Commit c56001d3 authored by Devon Kearns's avatar Devon Kearns

Imported Upstream version 2.1.1

parent 3c0bc61a
...@@ -20,6 +20,19 @@ ...@@ -20,6 +20,19 @@
# python # python
bindings/python/build/ bindings/python/build/
*.pyc *.pyc
bindings/python/pyx/*.c
bindings/python/pyx/arm.pyx
bindings/python/pyx/arm64.pyx
bindings/python/pyx/arm64_const.pyx
bindings/python/pyx/arm_const.pyx
bindings/python/pyx/capstone.pyx
bindings/python/pyx/mips.pyx
bindings/python/pyx/mips_const.pyx
bindings/python/pyx/ppc.pyx
bindings/python/pyx/ppc_const.pyx
bindings/python/pyx/x86.pyx
bindings/python/pyx/x86_const.pyx
# java # java
bindings/java/capstone.jar bindings/java/capstone.jar
...@@ -31,6 +44,8 @@ tests/test_arm ...@@ -31,6 +44,8 @@ tests/test_arm
tests/test_arm64 tests/test_arm64
tests/test_mips tests/test_mips
tests/test_x86 tests/test_x86
tests/test_ppc
tests/*.static
# vim tmp file # vim tmp file
*.swp *.swp
......
How To Compile & Run Capstone for Linux, Mac OSX, *nix and Windows
*-*-*-*-*-*
Capstone requires no prerequisite packages, so it is easy to compile & install.
(1) On *nix (such as MacOSX, Linux & FreeBSD):
- To compile for current platform, run either:
$ ./compile.sh
or:
$ make
For FreeBSD/OpenBSD, use 'gmake' instread of 'make':
$ gmake
Then run "./tests/test*" to see the tests disassembling sample code.
- On 64-bit OS, run command below to cross-compile Capstone for 32-bit binary:
$ ./compile.sh nix32
Then similarly, run "./tests/test*" to see the tests disassembling sample code.
(2) To install Capstone, run:
$ sudo make install
For FreeBSD/OpenBSD, use 'gmake' instead of 'make':
$ sudo gmake install
Users are then required to enter root password to copy Capstone into machine
system directories.
NOTE: The core framework that will be installed by "make install" consist of
only following files:
/usr/include/capstone/capstone.h
/usr/include/capstone/x86.h
/usr/include/capstone/arm.h
/usr/include/capstone/arm64.h
/usr/include/capstone/mips.h
/usr/lib/libcapstone.so (for Linux/*nix), or /usr/lib/libcapstone.dylib (OSX)
/usr/lib/libcapstone.a
(3) To cross-compile for Windows, Linux & gcc-mingw-w64-i686 (and also gcc-mingw-w64-x86-64
for 64-bit binaries) are required.
- To cross-compile Windows 32-bit binary, simply run
$ ./compile.sh cross-win32
- To cross-compile Windows 64-bit binary, simply run
$ ./compile.sh cross-win64
Resulted files "capstone.dll" and "tests/test*.exe" can then be used on Windows machine.
(4) To compile under Cygwin gcc-mingw-w64-i686 or x86_64-w64-mingw32 run:
- To compile Windows 32-bit binary under Cygwin, simply run
$ ./compile.sh cygwin-mingw32
- To compile Windows 64-bit binary under Cygwin, simply run
$ ./compile.sh cygwin-mingw64
(5) By default, gcc is used as compiler. To use "clang" compiler instead, run command below:
$ ./compile.sh clang
(6) So far, Python, Ruby, Ocaml, Java, C# and Go are supported by bindings. Look for
the bindings under directory bindings/, and refer to README file of corresponding languages.
How To Compile, install & run Capstone for Linux, Mac OSX, *BSD and Windows
*-*-*-*-*-*
Capstone requires no prerequisite packages, so it is easy to compile & install.
(0) Tailor Capstone to your need.
Out of 5 archtitectures supported by Capstone (Arm, Arm64, Mips, PPC & X86),
if you just need several selected archs, you can choose which ones you want
to compile in by modifying config.mk before going to next steps.
By default, all 5 architectures are compiled.
(1) Compile from source
On *nix (such as MacOSX, Linux, *BSD, Solaris):
- To compile for current platform, run:
$ ./make.sh
- On 64-bit OS, run command below to cross-compile Capstone for 32-bit binary:
$ ./make.sh nix32
(2) Install Capstone on *nix
To install Capstone, run:
$ sudo ./make.sh install
For FreeBSD/OpenBSD, where sudo is unavailable, run:
$ su; ./make.sh install
Users are then required to enter root password to copy Capstone into machine
system directories.
Afterwards, run ./tests/test* to see the tests disassembling sample code.
NOTE: The core framework installed by "./make.sh install" consist of
following files:
/usr/include/capstone/capstone.h
/usr/include/capstone/x86.h
/usr/include/capstone/arm.h
/usr/include/capstone/arm64.h
/usr/include/capstone/mips.h
/usr/include/capstone/ppc.h
/usr/lib/libcapstone.so (for Linux/*nix), or /usr/lib/libcapstone.dylib (OSX)
/usr/lib/libcapstone.a
(3) Cross-compile Windows from *nix
To cross-compile for Windows, Linux & gcc-mingw-w64-i686 (and also gcc-mingw-w64-x86-64
for 64-bit binaries) are required.
- To cross-compile Windows 32-bit binary, simply run:
$ ./make.sh cross-win32
- To cross-compile Windows 64-bit binary, run:
$ ./make.sh cross-win64
Resulted files libcapstone.dll, libcapstone.dll.a & tests/test*.exe can then
be used on Windows machine.
(4) Compile on Windows with Cygwin
To compile under Cygwin gcc-mingw-w64-i686 or x86_64-w64-mingw32 run:
- To compile Windows 32-bit binary under Cygwin, simply run
$ ./make.sh cygwin-mingw32
- To compile Windows 64-bit binary under Cygwin, run
$ ./make.sh cygwin-mingw64
Resulted files libcapstone.dll, libcapstone.dll.a & tests/test*.exe can then
be used on Windows machine.
(5) By default, "cc" (default C compiler on the system) is used as compiler.
- To use "clang" compiler instead, run command below:
$ ./make.sh clang
- To use "gcc" compiler instead, run:
$ ./make.sh gcc
(6) Language bindings
So far, Python, Ocaml & Java are supported by bindings in the main code.
Look for the bindings under directory bindings/, and refer to README file
of corresponding languages.
Community also provide bindings for C#, Go, Ruby & Vala. Links to these can
be found at address http://capstone-engine.org/download.html
// Package version
#define PKG_MAJOR 1
#define PKG_MINOR 0
This file details the changelog of Capstone.
---------------------------------
Version 2.1.1: March 13th, 2014
This is a stable release to fix some bugs deep in the core. There is no update
to any architectures or bindings, so bindings version 2.1 can be used with this
version 2.1.1 just fine.
[ Core changes]
- Fix a buffer overflow bug in Thumb mode (ARM). Some special input can
trigger this flaw.
- Fix a crash issue when embedding Capstone into OSX kernel. This should
also enable Capstone to be embedded into other systems with limited stack
memory size such as Linux kernel or some firmwares.
- Use a proper SONAME for library versioning (Linux).
---------------------------------
Version 2.1: March 5th, 2014
[ API changes ]
- API version has been bumped to 2.1.
- Change prototype of cs_close() to be able to invalidate closed handle.
See http://capstone-engine.org/version_2.1_API.html for more information.
- Extend cs_support() to handle more query types, not only about supported
architectures. This change is backward compatible, however, so existent code
do not need to be modified to support this.
- New query type CS_SUPPORT_DIET for cs_support() to ask about diet status of
the engine.
- New error code CS_ERR_DIET to report errors about newly added diet mode.
- New error code CS_ERR_VERSION to report issue of incompatible versions between
bindings & core engine.
[ Core changes ]
- On memory usage, Capstone uses about 40% less memory, while still faster
than version 2.0.
- All architectures are much smaller: binaries size reduce at least 30%.
Especially, X86-only binary reduces from 1.9MB to just 720KB.
- Support "diet" mode, in which engine size is further reduced (by around 40%)
for embedding purpose. The price to pay is that we have to sacrifice some
non-critical data fields. See http://capstone-engine.org/diet.html for more
details.
[ Architectures ]
- Update all 5 architectures to fix bugs.
- PowerPC:
- New instructions: FMR & MSYNC.
- Mips:
- New instruction: DLSA
- X86:
- Properly handle AVX-512 instructions.
- New instructions: PSETPM, SALC, INT1, GETSEC.
- Fix some memory leaking issues in case of prefixed instructions such
as LOCK, REP, REPNE.
[ Python binding ]
- Verify the core version at initialization time. Refuse to run if its version
is different from the core's version.
- New API disasm_lite() added to Cs class. This light API only returns tuples of
(address, size, mnemonic, op_str), rather than list of CsInsn objects. This
improves performance by around 30% in some benchmarks.
- New API version_bind() returns binding's version, which might differ from
the core's API version if the binding is out-of-date.
- New API debug() returns information on Cython support, diet status & archs
compiled in.
- Fixed some memory leaking bugs for Cython binding.
- Fix a bug crashing Cython code when accessing @regs_read/regs_write/groups.
- Support diet mode.
[ Java binding ]
- Fix some memory leaking bugs.
- New API version() returns combined version.
- Support diet mode.
- Better support for detail option.
[ Miscellaneous ]
- make.sh now can uninstall the core engine. This is done with:
$ sudo ./make.sh uninstall
----------------------------------
Version 2.0: January 22nd, 2014
Release 2.0 deprecates verison 1.0 and brings a lot of crucial changes.
[ API changes ]
- API version has been bumped to 2.0 (see cs_version() API)
- New API cs_strerror(errno) returns a string describing error code given
in its only argument.
- cs_version() now returns combined version encoding both major & minor versions.
- New option CS_OPT_MODE allows to change engine’s mode at run-time with
cs_option().
- New option CS_OPT_MEM allows to specify user-defined functions for dynamically
memory management used internally by Capstone. This is useful to embed Capstone
into special environments such as kernel or firware.
- New API cs_support() can be used to check if this lib supports a particular
architecture (this is necessary since we now allow to choose which architectures
to compile in).
- The detail option is OFF by default now. To get detail information, it should be
explicitly turned ON. The details then can be accessed using cs_insn.detail
pointer (to newly added structure cs_detail)
[ Core changes ]
- On memory usage, Capstone uses much less memory, but a lot faster now.
- User now can choose which architectures to be supported by modifying config.mk
before compiling/installing.
[ Architectures ]
- Arm
- Support Big-Endian mode (besides Little-Endian mode).
- Support friendly register, so instead of output sub "r12,r11,0x14",
we have "sub ip,fp,0x14".
- Arm64: support Big-Endian mode (besides Little-Endian mode).
- PowerPC: newly added.
- Mips: support friendly register, so instead of output "srl $2,$1,0x1f",
we have "srl $v0,$at,0x1f".
- X86: bug fixes.
[ Python binding ]
- Python binding is vastly improved in performance: around 3 ~ 4 times faster
than in 1.0.
- Cython support has been added, which can further speed up over the default
pure Python binding (up to 30% in some cases)
- Function cs_disasm_quick() & Cs.disasm() now use generator (rather than a list)
to return succesfully disassembled instructions. This improves the performance
and reduces memory usage.
[ Java binding ]
- Better performance & bug fixes.
[ Miscellaneous ]
- Fixed some installation issues with Gentoo Linux.
- Capstone now can easily compile/install on all *nix, including Linux, OSX,
{Net, Free, Open}BSD & Solaris.
----------------------------------
[Version 1.0]: December 18th, 2013
- Initial public release.
Capstone source is organized as followings. Capstone source is organized as followings.
. <- core engine + README + COMPILE etc . <- core engine + README + COMPILE.TXT etc
├── arch <- code handling disasm engine for each arch ├── arch <- code handling disasm engine for each arch
│   ├── AArch64 <- ARM64 (aka ARMv8) engine │   ├── AArch64 <- ARM64 (aka ARMv8) engine
│   ├── ARM <- ARM engine │   ├── ARM <- ARM engine
│   ├── Mips <- Mips engine │   ├── Mips <- Mips engine
│   ├── PowerPC <- PowerPC engine
│   └── X86 <- X86 engine │   └── X86 <- X86 engine
├── bindings <- all bindings are under this dir ├── bindings <- all bindings are under this dir
│   ├── csharp <- C# bindings + test code
│   ├── java <- Java bindings + test code │   ├── java <- Java bindings + test code
│   ├── ocaml <- Ocaml bindings + test code │   ├── ocaml <- Ocaml bindings + test code
│   ├── python <- Python bindings + test code │   ├── python <- Python bindings + test code
│   └── ruby <- Ruby bindings + test code
├── include <- API headers in C language (*.h) ├── include <- API headers in C language (*.h)
├── release <- Precompiled binaries ├── suite <- Development test tools - for Capstone developers only
│   ├── linux <- .deb, .rpm, python packages, etc
│   ├── mac <- .dmg
│   └── windows <- .msi, .exe, .dll, etc
├── tests <- Test code (in C language) ├── tests <- Test code (in C language)
Follow COMPILE to see how to compile and run code. Follow instructions in COMPILE.TXT to see how to compile and run code.
Note: if you find some strange bugs, it is recommended to firstly clean Note: if you find some strange bugs, it is recommended to firstly clean
the code and try to recompile/reinstall again. This can be done with: the code and try to recompile/reinstall again. This can be done with:
......
This is the software license for Capstone disassembly framework. This is the software license for Capstone disassembly framework.
Capstone has been designed & implemented by Nguyen Anh Quynh <aquynh@gmail.com> Capstone has been designed & implemented by Nguyen Anh Quynh <aquynh@gmail.com>
See http://www.capstone-engine.org for further information. See http://www.capstone-engine.org for further information.
Copyright (c) 2013, COSEINC. Copyright (c) 2013, COSEINC.
......
/* Capstone Disassembler Engine */ /* Capstone Disassembler Engine */
/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013> */ /* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013> */
#ifndef __CS_MCDISASSEMBLER_H__ #ifndef CS_MCDISASSEMBLER_H
#define __CS_MCDISASSEMBLER_H__ #define CS_MCDISASSEMBLER_H
typedef enum DecodeStatus { typedef enum DecodeStatus {
MCDisassembler_Fail = 0, MCDisassembler_Fail = 0,
......
...@@ -30,7 +30,7 @@ void MCInst_insert(MCInst *inst, int index, MCOperand *Op) ...@@ -30,7 +30,7 @@ void MCInst_insert(MCInst *inst, int index, MCOperand *Op)
inst->Operands[index] = *Op; inst->Operands[index] = *Op;
inst->size++; inst->size++;
free(Op); cs_mem_free(Op);
} }
void MCInst_setOpcode(MCInst *inst, unsigned Op) void MCInst_setOpcode(MCInst *inst, unsigned Op)
...@@ -71,7 +71,7 @@ int MCInst_addOperand(MCInst *inst, MCOperand *Op) ...@@ -71,7 +71,7 @@ int MCInst_addOperand(MCInst *inst, MCOperand *Op)
return -1; return -1;
inst->Operands[inst->size] = *Op; inst->Operands[inst->size] = *Op;
free(Op); cs_mem_free(Op);
inst->size++; inst->size++;
...@@ -152,7 +152,7 @@ void MCOperand_setFPImm(MCOperand *op, double Val) ...@@ -152,7 +152,7 @@ void MCOperand_setFPImm(MCOperand *op, double Val)
MCOperand *MCOperand_CreateReg(unsigned Reg) MCOperand *MCOperand_CreateReg(unsigned Reg)
{ {
MCOperand *op = malloc(sizeof(*op)); MCOperand *op = cs_mem_malloc(sizeof(*op));
op->Kind = kRegister; op->Kind = kRegister;
op->RegVal = Reg; op->RegVal = Reg;
...@@ -162,7 +162,7 @@ MCOperand *MCOperand_CreateReg(unsigned Reg) ...@@ -162,7 +162,7 @@ MCOperand *MCOperand_CreateReg(unsigned Reg)
MCOperand *MCOperand_CreateImm(int64_t Val) MCOperand *MCOperand_CreateImm(int64_t Val)
{ {
MCOperand *op = malloc(sizeof(*op)); MCOperand *op = cs_mem_malloc(sizeof(*op));
op->Kind = kImmediate; op->Kind = kImmediate;
op->ImmVal = Val; op->ImmVal = Val;
...@@ -172,7 +172,7 @@ MCOperand *MCOperand_CreateImm(int64_t Val) ...@@ -172,7 +172,7 @@ MCOperand *MCOperand_CreateImm(int64_t Val)
MCOperand *MCOperand_CreateFPImm(double Val) MCOperand *MCOperand_CreateFPImm(double Val)
{ {
MCOperand *op = malloc(sizeof(*op)); MCOperand *op = cs_mem_malloc(sizeof(*op));
op->Kind = kFPImmediate; op->Kind = kFPImmediate;
op->FPImmVal = Val; op->FPImmVal = Val;
......
...@@ -16,8 +16,8 @@ ...@@ -16,8 +16,8 @@
/* Capstone Disassembler Engine */ /* Capstone Disassembler Engine */
/* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013> */ /* By Nguyen Anh Quynh <aquynh@gmail.com>, 2013> */
#ifndef __CS_MC_MCINST_H #ifndef CS_MCINST_H
#define __CS_MC_MCINST_H #define CS_MCINST_H
#include <stdint.h> #include <stdint.h>
#include <stdbool.h> #include <stdbool.h>
...@@ -25,6 +25,7 @@ ...@@ -25,6 +25,7 @@
#include "include/capstone.h" #include "include/capstone.h"
typedef struct MCInst MCInst; typedef struct MCInst MCInst;
typedef struct cs_struct cs_struct;
typedef struct MCOperand MCOperand; typedef struct MCOperand MCOperand;
/// MCOperand - Instances of this class represent operands of the MCInst class. /// MCOperand - Instances of this class represent operands of the MCInst class.
...@@ -81,19 +82,66 @@ MCOperand *MCOperand_CreateImm(int64_t Val); ...@@ -81,19 +82,66 @@ MCOperand *MCOperand_CreateImm(int64_t Val);
MCOperand *MCOperand_CreateFPImm(double Val); MCOperand *MCOperand_CreateFPImm(double Val);
// NOTE: this structure is a flatten version of cs_insn struct
// Detail information of disassembled instruction
typedef struct cs_insn_flat {
// Instruction ID
// Find the instruction id from header file of corresponding architecture,
// such as arm.h for ARM, x86.h for X86, etc...
// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
unsigned int id;
// Address (EIP) of this instruction
// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
uint64_t address;
// Size of this instruction
// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
uint16_t size;
// Machine bytes of this instruction, with number of bytes indicated by @size above
// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
uint8_t bytes[16];
// Ascii text of instruction mnemonic
// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
char mnemonic[32];
// Ascii text of instruction operands
// This information is available even when CS_OPT_DETAIL = CS_OPT_OFF
char op_str[160];
// NOTE: All information below is not available when CS_OPT_DETAIL = CS_OPT_OFF
uint8_t regs_read[12]; // list of implicit registers read by this insn
uint8_t regs_read_count; // number of implicit registers read by this insn
uint8_t regs_write[20]; // list of implicit registers modified by this insn
uint8_t regs_write_count; // number of implicit registers modified by this insn
uint8_t groups[8]; // list of group this instruction belong to
uint8_t groups_count; // number of groups this insn belongs to
// Architecture-specific instruction info
union {
cs_x86 x86; // X86 architecture, including 16-bit, 32-bit & 64-bit mode
cs_arm64 arm64; // ARM64 architecture (aka AArch64)
cs_arm arm; // ARM architecture (including Thumb/Thumb2)
cs_mips mips; // MIPS architecture
cs_ppc ppc; // PowerPC architecture
};
} cs_insn_flat;
/// MCInst - Instances of this class represent a single low-level machine /// MCInst - Instances of this class represent a single low-level machine
/// instruction. /// instruction.
struct MCInst { struct MCInst {
unsigned Opcode; unsigned Opcode;
MCOperand Operands[32]; MCOperand Operands[32];
unsigned size; // number of operands unsigned size; // number of operands
cs_insn pub_insn; // insn to be exposed to public cs_insn_flat flat_insn; // insn to be exposed to public
cs_mode mode; // to be referenced by internal code
unsigned OpcodePub; unsigned OpcodePub;
cs_opt_value detail;
int insn_size; // instruction size int insn_size; // instruction size
int x86_segment; // remove when segment mem ref hack is redundant.
uint64_t address; // address of this insn uint64_t address; // address of this insn
cs_struct *csh; // save the main csh
}; };
void MCInst_Init(MCInst *inst); void MCInst_Init(MCInst *inst);
......
...@@ -63,10 +63,12 @@ static uint16_t DiffListIterator_getVal(DiffListIterator *d) ...@@ -63,10 +63,12 @@ static uint16_t DiffListIterator_getVal(DiffListIterator *d)
static bool DiffListIterator_next(DiffListIterator *d) static bool DiffListIterator_next(DiffListIterator *d)
{ {
MCPhysReg D;
if (d->List == 0) if (d->List == 0)
return false; return false;
MCPhysReg D = *d->List; D = *d->List;
d->List++; d->List++;
d->Val += D; d->Val += D;
...@@ -89,7 +91,7 @@ unsigned MCRegisterInfo_getMatchingSuperReg(MCRegisterInfo *RI, unsigned Reg, un ...@@ -89,7 +91,7 @@ unsigned MCRegisterInfo_getMatchingSuperReg(MCRegisterInfo *RI, unsigned Reg, un
return 0; return 0;
} }
DiffListIterator_init(&iter, Reg, RI->DiffLists + RI->Desc[Reg].SuperRegs); DiffListIterator_init(&iter, (MCPhysReg)Reg, RI->DiffLists + RI->Desc[Reg].SuperRegs);
DiffListIterator_next(&iter); DiffListIterator_next(&iter);
while(DiffListIterator_isValid(&iter)) { while(DiffListIterator_isValid(&iter)) {
...@@ -108,7 +110,7 @@ unsigned MCRegisterInfo_getSubReg(MCRegisterInfo *RI, unsigned Reg, unsigned Idx ...@@ -108,7 +110,7 @@ unsigned MCRegisterInfo_getSubReg(MCRegisterInfo *RI, unsigned Reg, unsigned Idx
DiffListIterator iter; DiffListIterator iter;
uint16_t *SRI = RI->SubRegIndices + RI->Desc[Reg].SubRegIndices; uint16_t *SRI = RI->SubRegIndices + RI->Desc[Reg].SubRegIndices;
DiffListIterator_init(&iter, Reg, RI->DiffLists + RI->Desc[Reg].SubRegs); DiffListIterator_init(&iter, (MCPhysReg)Reg, RI->DiffLists + RI->Desc[Reg].SubRegs);
DiffListIterator_next(&iter); DiffListIterator_next(&iter);
while(DiffListIterator_isValid(&iter)) { while(DiffListIterator_isValid(&iter)) {
......
# Capstone Disassembler Engine # Capstone Disassembly Engine