Conversation
|
@wargio please check i have divided it into 2 seperate PR. This one is for global_variable chapter |
|
|
||
| You use then when a global variables is missed during the analysis. Here `<type>` means the datatype of the variable. Example int, char, long. | ||
|
|
||
| Rizin Example : |
|
|
||
| **Printing Global Variables** | ||
|
|
||
| `avgp <name>` This command prints the value of the variable. |
There was a problem hiding this comment.
Describe what value it prints. If Rizin is in debug mode, does it print the value of the global at a certain break point?
Does it only print meaningful things for read only globals? Etc.
Please try this out and describe it here.
| A working example on how the commands work. Lets take a sample file with no global variables. | ||
|
|
||
| ``` | ||
| [0x00001040]> avglt |
There was a problem hiding this comment.
Example is good.
But I would suggest to move the description into here. It is easier to follow this way.
# Ran 'avglt' to check for existing global variables (none were present).
[0x00001040]> avglt
# Step ...
[0x00001040]> COMANND
|
Okay thanks a lot for the review. I will fix the issues. |
Co-authored-by: Rot127 <45763064+Rot127@users.noreply.github.com>
|
|
||
| `avgp <name>` This command prints the value of the variable. | ||
| `avgp <name>` reads memory at the address of the specified global variable and displays its current value. | ||
| >In debug mode → shows the value at the current breakpoint. |
There was a problem hiding this comment.
Yes, I tested it using a small C program with a global variable. The behavior works as expected, but my wording was inaccurate I should have said that in debug mode the value is read from process memory, rather than writing that it corresponds to a specific breakpoint location.
There was a problem hiding this comment.
Can you open a PR in Rizin which adds this test please?
Because we don't have one and this is a pretty essential thing to check.
the binary with source code should be added in rizin-testbins repo.
Would really appreciate it.
There was a problem hiding this comment.
Sure i can do that,
// test.c
#include <stdio.h>
int test_global = 1337;
int main() {
printf("Ready: %d\n", test_global);
return 0;
}
rizin -d test.exe
Spawned new process with pid 30760, tid = 21376
-- Save your projects with 'Ps <project-filename>' and restore then with 'Po <project-filename>'
[0x7ffc8970c510]> aaa
[WARNING: invalid address from 0x7ff7465b1500entry0 (aa)
[x] Analyze all flags starting with sym. and entry0 (aa)
[x] Analyze function calls
[x] Analyze len bytes of instructions for references
[x] Analyze local variables and arguments
[WARNING: core: analysis propagation type can't be exectured when in debugger mode.
[x] Type matching analysis for all functions
[x] Applied 0 FLIRT signatures via sigdb
[x] Propagate noreturn information
[x] Check for classes
[x] Integrate dwarf function information.
[x] Resolve pointers to data sections
[x] Use -AA or aaaa to perform additional experimental analysis.
[0x7ffc8970c510]> s sym.main
[0x7ff7465b1450]> db
[0x7ff7465b1450]> dc
ERROR: Cannot create flag "teb.40716" at 0x7117ace000 because there is already "PRIVATE__..7117ace000" flag
[0x7ffc8979f4ee]> avgp test_global
int : 0x140003000 = -1
As you can see while debugging the value of test_global was stored as -1 in the process memory. Hence avgp prints that value instead of test_global.
@Rot127 please check once is this correct?
There was a problem hiding this comment.
No, it is not.
#include <stdio.h>
int test_global = 1337;
int main() {
printf("Ready: %d\n", test_global);
test_global = 1;
printf("Ready: %d\n", test_global);
return 0;
}
Before the first printf call it should print 1337 (and it does for me).
Then it sets it to 1.
Before the second printf call it should print 1. But for me it still prints 1337.
|
@Rot127 can you check this? I removed that line as we have to first update it in rizin then we will change it here later |
2 participants
Your checklist for this pull request