Class: Crabstone::Disassembler

Inherits:

Object

• Object
• Crabstone::Disassembler

Defined in:

lib/crabstone.rb

Instance Attribute Summary

• #arch ⇒ Object readonly

  Returns the value of attribute arch.

• #csh ⇒ Object readonly

  Returns the value of attribute csh.

• #decomposer ⇒ Object

  Returns the value of attribute decomposer.

• #mode ⇒ Object readonly

  Returns the value of attribute mode.

• #syntax ⇒ Object

  Returns the value of attribute syntax.

Instance Method Summary

• #close ⇒ Object

  After you close the engine, don’t use it anymore.

• #diet? ⇒ Boolean
• #disasm(code, offset, count = 0) ⇒ Object
• #errno ⇒ Object
• #initialize(arch, mode) ⇒ Disassembler constructor

  A new instance of Disassembler.

• #reg_name(regid) ⇒ Object
• #set_raw_option(opt, val) ⇒ Object
• #skipdata(mnemonic = '.byte') ⇒ Object
• #skipdata_off ⇒ Object
• #version ⇒ Object

Constructor Details

#initialize(arch, mode) ⇒ Disassembler

Returns a new instance of Disassembler.

# File 'lib/crabstone.rb', line 433

def initialize arch, mode

  maj, min = version
  if maj != BINDING_MAJ || min != BINDING_MIN
    raise "FATAL: Binding for #{BINDING_MAJ}.#{BINDING_MIN}, found #{maj}.#{min}"
  end

  @arch    = arch
  @mode    = mode
  p_size_t = FFI::MemoryPointer.new :ulong_long
  @p_csh    = FFI::MemoryPointer.new p_size_t
  if ( res = Binding.cs_open( arch, mode, @p_csh )).nonzero?
    Crabstone.raise_errno res
  end

  @csh = @p_csh.read_ulong_long

end

Instance Attribute Details

#arch ⇒ Object (readonly)

Returns the value of attribute arch.

# File 'lib/crabstone.rb', line 431

def arch
  @arch
end

#csh ⇒ Object (readonly)

Returns the value of attribute csh.

# File 'lib/crabstone.rb', line 431

def csh
  @csh
end

#decomposer ⇒ Object

Returns the value of attribute decomposer.

# File 'lib/crabstone.rb', line 431

def decomposer
  @decomposer
end

#mode ⇒ Object (readonly)

Returns the value of attribute mode.

# File 'lib/crabstone.rb', line 431

def mode
  @mode
end

#syntax ⇒ Object

Returns the value of attribute syntax.

# File 'lib/crabstone.rb', line 431

def syntax
  @syntax
end

Instance Method Details

#close ⇒ Object

After you close the engine, don’t use it anymore. Can’t believe I even have to write this.

# File 'lib/crabstone.rb', line 454

def close
  if ( res = Binding.cs_close(@p_csh) ).nonzero?
    Crabstone.raise_errno res
  end
end

#diet? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/crabstone.rb', line 480

def diet?
  DIET_MODE
end

#disasm(code, offset, count = 0) ⇒ Object

# File 'lib/crabstone.rb', line 532

def disasm code, offset, count = 0
  return [] if code.empty?

  insn_ptr   = FFI::MemoryPointer.new :pointer
  insn_count = Binding.cs_disasm(
    @csh,
    code,
    code.bytesize,
    offset,
    count,
    insn_ptr
  )
  Crabstone.raise_errno(errno) if insn_count.zero?

  insns = (0...insn_count * Binding::Instruction.size).step(Binding::Instruction.size).map do |off|
    cs_insn_ptr = Binding.malloc Binding::Instruction.size
    cs_insn = Binding::Instruction.new cs_insn_ptr
    Binding.memcpy(cs_insn_ptr, insn_ptr.read_pointer + off, Binding::Instruction.size)
    Instruction.new @csh, cs_insn, @arch
  end

  Binding.free(insn_ptr.read_pointer)

  insns
end

#errno ⇒ Object

# File 'lib/crabstone.rb', line 484

def errno
  Binding.cs_errno(csh)
end

#reg_name(regid) ⇒ Object

# File 'lib/crabstone.rb', line 525

def reg_name regid
  Crabstone.raise_errno( Crabstone::ERRNO_KLASS[ErrDiet] ) if DIET_MODE
  name = Binding.cs_reg_name(csh, regid)
  Crabstone.raise_errno( Crabstone::ERRNO_KLASS[ErrCsh] ) unless name
  name
end

#set_raw_option(opt, val) ⇒ Object

# File 'lib/crabstone.rb', line 558

def set_raw_option opt, val
  res = Binding.cs_option csh, opt, val
  Crabstone.raise_errno res if res.nonzero?
end

#skipdata(mnemonic = '.byte') ⇒ Object

# File 'lib/crabstone.rb', line 488

def skipdata mnemonic='.byte'

  cfg = Binding::SkipdataConfig.new
  cfg[:mnemonic] = FFI::MemoryPointer.from_string String(mnemonic)

  if block_given?

    real_cb = FFI::Function.new(
      :size_t,
      [:pointer, :size_t, :size_t, :pointer]
    ) {|code, sz, offset, _|

      code = code.read_array_of_uchar(sz).pack('c*')
      begin
        res = yield code, offset
        Integer(res)
      rescue
        warn "Error in skipdata callback: #{$!}"
        # It will go on to crash, but now at least there's more info :)
      end
    }

    cfg[:callback] = real_cb

  end

  res = Binding.cs_option(csh, OPT_SKIPDATA_SETUP, cfg.pointer.address)
  Crabstone.raise_errno res if res.nonzero?
  res = Binding.cs_option(csh, OPT_SKIPDATA, SKIPDATA[true])
  Crabstone.raise_errno res if res.nonzero?
end

#skipdata_off ⇒ Object

# File 'lib/crabstone.rb', line 520

def skipdata_off
  res = Binding.cs_option(csh, OPT_SKIPDATA, SKIPDATA[false])
  Crabstone.raise_errno res if res.nonzero?
end

#version ⇒ Object

# File 'lib/crabstone.rb', line 473

def version
  maj = FFI::MemoryPointer.new(:int)
  min = FFI::MemoryPointer.new(:int)
  Binding.cs_version maj, min
  [ maj.read_int, min.read_int ]
end