本文整理汇总了C++中cs_disasm函数的典型用法代码示例。如果您正苦于以下问题:C++ cs_disasm函数的具体用法?C++ cs_disasm怎么用?C++ cs_disasm使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了cs_disasm函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: disassemble
static int disassemble(RAsm *a, RAsmOp *op, const ut8 *buf, int len) {
static int omode = 0;
int n, ret;
ut64 off = a->pc;
cs_insn* insn;
int mode = (a->big_endian)? CS_MODE_BIG_ENDIAN: CS_MODE_LITTLE_ENDIAN;
if (handle && mode != omode) {
cs_close (&handle);
handle = 0;
}
op->size = 0;
omode = mode;
op->buf_asm[0] = 0;
if (handle == 0) {
ret = cs_open (CS_ARCH_PPC, mode, &handle);
if (ret) return 0;
}
cs_option (handle, CS_OPT_DETAIL, CS_OPT_OFF);
n = cs_disasm (handle, (const ut8*)buf, len, off, 1, &insn);
op->size = 4;
if (n > 0 && insn->size > 0) {
snprintf (op->buf_asm, R_ASM_BUFSIZE, "%s%s%s",
insn->mnemonic, insn->op_str[0]?" ":"",
insn->op_str);
cs_free (insn, n);
return op->size;
}
//op->size = -1;
cs_free (insn, n);
return 4;
}
开发者ID:AmesianX,项目名称:radare2,代码行数:33,代码来源:asm_ppc_cs.c
示例2: disassemble
static int disassemble(RAsm *a, RAsmOp *op, const ut8 *buf, int len) {
static int omode = 0;
int mode, n, ret;
ut64 off = a->pc;
cs_insn* insn = NULL;
mode = CS_MODE_BIG_ENDIAN;
if (cd && mode != omode) {
cs_close (&cd);
cd = 0;
}
op->size = 0;
omode = mode;
if (cd == 0) {
ret = cs_open (CS_ARCH_SYSZ, mode, &cd);
if (ret) return 0;
cs_option (cd, CS_OPT_DETAIL, CS_OPT_OFF);
}
n = cs_disasm (cd, (const ut8*)buf, len, off, 1, &insn);
if (n>0) {
if (insn->size>0) {
op->size = insn->size;
char *ptrstr;
snprintf (op->buf_asm, R_ASM_BUFSIZE, "%s%s%s",
insn->mnemonic, insn->op_str[0]?" ":"",
insn->op_str);
ptrstr = strstr (op->buf_asm, "ptr ");
if (ptrstr) {
memmove (ptrstr, ptrstr+4, strlen (ptrstr+4)+1);
}
}
cs_free (insn, n);
}
return op->size;
}
开发者ID:13572293130,项目名称:radare2,代码行数:34,代码来源:asm_sysz.c
示例3: disassemble
static int disassemble(RAsm *a, RAsmOp *op, const ut8 *buf, int len) {
csh handle;
cs_insn* insn;
int mode, n, ret = -1;
mode = a->big_endian? CS_MODE_BIG_ENDIAN: CS_MODE_LITTLE_ENDIAN;
if (a->cpu && *a->cpu) {
if (!strcmp (a->cpu, "v9")) {
mode |= CS_MODE_V9;
}
}
memset (op, 0, sizeof (RAsmOp));
op->size = 4;
ret = cs_open (CS_ARCH_SPARC, mode, &handle);
if (ret) goto fin;
cs_option (handle, CS_OPT_DETAIL, CS_OPT_OFF);
n = cs_disasm (handle, (ut8*)buf, len, a->pc, 1, &insn);
if (n<1) {
strcpy (op->buf_asm, "invalid");
op->size = 4;
ret = -1;
goto beach;
} else ret = 4;
if (insn->size<1)
goto beach;
op->size = insn->size;
snprintf (op->buf_asm, R_ASM_BUFSIZE, "%s%s%s",
insn->mnemonic, insn->op_str[0]? " ": "",
insn->op_str);
// TODO: remove the '$'<registername> in the string
cs_free (insn, n);
beach:
cs_close (&handle);
fin:
return ret;
}
开发者ID:13572293130,项目名称:radare2,代码行数:35,代码来源:asm_sparc_cs.c
示例4: parse_instructions
//Function parsing needs all of the instructions, and translating into C needs all of the instructions, but storing all of the instructions between those two points in time
//takes up an enourmous amount of memory. So we need a seperate function from the init function to disassemble all of the instructions in a jump block a second time.
void parse_instructions (jump_block* to_parse)
{
uint8_t* current = file_buf + addr_to_index (to_parse->start);
size_t size = to_parse->end - to_parse->start;
cs_disasm (handle, current, size, 0x0000, 0, &(to_parse->instructions));
}
开发者ID:killbug2004,项目名称:triad-decompiler,代码行数:9,代码来源:jump_block.c
示例5: eat_instructions
size_t eat_instructions(void *func, size_t target)
{
csh handle;
cs_insn *insn;
size_t cnt;
size_t len_cnt = 0;
#ifdef __x86_64__
if (cs_open(CS_ARCH_X86, CS_MODE_64, &handle) != CS_ERR_OK)
return 0;
#elif __i386__
if (cs_open(CS_ARCH_X86, CS_MODE_32, &handle) != CS_ERR_OK)
return 0;
#endif
cnt = cs_disasm(handle, func, 0xF, 0x0, 0, &insn);
for (int k = 0; k < 0xF || !(len_cnt >= target); k++) {
if (len_cnt < target) {
len_cnt+=insn[k].size;
}
}
if (len_cnt < target) {
return 0;
}
return len_cnt;
}
开发者ID:johndpope,项目名称:harpoon,代码行数:26,代码来源:harpoon.c
示例6: analop
static int analop(RAnal *a, RAnalOp *op, ut64 addr, const ut8 *buf, int len) {
csh handle;
cs_insn *insn;
int mode, n, ret;
mode = CS_MODE_BIG_ENDIAN;
if (!strcmp (a->cpu, "v9"))
mode |= CS_MODE_V9;
ret = cs_open (CS_ARCH_XCORE, mode, &handle);
op->type = R_ANAL_OP_TYPE_NULL;
op->size = 0;
op->delay = 0;
r_strbuf_init (&op->esil);
if (ret == CS_ERR_OK) {
cs_option (handle, CS_OPT_DETAIL, CS_OPT_ON);
// capstone-next
n = cs_disasm (handle, (const ut8*)buf, len, addr, 1, &insn);
if (n<1) {
op->type = R_ANAL_OP_TYPE_ILL;
} else {
op->size = insn->size;
switch (insn->id) {
case XCORE_INS_DRET:
case XCORE_INS_KRET:
case XCORE_INS_RETSP:
op->type = R_ANAL_OP_TYPE_RET;
break;
case XCORE_INS_DCALL:
case XCORE_INS_KCALL:
case XCORE_INS_ECALLF:
case XCORE_INS_ECALLT:
op->type = R_ANAL_OP_TYPE_CALL;
op->jump = INSOP(0).imm;
break;
/* ??? */
case XCORE_INS_BL:
case XCORE_INS_BLA:
case XCORE_INS_BLAT:
case XCORE_INS_BT:
case XCORE_INS_BF:
case XCORE_INS_BU:
case XCORE_INS_BRU:
op->type = R_ANAL_OP_TYPE_CALL;
op->jump = INSOP(0).imm;
break;
case XCORE_INS_SUB:
case XCORE_INS_LSUB:
op->type = R_ANAL_OP_TYPE_SUB;
break;
case XCORE_INS_ADD:
case XCORE_INS_LADD:
op->type = R_ANAL_OP_TYPE_ADD;
break;
}
}
cs_free (insn, n);
cs_close (&handle);
}
return op->size;
}
开发者ID:raulsiles,项目名称:radare2,代码行数:60,代码来源:anal_xcore_cs.c
示例7: GetAlignedOpcodeForHook
unsigned int HookFw::GetAlignedOpcodeForHook() {
csh cshHandle;
cs_insn *pInsn;
unsigned int uiIndex;
unsigned int uiCount;
unsigned int uiSizeOfStolenOpcode;
uiSizeOfStolenOpcode = 0;
if (cs_open(CS_ARCH_X86, ARCH_MODE, &cshHandle) != CS_ERR_OK) {
return ERR_CANNOT_RESOLVE_ASM;
}
uiCount = (unsigned int)cs_disasm(cshHandle, (unsigned char *)this->pvSrc, 0x50, 0x100, 0, &pInsn);
if (uiCount > 0) {
uiIndex = 0;
while ((this->nHookLen > uiSizeOfStolenOpcode) && (uiCount >= uiIndex)) {
uiSizeOfStolenOpcode += pInsn[uiIndex++].size;
}
}
else return ERR_CANNOT_RESOLVE_ASM;
return uiSizeOfStolenOpcode;
}
开发者ID:helaibai,项目名称:HookFw,代码行数:26,代码来源:HookFw.cpp
示例8: cs_disasm
DWORD PLH::AbstractDetour::CalculateLength(BYTE* Src, DWORD NeededLength)
{
//Grab First 100 bytes of function, disasm until invalid instruction
cs_insn* InstructionInfo;
size_t InstructionCount = cs_disasm(m_CapstoneHandle, Src, 0x100, (uint64_t)Src, 0, &InstructionInfo);
//Loop over instructions until we have at least NeededLength's Size
XTrace("\nORIGINAL:\n");
DWORD InstructionSize = 0;
bool BigEnough = false;
for (int i = 0; i < InstructionCount && !BigEnough; i++)
{
cs_insn* CurIns = (cs_insn*)&InstructionInfo[i];
InstructionSize += CurIns->size;
if (InstructionSize >= NeededLength)
BigEnough = true;
XTrace("%I64X [%d]: ", CurIns->address, CurIns->size);
for (int j = 0; j < CurIns->size; j++)
XTrace("%02X ", CurIns->bytes[j]);
XTrace("%s %s\n", CurIns->mnemonic, CurIns->op_str);
}
if (!BigEnough)
InstructionSize = 0;
cs_free(InstructionInfo, InstructionCount);
return InstructionSize;
}
开发者ID:johndpope,项目名称:PolyHook,代码行数:28,代码来源:PolyHook.cpp
示例9: test
static void test()
{
#define M68K_CODE "\xf0\x10\xf0\x00\x48\xaf\xff\xff\x7f\xff\x11\xb0\x01\x37\x7f\xff\xff\xff\x12\x34\x56\x78\x01\x33\x10\x10\x10\x10\x32\x32\x32\x32\x4C\x00\x54\x04\x48\xe7\xe0\x30\x4C\xDF\x0C\x07\xd4\x40\x87\x5a\x4e\x71\x02\xb4\xc0\xde\xc0\xde\x5c\x00\x1d\x80\x71\x12\x01\x23\xf2\x3c\x44\x22\x40\x49\x0e\x56\x54\xc5\xf2\x3c\x44\x00\x44\x7a\x00\x00\xf2\x00\x0a\x28\x4E\xB9\x00\x00\x00\x12\x4E\x75"
struct platform platforms[] = {
{
CS_ARCH_M68K,
(cs_mode)(CS_MODE_BIG_ENDIAN | CS_MODE_M68K_040),
(unsigned char*)M68K_CODE,
sizeof(M68K_CODE) - 1,
"M68K",
},
};
uint64_t address = 0x01000;
cs_insn *insn;
int i;
size_t count;
for (i = 0; i < sizeof(platforms)/sizeof(platforms[0]); i++) {
cs_err err = cs_open(platforms[i].arch, platforms[i].mode, &handle);
if (err) {
printf("Failed on cs_open() with error returned: %u\n", err);
abort();
}
cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON);
count = cs_disasm(handle, platforms[i].code, platforms[i].size, address, 0, &insn);
if (count) {
size_t j;
printf("****************\n");
printf("Platform: %s\n", platforms[i].comment);
print_string_hex("Code: ", platforms[i].code, platforms[i].size);
printf("Disasm:\n");
for (j = 0; j < count; j++) {
assert(address == insn[j].address && "this means the size of the previous instruction was incorrect");
address += insn[j].size;
printf("0x%" PRIx64 ":\t%s\t%s\n", insn[j].address, insn[j].mnemonic, insn[j].op_str);
print_insn_detail(&insn[j]);
}
printf("0x%" PRIx64 ":\n", insn[j-1].address + insn[j-1].size);
// free memory allocated by cs_disasm()
cs_free(insn, count);
} else {
printf("****************\n");
printf("Platform: %s\n", platforms[i].comment);
print_string_hex("Code:", platforms[i].code, platforms[i].size);
printf("ERROR: Failed to disasm given code!\n");
abort();
}
printf("\n");
cs_close(&handle);
}
}
开发者ID:AmesianX,项目名称:capstone,代码行数:59,代码来源:test_m68k.c
示例10: cs_disasm
cs_insn *get_insn(void *addr)
{
cs_insn *insn;
size_t ret = cs_disasm(capstone, addr, 16, (uintptr_t)addr, 1, &insn);
if (ret == 0)
return NULL;
return insn;
}
开发者ID:ArchangelGabriel,项目名称:ifscs,代码行数:8,代码来源:hooking_64.c
示例11: test
static void test()
{
#define SYSZ_CODE "\xed\x00\x00\x00\x00\x1a\x5a\x0f\x1f\xff\xc2\x09\x80\x00\x00\x00\x07\xf7\xeb\x2a\xff\xff\x7f\x57\xe3\x01\xff\xff\x7f\x57\xeb\x00\xf0\x00\x00\x24\xb2\x4f\x00\x78\xec\x18\x00\x00\xc1\x7f"
struct platform platforms[] = {
{
CS_ARCH_SYSZ,
CS_MODE_BIG_ENDIAN,
(unsigned char*)SYSZ_CODE,
sizeof(SYSZ_CODE) - 1,
"SystemZ",
},
};
uint64_t address = 0x1000;
cs_insn *insn;
int i;
size_t count;
for (i = 0; i < sizeof(platforms)/sizeof(platforms[0]); i++) {
cs_err err = cs_open(platforms[i].arch, platforms[i].mode, &handle);
if (err) {
printf("Failed on cs_open() with error returned: %u\n", err);
continue;
}
cs_option(handle, CS_OPT_DETAIL, CS_OPT_ON);
count = cs_disasm(handle, platforms[i].code, platforms[i].size, address, 0, &insn);
if (count) {
size_t j;
printf("****************\n");
printf("Platform: %s\n", platforms[i].comment);
print_string_hex("Code:", platforms[i].code, platforms[i].size);
printf("Disasm:\n");
for (j = 0; j < count; j++) {
printf("0x%"PRIx64":\t%s\t%s\n", insn[j].address, insn[j].mnemonic, insn[j].op_str);
print_insn_detail(&insn[j]);
}
printf("0x%"PRIx64":\n", insn[j-1].address + insn[j-1].size);
// free memory allocated by cs_disasm()
cs_free(insn, count);
} else {
printf("****************\n");
printf("Platform: %s\n", platforms[i].comment);
print_string_hex("Code:", platforms[i].code, platforms[i].size);
printf("ERROR: Failed to disasm given code!\n");
}
printf("\n");
cs_close(&handle);
}
}
开发者ID:1833183060,项目名称:capstone,代码行数:57,代码来源:test_systemz.c
示例12: main
int main(int argc, char **argv, char **envp) {
csh handle;
if (cs_open(CS_ARCH_X86, CS_MODE_64, &handle)) {
printf("cs_open(…) failed\n");
return 1;
}
cs_insn *insn;
cs_disasm(handle, (uint8_t *)BINARY, sizeof(BINARY) - 1, 0x1000, 0, &insn);
return 0;
}
开发者ID:2trill2spill,项目名称:nextgen,代码行数:10,代码来源:invalid_read_in_print_operand.c
示例13: r_disa_code
/* Disassemble code */
size_t r_disa_code(r_disa_s *dis, byte_t *code, len_t len, addr_t addr, size_t count) {
assert(dis != NULL);
assert(code != NULL);
r_disa_free_instr_lst(dis);
dis->instr_lst.count = cs_disasm(dis->handle, code, len, addr, count, &dis->instr_lst.head);
return dis->instr_lst.count;
}
开发者ID:0x0mar,项目名称:rop-tool,代码行数:11,代码来源:dis.c
示例14: cs_free
bool Capstone::Disassemble(uint addr, const unsigned char* data, int size)
{
if(!data)
return false;
if(mInstr) //free last disassembled instruction
{
cs_free(mInstr, 1);
mInstr = nullptr;
}
return !!cs_disasm(mHandle, data, size, addr, 1, &mInstr);
}
开发者ID:neatsun,项目名称:x64dbg,代码行数:11,代码来源:capstone_wrapper.cpp
示例15: lde
int lde(void *addr)
{
cs_insn *insn;
size_t ret = cs_disasm(capstone, addr, 16, (uintptr_t)addr, 1, &insn);
if (ret == 0) return 0;
ret = insn->size;
cs_free(insn, 1);
return (int)ret;
}
开发者ID:ArchangelGabriel,项目名称:ifscs,代码行数:12,代码来源:hooking_64.c
示例16: disassemble
static int disassemble(RAsm *a, RAsmOp *op, const ut8 *buf, int len) {
cs_insn* insn = NULL;
cs_mode mode = 0;
int ret, n = 0;
csh cd;
mode = (a->bits==16)? CS_MODE_THUMB: CS_MODE_ARM;
if (a->big_endian)
mode |= CS_MODE_BIG_ENDIAN;
else
mode |= CS_MODE_LITTLE_ENDIAN;
if (a->cpu && strstr (a->cpu, "m"))
mode |= CS_MODE_MCLASS;
if (a->cpu && strstr (a->cpu, "v8"))
mode |= CS_MODE_V8;
op->size = 4;
op->buf_asm[0] = 0;
ret = (a->bits==64)?
cs_open (CS_ARCH_ARM64, mode, &cd):
cs_open (CS_ARCH_ARM, mode, &cd);
if (ret) {
ret = -1;
goto beach;
}
if (a->syntax == R_ASM_SYNTAX_REGNUM) {
cs_option (cd, CS_OPT_SYNTAX, CS_OPT_SYNTAX_NOREGNAME);
} else cs_option (cd, CS_OPT_SYNTAX, CS_OPT_SYNTAX_DEFAULT);
cs_option (cd, CS_OPT_DETAIL, CS_OPT_OFF);
n = cs_disasm (cd, buf, R_MIN (4, len),
a->pc, 1, &insn);
if (n<1) {
ret = -1;
goto beach;
}
if (insn->size<1) {
ret = -1;
goto beach;
}
op->size = insn->size;
snprintf (op->buf_asm, R_ASM_BUFSIZE, "%s%s%s",
insn->mnemonic,
insn->op_str[0]?" ":"",
insn->op_str);
r_str_rmch (op->buf_asm, '#');
cs_free (insn, n);
beach:
cs_close (&cd);
if (!op->buf_asm[0])
strcpy (op->buf_asm, "invalid");
return op->size;
}
开发者ID:pastcompute,项目名称:radare2,代码行数:51,代码来源:asm_arm_cs.c
示例17: disassemble
static int disassemble(RAsm *a, RAsmOp *op, const ut8 *buf, int len) {
cs_insn* insn;
int mode, n, ret = -1;
mode = CS_MODE_BIG_ENDIAN;
if (!op) {
return 0;
}
// mode |= (a->bits == 64)? CS_MODE_64: CS_MODE_32;
memset (op, 0, sizeof (RAsmOp));
op->size = 4;
if (cd != 0) {
cs_close (&cd);
}
ret = cs_open (CS_ARCH_TMS320C64X, mode, &cd);
if (ret) {
goto fin;
}
if (a->syntax == R_ASM_SYNTAX_REGNUM) {
cs_option (cd, CS_OPT_SYNTAX, CS_OPT_SYNTAX_NOREGNAME);
} else {
cs_option (cd, CS_OPT_SYNTAX, CS_OPT_SYNTAX_DEFAULT);
}
cs_option (cd, CS_OPT_DETAIL, CS_OPT_OFF);
n = cs_disasm (cd, (ut8*)buf, len, a->pc, 1, &insn);
if (n < 1) {
strcpy (op->buf_asm, "invalid");
op->size = 4;
goto beach;
} else {
ret = 4;
}
if (insn->size < 1) {
goto beach;
}
op->size = insn->size;
snprintf (op->buf_asm, R_ASM_BUFSIZE, "%s%s%s",
insn->mnemonic, insn->op_str[0]? " ": "",
insn->op_str);
// r_str_replace_in (op->buf_asm, sizeof (op->buf_asm), "*+", "", 1);
// nasty, the disasm output comes with tabs and uppercase :(
r_str_replace_char (op->buf_asm, '\t', 0);
// r_str_replace_in (op->buf_asm, sizeof (op->buf_asm), "\t", "", 1);
r_str_case (op->buf_asm, false);
cs_free (insn, n);
beach:
// cs_close (&cd);
fin:
return op->size;
}
开发者ID:P4N74,项目名称:radare2-extras,代码行数:49,代码来源:asm_tms320c64x.c
示例18: disassemble_instruction_at
static cs_insn *
disassemble_instruction_at (gconstpointer address)
{
csh capstone;
cs_insn * insn = NULL;
cs_open (CS_ARCH_ARM64, CS_MODE_LITTLE_ENDIAN, &capstone);
cs_option (capstone, CS_OPT_DETAIL, CS_OPT_ON);
cs_disasm (capstone, address, 16, GPOINTER_TO_SIZE (address), 1, &insn);
cs_close (&capstone);
return insn;
}
开发者ID:frida,项目名称:frida-gum,代码行数:15,代码来源:gumarm64reader.c
示例19: check_disassembly
void check_disassembly (const unsigned char * buf, size_t size) {
unsigned int i;
struct _wtfile_writer * ww = wtfile_writer_open("disassembly.txt");
if (size < DISASM_SIZE)
return;
for (i = 0; capstone_ops[i].description != NULL; i++) {
struct _capstone_op * cop = &capstone_ops[i];
csh handle;
cs_insn * insn;
size_t count;
if (cs_open(cop->arch, cop->mode, &handle) != CS_ERR_OK) {
fprintf(stderr,
"error opening %s in capstone, results may be incomplete\n",
cop->description);
continue;
}
size_t offset = 0;
for (offset = 0; offset < size - DISASM_SIZE; offset++) {
if (offset > DISASM_LIMIT)
break;
count = cs_disasm(handle, &(buf[offset]), DISASM_SIZE, 0, 0, &insn);
if (count > (DISASM_SIZE / 8)) {
char tmp[4096];
/*************************** RESET INDENT *******************************/
uint32_t t;
t = snprintf(tmp, 4096, "--------------------------------------\n");
t += snprintf(&(tmp[t]), 4096 - t,
"Possible disassembly for %s starting at 0x%x\n",
cop->description, offset);
unsigned int j;
for (j = 0; j < 4; j++) {
t += snprintf(&(tmp[t]), 4096 - t, "%s\t%s\n", insn[j].mnemonic, insn[j].op_str);
}
t += snprintf(&(tmp[t]), 4096 - t, "\n");
wtfile_writer_write(ww, tmp, strlen(tmp));
}
if (count > 0) cs_free(insn, count);
}
cs_close(&handle);
}
}
开发者ID:endeav0r,项目名称:wtfile,代码行数:48,代码来源:wtfile.c
示例20: DisassembleCapOffset
int DisassembleCapOffset(unsigned char *buffer, char opt, unsigned char *second_option, int file_len, unsigned char *third_option)
{
// this option (third option) is responsible for disassemble where it find what and stop
unsigned char *length = third_option;
int offset = 0;
int offset_file = 0;
int buf_len=0;
int offset_address = 0;
// some unit testing ;)
int offsets = strtoul(second_option, NULL, 16);
offset = RealFileOffset(buffer, offsets);
offset_address = offset;
//printf("the real offset is %x\n", offset);
printf("file len is %d\n", file_len);
unsigned char *buf = (unsigned char *)malloc(file_len-offset);
for(offset_file=0 ; offset_file+offset != file_len ; offset_file++) {
buf[offset_file] = buffer[offset+offset_file];
buf_len++;
}
csh handle;
cs_insn *insn;
size_t count;
if(cs_open(CS_ARCH_X86, CS_MODE_32, &handle) != CS_ERR_OK)
return -1;
cs_option(handle, CS_OPT_SKIPDATA, CS_OPT_ON);
count = cs_disasm(handle, buf, buf_len, offset, 0, &insn);
if(count > 0) {
size_t j;
for(j=0; j<count; j++) {
if (strcmp(length, insn[j].mnemonic)==0 || strcmp("retf", insn[j].mnemonic) == 0) {
printf("\x1B[35m\t[ 0x%08x ] : \t\x1B[32m%s\t%s\n", offset_address, insn[j].mnemonic, insn[j].op_str);
break;
}
printf("\x1B[35m\t[ 0x%08x ] : \t\x1B[32m%s\t%s\n", offset_address, insn[j].mnemonic, insn[j].op_str);
offset_address += insn[j].size;
}
cs_free(insn, count);
} else {
printf("failed disassemble\n");
}
}
开发者ID:CyberIntelMafia,项目名称:MalwareFragmentationTool,代码行数:47,代码来源:disasx86_capstone_offset.c
注:本文中的cs_disasm函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论