I have implemented lot of things and added lot more in TODO...things are
going faster than expected ;D
The more important changes are:
- new print command 'pm' to analyze memory in a format-string like way
(see changelog fmi)
for example:
> pm xxsi -> 0x8048484 0x8484004 "food" 4
- graph and code analysis fixups and enhacements
- initial tracing capabilities
- currently integrated with pD (disasembly)
- will be integrated with graph supporting time windows and node colorization
I plan to start writing simple Gtk widgets in vala and make them invokable from
a plugin ..something like:
$ radare -l ~/.radare/plugins/gui.so /bin/ls
[0x000000000]> Hack gui scroller
The 'gui' plugin will open a gtk window with the seek-scroll widget
The creation of simple widgets will enable gui features to the commandline
radare,
and allowing to easily create a complete gui after having all the 'pieces'.
Dissembly with trace looks like:
[0x00000000]> eval asm.bytes=0
[0x00000000]> eval asm.trace=1
[0x00000000]> pD 20 @ 0xbbbf549c
0xBBBF549C 01 01 esp -= 0x8 ; 8 ' '
0xBBBF549F oeip:
0xBBBF549F 02 01 push ebx
0xBBBF54A0 eip:
.=< 03 01 v call 0xBBBF54A5 ; eip+0x5
'-> 0xBBBF54A5 04 01 pop edx
[0x00000000]>
Changelog:
Fri, 01 Feb 2008 01:22:33 +0100
* New print mode: pm (print memory format string)
- Allows to read function arguments in debugger
- Allows to parse structures in oneliners
- Command per offset will be implemented soon...
[0x00000000]> pm?
Usage: pm [format]
e - temporally swap endian
n - perform \n after format
b - one byte
i - %d integer value (4 byets)
q - quadword (8 bytes)
x - 0x%08x hexadecimal value
z - \0 terminated string
Z - \0 terminated wide string
s - pointer to string
* - next char is pointer
. - skip 1 byte
* Fox x86/code analisys bug by esteve (short jumps)
* Refactor radare_command to radare_cmd, radare_command_raw -> radare_cmd_raw
* Store timestamp in traces
* Make trace use the trace.dup configuration variable
- dups creates new traces when passing two times over the same address
- time counter will be increased for all vars if dup is not set
* New files: .hgignore, AUTHORS
* Add resolver function callback to the hack plugin structure
- Add some core function pointers to the core array
- Make hello world plugin example use it
- Allows to resolve core functions from plugins
- Will help to define a better core api
- Gtk plugins will come soon too ;)
Thu, 31 Jan 2008 06:04:28 +0100
* Initial import of the tracing code. facilities to read code :)
- Integrated with udis disassembler
* Colorize asm.lines arrows green/red depeding if ingoin or outgoing
* Show printable char for byte cast intel (udis86) opcode arguments
* More use of the radare_controlc inside the debugger
* Add key 't' in visual mode to simulate a trace...uh?
* Fix stepo ..uh!
* Fix zoom hexdump offsets
* New eval flags:
asm.trace <- toggle visibility of tracing bytes
trace.log <- should be renamed to file.traelo?
graph.flagblocks <- are flagged addresses blocks too?
_______________________________________________
radare mailing list
[email protected]
https://lists.nopcode.org/mailman/listinfo/radare
