Nguyen Anh Quynh | ae3649f | 2014-01-02 13:15:07 +0800 | [diff] [blame] | 1 | #ifndef CAPSTONE_ENGINE_H |
| 2 | #define CAPSTONE_ENGINE_H |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 3 | |
Nguyen Anh Quynh | 7751fbe | 2014-04-28 11:23:14 +0800 | [diff] [blame] | 4 | /* Capstone Disassembly Engine */ |
| 5 | /* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013-2014 */ |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 6 | |
| 7 | #ifdef __cplusplus |
| 8 | extern "C" { |
| 9 | #endif |
| 10 | |
| 11 | #include <stdint.h> |
Nguyen Anh Quynh | edeeb04 | 2014-01-15 20:44:03 +0800 | [diff] [blame] | 12 | #include <stdio.h> |
Nguyen Anh Quynh | 64d4083 | 2014-01-17 20:55:21 +0800 | [diff] [blame] | 13 | #include <stdarg.h> |
Nguyen Anh Quynh | f185180 | 2013-12-21 12:16:47 +0800 | [diff] [blame] | 14 | #include <stdlib.h> |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 15 | |
Nguyen Anh Quynh | 171eb75 | 2014-05-15 21:01:08 +0800 | [diff] [blame] | 16 | #include "platform.h" |
| 17 | |
Alex Ionescu | 46018db | 2014-01-22 09:45:00 -0800 | [diff] [blame] | 18 | #ifdef _MSC_VER |
hlide | 993f362 | 2014-10-05 18:14:40 +0200 | [diff] [blame^] | 19 | #pragma warning(disable:4201) |
| 20 | #pragma warning(disable:4100) |
| 21 | #ifdef CAPSTONE_SHARED |
| 22 | #define CAPSTONE_EXPORT __declspec(dllexport) |
| 23 | #else // defined(CAPSTONE_STATIC) |
| 24 | #define CAPSTONE_EXPORT |
| 25 | #endif |
Ali Rizvi-Santiago | 10053ba | 2014-06-03 21:04:23 +0000 | [diff] [blame] | 26 | #else |
hlide | 993f362 | 2014-10-05 18:14:40 +0200 | [diff] [blame^] | 27 | #define CAPSTONE_EXPORT |
Alex Ionescu | 46018db | 2014-01-22 09:45:00 -0800 | [diff] [blame] | 28 | #endif |
| 29 | |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 30 | #ifdef __GNUC__ |
| 31 | #define CAPSTONE_DEPRECATED __attribute__((deprecated)) |
| 32 | #elif defined(_MSC_VER) |
| 33 | #define CAPSTONE_DEPRECATED __declspec(deprecated) |
| 34 | #else |
| 35 | #pragma message("WARNING: You need to implement CAPSTONE_DEPRECATED for this compiler") |
| 36 | #define CAPSTONE_DEPRECATED |
| 37 | #endif |
| 38 | |
Nguyen Anh Quynh | bb64b0b | 2013-12-10 07:56:17 +0800 | [diff] [blame] | 39 | // Capstone API version |
Nguyen Anh Quynh | fd0f798 | 2014-08-13 14:15:27 +0800 | [diff] [blame] | 40 | #define CS_API_MAJOR 3 |
| 41 | #define CS_API_MINOR 0 |
Nguyen Anh Quynh | bb64b0b | 2013-12-10 07:56:17 +0800 | [diff] [blame] | 42 | |
Nguyen Anh Quynh | 2296d5e | 2013-12-22 21:01:17 +0800 | [diff] [blame] | 43 | // Macro to create combined version which can be compared to |
Nguyen Anh Quynh | b90cb99 | 2013-12-28 13:59:09 +0800 | [diff] [blame] | 44 | // result of cs_version() API. |
Nguyen Anh Quynh | 2296d5e | 2013-12-22 21:01:17 +0800 | [diff] [blame] | 45 | #define CS_MAKE_VERSION(major, minor) ((major << 8) + minor) |
| 46 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 47 | // Handle using with all API |
Nguyen Anh Quynh | b42a657 | 2013-11-29 17:40:07 +0800 | [diff] [blame] | 48 | typedef size_t csh; |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 49 | |
| 50 | // Architecture type |
| 51 | typedef enum cs_arch { |
| 52 | CS_ARCH_ARM = 0, // ARM architecture (including Thumb, Thumb-2) |
| 53 | CS_ARCH_ARM64, // ARM-64, also called AArch64 |
| 54 | CS_ARCH_MIPS, // Mips architecture |
| 55 | CS_ARCH_X86, // X86 architecture (including x86 & x86-64) |
Nguyen Anh Quynh | 42c6b1a | 2013-12-30 00:15:25 +0800 | [diff] [blame] | 56 | CS_ARCH_PPC, // PowerPC architecture |
Nguyen Anh Quynh | 05e2713 | 2014-03-10 11:58:57 +0800 | [diff] [blame] | 57 | CS_ARCH_SPARC, // Sparc architecture |
Nguyen Anh Quynh | 48a14ca | 2014-03-23 08:35:45 +0800 | [diff] [blame] | 58 | CS_ARCH_SYSZ, // SystemZ architecture |
Nguyen Anh Quynh | c80d840 | 2014-05-26 23:02:48 +0800 | [diff] [blame] | 59 | CS_ARCH_XCORE, // XCore architecture |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 60 | CS_ARCH_MAX, |
Nguyen Anh Quynh | 39a42ed | 2013-12-22 10:40:58 +0800 | [diff] [blame] | 61 | CS_ARCH_ALL = 0xFFFF, |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 62 | } cs_arch; |
| 63 | |
Nguyen Anh Quynh | 9518148 | 2014-03-25 23:20:41 +0800 | [diff] [blame] | 64 | // Support value to verify diet mode of the engine. |
| 65 | // If cs_support(CS_SUPPORT_DIET) return True, the engine was compiled |
| 66 | // in diet mode. |
Nguyen Anh Quynh | 492b8ed | 2014-02-25 08:14:15 +0800 | [diff] [blame] | 67 | #define CS_SUPPORT_DIET (CS_ARCH_ALL + 1) |
Nguyen Anh Quynh | b2870e4 | 2014-02-22 23:41:16 +0800 | [diff] [blame] | 68 | |
Nguyen Anh Quynh | 6d3c711 | 2014-03-27 15:38:23 +0800 | [diff] [blame] | 69 | // Support value to verify X86 reduce mode of the engine. |
Nguyen Anh Quynh | 59b5489 | 2014-03-27 10:54:44 +0800 | [diff] [blame] | 70 | // If cs_support(CS_SUPPORT_X86_REDUCE) return True, the engine was compiled |
Nguyen Anh Quynh | 6d3c711 | 2014-03-27 15:38:23 +0800 | [diff] [blame] | 71 | // in X86 reduce mode. |
Nguyen Anh Quynh | 59b5489 | 2014-03-27 10:54:44 +0800 | [diff] [blame] | 72 | #define CS_SUPPORT_X86_REDUCE (CS_ARCH_ALL + 2) |
Nguyen Anh Quynh | 9518148 | 2014-03-25 23:20:41 +0800 | [diff] [blame] | 73 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 74 | // Mode type |
| 75 | typedef enum cs_mode { |
| 76 | CS_MODE_LITTLE_ENDIAN = 0, // little endian mode (default mode) |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 77 | CS_MODE_ARM = 0, // 32-bit ARM |
| 78 | CS_MODE_16 = 1 << 1, // 16-bit mode |
| 79 | CS_MODE_32 = 1 << 2, // 32-bit mode |
| 80 | CS_MODE_64 = 1 << 3, // 64-bit mode |
| 81 | CS_MODE_THUMB = 1 << 4, // ARM's Thumb mode, including Thumb-2 |
Nguyen Anh Quynh | 7c089fd | 2014-08-13 23:08:40 +0800 | [diff] [blame] | 82 | CS_MODE_MCLASS = 1 << 5, // ARM's Cortex-M series |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 83 | CS_MODE_MICRO = 1 << 4, // MicroMips mode (MIPS architecture) |
| 84 | CS_MODE_N64 = 1 << 5, // Nintendo-64 mode (MIPS architecture) |
Nguyen Anh Quynh | 0f0eb98 | 2014-08-14 18:26:39 +0800 | [diff] [blame] | 85 | CS_MODE_MIPS3 = 1 << 6, // Mips III ISA |
| 86 | CS_MODE_MIPS32R6 = 1 << 7, // Mips32r6 ISA |
| 87 | CS_MODE_MIPSGP64 = 1 << 8, // General Purpose Registers are 64-bit wide (MIPS arch) |
Nguyen Anh Quynh | 05e2713 | 2014-03-10 11:58:57 +0800 | [diff] [blame] | 88 | CS_MODE_V9 = 1 << 4, // SparcV9 mode (Sparc architecture) |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 89 | CS_MODE_BIG_ENDIAN = 1 << 31 // big endian mode |
| 90 | } cs_mode; |
| 91 | |
Nguyen Anh Quynh | a8eb7a5 | 2014-01-11 12:55:31 +0800 | [diff] [blame] | 92 | typedef void* (*cs_malloc_t)(size_t size); |
| 93 | typedef void* (*cs_calloc_t)(size_t nmemb, size_t size); |
| 94 | typedef void* (*cs_realloc_t)(void *ptr, size_t size); |
| 95 | typedef void (*cs_free_t)(void *ptr); |
Nguyen Anh Quynh | bdd1e34 | 2014-01-16 12:34:06 +0800 | [diff] [blame] | 96 | typedef int (*cs_vsnprintf_t)(char *str, size_t size, const char *format, va_list ap); |
Nguyen Anh Quynh | edeeb04 | 2014-01-15 20:44:03 +0800 | [diff] [blame] | 97 | |
Nguyen Anh Quynh | 24bf0d9 | 2014-01-05 11:19:04 +0800 | [diff] [blame] | 98 | |
Nguyen Anh Quynh | 56aba59 | 2014-01-15 21:24:28 +0800 | [diff] [blame] | 99 | // User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf() |
| 100 | // By default, Capstone uses system's malloc(), calloc(), realloc(), free() & vsnprintf(). |
Nguyen Anh Quynh | 24bf0d9 | 2014-01-05 11:19:04 +0800 | [diff] [blame] | 101 | typedef struct cs_opt_mem { |
Nguyen Anh Quynh | a8eb7a5 | 2014-01-11 12:55:31 +0800 | [diff] [blame] | 102 | cs_malloc_t malloc; |
| 103 | cs_calloc_t calloc; |
| 104 | cs_realloc_t realloc; |
| 105 | cs_free_t free; |
Nguyen Anh Quynh | edeeb04 | 2014-01-15 20:44:03 +0800 | [diff] [blame] | 106 | cs_vsnprintf_t vsnprintf; |
Nguyen Anh Quynh | 24bf0d9 | 2014-01-05 11:19:04 +0800 | [diff] [blame] | 107 | } cs_opt_mem; |
| 108 | |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 109 | // Runtime option for the disassembled engine |
Nguyen Anh Quynh | b8ce68e | 2013-12-03 23:45:08 +0800 | [diff] [blame] | 110 | typedef enum cs_opt_type { |
Nguyen Anh Quynh | 4d70daf | 2013-12-05 09:50:50 +0800 | [diff] [blame] | 111 | CS_OPT_SYNTAX = 1, // Asssembly output syntax |
Nguyen Anh Quynh | a209e67 | 2013-12-14 00:23:41 +0800 | [diff] [blame] | 112 | CS_OPT_DETAIL, // Break down instruction structure into details |
Nguyen Anh Quynh | 1bdb23a | 2013-12-20 00:04:26 +0800 | [diff] [blame] | 113 | CS_OPT_MODE, // Change engine's mode at run-time |
Nguyen Anh Quynh | 56aba59 | 2014-01-15 21:24:28 +0800 | [diff] [blame] | 114 | CS_OPT_MEM, // User-defined dynamic memory related functions |
Nguyen Anh Quynh | 11ec881 | 2014-04-10 17:20:01 +0800 | [diff] [blame] | 115 | CS_OPT_SKIPDATA, // Skip data when disassembling. Then engine is in SKIPDATA mode. |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 116 | CS_OPT_SKIPDATA_SETUP, // Setup user-defined function for SKIPDATA option |
Nguyen Anh Quynh | b8ce68e | 2013-12-03 23:45:08 +0800 | [diff] [blame] | 117 | } cs_opt_type; |
| 118 | |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 119 | // Runtime option value (associated with option type above) |
Nguyen Anh Quynh | b8ce68e | 2013-12-03 23:45:08 +0800 | [diff] [blame] | 120 | typedef enum cs_opt_value { |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 121 | CS_OPT_OFF = 0, // Turn OFF an option - default option of CS_OPT_DETAIL, CS_OPT_SKIPDATA. |
| 122 | CS_OPT_ON = 3, // Turn ON an option (CS_OPT_DETAIL, CS_OPT_SKIPDATA). |
Nguyen Anh Quynh | 42c6b1a | 2013-12-30 00:15:25 +0800 | [diff] [blame] | 123 | CS_OPT_SYNTAX_DEFAULT = 0, // Default asm syntax (CS_OPT_SYNTAX). |
| 124 | CS_OPT_SYNTAX_INTEL, // X86 Intel asm syntax - default on X86 (CS_OPT_SYNTAX). |
Nguyen Anh Quynh | c263d35 | 2014-01-07 23:50:02 +0800 | [diff] [blame] | 125 | CS_OPT_SYNTAX_ATT, // X86 ATT asm syntax (CS_OPT_SYNTAX). |
Nguyen Anh Quynh | 2ff665a | 2014-03-11 00:18:50 +0800 | [diff] [blame] | 126 | CS_OPT_SYNTAX_NOREGNAME, // Prints register name with only number (CS_OPT_SYNTAX) |
Nguyen Anh Quynh | b8ce68e | 2013-12-03 23:45:08 +0800 | [diff] [blame] | 127 | } cs_opt_value; |
Nguyen Anh Quynh | 01aba00 | 2013-12-03 21:00:09 +0800 | [diff] [blame] | 128 | |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 129 | // User-defined callback function for SKIPDATA option |
Nguyen Anh Quynh | 1efa9c1 | 2014-04-14 21:48:59 +0800 | [diff] [blame] | 130 | // @code: the input buffer containing code to be disassembled. This is the |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 131 | // same buffer passed to cs_disasm(). |
Nguyen Anh Quynh | 0df7e93 | 2014-07-10 15:42:16 +0800 | [diff] [blame] | 132 | // @code_size: size (in bytes) of the above @code buffer. |
Nguyen Anh Quynh | 1efa9c1 | 2014-04-14 21:48:59 +0800 | [diff] [blame] | 133 | // @offset: the position of the currently-examining byte in the input |
| 134 | // buffer @code mentioned above. |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 135 | // @user_data: user-data passed to cs_option() via @user_data field in |
Nguyen Anh Quynh | 1efa9c1 | 2014-04-14 21:48:59 +0800 | [diff] [blame] | 136 | // cs_opt_skipdata struct below. |
Nguyen Anh Quynh | 3d5b6f3 | 2014-04-11 09:53:53 +0800 | [diff] [blame] | 137 | // @return: return number of bytes to skip, or 0 to immediately stop disassembling. |
Nguyen Anh Quynh | 0df7e93 | 2014-07-10 15:42:16 +0800 | [diff] [blame] | 138 | typedef size_t (*cs_skipdata_cb_t)(const uint8_t *code, size_t code_size, size_t offset, void* user_data); |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 139 | |
Nguyen Anh Quynh | 11ec881 | 2014-04-10 17:20:01 +0800 | [diff] [blame] | 140 | // User-customized setup for SKIPDATA option |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 141 | typedef struct cs_opt_skipdata { |
| 142 | // Capstone considers data to skip as special "instructions". |
| 143 | // User can specify the string for this instruction's "mnemonic" here. |
Nguyen Anh Quynh | 2c425fc | 2014-09-07 09:46:54 +0800 | [diff] [blame] | 144 | // By default (if @mnemonic is NULL), Capstone use ".byte". |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 145 | const char *mnemonic; |
Nguyen Anh Quynh | a89383e | 2014-04-10 11:53:46 +0800 | [diff] [blame] | 146 | |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 147 | // User-defined callback function to be called when Capstone hits data. |
Nguyen Anh Quynh | a89383e | 2014-04-10 11:53:46 +0800 | [diff] [blame] | 148 | // If the returned value from this callback is positive (>0), Capstone |
| 149 | // will skip exactly that number of bytes & continue. Otherwise, if |
| 150 | // the callback returns 0, Capstone stops disassembling and returns |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 151 | // immediately from cs_disasm() |
Nguyen Anh Quynh | a89383e | 2014-04-10 11:53:46 +0800 | [diff] [blame] | 152 | // NOTE: if this callback pointer is NULL, Capstone would skip a number |
| 153 | // of bytes depending on architectures, as following: |
| 154 | // Arm: 2 bytes (Thumb mode) or 4 bytes. |
| 155 | // Arm64: 4 bytes. |
| 156 | // Mips: 4 bytes. |
Nguyen Anh Quynh | 3d5b6f3 | 2014-04-11 09:53:53 +0800 | [diff] [blame] | 157 | // PowerPC: 4 bytes. |
Nguyen Anh Quynh | a89383e | 2014-04-10 11:53:46 +0800 | [diff] [blame] | 158 | // Sparc: 4 bytes. |
| 159 | // SystemZ: 2 bytes. |
| 160 | // X86: 1 bytes. |
Nguyen Anh Quynh | c80d840 | 2014-05-26 23:02:48 +0800 | [diff] [blame] | 161 | // XCore: 2 bytes. |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 162 | cs_skipdata_cb_t callback; // default value is NULL |
Nguyen Anh Quynh | a89383e | 2014-04-10 11:53:46 +0800 | [diff] [blame] | 163 | |
Nguyen Anh Quynh | d3ffe37 | 2014-04-09 23:49:30 +0800 | [diff] [blame] | 164 | // User-defined data to be passed to @callback function pointer. |
| 165 | void *user_data; |
| 166 | } cs_opt_skipdata; |
| 167 | |
Nguyen Anh Quynh | 01aba00 | 2013-12-03 21:00:09 +0800 | [diff] [blame] | 168 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 169 | #include "arm.h" |
| 170 | #include "arm64.h" |
| 171 | #include "mips.h" |
Nguyen Anh Quynh | 42c6b1a | 2013-12-30 00:15:25 +0800 | [diff] [blame] | 172 | #include "ppc.h" |
Nguyen Anh Quynh | 05e2713 | 2014-03-10 11:58:57 +0800 | [diff] [blame] | 173 | #include "sparc.h" |
Nguyen Anh Quynh | 48a14ca | 2014-03-23 08:35:45 +0800 | [diff] [blame] | 174 | #include "systemz.h" |
| 175 | #include "x86.h" |
Nguyen Anh Quynh | c80d840 | 2014-05-26 23:02:48 +0800 | [diff] [blame] | 176 | #include "xcore.h" |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 177 | |
Nguyen Anh Quynh | 4fe224b | 2013-12-24 16:49:36 +0800 | [diff] [blame] | 178 | // NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON |
| 179 | typedef struct cs_detail { |
| 180 | uint8_t regs_read[12]; // list of implicit registers read by this insn |
| 181 | uint8_t regs_read_count; // number of implicit registers read by this insn |
| 182 | |
| 183 | uint8_t regs_write[20]; // list of implicit registers modified by this insn |
| 184 | uint8_t regs_write_count; // number of implicit registers modified by this insn |
| 185 | |
| 186 | uint8_t groups[8]; // list of group this instruction belong to |
| 187 | uint8_t groups_count; // number of groups this insn belongs to |
| 188 | |
| 189 | // Architecture-specific instruction info |
| 190 | union { |
| 191 | cs_x86 x86; // X86 architecture, including 16-bit, 32-bit & 64-bit mode |
| 192 | cs_arm64 arm64; // ARM64 architecture (aka AArch64) |
| 193 | cs_arm arm; // ARM architecture (including Thumb/Thumb2) |
| 194 | cs_mips mips; // MIPS architecture |
Nguyen Anh Quynh | 42c6b1a | 2013-12-30 00:15:25 +0800 | [diff] [blame] | 195 | cs_ppc ppc; // PowerPC architecture |
Nguyen Anh Quynh | 05e2713 | 2014-03-10 11:58:57 +0800 | [diff] [blame] | 196 | cs_sparc sparc; // Sparc architecture |
Nguyen Anh Quynh | 48a14ca | 2014-03-23 08:35:45 +0800 | [diff] [blame] | 197 | cs_sysz sysz; // SystemZ architecture |
Nguyen Anh Quynh | c80d840 | 2014-05-26 23:02:48 +0800 | [diff] [blame] | 198 | cs_xcore xcore; // XCore architecture |
Nguyen Anh Quynh | 4fe224b | 2013-12-24 16:49:36 +0800 | [diff] [blame] | 199 | }; |
| 200 | } cs_detail; |
| 201 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 202 | // Detail information of disassembled instruction |
| 203 | typedef struct cs_insn { |
| 204 | // Instruction ID |
| 205 | // Find the instruction id from header file of corresponding architecture, |
| 206 | // such as arm.h for ARM, x86.h for X86, etc... |
Nguyen Anh Quynh | 46a5afd | 2013-12-14 11:52:06 +0800 | [diff] [blame] | 207 | // This information is available even when CS_OPT_DETAIL = CS_OPT_OFF |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 208 | unsigned int id; |
| 209 | |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 210 | // Address (EIP) of this instruction |
Nguyen Anh Quynh | 46a5afd | 2013-12-14 11:52:06 +0800 | [diff] [blame] | 211 | // This information is available even when CS_OPT_DETAIL = CS_OPT_OFF |
Nguyen Anh Quynh | f2a649e | 2013-12-03 12:21:01 +0800 | [diff] [blame] | 212 | uint64_t address; |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 213 | |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 214 | // Size of this instruction |
Nguyen Anh Quynh | 46a5afd | 2013-12-14 11:52:06 +0800 | [diff] [blame] | 215 | // This information is available even when CS_OPT_DETAIL = CS_OPT_OFF |
Nguyen Anh Quynh | 8f13f3c | 2013-12-04 22:57:04 +0800 | [diff] [blame] | 216 | uint16_t size; |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 217 | // Machine bytes of this instruction, with number of bytes indicated by @size above |
Nguyen Anh Quynh | 46a5afd | 2013-12-14 11:52:06 +0800 | [diff] [blame] | 218 | // This information is available even when CS_OPT_DETAIL = CS_OPT_OFF |
pancake | f0e4eed | 2013-12-11 22:14:42 +0100 | [diff] [blame] | 219 | uint8_t bytes[16]; |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 220 | |
| 221 | // Ascii text of instruction mnemonic |
Nguyen Anh Quynh | 46a5afd | 2013-12-14 11:52:06 +0800 | [diff] [blame] | 222 | // This information is available even when CS_OPT_DETAIL = CS_OPT_OFF |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 223 | char mnemonic[32]; |
Nguyen Anh Quynh | cf89cf6 | 2014-01-06 09:08:35 +0800 | [diff] [blame] | 224 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 225 | // Ascii text of instruction operands |
Nguyen Anh Quynh | 46a5afd | 2013-12-14 11:52:06 +0800 | [diff] [blame] | 226 | // This information is available even when CS_OPT_DETAIL = CS_OPT_OFF |
Nguyen Anh Quynh | 0636f68 | 2014-01-15 17:51:08 +0800 | [diff] [blame] | 227 | char op_str[160]; |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 228 | |
Nguyen Anh Quynh | 4fe224b | 2013-12-24 16:49:36 +0800 | [diff] [blame] | 229 | // Pointer to cs_detail. |
Nguyen Anh Quynh | 11ec881 | 2014-04-10 17:20:01 +0800 | [diff] [blame] | 230 | // NOTE: detail pointer is only valid (not NULL) when both requirements below are met: |
| 231 | // (1) CS_OP_DETAIL = CS_OPT_ON |
| 232 | // (2) If engine is in Skipdata mode (CS_OP_SKIPDATA option set to CS_OPT_ON), then |
| 233 | // the current instruction is not the "data" instruction (which clearly has no detail). |
Nguyen Anh Quynh | 4fe224b | 2013-12-24 16:49:36 +0800 | [diff] [blame] | 234 | cs_detail *detail; |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 235 | } cs_insn; |
| 236 | |
Nguyen Anh Quynh | bb54603 | 2013-12-05 18:29:51 +0800 | [diff] [blame] | 237 | |
| 238 | // Calculate the offset of a disassembled instruction in its buffer, given its position |
| 239 | // in its array of disassembled insn |
Nguyen Anh Quynh | a236902 | 2013-12-05 20:21:09 +0800 | [diff] [blame] | 240 | // NOTE: this macro works with position (>=1), not index |
| 241 | #define CS_INSN_OFFSET(insns, post) (insns[post - 1].address - insns[0].address) |
Nguyen Anh Quynh | bb54603 | 2013-12-05 18:29:51 +0800 | [diff] [blame] | 242 | |
| 243 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 244 | // All type of errors encountered by Capstone API. |
| 245 | // These are values returned by cs_errno() |
| 246 | typedef enum cs_err { |
Nguyen Anh Quynh | 11ec881 | 2014-04-10 17:20:01 +0800 | [diff] [blame] | 247 | CS_ERR_OK = 0, // No error: everything was fine |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 248 | CS_ERR_MEM, // Out-Of-Memory error: cs_open(), cs_disasm() |
Nguyen Anh Quynh | 11ec881 | 2014-04-10 17:20:01 +0800 | [diff] [blame] | 249 | CS_ERR_ARCH, // Unsupported architecture: cs_open() |
| 250 | CS_ERR_HANDLE, // Invalid handle: cs_op_count(), cs_op_index() |
| 251 | CS_ERR_CSH, // Invalid csh argument: cs_close(), cs_errno(), cs_option() |
| 252 | CS_ERR_MODE, // Invalid/unsupported mode: cs_open() |
| 253 | CS_ERR_OPTION, // Invalid/unsupported option: cs_option() |
| 254 | CS_ERR_DETAIL, // Information is unavailable because detail option is OFF |
Nguyen Anh Quynh | c52352d | 2014-01-06 09:06:30 +0800 | [diff] [blame] | 255 | CS_ERR_MEMSETUP, // Dynamic memory management uninitialized (see CS_OPT_MEM) |
Nguyen Anh Quynh | 11ec881 | 2014-04-10 17:20:01 +0800 | [diff] [blame] | 256 | CS_ERR_VERSION, // Unsupported version (bindings) |
| 257 | CS_ERR_DIET, // Access irrelevant data in "diet" engine |
| 258 | CS_ERR_SKIPDATA, // Access irrelevant data for "data" instruction in SKIPDATA mode |
Nguyen Anh Quynh | 6638294 | 2014-08-20 14:02:14 +0800 | [diff] [blame] | 259 | CS_ERR_X86_ATT, // X86 AT&T syntax is unsupported (opt-out at compile time) |
| 260 | CS_ERR_X86_INTEL, // X86 Intel syntax is unsupported (opt-out at compile time) |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 261 | } cs_err; |
| 262 | |
Nguyen Anh Quynh | b880678 | 2013-12-22 15:20:07 +0800 | [diff] [blame] | 263 | /* |
Nguyen Anh Quynh | b880678 | 2013-12-22 15:20:07 +0800 | [diff] [blame] | 264 | Return combined API version & major and minor version numbers. |
Nguyen Anh Quynh | 36df4bb | 2013-12-10 13:31:20 +0800 | [diff] [blame] | 265 | |
Nguyen Anh Quynh | b880678 | 2013-12-22 15:20:07 +0800 | [diff] [blame] | 266 | @major: major number of API version |
| 267 | @minor: minor number of API version |
Nguyen Anh Quynh | 36df4bb | 2013-12-10 13:31:20 +0800 | [diff] [blame] | 268 | |
Nguyen Anh Quynh | b90cb99 | 2013-12-28 13:59:09 +0800 | [diff] [blame] | 269 | @return hexical number as (major << 8 | minor), which encodes both |
hlide | 993f362 | 2014-10-05 18:14:40 +0200 | [diff] [blame^] | 270 | major & minor versions. |
| 271 | NOTE: This returned value can be compared with version number made |
Nguyen Anh Quynh | b90cb99 | 2013-12-28 13:59:09 +0800 | [diff] [blame] | 272 | with macro CS_MAKE_VERSION |
Nguyen Anh Quynh | 39a42ed | 2013-12-22 10:40:58 +0800 | [diff] [blame] | 273 | |
| 274 | For example, second API version would return 1 in @major, and 1 in @minor |
| 275 | The return value would be 0x0101 |
Nguyen Anh Quynh | 0877747 | 2013-12-22 14:16:28 +0800 | [diff] [blame] | 276 | |
| 277 | NOTE: if you only care about returned value, but not major and minor values, |
Nguyen Anh Quynh | b90cb99 | 2013-12-28 13:59:09 +0800 | [diff] [blame] | 278 | set both @major & @minor arguments to NULL. |
Nguyen Anh Quynh | 36df4bb | 2013-12-10 13:31:20 +0800 | [diff] [blame] | 279 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 280 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | b90cb99 | 2013-12-28 13:59:09 +0800 | [diff] [blame] | 281 | unsigned int cs_version(int *major, int *minor); |
Nguyen Anh Quynh | 39a42ed | 2013-12-22 10:40:58 +0800 | [diff] [blame] | 282 | |
| 283 | |
| 284 | /* |
Nguyen Anh Quynh | b2870e4 | 2014-02-22 23:41:16 +0800 | [diff] [blame] | 285 | This API can be used to either ask for archs supported by this library, |
Nguyen Anh Quynh | c70adc3 | 2014-02-23 00:03:46 +0800 | [diff] [blame] | 286 | or check to see if the library was compile with 'diet' option (or called |
| 287 | in 'diet' mode). |
Nguyen Anh Quynh | 39a42ed | 2013-12-22 10:40:58 +0800 | [diff] [blame] | 288 | |
Nguyen Anh Quynh | b2870e4 | 2014-02-22 23:41:16 +0800 | [diff] [blame] | 289 | To check if a particular arch is supported by this library, set @query to |
| 290 | arch mode (CS_ARCH_* value). |
| 291 | To verify if this library supports all the archs, use CS_ARCH_ALL. |
Nguyen Anh Quynh | 39a42ed | 2013-12-22 10:40:58 +0800 | [diff] [blame] | 292 | |
Nguyen Anh Quynh | b2870e4 | 2014-02-22 23:41:16 +0800 | [diff] [blame] | 293 | To check if this library is in 'diet' mode, set @query to CS_SUPPORT_DIET. |
Nguyen Anh Quynh | b2870e4 | 2014-02-22 23:41:16 +0800 | [diff] [blame] | 294 | |
Nguyen Anh Quynh | 544e0ff | 2014-02-23 20:24:47 +0800 | [diff] [blame] | 295 | @return True if this library supports the given arch, or in 'diet' mode. |
Nguyen Anh Quynh | 39a42ed | 2013-12-22 10:40:58 +0800 | [diff] [blame] | 296 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 297 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | b2870e4 | 2014-02-22 23:41:16 +0800 | [diff] [blame] | 298 | bool cs_support(int query); |
Nguyen Anh Quynh | 36df4bb | 2013-12-10 13:31:20 +0800 | [diff] [blame] | 299 | |
| 300 | /* |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 301 | Initialize CS handle: this must be done before any usage of CS. |
| 302 | |
| 303 | @arch: architecture type (CS_ARCH_*) |
| 304 | @mode: hardware mode. This is combined of CS_MODE_* |
| 305 | @handle: pointer to handle, which will be updated at return time |
| 306 | |
| 307 | @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum |
| 308 | for detailed error). |
| 309 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 310 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 311 | cs_err cs_open(cs_arch arch, cs_mode mode, csh *handle); |
| 312 | |
| 313 | /* |
| 314 | Close CS handle: MUST do to release the handle when it is not used anymore. |
Nguyen Anh Quynh | b265406 | 2014-01-03 17:08:58 +0800 | [diff] [blame] | 315 | NOTE: this must be only called when there is no longer usage of Capstone, |
| 316 | not even access to cs_insn array. The reason is the this API releases some |
| 317 | cached memory, thus access to any Capstone API after cs_close() might crash |
| 318 | your application. |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 319 | |
Nguyen Anh Quynh | c8e0785 | 2014-02-28 09:38:11 +0800 | [diff] [blame] | 320 | In fact,this API invalidate @handle by ZERO out its value (i.e *handle = 0). |
| 321 | |
Nguyen Anh Quynh | 226d7dc | 2014-02-27 22:20:39 +0800 | [diff] [blame] | 322 | @handle: pointer to a handle returned by cs_open() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 323 | |
| 324 | @return CS_ERR_OK on success, or other value on failure (refer to cs_err enum |
| 325 | for detailed error). |
| 326 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 327 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | 226d7dc | 2014-02-27 22:20:39 +0800 | [diff] [blame] | 328 | cs_err cs_close(csh *handle); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 329 | |
| 330 | /* |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 331 | Set option for disassembling engine at runtime |
Nguyen Anh Quynh | 01aba00 | 2013-12-03 21:00:09 +0800 | [diff] [blame] | 332 | |
| 333 | @handle: handle returned by cs_open() |
Nguyen Anh Quynh | b8ce68e | 2013-12-03 23:45:08 +0800 | [diff] [blame] | 334 | @type: type of option to be set |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 335 | @value: option value corresponding with @type |
Nguyen Anh Quynh | 01aba00 | 2013-12-03 21:00:09 +0800 | [diff] [blame] | 336 | |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 337 | @return CS_ERR_OK on success, or other value on failure. |
| 338 | Refer to cs_err enum for detailed error. |
Nguyen Anh Quynh | a60ed8b | 2014-01-05 23:52:30 +0800 | [diff] [blame] | 339 | |
| 340 | NOTE: in the case of CS_OPT_MEM, handle's value can be anything, |
| 341 | so that cs_option(handle, CS_OPT_MEM, value) can (i.e must) be called |
| 342 | even before cs_open() |
Nguyen Anh Quynh | 01aba00 | 2013-12-03 21:00:09 +0800 | [diff] [blame] | 343 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 344 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | da8adad | 2013-12-04 09:44:07 +0800 | [diff] [blame] | 345 | cs_err cs_option(csh handle, cs_opt_type type, size_t value); |
Nguyen Anh Quynh | 01aba00 | 2013-12-03 21:00:09 +0800 | [diff] [blame] | 346 | |
| 347 | /* |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 348 | Report the last error number when some API function fail. |
| 349 | Like glibc's errno, cs_errno might not retain its old value once accessed. |
| 350 | |
| 351 | @handle: handle returned by cs_open() |
| 352 | |
| 353 | @return: error code of cs_err enum type (CS_ERR_*, see above) |
| 354 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 355 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 356 | cs_err cs_errno(csh handle); |
| 357 | |
Nguyen Anh Quynh | 34f9638 | 2014-01-03 22:49:07 +0800 | [diff] [blame] | 358 | |
| 359 | /* |
| 360 | Return a string describing given error code. |
| 361 | |
| 362 | @code: error code (see CS_ERR_* above) |
| 363 | |
| 364 | @return: returns a pointer to a string that describes the error code |
hlide | 993f362 | 2014-10-05 18:14:40 +0200 | [diff] [blame^] | 365 | passed in the argument @code |
Nguyen Anh Quynh | 34f9638 | 2014-01-03 22:49:07 +0800 | [diff] [blame] | 366 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 367 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | 34f9638 | 2014-01-03 22:49:07 +0800 | [diff] [blame] | 368 | const char *cs_strerror(cs_err code); |
| 369 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 370 | /* |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 371 | Dynamicly allocate memory to contain disasm insn |
| 372 | Disassembled instructions will be put into @*insn |
| 373 | |
| 374 | NOTE 1: this API will automatically determine memory needed to contain |
| 375 | output disassembled instructions in @insn. |
| 376 | NOTE 2: caller must free() the allocated memory itself to avoid memory leaking |
| 377 | |
| 378 | @handle: handle returned by cs_open() |
| 379 | @code: buffer containing raw binary code to be disassembled |
| 380 | @code_size: size of above code |
Nguyen Anh Quynh | 612b5d2 | 2013-12-03 12:23:09 +0800 | [diff] [blame] | 381 | @address: address of the first insn in given raw code buffer |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 382 | @insn: array of insn filled in by this function |
hlide | 993f362 | 2014-10-05 18:14:40 +0200 | [diff] [blame^] | 383 | NOTE: @insn will be allocated by this function, and should be freed |
Nguyen Anh Quynh | 79976c1 | 2013-12-04 23:03:13 +0800 | [diff] [blame] | 384 | with cs_free() API. |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 385 | @count: number of instrutions to be disassembled, or 0 to get all of them |
| 386 | @return: the number of succesfully disassembled instructions, |
| 387 | or 0 if this function failed to disassemble the given code |
Nguyen Anh Quynh | 029df20 | 2013-12-03 11:36:54 +0800 | [diff] [blame] | 388 | |
| 389 | On failure, call cs_errno() for error code. |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 390 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 391 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 392 | size_t cs_disasm(csh handle, |
pancake | f0e4eed | 2013-12-11 22:14:42 +0100 | [diff] [blame] | 393 | const uint8_t *code, size_t code_size, |
Nguyen Anh Quynh | 612b5d2 | 2013-12-03 12:23:09 +0800 | [diff] [blame] | 394 | uint64_t address, |
Nguyen Anh Quynh | b42a657 | 2013-11-29 17:40:07 +0800 | [diff] [blame] | 395 | size_t count, |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 396 | cs_insn **insn); |
| 397 | |
Nguyen Anh Quynh | aa58f7f | 2014-09-25 16:56:31 +0800 | [diff] [blame] | 398 | /* |
| 399 | Deprecated function - to be retired in the next version! |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 400 | Use cs_disasm() instead of cs_disasm_ex() |
| 401 | */ |
| 402 | CAPSTONE_EXPORT |
| 403 | CAPSTONE_DEPRECATED |
| 404 | size_t cs_disasm_ex(csh handle, |
| 405 | const uint8_t *code, size_t code_size, |
| 406 | uint64_t address, |
| 407 | size_t count, |
| 408 | cs_insn **insn); |
Nguyen Anh Quynh | aa58f7f | 2014-09-25 16:56:31 +0800 | [diff] [blame] | 409 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 410 | /* |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 411 | Free memory allocated in @insn by cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 412 | |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 413 | @insn: pointer returned by @insn argument in cs_disasm() |
| 414 | @count: number of cs_insn structures returned by cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 415 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 416 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | 4fe224b | 2013-12-24 16:49:36 +0800 | [diff] [blame] | 417 | void cs_free(cs_insn *insn, size_t count); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 418 | |
hlide | 993f362 | 2014-10-05 18:14:40 +0200 | [diff] [blame^] | 419 | /* TODO */ |
| 420 | CAPSTONE_EXPORT |
| 421 | cs_insn *cs_disasm_iter(csh handle, |
| 422 | const uint8_t **code, size_t *size, |
| 423 | uint64_t *address); |
| 424 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 425 | /* |
Nguyen Anh Quynh | 650f96c | 2014-07-08 08:59:27 +0800 | [diff] [blame] | 426 | Return friendly name of regiser in a string. |
Nguyen Anh Quynh | c70adc3 | 2014-02-23 00:03:46 +0800 | [diff] [blame] | 427 | Find the instruction id from header file of corresponding architecture (arm.h for ARM, |
| 428 | x86.h for X86, ...) |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 429 | |
Nguyen Anh Quynh | 544e0ff | 2014-02-23 20:24:47 +0800 | [diff] [blame] | 430 | WARN: when in 'diet' mode, this API is irrelevant because engine does not |
Nguyen Anh Quynh | fc83a43 | 2014-02-22 23:26:27 +0800 | [diff] [blame] | 431 | store register name. |
| 432 | |
Nguyen Anh Quynh | 3640f3c | 2013-12-01 00:26:27 +0800 | [diff] [blame] | 433 | @handle: handle returned by cs_open() |
Nguyen Anh Quynh | 650f96c | 2014-07-08 08:59:27 +0800 | [diff] [blame] | 434 | @reg_id: register id |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 435 | @return: string name of the register, or NULL if @reg_id is invalid. |
| 436 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 437 | CAPSTONE_EXPORT |
pancake | f0e4eed | 2013-12-11 22:14:42 +0100 | [diff] [blame] | 438 | const char *cs_reg_name(csh handle, unsigned int reg_id); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 439 | |
| 440 | /* |
Nguyen Anh Quynh | 650f96c | 2014-07-08 08:59:27 +0800 | [diff] [blame] | 441 | Return friendly name of an instruction in a string. |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 442 | Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 443 | |
Nguyen Anh Quynh | 544e0ff | 2014-02-23 20:24:47 +0800 | [diff] [blame] | 444 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not |
Nguyen Anh Quynh | fc83a43 | 2014-02-22 23:26:27 +0800 | [diff] [blame] | 445 | store instruction name. |
| 446 | |
Nguyen Anh Quynh | 3640f3c | 2013-12-01 00:26:27 +0800 | [diff] [blame] | 447 | @handle: handle returned by cs_open() |
Nguyen Anh Quynh | 650f96c | 2014-07-08 08:59:27 +0800 | [diff] [blame] | 448 | @insn_id: instruction id |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 449 | |
| 450 | @return: string name of the instruction, or NULL if @insn_id is invalid. |
| 451 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 452 | CAPSTONE_EXPORT |
pancake | f0e4eed | 2013-12-11 22:14:42 +0100 | [diff] [blame] | 453 | const char *cs_insn_name(csh handle, unsigned int insn_id); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 454 | |
| 455 | /* |
Nguyen Anh Quynh | 650f96c | 2014-07-08 08:59:27 +0800 | [diff] [blame] | 456 | Return friendly name of a group id (that an instruction can belong to) |
| 457 | Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 458 | |
| 459 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not |
| 460 | store group name. |
| 461 | |
| 462 | @handle: handle returned by cs_open() |
| 463 | @group_id: group id |
| 464 | |
| 465 | @return: string name of the group, or NULL if @group_id is invalid. |
| 466 | */ |
| 467 | CAPSTONE_EXPORT |
Nguyen Anh Quynh | aa58f7f | 2014-09-25 16:56:31 +0800 | [diff] [blame] | 468 | const char *cs_group_name(csh handle, unsigned int group_id); |
Nguyen Anh Quynh | 650f96c | 2014-07-08 08:59:27 +0800 | [diff] [blame] | 469 | |
| 470 | /* |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 471 | Check if a disassembled instruction belong to a particular group. |
| 472 | Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 473 | Internally, this simply verifies if @group_id matches any member of insn->groups array. |
| 474 | |
Nguyen Anh Quynh | 544e0ff | 2014-02-23 20:24:47 +0800 | [diff] [blame] | 475 | NOTE: this API is only valid when detail option is ON (which is OFF by default). |
| 476 | |
| 477 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not |
Nguyen Anh Quynh | fc83a43 | 2014-02-22 23:26:27 +0800 | [diff] [blame] | 478 | update @groups array. |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 479 | |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 480 | @handle: handle returned by cs_open() |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 481 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 482 | @group_id: group that you want to check if this instruction belong to. |
| 483 | |
| 484 | @return: true if this instruction indeed belongs to aboved group, or false otherwise. |
| 485 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 486 | CAPSTONE_EXPORT |
obs | 876b6b6 | 2014-08-21 00:57:04 +0200 | [diff] [blame] | 487 | bool cs_insn_group(csh handle, const cs_insn *insn, unsigned int group_id); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 488 | |
| 489 | /* |
| 490 | Check if a disassembled instruction IMPLICITLY used a particular register. |
| 491 | Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 492 | Internally, this simply verifies if @reg_id matches any member of insn->regs_read array. |
| 493 | |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 494 | NOTE: this API is only valid when detail option is ON (which is OFF by default) |
Nguyen Anh Quynh | 544e0ff | 2014-02-23 20:24:47 +0800 | [diff] [blame] | 495 | |
| 496 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not |
Nguyen Anh Quynh | fc83a43 | 2014-02-22 23:26:27 +0800 | [diff] [blame] | 497 | update @regs_read array. |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 498 | |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 499 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 500 | @reg_id: register that you want to check if this instruction used it. |
| 501 | |
| 502 | @return: true if this instruction indeed implicitly used aboved register, or false otherwise. |
| 503 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 504 | CAPSTONE_EXPORT |
obs | 876b6b6 | 2014-08-21 00:57:04 +0200 | [diff] [blame] | 505 | bool cs_reg_read(csh handle, const cs_insn *insn, unsigned int reg_id); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 506 | |
| 507 | /* |
| 508 | Check if a disassembled instruction IMPLICITLY modified a particular register. |
| 509 | Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 510 | Internally, this simply verifies if @reg_id matches any member of insn->regs_write array. |
| 511 | |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 512 | NOTE: this API is only valid when detail option is ON (which is OFF by default) |
Nguyen Anh Quynh | 544e0ff | 2014-02-23 20:24:47 +0800 | [diff] [blame] | 513 | |
| 514 | WARN: when in 'diet' mode, this API is irrelevant because the engine does not |
Nguyen Anh Quynh | fc83a43 | 2014-02-22 23:26:27 +0800 | [diff] [blame] | 515 | update @regs_write array. |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 516 | |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 517 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 518 | @reg_id: register that you want to check if this instruction modified it. |
| 519 | |
| 520 | @return: true if this instruction indeed implicitly modified aboved register, or false otherwise. |
| 521 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 522 | CAPSTONE_EXPORT |
obs | 876b6b6 | 2014-08-21 00:57:04 +0200 | [diff] [blame] | 523 | bool cs_reg_write(csh handle, const cs_insn *insn, unsigned int reg_id); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 524 | |
| 525 | /* |
| 526 | Count the number of operands of a given type. |
| 527 | Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 528 | |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 529 | NOTE: this API is only valid when detail option is ON (which is OFF by default) |
| 530 | |
Nguyen Anh Quynh | 3640f3c | 2013-12-01 00:26:27 +0800 | [diff] [blame] | 531 | @handle: handle returned by cs_open() |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 532 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 533 | @op_type: Operand type to be found. |
| 534 | |
| 535 | @return: number of operands of given type @op_type in instruction @insn, |
| 536 | or -1 on failure. |
| 537 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 538 | CAPSTONE_EXPORT |
obs | 876b6b6 | 2014-08-21 00:57:04 +0200 | [diff] [blame] | 539 | int cs_op_count(csh handle, const cs_insn *insn, unsigned int op_type); |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 540 | |
| 541 | /* |
Nguyen Anh Quynh | 4c0ed0b | 2014-06-03 15:06:20 +0700 | [diff] [blame] | 542 | Retrieve the position of operand of given type in <arch>.operands[] array. |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 543 | Later, the operand can be accessed using the returned position. |
| 544 | Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| 545 | |
Nguyen Anh Quynh | 2f05ab2 | 2014-01-15 11:07:28 +0800 | [diff] [blame] | 546 | NOTE: this API is only valid when detail option is ON (which is OFF by default) |
| 547 | |
Nguyen Anh Quynh | 3640f3c | 2013-12-01 00:26:27 +0800 | [diff] [blame] | 548 | @handle: handle returned by cs_open() |
Nguyen Anh Quynh | 0beb0d4 | 2014-08-27 22:55:29 +0800 | [diff] [blame] | 549 | @insn: disassembled instruction structure received from cs_disasm() or cs_disasm() |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 550 | @op_type: Operand type to be found. |
| 551 | @position: position of the operand to be found. This must be in the range |
| 552 | [1, cs_op_count(handle, insn, op_type)] |
| 553 | |
Nguyen Anh Quynh | 4c0ed0b | 2014-06-03 15:06:20 +0700 | [diff] [blame] | 554 | @return: index of operand of given type @op_type in <arch>.operands[] array |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 555 | in instruction @insn, or -1 on failure. |
| 556 | */ |
Nguyen Anh Quynh | 07c3693 | 2014-06-03 18:33:15 +0800 | [diff] [blame] | 557 | CAPSTONE_EXPORT |
obs | 876b6b6 | 2014-08-21 00:57:04 +0200 | [diff] [blame] | 558 | int cs_op_index(csh handle, const cs_insn *insn, unsigned int op_type, |
Nguyen Anh Quynh | 26ee41a | 2013-11-27 12:11:31 +0800 | [diff] [blame] | 559 | unsigned int position); |
| 560 | |
| 561 | #ifdef __cplusplus |
| 562 | } |
| 563 | #endif |
| 564 | |
| 565 | #endif |