zydis/README.md

Zyan Disassembler Engine (Zydis) [![Build Status](https://travis-ci.org/zyantific/zyan-disassembler-engine.svg?branch=master)](https://travis-ci.org/zyantific/zyan-disassembler-engine)
================================

Fast and lightweight x86/x86-64 disassembler library.

## Features ##

- Supports all x86 and x86-64 (AMD64) General purpose and System instructions.
- Supported ISA extensions:
 - MMX, FPU (x87), AMD 3DNow
 - SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,
 - AMD-V, INTEL-VMX, SMX
- Optimized for high performance
- Very small overhead compared to other common disassembler libraries (about 60KiB)
- Abstract formatter and symbol-resolver classes for custom syntax implementations.
 - Intel syntax is implemented by default
- Complete doxygen documentation

## Quick Example ##

The following example program uses Zydis to disassemble a given memory buffer and prints the output to the console.

```c++
#include <iostream>
#include <iomanip>
#include <stdint.h>
#include <Zydis.hpp>

int main()
{
    uint8_t data[] =
    {
        0x51, 0x8D, 0x45, 0xFF, 0x50, 0xFF, 0x75, 0x0C, 0xFF, 0x75, 
        0x08, 0xFF, 0x15, 0xA0, 0xA5, 0x48, 0x76, 0x85, 0xC0, 0x0F, 
        0x88, 0xFC, 0xDA, 0x02, 0x00
    };

    Zydis::MemoryInput input(&data[0], sizeof(data));
    Zydis::InstructionInfo info;
    Zydis::InstructionDecoder decoder;
    decoder.setDisassemblerMode(Zydis::DisassemblerMode::M32BIT);
    decoder.setDataSource(&input);
    decoder.setInstructionPointer(0x00400000);
    Zydis::IntelInstructionFormatter formatter;

    while (decoder.decodeInstruction(info))
    {
        std::cout << std::hex << std::setw(8) << std::setfill('0') 
                  << std::uppercase << info.instrAddress << " "; 

        if (info.flags & Zydis::IF_ERROR_MASK)
        {
            std::cout << "db " << std::setw(2) 
                      << static_cast<int>(info.data[0]) 
                      << std::endl;    
        } 
        else
        {
            std::cout << formatter.formatInstruction(info) << std::endl;
        }
    }
}
```

## Sample Output ##

The above example program generates the following output:

```
00400000 push ecx
00400001 lea eax, [ebp-01]
00400004 push eax
00400005 push dword ptr [ebp+0C]
00400008 push dword ptr [ebp+08]
0040000B call dword ptr [7648A5A0]
00400011 test eax, eax
00400013 js 0042DB15
```

## Compilation ##

Zydis builds cleanly on most platforms without any external dependencies. You can use CMake to generate project files for your favorite C++14 compiler.

## Documentation ##

[The HTML Doxygen documentation](https://www.zyantific.com/doc/zydis/index.html) is automatically built from master every 12 hours.

## License ##

Zyan Disassembler Engine is licensed under the MIT License. Dependencies are under their respective licenses.
improved documentation and README.md 2015-05-22 23:23:32 +08:00			`Zyan Disassembler Engine (Zydis) [![Build Status](https://travis-ci.org/zyantific/zyan-disassembler-engine.svg?branch=master)](https://travis-ci.org/zyantific/zyan-disassembler-engine)`
			`================================`
Initial commit 2014-10-25 05:05:43 +08:00
			`Fast and lightweight x86/x86-64 disassembler library.`
Initial commit 2014-10-25 05:11:16 +08:00
			`## Features ##`

			`- Supports all x86 and x86-64 (AMD64) General purpose and System instructions.`
			`- Supported ISA extensions:`
			`- MMX, FPU (x87), AMD 3DNow`
			`- SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, AES,`
			`- AMD-V, INTEL-VMX, SMX`
			`- Optimized for high performance`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`- Very small overhead compared to other common disassembler libraries (about 60KiB)`
Initial commit 2014-10-25 05:11:16 +08:00			`- Abstract formatter and symbol-resolver classes for custom syntax implementations.`
			`- Intel syntax is implemented by default`
Fixed instruction pointer pointing to current instead of next instruction Added instruction address field to the VXInstructionInfo struct Added operand access mode information to the VXOperandInfo struct Added abstract data provider interface for the VXInstructionDecoder Added concrete VXBufferDataProvider and VXStreamDataProvider classes Published effectively used REX/VEX.w/r/x/b and VEX.l values in the VXInstructionInfo struct Published extended modrm.reg/rm and sib.base/index values in the VXInstructionInfo struct Internal changes and improvements 2014-10-27 21:10:22 +08:00			`- Complete doxygen documentation`
Initial commit 2014-10-25 05:11:16 +08:00
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`## Quick Example ##`

Project name changed and C-Bindings reverted * Changed project name to Zydis * Removed Zydis (former VX) prefix from classes and enums * Renamed Verteron namespace to Zydis * Reverted C-Bindings back to the old solution * C-Bindings are now based on the C++ source again (and not the other way around) 2015-05-16 11:05:17 +08:00			`The following example program uses Zydis to disassemble a given memory buffer and prints the output to the console.`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00
improved documentation and README.md 2015-05-22 23:23:32 +08:00			```c++
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`#include <iostream>`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`#include <iomanip>`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`#include <stdint.h>`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`#include <Zydis.hpp>`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`int main()`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`{`
			`uint8_t data[] =`
			`{`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`0x51, 0x8D, 0x45, 0xFF, 0x50, 0xFF, 0x75, 0x0C, 0xFF, 0x75,`
			`0x08, 0xFF, 0x15, 0xA0, 0xA5, 0x48, 0x76, 0x85, 0xC0, 0x0F,`
			`0x88, 0xFC, 0xDA, 0x02, 0x00`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`};`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00
Minor readme changes 2015-05-16 11:06:52 +08:00			`Zydis::MemoryInput input(&data[0], sizeof(data));`
			`Zydis::InstructionInfo info;`
			`Zydis::InstructionDecoder decoder;`
Fixed readme 2015-05-22 04:59:24 +08:00			`decoder.setDisassemblerMode(Zydis::DisassemblerMode::M32BIT);`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`decoder.setDataSource(&input);`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`decoder.setInstructionPointer(0x00400000);`
Minor readme changes 2015-05-16 11:06:52 +08:00			`Zydis::IntelInstructionFormatter formatter;`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`while (decoder.decodeInstruction(info))`
			`{`
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`std::cout << std::hex << std::setw(8) << std::setfill('0')`
			`<< std::uppercase << info.instrAddress << " ";`

			`if (info.flags & Zydis::IF_ERROR_MASK)`
			`{`
			`std::cout << "db " << std::setw(2)`
			`<< static_cast<int>(info.data[0])`
			`<< std::endl;`
			`}`
			`else`
			`{`
			`std::cout << formatter.formatInstruction(info) << std::endl;`
			`}`
Removed the "Disassembler" namespace Added experimental Clang compiler support 2014-11-03 22:15:48 +08:00			`}`
			`}`
			```

Added sample output to README 2016-04-06 06:15:12 +08:00			`## Sample Output ##`

			`The above example program generates the following output:`

			```
use an example with a little more interesting output 2016-04-16 04:11:49 +08:00			`00400000 push ecx`
			`00400001 lea eax, [ebp-01]`
			`00400004 push eax`
			`00400005 push dword ptr [ebp+0C]`
			`00400008 push dword ptr [ebp+08]`
			`0040000B call dword ptr [7648A5A0]`
			`00400011 test eax, eax`
			`00400013 js 0042DB15`
Added sample output to README 2016-04-06 06:15:12 +08:00			```

Initial commit 2014-10-25 05:11:16 +08:00			`## Compilation ##`
improved documentation and README.md 2015-05-22 23:23:32 +08:00
Improved C-bindings again * Implemented API for custom data souces * Internal changes 2015-05-20 03:45:53 +08:00			`Zydis builds cleanly on most platforms without any external dependencies. You can use CMake to generate project files for your favorite C++14 compiler.`
improved documentation and README.md 2015-05-22 23:23:32 +08:00
			`## Documentation ##`

			`[The HTML Doxygen documentation](https://www.zyantific.com/doc/zydis/index.html) is automatically built from master every 12 hours.`

Initial commit 2014-10-25 05:11:16 +08:00			`## License ##`
improved documentation and README.md 2015-05-22 23:23:32 +08:00
Project name changed and C-Bindings reverted * Changed project name to Zydis * Removed Zydis (former VX) prefix from classes and enums * Renamed Verteron namespace to Zydis * Reverted C-Bindings back to the old solution * C-Bindings are now based on the C++ source again (and not the other way around) 2015-05-16 11:05:17 +08:00			`Zyan Disassembler Engine is licensed under the MIT License. Dependencies are under their respective licenses.`