Magic-Mirror/retdec
1
0
Fork 0
mirror of https://github.com/avast/retdec.git synced 2024-12-18 10:56:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,920 Commits 14 Branches 7 Tags 39 MiB
b2c271eec0
Commit Graph

1920 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
houndthe
b2c271eec0 Implement calculation of decrypted Rich Header hash in versions: crc32, md5 and sha256 2021-04-20 13:15:27 +02:00
Peter Matula
b2079307db CHANGELOG.md: add entry for #286, #936 2021-04-14 14:11:28 +02:00
HoundThe
0cdc9a1de6
Implement telfhash for ELF import table (#936) 
* Implement telfhash for import table and add TLSH to the project

* comment the import symbol filter regexes

* Use std::set for faster lookup

* Address code review comments

* better formatting

* Move TLSH to deps/ using cmake

* Forgot to commit tlsh headers

* Restructure elf_format to get symbols in the same manner as telfhash

* Ignore symbols from dynamic segments

* First exclude then convert to lower_case

* mask out symbol visibility from others

* Move telfhash outside import table to elf_format, use TLSH for all imphashes, create default imphash for ELF

* Fix uninitialized value

* Fixed TLSH build on Windows

* fileformat/CMakeLists.txt: do not add tlsh-related stuff

* deps/tlsh: refactor CMake

* cmake/options.cmake: move TLSH to deps section

* deps/tlsh/cmake: add new line at the end

* fileformat/elf_format: C comment -> C++ comment

* fileformat/elf_import_table.h: add missing new line

* fileformat: remove trailing spaces

Co-authored-by: Peter Matula <peter.matula@avast.com>
Co-authored-by: Peter Matula <p3t3r.matula@gmail.com>
 2021-04-14 13:03:15 +02:00
Petr Zemek
dca4d73f5c
Add a CHANGELOG entry for #935. 2021-03-17 08:21:37 +01:00
Petr Zemek
397f05f751
Remove useless trailing whitespace from CHANGELOG. 2021-03-17 08:21:36 +01:00
Petr Zemek
469ed9e8aa
Merge pull request #935 from avast/LZ_sha512_yara_pattern 
Detection of SHA512 improved. Prevented YARA DoS on d251e8b3a5818132d…
 2021-03-17 08:18:33 +01:00
Ladislav Zezula
3a94c2aba7 Detection of SHA512 improved. Prevented YARA DoS on d251e8b3a5818132de9728ea01378f1f7bf5d41ba698c42ddb706761fd714113 2021-03-16 18:38:56 +01:00
Marek Milkovič
4da009ae61 Added #929 to CHANGELOG 2021-02-23 13:50:41 +01:00
Marek Milkovič
ab23f1a6da Minor changes to UPX unpacker improvements 
* Added support for filter 0x51 (big-endian variant for ARM filter 0x50)
* Added compression algorithm into description of packer patterns
 2021-02-22 20:36:29 +01:00
Marek Milkovič
4e9aa29fd4
Merge pull request #929 from TheDuchy/master 
unpackertool: added signatures for new UPX versions
 2021-02-22 20:35:23 +01:00
Jan Neduchal
898b8dfb44 unpackertool: added signatures for new UPX versions 2021-02-22 11:47:40 +01:00
Peter Matula
8693343c87
CHANGELOG.md: entry for added version info 2021-02-18 17:13:53 +01:00
Peter Matula
3cf0f3827d fileinfo: print Fileinfo version in verbose mode 2021-02-18 17:06:17 +01:00
Peter Matula
54214dfd76 retdec: add version info to all executable apps 2021-02-18 17:06:17 +01:00
Peter Matula
21baf36dc5
Make Fileinfo configurable via a JSON config file (#923) 
* fileinfo: load config from JSON

* serdes: fix deserializeDouble()

* fileinfo: use serdes for deserialization of std values

* CHANGELOG.md: add entry for fileinfo JSON configuration

* fileinfo: replace cerr with our logger

* fileinfo: fix noHashes key in JSON config

* fileinfo: change defaut cal of maxMemoryHalf in JSON config

* fileinfo: fix json config loading
 2021-02-12 20:52:55 +01:00
Petr Zemek
869cdd36cf
Add a CHANGELOG entry for #921. 2021-02-11 17:57:38 +01:00
Petr Zemek
3c5a61646d
pelib: Fix a typo in a comment in PeLib::ImageLoader::Load(). 2021-02-11 17:30:23 +01:00
Petr Zemek
a75fbf9823
Remove useless trailing whitespace. 2021-02-11 17:30:13 +01:00
Petr Zemek
2d903efcba
Merge pull request #922 from avast/LZ_Issue_921 
Fixed issue https://github.com/avast/retdec/issues/921
 2021-02-11 17:21:42 +01:00
Ladislav Zezula
4fe8298411 + PE Files cut in the middle of IMAGE_FILE_HEADER not cause fileinfo's loader to return ERROR_NONE and loaderError to LDR_ERROR_NTHEADER_OUT_OF_FILE 2021-02-08 22:01:14 +01:00
Petr Zemek
6ed327e30f
Add a CHANGELOG entry for #917. 2021-01-25 12:49:33 +01:00
Ladislav Zezula
60c94e55a2
Lz fix too many imports (#917) 
* Detection of invalid import directory will now be triggered by invalid import names

* Detection of corrupt import directories was made stricter

* Refactored detection if invalid imports

Co-authored-by: Ladislav Zezula <ladislav.zezula@avast.com>
 2021-01-25 12:44:52 +01:00
Peter Matula
57bd39785f deps/llvm: update to fix #895 2021-01-22 14:14:28 +01:00
Marek Milkovič
c9a6274c71 Added CHANGELOG entries 2021-01-08 15:31:29 +01:00
Marek Milkovič
d62d7e2719
Merge pull request #914 from avast/retdec-fileinfo-archives 
Do not fail completely when retdec-archive-decompiler is not available
 2021-01-08 03:48:14 +01:00
Marek Milkovič
3f6ba3a2c4 Do not fail complately when retdec-archive-decompiler is not available 2021-01-08 01:39:09 +01:00
Marek Milkovič
f4da38081f
Merge pull request #913 from avast/mpress-resources 
unpacker/mpress: Properly copy non-packer related sections to the unpacked file
 2021-01-08 01:38:36 +01:00
Marek Milkovič
aa15ad90a8 unpacker/mpress: Properly copy non-packer related sections to the 
unpacked file
 2021-01-08 00:16:25 +01:00
Petr Zemek
da1c73651d
Add a CHANGELOG entry for #911. 2021-01-06 14:41:01 +01:00
Petr Zemek
d8f666b22d
Merge pull request #912 from avast/LZ_issue_911 
Fixed issue #911
 2021-01-06 14:40:25 +01:00
Ladislav Zezula
28505dd910 Fixed issue #911 2021-01-06 09:11:33 +01:00
Petr Zemek
ec5cd887e0
Add a CHANGELOG entry for #907. 2020-12-18 13:06:45 +01:00
Petr Zemek
ed02e64629
Merge pull request #908 from avast/LZ_issue_907 
Lz issue 907
 2020-12-18 13:05:13 +01:00
Ladislav Zezula
c9ddd13a60 Removed warnings in Visual Studio 2020-12-18 07:27:32 +01:00
Ladislav Zezula
a5374a34af Fixed https://github.com/avast/retdec/issues/907 2020-12-18 06:47:20 +01:00
Peter Matula
37dbfd1e07 fileinfo: add config 2020-12-11 19:30:24 +01:00
Peter Matula
34ac8f9ec3 retdec-decompiler: move config from support to src 2020-12-11 18:14:17 +01:00
Peter Matula
89959d7fd3 capstone2llvmir/x86: #891, better FXTRACT implementation 2020-12-11 18:09:02 +01:00
Peter Matula
9c389719e4 tests/capstone2llvm: fix FPATAN tests 2020-12-11 17:54:26 +01:00
Peter Matula
5ce48491b9 capstone2llvmir/x86: fix #886, change fpatan modelling 2020-12-11 17:41:04 +01:00
Peter Matula
e4e74a68c9 capstone2llvmir/x86: fix #891, fix pseudo fnc instance generation 2020-12-11 16:53:40 +01:00
Peter Matula
b6442ef57d pdbparser: fix 900, use uint64_t for addresses 2020-12-11 16:14:28 +01:00
Peter Matula
72a3e9a961 unpackertool/upx/elf: fix #904, prevent possible infinite loop 2020-12-11 15:22:38 +01:00
Peter Matula
06750aa0e4 unpackertool/upx/elf: break too long lines 2020-12-11 15:12:54 +01:00
Marek Milkovič
2b224b1dd5 Fixed possible access to unallocated memory in MPRESS unpacker 
If the size of data is less than 0x1000 then we can possibly underflow
unsigned int and access unallocated data.
 2020-12-11 14:20:55 +01:00
Peter Matula
b7e1f1c18c cmake: more granular script&support installation 2020-12-02 22:29:55 +01:00
Peter Matula
6adef43125 deps/yara: fix usage with YARA_LOCAL_DIR 2020-11-30 09:36:20 +01:00
Petr Zemek
8dc9463ab7
Add a CHANGELOG entry for #899. 2020-11-25 09:49:55 +01:00
Petr Zemek
c7c8544c83
Merge pull request #899 from avast/LZ_InnoSetup_6_0 
Added YARA rule for Inno Setup 6.0.0
 2020-11-25 09:49:36 +01:00
Ladislav Zezula
952cdccbf5 Added YARA rule for Inno Setup 6.0.0 2020-11-25 08:11:08 +01:00