* added iC command to show signature info
in the case of mach it shows entitlements
* added rabin2 -OC to get signature info from binary
* change swap to r_read_bleX new API
* change eprintf to r_cons_printf
* add const char in plg->signature
The rewrite the ARCompact analyser code started because I noticed that the
older code was really not decoding the binary I was working on properly.
Specific things that I noticed were:
* Scrolling backwards scrolled forwards
* Jump targets were shown from apparently random opcodes
* Analysis really didnt find anything
* The anal code was essentially hardcoded for big endian targets (and mine
was not, so instruction decoding was largely misfiring)
I read the ARCompactISA Programmers Reference guide and implemented decoding
for most instructions. Specifically, I ensured that all the instructions that
had limm data were decoded with the correct length and that all the jump or
branch targets were correctly calculated.
As I have not previously looked at anal plugins before, I expect I have
messed up a bunch of the assumptions that the anal system makes.
Among the issues that I still have is that the analysis will find
instructions (and thus xrefs, functions, etc) in "unaligned" locations.
This might just be an artifact of the fact that not all my data is marked
as data, but it feels like there might be something I have missed.
Still remaining TODO are most of the 32bit general purpose instructions.
* BUG: missing break in switch
* Implement missing general instructions in ARCompact anal
* Only set op->fail on jump instructions for ARCompact
* ARCompact: analyse calculated pointers and immediate values in load/store/move instructions
* Address styleguide issues
* Remove unnecessary brackets
* Use standard endian swapping functions
* The maximum instruction length is only 8 bytes, adjust the de-swizzler appropriately
* BUG: I'm an idiot, fix the array size
* Move the opcode 4 General Operations to its own function for clarity
* Bring back the quick and dirty debug output by consolidating all decoded fields into a structure
* Factor out common code used in genops jumps and calls
* Remove some magic numbers by using defines for the registers
* Missed a field when converting to the struct
* Record the size of the opcode
* Add support for dword offsets to internal assembler
Internal assembler produces incorrect opcodes for offsets that were
greater than a short.
rasm2 "mov eax, [eax + 1337]"
8b8039
This adds support for values >127.
rasm2 "mov eax, [eax + 1337]"
8b8039050000
producing the same output as the `nasm` assembler.
* Fix support for negative short and dword offsets
Handle negative offsets for `mov` instructions both short and dword
sizes.
* Whitespace fixes
* Remove rogue character
Remove the reogue `:` that got into the code
