Owlibou/gnoma
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Ollama/gemma4 compat — /init flow, stream filter, safety fixes

Browse Source 
provider/openai:
- Fix doubled tool call args (argsComplete flag): Ollama sends complete
  args in the first streaming chunk then repeats them as delta, causing
  doubled JSON and 400 errors in elfs
- Handle fs: prefix (gemma4 uses fs:grep instead of fs.grep)
- Add Reasoning field support for Ollama thinking output

cmd/gnoma:
- Early TTY detection so logger is created with correct destination
  before any component gets a reference to it (fixes slog WARN bleed
  into TUI textarea)

permission:
- Exempt spawn_elfs and agent tools from safety scanner: elf prompt
  text may legitimately mention .env/.ssh/credentials patterns and
  should not be blocked

tui/app:
- /init retry chain: no-tool-calls → spawn_elfs nudge → write nudge
  (ask for plain text output) → TUI fallback write from streamBuf
- looksLikeAgentsMD + extractMarkdownDoc: validate and clean fallback
  content before writing (reject refusals, strip narrative preambles)
- Collapse thinking output to 3 lines; ctrl+o to expand (live stream
  and committed messages)
- Stream-level filter for model pseudo-tool-call blocks: suppresses
  <<tool_code>>...</tool_code>> and <<function_call>>...<tool_call|>
  from entering streamBuf across chunk boundaries
- sanitizeAssistantText regex covers both block formats
- Reset streamFilterClose at every turn start
This commit is contained in:
vikingowl
2026-04-05 19:24:51 +02:00
parent 14b88cadcc
commit cb2d63d06f
51 changed files with 2855 additions and 353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
TODO.md Normal file
View File

@@ -0,0 +1,147 @@
# Gnoma ELF Support - TODO List
## Overview
This document outlines the steps to add **ELF (Executable and Linkable Format)** support to Gnoma, enabling features like ELF parsing, disassembly, security analysis, and binary manipulation.
---
## 📌 Goals
- Add ELF-specific tools to Gnomas toolset.
- Enable users to analyze, disassemble, and manipulate ELF binaries.
- Integrate with Gnomas existing permission and security systems.
---
## ✅ Implementation Steps
### 1. **Design ELF Tools**
- [ ] **`elf.parse`**: Parse and display ELF headers, sections, and segments.
- [ ] **`elf.disassemble`**: Disassemble code sections (e.g., `.text`) using `objdump` or a pure-Go disassembler.
- [ ] **`elf.analyze`**: Perform security analysis (e.g., check for packed binaries, missing security flags).
- [ ] **`elf.patch`**: Modify binary bytes or inject code (advanced feature).
- [ ] **`elf.symbols`**: Extract and list symbols from the symbol table.
### 2. **Implement ELF Tools**
- [ ] Create a new package: `internal/tool/elf`.
- [ ] Implement each tool as a struct with `Name()` and `Run(args map[string]interface{})` methods.
- [ ] Use `debug/elf` (standard library) or third-party libraries like `github.com/xyproto/elf` for parsing.
- [ ] Add support for external tools like `objdump` and `radare2` for disassembly.
#### Example: `elf.Parse` Tool
```go
package elf
import (
"debug/elf"
"fmt"
"os"
)
type ParseTool struct{}
func NewParseTool() *ParseTool {
return &ParseTool{}
}
func (t *ParseTool) Name() string {
return "elf.parse"
}
func (t *ParseTool) Run(args map[string]interface{}) (string, error) {
filePath, ok := args["file"].(string)
if !ok {
return "", fmt.Errorf("missing 'file' argument")
}
f, err := os.Open(filePath)
if err != nil {
return "", fmt.Errorf("failed to open file: %v", err)
}
defer f.Close()
ef, err := elf.NewFile(f)
if err != nil {
return "", fmt.Errorf("failed to parse ELF: %v", err)
}
defer ef.Close()
// Extract and format ELF headers
output := fmt.Sprintf("ELF Header:\n%s\n", ef.FileHeader)
output += fmt.Sprintf("Sections:\n")
for _, s := range ef.Sections {
output += fmt.Sprintf(" - %s (size: %d)\n", s.Name, s.Size)
}
output += fmt.Sprintf("Program Headers:\n")
for _, p := range ef.Progs {
output += fmt.Sprintf(" - Type: %s, Offset: %d, Vaddr: %x\n", p.Type, p.Off, p.Vaddr)
}
return output, nil
}
```
### 3. **Integrate ELF Tools with Gnoma**
- [ ] Update `buildToolRegistry()` in `cmd/gnoma/main.go` to register ELF tools:
```go
func buildToolRegistry() *tool.Registry {
reg := tool.NewRegistry()
reg.Register(bash.New())
reg.Register(fs.NewReadTool())
reg.Register(fs.NewWriteTool())
reg.Register(fs.NewEditTool())
reg.Register(fs.NewGlobTool())
reg.Register(fs.NewGrepTool())
reg.Register(fs.NewLSTool())
reg.Register(elf.NewParseTool()) // New ELF tool
reg.Register(elf.NewDisassembleTool()) // New ELF tool
reg.Register(elf.NewAnalyzeTool()) // New ELF tool
return reg
}
```
### 4. **Add Documentation**
- [ ] Add usage examples to `docs/elf-tools.md`.
- [ ] Update `CLAUDE.md` with ELF tool capabilities.
### 5. **Testing**
- [ ] Test ELF tools on sample binaries (e.g., `/bin/ls`, `/bin/bash`).
- [ ] Test edge cases (e.g., stripped binaries, packed binaries).
- [ ] Ensure integration with Gnomas permission and security systems.
### 6. **Security Considerations**
- [ ] Sandbox ELF tools to prevent malicious binaries from compromising the system.
- [ ] Validate file paths and arguments to avoid directory traversal or arbitrary file writes.
- [ ] Use Gnomas firewall to scan ELF tool outputs for suspicious patterns.
---
## 🛠️ Dependencies
- **Go Libraries**:
- [`debug/elf`](https://pkg.go.dev/debug/elf) (standard library).
- [`github.com/xyproto/elf`](https://github.com/xyproto/elf) (third-party).
- [`github.com/anchore/go-elf`](https://github.com/anchore/go-elf) (third-party).
- **External Tools**:
- `objdump` (for disassembly).
- `readelf` (for detailed ELF analysis).
- `radare2` (for advanced reverse engineering).
---
## 📝 Example Usage
### Interactive Mode
```
> Use the elf.parse tool to analyze /bin/ls
> elf.parse --file /bin/ls
```
### Pipe Mode
```bash
echo '{"file": "/bin/ls"}' | gnoma --tool elf.parse
```
---
## 🚀 Future Enhancements
- Add support for **PE (Portable Executable)** and **Mach-O** formats.
- Integrate with **Ghidra** or **IDA Pro** for advanced analysis.
- Add **automated exploit detection** for binaries.