Import safetiness symbol name database from iaito ##bin

* Affects bin.symbol/import/reloc
* Update sdb for better indisk /istext/ check

doc/fortunes.fun

@@ -332,3 +332,4 @@ Caps lock is on.
 $10 or mistery box?
 INSERT COIN
 This program is not compatible with your device.
+Hey hey hey everyone! welcome to infoflash

libr/bin/bin.c

@@ -178,25 +178,39 @@ R_API RBinSymbol *r_bin_symbol_new(const char *name, ut64 paddr, ut64 vaddr) {
 
 R_API RBinSymbol *r_bin_symbol_clone(RBinSymbol *bs) {
 	r_return_val_if_fail (bs, NULL);
-	RBinSymbol *nbs = R_NEW (RBinSymbol);
-	memcpy (nbs, bs, sizeof (RBinSymbol));
-	nbs->name = strdup (nbs->name);
-	if (nbs->dname) {
-		nbs->dname = strdup (nbs->dname);
-	}
-	if (nbs->libname) {
-		nbs->libname = strdup (nbs->libname);
-	}
-	if (nbs->classname) {
-		nbs->classname = strdup (nbs->classname);
+	RBinSymbol *nbs = r_mem_dup (bs, sizeof (RBinSymbol));
+	if (nbs) {
+		nbs->name = strdup (nbs->name);
+		if (nbs->dname) {
+			nbs->dname = strdup (nbs->dname);
+		}
+		if (nbs->libname) {
+			nbs->libname = strdup (nbs->libname);
+		}
+		if (nbs->classname) {
+			nbs->classname = strdup (nbs->classname);
+		}
 	}
 	return nbs;
 }
 
+// query the symbol name into the symtypes database
+R_API const char *r_bin_symbol_unsafe(RBin *bin, const char *name) {
+	Sdb *db = sdb_ns (bin->sdb, "symclass", true);
+	if (db) {
+		const char *s = sdb_const_get (db, name, 0);
+		eprintf ("UNSAF %s DB %p = %s\n", name, db, s);
+		return s;
+	}
+	return NULL;
+}
+
 R_API void r_bin_symbol_fini(RBinSymbol *sym) {
-	free (sym->name);
-	free (sym->libname);
-	free (sym->classname);
+	if (sym) {
+		free (sym->name);
+		free (sym->libname);
+		free (sym->classname);
+	}
 }
 
 R_API void r_bin_import_fini(RBinImport *imp) {
@@ -224,11 +238,6 @@ R_API void r_bin_string_free(void *_str) {
 	}
 }
 
-// XXX - change this to RBinObject instead of RBinFile
-// makes no sense to pass in a binfile and set the RBinObject
-// kinda a clunky functions
-// XXX - this is a rather hacky way to do things, there may need to be a better
-// way.
 R_API bool r_bin_open(RBin *bin, const char *file, RBinFileOptions *opt) {
 	r_return_val_if_fail (bin && bin->iob.io && opt, false);
 
@@ -372,11 +381,10 @@ R_API bool r_bin_open_io(RBin *bin, RBinFileOptions *opt) {
 }
 
 R_IPI RBinPlugin *r_bin_get_binplugin_by_name(RBin *bin, const char *name) {
-	RBinPlugin *plugin;
-	RListIter *it;
-
 	r_return_val_if_fail (bin && name, NULL);
 
+	RBinPlugin *plugin;
+	RListIter *it;
 	r_list_foreach (bin->plugins, it, plugin) {
 		if (!strcmp (plugin->meta.name, name)) {
 			return plugin;
@@ -804,7 +812,7 @@ R_API RList *r_bin_get_mem(RBin *bin) {
 	return o ? o->mem : NULL;
 }
 
-// XXX badly designed api, should not exist, aka DEPRECATE
+// XXX R2_590 badly designed api, should not exist, aka DEPRECATE
 R_API int r_bin_is_big_endian(RBin *bin) {
 	r_return_val_if_fail (bin, -1);
 	RBinObject *o = r_bin_cur_object (bin);
@@ -834,6 +842,17 @@ R_API RBin *r_bin_new(void) {
 	bin->force = NULL;
 	bin->filter_rules = UT64_MAX;
 	bin->sdb = sdb_new0 ();
+	{
+		Sdb *db = sdb_new0 ();
+		const char *cs = R2_PREFIX R_SYS_DIR R2_SDB R_SYS_DIR "format" R_SYS_DIR "symclass.sdb";
+		bool res = sdb_open (db, cs);
+		if (res) {
+			sdb_ns_set (bin->sdb, "symclass", db);
+		} else {
+			R_LOG_DEBUG ("Cannot find symclass.sdb");
+			sdb_free (db);
+		}
+	}
 	bin->cb_printf = (PrintfCallback)printf;
 	bin->plugins = r_list_newf ((RListFree)r_bin_plugin_free);
 	bin->minstrlen = 0;

libr/bin/d/Makefile

@@ -37,9 +37,9 @@ clean:
 
 .PHONY: all clean install install-symlink symstall uninstall
 
-FORMATS=dex macho elf32 elf64 elf_enums pe32 trx mz zip
+FORMATS=dex macho elf32 elf64 elf_enums pe32 trx mz zip symclass.sdb
 
-install: ${F_SDB}
+install: $(F_SDB)
 	@echo "[i] Installing bin format files"
 	rm -rf "$P"
 	mkdir -p "$P"
@@ -47,8 +47,11 @@ install: ${F_SDB}
 	mkdir -p "$P/dll"
 	cp -f dll/*.sdb "$P/dll"
 
+symclass.sdb:
+	-$(SDB) $@ = < $@.txt
+
 CWD=$(shell pwd)
-symstall install-symlink:
+symstall install-symlink: symclass.sdb
 	mkdir -p "$P"
 	for FILE in * ; do \
 		if [ "$$FILE" != Makefile ]; then \

libr/bin/d/meson.build

@@ -1,4 +1,4 @@
-sdb_files = [
+sdb_dll_files = [
   'aclui',
   'activeds',
   'atl',
@@ -153,12 +153,10 @@ sdb_files = [
 
 r_bin_d_sources = []
 
-foreach file : sdb_files
+foreach file : sdb_dll_files
   if get_option('sdb_cgen')
     outfile = '@0@.c'.format(file)
     gen_cmd = sdb_gen_cmd_cgen
-    # outfile = join_paths(meson.current_source_dir(), 'dll', '@0@.sdb.txt'.format(file))
-    # XXX cgen builds not working well yet
   else
     outfile = '@0@.sdb'.format(file)
     gen_cmd = sdb_gen_cmd
@@ -177,6 +175,31 @@ foreach file : sdb_files
   endif
 endforeach
 
+# TODO: simplify this logic
+sdb_files = [ 'symclass' ]
+
+foreach file : sdb_files
+  if get_option('sdb_cgen')
+    outfile = '@0@.c'.format(file)
+    gen_cmd = sdb_gen_cmd_cgen
+  else
+    outfile = '@0@.sdb'.format(file)
+    gen_cmd = sdb_gen_cmd
+  endif
+  target = custom_target(outfile,
+    input: join_paths(meson.current_source_dir(), '@0@.sdb.txt'.format(file)),
+    output: outfile,
+    command: gen_cmd,
+    depends: sdb_exe,
+    build_by_default: true,
+    install: true,
+    install_dir: join_paths(r2_sdb, join_paths('format'))
+  )
+  if get_option('sdb_cgen')
+    r_bin_d_sources += target
+  endif
+endforeach
+
 format_files = [
   'dex',
   'macho',

libr/bin/d/symclass.sdb.txt

@@ -0,0 +1,240 @@
+# buffer unsafe, can cause buffer overflows
+system=buffer
+strcpy=buffer
+strcpyA=buffer
+strcpyW=buffer
+wcscpy=buffer
+_tcscpy=buffer
+_mbscpy=buffer
+StrCpy=buffer
+StrCpyA=buffer
+StrCpyW=buffer
+lstrcpy=buffer
+lstrcpyA=buffer
+lstrcpyW=buffer
+_tccpy=buffer
+_mbccpy=buffer
+_ftcscpy=buffer
+strcat=buffer
+strcatA=buffer
+strcatW=buffer
+wcscat=buffer
+_tcscat=buffer
+_mbscat=buffer
+StrCat=buffer
+StrCatA=buffer
+StrCatW=buffer
+lstrcat=buffer
+lstrcatA=buffer
+lstrcatW=buffer
+StrCatBuff=buffer
+StrCatBuffA=buffer
+StrCatBuffW=buffer
+StrCatChainW=buffer
+_tccat=buffer
+_mbccat=buffer
+_ftcscat=buffer
+sprintfW=buffer
+sprintfA=buffer
+wsprintf=buffer
+wsprintfW=buffer
+wsprintfA=buffer
+sprintf=buffer
+swprintf=buffer
+_stprintf=buffer
+wvsprintf=buffer
+wvsprintfA=buffer
+wvsprintfW=buffer
+vsprintf=buffer
+_vstprintf=buffer
+vswprintf=buffer
+strncpy=buffer
+wcsncpy=buffer
+_tcsncpy=buffer
+_mbsncpy=buffer
+_mbsnbcpy=buffer
+StrCpyN=buffer
+StrCpyNA=buffer
+StrCpyNW=buffer
+StrNCpy=buffer
+strcpynA=buffer
+StrNCpyA=buffer
+StrNCpyW=buffer
+lstrcpyn=buffer
+lstrcpynA=buffer
+lstrcpynW=buffer
+strncat=buffer
+wcsncat=buffer
+_tcsncat=buffer
+_mbsncat=buffer
+_mbsnbcat=buffer
+StrCatN=buffer
+StrCatNA=buffer
+StrCatNW=buffer
+StrNCat=buffer
+StrNCatA=buffer
+StrNCatW=buffer
+lstrncat=buffer
+lstrcatnA=buffer
+lstrcatnW=buffer
+lstrcatn=buffer
+gets=buffer
+_getts=buffer
+_gettws=buffer
+IsBadWritePtr=buffer
+IsBadHugeWritePtr=buffer
+IsBadReadPtr=buffer
+IsBadHugeReadPtr=buffer
+IsBadCodePtr=buffer
+IsBadStringPtr=buffer
+memcpy=buffer
+RtlCopyMemory=buffer
+CopyMemory=buffer
+wmemcpy=buffer
+wnsprintf=buffer
+wnsprintfA=buffer
+wnsprintfW=buffer
+_snwprintf=buffer
+_snprintf=buffer
+_sntprintf=buffer
+_vsnprintf=buffer
+vsnprintf=buffer
+_vsnwprintf=buffer
+_vsntprintf=buffer
+wvnsprintf=buffer
+wvnsprintfA=buffer
+wvnsprintfW=buffer
+strtok=buffer
+_tcstok=buffer
+wcstok=buffer
+_mbstok=buffer
+makepath=buffer
+_tmakepath=buffer
+_makepath=buffer
+_wmakepath=buffer
+_splitpath=buffer
+_tsplitpath=buffer
+_wsplitpath=buffer
+scanf=buffer
+wscanf=buffer
+_tscanf=buffer
+sscanf=buffer
+swscanf=buffer
+_stscanf=buffer
+snscanf=buffer
+snwscanf=buffer
+_sntscanf=buffer
+_itoa=buffer
+_itow=buffer
+_i64toa=buffer
+_i64tow=buffer
+_ui64toa=buffer
+_ui64tot=buffer
+_ui64tow=buffer
+_ultoa=buffer
+_ultot=buffer
+_ultow=buffer
+CharToOem=buffer
+CharToOemA=buffer
+CharToOemW=buffer
+OemToChar=buffer
+OemToCharA=buffer
+OemToCharW=buffer
+CharToOemBuffA=buffer
+CharToOemBuffW=buffer
+alloca=buffer
+_alloca=buffer
+strlen=buffer
+wcslen=buffer
+_mbslen=buffer
+_mbstrlen=buffer
+StrLen=buffer
+lstrlen=buffer
+ChangeWindowMessageFilter=buffer
+# imports using globals considered thread-unsafe
+asctime=global
+crypt=global
+ctime=global
+drand48=global
+ecvt=global
+encrypt=global
+erand48=global
+ether_aton=global
+ether_ntoa=global
+fcvt=global
+fgetgrent=global
+fgetpwent=global
+fgetspent=global
+getaliasbyname=global
+getaliasent=global
+getdate=global
+getgrent=global
+getgrgid=global
+getgrnam=global
+gethostbyaddr=global
+gethostbyname2=global
+gethostbyname=global
+gethostent=global
+getlogin=global
+getmntent=global
+getnetbyaddr=global
+getnetbyname=global
+getnetent=global
+getnetgrent=global
+getprotobyname=global
+getprotobynumber=global
+getprotoent=global
+getpwent=global
+getpwnam=global
+getpwuid=global
+getrpcbyname=global
+getrpcbynumber=global
+getrpcent=global
+getservbyname=global
+getservbyport=global
+getservent=global
+getspent=global
+getspnam=global
+getutent=global
+getutid=global
+getutline=global
+gmtime=global
+hcreate=global
+hdestroy=global
+hsearch=global
+initstate=global
+jrand48=global
+lcong48=global
+lgammaf=global
+lgammal=global
+lgamma=global
+localtime=global
+lrand48=global
+mrand48=global
+nrand48=global
+ptsname=global
+qecvt=global
+qfcvt=global
+qsort=global
+random=global
+rand=global
+readdir=global
+seed48=global
+setkey=global
+setstate=global
+sgetspent=global
+srand48=global
+srandom=global
+strerror=global
+strtok=global
+tmpnam=global
+ttyname=global
+twalk=global
+# network
+connect=network
+send=network
+recv=network
+listen=network
+accept=network
+select=network
+setsockopt=network

libr/core/cbin.c

@@ -2546,6 +2546,10 @@ static bool bin_symbols(RCore *r, PJ *pj, int mode, ut64 laddr, int va, ut64 at,
 			pj_ki (pj, "ordinal", symbol->ordinal);
 			pj_ks (pj, "bind", symbol->bind);
 			pj_kn (pj, "size", (ut64)symbol->size);
+			const char *safetyName = r_bin_symbol_unsafe (r->bin, symbol->name);
+			if (safetyName) {
+				pj_ks (pj, "unsafe", safetyName);
+			}
 			pj_ks (pj, "type", symbol->type);
 			pj_kn (pj, "vaddr", addr);
 			pj_kn (pj, "paddr", symbol->paddr);

libr/include/r_bin.h

@@ -415,7 +415,7 @@ struct r_bin_t {
 	int narch;
 	void *user;
 	/* preconfigured values */
-	int debase64;
+	bool debase64;
 	int minstrlen;
 	int maxstrlen;
 	int maxsymlen;
@@ -700,6 +700,7 @@ R_IPI void r_bin_section_free(RBinSection *bs);
 R_API void r_bin_info_free(RBinInfo *rb);
 R_API void r_bin_import_free(RBinImport *imp);
 R_API void r_bin_symbol_free(void *sym);
+R_API const char *r_bin_symbol_unsafe(RBin *bin, const char *name);
 R_API RBinSymbol *r_bin_symbol_new(const char *name, ut64 paddr, ut64 vaddr);
 R_API RBinSymbol *r_bin_symbol_clone(RBinSymbol *bs);
 R_API void r_bin_string_free(void *_str);

libr/util/mem.c

@@ -302,8 +302,9 @@ R_API bool r_mem_protect(void *ptr, int size, const char *prot) {
 }
 
 R_API void *r_mem_dup(const void *s, int l) {
+	r_return_val_if_fail (s, NULL);
 	void *d = malloc (l);
-	if (d) {
+	if (d != NULL) {
 		memcpy (d, s, l);
 	}
 	return d;
@@ -319,6 +320,7 @@ R_API void *r_mem_set(ut8 ch, int l) {
 
 
 R_API void r_mem_reverse(ut8 *b, int l) {
+	r_return_if_fail (b);
 	ut8 tmp;
 	int i, end = l / 2;
 	for (i = 0; i < end; i++) {

shlr/sdb/src/text.c

@@ -478,9 +478,6 @@ SDB_API bool sdb_text_check(Sdb *s, const char *file) {
 		if (*p == '=') {
 			has_eq = true;
 		} else if (*p == '\n') {
-			if (!has_eq) {
-				break;
-			}
 			has_nl = true;
 		} else if (!has_eq) {
 			if (*p < 10 || *p > '~') {

test/db/formats/dwarf

@@ -721,20 +721,20 @@ colu: 12
 addr: 0x00001149
 EOF
 EXPECT_ERR=<<EOF
-DEBUG: [cbin.c:3249] (section .dynstr) Css 141 @ 0x480
-DEBUG: [cbin.c:3249] (section .rela.dyn) Cd 8[24] @ 0x550
-DEBUG: [cbin.c:3249] (section .rela.plt) Cd 8[3] @ 0x610
-DEBUG: [cbin.c:3249] (section .init_array) Cd 8[1] @ 0x3db8
-DEBUG: [cbin.c:3249] (section .fini_array) Cd 8[1] @ 0x3dc0
-DEBUG: [cbin.c:3249] (section .dynamic) Cd 8[62] @ 0x3dc8
-DEBUG: [cbin.c:3249] (section .got) Cd 8[9] @ 0x3fb8
-DEBUG: [cbin.c:3249] (section .dynstr) Css 141 @ 0x480
-DEBUG: [cbin.c:3249] (section .rela.dyn) Cd 8[24] @ 0x550
-DEBUG: [cbin.c:3249] (section .rela.plt) Cd 8[3] @ 0x610
-DEBUG: [cbin.c:3249] (section .init_array) Cd 8[1] @ 0x3db8
-DEBUG: [cbin.c:3249] (section .fini_array) Cd 8[1] @ 0x3dc0
-DEBUG: [cbin.c:3249] (section .dynamic) Cd 8[62] @ 0x3dc8
-DEBUG: [cbin.c:3249] (section .got) Cd 8[9] @ 0x3fb8
+DEBUG: [cbin.c:3253] (section .dynstr) Css 141 @ 0x480
+DEBUG: [cbin.c:3253] (section .rela.dyn) Cd 8[24] @ 0x550
+DEBUG: [cbin.c:3253] (section .rela.plt) Cd 8[3] @ 0x610
+DEBUG: [cbin.c:3253] (section .init_array) Cd 8[1] @ 0x3db8
+DEBUG: [cbin.c:3253] (section .fini_array) Cd 8[1] @ 0x3dc0
+DEBUG: [cbin.c:3253] (section .dynamic) Cd 8[62] @ 0x3dc8
+DEBUG: [cbin.c:3253] (section .got) Cd 8[9] @ 0x3fb8
+DEBUG: [cbin.c:3253] (section .dynstr) Css 141 @ 0x480
+DEBUG: [cbin.c:3253] (section .rela.dyn) Cd 8[24] @ 0x550
+DEBUG: [cbin.c:3253] (section .rela.plt) Cd 8[3] @ 0x610
+DEBUG: [cbin.c:3253] (section .init_array) Cd 8[1] @ 0x3db8
+DEBUG: [cbin.c:3253] (section .fini_array) Cd 8[1] @ 0x3dc0
+DEBUG: [cbin.c:3253] (section .dynamic) Cd 8[62] @ 0x3dc8
+DEBUG: [cbin.c:3253] (section .got) Cd 8[9] @ 0x3fb8
 WARN: [cbin.c:1832] Relocs has not been applied. Please use `-e bin.relocs.apply=true` or `-e bin.cache=true` next time
 DEBUG: [cbin.c:2518] Cannot resolve symbol address __libc_start_main
 DEBUG: [cbin.c:2518] Cannot resolve symbol address _ITM_deregisterTMCloneTable