1*9a0e4156SSadaf Ebrahimi /* Capstone Disassembly Engine */
2*9a0e4156SSadaf Ebrahimi /* By Nguyen Anh Quynh <[email protected]>, 2015 */
3*9a0e4156SSadaf Ebrahimi
4*9a0e4156SSadaf Ebrahimi // This sample code demonstrates the option CS_OPT_MNEMONIC
5*9a0e4156SSadaf Ebrahimi // to customize instruction mnemonic.
6*9a0e4156SSadaf Ebrahimi
7*9a0e4156SSadaf Ebrahimi #include <stdio.h>
8*9a0e4156SSadaf Ebrahimi #include <stdlib.h>
9*9a0e4156SSadaf Ebrahimi
10*9a0e4156SSadaf Ebrahimi #include <capstone/platform.h>
11*9a0e4156SSadaf Ebrahimi #include <capstone/capstone.h>
12*9a0e4156SSadaf Ebrahimi
13*9a0e4156SSadaf Ebrahimi #define X86_CODE32 "\x75\x01"
14*9a0e4156SSadaf Ebrahimi
15*9a0e4156SSadaf Ebrahimi // Print out the input code in hexadecimal format
print_string_hex(unsigned char * str,size_t len)16*9a0e4156SSadaf Ebrahimi static void print_string_hex(unsigned char *str, size_t len)
17*9a0e4156SSadaf Ebrahimi {
18*9a0e4156SSadaf Ebrahimi unsigned char *c;
19*9a0e4156SSadaf Ebrahimi
20*9a0e4156SSadaf Ebrahimi for (c = str; c < str + len; c++) {
21*9a0e4156SSadaf Ebrahimi printf("%02x ", *c & 0xff);
22*9a0e4156SSadaf Ebrahimi }
23*9a0e4156SSadaf Ebrahimi printf("\t");
24*9a0e4156SSadaf Ebrahimi }
25*9a0e4156SSadaf Ebrahimi
26*9a0e4156SSadaf Ebrahimi // Print one instruction
print_insn(csh handle)27*9a0e4156SSadaf Ebrahimi static void print_insn(csh handle)
28*9a0e4156SSadaf Ebrahimi {
29*9a0e4156SSadaf Ebrahimi cs_insn *insn;
30*9a0e4156SSadaf Ebrahimi size_t count;
31*9a0e4156SSadaf Ebrahimi
32*9a0e4156SSadaf Ebrahimi count = cs_disasm(handle, (const uint8_t *)X86_CODE32, sizeof(X86_CODE32) - 1, 0x1000, 1, &insn);
33*9a0e4156SSadaf Ebrahimi if (count) {
34*9a0e4156SSadaf Ebrahimi print_string_hex((unsigned char *)X86_CODE32, sizeof(X86_CODE32) - 1);
35*9a0e4156SSadaf Ebrahimi printf("\t%s\t%s\n", insn[0].mnemonic, insn[0].op_str);
36*9a0e4156SSadaf Ebrahimi // Free memory allocated by cs_disasm()
37*9a0e4156SSadaf Ebrahimi cs_free(insn, count);
38*9a0e4156SSadaf Ebrahimi } else {
39*9a0e4156SSadaf Ebrahimi printf("ERROR: Failed to disasm given code!\n");
40*9a0e4156SSadaf Ebrahimi abort();
41*9a0e4156SSadaf Ebrahimi }
42*9a0e4156SSadaf Ebrahimi }
43*9a0e4156SSadaf Ebrahimi
test()44*9a0e4156SSadaf Ebrahimi static void test()
45*9a0e4156SSadaf Ebrahimi {
46*9a0e4156SSadaf Ebrahimi csh handle;
47*9a0e4156SSadaf Ebrahimi cs_err err;
48*9a0e4156SSadaf Ebrahimi // Customize mnemonic JNE to "jnz"
49*9a0e4156SSadaf Ebrahimi cs_opt_mnem my_mnem = { X86_INS_JNE, "jnz" };
50*9a0e4156SSadaf Ebrahimi // Set .mnemonic to NULL to reset to default mnemonic
51*9a0e4156SSadaf Ebrahimi cs_opt_mnem default_mnem = { X86_INS_JNE, NULL };
52*9a0e4156SSadaf Ebrahimi
53*9a0e4156SSadaf Ebrahimi err = cs_open(CS_ARCH_X86, CS_MODE_32, &handle);
54*9a0e4156SSadaf Ebrahimi if (err) {
55*9a0e4156SSadaf Ebrahimi printf("Failed on cs_open() with error returned: %u\n", err);
56*9a0e4156SSadaf Ebrahimi abort();
57*9a0e4156SSadaf Ebrahimi }
58*9a0e4156SSadaf Ebrahimi
59*9a0e4156SSadaf Ebrahimi // 1. Print out the instruction in default setup.
60*9a0e4156SSadaf Ebrahimi printf("Disassemble X86 code with default instruction mnemonic\n");
61*9a0e4156SSadaf Ebrahimi print_insn(handle);
62*9a0e4156SSadaf Ebrahimi
63*9a0e4156SSadaf Ebrahimi // Customized mnemonic JNE to JNZ using CS_OPT_MNEMONIC option
64*9a0e4156SSadaf Ebrahimi printf("\nNow customize engine to change mnemonic from 'JNE' to 'JNZ'\n");
65*9a0e4156SSadaf Ebrahimi cs_option(handle, CS_OPT_MNEMONIC, (size_t)&my_mnem);
66*9a0e4156SSadaf Ebrahimi
67*9a0e4156SSadaf Ebrahimi // 2. Now print out the instruction in newly customized setup.
68*9a0e4156SSadaf Ebrahimi print_insn(handle);
69*9a0e4156SSadaf Ebrahimi
70*9a0e4156SSadaf Ebrahimi // Reset engine to use the default mnemonic of JNE
71*9a0e4156SSadaf Ebrahimi printf("\nReset engine to use the default mnemonic\n");
72*9a0e4156SSadaf Ebrahimi cs_option(handle, CS_OPT_MNEMONIC, (size_t)&default_mnem);
73*9a0e4156SSadaf Ebrahimi
74*9a0e4156SSadaf Ebrahimi // 3. Now print out the instruction in default setup.
75*9a0e4156SSadaf Ebrahimi print_insn(handle);
76*9a0e4156SSadaf Ebrahimi
77*9a0e4156SSadaf Ebrahimi // Done
78*9a0e4156SSadaf Ebrahimi cs_close(&handle);
79*9a0e4156SSadaf Ebrahimi }
80*9a0e4156SSadaf Ebrahimi
main()81*9a0e4156SSadaf Ebrahimi int main()
82*9a0e4156SSadaf Ebrahimi {
83*9a0e4156SSadaf Ebrahimi test();
84*9a0e4156SSadaf Ebrahimi
85*9a0e4156SSadaf Ebrahimi return 0;
86*9a0e4156SSadaf Ebrahimi }
87