* Visual keystrokes for dcu and dcr with cursor mode and sS

* Fix dcr (continue until ret)
* Add /x key:msk (':' separator)

TODO

@@ -7,25 +7,33 @@
 
 ====[[ 0.9.1 ]]====
 
+MAXPRIO
+-------
+* add visual key to continue until cursor ('s' dcu config.seek+cursor)
+* continue until ret ('S'
+* implement bitmask search /x 414243:ff00ff
+* p7 : 7bit encoding (sms)
+  - variant for stego print? LSB, MSB, ...
+* Make r_io happy with RList
 * Embed Luvit?
+* add support for sockets in rarun2
 * valabind must support luvit and nodejs (-ffi)
+* check search multiple keywords and signatures
+* Fix iterators for r_macro (test only?)
+  - search for antidebug/disasm tricks opcodes
+    - allows to find interesting points to analyze
 
 BUGS:
 * If [0-9] keybindings in visual point to same address use same reference
-* Make r_io happy with RList
 * RBinCreate:
   - mach0 create for darwin-ppc
   - mz
   - pe64
   - plan9 bins
-* add support for sockets in rarun2
 * Add !load in r2 (oo args)
 * opening a file from inside r2 doesnt clears internal data (strings..)
 * 'ao' must be for opcodes, not bytes
 * backtrace for linux or osx at least
-* Add support for classes (useful for c++, dex, objc, ...)
-  - command to add new classes
-
 * implement 'ax' to get/set xrefs (better than afl <addr>) .. or afx?
 * shell encoder - get x86-64 one from twitter
   - http://funoverip.net/2011/09/simple-shellcode-obfuscation/
@@ -35,6 +43,8 @@ BUGS:
 * rabin2 -z /dev/sda1 TAKES TOO LONG. opening r2 /tmp/fs is SLOW as shit.
 
 ===[ 0.9.2 ]===
+* Add support for classes (useful for c++, dex, objc, ...)
+  - command to add new classes
 * show analized functions in 'aa'
 * Tracing support for the debugger
   - "e cmd.trace=dr=;.dr*;pd 2@eip"
@@ -47,7 +57,7 @@ BUGS:
   - this is..you CANT call r_core_cmd() while iterating flags unless you want to crash
   - we probably need to queue the deletions and use a commit-like methodology
   - this way we avoid duplications
-  RListBox *b = r_flag_get_list ();
+ RListBox *b = r_flag_get_list ();
   r_list_foreach (b, iter, item) {
     r_list_delete_iter_later (b, iter);
   }
@@ -59,13 +69,6 @@ BUGS:
 * REFACTOR of disasm loop XDDDDD -1 (r2<1.0 plzz)
   - arch dependent anal code must be removed from disasm loop +1
 
-pancake
--------
-* check search multiple keywords and signatures
-* Fix iterators for r_macro (test only?)
-  - search for antidebug/disasm tricks opcodes
-    - allows to find interesting points to analyze
-
 nibble
 ------
 * Analyze this opcode: ff2518130000     jmp qword [rip+0x1318]
@@ -106,14 +109,12 @@ nibble
 
 earada
 ------
-* p7 : 7bit encoding (sms)
 * Add print support for bitfields (pm b...)
 * Fix io_haret memory dump
 * r_socket (already done?)
   - Add SSL support
   - http API in r_socket module
     - allow to get/post data/files with continue on plain/ssl
-* implement bitmask search
 * refactor rap and raps
 * remove all uses of alloca() // mingw and grep reports them all :)
 * typedef all function pointers, like in r_bp
@@ -156,8 +157,6 @@ Assembler
   - Add support for STATIC_PLUGINS in r_lang
   - dlerror(/usr/lib/radare2/lang_perl.so): libperl.so: cannot open shared object file: No such file or directory
     This issue is fixed by setting LD_LIBRARY_PATH...looks like dlopen ignores rpath
-* p7 - print 7bit encoded strings (SMS)
-  - variant for stego print? LSB, MSB, ...
 * r_bin
   - Take into account LOAD info for bin allocation ??
 * r_anal

libr/core/cmd_search.c

@@ -1,6 +1,11 @@
 /* radare - LGPL - Copyright 2009-2012 // pancake<nopcode.org> */
 
 static int preludecnt = 0;
+static int searchflags = 0;
+static const char *cmdhit = NULL;
+static const char *searchprefix = NULL;
+static unsigned int searchcount = 0;
+
 static int __prelude_cb_hit(RSearchKeyword *kw, void *user, ut64 addr) {
 	RCore *core = (RCore *)user;
 	int depth = r_config_get_i (core->config, "anal.depth");
@@ -66,10 +71,6 @@ R_API int r_core_search_preludes(RCore *core) {
 	} else eprintf ("ap: Unsupported asm.arch and asm.bits\n");
 	return ret;
 }
-static const char *cmdhit = NULL;
-static const char *searchprefix = NULL;
-static unsigned int searchcount = 0;
-static int searchflags = 0;
 
 static int __cb_hit(RSearchKeyword *kw, void *user, ut64 addr) {
 	RCore *core = (RCore *)user;
@@ -357,19 +358,20 @@ static int cmd_search(void *data, const char *input) {
 		r_search_reset (core->search, R_SEARCH_KEYWORD);
 		r_search_set_distance (core->search, (int)
 			r_config_get_i (core->config, "search.distance"));
-// TODO: add support for binmask here
+		// TODO: add support for binmask here
-{
+		{
-	char *s, *p = strdup (input+2);
+			char *s, *p = strdup (input+2);
-	s = strchr (p, ' ');
+			s = strchr (p, ' ');
-	if (s) {
+			if (!s) s = strchr (p, ':');
-		*s++ = 0;
+			if (s) {
-		r_search_kw_add (core->search,
+				*s++ = 0;
-			r_search_keyword_new_hex (p, s, NULL));
+				r_search_kw_add (core->search,
-	} else {
+						r_search_keyword_new_hex (p, s, NULL));
-		r_search_kw_add (core->search,
+			} else {
-			r_search_keyword_new_hexmask (input+2, NULL));
+				r_search_kw_add (core->search,
-	}
+						r_search_keyword_new_hexmask (input+2, NULL));
-}
+			}
+		}
 		r_search_begin (core->search);
 		dosearch = R_TRUE;
 		break;

libr/core/visual.c

@@ -449,14 +449,28 @@ R_API int r_core_visual_cmd(RCore *core, int ch) {
 		//r_core_cmd(core, "s eip", 0);
 		break;
 	case 's':
-		r_core_cmd (core, "ds", 0);
+		if (curset) {
-		r_core_cmd (core, ".dr*", 0);
+			// dcu 0xaddr
-		//r_core_cmd(core, "s eip", 0);
+			char xxx[128];
+			snprintf (xxx, sizeof (xxx), "dcu 0x%08"PFMT64x, core->offset + cursor);
+			r_core_cmd (core, xxx, 0);
+			curset = 0;
+		} else {
+			r_core_cmd (core, "ds", 0);
+			r_core_cmd (core, ".dr*", 0);
+			//r_core_cmd(core, "s eip", 0);
+		}
 		break;
 	case 'S':
-		r_core_cmd (core, "dso", 0);
+		if (curset) {
-		r_core_cmd (core, ".dr*", 0);
+			// dcr
-		//r_core_cmd(core, "s eip", 0);
+			r_core_cmd (core, "dcr", 0);
+			curset = 0;
+		} else {
+			r_core_cmd (core, "dso", 0);
+			r_core_cmd (core, ".dr*", 0);
+			//r_core_cmd(core, "s eip", 0);
+		}
 		break;
 	case 'p':
 		core->printidx = R_ABS ((core->printidx+1)%NPF);

libr/debug/debug.c

@@ -253,7 +253,9 @@ R_API int r_debug_step_hard(RDebug *dbg) {
 		return R_FALSE;
 	if (!dbg->h->step (dbg))
 		return R_FALSE;
-	return r_debug_wait (dbg);
+	r_debug_wait (dbg);
+	/* return value ignored? */
+	return R_TRUE;
 }
 
 // TODO: count number of steps done to check if no error??
@@ -301,7 +303,9 @@ R_API int r_debug_step_over(RDebug *dbg, int steps) {
 			r_bp_add_sw (dbg->bp, bpaddr, 1, R_BP_PROT_EXEC);
 			ret = r_debug_continue (dbg);
 			r_bp_del (dbg->bp, bpaddr);
-		} else ret = r_debug_step (dbg, 1);
+		} else {
+			ret = r_debug_step (dbg, 1);
+		}
 	} else eprintf ("Undefined debugger backend\n");
 	return ret;
 }
@@ -342,26 +346,31 @@ R_API int r_debug_continue_until_nontraced(RDebug *dbg) {
 	return R_FALSE;
 }
 
+/* optimization: avoid so many reads */
 R_API int r_debug_continue_until_optype(RDebug *dbg, int type, int over) {
+	int (*step)(RDebug *d, int n);
 	int ret, n = 0;
+	ut64 pc = 0;
 	RAnalOp op;
 	ut8 buf[64];
-	ut64 pc = 0;
+
 	if (r_debug_is_dead (dbg))
 		return R_FALSE;
-	if (dbg->anal) {
+	if (dbg->anal && dbg->reg) {
-		do {
+		const char *pcreg = dbg->reg->name[R_REG_NAME_PC];
-			if (over) ret = r_debug_step_over (dbg, 1);
+		step = over? r_debug_step_over: r_debug_step;
-			else ret = r_debug_step (dbg, 1);
+		for (;;) {
-			if (!ret) {
+			pc = r_debug_reg_get (dbg, pcreg);
+			dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
+			ret = r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
+			if (ret>0 && op.type&type)
+				break;
+			if (!step (dbg, 1)) {
 				eprintf ("r_debug_step: failed\n");
 				break;
 			}
-			pc = r_debug_reg_get (dbg, dbg->reg->name[R_REG_NAME_PC]);
-			dbg->iob.read_at (dbg->iob.io, pc, buf, sizeof (buf));
-			r_anal_op (dbg->anal, &op, pc, buf, sizeof (buf));
 			n++;
-		} while (!(op.type&type));
+		}
 	} else eprintf ("Undefined pointer at dbg->anal\n");
 	return n;
 }

libr/include/r_io.h

@@ -101,6 +101,7 @@ typedef struct r_io_t {
 	int write_mask_len;
 	struct r_io_plugin_t *plugin;
 	struct r_io_undo_t undo;
+	//RList *iolist;
 	struct list_head io_list;
 	RList *sections;
 	int next_section_id;