7 #include <capstone/platform.h>
8 #include <capstone/capstone.h>
33 #ifdef CAPSTONE_HAS_X86
34 #define X86_CODE16 "\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
35 #define X86_CODE32 "\x8d\x4c\x32\x08\x01\xd8\x81\xc6\x34\x12\x00\x00"
36 #define X86_CODE64 "\x55\x48\x8b\x05\xb8\x13\x00\x00"
38 #ifdef CAPSTONE_HAS_ARM
39 #define ARM_CODE "\xED\xFF\xFF\xEB\x04\xe0\x2d\xe5\x00\x00\x00\x00\xe0\x83\x22\xe5\xf1\x02\x03\x0e\x00\x00\xa0\xe3\x02\x30\xc1\xe7\x00\x00\x53\xe3"
40 #define ARM_CODE2 "\x10\xf1\x10\xe7\x11\xf2\x31\xe7\xdc\xa1\x2e\xf3\xe8\x4e\x62\xf3"
41 #define THUMB_CODE "\x70\x47\xeb\x46\x83\xb0\xc9\x68"
42 #define THUMB_CODE2 "\x4f\xf0\x00\x01\xbd\xe8\x00\x88\xd1\xe8\x00\xf0"
43 #define THUMB_MCLASS "\xef\xf3\x02\x80"
44 #define ARMV8 "\xe0\x3b\xb2\xee\x42\x00\x01\xe1\x51\xf0\x7f\xf5"
46 #ifdef CAPSTONE_HAS_MIPS
47 #define MIPS_CODE "\x0C\x10\x00\x97\x00\x00\x00\x00\x24\x02\x00\x0c\x8f\xa2\x00\x00\x34\x21\x34\x56\x00\x80\x04\x08"
48 #define MIPS_CODE2 "\x56\x34\x21\x34\xc2\x17\x01\x00"
49 #define MIPS_32R6M "\x00\x07\x00\x07\x00\x11\x93\x7c\x01\x8c\x8b\x7c\x00\xc7\x48\xd0"
50 #define MIPS_32R6 "\xec\x80\x00\x19\x7c\x43\x22\xa0"
52 #ifdef CAPSTONE_HAS_ARM64
53 #define ARM64_CODE "\x09\x00\x38\xd5\xbf\x40\x00\xd5\x0c\x05\x13\xd5\x20\x50\x02\x0e\x20\xe4\x3d\x0f\x00\x18\xa0\x5f\xa2\x00\xae\x9e\x9f\x37\x03\xd5\xbf\x33\x03\xd5\xdf\x3f\x03\xd5\x21\x7c\x02\x9b\x21\x7c\x00\x53\x00\x40\x21\x4b\xe1\x0b\x40\xb9\x20\x04\x81\xda\x20\x08\x02\x8b\x10\x5b\xe8\x3c"
55 #ifdef CAPSTONE_HAS_POWERPC
56 #define PPC_CODE "\x80\x20\x00\x00\x80\x3f\x00\x00\x10\x43\x23\x0e\xd0\x44\x00\x80\x4c\x43\x22\x02\x2d\x03\x00\x80\x7c\x43\x20\x14\x7c\x43\x20\x93\x4f\x20\x00\x21\x4c\xc8\x00\x21\x40\x82\x00\x14"
57 #define PPC_CODE2 "\x10\x60\x2a\x10\x10\x64\x28\x88\x7c\x4a\x5d\x0f"
59 #ifdef CAPSTONE_HAS_SPARC
60 #define SPARC_CODE "\x80\xa0\x40\x02\x85\xc2\x60\x08\x85\xe8\x20\x01\x81\xe8\x00\x00\x90\x10\x20\x01\xd5\xf6\x10\x16\x21\x00\x00\x0a\x86\x00\x40\x02\x01\x00\x00\x00\x12\xbf\xff\xff\x10\xbf\xff\xff\xa0\x02\x00\x09\x0d\xbf\xff\xff\xd4\x20\x60\x00\xd4\x4e\x00\x16\x2a\xc2\x80\x03"
61 #define SPARCV9_CODE "\x81\xa8\x0a\x24\x89\xa0\x10\x20\x89\xa0\x1a\x60\x89\xa0\x00\xe0"
63 #ifdef CAPSTONE_HAS_SYSZ
64 #define SYSZ_CODE "\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78"
66 #ifdef CAPSTONE_HAS_XCORE
67 #define XCORE_CODE "\xfe\x0f\xfe\x17\x13\x17\xc6\xfe\xec\x17\x97\xf8\xec\x4f\x1f\xfd\xec\x37\x07\xf2\x45\x5b\xf9\xfa\x02\x06\x1b\x10"
69 #ifdef CAPSTONE_HAS_M68K
70 #define M68K_CODE "\xd4\x40\x87\x5a\x4e\x71\x02\xb4\xc0\xde\xc0\xde\x5c\x00\x1d\x80\x71\x12\x01\x23\xf2\x3c\x44\x22\x40\x49\x0e\x56\x54\xc5\xf2\x3c\x44\x00\x44\x7a\x00\x00\xf2\x00\x0a\x28"
72 #ifdef CAPSTONE_HAS_M680X
73 #define M680X_CODE "\x06\x10\x19\x1a\x55\x1e\x01\x23\xe9\x31\x06\x34\x55\xa6\x81\xa7\x89\x7f\xff\xa6\x9d\x10\x00\xa7\x91\xa6\x9f\x10\x00\x11\xac\x99\x10\x00\x39"
77 #ifdef CAPSTONE_HAS_X86
83 "X86 16bit (Intel syntax)"
90 "X86 32bit (ATT syntax)",
99 "X86 32 (Intel syntax)"
106 "X86 64 (Intel syntax)"
109 #ifdef CAPSTONE_HAS_ARM
129 "ARM: Cortex-A15 + NEON"
148 (
unsigned char*)
ARMV8,
153 #ifdef CAPSTONE_HAS_MIPS
159 "MIPS-32 (Big-endian)"
166 "MIPS-64-EL (Little-endian)"
173 "MIPS-32R6 | Micro (Big-endian)"
180 "MIPS-32R6 (Big-endian)"
183 #ifdef CAPSTONE_HAS_ARM64
192 #ifdef CAPSTONE_HAS_POWERPC
208 #ifdef CAPSTONE_HAS_SPARC
224 #ifdef CAPSTONE_HAS_SYSZ
233 #ifdef CAPSTONE_HAS_XCORE
242 #ifdef CAPSTONE_HAS_M68K
251 #ifdef CAPSTONE_HAS_M680X
271 printf(
"****************\n");
275 printf(
"Failed on cs_open() with error returned: %u\n",
err);
292 for (j = 0; j <
count; j++) {
293 cs_insn *
in = &(all_insn[j]);
294 printf(
"0x%" PRIx64 ":\t%s\t\t%s // insn-ID: %u, insn-mnem: %s\n",
295 in->address,
in->mnemonic,
in->op_str,
301 if (
detail->regs_read_count > 0) {
302 printf(
"\tImplicit registers read: ");
303 for (
n = 0;
n <
detail->regs_read_count;
n++) {
310 if (
detail->regs_write_count > 0) {
311 printf(
"\tImplicit registers modified: ");
312 for (
n = 0;
n <
detail->regs_write_count;
n++) {
319 if (
detail->groups_count > 0) {
320 printf(
"\tThis instruction belongs to groups: ");
321 for (
n = 0;
n <
detail->groups_count;
n++) {
334 printf(
"****************\n");
337 printf(
"ERROR: Failed to disasm given code!\n");
static mcore_handle handle
const lzma_allocator const uint8_t * in
cs_arch
Architecture type.
@ CS_ARCH_ARM64
ARM-64, also called AArch64.
@ CS_ARCH_SPARC
Sparc architecture.
@ CS_ARCH_XCORE
XCore architecture.
@ CS_ARCH_M68K
68K architecture
@ CS_ARCH_X86
X86 architecture (including x86 & x86-64)
@ CS_ARCH_M680X
680X architecture
@ CS_ARCH_ARM
ARM architecture (including Thumb, Thumb-2)
@ CS_ARCH_MIPS
Mips architecture.
@ CS_ARCH_SYSZ
SystemZ architecture.
@ CS_ARCH_PPC
PowerPC architecture.
@ CS_MODE_MCLASS
ARM's Cortex-M series.
@ CS_MODE_64
64-bit mode (X86, PPC)
@ CS_MODE_M68K_040
M68K 68040 mode.
@ CS_MODE_MIPS64
Mips64 ISA (Mips)
@ CS_MODE_32
32-bit mode (X86)
@ CS_MODE_V8
ARMv8 A32 encodings for ARM.
@ CS_MODE_MICRO
MicroMips mode (MIPS)
@ CS_MODE_MIPS32
Mips32 ISA (Mips)
@ CS_MODE_MIPS32R6
Mips32r6 ISA.
@ CS_MODE_BIG_ENDIAN
big-endian mode
@ CS_MODE_16
16-bit mode (X86)
@ CS_MODE_V9
SparcV9 mode (Sparc)
@ CS_MODE_THUMB
ARM's Thumb mode, including Thumb-2.
@ CS_MODE_QPX
Quad Processing eXtensions mode (PPC)
@ CS_MODE_LITTLE_ENDIAN
little-endian mode (default mode)
@ CS_MODE_M680X_6809
M680X Motorola 6809 mode.
cs_opt_type
Runtime option for the disassembled engine.
@ CS_OPT_DETAIL
Break down instruction structure into details.
@ CS_OPT_SYNTAX
Assembly output syntax.
cs_opt_value
Runtime option value (associated with option type above)
@ CS_OPT_SYNTAX_ATT
X86 ATT asm syntax (CS_OPT_SYNTAX).
@ CS_OPT_ON
Turn ON an option (CS_OPT_DETAIL, CS_OPT_SKIPDATA).
CAPSTONE_EXPORT size_t CAPSTONE_API cs_disasm(csh ud, const uint8_t *buffer, size_t size, uint64_t offset, size_t count, cs_insn **insn)
CAPSTONE_EXPORT const char *CAPSTONE_API cs_group_name(csh ud, unsigned int group)
CAPSTONE_EXPORT cs_err CAPSTONE_API cs_open(cs_arch arch, cs_mode mode, csh *handle)
CAPSTONE_EXPORT const char *CAPSTONE_API cs_insn_name(csh ud, unsigned int insn)
CAPSTONE_EXPORT void CAPSTONE_API cs_free(cs_insn *insn, size_t count)
CAPSTONE_EXPORT const char *CAPSTONE_API cs_reg_name(csh ud, unsigned int reg)
CAPSTONE_EXPORT cs_err CAPSTONE_API cs_close(csh *handle)
CAPSTONE_EXPORT cs_err CAPSTONE_API cs_option(csh ud, cs_opt_type type, size_t value)
_Use_decl_annotations_ int __cdecl printf(const char *const _Format,...)
static static sync static getppid static getegid const char static filename char static len const char char static bufsiz static mask static vfork const void static prot static getpgrp const char static swapflags static arg static fd static protocol static who struct sockaddr static addrlen static backlog struct timeval struct timezone static tz const struct iovec static count static mode const void const struct sockaddr static tolen const char static pathname void count
struct platform platforms[]
static void print_string_hex(unsigned char *str, size_t len)