dddddddddddddddddddddddddddddddddddddddd/     
      ddddddddddddddddddMMMMdddddddddddddddddd/     
      ``````````````````NMMM``````````````````      
   ---------------------NMMM---------------------`  
  `NNNNNNNNNNNNNNNNNNNNNMMMMNNNNNNNNNNNNNNNNNNNNNo  
  `MMMmoooooooooooooooooNMMMooooooooooooooooosMMMs  
  `MMMy                 NMMM                 -MMMs  
  `MMMy  /hhhhhhhhhhh`  NMMM   hhhhhhhhhhhs  -MMMs  
  `MMMy  /hhhhhhhhhhh`  NMMM   hhhhhhhhhhhs  -MMMs  
  `mmms                 NMMM                 -mmmo  
        /ssssssssssss`  NMMM   sssssssssssss.       
        sNNNNNNNNNNNN`  NMMM   NNNNNNNNNNNNN-       
                        oooo                        
        ::::::::::::::::::::::::::::::::::::`       
       `MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM/       
        ////////////////////////////////////.       
                                                    
 -yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyo 
 :MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMd 
  ````````````-NMMMd.```````````-ohNh+.```````````` 
             :NMMMo`            `+hMMMNy:`          
            +NMMm:             ````-sNMMMmo.        
    .yyyyyydMMMMmdddddmmmmmmmmmmmmNNNMMMMMMNh:      
    `MMMMMMMNNNNNNNmmmmmmddddddhhhhhhyyyyymMMMd/    
     ---............`````````````         `+mds:    
                                            ``      
                 [deroad's  blog]
                      [home]

# 2019-11-06 | radare2 - protobuf
{

  Today I've release, for radare2, raw protocol buffers decoding.
  It's quite easy to use, just type pFb @ 0x1234 and it will print the decoded protobuf.

  r2 proto-buffer

  protocol buffer decoding in C:



  /* protocol buffers are a series of key-value pairs.
   * each key-value is encoded in a single byte.
   * this byte is encoded as follows. */
  typedef struct _proto_head {
    uint8_t wire   : 3;
    uint8_t number : 5;
  } __attribute__((packed)) proto_head_t;

  /* wire is the type of the data in the next bytes,
   * number is the id that you define in the .proto files for a key-value pair.
   * all the possible values of wire can be found below */

  #define WIRE_VARINT    0 // int32, int64, uint32, uint64, sint32, sint64, bool, enum
  #define WIRE_64_BIT    1 // fixed64, sfixed64, double
  #define WIRE_LEN_DELIM 2 // string, bytes, embedded messages, packed repeated fields
  #define WIRE_START_GRP 3 // groups (deprecated)
  #define WIRE_END_GRP   4 // groups (deprecated)
  #define WIRE_32_BIT    5 // fixed32, sfixed32, float
  
  /* WIRE_VARINT     is a variable-length code (also known as LEB128) compression to store a large integer in a small number of bytes.
   * WIRE_64_BIT     is a fixed sized 64 bit number, it can be a [u]int64_t or double
   * WIRE_32_BIT     is a fixed sized 32 bit number, it can be a [u]int32_t or float
   * WIRE_LEN_DELIM  can be string, bytes, packed/repeated structs/fields
   * WIRE_START_GRP and WIRE_END_GRP are deprecated structures.
   *
   * strings can be easily spotted in the decoding by checking if the bytes are utf-8 encoded printable chars
   * repeated are hard to be spotted since they are arrays of a specific type and look like normal bytes.
   * the full implementation i wrote for r2 can be found here: https://github.com/radareorg/radare2/blob/master/libr/util/protobuf.c */




}

# References:
  https://developers.google.com/protocol-buffers/docs/encoding