2.2.1

Highlights

  • T3377 - Fixed a disassembler issue:

    • In Axion instruction view, jmp and call instructions would sometimes display the wrong target address.
    • In the Analysis Python API, the Instruction object would sometimes contain wrong operands for relative jmp and call instructions.

    Due to this fix, you may observe longer replay duration for the PC range and stack events resources.

  • Made it impossible to start non-leaf QEMU snapshots. This fixes an issue where starting such snapshots would corrupt their child snapshots.

Improvements

Analysis Python API

  • Improved the performance of the Context.read method up to x3 in typical workloads.
  • Added a timeout argument to the String.memory_accesses method, allowing to specify how long this function should attempt to recover all accesses before raising an exception.

Project Manager

  • It is now possible to rename scenarios from the Project Manager web interface. As a result of this change, the name of scenarios must now be unique.

    Important: If you already have scenarios that share the same name, they will be renamed upon installation by adding a suffix containing a number to all scenarios sharing the same name. The suffix is 2.2.1-renamed-number.

  • The snapshots > read endpoint of the REST API now adds a list of the live QEMU snapshots in the details of the snapshot. This is useful when doing automatic recording.

  • Starting a QEMU snapshot session with more than 2048MB of RAM is now allowed. RAM must not exceed 3072MB on a QEMU snapshot session to record scenarios.

Fixed issues

Analysis Python API

  • T3378 - Modified Stack.backtrace property so that it returns a string instead of printing it.
  • T3388 - Made the if register accessible from the Analysis Python API. Previously, attempting to access reven2.arch.x64.if would raise a SyntaxError, because if is a Python keyword. The register is accessible through reven2.arch.x64.if_.

Project Manager

  • Fixed starting Axion and the VM in the browser when a SSH X forwarding connection is open.

Limitations and known issues

Unchanged since 2.2.0.