search

radareorg / radare2

UNIX-like reverse engineering framework and command-line toolset
https://www.radare.org/
GNU Lesser General Public License v3.0
20.73k stars 3.01k forks source link

Add command to print function passed arguments #13191

Open Revers3c-Team opened 5 years ago

Revers3c-Team commented 5 years ago

Using e dbg.funcarg and Vpp we can see the arguments being passed to a function but there is no any other way to do that and it's really important in scripting with r2pipe as an example. Hope to see it soon as part of the afv family

radare commented 5 years ago

see | aefa [addr] emulate function to find out args in given or current offset

radare commented 5 years ago

and suggest better appraoches or which commands and which output would you expect to get

also having json support ofr this will be nice

maybe one cool thing we can do is to run this command over all xrefs to a function to emulate all the functions that call it recursively and show its possible argument values . we will probably need a way to store and enumerate all the arg values from all the codepaths, this can be used as hints to imiprove analysis, and we can import those values from frida-trace, r2 debugger, emulation or any custom value specified by the user