我的书签
添加书签
移除书签CutterCore
class CutterCore : public QObject
Public Types
enum StringTypeFormats
Values:
enumerator None
enumerator ASCII_LATIN1
enumerator UTF8
enum HexdumpFormats
Values:
enumerator Normal
enumerator Half
enumerator Word
enumerator Quad
enumerator Signed
enumerator Octal
Public Functions
explicit CutterCore(QObject *parent = nullptr)
~CutterCore()
void initialize(bool loadPlugins = true)
void loadCutterRC()
void loadDefaultCutterRC()
QDir getCutterRCDefaultDirectory() const
inline AsyncTaskManager *getAsyncTaskManager()
inline RVA getOffset() const
QString cmd(const char *str)
send a command to Rizin
Note
if you want to seek to an address, you should use CutterCore::seek.
Parameters
str – the command you want to execute
Returns
command output
inline QString cmd(const QString &str)
bool asyncCmd(const char *str, QSharedPointer<RizinCmdTask> &task)
send a command to Rizin asynchronously
Note
connect to the &RizinTask::finished signal to add your own logic once the command is finished. Use task->getResult()/getResultJson() for the return value. Once you have setup connections you can start the task with task->startTask() If you want to seek to an address, you should use CutterCore::seek.
Parameters
str – the command you want to execute
task – a shared pointer that will be returned with the Rizin command task
inline bool asyncCmd(const QString &str, QSharedPointer<RizinCmdTask> &task)
QString cmdRaw(const char *cmd)
Execute a Rizin command cmd. By nature, the API is executing raw commands, and thus ignores multiple commands and overcome command injections.
Parameters
cmd – - a raw command to execute. Passing multiple commands (e.g “px 5; pd 7 && pdf”) will result in them treated as arguments to first command.
Returns
the output of the command
inline QString cmdRaw(const QString &cmd)
a wrapper around cmdRaw(const char *cmd,).
QString cmdRawAt(const char *cmd, RVA address)
Execute a Rizin command cmd at address. The function will preform a silent seek to the address without triggering the seekChanged event nor adding new entries to the seek history. By nature, the API is executing a single command without going through Rizin shell, and thus ignores multiple commands and tries to overcome command injections.
Parameters
cmd –
- a raw command to execute. If multiple commands will be passed (e.g “px 5; pd 7
&& pdf”) then only the first command will be executed.
address – - an address to which Cutter will temporarily seek.
Returns
the output of the command
inline QString cmdRawAt(const QString &str, RVA address)
a wrapper around cmdRawAt(const char *cmd, RVA address).
QJsonDocument cmdj(const char *str)
inline QJsonDocument cmdj(const QString &str)
QJsonDocument cmdjAt(const char *str, RVA address)
inline QStringList cmdList(const char *str)
inline QStringList cmdList(const QString &str)
QString cmdTask(const QString &str)
QJsonDocument cmdjTask(const QString &str)
void cmdEsil(const char *command)
send a command to Rizin and check for ESIL errors
Note
If you want to seek to an address, you should use CutterCore::seek.
Parameters
command – the command you want to execute
inline void cmdEsil(const QString &command)
bool asyncCmdEsil(const char *command, QSharedPointer<RizinCmdTask> &task)
send a command to Rizin and check for ESIL errors
Note
connect to the &RizinTask::finished signal to add your own logic once the command is finished. Use task->getResult()/getResultJson() for the return value. Once you have setup connections you can start the task with task->startTask() If you want to seek to an address, you should use CutterCore::seek.
Parameters
command – the command you want to execute
task – a shared pointer that will be returned with the Rizin command task
inline bool asyncCmdEsil(const QString &command, QSharedPointer<RizinCmdTask> &task)
QString getRizinVersionReadable()
QString getVersionInformation()
QJsonDocument parseJson(const char *res, const char *cmd = nullptr)
inline QJsonDocument parseJson(const char *res, const QString &cmd = QString())
QStringList autocomplete(const QString &cmd, RzLinePromptType promptType, size_t limit = 4096)
void renameFunction(const RVA offset, const QString &newName)
void delFunction(RVA addr)
void renameFlag(QString old_name, QString new_name)
void renameFunctionVariable(QString newName, QString oldName, RVA functionAddress)
Renames the specified local variable in the function specified by the address given.
Parameters
newName – Specifies the name to which the current name of the variable should be renamed.
oldName – Specifies the current name of the function variable.
functionAddress – Specifies the exact address of the function.
RzAnalysisFunction *functionIn(ut64 addr)
Parameters
addr –
Returns
a function that contains addr or nullptr
RzAnalysisFunction *functionAt(ut64 addr)
Parameters
addr –
Returns
the function that has its entrypoint at addr or nullptr
RVA getFunctionStart(RVA addr)
finds the start address of a function in a given address
Parameters
addr – - an address which belongs to a function
Returns
if function exists, return its start address. Otherwise return RVA_INVALID
RVA getFunctionEnd(RVA addr)
finds the end address of a function in a given address
Parameters
addr – - an address which belongs to a function
Returns
if function exists, return its end address. Otherwise return RVA_INVALID
RVA getLastFunctionInstruction(RVA addr)
finds the last instruction of a function in a given address
Parameters
addr – - an address which belongs to a function
Returns
if function exists, return the address of its last instruction. Otherwise return RVA_INVALID
QString cmdFunctionAt(QString addr)
QString cmdFunctionAt(RVA addr)
QString createFunctionAt(RVA addr)
QString createFunctionAt(RVA addr, QString name)
QStringList getDisassemblyPreview(RVA address, int num_of_lines)
get a compact disassembly preview for tooltips
Parameters
address – - the address from which to print the disassembly
num_of_lines – - number of instructions to print
void delFlag(RVA addr)
void delFlag(const QString &name)
void addFlag(RVA offset, QString name, RVA size)
QString listFlagsAsStringAt(RVA addr)
Gets all the flags present at a specific address.
Parameters
addr – The address to be checked
Returns
String containing all the flags which are comma-separated
QString nearestFlag(RVA offset, RVA *flagOffsetOut)
Get nearest flag at or before offset.
Parameters
offset – search position
flagOffsetOut – address of returned flag
Returns
flag name
void triggerFlagsChanged()
QString getInstructionBytes(RVA addr)
QString getInstructionOpcode(RVA addr)
void editInstruction(RVA addr, const QString &inst)
void nopInstruction(RVA addr)
void jmpReverse(RVA addr)
void editBytes(RVA addr, const QString &inst)
void editBytesEndian(RVA addr, const QString &bytes)
void setToCode(RVA addr)
void setAsString(RVA addr, int size = 0, StringTypeFormats type = StringTypeFormats::None)
Adds string at address That function calls the ‘Cs’ command.
Parameters
addr – The address of the array where the string will be applied
size – The size of string
type – The type of string
void removeString(RVA addr)
Removes string at address That function calls the ‘Cs-’ command.
Parameters
addr – The address of the array where the string will be applied
QString getString(RVA addr)
Gets string at address That function calls the ‘ps’ command.
Parameters
addr – The address of the first byte of the array
Returns
string at requested address
void setToData(RVA addr, int size, int repeat = 1)
int sizeofDataMeta(RVA addr)
void setComment(RVA addr, const QString &cmt)
void delComment(RVA addr)
QString getCommentAt(RVA addr)
Gets the comment present at a specific address.
Parameters
addr – The address to be checked
Returns
String containing comment
void setImmediateBase(const QString &rzBaseName, RVA offset = RVA_INVALID)
void setCurrentBits(int bits, RVA offset = RVA_INVALID)
void applyStructureOffset(const QString &structureOffset, RVA offset = RVA_INVALID)
Changes immediate displacement to structure offset This function makes use of the “aht” command of Rizin to apply structure offset to the immediate displacement used in the given instruction.
Parameters
structureOffset – The name of struct which will be applied
offset – The address of the instruction where the struct will be applied
QList<QString> getAllAnalysisClasses(bool sorted)
QList<AnalysisMethodDescription> getAnalysisClassMethods(const QString &cls)
QList<AnalysisBaseClassDescription> getAnalysisClassBaseClasses(const QString &cls)
QList<AnalysisVTableDescription> getAnalysisClassVTables(const QString &cls)
void createNewClass(const QString &cls)
void renameClass(const QString &oldName, const QString &newName)
void deleteClass(const QString &cls)
bool getAnalysisMethod(const QString &cls, const QString &meth, AnalysisMethodDescription *desc)
void renameAnalysisMethod(const QString &className, const QString &oldMethodName, const QString &newMethodName)
void setAnalysisMethod(const QString &cls, const AnalysisMethodDescription &meth)
bool loadFile(QString path, ut64 baddr = 0LL, ut64 mapaddr = 0LL, int perms = RZ_PERM_R, int va = 0, bool loadbin = false, const QString &forceBinPlugin = QString())
CutterCore::loadFile Load initial file.
Parameters
path – File path
baddr – Base (RzBin) address
mapaddr – Map address
perms –
va –
loadbin – Load RzBin information
forceBinPlugin –
Returns
bool tryFile(QString path, bool rw)
bool mapFile(QString path, RVA mapaddr)
Maps a file using Rizin API.
Parameters
path – Path to file
mapaddr – Map Address
Returns
bool
void loadScript(const QString &scriptname)
void seek(QString thing)
void seek(ut64 offset)
void seekSilent(ut64 offset)
inline void seekSilent(QString thing)
void seekPrev()
void seekNext()
void updateSeek()
void showMemoryWidget()
Raise a memory widget showing current offset, prefer last active memory widget.
void seekAndShow(ut64 offset)
Seek to
offsetand raise a memory widget showing it.Parameters
offset –
void seekAndShow(QString thing)
See
CutterCore::show(ut64)
Parameters
thing – - addressable expression
RVA getOffset()
RVA prevOpAddr(RVA startAddr, int count)
RVA nextOpAddr(RVA startAddr, int count)
ut64 math(const QString &expr)
ut64 num(const QString &expr)
QString itoa(ut64 num, int rdx = 16)
void setConfig(const char *k, const char *v)
void setConfig(const QString &k, const char *v)
void setConfig(const char *k, const QString &v)
inline void setConfig(const QString &k, const QString &v)
void setConfig(const char *k, int v)
inline void setConfig(const QString &k, int v)
void setConfig(const char *k, bool v)
inline void setConfig(const QString &k, bool v)
void setConfig(const char *k, const QVariant &v)
inline void setConfig(const QString &k, const QVariant &v)
int getConfigi(const char *k)
inline int getConfigi(const QString &k)
ut64 getConfigut64(const char *k)
inline ut64 getConfigut64(const QString &k)
bool getConfigb(const char *k)
inline bool getConfigb(const QString &k)
QString getConfig(const char *k)
inline QString getConfig(const QString &k)
QString getConfigDescription(const char *k)
QList<QString> getColorThemes()
QByteArray assemble(const QString &code)
QString disassemble(const QByteArray &data)
QString disassembleSingleInstruction(RVA addr)
QList<DisassemblyLine> disassembleLines(RVA offset, int lines)
QString hexdump(RVA offset, int size, HexdumpFormats format)
return hexdump of <size> from an <offset> by a given formats
Parameters
address – - the address from which to print the hexdump
size – - number of bytes to print
format – - the type of hexdump (qwords, words. decimal, etc)
QString getHexdumpPreview(RVA offset, int size)
get a compact hexdump preview for tooltips
Parameters
address – - the address from which to print the hexdump
size – - number of bytes to print
void setCPU(QString arch, QString cpu, int bits)
void setEndianness(bool big)
QList<QString> sdbList(QString path)
QList<QString> sdbListKeys(QString path)
QString sdbGet(QString path, QString key)
bool sdbSet(QString path, QString key, QString val)
QJsonDocument getRegistersInfo()
QJsonDocument getRegisterValues()
QString getRegisterName(QString registerRole)
RVA getProgramCounterValue()
void setRegister(QString regName, QString regValue)
void setCurrentDebugThread(int tid)
void setCurrentDebugProcess(int pid)
Attach to a given pid from a debug session.
QList<QJsonObject> getStack(int size = 0x100, int depth = 6)
Returns a list of stack address and their telescoped references.
Parameters
size – number of bytes to scan
depth – telescoping depth
QJsonObject getAddrRefs(RVA addr, int depth)
Recursively dereferences pointers starting at the specified address up to a given depth.
Parameters
addr – telescoping addr
depth – telescoping depth
RefDescription formatRefDesc(QJsonObject ref)
return a RefDescription with a formatted ref string and configured colors
Parameters
ref – the “ref” JSON node from getAddrRefs
QJsonDocument getProcessThreads(int pid)
Get a list of a given process’s threads.
Parameters
pid – The pid of the process, -1 for the currently debugged process
Returns
JSON object result of dptj
QJsonDocument getChildProcesses(int pid)
Get a list of a given process’s child processes.
Parameters
pid – The pid of the process, -1 for the currently debugged process
Returns
JSON object result of dptj
QJsonDocument getBacktrace()
QVector<Chunk> getHeapChunks(RVA arena_addr)
Get a list of heap chunks Uses RZ_API rz_heap_chunks_list to get vector of chunks If arena_addr is zero return the chunks for main arena.
Parameters
arena_addr – base address for the arena
Returns
Vector of heap chunks for the given arena
QVector<Arena> getArenas()
Get a list of heap arenas Uses RZ_API rz_heap_arenas_list to get list of arenas.
Returns
Vector of arenas
RzHeapChunkSimple *getHeapChunk(ut64 addr)
Get detailed information about a heap chunk Uses RZ_API rz_heap_chunk.
Returns
RzHeapChunkSimple struct pointer for the heap chunk
QVector<RzHeapBin*> getHeapBins(ut64 arena_addr)
Get heap bins of an arena with given base address (including large, small, fast, unsorted, tcache)
Parameters
arena_addr – Base address of the arena
Returns
QVector of non empty RzHeapBin pointers
bool writeHeapChunk(RzHeapChunkSimple *chunkSimple)
Write the given chunk header to memory.
Parameters
chunkSimple – RzHeapChunkSimple pointer of the chunk to be written
Returns
true if the write succeeded else false
int getArchBits()
void startDebug()
void startEmulation()
void attachRemote(const QString &uri)
attach to a remote debugger
Note
attachedRemote(bool) signals the result
Parameters
uri – remote debugger uri
void attachDebug(int pid)
void stopDebug()
void suspendDebug()
void syncAndSeekProgramCounter()
void continueDebug()
void continueBackDebug()
void continueUntilCall()
void continueUntilSyscall()
void continueUntilDebug(QString offset)
void stepDebug()
void stepOverDebug()
void stepOutDebug()
void stepBackDebug()
void startTraceSession()
void stopTraceSession()
void addBreakpoint(const BreakpointDescription &config)
void updateBreakpoint(int index, const BreakpointDescription &config)
void toggleBreakpoint(RVA addr)
void delBreakpoint(RVA addr)
void delAllBreakpoints()
void enableBreakpoint(RVA addr)
void disableBreakpoint(RVA addr)
void setBreakpointTrace(int index, bool enabled)
Enable or disable breakpoint tracing.
Parameters
index – - breakpoint index to modify
enabled – - true if tracing should be enabled
int breakpointIndexAt(RVA addr)
BreakpointDescription getBreakpointAt(RVA addr)
bool isBreakpoint(const QList<RVA> &breakpoints, RVA addr)
QList<RVA> getBreakpointsAddresses()
QList<RVA> getBreakpointsInFunction(RVA funcAddr)
Get all breakpoinst that are belong to a functions at this address.
QString getActiveDebugPlugin()
QStringList getDebugPlugins()
void setDebugPlugin(QString plugin)
bool isDebugTaskInProgress()
bool isRedirectableDebugee()
Check if we can use output/input redirection with the currently debugged process.
QList<Decompiler*> getDecompilers()
Decompiler *getDecompilerById(const QString &id)
bool registerDecompiler(Decompiler *decompiler)
Register a new decompiler
The decompiler must have a unique id, otherwise this method will fail. The decompiler’s parent will be set to this CutterCore instance, so it will automatically be freed later.
Returns
whether the decompiler was registered successfully
RVA getOffsetJump(RVA addr)
QJsonDocument getFileInfo()
QJsonDocument getSignatureInfo()
QJsonDocument getFileVersionInfo()
QStringList getStats()
void setGraphEmpty(bool empty)
bool isGraphEmpty()
void getOpcodes()
void setSettings()
void loadPDB(const QString &file)
QByteArray ioRead(RVA addr, int len)
QList<RVA> getSeekHistory()
QStringList getAsmPluginNames()
QStringList getAnalysisPluginNames()
QList<RzBinPluginDescription> getBinPluginDescriptions(bool bin = true, bool xtr = true)
QList<RzIOPluginDescription> getRIOPluginDescriptions()
QList<RzCorePluginDescription> getRCorePluginDescriptions()
QList<RzAsmPluginDescription> getRAsmPluginDescriptions()
QList<FunctionDescription> getAllFunctions()
QList<ImportDescription> getAllImports()
QList<ExportDescription> getAllExports()
QList<SymbolDescription> getAllSymbols()
QList<HeaderDescription> getAllHeaders()
QList<ZignatureDescription> getAllZignatures()
QList<CommentDescription> getAllComments(const QString &filterType)
QList<RelocDescription> getAllRelocs()
QList<StringDescription> getAllStrings()
QList<FlagspaceDescription> getAllFlagspaces()
QList<FlagDescription> getAllFlags(QString flagspace = QString())
QList<SectionDescription> getAllSections()
QList<SegmentDescription> getAllSegments()
QList<EntrypointDescription> getAllEntrypoint()
QList<BinClassDescription> getAllClassesFromBin()
QList<BinClassDescription> getAllClassesFromFlags()
QList<ResourcesDescription> getAllResources()
QList<VTableDescription> getAllVTables()
QList<TypeDescription> getAllTypes()
Returns
all loaded types
QList<TypeDescription> getAllPrimitiveTypes()
Returns
all loaded primitive types
QList<TypeDescription> getAllUnions()
Returns
all loaded unions
QList<TypeDescription> getAllStructs()
Returns
all loaded structs
QList<TypeDescription> getAllEnums()
Returns
all loaded enums
QList<TypeDescription> getAllTypedefs()
Returns
all loaded typedefs
QString getTypeAsC(QString name)
Fetching the C representation of a given Type.
Parameters
name – - the name or the type of the given Type
Returns
The type decleration as C output
bool isAddressMapped(RVA addr)
Checks if the given address is mapped to a region.
Parameters
addr – The address to be checked
Returns
true if addr is mapped, false otherwise
QList<MemoryMapDescription> getMemoryMap()
QList<SearchDescription> getAllSearch(QString searchFor, QString space, QString in)
BlockStatistics getBlockStatistics(unsigned int blocksCount)
QList<BreakpointDescription> getBreakpoints()
QList<ProcessDescription> getAllProcesses()
QList<QJsonObject> getRegisterRefs(int depth = 6)
returns a list of reg values and their telescoped references
Parameters
depth – telescoping depth
QVector<RegisterRefValueDescription> getRegisterRefValues()
QList<VariableDescription> getVariables(RVA at)
QList<XrefDescription> getXRefsForVariable(QString variableName, bool findWrites, RVA offset)
Fetches all the writes or reads to the specified local variable ‘variableName’ in the function in which the specified offset is a part of.
Parameters
variableName – Name of the local variable.
findWrites – If this is true, then locations at which modification happen to the specified local variable is fetched. Else, the locations at which the local is variable is read is fetched.
offset – An offset in the function in which the specified local variable exist.
Returns
A list of XrefDescriptions that contains details of all the writes or reads that happen to the variable ‘variableName’.
QList<XrefDescription> getXRefs(RVA addr, bool to, bool whole_function, const QString &filterType = QString())
QList<StringDescription> parseStringsJson(const QJsonDocument &doc)
void handleREvent(int type, void *data)
void triggerVarsChanged()
void triggerFunctionRenamed(const RVA offset, const QString &newName)
void triggerRefreshAll()
void triggerAsmOptionsChanged()
void triggerGraphOptionsChanged()
void message(const QString &msg, bool debug = false)
QStringList getSectionList()
RzCoreLocked core()
BasicBlockHighlighter *getBBHighlighter()
BasicInstructionHighlighter *getBIHighlighter()
void setIOCache(bool enabled)
Enable or dsiable Cache mode. Cache mode is used to imagine writing to the opened file without committing the changes to the disk.
Parameters
enabled –
bool isIOCacheEnabled() const
Check if Cache mode is enabled.
Returns
true if Cache is enabled, otherwise return false.
void commitWriteCache()
Commit write cache to the file on disk.
void setWriteMode(bool enabled)
Enable or disable Write mode. When the file is opened in write mode, any changes to it will be immediately committed to the file on disk, thus modify the file. This function wrap Rizin function which re-open the file with the desired permissions.
Parameters
enabled –
bool isWriteModeEnabled()
Check if the file is opened in write mode.
Returns
true if write mode is enabled, otherwise return false.
Public Members
bool currentlyDebugging = false
bool currentlyEmulating = false
bool currentlyTracing = false
bool currentlyRemoteDebugging = false
int currentlyAttachedToPID = -1
QString currentlyOpenFile
QList<QString> opcodes
QList<QString> regs
Signals
void refreshAll()
void functionRenamed(const RVA offset, const QString &new_name)
void varsChanged()
void functionsChanged()
void flagsChanged()
void commentsChanged(RVA addr)
void registersChanged()
void instructionChanged(RVA offset)
void breakpointsChanged(RVA offset)
void refreshCodeViews()
void stackChanged()
void codeRebased()
update all the widgets that are affected by rebasing in debug mode
void switchedThread()
void switchedProcess()
void classNew(const QString &cls)
void classDeleted(const QString &cls)
void classRenamed(const QString &oldName, const QString &newName)
void classAttrsChanged(const QString &cls)
void debugProcessFinished(int pid)
end of current debug event received
void attachedRemote(bool successfully)
void ioCacheChanged(bool newval)
void writeModeChanged(bool newval)
void ioModeChanged()
void debugTaskStateChanged()
emitted when debugTask started or finished running
void asmOptionsChanged()
emitted when config regarding disassembly display changes
void graphOptionsChanged()
emitted when config regarding graph display changes
void seekChanged(RVA offset)
seekChanged is emitted each time Rizin’s seek value is modified
Parameters
offset –
void toggleDebugView()
void newMessage(const QString &msg)
void newDebugMessage(const QString &msg)
void showMemoryWidgetRequested()
Public Static Functions
static CutterCore *instance()
static QString sanitizeStringForCommand(QString s)
static QByteArray hexStringToBytes(const QString &hex)
static QString bytesToHexString(const QByteArray &bytes)
static QString ansiEscapeToHtml(const QString &text)
