d-capstone ~master (2018-10-18T01:46:52Z)

capstone.capstone

capstone

Members

Aliases

cs_regs
alias cs_regs = ushort[64]

Type of array to keep the list of registers

cs_skipdata_cb_t
alias cs_skipdata_cb_t = c_ulong function(const(ubyte)* code, size_t code_size, size_t offset, void* user_data)

User-defined callback function for SKIPDATA option. See tests/test_skipdata.c for sample code demonstrating this API.

Enums

cs_ac_type
enum cs_ac_type

Common instruction operand access types - to be consistent across all architectures. It is possible to combine access types, for example: CS_AC_READ | CS_AC_WRITE

cs_arch
enum cs_arch

Architecture type

cs_err
enum cs_err

All type of errors encountered by Capstone API. These are values returned by cs_errno()

cs_group_type
enum cs_group_type

Common instruction groups - to be consistent across all architectures.

cs_mode
enum cs_mode

Mode type

cs_op_type
enum cs_op_type

Common instruction operand types - to be consistent across all architectures.

cs_opt_type
enum cs_opt_type

Runtime option for the disassembled engine

cs_opt_value
enum cs_opt_value

Runtime option value (associated with option type above)

Functions

CS_INSN_OFFSET
auto CS_INSN_OFFSET(auto ref T0 insns, auto ref T1 post)

Calculate the offset of a disassembled instruction in its buffer, given its position in its array of disassembled insn NOTE: this macro works with position (>=1), not index

CS_MAKE_VERSION
auto CS_MAKE_VERSION(auto ref T0 major, auto ref T1 minor)

Macro to create combined version which can be compared to result of cs_version() API.

cs_close
cs_err cs_close(csh* handle)

Close CS handle: MUST do to release the handle when it is not used anymore. NOTE: this must be only called when there is no longer usage of Capstone, not even access to cs_insn array. The reason is the this API releases some cached memory, thus access to any Capstone API after cs_close() might crash your application.

cs_disasm
size_t cs_disasm(csh handle, const(ubyte)* code, size_t code_size, ulong address, size_t count, cs_insn** insn)

Disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API dynamically allocate memory to contain disassembled instruction. Resulting instructions will be put into @*insn

cs_disasm_ex
size_t cs_disasm_ex(csh handle, const(ubyte)* code, size_t code_size, ulong address, size_t count, cs_insn** insn)

Deprecated function - to be retired in the next version! Use cs_disasm() instead of cs_disasm_ex()

cs_disasm_iter
bool cs_disasm_iter(csh handle, const(ubyte*)* code, size_t* size, ulong* address, cs_insn* insn)

Fast API to disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API puts the resulting instruction into a given cache in @insn. See tests/test_iter.c for sample code demonstrating this API.

cs_errno
cs_err cs_errno(csh handle)

Report the last error number when some API function fail. Like glibc's errno, cs_errno might not retain its old value once accessed.

cs_free
void cs_free(cs_insn* insn, size_t count)

Free memory allocated by cs_malloc() or cs_disasm() (argument @insn)

cs_group_name
const(char)* cs_group_name(csh handle, uint group_id)

Return friendly name of a group id (that an instruction can belong to) Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)

cs_insn_group
bool cs_insn_group(csh handle, const(cs_insn)* insn, uint group_id)

Check if a disassembled instruction belong to a particular group. Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) Internally, this simply verifies if @group_id matches any member of insn->groups array.

cs_insn_name
const(char)* cs_insn_name(csh handle, uint insn_id)

Return friendly name of an instruction in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)

cs_malloc
cs_insn* cs_malloc(csh handle)

Allocate memory for 1 instruction to be used by cs_disasm_iter().

cs_op_count
int cs_op_count(csh handle, const(cs_insn)* insn, uint op_type)

Count the number of operands of a given type. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)

cs_op_index
int cs_op_index(csh handle, const(cs_insn)* insn, uint op_type, uint position)

Retrieve the position of operand of given type in <arch>.operands[] array. Later, the operand can be accessed using the returned position. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)

cs_open
cs_err cs_open(cs_arch arch, cs_mode mode, csh* handle)

Initialize CS handle: this must be done before any usage of CS.

cs_option
cs_err cs_option(csh handle, cs_opt_type type, size_t value)

Set option for disassembling engine at runtime

cs_reg_name
const(char)* cs_reg_name(csh handle, uint reg_id)

Return friendly name of register in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...)

cs_reg_read
bool cs_reg_read(csh handle, const(cs_insn)* insn, uint reg_id)

Check if a disassembled instruction IMPLICITLY used a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) Internally, this simply verifies if @reg_id matches any member of insn->regs_read array.

cs_reg_write
bool cs_reg_write(csh handle, const(cs_insn)* insn, uint reg_id)

Check if a disassembled instruction IMPLICITLY modified a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) Internally, this simply verifies if @reg_id matches any member of insn->regs_write array.

cs_regs_access
cs_err cs_regs_access(csh handle, const(cs_insn)* insn, cs_regs regs_read, ubyte* regs_read_count, cs_regs regs_write, ubyte* regs_write_count)

Retrieve all the registers accessed by an instruction, either explicitly or implicitly.

cs_strerror
const(char)* cs_strerror(cs_err code)

Return a string describing given error code.

cs_support
bool cs_support(int query)

This API can be used to either ask for archs supported by this library, or check to see if the library was compile with 'diet' option (or called in 'diet' mode).

cs_version
uint cs_version(int* major, int* minor)

Return combined API version & major and minor version numbers.

Manifest constants

CS_MNEMONIC_SIZE
enum CS_MNEMONIC_SIZE;

Maximum size of an instruction mnemonic string.

Structs

cs_detail
struct cs_detail

NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON Initialized as memset(., 0, offsetof(cs_detail, ARCH)+sizeof(cs_ARCH)) by ARCH_getInstruction in arch/ARCH/ARCHDisassembler.c if cs_detail changes, in particular if a field is added after the union, then update arch/ARCH/ARCHDisassembler.c accordingly

cs_insn
struct cs_insn

Detail information of disassembled instruction

cs_opt_mem
struct cs_opt_mem

User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf() By default, Capstone uses system's malloc(), calloc(), realloc(), free() & vsnprintf().

cs_opt_mnem
struct cs_opt_mnem

Customize mnemonic for instructions with alternative name. To reset existing customized instruction to its default mnemonic, call cs_option(CS_OPT_MNEMONIC) again with the same @id and NULL value for @mnemonic.

cs_opt_skipdata
struct cs_opt_skipdata

User-customized setup for SKIPDATA option

Meta

Source

See Source File

capstone modules
Page generated by adrdox