CutterCore

class CutterCore : public QObject

Public Types

enum class SeekHistoryType

Values:

enumerator New

enumerator Undo

enumerator Redo

enum class StringTypeFormats

Values:

enumerator None

enumerator ASCII_LATIN1

enumerator UTF8

enum class HexdumpFormats

Values:

enumerator Normal

enumerator Half

enumerator Word

enumerator Quad

enumerator Signed

enumerator Octal

Public Functions

explicit CutterCore(QObject *parent = nullptr)

~CutterCore()

void initialize(bool loadPlugins = true)

void loadCutterRC()

void loadDefaultCutterRC()

QDir getCutterRCDefaultDirectory() const

inline AsyncTaskManager *getAsyncTaskManager()

inline RVA getOffset() const

QString getFunctionExecOut(const std::function<bool(RzCore*)> &fcn, const RVA addr = RVA_INVALID)

QString cmd(const char *str)

send a command to Rizin

Note

if you want to seek to an address, you should use CutterCore::seek.

Parameters:

str – the command you want to execute

Returns:

command output

inline QString cmd(const QString &str)

bool asyncTask(std::function<void*(RzCore*)> fcn, QSharedPointer<RizinTask> &task)

send a task to Rizin

Parameters:

fcn – the task you want to execute

Returns:

execute successful?

void functionTask(std::function<void*(RzCore*)> fcn)

QString cmdRaw(const char *cmd)

Execute a Rizin command cmd. By nature, the API is executing raw commands, and thus ignores multiple commands and overcome command injections.

Parameters:

cmd – - a raw command to execute. Passing multiple commands (e.g “px 5; pd 7 && pdf”) will result in them treated as arguments to first command.

Returns:

the output of the command

inline QString cmdRaw(const QString &cmd)

a wrapper around cmdRaw(const char *cmd,).

QString cmdRawAt(const char *cmd, RVA address)

Execute a Rizin command cmd at address. The function will preform a silent seek to the address without triggering the seekChanged event nor adding new entries to the seek history. By nature, the API is executing a single command without going through Rizin shell, and thus ignores multiple commands and tries to overcome command injections.

Parameters:

• cmd –

  - a raw command to execute. If multiple commands will be passed (e.g “px 5; pd 7

  && pdf”) then only the first command will be executed.

• address – - an address to which Cutter will temporarily seek.

Returns:

the output of the command

inline QString cmdRawAt(const QString &str, RVA address)

a wrapper around cmdRawAt(const char *cmd, RVA address).

inline SeekReturn seekTemp(RVA address)

CutterJson cmdj(const char *str)

inline CutterJson cmdj(const QString &str)

QString cmdTask(const QString &str)

QString getRizinVersionReadable(const char *program = nullptr)

QString getVersionInformation()

CutterJson parseJson(const char *name, char *res, const char *cmd = nullptr)

inline CutterJson parseJson(const char *name, char *res, const QString &cmd = QString())

QStringList autocomplete(const QString &cmd, RzLinePromptType promptType)

void renameFunction(const RVA offset, const QString &newName)

void delFunction(RVA addr)

void renameFlag(QString old_name, QString new_name)

void renameFunctionVariable(QString newName, QString oldName, RVA functionAddress)

Renames the specified local variable in the function specified by the address given.

Parameters:

• newName – Specifies the name to which the current name of the variable should be renamed.

• oldName – Specifies the current name of the function variable.

• functionAddress – Specifies the exact address of the function.

RzAnalysisFunction *functionIn(ut64 addr)

Parameters:

addr –

Returns:

a function that contains addr or nullptr

RzAnalysisFunction *functionAt(ut64 addr)

Parameters:

addr –

Returns:

the function that has its entrypoint at addr or nullptr

RVA getFunctionStart(RVA addr)

finds the start address of a function in a given address

Parameters:

addr – - an address which belongs to a function

Returns:

if function exists, return its start address. Otherwise return RVA_INVALID

RVA getFunctionEnd(RVA addr)

finds the end address of a function in a given address

Parameters:

addr – - an address which belongs to a function

Returns:

if function exists, return its end address. Otherwise return RVA_INVALID

RVA getLastFunctionInstruction(RVA addr)

finds the last instruction of a function in a given address

Parameters:

addr – - an address which belongs to a function

Returns:

if function exists, return the address of its last instruction. Otherwise return RVA_INVALID

QString flagAt(RVA addr)

void createFunctionAt(RVA addr)

void createFunctionAt(RVA addr, QString name)

QStringList getDisassemblyPreview(RVA address, int num_of_lines)

get a compact disassembly preview for tooltips

Parameters:

• address – - the address from which to print the disassembly

• num_of_lines – - number of instructions to print

void delFlag(RVA addr)

void delFlag(const QString &name)

void addFlag(RVA offset, QString name, RVA size)

QString listFlagsAsStringAt(RVA addr)

Gets all the flags present at a specific address.

Parameters:

addr – The address to be checked

Returns:

String containing all the flags which are comma-separated

QString nearestFlag(RVA offset, RVA *flagOffsetOut)

Get nearest flag at or before offset.

Parameters:

• offset – search position

• flagOffsetOut – address of returned flag

Returns:

flag name

void triggerFlagsChanged()

void addGlobalVariable(RVA offset, QString name, QString typ)

void delGlobalVariable(QString name)

void delGlobalVariable(RVA offset)

void modifyGlobalVariable(RVA offset, QString name, QString typ)

QString getGlobalVariableType(QString name)

QString getGlobalVariableType(RVA offset)

CutterRzIter<RzAnalysisBytes> getRzAnalysisBytesSingle(RVA addr)

QString getInstructionBytes(RVA addr)

QString getInstructionOpcode(RVA addr)

void editInstruction(RVA addr, const QString &inst, bool fillWithNops = false)

void nopInstruction(RVA addr)

void jmpReverse(RVA addr)

void editBytes(RVA addr, const QString &inst)

void editBytesEndian(RVA addr, const QString &bytes)

void setToCode(RVA addr)

void setAsString(RVA addr, int size = 0, StringTypeFormats type = StringTypeFormats::None)

Adds string at address That function calls the ‘Cs’ command.

Parameters:

• addr – The address of the array where the string will be applied

• size – The size of string

• type – The type of string

void removeString(RVA addr)

Removes string at address That function calls the ‘Cs-’ command.

Parameters:

addr – The address of the array where the string will be applied

QString getMetaString(RVA addr)

Gets string at address That function correspond the ‘Cs.’ command.

Parameters:

addr – The address of the string

Returns:

string at requested address

QString getString(RVA addr)

Gets string at address That function calls the ‘ps’ command.

Parameters:

addr – The address of the first byte of the array

Returns:

string at requested address

QString getString(RVA addr, uint64_t len, RzStrEnc encoding, bool escape_nl = false)

void setToData(RVA addr, int size, int repeat = 1)

int sizeofDataMeta(RVA addr)

void setComment(RVA addr, const QString &cmt)

void delComment(RVA addr)

QString getCommentAt(RVA addr)

Gets the comment present at a specific address.

Parameters:

addr – The address to be checked

Returns:

String containing comment

void setImmediateBase(const QString &rzBaseName, RVA offset = RVA_INVALID)

void setCurrentBits(int bits, RVA offset = RVA_INVALID)

void applyStructureOffset(const QString &structureOffset, RVA offset = RVA_INVALID)

Changes immediate displacement to structure offset This function makes use of the “aht” command of Rizin to apply structure offset to the immediate displacement used in the given instruction.

Parameters:

• structureOffset – The name of struct which will be applied

• offset – The address of the instruction where the struct will be applied

QList<QString> getAllAnalysisClasses(bool sorted)

QList<AnalysisMethodDescription> getAnalysisClassMethods(const QString &cls)

QList<AnalysisBaseClassDescription> getAnalysisClassBaseClasses(const QString &cls)

QList<AnalysisVTableDescription> getAnalysisClassVTables(const QString &cls)

void createNewClass(const QString &cls)

void renameClass(const QString &oldName, const QString &newName)

void deleteClass(const QString &cls)

bool getAnalysisMethod(const QString &cls, const QString &meth, AnalysisMethodDescription *desc)

void renameAnalysisMethod(const QString &className, const QString &oldMethodName, const QString &newMethodName)

void setAnalysisMethod(const QString &cls, const AnalysisMethodDescription &meth)

bool loadFile(QString path, ut64 baddr = 0LL, ut64 mapaddr = 0LL, int perms = RZ_PERM_R, int va = 0, bool loadbin = false, const QString &forceBinPlugin = QString())

CutterCore::loadFile Load initial file.

Parameters:

• path – File path

• baddr – Base (RzBin) address

• mapaddr – Map address

• perms –

• va –

• loadbin – Load RzBin information

• forceBinPlugin –

Returns:

bool tryFile(QString path, bool rw)

bool mapFile(QString path, RVA mapaddr)

Maps a file using Rizin API.

Parameters:

• path – Path to file

• mapaddr – Map Address

Returns:

bool

void loadScript(const QString &scriptname)

void seek(QString thing)

void seek(ut64 offset)

void seekSilent(ut64 offset)

inline void seekSilent(QString thing)

void seekPrev()

void seekNext()

void updateSeek(SeekHistoryType type = SeekHistoryType::New)

void showMemoryWidget()

Raise a memory widget showing current offset, prefer last active memory widget.

void seekAndShow(ut64 offset)

Seek to offset and raise a memory widget showing it.

Parameters:

offset –

void seekAndShow(QString thing)

See also

CutterCore::show(ut64)

Parameters:

thing – - addressable expression

RVA getOffset()

RVA prevOpAddr(RVA startAddr, int count)

RVA nextOpAddr(RVA startAddr, int count)

void applySignature(const QString &filepath)

void createSignature(const QString &filepath)

ut64 math(const QString &expr)

ut64 num(const QString &expr)

QString itoa(ut64 num, int rdx = 16)

void setConfig(const char *k, const char *v)

void setConfig(const QString &k, const char *v)

void setConfig(const char *k, const QString &v)

inline void setConfig(const QString &k, const QString &v)

void setConfig(const char *k, int v)

inline void setConfig(const QString &k, int v)

void setConfig(const char *k, bool v)

inline void setConfig(const QString &k, bool v)

void setConfig(const char *k, const QVariant &v)

inline void setConfig(const QString &k, const QVariant &v)

int getConfigi(const char *k)

inline int getConfigi(const QString &k)

ut64 getConfigut64(const char *k)

inline ut64 getConfigut64(const QString &k)

bool getConfigb(const char *k)

inline bool getConfigb(const QString &k)

QString getConfig(const char *k)

inline QString getConfig(const QString &k)

QString getConfigDescription(const char *k)

QStringList getConfigOptions(const char *k)

QStringList getColorThemes()

QHash<QString, QColor> getTheme()

QStringList getThemeKeys()

bool setColor(const QString &key, const QString &color)

QStringList getConfigVariableSpaces(const QString &key = "")

QByteArray assemble(const QString &code)

QString disassemble(const QByteArray &data)

QString disassembleSingleInstruction(RVA addr)

QList<DisassemblyLine> disassembleLines(RVA offset, int lines)

QString hexdump(RVA offset, int size, HexdumpFormats format)

return hexdump of <size> from an <offset> by a given formats

Parameters:

• address – - the address from which to print the hexdump

• size – - number of bytes to print

• format – - the type of hexdump (qwords, words. decimal, etc)

QString getHexdumpPreview(RVA offset, int size)

get a compact hexdump preview for tooltips

Parameters:

• address – - the address from which to print the hexdump

• size – - number of bytes to print

void setCPU(QString arch, QString cpu, int bits)

void setEndianness(bool big)

QList<QString> sdbList(QString path)

QList<QString> sdbListKeys(QString path)

QString sdbGet(QString path, QString key)

bool sdbSet(QString path, QString key, QString val)

QString getRegisterName(QString registerRole)

RVA getProgramCounterValue()

void setRegister(QString regName, QString regValue)

void setCurrentDebugThread(int tid)

void setCurrentDebugProcess(int pid)

Attach to a given pid from a debug session.

QList<AddrRefs> getStack(int size = 0x100, int depth = 6)

Returns a list of stack address and their telescoped references.

Parameters:

• size – number of bytes to scan

• depth – telescoping depth

AddrRefs getAddrRefs(RVA addr, int depth)

Recursively dereferences pointers starting at the specified address up to a given depth.

Parameters:

• addr – telescoping addr

• depth – telescoping depth

RefDescription formatRefDesc(const QSharedPointer<AddrRefs> &ref)

return a RefDescription with a formatted ref string and configured colors

Parameters:

ref – the “ref” JSON node from getAddrRefs

QList<ProcessDescription> getProcessThreads(int pid)

Get a list of a given process’s threads.

Parameters:

pid – The pid of the process, -1 for the currently debugged process

Returns:

List of ProcessDescription

QVector<Chunk> getHeapChunks(RVA arena_addr)

Get a list of heap chunks Uses RZ_API rz_heap_chunks_list to get vector of chunks If arena_addr is zero return the chunks for main arena.

Parameters:

arena_addr – base address for the arena

Returns:

Vector of heap chunks for the given arena

QVector<Arena> getArenas()

Get a list of heap arenas Uses RZ_API rz_heap_arenas_list to get list of arenas.

Returns:

Vector of arenas

RzHeapChunkSimple *getHeapChunk(ut64 addr)

Get detailed information about a heap chunk Uses RZ_API rz_heap_chunk.

Returns:

RzHeapChunkSimple struct pointer for the heap chunk

QVector<RzHeapBin*> getHeapBins(ut64 arena_addr)

Get heap bins of an arena with given base address (including large, small, fast, unsorted, tcache)

Parameters:

arena_addr – Base address of the arena

Returns:

QVector of non empty RzHeapBin pointers

bool writeHeapChunk(RzHeapChunkSimple *chunkSimple)

Write the given chunk header to memory.

Parameters:

chunkSimple – RzHeapChunkSimple pointer of the chunk to be written

Returns:

true if the write succeeded else false

int getArchBits()

void startDebug()

void startEmulation()

void attachRemote(const QString &uri)

attach to a remote debugger

Note

attachedRemote(bool) signals the result

Parameters:

uri – remote debugger uri

void attachDebug(int pid)

void stopDebug()

void suspendDebug()

void syncAndSeekProgramCounter()

void continueDebug()

void continueBackDebug()

void continueUntilCall()

void continueUntilSyscall()

void continueUntilDebug(ut64 offset)

void stepDebug()

void stepOverDebug()

void stepOutDebug()

void stepBackDebug()

void startTraceSession()

void stopTraceSession()

void addBreakpoint(const BreakpointDescription &config)

void updateBreakpoint(int index, const BreakpointDescription &config)

void toggleBreakpoint(RVA addr)

void delBreakpoint(RVA addr)

void delAllBreakpoints()

void enableBreakpoint(RVA addr)

void disableBreakpoint(RVA addr)

void setBreakpointTrace(int index, bool enabled)

Enable or disable breakpoint tracing.

Parameters:

• index – - breakpoint index to modify

• enabled – - true if tracing should be enabled

int breakpointIndexAt(RVA addr)

BreakpointDescription getBreakpointAt(RVA addr)

bool isBreakpoint(const QList<RVA> &breakpoints, RVA addr)

QList<RVA> getBreakpointsAddresses()

QList<RVA> getBreakpointsInFunction(RVA funcAddr)

Get all breakpoinst that are belong to a functions at this address.

QString getActiveDebugPlugin()

QStringList getDebugPlugins()

void setDebugPlugin(QString plugin)

bool isDebugTaskInProgress()

bool isRedirectableDebugee()

Check if we can use output/input redirection with the currently debugged process.

QList<Decompiler*> getDecompilers()

Decompiler *getDecompilerById(const QString &id)

bool registerDecompiler(Decompiler *decompiler)

Register a new decompiler

The decompiler must have a unique id, otherwise this method will fail. The decompiler’s parent will be set to this CutterCore instance, so it will automatically be freed later.

Returns:

whether the decompiler was registered successfully

RVA getOffsetJump(RVA addr)

CutterJson getSignatureInfo()

bool existsFileInfo()

void setGraphEmpty(bool empty)

bool isGraphEmpty()

bool rebaseBin(RVA base_address)

void getRegs()

void setSettings()

void loadPDB(const QString &file)

QByteArray ioRead(RVA addr, int len)

QList<RVA> getSeekHistory()

QStringList getAsmPluginNames()

QStringList getAnalysisPluginNames()

QList<RzBinPluginDescription> getBinPluginDescriptions(bool bin = true, bool xtr = true)

QList<RzIOPluginDescription> getRIOPluginDescriptions()

QList<RzCorePluginDescription> getRCorePluginDescriptions()

QList<RzAsmPluginDescription> getRAsmPluginDescriptions()

QList<FunctionDescription> getAllFunctions()

QList<ImportDescription> getAllImports()

QList<ExportDescription> getAllExports()

QList<SymbolDescription> getAllSymbols()

QList<HeaderDescription> getAllHeaders()

QList<GlobalDescription> getAllGlobals()

QList<FlirtDescription> getSignaturesDB()

QList<CommentDescription> getAllComments(const QString &filterType)

QList<RelocDescription> getAllRelocs()

QList<StringDescription> getAllStrings()

QList<FlagspaceDescription> getAllFlagspaces()

QList<FlagDescription> getAllFlags(QString flagspace = QString())

QList<SectionDescription> getAllSections()

QList<SegmentDescription> getAllSegments()

QList<EntrypointDescription> getAllEntrypoint()

QList<BinClassDescription> getAllClassesFromBin()

QList<BinClassDescription> getAllClassesFromFlags()

QList<ResourcesDescription> getAllResources()

QList<VTableDescription> getAllVTables()

QList<TypeDescription> getAllTypes()

Returns:

all loaded types

QList<TypeDescription> getAllPrimitiveTypes()

Returns:

all loaded primitive types

QList<TypeDescription> getAllUnions()

Returns:

all loaded unions

QList<TypeDescription> getAllStructs()

Returns:

all loaded structs

QList<TypeDescription> getAllEnums()

Returns:

all loaded enums

QList<TypeDescription> getAllTypedefs()

Returns:

all loaded typedefs

QString getTypeAsC(QString name)

Fetching the C representation of a given Type.

Parameters:

name – - the name or the type of the given Type

Returns:

The type decleration as C output

bool isAddressMapped(RVA addr)

Checks if the given address is mapped to a region.

Parameters:

addr – The address to be checked

Returns:

true if addr is mapped, false otherwise

QList<MemoryMapDescription> getMemoryMap()

QList<SearchDescription> getAllSearch(QString searchFor, QString space, QString in)

QList<BreakpointDescription> getBreakpoints()

QList<ProcessDescription> getAllProcesses()

RzReg *getReg()

Get the right RzReg object based on the cutter state (debugging vs emulating)

QList<RegisterRef> getRegisterRefs(int depth = 6)

returns a list of reg values and their telescoped references

Parameters:

depth – telescoping depth

QVector<RegisterRefValueDescription> getRegisterRefValues()

QList<VariableDescription> getVariables(RVA at)

QList<XrefDescription> getXRefsForVariable(QString variableName, bool findWrites, RVA offset)

Fetches all the writes or reads to the specified local variable ‘variableName’ in the function in which the specified offset is a part of.

Parameters:

• variableName – Name of the local variable.

• findWrites – If this is true, then locations at which modification happen to the specified local variable is fetched. Else, the locations at which the local is variable is read is fetched.

• offset – An offset in the function in which the specified local variable exist.

Returns:

A list of XrefDescriptions that contains details of all the writes or reads that happen to the variable ‘variableName’.

QList<XrefDescription> getXRefs(RVA addr, bool to, bool whole_function, const QString &filterType = QString())

void handleREvent(int type, void *data)

void triggerVarsChanged()

void triggerFunctionRenamed(const RVA offset, const QString &newName)

void triggerRefreshAll()

void triggerAsmOptionsChanged()

void triggerGraphOptionsChanged()

void message(const QString &msg, bool debug = false)

QStringList getSectionList()

RzCoreLocked core()

BasicBlockHighlighter *getBBHighlighter()

BasicInstructionHighlighter *getBIHighlighter()

void setIOCache(bool enabled)

Enable or dsiable Cache mode. Cache mode is used to imagine writing to the opened file without committing the changes to the disk.

Parameters:

enabled –

bool isIOCacheEnabled() const

Check if Cache mode is enabled.

Returns:

true if Cache is enabled, otherwise return false.

void commitWriteCache()

Commit write cache to the file on disk.

void resetWriteCache()

Reset write cache.

void setWriteMode(bool enabled)

Enable or disable Write mode. When the file is opened in write mode, any changes to it will be immediately committed to the file on disk, thus modify the file. This function wrap Rizin function which re-open the file with the desired permissions.

Parameters:

enabled –

bool isWriteModeEnabled()

Check if the file is opened in write mode.

Returns:

true if write mode is enabled, otherwise return false.

char *getTextualGraphAt(RzCoreGraphType type, RzCoreGraphFormat format, RVA address)

Returns the textual version of global or specific graph.

Parameters:

• type – Graph type, example RZ_CORE_GRAPH_TYPE_FUNCALL or RZ_CORE_GRAPH_TYPE_IMPORT

• format – Graph format, example RZ_CORE_GRAPH_FORMAT_DOT or RZ_CORE_GRAPH_FORMAT_GML

• address – The object address (if global set it to RVA_INVALID)

Returns:

The textual graph string.

void writeGraphvizGraphToFile(QString path, QString format, RzCoreGraphType type, RVA address)

Writes a graphviz graph to a file.

Parameters:

• path – The file output path

• format – The output format (see graph.gv.format)

• type – The graph type, example RZ_CORE_GRAPH_TYPE_FUNCALL or RZ_CORE_GRAPH_TYPE_IMPORT

• address – The object address (if global set it to RVA_INVALID)

Public Members

bool currentlyDebugging = false

bool currentlyEmulating = false

bool currentlyTracing = false

bool currentlyRemoteDebugging = false

int currentlyAttachedToPID = -1

QString currentlyOpenFile

QList<QString> regs

Signals

void refreshAll()

void functionRenamed(const RVA offset, const QString &new_name)

void varsChanged()

void globalVarsChanged()

void functionsChanged()

void flagsChanged()

void commentsChanged(RVA addr)

void registersChanged()

void instructionChanged(RVA offset)

void breakpointsChanged(RVA offset)

void refreshCodeViews()

void stackChanged()

void codeRebased()

update all the widgets that are affected by rebasing in debug mode

void switchedThread()

void switchedProcess()

void classNew(const QString &cls)

void classDeleted(const QString &cls)

void classRenamed(const QString &oldName, const QString &newName)

void classAttrsChanged(const QString &cls)

void debugProcessFinished(int pid)

end of current debug event received

void attachedRemote(bool successfully)

void ioCacheChanged(bool newval)

void writeModeChanged(bool newval)

void ioModeChanged()

void debugTaskStateChanged()

emitted when debugTask started or finished running

void asmOptionsChanged()

emitted when config regarding disassembly display changes

void graphOptionsChanged()

emitted when config regarding graph display changes

void seekChanged(RVA offset, SeekHistoryType type = SeekHistoryType::New)

seekChanged is emitted each time Rizin’s seek value is modified

Parameters:

• offset –

• historyType –

void toggleDebugView()

void newMessage(const QString &msg)

void newDebugMessage(const QString &msg)

void showMemoryWidgetRequested()

Public Static Functions

static CutterCore *instance()

static QString sanitizeStringForCommand(QString s)

static QByteArray hexStringToBytes(const QString &hex)

static QString bytesToHexString(const QByteArray &bytes)

static QString ansiEscapeToHtml(const QString &text)

class SeekReturn

Public Functions

inline SeekReturn(RVA returnAddress)

inline ~SeekReturn()

inline SeekReturn(SeekReturn &&from)