
2007-08-26
----------

* Added cool "data dump" plugin as per 0xf001s request :). Just hit ctrl+D and 
  it'll shoot out a dump similar to GDB to stdout.

* Added the ability to skip in-accessible regions (permissions currently "---")
  to both the reference search and the binary string plugins. Some applications
  such as wine like to create dummy regions like this. It should make the 
  searching a little more bareable.

2007-08-20
----------

* "Filling" instructions, as in functions which either have no real effect, 
  and/or are usually used to fill the space between functions are now displayed
  in grey. This makes seeing where function boundaries are easier.

2007-08-20
----------

* Added pointer detection to heap analysis.

2007-08-18
----------

* Tables with numeric content columns are now sorted numerically.

* I am working on stabalizing the programming API, BaseTypes:: and Debugger:: 
  namespaces will be merged and renamed to edb::. The contents of Debugger:: 
  will be located in in edb::v1:: to indicate version 1 of the plugin API. This
  way plugins will have a nice clean way of knowing which version of the API
  they are using. Functions in edb::v1:: will never be removed, after 1.0 is
  released.
  
* Corrected a bug where step over didn't work if you were on a breakpoint.

2007-08-16
----------

* Corrected copy and past bug in FunctionFinder plugin menu item name.

2007-08-15
----------

* updated some of the documentation.

2007-08-14
----------

* Added a "bookmarks" plugin, which allows you to put code addresses of your
  choice into a list, which you can later jump to. This plugin also serves
  as an example of how to add dock widgets to the main gui in a safe manor.

* Fixed a subtle crash caused by debugging an app, opening a plugin dialog, then
  detaching, and eventually debugging a new process (which not closing the
  dialog.
  
* Added a new "function finder" plugin. Suprisingly accurate. It includes a
  "reference count" column which is how many potential calls to this function
  the plugin saw. The higher the number, the greater the confidence that it is
  really a function entry point.

* Speed increases.

2007-08-13
----------

* Changed some of the global objects from pointers to references, this will
  reduce the need for null checks in many situations as well as simplify code.
  
* added wait for console process to die before closing for a better cleanup.

2007-08-10
----------

* Fixed accidentaly reference of breakpoint data after it was free when using
  one time breakpoints. Dangling pointers are no bueno!

2007-08-09
----------

* Removed references to QT 4.3 features from UI files.

2007-08-08
----------

* Fixed a crashable bug introduced in last version, this was related to clearing
  the process state variable. Now that the state has virtual functions, it is
  no longer correct to use memset.

* Added search filter to the opcode search plugin so you can find the region you
  want to search more easily.

* Added search filter to the strings plugin so you can find the region you
  want to search more easily.

* Made the MemoryRegions object also a QAbstraceItemModel, suitable for a 
  QTableView. This should make it simpler/cleaner to display a table of
  available regions (there were already 3 copies of the code to fill the table
  in edb which will now no longer be needed, in addition to making the filtering
  code MUCH simpler since QT can do it for us.

2007-08-06
----------

* Improved the build system a little for plugins. They now all share common 
  portions.

* Added ascii string display in heap viewer plugin. Now if, the heap block 
  contains an ascii string, it'll be displayed in the data column. I plan to
  add more types of known "data" to this column over time.

* Added a filter to the environment viewer plugin so you can quickly find the
  variable you are looking for.

2007-08-02
----------

* Conditional MOVs are now part of the instruction analysis, it will display 
  whether or not the MOV will be performed based on the current flags.

* I am making the config file entries use a more organized naming convention in
  the past they were very ad-hoc, but now i am going with namespaces. For 
  example: debugger.terminal.enabled=true. For now this will only apply to new
  settings so no one loses settings, but the old names will eventually be phased
  out in 0.9.0 which is when I will start to stabilize the varying APIs in EDB.

* The view options for the stack and data views (word width/row width/which 
  columns to display) are now stored in the config file and restored on reload. 
  Data view is stored as well but is based on the options dialog because saving 
  the options set in the context menu makes no sense (many tabs, which to use).

2007-08-01
----------

* Added different binary fill options to the CPU context menu. Good for REMing
  out individual ops quickly.

* Command window program is now configurable in the debugging options dialog.
  You can enable/disable it, and you can use the terminal program of your 
  choice. The default is /usr/bin/xterm, as this should be fairly ubiquitous.
  "konsole --nomenubar --notabbar" works well for us KDE users out there as 
  well. The only real rule is that whitespace is assumed to be an argument 
  separator and bad things may happen if you try to be clever and use a program
  name or argument with a space in it. I was able to get launching konsole to 
  simply lock up EDB (no idea why) simply by using it from a path with a space
  in it.

2007-07-31
----------

* Experimental code for opening an I/O window for command line apps is almost
  done. It actually works well, just need it to be more tunable. This is a
  big feature as it will allow more complete debugging of applications with a 
  CLI.

2007-07-30
----------

* Made the 3 byte UD opcode no decode as "invalid" but as "ud", since this op
  isn't really invalid, just is hardwired to generate an exception.

* FPU registers are now highlighted on changes.

* Made changes towards abstracting State such that it can be an opaque type.

* Renamed types.h to EDBTypes.h to avoid conflict with system types.h. Sorry
  if this makes people change code, but API isn't stable yet ;).

* Moved *nix specific headers to ROOT/include/os/unix from src, since plugins 
  may and likely need to see those types, now the include dir is all that is 
  NEEDED to have a plugin development setup.

* Changed getValueFromUser to get a reg_t value, this should be more 
  portable. (Thanks Thomas Faber!)
  
* Improved DebuggerCore's reading/writing routines to be more portable and
  more flexible with regards to endian size and word size. 
  (Thanks Thomas Faber!)
  
* Thomas Faber's changes make EDB a few steps closer to compiling and 
  functioning correctly in an x86-64 setup.


2007-07-26
----------

* Implemented PID enumeration on FreeBSD. Still a lot to go for things to 
  compile and work...

* Made edb_make_symbolmap work if you have md5 instead of md5sum in your system.

* Added breakpoint management to CPU view context menu.

2007-07-25
----------
* Fixed error in which a shallow copy of a transient variable was being used
  which is bad because the data could be trashed.

2007-07-21
----------

* You can now see the FPU registers, they are currently read only, but it 
  appears to work correctly.

2007-07-19
----------

* Fixed a silly bug introduced recently where registers aren't properly 
  un-highlighted when no longer attached.
  
* Internally layed some ground work for reading FPU register support.

* Fixed a bug in the debugging core plugin which could cause a caller of a 
  read or write to think it succeeded when it didn't. It was very unlikely to
  get triggered and even so would likely have little to no side effects.

2007-07-17
----------

* Made it so when you try to modify bytes which overlap a breakpoint, 
  you are given the option to continue (which removes the breakpoints), or 
  abort the modification.
  
* Finally made the breakpoint dialog show the breakpoint type.

* Introduced initial code for supporting more than one binary type. It still 
  only accepts ELF32, but the framework is in place.
  
* Fixed a bug where misaligned jumps were fooling the disassembly view widget
  this was pretty bad since a lot of the point of active debugging versus static
  analysis is to avoid getting fooled by tricks like this!

2007-07-16
----------

* Fixed a bug where certain strings may not be reported corrected 
  (some characters chopped out).

* Fixed bug where offsets of 16-bit relative jumps were not being truncated like
  the CPU actually does. In the real thing, the target address has the upper 
  16-bits cleared. Not very useful in 32-bit code, but important to be correct.

* Fixed bug in new register reading code.

* Removed segfault due to settings invalid segments from TODO list, this is a 
  kernel bug and entirely out of EDB's control.

2007-07-13
----------

* Numerous improvements to the disassembler, I believe it is fairly complete
  the only thing that's missing that I'm aware of is enforcement of certain 
  rules (like mod/rm that must only be mem, and which ops certain prefixes are
  valid for).

2007-07-12
----------

* Worked around a bug where QT would deliver events to disabled actions if the
  shortcut key-combination is pressed. For now I have a check in each action
  where it simply returns if that action is not enabled. The QT people seem
  to be aware of the issue, hopefully it'll be addressed in a future version
  of QT.

* Fixed ability to debug a process which receives unknown stop signals. Now it 
  will simply break if you were trying to step. It is still annoying since 
  frequent signals will make you have to step twice all the time, but at least
  it is now possible.

* Fixed long standing (apparently no one noticed) bug where if you detached
  from a process while a breakpoint was set, the process had a chance of 
  crashing.

* Made operand analysis smarter, it now knows about different expression types
  (byte ptr, word ptr, dword ptr).
  
* Identified a few bugs I would like ironed out before next release.

* Many minor improvements in the disassembly output. It is difficult to decide
  when to use hex and when to use decimal, but I think I have something
  reasonable.
  
* Good speedup in instruction analysis.

2007-07-11
----------

* Finally compiled EDB with edisassm ! This disassembly engine is faster and
  more robust than the previous one because I am more easily able to add
  specific features that EDB can use into it. Unfortunately, this does mean
  that AT&T syntax is temporarily disabled.
  
* Fixed a major crashable bug in QDisassemblyView widget, it was very subtle.

2007-07-06
----------

* Finished environment viewer plugin

* edisassm is almost complete and ready for integration

* Condition flags can now be seen in the register view as a sub item to eflags

* Split out the i386 stuff away from the GUI yet more, almost at a good point
  of portability.
  
* More robust error checking

* A few minor UI updates.


2007-05-31
----------

* Multibyte invalid ops are now displayed properly.

2007-05-23
----------

* Very preliminary TTY support.

2007-05-20
----------

* Fixed a bug in getBinaryStringFromUser where it was setting the value 
  before the maximum allowed length. This made it so values were truncated 
  incorrectly.
  
* Added Edit bytes to the QDisassembly viewer!

* Fixed DebuggerCore incorrectly reporting success on reads/writes of where
  no bytes are read.

2007-05-16
----------

* Added UID to attach dialog.

* Added ability to filter out entries that don't match your UID in the attach
  dialog.

2007-05-15
----------

* Added "Goto ESP/EBP" to stack context menu.

* Fixed crashable bug in QDisassembly view, involving libdisasm, libdisasm will
  do a double free if "x86_oplist_free" is called on invalid opcodes, this is
  now avoided.
  
* You can now always disassemble code nearing the edge of a region.

2007-04-30
----------

* Isolated how recent files are managed away from primary GUI code.

* Made register view and disassembly view fonts configurable from options 
  dialog.
  
* Made data view's font default to what is set in the options.

* Font changes in the options now show immediately after accepting (clicking ok)
  the options dialog.

2007-04-27
----------

* Break point manger now takes an expression for it's address

* General code cleanups

* Added stack analysis, will now show returns and ascii strings in stack viewer!

2007-04-24
----------

* Made minimum length for ascii string detection tunable in options.

* Improved the String Searcher plugin to reuse code in the Debugger API instead
  of using its own.

2007-04-23
----------

* Began work on a new "Open Files" plugin, it can currently list open files
  and will eventually be able to show socket/pipe information as well.

* Fixed minor display bug in tooltips for long instructions

* Improved the internal disassembly API to make it more adaptable to other 
  disassembly libraries

2007-04-19
----------

* Vastley improved the speed of the Heap Analyzer's result view (order of 
  minutes to seconds)

2007-04-15
----------
* Added heuristic for resolving "main" symbol byte on bytecode matching
  if the symbol is not provided in the symbol map. This feature is currently
  very likely glibc specific.
  
* Added some more steps towards 64-bit build support.

2007-04-13
----------

* Added more constancy to context menus (operations you can do in the dump 
  view, you can also do in the stack view most of the time now.

2007-04-11
----------

* Registers are now highlighted in red if they have changed.

2007-04-08
----------

* Fixed a crashable bug BinaryString search plugin if an empty string was 
  supplied.

2007-04-07
----------

* CheckVersion plugin will now respect the HTTP_PROXY environment variable.

2007-04-06
----------

* corrected minor bug in edb_make_symbolmap.sh which preventing it from running
  on certain distributions which actually have /bin/sh act like the original sh
  not bash :)

* Added basic conditional breakpoints. The can be set in the breakpoint 
  manager plugin and are based on the expressions that were recently added.
  At the moment, the expressions are tested for validity at the moment of 
  the breakpoint, eventually this will be checked when you enter it.

2007-04-02
----------

* Added expression support to "Goto Address" in both the CPU and data views.
  Please see the README for more detailed information on this.
 
2007-03-29
----------

* Added MD5 code, which will notify the user of outdated symbol files.
  
* Added code to remove duplicates from the instruction analysis list.

2007-03-28
----------

* Renamed make_symbolmap.sh to edb_make_symbolmap.sh to make it more 
  distribution friendly.

* edb_make_symbolmap.sh now puts errors to stderr, not stdout, so you don't get
  false symbol files if you process a whole dir at a time.

2007-03-24
----------

* Shellcode address used to change region permissions is now chosen dynamically.

2007-03-20
----------

* Added preliminary framework for resolving parameters to standard library 
  functions.
  
* Added ability to show/hide the toolbar.

2007-03-15
----------

* Added ability to specify compile time some default directory strings, 
  makes package management easier.

* Added preliminary method for code to find a plugin based on the plugins name
  this will allow code to be written which depends on functionality exported
  by plugins, which could be cool.

* Added some basic measures to help prevent duplicate plugin loading caused
  by symlink trickery
  
* EDB will now look in the current working directory as well as the path 
  specified in the options for plugins

2007-03-14
----------

* Added getting of working directory and arguments from attached processes
  this makes restarting work much better (which is now enabled).

2007-03-12
----------

* Internally,a lot of i386 specific code was moved to a new class 
  "i386ArchProcessor", which will eventually be a plugin (one for each arch).
  It is still a work in progress, but is a start.

* Removed quit role property from exit menu as this prevented 
  compiles on QT < 4.2.0

2007-03-03
----------

* started work on restart code, seems to work ok

2007-02-26
----------

* Added ability to change the working directory opened applications run in. 

2007-02-23
----------

* Improved about dialog box :-P

2007-02-15
----------

* Added ability to dump the contents of a data view tab to a file.

2007-01-17
----------

* Added recent file list to File menu.

2007-01-16
----------

* Cleared internal state tracking on detach, nothing major.

2006-12-23
----------

* Added new stylized register view window, still working out the programmers API
  for it, but at least it looks nice :)

2006-12-22
----------

* Making slightly less assumptions about the architecture being 32-bit.

2006-12-18
----------

* Added a search filter to the attach and memory region dialogs.

* Fixed compilation issue with gcc 3.x series compilers.

2006-12-16
----------

* Added a tooltip to the disassembly view when there are too many instruction
  bytes to display which shows all bytes in the instruction.

* Added display of ASCII strings next to registers if analysis decides that 
  what the register points to is an ASCII string.

* Added push/pop operations to the stack context menu.

2006-12-13
----------

* Added preliminary PLT support to make_symbolmap.sh, this will allow EDB 
  to properly display library calls, eventually, this will lead to a database
  of known functions with parameters so the analyzer can display the parameters
  correctly.

2006-12-12
----------

* Finally added the ability to edit the bytes in the data and stack dump 
  widgets! Simply right click and choose "Edit Bytes" and modify away :).
  If the new string of bytes is smaller, the debugger will zero fill the
  difference, in the future this will be tunable.

2006-12-08
----------

* Improved efficiency and clarity of rendering code for some custom widgets.

2006-12-06
----------

* Started working on some html based help files in doc directory, don't
  expect anything useful in there quite yet, but it'll get there.

* Isolated libdisasm calls to a single part of the code, this allowed 
  consolidation of common functions as well as creating a central point to 
  replace the code as I feel that libdisasm will likely be dropped in a later 
  version.

* Added more information in the instruction information panel.

* Made DebuggerCore plugin readBytes fill the trailing end of the buffer with 
  0xff if it could not read as many bytes as requested, this is to give more
  predictable results if only a partial read is possible.

2006-12-01
----------

* Reduced redundant drawing in QDisassembly widget, which should make things
  slightly faster due to less redraw.

2006-11-30
----------

* Added some more sanity checks to the internal reads and writes in the 
  debugger core plugin, this should prevent reporting incorrect data if a 
  add breakpoint failed to read/write correctly.

* Made step over, also step over REP prefixed ops.

* Fixed bug in indirect call/jmp analysis which resulted in the target symbol
  not being resolved even though it was in the symbol map.

* Made it so the expression evaluator shows a ? instead of junk when it can't 
  read from the effective address.

2006-11-29
----------

* Corrected bug in libdisasm which caused the instruction  8e e8 to disassemble 
  incorrectly as "mov ds, ax" instead of the correct "mov gs, ax".

2006-11-28
----------

* Added ability to choose both how many bytes per "word" in the displays
  and how many "words" per row via the context menu, this setting is not
  remembered yet, but that will follow shortly.

* Fixed very annoying bug where it was possible to make the QHexView widget
  not correctly highlight things if the origin was not aligned to the word 
  width * row width.

* Added ability for QHexView widget to display 64-bit formatted hex, once
  a bug related to selection of misaligned text is resolved this will be 
  enabled.

2006-11-27
----------

* Added getBinaryStringFromUser to debugger API.

* Added filename to title bar when opening an application.

* Removed updating of all views when selecting a memory region to view,
  now it only updates the data view tab.
  
* Fixed green arrow showing outside of viewable area sometimes.

2006-11-25
----------

* Changed string searcher to allow newlines in a string.

* Corrected DebuggerCore's behavior when writing less than 4 bytes from the 
  edge of a memory region, previously the result was undefined, now it acts
  as expected.

2006-11-22
----------

* Added double click to follow in dump to StringSearcher plugin

* Fixed rare double-free crash found by valgrind.

* Fixed occasional crash due to lack of copy constructor in a class.

* Now the open dialog will start in the directory which you last opened a file 
  from, this should make reloading the same file you previously ran quicker.

* Added a function to Debugger namespace which make it easier to properly 
  compare version numbers numerically.

* Added a plugin "CheckVersion" which will read the file 
  http://www.codef00.com/projects/debugger-latest and determine if a new version
  has been released.

2006-11-21
----------

* Added another opcode class "[esp + 8]->eip" in OpcodeSearcher and improved 
  efficiency of search by reducing memory compares.
  
* Added ability to double click results in OpcodeSearcher and it will jump
  the disassembly view to the found address.

2006-11-20
----------

* Improved instruction analysis, now it will attempt to give symbol relative
  information on many control flow ops such as calls/returns/jumps, more of 
  this to come.

2006-11-17
----------

* Changed name of utility functions ByteShiftArray::rol() and 
  ByteShiftArray::ror() to ByteShiftArray::shl and 
  ByteShiftArray::shr to reflect what they actually do
  
* Updated the makesymbolmap.sh script based on patch from pancake, SymbolManager
  has been updated to use the slightly different format.
  
* Reduced scrolling in disassembly view by only scrolling when new instruction
  isn't in visible range.
  
* Added arrow icon next to current instruction.

* Changed resultant binary from "debugger" to "edb" to reflect actual project 
  name.
  
* Added some basic documentation on how to write plugins, though the example 
  plugins are still the best way to learn.
  
* Added jump to address and jump to EIP to disassembly view context menu.

* Main window will now remember it size and restore it next time EDB is run.

2006-11-16
----------

* Minor code cleanups.

* Slight change to DebuggerCoreInterface to have waits specify a timeout, 
  it is not required that the class actually do anything with the timeout, 
  but the groundwork is being set.
  
* Hopefully have a good solution for terminating the event server thread

* Removed parts of libdisasm which aren't needed for libdisasm.a to build
  this cuts the download size by 75%!

2006-11-13
----------

* Removed parts of libdisasm from source tree that aren't related to the build
  which cut the tarball down to a quarter of the size :)
  
* Working on cleaning up internal breakpoint management, current implementation
  works most of the time, but there are a few corner cases where it isn't 
  perfect. I plan to rework this so that the logic is more clear.

2006-11-12
----------

* Added upper limit of one second to how long debugger will wait for the event 
  thread to terminate. Eventually I will fix the fact that it doesn't always 
  terminate, but for now this seems to work ok.
  
2006-11-10
----------

* Fixed QTableWidgets not being populated correctly with QT 4.2.x and up, it 
  seems that you must disable sorting before inserting to guarantee correct
  behavior.

2006-11-10
----------

* Fixed a bug related to adjacent breakpoints which were not placed by the 
  debugger (already in the code).

2006-11-09
----------

* Initial Release
