* Avoids leak in wasm details
Extending cs_detail in capstone.h
* Safety checks before allocating memory for brtable in WASM
* Revert "Avoids leak in wasm details"
This reverts commit 03f822b34a03f23554aaffb2951b62c62645e5e5.
* Refactoring brtable for WASM
* Fix undefined shift in WASM get_varuint64
* Basic changes of new arch - BPF
* Define some constants
* defined some API methods
* Able to print MISC instruction
* Follow Linux coding style
* Ability to show ALU insn names
* decode return
* Add suite/MC/BPF
* decode jump
* decode store
* decode load
* print instruction done
* try to implement BPF_reg_access
* Implements explicit accessed registers and fix some tiny bugs
* Fix unhandled ja case
* Added BPF_REG_OFF do fix wrong display in jump class
* Great I'm able to decode cBPF with eyes
* Fix: misunderstood the 16-byte instruction's imm
* Add ldxdw
* Add extended-all.cs
* Implements cstest/bpf_getdetail.c
* Fix memory leak
* Add BPF to fuzz
* Implemented regs_read and regs_write
* Fix missing write-access on ALU's dst
* Updated cstool/, test_basic.c, test_detail.c, and test_iter.c
* Updated docs
* Fix type of cs_bpf#operands
* Implements python bindings
* Fix some bugs found by self code review
* Remove dummy tests
* remove typeof
* Address comments
* Fix MSVC's warnings and add test_bpf.py to bindings/python/Makefile
* Fix: call is not offset
* Avoids overflow in getRegisterName for TMS320C64x
* Revert "Avoids overflow in getRegisterName for TMS320C64x"
This reverts commit 18acee60cd.
* Checks register in DecodeMemOperandSc
* Bump the "cs_insn.bytes[]" size to 24 (from 16) to support M680x0 instructions with full EA (maximum 11 words)
Added a test for this in test_m68k.s
* Bump the "cs_detail.regs_read[]" size to 16 (from 12) to support M680x0 instructions with full REG_BITS (Dn+An = 16)
* m68k: use immediate mode syntax (#$0) for movem/fmovem instructions with empty register list
* update bindings to match changes to cs_insn and cs_detail
* Bump the "cs_insn.bytes[]" size to 24 (from 16) to support M680x0 instructions with full EA (maximum 11 words)
Added a test for this in test_m68k.s
* Bump the "cs_detail.regs_read[]" size to 16 (from 12) to support M680x0 instructions with full REG_BITS (Dn+An = 16)
* m68k: use immediate mode syntax (#$0) for movem/fmovem instructions with empty register list
* update bindings to match changes to cs_insn and cs_detail
* Bump the "cs_insn.bytes[]" size to 24 (from 16) to support M680x0 instructions with full EA (maximum 11 words)
Added a test for this in test_m68k.s
* Bump the "cs_detail.regs_read[]" size to 16 (from 12) to support M680x0 instructions with full REG_BITS (Dn+An = 16)
* m68k: use immediate mode syntax (#$0) for movem/fmovem instructions with empty register list
* update bindings to match changes to cs_insn and cs_detail
* Fixes#1317 - arm thb operand.shift.value
For a more detailed description, see issue #1317.
Release 4.0.0 introduced a new field for ARM operands:
`operand.mem.lshift`. This field was supposed to be a bug fix for #246.
The #246 issue has been fixed in the meantime and the proper shift value
was stored in `operand.shift.value`.
The 4.0.0 changes created a regression in which `operand.shift.value`
was not set for a `tbh [r0, r1, lsl #1]` instruction on ARM and the
value was set in a `operand.mem.lshift` field instead.
As the regression broke some of users codebase (e.g. in
[manticore](https://github.com/trailofbits/manticore/pull/1312) project), we fix it by setting
`operand.shift.value` back again.
As a result, the shift value is set in two fields: `operand.shift.value`
and `operand.mem.lshift`. As the `operand.shift` also stores a `.type`
field, we might want to deprecate `operand.mem.lshift` in the future.
* Add changelog stub
cmp instruction does not modify its operands. Currently, cmp
variants that accept a memory operand have CS_AC_WRITE access mode
set. This commit removes CS_AC_WRITE mode from cmp variants that
have it.
The last argument should be the max size of the destination, not the
source buffer. A null byte is added to the end of the destination buffer
since strncpy only adds one if it does not truncate the source.
This fixes the -Wstringop-overflow warning on GCC.
* arch/TMS320C64x: fix underflow
(patch coming from radare2)
* arch/TMS320C64x: fix spaces between if/for/while and parenthesis
* arch/TMS320C64x: switch back to ==
* arch/TMS320C64x: fix underflow
(patch coming from radare2)
* arch/TMS320C64x: fix spaces between if/for/while and parenthesis
* arch/TMS320C64x: switch back to ==
* Update init of cs_detail for AArch64
as @aquynh requested in #1125
* Update init of cs_detail for ARM
as @aquynh requested in #1125
* Update init of cs_detail for EVM
as @aquynh requested in #1125
* Update init of cs_detail for M680X
as @aquynh requested in #1125
* Update init of cs_detail for M68K
as @aquynh requested in #1125
* Update init of cs_detail for Mips
as @aquynh requested in #1125
* Update init of cs_detail for PowerPC
as @aquynh requested in #1125
* Update init of cs_detail for Sparc
as @aquynh requested in #1125
* Update init of cs_detail for SystemZ
as @aquynh requested in #1125
* Update init of cs_detail for TMS320C64x
as @aquynh requested in #1125
* Update init of cs_detail for XCore
as @aquynh requested in #1125
* Comment on init of cs_detail
* wrap long lines
* merge encoding branch into next branch
* added python bindings and updated test to support encoding
* fix python import
* fix py binding fields
* fix disp size printing
* fixed py binding, again
* Update CREDITS.TXT
* fixed formatting and a cast
* Changed param from int to uint8_t, fixed warnings
* Added encoding field to instructions, as per encoding branch
The encoding branch appears to have added some useful fields
accessible from the public API, including the size and offsets
of displacements and immediates in instructions. I needed access
to these fields, but the encoding branch is months behind the
active branches, so I took the minimum code from the old encoding
branch and put them into a more recent version of master.
It does seem that the most recent version does not have an offset
for the modRM byte in the InternalInstruction struct, so I did
not keep this field when bringing it to the more recent version.
I also added some of the changes made by user jellever, who added
support for accessing these new fields from the python bindings.
(cherry picked from commit d358c4b987cc77af90e24da15937e021c42f682f)
* Fixed bug with python bindings from adding encoding field
I had forgotten an import that resulted in failure when trying
to obtain instruction details.
(cherry picked from commit 44a15e378900efb624e7cdb952d32558ba0de684)
* promoted displacement to 64 bits
* Added modrm offset
* formatting from review fixed
* updated 32 bit C tests
* Added 64 and 16 bit C tests
* Updated python tests
* fixed formatting and size in py bindings
* Delete Solution.VC.db-shm
* Delete Solution.VC.db-wal
* Update test_x86.c
* fixed formatting and conditional prints
* fixed formatting
* Initialize X86 necessaryPrefixLocation
* necessaryPrefixLocation initialization to -1
* Revert "necessaryPrefixLocation initialization to -1"
This reverts commit 04fc4b6702.
* Initialize X86 necessaryPrefixLocation
* necessaryPrefixLocation initialization to -1
* Revert "necessaryPrefixLocation initialization to -1"
This reverts commit 04fc4b6702.
* Declare global arch arrays with contents (#1171)
This eliminates the need for archs_enable() and eliminates the racey
initialization.
This makes the architecture-specific init and option functions
non-static so that they may be called from a different file.
Cherry-picked 853a2870
* Add cs_arch_disallowed_mode_mask global
Cherry-pick 94bce437:
mips: CS_MODE_MIPS32R6 implies CS_MODE_32
Cherry-pick 8998a3a1:
ppc: fix endian check (#1029)
Fixes bug where endianness could not be set for ppc.
Remove `big_endian` field of `cs_struct`.
Added a helper macro `MODE_IS_BIG_ENDIAN()` to check if
`CS_MODE_BIG_ENDIAN` is set.
Refactored `cs_open()` check for valid mode out of arch-specific code
into arch-independent code. Also added a valid mode check to
`cs_option()`. The checks use a new global array
`cs_arch_disallowed_mode_mask[]`.
* Make global arrays static
Make all_arch uint32_t to guarantee a certain number of bits (with
adequate room for growth).
This eliminates the need for archs_enable() and eliminates the racey
initialization.
This makes the architecture-specific init, option, and destroy functions
non-static so that they may be called from a different file.
* Fix undefined shifts
Found by oss-fuzz
uint8_t gets promoted to integer
and integers shift cannot overflow on sign bit
* Fix undefined shifts
shifting 31 bits the sign bit
* Fix undefined shifts
uint8 gets promoted to signed integer
in ARM, MIPS, Sparc
in AArch64, PPC and Xcore
* fix undefined shift in powerpc
* Fix undefined shift in Mips
use mulitply instead
* Branch targets are a separate addressing mode
Branch targets are relative displacements that identify code locations. These are neither .w nor .l nor immediates. This change removes the immediate #s before branch target addresses in disassembly, and represents the actual branch instructions more accurately in the cs_m68k_op datastructure.
M68K Python bindings have also been updated.
* m68k_inst.pc handles better; print target for PC relative offsets
Previous changes to branch operations relied on m68k_inst.pc pointing to (start of instruction + 2). This was not the case - it pointed to the end of the current instruction. This change makes it so that m68k_inst.pc points to (start of instruction), which is simple to work with.
It also changes printing of PC relative offsets to print the absolute target address, which is consistent with how most 68000 assemblers & disassemblers behave.
* Added new M680X target. Supports M6800/1/2/3/9, HD6301
* M680X: Reformat for coding guide lines. Set alphabetical order in HACK.TXT
* M680X: Prepare for python binding. Move cs_m680x, m680x_insn to m680x_info. Chec
> k cpu type, no default.
* M680X: Add python bindings. Added python tests.
* M680X: Added cpu types to usage message.
* cstool: Avoid segfault for invalid <arch+mode>.
* Make test_m680x.c/test_m680x.py output comparable (diff params: -bu). Keep xprint.py untouched.
* M680X: Update CMake/make for m680x support. Update .gitignore.
* M680X: Reduce compiler warnings.
* M680X: Reduce compiler warnings.
* M680X: Reduce compiler warnings.
* M680X: Make test_m680x.c/test_m680x.py output comparable (diff params: -bu).
* M680X: Add ocaml bindings and tests.
* M680X: Add java bindings and tests.
* M680X: Added tests for all indexed addressing modes. C/Python/Ocaml
* M680X: Naming, use page1 for PAGE1 instructions (without prefix).
* M680X: Naming, use page1 for PAGE1 instructions (without prefix).
* M680X: Used M680X_FIRST_OP_IN_MNEM in tests C/python/java/ocaml.
* M680X: Added access property to cs_m680x_op.
* M680X: Added operand size.
* M680X: Remove compiler warnings.
* M680X: Added READ/WRITE access property per operator.
* M680X: Make reg_inherent_hdlr independent of CPU type.
* M680X: Add HD6309 support + bug fixes
* M680X: Remove errors and warning.
* M680X: Add Bcc/LBcc to group BRAREL (relative branch).
* M680X: Add group JUMP to BVS/BVC/LBVS/LBVC. Remove BRAREL from BRN/LBRN.
* M680X: Remove LBRN from group BRAREL.
* M680X: Refactored cpu_type initialization for better readability.
* M680X: Add two operands for insn having two reg. in mnemonic. e.g. ABX.
* M680X: Remove typo in cstool.c
* M680X: Some format improvements in changed_regs.
* M680X: Remove insn id string list from tests (C/python/java/ocaml).
* M680X: SEXW, set access of reg. D to WRITE.
* M680X: Sort changed_regs in increasing m680x_insn order.
* M680X: Add M68HC11 support + Reduced from two to one INDEXED operand.
* M680X: cstool, also write '(in mnemonic)' for second reg. operand.
* M680X: Add BRN/LBRN to group JUMP and BRAREL.
* M680X: For Bcc/LBcc/BRSET/BRCLR set reg. CC to read access.
* M680X: Correctly print negative immediate values with option CS_OPT_UNSIGNED.
* M680X: Rename some instruction handlers.
* M680X: Add M68HC05 support.
* M680X: Dont print prefix '<' for direct addr. mode.
* M680X: Add M68HC08 support + resorted tables + bug fixes.
* M680X: Add Freescale HCS08 support.
* M680X: Changed group names, avoid spaces.
* M680X: Refactoring, rename addessing mode handlers.
* M680X: indexed addr. mode, changed pre/post inc-/decrement representation.
* M680X: Rename some M6809/HD6309 specific functions.
* M680X: Add CPU12 (68HC12/HCS12) support.
* M680X: Correctly display illegal instruction as FCB .
* M680X: bugfix: BRA/BRN/BSR/LBRA/LBRN/LBSR does not read CC reg.
* M680X: bugfix: Correctly check for sufficient code size for M6809 indexed addressing.
* M680X: Better support for changing insn id within handler for addessing mode.
* M680X: Remove warnings.
* M680X: In set_changed_regs_read_write_counts use own access_mode.
* M680X: Split cpu specific tables into separate *.inc files.
* M680X: Remove warnings.
* M680X: Removed address_mode. Addressing mode is available in operand.type
* M680X: Bugfix: BSET/BCLR/BRSET/BRCLR correct read/modify CC reg.
* M680X: Remove register TMP1. It is first visible in CPU12X.
* M680X: Performance improvement + bug fixes.
* M680X: Performance improvement, make cpu_tables const static.
* M680X: Simplify operand decoding by using two handlers.
* M680X: Replace M680X_OP_INDEX by M680X_OP_CONSTANT + bugfix in java/python/ocaml bindings.
* M680X: Format with astyle.
* M680X: Update documentation.
* M680X: Corrected author for m680x specific files.
* M680X: Make max. number of architectures single source.
* Remove `big_endian` field of `cs_struct`
Added a helper macro `MODE_IS_BIG_ENDIAN()` to check if
`CS_MODE_BIG_ENDIAN` is set.
Refactored `cs_open()` check for valid mode out of arch-specific code
into arch-independent code. Also added a valid mode check to
`cs_option()`. The checks use a new global array
`arch_disallowed_mode_mask[]`, which is initialized in the arch-specific
`*_enable()` functions.
Fixes bug where endianness could not be set for ppc.
* Fix Mac OS brew for Travis CI
This is one of those “how did this ever work?” changes. Problem was that as m68k_op was aliased with the imm value so when changing that to something big it would trash the values in the mem struct which would make things go really bad.
Now m68k_op_mem has been moved out of the union so this will not happen again. Also fixed instruction printing bug related to this (just happend to “work” due to the old union layout)
* Fix selection of mips disasm handler
handle->disasm was incorrectly set to Mips64_getInstruction if CS_MODE_MIPS32R6
was set but CS_MODE_32 was not set. Now, CS_MODE_32 is set automatically if
CS_MODE_MIPS32R6 is set.
* Align with current style
* Add a new group for relative branching instructions
* x86: Add relative branch group to appropiate instructions
* Rename RELATIVE_BRANCH to BRANCH_RELATIVE
* aarch64: Add relative branch group to appropiate instructions
* arm: Add relative branch group to appropiate instructions
* m68k: Add relative branch group to appropiate instructions
* mips: Add relative branch group to appropiate instructions
* arm64: handling of system registers added in ARMv8.2
This commit adds handling of system registers added in ARMv8.2.
Those registers are accessed by mrs and msr instructions.
Changes based on https://static.docs.arm.com/ddi0487/b/DDI0487B_a_armv8_arm.pdf, chapters D7.2-5.
List of added registers:
id_mmfr4_el1
id_aa64mmfr2_el1
sctlr_el12
cpacr_el12
ttbr0_el12
ttbr1_el12
ttbr1_el2
tcr_el12
spsr_el12
elr_el12
afsr0_el12
afsr1_el12
esr_el12
far_el12
mair_el12
amair_el12
vbar_el12
cntkctl_el12
cnthv_ctl_el2
cnthv_cval_el2
cnthv_tval_el2
cntp_tval_el02
cntp_cval_el02
cntv_ctl_el02
ntv_cval_el02
cntv_tval_el02
lorid_el1
lorc_el1
lorea_el1
lorn_el1
lorsa_el1
contextidr_el12
sign-of: Michalina Oleksy (https://github.com/layika)
* arm64: handling of system registers added in ARMv8.1/2
v8.1:
PAN (https://static.docs.arm.com/ddi0487/b/DDI0487B_a_armv8_arm.pdf, page 358)
PAN (as pstate field)
contextdir_el2
v8.2:
UAO (https://static.docs.arm.com/ddi0487/b/DDI0487B_a_armv8_arm.pdf, page 403)
UAO (as pstate field)
* arm64: handling of system registers for statistical profiling
Added handling of system registers for statistical profiling extension based on https://static.docs.arm.com/ddi0586/a/DDI0586A_Statistical_Profiling_Extension.pdf
* Update AArch64BaseInfo.h
* arm64: An attempt to fix indentation
* Add FPUFLAGS information.
* Change the structure insn_op: from uint64_t eflags to union{ uint64_t eflags, uint64_t fpuflags; }.
* Adjust the modified structure insn_op.
* Add missing flags.
* Change flags information acorrding to xed files and instruction manual.
* Rename fpuflags to fpu_flags.
* Updating flags information accoring to manual and xed files.
* Changing the name eflags to flags.
* Printing the FPU_FLAGS information when it belongs to group X86_GRP_FPU.
* Defining new flags.
* Updating flags information according to manual and xed files.
* Adding X86_GRP_FPU to all the instructions which have modified fpu_flags.
* Solving the conflict problem when do git commit.
* Rectify the annotation within the structure insn_op.
* Supplement fpu flags information for floating-point instructions which missed fpu flags before.
* Print fpu group information when an instructure belongs to X86_GRP_FPU.
* Add two new groups ARM64_GRP_BASE(base instructions) and ARM64_GRP_FPSIMD(SIMD&FP instructions).
* Revert "Add two new groups ARM64_GRP_BASE(base instructions) and ARM64_GRP_FPSIMD(SIMD&FP instructions)."
This reverts commit 8ab50e80a3.
* X86 clean up.
* Clean up arch/X86/X86MappingInsn.inc.
* Double check.
* Delete files.
* Clean up x86.
* Clean up reduce file
* Fix btr
* fix x86
