search

rizinorg / rizin

UNIX-like reverse engineering framework and command-line toolset.
https://rizin.re
GNU Lesser General Public License v3.0
2.7k stars 361 forks source link

Split predefined `$variables` into categories #1877

Open XVilka opened 3 years ago

XVilka commented 3 years ago 
[0x00006b10]> %$?
Usage: %$ [<var>]   
| flag          offset of flag
| ${ev}         get value of eval config variable
| $$            here (current virtual seek)
| $$$           current non-temporary virtual seek
| $?            last comparison value
| $alias=value  alias commands (simple macros)
| $B            base address (aligned lowest map address)
| $b            block size
| $c            get terminal width in character columns
| $Cn           get nth call of function
| $D            current debug map base address ?v $D @ rsp
| $DB           same as dbg.baddr, progam base address
| $DD           current debug map size
| $Dn           get nth data reference in function
| $e            1 if end of block, else 0
| $e{flag}      end of flag (flag->offset + flag->size)
| $f            jump fail address (e.g. jz 0x10 => next instruction)
| $F            Same as $FB
| $Fb           begin of basic block
| $FB           begin of function
| $Fe           end of basic block
| $FE           end of function
| $Ff           function false destination
| $Fi           basic block instructions
| $FI           function instructions
| $Fj           function jump destination
| $fl           flag length (size) at current address (fla; pD $l @ entry0)
| $FS           function size (linear length)
| $Fs           size of the current basic block
| $FSS          function size (sum bb sizes)
| $j            jump address (e.g. jmp 0x10, jz 0x10 => 0x10)
| $Ja           get nth jump of function
| $k{kv}        get value of an sdb query value
| $l            opcode length
| $M            map address (lowest map address)
| $m            opcode memory reference (e.g. mov eax,[0x10] => 0x10)
| $MM           map size (lowest map address)
| $O            cursor here (current offset pointed by the cursor)
| $o            here (current disk io offset)
| $p            getpid()
| $P            pid of children (only in debug)
| $r            get console height (in rows, see $c for columns)
| $r{reg}       get value of named register
| $s            file size
| $S            section offset
| $SS           section size
| $s{flag}      get size of flag
| $v            opcode immediate value (e.g. lui a0,0x8010 => 0x8010)
| $w            get word size, 4 if asm.bits=32, 8 if 64, ...
| $Xn           get nth xref of function

We could make the help better by splitting those into categories. Moreover, some of the variables could probably be renamed for clarity and consistency.

ret2libc commented 3 years ago

This needs some more thinking as $ is also reserved for aliases, so having for example an alias $c could be quite confusing.

XVilka commented 3 years ago

@ret2libc maybe we could use %var% syntax, like Windows cmd.exe?

ret2libc commented 3 years ago

That would mix a bit with % (env) commands... But since % is already the same as env we could just use env and allocate % for the variables.