DBG: added simple capstone wrapper

x64_dbg_dbg/capstone_wrapper.cpp

@@ -0,0 +1,45 @@
+#include "console.h"
+#include "capstone_wrapper.h"
+
+Capstone::Capstone()
+{
+    mHandle = 0;
+    mInstr = 0;
+#ifdef _WIN64
+    mError = cs_open(CS_ARCH_X86, CS_MODE_64, &mHandle);
+#else //x86
+    mError = cs_open(CS_ARCH_X86, CS_MODE_32, &mHandle);
+#endif //_WIN64
+    if(mError)
+        mHandle = 0;
+    else
+        cs_option(mHandle, CS_OPT_DETAIL, CS_OPT_ON);
+}
+
+bool Capstone::Disassemble(uint addr, unsigned char data[MAX_DISASM_BUFFER])
+{
+    if(mInstr) //free last disassembled instruction
+    {
+        cs_free(mInstr, 1);
+        mInstr = 0;
+    }
+    return !!cs_disasm(mHandle, (const uint8_t*)data, MAX_DISASM_BUFFER, addr, 1, &mInstr);
+}
+
+const cs_insn* Capstone::GetInstr()
+{
+    return mInstr;
+}
+
+const cs_err Capstone::GetError()
+{
+    return mError;
+}
+
+Capstone::~Capstone()
+{
+    if(mInstr) //free last disassembled instruction
+        cs_free(mInstr, 1);
+    if(mHandle) //close handle
+        cs_close(&mHandle);
+}

x64_dbg_dbg/capstone_wrapper.h

@@ -0,0 +1,23 @@
+#ifndef _CAPSTONE_WRAPPER_H
+#define _CAPSTONE_WRAPPER_H
+
+#include "capstone\capstone.h"
+
+#define MAX_DISASM_BUFFER 16
+
+class Capstone
+{
+public:
+    Capstone();
+    ~Capstone();
+    bool Disassemble(uint addr, unsigned char data[MAX_DISASM_BUFFER]);
+    const cs_insn* GetInstr();
+    const cs_err GetError();
+
+private:
+    csh mHandle;
+    cs_insn* mInstr;
+    cs_err mError;
+};
+
+#endif //_CAPSTONE_WRAPPER_H

x64_dbg_dbg/instruction.cpp

@@ -1448,6 +1448,7 @@ CMDRESULT cbInstrFindAsm(int argc, char* argv[])
 }
 
 #include "capstone\capstone.h"
+#include "capstone_wrapper.h"
 
 CMDRESULT cbInstrCapstone(int argc, char* argv[])
 {
@@ -1464,36 +1465,28 @@ CMDRESULT cbInstrCapstone(int argc, char* argv[])
         return STATUS_ERROR;
     }
 
-    char data[16];
+    unsigned char data[16];
     if(!memread(fdProcessInfo->hProcess, (const void*)addr, data, sizeof(data), 0))
     {
         dprintf("could not read memory at %p\n", addr);
         return STATUS_ERROR;
     }
 
-    csh handle;
-#ifdef _WIN64
-    cs_err error = cs_open(CS_ARCH_X86, CS_MODE_64, &handle);
-#else //x86
-    cs_err error = cs_open(CS_ARCH_X86, CS_MODE_32, &handle);
-#endif //_WIN64
-    if(error)
+    Capstone cp;
+    if(cp.GetError()) //there was an error opening the handle
     {
-        dprintf("cs_open() failed, error code %u\n", error);
+        dprintf("cs_open() failed, error code %u\n", cp.GetError());
         return STATUS_ERROR;
     }
-    cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON);
 
-    cs_insn* instr;
-    size_t count = cs_disasm(handle, (const uint8_t*)data, sizeof(data), addr, 1, &instr);
-    if(count)
+    if(!cp.Disassemble(addr, data))
     {
-        dprintf("%p: %s %s\n", instr->address, instr->mnemonic, instr->op_str);
-        cs_free(instr, count); //free instruction buffer
+        dputs("failed to disassemble!");
+        return STATUS_ERROR;
     }
-    else //error
-        dputs("failed to disassemble code!");
 
-    cs_close(&handle);
+    const cs_insn* instr = cp.GetInstr();
+    dprintf("%p: %s %s\n", instr->address, instr->mnemonic, instr->op_str);
+
     return STATUS_CONTINUE;
 }

x64_dbg_dbg/x64_dbg_dbg.vcxproj

@@ -15,6 +15,7 @@
     <ClCompile Include="argument.cpp" />
     <ClCompile Include="assemble.cpp" />
     <ClCompile Include="breakpoint.cpp" />
+    <ClCompile Include="capstone_wrapper.cpp" />
     <ClCompile Include="command.cpp" />
     <ClCompile Include="console.cpp" />
     <ClCompile Include="debugger.cpp" />
@@ -66,6 +67,7 @@
     <ClInclude Include="capstone\systemz.h" />
     <ClInclude Include="capstone\x86.h" />
     <ClInclude Include="capstone\xcore.h" />
+    <ClInclude Include="capstone_wrapper.h" />
     <ClInclude Include="command.h" />
     <ClInclude Include="console.h" />
     <ClInclude Include="dbghelp\dbghelp.h" />

x64_dbg_dbg/x64_dbg_dbg.vcxproj.filters

@@ -183,6 +183,9 @@
     <ClCompile Include="log.cpp">
       <Filter>Source Files\Utilities</Filter>
     </ClCompile>
+    <ClCompile Include="capstone_wrapper.cpp">
+      <Filter>Source Files\Utilities</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="x64_dbg.h">
@@ -368,5 +371,8 @@
     <ClInclude Include="capstone\xcore.h">
       <Filter>Header Files\Third Party\capstone</Filter>
     </ClInclude>
+    <ClInclude Include="capstone_wrapper.h">
+      <Filter>Header Files\Utilities</Filter>
+    </ClInclude>
   </ItemGroup>
 </Project>