1 /* radare2 - LGPL - Copyright 2009-2020 - nibble, pancake, xvilka */
2
3 #ifndef R2_ANAL_H
4 #define R2_ANAL_H
5
6 /* use old refs and function storage */
7 // still required by core in lot of places
8 #define USE_VARSUBS 0
9
10 #include <r_types.h>
11 #include <r_io.h>
12 #include <r_reg.h>
13 #include <r_list.h>
14 #include <r_search.h>
15 #include <r_util.h>
16 #include <r_bind.h>
17 #include <r_syscall.h>
18 #include <set.h>
19 #include <r_flag.h>
20 #include <r_bin.h>
21
22 #define esilprintf(op, fmt, ...) r_strbuf_setf (&op->esil, fmt, ##__VA_ARGS__)
23
24 #ifdef __cplusplus
25 extern "C" {
26 #endif
27
28 R_LIB_VERSION_HEADER(r_anal);
29
30 /* dwarf processing context */
31 typedef struct r_anal_dwarf_context {
32 const RBinDwarfDebugInfo *info;
33 HtUP/*<offset, RBinDwarfLocList*>*/ *loc;
34 // const RBinDwarfCfa *cfa; TODO
35 } RAnalDwarfContext;
36
37 // TODO: save memory2 : fingerprints must be pointers to a buffer
38 // containing a dupped file in memory
39
40 /* save memory:
41 bb_has_ops=1 -> 600M
42 bb_has_ops=0 -> 350MB
43 */
44
45 typedef struct {
46 struct r_anal_t *anal;
47 int type;
48 int rad;
49 SdbForeachCallback cb;
50 void *user;
51 int count;
52 struct r_anal_function_t *fcn;
53 PJ *pj;
54 } RAnalMetaUserItem;
55
56 typedef struct r_anal_range_t {
57 ut64 from;
58 ut64 to;
59 int bits;
60 ut64 rb_max_addr;
61 RBNode rb;
62 } RAnalRange;
63
64 #define R_ANAL_GET_OFFSET(x,y,z) \
65 (x && x->binb.bin && x->binb.get_offset)? \
66 x->binb.get_offset (x->binb.bin, y, z): -1
67 enum {
68 R_ANAL_DATA_TYPE_NULL = 0,
69 R_ANAL_DATA_TYPE_UNKNOWN = 1,
70 R_ANAL_DATA_TYPE_STRING = 2,
71 R_ANAL_DATA_TYPE_WIDE_STRING = 3,
72 R_ANAL_DATA_TYPE_POINTER = 4,
73 R_ANAL_DATA_TYPE_NUMBER = 5,
74 R_ANAL_DATA_TYPE_INVALID = 6,
75 R_ANAL_DATA_TYPE_HEADER = 7,
76 R_ANAL_DATA_TYPE_SEQUENCE = 8,
77 R_ANAL_DATA_TYPE_PATTERN = 9,
78 };
79
80 // used from core/anal.c
81 #define R_ANAL_ADDR_TYPE_EXEC 1
82 #define R_ANAL_ADDR_TYPE_READ 1 << 1
83 #define R_ANAL_ADDR_TYPE_WRITE 1 << 2
84 #define R_ANAL_ADDR_TYPE_FLAG 1 << 3
85 #define R_ANAL_ADDR_TYPE_FUNC 1 << 4
86 #define R_ANAL_ADDR_TYPE_HEAP 1 << 5
87 #define R_ANAL_ADDR_TYPE_STACK 1 << 6
88 #define R_ANAL_ADDR_TYPE_REG 1 << 7
89 #define R_ANAL_ADDR_TYPE_PROGRAM 1 << 8
90 #define R_ANAL_ADDR_TYPE_LIBRARY 1 << 9
91 #define R_ANAL_ADDR_TYPE_ASCII 1 << 10
92 #define R_ANAL_ADDR_TYPE_SEQUENCE 1 << 11
93
94 #define R_ANAL_ARCHINFO_MIN_OP_SIZE 0
95 #define R_ANAL_ARCHINFO_MAX_OP_SIZE 1
96 #define R_ANAL_ARCHINFO_ALIGN 2
97 #define R_ANAL_ARCHINFO_DATA_ALIGN 4
98
99 /* copypaste from r_asm.h */
100
101 #define R_ANAL_GET_OFFSET(x,y,z) \
102 (x && x->binb.bin && x->binb.get_offset)? \
103 x->binb.get_offset (x->binb.bin, y, z): -1
104
105 #define R_ANAL_GET_NAME(x,y,z) \
106 (x && x->binb.bin && x->binb.get_name)? \
107 x->binb.get_name (x->binb.bin, y, z): NULL
108
109 /* type = (R_ANAL_VAR_TYPE_BYTE & R_ANAL_VAR_TYPE_SIZE_MASK) |
110 * ( RANAL_VAR_TYPE_SIGNED & RANAL_VAR_TYPE_SIGN_MASK) |
111 * ( RANAL_VAR_TYPE_CONST & RANAL_VAR_TYPE_MODIFIER_MASK)
112 */
113 typedef struct r_anal_type_var_t {
114 char *name;
115 int index;
116 int scope;
117 ut16 type; // contain (type || signedness || modifier)
118 ut8 size;
119 union {
120 ut8 v8;
121 ut16 v16;
122 ut32 v32;
123 ut64 v64;
124 } value;
125 } RAnalTypeVar;
126
127 typedef struct r_anal_type_ptr_t {
128 char *name;
129 ut16 type; // contain (type || signedness || modifier)
130 ut8 size;
131 union {
132 ut8 v8;
133 ut16 v16;
134 ut32 v32;
135 ut64 v64;
136 } value;
137 } RAnalTypePtr;
138
139 typedef struct r_anal_type_array_t {
140 char *name;
141 ut16 type; // contain (type || signedness || modifier)
142 ut8 size;
143 ut64 count;
144 union {
145 ut8 *v8;
146 ut16 *v16;
147 ut32 *v32;
148 ut64 *v64;
149 } value;
150 } RAnalTypeArray;
151
152 typedef struct r_anal_type_struct_t RAnalTypeStruct;
153 typedef struct r_anal_type_t RAnalType;
154
155 struct r_anal_type_struct_t {
156 char *name;
157 ut8 type;
158 ut32 size;
159 void *parent;
160 RAnalType *items;
161 };
162
163 typedef struct r_anal_type_union_t {
164 char *name;
165 ut8 type;
166 ut32 size;
167 void *parent;
168 RAnalType *items;
169 } RAnalTypeUnion;
170
171 typedef struct r_anal_type_alloca_t {
172 long address;
173 long size;
174 void *parent;
175 RAnalType *items;
176 } RAnalTypeAlloca;
177
178 enum {
179 R_ANAL_FQUALIFIER_NONE = 0,
180 R_ANAL_FQUALIFIER_STATIC = 1,
181 R_ANAL_FQUALIFIER_VOLATILE = 2,
182 R_ANAL_FQUALIFIER_INLINE = 3,
183 R_ANAL_FQUALIFIER_NAKED = 4,
184 R_ANAL_FQUALIFIER_VIRTUAL = 5,
185 };
186
187 #define R_ANAL_CC_MAXARG 16
188
189 enum {
190 R_ANAL_FCN_TYPE_NULL = 0,
191 R_ANAL_FCN_TYPE_FCN = 1 << 0,
192 R_ANAL_FCN_TYPE_LOC = 1 << 1,
193 R_ANAL_FCN_TYPE_SYM = 1 << 2,
194 R_ANAL_FCN_TYPE_IMP = 1 << 3,
195 R_ANAL_FCN_TYPE_INT = 1 << 4, /* privileged function - ends with iret/reti/.. */
196 R_ANAL_FCN_TYPE_ROOT = 1 << 5, /* matching flag */
197 R_ANAL_FCN_TYPE_ANY = -1 /* all the bits set */
198 };
199
200 #define RAnalBlock struct r_anal_bb_t
201
202 enum {
203 R_ANAL_DIFF_TYPE_NULL = 0,
204 R_ANAL_DIFF_TYPE_MATCH = 'm',
205 R_ANAL_DIFF_TYPE_UNMATCH = 'u'
206 };
207
208 typedef struct r_anal_enum_case_t {
209 char *name;
210 int val;
211 } RAnalEnumCase;
212
213 typedef struct r_anal_struct_member_t {
214 char *name;
215 char *type;
216 size_t offset; // in bytes
217 size_t size; // in bits?
218 } RAnalStructMember;
219
220 typedef struct r_anal_union_member_t {
221 char *name;
222 char *type;
223 size_t offset; // in bytes
224 size_t size; // in bits?
225 } RAnalUnionMember;
226
227 typedef enum {
228 R_ANAL_BASE_TYPE_KIND_STRUCT,
229 R_ANAL_BASE_TYPE_KIND_UNION,
230 R_ANAL_BASE_TYPE_KIND_ENUM,
231 R_ANAL_BASE_TYPE_KIND_TYPEDEF, // probably temporary addition, dev purposes
232 R_ANAL_BASE_TYPE_KIND_ATOMIC, // For real atomic base types
233 } RAnalBaseTypeKind;
234
235 typedef struct r_anal_base_type_struct_t {
236 RVector/*<RAnalStructMember>*/ members;
237 } RAnalBaseTypeStruct;
238
239 typedef struct r_anal_base_type_union_t {
240 RVector/*<RAnalUnionMember>*/ members;
241 } RAnalBaseTypeUnion;
242
243 typedef struct r_anal_base_type_enum_t {
244 RVector/*<RAnalEnumCase*/ cases; // list of all the enum casessssss
245 } RAnalBaseTypeEnum;
246
247 typedef struct r_anal_base_type_t {
248 char *name;
249 char *type; // Used by typedef, atomic type, enum
250 ut64 size; // size of the whole type in bits
251 RAnalBaseTypeKind kind;
252 union {
253 RAnalBaseTypeStruct struct_data;
254 RAnalBaseTypeEnum enum_data;
255 RAnalBaseTypeUnion union_data;
256 };
257 } RAnalBaseType;
258
259 typedef struct r_anal_diff_t {
260 int type;
261 ut64 addr;
262 double dist;
263 char *name;
264 ut32 size;
265 } RAnalDiff;
266 typedef struct r_anal_attr_t RAnalAttr;
267 struct r_anal_attr_t {
268 char *key;
269 long value;
270 RAnalAttr *next;
271 };
272
273 /* Stores useful function metadata */
274 /* TODO: Think about moving more stuff to this structure? */
275 typedef struct r_anal_fcn_meta_t {
276 // _min and _max are calculated lazily when queried.
277 // On changes, they will either be updated (if this can be done trivially) or invalidated.
278 // They are invalid iff _min == UT64_MAX.
279 ut64 _min; // PRIVATE, min address, use r_anal_function_min_addr() to access
280 ut64 _max; // PRIVATE, max address, use r_anal_function_max_addr() to access
281
282 int numrefs; // number of cross references
283 int numcallrefs; // number of calls
284 } RAnalFcnMeta;
285
286 typedef struct r_anal_function_t {
287 char *name;
288 int bits; // ((> bits 0) (set-bits bits))
289 int type;
290 const char *cc; // calling convention, should come from RAnal.constpool
291 ut64 addr;
292 HtUP/*<ut64, char *>*/ *labels;
293 HtPP/*<char *, ut64 *>*/ *label_addrs;
294 RPVector vars;
295 HtUP/*<st64, RPVector<RAnalVar *>>*/ *inst_vars; // offset of instructions => the variables they access
296 ut64 reg_save_area; // size of stack area pre-reserved for saving registers
297 st64 bp_off; // offset of bp inside owned stack frame
298 st64 stack; // stack frame size
299 int maxstack;
300 int ninstr;
301 bool folded;
302 bool is_pure;
303 bool is_variadic;
304 bool has_changed; // true if function may have changed since last anaysis TODO: set this attribute where necessary
305 bool bp_frame;
306 bool is_noreturn; // true if function does not return
307 ut8 *fingerprint; // TODO: make is fuzzy and smarter
308 size_t fingerprint_size;
309 RAnalDiff *diff;
310 RList *bbs; // TODO: should be RPVector
311 RAnalFcnMeta meta;
312 RList *imports; // maybe bound to class?
313 struct r_anal_t *anal; // this function is associated with this instance
314 } RAnalFunction;
315
316 typedef struct r_anal_func_arg_t {
317 const char *name;
318 const char *fmt;
319 const char *cc_source;
320 char *orig_c_type;
321 char *c_type;
322 ut64 size;
323 ut64 src; //Function-call argument value or pointer to it
324 } RAnalFuncArg;
325
326 struct r_anal_type_t {
327 char *name;
328 ut32 type;
329 ut32 size;
330 RList *content;
331 };
332
333 typedef enum {
334 R_META_TYPE_ANY = -1,
335 R_META_TYPE_DATA = 'd',
336 R_META_TYPE_CODE = 'c',
337 R_META_TYPE_STRING = 's',
338 R_META_TYPE_FORMAT = 'f',
339 R_META_TYPE_MAGIC = 'm',
340 R_META_TYPE_HIDE = 'h',
341 R_META_TYPE_COMMENT = 'C',
342 R_META_TYPE_RUN = 'r',
343 R_META_TYPE_HIGHLIGHT = 'H',
344 R_META_TYPE_VARTYPE = 't',
345 } RAnalMetaType;
346
347 /* meta */
348 typedef struct r_anal_meta_item_t {
349 RAnalMetaType type;
350 int subtype;
351 char *str;
352 const RSpace *space;
353 } RAnalMetaItem;
354
355 // anal
356 typedef enum {
357 R_ANAL_OP_FAMILY_UNKNOWN = -1,
358 R_ANAL_OP_FAMILY_CPU = 0, /* normal cpu instruction */
359 R_ANAL_OP_FAMILY_FPU, /* fpu (floating point) */
360 R_ANAL_OP_FAMILY_MMX, /* multimedia instruction (packed data) */
361 R_ANAL_OP_FAMILY_SSE, /* extended multimedia instruction (packed data) */
362 R_ANAL_OP_FAMILY_PRIV, /* privileged instruction */
363 R_ANAL_OP_FAMILY_CRYPTO, /* cryptographic instructions */
364 R_ANAL_OP_FAMILY_THREAD, /* thread/lock/sync instructions */
365 R_ANAL_OP_FAMILY_VIRT, /* virtualization instructions */
366 R_ANAL_OP_FAMILY_SECURITY, /* security instructions */
367 R_ANAL_OP_FAMILY_IO, /* IO instructions (i.e. IN/OUT) */
368 R_ANAL_OP_FAMILY_LAST
369 } RAnalOpFamily;
370
371 #if 0
372 On x86 according to Wikipedia
373
374 Prefix group 1
375 0xF0: LOCK prefix
376 0xF2: REPNE/REPNZ prefix
377 0xF3: REP or REPE/REPZ prefix
378 Prefix group 2
379 0x2E: CS segment override
380 0x36: SS segment override
381 0x3E: DS segment override
382 0x26: ES segment override
383 0x64: FS segment override
384 0x65: GS segment override
385 0x2E: Branch not taken (hinting)
386 0x3E: Branch taken
387 Prefix group 3
388 0x66: Operand-size override prefix
389 Prefix group 4
390 0x67: Address-size override prefix
391 #endif
392 typedef enum {
393 R_ANAL_OP_PREFIX_COND = 1,
394 R_ANAL_OP_PREFIX_REP = 1<<1,
395 R_ANAL_OP_PREFIX_REPNE = 1<<2,
396 R_ANAL_OP_PREFIX_LOCK = 1<<3,
397 R_ANAL_OP_PREFIX_LIKELY = 1<<4,
398 R_ANAL_OP_PREFIX_UNLIKELY = 1<<5
399 /* TODO: add segment override typemods? */
400 } RAnalOpPrefix;
401
402 // XXX: this definition is plain wrong. use enum or empower bits
403 #define R_ANAL_OP_TYPE_MASK 0x8000ffff
404 #define R_ANAL_OP_HINT_MASK 0xf0000000
405 typedef enum {
406 R_ANAL_OP_TYPE_COND = 0x80000000, // TODO must be moved to prefix?
407 //TODO: MOVE TO PREFIX .. it is used by anal_java.. must be updated
408 R_ANAL_OP_TYPE_REP = 0x40000000, /* repeats next instruction N times */
409 R_ANAL_OP_TYPE_MEM = 0x20000000, // TODO must be moved to prefix?
410 R_ANAL_OP_TYPE_REG = 0x10000000, // operand is a register
411 R_ANAL_OP_TYPE_IND = 0x08000000, // operand is indirect
412 R_ANAL_OP_TYPE_NULL = 0,
413 R_ANAL_OP_TYPE_JMP = 1, /* mandatory jump */
414 R_ANAL_OP_TYPE_UJMP = 2, /* unknown jump (register or so) */
415 R_ANAL_OP_TYPE_RJMP = R_ANAL_OP_TYPE_REG | R_ANAL_OP_TYPE_UJMP,
416 R_ANAL_OP_TYPE_IJMP = R_ANAL_OP_TYPE_IND | R_ANAL_OP_TYPE_UJMP,
417 R_ANAL_OP_TYPE_IRJMP = R_ANAL_OP_TYPE_IND | R_ANAL_OP_TYPE_REG | R_ANAL_OP_TYPE_UJMP,
418 R_ANAL_OP_TYPE_CJMP = R_ANAL_OP_TYPE_COND | R_ANAL_OP_TYPE_JMP, /* conditional jump */
419 R_ANAL_OP_TYPE_RCJMP = R_ANAL_OP_TYPE_REG | R_ANAL_OP_TYPE_CJMP, /* conditional jump register */
420 R_ANAL_OP_TYPE_MJMP = R_ANAL_OP_TYPE_MEM | R_ANAL_OP_TYPE_JMP, /* memory jump */
421 R_ANAL_OP_TYPE_MCJMP = R_ANAL_OP_TYPE_MEM | R_ANAL_OP_TYPE_CJMP, /* memory conditional jump */
422 R_ANAL_OP_TYPE_UCJMP = R_ANAL_OP_TYPE_COND | R_ANAL_OP_TYPE_UJMP, /* conditional unknown jump */
423 R_ANAL_OP_TYPE_CALL = 3, /* call to subroutine (branch+link) */
424 R_ANAL_OP_TYPE_UCALL = 4, /* unknown call (register or so) */
425 R_ANAL_OP_TYPE_RCALL = R_ANAL_OP_TYPE_REG | R_ANAL_OP_TYPE_UCALL,
426 R_ANAL_OP_TYPE_ICALL = R_ANAL_OP_TYPE_IND | R_ANAL_OP_TYPE_UCALL,
427 R_ANAL_OP_TYPE_IRCALL= R_ANAL_OP_TYPE_IND | R_ANAL_OP_TYPE_REG | R_ANAL_OP_TYPE_UCALL,
428 R_ANAL_OP_TYPE_CCALL = R_ANAL_OP_TYPE_COND | R_ANAL_OP_TYPE_CALL, /* conditional call to subroutine */
429 R_ANAL_OP_TYPE_UCCALL= R_ANAL_OP_TYPE_COND | R_ANAL_OP_TYPE_UCALL, /* conditional unknown call */
430 R_ANAL_OP_TYPE_RET = 5, /* returns from subroutine */
431 R_ANAL_OP_TYPE_CRET = R_ANAL_OP_TYPE_COND | R_ANAL_OP_TYPE_RET, /* conditional return from subroutine */
432 R_ANAL_OP_TYPE_ILL = 6, /* illegal instruction // trap */
433 R_ANAL_OP_TYPE_UNK = 7, /* unknown opcode type */
434 R_ANAL_OP_TYPE_NOP = 8, /* does nothing */
435 R_ANAL_OP_TYPE_MOV = 9, /* register move */
436 R_ANAL_OP_TYPE_CMOV = 9 | R_ANAL_OP_TYPE_COND, /* conditional move */
437 R_ANAL_OP_TYPE_TRAP = 10, /* it's a trap! */
438 R_ANAL_OP_TYPE_SWI = 11, /* syscall, software interrupt */
439 R_ANAL_OP_TYPE_CSWI = 11 | R_ANAL_OP_TYPE_COND, /* syscall, software interrupt */
440 R_ANAL_OP_TYPE_UPUSH = 12, /* unknown push of data into stack */
441 R_ANAL_OP_TYPE_RPUSH = R_ANAL_OP_TYPE_UPUSH | R_ANAL_OP_TYPE_REG, /* push register */
442 R_ANAL_OP_TYPE_PUSH = 13, /* push value into stack */
443 R_ANAL_OP_TYPE_POP = 14, /* pop value from stack to register */
444 R_ANAL_OP_TYPE_CMP = 15, /* compare something */
445 R_ANAL_OP_TYPE_ACMP = 16, /* compare via and */
446 R_ANAL_OP_TYPE_ADD = 17,
447 R_ANAL_OP_TYPE_SUB = 18,
448 R_ANAL_OP_TYPE_IO = 19,
449 R_ANAL_OP_TYPE_MUL = 20,
450 R_ANAL_OP_TYPE_DIV = 21,
451 R_ANAL_OP_TYPE_SHR = 22,
452 R_ANAL_OP_TYPE_SHL = 23,
453 R_ANAL_OP_TYPE_SAL = 24,
454 R_ANAL_OP_TYPE_SAR = 25,
455 R_ANAL_OP_TYPE_OR = 26,
456 R_ANAL_OP_TYPE_AND = 27,
457 R_ANAL_OP_TYPE_XOR = 28,
458 R_ANAL_OP_TYPE_NOR = 29,
459 R_ANAL_OP_TYPE_NOT = 30,
460 R_ANAL_OP_TYPE_STORE = 31, /* store from register to memory */
461 R_ANAL_OP_TYPE_LOAD = 32, /* load from memory to register */
462 R_ANAL_OP_TYPE_LEA = 33, /* TODO add ulea */
463 R_ANAL_OP_TYPE_LEAVE = 34,
464 R_ANAL_OP_TYPE_ROR = 35,
465 R_ANAL_OP_TYPE_ROL = 36,
466 R_ANAL_OP_TYPE_XCHG = 37,
467 R_ANAL_OP_TYPE_MOD = 38,
468 R_ANAL_OP_TYPE_SWITCH = 39,
469 R_ANAL_OP_TYPE_CASE = 40,
470 R_ANAL_OP_TYPE_LENGTH = 41,
471 R_ANAL_OP_TYPE_CAST = 42,
472 R_ANAL_OP_TYPE_NEW = 43,
473 R_ANAL_OP_TYPE_ABS = 44,
474 R_ANAL_OP_TYPE_CPL = 45, /* complement */
475 R_ANAL_OP_TYPE_CRYPTO = 46,
476 R_ANAL_OP_TYPE_SYNC = 47,
477 //R_ANAL_OP_TYPE_DEBUG = 43, // monitor/trace/breakpoint
478 #if 0
479 R_ANAL_OP_TYPE_PRIV = 40, /* privileged instruction */
480 R_ANAL_OP_TYPE_FPU = 41, /* floating point stuff */
481 #endif
482 } _RAnalOpType;
483
484 typedef enum {
485 R_ANAL_OP_MASK_BASIC = 0, // Just fills basic op info , it's fast
486 R_ANAL_OP_MASK_ESIL = 1, // It fills RAnalop->esil info
487 R_ANAL_OP_MASK_VAL = 2, // It fills RAnalop->dst/src info
488 R_ANAL_OP_MASK_HINT = 4, // It calls r_anal_op_hint to override anal options
489 R_ANAL_OP_MASK_OPEX = 8, // It fills RAnalop->opex info
490 R_ANAL_OP_MASK_DISASM = 16, // It fills RAnalop->mnemonic // should be RAnalOp->disasm // only from r_core_anal_op()
491 R_ANAL_OP_MASK_ALL = 1 | 2 | 4 | 8 | 16
492 } RAnalOpMask;
493
494 /* TODO: what to do with signed/unsigned conditionals? */
495 typedef enum {
496 R_ANAL_COND_AL = 0, // Always executed (no condition)
497 R_ANAL_COND_EQ, // Equal
498 R_ANAL_COND_NE, // Not equal
499 R_ANAL_COND_GE, // Greater or equal
500 R_ANAL_COND_GT, // Greater than
501 R_ANAL_COND_LE, // Less or equal
502 R_ANAL_COND_LT, // Less than
503 R_ANAL_COND_NV, // Never executed must be a nop? :D
504 R_ANAL_COND_HS, // Carry set >, ==, or unordered
505 R_ANAL_COND_LO, // Carry clear Less than
506 R_ANAL_COND_MI, // Minus, negative Less than
507 R_ANAL_COND_PL, // Plus, positive or zero >, ==, or unordered
508 R_ANAL_COND_VS, // Overflow Unordered
509 R_ANAL_COND_VC, // No overflow Not unordered
510 R_ANAL_COND_HI, // Unsigned higher Greater than, or unordered
511 R_ANAL_COND_LS // Unsigned lower or same Less than or equal
512 } _RAnalCond;
513
514 typedef enum {
515 R_ANAL_VAR_SCOPE_LOCAL = 0x01
516 } _RAnalVarScope;
517
518 typedef enum {
519 R_ANAL_STACK_NULL = 0,
520 R_ANAL_STACK_NOP,
521 R_ANAL_STACK_INC,
522 R_ANAL_STACK_GET,
523 R_ANAL_STACK_SET,
524 R_ANAL_STACK_RESET,
525 R_ANAL_STACK_ALIGN,
526 } RAnalStackOp;
527
528 enum {
529 R_ANAL_REFLINE_TYPE_UTF8 = 1,
530 R_ANAL_REFLINE_TYPE_WIDE = 2, /* reflines have a space between them */
531 R_ANAL_REFLINE_TYPE_MIDDLE_BEFORE = 4, /* do not consider starts/ends of
532 * reflines (used for comment lines before disasm) */
533 R_ANAL_REFLINE_TYPE_MIDDLE_AFTER = 8 /* as above but for lines after disasm */
534 };
535
536 enum {
537 R_ANAL_RET_NOP = 0,
538 R_ANAL_RET_ERROR = -1,
539 R_ANAL_RET_DUP = -2,
540 R_ANAL_RET_NEW = -3,
541 R_ANAL_RET_END = -4
542 };
543
544 typedef struct r_anal_case_obj_t {
545 ut64 addr;
546 ut64 jump;
547 ut64 value;
548 } RAnalCaseOp;
549
550 typedef struct r_anal_switch_obj_t {
551 ut64 addr;
552 ut64 min_val;
553 ut64 def_val;
554 ut64 max_val;
555 RList/*<RAnalCaseOp>*/ *cases;
556 } RAnalSwitchOp;
557
558 struct r_anal_t;
559 struct r_anal_bb_t;
560 typedef struct r_anal_callbacks_t {
561 int (*on_fcn_new) (struct r_anal_t *, void *user, RAnalFunction *fcn);
562 int (*on_fcn_delete) (struct r_anal_t *, void *user, RAnalFunction *fcn);
563 int (*on_fcn_rename) (struct r_anal_t *, void *user, RAnalFunction *fcn, const char *oldname);
564 int (*on_fcn_bb_new) (struct r_anal_t *, void *user, RAnalFunction *fcn, struct r_anal_bb_t *bb);
565 } RAnalCallbacks;
566
567 #define R_ANAL_ESIL_GOTO_LIMIT 4096
568
569 typedef struct r_anal_options_t {
570 int depth;
571 int graph_depth;
572 bool vars; //analyze local var and arguments
573 bool varname_stack; // name vars based on their offset in the stack
574 int cjmpref;
575 int jmpref;
576 int jmpabove;
577 bool ijmp;
578 bool jmpmid; // continue analysis after jmp into middle of insn
579 bool loads;
580 bool ignbithints;
581 int followdatarefs;
582 int searchstringrefs;
583 int followbrokenfcnsrefs;
584 int bb_max_size;
585 bool trycatch;
586 bool norevisit;
587 int afterjmp; // continue analysis after jmp eax or forward jmp // option
588 int recont; // continue on recurse analysis mode
589 int noncode;
590 int nopskip; // skip nops at the beginning of functions
591 int hpskip; // skip `mov reg,reg` and `lea reg,[reg]`
592 int jmptbl; // analyze jump tables
593 int nonull;
594 bool pushret; // analyze push+ret as jmp
595 bool armthumb; //
596 bool endsize; // chop function size which is known to be buggy but goodie too
597 bool delay;
598 int tailcall;
599 bool retpoline;
600 } RAnalOptions;
601
602 typedef enum {
603 R_ANAL_CPP_ABI_ITANIUM = 0,
604 R_ANAL_CPP_ABI_MSVC
605 } RAnalCPPABI;
606
607 typedef struct r_anal_hint_cb_t {
608 //add more cbs as needed
609 void (*on_bits) (struct r_anal_t *a, ut64 addr, int bits, bool set);
610 } RHintCb;
611
612 typedef struct r_anal_t {
613 char *cpu; // anal.cpu
614 char *os; // asm.os
615 int bits; // asm.bits
616 int lineswidth; // asm.lines.width
617 int big_endian; // cfg.bigendian
618 int sleep; // anal.sleep, sleep some usecs before analyzing more (avoid 100% cpu usages)
619 RAnalCPPABI cpp_abi; // anal.cpp.abi
620 void *user;
621 ut64 gp; // anal.gp, global pointer. used for mips. but can be used by other arches too in the future
622 RBTree bb_tree; // all basic blocks by address. They can overlap each other, but must never start at the same address.
623 RList *fcns;
624 HtUP *ht_addr_fun; // address => function
625 HtPP *ht_name_fun; // name => function
626 RReg *reg;
627 ut8 *last_disasm_reg;
628 RSyscall *syscall;
629 int diff_ops;
630 double diff_thbb;
631 double diff_thfcn;
632 RIOBind iob;
633 RFlagBind flb;
634 RFlagSet flg_class_set;
635 RFlagGet flg_class_get;
636 RFlagSet flg_fcn_set;
637 RBinBind binb; // Set only from core when an analysis plugin is called.
638 RCoreBind coreb;
639 int maxreflines; // asm.lines.maxref
640 int esil_goto_limit; // esil.gotolimit
641 int pcalign; // asm.pcalign
642 struct r_anal_esil_t *esil;
643 struct r_anal_plugin_t *cur;
644 struct r_anal_esil_plugin_t *esil_cur; // ???
645 RAnalRange *limit; // anal.from, anal.to
646 RList *plugins; // anal plugins
647 RList *esil_plugins;
648 Sdb *sdb_types;
649 Sdb *sdb_fmts;
650 Sdb *sdb_zigns;
651 HtUP *dict_refs;
652 HtUP *dict_xrefs;
653 bool recursive_noreturn; // anal.rnr
654 RSpaces zign_spaces;
655 char *zign_path; // dir.zigns
656 PrintfCallback cb_printf;
657 //moved from RAnalFcn
658 Sdb *sdb; // root
659 Sdb *sdb_pins;
660 HtUP/*<RVector<RAnalAddrHintRecord>>*/ *addr_hints; // all hints that correspond to a single address
661 RBTree/*<RAnalArchHintRecord>*/ arch_hints;
662 RBTree/*<RAnalArchBitsRecord>*/ bits_hints;
663 RHintCb hint_cbs;
664 RIntervalTree meta;
665 RSpaces meta_spaces;
666 Sdb *sdb_cc; // calling conventions
667 Sdb *sdb_classes;
668 Sdb *sdb_classes_attrs;
669 RAnalCallbacks cb;
670 RAnalOptions opt;
671 RList *reflines;
672 //RList *noreturn;
673 RListComparator columnSort;
674 int stackptr;
675 bool (*log)(struct r_anal_t *anal, const char *msg);
676 bool (*read_at)(struct r_anal_t *anal, ut64 addr, ut8 *buf, int len);
677 bool verbose;
678 int seggrn;
679 RFlagGetAtAddr flag_get;
680 REvent *ev;
681 RList/*<char *>*/ *imports; // global imports
682 SetU *visited;
683 RStrConstPool constpool;
684 RList *leaddrs;
685 } RAnal;
686
687 typedef enum r_anal_addr_hint_type_t {
688 R_ANAL_ADDR_HINT_TYPE_IMMBASE,
689 R_ANAL_ADDR_HINT_TYPE_JUMP,
690 R_ANAL_ADDR_HINT_TYPE_FAIL,
691 R_ANAL_ADDR_HINT_TYPE_STACKFRAME,
692 R_ANAL_ADDR_HINT_TYPE_PTR,
693 R_ANAL_ADDR_HINT_TYPE_NWORD,
694 R_ANAL_ADDR_HINT_TYPE_RET,
695 R_ANAL_ADDR_HINT_TYPE_NEW_BITS,
696 R_ANAL_ADDR_HINT_TYPE_SIZE,
697 R_ANAL_ADDR_HINT_TYPE_SYNTAX,
698 R_ANAL_ADDR_HINT_TYPE_OPTYPE,
699 R_ANAL_ADDR_HINT_TYPE_OPCODE,
700 R_ANAL_ADDR_HINT_TYPE_TYPE_OFFSET,
701 R_ANAL_ADDR_HINT_TYPE_ESIL,
702 R_ANAL_ADDR_HINT_TYPE_HIGH,
703 R_ANAL_ADDR_HINT_TYPE_VAL
704 } RAnalAddrHintType;
705
706 typedef struct r_anal_addr_hint_record_t {
707 RAnalAddrHintType type;
708 union {
709 char *type_offset;
710 int nword;
711 ut64 jump;
712 ut64 fail;
713 int newbits;
714 int immbase;
715 ut64 ptr;
716 ut64 retval;
717 char *syntax;
718 char *opcode;
719 char *esil;
720 int optype;
721 ut64 size;
722 ut64 stackframe;
723 ut64 val;
724 };
725 } RAnalAddrHintRecord;
726
727 typedef struct r_anal_hint_t {
728 ut64 addr;
729 ut64 ptr;
730 ut64 val; // used to hint jmp rax
731 ut64 jump;
732 ut64 fail;
733 ut64 ret; // hint for function ret values
734 char *arch;
735 char *opcode;
736 char *syntax;
737 char *esil;
738 char *offset;
739 ut32 type;
740 ut64 size;
741 int bits;
742 int new_bits; // change asm.bits after evaluating this instruction
743 int immbase;
744 bool high; // highlight hint
745 int nword;
746 ut64 stackframe;
747 } RAnalHint;
748
749 typedef RAnalFunction *(* RAnalGetFcnIn)(RAnal *anal, ut64 addr, int type);
750 typedef RAnalHint *(* RAnalGetHint)(RAnal *anal, ut64 addr);
751
752 typedef struct r_anal_bind_t {
753 RAnal *anal;
754 RAnalGetFcnIn get_fcn_in;
755 RAnalGetHint get_hint;
756 } RAnalBind;
757
758 typedef const char *(*RAnalLabelAt) (RAnalFunction *fcn, ut64);
759
760 typedef enum {
761 R_ANAL_VAR_KIND_REG = 'r',
762 R_ANAL_VAR_KIND_BPV = 'b',
763 R_ANAL_VAR_KIND_SPV = 's'
764 } RAnalVarKind;
765
766 #define VARPREFIX "var"
767 #define ARGPREFIX "arg"
768
769 typedef enum {
770 R_ANAL_VAR_ACCESS_TYPE_PTR = 0,
771 R_ANAL_VAR_ACCESS_TYPE_READ = (1 << 0),
772 R_ANAL_VAR_ACCESS_TYPE_WRITE = (1 << 1)
773 } RAnalVarAccessType;
774
775 typedef struct r_anal_var_access_t {
776 const char *reg; // register used for access
777 st64 offset; // relative to the function's entrypoint
778 st64 stackptr; // delta added to register to get the var, e.g. [rbp - 0x10]
779 ut8 type; // RAnalVarAccessType bits
780 } RAnalVarAccess;
781
782 typedef struct r_anal_var_constraint_t {
783 _RAnalCond cond;
784 ut64 val;
785 } RAnalVarConstraint;
786
787 // generic for args and locals
788 typedef struct r_anal_var_t {
789 RAnalFunction *fcn;
790 char *name; // name of the variable
791 char *type; // cparse type of the variable
792 RAnalVarKind kind;
793 bool isarg;
794 int delta; /* delta offset inside stack frame */
795 char *regname; // name of the register
796 RVector/*<RAnalVarAccess>*/ accesses; // ordered by offset, touch this only through API or expect uaf
797 char *comment;
798 RVector/*<RAnalVarConstraint>*/ constraints;
799
800 // below members are just for caching, TODO: remove them and do it better
801 int argnum;
802 } RAnalVar;
803
804 // Refers to a variable or a struct field inside a variable, only for varsub
805 R_DEPRECATE typedef struct r_anal_var_field_t {
806 char *name;
807 st64 delta;
808 bool field;
809 } RAnalVarField;
810
811 typedef enum {
812 R_ANAL_ACC_UNKNOWN = 0,
813 R_ANAL_ACC_R = (1 << 0),
814 R_ANAL_ACC_W = (1 << 1),
815 } RAnalValueAccess;
816
817 typedef enum {
818 R_ANAL_VAL_REG,
819 R_ANAL_VAL_MEM,
820 R_ANAL_VAL_IMM,
821 } RAnalValueType;
822
823 // base+reg+regdelta*mul+delta
824 typedef struct r_anal_value_t {
825 RAnalValueType type;
826 RAnalValueAccess access;
827 int absolute; // if true, unsigned cast is used
828 int memref; // is memory reference? which size? 1, 2 ,4, 8
829 ut64 base ; // numeric address
830 st64 delta; // numeric delta
831 st64 imm; // immediate value
832 int mul; // multiplier (reg*4+base)
833 RRegItem *seg; // segment selector register
834 RRegItem *reg; // register / register base used (-1 if no reg)
835 RRegItem *regdelta; // register index used (-1 if no reg)
836 } RAnalValue;
837
838 typedef enum {
839 R_ANAL_OP_DIR_READ = 1,
840 R_ANAL_OP_DIR_WRITE = 2,
841 R_ANAL_OP_DIR_EXEC = 4,
842 R_ANAL_OP_DIR_REF = 8,
843 } RAnalOpDirection;
844
845 typedef enum r_anal_data_type_t {
846 R_ANAL_DATATYPE_NULL = 0,
847 R_ANAL_DATATYPE_ARRAY,
848 R_ANAL_DATATYPE_OBJECT, // instance
849 R_ANAL_DATATYPE_STRING,
850 R_ANAL_DATATYPE_CLASS,
851 R_ANAL_DATATYPE_BOOLEAN,
852 R_ANAL_DATATYPE_INT16,
853 R_ANAL_DATATYPE_INT32,
854 R_ANAL_DATATYPE_INT64,
855 R_ANAL_DATATYPE_FLOAT,
856 } RAnalDataType;
857
858 typedef struct r_anal_op_t {
859 char *mnemonic; /* mnemonic.. it actually contains the args too, we should replace rasm with this */
860 ut64 addr; /* address */
861 ut32 type; /* type of opcode */
862 RAnalOpPrefix prefix; /* type of opcode prefix (rep,lock,..) */
863 ut32 type2; /* used by java */
864 RAnalStackOp stackop; /* operation on stack? */
865 _RAnalCond cond; /* condition type */
866 int size; /* size in bytes of opcode */
867 int nopcode; /* number of bytes representing the opcode (not the arguments) TODO: find better name */
868 int cycles; /* cpu-cycles taken by instruction */
869 int failcycles; /* conditional cpu-cycles */
870 RAnalOpFamily family; /* family of opcode */
871 int id; /* instruction id */
872 bool eob; /* end of block (boolean) */
873 bool sign; /* operates on signed values, false by default */
874 /* Run N instructions before executing the current one */
875 int delay; /* delay N slots (mips, ..)*/
876 ut64 jump; /* true jmp */
877 ut64 fail; /* false jmp */
878 RAnalOpDirection direction;
879 st64 ptr; /* reference to memory */ /* XXX signed? */
880 ut64 val; /* reference to value */ /* XXX signed? */
881 int ptrsize; /* f.ex: zero extends for 8, 16 or 32 bits only */
882 st64 stackptr; /* stack pointer */
883 int refptr; /* if (0) ptr = "reference" else ptr = "load memory of refptr bytes" */
884 RAnalValue *src[3];
885 RAnalValue *dst;
886 RList *access; /* RAnalValue access information */
887 RStrBuf esil;
888 RStrBuf opex;
889 const char *reg; /* destination register */
890 const char *ireg; /* register used for indirect memory computation*/
891 int scale;
892 ut64 disp;
893 RAnalSwitchOp *switch_op;
894 RAnalHint hint;
895 RAnalDataType datatype;
896 } RAnalOp;
897
898 #define R_ANAL_COND_SINGLE(x) (!x->arg[1] || x->arg[0]==x->arg[1])
899
900 typedef struct r_anal_cond_t {
901 int type; // filled by CJMP opcode
902 RAnalValue *arg[2]; // filled by CMP opcode
903 } RAnalCond;
904
905 typedef struct r_anal_bb_t {
906 RBNode _rb; // private, node in the RBTree
907 ut64 _max_end; // private, augmented value for RBTree
908
909 ut64 addr;
910 ut64 size;
911 ut64 jump;
912 ut64 fail;
913 bool traced;
914 bool folded;
915 RColor color;
916 ut8 *fingerprint;
917 RAnalDiff *diff;
918 RAnalCond *cond;
919 RAnalSwitchOp *switch_op;
920 ut16 *op_pos; // offsets of instructions in this block, count is ninstr - 1 (first is always 0)
921 ut8 *op_bytes;
922 ut8 *parent_reg_arena;
923 int op_pos_size; // size of the op_pos array
924 int ninstr;
925 int stackptr;
926 int parent_stackptr;
927 ut64 cmpval;
928 const char *cmpreg;
929 ut32 bbhash; // calculated with xxhash
930
931 RList *fcns;
932 RAnal *anal;
933 int ref;
934 #undef RAnalBlock
935 } RAnalBlock;
936
937 typedef enum {
938 R_ANAL_REF_TYPE_NULL = 0,
939 R_ANAL_REF_TYPE_CODE = 'c', // code ref
940 R_ANAL_REF_TYPE_CALL = 'C', // code ref (call)
941 R_ANAL_REF_TYPE_DATA = 'd', // mem ref
942 R_ANAL_REF_TYPE_STRING='s' // string ref
943 } RAnalRefType;
944
945 typedef struct r_anal_ref_t {
946 ut64 addr;
947 ut64 at;
948 RAnalRefType type;
949 } RAnalRef;
950 R_API const char *r_anal_ref_type_tostring(RAnalRefType t);
951
952 /* represents a reference line from one address (from) to another (to) */
953 typedef struct r_anal_refline_t {
954 ut64 from;
955 ut64 to;
956 int index;
957 int level;
958 int type;
959 int direction;
960 } RAnalRefline;
961
962 typedef struct r_anal_cycle_frame_t {
963 ut64 naddr; //next addr
964 RList *hooks;
965 struct r_anal_cycle_frame_t *prev;
966 } RAnalCycleFrame;
967
968 typedef struct r_anal_cycle_hook_t { //rename ?
969 ut64 addr;
970 int cycles;
971 } RAnalCycleHook;
972
973 typedef struct r_anal_esil_word_t {
974 int type;
975 const char *str;
976 } RAnalEsilWord;
977
978 // only flags that affect control flow
979 enum {
980 R_ANAL_ESIL_FLAG_ZERO = 1,
981 R_ANAL_ESIL_FLAG_CARRY = 2,
982 R_ANAL_ESIL_FLAG_OVERFLOW = 4,
983 R_ANAL_ESIL_FLAG_PARITY = 8,
984 R_ANAL_ESIL_FLAG_SIGN = 16,
985 // ...
986 };
987
988 enum {
989 R_ANAL_TRAP_NONE = 0,
990 R_ANAL_TRAP_UNHANDLED = 1,
991 R_ANAL_TRAP_BREAKPOINT = 2,
992 R_ANAL_TRAP_DIVBYZERO = 3,
993 R_ANAL_TRAP_WRITE_ERR = 4,
994 R_ANAL_TRAP_READ_ERR = 5,
995 R_ANAL_TRAP_EXEC_ERR = 6,
996 R_ANAL_TRAP_INVALID = 7,
997 R_ANAL_TRAP_UNALIGNED = 8,
998 R_ANAL_TRAP_TODO = 9,
999 R_ANAL_TRAP_HALT = 10,
1000 };
1001
1002 enum {
1003 R_ANAL_ESIL_PARM_INVALID = 0,
1004 R_ANAL_ESIL_PARM_REG,
1005 R_ANAL_ESIL_PARM_NUM,
1006 };
1007
1008 /* Constructs to convert from ESIL to REIL */
1009 #define FOREACHOP(GENERATE) \
1010 /* No Operation */ GENERATE(NOP) \
1011 /* Unknown/Undefined */ GENERATE(UNK) \
1012 /* Conditional Jump */ GENERATE(JCC) \
1013 /* Store Value to register */ GENERATE(STR) \
1014 /* Store value to memory */ GENERATE(STM) \
1015 /* Load value from memory */ GENERATE(LDM) \
1016 /* Addition */ GENERATE(ADD) \
1017 /* Subtraction */ GENERATE(SUB) \
1018 /* Negation */ GENERATE(NEG) \
1019 /* Multiplication */ GENERATE(MUL) \
1020 /* Division */ GENERATE(DIV) \
1021 /* Modulo */ GENERATE(MOD) \
1022 /* Signed Multiplication */ GENERATE(SMUL) \
1023 /* Sugned Division */ GENERATE(SDIV) \
1024 /* Signed Modulus */ GENERATE(SMOD) \
1025 /* Shift Left */ GENERATE(SHL) \
1026 /* Shift Right */ GENERATE(SHR) \
1027 /* Binary and */ GENERATE(AND) \
1028 /* Binary or */ GENERATE(OR) \
1029 /* Binary xor */ GENERATE(XOR) \
1030 /* Binary not */ GENERATE(NOT) \
1031 /* Equation */ GENERATE(EQ) \
1032 /* Less Than */ GENERATE(LT)
1033
1034 #define MAKE_ENUM(OP) REIL_##OP,
1035 #define REIL_OP_STRING(STRING) #STRING,
1036
1037 typedef enum {
1038 FOREACHOP(MAKE_ENUM)
1039 } RAnalReilOpcode;
1040
1041 typedef enum {
1042 ARG_REG, // CPU Register
1043 ARG_TEMP, // Temporary register used by REIL
1044 ARG_CONST, // Constant value
1045 ARG_ESIL_INTERNAL, // Used to resolve ESIL internal flags
1046 ARG_NONE // Operand not used by the instruction
1047 } RAnalReilArgType;
1048
1049 // Arguments to a REIL instruction.
1050 typedef struct r_anal_reil_arg {
1051 RAnalReilArgType type; // Type of the argument
1052 ut8 size; // Size of the argument in bytes
1053 char name[32]; // Name of the argument
1054 } RAnalReilArg;
1055
1056 typedef struct r_anal_ref_char {
1057 char *str;
1058 char *cols;
1059 } RAnalRefStr;
1060
1061 // Instruction arg1, arg2, arg3
1062 typedef struct r_anal_reil_inst {
1063 RAnalReilOpcode opcode;
1064 RAnalReilArg *arg[3];
1065 } RAnalReilInst;
1066
1067 typedef struct r_anal_reil {
1068 char old[32]; // Used to compute flags.
1069 char cur[32];
1070 ut8 lastsz;
1071 ut64 reilNextTemp; // Used to store the index of the next REIL temp register to be used.
1072 ut64 addr; // Used for instruction sequencing. Check esil2reil.c for details.
1073 ut8 seq_num; // Incremented and used when noInc is set to 1.
1074 int skip;
1075 int cmd_count;
1076 char if_buf[64];
1077 char pc[8];
1078 } RAnalReil;
1079
1080 // must be a char
1081 #define ESIL_INTERNAL_PREFIX '$'
1082 #define ESIL_STACK_NAME "esil.ram"
1083 #define ESIL struct r_anal_esil_t
1084
1085 typedef bool (*RAnalEsilHandlerCB)(ESIL *esil, ut32 h, void *user);
1086
1087 typedef struct r_anal_esil_handler_t {
1088 RAnalEsilHandlerCB cb;
1089 void *user;
1090 } RAnalEsilHandler;
1091
1092 typedef struct r_anal_esil_change_reg_t {
1093 int idx;
1094 ut64 data;
1095 } RAnalEsilRegChange;
1096
1097 typedef struct r_anal_esil_change_mem_t {
1098 int idx;
1099 ut8 data;
1100 } RAnalEsilMemChange;
1101
1102 typedef struct r_anal_esil_trace_t {
1103 int idx;
1104 int end_idx;
1105 HtUP *registers;
1106 HtUP *memory;
1107 RRegArena *arena[R_REG_TYPE_LAST];
1108 ut64 stack_addr;
1109 ut64 stack_size;
1110 ut8 *stack_data;
1111 //TODO remove `db` and reuse info above
1112 Sdb *db;
1113 } RAnalEsilTrace;
1114
1115 typedef int (*RAnalEsilHookRegWriteCB)(ESIL *esil, const char *name, ut64 *val);
1116
1117 typedef struct r_anal_esil_callbacks_t {
1118 void *user;
1119 /* callbacks */
1120 int (*hook_flag_read)(ESIL *esil, const char *flag, ut64 *num);
1121 int (*hook_command)(ESIL *esil, const char *op);
1122 int (*hook_mem_read)(ESIL *esil, ut64 addr, ut8 *buf, int len);
1123 int (*mem_read)(ESIL *esil, ut64 addr, ut8 *buf, int len);
1124 int (*hook_mem_write)(ESIL *esil, ut64 addr, const ut8 *buf, int len);
1125 int (*mem_write)(ESIL *esil, ut64 addr, const ut8 *buf, int len);
1126 int (*hook_reg_read)(ESIL *esil, const char *name, ut64 *res, int *size);
1127 int (*reg_read)(ESIL *esil, const char *name, ut64 *res, int *size);
1128 RAnalEsilHookRegWriteCB hook_reg_write;
1129 int (*reg_write)(ESIL *esil, const char *name, ut64 val);
1130 } RAnalEsilCallbacks;
1131
1132 typedef struct r_anal_esil_t {
1133 RAnal *anal;
1134 char **stack;
1135 ut64 addrmask;
1136 int stacksize;
1137 int stackptr;
1138 ut32 skip;
1139 int nowrite;
1140 int iotrap;
1141 int exectrap;
1142 int repeat;
1143 int parse_stop;
1144 int parse_goto;
1145 int parse_goto_count;
1146 int verbose;
1147 ut64 flags;
1148 ut64 address;
1149 ut64 stack_addr;
1150 ut32 stack_size;
1151 int delay; // mapped to $ds in ESIL
1152 ut64 jump_target; // mapped to $jt in ESIL
1153 int jump_target_set; // mapped to $js in ESIL
1154 int trap;
1155 ut32 trap_code; // extend into a struct to store more exception info?
1156 // parity flag? done with cur
1157 ut64 old; //used for carry-flagging and borrow-flagging
1158 ut64 cur; //used for carry-flagging and borrow-flagging
1159 ut8 lastsz; //in bits //used for signature-flag
1160 /* native ops and custom ops */
1161 HtPP *ops;
1162 char *current_opstr;
1163 SdbMini *interrupts;
1164 SdbMini *syscalls;
1165 //this is a disgusting workaround, because we have no ht-like storage without magic keys, that you cannot use, with int-keys
1166 RAnalEsilHandler *intr0;
1167 RAnalEsilHandler *sysc0;
1168 /* deep esil parsing fills this */
1169 Sdb *stats;
1170 RAnalEsilTrace *trace;
1171 RAnalEsilCallbacks cb;
1172 RAnalReil *Reil;
1173 // this is so cursed, can we please remove external commands from esil internals.
1174 // Function pointers are fine, but not commands
1175 char *cmd_step; // r2 (external) command to run before a step is performed
1176 char *cmd_step_out; // r2 (external) command to run after a step is performed
1177 char *cmd_intr; // r2 (external) command to run when an interrupt occurs
1178 char *cmd_trap; // r2 (external) command to run when a trap occurs
1179 char *cmd_mdev; // r2 (external) command to run when an memory mapped device address is used
1180 char *cmd_todo; // r2 (external) command to run when esil expr contains TODO
1181 char *cmd_ioer; // r2 (external) command to run when esil fails to IO
1182 char *mdev_range; // string containing the r_str_range to match for read/write accesses
1183 bool (*cmd)(ESIL *esil, const char *name, ut64 a0, ut64 a1);
1184 void *user;
1185 int stack_fd; // ahem, let's not do this
1186 } RAnalEsil;
1187
1188 #undef ESIL
1189
1190
1191 enum {
1192 R_ANAL_ESIL_OP_TYPE_UNKNOWN = 0x1,
1193 R_ANAL_ESIL_OP_TYPE_CONTROL_FLOW,
1194 R_ANAL_ESIL_OP_TYPE_MEM_READ = 0x4,
1195 R_ANAL_ESIL_OP_TYPE_MEM_WRITE = 0x8,
1196 R_ANAL_ESIL_OP_TYPE_REG_WRITE = 0x10,
1197 R_ANAL_ESIL_OP_TYPE_MATH = 0x20,
1198 R_ANAL_ESIL_OP_TYPE_CUSTOM = 0x40
1199 };
1200
1201
1202 typedef bool (*RAnalEsilOpCb)(RAnalEsil *esil);
1203
1204 typedef struct r_anal_esil_operation_t {
1205 RAnalEsilOpCb code;
1206 ut32 push; // amount of operands pushed
1207 ut32 pop; // amount of operands popped
1208 ut32 type;
1209 } RAnalEsilOp;
1210
1211
1212 // this is 80-bit offsets so we can address every piece of esil in an instruction
1213 typedef struct r_anal_esil_expr_offset_t {
1214 ut64 off;
1215 ut16 idx;
1216 } RAnalEsilEOffset;
1217
1218 typedef enum {
1219 R_ANAL_ESIL_BLOCK_ENTER_NORMAL = 0,
1220 R_ANAL_ESIL_BLOCK_ENTER_TRUE,
1221 R_ANAL_ESIL_BLOCK_ENTER_FALSE,
1222 R_ANAL_ESIL_BLOCK_ENTER_GLUE,
1223 } RAnalEsilBlockEnterType;
1224
1225 typedef struct r_anal_esil_basic_block_t {
1226 RAnalEsilEOffset first;
1227 RAnalEsilEOffset last;
1228 char *expr; //synthesized esil-expression for this block
1229 RAnalEsilBlockEnterType enter; //maybe more type is needed here
1230 } RAnalEsilBB;
1231
1232 typedef struct r_anal_esil_cfg_t {
1233 RGraphNode *start;
1234 RGraphNode *end;
1235 RGraph *g;
1236 } RAnalEsilCFG;
1237
1238 enum {
1239 R_ANAL_ESIL_DFG_BLOCK_CONST = 1,
1240 R_ANAL_ESIL_DFG_BLOCK_VAR = 2,
1241 R_ANAL_ESIL_DFG_BLOCK_PTR = 4,
1242 R_ANAL_ESIL_DFG_BLOCK_RESULT = 8,
1243 R_ANAL_ESIL_DFG_BLOCK_GENERATIVE = 16,
1244 }; //RAnalEsilDFGBlockType
1245
1246 typedef struct r_anal_esil_dfg_t {
1247 ut32 idx;
1248 Sdb *regs; //resolves regnames to intervals
1249 RContRBTree *reg_vars; //vars represented in regs
1250 RQueue *todo; //todo-queue allocated in this struct for perf
1251 void *insert; //needed for setting regs in dfg
1252 RGraph *flow;
1253 RGraphNode *cur;
1254 RGraphNode *old;
1255 bool malloc_failed;
1256 } RAnalEsilDFG;
1257
1258 typedef struct r_anal_esil_dfg_node_t {
1259 // add more info here
1260 ut32 idx;
1261 RStrBuf *content;
1262 ut32 /*RAnalEsilDFGBlockType*/ type;
1263 } RAnalEsilDFGNode;
1264
1265 typedef int (*RAnalCmdExt)(/* Rcore */RAnal *anal, const char* input);
1266
1267 // TODO: rm data + len
1268 typedef int (*RAnalOpCallback)(RAnal *a, RAnalOp *op, ut64 addr, const ut8 *data, int len, RAnalOpMask mask);
1269
1270 typedef bool (*RAnalRegProfCallback)(RAnal *a);
1271 typedef char*(*RAnalRegProfGetCallback)(RAnal *a);
1272 typedef int (*RAnalFPBBCallback)(RAnal *a, RAnalBlock *bb);
1273 typedef int (*RAnalFPFcnCallback)(RAnal *a, RAnalFunction *fcn);
1274 typedef int (*RAnalDiffBBCallback)(RAnal *anal, RAnalFunction *fcn, RAnalFunction *fcn2);
1275 typedef int (*RAnalDiffFcnCallback)(RAnal *anal, RList *fcns, RList *fcns2);
1276 typedef int (*RAnalDiffEvalCallback)(RAnal *anal);
1277
1278 typedef int (*RAnalEsilCB)(RAnalEsil *esil);
1279 typedef int (*RAnalEsilLoopCB)(RAnalEsil *esil, RAnalOp *op);
1280 typedef int (*RAnalEsilTrapCB)(RAnalEsil *esil, int trap_type, int trap_code);
1281
1282 typedef struct r_anal_plugin_t {
1283 char *name;
1284 char *desc;
1285 char *license;
1286 char *arch;
1287 char *author;
1288 char *version;
1289 int bits;
1290 int esil; // can do esil or not
1291 int fileformat_type;
1292 int (*init)(void *user);
1293 int (*fini)(void *user);
1294 //int (*reset_counter) (RAnal *anal, ut64 start_addr);
1295 int (*archinfo)(RAnal *anal, int query);
1296 ut8* (*anal_mask)(RAnal *anal, int size, const ut8 *data, ut64 at);
1297 RList* (*preludes)(RAnal *anal);
1298
1299 // legacy r_anal_functions
1300 RAnalOpCallback op;
1301
1302 // command extension to directly call any analysis functions
1303 RAnalCmdExt cmd_ext;
1304
1305 RAnalRegProfCallback set_reg_profile;
1306 RAnalRegProfGetCallback get_reg_profile;
1307 RAnalFPBBCallback fingerprint_bb;
1308 RAnalFPFcnCallback fingerprint_fcn;
1309 RAnalDiffBBCallback diff_bb;
1310 RAnalDiffFcnCallback diff_fcn;
1311 RAnalDiffEvalCallback diff_eval;
1312
1313 RAnalEsilCB esil_init; // initialize esil-related stuff
1314 RAnalEsilLoopCB esil_post_loop; //cycle-counting, firing interrupts, ...
1315 RAnalEsilTrapCB esil_trap; // traps / exceptions
1316 RAnalEsilCB esil_fini; // deinitialize
1317 } RAnalPlugin;
1318
1319 typedef struct r_anal_esil_plugin_t {
1320 char *name;
1321 char *desc;
1322 char *license;
1323 char *arch;
1324 char *author;
1325 char *version;
1326
1327 bool (*init)(void *user);
1328 bool (*fini)(void *user);
1329 } RAnalEsilPlugin;
1330
1331 /*----------------------------------------------------------------------------------------------*/
1332 int * (r_anal_compare) (RAnalFunction , RAnalFunction );
1333 /*----------------------------------------------------------------------------------------------*/
1334
1335 #ifdef R_API
1336 /* --------- */ /* REFACTOR */ /* ---------- */
1337 R_API RListRange* r_listrange_new (void);
1338 R_API void r_listrange_free(RListRange *s);
1339 R_API void r_listrange_add(RListRange *s, RAnalFunction *f);
1340 R_API void r_listrange_del(RListRange *s, RAnalFunction *f);
1341 R_API void r_listrange_resize(RListRange *s, RAnalFunction *f, int newsize);
1342 R_API RAnalFunction *r_listrange_find_in_range(RListRange* s, ut64 addr);
1343 R_API RAnalFunction *r_listrange_find_root(RListRange* s, ut64 addr);
1344 /* --------- */ /* REFACTOR */ /* ---------- */
1345 /* type.c */
1346 R_API RAnalType *r_anal_type_new(void);
1347 R_API void r_anal_type_add(RAnal *l, RAnalType *t);
1348 R_API RAnalType *r_anal_type_find(RAnal *a, const char* name);
1349 R_API void r_anal_type_list(RAnal *a, short category, short enabled);
1350 R_API const char *r_anal_datatype_to_string(RAnalDataType t);
1351 R_API RAnalType *r_anal_str_to_type(RAnal *a, const char* s);
1352 R_API bool r_anal_op_nonlinear(int t);
1353 R_API bool r_anal_op_ismemref(int t);
1354 R_API const char *r_anal_optype_to_string(int t);
1355 R_API int r_anal_optype_from_string(const char *type);
1356 R_API const char *r_anal_op_family_to_string (int n);
1357 R_API int r_anal_op_family_from_string(const char *f);
1358 R_API int r_anal_op_hint(RAnalOp *op, RAnalHint *hint);
1359 R_API RAnalType *r_anal_type_free(RAnalType *t);
1360 R_API RAnalType *r_anal_type_loadfile(RAnal *a, const char *path);
1361
1362 /* block.c */
1363 typedef bool (*RAnalBlockCb)(RAnalBlock *block, void *user);
1364 typedef bool (*RAnalAddrCb)(ut64 addr, void *user);
1365
1366 // lifetime
1367 R_API void r_anal_block_ref(RAnalBlock *bb);
1368 R_API void r_anal_block_unref(RAnalBlock *bb);
1369
1370 // Create one block covering the given range.
1371 // This will fail if the range overlaps any existing blocks.
1372 R_API RAnalBlock *r_anal_create_block(RAnal *anal, ut64 addr, ut64 size);
1373
r_anal_block_contains(RAnalBlock * bb,ut64 addr)1374 static inline bool r_anal_block_contains(RAnalBlock *bb, ut64 addr) {
1375 return addr >= bb->addr && addr < bb->addr + bb->size;
1376 }
1377
1378 // Split the block at the given address into two blocks.
1379 // bb will stay the first block, the second block will be returned (or NULL on failure)
1380 // The returned block will always be refd, i.e. it is necessary to always call r_anal_block_unref() on the return value!
1381 R_API RAnalBlock *r_anal_block_split(RAnalBlock *bb, ut64 addr);
1382
r_anal_block_is_contiguous(RAnalBlock * a,RAnalBlock * b)1383 static inline bool r_anal_block_is_contiguous(RAnalBlock *a, RAnalBlock *b) {
1384 return (a->addr + a->size) == b->addr;
1385 }
1386
1387 // Merge block b into a.
1388 // b will be FREED (not just unrefd) and is NOT VALID anymore if this function is successful!
1389 // This only works if b follows directly after a and their function lists are identical.
1390 // returns true iff the blocks could be merged
1391 R_API bool r_anal_block_merge(RAnalBlock *a, RAnalBlock *b);
1392
1393 // Manually delete a block and remove it from all its functions
1394 // If there are more references to it than from its functions only, it will not be removed immediately!
1395 R_API void r_anal_delete_block(RAnalBlock *bb);
1396
1397 R_API void r_anal_block_set_size(RAnalBlock *block, ut64 size);
1398
1399 // Set the address and size of the block.
1400 // This can fail (and return false) if there is already another block at the new address
1401 R_API bool r_anal_block_relocate(RAnalBlock *block, ut64 addr, ut64 size);
1402
1403 R_API RAnalBlock *r_anal_get_block_at(RAnal *anal, ut64 addr);
1404 R_API bool r_anal_blocks_foreach_in(RAnal *anal, ut64 addr, RAnalBlockCb cb, void *user);
1405 R_API RList *r_anal_get_blocks_in(RAnal *anal, ut64 addr); // values from r_anal_blocks_foreach_in as a list
1406 R_API void r_anal_blocks_foreach_intersect(RAnal *anal, ut64 addr, ut64 size, RAnalBlockCb cb, void *user);
1407 R_API RList *r_anal_get_blocks_intersect(RAnal *anal, ut64 addr, ut64 size); // values from r_anal_blocks_foreach_intersect as a list
1408
1409 // Call cb on every direct successor address of block
1410 // returns false if the loop was breaked by cb
1411 R_API bool r_anal_block_successor_addrs_foreach(RAnalBlock *block, RAnalAddrCb cb, void *user);
1412
1413 // Call cb on block and every (recursive) successor of it
1414 // returns false if the loop was breaked by cb
1415 R_API bool r_anal_block_recurse(RAnalBlock *block, RAnalBlockCb cb, void *user);
1416
1417 // Call cb on block and every (recursive) successor of it
1418 // If cb returns false, recursion stops only for that block
1419 // returns false if the loop was breaked by cb
1420 R_API bool r_anal_block_recurse_followthrough(RAnalBlock *block, RAnalBlockCb cb, void *user);
1421
1422 // Call cb on block and every (recursive) successor of it
1423 // Call on_exit on block that doesn't have non-visited successors
1424 // returns false if the loop was breaked by cb
1425 R_API bool r_anal_block_recurse_depth_first(RAnalBlock *block, RAnalBlockCb cb, R_NULLABLE RAnalBlockCb on_exit, void *user);
1426
1427 // same as r_anal_block_recurse, but returns the blocks as a list
1428 R_API RList *r_anal_block_recurse_list(RAnalBlock *block);
1429
1430 // return one shortest path from block to dst or NULL if none exists.
1431 R_API R_NULLABLE RList/*<RAnalBlock *>*/ *r_anal_block_shortest_path(RAnalBlock *block, ut64 dst);
1432
1433 // Add a case to the block's switch_op.
1434 // If block->switch_op is NULL, it will be created with the given switch_addr.
1435 R_API void r_anal_block_add_switch_case(RAnalBlock *block, ut64 switch_addr, ut64 case_value, ut64 case_addr);
1436
1437 // Chop off the block at the specified address and remove all destinations.
1438 // Blocks that have become unreachable after this operation will be automatically removed from all functions of block.
1439 // addr must be the address directly AFTER the noreturn call!
1440 // After the chopping, an r_anal_block_automerge() is performed on the touched blocks.
1441 // IMPORTANT: The automerge might also FREE block! This function returns block iff it is still valid afterwards.
1442 // If this function returns NULL, the pointer to block MUST not be touched anymore!
1443 R_API RAnalBlock *r_anal_block_chop_noreturn(RAnalBlock *block, ut64 addr);
1444
1445 // Merge every block in blocks with their contiguous predecessor, if possible.
1446 // IMPORTANT: Merged blocks will be FREED! The blocks list will be updated to contain only the survived blocks.
1447 R_API void r_anal_block_automerge(RList *blocks);
1448
1449 // return true iff an instruction in the given basic block starts at the given address
1450 R_API bool r_anal_block_op_starts_at(RAnalBlock *block, ut64 addr);
1451
1452 // Updates bbhash based on current bytes inside the block
1453 R_API void r_anal_block_update_hash(RAnalBlock *block);
1454
1455 // returns true if a byte in the given basic block was modified
1456 R_API bool r_anal_block_was_modified(RAnalBlock *block);
1457
1458 // ---------------------------------------
1459
1460 /* function.c */
1461
1462 R_API RAnalFunction *r_anal_function_new(RAnal *anal);
1463 R_API void r_anal_function_free(void *fcn);
1464
1465 // Add a function created with r_anal_function_new() to anal
1466 R_API bool r_anal_add_function(RAnal *anal, RAnalFunction *fcn);
1467
1468 // Create a new function and add it to anal (r_anal_function_new() + set members + r_anal_add_function())
1469 R_API RAnalFunction *r_anal_create_function(RAnal *anal, const char *name, ut64 addr, int type, RAnalDiff *diff);
1470
1471 // returns all functions that have a basic block containing the given address
1472 R_API RList *r_anal_get_functions_in(RAnal *anal, ut64 addr);
1473
1474 // returns the function that has its entrypoint at addr or NULL
1475 R_API RAnalFunction *r_anal_get_function_at(RAnal *anal, ut64 addr);
1476
1477 R_API bool r_anal_function_delete(RAnalFunction *fcn);
1478
1479 // rhange the entrypoint of fcn
1480 // This can fail (and return false) if there is already another function at the new address
1481 R_API bool r_anal_function_relocate(RAnalFunction *fcn, ut64 addr);
1482
1483 // rename the given function
1484 // This can fail (and return false) if there is another function with the name given
1485 R_API bool r_anal_function_rename(RAnalFunction *fcn, const char *name);
1486
1487 R_API void r_anal_function_add_block(RAnalFunction *fcn, RAnalBlock *bb);
1488 R_API void r_anal_function_remove_block(RAnalFunction *fcn, RAnalBlock *bb);
1489
1490
1491 // size of the entire range that the function spans, including holes.
1492 // this is exactly r_anal_function_max_addr() - r_anal_function_min_addr()
1493 R_API ut64 r_anal_function_linear_size(RAnalFunction *fcn);
1494
1495 // lowest address covered by the function
1496 R_API ut64 r_anal_function_min_addr(RAnalFunction *fcn);
1497
1498 // first address directly after the function
1499 R_API ut64 r_anal_function_max_addr(RAnalFunction *fcn);
1500
1501 // size from the function entrypoint (fcn->addr) to the end of the function (r_anal_function_max_addr)
1502 R_API ut64 r_anal_function_size_from_entry(RAnalFunction *fcn);
1503
1504 // the "real" size of the function, that is the sum of the size of the
1505 // basicblocks this function is composed of
1506 R_API ut64 r_anal_function_realsize(const RAnalFunction *fcn);
1507
1508 // returns whether the function contains a basic block that contains addr
1509 // This is completely independent of fcn->addr, which is only the entrypoint!
1510 R_API bool r_anal_function_contains(RAnalFunction *fcn, ut64 addr);
1511
1512 // returns true if function bytes were modified
1513 R_API bool r_anal_function_was_modified(RAnalFunction *fcn);
1514
1515 /* anal.c */
1516 R_API RAnal *r_anal_new(void);
1517 R_API void r_anal_purge(RAnal *anal);
1518 R_API RAnal *r_anal_free(RAnal *r);
1519 R_API void r_anal_set_user_ptr(RAnal *anal, void *user);
1520 R_API void r_anal_plugin_free (RAnalPlugin *p);
1521 R_API int r_anal_add(RAnal *anal, RAnalPlugin *foo);
1522 R_API int r_anal_esil_add(RAnal *anal, RAnalEsilPlugin *foo);
1523 R_API int r_anal_archinfo(RAnal *anal, int query);
1524 R_API bool r_anal_use(RAnal *anal, const char *name);
1525 R_API bool r_anal_esil_use(RAnal *anal, const char *name);
1526 R_API bool r_anal_set_reg_profile(RAnal *anal);
1527 R_API char *r_anal_get_reg_profile(RAnal *anal);
1528 R_API ut64 r_anal_get_bbaddr(RAnal *anal, ut64 addr);
1529 R_API bool r_anal_set_bits(RAnal *anal, int bits);
1530 R_API bool r_anal_set_os(RAnal *anal, const char *os);
1531 R_API void r_anal_set_cpu(RAnal *anal, const char *cpu);
1532 R_API void r_anal_set_big_endian(RAnal *anal, int boolean);
1533 R_API ut8 *r_anal_mask(RAnal *anal, int size, const ut8 *data, ut64 at);
1534 R_API void r_anal_trace_bb(RAnal *anal, ut64 addr);
1535 R_API const char *r_anal_fcntype_tostring(int type);
1536 R_API int r_anal_fcn_bb(RAnal *anal, RAnalFunction *fcn, ut64 addr, int depth);
1537 R_API void r_anal_bind(RAnal *b, RAnalBind *bnd);
1538 R_API bool r_anal_set_triplet(RAnal *anal, const char *os, const char *arch, int bits);
1539 R_API void r_anal_add_import(RAnal *anal, const char *imp);
1540 R_API void r_anal_remove_import(RAnal *anal, const char *imp);
1541 R_API void r_anal_purge_imports(RAnal *anal);
1542
1543 /* bb.c */
1544 R_API RAnalBlock *r_anal_bb_from_offset(RAnal *anal, ut64 off);
1545 R_API bool r_anal_bb_set_offset(RAnalBlock *bb, int i, ut16 v);
1546 R_API ut16 r_anal_bb_offset_inst(const RAnalBlock *bb, int i);
1547 R_API ut64 r_anal_bb_opaddr_i(RAnalBlock *bb, int i);
1548 R_API ut64 r_anal_bb_opaddr_at(RAnalBlock *bb, ut64 addr);
1549 R_API ut64 r_anal_bb_size_i(RAnalBlock *bb, int i);
1550
1551 /* op.c */
1552 R_API const char *r_anal_stackop_tostring(int s);
1553 R_API RAnalOp *r_anal_op_new(void);
1554 R_API void r_anal_op_free(void *op);
1555 R_API void r_anal_op_init(RAnalOp *op);
1556 R_API bool r_anal_op_fini(RAnalOp *op);
1557 R_API int r_anal_op_reg_delta(RAnal *anal, ut64 addr, const char *name);
1558 R_API bool r_anal_op_is_eob(RAnalOp *op);
1559 R_API RList *r_anal_op_list_new(void);
1560 R_API int r_anal_op(RAnal *anal, RAnalOp *op, ut64 addr, const ut8 *data, int len, RAnalOpMask mask);
1561 R_API RAnalOp *r_anal_op_hexstr(RAnal *anal, ut64 addr, const char *hexstr);
1562 R_API char *r_anal_op_to_string(RAnal *anal, RAnalOp *op);
1563
1564 R_API RAnalEsil *r_anal_esil_new(int stacksize, int iotrap, unsigned int addrsize);
1565 R_API bool r_anal_esil_set_pc(RAnalEsil *esil, ut64 addr);
1566 R_API bool r_anal_esil_setup(RAnalEsil *esil, RAnal *anal, int romem, int stats, int nonull);
1567 R_API void r_anal_esil_free(RAnalEsil *esil);
1568 R_API bool r_anal_esil_runword(RAnalEsil *esil, const char *word);
1569 R_API bool r_anal_esil_parse(RAnalEsil *esil, const char *str);
1570 R_API bool r_anal_esil_dumpstack(RAnalEsil *esil);
1571 R_API int r_anal_esil_mem_read(RAnalEsil *esil, ut64 addr, ut8 *buf, int len);
1572 R_API int r_anal_esil_mem_write(RAnalEsil *esil, ut64 addr, const ut8 *buf, int len);
1573 R_API int r_anal_esil_reg_read(RAnalEsil *esil, const char *regname, ut64 *num, int *size);
1574 R_API int r_anal_esil_reg_write(RAnalEsil *esil, const char *dst, ut64 num);
1575 R_API bool r_anal_esil_pushnum(RAnalEsil *esil, ut64 num);
1576 R_API bool r_anal_esil_push(RAnalEsil *esil, const char *str);
1577 R_API char *r_anal_esil_pop(RAnalEsil *esil);
1578 R_API bool r_anal_esil_set_op(RAnalEsil *esil, const char *op, RAnalEsilOpCb code, ut32 push, ut32 pop, ut32 type);
1579 R_API void r_anal_esil_stack_free(RAnalEsil *esil);
1580 R_API int r_anal_esil_get_parm_type(RAnalEsil *esil, const char *str);
1581 R_API int r_anal_esil_get_parm(RAnalEsil *esil, const char *str, ut64 *num);
1582 R_API int r_anal_esil_condition(RAnalEsil *esil, const char *str);
1583
1584 // esil_.c
1585 R_API void r_anal_esil_handlers_init(RAnalEsil *esil);
1586 R_API bool r_anal_esil_set_interrupt(RAnalEsil *esil, ut32 intr_num, RAnalEsilHandlerCB cb, void *user);
1587 R_API bool r_anal_esil_set_syscall(RAnalEsil *esil, ut32 sysc_num, RAnalEsilHandlerCB cb, void *user);
1588 R_API int r_anal_esil_fire_interrupt(RAnalEsil *esil, ut32 intr_num);
1589 R_API int r_anal_esil_do_syscall(RAnalEsil *esil, ut32 sysc_num);
1590 R_API void r_anal_esil_handlers_fini(RAnalEsil *esil);
1591
1592 R_API void r_anal_esil_mem_ro(RAnalEsil *esil, int mem_readonly);
1593 R_API void r_anal_esil_stats(RAnalEsil *esil, int enable);
1594
1595 /* trace */
1596 R_API RAnalEsilTrace *r_anal_esil_trace_new(RAnalEsil *esil);
1597 R_API void r_anal_esil_trace_free(RAnalEsilTrace *trace);
1598 R_API void r_anal_esil_trace_op(RAnalEsil *esil, RAnalOp *op);
1599 R_API void r_anal_esil_trace_list(RAnalEsil *esil);
1600 R_API void r_anal_esil_trace_show(RAnalEsil *esil, int idx);
1601 R_API void r_anal_esil_trace_restore(RAnalEsil *esil, int idx);
1602
1603 /* pin */
1604 R_API void r_anal_pin_init(RAnal *a);
1605 R_API void r_anal_pin_fini(RAnal *a);
1606 R_API void r_anal_pin(RAnal *a, ut64 addr, const char *name);
1607 R_API void r_anal_pin_unset(RAnal *a, ut64 addr);
1608 R_API const char *r_anal_pin_call(RAnal *a, ut64 addr);
1609 R_API void r_anal_pin_list(RAnal *a);
1610
1611 /* fcn.c */
1612 R_API ut32 r_anal_function_cost(RAnalFunction *fcn);
1613 R_API int r_anal_function_count_edges(const RAnalFunction *fcn, R_NULLABLE int *ebbs);
1614
1615 // Use r_anal_get_functions_in¿() instead
1616 R_DEPRECATE R_API RAnalFunction *r_anal_get_fcn_in(RAnal *anal, ut64 addr, int type);
1617 R_DEPRECATE R_API RAnalFunction *r_anal_get_fcn_in_bounds(RAnal *anal, ut64 addr, int type);
1618
1619 R_API RAnalFunction *r_anal_get_function_byname(RAnal *anal, const char *name);
1620
1621 R_API int r_anal_fcn(RAnal *anal, RAnalFunction *fcn, ut64 addr, ut64 len, int reftype);
1622 R_API int r_anal_fcn_del(RAnal *anal, ut64 addr);
1623 R_API int r_anal_fcn_del_locs(RAnal *anal, ut64 addr);
1624 R_API bool r_anal_fcn_add_bb(RAnal *anal, RAnalFunction *fcn,
1625 ut64 addr, ut64 size,
1626 ut64 jump, ut64 fail, R_BORROW RAnalDiff *diff);
1627 R_API bool r_anal_check_fcn(RAnal *anal, ut8 *buf, ut16 bufsz, ut64 addr, ut64 low, ut64 high);
1628 R_API void r_anal_fcn_invalidate_read_ahead_cache(void);
1629
1630 R_API void r_anal_function_check_bp_use(RAnalFunction *fcn);
1631 R_API void r_anal_update_analysis_range(RAnal *anal, ut64 addr, int size);
1632 R_API void r_anal_function_update_analysis(RAnalFunction *fcn);
1633
1634 #define R_ANAL_FCN_VARKIND_LOCAL 'v'
1635
1636
1637 R_API int r_anal_fcn_var_del_byindex (RAnal *a, ut64 fna, const char kind, int scope, ut32 idx);
1638 /* args */
1639 R_API int r_anal_var_count(RAnal *a, RAnalFunction *fcn, int kind, int type);
1640
1641 /* vars // globals. not here */
1642 R_API bool r_anal_var_display(RAnal *anal, RAnalVar *var);
1643
1644 R_API int r_anal_function_complexity(RAnalFunction *fcn);
1645 R_API int r_anal_function_loops(RAnalFunction *fcn);
1646 R_API void r_anal_trim_jmprefs(RAnal *anal, RAnalFunction *fcn);
1647 R_API void r_anal_del_jmprefs(RAnal *anal, RAnalFunction *fcn);
1648 R_API char *r_anal_function_get_json(RAnalFunction *function);
1649 R_API RAnalFunction *r_anal_fcn_next(RAnal *anal, ut64 addr);
1650 R_API char *r_anal_function_get_signature(RAnalFunction *function);
1651 R_API int r_anal_str_to_fcn(RAnal *a, RAnalFunction *f, const char *_str);
1652 R_API int r_anal_fcn_count (RAnal *a, ut64 from, ut64 to);
1653 R_API RAnalBlock *r_anal_fcn_bbget_in(const RAnal *anal, RAnalFunction *fcn, ut64 addr);
1654 R_API RAnalBlock *r_anal_fcn_bbget_at(RAnal *anal, RAnalFunction *fcn, ut64 addr);
1655 R_API bool r_anal_fcn_bbadd(RAnalFunction *fcn, RAnalBlock *bb);
1656 R_API int r_anal_function_resize(RAnalFunction *fcn, int newsize);
1657 R_API bool r_anal_function_purity(RAnalFunction *fcn);
1658
1659 typedef bool (* RAnalRefCmp)(RAnalRef *ref, void *data);
1660 R_API RList *r_anal_ref_list_new(void);
1661 R_API ut64 r_anal_xrefs_count(RAnal *anal);
1662 R_API const char *r_anal_xrefs_type_tostring(RAnalRefType type);
1663 R_API RAnalRefType r_anal_xrefs_type(char ch);
1664 R_API RList *r_anal_xrefs_get(RAnal *anal, ut64 to);
1665 R_API RList *r_anal_refs_get(RAnal *anal, ut64 to);
1666 R_API RList *r_anal_xrefs_get_from(RAnal *anal, ut64 from);
1667 R_API void r_anal_xrefs_list(RAnal *anal, int rad);
1668 R_API RList *r_anal_function_get_refs(RAnalFunction *fcn);
1669 R_API RList *r_anal_function_get_xrefs(RAnalFunction *fcn);
1670 R_API int r_anal_xrefs_from(RAnal *anal, RList *list, const char *kind, const RAnalRefType type, ut64 addr);
1671 R_API int r_anal_xrefs_set(RAnal *anal, ut64 from, ut64 to, const RAnalRefType type);
1672 R_API int r_anal_xrefs_deln(RAnal *anal, ut64 from, ut64 to, const RAnalRefType type);
1673 R_API int r_anal_xref_del(RAnal *anal, ut64 at, ut64 addr);
1674
1675 R_API RList *r_anal_get_fcns(RAnal *anal);
1676
1677 /* type.c */
1678 R_API void r_anal_remove_parsed_type(RAnal *anal, const char *name);
1679 R_API void r_anal_save_parsed_type(RAnal *anal, const char *parsed);
1680
1681 /* var.c */
1682 R_API R_OWN char *r_anal_function_autoname_var(RAnalFunction *fcn, char kind, const char *pfx, int ptr);
1683 R_API R_BORROW RAnalVar *r_anal_function_set_var(RAnalFunction *fcn, int delta, char kind, R_NULLABLE const char *type, int size, bool isarg, R_NONNULL const char *name);
1684 R_API R_BORROW RAnalVar *r_anal_function_get_var(RAnalFunction *fcn, char kind, int delta);
1685 R_API R_BORROW RAnalVar *r_anal_function_get_var_byname(RAnalFunction *fcn, const char *name);
1686 R_API void r_anal_function_delete_vars_by_kind(RAnalFunction *fcn, RAnalVarKind kind);
1687 R_API void r_anal_function_delete_all_vars(RAnalFunction *fcn);
1688 R_API void r_anal_function_delete_unused_vars(RAnalFunction *fcn);
1689 R_API void r_anal_function_delete_var(RAnalFunction *fcn, RAnalVar *var);
1690 R_API bool r_anal_function_rebase_vars(RAnal *a, RAnalFunction *fcn);
1691 R_API st64 r_anal_function_get_var_stackptr_at(RAnalFunction *fcn, st64 delta, ut64 addr);
1692 R_API const char *r_anal_function_get_var_reg_at(RAnalFunction *fcn, st64 delta, ut64 addr);
1693 R_API R_BORROW RPVector *r_anal_function_get_vars_used_at(RAnalFunction *fcn, ut64 op_addr);
1694
1695 // There could be multiple vars used in multiple functions. Use r_anal_get_functions_in()+r_anal_function_get_vars_used_at() instead.
1696 R_API R_DEPRECATE RAnalVar *r_anal_get_used_function_var(RAnal *anal, ut64 addr);
1697
1698 R_API bool r_anal_var_rename(RAnalVar *var, const char *new_name, bool verbose);
1699 R_API void r_anal_var_set_type(RAnalVar *var, const char *type);
1700 R_API void r_anal_var_delete(RAnalVar *var);
1701 R_API ut64 r_anal_var_addr(RAnalVar *var);
1702 R_API void r_anal_var_set_access(RAnalVar *var, const char *reg, ut64 access_addr, int access_type, st64 stackptr);
1703 R_API void r_anal_var_remove_access_at(RAnalVar *var, ut64 address);
1704 R_API void r_anal_var_clear_accesses(RAnalVar *var);
1705 R_API void r_anal_var_add_constraint(RAnalVar *var, R_BORROW RAnalVarConstraint *constraint);
1706 R_API char *r_anal_var_get_constraints_readable(RAnalVar *var);
1707
1708 // Get the access to var at exactly addr if there is one
1709 R_API RAnalVarAccess *r_anal_var_get_access_at(RAnalVar *var, ut64 addr);
1710
1711 R_API int r_anal_var_get_argnum(RAnalVar *var);
1712
1713 R_API void r_anal_extract_vars(RAnal *anal, RAnalFunction *fcn, RAnalOp *op);
1714 R_API void r_anal_extract_rarg(RAnal *anal, RAnalOp *op, RAnalFunction *fcn, int *reg_set, int *count);
1715
1716 // Get the variable that var is written to at one of its accesses
1717 // Useful for cases where a register-based argument is written away into a stack variable,
1718 // so if var is the reg arg then this will return the stack var.
1719 R_API RAnalVar *r_anal_var_get_dst_var(RAnalVar *var);
1720
1721 typedef struct r_anal_fcn_vars_cache {
1722 RList *bvars;
1723 RList *rvars;
1724 RList *svars;
1725 } RAnalFcnVarsCache;
1726 R_API void r_anal_fcn_vars_cache_init(RAnal *anal, RAnalFcnVarsCache *cache, RAnalFunction *fcn);
1727 R_API void r_anal_fcn_vars_cache_fini(RAnalFcnVarsCache *cache);
1728
1729 R_API char *r_anal_fcn_format_sig(R_NONNULL RAnal *anal, R_NONNULL RAnalFunction *fcn, R_NULLABLE char *fcn_name,
1730 R_NULLABLE RAnalFcnVarsCache *reuse_cache, R_NULLABLE const char *fcn_name_pre, R_NULLABLE const char *fcn_name_post);
1731
1732
1733 /* project */
1734 R_API bool r_anal_xrefs_init (RAnal *anal);
1735
1736 #define R_ANAL_THRESHOLDFCN 0.7F
1737 #define R_ANAL_THRESHOLDBB 0.7F
1738
1739 /* diff.c */
1740 R_API RAnalDiff *r_anal_diff_new(void);
1741 R_API void r_anal_diff_setup(RAnal *anal, int doops, double thbb, double thfcn);
1742 R_API void r_anal_diff_setup_i(RAnal *anal, int doops, int thbb, int thfcn);
1743 R_API void* r_anal_diff_free(RAnalDiff *diff);
1744 R_API int r_anal_diff_fingerprint_bb(RAnal *anal, RAnalBlock *bb);
1745 R_API size_t r_anal_diff_fingerprint_fcn(RAnal *anal, RAnalFunction *fcn);
1746 R_API bool r_anal_diff_bb(RAnal *anal, RAnalFunction *fcn, RAnalFunction *fcn2);
1747 R_API int r_anal_diff_fcn(RAnal *anal, RList *fcns, RList *fcns2);
1748 R_API int r_anal_diff_eval(RAnal *anal);
1749
1750 /* value.c */
1751 R_API RAnalValue *r_anal_value_new(void);
1752 R_API RAnalValue *r_anal_value_copy (RAnalValue *ov);
1753 R_API RAnalValue *r_anal_value_new_from_string(const char *str);
1754 R_API st64 r_anal_value_eval(RAnalValue *value);
1755 R_API char *r_anal_value_to_string (RAnalValue *value);
1756 R_API ut64 r_anal_value_to_ut64(RAnal *anal, RAnalValue *val);
1757 R_API int r_anal_value_set_ut64(RAnal *anal, RAnalValue *val, ut64 num);
1758 R_API void r_anal_value_free(RAnalValue *value);
1759
1760 R_API RAnalCond *r_anal_cond_new(void);
1761 R_API RAnalCond *r_anal_cond_new_from_op(RAnalOp *op);
1762 R_API void r_anal_cond_fini(RAnalCond *c);
1763 R_API void r_anal_cond_free(RAnalCond *c);
1764 R_API char *r_anal_cond_to_string(RAnalCond *cond);
1765 R_API int r_anal_cond_eval(RAnal *anal, RAnalCond *cond);
1766 R_API RAnalCond *r_anal_cond_new_from_string(const char *str);
1767 R_API const char *r_anal_cond_tostring(int cc);
1768
1769 /* jmptbl */
1770 R_API bool r_anal_jmptbl(RAnal *anal, RAnalFunction *fcn, RAnalBlock *block, ut64 jmpaddr, ut64 table, ut64 tablesize, ut64 default_addr);
1771
1772 // TODO: should be renamed
1773 R_API bool try_get_delta_jmptbl_info(RAnal *anal, RAnalFunction *fcn, ut64 jmp_addr, ut64 lea_addr, ut64 *table_size, ut64 *default_case);
1774 R_API bool try_walkthrough_jmptbl(RAnal *anal, RAnalFunction *fcn, RAnalBlock *block, int depth, ut64 ip, ut64 jmptbl_loc, ut64 jmptbl_off, ut64 sz, ut64 jmptbl_size, ut64 default_case, bool ret0);
1775 R_API bool try_walkthrough_casetbl(RAnal *anal, RAnalFunction *fcn, RAnalBlock *block, int depth, ut64 ip, ut64 jmptbl_loc, ut64 casetbl_loc, ut64 jmptbl_off, ut64 sz, ut64 jmptbl_size, ut64 default_case, bool ret0);
1776 R_API bool try_get_jmptbl_info(RAnal *anal, RAnalFunction *fcn, ut64 addr, RAnalBlock *my_bb, ut64 *table_size, ut64 *default_case);
1777 R_API int walkthrough_arm_jmptbl_style(RAnal *anal, RAnalFunction *fcn, RAnalBlock *block, int depth, ut64 ip, ut64 jmptbl_loc, ut64 sz, ut64 jmptbl_size, ut64 default_case, int ret0);
1778
1779 /* reflines.c */
1780 R_API RList* /*<RAnalRefline>*/ r_anal_reflines_get(RAnal *anal,
1781 ut64 addr, const ut8 *buf, ut64 len, int nlines, int linesout, int linescall);
1782 R_API int r_anal_reflines_middle(RAnal *anal, RList *list, ut64 addr, int len);
1783 R_API RAnalRefStr *r_anal_reflines_str(void *core, ut64 addr, int opts);
1784 R_API void r_anal_reflines_str_free(RAnalRefStr *refstr);
1785 /* TODO move to r_core */
1786 R_API void r_anal_var_list_show(RAnal *anal, RAnalFunction *fcn, int kind, int mode, PJ* pj);
1787 R_API RList *r_anal_var_list(RAnal *anal, RAnalFunction *fcn, int kind);
1788 R_API R_DEPRECATE RList/*<RAnalVar *>*/ *r_anal_var_all_list(RAnal *anal, RAnalFunction *fcn);
1789 R_API R_DEPRECATE RList/*<RAnalVarField *>*/ *r_anal_function_get_var_fields(RAnalFunction *fcn, int kind);
1790
1791 // calling conventions API
1792 R_API bool r_anal_cc_exist(RAnal *anal, const char *convention);
1793 R_API void r_anal_cc_del(RAnal *anal, const char *name);
1794 R_API bool r_anal_cc_set(RAnal *anal, const char *expr);
1795 R_API char *r_anal_cc_get(RAnal *anal, const char *name);
1796 R_API bool r_anal_cc_once(RAnal *anal);
1797 R_API void r_anal_cc_get_json(RAnal *anal, PJ *pj, const char *name);
1798 R_API const char *r_anal_cc_arg(RAnal *anal, const char *convention, int n);
1799 R_API const char *r_anal_cc_self(RAnal *anal, const char *convention);
1800 R_API void r_anal_cc_set_self(RAnal *anal, const char *convention, const char *self);
1801 R_API const char *r_anal_cc_error(RAnal *anal, const char *convention);
1802 R_API void r_anal_cc_set_error(RAnal *anal, const char *convention, const char *error);
1803 R_API int r_anal_cc_max_arg(RAnal *anal, const char *cc);
1804 R_API const char *r_anal_cc_ret(RAnal *anal, const char *convention);
1805 R_API const char *r_anal_cc_default(RAnal *anal);
1806 R_API void r_anal_set_cc_default(RAnal *anal, const char *convention);
1807 R_API const char *r_anal_syscc_default(RAnal *anal);
1808 R_API void r_anal_set_syscc_default(RAnal *anal, const char *convention);
1809 R_API const char *r_anal_cc_func(RAnal *anal, const char *func_name);
1810 R_API bool r_anal_noreturn_at(RAnal *anal, ut64 addr);
1811
1812 typedef struct r_anal_data_t {
1813 ut64 addr;
1814 int type;
1815 ut64 ptr;
1816 char *str;
1817 int len;
1818 ut8 *buf;
1819 ut8 sbuf[8];
1820 } RAnalData;
1821
1822 R_API RAnalData *r_anal_data (RAnal *anal, ut64 addr, const ut8 *buf, int size, int wordsize);
1823 R_API const char *r_anal_data_kind (RAnal *anal, ut64 addr, const ut8 *buf, int len);
1824 R_API RAnalData *r_anal_data_new_string (ut64 addr, const char *p, int size, int wide);
1825 R_API RAnalData *r_anal_data_new (ut64 addr, int type, ut64 n, const ut8 *buf, int len);
1826 R_API void r_anal_data_free (RAnalData *d);
1827 #include <r_cons.h>
1828 R_API char *r_anal_data_to_string(RAnalData *d, RConsPrintablePalette *pal);
1829
1830 /* meta
1831 *
1832 * Meta uses Condret's Klemmbaustein Priciple, i.e. intervals are defined inclusive/inclusive.
1833 * A meta item from 0x42 to 0x42 has a size of 1. Items with size 0 do not exist.
1834 * Meta items are allowed to overlap and the internal data structure allows for multiple meta items
1835 * starting at the same address.
1836 * Meta items are saved in an RIntervalTree. To access the interval of an item, use the members of RIntervalNode.
1837 */
1838
r_meta_item_size(ut64 start,ut64 end)1839 static inline ut64 r_meta_item_size(ut64 start, ut64 end) {
1840 // meta items use inclusive/inclusive intervals
1841 return end - start + 1;
1842 }
1843
r_meta_node_size(RIntervalNode * node)1844 static inline ut64 r_meta_node_size(RIntervalNode *node) {
1845 return r_meta_item_size (node->start, node->end);
1846 }
1847
1848 // Set a meta item at addr with the given contents in the current space.
1849 // If there already exists an item with this type and space at addr (regardless of its size) it will be overwritten.
1850 R_API bool r_meta_set(RAnal *a, RAnalMetaType type, ut64 addr, ut64 size, const char *str);
1851
1852 // Same as r_meta_set() but also sets the subtype.
1853 R_API bool r_meta_set_with_subtype(RAnal *m, RAnalMetaType type, int subtype, ut64 addr, ut64 size, const char *str);
1854
1855 // Delete all meta items in the current space that intersect with the given interval.
1856 // If size == UT64_MAX, everything in the current space will be deleted.
1857 R_API void r_meta_del(RAnal *a, RAnalMetaType type, ut64 addr, ut64 size);
1858
1859 // Same as r_meta_set() with a size of 1.
1860 R_API bool r_meta_set_string(RAnal *a, RAnalMetaType type, ut64 addr, const char *s);
1861
1862 // Convenience function to get the str content of the item at addr with given type in the current space.
1863 R_API const char *r_meta_get_string(RAnal *a, RAnalMetaType type, ut64 addr);
1864
1865 // Convenience function to add an R_META_TYPE_DATA item at the given addr in the current space.
1866 R_API void r_meta_set_data_at(RAnal *a, ut64 addr, ut64 wordsz);
1867
1868 // Returns the item with given type that starts at addr in the current space or NULL. The size of this item optionally returned through size.
1869 R_API RAnalMetaItem *r_meta_get_at(RAnal *a, ut64 addr, RAnalMetaType type, R_OUT R_NULLABLE ut64 *size);
1870
1871 // Returns the node for one meta item with the given type that contains addr in the current space or NULL.
1872 // To get all the nodes, use r_meta_get_all_in().
1873 R_API RIntervalNode *r_meta_get_in(RAnal *a, ut64 addr, RAnalMetaType type);
1874
1875 // Returns all nodes for items starting at the given address in the current space.
1876 R_API RPVector/*<RIntervalNode<RMetaItem> *>*/ *r_meta_get_all_at(RAnal *a, ut64 at);
1877
1878 // Returns all nodes for items with the given type containing the given address in the current space.
1879 R_API RPVector/*<RIntervalNode<RMetaItem> *>*/ *r_meta_get_all_in(RAnal *a, ut64 at, RAnalMetaType type);
1880
1881 // Returns all nodes for items with the given type intersecting the given interval in the current space.
1882 R_API RPVector/*<RIntervalNode<RMetaItem> *>*/ *r_meta_get_all_intersect(RAnal *a, ut64 start, ut64 size, RAnalMetaType type);
1883
1884 // Delete all meta items in the given space
1885 R_API void r_meta_space_unset_for(RAnal *a, const RSpace *space);
1886
1887 // Returns the number of meta items in the given space
1888 R_API int r_meta_space_count_for(RAnal *a, const RSpace *space);
1889
1890 // Shift all meta items by the given delta, for rebasing between different memory layouts.
1891 R_API void r_meta_rebase(RAnal *anal, ut64 diff);
1892
1893 // Calculate the total size covered by meta items of the given type.
1894 R_API ut64 r_meta_get_size(RAnal *a, RAnalMetaType type);
1895
1896 R_API const char *r_meta_type_to_string(int type);
1897 R_API void r_meta_print(RAnal *a, RAnalMetaItem *d, ut64 start, ut64 size, int rad, PJ *pj, bool show_full);
1898 R_API void r_meta_print_list_all(RAnal *a, int type, int rad, const char *tq);
1899 R_API void r_meta_print_list_at(RAnal *a, ut64 addr, int rad, const char *tq);
1900 R_API void r_meta_print_list_in_function(RAnal *a, int type, int rad, ut64 addr, const char *tq);
1901
1902 /* hints */
1903
1904 R_API void r_anal_hint_del(RAnal *anal, ut64 addr, ut64 size); // delete all hints that are contained within the given range, if size > 1, this operation is quite heavy!
1905 R_API void r_anal_hint_clear (RAnal *a);
1906 R_API void r_anal_hint_free (RAnalHint *h);
1907 R_API void r_anal_hint_set_syntax (RAnal *a, ut64 addr, const char *syn);
1908 R_API void r_anal_hint_set_type(RAnal *a, ut64 addr, int type);
1909 R_API void r_anal_hint_set_jump(RAnal *a, ut64 addr, ut64 jump);
1910 R_API void r_anal_hint_set_fail(RAnal *a, ut64 addr, ut64 fail);
1911 R_API void r_anal_hint_set_newbits(RAnal *a, ut64 addr, int bits);
1912 R_API void r_anal_hint_set_nword(RAnal *a, ut64 addr, int nword);
1913 R_API void r_anal_hint_set_offset(RAnal *a, ut64 addr, const char *typeoff);
1914 R_API void r_anal_hint_set_immbase(RAnal *a, ut64 addr, int base);
1915 R_API void r_anal_hint_set_size(RAnal *a, ut64 addr, ut64 size);
1916 R_API void r_anal_hint_set_opcode(RAnal *a, ut64 addr, const char *str);
1917 R_API void r_anal_hint_set_esil(RAnal *a, ut64 addr, const char *str);
1918 R_API void r_anal_hint_set_pointer(RAnal *a, ut64 addr, ut64 ptr);
1919 R_API void r_anal_hint_set_ret(RAnal *a, ut64 addr, ut64 val);
1920 R_API void r_anal_hint_set_high(RAnal *a, ut64 addr);
1921 R_API void r_anal_hint_set_stackframe(RAnal *a, ut64 addr, ut64 size);
1922 R_API void r_anal_hint_set_val(RAnal *a, ut64 addr, ut64 v);
1923 R_API void r_anal_hint_set_arch(RAnal *a, ut64 addr, R_NULLABLE const char *arch); // arch == NULL => use global default
1924 R_API void r_anal_hint_set_bits(RAnal *a, ut64 addr, int bits); // bits == NULL => use global default
1925 R_API void r_anal_hint_unset_val (RAnal *a, ut64 addr);
1926 R_API void r_anal_hint_unset_high(RAnal *a, ut64 addr);
1927 R_API void r_anal_hint_unset_immbase(RAnal *a, ut64 addr);
1928 R_API void r_anal_hint_unset_nword(RAnal *a, ut64 addr);
1929 R_API void r_anal_hint_unset_size(RAnal *a, ut64 addr);
1930 R_API void r_anal_hint_unset_type(RAnal *a, ut64 addr);
1931 R_API void r_anal_hint_unset_esil(RAnal *a, ut64 addr);
1932 R_API void r_anal_hint_unset_opcode(RAnal *a, ut64 addr);
1933 R_API void r_anal_hint_unset_syntax(RAnal *a, ut64 addr);
1934 R_API void r_anal_hint_unset_pointer(RAnal *a, ut64 addr);
1935 R_API void r_anal_hint_unset_ret(RAnal *a, ut64 addr);
1936 R_API void r_anal_hint_unset_offset(RAnal *a, ut64 addr);
1937 R_API void r_anal_hint_unset_jump(RAnal *a, ut64 addr);
1938 R_API void r_anal_hint_unset_fail(RAnal *a, ut64 addr);
1939 R_API void r_anal_hint_unset_newbits(RAnal *a, ut64 addr);
1940 R_API void r_anal_hint_unset_stackframe(RAnal *a, ut64 addr);
1941 R_API void r_anal_hint_unset_arch(RAnal *a, ut64 addr);
1942 R_API void r_anal_hint_unset_bits(RAnal *a, ut64 addr);
1943 R_API R_NULLABLE const RVector/*<const RAnalAddrHintRecord>*/ *r_anal_addr_hints_at(RAnal *anal, ut64 addr);
1944 typedef bool (*RAnalAddrHintRecordsCb)(ut64 addr, const RVector/*<const RAnalAddrHintRecord>*/ *records, void *user);
1945 R_API void r_anal_addr_hints_foreach(RAnal *anal, RAnalAddrHintRecordsCb cb, void *user);
1946 typedef bool (*RAnalArchHintCb)(ut64 addr, R_NULLABLE const char *arch, void *user);
1947 R_API void r_anal_arch_hints_foreach(RAnal *anal, RAnalArchHintCb cb, void *user);
1948 typedef bool (*RAnalBitsHintCb)(ut64 addr, int bits, void *user);
1949 R_API void r_anal_bits_hints_foreach(RAnal *anal, RAnalBitsHintCb cb, void *user);
1950
1951 // get the hint-specified arch value to be considered at addr
1952 // hint_addr will optionally be set to the address where the hint that specifies this arch is placed or UT64_MAX
1953 // if there is no hint affecting addr.
1954 R_API R_NULLABLE R_BORROW const char *r_anal_hint_arch_at(RAnal *anal, ut64 addr, R_NULLABLE ut64 *hint_addr);
1955
1956 // get the hint-specified bits value to be considered at addr
1957 // hint_addr will optionally be set to the address where the hint that specifies this arch is placed or UT64_MAX
1958 // if there is no hint affecting addr.
1959 R_API int r_anal_hint_bits_at(RAnal *anal, ut64 addr, R_NULLABLE ut64 *hint_addr);
1960
1961 R_API RAnalHint *r_anal_hint_get(RAnal *anal, ut64 addr); // accumulate all available hints affecting the given address
1962
1963 /* switch.c APIs */
1964 R_API RAnalSwitchOp *r_anal_switch_op_new(ut64 addr, ut64 min_val, ut64 max_val, ut64 def_val);
1965 R_API void r_anal_switch_op_free(RAnalSwitchOp * swop);
1966 R_API RAnalCaseOp* r_anal_switch_op_add_case(RAnalSwitchOp * swop, ut64 addr, ut64 value, ut64 jump);
1967
1968 /* cycles.c */
1969 R_API RAnalCycleFrame* r_anal_cycle_frame_new (void);
1970 R_API void r_anal_cycle_frame_free (RAnalCycleFrame *cf);
1971
1972 /* labels */
1973 R_API ut64 r_anal_function_get_label(RAnalFunction *fcn, const char *name);
1974 R_API const char *r_anal_function_get_label_at(RAnalFunction *fcn, ut64 addr);
1975 R_API bool r_anal_function_set_label(RAnalFunction *fcn, const char *name, ut64 addr);
1976 R_API bool r_anal_function_delete_label(RAnalFunction *fcn, const char *name);
1977 R_API bool r_anal_function_delete_label_at(RAnalFunction *fcn, ut64 addr);
1978
1979 /* limits */
1980 R_API void r_anal_set_limits(RAnal *anal, ut64 from, ut64 to);
1981 R_API void r_anal_unset_limits(RAnal *anal);
1982
1983 /* ESIL to REIL */
1984 R_API int r_anal_esil_to_reil_setup (RAnalEsil *esil, RAnal *anal, int romem, int stats);
1985
1986 /* no-return stuff */
1987 R_API void r_anal_noreturn_list(RAnal *anal, int mode);
1988 R_API bool r_anal_noreturn_add(RAnal *anal, const char *name, ut64 addr);
1989 R_API bool r_anal_noreturn_drop(RAnal *anal, const char *expr);
1990 R_API bool r_anal_noreturn_at_addr(RAnal *anal, ut64 addr);
1991
1992 /* zign spaces */
1993 R_API int r_sign_space_count_for(RAnal *a, const RSpace *space);
1994 R_API void r_sign_space_unset_for(RAnal *a, const RSpace *space);
1995 R_API void r_sign_space_rename_for(RAnal *a, const RSpace *space, const char *oname, const char *nname);
1996
1997 /* vtables */
1998 typedef struct {
1999 RAnal *anal;
2000 RAnalCPPABI abi;
2001 ut8 word_size;
2002 bool (*read_addr) (RAnal *anal, ut64 addr, ut64 *buf);
2003 } RVTableContext;
2004
2005 typedef struct vtable_info_t {
2006 ut64 saddr; //starting address
2007 RVector methods;
2008 } RVTableInfo;
2009
2010 typedef struct vtable_method_info_t {
2011 ut64 addr; // addr of the function
2012 ut64 vtable_offset; // offset inside the vtable
2013 } RVTableMethodInfo;
2014
2015 R_API void r_anal_vtable_info_free(RVTableInfo *vtable);
2016 R_API ut64 r_anal_vtable_info_get_size(RVTableContext *context, RVTableInfo *vtable);
2017 R_API bool r_anal_vtable_begin(RAnal *anal, RVTableContext *context);
2018 R_API RVTableInfo *r_anal_vtable_parse_at(RVTableContext *context, ut64 addr);
2019 R_API RList *r_anal_vtable_search(RVTableContext *context);
2020 R_API void r_anal_list_vtables(RAnal *anal, int rad);
2021
2022 /* rtti */
2023 R_API char *r_anal_rtti_msvc_demangle_class_name(RVTableContext *context, const char *name);
2024 R_API void r_anal_rtti_msvc_print_complete_object_locator(RVTableContext *context, ut64 addr, int mode);
2025 R_API void r_anal_rtti_msvc_print_type_descriptor(RVTableContext *context, ut64 addr, int mode);
2026 R_API void r_anal_rtti_msvc_print_class_hierarchy_descriptor(RVTableContext *context, ut64 addr, int mode);
2027 R_API void r_anal_rtti_msvc_print_base_class_descriptor(RVTableContext *context, ut64 addr, int mode);
2028 R_API bool r_anal_rtti_msvc_print_at_vtable(RVTableContext *context, ut64 addr, int mode, bool strict);
2029 R_API void r_anal_rtti_msvc_recover_all(RVTableContext *vt_context, RList *vtables);
2030
2031 R_API char *r_anal_rtti_itanium_demangle_class_name(RVTableContext *context, const char *name);
2032 R_API void r_anal_rtti_itanium_print_class_type_info(RVTableContext *context, ut64 addr, int mode);
2033 R_API void r_anal_rtti_itanium_print_si_class_type_info(RVTableContext *context, ut64 addr, int mode);
2034 R_API void r_anal_rtti_itanium_print_vmi_class_type_info(RVTableContext *context, ut64 addr, int mode);
2035 R_API bool r_anal_rtti_itanium_print_at_vtable(RVTableContext *context, ut64 addr, int mode);
2036 R_API void r_anal_rtti_itanium_recover_all(RVTableContext *vt_context, RList *vtables);
2037
2038 R_API char *r_anal_rtti_demangle_class_name(RAnal *anal, const char *name);
2039 R_API void r_anal_rtti_print_at_vtable(RAnal *anal, ut64 addr, int mode);
2040 R_API void r_anal_rtti_print_all(RAnal *anal, int mode);
2041 R_API void r_anal_rtti_recover_all(RAnal *anal);
2042
2043 R_API RList *r_anal_preludes(RAnal *anal);
2044 R_API bool r_anal_is_prelude(RAnal *anal, const ut8 *data, int len);
2045
2046 /* classes */
2047 typedef struct r_anal_method_t {
2048 char *name;
2049 ut64 addr;
2050 st64 vtable_offset; // >= 0 if method is virtual, else -1
2051 } RAnalMethod;
2052
2053 typedef struct r_anal_base_class_t {
2054 char *id; // id to identify the class attr
2055 ut64 offset; // offset of the base class inside the derived class
2056 char *class_name;
2057 } RAnalBaseClass;
2058
2059 typedef struct r_anal_vtable_t {
2060 char *id; // id to identify the class attr
2061 ut64 offset; // offset inside the class
2062 ut64 addr; // where the content of the vtable is
2063 ut64 size; // size (in bytes) of the vtable
2064 } RAnalVTable;
2065
2066 typedef enum {
2067 R_ANAL_CLASS_ERR_SUCCESS = 0,
2068 R_ANAL_CLASS_ERR_CLASH,
2069 R_ANAL_CLASS_ERR_NONEXISTENT_ATTR,
2070 R_ANAL_CLASS_ERR_NONEXISTENT_CLASS,
2071 R_ANAL_CLASS_ERR_OTHER
2072 } RAnalClassErr;
2073
2074 R_API void r_anal_class_create(RAnal *anal, const char *name);
2075 R_API void r_anal_class_delete(RAnal *anal, const char *name);
2076 R_API bool r_anal_class_exists(RAnal *anal, const char *name);
2077 R_API SdbList *r_anal_class_get_all(RAnal *anal, bool sorted);
2078 R_API void r_anal_class_foreach(RAnal *anal, SdbForeachCallback cb, void *user);
2079 R_API RAnalClassErr r_anal_class_rename(RAnal *anal, const char *old_name, const char *new_name);
2080
2081 R_API void r_anal_class_method_fini(RAnalMethod *meth);
2082 R_API RAnalClassErr r_anal_class_method_get(RAnal *anal, const char *class_name, const char *meth_name, RAnalMethod *meth);
2083 R_API RVector/*<RAnalMethod>*/ *r_anal_class_method_get_all(RAnal *anal, const char *class_name);
2084 R_API RAnalClassErr r_anal_class_method_set(RAnal *anal, const char *class_name, RAnalMethod *meth);
2085 R_API RAnalClassErr r_anal_class_method_rename(RAnal *anal, const char *class_name, const char *old_meth_name, const char *new_meth_name);
2086 R_API RAnalClassErr r_anal_class_method_delete(RAnal *anal, const char *class_name, const char *meth_name);
2087
2088 R_API void r_anal_class_base_fini(RAnalBaseClass *base);
2089 R_API RAnalClassErr r_anal_class_base_get(RAnal *anal, const char *class_name, const char *base_id, RAnalBaseClass *base);
2090 R_API RVector/*<RAnalBaseClass>*/ *r_anal_class_base_get_all(RAnal *anal, const char *class_name);
2091 R_API RAnalClassErr r_anal_class_base_set(RAnal *anal, const char *class_name, RAnalBaseClass *base);
2092 R_API RAnalClassErr r_anal_class_base_delete(RAnal *anal, const char *class_name, const char *base_id);
2093
2094 R_API void r_anal_class_vtable_fini(RAnalVTable *vtable);
2095 R_API RAnalClassErr r_anal_class_vtable_get(RAnal *anal, const char *class_name, const char *vtable_id, RAnalVTable *vtable);
2096 R_API RVector/*<RAnalVTable>*/ *r_anal_class_vtable_get_all(RAnal *anal, const char *class_name);
2097 R_API RAnalClassErr r_anal_class_vtable_set(RAnal *anal, const char *class_name, RAnalVTable *vtable);
2098 R_API RAnalClassErr r_anal_class_vtable_delete(RAnal *anal, const char *class_name, const char *vtable_id);
2099
2100 R_API void r_anal_class_print(RAnal *anal, const char *class_name, bool detailed);
2101 R_API void r_anal_class_json(RAnal *anal, PJ *j, const char *class_name);
2102 R_API void r_anal_class_list(RAnal *anal, int mode);
2103 R_API void r_anal_class_list_bases(RAnal *anal, const char *class_name);
2104 R_API void r_anal_class_list_vtables(RAnal *anal, const char *class_name);
2105 R_API void r_anal_class_list_vtable_offset_functions(RAnal *anal, const char *class_name, ut64 offset);
2106 R_API RGraph/*<RGraphNodeInfo>*/ *r_anal_class_get_inheritance_graph(RAnal *anal);
2107
2108 R_API RAnalEsilCFG *r_anal_esil_cfg_expr(RAnalEsilCFG *cfg, RAnal *anal, const ut64 off, char *expr);
2109 R_API RAnalEsilCFG *r_anal_esil_cfg_op(RAnalEsilCFG *cfg, RAnal *anal, RAnalOp *op);
2110 R_API void r_anal_esil_cfg_merge_blocks(RAnalEsilCFG *cfg);
2111 R_API void r_anal_esil_cfg_free(RAnalEsilCFG *cfg);
2112
2113 R_API RAnalEsilDFGNode *r_anal_esil_dfg_node_new(RAnalEsilDFG *edf, const char *c);
2114 R_API RAnalEsilDFG *r_anal_esil_dfg_new(RReg *regs);
2115 R_API void r_anal_esil_dfg_free(RAnalEsilDFG *dfg);
2116 R_API RAnalEsilDFG *r_anal_esil_dfg_expr(RAnal *anal, RAnalEsilDFG *dfg, const char *expr);
2117 R_API void r_anal_esil_dfg_fold_const(RAnal *anal, RAnalEsilDFG *dfg);
2118 R_API RStrBuf *r_anal_esil_dfg_filter(RAnalEsilDFG *dfg, const char *reg);
2119 R_API RStrBuf *r_anal_esil_dfg_filter_expr(RAnal *anal, const char *expr, const char *reg);
2120 R_API RList *r_anal_types_from_fcn(RAnal *anal, RAnalFunction *fcn);
2121
2122 R_API RAnalBaseType *r_anal_get_base_type(RAnal *anal, const char *name);
2123 R_API void r_parse_pdb_types(const RAnal *anal, const RPdb *pdb);
2124 R_API void r_anal_save_base_type(const RAnal *anal, const RAnalBaseType *type);
2125 R_API void r_anal_base_type_free(RAnalBaseType *type);
2126 R_API RAnalBaseType *r_anal_base_type_new(RAnalBaseTypeKind kind);
2127 R_API void r_anal_dwarf_process_info(const RAnal *anal, RAnalDwarfContext *ctx);
2128 R_API void r_anal_dwarf_integrate_functions(RAnal *anal, RFlag *flags, Sdb *dwarf_sdb);
2129 /* plugin pointers */
2130 extern RAnalPlugin r_anal_plugin_null;
2131 extern RAnalPlugin r_anal_plugin_6502;
2132 extern RAnalPlugin r_anal_plugin_6502_cs;
2133 extern RAnalPlugin r_anal_plugin_8051;
2134 extern RAnalPlugin r_anal_plugin_amd29k;
2135 extern RAnalPlugin r_anal_plugin_arc;
2136 extern RAnalPlugin r_anal_plugin_arm_cs;
2137 extern RAnalPlugin r_anal_plugin_arm_gnu;
2138 extern RAnalPlugin r_anal_plugin_avr;
2139 extern RAnalPlugin r_anal_plugin_bf;
2140 extern RAnalPlugin r_anal_plugin_chip8;
2141 extern RAnalPlugin r_anal_plugin_cr16;
2142 extern RAnalPlugin r_anal_plugin_cris;
2143 extern RAnalPlugin r_anal_plugin_dalvik;
2144 extern RAnalPlugin r_anal_plugin_ebc;
2145 extern RAnalPlugin r_anal_plugin_gb;
2146 extern RAnalPlugin r_anal_plugin_h8300;
2147 extern RAnalPlugin r_anal_plugin_hexagon;
2148 extern RAnalPlugin r_anal_plugin_i4004;
2149 extern RAnalPlugin r_anal_plugin_i8080;
2150 extern RAnalPlugin r_anal_plugin_java;
2151 extern RAnalPlugin r_anal_plugin_m68k_cs;
2152 extern RAnalPlugin r_anal_plugin_m680x_cs;
2153 extern RAnalPlugin r_anal_plugin_malbolge;
2154 extern RAnalPlugin r_anal_plugin_mcore;
2155 extern RAnalPlugin r_anal_plugin_mips_cs;
2156 extern RAnalPlugin r_anal_plugin_mips_gnu;
2157 extern RAnalPlugin r_anal_plugin_msp430;
2158 extern RAnalPlugin r_anal_plugin_nios2;
2159 extern RAnalPlugin r_anal_plugin_or1k;
2160 extern RAnalPlugin r_anal_plugin_pic;
2161 extern RAnalPlugin r_anal_plugin_ppc_cs;
2162 extern RAnalPlugin r_anal_plugin_ppc_gnu;
2163 extern RAnalPlugin r_anal_plugin_propeller;
2164 extern RAnalPlugin r_anal_plugin_riscv;
2165 extern RAnalPlugin r_anal_plugin_riscv_cs;
2166 extern RAnalPlugin r_anal_plugin_rsp;
2167 extern RAnalPlugin r_anal_plugin_sh;
2168 extern RAnalPlugin r_anal_plugin_snes;
2169 extern RAnalPlugin r_anal_plugin_sparc_cs;
2170 extern RAnalPlugin r_anal_plugin_sparc_gnu;
2171 extern RAnalPlugin r_anal_plugin_sysz;
2172 extern RAnalPlugin r_anal_plugin_tms320;
2173 extern RAnalPlugin r_anal_plugin_tms320c64x;
2174 extern RAnalPlugin r_anal_plugin_tricore;
2175 extern RAnalPlugin r_anal_plugin_v810;
2176 extern RAnalPlugin r_anal_plugin_v850;
2177 extern RAnalPlugin r_anal_plugin_vax;
2178 extern RAnalPlugin r_anal_plugin_wasm;
2179 extern RAnalPlugin r_anal_plugin_ws;
2180 extern RAnalPlugin r_anal_plugin_x86;
2181 extern RAnalPlugin r_anal_plugin_x86_cs;
2182 extern RAnalPlugin r_anal_plugin_x86_im;
2183 extern RAnalPlugin r_anal_plugin_x86_simple;
2184 extern RAnalPlugin r_anal_plugin_x86_udis;
2185 extern RAnalPlugin r_anal_plugin_xap;
2186 extern RAnalPlugin r_anal_plugin_xcore_cs;
2187 extern RAnalPlugin r_anal_plugin_xtensa;
2188 extern RAnalPlugin r_anal_plugin_z80;
2189 extern RAnalPlugin r_anal_plugin_pyc;
2190 extern RAnalEsilPlugin r_esil_plugin_dummy;
2191
2192 #ifdef __cplusplus
2193 }
2194 #endif
2195
2196 #endif
2197 #endif
2198