Ported & renamed `cbInstrCapstone`
This commit is contained in:
parent
16942049b3
commit
3fca5c9191
|
@ -207,11 +207,8 @@ bool cbInstrCopystr(int argc, char* argv[])
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool cbInstrCapstone(int argc, char* argv[])
|
bool cbInstrZydis(int argc, char* argv[])
|
||||||
{
|
{
|
||||||
return false;
|
|
||||||
|
|
||||||
/*
|
|
||||||
if(IsArgumentsLessThan(argc, 2))
|
if(IsArgumentsLessThan(argc, 2))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
@ -233,7 +230,7 @@ bool cbInstrCapstone(int argc, char* argv[])
|
||||||
if(!valfromstring(argv[2], &addr, false))
|
if(!valfromstring(argv[2], &addr, false))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
Capstone cp;
|
Zydis cp;
|
||||||
if(!cp.Disassemble(addr, data))
|
if(!cp.Disassemble(addr, data))
|
||||||
{
|
{
|
||||||
dputs_untranslated("Failed to disassemble!\n");
|
dputs_untranslated("Failed to disassemble!\n");
|
||||||
|
@ -242,54 +239,34 @@ bool cbInstrCapstone(int argc, char* argv[])
|
||||||
|
|
||||||
auto instr = cp.GetInstr();
|
auto instr = cp.GetInstr();
|
||||||
int argcount = instr->operandCount;
|
int argcount = instr->operandCount;
|
||||||
dprintf_untranslated("%s %s | %s\n", instr->mnemonic, instr->op_str, cp.InstructionText(true).c_str());
|
dputs_untranslated(cp.InstructionText(true).c_str());
|
||||||
dprintf_untranslated("size: %d, id: %d, opcount: %d\n", cp.Size(), cp.GetId(), cp.OpCount());
|
dprintf_untranslated("size: %d, id: %d, opcount: %d\n", cp.Size(), cp.GetId(), instr->operandCount);
|
||||||
if(detail->regs_read_count)
|
|
||||||
{
|
|
||||||
dprintf_untranslated("implicit read:");
|
|
||||||
for(uint8_t i = 0; i < detail->regs_read_count; i++)
|
|
||||||
dprintf(" %s", cp.RegName(x86_reg(detail->regs_read[i])));
|
|
||||||
dputs_untranslated("");
|
|
||||||
}
|
|
||||||
if(detail->regs_write_count)
|
|
||||||
{
|
|
||||||
dprintf_untranslated("implicit write:");
|
|
||||||
for(uint8_t i = 0; i < detail->regs_write_count; i++)
|
|
||||||
dprintf(" %s", cp.RegName(x86_reg(detail->regs_write[i])));
|
|
||||||
dputs_untranslated("");
|
|
||||||
}
|
|
||||||
auto rwstr = [](uint8_t access)
|
auto rwstr = [](uint8_t access)
|
||||||
{
|
{
|
||||||
switch(access)
|
if(access & ZYDIS_OPERAND_ACTION_READ && access & ZYDIS_OPERAND_ACTION_WRITE)
|
||||||
{
|
|
||||||
case CS_AC_INVALID:
|
|
||||||
return "none";
|
|
||||||
case CS_AC_READ:
|
|
||||||
return "read";
|
|
||||||
case CS_AC_WRITE:
|
|
||||||
return "write";
|
|
||||||
case CS_AC_READ | CS_AC_WRITE:
|
|
||||||
return "read+write";
|
return "read+write";
|
||||||
default:
|
if(access & ZYDIS_OPERAND_ACTION_READ)
|
||||||
|
return "read";
|
||||||
|
if(access & ZYDIS_OPERAND_ACTION_WRITE)
|
||||||
|
return "write";
|
||||||
return "???";
|
return "???";
|
||||||
}
|
|
||||||
};
|
};
|
||||||
for(int i = 0; i < argcount; i++)
|
for(int i = 0; i < argcount; i++)
|
||||||
{
|
{
|
||||||
const cs_x86_op & op = x86.operands[i];
|
const auto & op = instr->operands[i];
|
||||||
dprintf("operand %d (size: %d, access: %s) \"%s\", ", i + 1, op.size, rwstr(op.access), cp.OperandText(i).c_str());
|
dprintf("operand %d (size: %d, access: %s) \"%s\", ", i + 1, op.size, rwstr(op.action), cp.OperandText(i).c_str());
|
||||||
switch(op.type)
|
switch(op.type)
|
||||||
{
|
{
|
||||||
case X86_OP_REG:
|
case ZYDIS_OPERAND_TYPE_REGISTER:
|
||||||
dprintf_untranslated("register: %s\n", cp.RegName((x86_reg)op.reg));
|
dprintf_untranslated("register: %s\n", cp.RegName(op.reg.value));
|
||||||
break;
|
break;
|
||||||
case X86_OP_IMM:
|
case ZYDIS_OPERAND_TYPE_IMMEDIATE:
|
||||||
dprintf_untranslated("immediate: 0x%p\n", op.imm);
|
dprintf_untranslated("immediate: 0x%p\n", op.imm);
|
||||||
break;
|
break;
|
||||||
case X86_OP_MEM:
|
case ZYDIS_OPERAND_TYPE_MEMORY:
|
||||||
{
|
{
|
||||||
//[base + index * scale +/- disp]
|
//[base + index * scale +/- disp]
|
||||||
const x86_op_mem & mem = op.mem;
|
const auto & mem = op.mem;
|
||||||
dprintf_untranslated("memory segment: %s, base: %s, index: %s, scale: %d, displacement: 0x%p\n",
|
dprintf_untranslated("memory segment: %s, base: %s, index: %s, scale: %d, displacement: 0x%p\n",
|
||||||
cp.RegName(mem.segment),
|
cp.RegName(mem.segment),
|
||||||
cp.RegName(mem.base),
|
cp.RegName(mem.base),
|
||||||
|
@ -302,7 +279,6 @@ bool cbInstrCapstone(int argc, char* argv[])
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
*/
|
|
||||||
}
|
}
|
||||||
|
|
||||||
bool cbInstrVisualize(int argc, char* argv[])
|
bool cbInstrVisualize(int argc, char* argv[])
|
||||||
|
|
|
@ -7,7 +7,7 @@ bool cbDebugBenchmark(int argc, char* argv[]);
|
||||||
bool cbInstrSetstr(int argc, char* argv[]);
|
bool cbInstrSetstr(int argc, char* argv[]);
|
||||||
bool cbInstrGetstr(int argc, char* argv[]);
|
bool cbInstrGetstr(int argc, char* argv[]);
|
||||||
bool cbInstrCopystr(int argc, char* argv[]);
|
bool cbInstrCopystr(int argc, char* argv[]);
|
||||||
bool cbInstrCapstone(int argc, char* argv[]);
|
bool cbInstrZydis(int argc, char* argv[]);
|
||||||
bool cbInstrVisualize(int argc, char* argv[]);
|
bool cbInstrVisualize(int argc, char* argv[]);
|
||||||
bool cbInstrMeminfo(int argc, char* argv[]);
|
bool cbInstrMeminfo(int argc, char* argv[]);
|
||||||
bool cbInstrBriefcheck(int argc, char* argv[]);
|
bool cbInstrBriefcheck(int argc, char* argv[]);
|
||||||
|
|
|
@ -428,7 +428,7 @@ static void registercommands()
|
||||||
dbgcmdnew("setstr,strset", cbInstrSetstr, false); //set a string variable
|
dbgcmdnew("setstr,strset", cbInstrSetstr, false); //set a string variable
|
||||||
dbgcmdnew("getstr,strget", cbInstrGetstr, false); //get a string variable
|
dbgcmdnew("getstr,strget", cbInstrGetstr, false); //get a string variable
|
||||||
dbgcmdnew("copystr,strcpy", cbInstrCopystr, true); //write a string variable to memory
|
dbgcmdnew("copystr,strcpy", cbInstrCopystr, true); //write a string variable to memory
|
||||||
dbgcmdnew("capstone", cbInstrCapstone, true); //disassemble using capstone
|
dbgcmdnew("zydis", cbInstrZydis, true); //disassemble using zydis
|
||||||
dbgcmdnew("visualize", cbInstrVisualize, true); //visualize analysis
|
dbgcmdnew("visualize", cbInstrVisualize, true); //visualize analysis
|
||||||
dbgcmdnew("meminfo", cbInstrMeminfo, true); //command to debug memory map bugs
|
dbgcmdnew("meminfo", cbInstrMeminfo, true); //command to debug memory map bugs
|
||||||
dbgcmdnew("briefcheck", cbInstrBriefcheck, true); //check if mnemonic briefs are missing
|
dbgcmdnew("briefcheck", cbInstrBriefcheck, true); //check if mnemonic briefs are missing
|
||||||
|
|
Loading…
Reference in New Issue