17 years ago

2010-06-07
----------

* Added the ability to analyze the currently *viewed* region, not just the one
that the IP is in currently. Also added an "Analyze Here" context menu to the
cpu view.

2010-05-27
----------

* Added display of fs and gs base addresses. There is not an aweful lot of
things you can do with this information since you cannot set this value
directly. But it does provide a nice way to see what the address of the
what is commonly the TEB/TCB.

* [E/R]FLAGS is now editable again in the GUI. I accidentally disabled this
in the last release while refactoring some code.

* Much cleaner event model implemented. It is much more robust and simpler too!
Now handlers simply return codes describing the resume state. The only thing
to keep in mind is that if you play with the state in a handler. You almost
always have to call edb::v1::syncronizeState() so the resume functions have
an up to date view to work with.

* Thanks to the new event model, breakpoint conditions work much more reliably.

* Minor optimization in resuming, no longer steps before a resume when it isn't
neccessary.

* NOTE: I believe that I found a kernel bug where stepping in a signal handler
can cause the target process to have the TF flag set incorrectly. Resulting
in a purpetual stepping state. I may be able to work around this by
explicitly masking the flag in certain circumstances. But I feel this might
result in other subtle bugs. Hopefully, if this isn't the expected behavior
the linux guys will have this fixed soon.
See: https://bugzilla.kernel.org/show_bug.cgi?id=16061 for details.

2010-05-26
----------

* Fixed decoding of cmpxchg8b in 64-bit mode. It was incorrectly being
decoded as cmpxchg16b.

* Started working on improving the event model of edb. It will be a lot of
work, but in the end it will be much more robust

* Fixed a fairly major bug, I'm suprised that noone noticed Opcodes which
are completely different in 64-bit mode (like 0x06 is "push es" in 32-bit
but invalid in 64-bit) were not being decoded properly at all. The alternated
tables were not being linked into the disassembly library correctly.

2010-04-27
----------

* Lots of minor tweaks and code refactoring

* Themes! there is no UI for modifying them, but you can set them up in the
config file (~/.config/codef00.com/EDB.conf) manually. Basically there is a
"[Theme]" section which gets read on startup (a change will need a restart
to take effect). In this section there are a bunch of settings that effect
the look of the disassembly which looks like this:

theme..=

Valid categories are:

register
constant
ptr
prefix
flow_ctrl
function
stack
comparison
data_xfer
arithmetic
logic
shift

Valid properties are:

foreground
background
weight
italic
underline

NOTES:

you may omit any property, which will yield the default value look for that
property.

foreground and background are colors, this is a string which can be anything
you can pass to a QColor(const char *) constructor. So, it can take named
constants such as "green" or hex color codes like "#00ff00", the special value,
transparent is also allowed. See the Qt documentation for the full details.

weight is on a scale of 0 to 99. 50 being normal and 75 being bold.

italic and underline are typical boolean values.

EXAMPLE (this will give the default look):

[Theme]
theme.register.foreground=red
theme.register.background=transparent
theme.register.weight=75
theme.register.italic=false
theme.register.underline=false
theme.constant.foreground=black
theme.constant.background=transparent
theme.constant.weight=50
theme.constant.italic=false
theme.constant.underline=false
theme.ptr.foreground=darkGreen
theme.ptr.background=transparent
theme.ptr.weight=50
theme.ptr.italic=false
theme.ptr.underline=false
theme.prefix.foreground=black
theme.prefix.background=transparent
theme.prefix.weight=75
theme.prefix.italic=false
theme.prefix.underline=false
theme.flow_ctrl.foreground=blue
theme.flow_ctrl.background=yellow
theme.flow_ctrl.weight=50
theme.flow_ctrl.italic=false
theme.flow_ctrl.underline=false
theme.function.foreground=blue
theme.function.background=yellow
theme.function.weight=50
theme.function.italic=false
theme.function.underline=false
theme.stack.foreground=blue
theme.stack.background=transparent
theme.stack.weight=50
theme.stack.italic=false
theme.stack.underline=false
theme.comparison.foreground=blue
theme.comparison.background=transparent
theme.comparison.weight=50
theme.comparison.italic=false
theme.comparison.underline=false
theme.data_xfer.foreground=blue
theme.data_xfer.background=transparent
theme.data_xfer.weight=50
theme.data_xfer.italic=false
theme.data_xfer.underline=false
theme.arithmetic.foreground=blue
theme.arithmetic.background=transparent
theme.arithmetic.weight=50
theme.arithmetic.italic=false
theme.arithmetic.underline=false
theme.logic.foreground=blue
theme.logic.background=transparent
theme.logic.weight=50
theme.logic.italic=false
theme.logic.underline=false
theme.shift.foreground=blue
theme.shift.background=transparent
theme.shift.weight=50
theme.shift.italic=false
theme.shift.underline=false
theme.system.foreground=blue
theme.system.background=transparent
theme.system.weight=75
theme.system.italic=false
theme.system.underline=false


2010-04-01
----------

* Made the copy operation of QHexView widgets do an ascii rendering of what the
user has selected, this is infinitely more useful.

* Re-added the jump/call target symbol display in the disassembly view. This
was accidentally chopped when I added syntax highlighting.

2010-03-31
----------

* Code cleanup

* Fixed potential memory corruption in symbol management code (could not
demonstrate it, but technically it was possible).

* Added some options to the DumpState plugin

* The DumpState plugin now uses the current data view tab as the basis for
its "data" portion of the output

* Got rid of the insanity of having "ctrl+c" mean "check version". :-P

* The BreakpointManager is no longer a modal dialog.

* Improved const correctness of some things

* Fixed corner case where the UI wouldn't update immediately

2010-02-26
----------

* Added support for highlighting of flow control commands

* Next version will allow "schemes" in the same sense that ollydbg does
you will be able to edit the configuration file to adjust the colors to your
liking.

2010-02-25
----------

* Added support for comments for bookmarks

* Fixed a bug where the UI didn't update immediately after closing the config
dialog

* syntax highlighting in the CPU view!

2010-01-15
----------

* Added "Add Bookmark" to CPU view context menu.

2009-12-28
----------

* Too many small changes to list here :-P

* Increased minimum Qt version from 4.2 to 4.5. Now that 4.5 is widely deployed
I think this is a reasonable requirement.

2009-10-19
----------

* Fixed builds on some systems.

* Made it so you can load plugins in any order and they should work just fine.

* Disabled graphing capabilities for this release. Unfortunately, graphviz
has made a habit of breaking source compatibility in there C API which means
that the build will break on some systems. I may need to add some sort of
configure script in order to make this work correctly on all supported systems
:-(.

2009-10-17
----------

* Fixed a crash if EDB was set to use a terminal for I/O, but the program
field was empty.

* Many small optimizations.

* A little bit of reorganization in the source tree.

* More steps towards good thread support.

* More functional in Win32 builds (still not good enough yet, but getting
closer)

* Heap Graphs! Sometimes they take a really long time to render, but they work
and can show relationships between nodes!

2009-09-10
----------

* A few portability tweaks, working on creating a proper visual studio project
file eventually.

* QHexView and QDisassemblyView now format the address based on the size of
address_t instead of the native pointer size of the machine. This will allow
the possibility of future builds being able to do remote debugging and/or
debugging of 32-bit apps on a 64-bit platform.

2009-08-17
----------

* Fixed a crashable dead reference usage in Analyzer/FunctionFinder plugins.

* Improved the way that stop codes are handled internally, should make for
cleaner code.

* Some of the bigger operator new usages have exception guards. They shouldn't
be needed in 99% of cases, but it's better to not crash :-P.

2009-08-11
----------

* Lots of minor code improvements.

* Fixed conditional Breakpoints.

* Fixed HW Breakpoints (I think).

2009-07-16
----------

* Improved the way plugin options pages are shown.

2009-07-13
----------

* Instruction objects are now "copyable", this is a somewhat expensive
operation, but is the first step towards making edisassm support being an
assembler as well (since it will return an Instruction object).

2009-07-11
----------

* Made DebugEvent object a bit smarter as far as the info they carry with them.
This should simplify things a bit.

* Now passing DebugEvent by reference to handlers. I couldn't before because
the events were coming from the "Event Thread" but now that that is phased out
it is more efficient to pass them this way.

* Changed the binary info plugins to be based on looking at a region, not a file
this is more flexible as it will allow it to analyze data which is only seen
at runtime.

2009-07-09
----------

* Seems that older versions of gcc have slightly different behavior with
regard to exported embedded classes. Minor update