A radare2 based binary analysis framework consisting from the Radeco client, in
./radeco-lib/ - library where whole high-level logic is located,
./arch-rs/ to abstract the architectures intricacies,
./esil-rs/ to parse the radare2 ESIL, and
./rune/ to perform symbolic execution on top of ESIL. Radeco uses its own intermediate representation,
which also has a text representation - RadecoIL.
Is this ready yet?
Nope. There is still a ton of work to do before this can be considered ready. That said, parts of the library are already stable enough to write your own analysis passes and use in your projects.
Build like a regular rust project, using cargo:
To include in your rust project, add to Cargo.toml:
[dependencies.radeco-lib] git = "https://github.com/radare/radeco"
See examples for usage.
To debug, you may want to enable trace output from various parts of radeco.
trace_log feature to enable this:
cargo build --features 'trace_log'
To enable profiling, build with
cargo build --features 'profiler'
Wrap the code you want to profile with:
use cpuprofiler::PROFILER; PROFILER.lock().unwrap().start("./my-prof.profile").unwrap(); // Code you want to sample goes here! PROFILER.lock().unwrap().stop().unwrap();
Radeco-lib project layout
src/ ├── analysis/ Analyzers on SSA form Radeco-IR ├── backend/ Analyzers on C-pseudo code │ ├── ctrl_flow_struct/ Implementation of `No More Gotos` │ └── lang_c/ Coverter of C-pseudo code from RadecoFunction ├── frontend/ Loaders of RadecoFunction, RadecoProject ├── middle/ Constructer, writer, parser of Radeco-IR │ ├── regfile/ Profile of registers │ └── ssa/ SSA form of Radeco-IR └── utils/ Logger, etc
Licensed under The BSD 3-Clause License. Please check COPYING file for complete license.