binary-analysis

Description

Please describe what are you missing or wanting to be improved
Recently I read a new syntax coloring technique for programing languages. Instead of highlighting grammar, highlight the things you are likely to mistake. So make sure strcpy and strncpy are easily distinguishable by their color. It would be cool to apply this to immediate values in assembly and the ? command

Seeing PGO: UNKNOWN is not implemented yet! printed out when parsing the following assembly

global main
extern GetStdHandle
extern WriteFile

section .text
main:
    mov     rcx, 0fffffff5h
    call    GetStdHandle

    mov     rcx, rax
    mov     rdx, NtlpBuffer
    mov     r8, [NtnNBytesToWrite]
    mov     r9, NtlpNBytesWritten
    sub     rsp, 40
    mov     dword [rs

It's nice if testing doesn't produce unnecessary artifacts after running with success but keeps relevant info on fail for further inspection.

Pytest should have a nice way of creating fixtures that can post-process a test based on whether it failed or not https://docs.pytest.org/en/latest/example/simple.html#making-test-result-information-available-in-fixtures

If a test fails, then keep the

While the test_suite presented in #589 does work, it is still pretty simple and can be improved and enhanced.

• Add tests for gnutils and coreutils.
• Add necessary utilities so more complex programs can be compiled from sources.
• Integrate CMake, so one could write something like make validate and the subset of test that is deemed necessary (for example everything with min t

There are many instances of INSTR_CREATE macro documentation saying things like this:

* \param dc  The void * dcontext used to allocate memory for the instr_t.

That should have a # to link up the instr_t type.

We have started to include license details in our version identifier configuration here: https://github.com/e-m-b-a/emba/blob/master/config/bin_version_strings.cfg

This is in a very early stage and need your help. If you know the license of some of the software components please include it directly in the configuration and bring up a pull request or comment to this issue with the license and th

Attempting to decode any of the attached files with goblin::elf::Elf::parse crashes the process. Memory allocator runs out of virtual memory and the process is aborted.

goblin-elf-oom-crashes.zip

Found via AFL.rs. Fuzzing harness: https://github.com/Shnatsel/goblin/blob/master/fuzz-afl/src/main.rs

I noticed you have a plugin for Ghidra, but it is not the only one FOSS tool available.
Radare2 is a highly-portable cross-platform reverse engineering framework and a toolkit without dependencies. It has support for analyzing binaries, disassembling code, debugging programs, attaching to remote GDB/LLDB, WinDbg servers, rich plugin system (see r2pm), an

Scroll bars, especially small scroll bars, are nearly impossible to see

This can make navigating difficult, so we should try to improve their visibility. If there's not a theme color dedicated to their outline/body, that might be nice; even high-contrast suffers from this issue.