Add support for Go binaries

Author: Summer Student

README.md

@@ -74,6 +74,11 @@ Settings are stored in a file `.llef` located in your home directory formatted a
 | rebase_offset           | Int     | Set the rebase offset (default 0x100000)           |
 | show_all_registers      | Boolean | Enable/disable extended register output            |
 | enable_darwin_heap_scan | Boolean | Enable/disable more accurate heap scanning for Darwin-based platforms. Uses the Darwin malloc introspection API, executing code in the address space of the target application using LLDB's evaluation engine. |
+| max_trace_length        | Int     | Set the maximum length of the call stack backtrace to display                                        |
+| stack_view_size         | Int     | Set the number of entries in the stack read to display                                               |
+| max_disassembly_length  | Int     | Set the maximum number of instructions to disassemble and display around the current PC              |
+| go_support_level        | String  | Control Golang-specific analysis. `disable` / `auto` (default) / `force`. Go support in Windows binaries requires `force`. |
+| go_confidence_threshold | String  | Set the confidence threshold (`low` / `medium` / `high`) for Go objects to be shown in the context view. |
 
 #### llefcolorsettings
 Allows setting LLEF GUI colors:
@@ -179,6 +184,36 @@ aabacadaea
 [+] Found in $8 at index 0 (little endian)
 ```
 
+#### (Go) Unpack Type
+
+```
+(lldb) go unpack-type 0xc000130000 []main.Country
+[{Name:'Japan' Capital:'Tokyo' Continent:'Asia'} {Name:'Germany' Capital:'Berlin' Continent:'Europe'}]
+(lldb) go unpack-type 0xc000130000 []main.Country --depth 1
+[0xc000142000.. 0xc000142030..]
+(lldb) go unpack-type 0xc000142000 main.Country
+{Name:'Japan' Capital:'Tokyo' Continent:'Asia'}
+(lldb) go unpack-type 0xc000142000 [6]uintptr
+[0xc000114140 0x5 0xc000114145 0x5 0xc00011414c 0x4]
+```
+
+#### (Go) Find Function
+```
+(lldb) go find-func main.main
+0x55c6894c0280 - main.main (file address = 0x4c0280)
+(lldb) go find-func 0x55c689454a3a
+0x55c689454a20 - runtime.(*moduledata).textAddr (file address = 0x454a20)
+```
+
+#### (Go) Get Type
+```
+(lldb) go get-type json.mapEncoder --depth 3
+json.mapEncoder = struct { elemEnc func(*json.encodeState, struct { typ_ *abi.Type; ptr unsafe.Pointer; flag uintptr }, struct { quoted bool; escapeHTML bool }) }
+Size in bytes: 0x8
+(lldb) go get-type json.encodeState --depth 1
+json.encodeState = struct { Buffer bytes.Buffer; ptrLevel uint; ptrSeen map[interface {}]struct {} }
+Size in bytes: 0x38
+```
 
 ### Breakpoint hook
 This is automatic and prints all the currently implemented information at a break point.

arch/__init__.py

@@ -1,7 +1,5 @@
 """Arch module __init__.py"""
 
-from typing import Type
-
 from lldb import SBTarget
 
 from arch.aarch64 import Aarch64
@@ -12,7 +10,12 @@
 from arch.x86_64 import X86_64
 from common.constants import MSG_TYPE
 from common.output_util import print_message
-from common.util import extract_arch_from_triple
+
+
+def extract_arch_from_triple(triple: str) -> str:
+    """Extracts the architecture from triple string."""
+    return triple.split("-")[0]
+
 
 # macOS devices running arm chips identify as arm64.
 # aarch64 and arm64 backends have been merged, so alias arm64 to aarch64.
@@ -29,13 +32,13 @@
 }
 
 
-def get_arch(target: SBTarget) -> Type[BaseArch]:
+def get_arch(target: SBTarget) -> type[BaseArch]:
     """Get the architecture of a given target"""
     arch = extract_arch_from_triple(target.triple)
     return get_arch_from_str(arch)
 
 
-def get_arch_from_str(arch: str) -> Type[BaseArch]:
+def get_arch_from_str(arch: str) -> type[BaseArch]:
     """Get the architecture class from string"""
     if arch in supported_arch:
         return supported_arch[arch]

arch/aarch64.py

@@ -10,6 +10,8 @@ class Aarch64(BaseArch):
 
     bits = 64
 
+    max_instr_size = 4
+
     gpr_registers = [
         "x0",
         "x1",

arch/arm.py

@@ -10,6 +10,8 @@ class Arm(BaseArch):
 
     bits = 32
 
+    max_instr_size = 4
+
     gpr_registers = [
         "r0",
         "r1",

arch/base_arch.py

@@ -2,15 +2,14 @@
 
 from abc import ABC, abstractmethod
 from dataclasses import dataclass
-from typing import Dict, List
 
 
 @dataclass
 class FlagRegister:
     """FlagRegister dataclass to store register name / bitmask associations"""
 
     name: str
-    bit_masks: Dict[str, int]
+    bit_masks: dict[str, int]
 
 
 class BaseArch(ABC):
@@ -23,7 +22,12 @@ def bits(self) -> int:
 
     @property
     @abstractmethod
-    def gpr_registers(self) -> List[str]:
+    def max_instr_size(self) -> int:
+        """Max instruction size (bytes) property"""
+
+    @property
+    @abstractmethod
+    def gpr_registers(self) -> list[str]:
         """GPR register property"""
 
     @property
@@ -33,5 +37,5 @@ def gpr_key(self) -> str:
 
     @property
     @abstractmethod
-    def flag_registers(self) -> List[FlagRegister]:
+    def flag_registers(self) -> list[FlagRegister]:
         """List of flag registers with associated bit masks"""

arch/i386.py

@@ -10,6 +10,8 @@ class I386(BaseArch):
 
     bits = 32
 
+    max_instr_size = 15
+
     gpr_registers = [
         "eax",
         "ebx",

arch/ppc.py

@@ -10,6 +10,8 @@ class PPC(BaseArch):
 
     bits = 32
 
+    max_instr_size = 4
+
     gpr_registers = [
         "r0",
         "r1",

arch/x86_64.py

@@ -10,6 +10,8 @@ class X86_64(BaseArch):
 
     bits = 64
 
+    max_instr_size = 15
+
     gpr_registers = [
         "rax",
         "rbx",

commands/base_command.py

@@ -1,7 +1,7 @@
 """Base command definition."""
 
 from abc import ABC, abstractmethod
-from typing import Any, Type
+from typing import Any, Union
 
 from lldb import SBCommandReturnObject, SBDebugger, SBExecutionContext
 
@@ -19,7 +19,7 @@ def __init__(self) -> None:
 
     @property
     @abstractmethod
-    def container(self) -> Type[BaseContainer] | None:
+    def container(self) -> Union[type[BaseContainer], None]:
         """Container property."""
 
     @property

commands/base_settings.py

@@ -3,7 +3,7 @@
 import argparse
 import shlex
 from abc import ABC, abstractmethod
-from typing import Any, Dict
+from typing import Any, Union
 
 from lldb import SBCommandReturnObject, SBDebugger, SBExecutionContext
 
@@ -17,9 +17,9 @@ class BaseSettingsCommand(BaseCommand, ABC):
 
     program: str = ""
     container = None
-    settings: BaseLLEFSettings | None = None
+    settings: Union[BaseLLEFSettings, None] = None
 
-    def __init__(self, debugger: SBDebugger, __: Dict[Any, Any]) -> None:
+    def __init__(self, debugger: SBDebugger, __: dict[Any, Any]) -> None:
         super().__init__()
         self.parser = self.get_command_parser()
 
@@ -56,7 +56,7 @@ def __call__(
             raise AttributeError("Class not properly initialised: self.settings is None")
 
         if args.action == "list":
-            self.settings.list()
+            self.settings.list_settings()
         elif args.action == "save":
             self.settings.save()
         elif args.action == "reload":