39 opt.obj_opts.elf_load_sections =
rz_config_get_b(core->config,
"elf.load.sections");
40 opt.obj_opts.elf_checks_sections =
rz_config_get_b(core->config,
"elf.checks.sections");
41 opt.obj_opts.elf_checks_segments =
rz_config_get_b(core->config,
"elf.checks.segments");
49 rz_list_foreach (syms,
iter,
s) {
50 if (!strcmp(
s->name, sym_name)) {
62 return addr + ((align - (
addr % align)) % align);
66 return (core->dbg->glibc_version < 232) ? next : (
GHT)((
pos >> 12) ^ next);
80 main_arena = base_addr + vaddr;
89 }
else if (!strcmp(
info->
arch,
"arm")) {
90 main_arena = vaddr + base_addr -
sizeof(
GHT) * 2 -
sizeof(
MallocState);
108 rz_list_foreach (core->dbg->maps,
iter,
map) {
110 if (strncmp(
map->name, core->bin->file, strlen(
map->name)) != 0) {
111 fp = strstr(
map->name,
"libc-");
119 eprintf(
"dbg.glibc.tcache = %i\n", tcv);
125 while (strstr(fp + 1,
"libc-") !=
NULL) {
126 fp = strstr(fp + 1,
"libc-");
130 core->dbg->glibc_version = (
int)round((
v * 100));
143 sz = (cnk->size >> 3) << 3;
149 main_arena->mutex = cmain_arena->mutex;
150 main_arena->flags = cmain_arena->flags;
152 main_arena->binmap[
i] = cmain_arena->binmap[
i];
154 main_arena->have_fast_chunks = cmain_arena->have_fast_chunks;
155 main_arena->attached_threads = cmain_arena->attached_threads;
157 main_arena->fastbinsY[
i] = cmain_arena->fastbinsY[
i];
159 main_arena->top = cmain_arena->top;
160 main_arena->last_remainder = cmain_arena->last_remainder;
161 for (
i = 0;
i <
NBINS * 2 - 2;
i++) {
162 main_arena->bins[
i] = cmain_arena->bins[
i];
164 main_arena->next = cmain_arena->next;
165 main_arena->next_free = cmain_arena->next_free;
166 main_arena->system_mem = cmain_arena->system_mem;
167 main_arena->max_system_mem = cmain_arena->max_system_mem;
172 main_arena->mutex = cmain_arena->mutex;
173 main_arena->flags = cmain_arena->flags;
175 main_arena->binmap[
i] = cmain_arena->binmap[
i];
177 main_arena->attached_threads = 1;
179 main_arena->fastbinsY[
i] = cmain_arena->fastbinsY[
i];
181 main_arena->top = cmain_arena->top;
182 main_arena->last_remainder = cmain_arena->last_remainder;
183 for (
i = 0;
i <
NBINS * 2 - 2;
i++) {
184 main_arena->bins[
i] = cmain_arena->bins[
i];
186 main_arena->next = cmain_arena->next;
187 main_arena->next_free = cmain_arena->next_free;
188 main_arena->system_mem = cmain_arena->system_mem;
189 main_arena->max_system_mem = cmain_arena->max_system_mem;
202 GH(RzHeap_MallocState_tcache) *cmain_arena =
RZ_NEW0(
GH(RzHeap_MallocState_tcache));
206 (void)
rz_io_read_at(core->io, m_arena, (
ut8 *)cmain_arena,
sizeof(
GH(RzHeap_MallocState_tcache)));
208 (cmain_arena, main_arena);
210 GH(RzHeap_MallocState) *cmain_arena =
RZ_NEW0(
GH(RzHeap_MallocState));
214 (void)
rz_io_read_at(core->io, m_arena, (
ut8 *)cmain_arena,
sizeof(
GH(RzHeap_MallocState)));
216 (cmain_arena, main_arena);
226 rz_list_foreach (core->dbg->maps,
iter,
map) {
228 if (strstr(
map->name,
"[heap]")) {
229 *brk_start =
map->addr;
230 *brk_end =
map->addr_end;
241 if (strstr(
map->name,
"[heap]")) {
242 *brk_start =
map->itv.addr;
243 *brk_end =
map->itv.addr +
map->itv.size;
253 GHT align = 12 *
SZ +
sizeof(
int) * 2;
263 for (
i = 0;
i <
NBINS * 2 - 2;
i += 2) {
265 GHT bina = main_arena->bins[
i];
268 bina = main_arena->bins[
i + 1];
276 rz_num_units(units,
sizeof(units), main_arena->max_system_mem);
279 rz_num_units(units,
sizeof(units), main_arena->system_mem);
282 rz_num_units(units,
sizeof(units), main_arena->next_free);
293 PRINT_GA(
"struct malloc_state main_arena {\n");
322 for (
i =
start,
k = 0, j = 0; j <
NBINS - 2 &&
i < 1024 * 1024;
i += 64) {
328 for (
i = 0, j = 1,
k =
SZ * 4;
i <
NBINS * 2 - 2;
i += 2, j++) {
361 if (j !=
NBINS - 1) {
412 GHT libc_addr_sta =
GHT_MAX, libc_addr_end = 0;
416 bool first_libc =
true;
423 rz_list_foreach (core->dbg->maps,
iter,
map) {
425 if (strstr(
map->name,
"/libc-") && first_libc && main_arena_sym ==
GHT_MAX) {
430 libc_addr_sta =
map->addr;
431 libc_addr_end =
map->addr_end;
440 if (
map->name && strstr(
map->name,
"arena")) {
441 libc_addr_sta =
map->itv.addr;
442 libc_addr_end =
map->itv.addr +
map->itv.size;
450 eprintf(
"Warning: Can't find glibc mapped in memory (see dm)\n");
452 eprintf(
"Warning: Can't find arena mapped in memory (see om)\n");
458 (core, &brk_start, &brk_end);
464 addr_srch = libc_addr_sta;
465 heap_sz = brk_end - brk_start;
471 if (main_arena_sym !=
GHT_MAX) {
473 (core, main_arena_sym, ta);
474 *m_arena = main_arena_sym;
475 core->dbg->main_arena_resolved =
true;
479 while (addr_srch < libc_addr_end) {
481 (core, addr_srch, ta);
482 if (ta->
top > brk_start && ta->
top < brk_end &&
485 *m_arena = addr_srch;
488 core->dbg->main_arena_resolved =
true;
492 addr_srch +=
sizeof(
GHT);
494 eprintf(
"Warning: Can't find main_arena in mapped memory\n");
528 if (cnk->size >
SZ * 128) {
536 GHT size = ((cnk->size >> 3) << 3) -
SZ * 2;
538 PRINT_GA(
"chunk too big to be displayed\n");
573 GH(RzHeapChunk) *cnk =
GH(rz_heap_get_chunk_at_addr)(core,
chunk);
583 if (!strcmp(
status,
"free")) {
596 bool print_comma =
false;
617 pj_kn(pj,
"prev_size", cnk->prev_size);
623 pj_kn(pj,
"fd", cnk->fd);
624 pj_kn(pj,
"bk", cnk->bk);
631 if (m_arena == m_state) {
642 if (ta->
next == m_state) {
651 if (ta->
next == m_state) {
673 if (cnk->fd !=
bin) {
676 while (cnk->fd !=
bin) {
679 if (next < brk_start || next > main_arena->top) {
680 PRINT_RA(
"Double linked list corrupted\n");
691 PRINT_RA(
"Double linked list corrupted\n");
698 while (cnk->bk !=
bin) {
701 if (next < brk_start || next > main_arena->top) {
702 PRINT_RA(
"Double linked list corrupted.\n");
717 char title[256],
chunk[256];
734 prev_node = bin_node;
736 while (cnk->bk !=
bin) {
738 if (next < brk_start || next > main_arena->top) {
739 PRINT_RA(
"Double linked list corrupted\n");
752 prev_node = next_node;
765 if (!core || !core->dbg || !core->dbg->maps) {
775 GHT bin = main_arena->bins[num_bin];
782 (core, &brk_start, &brk_end);
790 const int fc_offset =
rz_config_get_i(core->config,
"dbg.glibc.fc_offset");
792 initial_brk = ((brk_start >> 12) << 12) + fc_offset;
795 initial_brk = (brk_start >> 12) << 12;
799 PRINT_GA(
" double linked list unsorted bin {\n");
800 }
else if (num_bin >= 1 && num_bin <=
NSMALLBINS - 1) {
801 PRINT_GA(
" double linked list small bin {\n");
803 PRINT_GA(
" double linked list large bin {\n");
806 if (!graph || graph == 1) {
834 (core, main_arena, m_arena,
offset,
i, 0);
843 if (num_bin >
NBINS - 2) {
849 (core, main_arena, m_arena,
offset, num_bin, j);
863 if (!core || !core->dbg || !core->dbg->maps) {
869 if (!cnk || !heap_bin) {
875 heap_bin->
bin_num = bin_num + 1;
878 GHT next = main_arena->fastbinsY[bin_num];
884 (core, &brk_start, &brk_end);
890 GHT size = main_arena->top - brk_start;
892 GHT next_root = next, next_tmp = next, double_free =
GHT_MAX;
893 while (next && next >= brk_start && next < main_arena->top) {
901 while (double_free ==
GHT_MAX && next_tmp && next_tmp >= brk_start && next_tmp <= main_arena->top) {
904 if (cnk->prev_size >
size || ((cnk->size >> 3) << 3) >
size) {
907 if (next_root == next_tmp) {
908 double_free = next_root;
914 if (cnk->prev_size >
size || ((cnk->size >> 3) << 3) >
size) {
922 next_root = next_tmp = next;
923 if (double_free == next) {
931 if (next && (next < brk_start || next >= main_arena->top)) {
944 int fastbins_max =
rz_config_get_i(core->config,
"dbg.glibc.fastbinmax") - 1;
946 int fastbin_count = fastbins_max < global_max_fast_idx ? fastbins_max : global_max_fast_idx;
947 int bin_to_print = 0;
951 if (bin_to_print <= 0 || bin_to_print - 1 > fastbin_count) {
952 eprintf(
"Error: 0 < bin <= %d\n", fastbin_count + 1);
961 for (
int i = 0;
i <= fastbin_count;
i++) {
962 if (bin_to_print &&
i != bin_to_print - 1) {
977 pj_ks(pj,
"bin_type",
"fast");
999 if (
bin->message && !pj) {
1020 tcache->RzHeapTcache.heap_tcache =
RZ_NEW0(
GH(RzHeapTcache));
1023 tcache->RzHeapTcache.heap_tcache_pre_230 =
RZ_NEW0(
GH(RzHeapTcachePre230));
1031 ?
free(tcache->RzHeapTcache.heap_tcache)
1032 :
free(tcache->RzHeapTcache.heap_tcache_pre_230);
1038 return tcache->type ==
NEW
1039 ?
rz_io_read_at(core->io, tcache_start, (
ut8 *)tcache->RzHeapTcache.heap_tcache,
sizeof(
GH(RzHeapTcache)))
1040 :
rz_io_read_at(core->io, tcache_start, (
ut8 *)tcache->RzHeapTcache.heap_tcache_pre_230,
sizeof(
GH(RzHeapTcachePre230)));
1045 return tcache->type ==
NEW
1046 ? tcache->RzHeapTcache.heap_tcache->counts[index]
1047 : tcache->RzHeapTcache.heap_tcache_pre_230->counts[index];
1052 return tcache->type ==
NEW
1053 ? tcache->RzHeapTcache.heap_tcache->entries[index]
1054 : tcache->RzHeapTcache.heap_tcache_pre_230->entries[index];
1079 (core, &brk_start, &brk_end);
1081 initial_brk = brk_start + fc_offset;
1089 if (arena_base == m_arena) {
1092 tcache_start = brk_start + 0x10;
1095 GHT mmap_start = ((arena_base >> 16) << 16);
1096 tcache_start = mmap_start +
sizeof(
GH(RzHeapInfo)) +
sizeof(
GH(RzHeap_MallocState_tcache)) +
GH(MMAP_ALIGN);
1110 GH(RTcache) *tcache =
GH(tcache_new)(core);
1152 for (
size_t n = 1;
n <
count;
n++) {
1165 tcache_fd = tcache_tmp;
1169 return tcache_bins_list;
1185 if (main_arena_base == arena_base) {
1211 pj_ks(pj,
"bin_type",
"tcache");
1212 pj_kn(pj,
"bin_num",
bin->bin_num);
1213 pj_ka(pj,
"chunks");
1217 rz_list_foreach (chunks, iter2,
pos) {
1263 pj_ka(pj,
"arenas");
1265 pj_kn(pj,
"addr", m_arena);
1266 pj_kn(pj,
"last_rem", main_arena->last_remainder);
1267 pj_kn(pj,
"top", main_arena->top);
1268 pj_kn(pj,
"next", main_arena->next);
1269 pj_ks(pj,
"type",
"main");
1270 pj_ks(pj,
"state",
"used");
1273 if (main_arena->next != m_arena) {
1274 ta->
next = main_arena->next;
1300 pj_ks(pj,
"type",
"thread");
1302 pj_ks(pj,
"state",
"used");
1304 pj_ks(pj,
"state",
"free");
1339 if (malloc_state == m_state) {
1340 PRINT_RA(
"main_arena does not have an instance of malloc_info\n");
1341 }
else if (
GH(
is_arena)(core, malloc_state, m_state)) {
1343 h_info = (malloc_state >> 16) << 16;
1344 GH(RzHeapInfo) *heap_info =
RZ_NEW0(
GH(RzHeapInfo));
1350 (heap_info, h_info);
1357 while (heap_info->prev != 0x0 && heap_info->prev !=
GHT_MAX) {
1363 if ((ms->
top >> 16) << 16 != h_info) {
1364 h_info = (ms->
top >> 16) << 16;
1367 (heap_info, h_info);
1373 PRINT_RA(
"This address is not part of the arenas\n");
1380 }
else if (bin_num >= 1 && bin_num <=
NSMALLBINS - 1) {
1405 int idx = 2 * bin_num;
1406 ut64 fw = main_arena->bins[
idx];
1407 ut64 bk = main_arena->bins[
idx + 1];
1414 bin->bin_num = bin_num;
1418 if (!strcmp(
bin->type,
"Small")) {
1419 bin->size = 4 *
SZ + (bin_num - 1) * 2 *
SZ;
1432 if (
head->fd == fw) {
1443 (core, &brk_start, &brk_end);
1453 const int fc_offset =
rz_config_get_i(core->config,
"dbg.glibc.fc_offset");
1454 base = m_arena +
offset +
SZ * bin_num * 2 + 10 *
SZ;
1455 initial_brk = ((brk_start >> 12) << 12) + fc_offset;
1458 base = m_arena +
offset +
SZ * bin_num * 2 -
SZ * 2;
1459 initial_brk = (brk_start >> 12) << 12;
1462 while (fw !=
head->fd) {
1463 if (fw > main_arena->top || fw < initial_brk) {
1509 if (!strcmp(
bin->type,
"Small")) {
1518 pj_ka(pj,
"chunks");
1520 rz_list_foreach (chunks,
iter,
pos) {
1556 pj_kn(pj,
"bin_num", 0);
1557 pj_ks(pj,
"bin_type",
"unsorted");
1580 int non_empty_cnt = 0;
1581 for (
int bin_num = 1; bin_num <
NSMALLBINS; bin_num++) {
1584 pj_kn(pj,
"bin_num", bin_num);
1585 pj_ks(pj,
"bin_type",
"small");
1591 if (chunk_found > 0) {
1594 chunk_cnt += chunk_found;
1597 rz_cons_printf(
"Found %d chunks in %d small bins\n", chunk_cnt, non_empty_cnt);
1614 int non_empty_cnt = 0;
1618 pj_kn(pj,
"bin_num", bin_num);
1619 pj_ks(pj,
"bin_type",
"large");
1625 if (chunk_found > 0) {
1628 chunk_cnt += chunk_found;
1631 rz_cons_printf(
"Found %d chunks in %d large bins\n", chunk_cnt, non_empty_cnt);
1656 (core, m_arena, main_arena_base, pj);
1661 bool main_arena_only =
true;
1663 (core, m_arena, main_arena, global_max_fast,
input, main_arena_only, pj);
1669 (core, m_arena, main_arena, pj);
1674 (core, m_arena, main_arena, pj);
1679 (core, m_arena, main_arena, pj);
1718 item->
addr = m_arena;
1722 if (main_arena->next != m_arena) {
1723 ta->
next = main_arena->next;
1737 item->
addr = ta_addr;
1756 GHT m_arena,
GHT m_state,
bool top_chunk) {
1758 if (!core || !core->dbg || !core->dbg->maps) {
1761 GHT global_max_fast = (64 *
SZ / 4);
1769 int glibc_version = core->dbg->glibc_version;
1771 if (m_arena == m_state) {
1773 (core, &brk_start, &brk_end);
1775 initial_brk = ((brk_start >> 12) << 12) +
GH(HDR_SZ);
1777 tcache_initial_brk = initial_brk;
1779 initial_brk += (glibc_version < 230)
1780 ?
sizeof(
GH(RzHeapTcachePre230))
1781 :
sizeof(
GH(RzHeapTcache));
1783 initial_brk = (brk_start >> 12) << 12;
1786 brk_start = ((m_state >> 16) << 16);
1787 brk_end = brk_start + main_arena->system_mem;
1789 tcache_initial_brk = brk_start +
sizeof(
GH(RzHeapInfo)) +
sizeof(
GH(RzHeap_MallocState_tcache)) +
GH(MMAP_ALIGN);
1790 initial_brk = tcache_initial_brk +
offset;
1792 initial_brk = brk_start +
sizeof(
GH(RzHeapInfo)) +
sizeof(
GH(RzHeap_MallocState)) +
MMAP_OFFSET;
1801 GHT next_chunk = initial_brk, prev_chunk = next_chunk;
1806 GH(RzHeapChunk) *cnk_next =
RZ_NEW0(
GH(RzHeapChunk));
1813 size_tmp = (cnk->size >> 3) << 3;
1814 ut64 prev_chunk_addr;
1815 ut64 prev_chunk_size;
1816 while (next_chunk && next_chunk >= brk_start && next_chunk < main_arena->top) {
1817 if (size_tmp < min_size || next_chunk + size_tmp > main_arena->top) {
1822 block->
addr = next_chunk;
1824 block->
size = size_tmp;
1829 prev_chunk_addr = (
ut64)prev_chunk;
1830 prev_chunk_size = (((
ut64)cnk->size) >> 3) << 3;
1831 bool fastbin = size_tmp >=
SZ * 4 && size_tmp <= global_max_fast;
1832 bool is_free =
false, double_free =
false;
1835 int i = (size_tmp / (
SZ * 2)) - 2;
1839 if (prev_chunk ==
idx &&
idx && !next) {
1842 while (next && next >= brk_start && next < main_arena->top) {
1843 if (prev_chunk ==
idx || prev_chunk == next ||
idx == next) {
1852 while (next_node && next_node >= brk_start && next_node < main_arena->top) {
1853 if (prev_chunk == next_node) {
1868 PRINT_RA(
" Double free in simple-linked list detected ");
1871 prev_chunk_size = ((
i + 1) *
GH(HDR_SZ)) +
GH(HDR_SZ);
1875 GH(RTcache) *tcache_heap =
GH(tcache_new)(core);
1882 (core, tcache_initial_brk, tcache_heap);
1888 if (
entry -
SZ * 2 == prev_chunk) {
1902 if (tcache_tmp -
SZ * 2 == prev_chunk) {
1907 tcache_fd = (
ut64)tcache_tmp;
1916 next_chunk += size_tmp;
1917 prev_chunk = next_chunk;
1919 size_tmp = (cnk->size >> 3) << 3;
1930 if (!(cnk->size & 1)) {
1938 block->
addr = prev_chunk_addr;
1940 block->
size = prev_chunk_size;
1946 block->
addr = main_arena->top;
1980 rz_list_foreach (arenas_list,
iter,
pos) {
2020 }
else if (argc == 2) {
2025 PRINT_RA(
"This address is not a valid arena\n");
2032 GHT brk_start, brk_end;
2033 if (m_arena == m_state) {
2035 (core, &brk_start, &brk_end);
2038 brk_start = ((m_state >> 16) << 16);
2039 brk_end = brk_start + main_arena->
system_mem;
2067 char *top_title =
NULL, *top_data =
NULL, *node_title =
NULL, *node_data =
NULL;
2068 bool first_node =
true;
2076 pj_ka(pj,
"chunks");
2089 rz_list_foreach (chunks,
iter,
pos) {
2100 core->print->pairs =
false;
2104 core->print->pairs =
true;
2130 prev_node = chunk_node;
2135 (core, main_arena->
top,
"free",
NULL);
2145 pj_kn(pj,
"brk", brk_start);
2146 pj_kn(pj,
"end", brk_end);
2178 GHT global_max_fast = (64 *
SZ / 4);
2189 }
else if (argc == 2) {
2193 PRINT_RA(
"This address is not a valid arena\n");
2202 (core, m_state, main_arena, global_max_fast,
mode);
2237 }
else if (argc == 2) {
2241 PRINT_RA(
"This address is not a valid arena\n");
2250 (core, m_arena, m_state);
2281 rz_list_foreach (arenas_list,
iter, item) {
2300 m_state_str = strtok(
NULL,
":");
2306 if (core->offset != core->prompt_offset) {
2307 m_state = core->offset;
2319 (core, m_state, main_arena,
dup);
2321 PRINT_RA(
"This address is not part of the arenas\n");
2336 GHT global_max_fast = (64 *
SZ / 4);
2341 bool main_arena_only =
false;
2345 m_state_str = strtok(
NULL,
":");
2364 (core, m_state, main_arena, global_max_fast,
dup, main_arena_only,
NULL);
2366 PRINT_RA(
"This address is not part of the arenas\n");
2379 GHT global_max_fast = (64 *
SZ / 4);
2388 if (core->offset != core->prompt_offset) {
2389 m_state = core->offset;
2394 PRINT_RA(
"This address is not part of the arenas\n");
2410 if (!strcmp(
input,
"tcache")) {
2412 }
else if (!strcmp(
input,
"fast")) {
2414 }
else if (!strcmp(
input,
"unsorted")) {
2416 }
else if (!strcmp(
input,
"small")) {
2418 }
else if (!strcmp(
input,
"large")) {
2423 (core, m_state, main_arena, m_arena, global_max_fast, bin_format, json);
2485 GH(RzHeapChunk) *heap_chunk =
GH(rz_heap_get_chunk_at_addr)(core,
addr);
2490 if (!simple_chunk) {
2500 simple_chunk->
prev_size = heap_chunk->prev_size;
2501 simple_chunk->
bk = heap_chunk->bk;
2502 simple_chunk->
fd = heap_chunk->fd;
2503 simple_chunk->
fd_nextsize = heap_chunk->fd_nextsize;
2504 simple_chunk->
bk_nextsize = heap_chunk->bk_nextsize;
2506 return simple_chunk;
2545 if (!chunk_simple) {
2548 GH(RzHeapChunk) *heap_chunk =
RZ_NEW0(
GH(RzHeapChunk));
2553 heap_chunk->size = chunk_simple->size;
2555 if (chunk_simple->prev_inuse) {
2558 if (chunk_simple->is_mmapped) {
2561 if (chunk_simple->non_main_arena) {
2565 heap_chunk->fd = chunk_simple->fd;
2566 heap_chunk->bk = chunk_simple->bk;
2567 heap_chunk->fd_nextsize = chunk_simple->fd_nextsize;
2568 heap_chunk->bk_nextsize = chunk_simple->bk_nextsize;
2569 bool res =
rz_io_write_at(core->io, chunk_simple->addr, (
ut8 *)heap_chunk,
sizeof(
GH(RzHeapChunk)));
RZ_API void rz_agraph_free(RzAGraph *g)
RZ_API void rz_agraph_set_title(RzAGraph *g, const char *title)
RZ_API RzAGraph * rz_agraph_new(RzConsCanvas *can)
RZ_API RzANode * rz_agraph_add_node(const RzAGraph *g, const char *title, const char *body)
RZ_API void rz_agraph_print(RzAGraph *g)
RZ_API void rz_agraph_add_edge(const RzAGraph *g, RzANode *a, RzANode *b)
RZ_API bool rz_bin_file_set_cur_binfile(RzBin *bin, RzBinFile *bf)
RZ_API bool rz_bin_file_delete(RzBin *bin, RzBinFile *bf)
RZ_DEPRECATE RZ_API RZ_BORROW RzBinInfo * rz_bin_get_info(RzBin *bin)
RZ_DEPRECATE RZ_API RZ_BORROW RzList * rz_bin_get_symbols(RZ_NONNULL RzBin *bin)
RZ_API void rz_bin_options_init(RzBinOptions *opt, int fd, ut64 baseaddr, ut64 loadaddr, bool patch_relocs)
RZ_API RzBinFile * rz_bin_open(RzBin *bin, const char *file, RzBinOptions *opt)
RZ_API RzBinFile * rz_bin_cur(RzBin *bin)
static RzList * maps(RzBinFile *bf)
RzBinInfo * info(RzBinFile *bf)
RZ_API RzConsCanvas * rz_cons_canvas_new(int w, int h)
RZ_API void rz_cons_canvas_free(RzConsCanvas *c)
RZ_API ut64 rz_config_get_i(RzConfig *cfg, RZ_NONNULL const char *name)
RZ_API bool rz_config_get_b(RzConfig *cfg, RZ_NONNULL const char *name)
RZ_API RzConfigNode * rz_config_set_i(RzConfig *cfg, RZ_NONNULL const char *name, const ut64 i)
RZ_API int rz_cons_get_size(int *rows)
RZ_API RzCons * rz_cons_singleton(void)
RZ_API void rz_cons_newline(void)
RZ_API int rz_cons_printf(const char *format,...)
RZ_API void rz_cons_println(const char *str)
RZ_IPI void rz_core_print_hexdump(RZ_NONNULL RzCore *core, ut64 addr, RZ_NONNULL const ut8 *buf, int len, int base, int step, size_t zoomsz)
static static fork const void static count static fd const char const char static newpath const char static path const char path
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void count
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void static offset struct stat static buf void long static basep static whence static length const void static len static semflg const void static shmflg const struct timespec struct timespec static rem const char static group const void start
RZ_API bool rz_debug_map_sync(RzDebug *dbg)
size_t map(int syms, int left, int len)
RZ_API void rz_config_hold_restore(RzConfigHold *h)
Restore whatever config options were previously saved in h.
RZ_API RzConfigHold * rz_config_hold_new(RzConfig *cfg)
Create an opaque object to save/restore some configuration options.
RZ_API void rz_config_hold_free(RzConfigHold *h)
Free a RzConfigHold object h.
RZ_API void Ht_() free(HtName_(Ht) *ht)
RZ_API RZ_OWN RzList * rz_list_newf(RzListFree f)
Returns a new initialized RzList pointer and sets the free method.
RZ_API ut32 rz_list_length(RZ_NONNULL const RzList *list)
Returns the length of the list.
RZ_API RZ_BORROW RzListIter * rz_list_append(RZ_NONNULL RzList *list, void *data)
Appends at the end of the list a new element.
RZ_API void rz_list_free(RZ_NONNULL RzList *list)
Empties the list and frees the list pointer.
void * calloc(size_t number, size_t size)
static static fork const void static count static fd const char const char static newpath char char char static envp time_t static t const char static mode static whence const char static dir time_t static t unsigned static seconds const char struct utimbuf static buf static inc static sig const char static mode dup
static static fork const void static count static fd const char const char static newpath char char argv
return strdup("=SP r13\n" "=LR r14\n" "=PC r15\n" "=A0 r0\n" "=A1 r1\n" "=A2 r2\n" "=A3 r3\n" "=ZF zf\n" "=SF nf\n" "=OF vf\n" "=CF cf\n" "=SN or0\n" "gpr lr .32 56 0\n" "gpr pc .32 60 0\n" "gpr cpsr .32 64 0 ____tfiae_________________qvczn\n" "gpr or0 .32 68 0\n" "gpr tf .1 64.5 0 thumb\n" "gpr ef .1 64.9 0 endian\n" "gpr jf .1 64.24 0 java\n" "gpr qf .1 64.27 0 sticky_overflow\n" "gpr vf .1 64.28 0 overflow\n" "gpr cf .1 64.29 0 carry\n" "gpr zf .1 64.30 0 zero\n" "gpr nf .1 64.31 0 negative\n" "gpr itc .4 64.10 0 if_then_count\n" "gpr gef .4 64.16 0 great_or_equal\n" "gpr r0 .32 0 0\n" "gpr r1 .32 4 0\n" "gpr r2 .32 8 0\n" "gpr r3 .32 12 0\n" "gpr r4 .32 16 0\n" "gpr r5 .32 20 0\n" "gpr r6 .32 24 0\n" "gpr r7 .32 28 0\n" "gpr r8 .32 32 0\n" "gpr r9 .32 36 0\n" "gpr r10 .32 40 0\n" "gpr r11 .32 44 0\n" "gpr r12 .32 48 0\n" "gpr r13 .32 52 0\n" "gpr r14 .32 56 0\n" "gpr r15 .32 60 0\n" "gpr r16 .32 64 0\n" "gpr r17 .32 68 0\n")
static const char struct stat static buf struct stat static buf static vhangup int status
RZ_IPI RzCmdStatus GH() rz_cmd_arena_print_handler(RzCore *core, int argc, const char **argv)
char *GH() rz_bin_num_to_type(int bin_num)
RZ_IPI RzCmdStatus GH() rz_cmd_heap_chunk_print_handler(RzCore *core, int argc, const char **argv)
static GHT GH() tcache_get_entry(GH(RTcache) *tcache, int index)
static int GH() print_double_linked_list_bin_simple(RzCore *core, GHT bin, MallocState *main_arena, GHT brk_start)
static bool GH() tcache_read(RzCore *core, GHT tcache_start, GH(RTcache) *tcache)
RZ_IPI RzCmdStatus GH() rz_cmd_heap_info_print_handler(RzCore *core, int argc, const char **argv)
static bool GH() is_tcache(RzCore *core)
static void GH() print_unsortedbin_description(RzCore *core, GHT m_arena, MallocState *main_arena, PJ *pj)
Prints unsorted bin description for an arena (used for dmhd command)
static GHT GH() get_main_arena_with_symbol(RzCore *core, RzDebugMap *map)
RZ_API RzList *GH() rz_heap_arena_list_wrapper(RzCore *core)
A wrapper around GH(rz_heap_arenas_list) which handles finding main_arena.
static int GH() tcache_get_count(GH(RTcache) *tcache, int index)
RZ_API bool GH() rz_heap_resolve_main_arena(RzCore *core, GHT *m_arena)
Store the base address of main arena at m_arena.
void GH() rz_arena_list_free(RzArenaListItem *item)
RZ_API GH(RzHeapChunk)
Get a heap chunk with base address <addr>
RZ_API RzHeapBin *GH() rz_heap_bin_content(RzCore *core, MallocState *main_arena, int bin_num, GHT m_arena)
Get information about <bin_num> bin from NBINS array of an arena.
RZ_API RzHeapChunkSimple *GH() rz_heap_chunk_wrapper(RzCore *core, GHT addr)
Get info about a heap chunk as RzHeapChunkSimple.
static void GH() print_main_arena_bins(RzCore *core, GHT m_arena, MallocState *main_arena, GHT main_arena_base, GHT global_max_fast, RzHeapBinType format, bool json)
Prints description of bins for main arena for dmhd command.
RZ_API void GH() rz_heap_bin_free(RzHeapBin *bin)
void GH() rz_heap_chunk_free(RzHeapChunkListItem *item)
RZ_IPI RzCmdStatus GH() rz_cmd_heap_arena_bins_print_handler(RzCore *core, int argc, const char **argv, RzOutputMode mode)
void GH() print_malloc_states(RzCore *core, GHT m_arena, MallocState *main_arena, bool json)
RZ_API RzList *GH() rz_heap_arenas_list(RzCore *core, GHT m_arena, MallocState *main_arena)
Get a list of MallocState structs for all the arenas.
RZ_API RzHeapBin *GH() rz_heap_fastbin_content(RzCore *core, MallocState *main_arena, int bin_num)
void GH() print_malloc_info(RzCore *core, GHT m_state, GHT malloc_state)
void GH() print_heap_chunk_simple(RzCore *core, GHT chunk, const char *status, PJ *pj)
Prints compact representation of a heap chunk. Format: Chunk(addr=, size=, flags=)
static void GH() print_smallbin_description(RzCore *core, GHT m_arena, MallocState *main_arena, PJ *pj)
Prints small bins description for an arena (used for dmhd command)
static void GH() get_brks(RzCore *core, GHT *brk_start, GHT *brk_end)
RZ_IPI RzCmdStatus GH() rz_cmd_main_arena_print_handler(RzCore *core, int argc, const char **argv, RzOutputMode mode)
RZ_IPI RzCmdStatus GH() rz_cmd_heap_tcache_print_handler(RzCore *core, int argc, const char **argv)
RZ_IPI RzCmdStatus GH() rz_cmd_heap_chunks_print_handler(RzCore *core, int argc, const char **argv, RzCmdStateOutput *state)
static int GH() print_bin_content(RzCore *core, MallocState *main_arena, int bin_num, PJ *pj, GHT m_arena)
Prints the heap chunks in a bin with double linked list (small|large|unsorted)
static void GH() print_arena_stats(RzCore *core, GHT m_arena, MallocState *main_arena, GHT global_max_fast, int format)
RZ_IPI int GH() rz_cmd_heap_fastbins_print(void *data, const char *input)
void GH() print_heap_fastbin(RzCore *core, GHT m_arena, MallocState *main_arena, GHT global_max_fast, const char *input, bool main_arena_only, PJ *pj)
static int GH() print_double_linked_list_bin(RzCore *core, MallocState *main_arena, GHT m_arena, GHT offset, GHT num_bin, int graph)
RZ_API RzList *GH() rz_heap_chunks_list(RzCore *core, MallocState *main_arena, GHT m_arena, GHT m_state, bool top_chunk)
Get a list of all the heap chunks in an arena. The chunks are in form of a struct RzHeapChunkListItem...
RZ_IPI int GH() rz_cmd_heap_bins_list_print(RzCore *core, const char *input)
static GHT GH() tcache_chunk_size(RzCore *core, GHT brk_start)
static void GH() print_largebin_description(RzCore *core, GHT m_arena, MallocState *main_arena, PJ *pj)
Prints large bins description for an arena (used for dmhd command)
RZ_API bool GH() rz_heap_write_heap_chunk(RzCore *core, RzHeapChunkSimple *chunk_simple)
Write a heap chunk header to memory.
static GHT GH() get_va_symbol(RzCore *core, const char *path, const char *sym_name)
Find the address of a given symbol.
static GHT GH() get_next_pointer(RzCore *core, GHT pos, GHT next)
RZ_API RzList *GH() rz_heap_tcache_content(RzCore *core, GHT arena_base)
Get a list of bins for the tcache associated with arena with base address arena_base.
void GH() print_inst_minfo(GH(RzHeapInfo) *heap_info, GHT hinfo)
static int GH() print_double_linked_list_bin_graph(RzCore *core, GHT bin, MallocState *main_arena, GHT brk_start)
void GH() print_heap_chunk(RzCore *core, GHT chunk)
RZ_API MallocState *GH() rz_heap_get_arena(RzCore *core, GHT m_state)
Get MallocState struct for arena with given base address if base address is 0 then return MallocState...
static GHT GH() align_address_to_size(ut64 addr, ut64 align)
RZ_API bool GH() rz_heap_update_main_arena(RzCore *core, GHT m_arena, MallocState *main_arena)
Store the MallocState struct of an arena with base address m_arena in main_arena.
static void GH() update_arena_with_tc(GH(RzHeap_MallocState_tcache) *cmain_arena, MallocState *main_arena)
RZ_API void GH() tcache_free(GH(RTcache) *tcache)
static void GH() print_tcache_content(RzCore *core, GHT arena_base, GHT main_arena_base, PJ *pj)
RZ_API RzList *GH() rz_heap_chunks_list_wrapper(RzCore *core, ut64 m_state)
A wrapper around GH(rz_heap_chunks_list) which handles finding the main arena.
static void GH() print_heap_bin(RzCore *core, GHT m_arena, MallocState *main_arena, const char *input)
static bool GH() is_arena(RzCore *core, GHT m_arena, GHT m_state)
static void GH() update_arena_without_tc(GH(RzHeap_MallocState) *cmain_arena, MallocState *main_arena)
#define rz_return_if_fail(expr)
#define rz_return_val_if_fail(expr, val)
enum rz_cmd_status_t RzCmdStatus
@ RZ_CMD_STATUS_OK
command handler exited in the right way
@ RZ_CMD_STATUS_ERROR
command handler had issues while running (e.g. allocation error, etc.)
RZ_API bool rz_file_exists(const char *str)
#define PRINTF_RA(fmt,...)
#define largebin_index(size)
#define TCACHE_NEW_VERSION
#define PRINTF_GA(fmt,...)
#define FASTBIN_IDX_TO_SIZE(i)
#define PRINTF_YA(fmt,...)
#define fastbin_index(size)
#define PRINTF_BA(fmt,...)
enum rz_heap_bin_type RzHeapBinType
RZ_API bool rz_io_read_at(RzIO *io, ut64 addr, ut8 *buf, int len)
RZ_API RZ_BORROW RzPVector * rz_io_maps(RzIO *io)
Returns the pointer to vector containing maps list.
RZ_API bool rz_io_write_at(RzIO *io, ut64 addr, const ut8 *buf, int len)
RZ_API int rz_io_nread_at(RzIO *io, ut64 addr, ut8 *buf, int len)
void(* RzListFree)(void *ptr)
RZ_API ut64 rz_num_get(RzNum *num, const char *str)
RZ_API double rz_num_get_float(RzNum *num, const char *str)
RZ_API char * rz_num_units(char *buf, size_t len, ut64 number)
RZ_API PJ * pj_ka(PJ *j, const char *k)
RZ_API PJ * pj_end(PJ *j)
RZ_API const char * pj_string(PJ *pj)
RZ_API void pj_free(PJ *j)
RZ_API PJ * pj_ks(PJ *j, const char *k, const char *v)
RZ_API PJ * pj_kn(PJ *j, const char *k, ut64 n)
#define RZ_PRINT_FLAGS_HEADER
RZ_API char * rz_str_newf(const char *fmt,...) RZ_PRINTF_CHECK(1
RZ_API char * rz_str_new(const char *str)
RZ_API char RZ_API char * rz_str_newlen(const char *str, int len)
RZ_API int rz_snprintf(char *string, int len, const char *fmt,...) RZ_PRINTF_CHECK(3
RzOutputMode
Enum to describe the way data are printed.
@ RZ_OUTPUT_MODE_LONG_JSON
@ RZ_OUTPUT_MODE_STANDARD
#define rz_pvector_foreach(vec, it)
XX curplugin == o->plugin.
Represent the output state of a command handler.
RzConsPrintablePalette pal
unsigned int attached_threads
void error(const char *msg)
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
static bool input(void *ud, zip_uint8_t *data, zip_uint64_t length)
1.9.1