____ ___ ____ ___ ____ ___ ______ ____ | _ \/ \' \/ \ _ \/ _ \ \__ | / \ | < V . T . V < _/ .-' _/ | () | |_|\__|_|__|___/|_|_|_|\__\___/ |_____(_)____/ <{include libr/TODO}> 0.5 RELEASE =========== Questions: ---------- * rabin2 doesnt works for osx-x86 mach0 bins..so io.va=1 fails - opening simple fiels with io.va=1 fails !!! - if no sections defined it should read as plain * Do we have to enable jump/call toggles for breaking basicblocks? (yes/no) - pancake: no , nibble: (WHAT DO YOU THINK ABOUT THIS? :) * code analysis with r_parse // isnt this already done? nibble? - generate by just parsing the opcode - RAnalAopArg { int size; int delta; int type; } - r_anal_aop_arg_set (); r_anal_aop_arg_get (); r_anal_aop_arg_binmask (); Bugs: ----- * nibble: trace counts after step..thats not correct! TODO: ----- * nibble: mach0 new binary format is not supported by bin_mach0 :( * java disassembler do not uses the constant pool * Implement r_sys_setenv stuff from r1 in core/file.c:33 (!!?) * pancake: Implement search.align * Initial analysis looking for xrefs to strings and so? ax? ./a@@entry0 - Launched at startup * references: data (read, write), code (call, jmp) must be inside Function - Cx doesnt works as expected (from-to, from-size, ..) - xrefs must be inside function, string, data.. dupped? - done with r_meta_sync() ? - use r_db in flags and meta * Handle metadata from disassembler (structs, hexdump, ...) - r_meta_print (RMeta, RMetaItem, RPrint); * pancake: FileDescriptors: dd -- copy from !fd in r1 * Write manpages for r2rc, r2rc-tool, rasign2 * pancake: we need an api to define function signatures - arg/var set name/get value/ .. - integrated with function signatures - offset -> formatstring (offset is the key to function signature) * pancake: implement RAnalCall (analyze function arguments, return values, propagate types..) - define number of arguments for given function - warn if signature and analysis differs in number of args or so.. * gerardo?: implement GMP in util/big.c * nibble: diff code analysis - diff two programs 1st level: - check all functions EQUAL, DIFFERENT, REMOVED, ADDED - check all symbols - check all imports - check all strings 2nd level: - basic block level diffing (output in graph mode) ---8<------------8<------------------8<---------------------8<------------- -- - - Transaction notes ================= Loading big binaries results on broken interaction. - Optimize bottlenecks - Index flags by name and offset - Dont walk all the entries all the time - Use RDB or RHashMap - Cache - We can just cache the last N used pointers to resolve them faster - Should work fine for disassembling and others - Transactions and threads - BIGLOCK is enought i think - A background thread can load rabin info - r_th is required - We need a way to get 'status' info from thread (msg passing?) - r_th_msg - We can lock the loading thread when a shell command is going to be executed | |--- (while (prompt,lock,run,unlock)) \ `-- (while (lock,load,unlock)) Build fixes: ------------ * Store version information in libraries ? debian claims for it Analysis ======== * Implement more get_main() (NOOB) Bindings ======== * generate accessors automatically from valaswig * Script plugins - We should enable r_lib to implement plugins in any scripting language, so we can for example prepare a .c stub interface for python/perl/ruby/.. - this requires a swig bridge Build system ============ * install.sh (to track installed files ..) Refactoring =========== * Move disasm loop into r_print (r_print should depend on r_asm) - thats hard :) * Move 'r_syscall_t' stuff into r_debug (sync r_core) * merge r_asm and r_anal? * Implement r_bind api to link multiple pointers core->asm = r_bind_set (core->asm->bind, r_asm_new ()); * what do we have to do with r_th, r_parse and r_vm ? * Is RCore->block and blocksize a RBuf ? refactor!11 * Find a better name for r_buf_fread (really?) * typedef all function pointers, like in r_bp * Review r_io API * rasm2 should be configurable at startup time to choose default arch (use env?) * semi-ok state (R_TRUFAE), implement r_errno and r_errstr in r_util? * Finish and import the spp's getopt owns implementation in r_util (like in p9) * Rename __UNIX__ as __POSIX__ Design ====== * Implement 'av' command we need it (really?) how about to eval with ? * filter search results.. cc 8080 @@ hit* .. check for values that has changed. - maybe we should 'cache' some memory regions * Add 'prj.name', 'prj.desc' * Add description to project e file.desc ? * Add RLog API.. pipeable to disk and stderr..also hookable ..cool for ui Future ====== * radare2 -e dbg.engine=vm -d ls - load the program using r_bin in virtual space - initialize vm and set regs - debug backend should use the vm