OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Monday, January 26 2009 09:53.21 CST

Modified: Monday, January 26 2009 09:53.43 CST

Printer Friendly ...

radare 1.2 and libr refactoring

Author: trufae

# Views: 3801

This is an stabilization release after the new year's 1.1 one. It fixes some
installation issues noticed by the gentoo maintainer.

Dont expect too much new features in this version, We (nibble and me) have been
spending most of the time working on 'libr'. The full refactoring of radare into
a set of libraries reducing LOCs, adding test cases, removing warnings, adding
language bindings and the vala api.

As always:

  http://radare.org/get/radare-1.2.tar.gz
  http://radare.org/get/changelog-1.2-short

We plan to make a hackaton for libr in about two weeks. I will ping the mailing
again :)

The reason for libr is that after two years of scratchy development we think the
base is well defined and now the task is a full rewrite from scratch trying to
refactor everything to keep the core simple and minimalistic but bypassing all the
limitations and ugly hacks we have faced during the development of the old 1.0 core.

In a month we have refactored most of the old code into 20 libraries which can be
easily detached from each other to use in your own projects. Expect some licensing
changes for this library..GPL is not designed for libraries and LGPL is probably a
good option but we have to discuss about it. Because the base should be Free.

We have managed to write some minimal implementations of the radare1 programs (rax,
rabin, rasm, radare...) as test programs inside libr (see src/libr fmi) they are
now 10-200 LOC =). Obviously they are incomplete and didnt support all the options
of the old ones, but this is just a question of time. radare2 will be built on top
of libr.

Our plan is to continue working in the refactoring to provide a simpler user interface
but at the same time providing more features in less lines of code. Some basic
optimizations has been done, but major ones will be done when finished.

Actually it's just a toy, but reusing the old code is pretty simple and the development
goes fast :) as always ;)

You can find some vala code examples in src/libr/vapi/t like this one:

--------------------------------------------------
using Radare;

public class AsmExample
{
        public static void main(string[] args)
        {
                Asm.State st = new Asm.State();
                st.set_arch( Asm.Arch.X86 );
                st.set_bits( 32 );
                st.set_big_endian( false );
                st.set_pc( 0x8048000 );

                uint8 *buf = "\xcd\x21";
                st.disasm(buf, 2);
                stdout.printf("%s\n", st.buf_asm);
        }
}
---------------------------------------------------

For 1.3 the plans are to have some core apps replaced by the new libr ones and get more
stuff done in libr with some more refined apis.

Current libraries are:

asm: assemble, disassemble, pseudodisassemble in multiple architectures
bin: parse elf32/64 and pe32 (pe64, mach0, class will be imported soon)
cmd: handles short and long radare commands
config: handles configuration hashtable
cons: multi-os access to console (ansi, html and plain text)
core: implements a radare instance
flags: handles offset marks
hash: checksumming, hashing and entropy calculations
io: wraps IO with backend plugins with support for maps, sections, undos and caches
lib: multi-os library for loading plugins
line: minimalistic multi-os replacement for readline
macro: the scripting macro engine of radare
print: multiple print modes (hexdumps, dates, formatted structures, etc..)
range: handle ranged list of elements
search: search engine with binary masks, strings (ascii, widechar), patterns, expanded aes, ...
socket: easy-to-use socket api
syscall: multi-os api for querying syscall information
util: cross-library utilities for strings, memory, numbers, mathematical expressions...
vm: standalone implementation of the radare vm for emulating any architecture

vm, search, cons and io are not yet stabilized at api level. If you want to follow the
development, please pull the source from mercurial

  hg clone http://radare.org/hg/radare

Plans for 2.0 are:
  - use r_lib as plugin loading api (plugins for all!)
  - parrot bindings (no more scripting limitations)
  - vala bindings (fearless graphical programming)
  - switchable debugging api (use ptrace, mach, bochs, internal vm, etc.. seamlessly)
  - distribute libr as binary modules for your projects.
  - r_core_thread for multithreaded capabilities
  - lot of test cases
  - stabilize api
  - free beer :)

Thanks to Nibble for the development and nopcode people for supporting my crazy talks
about radare scripting. mandingo for the betatesting and esteve for the pattern finding
algorithm fix :)

Enjoy

There are 28,229 total registered users.

Recently Created Topics
Reverse Engineering ...	Jan/23
Career: DoD Agency I...	Jan/22
"Disappearing&q...	Jan/17
Career: Software Sec...	Jan/11
Where is the call st...	Jan/07
IDA Pro 6.1 Breakpoi...	Jan/01
How to create data s...	Dec/30
can i search all mod...	Dec/23
IDA symbol table exp...	Dec/20
An anti-attach trick	Dec/17

Recent Forum Posts
Reverse Engineering ...	NirIzr
"Disappearing&q...	NirIzr
Reverse Engineering ...	charlie
"Disappearing&q...	charlie
An anti-attach trick	Bass
An anti-attach trick	waleeda...
An anti-attach trick	Bass
An anti-attach trick	waleeda...
An anti-attach trick	Bass
Looking for value in...	NirIzr

Recent Blog Entries
	cmathieu	Feb/07
Hacker Carnival
	waleedassar	Feb/06
OllyDbg v1.10 And Hardware ...
	waleedassar	Jan/31
Yet Another Anti-Debug Trick
	RolfRolles	Jan/22
Finding Bugs in VMs with a ...
	waleedassar	Jan/13
An OllyDbg Bug Disables Sof...
More ...

Recent Blog Comments
	waleedassar on:	Feb/07
OllyDbg v1.10 And Hardware ...
	NirIzr on:	Feb/07
OllyDbg v1.10 And Hardware ...
	NirIzr on:	Feb/05
Yet Another Anti-Debug Trick
	trolotou on:	Feb/05
Doudoune Moncler -Pennies F...
	waleedassar on:	Feb/01
Yet Another Anti-Debug Trick
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit