[ANN] BAP 2.5.0 Release

We are proud to announce the 2.5.0 release of the Carnegie Mellon University Binary Analysis Platform (CMU BAP). This is one of the biggest releases of BAP with lots of new features and bug fixes. In this release, we significantly improved BAP performance (in some use cases by a factor of three) and reduced memory consumption (up to a factor of two). In addition, we devised a new method for representing floating-point operations that is scalable and efficient and now we enable floating-point lifters for all x86 binaries with little to no extra overhead. The floating-point support for other targets is coming! We also rewrote the ABI specifications and now support dozens of different ABI. The new ABIs support calling conventions for structures and floating-point values and the bap-c library was significantly expanded with lots of new functions and types to describe C types and C object layouts.

You can install bap with

opam install bap.2.5.0

Do not forget to opam update before that.

Congratulations! The feature and bug list does look super impressive !

The documentation of BAP is top notch. But it is more conceptual / function by function documentation in the style of odoc IIRC.

As a inspiration, I would like to point to another OCaml project dream. It has a crazy number of examples – see dream/example at master · aantron/dream · GitHub

A project like BAP with such a vast scope would gain from just having a large suite of examples like dream. Every major BAP feature could an example associated with it. What do you think about the suggestion?

If I ever get the chance/time I would definitely like to add some examples.

Also, I would request a shift to dune. The whole BAP system will becomes a bit more comprehendible. But I suppose it is a massive chore to shift the build system at this stage.

That sounds like a great idea and we will happily accept a PR or just feel free to edit our wiki. With that said, we actually already have a few examples, spread around in the form of blogs, wiki pages, tutorials, or even whole repositories of ready to use small projects, like bap-plugins and bap-toolkit. You might also check out this excellent introduction to BAP that is written by one of our users. Though, I have to admit that we need to have a better summary and our front-end readme page needs some love. With that said, most of the life in BAP happens in our gitter channel.

Concerning a switch to dune, I am working on it. Unfortunately dune is a very unconventional build system that makes a lot of unique and opionated choices, so the switch is hard. Not sure if I will succeed and how many weeks of work it will take, but I prefer to be optimistic. I am at a vacation right now, but once I will return, I will continue working on it.

Not an OCaml but BAP’s new “IL” - “Core Theory” is state of the art, and we shamelessly borrowed the idea and design for Rizin/Cutter’s RzIL:

• IL implementation (C language)
• IL description
• Tracking the migration from ESIL to RzIL

BAP is a heavily underappreciated framework, and I wish it would be more adopted in the ITsec industry.