Vivisect Changelog
V1.1.1 - 2023-04-07
Fixes
- Fix 64-bit emulation of intel’s
div instruction.
(#575)
- Do dynamic imports in our envi module via importlib.import_module.
(#587)
- Make our ELF module more resilient to failures.
(#592)
- Fix a regex that uses an invalid escape sequence.
(#596)
- Fix PE parser config option usage.
(#605)
- Fix
envi.interactive flag.
(#606)
V1.1.0 - 2023-02-18
Features
- Update VDB’s handling of x64 systems.
(#56)
- Symbolic switchcase analysis.
(#112)
- Make Vivisect loader more elegantly handle multiple files.
(#472)
- Funcgraph enhancements: AutoRefresh, FollowTheLeader, Xrefs Window, and Window Renaming.
(#488)
- update impapi to cover msvcr100.dll
(#522)
- Add a SaveToServer dialog.
(#527)
- Update imphook names in the platarch emulators.
(#530)
- Relocatable ELF Support.
(#531)
- Check before making new location types in the UI.
(#533)
- Turn register groups from a tuple to a dictionary.
(#542)
- Store a file’s original name in the meta info.
(#543)
- Add API entry for __read_chk on posix.
(#545)
- Add option to WorkspaceEmulator to disable shared caching.
(#547)
- Enabling POSIX Library Load notifications.
(#550)
- Add i386 opcode vpcext.
(#556)
- Update vamp signatures.
(#566)
- Making architecture names/numbers in envi for impending architectures.
(#567)
- Refactoring Windows library APIs.
(#572)
- Sort context menu options and add “this window” option.
(#577)
Fixes
- Various fixes to improve ARM analysis.
(#473)
- Fix an issue in the remote server.
(#523)
- Fix some remote gui bugs.
(#525)
- Documentation build fixes.
(#535)
- More documentation build fixes.
(#537)
- Bump QT Versions to address hanging.
(#541)
- Fix VivWorkspace opcache key creation.
(#544)
- More ARM bugfixes.
(#546)
- Fix and extend Windows API hooking.
(#548)
- VTrace posix missing import.
(#549)
- minor bugfixes: VDB RegisterView widget
(#552)
- Fix i386’s vtrace archGetBackTrace results.
(#553)
- Linux i386 syscall fixes.
(#555)
- Pull back in some fixes that got lost in merges.
(#564)
- Make MiniDump log to a named logger.
(#565)
- Make BasicFile storage write the header when used from the UI.
(#570)
- Arch Const Handling refactoring.
(#571)
- Architecture loading emergency bugfix.
(#578)
V1.0.8 - 2022-04-28
Features
- Improved Save-As capabilities when connected to a remote server and better struct making from the UI.
(#501)
- Improve output for the UI’s
names command.
(#516)
Fixes
- Fix issue in the proxy case where we forgot to snap in the analysis modules.
(#498)
- Fix string naming.
(#502)
- Fix a bug in ELFPLT analysis where certain dynamic tables were missing.
(#503)
- Fix an issue where ELF parsing of STT_FUNCs was based on too many bits.
(#505)
- Fix an missing name issue in Save-As.
(#507)
- Improve thread safety for client workspaces.
(#508)
- Fix the i386 Emulator’s handling of rep(n)z.
(#513)
- Fix issue when dealing with invalid PE section names.
(#514)
- Fix an incorrect import name in vivbin.
(#518)
- Fix a debug logging message in the
libc_start_main analysis pass that would cause that analysis pass to exception out.
(#519)
V1.0.7 - 2022-01-13
Features
- More Mach-O structure definitions and parsing support.
(#495)
Fixes
- Tweak how i386 analysis detections calling conventions.
(#493)
- Use OptionalHeader.Magic for determining PE32/PE32+.
(#494)
V1.0.6 - 2022-01-03
Features
- Cohesive Memory Maps.
(#450)
- Add changelog to the docs build.
(#462)
- Add test for unknown workspace events.
(#463)
- Flesh out Delete Relocation Event and add Test Helpers.
(#471)
- Update docs with developer intro info.
(#475)
- Update IPython integration module.
(#487)
- Improve Emulation Taint Comments.
(#490)
Fixes
- Fix PE carving.
(#464)
- Update intel emulator repetition options.
(#465)
- Update VDB’s UI class inheritance to deal with display crashes.
(#466)
- Update the various CLIs and VAMP interfaces.
(#467)
- Fix ARM’s Vivisect/VDB bridges.
(#469)
- A grab bag of fixes for function thunking, ELF PLT analysis, ARM emulation, and no return display.
(#470)
- Fix special character rending in the UI.
(#474)
- Fix the intel emulator’s idiv instruction.
(#476)
- Make MACH-O parsing work.
(#486)
V1.0.5 - 2021-09-10
Fixes
- Fix ascii string size when the string terminates at the end of a memory map.
(#437)
- Better handle PE delay imports that use VA pointers instead of RVA pointers.
(#439)
- envi.IMemory.readMemValue: return None on truncated read.
(#444)
- Only apply the rep prefix on string instructions in intel emulation.
(#447)
- Fix a pair of regressions in ELF analysis.
(#448)
- Align ELF memory maps to page.
(#451)
- Integer division for struct array count in ELF.
(#455)
- Safe harness for addRelocation method on the workspace.
(#456)
- Log to appropriate logger in elfplt late module.
(#458)
- Allow duplicate init and fini functions in ELF files.
(#459)
- Add Vtrace Symbol test.
(#460)
v1.0.4 - 2021-08-22
Features
- Add structures to UI and a compressed version of the file to the meta events.
(#396)
- Actual documentation!
(#400)
- Massive ELFPLT overhaul.
(#401)
- Speed tweaks for the pointers pass and the workspace emulator.
(#402)
Fixes
- RTD didn’t like python 3.9, so go with 3.8.
(#400)
- Have ud2 on amd64 halt codeflow and fix a MACH-O bug.
(#403)
- Fix issues in vtrace’s windows, vivisect/reports, PE/carve, and others.
(#404)
- Tons of i386 emulator fixes.
(#405)
- Safeguard mnemonic counting in codeblocks.py.
(#408)
- Fix funcgraph issues with line highlighting.
(#409)
- Fix issues in i386 decoding, a new thunk pass, new ELF relocations support, and more.
(#411)
- Fix vstruct signed number issue.
(#412)
- Change AMD64 symboliks class declaration to get the right dealloc method.
(#413)
- Remove wintypes import for vtrace to avoid a python bug.
(#416)
- Raise specific exception on invalid architecture.
(#418)
- Raise specific exception on invalid section alignment.
(#420)
- Raise specific exception on corrupt file.
(#422)
- Better handle invalid exported filename in PE files.
(#426)
- Fix struct.unpack issue and float issue on corrupt files.
(#428)
- ARM impapi files.
(#431)
- Fix python 3.8 compatibility issues (and add to CI) and fix platformDetach.
(#432)
- Alignment and padding of PE sections.
(#436)
- Better handle invalid import name.
(#441)
v1.0.3 - 2021-05-02
Features
- Loosen requirements and bring setup and requirements.txt in line with each other
(#399)
v1.0.2 - 2021-05-02
Features
- Refactor and update the posix impapi
(#390)
Fixes
- Ancient visgraph bug
(#387)
- Easier version engineering
(#388)
- Remove Travis CI config and fully cut over to Circle CI
(#389)
- Add check to prevent divide by zero in print stats
(#392)
- Fix SaveToWorkspaceServer
(#393)
- Intel emulator bug fixes
(#394)
- Tests for intel emulator and more fixes
(#395)
v1.0.1 - 2021-04-05
Features
- Dynamic dialog box/Extension docs
(#376)
- ELF Checksec and metadata additions
(#379)
- ARM Fixes/CLI Fixes/GUI Helpers
(#380)
Fixes
- Callgraph/PE/vtrace fixes and pip installation update
(#372)
- Extensions improvements
(#374)
- Migration Doc and script/Cobra fixes/Data pointer improvement/Remote fixes
(#377)
- Intel addrsize prefix fix/decoding fixes/emulator and symboliks updates/vdb fixes
(#384)
- Cobra cluster updates/ARM analysis fixes/Elf parser fix
(#385)
- v1.0.1 release/Intel decoding update/vtrace linux ps fix
(#386)
v1.0.0 - 2021-02-23
Features
- Full Python 3 cutover
(#328)
Fixes
- Make envi.codeflow stable when analyzing function
(Wrapped in as part of #328)
- Fixing some issues with memory view rendering
(#352)
- Python 3 Cleanup (for extensions/UI fixes/unicode detection/switchtable regression/ELF Parser)
(#353)
- More memory render fixes
(#355)
- More python3 fixes for API consistency and packed dll name exception handling
(#357)
- Python3.6 specific import fixes
(#361)
- Memory rendering tweaks to not double show bytes
(#364)
- UI fixes for arrow keys, taint value fixes to prevent some infinity recursion
(#365)
- Symbolik View was unusable
(#366)
- DynamicBranches wasn’t populating in py, and no return improvements
(#367)
- Logging update for vivbin/vdbbin
(#368)
v0.2.0 - 2021-02-01
Features
- More IMAGE_FILE defs and honoring NXCOMPAT in older PE files
(#319)
- Msgpack backed storage module
(#321)
- Substring location accesses
(#327)
- Parse and return the delay import table
(#331)
- New noret pass/several API refreshes/intel emulator fixes/emucode hydra function fixes
(#333)
- Migrate to CircleCI for Continuous Integration
(#336)
- Enhance UI extensions
(#341)
- SREC file parsing support
(#343)
Fixes
- Import emulator to handle dynamic branches (switchcases) using only xrefs
(#314)
- ARM Register access tweaks
(#315)
- Normlize the return value/usage of i386’s getOperAddr
(#316)
- Bugfix for handling deleted codeblocks
(#317)
- Syntax error fixes
(#318)
- PE carving fix/makePointer call in makeOpcode fix
(#320)
- More intel nop instruction decodings
(#326)
- More intel decodings/Codeflow fixes/Enable ARM for PE/Address infinite loop/Metadata
(#329)
- Cobra: not configuring logging for everyone upon import
(#330)
- Speedup for symbolik’s setSymKid and more intel decoding fixes
(#332)
- Don’t configure logging in vivisect module
(#334)
- Slight ARM fixes for bx flags and IHEX fixes for meta info
(#337)
- PE fixes for reading at high relative offsets
(#338)
- Streamline ELF tests to reduce memory footprint
(#340)
- Streamline Symboliks Tests to reduce memory footprint
(#342)
- Remove unused cobra imports
(#344)
- More robust location handling for corrupt PE files
(#347)
v0.1.0 - 2020-09-08
Features
- ELF tweaks for ARM binaries.
(#290)
- Codebase cleanup in preparation to move to python 3.
(#293)
- More opcode mappings for intel.
(#299)
- Upgrade cxxfilt.
(#302)
- Expand unittest coverage.
(#303)
- Support for integrating with revsync.
(#304)
- Symbolik Reduction Speedup.
(#309)
Fixes
- PyPI fix for vtrace.
(#300)
- Calling convention fixes
(#301)
- ARM disassembly and emulation bugfixes.
(#305)
- Msgpack strict_map_key bugfix.
(#307)
- Make creation of $HOME/.viv directory user configurable.
(#310)