That's sad, I know, but the RSoC is now finished since 2 months and I havn't post for even longer! :/
I have done quit a few commits this summer, and that was really nice to implement new features in a project such as radare2! Still, I have some regrets not to have had enough time for the RSoC... I had no time to implement all the task I was given, and I even still have some that I hope to do in the next few weeks.
And this year, having a lot of responsibilities in my school's associations, and having a few school projects, I find even less time than this summer, so I don't think I'll be able to contribute a lot as I expected.
Now stop complaining about my free time and let's do a quick summary of what I've done. The task was about structure templates, so the goal is to define a human readable structure, a bit like a C header for example, and to apply it on a binary to see each field easily. The method with header file is quickly described here, and I think I'll do a more complete example one day.
But my work was more focused on one r2 feature related to structures: pf. That is the basic command for which you can have a quick help on r2 by hitting pf?.
The command works as follow:
pf iwf foo bar troll
applies the iwf format at current offset. The iwf format is an integer named foo, a word called bar, and a float, troll. This gives the following output:
[0x00000000]> pf iwf foo bar troll foo : 0x00000000 = 1179403647 bar : 0x00000004 = 0x0101 troll : 0x00000006 = 1.000000
More fields type can be easily found in the pf help.
Moreover, pf supports some nice tricks like pointers by using * or arrays using ... eg:
pf *iw pointer_to_int array_of_words
The next point is to store a format by entering following command:
pf.name iwf foo bar meh
We can now apply the format with pf.name. But the thing is that we can now use the stored format as a structure in a new format using ?. eg:
[0x00000000]> pf.meh iw int word [0x00000000]> pf.boh i?w otherint (meh)plop otherword [0x00000000]> pf.boh otherint : 0x00000000 = 1179403647 plop : struct<meh> int : 0x00000004 = 65793 word : 0x00000008 = 0x0000 otherword : 0x0000000a = 0x0000
That way, you can define linked lists for example, to apply on memory dumps, or create nested structures for complex templates.
Other features are the JSON output, with pfj, or the already done templates such as the elf32 header that you can easily load with pfo elf32.
On last thing is the writing mode (not fully supported for arrays and nested structs, which are my remaining tasks) that you can use that way. You define a format:
pf.name iwf foo bar meh
And then you can modify its field with:
That prints the command you should have to type to write 0xfa0 at the right offset, and a bit of r2 shell makes life easy (see the dot before the command, to execute the output of it as if entered in r2):
[0x00000000]> pf.name foo : 0x00000000 = 0 bar : 0x00000004 = 0x0000 meh : 0x00000006 = 0.000000 [0x00000000]> .pf.name.bar=0xfa0 [0x00000000]> pf.name foo : 0x00000000 = 0 bar : 0x00000004 = 0x0fa0 meh : 0x00000006 = 0.000000
There are still some features in pf, but I think you now have a good overview of what pf can do, and so what I've done during my RSoC.
To sum up, that was a great wonderful experience, and I've learned a lot of various interesting things. I hope to finish the last tasks soon, and after that, pf will really be a powerful tool to dump nice elf headers, or analyse strange corrupted PNG files! :)
Finally, I really thank my mentors pancake, xvilka, and jvoisin for helping me doing the task, and for organizing the RSoC in general. I also thank maijin for having done a lot of tests in pf and for reporting a lot of unexpected features, and I also thank all the r2 community for being nice on the IRC chan, and for supporting such a great project!