首页
社区
课程
招聘
[转帖]Evan's Debugger 0.9.14
发表于: 2010-5-30 00:56 3458

[转帖]Evan's Debugger 0.9.14

2010-5-30 00:56
3458
2010-05-27
----------

* Added display of fs and gs base addresses. There is not an aweful lot of
  things you can do with this information since you cannot set this value
  directly. But it does provide a nice way to see what the address of the
  what is commonly the TEB/TCB.

* [E/R]FLAGS is now editable again in the GUI. I accidentally disabled this
  in the last release while refactoring some code.

* Much cleaner event model implemented. It is much more robust and simpler too!
  Now handlers simply return codes describing the resume state. The only thing
  to keep in mind is that if you play with the state in a handler. You almost
  always have to call edb::v1::syncronizeState() so the resume functions have
  an up to date view to work with.
  
* Thanks to the new event model, breakpoint conditions work much more reliably.

* Minor optimization in resuming, no longer steps before a resume when it isn't
  neccessary.
  
* NOTE: I believe that I found a kernel bug where stepping in a signal handler
  can cause the target process to have the TF flag set incorrectly. Resulting
  in a purpetual stepping state. I may be able to work around this by
  explicitly masking the flag in certain circumstances. But I feel this might
  result in other subtle bugs. Hopefully, if this isn't the expected behavior
  the linux guys will have this fixed soon.
  See: https://bugzilla.kernel.org/show_bug.cgi?id=16061 for details.

2010-05-26
----------

* Fixed decoding of cmpxchg8b in 64-bit mode. It was incorrectly being
  decoded as cmpxchg16b.

* Started working on improving the event model of edb. It will be a lot of
  work, but in the end it will be much more robust
  
* Fixed a fairly major bug, I'm suprised that noone noticed ;) Opcodes which
  are completely different in 64-bit mode (like 0x06 is "push es" in 32-bit
  but invalid in 64-bit) were not being decoded properly at all. The alternated
  tables were not being linked into the disassembly library correctly.

2010-04-27
----------

* Lots of minor tweaks and code refactoring

* Themes! there is no UI for modifying them, but you can set them up in the
  config file (~/.config/codef00.com/EDB.conf) manually. Basically there is a
  "[Theme]" section which gets read on startup (a change will need a restart
  to take effect). In this section  there are a bunch of settings that effect
  the look of the disassembly which looks like this:
  
        theme.<category>.<property>=<value>
  
  Valid categories are:
  
        register
        constant
        ptr
        prefix
        flow_ctrl
        function
        stack
        comparison
        data_xfer
        arithmetic
        logic
        shift
  
  Valid properties are:
  
        foreground
        background
        weight
        italic
        underline
  
  NOTES:
  
  you may omit any property, which will yield the default value look for that
  property.
  
  foreground and background are colors, this is a string which can be anything
  you can pass to a QColor(const char *) constructor. So, it can take named
  constants such as "green" or hex color codes like "#00ff00", the special value,
  transparent is also allowed.  See the Qt documentation for the full details.
  
  weight is on a scale of 0 to 99. 50 being normal and 75 being bold.
  
  italic and underline are typical boolean values.
  
  EXAMPLE (this will give the default look):
  
        [Theme]
        theme.register.foreground=red
        theme.register.background=transparent
        theme.register.weight=75
        theme.register.italic=false
        theme.register.underline=false
        theme.constant.foreground=black
        theme.constant.background=transparent
        theme.constant.weight=50
        theme.constant.italic=false
        theme.constant.underline=false
        theme.ptr.foreground=darkGreen
        theme.ptr.background=transparent
        theme.ptr.weight=50
        theme.ptr.italic=false
        theme.ptr.underline=false
        theme.prefix.foreground=black
        theme.prefix.background=transparent
        theme.prefix.weight=75
        theme.prefix.italic=false
        theme.prefix.underline=false
        theme.flow_ctrl.foreground=blue
        theme.flow_ctrl.background=yellow
        theme.flow_ctrl.weight=50
        theme.flow_ctrl.italic=false
        theme.flow_ctrl.underline=false
        theme.function.foreground=blue
        theme.function.background=yellow
        theme.function.weight=50
        theme.function.italic=false
        theme.function.underline=false
        theme.stack.foreground=blue
        theme.stack.background=transparent
        theme.stack.weight=50
        theme.stack.italic=false
        theme.stack.underline=false
        theme.comparison.foreground=blue
        theme.comparison.background=transparent
        theme.comparison.weight=50
        theme.comparison.italic=false
        theme.comparison.underline=false
        theme.data_xfer.foreground=blue
        theme.data_xfer.background=transparent
        theme.data_xfer.weight=50
        theme.data_xfer.italic=false
        theme.data_xfer.underline=false
        theme.arithmetic.foreground=blue
        theme.arithmetic.background=transparent
        theme.arithmetic.weight=50
        theme.arithmetic.italic=false
        theme.arithmetic.underline=false
        theme.logic.foreground=blue
        theme.logic.background=transparent
        theme.logic.weight=50
        theme.logic.italic=false
        theme.logic.underline=false
        theme.shift.foreground=blue
        theme.shift.background=transparent
        theme.shift.weight=50
        theme.shift.italic=false
        theme.shift.underline=false
        theme.system.foreground=blue
        theme.system.background=transparent
        theme.system.weight=75
        theme.system.italic=false
        theme.system.underline=false
  

2010-04-01
----------

* Made the copy operation of QHexView widgets do an ascii rendering of what the
  user has selected, this is infinitely more useful.
  
* Re-added the jump/call target symbol display in the disassembly view. This
  was accidentally chopped when I added syntax highlighting.

2010-03-31
----------

* Code cleanup

* Fixed potential memory corruption in symbol management code (could not
  demonstrate it, but technically it was possible).
  
* Added some options to the DumpState plugin

* The DumpState plugin now uses the current data view tab as the basis for
  its "data" portion of the output
  
* Got rid of the insanity of having "ctrl+c" mean "check version". :-P

* The BreakpointManager is no longer a modal dialog.

* Improved const correctness of some things

* Fixed corner case where the UI wouldn't update immidiately

2010-02-26
----------

* Added support for highlighting of flow control commands

* Next version will allow "schemes" in the same sense that ollydbg does
  you will be able to edit the configuration file to adjust the colors to your
  liking.

2010-02-25
----------

* Added support for comments for bookmarks

* Fixed a bug where the UI didn't update immediately after closing the config
  dialog
  
* syntax highlighting in the CPU view!

2010-01-15
----------

* Added "Add Bookmark" to CPU view context menu.

http://www.codef00.com/projects/debugger-0.9.14.tgz

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 1
支持
分享
最新回复 (2)
雪    币: 203
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
是win版的吗?
OD在WIN7下不能用了,正好考虑换个呢~~
2010-6-2 09:03
0
雪    币: 292
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
3
貌似是linux下的……

2010-6-4 15:08
0
游客
登录 | 注册 方可回帖
返回
//