binary-analysis

r_anal_esil_pushnum uses snprintf, sdb_itoa is faster

Seeing PGO: UNKNOWN is not implemented yet! printed out when parsing the following assembly

global main
extern GetStdHandle
extern WriteFile

section .text
main:
    mov     rcx, 0fffffff5h
    call    GetStdHandle

    mov     rcx, rax
    mov     rdx, NtlpBuffer
    mov     r8, [NtnNBytesToWrite]
    mov     r9, NtlpNBytesWritten
    sub     rsp, 40
    mov     dword [rs

It's nice if testing doesn't produce unnecessary artifacts after running with success but keeps relevant info on fail for further inspection.

Pytest should have a nice way of creating fixtures that can post-process a test based on whether it failed or not https://docs.pytest.org/en/latest/example/simple.html#making-test-result-information-available-in-fixtures

If a test fails, then keep the

While the test_suite presented in #589 does work, it is still pretty simple and can be improved and enhanced.

• Add tests for gnutils and coreutils.
• Add necessary utilities so more complex programs can be compiled from sources.
• Integrate CMake, so one could write something like make validate and the subset of test that is deemed necessary (for example everything with min t

There are many instances of INSTR_CREATE macro documentation saying things like this:

* \param dc  The void * dcontext used to allocate memory for the instr_t.

That should have a # to link up the instr_t type.

Attempting to decode any of the attached files with goblin::elf::Elf::parse crashes the process. Memory allocator runs out of virtual memory and the process is aborted.

goblin-elf-oom-crashes.zip

Found via AFL.rs. Fuzzing harness: https://github.com/Shnatsel/goblin/blob/master/fuzz-afl/src/main.rs

Is your feature request related to a problem? Please describe.
I want to do some simple custom pattern matching on a program's assembly instructions.

Describe the solution you'd like
I would like to be able to export a disassembly of the entire program, including addresses, labels, etc., to a text file so I can then use standard text tools to analyze or share it.

**Describe alterna

I noticed you have a plugin for Ghidra, but it is not the only one FOSS tool available.
Radare2 is a highly-portable cross-platform reverse engineering framework and a toolkit without dependencies. It has support for analyzing binaries, disassembling code, debugging programs, attaching to remote GDB/LLDB, WinDbg servers, rich plugin system (see r2pm), an