Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
Go to file
Disconnect3d 6e29dfa2c0 Fix arm thb instruction shift value (#1330)
* Fixes #1317 - arm thb operand.shift.value

For a more detailed description, see issue #1317.

Release 4.0.0 introduced a new field for ARM operands:
`operand.mem.lshift`. This field was supposed to be a bug fix for #246.
The #246 issue has been fixed in the meantime and the proper shift value
was stored in `operand.shift.value`.

The 4.0.0 changes created a regression in which `operand.shift.value`
was not set for a `tbh [r0, r1, lsl #1]` instruction on ARM and the
value was set in a `operand.mem.lshift` field instead.

As the regression broke some of users codebase (e.g. in
[manticore](https://github.com/trailofbits/manticore/pull/1312) project), we fix it by setting
`operand.shift.value` back again.

As a result, the shift value is set in two fields: `operand.shift.value`
and `operand.mem.lshift`. As the `operand.shift` also stores a `.type`
field, we might want to deprecate `operand.mem.lshift` in the future.

* Add changelog stub
2019-01-02 09:51:22 +08:00
arch Fix arm thb instruction shift value (#1330) 2019-01-02 09:51:22 +08:00
bindings
contrib
cstool
docs
include
msvc
packages
suite
tests
windows
windowsce
xcode
.appveyor.yml
.gitattributes
.gitignore
.travis.yml
capstone.pc.in
ChangeLog
CMakeLists.txt
COMPILE_CMAKE.TXT
COMPILE_MSVC.TXT
COMPILE.TXT
config.mk
CREDITS.TXT
cs_priv.h
cs.c
functions.mk
HACK.TXT
LEB128.h
LICENSE_LLVM.TXT
LICENSE.TXT
make.sh
Makefile
MathExtras.h
MCDisassembler.h
MCFixedLenDisassembler.h
MCInst.c
MCInst.h
MCInstrDesc.c
MCInstrDesc.h
MCRegisterInfo.c
MCRegisterInfo.h
nmake-x86.bat
nmake.bat
pkgconfig.mk
README.md
RELEASE_NOTES
SStream.c
SStream.h
TODO
utils.c
utils.h

Capstone Engine

Build Status Build status

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community.

Created by Nguyen Anh Quynh, then developed and maintained by a small community, Capstone offers some unparalleled features:

  • Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K, Mips, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64).

  • Having clean/simple/lightweight/intuitive architecture-neutral API.

  • Provide details on disassembled instruction (called “decomposer” by others).

  • Provide semantics of the disassembled instruction, such as list of implicit registers read & written.

  • Implemented in pure C language, with lightweight bindings for D, Clojure, F#, Common Lisp, Visual Basic, PHP, PowerShell, Emacs, Haskell, Perl, Python, Ruby, C#, NodeJS, Java, GO, C++, OCaml, Lua, Rust, Delphi, Free Pascal & Vala ready either in main code, or provided externally by the community).

  • Native support for all popular platforms: Windows, Mac OSX, iOS, Android, Linux, *BSD, Solaris, etc.

  • Thread-safe by design.

  • Special support for embedding into firmware or OS kernel.

  • High performance & suitable for malware analysis (capable of handling various X86 malware tricks).

  • Distributed under the open source BSD license.

Further information is available at http://www.capstone-engine.org

Compile

See COMPILE.TXT file for how to compile and install Capstone.

Documentation

See docs/README for how to customize & program your own tools with Capstone.

Hack

See HACK.TXT file for the structure of the source code.

License

This project is released under the BSD license. If you redistribute the binary or source code of Capstone, please attach file LICENSE.TXT with your products.