2022.12.19

A new release is here :). Thanks to all contributors for improving Pwndbg!

TL;DR what this release brings

• New or edited commands:
  • kconfig to obtain debugged Linux kernel config
  • cymbol to add/show/load/edit/delete custom structures written in plain C
  • mprotect to set memory protections (the command was fixed as it was not working for some time)
  • bins and find_fake_fast were improved
  • cyclic - the Pwntools' pwn cyclic commmand was ported as a native command
• We improved the support for debugging QEMU kernels and more improvements and new commands are incomming
  • You can set Pwndbg to fetch vmmap info for kernels in three different modes, see help set kernel-vmmap
• Added support for heap commands for cases when libc debug symbols are not present. For this, certain heuristics regarding the code are used and as a last resort, the user can set addresses of heap related symbols to make the heap command work properly. See heap_config and help set resolve-heap-via-heuristic for more information.
• We improved coredump debugging (vmmap fetching)
• We refactored lots of code and more refactoring is incomming
• Lots of tests and CI targets were added to ensure we don't hit regressions
• And more... see the full changelog below

What's Changed

• Minor linter/formatter configuration changes by @gsingh93 in #1105
• support riscv:rv64 without capstone by @lonnywong in #1096
• Fix IDE's auto-complete support by @syheliel in #1106
• vmmap: use pwndbg.info.auxv instead of gdb.execute by @disconnect3d in #1107
• ArgparsedCommand: fix help cmd and cmd --help behavior by @disconnect3d in #1108
• improve start and entry commands description by @disconnect3d in #1109
• Add smoke test by @gsingh93 in #1113
• Add dev-requirements.txt to Docker image by @gsingh93 in #1115
• Set security_opt to seccomp:unconfined in docker-compose.yml by @gsingh93 in #1116
• Some updates about Heap heuristics by @lebr0nli in #1075
• Build docker in CI by @gsingh93 in #1117
• fix errno command by @disconnect3d in #1112
• GDB Refactor [1/N]: Split arch.py and related files into lib/ and gdb/ by @gsingh93 in #1114
• Add lint.sh script by @gsingh93 in #1122
• GDB Refactor [2/N]: move some modules to lib/ by @gsingh93 in #1118
• Format shell scripts with shfmt by @gsingh93 in #1123
• fix #1111 errno command edge case by @disconnect3d in #1126
• GDB Refactor [3/N]: Split android into lib/ and gdblib/ by @gsingh93 in #1119
• GDB Refactor [4/N]: Split abi into lib/ and gdblib/ by @gsingh93 in #1120
• GDB Refactor [5/N]: Split regs.py into lib/ and gdblib/ by @gsingh93 in #1121
• GDB Refactor [6/N]: Move gcc.py into lib/ by @gsingh93 in #1124
• GDB Refactor [7/N]: Move some modules to gdblib/ by @gsingh93 in #1125
• Fix incorrect import by @gsingh93 in #1131
• GDB Refactor [8/N]: Split memory into lib/ and gdblib/ by @gsingh93 in #1128
• GDB Refactor [9/N]: Move strings.py and dt.py to gdblib by @gsingh93 in #1129
• GDB Refactor [10/N]: Move qemu.py and remote.py to gdblib by @gsingh93 in #1130
• GDB Refactor [12/N]: Move stdio.py to lib/ by @gsingh93 in #1133
• GDB Refactor [11/N]: Move elftypes.py to lib/ by @gsingh93 in #1132
• Linting/formatting improvements by @gsingh93 in #1138
• Add types for some modules in lib/ by @gsingh93 in #1137
• Remove unused imports by @gsingh93 in #1139
• Add support for formatting the code directly from lint.sh by @gsingh93 in #1140
• GDB Refactor [13/N]: Move argv.py to gdblib by @gsingh93 in #1141
• add type for ./pwndbg/lib by @syheliel in #1135
• add color for modified registers by @syheliel in #1127
• Add gdb.MemoryError check to get_heap() by @CptGibbon in #1145
• fix distance command by @disconnect3d in #1146
• Add regression test for find_fake_fast command by @CptGibbon in #1147
• fix qemu vmmap showing coredump mappings by @disconnect3d in #1148
• Improve vmmap on coredump files by @disconnect3d in #1149
• add patch command by @disconnect3d in #1150
• Fix for android check in procinfo by @ntsleep in #1156
• Tests for procinfo command by @ntsleep in #1157
• Fix #1153 nextproginstr command by @disconnect3d in #1158
• Show arch and emulation status on disasm banner by @disconnect3d in #1160
• fix: mprotect command and add tests for it by @alufers in #1161
• Fix #1165: set context-clear-screen on resetting scrollback by @disconnect3d in #1166
• Show less error when trying to load a non-exist type by @lebr0nli in #1171
• silence heap_bugs.c build warnings by @disconnect3d in #1172
• Enhance heap with for static-linked binaries & remove typeinfo bloat by @disconnect3d in #1173
• Add Chunk class & template_heap_command by @CptGibbon in #1159
• Support starting the IPython interactive prompt with ipi command by @lebr0nli in #1170
• Upload codecov report only from Ubuntu22.04 by @miles170 in #1178
• Update ipi command by @lebr0nli in #1176
• Enhances ipdb by @lebr0nli in #1177
• search command: remove unused string optional arg by @disconnect3d in #1180
• add type for ./pwndbg/lib/ by @syheliel in #1168
• fix #1190: telescope -r with addr as count by @disconnect3d in #1198
• Integrate Chunk class into malloc_chunk command by @CptGibbon in #1184
• tips: add set show-flags on tip by @disconnect3d in #1200
• Fix disable_colors formatting & test ctx disasm showing fds by @disconnect3d in #1186
• add show-flags and show-compact-regs to ctx regs banner by @disconnect3d in #1201
• remove defcon.py by @disconnect3d in #1203
• bugreport command: use code listings by @disconnect3d in #1204
• Delete .sublime-settings by @disconnect3d in #1206
• leakfind should default to $sp by @amoghrajesh in #1218
• Add malloc_chunk command test by @CptGibbon in #1214
• Make the heap heuristic compatible with new heap code by @lebr0nli in #1217
• Update README with GDB build steps by @disconnect3d in #1220
• fix #1221: ipi command multi-line inputs by @disconnect3d in #1222
• Make CStruct2GDB support gdb.types.has_field() by @lebr0nli in #1224
• Cleanup requirements and run full setup in lint CI job by @gsingh93 in #1230
• Add --shell argument to pwndbg command by @gsingh93 in #1233
• Add malloc_chunk command tests for heuristic heap by @CptGibbon in #1234
• Split heap tests into their own files by @gsingh93 in #1235
• events.py: remove unused Pause class by @disconnect3d in #1223
• Fix #1197: dont display ctx on reg/mem changes by @disconnect3d in #1239
• Load commands and gdblib explicitly in init.py by @gsingh93 in #1243
• GDB Refactor [15/N]: Move stack.py to gdblib/stack.py by @gsingh93 in #1244
• GDB Refactor [16/N]: Move tls.py to gdblib/tls.py by @gsingh93 in #1245
• GDB Refactor [17/N]: Move net.py to lib/net.py by @gsingh93 in #1246
• Cleanup load_gdblib() by @gsingh93 in #1248
• Cleanup dependencies by @gsingh93 in #1251
• Remove unnecessary imports in init.py by @gsingh93 in #1252
• Move remote_files_dir into file.py by @gsingh93 in #1249
• GDB Refactor [19/N]: Move gdbutils/functions.py to gdblib by @gsingh93 in #1253
• Add flake8-builtins to linters by @gsingh93 in #1254
• GDB Refactor [18/N]: Move proc to gdblib/proc.py by @gsingh93 in #1247
• GDB Refactor [19/N]: Move file.py to gdblib and improve procinfo test by @gsingh93 in #1258
• GDB Refactor [20/N]: Move elf.py to gdblib by @gsingh93 in #1260
• Enhances the error handling of the heap heuristic by @lebr0nli in #1242
• Build malloc_chunk tests with libpthread by @CptGibbon in #1265
• GDB Refactor [21/N]: Move symbol.py to gdblib by @gsingh93 in #1259
• allow setting gdblib.regs.= by @disconnect3d in #1267
• Fix #1256: fixes next cmds hangs on segfaults by @disconnect3d in #1268
• Fix the error when trying to read thread-local variables by @lebr0nli in #1272
• Fix #1189: fixes patch command's arch=... value by @disconnect3d in #1269
• Don't catch the error of the heap commands when set exception-* on by @lebr0nli in #1270
• Bug fix for the heuristics of main_arena and mp_ by @lebr0nli in #1273
• Develop Arena class by @CptGibbon in #1266
• Add more comments about the changes in #1273 by @lebr0nli in #1274
• add max display size for vis_heap_chunks by @lonnywong in #1275
• Add hexdump test by @gsingh93 in #1278
• Fix some mypy errors by @gsingh93 in #1281
• GDB Refactor [14/N]: Split config.py into lib/ and gdblib/ by @gsingh93 in #1134
• Add a test for config triggers by @gsingh93 in #1225
• Cleanup hexdump code by @gsingh93 in #1279
• Minor vmmap cleanup by @gsingh93 in #1284
• add test for max-visualize-chunk-size by @lonnywong in #1282
• Add ignore command (from #1257) by @erivas in #1276
• GDB Refactor [22/N]: Move vmmap.py to gdblib by @gsingh93 in #1285
• Unit tests and some bugs fix for the heap heuristics by @lebr0nli in #1283
• Fix symbol resolution issue by @gsingh93 in #1287
• Add multithreaded malloc_chunk tests by @CptGibbon in #1277
• Add find_fake_fast test by @gsingh93 in #1286
• Cleanup find_fake_fast command by @gsingh93 in #1207
• Pwndbg configuration: do not set history expansion by @disconnect3d in #1292
• fix: make mprotect command truly multi-arch by @alufers in #1162
• Cleanup before unit-tests by @gsingh93 in #1293
• Move tests/ to tests/gdb-tests/ by @gsingh93 in #1296
• Add mocks for unit tests by @gsingh93 in #1294
• Move .coveragerc config to pyproject.toml by @gsingh93 in #1297
• Store coverage files in .cov directory by @gsingh93 in #1298
• Add fastbin unit tests by @gsingh93 in #1295
• Fix coverage generation by @gsingh93 in #1299
• Fix config and theme commands by @gsingh93 in #1300
• Fix heap_config by @gsingh93 in #1302
• Update developer docs by @gsingh93 in #1303
• integrated Bin classes by @pogen300 in #1304
• Increase CI timeout to 20 minutes by @disconnect3d in #1309
• Fix invalid zig path in tests makefile & suppress compilation warning by @disconnect3d in #1308
• Fix setting empty ctx sections by @disconnect3d in #1310
• Fix parameter default values by @disconnect3d in #1307
• lint.sh: lint only pwndbg files by @disconnect3d in #1312
• Add a header to the vmmap table by @alufers in #1311
• Fix bins command by @gsingh93 in #1313
• refactor: use .format() properly for displaying vmmap rows by @alufers in #1316
• Implementing vermin into CI by @mazfil in #1319
• Try to install missing lint dependencies by @gsingh93 in #1321
• made codecov optional, enable it with -c or --cov by @pogen300 in #1322
• Rename setup-test-tools.sh to setup-dev.sh by @gsingh93 in #1320
• small change to largebins() and contains_chunk() by @pogen300 in #1314
• Install shfmt on Ubuntu 22.04, otherwise skip running linter by @gsingh93 in #1323
• Some enhancements about pwndbg.gdblib.config by @lebr0nli in #1315
• Create ColorConfig class and use it in nearpc by @gsingh93 in #1317
• Refactor context backtrace to use ColorConfig by @gsingh93 in #1325
• Refactor chain.py to use ColorConfig by @gsingh93 in #1326
• Display failed tests in test output by @gsingh93 in #1329
• Refactor memory.py to use ColorConfig by @gsingh93 in #1331
• Add Heap class by @CptGibbon in #1318
• Run tests in parallel with GNU parallel by @gsingh93 in #1332
• Only show the output of failing tests by @gsingh93 in #1336
• Refactor disasm to use ColorConfig by @gsingh93 in #1338
• Create pull_request_template.md by @gsingh93 in #1342
• Delete old issue template by @gsingh93 in #1343
• Refactor pwndbg.commands.windbg.dX and pwndbg.hexdump.hexdump by @ruijia-zhou in #1341
• Install a git pre-push lint hook as part of setup-test-tools.sh by @ruijia-zhou in #1345
• Add new flags to tests.sh by @gsingh93 in #1348
• Minor lint and pre-hook changes by @gsingh93 in #1349
• Add documentation on minimum supported versions by @gsingh93 in #1344
• Improved test_commands.py by @gsingh93 in #1350
• Import ColorConfig in ptmalloc.py by @gsingh93 in #1347
• Add Arch Linux support to setup.sh by @tuxfobux in #1334
• added cymbol command by @un1c0rn-the-pwnie in #1301
• fix: typo in FEATURES.md by @the-lightstack in #1352
• Port pwntools cyclic into pwndbg by @szymex73 in #1337
• Fix some issues about GDB < 9.x by @lebr0nli in #1333
• Support malloc_par of GLIBC 2.35 by @lebr0nli in #1353
• fix lint by @disconnect3d in #1356
• Support running tests serially by @gsingh93 in #1357
• Don't run pwn commands in test by @gsingh93 in #1358
• Set cyclic default length 100 by @gsingh93 in #1359
• tests.sh: del joblog if --keep not passed by @disconnect3d in #1360
• Reduce heap code redundancy by @CptGibbon in #1346
• Fix lexer for coloring negative numbers in asm by @arcz in #1367
• fix #1364: update unicorn to 2.0.1 by @profesorek96 in #1366
• Use the GitHub CLI tool to create issues from bugreport by @kacpi2442 in #1368
• Merged #1351 PR: Run tests in docker images by @disconnect3d in #1370
• Remove instr operands padding in enhance by @arcz in #1372
• tips.py: add tip about Pwndbg's signal handling by @disconnect3d in #1373
• Use --noconfirm for pacman by @Xeonacid in #1376
• install git and pip for pacman-based distro by @Xeonacid in #1377
• Fix tests reporting in parallel execution by @disconnect3d in #1379
• Use .data instead of .got.plt in the heap heuristic by @lebr0nli in #1381
• tests zig cc: silence unused vars warnings by @disconnect3d in #1382
• Add tabstop config for context source code by @lonnywong in #1380
• Fix debian10 ci by @disconnect3d in #1383
• Add test for context-source-code-tabstop by @lonnywong in #1385
• fix typo by @Dliwk in #1387
• Support Arch Linux docker test by @Xeonacid in #1378
• fix test_loads_binary_with_core_without_crashing on debian10 by @disconnect3d in #1389
• tests reference-binary.c: dont rely on connect to 1.1.1.1 by @disconnect3d in #1390
• Fix vmmap coredump test by @disconnect3d in #1391
• Add default-visualize-chunk-number config and refactor some code related to config by @lebr0nli in #1388
• version.py: fix build_id after recent refactors by @disconnect3d in #1393
• Add CI badge by @gsingh93 in #1396
• Disable IDA RPC by default by @gsingh93 in #1395
• Fix find_fake_fast command test by @CptGibbon in #1397
• fix: architecure mapping for ARM ARMv7-M by @alufers in #1401
• fix: Prevent pwndbg from trying to download ELF files from a remote embedded device. by @alufers in #1402
• abi.py: don't recreate ABI dicts by @disconnect3d in #1408
• fix #1188: incorrect 32-bit syscall display on x64 by @disconnect3d in #1407
• tests.sh: fix --pdb (set SERIAL when --pdb is set) by @disconnect3d in #1410
• Fix #1399: cymbol command on old GDB by @disconnect3d in #1409
• Fix archlinux ci tests by @disconnect3d in #1411
• Fix: support malloc_ptr of glibc<=2.23 by @Testzero-wz in #1406
• Add support for performance profiling by @gsingh93 in #1413
• Deprecate kernel-vmmap-via-page-tables in favor of kernel-vmmap by @gsingh93 in #1415
• Bump gdb pt dump by @disconnect3d in #1205
• Add simple qemu-aarch64 test by @gsingh93 in #1423
• Handle gdb-pt-dump permission error gracefully by @gsingh93 in #1426
• Add basic QEMU system testing scripts by @gsingh93 in #1428
• Fix gdb-pt-dump error when attaching to QEMU on aarch64 by @gsingh93 in #1429
• Move some env_parallel code into the else branch by @gsingh93 in #1432
• Replace OnlyAmd64 decorator with more generic OnlyWithArch decorator by @gsingh93 in #1433
• Add kconfig command by @gsingh93 in #1425
• Add commands to print kernel commandline and version by @gsingh93 in #1434
• Add is_kaslr_enabled function by @gsingh93 in #1435
• Improved configuration and automatic use of heap heuristics by @lebr0nli in #1424
• Add OnlyWithKernelDebugSyms decorator by @gsingh93 in #1436
• Allow running cpsr command on aarch64 by @gsingh93 in #1437
• Fix ValueError of cyclic command by @ytk2128 in #1443
• Fix the bug when using gdbserver by @lebr0nli in #1439
• Always run GitHub Actions workflow even if tests fail by @mohitsaxenaknoldus in #1438

New Contributors

• @syheliel made their first contribution in #1106
• @miles170 made their first contribution in #1178
• @amoghrajesh made their first contribution in #1218
• @erivas made their first contribution in #1276
• @pogen300 made their first contribution in #1304
• @mazfil made their first contribution in #1319
• @ruijia-zhou made their first contribution in #1341
• @tuxfobux made their first contribution in #1334
• @un1c0rn-the-pwnie made their first contribution in #1301
• @the-lightstack made their first contribution in #1352
• @szymex73 made their first contribution in #1337
• @profesorek96 made their first contribution in #1366
• @kacpi2442 made their first contribution in #1368
• @Xeonacid made their first contribution in #1376
• @Dliwk made their first contribution in #1387
• @Testzero-wz made their first contribution in #1406
• @ytk2128 made their first contribution in #1443
• @mohitsaxenaknoldus made their first contribution in #1438

Full Changelog: 2022.08.30...2022.12.19