5.7.4

Release Notes

Version: 5.7.4
Previous: 5.7.2
Commits: 79
Contributors: 11

Highlights

More details

Authors

Alex Bender Baldanos Dennis Goodlett Richard Patel Richard Patel Sergi Àlvarez i Capilla condret gitcolt pancake pancake tbodt

Changes

anal

• Honor syntax cfg in cs anal plugins
• SPARC ignores cfg.bigendian because all instruction fetches are BE
• Add big endian support for arm prelude search

arch

• Re-enable the bpf.mr assembler

asm

• Remove all instances of "ptr " in x86 cs assembly output
• Move the lm32 plugin into the anal

bin

• Fix o-- issue on macho-arm64
• Don't hash files when loading, that's too heavy! 1.2s -> 0.8s
• Fix wasm function offset lookup
• Split wasm imports by types

ci

• Ignore odr-violations by default when running asanified r2r

cleanup

• Lint for x""

cons

• Add r_sys_signable() and use it from r_cons_thready

core

• Fix loading xtr bins without arch dedicated asm plugin loaded

doc

• Correct help msg fro ph command

fs

• Fix mountpoint listing in the rfs shell

io

• Add omu command to create a unique map
• Miniscule optimization of io vread and mapping operations

lint

• Add R_MUSTUSE hint
• Add a linting to avoid R_LOG calls ending with a dot
• Use r_str_startswith() in libr/io/p instead of strncmp

print

• Fix (null) printing on pi command

projects

• Fix #20405 - Multiple fixes and improvements in projects

refactor

• More eprintf -> RLOG here and there
• Merge asm.java into anal.java
• Move asm.sh disassembler into the anal.sh
• Add another source linting to avoid newlines in RCore.cmd()
• Minor simplification of meson build files
• Merge asm_rsp into anal_rsp
• Merge asm_propeller into anal_propeller
• Merge asm_m680x_cs into anal_m680x_cs
• Merge asm gb into anal
• Merge the asm.mcs96 plugin into anal
• Merge asm.cris into anal.cris
• Use more R_LOG instead of eprintfs and add more linting checks
• Add sys/lint.sh and run it in the CI
• Merge asm.8051 into anal.8051
• Merge asm.sparc into anal.sparc
• Merge asm.alpha into anal.alpha

shell

• Fix #16395 - Add open file command to the ms shell

tests

• Remove the -r and -m flags from r2r

tools

• Down with capitalism - lowercase all capitalized strings in r*2 -h
• Add RABIN2_VERBOSE env var to set bin.verbose=true in rabin2
• rabin2 -qqqqqq doesnt swap between simple and simplest now

web

• Few http webserver improvements

5.7.2

Release Notes

Twitter thread: https://twitter.com/radareorg/status/1539561234453987328?s=21&t=RMA5QEUIJoG6tdVvPCc-Cg

Version: 5.7.2
Previous: 5.7.0
Commits: 192
Contributors: 26

Highlights

More details

Authors

Aleksey Kislitsa Apkunpacker Ben Demick Denis Ovsienko Dennis Goodlett Dennis Goodlett GiulioL GiulioLyons HighW4y2H3ll Lazula RHL120 Richard Patel Richard Patel Sergi Àlvarez i Capilla aemmitt aemmitt-ns colt condret lazymio meme pancake pancake pipothebit rax2 rax64 ypsvlq

Changes

anal

• Add op->cycles for M68K move
• Set data alignment of m68k CPUs
• Use r10 as SP and as an sp alias on arm64
• Fix archinfo for BPF
• Add icg str argument for filtering classes to graph
• Add z vector registers for ARM64 in the register profile
• Add R_REG_TYPE_VEC
• Remove dead code
• Add esil support for VMOVDQU in anal_x86_cs.c
• Fix ARM ujmp op type with rjmp & mjmp
• Fix #20215 - Handle op->direction in XOR x86 instructions
• Reduce LOC of i4004 assembler (only use gperf for 1 byte instructions)
• Move i4004 asm to anal

analysis

• Set data alignment of m68k CPUs
• Use r10 as SP and as an sp alias on arm64
• Fix archinfo for BPF
• Add icg str argument for filtering classes to graph
• Fix ARM ujmp op type with rjmp & mjmp

arch

• Fix reg profile, add archinfo and opinfo for bpf.cs
• Initial import of the asm.bpf plugin from extras
• Add initial anal.bpf.cs plugin + disasm tests

asm

• Support tbz,tbnz,rev16,rev32 instructions in the arm64 assembler
• Support cset and sxt(b,h,w) instructions in the arm64 assembler
• Support mnemonic list for all Capstone-based plugins
• Support ccmn and csel instructions in the arm64 assembler
• Support more arm64 instructions

bin

• Fix #17174 - Add the flagname and real symbol name details in the output of icj
• Better handling of invalid/corrupted wasm files
• Use RPVector for wasm imports
• Use RPVector for wasm data section
• Refactor wasm start section parsing
• Move RBinWasmObj-code to RPVector
• Wasm use rpvector on elements
• WASM use RBinWasmObj in vector parsing
• Update wasm tests for exports
• Fix wasm iE duplicates
• Rename wasm subection index member to sec_i
• Change wasm subsections into RPVectors
• • Use RPVector for wasm tables entries
• • Use RPVector for wasm memmories entries
• • Use RPVector for wasm global entries
• Refactor wasm and add function section parsing
• • Remove unsed buf_read_new from wasm parser
• • Refactor wasm vector sub-section parsing
• • Add wasm function sub-section parsering
• Fix ELF default arch of x86
• Avoid false positives when loading s390 modules
• Refactor wasm function types
• Wasm allow partial custom name parsing
• Wasm iE improvment

build

• Windows builds include debug information by default
• Add macos-m1 GHCI builds
• Update v35arm64 to fix build on riscv
• Massage MAKE_JOBS for sys/debian.sh too
• Remove the r2p symlink on Make purge

cons

• Fix/clarify the use of cons.vtmode/line.vtmode/vmode
• Reduce stack in RLine.histLoad() and early return on windows to fix a crash

core

• Fix fortune file detection
• Make the gnu disassemblers thread safe

crash

• Fix oobread in RTable exposed via an ELF reproducer
• Fix #20336 - wasm bin parser
• Fix oobread in wv
• Fix #20248 - DoubleFree in RCons.pop() triggered via RCore.cmdStr()
• Fix infinite loop in gdbserver =g
• Fix several bugs in the RStack API

disasm

• Fix negative on unsigned value in v850.pseudo
• Update to the latest capstone to fix a bug for BPF
• Fix #17961 - missing flags in asm.reloff=1 + scr.color=0

doc

• Rename doc/crosscompile to doc/cross-compile.md
• Add ABI stability explanation

esil

• Fix SHRD instruction ESIL
• Add ESIL to the anal.bpf.cs plugin

io

• Fix bug in io_ihex
• Optimize io.open() by skipping plugin iteration if no uri found
• Add stdin:// uri handler in the io.malloc plugin

parse

• Make existing types available to r_parse_c_string

print

• Fix #20310 - Handle help suffix on more pd subcommands
• Convert pf d specifier to hex dword

r2pipe

• Fix: pthread_create: Resource temporarily unavailable

r2pm

• Handle R2PM_UNINSTALL on Windows
• Fix environment message for the package manager
• Improvements in the native r2pm, being able to install samu and muon

refactor

• Merge asm.avr into anal.avr
• Merge asm.xap into anal.xap
• Merge asm.i8080 into anal.i8080 and add a test
• Merge asm.xcore_cs into anal.xcore_cs
• Merge asm.amd29k into anal.amd29k
• Merge asm.h8300 into anal.h8300
• Merge asm.lh5801 into anal.lh5801
• Merge asm.cr16 into anal.cr16
• Merge asm.v850 into anal.v850 and add a test
• Merge asm.malbolge into anal.malbolge
• Merge asm.v810 into anal.v810
• Merge asm.pdp11 into anal.pdp11
• Merge asm.6502 into anal.6502
• Remove more R_TH_LOCAL in TCC
• Remove excess zeroing in anal_bpf.c
• Merge asm.riscv.cs into anal.risc.cs
• Move asm.pyc to anal.pyc
• Merge asm.nios2 into anal.nios2

search

• Honor cfg.bigendian in /v subcommands

shell

• Fixes for the R2_FORTUENS system and home paths
• Fix history file path construction
• Fix error message in e- when resetting in debugger
• Remove newline in date and pt. output
• Expose R2_HISTORY in r2 -hh and r2 -H to locate history file

tests

• Add Capstone aoml cases
• Generate r2r.json for profiling the testsuite
• Sort lines in r2r -h
• Use absolute path for r2r -o

tools

• Fix disalignment glitch in rasm2 -L and rasm2 -LL

util

• Compile-time optimization for r_str_startswith()

visual

• Fix arrows in visual prompt on windows cmd V:

windows

• Autoset vtmode=1 or 2 depending on shell or visual
• Detect cmd.exe as vtmode=2
• vmode fixes visual shift issue in cmd.exe
• Support building windbg plugin under mingw

5.7.0

Release Notes

Version: 5.7.0
Previous: 5.6.8
Commits: 355
Contributors: 26

Highlights

More details

Authors

Aleksey Kislitsa Alex Bender Anton Kochkov Antoni Viciano Dennis Goodlett Dennis Goodlett Elaine Gibson GustavoLCR Jose Antonio Romero Lazula Mario Haustein Mathieu Dolmen Ole André Vadla Ravnås RHL120 Sergi Àlvarez i Capilla Sylvain Pelissier Wadim Mueller condret freddy gogo2464 kakamaika pancake pancake rax2 rhl120 ypsvlq

Changes

anal

• Initial support for op.family on the v850.np plugin
• Add missing =BP for v850
• Fix crash when doing aac in frida://0 which calls 's $S'
• aav output is now cleaner and less verbose
• Implement native r0 relative references in v850
• Fix oobread bugs in the v850.np plugin
• Add missing status registers on v850.np
• Fix missing calling convention when using asm.arch=*.XXX
• Optimize thumb code analysis (4x faster)
• Fix leak in r_anal_get_gperf_cc
• Honor anal.timeout and better ^C handling in aaaa
• Add missing op types to r_anal_optype_to_string
• Remove RAnalPlugin.jmpmid and use ANAL_ARCHINFO_ALIGN instead
• Add r_anal_is_aligned
• Move VAX disassembler to anal
• Fix invalid basic blocks on switch/jmptbl on arm64
• Use @@@f instead of @@f in aaa - fix deadlock in iaito
• Update to the latest v35arm64
• Use RArchConfig in RReg, Add RReg.hasbits() apis
• Improve boundary oobread checks for anal.8051
• Honor anal.calls in aap
• Kill anal.endsize
• Introduce RAnalPlugin.jmpmid and replace some is_x86
• Fix infinite loop when anal.vars on huge empty basic blocks
• Fix a couple of infinite loops in aav
• Do the whitespace thing that pancake wanted me to do
• Add missing Motorola cpu models for m68k.gnu and m68k.cs
• Honor asm.syntax=att in v850.np and handle more op.type
• Better s390 instruction details
• Remove asm.bf, and move its .opasm to the anal.bf
• Add the RAnal.mnemonics() callback in RAnalBind for the arm.v35
• Remove the asm.arm.v35 and move (and fix) the mnemonics cb
• asm.cpu listing fixes for anal plugins
• Remove duplicated register definitions for AVR
• Move asm.xtensa into anal. fix dupplicated symbols linkage bug
• Fix null derefs in anal.avr plugin and improve defaults
• Fix #19990 - Fix aoml for non-x86 targets and add tests
• Fix #7094 - Add direction information in xrefs
• Add =SN and =R0 to 8051
• Add RAnal.use in RAnalBind to use it from RAsm

analysis

• Implement native r0 relative references in v850
• Optimize thumb code analysis (4x faster)
• Fix #19990 - Fix aoml for non-x86 targets and add tests
• Fix #7094 - Add direction information in xrefs
• Add =SN and =R0 to 8051
• Add RAnal.use in RAnalBind to use it from RAsm

api/abi

• Rename REgg.Cfile to REgg.cfile
• Rename corebind fields to coreb, for consistency with analb, iob
• Use RArchConfig in RPrint
• Expose RAnal.opDirection.toString as a public method
• Make CRBTree.foreach() C++ friendly
• RStr.isTrue/isFalse accept NULL argument now
• Use RLog in RCons
• Introduce r_arch.h. Use RArchConfig in RAnal and improve RRef api

arch

• Support '$' in regprofile offset column
• Move tricore from asm to anal

asm

• Move the asm.ppc.gnu into the anal
• Remove the v850.gnu plugin
• Move the asm.pic into anal.pic
• Support cls, clz for 32 and 64 bit registers in the arm64 assembler
• Move asm.snes into anal.snes
• Fix assembling with the arm.v35 plugin
• Move 8051 test into db/tools/rasm2 and fix null deref in asm
• Support 'msub, madd, mneg, ngc, sbc, asr, ror, cls, clz, rev, rbit, rbit16, rbit32, umulh' in the arm64 assembler
• Initial implementation of shared RAsmConfig
• A little better asm directive parsing
• 8051: handle any mov case for reassembling

assembler

• Support assemble for mul, udiv, sdiv, lsl, lsr, mvn, tst arm64 instructions
• Fix endian issue in binary input for rasm2 and add tests
• Support assemble for add, and, eor arm64 instructions

bin

• Better handling of Wasm Names
• Fix large loading times in macho parser for binsz=-1
• Fix off-by-one bound check in wasm format
• Simplify functions in wasm format
• Fix leak in wasm custom names
• Better formating wasm custom name
• Fix parsing LE and COFF on big endian host
• Fix pyc parsing on big endian machines
• Fix leak in wasm sections
• Add bin.maxsymlen to make this symbol name length limit configurable
• Do not accept symbol names in mach0s larger than 2KB
• Fix wasm section parsing
• Remove global from elf parser
• Fix another race condition in the macho parser
• Remove another static global in the sections cache of objc
• Move the local-global cache into the macho object
• Fix allocation peak in macho property parser
• Expose CLR metadata in ih output instead of messy eprintfs
• Add bin.xtr.xalz plugin using the new loadbuf field
• Remove the bin.xalz plugin as its meant to be io or bin.xtr
• Fix null derefs on partially initialized xtr bin plugins
• Fix main detection in x64 elf, after updating condret's machine
• Use the new RBinInfo.charset in bin.s390
• Add headers, sections, symbols and entrypoints to the bin.s390 plugin
• Initial import of the bin.s390 plugin
• Permit RBin plugins to expose a default charset
• Select 'arm' fatmacho slice on -a arm.v35
• Fix #6647 - check map bounds in the pebble bin loader
• RBinFile size must be ut64, not signed int to open > 2GB files

build

• Use meson's gittap command on make
• Fix #13196 - Honor SHARED in configure-plugins
• windows_heap is included in cmd_debug
• Fix meson build with use_sys_openssl
• Leftover for --disable-threads causing runtime problems
• Use longer names in enum to avoid conflicts with the SerenityOS toolchain
• Deshadow some variables, in progress for the full -Wshadow cleanup
• Make capstone include directories consistent
• Add xtensa for the meson (requested for Windows)
• Honor capstone commit in ci
• Fix for --without-pull not working in install.sh

cons

• Add scr.maxpage to remove the CONS_MAX_USER constant
• Fix r_cons_get_cur_line() on windows
• Add ec bgprompt for a colorful shell and visual prompts
• Fix glitch in scr.html when scr.color=1

core

• Introduce R_LIKELY macros and update sdb
• Fix RCons recursive buffer fill causing iaito memory usage problems
• Initial import of the RThreadChannel API with the ::x command
• Deprecate anal.cpu, just use asm.cpu
• Improve RLog API and usage, document R2_LOG_ vars in r2 -hh

crash

• Fix integer overflow in string search causing oobread
• Fix crash in vtable analysis on UB
• Fix 4 byte oobread in msp430 disassembler
• Fix null deref in macho parser
• Fix oobread in java parser
• Fix oobread crash in java parser
• Revert "Prefer memleak over usaf in io.bank's rbtree bug
• Revert "Properly fix the UAF in r_io_bank_map_add_top
• Fix oobread and null deref in symbols file parser
• Revert "Prefer memleak over usaf in io.bank's rbtree bug
• Revert "Properly fix the UAF in r_io_bank_map_add_top

debug

• Cleanup dbg.trace config vars and better error messages
• Software breakpoints fail on m1, lets just enable hwbp by default
• Add d: to run the cmd callback of the debug plugins
• Fix #19966 - Reset seek in r_debug_execute() to real PC

disasm

• Fix disp[ep] regression for v850.np
• Handle comments from analop.ptr, not only for call ops
• Add a parse plugin for tweaking references to r0
• asm.sub.names requires a flagname of strlen > 4
• Honor asm.syntax=att in asm.arch=s390

doc

• Add ubuntu22, kali, haiku and voidlinux as repology badges
• Update ae?? esil keywords help message
• Update README and add doc/devdebug.md

emu

• Fix st.b and stsr esil for v850
• In the V8xx families the R0 is a WTG register
• Make ESIL TODO messages go thru R_LOG_DEBUG instead

emulation

• Fix st.b and stsr esil for v850
• In the V8xx families the R0 is a WTG register

esil

• Fix invalid shifts on esil emulation
• Initial implementation of the v850 prepare/dispose
• Deprecate ESIL's $r and S2D keywords
• Tiny fixes for the v850.np esil

fs

• Implement my command and fix help messages for m subcommands

hash

• Fix argument ... with mismatched bound [-Warray-parameter=] warnings

io

• Fix potential bug in r_io_nread_at
• Fix the io.rbuf plugin (broken since 2017)
• Add the io.xalz plugin
• Honor io.cache in r_io_is_valid_offset()
• Fix some TODOs in libr/io/io_bank.c
• Revert "Fix use-after-free in iobank rbtree usage
• Fix map boundary adjustment in r_io_map_add and r_io_map_add_bottom

io"

• Revert "Fix use-after-free in iobank rbtree usage

json

• Initial support for JSON help messages
• pdrj: change JSON output, group instructions by basic blocks

lang

• Find python3, python2 and python in PATH on #!python

print

• Implement ax, to list xrefs using RTable
• Improve ascii art output of pfb
• Initial implementation of pfb, binary formatting
• Use wx+ instead of wx;s+16 in pc* command

projects

• Create a struct for rvc state
• Fix ax\x00 glitch causing projects to be noisy
• Pc without argument uses prj.name if defined
• Save and restore the register values
• Add P* and P! to dump script and run shell in project dir
• What's bool stays bool, makes eval changes more consistent
• Fix serializing macros (* using ; instead of ,
• Fix #20040 - invalid char bug in afl* when function names contain ';'
• Dont save dir. variables in project scripts
• Make P command follow the r2 philosophy for consistency
• P+ is now an alias for Ps for consistency with P-
• Dirty anal on user comments

r2pipe

• Fix #19606 - Dont route the RCore.cmdstr() when there's a redirection >

refactor

• Move mcore into anal
• Move asm.s390* into anal.s390* and fix aod when not using asm plugins

refactoring

• Move mcore into anal

search

• Implement search.in=flag

shell

• Implement gLj and Lgj for listing egg plugins in JSON
• Implement Llj and #!?j for rlang plugin listing
• Implement Lpj for #19982
• Implement Lmj and mLj to list r_fs plugins loaded
• Implement Lij, Ltj and Lhj (via the new phj)
• Implement LDj command to list decompilers installed in json
• Fix bug when loading an r2 script with '.'
• Don't ignore invalid subcommands of i
• Add help for V?
• Implement and document iz* and izz*
• Add help messages for ms mp mL mo commands
• Handle pd1 and pi1 (imm without space)
• Handle ? in all the dc subcommands
• Add JSON output for r2 -V
• Rename anal.cpp.abi to anal.cxxabi, and add options for dbg.malloc
• Handle Loj and Lij as alias for iLj and oLj
• Add R2_COLOR env var for r2 when setting up scr.color
• Fix help message for the ?= command
• Better error handling in pushd/popd
• Fix #19830 - implement pushd/popd commands
• Implement 'mktemp' syscmd command
• Add missing help for ++, -- and r2pm
• Implement .. as an alias for s..
• Fix #19973 - Add - and + commands as alias for s- and s+
• Initial import of the WIP sh interpreter
• Implement proper dyslexic subcommands for La/aL
• Use more RLog, and add log.origin
• Show proper error when no function found in afv

tests

• Dont let r2r -o overwrite files
• Add test for 'q' return code bug and minor cleanup r2r
• Support gmake in the testsuite (BSD runs)
• Add 8051 disassemble/reassemble checks

tools

• Improve binary input handling in rasm2 with 0b and Bx
• Fix #20030 - Add binary input support for rasm2
• Check for hexpair keyword before adding a null in rafind2

types

• Typedef facility under t for pf support
• Proper use of the SDB api in anal/type.c
• Fix C types parser on unknown archs

util

• Add R_LOG_DISABLE hint for extra debugging
• Fix bug and optimize deletion in new rbtree api

visual

• Improve ec bgprompt in V: shell
• Fix #20049 - '.' in stack panel seeks to SP or BP if unset

webui

• Better material webui disasm defaults
• Fix scr.color=3 glitches in the html filter
• Fix /index missing icon and update project commands used
• Remove broken and outdated graph webui
• Update the www/m webui with latest versions of all the frameworks

write

• wb -> wX, wb = write big endian bits in byte

5.6.8 - codename: remora

Release Notes

Version: 5.6.8
Previous: 5.6.6
Commits: 137
Contributors: 15

Highlights

More details

Authors

Apkunpacker Dennis Goodlett Fernando Domínguez Francesco Tamagni Lazula RHL120 SeanH Sergi Àlvarez i Capilla condret junchao-loongson max-lv mdolmen n01e0 pancake pancake

Changes

analysis

• Fix comma separated args in r_anal_function_format_sig
• Skip more types of call instructions on linear emulation
• Add missing 'direction' field in the output of aoj
• ar command using ->anal, otherwise for non-debug builds that fails
• Allow abt to handle addresses in the middle of basic blocks
• Handle addresses in the middle of basic blocks in abf
• Implement 'abf' command to list incoming bbs
• Run 'aap' before 'aae' on arm64 binaries in 'aaa'

bin

• Hide some dyldcache parsing error messages and improve string filtering
• Fix infinite loop in strings and better use of is_breaked()
• Handle ^C when loading dyldcache binaries
• Show friendly warning when loading without R_DYLDCACHE_FILTER
• Fix two more oobread bugs in the dyldcache plugin
• Fix oobread crash in the rebasing method of dyldcache
• Fix negative allocation attempt in izz that will surely fail
• Fix mach0 class 64bit address sorting bug
• Show 'missing X info' error in rabin2 -H
• Warn the user when no header fields are found
• Fix rebasing Mach-O DYLD_CHAINED_PTR_64
• Add support for parsing swift metadata from macho binaries
• Assume all machos are made by clang
• Honor baddr=0 in RBin, as it's done for RIO
• Fix oobread in symbols header parsing

build

• Add missing loongarch for the meson
• Add support for Visual Studio 2022 (community+enterprise)

ci

• Disable offline builds
• Ignore asan memory leaks when running the tests
• Run the tests for non-debugger builds

crash

• Fix null deref in code meta commands
• Fix oobread bug in NE parser
• Fix null deref in ne parser
• Fix #19940 - infinite loop in x/i on invalid instructions
• Fix oobread and unaligned casts in the NE entrypoint logic
• Fix random segfault happening with wrong null preconditions in iobank
• Fix UAF in aaef
• Fix oobread in NE parser
• Fix null deref in the ne parser
• Fix oobread in dyldcache
• Fix another oobread in the NE parser
• Fix another oobread segfault in the NE bin parser
• Fix oobread segfaults in the NE bin parser
• Fix oobread in the macho parser
• Fix 1 byte oobread in the cris analysis plugin

crypto

• Fix undefined behaviour bugs in serpent crypto algorithm

debugger

• Apple Silicon can hwstep

disasm

• Fix #19876 - Smarter local variable and argument sorting
• Show args before vars in afv summary also in pd

egg

• Initial WIP implementation of the ESIL backend for ragg2

emulation

• Fix aeim on --without-debugger builds

esil

• Fix 'aeb' emulating the right instructions
• Fix PPC ESIL of addis instruction
• Honor esil.maxsteps in more commands and stop earlier when no =PC
• Add esil.maxsteps to avoid infinite emulation loops

json

• Fix aeabj output which returned different information than aeab
• Instruct drrj to not emit ansi escapes to not damage

print

• Fix pief printing N bytes instead of N instructions
• Add psa command to print any kind of string
• Support relative pointer resolution in pxr
• Implement pfP for relative pointer format memory formatting
• Add pfW for signed short format

projects

• Add an error return to r_core_project_cat

r2pm

• Increase commit log from 3 to 10 in

search

• Initial implementation of the aavr command

security

• Add sandbox checks for the debugger io plugins

shell

• Fix infinite loop in -1 command
• Improve wz help and error handling
• Run r2pm from core internally
• Fixes for the Trim.args() for ?e
• Handle ^C in fg and improve ^C in pd
• Lowercase all the help messages for consistency (2)
• Honor escaping semicolons in macro definitions
• Lowercase all the help messages for consistency
• Use standard help api for aeim too
• Add the cmp command to compare two (alias) files
• Implement 'curl' command
• Implement @c: temporal seek operator
• Add r_core_return_code() and use it
• Fix glob matching in several cases
• Use strstr instead of rstr.glob for now in @@
• Fix seek history for the 's..' partial seeks

signatures

• Update byte signature flag name
• Fix autoloading of

tools

• Add rahash2 -J for simplified single object name=hash output
• Allow rahash2 -a to be passed multiple times

types

• Fix #16335 - tp not handling blocksize properly

util

• Add tests for the code tokenizer and fix <<= assignments

visual

• Visual color theme editor available from panels

zign

• Fix bug in z/, that creates misplaced functions

5.6.6

Release Notes

Version: 5.6.6
Previous: 5.6.4
Commits: 130
Contributors: 10

Highlights

More details

Authors

Dennis Goodlett Dennis Goodlett Jules Maselbas Lazula Pau Rodriguez-Estivill Sergi Àlvarez i Capilla aandersonl aemmitt-ns pancake pancake

Changes

anal

• Remove the hexagon from anal
• Save sp,bp,src,dst in heap outside the loop
• Add afiq for quiet functino info and refactor the anal/abi.inc
• Add help for 'pie?', add pieq and add ninstr in afi[j]
• Sanitize function names for prototypes
• Unify asm.z80 into anal.z80
• Restrict local vars and args in a 8KB range, otherwise skip
• Adds afva in all fcns flags (if any)
• Skip afva on functions with signature registered
• Do not perform var/arg analysis on Java/Dalvik
• Add missing eiz/riz registers for x86 and x64
• Add mermaid output to all ag commands
• Add an* and fix many other conceptually broken logics in an

analysis

• Remove the hexagon from anal
• Add afiq for quiet functino info and refactor the anal/abi.inc
• Add help for 'pie?', add pieq and add ninstr in afi[j]
• Sanitize function names for prototypes
• Unify asm.z80 into anal.z80
• Restrict local vars and args in a 8KB range, otherwise skip
• Adds afva in all fcns flags (if any)
• Skip afva on functions with signature registered
• Add missing eiz/riz registers for x86 and x64
• Add an* and fix many other conceptually broken logics in an

asm

• Fix #19489 - Implement assembler for jrcxz

bin

• Add help for the CL command
• Cache file_exists when iterating over the source files
• Complete DWARF4 register mappings

build

• Only build library archives when -Dblob is provided
• Fix some static meson blob dependency leftovers
• Fix sys/release-notes when HEAD a tagged
• Make -Dblob=true statically link all r2 libraries

ci

• Publish r2blob-w64 on release and fix artifact name

crash

• Fix heap OOB read in macho.iterate_chained_fixups
• Fix UAF in aaaa on arm/thumb switching
• Fix buffer overflow in asm.nbytes, add hard limit to 64
• aaef on arm/thumb switches causes uaf
• Break large loops when method name resolution fails

debug

• Improve help message for dd? and autocomplete
• Add 'dd+' to open files in the child process as read-write
• Fix unitialized buffer read bug enumerating process files
• Add ddf command
• Fix dd command and update tests accordingly
• Skip wired-to-ground registers in dr=
• Fix drj in debug mode

disasm

• Fix #19838 - Show pins in the disassembly as comments
• Improve the way asm.nbytes plays with asm.flags.inbytes
• Fix issue in asm.tabs.once causing iaito to trim instructions

doc

• Update the Windows build instructions

esil

• Add ESIL for x86 SSE float instructions
• Implement 'aeb' using APIs instead of commands
• Add aaepa command to set all unknown imports as ret0
• Fix aecs and add test emulating hello world without libc
• Add aaep and extend aep to support pin specific commands
• Implement ESIL for the Stlxr arm64 instructions

fix

• Fix undefined behaviour in RVector, RPVector, RInterval and container_of

print

• Initial import of the code tokenizer

refactor

• Lots of cleanups to reduce the regressions in TCC
• Dont use != NULL as its implicit in C, even for bool casts

shell

• Improve help message for psz, aek, aae, aep, aer and aex commands

tools

• Use R_SYS_BITS by default in rasm2

visual

• Fix back scrolling in the decompiler pane in panels
• Improve panels prompt drawing the bottom box line one line above
• Add scr.notch to blank N lines on top of the screen
• Improve panels interactions with decompiler frame
• Record seek history when cliking around in panels
• Fix blank decompiler issue when clicking randomly in panels

windows

• Add w64-static builds in the CI
• Add 'configure.bat static' argument to build r2blob.static.exe
• Fix meson -Dblob=true builds for static
• Fix r2blob for windows

5.6.4 - codename "do bisa vijnu"

Release Notes

Version: HEAD
Previous: 5.6.2
Commits: 67
Contributors: 11

Highlights

More details

Authors -------

Dennis Goodlett Dennis Goodlett Lazula Pau Rodriguez-Estivill Sergi Àlvarez i Capilla aemmitt aemmitt-ns archcloudlabs pancake pancake pkubaj

Changes

anal

• Handle jump tables in agfm
• Add agfma to get assembly in mermaid graphs
• Add agfm command to print cfg graphs using mermaid syntax

analysis

• Add agfm command to print cfg graphs using mermaid syntax

bin

• Find strings on maddr'd binaries with izz
• Fix wide32 string detection that caused to miss other ascii strings
• Fix large loading times in macho parser
• Fix slow loading times for small ELF sample

build

• Fix #19726 - fix meson definition order issue when using syslz4
• Add rasm2 and rax2 wasi/wapm packages
• Build fixes for wasi/wapm/wasm and update sdb

charset

• Add initial support for katakana

crash

• Fix timeout analyzing a small class reported by clusterfuzz
• Fix DoS in PE/QNX/DYLDCACHE/PSX parsers
• Fix DoS in kernelcache bin parser
• Fix oobread in macho core symbolication
• Fix null deref in bin.symbols
• Fix DoS in the minidump parser
• Fix DoS on macho parser spotted by scan coverity
• Fix heap buffer overflow in dyldcache parser

debug

• Add support for powerpc, powerpc64, powerpc64le and riscv64 on FreeBSD

disasm

• Honor ArchInfo.opalign in pia
• Fix #19610 - Honor minopsz in pia

esil

• Add some sign extend to some v850 st/sst insns

print

• Fix #19729 - Make pswj consistent with psw output
• Fix #19739 - Fix oobread in pv* and fix bug in pvj

shell

• Add aot command to show instruction types (like /atl)

visual

• Restore and revert blocksize in V:
• Fix #19737 - Handle ESC and space in the ascii hex column

5.6.2

Release Notes

Version: 5.6.2 (from 5.6.0)
Commits: 63 (from 13 contributors)

Highlights

• Fixed 12 critical vulnerabilities (Thanks NowSecure, Google, Synopsys and HuntrDev! for reporting)
• Support new file fileformat used by Xamarin to pack .NET libraries (XALZ)
• ihex:// (intel hexadecimal object files) are working again (it was broken for a while)
• lz4 deflating is now supported at API and commandline levels
• FreeBSD is now part of the CI, improved stability and fixed all related warnings
• The new w+ (wx+) commands write and seek to the end of the written chunk
• Panels fixed a couple of glitches and improved usability with decompilers

Authors

Anderson Angel Diaz Anton Kochkov Bernhard M. Wiedemann Dennis Goodlett Florian M Nerijus Bendziunas PauRE Sergi Àlvarez i Capilla nemarci pancake pancake wargio

Changelog

api

• New r_inflate_lz4 API to reuse LZ4 across all libs
• Support building with system-provided lz4 library

asm

• Support assembling the cmn, teq and tst arm32 instructions
• Fix oobread bugs in cr16 disassembler
• Fix pop [rsp] emulation for x86 ���������������

bin/io

• Add ELF reloc patching for R_386_32 and R_386_PC32
• Handle SH, MIPS and ARM in COFF binaries
• Initial support for XALZ binaries from Xamarin
• Fix ihex:// io parser as it was not working

ci

• Partial #19687: Add release github actions workflow
• Publish FreeBSD artifacts and purge the srcdir

cons

• Fix 'disable mouse' ansi code
• Minor rgb.parse optimization and remove the use of sscanf in pal.c
• Fix visibility issue in the bluy theme

crash

• Properly fix the UAF in r_io_bank_map_add_top
• Early break when parsing corrupted DEXs to avoid DoS
• Fix oobread in pxj
• Prefer memleak over usaf in io.bank's rbtree bug
• Fix DoS in MACHO parser spotted by clusterfuzz
• Improve boundary checks to fix oobread segfaults
• Fix DoS when loading a fuzzed DEX file
• Fix UAF in pyc parser
• Fix negative index in anal.arm64.cs
• Fix bins/*/rep8 - UAF crash in pyc parser
• Fix oobread segfault in java arith8.class
• Fix java oobread in id_000000,sig_06,sync_m1,src_000048

panels

• Fix panel focus glitch
• Fix overlapping titles on small frames
• Close menu when a different decompiler is selected

shell

• New 'w+' command, to write a string and seek at the end
• Fix parsing of 'ra?' and 'r0x' subcommands
• Add prgl command to decompress current block using lz4
• Fix Negative Offset in Hexdump Json Output

5.6.0 - codename Miteigi

Release Notes

Version: 5.6.0
Previous: 5.5.4
Commits: 254
Contributors: 16

Highlights

• ABI breaks - RAnal api is the new home for the RAsm plugins, reduce installation size
• Add an initial and working native reimplementation of r2pm in plain C (no posix shell required)
  • Windows support will come later, needs more testing and user feedback.
• Initial release with support for threads (one RCore per-thread is supported for now)
  • Remove or make TLS globals, add atomic support, fix mutexes and threads
  • r2r testsuite now runs with the thread sanitizer enabled builds
  • Remove all uses of sdb_fmt in exchange of the thread safety r_strf
• More tests for ESIL and improve quality on x86, arm64, riscv, v850 and more!
• Improved usability and fixed some buggy interactions in panels, better help messages and improved color themes.
• Support latest capstone, and prefer system wide installation for better offline builds
• Add project loading in sandbox mode and add dirty bit to avoid saving things when nothing changed.
• New commands: pdu, r-/r+, fc, aafs, pcc, /aF, isqq. iS,, axl, /e, pFB, ws# for more pascal string types support
• Binary PLIST printing (pFB) which combines great with (pFA - for android binary xml)
• Orders of magnitude faster analysis with aafs and sixref
• Honor flag colors in hexdump and instruction tokenization in disasm
• Fix 3 CVEs since 5.5.4, lots of memory leaks and all the coverity critical issues
  • Improve code quality by using new tools and stdint basic types
• Support arm32 debugging on native arm64 linux hosts
• Extend scripting support to quickjs and wren programming languages
• Add time measurement directive to rarun2
• Add Rabin Karp faster search algorithm (/e) and fix some bugs in the search loops
• Add new arch plugins: loongarch, evm.cs, v850.np and chip8

More details

Authors -------

Adrian Laskowski Apkunpacker Claudemirovsky Dennis Goodlett Francesco Tamagni Lazula RHL120 Roman Valls Guimera Sylvain Pelissier aemmitt-ns gogo2464 junchao-loongson lasek0 meme pancake pancake

Changes

abi

• Move asm/wasm into anal, and add new opasm() callback

anal

• Simpler var counting API
• Add support for x86-32 callpop artifacts
• Add ablc, ab-, Fix and optimize in af- and aafs
• • Add ablc, ab-, Fix and optimize in af- and aafs
• Fix 'afls' and add tests
• Fix heap overread in loongarch when len < 4
• Add axl command for consistency with afl for 'axlc'
• Fix reference order and use the API in sixref (2x faster)
• Initial implementation of the 'aafs' command
• Add support for the new loongarch architecture
• Improve the v850.np analysis, fix all call refs

analysis

• Simpler var counting API
• Add support for x86-32 callpop artifacts
• Add ablc, ab-, Fix and optimize in af- and aafs
• • Add ablc, ab-, Fix and optimize in af- and aafs
• Fix 'afls' and add tests
• Add axl command for consistency with afl for 'axlc'
• Fix reference order and use the API in sixref (2x faster)
• Initial implementation of the 'aafs' command
• Add support for the new loongarch architecture
• Improve the v850.np analysis, fix all call refs

api

• Add r_core_help_match() to get help for a specific command

arch

• Initial import of the evm.cs plugin

asm

• Handle instruction operands in wasm.asm
• Refactor, improve and move chip8 support out of libr/asm

bin

• Parse relocs from Mach-O chained binds if no opcodes
• Add support for rebasing ARM64E_USERLAND24 chained format
• Fix isqq. command
• Fix #19541 - Fix null deref and stack exhaustion bugs in the kernelcache
• Implement iS, command (table query format for section listing)

build

• Fix #18621 - Specify ABI version to be X.Y instead of X.Y.Z
• Add 16GB pagefile for the windows ci
• Simplify meson logic and use ole's PR to fix Windows
• Add CI job to verify builds with system-wide capstone
• Use system capstone if available in sys/install.sh
• Fix ios-sdk compilation
• Bring back the 32bit builds for Cydia
• Use api9 for android-arm builds to bring back Kitkat support

charset

• Add iso8859_1

cleanup

• Remove globals from tcc code

cons

• Use static RThreadLock in cons
• Dont SIGINT in RCons when used in a thready way
• Improve the 'fc' command to unset and get color flags easily
• Add scr.theme and Lt commands as alias for 'eco'
• Improve the basic theme
• Fix all the known issues in the ayu theme
• Honor jmp/call argument colors by type

core

• Fix #19628 - wx+ as an alias for wxs
• Mark all globals (or most of them) as TLS variables
• Make RCons thread-friendly
• Fix race conditions in RCoreTasks
• Rewrite r_list_uniq with a faster algorithm

crash

• Fix null deref in xnu.kernelcache
• Optimize and fix heap overflow in asm.tabs using RStrBuf

debug

• Expose the 32bit arm reg profile on 64bit hosts

disasm

• Workaround to handle seg:off on x86_16 due to a capstone bug
• Fix #15473 - Align meta dwords in the middle of instructions
• Improve reg detection in asm highlighting + add test
• Fix reg/flag detection in disasm colorization
• Initial import of the v850.np plugin
• Handle anal.cpu=? and fallback for asm.cpu when no asm plugin
• Add asm.bytes.opcolor configuration option

doc

• Add 'first session' example in the README

esil

• Disable ESIL macros and add reproducer test
• Add helper function for pending macro handling
• Improve EVM analysis and update tests
• Macrofication of the '+=' and '-=' esil operations
• Add support for list12 logic in the v850.np distillation
• Fix esil for bnd jmp x86 instrs and cmn arm instrs
• Implement ESIL on more instructions for v850.np
• Handle ESIL in more v850.np instructions

help

• Fix helps for aan? aaf? and aes?
• Fix help for the 'aaa' subcommands

io

• Fix use-after-free in iobank rbtree usage

panels

• Autoset cache flag on whitelisted panels on create
• Fix #19410 - Fix cursor mode regression

parse

• Use static RThreadLock in TCC

ports

• Add basic support for loongarch

print

• Add 'pFB' command to use the new BPLIST parser
• Add scr.color.ophex to colorize 'px' with opcode type
• Honor flag colors in 'px' hexdump
• Fix pxa@e:hex.compact=true and add tests
• Improve the way color flags are handled
• Improve pcc output and add a test
• Add 'pcc' command to print block as C char*string
• Fix pdsf?, forbid V? and remove newlines in pxA?

projects

• A better way to check if a project has been saved
• Add prj.sandbox to enable experimental sandboxed project loading

r2pm

• Initial implementation of r2pm.c

refactor

• Use stdint like if there was no yesterday
• Remove asm.hexagon, anal one is enough
• Remove asm.ebc and merge disasm into the anal

search

• Implement /aF and /aFd to search for instructions in functions
• Add Rabin Karp algorythm to
• Add r_search_maps to
• Search adjacent maps together
• Move /e to new search API
• Fix bug in regex searching
• Add longest field to RSearch
• Add r_search_upate_read API

security

• Implement fine grained sandbox control

shell

• Implement rarun2 time=true attribute

tests

• Initial implementation of the dummy benchmark

tools

• Fix R2PM_DEPS handling in r2pm -ci

util

• Fix: Mark r_print_format globals as TLS
• Add atomic primitives for Windows
• Add safe static lock initialization
• Improvements and fixes for the threading APIs
• Introduce r_strf and stop using sdb_fmt

visual

• Fix #19409 - Close menu after creating a new panel from it
• Handle vE as in VE - edit color theme
• Fix fast jump with ahc on register calls

windows

• Use I64x instead of llx format strings for mingw builds too

write

• Add ws1, ws2 and ws4 commands for variable size pascal strings

5.5.4 - stability release

Release Notes

Version: 5.5.4
Previous: 5.5.2
Commits: 30
Contributors: 8
Days: 9

Highlights

More details

## Authors

• Claudemirovsky (linking issues)
• Dennis Goodlett (search + signatures)
• Francesco Tamagni (dyldcache)
• Lazula (pD and git pull issues)
• condret (crash in omf command)
• gogo (8051 assembler and AVR disassembler improvements)
• pancake pancake (everything else)

Changes

Architectures support

Changes related to disassembly, assembly and analysis:

• Use cs_disasm_iter in anal.x86.cs to use less heap and speedup analysis and disassembly
• Disable the disassembler logic in the asm plugin for 8051
• Handle jbc [reg] in 8051 assembler
• Handle registers on push on 8051
• Improve pD, reading too many bytes on loop
• Better Analysis plugin handling from the asm module

Binary parsing

• Dont depend on case-sensitive FS to load the DLL sdbs
• Support Mach-O DYLD_CHAINED_PTR_64_OFFSET format

Build/ CI

• Check for an existing upstream remote in install scripts
• Fix libr_lang linking issue (introduced in 5.5.2)
• Do not remake on modules with d/ (faster 'make' builds)

Search

• Cleanup public API for
• Add JSON output to zb commands

Security

• Fix #19476 - heap overflow in aao
• Fix #19478 - null deref in symbols file

5.5.2

Release Notes

Version: 5.5.2
Previous: 5.5.0
Commits: 92
Contributors: 16
TimeDelta: 20 days

Highlights

More details

Authors -------

Ashwin Kumar Dennis Goodlett Lazula Octavio Gianatiempo Richard Liu Rick de Jager Sergi Àlvarez i Capilla aemmitt-ns aviciano condret gordon-quad meme meme pancake pancake slowhand99

Changes

ARM/THUMB

• Fix #19464 - incorrect assembly for adrp on arm64
• Use null plugin when using unexistent asm plugin
• Handle more ELF relocs for ARM binaries
• Fix #18967 - Fix emulation for the mov-pc thumb instruction

Binary parsing

• Add Plan 9 symbol parsing
• Fix PE Metadata header name parsing (.net related)
• Add bin_xtr.xtr_pemixed for PE user plugin

build

• Use remote URL for git pull in install scripts
• Enable mingw32/mingw64 builds in the CI (new first class platform)

cons/ui

• Improve the snow experience in panels mode
• Add eco! and eco* and sort eco listing
• Show prev nodes in graph.few
• Improve cursor up/down in visual disasm when code is analyzed

crash

• Fix invalid pointer read issue in dwarf parser
• Fix #19455 - Negative tainted offset used in buffer for pyc causing oobread
• Fix #19448 - Fix atoi on non-null terminated string in PE section headers
• Fix #19446 - null derefs in the x509 parser
• Fix #19443 - UAF in marshall null object
• Fix #19442 - Fix heap underflow in pyc marshalling
• Fix #19444 - Null derefs in PE signature logic

Other

• Fix #19463 - io write error reporting regression
• Fix #19473 - Support libc filename w/o version for heap analysis
• Fix Dalvik’s esil conditionals
• Initial support for VLIW on hexagon
• Fix infinite loop in r_str_replace

Diff / Signatures

• Implement symbol name list diffing in radiff2
• Fix zj vars output
• Add binary search alg to pvector

r2pipe

• Fix r2pipe.cmd("Z") when command fails returns no output
• Updated R2pipeSide support for Go and V