P2: UNSAFE backend scripting escape hatch (eval/exec)#211
Closed
mahaloz wants to merge 1 commit into
Closed
Conversation
The universal escape hatch for backend-specific work the abstracted API doesn't cover — kept explicitly unsafe and backend-specific, not portable. - New `decompiler eval "<expr>"` and `decompiler exec "<code>"|--file <p>`. - DecompilerInterface.backend_eval runs Python in the backend process with the interface bound to `deci` (idaapi importable, deci.flat_api on Ghidra, deci.project on angr, deci.bv on Binja). Generic — one base implementation serves every backend. Routed through the server's main-thread dispatcher, so it is safe on IDA/idalib. - `eval` returns the expression repr; `exec` captures stdout and a `result` variable. Errors return a traceback and exit non-zero. - The failure field is named `traceback` (not `error`) on purpose: the client/server wire protocol reserves a top-level `error` key for RPC failures, and colliding with it made every call look like an RPC error. - Client proxy + tests (eval expr, backend access via `deci`, exec stdout, result var, error reporting) — all pass on IDA, Ghidra, and angr. - SKILL.md / docs updated with prominent UNSAFE warnings. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01HfZHdprXg38re1XyKxzGg5
Member
Author
|
Integrated into |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
The universal escape hatch for backend-specific work the abstracted API doesn't cover (IDALib's
py_eval/py_exec_file). Kept explicitly unsafe and backend-specific — not portable, not sandboxed.New capabilities
decompiler eval "<expr>"anddecompiler exec "<code>" | --file <path>.DecompilerInterface.backend_evalruns Python inside the backend process with the interface bound todeci:idaapiis importable,deci.flat_api(Ghidra),deci.project(angr),deci.bv(Binary Ninja). One generic base implementation serves every backend, routed through the server's main-thread dispatcher so it's safe on IDA/idalib.evalreturns the expression'srepr;execcaptures stdout and aresultvariable. Errors return a traceback and exit non-zero.Example
Design note
The failure field is named
traceback, noterror, on purpose: the client/server wire protocol reserves a top-levelerrorkey for RPC failures, so a result dict with anerrorkey made every successful call look like an RPC error. Renaming the key fixed it.Tests
test_eval_expression,test_eval_has_backend_access(verifiesdeciis bound and the backend is reachable),test_exec_captures_stdout,test_exec_result_variable,test_eval_error_is_reported. All pass on IDA, Ghidra, and angr — the mechanism is backend-agnostic.Eighth and final PR in the IDALib-parity series. Based on
feat/cli-patching(#210).This completes the gap-closing set: persistence, comments, globals/signatures, typed reads/addresses, search/imports, define/undefine, patching, and this scripting hatch.
🤖 Generated with Claude Code
https://claude.ai/code/session_01HfZHdprXg38re1XyKxzGg5