angr 9.2.178__cp310-abi3-win_amd64.whl → 9.2.179__cp310-abi3-win_amd64.whl

angr/analyses/decompiler/utils.py

@@ -163,12 +163,30 @@ def switch_extract_cmp_bounds(
 def switch_extract_cmp_bounds_from_condition(cond: ailment.Expr.Expression) -> tuple[Any, int, int] | None:
     # TODO: Add more operations
     if isinstance(cond, ailment.Expr.BinaryOp):
-        if cond.op in {"CmpLE", "CmpLT"}:
-            if not (isinstance(cond.operands[1], ailment.Expr.Const) and isinstance(cond.operands[1].value, int)):
+        op = cond.op
+        op0, op1 = cond.operands
+        if not isinstance(op1, ailment.Expr.Const):
+            # swap them
+            match op:
+                case "CmpLE":
+                    op = "CmpGE"
+                case "CmpLT":
+                    op = "CmpGT"
+                case "CmpGE":
+                    op = "CmpLE"
+                case "CmpGT":
+                    op = "CmpLT"
+                case _:
+                    # unsupported
+                    return None
+            op0, op1 = op1, op0
+
+        if op in {"CmpLE", "CmpLT"}:
+            if not (isinstance(op1, ailment.Expr.Const) and isinstance(op1.value, int)):
                 return None
-            cmp_ub = cond.operands[1].value if cond.op == "CmpLE" else cond.operands[1].value - 1
+            cmp_ub = op1.value if op == "CmpLE" else op1.value - 1
             cmp_lb = 0
-            cmp = cond.operands[0]
+            cmp = op0
             if (
                 isinstance(cmp, ailment.Expr.BinaryOp)
                 and cmp.op == "Sub"
@@ -180,15 +198,15 @@ def switch_extract_cmp_bounds_from_condition(cond: ailment.Expr.Expression) -> t
                 cmp = cmp.operands[0]
             return cmp, cmp_lb, cmp_ub
 
-        if cond.op in {"CmpGE", "CmpGT"}:
+        if op in {"CmpGE", "CmpGT"}:
             # We got the negated condition here
             #  CmpGE -> CmpLT
             #  CmpGT -> CmpLE
-            if not (isinstance(cond.operands[1], ailment.Expr.Const) and isinstance(cond.operands[1].value, int)):
+            if not (isinstance(op1, ailment.Expr.Const) and isinstance(op1.value, int)):
                 return None
-            cmp_ub = cond.operands[1].value if cond.op == "CmpGT" else cond.operands[1].value - 1
+            cmp_ub = op1.value if op == "CmpGT" else op1.value - 1
             cmp_lb = 0
-            cmp = cond.operands[0]
+            cmp = op0
             if (
                 isinstance(cmp, ailment.Expr.BinaryOp)
                 and cmp.op == "Sub"

angr/analyses/disassembly.py

@@ -34,7 +34,7 @@ class DisassemblyPiece:
     addr = None
     ident = float("nan")
 
-    def render(self, formatting=None):
+    def render(self, formatting=None) -> list[str]:
         x = self._render(formatting)
         if len(x) == 1:
             return [self.highlight(x[0], formatting)]
@@ -73,7 +73,7 @@ class DisassemblyPiece:
             pass
         return string
 
-    def __eq__(self, other):
+    def __eq__(self, other) -> bool:
         return False
 
 
@@ -175,7 +175,7 @@ class Instruction(DisassemblyPiece):
         self.arch = self.project.arch
         self.format = ""
         self.components = ()
-        self.opcode = None
+        self.opcode: Opcode = None  # type:ignore
         self.operands = []
 
         # the following members will be filled in after dissecting the instruction
@@ -261,7 +261,11 @@ class Instruction(DisassemblyPiece):
                     if i > 0 and opr_pieces[i - 1] == "-":
                         v = -v
                         cur_operand.pop()
-                    cur_operand.append(Value(v, with_sign))
+                    with_pound_sign = False
+                    if i > 0 and opr_pieces[i - 1] == "#":
+                        with_pound_sign = True
+                        cur_operand.pop()
+                    cur_operand.append(Value(v, with_sign, render_with_pound_sign=with_pound_sign))
                 elif p[0].isalpha() and p in self.arch.registers:
                     cur_operand.append(Register(p))
                 else:
@@ -592,7 +596,7 @@ class Opcode(DisassemblyPiece):
 class Operand(DisassemblyPiece):
     def __init__(self, op_num, children, parentinsn):
         self.addr = parentinsn.addr
-        self.children = children
+        self.children: list = children
         self.parentinsn = parentinsn
         self.op_num = op_num
         self.ident = (self.addr, "operand", self.op_num)
@@ -639,14 +643,33 @@ class Operand(DisassemblyPiece):
         operand = cls(op_num, children, parentinsn)
 
         # Post-processing
-        if cls is MemoryOperand and parentinsn.arch.name in {"AMD64"} and len(operand.values) == 2:
+        if cls is MemoryOperand:
+            operand = Operand._post_process_memory_operand(parentinsn, operand)
+
+        return operand
+
+    @staticmethod
+    def _post_process_memory_operand(parentinsn: Instruction, operand: MemoryOperand) -> Operand:
+        archname = parentinsn.arch.name
+        if archname in {"AMD64", "ARM", "ARMEL", "ARMHF", "ARMCortexM"} and len(operand.values) == 2:
             op0, op1 = operand.values
             if type(op0) is Register and op0.is_ip and type(op1) is Value:
-                # Indirect addressing in x86_64
+                # Indirect addressing in x86-64 and ARM
                 # 400520  push [rip+0x200782] ==>  400520  push [0x600ca8]
-                absolute_addr = parentinsn.addr + parentinsn.size + op1.val
+                # 80410e6  ldr r1, [pc, #0x98]  ==>   80410e6  ldr r1, [0x8041182]
+                match archname:
+                    case "AMD64":
+                        absolute_addr = parentinsn.addr + parentinsn.size + op1.val
+                    case "ARM" | "ARMEL" | "ARMHF" | "ARMCortexM":
+                        if parentinsn.addr & 1:
+                            # thumb mode
+                            absolute_addr = (parentinsn.addr & 0xFFFF_FFFE) + 4 + op1.val
+                        else:
+                            # arm mode
+                            absolute_addr = parentinsn.addr + 8 + op1.val
+                    case _:
+                        raise AngrTypeError(f"Unsupported architecture {archname} for post-processing memory operand.")
                 return MemoryOperand(1, [*operand.prefix, "[", Value(absolute_addr, False), "]"], parentinsn)
-
         return operand
 
 
@@ -680,13 +703,15 @@ class MemoryOperand(Operand):
         # [ '[', Register, ']' ]
         # or
         # [ Value, '(', Register, ')' ]
+        # or
+        # [ Register, ",", Value]
 
         # it will be converted into more meaningful and Pythonic properties
 
         self.segment_selector = None
         self.prefix = []
         self.suffix_str = ""  # could be arm pre index mark "!"
-        self.values = []
+        self.values: list[str | DisassemblyPiece] = []
         self.offset = []
         # offset_location
         # - prefix: -0xff00($gp)
@@ -698,6 +723,10 @@ class MemoryOperand(Operand):
         # - curly: {rax+0x10}
         # - paren: (rax+0x10)
         self.values_style = "square"
+        # separator (between register and value)
+        # - "": rax+0x10
+        # - "comma": r0, #0x10
+        self.separator = ""
 
         try:
             if "[" in self.children:
@@ -711,8 +740,8 @@ class MemoryOperand(Operand):
             l.error("Failed to parse operand children %s. Please report to Fish.", self.children)
 
             # setup all dummy properties
-            self.prefix = None
-            self.values = None
+            self.prefix = []
+            self.values = []
 
     def _parse_memop_squarebracket(self):
         if self.children[0] != "[":
@@ -746,6 +775,27 @@ class MemoryOperand(Operand):
                 raise ValueError
 
         self.values = self.children[square_bracket_pos + 1 : close_square_pos]
+        if len(self.values) >= 3 and self.values[1] == ",":
+            # arm style memory operand: [r0, #0x10], or [pc, r3, lsl #1]
+            self.separator = "comma"
+            # remove all commas and consolidate all remaining strings
+            new_values = []
+            last_item = None
+            for v in self.values:
+                if v == ",":
+                    if last_item is not None:
+                        new_values.append(last_item)
+                        last_item = None
+                elif isinstance(v, str):
+                    last_item = v if last_item is None else last_item + v
+                else:
+                    if last_item is not None:
+                        new_values.append(last_item)
+                        last_item = None
+                    new_values.append(v)
+            if last_item is not None:
+                new_values.append(last_item)
+            self.values = new_values
 
     def _parse_memop_paren(self):
         offset = []
@@ -801,7 +851,8 @@ class MemoryOperand(Operand):
         if custom_values_str is not None:
             value_str = custom_values_str
         else:
-            value_str = "".join(x.render(formatting)[0] if not isinstance(x, (bytes, str)) else x for x in self.values)
+            sep = "," if self.separator == "comma" else ""
+            value_str = sep.join(x.render(formatting)[0] if not isinstance(x, str) else x for x in self.values)
 
         if values_style == "curly":
             left_paren, right_paren = "{", "}"
@@ -811,7 +862,7 @@ class MemoryOperand(Operand):
             left_paren, right_paren = "[", "]"
 
         if self.offset:
-            offset_str = "".join(x.render(formatting)[0] if not isinstance(x, (bytes, str)) else x for x in self.offset)
+            offset_str = "".join(x.render(formatting)[0] if not isinstance(x, str) else x for x in self.offset)
 
             # combine values and offsets according to self.offset_location
             if self.offset_location == "prefix":
@@ -829,9 +880,7 @@ class MemoryOperand(Operand):
             prefix_str += " "
 
             if self.offset:
-                offset_str = "".join(
-                    x.render(formatting)[0] if not isinstance(x, (bytes, str)) else x for x in self.offset
-                )
+                offset_str = "".join(x.render(formatting)[0] if not isinstance(x, str) else x for x in self.offset)
 
                 # combine values and offsets according to self.offset_location
                 if self.offset_location == "prefix":
@@ -873,12 +922,14 @@ class Register(OperandPiece):
 
 
 class Value(OperandPiece):
-    def __init__(self, val, render_with_sign):
+    def __init__(self, val, render_with_sign, render_with_pound_sign: bool = False):
         self.val = val
         self.render_with_sign = render_with_sign
+        self.render_with_pound_sign = render_with_pound_sign
 
     @property
     def project(self):
+        assert self.parentop is not None
         return self.parentop.parentinsn.project
 
     def __eq__(self, other):
@@ -888,26 +939,26 @@ class Value(OperandPiece):
         if formatting is not None:
             try:
                 style = formatting["int_styles"][self.ident]
-                if style[0] == "hex":
-                    if self.render_with_sign:
-                        return [f"{self.val:+#x}"]
-                    return [f"{self.val:#x}"]
-                if style[0] == "dec":
-                    if self.render_with_sign:
-                        return [f"{self.val:+d}"]
-                    return [str(self.val)]
                 if style[0] == "label":
                     labeloffset = style[1]
                     if labeloffset == 0:
                         lbl = self.project.kb.labels[self.val]
                         return [lbl]
-                    return [
-                        "{}{}{:#+x}".format(
-                            "+" if self.render_with_sign else "",
-                            self.project.kb.labels[self.val + labeloffset],
-                            labeloffset,
-                        )
-                    ]
+                    s = "{}{}{:#+x}".format(
+                        "+" if self.render_with_sign else "",
+                        self.project.kb.labels[self.val + labeloffset],
+                        labeloffset,
+                    )
+                elif style[0] == "hex":
+                    s = f"{self.val:+#x}" if self.render_with_sign else f"{self.val:#x}"
+                    if self.render_with_pound_sign:
+                        s = "#" + s
+                else:  # "dec"
+                    s = f"{self.val:+d}" if self.render_with_sign else str(self.val)
+
+                if self.render_with_pound_sign:
+                    s = "#" + s
+                return [s]
             except KeyError:
                 pass
 
@@ -927,9 +978,10 @@ class Value(OperandPiece):
             return [("+" if self.render_with_sign else "") + lbl]
         if func is not None:
             return [func.demangled_name]
-        if self.render_with_sign:
-            return [f"{self.val:+#x}"]
-        return [f"{self.val:#x}"]
+        s = f"{self.val:+#x}" if self.render_with_sign else f"{self.val:#x}"
+        if self.render_with_pound_sign:
+            s = "#" + s
+        return [s]
 
 
 class Comment(DisassemblyPiece):
@@ -1079,10 +1131,11 @@ class Disassembly(Analysis):
         if irsb.statements is not None:
             if pcode is not None and isinstance(self.project.factory.default_engine, pcode.HeavyPcodeMixin):
                 addr = None
-                for stmt_idx, op in enumerate(irsb._ops):
+                for stmt_idx, op in enumerate(irsb._ops):  # type:ignore
                     if op.opcode == pypcode.OpCode.IMARK:
                         addr = op.inputs[0].offset
                     else:
+                        assert addr is not None
                         addr_to_ops_map[addr].append(IROp(addr, stmt_idx, op, irsb))
             else:
                 for seq, stmt in enumerate(irsb.statements):
@@ -1166,22 +1219,23 @@ class Disassembly(Analysis):
         buf = []
 
         if formatting is None:
+            colors = (
+                {
+                    "address": "gray",
+                    "bytes": "cyan",
+                    "edge": "yellow",
+                    Label: "bright_yellow",
+                    ConstantOperand: "cyan",
+                    MemoryOperand: "yellow",
+                    Comment: "gray",
+                    Hook: "green",
+                }
+                if ansi_color_enabled and color
+                else {}
+            )
             formatting = {
-                "colors": (
-                    {
-                        "address": "gray",
-                        "bytes": "cyan",
-                        "edge": "yellow",
-                        Label: "bright_yellow",
-                        ConstantOperand: "cyan",
-                        MemoryOperand: "yellow",
-                        Comment: "gray",
-                        Hook: "green",
-                    }
-                    if ansi_color_enabled and color
-                    else {}
-                ),
-                "format_callback": lambda item, s: ansi_color(s, formatting["colors"].get(type(item), None)),
+                "colors": colors,
+                "format_callback": lambda item, s: ansi_color(s, colors.get(type(item), None)),
             }
 
         def col(item: Any) -> str | None:
@@ -1234,12 +1288,14 @@ class Disassembly(Analysis):
                 # Format the instruction's address, bytes, disassembly, and comment
                 s_plain = format_address(item.addr, False)
                 s = format_address(item.addr)
+                bytes_column = 0
                 if show_bytes:
                     bytes_column = len(s_plain)
                     s_plain += format_bytes(insn_bytes[0], False)
                     s += format_bytes(insn_bytes[0])
                 s_plain += item.render()[0]
                 s += item.render(formatting)[0]
+                comment_column = 0
                 if comment is not None:
                     comment_column = len(s_plain)
                     s += format_comment(comment.text[0])

angr/analyses/proximity_graph.py

@@ -357,26 +357,27 @@ class ProximityGraphAnalysis(Analysis):
         def _handle_Call(
             stmt_idx: int, stmt: ailment.Stmt.Call, block: ailment.Block | None  # pylint:disable=unused-argument
         ):  # pylint:disable=unused-argument
-            func_node = self.kb.functions[stmt.target.value]
-            ref_at = {stmt.ins_addr}
-
-            # extract arguments
-            args = []
-            if stmt.args:
-                for arg in stmt.args:
-                    self._arg_handler(arg, args, string_refs)
-
-            if (
-                self._expand_funcs and func_node.addr in self._expand_funcs
-            ):  # pylint:disable=unsupported-membership-test
-                new_node = FunctionProxiNode(func_node, ref_at=ref_at)
-                if new_node not in to_expand:
-                    to_expand.append(new_node)
-            else:
-                new_node = CallProxiNode(func_node, ref_at=ref_at, args=tuple(args) if args is not None else None)
+            if isinstance(stmt.target, ailment.Expr.Const) and self.kb.functions.contains_addr(stmt.target.value):
+                func_node = self.kb.functions[stmt.target.value]
+                ref_at = {stmt.ins_addr}
+
+                # extract arguments
+                args = []
+                if stmt.args:
+                    for arg in stmt.args:
+                        self._arg_handler(arg, args, string_refs)
+
+                if (
+                    self._expand_funcs and func_node.addr in self._expand_funcs
+                ):  # pylint:disable=unsupported-membership-test
+                    new_node = FunctionProxiNode(func_node, ref_at=ref_at)
+                    if new_node not in to_expand:
+                        to_expand.append(new_node)
+                else:
+                    new_node = CallProxiNode(func_node, ref_at=ref_at, args=tuple(args) if args is not None else None)
 
-            # stmt has been properly handled, add the proxi node to the list
-            self.handled_stmts.append(new_node)
+                # stmt has been properly handled, add the proxi node to the list
+                self.handled_stmts.append(new_node)
 
         # This should have the same functionality as the previous handler
         def _handle_CallExpr(

angr/flirt/__init__.py

@@ -26,6 +26,60 @@ LIBRARY_TO_SIGNATURES: dict[str, list[FlirtSignature]] = defaultdict(list)
 STRING_TO_LIBRARIES: dict[str, set[str]] = defaultdict(set)
 
 
+def load_signature(sig_path: str, meta_path: str | None = None) -> tuple[str, FlirtSignature] | None:
+    """
+    Load a single FLIRT signature from a specific path.
+
+    :param sig_path:    Location of the FLIRT signature.
+    :return:            A FlirtSignature object if loading was successful, None otherwise.
+    """
+
+    # parse it
+    try:
+        with open(sig_path, "rb") as f:
+            sig_parsed = FlirtSignatureParsed.parse(f)
+    except FlirtSignatureError:
+        return None
+
+    # is there a meta data file?
+    if meta_path is not None and os.path.isfile(meta_path):
+        # yes!
+        with open(meta_path) as f:
+            meta = json.load(f)
+
+        arch = str(meta.get("arch", "Unknown"))
+        platform = str(meta.get("platform", "UnknownOS"))
+        os_name = meta.get("os", None)
+        os_version = meta.get("os_version", None)
+        compiler = meta.get("compiler", None)
+        compiler_version = meta.get("compiler_version", None)
+        unique_strings = meta.get("unique_strings", None)
+
+    else:
+        # nope... we need to extract information from the signature file
+        arch = flirt_arch_to_arch_name(sig_parsed.arch, sig_parsed.app_types)
+        platform = flirt_os_type_to_os_name(sig_parsed.os_types)
+        os_name = None
+        os_version = None
+        unique_strings = None
+        compiler = None
+        compiler_version = None
+
+    signature = FlirtSignature(
+        arch,
+        platform,
+        sig_parsed.libname,
+        sig_path,
+        unique_strings=unique_strings,
+        compiler=compiler,
+        compiler_version=compiler_version,
+        os_name=os_name,
+        os_version=os_version,
+    )
+
+    return arch, signature
+
+
 def load_signatures(path: str) -> None:
     """
     Recursively load all FLIRT signatures under a specific path.
@@ -40,52 +94,14 @@ def load_signatures(path: str) -> None:
     for root, _, filenames in os.walk(path):
         for filename in filenames:
             if filename.endswith(".sig"):
-                # parse it
                 sig_path = os.path.join(root, filename)
-                try:
-                    with open(sig_path, "rb") as f:
-                        sig_parsed = FlirtSignatureParsed.parse(f)
-                except FlirtSignatureError:
+                meta_path = os.path.join(root, filename[:-4] + ".meta")
+                r = load_signature(sig_path, meta_path=meta_path)
+                if r is None:
                     _l.warning("Failed to load FLIRT signature file %s.", sig_path)
                     continue
 
-                # is there a meta data file?
-                meta_path = os.path.join(root, filename[:-4] + ".meta")
-                if os.path.isfile(meta_path):
-                    # yes!
-                    with open(meta_path) as f:
-                        meta = json.load(f)
-
-                    arch = str(meta.get("arch", "Unknown"))
-                    platform = str(meta.get("platform", "UnknownOS"))
-                    os_name = meta.get("os", None)
-                    os_version = meta.get("os_version", None)
-                    compiler = meta.get("compiler", None)
-                    compiler_version = meta.get("compiler_version", None)
-                    unique_strings = meta.get("unique_strings", None)
-
-                else:
-                    # nope... we need to extract information from the signature file
-                    arch = flirt_arch_to_arch_name(sig_parsed.arch, sig_parsed.app_types)
-                    platform = flirt_os_type_to_os_name(sig_parsed.os_types)
-                    os_name = None
-                    os_version = None
-                    unique_strings = None
-                    compiler = None
-                    compiler_version = None
-
-                signature = FlirtSignature(
-                    arch,
-                    platform,
-                    sig_parsed.libname,
-                    sig_path,
-                    unique_strings=unique_strings,
-                    compiler=compiler,
-                    compiler_version=compiler_version,
-                    os_name=os_name,
-                    os_version=os_version,
-                )
-
+                arch, signature = r
                 FLIRT_SIGNATURES_BY_ARCH[arch].append(signature)
 
     # fill in LIBRARY_TO_SIGNATURES and STRING_TO_LIBRARIES
@@ -95,3 +111,14 @@ def load_signatures(path: str) -> None:
             if sig.unique_strings:
                 for us in sig.unique_strings:
                     STRING_TO_LIBRARIES[us].add(sig.sig_name)
+
+
+__all__ = (
+    "FLIRT_SIGNATURES_BY_ARCH",
+    "FS",
+    "LIBRARY_TO_SIGNATURES",
+    "STRING_TO_LIBRARIES",
+    "FlirtSignature",
+    "load_signature",
+    "load_signatures",
+)

angr/knowledge_plugins/key_definitions/live_definitions.py

@@ -419,7 +419,8 @@ class LiveDefinitions:
         sp_v = sp_values.one_value()
         if sp_v is None:
             values = [v for v in next(iter(sp_values.values())) if self.get_stack_offset(v) is not None]
-            assert len({self.get_stack_offset(v) for v in values}) == 1
+            if len({self.get_stack_offset(v) for v in values}) != 1:
+                return None
             return self.get_stack_offset(values[0])
 
         return self.get_stack_offset(sp_v)

angr/utils/types.py

@@ -97,6 +97,8 @@ def dereference_simtype(
                     continue
         if real_type is None:
             raise AngrMissingTypeError(f"Missing type {t.name}")
+        if t._arch is not None:
+            real_type = real_type.with_arch(t._arch)
         return dereference_simtype(real_type, type_collections, memo=memo)
 
     # the following code prepares a real_type SimType object that will be returned at the end of this method

{angr-9.2.178.dist-info → angr-9.2.179.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: angr
-Version: 9.2.178
+Version: 9.2.179
 Summary: A multi-architecture binary analysis toolkit, with the ability to perform dynamic symbolic execution and various static analyses on binaries
 License: BSD-2-Clause
 Project-URL: Homepage, https://angr.io/
@@ -16,12 +16,12 @@ Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: cxxheaderparser
 Requires-Dist: GitPython
-Requires-Dist: archinfo==9.2.178
+Requires-Dist: archinfo==9.2.179
 Requires-Dist: cachetools
 Requires-Dist: capstone==5.0.3
 Requires-Dist: cffi>=1.14.0
-Requires-Dist: claripy==9.2.178
-Requires-Dist: cle==9.2.178
+Requires-Dist: claripy==9.2.179
+Requires-Dist: cle==9.2.179
 Requires-Dist: msgspec
 Requires-Dist: mulpyplexer
 Requires-Dist: networkx!=2.8.1,>=2.0
@@ -31,7 +31,7 @@ Requires-Dist: pycparser>=2.18
 Requires-Dist: pydemumble
 Requires-Dist: pyformlang
 Requires-Dist: pypcode<4.0,>=3.2.1
-Requires-Dist: pyvex==9.2.178
+Requires-Dist: pyvex==9.2.179
 Requires-Dist: rich>=13.1.0
 Requires-Dist: sortedcontainers
 Requires-Dist: sympy
@@ -66,7 +66,7 @@ Project repository: https://github.com/angr/angr
 
 Documentation: https://docs.angr.io
 
-API Documentation: https://api.angr.io/en/latest/
+API Documentation: https://docs.angr.io/en/latest/api.html
 
 ## What is angr?
 
@@ -80,7 +80,7 @@ angr is a suite of Python 3 libraries that let you load a binary and do a lot of
 - Value-set analysis (VSA)
 - Decompilation
 
-The most common angr operation is loading a binary: `p = angr.Project('/bin/bash')` If you do this in an enhanced REPL like IPython, you can use tab-autocomplete to browse the [top-level-accessible methods](https://docs.angr.io/docs/toplevel) and their docstrings.
+The most common angr operation is loading a binary: `p = angr.Project('/bin/bash')` If you do this in an enhanced REPL like IPython, you can use tab-autocomplete to browse the [top-level-accessible methods](https://docs.angr.io/core-concepts/toplevel) and their docstrings.
 
 The short version of "how to install angr" is `mkvirtualenv --python=$(which python3) angr && python -m pip install angr`.
 
@@ -108,5 +108,5 @@ project.execute()
 - Documentation as [HTML](https://docs.angr.io/) and sources in the angr [Github repository](https://github.com/angr/angr/tree/master/docs)
 - Dive right in: [top-level-accessible methods](https://docs.angr.io/core-concepts/toplevel)
 - [Examples using angr to solve CTF challenges](https://docs.angr.io/examples).
-- [API Reference](https://angr.io/api-doc/)
+- [API Reference](https://docs.angr.io/en/latest/api.html)
 - [awesome-angr repo](https://github.com/degrigis/awesome-angr)