Magic-Mirror/capstone
1
0
Fork 0
mirror of https://github.com/capstone-engine/capstone.git synced 2024-11-27 07:20:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

number of bytes skipped by SKIPDATA option depends on arch

Browse Source
This commit is contained in:
Nguyen Anh Quynh 2014-04-10 11:53:46 +08:00
parent c75a909371
commit a89383e81f
2 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cs.c
View File

@ -294,6 +294,7 @@ static void fill_insn(struct cs_struct *handle, cs_insn *insn, char *buffer, MCI
}
// how many bytes will we skip when encountering data (CS_OPT_SKIPDATA)?
// this very much depends on instruction alignment requirement of each arch.
static uint8_t skipdata_size(cs_struct *handle)
{
switch(handle->arch) {
@ -301,12 +302,20 @@ static uint8_t skipdata_size(cs_struct *handle)
// should never reach
return -1;
case CS_ARCH_ARM:
// skip 2 bytes on Thumb mode.
if (handle->mode & CS_MODE_THUMB)
return 2;
// otherwise, skip 4 bytes
return 4;
case CS_ARCH_ARM64:
case CS_ARCH_MIPS:
case CS_ARCH_PPC:
case CS_ARCH_SPARC:
// skip 4 bytes
return 4;
case CS_ARCH_SYSZ:
// skip 2 bytes due to instruction alignment
// SystemZ instruction's length can be 2, 4 or 6 bytes,
// so we just skip 2 bytes
return 2;
case CS_ARCH_X86:
// X86 has no restriction on instruction alignment

19
include/capstone.h
View File

@ -118,13 +118,22 @@ typedef struct cs_opt_skipdata {
// User can specify the string for this instruction's "mnemonic" here.
// By default (if @mnemonic is NULL), Capstone use ".db".
const char *mnemonic;
// User-defined callback function to be called when Capstone hits data.
// If the returned value from this callback is positive (>0), Capstone will skip exactly
// that number of bytes & continue. Otherwise, if the callback returns 0, Capstone stops
// disassembling and returns immediately from cs_disasm_ex()
// NOTE: if this callback pointer is NULL, Capstone skip 1 byte on X86, and 2 bytes on
// every other architectures.
// If the returned value from this callback is positive (>0), Capstone
// will skip exactly that number of bytes & continue. Otherwise, if
// the callback returns 0, Capstone stops disassembling and returns
// immediately from cs_disasm_ex()
// NOTE: if this callback pointer is NULL, Capstone would skip a number
// of bytes depending on architectures, as following:
// Arm: 2 bytes (Thumb mode) or 4 bytes.
// Arm64: 4 bytes.
// Mips: 4 bytes.
// Sparc: 4 bytes.
// SystemZ: 2 bytes.
// X86: 1 bytes.
cs_skipdata_cb_t callback; // default value is NULL
// User-defined data to be passed to @callback function pointer.
void *user_data;
} cs_opt_skipdata;