Eli
Eli
Hi @miaoski, welcome. The "unimplemented" messages may be misleading; they only mean there is no mock or signature available for that API, but the native code (if exists) is still...
I am not sure why do we need disassembling capabilities based on radare2. Given that radare2 itself relies on Capstone for disassembly, I don't see a clear advantage here (unless...
> We strive to base as many things as we can on top of radare2, not limited to symbol resolving Where did that come from..? Not sure that I agree...
> Mostly from cross-reference analysis. I am not following.
Note that you cannot analyze the binaries and libraries from disk, because they might have been patched by Qiling (`ql.patch`). You should communicate a patched version to radare2.
Wait. Let's not jump the gun here. There are few considerations I would like us all to take into account: 1. Implementing an extension is one thing, and integrate that...
> agreed with this statement, but not fully. We should be careful about new features indeed but there will be tradeoff. Being an extension means not every user could notice...
To keep a clean code, this feature needs to be **completely detached** from core - just like other experimental features, that are not plugged-in to core at all. To let...
That looks better, thanks. My suggestion to monkeypatch the disassemble method meant to replace the default disasembly hook that is set when the user sets the verbosity level to `QL_VERBOSE.DISASM`....
@wtdcode, do you approve it with the latest chances?