____ ___ ____ ___ ____ ___ ______ ____ | _ \/ \' \/ \ _ \/ _ \ \__ | / \ | < V . T . V < _/ .-' _/ | () | |_|\__|_|__|___/|_|_|_|\__\___/ |_____(_)____/ <{include libr/TODO}> 0.5 RELEASE =========== Build system: ------------- * Write documentation about how to build r2, r2-swig, valaswig, make symstall and some basics about the organization of the code (boring++) * Store version information in libraries ? debian claims for it * install.sh (to track installed files ..) TODO edu -------- * port r_sign and r_diff to RList TODO nibble ----------- * implement grep{col,row} * rabin2 doesnt works for fat mach-o * af renames as fcn.* the already named functions..which is wrong TODO pancake ------------ * Implement visual selection of bytes in disassembly * we need an api to define function signatures - CF void name(int foo, char* var) - arg/var set name/get value/ .. * implement RAnalCall (analyze function arguments, return values, propagate types..) - define number of arguments for given function - warn if signature and analysis differs in number of args or so.. TODO gerardo ------------ * implement GMP in util/big.c unassigned TODO pointz ---------------------- * Implement a r_list_get_n() to get Nth element in linked list * Test r_lib^w32/osx support * Implement r_sys_setenv stuff from r1 in core/file.c:33 (!!?) * Implement more get_main() (NOOB) ---8<------------8<------------------8<---------------------8<------------- -- - - 0.6 === * FileDescriptors: dd -- copy from !fd in r1 * r_bin->relocs // RList of relocations * rasign2 : must be done, write manpage * distribute 'spp' with 'rarc2' ? * Initial analysis looking for xrefs to strings and so? ax? ./a@@entry0 - Launched at startup * nibble: diff code analysis - diff two programs 1st level: - check all functions EQUAL, DIFFERENT, REMOVED, ADDED - check all symbols - check all imports - check all strings 2nd level: - basic block level diffing (output in graph mode) Questions: ---------- * How to search for an opcode like CALL+REG? or MOV+CONST, ... - r_anal_match(anal, aop CALL | REG) ? - Implememnted in a command like /a.. * imports from PE doesnt works with /a because there's an indirect call * Load symbol information from libraries (only the ones imported by rabin2?) - only in runtime when eip is in library code? * Implement 'av' command we need it (really?) how about to eval with ? * filter search results..? cc 8080 @@ hit* .. check for values that has changed. * code analysis with r_parse // isnt this already done? nibble? - generate by just parsing the opcode - RAnalAopArg { int size; int delta; int type; } - r_anal_aop_arg_set (); r_anal_aop_arg_get (); r_anal_aop_arg_binmask (); * Cx/CX are not displayed in disasm as they should.. (C! must die) Bindings ======== * generate accessors automatically from valaswig * Script plugins - We should enable r_lib to implement plugins in any scripting language, so we can for example prepare a .c stub interface for python/perl/ruby/.. - this requires a swig bridge Refactoring =========== * Add RLog API.. pipeable to disk and stderr..also hookable ..cool for ui (partially done) * Move disasm loop into r_print (r_print should depend on r_asm) - thats hard :) * Move 'r_syscall_t' stuff into r_debug (sync r_core) * merge r_asm and r_anal? * Implement r_bind api to link multiple pointers core->asm = r_bind_set (core->asm->bind, r_asm_new ()); * what do we have to do with r_th, r_parse and r_vm ? * Is RCore->block and blocksize a RBuf ? refactor!11 * Find a better name for r_buf_fread (really?) * typedef all function pointers, like in r_bp * Review r_io API * semi-ok state (R_TRUFAE), implement r_errno and r_errstr in r_util? * Finish and import the spp's getopt owns implementation in r_util (like in p9) * Rename __UNIX__ as __POSIX__ Future ====== * radare2 -e dbg.engine=vm -d ls - load the program using r_bin in virtual space - initialize vm and set regs - debug backend should use the vm Transaction notes ================= Loading big binaries results on broken interaction. - Optimize bottlenecks - Index flags by name and offset - Dont walk all the entries all the time - Use RDB or RHashMap - Cache - We can just cache the last N used pointers to resolve them faster - Should work fine for disassembling and others - Transactions and threads - BIGLOCK is enought i think - A background thread can load rabin info - r_th is required - We need a way to get 'status' info from thread (msg passing?) - r_th_msg - We can lock the loading thread when a shell command is going to be executed | |--- (while (prompt,lock,run,unlock)) \ `-- (while (lock,load,unlock)) .------------------------. | ___ ___ ____ | | | - ) _ _ | _ |/ _/ | please! | | - \| | |\_ |\_ \ |___. report! :) | |___/'___'|___'|___/ ___/ | | `------------------------'