Siemens C166 family (dis)assembly and analysis plugins for radare2. This project is written in rust, and depends on the nightly toolchain.
- If you don't have clang installed already, install it. Version 5.0 or newer is required.
- Install
rustfmt-nightlyglobally viacargobefore building. - Run (GNU)
maketo build and install the library. Optionally, take a look at the travis.yml file to see how to build (but not install) using just cargo. - Run
make test-asmto validate the instruction decoding ormake test/cargo testto run all the tests. One of the bindgen generated tests is known to fail.
| Feature | Status |
|---|---|
| c166-analysis | |
| Resolve memory references | Does not track DPP / extended ops |
| Mark call/jump targets | ✔? |
| Translate jump conditions | ✔ |
| Generate ESIL | WIP |
| Annotate SFR config / ops | WIP |
| c166-asm | |
| Assembler | All opcodes encoded Various optimizations needed |
| Disassembler | All opcodes decoded Extended reg/mem ops not tracked (SFR vs ESFR) |
| Mnemonics | ✔ |
| c166-bin | |
| Mark entry point | ✔ |
| Mark interrupt / trap vectors | ✔ |
| Mark interrupt / trap handlers/thunks | |
| Mark main() function | |
| Make generated segment definitions optional | |
rasm2currently does not look in the user's plugin path so you may have to symlink or copy the installed library into a different location.
On FreeBSD pkg install gmake llvm60 should be sufficient.
Older versions of OSX may not have a new enough version of LLVM per rust-lang-nursery/bindgen#1006. Download binaries from the LLVM download page and set LIBCLANG_PATH appropriately.
OSX appears to require that you tell clang to allow undefined symbols in libraries via a ~/.cargo/config stanza like so:
[target.x86_64-apple-darwin]
rustflags = [
"-C", "link-arg=-undefined",
"-C", "link-arg=dynamic_lookup"
]
Additionally if you install radare2 via brew you'll need to edit c166-core/build.rs to search for the radare2 and openssl headers in the appropriate directory.
TODO: update the build script to take additional include search paths in via an environment variable.