radeco
radeco copied to clipboard
radareorg
radare2-based decompiler and symbol executor
gzipped example binary: [bad_phi2.gz](https://github.com/radareorg/radeco-lib/files/2276152/bad_phi2.gz) disassembly from r2: ``` / (fcn) sym.foo 14 | sym.foo (int arg1, int arg2); | ; arg int arg1 @ rdi | ; arg int arg2...
Currently, we just get a list of instructions from `R2Api::function` (`pdfj`) and then manually make basic blocks whenever we find a jump instruction while constructing the SSA. Radare already provides...
source ```c long foo(long a) { if (a > 2) { puts("A"); } puts("B"); return 0; } ``` gziped binary: [buggy.gz](https://github.com/radareorg/radeco-lib/files/2182777/buggy.gz) disassembly from r2 ```asm / (fcn) sym.foo 43 |...
Sometimes it fails because the test cases are generated at random.  ``` thread 'backend::ctrl_flow_struct::graph_utils::test::qc_nearest_common_dominator' panicked at '[quickcheck] TEST FAILED. Arguments: (StableGraph { Ty: "Directed", node_count: 23, edge_count: 64, edges:...
- [ ] When we construct SSA, there is possible a basic block only has a true conditional outgoing edges without false one, but in SSA'a API `conditional_edges`, we require...
See https://www.cl.cam.ac.uk/~mom22/decompilation/ [fmcad12.pdf](https://github.com/radareorg/radeco-lib/files/2767861/fmcad12.pdf)
Can be helpful for some reasoning about possible paths, type inference and so on. For example ability to limit the range (or set multiple ranges) for some arguments, variables or...
Depends on https://github.com/radare/radare2/issues/11828 After it is fixed, radeco should be able to load the information from radare2 about constrained types and use it.
`tmp = sym.imp.puts("Hello, world.", rsi, rdx, rcx, r8, r9)` -> `anal/types/func.puts.args=1` `tmp = sym.imp.puts("Hello, world.", rsi)`
Currently, we have the ability to mark nodes as either a scalar (not an address) or a reference (pointer/reference). We'd like to take this a step further and be able...
