Magic-Mirror/radare2
1
0
Fork 0
mirror of https://github.com/radareorg/radare2.git synced 2024-11-24 13:49:50 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
6604006629
radare2/test/new/db/cmd/cmd_pd

2183 lines
61 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

NAME=pd varsub-issue
FILE=../bins/mach0/mac-ls2
CMDS=<<EOF
s 0x100001232
e asm.var.sub=0
pd 1
e asm.var.sub=1
pd 1
f fin.dus=0x1000054d0
pd 1
e asm.relsub=0
pd 1
EOF
EXPECT=<<EOF
0x100001232 c70594420000. mov dword [rip + 0x4294], 0x50 ; 'P' ; section.10.__DATA.__data
; [0x1000054d0:4]=80 ; U"P."
0x100001232 c70594420000. mov dword [section.10.__DATA.__data], 0x50 ; 'P'
; [0x1000054d0:4]=80 ; U"P."
0x100001232 c70594420000. mov dword [fin.dus], 0x50 ; 'P'
; [0x1000054d0:4]=80 ; U"P."
0x100001232 c70594420000. mov dword [rip + 0x4294], 0x50 ; 'P' ; fin.dus
; [0x1000054d0:4]=80 ; U"P."
EOF
RUN
NAME=pd multiplemain
FILE=../bins/elf/mipsloop
EXPECT=<<EOF
1
EOF
CMDS=<<EOF
pd 1@main~main?
EOF
RUN
NAME=pd v8 and cortex
FILE=malloc://128
EXPECT=<<EOF
blx 0xfffff584
invalid
blx 0xfffff584
invalid
blx 0xfffff584
blx 0xfffff584
blx 0xfffff584
EOF
ARGS=-a arm -b 16
CMDS=<<EOF
?e
pad fff7c0ea@e:asm.cpu=v8
pad fff7c0ea@e:asm.cpu=cortex
pad fff7c0ea@e:asm.cpu=v8
pad fff7c0ea@e:asm.cpu=cortex
pad fff7c0ea@e:asm.cpu=v8
pad fff7c0ea@e:asm.cpu=
pad fff7c0ea@e:asm.cpu=tetris
EOF
RUN
NAME=immstr
FILE=malloc://128
EXPECT=<<EOF
0x00000000 6833320000 push 0x3233 ; '32'
EOF
CMDS=<<EOF
e asm.bits=64
e asm.arch=x86
e anal.arch=x86
wx 6833320000
e asm.imm.str=1
pd 1
EOF
RUN
NAME=pd pseudo=1 cmtright=0
FILE=malloc://128
EXPECT=<<EOF
0x00000000 4889e5 rbp = rsp
EOF
CMDS=<<EOF
wx 4889e5
e asm.arch=x86
e asm.bits=64
e asm.pseudo=1
e asm.cmtright =0
pd 1
EOF
RUN
NAME=pd 0
FILE=malloc://128
EXPECT=<<EOF
EOF
CMDS=<<EOF
pd 0
EOF
RUN
NAME=pd 1-1
FILE=malloc://128
EXPECT=<<EOF
EOF
CMDS=<<EOF
pd 1-1
EOF
RUN
NAME=pd foo-33
FILE=malloc://128
EXPECT=<<EOF
EOF
CMDS=<<EOF
f foo=33;pd foo-33
EOF
RUN
NAME=pd 1
FILE=malloc://128
EXPECT=<<EOF
0x00000000 90 nop
0x00000000 90 nop
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90
e asm.lines.bb=0
b 1
pd
pd 1
EOF
RUN
NAME=pd double comma
FILE=malloc://128
EXPECT=<<EOF
0x00000000 b8ffffffff mov eax, 0xffffffff ; -1
EOF
CMDS=<<EOF
e asm.bits=64
e asm.arch = x86
e anal.arch = x86
wx b8ffffffff
e asm.lines.bb=0
pd 1
EOF
RUN
NAME=pd@x:90
FILE=malloc://128
EXPECT=<<EOF
0x00000000 90 nop
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e asm.lines.bb=0
pd@x:90
EOF
RUN
NAME=asm.filter issue
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 fa67bba9 stp x26, x25, [sp, -0x50]!
EOF
CMDS=<<EOF
e asm.filter=1
e asm.arch=arm
e asm.bits=64
wx fa67bba9
pd 1
EOF
RUN
NAME=asm.filter issue
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 fa67bba9 stp x26, x25, [sp, -0x50]!
EOF
CMDS=<<EOF
e asm.filter=0
e asm.arch=arm
e asm.bits=64
wx fa67bba9
pd 1
EOF
RUN
NAME=asm.filter issue #6752
FILE=malloc://1024
EXPECT=<<EOF
fcn.00000106 ()
EOF
CMDS=<<EOF
s 0x100
wx e801000000c350c3
e asm.arch=x86
e asm.bits=64
aaaa
e asm.pseudo=true
e asm.offset=false
e asm.lines.bb=false
e asm.marks=false
e asm.nbytes=0
e asm.comments=false
e asm.flags=false
e asm.fcnlines=false
e asm.calls=false
e asm.functions=false
e scr.color=false
f-rip
pd 1
EOF
RUN
NAME=pd pseudo test for issue #7026
FILE=malloc://8
EXPECT=<<EOF
0x00000000 31ed ebp = 0
0x00000000 31ed ebp = 0
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 31ed
e asm.pseudo=true
e asm.comments=true
e asm.cmtright=true
pd 1
e asm.cmtright=false
pd 1
EOF
RUN
NAME=pd pseudo test for issue #7268
FILE=malloc://8
EXPECT=' 0x00000000 4889e5 rbp = rsp
 0x00000000 4889e5 rbp = rsp'
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 4889e5
e asm.pseudo=true
e asm.comments=true
e scr.color=1
e asm.cmt.right=true
pd 1
e asm.cmt.right=false
pd 1
EOF
RUN
NAME=pd bits hint
FILE=-
EXPECT=' 0x00000000 a97e00 lda #0x007e'
ARGS=-a snes
CMDS=<<EOF
wx a97e00
ahb 8
e scr.color=1
pd 1
EOF
RUN
NAME=ASCII Recognition
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 ba3d000000 mov edx, 0x3d ; '='
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=32
e scr.columns = 90
wx ba3d000000
pd 1
EOF
RUN
NAME=ASCII Recognition 2
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 c6852fffffff. mov byte [ebp - 0xd1], 0x61 ; 'a'
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=32
e scr.columns = 90
wx c6852fffffff61
pd 1
EOF
RUN
NAME=String capstone
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
| 0x0040050a bfc4054000 mov edi, str.Hello_World ; 0x4005c4 ; "Hello World"
EOF
CMDS=<<EOF
e asm.arch = x86
e asm.arch=x86
e asm.bits=32
e scr.columns = 90
aa
pd 1 @ 0x0040050a
EOF
RUN
NAME=pD -10
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 90 nop
0x00000001 90 nop
0x00000002 90 nop
0x00000003 90 nop
0x00000004 90 nop
0x00000005 90 nop
0x00000006 90 nop
0x00000007 90 nop
0x00000008 90 nop
0x00000009 90 nop
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90909090909090909090 ; s 10 ; pD -10
EOF
RUN
NAME=pd -10
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 90 nop
0x00000001 90 nop
0x00000002 90 nop
0x00000003 90 nop
0x00000004 90 nop
0x00000005 90 nop
0x00000006 90 nop
0x00000007 90 nop
0x00000008 90 nop
0x00000009 90 nop
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90909090909090909090 ; s 10 ; pd -10
EOF
RUN
NAME=pD -9 @ 0x0040050f
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
;-- main:
0x00400506 55 push rbp
0x00400507 4889e5 mov rbp, rsp
0x0040050a bfc4054000 mov edi, str.Hello_World ; 0x4005c4 ; "Hello World"
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
pD -9 @ 0x0040050f
EOF
RUN
NAME=pd -3 @ 0x0040050f
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
;-- main:
0x00400506 55 push rbp
0x00400507 4889e5 mov rbp, rsp
0x0040050a bfc4054000 mov edi, str.Hello_World ; 0x4005c4 ; "Hello World"
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
pd -3 @ 0x0040050f
EOF
RUN
NAME=pd 10 flags and cmts without offset
FILE=../bins/elf/echo-bin
EXPECT=<<EOF
; [14] -r-x section size 2466 named .text
;-- entry0:
;-- section..text:
xor ebp, ebp
mov r9, rdx
pop rsi
mov rdx, rsp
and rsp, 0xfffffffffffffff0
push rax
push rsp
lea r8, [0x000011e0]
lea rcx, [0x00001170]
; 0xd7c
lea rdi, main
EOF
CMDS=<<EOF
e asm.bytes=false
e asm.offset=false
e asm.cmt.right=0
pd 10
EOF
RUN
NAME=pda 10
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 90 nop
0x00000001 90 nop
0x00000002 90 nop
0x00000003 90 nop
0x00000004 90 nop
0x00000005 90 nop
0x00000006 90 nop
0x00000007 90 nop
0x00000008 90 nop
0x00000009 90 nop
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90909090909090909090 ; pda 10
EOF
RUN
NAME=pdj -1
FILE=malloc://1024
CMDS=<<EOF
e asm.arch=x86
e asm.bits=32
wx 56687cd3400090
aaa
s 6
pdj -1
EOF
EXPECT=<<EOF
[{"offset":1,"ptr":4248444,"val":4248444,"esil":"4248444,4,esp,-,=[4],4,esp,-=","refptr":false,"fcn_addr":0,"fcn_last":1020,"size":5,"opcode":"push 0x40d37c","disasm":"push 0x40d37c","bytes":"687cd34000","family":"cpu","type":"push","reloc":false,"type_num":13,"type2_num":0}]
EOF
RUN
NAME=pdj 3 @ main
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
[{"offset":4195590,"esil":"rbp,8,rsp,-,=[8],8,rsp,-=","refptr":false,"fcn_addr":0,"fcn_last":0,"size":1,"opcode":"push rbp","disasm":"push rbp","bytes":"55","family":"cpu","type":"rpush","reloc":false,"type_num":268435468,"type2_num":0,"flags":["main","sym.main"]},{"offset":4195591,"esil":"rsp,rbp,=","refptr":false,"fcn_addr":0,"fcn_last":0,"size":3,"opcode":"mov rbp, rsp","disasm":"mov rbp, rsp","bytes":"4889e5","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4195594,"ptr":4195780,"val":4195780,"esil":"4195780,rdi,=","refptr":false,"fcn_addr":0,"fcn_last":0,"size":5,"opcode":"mov edi, 0x4005c4","disasm":"mov edi, str.Hello_World","bytes":"bfc4054000","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0}]
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
pdj 3 @ main
EOF
RUN
NAME=pdj -3 @ 0x0040050f
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
[{"offset":4195590,"esil":"rbp,8,rsp,-,=[8],8,rsp,-=","refptr":false,"fcn_addr":0,"fcn_last":0,"size":1,"opcode":"push rbp","disasm":"push rbp","bytes":"55","family":"cpu","type":"rpush","reloc":false,"type_num":268435468,"type2_num":0,"flags":["main","sym.main"]},{"offset":4195591,"esil":"rsp,rbp,=","refptr":false,"fcn_addr":0,"fcn_last":0,"size":3,"opcode":"mov rbp, rsp","disasm":"mov rbp, rsp","bytes":"4889e5","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0},{"offset":4195594,"ptr":4195780,"val":4195780,"esil":"4195780,rdi,=","refptr":false,"fcn_addr":0,"fcn_last":0,"size":5,"opcode":"mov edi, 0x4005c4","disasm":"mov edi, str.Hello_World","bytes":"bfc4054000","family":"cpu","type":"mov","reloc":false,"type_num":9,"type2_num":0}]
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
pdj -3 @ 0x0040050f
EOF
RUN
NAME=pdj str in opcode
FILE=../bins/java/Hello.class
EXPECT=<<EOF
[{"offset":686,"esil":"","refptr":false,"fcn_addr":0,"fcn_last":0,"size":2,"opcode":"ldc \"World\"","disasm":"ldc \"World\"","bytes":"120b","family":"cpu","type":"push","reloc":false,"type_num":13,"type2_num":2138640}]
EOF
CMDS=<<EOF
pdj 1 @ 0x000002ae
EOF
RUN
NAME=pdfline
FILE=malloc://1024
EXPECT=<<EOF
\
6
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e anal.eobjmp=true
wx ff2572962100
af
pdf~jmp[0]
afi~size[1]
EOF
RUN
NAME=pdfline 2
FILE=malloc://1024
EXPECT=<<EOF
6
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e anal.eobjmp=false
wx ff2572962100
af
afi~size[1]
EOF
RUN
NAME=pdfline defaults
FILE=malloc://1024
EXPECT=<<EOF
2
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wa jmp rax
af
afi~size[1]
EOF
RUN
NAME=pd asm.bytes and asm.lbytes
FILE=malloc://1024
EXPECT=<<EOF
0x00000000 488d85c0f9ff. lea rax, [rbp - 0x640]
0x00000007 488985b8f9ff. mov qword [rbp - 0x648], rax
0x0000000e 4585f6 test r14d, r14d
0x00000000 488d85c0f9ffff lea rax, [rbp - 0x640]
0x00000007 488985b8f9ffff mov qword [rbp - 0x648], rax
0x0000000e 4585f6 test r14d, r14d
0x00000000 488d85c0f9ffff lea rax, [rbp - 0x640]
0x00000007 488985b8f9ffff mov qword [rbp - 0x648], rax
0x0000000e 4585f6 test r14d, r14d
0x00000000 488d85c0f9ff. lea rax, [rbp - 0x640]
0x00000007 488985b8f9ff. mov qword [rbp - 0x648], rax
0x0000000e 4585f6 test r14d, r14d
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 488d85c0f9ffff488985b8f9ffff4585f6
e asm.lines.bb = false
e asm.lbytes = true
e asm.nbytes = 6
pd 3
e asm.nbytes = 10
pd 3
e asm.lbytes = false
pd 3
e asm.nbytes = 6
pd 3
EOF
RUN
NAME=pd asm.relsub
FILE=malloc://1024
EXPECT=<<EOF
0x00400000 488d05020000. lea rax, [rip + 2]
0x00400000 488d05020000. lea rax, [0x00400009]
EOF
ARGS=-m 0x400000
CMDS=<<EOF
e io.va=true
e asm.relsub=false
e asm.arch=x86
e asm.bits=64
wx 488d0502000000
e asm.lines.bb=false
e asm.comments=false
pd 1
e asm.relsub=true
pd 1
EOF
RUN
NAME=pd asm.var.subonly
FILE=malloc://1024
EXPECT=<<EOF
; var int64_t var_28h @ rsp+0x40
mov rax, qword [var_28h]
; var int64_t var_28h @ rsp+0x40
mov rax, qword [rsp + var_28h]
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
e asm.var.sub=true
e asm.lines.bb=false
e asm.bytes=false
e asm.comments=false
e asm.lines.fcn=false
e asm.offset=false
e scr.color=false
wx 554889e583ec60488b44244089ec5dc3
af
afva
e asm.var.subonly=true
pd 1 @ 0~var
pd 1 @ 7
e asm.var.subonly=false
pd 1 @ 0~var
pd 1 @ 7
EOF
RUN
NAME=pd wide string
FILE=../bins/pe/c.exe
EXPECT=<<EOF
1
EOF
CMDS=<<EOF
e io.cache=true
s 0x403000
wx 4d00 5900 5200 4500 5300 0000
s 0x00401334
pd 1~MYRES?
EOF
RUN
NAME=pds change name
FILE=../bins/mach0/mac-ls
EXPECT=<<EOF
0x100001085 call newname
0x100001093 call sym.imp.setlocale
0x1000010a3 call sym.imp.isatty
0x1000054e0 [10] -rw- section size 40 named 10.__DATA.__data
0x1000010b6 str.COLUMNS
0x1000010bd call sym.imp.getenv
0x1000010cf call sym.imp.atoi
0x1000010e6 call sym.imp.ioctl
0x10000110d str.COLUMNS
0x100001114 call sym.imp.getenv
0x100001121 call sym.imp.atoi
0x10000112c call sym.imp.getuid
EOF
CMDS=<<EOF
e asm.flags=false
s sym.func.100004401
af
afn newname
s-
pds
EOF
RUN
NAME=pdf fcnline
FILE=../bins/pe/a.exe
CMDS=<<EOF
e asm.lines.fcn=true
s 0x004017c0
af+ 0x004017c0 fcn2.0x004017c0
afb+ 0x4017c0 0x4017c0 13 0x4017dd 0x4017cd
pdf
?e
e asm.lines.fcn=false
pdf
EOF
EXPECT=<<EOF
/ 13: fcn2.0x004017c0 ();
| 0x004017c0 51 push ecx
| 0x004017c1 89e1 mov ecx, esp
| 0x004017c3 83c108 add ecx, 8
| 0x004017c6 3d00100000 cmp eax, 0x1000
\ ,=< 0x004017cb 7210 jb 0x4017dd
13: fcn2.0x004017c0 ();
0x004017c0 51 push ecx
0x004017c1 89e1 mov ecx, esp
0x004017c3 83c108 add ecx, 8
0x004017c6 3d00100000 cmp eax, 0x1000
,=< 0x004017cb 7210 jb 0x4017dd
EOF
RUN
NAME=r_str_escape anal
FILE=../bins/pe/a.exe
EXPECT=<<EOF
0x00401322 c70424043040. mov dword [esp], 0x403004 ; [0x403004:4]=0xa7025 ; "%p\n"
EOF
CMDS=<<EOF
pd 1 @ 0x00401322
EOF
RUN
NAME=r_str_escape io + no 'u' prefix for single-char strings
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001034 488d05495001. lea rax, [0x140016084] ; "\r"
0x140001070 488d053d5001. lea rax, [0x1400160b4] ; "a"
EOF
CMDS=<<EOF
pd 1 @ 0x140001034
pd 1 @ 0x140001070
EOF
RUN
NAME=r_str_escape anal addr
FILE=../bins/pe/cmd_adf_sample0.exe
EXPECT=<<EOF
0x0040116a 6828304000 push 0x403028 ; '(0@' ; "End\r\n"
EOF
CMDS=<<EOF
pd 1 @ 0x0040116a
EOF
RUN
NAME=no rep flag in cmt with gen str flag (lea)
FILE=../bins/elf/analysis/ls-alxchk
EXPECT=<<EOF
0x0001145f 488d3d72a100. lea rdi, str.A_NULL_argv_0__was_passed_through_an_exec_system_call. ; 0x1b5d8 ; "A NULL argv[0] was passed through an exec system call.\n"
; 0x1b5d8
; "A NULL argv[0] was passed through an exec system call.\n"
0x0001145f 488d3d72a100. lea rdi, str.A_NULL_argv_0__was_passed_through_an_exec_system_call.
EOF
CMDS=<<EOF
e asm.cmt.right=true
pd 1 @ 0x0001145f
e asm.cmt.right=false
pd 1 @ 0x0001145f
EOF
RUN
NAME=flag in cmt with manual flag (lea)
FILE=../bins/elf/analysis/ls-alxchk
EXPECT=<<EOF
0x0001145f 488d3d72a100. lea rdi, [NULL_error] ; 0x1b5d8 ; "A NULL argv[0] was passed through an exec system call.\n"
; 0x1b5d8
; "A NULL argv[0] was passed through an exec system call.\n"
0x0001145f 488d3d72a100. lea rdi, [NULL_error]
EOF
CMDS=<<EOF
f- @ 0x1b5d8
f NULL_error 56 @ 0x1b5d8
e asm.cmt.right=true
pd 1 @ 0x0001145f
e asm.cmt.right=false
pd 1 @ 0x0001145f
EOF
RUN
NAME=no rep flag in cmt with gen str flag (push)
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
0x004010f0 68b8214000 push str.Number_of_CPU__d ; 0x4021b8 ; u"Number of CPU %d\n"
; 0x4021b8
; u"Number of CPU %d\n"
0x004010f0 68b8214000 push str.Number_of_CPU__d
EOF
CMDS=<<EOF
e asm.cmt.right=true
pd 1 @ 0x004010f0
e asm.cmt.right=false
pd 1 @ 0x004010f0
EOF
RUN
NAME=flag in cmt with manual flag (push)
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
0x004010f0 68b8214000 push 0x4021b8 ; num_cpu ; u"Number of CPU %d\n"
; num_cpu
; u"Number of CPU %d\n"
0x004010f0 68b8214000 push 0x4021b8
EOF
CMDS=<<EOF
f- @ 0x4021b8
f num_cpu 36 @ 0x4021b8
e asm.cmt.right=true
pd 1 @ 0x004010f0
e asm.cmt.right=false
pd 1 @ 0x004010f0
EOF
RUN
NAME=no rep flag in cmt with gen sym flag (mov)
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
0x004010fa 8b3500204000 mov esi, dword [sym.imp.KERNEL32.dll_GetLastError] ; [0x402000:4]=0x29f4 reloc.KERNEL32.dll_GetLastError
; [0x402000:4]=0x29f4 reloc.KERNEL32.dll_GetLastError
0x004010fa 8b3500204000 mov esi, dword [sym.imp.KERNEL32.dll_GetLastError]
EOF
CMDS=<<EOF
e asm.cmt.right=true
pd 1 @ 0x004010fa
e asm.cmt.right=false
pd 1 @ 0x004010fa
EOF
RUN
NAME=flag in cmt with manual flag (mov)
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
0x004010fa 8b3500204000 mov esi, dword [ptr_GetLastError] ; [0x402000:4]=0x29f4 reloc.KERNEL32.dll_GetLastError
; [0x402000:4]=0x29f4 reloc.KERNEL32.dll_GetLastError
0x004010fa 8b3500204000 mov esi, dword [ptr_GetLastError]
EOF
CMDS=<<EOF
f- @ 0x402000
f ptr_GetLastError 0 @ 0x402000
e asm.cmt.right=true
pd 1 @ 0x004010fa
e asm.cmt.right=false
pd 1 @ 0x004010fa
EOF
RUN
NAME=pd asm.filter color
FILE=../bins/elf/analysis/ls-alxchk
EXPECT=' 0x0001145f lea rdi, str.A_NULL_argv_0__was_passed_through_an_exec_system_call.
0x0001145f lea rdi, [0x0001b5d8]'
CMDS=<<EOF
e asm.bytes=false
e asm.comments=false
e scr.color=1
e asm.filter=true
pd 1 @ 0x0001145f
e asm.filter=false
pd 1 @ 0x0001145f
EOF
RUN
NAME=ANSI and wide string flag cmts
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001004 488d05f54f01. lea rax, str.ANSI__esc:__e_33m ; section..data
; 0x140016000 ; "\tANSI\esc: \x1b[33m\r\n"
0x140001010 488d05015001. lea rax, str.wide__esc:__e_0m ; 0x140016018 ; u"\twide\esc: \x1b[0m\xa1\r\n"
0x14000101c 488d051d5001. lea rax, str.wide__in_Arabic: ; 0x140016040 ; u"\"wide\" in Arabic: \u0648\u0627\u0633\u0639"
; section..data
; 0x140016000
; "\tANSI\esc: \x1b[33m\r\n"
0x140001004 488d05f54f01. lea rax, str.ANSI__esc:__e_33m
; 0x140016018
; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001010 488d05015001. lea rax, str.wide__esc:__e_0m
; 0x140016040
; u"\"wide\" in Arabic: \u0648\u0627\u0633\u0639"
0x14000101c 488d051d5001. lea rax, str.wide__in_Arabic:
EOF
CMDS=<<EOF
e str.escbslash=false
e asm.cmt.right=true
pd 1 @ 0x140001004
pd 1 @ 0x140001010
pd 1 @ 0x14000101c
e asm.cmt.right=false
pd 1 @ 0x140001004
pd 1 @ 0x140001010
pd 1 @ 0x14000101c
EOF
RUN
NAME=no ffffff test for issue #7755
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001040 488d05415001. lea rax, [0x140016088] ; u"r2 \u1308\u23f4\u23f4"
EOF
CMDS=<<EOF
pd 1 @ 0x140001040
EOF
RUN
NAME=asm.asciidot
FILE=../bins/elf/strenc
EXPECT=<<EOF
0x0040169d mov esi, str.see ; "see \xdab\xbee\xace\xcaf\n"
0x0040169d mov esi, str.see ; "see .b.e.e.f\n"
0x00401693 mov edi, 0x4021ff ; "utf8> \\u00a2\\u20ac\\U00010348 in yellow:.[33m ......... .[0m\n"
0x00401693 mov edi, 0x4021ff ; "utf8> \\u00a2\\u20ac\\U00010348 in yellow:.[33m ... .[0m."
0x004016ac mov edi, 0x40224a ; 'J"@' ; u"utf16le> \\u00a2\\u20ac\\U00010348 in green:.[32m ... .[0m."
0x004016ed mov edi, 0x40258c ; U"utf32le> \\u00a2\\u20ac\\U00010348 in cyan:.[36m ... .[0m."
0x004016f7 mov edi, 0x40266c ; U"Mountain range with embedded quad zeros: .A.A.A."
EOF
CMDS=<<EOF
e asm.bytes=false
e asm.cmt.off=false
e str.escbslash=true
e bin.str.enc=latin1
e scr.strconv=asciiesc
pd 1 @ 0x0040169d
e scr.strconv=asciidot
pd 1 @ 0x0040169d
e asm.filter=false
e asm.noisy=false
pd 1 @ 0x00401693
e bin.str.enc=utf8
pd 1 @ 0x00401693
e bin.str.enc=utf16le
pd 1 @ 0x004016ac
e bin.str.enc=utf32le
pd 1 @ 0x004016ed
pd 1 @ 0x004016f7
EOF
RUN
NAME=bin.str.enc utf8
FILE=../bins/elf/strenc
EXPECT=<<EOF
0x00401693 mov edi, 0x4021ff ; "utf8> \\u00a2\\u20ac\\U00010348 in yellow:\x1b[33m \u00a2\u20ac\U00010348 \x1b[0m\n"
0x00401693 mov edi, 0x4021ff ; "utf8> \\u00a2\\u20ac\\U00010348 in yellow:\x1b[33m \xc2\xa2\xe2\x82\xac\xf0\x90\x8d\x88 \x1b[0m\n"
0x00401693 mov edi, 0x4021ff ; "utf8> \\u00a2\\u20ac\\U00010348 in yellow:\x1b[33m \u00a2\u20ac\U00010348 \x1b[0m\n"
EOF
CMDS=<<EOF
e asm.bytes=false
e asm.filter=false
e asm.noisy=false
e str.escbslash=true
e bin.str.enc=utf8
pd 1 @ 0x00401693
e bin.str.enc=latin1
pd 1 @ 0x00401693
e bin.str.enc=guess
pd 1 @ 0x00401693
EOF
RUN
NAME=bin.str.enc latin1
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001058 488d05415001. lea rax, [0x1400160a0] ; "latin1 gate: \xce\xbb\xab\xce"
0x140001058 488d05415001. lea rax, [0x1400160a0] ; "latin1 gate: \u03bb\xab\xce"
EOF
CMDS=<<EOF
e asm.filter=false
e asm.noisy=false
e bin.str.enc=latin1
pd 1 @ 0x140001058
e bin.str.enc=utf8
pd 1 @ 0x140001058
EOF
RUN
NAME=bin.str.enc utf16le
FILE=../bins/elf/strenc
EXPECT=<<EOF
0x004016ac mov edi, 0x40224a ; 'J"@' ; u"utf16le> \\u00a2\\u20ac\\U00010348 in green:\x1b[32m \xa2\u20ac\U00010348 \x1b[0m\n"
0x004016b6 mov edi, str.e_e_b ; "_%e%e%b% "
0x004016b6 mov edi, str.e_e_b ; u"\u255f\u2565\u2565\u2562 is a wall with no embedded zeros\n"
0x004016c0 mov edi, 0x40230c ; " %B%"
0x004016c0 mov edi, 0x40230c ; u"\u2520\u2542\u2500\u2500\u2542\u2528 is a fence with embedded zeros\n"
0x004016ca mov edi, 0x40235a ; 'Z#@' ; u"\u2520\u2542-\u2500-\u2500\u2542\u2528 is a fence with embedded double zeros\n"
0x004016d4 mov edi, str.e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k_e_e_e_e_e_e_e_e_e_k ; u"\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\n"
EOF
CMDS=<<EOF
e asm.bytes=false
e asm.filter=false
e asm.noisy=false
e str.escbslash=true
e bin.str.enc=guess
pd 1 @ 0x004016ac
e asm.filter=true
e asm.cmt.off=false
e bin.str.enc=guess
pd 1 @ 0x004016b6
e bin.str.enc=utf16le
pd 1 @ 0x004016b6
e bin.str.enc=guess
pd 1 @ 0x004016c0
e bin.str.enc=utf16le
pd 1 @ 0x004016c0
pd 1 @ 0x004016ca
pd 1 @ 0x004016d4
EOF
RUN
NAME=bin.str.enc utf32le
FILE=../bins/elf/strenc
EXPECT=<<EOF
0x004016de mov esi, str.Linux_wide__esc:__e_0m ; u"\t"
0x004016de mov esi, str.Linux_wide__esc:__e_0m ; U"\tLinux_wide\\esc: \x1b[0m\xa1\r\n"
0x004016ed mov edi, 0x40258c ; U"utf32le> \\u00a2\\u20ac\\U00010348 in cyan:\x1b[36m \xa2\u20ac\U00010348 \x1b[0m\n"
0x004016f7 mov edi, 0x40266c ; U"Mountain range with embedded quad zeros: \U00010300A\U00010300A\U00010300A\n"
0x00401701 mov edi, 0x402730 ; '0'@' ; "e%"
0x00401701 mov edi, 0x402730 ; '0'@' ; U"\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u2565\u256b\u2565\u2565\u2565\u2565\u2565\u2565\u2565"
EOF
CMDS=<<EOF
e asm.bytes=false
e asm.cmt.off=false
e str.escbslash=true
e bin.str.enc=utf16le
pd 1 @ 0x004016de
e bin.str.enc=utf32le
pd 1 @ 0x004016de
e asm.filter=false
e asm.noisy=false
e bin.str.enc=guess
pd 1 @ 0x004016ed
pd 1 @ 0x004016f7
pd 1 @ 0x00401701
e bin.str.enc=utf32le
pd 1 @ 0x00401701
EOF
RUN
NAME=bin.str.enc guess utf16le
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x14000104c 488d05455001. lea rax, [0x140016098] ; "@"
0x14000104c 488d05455001. lea rax, [0x140016098] ; u"@\ufffd\ud801"
EOF
CMDS=<<EOF
e asm.filter=false
e asm.noisy=false
e bin.str.enc=guess
pd 1 @ 0x14000104c
e bin.str.enc=utf16le
pd 1 @ 0x14000104c
EOF
RUN
NAME=bin.str.enc guess utf32le
FILE=../bins/elf/strenc-guess-utf32le
EXPECT=<<EOF
0x00400463 mov edi, str.ABCDEF ; "A"
0x00400463 mov edi, str.ABCDEF ; U"ABCDEF\U0010ffff G\U00110000 H\U7ffdfeff\n"
EOF
CMDS=<<EOF
e asm.cmt.off=false
e asm.bytes=false
e bin.str.enc=guess
pd 1 @ 0x00400463
e bin.str.enc=utf32le
pd 1 @ 0x00400463
EOF
RUN
NAME=bin.str.enc alias
FILE=../bins/elf/strenc
CMDS=<<EOF
e asm.filter=false
e asm.noisy=false
e asm.bytes=false
e asm.cmt.off=false
e str.escbslash=true
(test_str.enc enc, e bin.str.enc=$0, e bin.str.enc)
.(test_str.enc guess)
.(test_str.enc utf-8)
.(test_str.enc utf-16le)
pd 1 @ 0x004016c0
.(test_str.enc utf32-le)
pd 1 @ 0x004016ed
?e
.(test_str.enc UTF32BE)
.(test_str.enc UTF16-LE)
EOF
EXPECT=<<EOF
guess
utf8
utf16le
0x004016c0 mov edi, 0x40230c ; u"\u2520\u2542\u2500\u2500\u2542\u2528 is a fence with embedded zeros\n"
utf32le
0x004016ed mov edi, 0x40258c ; U"utf32le> \\u00a2\\u20ac\\U00010348 in cyan:\x1b[36m \xa2\u20ac\U00010348 \x1b[0m\n"
utf32be
utf16le
EOF
RUN
NAME=bin.str.enc error handling
FILE=-
CMDS=<<EOF
(test_str.enc enc, e bin.str.enc=$0, e bin.str.enc)
.(test_str.enc UTF-32LE)
.(test_str.enc cat_sat_on_keyboard)
.(test_str.enc CAT_SAT_ON_KEYBOARD)
EOF
EXPECT=<<EOF
utf32le
utf32le
utf32le
EOF
EXPECT_ERR=<<EOF
Unknown encoding: cat_sat_on_keyboard
Unknown encoding: CAT_SAT_ON_KEYBOARD
EOF
RUN
NAME=hide flag iff unchanged and string shown
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001010 488d05015001. lea rax, [0x140016018] ; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001028 488d05415001. lea rax, [0x140016070] ; str.Formfeed_at_start
; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001010 488d05015001. lea rax, [0x140016018]
; str.Formfeed_at_start
0x140001028 488d05415001. lea rax, [0x140016070]
0x140001010 488d05015001. lea rax, [0x140016018] ; str.wide ; u"\twide\esc: \x1b[0m\xa1\r\n"
; str.wide
; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001010 488d05015001. lea rax, [0x140016018]
EOF
CMDS=<<EOF
e asm.filter=false
e asm.noisy=false
e str.escbslash=false
e asm.cmt.right=true
pd 1 @ 0x140001010
pd 1 @ 0x140001028
e asm.cmt.right=false
pd 1 @ 0x140001010
pd 1 @ 0x140001028
fr str.wide__esc:__e_0m str.wide
e asm.cmt.right=true
pd 1 @ 0x140001010
e asm.cmt.right=false
pd 1 @ 0x140001010
EOF
RUN
NAME=asm.noisy
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001010 488d05015001. lea rax, [0x140016018] ; str.wide__esc:__e_0m ; u"\twide\esc: \x1b[0m\xa1\r\n"
; str.wide__esc:__e_0m
; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001010 488d05015001. lea rax, [0x140016018]
EOF
CMDS=<<EOF
e asm.filter=false
e asm.noisy=true
e str.escbslash=false
e asm.cmt.right=true
pd 1 @ 0x140001010
e asm.cmt.right=false
pd 1 @ 0x140001010
EOF
RUN
NAME=fcn name cmt alignment
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
| 0x00401157 e8b4feffff call fcn.00401010
EOF
CMDS=<<EOF
e asm.filter=false
af @ main
pd 1 @ 0x00401157
EOF
RUN
NAME=call asm.filter=false flag cmt
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
0x004010c6 ff1508204000 call dword [0x402008] ; sym.imp.KERNEL32.dll_GetProcAddress ; " *" ; FARPROC GetProcAddress(HMODULE hModule, LPCSTR lpProcName)
; sym.imp.KERNEL32.dll_GetProcAddress
; " *"
; FARPROC GetProcAddress(HMODULE hModule, LPCSTR lpProcName)
0x004010c6 ff1508204000 call dword [0x402008]
EOF
CMDS=<<EOF
e asm.filter=false
e asm.cmt.right=true
pd 1 @ 0x004010c6
e asm.cmt.right=false
pd 1 @ 0x004010c6
EOF
RUN
NAME=asm.cmt.off
FILE=../bins/pe/testapp-msvc64.exe
EXPECT=<<EOF
0x140001010 488d05015001. lea rax, str.wide__esc:__e_0m ; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001010 488d05015001. lea rax, [0x140016018] ; 0x140016018 ; u"\twide\esc: \x1b[0m\xa1\r\n"
0x140001010 488d05015001. lea rax, [0x140016018] ; u"\twide\esc: \x1b[0m\xa1\r\n"
EOF
CMDS=<<EOF
e asm.noisy=false
e str.escbslash=false
e asm.filter=true
e asm.cmt.off=false
pd 1 @ 0x140001010
e asm.filter=false
e asm.cmt.off=true
pd 1 @ 0x140001010
e asm.cmt.off=nodup
pd 1 @ 0x140001010
EOF
RUN
NAME=no | highlight with asm.cmt.right=false & call statement
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT='| 0x004010e8 push esi
| ; 0x402004
| ; DWORD GetCurrentProcessorNumber(void)
| 0x004010e9 call dword [sym.imp.KERNEL32.dll_GetCurrentProcessorNumber]'
CMDS=<<EOF
e asm.bytes=false
e scr.color=1
e asm.cmt.right=false
s main
af
pd 2 @ 0x004010e8
EOF
RUN
NAME=varsub for rip variable
FILE=../bins/elf/varsub_2
EXPECT=<<EOF
/ 21: int main (int argc, char **argv, char **envp);
| 0x0000061a pushq %rbp
| 0x0000061b movq %rsp, %rbp
| 0x0000061e movl $1, obj.sa
| 0x00000628 movl $0, %eax
| 0x0000062d popq %rbp
\ 0x0000062e retq
EOF
CMDS=<<EOF
aa; s main
e asm.syntax=att
e asm.var=0
e asm.lines.bb=0
e asm.bytes=0
e asm.comments=false
pdf
EOF
RUN
NAME=utf16le string with byte order mark
FILE=../bins/elf/7786-utf16le
EXPECT=<<EOF
0x004004ee mov edi, str.S ; 0x4005c0 ; u"\ufeff--> %S\ufeff\n"
EOF
CMDS=<<EOF
e asm.bytes=false
pd 1 @ 0x004004ee
EOF
RUN
NAME=show string at src if dst is stack (x86_cs MOV)
FILE=../bins/elf/7786-utf16le
EXPECT=<<EOF
0x004004df mov qword [rbp - 8], str.Hello_World ; 0x4005a0 ; u"\ufeffHello World\ufeff\n"
EOF
CMDS=<<EOF
e asm.bytes=false
pd 1 @ 0x004004df
EOF
RUN
NAME=pdJ 2
FILE=malloc://128
EXPECT=<<EOF
[{"offset":0,"text":" 0x00000000 90 nop"},{"offset":1,"text":" 0x00000001 90 nop"}]
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 9090
e asm.lines.bb=0
pdJ 2
EOF
RUN
NAME=pdJ comments
FILE=malloc://128
EXPECT=<<EOF
[{"offset":0,"text":" 0x00000000 90 nop ; test"}]
[{"offset":0,"text":" 0x00000000 90 nop ; test \"with quotes\""}]
[{"offset":0,"text":" ; test \"with quotes\"\n"},{"offset":0,"text":" 0x00000000 90 nop"}]
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90
e asm.lines.bb=0
CCu base64:dGVzdAo=
pdJ 1
CCu base64:dGVzdCAid2l0aCBxdW90ZXMiCg==
pdJ 1
e asm.cmt.right=false
pdJ 1
EOF
RUN
NAME=pdJ string comment
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
[{"offset":4195594,"text":"| 0x0040050a bfc4054000 mov edi, str.Hello_World ; 0x4005c4 ; \"Hello World\""}]
EOF
CMDS=<<EOF
aa
pdJ 1 @ 0x0040050a
EOF
RUN
NAME=pdJ flags
FILE=../bins/elf/analysis/main
EXPECT=<<EOF
[{"offset":4195590,"text":" ;-- main:"},{"offset":4195590,"text":" 0x00400506 55 push rbp"}]
[{"offset":4195590,"text":" ; DATA XREF from entry0 @ 0x40042d"},{"offset":4195590,"text":"/ 16: int main (int argc, char **argv, char **envp);"},{"offset":4195590,"text":"| 0x00400506 55 push rbp"}]
EOF
CMDS=<<EOF
s main
pdJ 1 @ 0x00400506
aa
pdJ 1 @ 0x00400506
EOF
RUN
NAME=pdJ midflags reloc
FILE=malloc://8
EXPECT=<<EOF
[{"offset":0,"text":"(reloc.test)"},{"offset":0,"text":" 0x00000000 0000 add byte [rax], al"}]
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
f reloc.test @ 0x1
pdJ 1 @ 0x0
EOF
RUN
NAME=pdJ string
FILE=malloc://128
EXPECT=<<EOF
[{"offset":0,"text":" 0x00000000 .string \"Snoo\\\"ping as\\\" usual,\" ; len=30"}]
EOF
CMDS=<<EOF
w Snoo"ping as" usual,
\I see...
Cs 30
pdJ 1
EOF
RUN
NAME=pdJ str in opcode
FILE=../bins/java/Hello.class
EXPECT=<<EOF
[{"offset":686,"text":" 0x000002ae 120b ldc \"World\""}]
EOF
CMDS=<<EOF
pdJ 1 @ 0x000002ae
EOF
RUN
NAME=pdJ asm.cmt.right=0 + html
FILE=../bins/elf/crackme0x05
CMDS=<<EOF
aaa
e asm.cmt.right=0
e scr.colors=1
e scr.html=1
e str.escbslash=1
pdJ 1 @ 0x08048532
EOF
EXPECT=<<EOF
[{"offset":134513970,"text":"&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;;&nbsp;[0x8048679:4]=0x73736150"},{"offset":134513970,"text":"&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;;&nbsp;\"Password&nbsp;Incorrect!\\n\""},{"offset":134513970,"text":"&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0x08048532&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c70424798604.&nbsp;&nbsp;mov&nbsp;dword&nbsp;[esp],&nbsp;str.Password_Incorrect"}]
EOF
RUN
NAME=pdJ asm.cmt.right=0 fcn name
FILE=../bins/elf/crackme0x05
EXPECT=<<EOF
[{"offset":134514169,"arrow":134514133,"text":"| `=< 0x080485f9 72da if (((unsigned) var) < 0) goto 0x80485d5"}]
[{"offset":134513644,"text":" ; sym.imp.__libc_start_main"},{"offset":134513644,"text":" ; int __libc_start_main(func main, int argc, char **ubp_av, func init, func fini, func rtld_fini, void *stack_end)"},{"offset":134513644,"text":" 0x080483ec e873ffffff 134513508,eip,4,esp,-=,esp,=[],eip,="}]
[{"offset":134513644,"text":" 0x080483ec e873ffffff 134513508,eip,4,esp,-=,esp,=[],eip,= ; sym.imp.__libc_start_main ; int __libc_start_main(func main, int argc, char **ubp_av, func init, func fini, func rtld_fini, void *stack_end)"}]
EOF
CMDS=<<EOF
af@sym.imp.__libc_start_main
af@0x080485a0
e asm.pseudo=1
e asm.cmt.right=0
pdJ 1 @ 0x080485f9
e asm.esil=1
pdJ 1 @ 0x080483ec
e asm.cmt.right=1
pdJ 1 @ 0x080483ec
EOF
RUN
NAME=pdJ asm.emu=1 comment
FILE=../bins/elf/crackme0x05
CMDS=<<EOF
e asm.emu=1
pdJ 1 @ 0x08048566
EOF
EXPECT=<<EOF
[{"offset":134514022,"text":" 0x08048566 e829feffff call sym.imp.printf ; esp=0xfffffffffffffffc ; eip=0x8048394 -> 0xa00c25ff"},{"offset":134514022,"text":" ; int printf(-1)"}]
EOF
RUN
NAME=pdJ asm.emu=1 string
FILE=../bins/elf/crackme0x00b
EXPECT=' 0x080484aa b8e1850408 mov eax, 0x80485e1 ; eax=0x80485e1 "%ls"
[{"offset":134513834,"text":" 0x080484aa b8e1850408 mov eax, 0x80485e1 ; eax=0x80485e1 \"%ls\""}]
0x080484aa b8e1850408 mov eax, 0x80485e1 ; eax=0x80485e1 "%ls"
[{"offset":134513834,"text":" \u001b[32m0x080484aa\u001b[0m \u001b[37mb8\u001b[37me1\u001b[37m85\u001b[37m04\u001b[37m08\u001b[0m \u001b[37mmov\u001b[36m eax\u001b[0m,\u001b[36m\u001b[36m \u001b[33m0x80485e1\u001b[0m\u001b[0m\u001b[0m\u001b[31m ; eax=0x80485e1 \u001b[7m\"%ls\"\u001b[27m\u001b[0m"}]'
CMDS=<<EOF
s 0x080484aa
e asm.emu=1
e scr.color=0
pd 1
pdJ 1
e scr.color=1
pd 1
pdJ 1
EOF
RUN
NAME=pdJ asm.xrefs.fold asm.xrefs.max
FILE=-
EXPECT=<<EOF
[{"offset":0,"text":" ; XREFS: CODE 0x00000001 "},{"offset":0,"text":" 0x00000000 0000 add byte [rax], al"}]
[{"offset":0,"text":" ; XREFS(1)"},{"offset":0,"text":" 0x00000000 0000 add byte [rax], al"}]
EOF
CMDS=<<EOF
s 0
e asm.arch=x86
e asm.bits=64
axc 0 1
e asm.xrefs.fold=0
e asm.xrefs.max=5
pdJ 1
e asm.xrefs.fold=5
e asm.xrefs.max=0
pdJ 1
EOF
RUN
NAME=pdJ escape flagname
FILE=../bins/elf/crackme
EXPECT=<<EOF
[{"offset":4196399,"text":" ;-- str.Password_Correct:"},{"offset":4196399,"text":" 0x0040082f .string \"Password Correct!\" ; len=18"}]
EOF
CMDS=<<EOF
pdJ 1 @ 0x0040082f
EOF
RUN
NAME=pd0~{} - crash
FILE=-
EXPECT=<<EOF
EOF
CMDS=<<EOF
e scr.null =true
pd0~{}
EOF
RUN
NAME=pI - crash
FILE=-
EXPECT=<<EOF
EOF
CMDS=<<EOF
e scr.null =true
pI 0x200
EOF
RUN
NAME=pC - crash
FILE=-
EXPECT=<<EOF
EOF
CMDS=<<EOF
e scr.null =true
pC 0x200
EOF
RUN
NAME=pd bin.str.purge
FILE=../bins/elf/analysis/ls2
EXPECT=<<EOF
0x00404886 mov rcx, 0x412420 ; ' $A' ; "AWAVA\x89\xffAUATL\x8d%\xbe\x99 "
0x0040488d mov rdi, main ; section..text
; 0x4028a0 ; "AWAVAUATUS\x89\xfbH\x89\xf5H\x81\xec\x98\x03"
--1--
0x00404886 mov rcx, 0x412420 ; ' $A'
0x0040488d mov rdi, main ; section..text
; 0x4028a0
--2--
0x00404886 mov rcx, 0x412420 ; ' $A' ; "AWAVA\x89\xffAUATL\x8d%\xbe\x99 "
0x0040488d mov rdi, main ; section..text
; 0x4028a0
--3--
0x00404886 mov rcx, 0x412420 ; ' $A'
0x0040488d mov rdi, main ; section..text
; 0x4028a0
--4--
| 0x004028e0 mov esi, str.usr_share_locale ; 0x414fbf ; "/usr/share/locale"
| 0x00402abd mov edi, str.TABSIZE ; 0x414fe7
--5--
| 0x004028e0 mov esi, str.usr_share_locale ; 0x414fbf
| 0x00402abd mov edi, str.TABSIZE ; 0x414fe7
EOF
CMDS=<<EOF
e asm.bytes=false
s main
af
s 0x00404886
e bin.str.purge=false
pd 2
?e --1--
e bin.str.purge=true
pd 2
?e --2--
e bin.str.purge=0x4028a0
pd 2
?e --3--
e bin.str.purge=0x412420,0x4028a0
pd 2
?e --4--
e bin.str.purge=true
pd 1 @ 0x004028e0
pd 1 @ 0x00402abd
?e --5--
e bin.str.purge=true,0x414fbf
pd 1 @ 0x004028e0
pd 1 @ 0x00402abd
EOF
RUN
NAME=pd, esil, emu.stroff and bin.str.purge
FILE=../bins/elf/analysis/hello-android-mips
EXPECT=<<EOF
0x0008049c 0800023c lui v0, 8 ; segment.ehdr
0x000804a0 10054424 addiu a0, v0, 0x510 ; "Hello World" sym..rodata
----
0x0008049c 0800023c lui v0, 8 ; segment.ehdr
0x000804a0 10054424 addiu a0, v0, 0x510 ; 0x80510 "Hello World" sym..rodata
----
0x0008049c 0800023c lui v0, 8 ; segment.ehdr
0x000804a0 10054424 addiu a0, v0, 0x510 ; sym..rodata
EOF
CMDS=<<EOF
e emu.str=true
s 0x0008049c
e bin.str.purge=
e emu.str.off=false
pd 2
?e ----
e emu.str.off=true
pd 2
?e ----
e bin.str.purge=0x80510
pd 2
EOF
RUN
NAME=emu.pre and double pd
FILE=../bins/elf/analysis/hello-android-mips
EXPECT=<<EOF
0x000804a0 10054424 addiu a0, v0, 0x510 ; "Hello World" sym..rodata
0x000804a0 10054424 addiu a0, v0, 0x510 ; "Hello World" sym..rodata
EOF
CMDS=<<EOF
e emu.pre=true
e emu.str=true
f start @ 0x0008049c
s 0x000804a0
pd 1
pd 1 # should print the same as above
EOF
RUN
NAME=pd @B
FILE=-
CMDS=<<EOF
e asm.functions=false
e asm.lines.bb=false
e asm.comments=false
e scr.color=0
e asm.arch=x86
e asm.bits=64
wx 83f803740e
af
pd 1 @B:0
pd 1 @B:1
pd 1 @B:-1
pd 1 @B:-2
EOF
EXPECT=<<EOF
0x00000000 83f803 cmp eax, 3
0x00000003 740e je 0x13
0x00000003 740e je 0x13
0x00000000 83f803 cmp eax, 3
EOF
RUN
NAME=asm.bb.line
FILE=../bins/elf/analysis/ls2
CMDS=<<EOF
e scr.utf8=false
e scr.color=0
e asm.bb.line=true
e asm.comments=false
s main
af
s 0x0040294b
pd 10
EOF
EXPECT=<<EOF
| 0x0040294b c6059ea72100. mov byte [0x0061d0f0], 0
| 0x00402952 83f802 cmp eax, 2
| ,=< 0x00402955 0f8483080000 je 0x4031de
| | |
| | 0x0040295b 83f803 cmp eax, 3
| ,==< 0x0040295e 742f je 0x40298f
| || |
| || 0x00402960 83e801 sub eax, 1
| ,===< 0x00402963 7405 je 0x40296a
| ||| |
| ||| 0x00402965 e8b6f8ffff call sym.imp.abort
| ||| |
| `---> 0x0040296a bf01000000 mov edi, 1
| || 0x0040296f e80cf9ffff call sym.imp.isatty
EOF
NAME=pd @a overwrites anal hints
FILE=../bins/elf/analysis/ls-linux64
CMDS=<<EOF
e asm.comments=false
e asm.functions=false
e asm.lines.bb=false
e asm.flags=false
ahb 16
aha arm
pd 1
e anal.ignbithints=1
pd 1 @b:32
e anal.ignbithints=0
pd 1 @b:16
pd 1 @b:32
ah*
pd 1 @a:x86
ah*
pd 1 @a:x86:64
ah*
EOF
EXPECT=<<EOF
0x00005c20 31ed4989 ldc p9, c8, [r1, -0x124]!
0x00005c20 31ed4989 stmdbhi sb, {r0, r4, r5, r8, sl, fp, sp, lr, pc} ^
0x00005c20 31ed4989 ldc p9, c8, [r1, -0x124]!
0x00005c20 31ed4989 stmdbhi sb, {r0, r4, r5, r8, sl, fp, sp, lr, pc} ^
aha arm @ 0x5c20
ahb 16 @ 0x5c20
0000:5c20 31ed xor bp, bp
aha arm @ 0x5c20
ahb 16 @ 0x5c20
0x00005c20 31ed xor bp, bp
aha arm @ 0x5c20
ahb 16 @ 0x5c20
EOF
RUN
NAME=pd bin.str.filter
FILE=../bins/elf/analysis/ls2
CMDS=<<EOF
e asm.bytes=false
e asm.cmt.off=false
s 0x004028e0
e bin.str.filter=
pd 1
e bin.str.filter=U
pd 1
EOF
EXPECT=<<EOF
0x004028e0 mov esi, str.usr_share_locale ; "/usr/share/locale"
0x004028e0 mov esi, str.usr_share_locale
EOF
RUN
NAME=emu.str dup str/flag cmt fix
FILE=../bins/elf/analysis/ls2
CMDS=<<EOF
e emu.str=true
e asm.filter=true
pd 1 @ 0x00402a5f
e asm.filter=false
pd 1 @ 0x00402a5f
EOF
EXPECT=<<EOF
0x00402a5f bfdf4f4100 mov edi, str.COLUMNS ; 0x414fdf ; "COLUMNS"
0x00402a5f bfdf4f4100 mov edi, 0x414fdf ; str.COLUMNS ; "COLUMNS"
EOF
RUN
NAME=emu.strinv
FILE=../bins/elf/redpill
CMDS=<<EOF
e scr.color=1
e asm.bytes=false
e emu.pre=true
e emu.str=true
e io.cache=true
wz abcdefghi @ 0x21f7
f abcdefghi @ 0x21f7
axd 0x21f7 @ 0x161d
e asm.cmt.right=true
e emu.str.inv=true
pd 1 @ 0x161d
e emu.str.inv=false
pd 1 @ 0x161d
?e
e asm.cmt.right=false
e emu.str.inv=true
pd 1 @ 0x161d
e emu.str.inv=false
pd 1 @ 0x161d
EOF
EXPECT=' 0x0000161d lea eax, [esi - abcdefghi] ; 0x21f7 ; "abcdefghi" ; "\n Blue Pill" str.Blue_Pill
0x0000161d lea eax, [esi - abcdefghi] ; 0x21f7 ; "abcdefghi" ; "\n Blue Pill" str.Blue_Pill

; 0x21f7
; "abcdefghi"
 ; "\n Blue Pill" str.Blue_Pill
 0x0000161d lea eax, [esi - abcdefghi]
; 0x21f7
; "abcdefghi"
 ; "\n Blue Pill" str.Blue_Pill
 0x0000161d lea eax, [esi - abcdefghi]'
RUN
NAME=emu.strflag
FILE=../bins/elf/redpill
CMDS=<<EOF
e asm.bytes=false
e emu.pre=true
e emu.str=true
e emu.str.flag=true
pd 1 @ 0x161d
e emu.str.flag=false
pd 1 @ 0x161d
pd 1 @ 0x1447
EOF
EXPECT=<<EOF
0x0000161d lea eax, [esi - 0x21f7] ; "\n Blue Pill" str.Blue_Pill
0x0000161d lea eax, [esi - 0x21f7] ; "\n Blue Pill"
0x00001447 add esi, 0x2bb9 ; section..got.plt
EOF
RUN
NAME=ctrl chars
FILE=../bins/elf/strenc-ctrlchars
CMDS=<<EOF
e asm.bytes=false
e asm.cmt.off=false
pd 1 @ 0x0040040b
EOF
EXPECT=<<EOF
0x0040040b mov edi, str.Control_chars: ; "Control chars: \b\v\f\n\r\t\a"
EOF
RUN
NAME=data ref with no analop.ptr (#9610)
FILE=../bins/firmware/main.bin
CMDS=<<EOF
f str.hello 12 @ 0x276
axd str.hello @ 0x260
pd 1 @ 0x260
EOF
EXPECT=<<EOF
0x00000260 80e0 ldi r24, 0x00 ; 0x276 ; "hello world!"
EOF
RUN
NAME=@b and @addr should coexist
FILE=../bins/firmware/armthumb.bin
ARGS=-aarm -b32
CMDS=<<EOF
pd 1 @b:32 @0xc
EOF
EXPECT=<<EOF
0x0000000c 01207047 ldrbmi r2, [r0, -r1]!
EOF
RUN
NAME=ahb should not be deleted with @b (#9751)
FILE=../bins/firmware/armthumb.bin
ARGS=-aarm -b32
CMDS=<<EOF
ahb 16 @0xc
ah*
pd 1 @b:32 @0xc
ah*
EOF
EXPECT=<<EOF
ahb 16 @ 0xc
0x0000000c 01207047 ldrbmi r2, [r0, -r1]!
ahb 16 @ 0xc
EOF
RUN
NAME=ahb should not override @b
FILE=../bins/firmware/armthumb.bin
ARGS=-aarm -b32
CMDS=<<EOF
ahb 16 @0xc
pd 5 @b:32
EOF
EXPECT=<<EOF
0x00000000 0000a0e1 mov r0, r0
0x00000004 010000eb bl 0x10
@-> 0x00000008 feffffea b 8
0x0000000c 01207047 ldrbmi r2, [r0, -r1]!
0x00000010 00c09fe5 ldr ip, [pc] ; [0x18:4]=13 ; 24
EOF
RUN
NAME=two-operand line highlight; asm.highlight ecHw fix; ec wordhl/linehl
FILE=../bins/elf/redpill
CMDS=<<EOF
. ../bins/other/palette.r2
e scr.color=3
e emu.str=true
e emu.pre=true
e emu.str.inv=false
e emu.str.flag=false
s 0x1457
e asm.highlight=$$
pd 3
e scr.color=1
pd 1
e scr.color=3
ec linehl none
pd 1
ec linehl #002f00
pd 1
ec wordhl rgb:800
ecHw eax
e asm.highlight=0x1457
s 0
pd 1 @ 0x1457
EOF
EXPECT=' 0x00001457 8d8689ddffff lea eax, [esi - 0x2277] ; " Take the Red Pill!! \n"
0x0000145d 50 push eax
0x0000145e 8b86f0ffffff mov eax, dword [esi - 0x10]
0x00001457 8d8689ddffff lea eax, [esi - 0x2277] ; " Take the Red Pill!! \n"
0x00001457 8d8689ddffff lea eax, [esi - 0x2277] ; " Take the Red Pill!! \n"
0x00001457 8d8689ddffff lea eax, [esi - 0x2277] ; " Take the Red Pill!! \n"
0x00001457 8d8689ddffff lea eax, [esi - 0x2277] ; " Take the Red Pill!! \n"'
RUN
NAME=pdJ with backslashes, quotation marks, str.escbslash and bin.str.enc
FILE=-
CMDS=<<EOF
e io.cache=true
e asm.arch=x86
e asm.bits=32
e asm.bytes=false
s 0x1000
wz path"C:\\Program\n
f ansi_str
s 0x2000
"wa mov eax, 0x1000"
e str.escbslash=true
pd 1
pdJ 1
e str.escbslash=false
pd 1
pdJ 1
s 0x3000
ww path"C:\\Program\r
f wide_str
s 0x4000
"wa mov ebx, 0x3000"
e bin.str.enc=guess
pd 1
pdJ 1
e bin.str.enc=latin1
pd 1
pdJ 1
e bin.str.enc=utf16le
e str.escbslash=true
pd 1
pdJ 1
e str.escbslash=false
pd 1
pdJ 1
EOF
EXPECT=<<EOF
0x00002000 mov eax, 0x1000 ; ansi_str ; "path\"C:\\Program\n"
[{"offset":8192,"text":" 0x00002000 mov eax, 0x1000 ; ansi_str ; \"path\\\"C:\\\\Program\\n\""}]
0x00002000 mov eax, 0x1000 ; ansi_str ; "path\"C:\Program\n"
[{"offset":8192,"text":" 0x00002000 mov eax, 0x1000 ; ansi_str ; \"path\\\"C:\\Program\\n\""}]
0x00004000 mov ebx, 0x3000 ; wide_str ; u"path\"C:\Program\r"
[{"offset":16384,"text":" 0x00004000 mov ebx, 0x3000 ; wide_str ; u\"path\\\"C:\\Program\\r\""}]
0x00004000 mov ebx, 0x3000 ; wide_str ; "p"
[{"offset":16384,"text":" 0x00004000 mov ebx, 0x3000 ; wide_str ; \"p\""}]
0x00004000 mov ebx, 0x3000 ; wide_str ; u"path\"C:\\Program\r"
[{"offset":16384,"text":" 0x00004000 mov ebx, 0x3000 ; wide_str ; u\"path\\\"C:\\\\Program\\r\""}]
0x00004000 mov ebx, 0x3000 ; wide_str ; u"path\"C:\Program\r"
[{"offset":16384,"text":" 0x00004000 mov ebx, 0x3000 ; wide_str ; u\"path\\\"C:\\Program\\r\""}]
EOF
RUN
NAME=arm asm.var.sub, asm.ucase and asm.pseudo (fp)
FILE=../bins/elf/analysis/armcall
CMDS=<<EOF
e asm.bytes=false
e asm.comments=false
e io.cache=true
wv4 0xe59b0008 @ 0x00010464
wv4 0xe59b100c @ 0x00010468
af @ main
e asm.pseudo=false
e asm.var.sub=true
e asm.ucase=true
pd 4 @ 0x0001045c
?e
e asm.var.sub=false
e asm.ucase=false
pd 4 @ 0x0001045c
?e
e asm.pseudo=true
e asm.var.sub=true
e asm.var.subonly=false
pd 4 @ 0x0001045c
?e
e asm.var.subonly=true
s main
afvn local2 var_ch
afvn arg1 arg_8h
pd 4 @ 0x0001045c
EOF
EXPECT=<<EOF
| 0x0001045c STR R0, [var_8h]
| 0x00010460 STR R1, [var_ch]
| 0x00010464 LDR R0, [arg_8h]
| 0x00010468 LDR R1, [arg_ch]
| 0x0001045c str r0, [fp, -8]
| 0x00010460 str r1, [fp, -0xc]
| 0x00010464 ldr r0, [fp, 8]
| 0x00010468 ldr r1, [fp, 0xc]
| 0x0001045c [fp - var_8h] = r0
| 0x00010460 [fp - var_ch] = r1
| 0x00010464 r0 = [fp + arg_8h]
| 0x00010468 r1 = [fp + arg_ch]
| 0x0001045c [var_8h] = r0
| 0x00010460 [local2] = r1
| 0x00010464 r0 = [arg1]
| 0x00010468 r1 = [arg_ch]
EOF
RUN
NAME=pdfj with padding
FILE=../bins/elf/padding_in_func
CMDS=<<EOF
s main
af
pdfj~{} | grep opcode
EOF
EXPECT=<<EOF
"opcode": "push rbp",
"opcode": "push rbx",
"opcode": "push rax",
"opcode": "mov ebx, edi",
"opcode": "cmp ebx, 2",
"opcode": "mov eax, 0x5758554a",
"opcode": "mov ebp, 0x10c2377a",
"opcode": "cmovl ebp, eax",
"opcode": "mov eax, 0xbaad0c8f",
"opcode": "cmp eax, 0xccdab13a",
"opcode": "jg 0x40058a",
"opcode": "jmp 0x4005ae",
"opcode": "mov edi, 0x400664",
"opcode": "xor eax, eax",
"opcode": "mov esi, ebx",
"opcode": "call 0x400440",
"opcode": "mov eax, 0xccdab13b",
"opcode": "cmp eax, 0xccdab13a",
"opcode": "jle 0x4005ae",
"opcode": "cmp eax, 0x10c2377a",
"opcode": "je 0x400570",
"opcode": "cmp eax, 0x5758554a",
"opcode": "jne 0x4005b9",
"opcode": "mov edi, 0x40066d",
"opcode": "call 0x400430",
"opcode": "mov eax, 0xccdab13b",
"opcode": "cmp eax, 0xccdab13a",
"opcode": "jg 0x40058a",
"opcode": "cmp eax, 0xbaad0c8f",
"opcode": "mov eax, ebp",
"opcode": "je 0x400583",
"opcode": "jmp 0x4005d0",
"opcode": "cmp eax, 0xccdab13b",
"opcode": "jne 0x4005d0",
"opcode": "xor eax, eax",
"opcode": "add rsp, 8",
"opcode": "pop rbx",
"opcode": "pop rbp",
"opcode": "ret",
"opcode": "jmp 0x4005d0",
EOF
RUN
NAME=asm.imm.str, mov and movabs (#10473)
FILE=../bins/elf/echo-bin
CMDS=<<EOF
e asm.bytes=false
e asm.imm.str=true
pd 1 @ 0x9a2
pd 1 @ 0x9a9
pd 1 @ 0x9b3
EOF
EXPECT=<<EOF
0x000009a2 mov dword [rbp - 0x30], 0x3c3c2b3e ; '>+<<'
0x000009a9 mov word [rbp - 0x2c], 0x3e5d ; ']>'
0x000009b3 movabs rax, 0x3c2b3c3c5b3e3e3e ; '>>>[<<+<'
EOF
RUN
NAME=asm.imm.str, asm.cmd.right=false, pd and pdJ
FILE=../bins/elf/echo-bin
CMDS=<<EOF
e asm.imm.str=true
e asm.cmt.right=false
pd 1 @ 0x9b3
?e
pdJ 1 @ 0x9b3
EOF
EXPECT=<<EOF
; '>>>[<<+<'
0x000009b3 48b83e3e3e5b. movabs rax, 0x3c2b3c3c5b3e3e3e
[{"offset":2483,"text":" ; '>>>[<<+<'"},{"offset":2483,"text":" 0x000009b3 48b83e3e3e5b. movabs rax, 0x3c2b3c3c5b3e3e3e"}]
EOF
RUN
NAME=asm.imm.str short false positive
FILE=../bins/elf/analysis/fast
CMDS=<<EOF
e asm.bytes=false
e asm.imm.str=true
f- @ 0x08048574
pd 1 @ 0x08048444
EOF
EXPECT=<<EOF
0x08048444 push 0x8048574
EOF
RUN
NAME=asm.imm.str and flag
FILE=../bins/elf/strenc
CMDS=<<EOF
e asm.bytes=false
e asm.imm.str=true
e bin.str.enc=utf16le
pd 1 @ 0x004016ca
f str.fence @ 0x40235a
e asm.cmt.off=false
pd 1 @ 0x004016ca
EOF
EXPECT=<<EOF
0x004016ca mov edi, 0x40235a ; 'Z#@' ; u"\u2520\u2542-\u2500-\u2500\u2542\u2528 is a fence with embedded double zeros\n"
0x004016ca mov edi, str.fence ; u"\u2520\u2542-\u2500-\u2500\u2542\u2528 is a fence with embedded double zeros\n"
EOF
RUN
NAME=#10989 double pre-disasm
FILE=../bins/elf/echo-bin
CMDS=<<EOF
e asm.bytes=false
e asm.cmt.right=false
pd 1 @ 0xe78
EOF
EXPECT=<<EOF
; 'f'
0x00000e78 mov byte [rbp - 0x274e], 0x66
EOF
RUN
NAME=pdf show entry0 disasm instead of main
FILE=../bins/elf/ls
CMDS=<<EOF
aa
pdf
EOF
EXPECT=<<EOF
/ 46: entry0 (int64_t arg3);
| ; arg int64_t arg3 @ rdx
| 0x00005ae0 f30f1efa endbr64
| 0x00005ae4 31ed xor ebp, ebp
| 0x00005ae6 4989d1 mov r9, rdx ; arg3
| 0x00005ae9 5e pop rsi
| 0x00005aea 4889e2 mov rdx, rsp
| 0x00005aed 4883e4f0 and rsp, 0xfffffffffffffff0
| 0x00005af1 50 push rax
| 0x00005af2 54 push rsp
| 0x00005af3 4c8d05660c01. lea r8, [0x00016760]
| 0x00005afa 488d0def0b01. lea rcx, [0x000166f0]
| 0x00005b01 488d3d68e5ff. lea rdi, [main] ; 0x4070 ; "AWAVAUATU\x89\xfdSH\x89\xf3H\x83\xecXH\x8b>dH\x8b\x04%("
\ 0x00005b08 ff150ac30100 call qword [reloc.__libc_start_main] ; [0x21e18:8]=0
EOF
RUN
NAME=asm.lines.ret, pd and pdJ
FILE=../bins/elf/crackme0x05
CMDS=<<EOF
e asm.lines.ret=1
s 0x08048414
pd 2
?e
pdJ 2
EOF
EXPECT=<<EOF
0x08048414 c3 ret
; --------------------------------------
0x08048415 90 nop
[{"offset":134513684,"text":" 0x08048414 c3 ret"},{"offset":134513684,"text":" ; --------------------------------------"},{"offset":134513685,"text":" 0x08048415 90 nop"}]
EOF
RUN
NAME=disassemble PE with asm.flags.real enabled
FILE=../bins/pe/ConsoleApplication1.exe
EXPECT=<<EOF
call 0x401836
jmp 0x401322
push ebp
mov ebp, esp
push 0
call dword [SetUnhandledExceptionFilter]
push dword [ebp + 8]
call dword [UnhandledExceptionFilter]
push 0xc0000409
call dword [GetCurrentProcess]
EOF
CMDS=<<EOF
e asm.flags.real=true
pi 10
EOF
RUN
NAME=direct call without fcn + asm.flags.real
FILE=../bins/elf/crackme0x05
EXPECT=<<EOF
0x08048566 e829feffff call sym.imp.printf
0x08048566 e829feffff call printf ; sym.imp.printf
0x08048394 1 6 sym.imp.printf
| 0x08048566 e829feffff call sym.imp.printf ; int printf(const char *format)
| 0x08048566 e829feffff call printf ; sym.imp.printf ; int printf(const char *format)
EOF
CMDS=<<EOF
e asm.flags.real=false
pd 1 @ 0x8048566
e asm.flags.real=true
pd 1 @ 0x8048566
aaa
afl~printf
e asm.flags.real=false
pd 1 @ 0x8048566
e asm.flags.real=true
pd 1 @ 0x8048566
EOF
RUN
NAME=pd grep chain
FILE=malloc://8
EXPECT=<<EOF
0x00000002 51 push rcx
0x00000003 52 push rdx
0x00000004 53 push rbx
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90905152539090 ; pd 7 ~&5,push
EOF
RUN
NAME=pd grep chain fail
FILE=malloc://8
EXPECT=<<EOF
EOF
CMDS=<<EOF
e asm.arch=x86
e asm.bits=64
wx 90905152539090 ; pd 7 ~ 5 ~ push
EOF
RUN
Reference in New Issue View Git Blame Copy Permalink