I have added the initial version of the code analysis module
for the core radare. Currently it's not working, but it's just
a few zen job. I'll finish't asap.
The module now supports x86, arm and java assembly analysis.
It templates each opcode filling an structure indicating which
type of opcode is and some more metadata of it (like jump address, etc)
This way we can make it work with %ARCH in this way:
> %ARCH arm
> pC
0x00005241 (0) -> 0xb7f84680, 0xb7f83ff4
0xb7f83ff4 (0) -> 0xb7f84680, 0xb7f83ff4
0xb7f84680 (0) -> 0xb7f84680, 0xb7f83ff4
0x00000002 (0) -> 0xb7f84680, 0xb7f83ff4
Note the new command 'pC' which performs a 'code analisis' starting
from the current seek with depth 4 (this will be defined by an environment
variable in the future).
Not too that the output data is absolutely broken, so ..let the patches come!
The analysis creates a new program_t structure and adds block_t inside
to represent the code blocks starting from seek as if it where an entrypoint.
This way, the rdb database takes more sense and allows a closer ida/radare
interaction in conjunction with the rdbdiff (bindiff of program_t's) and
grava (for navigating the code source inside a graph).
Here's the commit changelog
0: d3e89b36
author: [EMAIL PROTECTED]
date: 20071124-16:15:10
* Initial import of the code analysis module
* Accessible via pC command (print Code analysis)
* Does not currently works properly
* The structures and required code is done (need
* Supports:
- x86
- arm (Thanks esteve!)
- java
* Import z0mbies length disassembler in C
* Fix some makefile problems
And the snapshot tarball:
http://news.nopcode.org/miau/pvc.cgi?dist=radare
--pancake
_______________________________________________
radare mailing list
[email protected]
https://lists.nopcode.org/mailman/listinfo/radare
