bound Mach-O SuperBlob count before allocation
• Fix infinite loading times for a fuzzed macho file
• De-recurse bbtree walks abusing stack usage in wasm/asan
• Fix UAF in the dotnet metadata parsing
• Clamp utf8 decode length for truncated null terminate inputs
• Fix deinitialization segfault in the background webserver

doc

• Document r2r tests in the manpage

dwarf

• Find dwarf attr DW_AT_frame_base once outside the hot loop

egg

• Inline assignments, block bodies, no empty frames and fastcall handling
• Refactor arm emitter, memory access, branch logic
• Refactor arm64 load/store helpers
• Fix fastcall declaration parsing and add a test
• Fix arm thumb emitter for frame, string, getvar and load
• Some arm64 egg emitter fixes (string, jmp, 8byte alignment, stp/ldp)

esil

• Dont run aeim in esil analysis related commands
• Push a zero into the esil stack when dividing by zero

fs

• Fix HFS+ extent overflow search key initialization

graph

• Add graph.bb.maxsize option to limit basic blocks size in graphs

io

• Speed up dyldcache rebase backtracking in io.dsc
• Fix memory leak, zip creation in readonly and other minor bugs in zip
• Do not corrupt files when using zip://

lib

• Refactor DRY user plugins load logic

muta

• Simplify the transposition muta plugins

print

• Merge pz and p= subcommands capabilities
• Support utf8 dots on truncated text with the new r_print_ellipsis
• Simplify cmd_print string helpers and drop null guards
• Fix utf8 checks for invalid and overlong encoding

projects

• Add prj.new config to use the new prj formats

r2js

• Implement more r2js variants for r2pipe2

r2r

• Fix r2r temp diff file handling
• Run iH for all the fuzzed binaries

ragg

• Fix memory leak in ragg2

remote

• Expose URI instead of basename for r2agent sessions

sandbox

• Do chdir("/") after chroot(".") to avoid sandbox escapes

search

• Use block buffering for faster anal search
• Optimize /az reading blocks and use minopsz and opalign

shell

• Fix #25556 - Internal grep with macros
• Support copying to directory and handle errors in cp

snslydid

• Run data-flow reference analysis to cmd_anal_all for consistent behavior witha aa

test

• Fix null/len checks to please the fuzz suite
• Add fuzz loop scripts
• Introduce the new indent suite

tests

• Add fuzz loop scripts

tools

• Add r2r -1 as an alias for -j1
• Fix formatting braced stuff like enums
• Reuse RCons in rafs2 interactive shell
• Fix SIGSEGV in rafs2 interactive mode
• Add support for user plugins in rafs2

types

• Lazy-load and cache types to speed startup
• Merge OS-specific types in RAnal.setOS
• Use sdb_set instead of sdb_query to store data after parsing
• Support parsing vararg in function pointers
• Support parsing forward structs declaration
• Include line number and type name when parsing fails
• Implement the tf- command to delete function definitions
• Add anal.types.xrefs for the tv commands
• Show xrefs for function signature definitions in tfv
• Implement tfv command to view function arguments and its offsets

util

• Add a larger regex testsuite and fix a couple of bugs

visual

• Add TV as an alias for TV
• Improve quality in the treemap '?em' code