Skip to content

Releases: rizinorg/rizin

Release v0.7.2

05 Mar 14:40
87add99
Compare
Choose a tag to compare
  • Disable PCRE2 JIT on macOS
  • Fix building with newer tree-sitter runtimes

Release v0.7.1

03 Mar 16:40
Compare
Choose a tag to compare
  • Fix global variable loading from projects
  • Fix PageUp and PageDown use in the graph mode of Vv
  • Fix pf format generation for union C types
  • Remove the plugin from the list if the initialization step fails
  • Unset static linking of PCRE2 if the system library is present
  • Do not use the WX pages allocator for PCRE2 JIT on macOS platforms

Release v0.7.0

24 Feb 04:06
78d4043
Compare
Choose a tag to compare

In this release we continued adding the RzIL uplifting support for different architectures - Infineon Tricore, NEC V810, NEC(Renesas) V850, GameBoy. Floating point support for x86 RzIL uplifting was added as well (experimental until the next release).

One more notable change - by default we use the Capstone 6, you can read about details in the auto-sync blog post. Capstone 3 (and below) support was removed.

Another major change - greatly improved support for DWARF and PDB debug information, including various versions, compressed formats, different architectures support, and extracting global variables.

Support for loading debug information from debuginfod was added as well as support for loading "splitdebug" DWARF files.

Various refactorings to improve binary loading and analysis speed were performed, along with continuing battle to eliminate global state to make Rizin thread-safe.

Screenshot 2024-02-24 at 8 31 47 AM Screenshot 2024-02-24 at 8 32 25 AM

New command line options

  • rz-bin -dd to download DWARF from the debuginfod server

New and changed commands

In this release we continued refactoring from the old shell to the new one.

  • A new command to list all RzIL instructions in the current function similar to pdf to print all assembly instructions - plf
  • Added new command to print CFG (agF) and the interprocedual CFG (agCi)
  • Added new command to print references to a global variable (avgx)
  • Extended afvl commands to support long (afvll) and table (afvlt) outputs, integrated DWARF storage information
  • pf. now requires space after dot
  • Any pf command now recognizes named format - it should start from dot, e.g. pfs .bla where bla is the format name
  • Defining new format now requires using pfn <format name> <format>
  • Listing named formats - pfn (before - pf.)
  • Print definition of the named format - pfn <format name>, previously pf.bla
  • Writing data requires using pfw command instead of just pf or pf.
  • pfw now supports both variants: pfw bla.foo 42 and pfw bla.foo=42

Configuration variables changes:

Removed options:

  • bin.maxstr
  • scr.rainbow

Renamed options:

  • bin.minstr is now str.search.min_length
  • bin.maxstrbuf is now str.search.buffer_size
  • bin.str.enc is now str.search.encoding

New options:

  • str.search.reload
  • str.search.max_threads
  • str.search.max_uni_blocks
  • str.search.max_region_size
  • str.search.raw_alignment
  • str.search.check_ascii_freq
  • str.search.mode
  • bin.dbginfo.debuginfod
  • bin.dbginfo.debuginfod_urls
  • bin.dbginfo.dwo_path
  • bin.dbginfo.debug_file_directory
  • bin.hashes.default
  • asm.var.fold

New features

Support for new hash and encryption algorithms - SM3, SM4

New architectures

  • Renesas RX
  • Renesas RL78
  • Renesas (formerly NEC) RH850 (continuation of NEC V850)

New depedendencies

  • PCRE2

Documentation

Code documentation and man pages were updated and improved.

Sponsors

@stephen-fox

Release v0.6.3

18 Oct 00:02
36a1bf3
Compare
Choose a tag to compare
  • Fix a double free in LE file format handling
  • Fix arrow keys on some terminals
  • Fix #3835: off-by-1 for 32-bit x86 stack args
  • Fix dbg.hwbp config variable
  • Fix j/k movements in visual hexdump mode
  • Fix some leftovers of the ?i command
  • Try searching for backtrace() in libexecinfo.
  • Implement add r#, K in the x86 assembler
  • Improvements in w? help and env command
  • regex: support \s
  • Refactor some rz_core_cmd*() calls to use the API instead

Release v0.6.2

14 Sep 07:01
Compare
Choose a tag to compare
  • Update to Capstone 5.0.1
  • Update to zlib 1.3
  • Fix syscall definitions preprocessing
  • Fix forgotten remnants of the old ? command (was changed and reworked to % command in previous releases)
  • Refactor pointer command (*) to use the API
  • Fix multiple Use-After-Frees in disassembly and PYC parsing code
  • Fix division by zero in s++ and s-- commands
  • Fix infinite loop condition in parsing some ELF files
  • Fix various memory leaks
  • Fix env command help message
  • Update rizin and rz-diff man pages

Release v0.6.1

19 Aug 18:12
Compare
Choose a tag to compare
  • Fix CVE-2023-40022
  • Fix memory leak in disassembly
  • Fix Tricore disassembly performance
  • Fix AVX512 detection in BLAKE3 (fixes building for older generations of macOS systems)
  • Fix help in visual mode
  • Unify crypto plugin API to match other types of plugins
  • Add %$ command to handle Rizin $varname variables

Release v0.6.0

05 Aug 03:13
Compare
Choose a tag to compare

RzIL

In this release, we continued improving RzIL support. The significant addition is implementing floating point numbers theory and uplifting the most common ARM VFP/NEON instructions to it.

Added new commands aoi and agI to show RzIL in the text and graph forms correspondingly:

Screenshot 2023-08-04 at 17 50 22

Command changes

  • asm.dwarf.* options were moved into asm.debuginfo.*.
  • Added new aaC command to run classes analysis
  • Removed typelinks (tl commands) and completely switched to using global variables instead (avg commands)
  • Added a new command, help, to serve as an introduction to the rizin shell.
  • Evaluation commands that were before ? subcommands are moved to % space, and environment variable commands were removed from % (env should be used instead)
  • Added p=r command to display entropy edges
  • Added interactive variants of p== commands (append v suffix):
Screenshot 2023-08-04 at 19 20 35

Analysis

  • Added ability to demangle Borland C++ and Rust symbols
  • In preparation for migration from ESIL to RzIL, removed incomplete ESIL support in WASM and RSP architectures
  • Embedded parser of C types updated to support C23 syntax.

Miscellaneous

  • Default Capstone is now 5.0
  • The Tricore plugin was rewritten from scratch and is based on Capstone now.
  • Added MD2 hash algorithm support

Sponsors

@stephen-fox

Release v0.5.2

27 Mar 00:23
Compare
Choose a tag to compare
  • Fix CVE-2023-27590
  • Fix Linux debugger compilation for ARM64 targets
  • Fix cross-compilation when using the system OpenSSL library
  • Fix various sscanf() issues in the Linux native debugger, coredumps handling.

Release v0.5.1

21 Feb 15:40
Compare
Choose a tag to compare

This release fixes the building issues with system capstone versions, and a type formatting crash

Release v0.5.0

18 Feb 17:04
a7d643a
Compare
Choose a tag to compare

We are happy to present the result of our half-year long work - v0.5.0 release. Within this release we almost finished (only a few commands remain) the conversion to the new tree-sitter-based parser. Moreover, we also progress with the RzIL migration - three more architectures were converted since the last release: PowerPC, SuperH, and 8051. We also started the conversion of the x86 - most basic instructions are covered. One more significant change since - is the use of a new frame-pointer-based variables addressing instead of the old SP/BP-based ones.

As usual, keep reading for more insights and let us know of any bugs you find or improvements you would like to see in future versions.

New

  • With this release we completely removed the old bash-based rz-pm package manager to focus on the new cross-platform package manager, rz-pm, written in Go and easy to install on all major OS and platforms.

  • Stack pointer tracking: The stack pointer was previously already tracked during analysis for variables and their accesses, but not stored in any sensible form for further use. Starting with this release, it is stored in a way that allows for efficient querying of the stack frame size value at arbitrary analyzed addresses. The asm.stackptr variable can be enabled to visualize both the absolute sp value and the delta of each instruction in disassembly:
    Bildschirm­foto 2023-02-18 um 14 58 33

  • Stack-based variables: Variables on the stack are not identified by bp/sp+ anymore, which often caused misleading results, but by their address from the bottom of the stack frame, independent of how they are accessed.
    Notice how in this example from rizin 0.4.1, the analysis creates both bp- and sp-based variables from DWARF info and disassembly respectively, but is unable to detect that they actually describe the same stack locations:
    Bildschirm­foto 2023-02-18 um 14 30 44
    With the new kind of addressing (displayed as stack - <offset>), such cases are resolved:
    Bildschirm­foto 2023-02-18 um 14 31 14
    This also enables decompiler plugins like rz-ghidra to integrate sp-accessed variables defined in rizin in their decompilation output.

  • New color themes: Nord (eco nord) and Mars (eco mars).
    Bildschirm­foto 2023-02-18 um 14 30 44
    Bildschirm­foto 2023-02-18 um 14 30 44

Improvements / Fixes

  • All of our tests now pass on both Little Endian and Big Endian platforms. For a long time we had tests failing when executed on Big Endian systems, due to subtle assumptions the running system was Little Endian. Not anymore! We do have S390x machines running our test suite on every commit to ensure that we won't regress anymore.
  • String search is now multithreaded! Now multi-core processors can use parallelism to find string across the binary which results in faster loading time.
  • FLIRT generation and detection had important fixes covering cases that were wrongly handled before. You can expect much better detection now and better coverage with our sigdb (this also improves the compatibility with IDA)
  • cabextract tool presence is no longer necessary for unpacking PDB files, as rizin is able unpacking them itself using the "libmspack" library.

Extras

Packaging

  • libuv dependency was removed
  • liblzma dependency was added
  • libmspack dependency was added
  • blake3 dependency was added

Build

  • Remove old bash-based rz-pm (#3360)
  • Update xz (liblzma) to 5.4.1
  • Update liblz4 to 1.9.4
  • Update zlib to 1.2.13
  • Update tree-sitter to 0.20.7
  • Use compiler intrinsics for rz_swap_* functions (#3300)
  • Fix plugin removal and clean code (#3277)
  • Removed rzbochs
  • Update blake3 to use cpu extensions (#3108)
  • Remove rz-agent (#3087)
  • Add ssdeep hash (#3084)
  • build: fix BINDIR_DEPTH computation on Windows (#3075)
  • Replace meson cmake module usage by plain configure_file() (#2948)
  • Meson refactor: collect modules in dict and centralize config (#2945)
  • Build: add option to choose to regenerate cmd_descs.[ch] (#2934)
  • Rename rz_version.h.in to rz_build_version.h.in (#2914)
  • Fix Windows cross build (#2897)
  • Fix windows and cpp compatibility (#2887)
  • Drop libuv dependency
  • Update on every build the git hash shown by rizin -v (#2863)
  • librz: refactor a bit how plugins are built
  • util: make zlib dependency optional
  • Set default warning level 1 for Meson
  • Update libzip to v1.9.2
  • build: keep using meson 0.55.0 functions
  • build: use gnu99 globally instead of per-project
  • Add liblzma subproject
  • Add libmspack and add idpx to extracts compressed pdb (#2728)
  • build: check for 'backtrace' presence in meson
  • Fix compilation on Termux and Haiku (#2671)
  • Use clang-format 15 instead of 14

RzUtil

  • Fix plugin removal and clean code (#3277)
  • Add *pty API (#3221)
  • Fix: grep(~) will change the original result when ignores case (#3259)
  • util: fix logging of long strings by using RzStrBuf
  • Remove RZ_HOMD_OLD_PLUGINS after transition period ended (#3246)
  • Refactoring and rename RASN1 to RzASN1
  • Rename RPKCS7/RCMS/Spc to RzPKCS7/RzCMS/RzSpc
  • Refactoring names and usages of pkcs7
  • Rename RX509* to RzX509*
  • Refactoring names and usages of x509
  • Refactoring RzList to remove unused methods and bad naming (#3074)
  • Added Apple ASN1 OIDs (#3048)
  • Fix oob read on rz_pkcs7_parse_spcdata
  • Fix oob read on rz_x509_parse_tbscertificate
  • Add rz_bv_range_set and rz_bv_is_all_one to bitvector lib (#2891)
  • Move rz_str version funcs into version.c (#2890)
  • Remove cb_printf() from RzPrint
  • rz_print_hexdump() refactoring (#2841)
  • Tokenize and colorize asm strings (#2417)
  • Fixes for the regex engine (#2839)
  • Windows: Subprocess fixes
  • Windows: Refactor environment variables
  • Windows: Implement rz_sys_pipe()
  • Windows: Fix for file sharing permission
  • util/sdb: remove JSON code
  • Move SDB into RzUtil
  • util: make zlib dependency optional
  • util: provide rz_time_gettimeofday API (#2811)
  • Remove rz_th_kill, rz_th_kill_free and rz_th_pool_kill (#2790)
  • Windows: Fix for subprocess API handle inheriting (#2773)
  • Add RzBaseFindOpt for custom thread status callback (#2768)
  • Multithread string search (#2665)
  • Remove RQueue (#2720)
  • Cleanup of utf8.c and utf16.c files. (#2715)
  • Rework register profile parsing
  • Refactor thread code and add RzThreadQueue (#2683)
  • Print: Memoize number of rows for current print
  • Better false-positives detection in rz_scan_strings (#2691)

RzType

  • Make afs respect the calling convention (Fix #3291) (#3292)
  • Remove temporary type string conversion in DWARF integration (#3266)
  • Fix type bitsizes for struct/union member loops
  • Fix rz_type_db_get_bitsize() without specifier and add tests
  • Rewrite and extend type paths from offset
  • Unify and fix typedef loop handling
  • Fix leaks in rz_type and tests (#3223)
  • Ensure double and float uses the proper method to decode it. (#3105)

RzSignature

  • Do not overly optimize when applying a pat file
  • Fix signature creation due bad offset
  • Rename only non-symbols, but add the flag
  • Fix FLIRT CRC calculation, length and matching
  • Fix FLIRT detection when function size is less than 32 bytes (#3118)
  • Remove zignatures and move aaF[l] -> F[al] , zf[sdc] -> F[sdc] (#2682)

RzIO

  • Return error when reading/writing to unmapped memory (#3323)
  • Refactor S-Record files reading to not use sscanf() (#3321)
  • Rewrite of Bochs debugger and io plugin
  • Rewrite reading in io_mach (#3101)

RzHash

  • Fix alignment issues in SHA2
  • Add ssdeep hash (#3084)
  • Support blake3 hash algo (#3030)
  • hash: use RzHash in most hash APIs
  • RzHash: rename everything in librz/hash to RzHash prefix

RzDemangler

  • Add Free Pascal demangling support (#3011)

RzDebug

  • Fix DMP reg profile depending on host bitness
  • Make XNU reg profile depend on CPU type instead of RzDebug.bits (#3270)
  • Fix endianness for Windows PageDump files and WinKd (#3204)
  • Adds sync_registers in debug plugin and cleanup brainfuck debugger
  • Fix up rz_debug_trace_ins_after() (#3216)
  • rz_debug_trace_ins_after: Downgrade dbg->cur_op guard (#3206)
  • Print err msgs if rz_debug_trace_ins_before() fails (#3203)
  • Fix arm64 register access in XNU debugger
  • Use cpu_type_t for checking XNU debuggee's arch
  • Refactor global state of xnu debugger into RzXnuDebug struct
  • Refactor and replace .dm* calls with pure C (#2847)
  • Fix rz_xnu_get_cur_thread() messing up the target's mappings
  • Fix detaching in XNU Debugger
  • Fix attaching in XNU Debugger
  • Improve logging for EXC_SOFTWARE on XNU, showing Unix signals
  • De-include xnu_threads.c and xnu_excthreads.c
  • Remove XNU_USE_PTRACE
  • Fix pdb.autoload crash (#2729)

RzCons

  • Mute the mouse in the HUD mode (#3355)
  • Fix big memory leak in graph rendering (#3342)
  • Add search.case_sensitive option for grep case-sensitive/insensitive (#3241)
  • Fix: grep(~) will change the original result when ignores case (#3259)
  • Add Nord color theme (#3250)
  • Add Mars color theme (#3252)
  • Extract histograms and bars int...