ERESI WIP developments
You want to start working in ERESI and you dont know where to begin : this is a very common issue.
We currently have many advances in progress, this page is specially crafted to report them all.
If you have interest in developping one of this feature, consider contacting us. If you have developed or want to develop another feature, we might also be interested.
Here is the list of currently work in progress in ERESI:
Complete support for IA32 code transformation to intermediate form
Being able to transform the entire IA32 instruction set to IR is one more step toward stable static analysis of IA32 binary code
Developer: Julio Auto Branch: trunk
Support for MIPS code transformation to intermediate form
Being able to transform MIPS assembly code to IR is one more step toward static analysis of MIPS binary code.
Developer: Adam Zabrocki Branch: trunk
Support for disassembling the ARM architecture
Being able to disassemble ARM binaries will allow us to start doing static analysis on such architectures.
Developer: Thiago Cardoso Branch: trunk
Support for the GDB serial protocol
Supporting the GDB serial protocol will allow us to connect to VMware, Boches, Qemu, and gdb-server nodes, in order to replace the gdb client with the much more powerful ERESI client.
Developer: Eric Bisolfati Branch: netdebug
Support for debugging the SPARC and AMD64 architectures
Supporting the embedded debugging of SPARC and AMD64 in e2dbg will allow us to extend our portability on that part of the project.
Developer: Julien Vanegue Branch: trunk
Open developments in ERESI
Additionally to those work in progress features, we want to develop the following:
Porting the libasm for disassembling Java bytecode
Java disassembling can be made easy using the good reference material. A good starting point is the Wikipedia page on Java bytecode.
Such feature will allow us to extend our static analysis primitives to Java programs.
Improve source-level debugging with ERESI
The embedded debugger is currently capable to import debug information for global variables, but lacks knowledge of local variables during runtime. An extension of the ERESI debug format library is necessary to cover those. Additionally, libedfmt currently does not provide the source line association for a given mapped address during execution. Improving those two points would make e2dbg entirely capable of debugging with full source code information.
Porting the embedded debugger on the ARM architecture
The ARM architecture is widely used in embedded systems. Supporting it in the debugger would allow us to debug such systems.
Porting the libasm on the PPC architecture
Supporting such architecture in libasm is the first step towards static analysis of PPC binary code using the ERESI capabilities.
Porting the embedded debugger on the MIPS architecture
CISCO routers or other lightweight network devices often use MIPS processors. Supporting this architecture in e2dbg will allow us to debug code running on such devices.
Porting the Kernel shell on BSD kernels
Currently, the kernel shell only works with the Linux kernel. It could be easily ported on other operating systems such as BSD kernels. We could then start to do dynamic instrumentation of BSD kernels within the ERESI language.
Improve the Embedded Tracer
The embedded tracer currently has no maintainer! Making sure it continues to work with newer versions of the ERESI framework is a project in itself. Potential improvements include the capability to trace within internal library functions, or to make it more performant, especially by reducing its setup time.
Porting the Embedded Tracer to a new architecture
The embedded tracer is currently only available for the IA32 architecture. Other targets includes SPARC, MIPS, and ARM processors.
Questions
If you have any question or wonders regarding any of those points, contact us !
