It’s only been five months since the release of our HLIL decompiler and we’ve been busy on lots of fronts! Note only are we in the middle of open sourcing all of our core architectures, but we’re also launching a welcome back discount for customers who have had their support expire and are thinking of coming back and seeing everything that’s changed.
And speaking of what’s changed, just in the past three months since our last release we’ve almost 800 commits across our different repositories! That’s a lot of new changes to cover, so this is definitely not an exhaustive list, but let’s dig in!
Major Features
Here’s a summary with details of our favorite changes for this release.
C/C++ API documentation
While our Python documentation is often something we receive compliments for, there was a glaring lack of documentation of our other APIs. Thankfully, with this release we now have early progress for C++ and UI documentation. You’ll notice that actual documentation is sparse, but now that we have a framework we can test it on, expect to see new APIs have documentation and we’ll begin working backward on the archive to flesh out other APIs as well. And of course contributions are welcome as well.
Partial Variable Access
Despite its innocuous sounding name, this feature is a major improvement to the readability of HLIL. Consider the following before/after image:
A lot of work went into both making sure the implementation was performant and also did not over-optimize nor under-optimize and we’re very happy with the results.
New Type Libraries
Missing type information for commonly included libraries can dramatically harm static analysis. With the release of 2.2 we’ve take a big step in improving our type libraries, not only for Windows with the addition of type information for advapi32, kernel32, kernelbase, and user32 on both x86 and x64, but also by including syscall libraries for linux on many different architectures:
- thumb2eb
- ppc32
- armv7
- mipsel
- mips
- thumb2
- x86
- ppc32_le
- aarch64
- armv7eb
- x86_64
Here’s another look at just how much nicer things look with good type libraries:
User Informed Dataflow
Want the ability to inform Binary Ninja’s value-set analysis and constant dataflow propagation? Now you can! There’s a lot to this amazing feature–so much that we put it into a separate blog post.
Dropping Python 2.x support
Sometimes an improvement isn’t about adding new code, but removing old code. In this case, removing Python 2.x support allows us to support newer type annotations and also is required to support new platforms such as MacOS on Apple Silicon. Those type annotations will improve plugin writing and make larger codebases easier to maintain. Thankfully, ever since our last stable release, all plugins in the plugin manager have supported Python 3.x. If your plugin still needs porting, we’re happy to help answer questions about the process in the public support slack.
UI Updates
- Feature: Indentation guides for linear HLIL
- Feature: Can select portions of tokens in the UI by clicking and dragging
- Feature: Edit comments by double clicking
- Feature: Edit variable and field names by double clicking
- Feature: Custom flowgraph edge styles
- Feature: Add UI context notifications
- Feature: Many features from Graph view added to Linear view including: “Edit current line”, “Copy As/Paste From”, “Transform”, “Display As”, “Create Function
- Feature: “Display As” for data in linear view
- Feature: Python scripting console supports reverse search with CMD/CTRL + R
- Feature: Maintain cursor selection/position when changing views
- Improved: Flowgraph edge routing improvements for switch statements
- Improved: Flowgraphs can now have multiple root nodes
- Improved: Cycle IL can now go backward
- Fix: Edge cases in selection handling in linear view and hex editor
- Fix: hang caused by searching large symbol list
Binary Views
- Improved: Handle padding relocations in PE
- Fix: Calculate proper base for ELF with zero sized load program headers
- Fix: PE file sections missing permissions
- Fix: Mach-O view calculated proper base with zero sized segments
- Fix: Mach-O FAT deprecated in favor of new Universal view support
Analysis
- Feature: Setting to suppress reanalysis on database load
- Feature: Setting to automatically simplify C++ templates
- Improved: Added missing LLIL to MLIL mappings
Architecture and Type Libraries
- Feature: All architectures are in the process of being open-sourced under an Apache 2.0 license
- Feature: Type Libraries from Windows now support ordinals, and currently shipping full ordinal sets for x86 and x86_64
- Improved: ARMv7 lifting, with special thanks to nshp, themaks, brinlyau, mdewyze, and ehntoo for their contributions
- Improved: AArch64 lifting, with special thanks to joshwatson, yrp604, and brinlyau for their contributions
- Improved: x86_64 lifting
Binary Ninja Database (BNDB)
- Feature: Add “save with options”
- Improved: Add missing progress callbacks when loading and saving BNDBs
- Fix: Removed spurious writes to BNDBs without a save
API
- Feature: getThemeColor added to UI API
- Feature: disable_default_log added to the Python API
- Improved: Linux setup script now supports more platforms
- Improved: More support for bytearrays in appropriate APIs
Miscellaneous Bug Fixes
- Feature: Support for Python 3.9
- Feature: Infer the size of array when an array is created without explicit size
- Feature: Ability to undefine a variable
- Feature: New CoreDownload provider (with no dependence on QT or Python unlike other two providers)
- Improved: Can now redefine existing types
- Improved: Inserting new instructions will enlarge the binary if required
- Improved: Demangler
- Improved: Many performance improvements across a number of features
- Improved: Many documentation improvements
- Fix: Potential crash on database save
- Fix: Various crashes
To see even more of the improvements that didn’t make this summary, check out the long list of closed GitHub issues.