Rizin
unix-like reverse engineering framework and cli tools
Functions
csyscall.c File Reference
#include <rz_core.h>

Go to the source code of this file.

Functions

static const char * syscallNumber (int n)
 
RZ_API RZ_OWN char * rz_core_syscall_as_string (RzCore *core, st64 n, ut64 addr)
 Returns the syscall representation as a string. More...
 

Function Documentation

◆ rz_core_syscall_as_string()

RZ_API RZ_OWN char* rz_core_syscall_as_string ( RzCore core,
st64  n,
ut64  addr 
)

Returns the syscall representation as a string.

Given the syscall number and address it resolves the syscall for the selected asm.arch and asm.os values and print its arguments.

The number of the syscall can also be -1 to try to read the value of the syscall from the register that is the syscall number by the selected calling convention.

Parameters
coreRzCore instance
nnumber of the syscall
addraddress of the syscall

Definition at line 26 of file csyscall.c.

26  {
27  int i;
28  char str[64];
29  st64 N = n;
30  int defVector = rz_syscall_get_swi(core->analysis->syscall);
31  if (defVector > 0) {
32  n = -1;
33  }
34  if (n == -1 || defVector > 0) {
35  n = (int)rz_core_reg_getv_by_role_or_name(core, "oeax");
36  if (!n || n == -1) {
37  const char *a0 = rz_reg_get_name(core->analysis->reg, RZ_REG_NAME_SN);
38  n = (a0 == NULL) ? -1 : (int)rz_core_reg_getv_by_role_or_name(core, a0);
39  }
40  }
41  RzSyscallItem *item = rz_syscall_get(core->analysis->syscall, n, defVector);
42  if (!item) {
43  item = rz_syscall_get(core->analysis->syscall, N, -1);
44  }
45  if (!item) {
46  return rz_str_newf("%s = unknown ()", syscallNumber(n));
47  }
48  char *res = rz_str_newf("%s = %s (", syscallNumber(item->num), item->name);
49  // TODO: move this to rz_syscall
50  const char *cc = rz_analysis_syscc_default(core->analysis);
51  // TODO replace the hardcoded CC with the sdb ones
52  for (i = 0; i < item->args; i++) {
53  // XXX this is a hack to make syscall args work on x86-32 and x86-64
54  // we need to shift sn first.. which is bad, but needs to be redesigned
55  int regidx = i;
56  if (core->rasm->bits == 32 && core->rasm->cur && !strcmp(core->rasm->cur->arch, "x86")) {
57  regidx++;
58  }
59  ut64 arg = rz_core_arg_get(core, cc, regidx); // TODO here
60  // rz_cons_printf ("(%d:0x%"PFMT64x")\n", i, arg);
61  if (item->sargs) {
62  switch (item->sargs[i]) {
63  case 'p': // pointer
64  res = rz_str_appendf(res, "0x%08" PFMT64x "", arg);
65  break;
66  case 'i':
67  res = rz_str_appendf(res, "%" PFMT64u "", arg);
68  break;
69  case 'z':
70  memset(str, 0, sizeof(str));
71  rz_io_read_at(core->io, arg, (ut8 *)str, sizeof(str) - 1);
72  rz_str_filter(str);
73  res = rz_str_appendf(res, "\"%s\"", str);
74  break;
75  case 'Z': {
76  // TODO replace the hardcoded CC with the sdb ones
77  ut64 len = rz_core_arg_get(core, cc, i + 2);
78  len = RZ_MIN(len + 1, sizeof(str) - 1);
79  if (len == 0) {
80  len = 16; // override default
81  }
82  (void)rz_io_read_at(core->io, arg, (ut8 *)str, len);
83  str[len] = 0;
84  rz_str_filter(str);
85  res = rz_str_appendf(res, "\"%s\"", str);
86  } break;
87  default:
88  res = rz_str_appendf(res, "0x%08" PFMT64x "", arg);
89  break;
90  }
91  } else {
92  res = rz_str_appendf(res, "0x%08" PFMT64x "", arg);
93  }
94  if (i + 1 < item->args) {
95  res = rz_str_appendf(res, ", ");
96  }
97  }
98  rz_syscall_item_free(item);
99  return rz_str_appendf(res, ")");
100 }
len
size_t len
Definition: 6502dis.c:15
i
lzma_index ** i
Definition: index.h:629
rz_core_arg_get
RZ_DEPRECATE RZ_API ut64 rz_core_arg_get(RzCore *core, const char *cc, int num)
Get the value of the num-th argument from the current debug or emulation state.
Definition: carg.c:13
rz_analysis_syscc_default
RZ_API const char * rz_analysis_syscc_default(RzAnalysis *analysis)
Definition: cc.c:210
rz_core_reg_getv_by_role_or_name
RZ_API ut64 rz_core_reg_getv_by_role_or_name(RzCore *core, const char *name)
rz_reg_getv_by_role_or_name() on rz_core_reg_default()
Definition: creg.c:24
NULL
#define NULL
Definition: cris-opc.c:27
syscallNumber
static const char * syscallNumber(int n)
Definition: csyscall.c:7
a0
a0
Definition: insn-good.s.cs:704
ut8
uint8_t ut8
Definition: lh5801.h:11
memset
return memset(p, 0, total)
n
int n
Definition: mipsasm.c:19
cmd_descs_generate.str
str
Definition: cmd_descs_generate.py:785
rz_reg_get_name
RZ_API const char * rz_reg_get_name(RzReg *reg, int role)
Definition: reg.c:147
rz_io_read_at
RZ_API bool rz_io_read_at(RzIO *io, ut64 addr, ut8 *buf, int len)
Definition: io.c:300
RZ_REG_NAME_SN
@ RZ_REG_NAME_SN
Definition: rz_reg.h:70
rz_str_appendf
RZ_API char * rz_str_appendf(char *ptr, const char *fmt,...) RZ_PRINTF_CHECK(2
rz_str_newf
RZ_API char * rz_str_newf(const char *fmt,...) RZ_PRINTF_CHECK(1
rz_str_filter
RZ_API void rz_str_filter(char *str)
Convert all non-printable characters in str with '.'.
Definition: str.c:2359
PFMT64u
#define PFMT64u
Definition: rz_types.h:395
PFMT64x
#define PFMT64x
Definition: rz_types.h:393
RZ_MIN
#define RZ_MIN(x, y)
Definition: rz_types_base.h:140
st64
#define st64
Definition: rz_types_base.h:10
int
static int
Definition: sfsocketcall.h:114
rz_analysis_t::syscall
RzSyscall * syscall
Definition: rz_analysis.h:570
rz_analysis_t::reg
RzReg * reg
Definition: rz_analysis.h:568
rz_asm_t::bits
int bits
Definition: rz_asm.h:100
rz_asm_t::cur
_RzAsmPlugin * cur
Definition: rz_asm.h:106
rz_core_t::rasm
RzAsm * rasm
Definition: rz_core.h:323
rz_core_t::analysis
RzAnalysis * analysis
Definition: rz_core.h:322
rz_core_t::io
RzIO * io
Definition: rz_core.h:313
rz_syscall_item_t
Definition: rz_syscall.h:19
rz_syscall_item_t::num
int num
Definition: rz_syscall.h:22
rz_syscall_item_t::name
char * name
Definition: rz_syscall.h:20
rz_syscall_item_t::args
int args
Definition: rz_syscall.h:23
rz_syscall_item_t::sargs
char * sargs
Definition: rz_syscall.h:24
rz_syscall_item_free
RZ_API void rz_syscall_item_free(RzSyscallItem *si)
Definition: syscall.c:325
rz_syscall_get_swi
RZ_API int rz_syscall_get_swi(RzSyscall *s)
Definition: syscall.c:341
rz_syscall_get
RZ_API RzSyscallItem * rz_syscall_get(RzSyscall *s, int num, int swi)
Definition: syscall.c:345
ut64
ut64(WINAPI *w32_GetEnabledXStateFeatures)()
N
#define N
Definition: zip_err_str.c:8

References a0, rz_core_t::analysis, rz_syscall_item_t::args, rz_asm_t::bits, rz_asm_t::cur, i, int, rz_core_t::io, len, memset(), N, n, rz_syscall_item_t::name, NULL, rz_syscall_item_t::num, PFMT64u, PFMT64x, rz_core_t::rasm, rz_analysis_t::reg, rz_analysis_syscc_default(), rz_core_arg_get(), rz_core_reg_getv_by_role_or_name(), rz_io_read_at(), RZ_MIN, rz_reg_get_name(), RZ_REG_NAME_SN, rz_str_appendf(), rz_str_filter(), rz_str_newf(), rz_syscall_get(), rz_syscall_get_swi(), rz_syscall_item_free(), rz_syscall_item_t::sargs, st64, cmd_descs_generate::str, rz_analysis_t::syscall, syscallNumber(), and ut64().

Referenced by ds_print_esil_analysis(), and rz_analysis_syscall_show_handler().

◆ syscallNumber()

static const char* syscallNumber ( int  n)
static

Definition at line 7 of file csyscall.c.

7  {
8  return sdb_fmt(n > 1000 ? "0x%x" : "%d", n);
9 }
sdb_fmt
RZ_API char * sdb_fmt(const char *fmt,...)
Definition: fmt.c:26

References n, and sdb_fmt().

Referenced by rz_core_syscall_as_string().