├── API_Hooking.sln
├── API_Hooking.vcxproj
├── API_Hooking.vcxproj.filters
├── API_Hooking.vcxproj.user
├── LICENSE
├── NewFile.txt
├── Pictures
├── Screenshot 2022-01-19 222132.png
├── Screenshot 2022-01-19 230645.png
├── Screenshot 2022-01-19 233017.png
├── Screenshot 2022-01-20 012403.png
├── Screenshot 2022-02-20 220033.png
├── createprocessa.png
└── createprocessa_!.png
├── README.md
├── Source.cpp
├── capstonex64
└── include
│ ├── capstone
│ ├── arm.h
│ ├── arm64.h
│ ├── capstone.h
│ ├── evm.h
│ ├── m680x.h
│ ├── m68k.h
│ ├── mips.h
│ ├── platform.h
│ ├── ppc.h
│ ├── sparc.h
│ ├── systemz.h
│ ├── tms320c64x.h
│ ├── x86.h
│ └── xcore.h
│ ├── platform.h
│ └── windowsce
│ ├── intrin.h
│ └── stdint.h
├── capstonex86
└── include
│ ├── capstone
│ ├── arm.h
│ ├── arm64.h
│ ├── capstone.h
│ ├── evm.h
│ ├── m680x.h
│ ├── m68k.h
│ ├── mips.h
│ ├── platform.h
│ ├── ppc.h
│ ├── sparc.h
│ ├── systemz.h
│ ├── tms320c64x.h
│ ├── x86.h
│ └── xcore.h
│ ├── platform.h
│ └── windowsce
│ ├── intrin.h
│ └── stdint.h
├── console_output.txt
├── csinclude
├── capstone.lib
├── capstone
│ ├── arm.h
│ ├── arm64.h
│ ├── capstone.h
│ ├── evm.h
│ ├── m680x.h
│ ├── m68k.h
│ ├── mips.h
│ ├── platform.h
│ ├── ppc.h
│ ├── sparc.h
│ ├── systemz.h
│ ├── tms320c64x.h
│ ├── x86.h
│ └── xcore.h
├── platform.h
└── windowsce
│ ├── intrin.h
│ └── stdint.h
├── function_defeniton.h
├── hook.c
├── hook.h
├── hook_function.cpp
├── initial.h
├── ldr.cpp
└── ldr.h
/API_Hooking.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.31702.278
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "API_Hooking", "API_Hooking.vcxproj", "{A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Debug|x64.ActiveCfg = Debug|x64
17 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Debug|x64.Build.0 = Debug|x64
18 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Debug|x86.ActiveCfg = Debug|Win32
19 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Debug|x86.Build.0 = Debug|Win32
20 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Release|x64.ActiveCfg = Release|x64
21 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Release|x64.Build.0 = Release|x64
22 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Release|x86.ActiveCfg = Release|Win32
23 | {A1ED846E-52B5-4B53-A341-CB5AC8BAA9BF}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {3E88DB68-5E6B-4E04-93FF-EE2CA337D0AF}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/API_Hooking.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 16.0
23 | Win32Proj
24 | {a1ed846e-52b5-4b53-a341-cb5ac8baa9bf}
25 | APIHooking
26 | 10.0
27 |
28 |
29 |
30 | Application
31 | true
32 | v143
33 | Unicode
34 |
35 |
36 | Application
37 | false
38 | v143
39 | true
40 | Unicode
41 |
42 |
43 | Application
44 | true
45 | v143
46 | Unicode
47 |
48 |
49 | Application
50 | false
51 | v143
52 | true
53 | Unicode
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 | true
75 | C:\capstone-4.0.2-win32\capstone-4.0.2-win32;$(LibraryPath)
76 |
77 |
78 | false
79 | C:\Users\ereborlugimli\Desktop\API_Hooking\API_Hooking\capstonex86;$(LibraryPath)
80 |
81 |
82 | true
83 | C:\Users\ereborlugimli\Desktop\API_Hooking\API_Hooking\capstonex64;$(LibraryPath)
84 |
85 |
86 | false
87 | C:\Users\ereborlugimli\Desktop\API_Hooking\API_Hooking\capstonex64;$(LibraryPath)
88 |
89 |
90 |
91 | Level3
92 | true
93 | WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
94 | true
95 | C:\Users\ereborlugimli\Desktop\API-Hooking-on-Windows10_\csinclude;%(AdditionalIncludeDirectories)
96 |
97 |
98 | Console
99 | true
100 | capstone.lib;%(AdditionalDependencies)
101 | NotSet
102 | /FORCE:MULTIPLE %(AdditionalOptions)
103 |
104 |
105 |
106 |
107 | Level3
108 | true
109 | true
110 | true
111 | WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
112 | true
113 | C:\Users\ereborlugimli\Desktop\API_Hooking\API_Hooking\capstonex86\include;%(AdditionalIncludeDirectories)
114 | MultiThreaded
115 |
116 |
117 | Console
118 | true
119 | true
120 | true
121 | capstone.lib;%(AdditionalDependencies)
122 | NotSet
123 |
124 |
125 |
126 |
127 | Level3
128 | true
129 | _DEBUG;_CONSOLE;%(PreprocessorDefinitions)
130 | true
131 | C:\Users\ereborlugimli\Desktop\API_Hooking\API_Hooking\capstonex64\include;%(AdditionalIncludeDirectories)
132 |
133 |
134 | Console
135 | true
136 | capstone.lib;%(AdditionalDependencies)
137 | NotSet
138 |
139 |
140 |
141 |
142 | Level3
143 | true
144 | true
145 | true
146 | NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
147 | true
148 | C:\Users\ereborlugimli\Desktop\API_Hooking\API_Hooking\capstonex64\include;%(AdditionalIncludeDirectories)
149 |
150 |
151 | Console
152 | true
153 | true
154 | true
155 | capstone.lib;%(AdditionalDependencies)
156 | NotSet
157 |
158 |
159 |
160 |
161 |
162 |
163 |
164 |
165 |
166 |
167 |
168 |
169 |
170 |
171 |
172 |
173 |
174 |
175 |
176 |
177 |
--------------------------------------------------------------------------------
/API_Hooking.vcxproj.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 | {93995380-89BD-4b04-88EB-625FBE52EBFB}
10 | h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd
11 |
12 |
13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01}
14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms
15 |
16 |
17 |
18 |
19 | Source Files
20 |
21 |
22 | Source Files
23 |
24 |
25 | Source Files
26 |
27 |
28 | Source Files
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 | Header Files
37 |
38 |
39 | Header Files
40 |
41 |
42 | Header Files
43 |
44 |
45 | Header Files
46 |
47 |
48 |
--------------------------------------------------------------------------------
/API_Hooking.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2022 CaptainMoss
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/NewFile.txt:
--------------------------------------------------------------------------------
1 | API HOOKING ON WINDOWS 10 :)
--------------------------------------------------------------------------------
/Pictures/Screenshot 2022-01-19 222132.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/Screenshot 2022-01-19 222132.png
--------------------------------------------------------------------------------
/Pictures/Screenshot 2022-01-19 230645.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/Screenshot 2022-01-19 230645.png
--------------------------------------------------------------------------------
/Pictures/Screenshot 2022-01-19 233017.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/Screenshot 2022-01-19 233017.png
--------------------------------------------------------------------------------
/Pictures/Screenshot 2022-01-20 012403.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/Screenshot 2022-01-20 012403.png
--------------------------------------------------------------------------------
/Pictures/Screenshot 2022-02-20 220033.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/Screenshot 2022-02-20 220033.png
--------------------------------------------------------------------------------
/Pictures/createprocessa.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/createprocessa.png
--------------------------------------------------------------------------------
/Pictures/createprocessa_!.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/Pictures/createprocessa_!.png
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # API Hooking on Windows 10
2 |
3 | ## Overview
4 |
5 | API Hooking on Windows 10 is an engine designed to facilitate the hooking of APIs on the Windows 10 operating system. It provides a reliable mechanism for intercepting function calls and modifying their behavior.
6 |
7 | ## Features
8 |
9 | - **Dynamic DLL Loading**: The engine utilizes the DJB2 hash value for dynamic DLL loading, enhancing efficiency and flexibility.
10 | - **Function Address Resolution**: Function addresses in memory are resolved using the LDR structure, ensuring accurate and reliable hooking.
11 | - **Improved Stability**: The engine offers more stable hooking of functions in the 32-bit architecture, resulting in enhanced performance and compatibility.
12 |
13 | ## Usage
14 |
15 | 1. **Clone the Repository**: Clone the API Hooking on Windows 10 repository: https://github.com/CaptanMoss/API-Hooking-on-Windows10.git
16 | 2. 2. **Build the Engine**: Open the project with Visual Studio and build it.
17 | 3. **Integrate with Your Project**: Incorporate the engine into your project and utilize the provided API hooking functionality.
18 |
19 | ## Example Code
20 |
21 | ```c
22 | #include
23 | #include
24 | #include "function_defeniton.h"
25 |
26 |
27 | int main(int argc, char** argv)
28 | {
29 |
30 | HANDLE hFile = CreateFile(L"NewFile.txt", GENERIC_WRITE, FILE_SHARE_READ, NULL, CREATE_NEW || OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
31 |
32 | if (hFile == INVALID_HANDLE_VALUE)
33 | {
34 | printf_s("%d\n", GetLastError());
35 | ExitProcess(0);
36 | }
37 |
38 | LPCVOID lpBuffer = "API HOOKING ";
39 | LPDWORD lpNumberOfBytesWritten = 0;
40 |
41 | BOOL ret = WriteFile_engine(hFile,lpBuffer); //hooked function
42 |
43 | CloseHandle(hFile);
44 | }
45 |
46 | ```
47 | ## Contributing
48 | 🤝 Contributions are welcome! If you'd like to contribute to this project, please open a pull request or create an issue to discuss your suggestions.
49 |
--------------------------------------------------------------------------------
/Source.cpp:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include "function_defeniton.h"
4 |
5 |
6 | int main(int argc, char** argv)
7 | {
8 |
9 | HANDLE hFile = CreateFile(L"NewFile.txt", GENERIC_WRITE, FILE_SHARE_READ, NULL, CREATE_NEW || OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
10 |
11 | if (hFile == INVALID_HANDLE_VALUE)
12 | {
13 | printf_s("%d\n", GetLastError());
14 | ExitProcess(0);
15 | }
16 |
17 | LPCVOID lpBuffer = "API HOOKING ";
18 | LPDWORD lpNumberOfBytesWritten = 0;
19 |
20 | BOOL ret = WriteFile_engine(hFile,lpBuffer);
21 |
22 | CloseHandle(hFile);
23 | }
24 |
25 |
--------------------------------------------------------------------------------
/capstonex64/include/capstone/evm.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_EVM_H
2 | #define CAPSTONE_EVM_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2013-2018 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | /// Instruction structure
18 | typedef struct cs_evm {
19 | unsigned char pop; ///< number of items popped from the stack
20 | unsigned char push; ///< number of items pushed into the stack
21 | unsigned int fee; ///< gas fee for the instruction
22 | } cs_evm;
23 |
24 | /// EVM instruction
25 | typedef enum evm_insn {
26 | EVM_INS_STOP = 0,
27 | EVM_INS_ADD = 1,
28 | EVM_INS_MUL = 2,
29 | EVM_INS_SUB = 3,
30 | EVM_INS_DIV = 4,
31 | EVM_INS_SDIV = 5,
32 | EVM_INS_MOD = 6,
33 | EVM_INS_SMOD = 7,
34 | EVM_INS_ADDMOD = 8,
35 | EVM_INS_MULMOD = 9,
36 | EVM_INS_EXP = 10,
37 | EVM_INS_SIGNEXTEND = 11,
38 | EVM_INS_LT = 16,
39 | EVM_INS_GT = 17,
40 | EVM_INS_SLT = 18,
41 | EVM_INS_SGT = 19,
42 | EVM_INS_EQ = 20,
43 | EVM_INS_ISZERO = 21,
44 | EVM_INS_AND = 22,
45 | EVM_INS_OR = 23,
46 | EVM_INS_XOR = 24,
47 | EVM_INS_NOT = 25,
48 | EVM_INS_BYTE = 26,
49 | EVM_INS_SHA3 = 32,
50 | EVM_INS_ADDRESS = 48,
51 | EVM_INS_BALANCE = 49,
52 | EVM_INS_ORIGIN = 50,
53 | EVM_INS_CALLER = 51,
54 | EVM_INS_CALLVALUE = 52,
55 | EVM_INS_CALLDATALOAD = 53,
56 | EVM_INS_CALLDATASIZE = 54,
57 | EVM_INS_CALLDATACOPY = 55,
58 | EVM_INS_CODESIZE = 56,
59 | EVM_INS_CODECOPY = 57,
60 | EVM_INS_GASPRICE = 58,
61 | EVM_INS_EXTCODESIZE = 59,
62 | EVM_INS_EXTCODECOPY = 60,
63 | EVM_INS_RETURNDATASIZE = 61,
64 | EVM_INS_RETURNDATACOPY = 62,
65 | EVM_INS_BLOCKHASH = 64,
66 | EVM_INS_COINBASE = 65,
67 | EVM_INS_TIMESTAMP = 66,
68 | EVM_INS_NUMBER = 67,
69 | EVM_INS_DIFFICULTY = 68,
70 | EVM_INS_GASLIMIT = 69,
71 | EVM_INS_POP = 80,
72 | EVM_INS_MLOAD = 81,
73 | EVM_INS_MSTORE = 82,
74 | EVM_INS_MSTORE8 = 83,
75 | EVM_INS_SLOAD = 84,
76 | EVM_INS_SSTORE = 85,
77 | EVM_INS_JUMP = 86,
78 | EVM_INS_JUMPI = 87,
79 | EVM_INS_PC = 88,
80 | EVM_INS_MSIZE = 89,
81 | EVM_INS_GAS = 90,
82 | EVM_INS_JUMPDEST = 91,
83 | EVM_INS_PUSH1 = 96,
84 | EVM_INS_PUSH2 = 97,
85 | EVM_INS_PUSH3 = 98,
86 | EVM_INS_PUSH4 = 99,
87 | EVM_INS_PUSH5 = 100,
88 | EVM_INS_PUSH6 = 101,
89 | EVM_INS_PUSH7 = 102,
90 | EVM_INS_PUSH8 = 103,
91 | EVM_INS_PUSH9 = 104,
92 | EVM_INS_PUSH10 = 105,
93 | EVM_INS_PUSH11 = 106,
94 | EVM_INS_PUSH12 = 107,
95 | EVM_INS_PUSH13 = 108,
96 | EVM_INS_PUSH14 = 109,
97 | EVM_INS_PUSH15 = 110,
98 | EVM_INS_PUSH16 = 111,
99 | EVM_INS_PUSH17 = 112,
100 | EVM_INS_PUSH18 = 113,
101 | EVM_INS_PUSH19 = 114,
102 | EVM_INS_PUSH20 = 115,
103 | EVM_INS_PUSH21 = 116,
104 | EVM_INS_PUSH22 = 117,
105 | EVM_INS_PUSH23 = 118,
106 | EVM_INS_PUSH24 = 119,
107 | EVM_INS_PUSH25 = 120,
108 | EVM_INS_PUSH26 = 121,
109 | EVM_INS_PUSH27 = 122,
110 | EVM_INS_PUSH28 = 123,
111 | EVM_INS_PUSH29 = 124,
112 | EVM_INS_PUSH30 = 125,
113 | EVM_INS_PUSH31 = 126,
114 | EVM_INS_PUSH32 = 127,
115 | EVM_INS_DUP1 = 128,
116 | EVM_INS_DUP2 = 129,
117 | EVM_INS_DUP3 = 130,
118 | EVM_INS_DUP4 = 131,
119 | EVM_INS_DUP5 = 132,
120 | EVM_INS_DUP6 = 133,
121 | EVM_INS_DUP7 = 134,
122 | EVM_INS_DUP8 = 135,
123 | EVM_INS_DUP9 = 136,
124 | EVM_INS_DUP10 = 137,
125 | EVM_INS_DUP11 = 138,
126 | EVM_INS_DUP12 = 139,
127 | EVM_INS_DUP13 = 140,
128 | EVM_INS_DUP14 = 141,
129 | EVM_INS_DUP15 = 142,
130 | EVM_INS_DUP16 = 143,
131 | EVM_INS_SWAP1 = 144,
132 | EVM_INS_SWAP2 = 145,
133 | EVM_INS_SWAP3 = 146,
134 | EVM_INS_SWAP4 = 147,
135 | EVM_INS_SWAP5 = 148,
136 | EVM_INS_SWAP6 = 149,
137 | EVM_INS_SWAP7 = 150,
138 | EVM_INS_SWAP8 = 151,
139 | EVM_INS_SWAP9 = 152,
140 | EVM_INS_SWAP10 = 153,
141 | EVM_INS_SWAP11 = 154,
142 | EVM_INS_SWAP12 = 155,
143 | EVM_INS_SWAP13 = 156,
144 | EVM_INS_SWAP14 = 157,
145 | EVM_INS_SWAP15 = 158,
146 | EVM_INS_SWAP16 = 159,
147 | EVM_INS_LOG0 = 160,
148 | EVM_INS_LOG1 = 161,
149 | EVM_INS_LOG2 = 162,
150 | EVM_INS_LOG3 = 163,
151 | EVM_INS_LOG4 = 164,
152 | EVM_INS_CREATE = 240,
153 | EVM_INS_CALL = 241,
154 | EVM_INS_CALLCODE = 242,
155 | EVM_INS_RETURN = 243,
156 | EVM_INS_DELEGATECALL = 244,
157 | EVM_INS_CALLBLACKBOX = 245,
158 | EVM_INS_STATICCALL = 250,
159 | EVM_INS_REVERT = 253,
160 | EVM_INS_SUICIDE = 255,
161 |
162 | EVM_INS_INVALID = 512,
163 | EVM_INS_ENDING, // <-- mark the end of the list of instructions
164 | } evm_insn;
165 |
166 | /// Group of EVM instructions
167 | typedef enum evm_insn_group {
168 | EVM_GRP_INVALID = 0, ///< = CS_GRP_INVALID
169 |
170 | EVM_GRP_JUMP, ///< all jump instructions
171 |
172 | EVM_GRP_MATH = 8, ///< math instructions
173 | EVM_GRP_STACK_WRITE, ///< instructions write to stack
174 | EVM_GRP_STACK_READ, ///< instructions read from stack
175 | EVM_GRP_MEM_WRITE, ///< instructions write to memory
176 | EVM_GRP_MEM_READ, ///< instructions read from memory
177 | EVM_GRP_STORE_WRITE, ///< instructions write to storage
178 | EVM_GRP_STORE_READ, ///< instructions read from storage
179 | EVM_GRP_HALT, ///< instructions halt execution
180 |
181 | EVM_GRP_ENDING, ///< <-- mark the end of the list of groups
182 | } evm_insn_group;
183 |
184 | #ifdef __cplusplus
185 | }
186 | #endif
187 |
188 | #endif
189 |
--------------------------------------------------------------------------------
/capstonex64/include/capstone/m680x.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_M680X_H
2 | #define CAPSTONE_M680X_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* M680X Backend by Wolfgang Schwotzer 2017 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | #define M680X_OPERAND_COUNT 9
18 |
19 | /// M680X registers and special registers
20 | typedef enum m680x_reg {
21 | M680X_REG_INVALID = 0,
22 |
23 | M680X_REG_A, ///< M6800/1/2/3/9, HD6301/9
24 | M680X_REG_B, ///< M6800/1/2/3/9, HD6301/9
25 | M680X_REG_E, ///< HD6309
26 | M680X_REG_F, ///< HD6309
27 | M680X_REG_0, ///< HD6309
28 |
29 | M680X_REG_D, ///< M6801/3/9, HD6301/9
30 | M680X_REG_W, ///< HD6309
31 |
32 | M680X_REG_CC, ///< M6800/1/2/3/9, M6301/9
33 | M680X_REG_DP, ///< M6809/M6309
34 | M680X_REG_MD, ///< M6309
35 |
36 | M680X_REG_HX, ///< M6808
37 | M680X_REG_H, ///< M6808
38 | M680X_REG_X, ///< M6800/1/2/3/9, M6301/9
39 | M680X_REG_Y, ///< M6809/M6309
40 | M680X_REG_S, ///< M6809/M6309
41 | M680X_REG_U, ///< M6809/M6309
42 | M680X_REG_V, ///< M6309
43 |
44 | M680X_REG_Q, ///< M6309
45 |
46 | M680X_REG_PC, ///< M6800/1/2/3/9, M6301/9
47 |
48 | M680X_REG_TMP2, ///< CPU12
49 | M680X_REG_TMP3, ///< CPU12
50 |
51 | M680X_REG_ENDING, ///< <-- mark the end of the list of registers
52 | } m680x_reg;
53 |
54 | /// Operand type for instruction's operands
55 | typedef enum m680x_op_type {
56 | M680X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
57 | M680X_OP_REGISTER, ///< = Register operand.
58 | M680X_OP_IMMEDIATE, ///< = Immediate operand.
59 | M680X_OP_INDEXED, ///< = Indexed addressing operand.
60 | M680X_OP_EXTENDED, ///< = Extended addressing operand.
61 | M680X_OP_DIRECT, ///< = Direct addressing operand.
62 | M680X_OP_RELATIVE, ///< = Relative addressing operand.
63 | M680X_OP_CONSTANT, ///< = constant operand (Displayed as number only).
64 | ///< Used e.g. for a bit index or page number.
65 | } m680x_op_type;
66 |
67 | // Supported bit values for mem.idx.offset_bits
68 | #define M680X_OFFSET_NONE 0
69 | #define M680X_OFFSET_BITS_5 5
70 | #define M680X_OFFSET_BITS_8 8
71 | #define M680X_OFFSET_BITS_9 9
72 | #define M680X_OFFSET_BITS_16 16
73 |
74 | // Supported bit flags for mem.idx.flags
75 | // These flags can be combined
76 | #define M680X_IDX_INDIRECT 1
77 | #define M680X_IDX_NO_COMMA 2
78 | #define M680X_IDX_POST_INC_DEC 4
79 |
80 | /// Instruction's operand referring to indexed addressing
81 | typedef struct m680x_op_idx {
82 | m680x_reg base_reg; ///< base register (or M680X_REG_INVALID if
83 | ///< irrelevant)
84 | m680x_reg offset_reg; ///< offset register (or M680X_REG_INVALID if
85 | ///< irrelevant)
86 | int16_t offset; ///< 5-,8- or 16-bit offset. See also offset_bits.
87 | uint16_t offset_addr; ///< = offset addr. if base_reg == M680X_REG_PC.
88 | ///< calculated as offset + PC
89 | uint8_t offset_bits; ///< offset width in bits for indexed addressing
90 | int8_t inc_dec; ///< inc. or dec. value:
91 | ///< 0: no inc-/decrement
92 | ///< 1 .. 8: increment by 1 .. 8
93 | ///< -1 .. -8: decrement by 1 .. 8
94 | ///< if flag M680X_IDX_POST_INC_DEC set it is post
95 | ///< inc-/decrement otherwise pre inc-/decrement
96 | uint8_t flags; ///< 8-bit flags (see above)
97 | } m680x_op_idx;
98 |
99 | /// Instruction's memory operand referring to relative addressing (Bcc/LBcc)
100 | typedef struct m680x_op_rel {
101 | uint16_t address; ///< The absolute address.
102 | ///< calculated as PC + offset. PC is the first
103 | ///< address after the instruction.
104 | int16_t offset; ///< the offset/displacement value
105 | } m680x_op_rel;
106 |
107 | /// Instruction's operand referring to extended addressing
108 | typedef struct m680x_op_ext {
109 | uint16_t address; ///< The absolute address
110 | bool indirect; ///< true if extended indirect addressing
111 | } m680x_op_ext;
112 |
113 | /// Instruction operand
114 | typedef struct cs_m680x_op {
115 | m680x_op_type type;
116 | union {
117 | int32_t imm; ///< immediate value for IMM operand
118 | m680x_reg reg; ///< register value for REG operand
119 | m680x_op_idx idx; ///< Indexed addressing operand
120 | m680x_op_rel rel; ///< Relative address. operand (Bcc/LBcc)
121 | m680x_op_ext ext; ///< Extended address
122 | uint8_t direct_addr; ///< C99 is supported
23 | #include
24 | #endif // (_MSC_VER < 1800) || defined(_KERNEL_MODE)
25 |
26 | #else
27 | // not MSVC -> C99 is supported
28 | #include
29 | #endif // !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
30 |
31 |
32 | // handle inttypes.h / stdint.h compatibility
33 | #if defined(_WIN32_WCE) && (_WIN32_WCE < 0x800)
34 | #include "windowsce/stdint.h"
35 | #endif // defined(_WIN32_WCE) && (_WIN32_WCE < 0x800)
36 |
37 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
38 | // this system does not have inttypes.h
39 |
40 | #if defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE))
41 | // this system does not have stdint.h
42 | typedef signed char int8_t;
43 | typedef signed short int16_t;
44 | typedef signed int int32_t;
45 | typedef unsigned char uint8_t;
46 | typedef unsigned short uint16_t;
47 | typedef unsigned int uint32_t;
48 | typedef signed long long int64_t;
49 | typedef unsigned long long uint64_t;
50 | #endif // defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE))
51 |
52 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
53 | #define INT8_MIN (-127i8 - 1)
54 | #define INT16_MIN (-32767i16 - 1)
55 | #define INT32_MIN (-2147483647i32 - 1)
56 | #define INT64_MIN (-9223372036854775807i64 - 1)
57 | #define INT8_MAX 127i8
58 | #define INT16_MAX 32767i16
59 | #define INT32_MAX 2147483647i32
60 | #define INT64_MAX 9223372036854775807i64
61 | #define UINT8_MAX 0xffui8
62 | #define UINT16_MAX 0xffffui16
63 | #define UINT32_MAX 0xffffffffui32
64 | #define UINT64_MAX 0xffffffffffffffffui64
65 | #endif // defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
66 |
67 | #ifdef CAPSTONE_HAS_OSXKERNEL
68 | // this system has stdint.h
69 | #include
70 | #endif
71 |
72 | #define __PRI_8_LENGTH_MODIFIER__ "hh"
73 | #define __PRI_64_LENGTH_MODIFIER__ "ll"
74 |
75 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d"
76 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i"
77 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o"
78 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u"
79 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x"
80 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X"
81 |
82 | #define PRId16 "hd"
83 | #define PRIi16 "hi"
84 | #define PRIo16 "ho"
85 | #define PRIu16 "hu"
86 | #define PRIx16 "hx"
87 | #define PRIX16 "hX"
88 |
89 | #if defined(_MSC_VER) && _MSC_VER <= 1700
90 | #define PRId32 "ld"
91 | #define PRIi32 "li"
92 | #define PRIo32 "lo"
93 | #define PRIu32 "lu"
94 | #define PRIx32 "lx"
95 | #define PRIX32 "lX"
96 | #else // OSX
97 | #define PRId32 "d"
98 | #define PRIi32 "i"
99 | #define PRIo32 "o"
100 | #define PRIu32 "u"
101 | #define PRIx32 "x"
102 | #define PRIX32 "X"
103 | #endif // defined(_MSC_VER) && _MSC_VER <= 1700
104 |
105 | #if defined(_MSC_VER) && _MSC_VER <= 1700
106 | // redefine functions from inttypes.h used in cstool
107 | #define strtoull _strtoui64
108 | #endif
109 |
110 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d"
111 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i"
112 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o"
113 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u"
114 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x"
115 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X"
116 |
117 | #else
118 | // this system has inttypes.h by default
119 | #include
120 | #endif // defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
121 |
122 | #endif
123 |
--------------------------------------------------------------------------------
/capstonex64/include/capstone/sparc.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_SPARC_H
2 | #define CAPSTONE_SPARC_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2014-2015 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | // GCC SPARC toolchain has a default macro called "sparc" which breaks
14 | // compilation
15 | #undef sparc
16 |
17 | #ifdef _MSC_VER
18 | #pragma warning(disable:4201)
19 | #endif
20 |
21 | /// Enums corresponding to Sparc condition codes, both icc's and fcc's.
22 | typedef enum sparc_cc {
23 | SPARC_CC_INVALID = 0, ///< invalid CC (default)
24 | // Integer condition codes
25 | SPARC_CC_ICC_A = 8+256, ///< Always
26 | SPARC_CC_ICC_N = 0+256, ///< Never
27 | SPARC_CC_ICC_NE = 9+256, ///< Not Equal
28 | SPARC_CC_ICC_E = 1+256, ///< Equal
29 | SPARC_CC_ICC_G = 10+256, ///< Greater
30 | SPARC_CC_ICC_LE = 2+256, ///< Less or Equal
31 | SPARC_CC_ICC_GE = 11+256, ///< Greater or Equal
32 | SPARC_CC_ICC_L = 3+256, ///< Less
33 | SPARC_CC_ICC_GU = 12+256, ///< Greater Unsigned
34 | SPARC_CC_ICC_LEU = 4+256, ///< Less or Equal Unsigned
35 | SPARC_CC_ICC_CC = 13+256, ///< Carry Clear/Great or Equal Unsigned
36 | SPARC_CC_ICC_CS = 5+256, ///< Carry Set/Less Unsigned
37 | SPARC_CC_ICC_POS = 14+256, ///< Positive
38 | SPARC_CC_ICC_NEG = 6+256, ///< Negative
39 | SPARC_CC_ICC_VC = 15+256, ///< Overflow Clear
40 | SPARC_CC_ICC_VS = 7+256, ///< Overflow Set
41 |
42 | // Floating condition codes
43 | SPARC_CC_FCC_A = 8+16+256, ///< Always
44 | SPARC_CC_FCC_N = 0+16+256, ///< Never
45 | SPARC_CC_FCC_U = 7+16+256, ///< Unordered
46 | SPARC_CC_FCC_G = 6+16+256, ///< Greater
47 | SPARC_CC_FCC_UG = 5+16+256, ///< Unordered or Greater
48 | SPARC_CC_FCC_L = 4+16+256, ///< Less
49 | SPARC_CC_FCC_UL = 3+16+256, ///< Unordered or Less
50 | SPARC_CC_FCC_LG = 2+16+256, ///< Less or Greater
51 | SPARC_CC_FCC_NE = 1+16+256, ///< Not Equal
52 | SPARC_CC_FCC_E = 9+16+256, ///< Equal
53 | SPARC_CC_FCC_UE = 10+16+256, ///< Unordered or Equal
54 | SPARC_CC_FCC_GE = 11+16+256, ///< Greater or Equal
55 | SPARC_CC_FCC_UGE = 12+16+256, ///< Unordered or Greater or Equal
56 | SPARC_CC_FCC_LE = 13+16+256, ///< Less or Equal
57 | SPARC_CC_FCC_ULE = 14+16+256, ///< Unordered or Less or Equal
58 | SPARC_CC_FCC_O = 15+16+256, ///< Ordered
59 | } sparc_cc;
60 |
61 | /// Branch hint
62 | typedef enum sparc_hint {
63 | SPARC_HINT_INVALID = 0, ///< no hint
64 | SPARC_HINT_A = 1 << 0, ///< annul delay slot instruction
65 | SPARC_HINT_PT = 1 << 1, ///< branch taken
66 | SPARC_HINT_PN = 1 << 2, ///< branch NOT taken
67 | } sparc_hint;
68 |
69 | /// Operand type for instruction's operands
70 | typedef enum sparc_op_type {
71 | SPARC_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
72 | SPARC_OP_REG, ///< = CS_OP_REG (Register operand).
73 | SPARC_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
74 | SPARC_OP_MEM, ///< = CS_OP_MEM (Memory operand).
75 | } sparc_op_type;
76 |
77 | /// SPARC registers
78 | typedef enum sparc_reg {
79 | SPARC_REG_INVALID = 0,
80 |
81 | SPARC_REG_F0,
82 | SPARC_REG_F1,
83 | SPARC_REG_F2,
84 | SPARC_REG_F3,
85 | SPARC_REG_F4,
86 | SPARC_REG_F5,
87 | SPARC_REG_F6,
88 | SPARC_REG_F7,
89 | SPARC_REG_F8,
90 | SPARC_REG_F9,
91 | SPARC_REG_F10,
92 | SPARC_REG_F11,
93 | SPARC_REG_F12,
94 | SPARC_REG_F13,
95 | SPARC_REG_F14,
96 | SPARC_REG_F15,
97 | SPARC_REG_F16,
98 | SPARC_REG_F17,
99 | SPARC_REG_F18,
100 | SPARC_REG_F19,
101 | SPARC_REG_F20,
102 | SPARC_REG_F21,
103 | SPARC_REG_F22,
104 | SPARC_REG_F23,
105 | SPARC_REG_F24,
106 | SPARC_REG_F25,
107 | SPARC_REG_F26,
108 | SPARC_REG_F27,
109 | SPARC_REG_F28,
110 | SPARC_REG_F29,
111 | SPARC_REG_F30,
112 | SPARC_REG_F31,
113 | SPARC_REG_F32,
114 | SPARC_REG_F34,
115 | SPARC_REG_F36,
116 | SPARC_REG_F38,
117 | SPARC_REG_F40,
118 | SPARC_REG_F42,
119 | SPARC_REG_F44,
120 | SPARC_REG_F46,
121 | SPARC_REG_F48,
122 | SPARC_REG_F50,
123 | SPARC_REG_F52,
124 | SPARC_REG_F54,
125 | SPARC_REG_F56,
126 | SPARC_REG_F58,
127 | SPARC_REG_F60,
128 | SPARC_REG_F62,
129 | SPARC_REG_FCC0, // Floating condition codes
130 | SPARC_REG_FCC1,
131 | SPARC_REG_FCC2,
132 | SPARC_REG_FCC3,
133 | SPARC_REG_FP,
134 | SPARC_REG_G0,
135 | SPARC_REG_G1,
136 | SPARC_REG_G2,
137 | SPARC_REG_G3,
138 | SPARC_REG_G4,
139 | SPARC_REG_G5,
140 | SPARC_REG_G6,
141 | SPARC_REG_G7,
142 | SPARC_REG_I0,
143 | SPARC_REG_I1,
144 | SPARC_REG_I2,
145 | SPARC_REG_I3,
146 | SPARC_REG_I4,
147 | SPARC_REG_I5,
148 | SPARC_REG_I7,
149 | SPARC_REG_ICC, // Integer condition codes
150 | SPARC_REG_L0,
151 | SPARC_REG_L1,
152 | SPARC_REG_L2,
153 | SPARC_REG_L3,
154 | SPARC_REG_L4,
155 | SPARC_REG_L5,
156 | SPARC_REG_L6,
157 | SPARC_REG_L7,
158 | SPARC_REG_O0,
159 | SPARC_REG_O1,
160 | SPARC_REG_O2,
161 | SPARC_REG_O3,
162 | SPARC_REG_O4,
163 | SPARC_REG_O5,
164 | SPARC_REG_O7,
165 | SPARC_REG_SP,
166 | SPARC_REG_Y,
167 |
168 | // special register
169 | SPARC_REG_XCC,
170 |
171 | SPARC_REG_ENDING, // <-- mark the end of the list of registers
172 |
173 | // extras
174 | SPARC_REG_O6 = SPARC_REG_SP,
175 | SPARC_REG_I6 = SPARC_REG_FP,
176 | } sparc_reg;
177 |
178 | /// Instruction's operand referring to memory
179 | /// This is associated with SPARC_OP_MEM operand type above
180 | typedef struct sparc_op_mem {
181 | uint8_t base; ///< base register, can be safely interpreted as
182 | ///< a value of type `sparc_reg`, but it is only
183 | ///< one byte wide
184 | uint8_t index; ///< index register, same conditions apply here
185 | int32_t disp; ///< displacement/offset value
186 | } sparc_op_mem;
187 |
188 | /// Instruction operand
189 | typedef struct cs_sparc_op {
190 | sparc_op_type type; ///< operand type
191 | union {
192 | sparc_reg reg; ///< register value for REG operand
193 | int64_t imm; ///< immediate value for IMM operand
194 | sparc_op_mem mem; ///< base/disp value for MEM operand
195 | };
196 | } cs_sparc_op;
197 |
198 | /// Instruction structure
199 | typedef struct cs_sparc {
200 | sparc_cc cc; ///< code condition for this insn
201 | sparc_hint hint; ///< branch hint: encoding as bitwise OR of sparc_hint.
202 | /// Number of operands of this instruction,
203 | /// or 0 when instruction has no operand.
204 | uint8_t op_count;
205 | cs_sparc_op operands[4]; ///< operands for this instruction.
206 | } cs_sparc;
207 |
208 | /// SPARC instruction
209 | typedef enum sparc_insn {
210 | SPARC_INS_INVALID = 0,
211 |
212 | SPARC_INS_ADDCC,
213 | SPARC_INS_ADDX,
214 | SPARC_INS_ADDXCC,
215 | SPARC_INS_ADDXC,
216 | SPARC_INS_ADDXCCC,
217 | SPARC_INS_ADD,
218 | SPARC_INS_ALIGNADDR,
219 | SPARC_INS_ALIGNADDRL,
220 | SPARC_INS_ANDCC,
221 | SPARC_INS_ANDNCC,
222 | SPARC_INS_ANDN,
223 | SPARC_INS_AND,
224 | SPARC_INS_ARRAY16,
225 | SPARC_INS_ARRAY32,
226 | SPARC_INS_ARRAY8,
227 | SPARC_INS_B,
228 | SPARC_INS_JMP,
229 | SPARC_INS_BMASK,
230 | SPARC_INS_FB,
231 | SPARC_INS_BRGEZ,
232 | SPARC_INS_BRGZ,
233 | SPARC_INS_BRLEZ,
234 | SPARC_INS_BRLZ,
235 | SPARC_INS_BRNZ,
236 | SPARC_INS_BRZ,
237 | SPARC_INS_BSHUFFLE,
238 | SPARC_INS_CALL,
239 | SPARC_INS_CASX,
240 | SPARC_INS_CAS,
241 | SPARC_INS_CMASK16,
242 | SPARC_INS_CMASK32,
243 | SPARC_INS_CMASK8,
244 | SPARC_INS_CMP,
245 | SPARC_INS_EDGE16,
246 | SPARC_INS_EDGE16L,
247 | SPARC_INS_EDGE16LN,
248 | SPARC_INS_EDGE16N,
249 | SPARC_INS_EDGE32,
250 | SPARC_INS_EDGE32L,
251 | SPARC_INS_EDGE32LN,
252 | SPARC_INS_EDGE32N,
253 | SPARC_INS_EDGE8,
254 | SPARC_INS_EDGE8L,
255 | SPARC_INS_EDGE8LN,
256 | SPARC_INS_EDGE8N,
257 | SPARC_INS_FABSD,
258 | SPARC_INS_FABSQ,
259 | SPARC_INS_FABSS,
260 | SPARC_INS_FADDD,
261 | SPARC_INS_FADDQ,
262 | SPARC_INS_FADDS,
263 | SPARC_INS_FALIGNDATA,
264 | SPARC_INS_FAND,
265 | SPARC_INS_FANDNOT1,
266 | SPARC_INS_FANDNOT1S,
267 | SPARC_INS_FANDNOT2,
268 | SPARC_INS_FANDNOT2S,
269 | SPARC_INS_FANDS,
270 | SPARC_INS_FCHKSM16,
271 | SPARC_INS_FCMPD,
272 | SPARC_INS_FCMPEQ16,
273 | SPARC_INS_FCMPEQ32,
274 | SPARC_INS_FCMPGT16,
275 | SPARC_INS_FCMPGT32,
276 | SPARC_INS_FCMPLE16,
277 | SPARC_INS_FCMPLE32,
278 | SPARC_INS_FCMPNE16,
279 | SPARC_INS_FCMPNE32,
280 | SPARC_INS_FCMPQ,
281 | SPARC_INS_FCMPS,
282 | SPARC_INS_FDIVD,
283 | SPARC_INS_FDIVQ,
284 | SPARC_INS_FDIVS,
285 | SPARC_INS_FDMULQ,
286 | SPARC_INS_FDTOI,
287 | SPARC_INS_FDTOQ,
288 | SPARC_INS_FDTOS,
289 | SPARC_INS_FDTOX,
290 | SPARC_INS_FEXPAND,
291 | SPARC_INS_FHADDD,
292 | SPARC_INS_FHADDS,
293 | SPARC_INS_FHSUBD,
294 | SPARC_INS_FHSUBS,
295 | SPARC_INS_FITOD,
296 | SPARC_INS_FITOQ,
297 | SPARC_INS_FITOS,
298 | SPARC_INS_FLCMPD,
299 | SPARC_INS_FLCMPS,
300 | SPARC_INS_FLUSHW,
301 | SPARC_INS_FMEAN16,
302 | SPARC_INS_FMOVD,
303 | SPARC_INS_FMOVQ,
304 | SPARC_INS_FMOVRDGEZ,
305 | SPARC_INS_FMOVRQGEZ,
306 | SPARC_INS_FMOVRSGEZ,
307 | SPARC_INS_FMOVRDGZ,
308 | SPARC_INS_FMOVRQGZ,
309 | SPARC_INS_FMOVRSGZ,
310 | SPARC_INS_FMOVRDLEZ,
311 | SPARC_INS_FMOVRQLEZ,
312 | SPARC_INS_FMOVRSLEZ,
313 | SPARC_INS_FMOVRDLZ,
314 | SPARC_INS_FMOVRQLZ,
315 | SPARC_INS_FMOVRSLZ,
316 | SPARC_INS_FMOVRDNZ,
317 | SPARC_INS_FMOVRQNZ,
318 | SPARC_INS_FMOVRSNZ,
319 | SPARC_INS_FMOVRDZ,
320 | SPARC_INS_FMOVRQZ,
321 | SPARC_INS_FMOVRSZ,
322 | SPARC_INS_FMOVS,
323 | SPARC_INS_FMUL8SUX16,
324 | SPARC_INS_FMUL8ULX16,
325 | SPARC_INS_FMUL8X16,
326 | SPARC_INS_FMUL8X16AL,
327 | SPARC_INS_FMUL8X16AU,
328 | SPARC_INS_FMULD,
329 | SPARC_INS_FMULD8SUX16,
330 | SPARC_INS_FMULD8ULX16,
331 | SPARC_INS_FMULQ,
332 | SPARC_INS_FMULS,
333 | SPARC_INS_FNADDD,
334 | SPARC_INS_FNADDS,
335 | SPARC_INS_FNAND,
336 | SPARC_INS_FNANDS,
337 | SPARC_INS_FNEGD,
338 | SPARC_INS_FNEGQ,
339 | SPARC_INS_FNEGS,
340 | SPARC_INS_FNHADDD,
341 | SPARC_INS_FNHADDS,
342 | SPARC_INS_FNOR,
343 | SPARC_INS_FNORS,
344 | SPARC_INS_FNOT1,
345 | SPARC_INS_FNOT1S,
346 | SPARC_INS_FNOT2,
347 | SPARC_INS_FNOT2S,
348 | SPARC_INS_FONE,
349 | SPARC_INS_FONES,
350 | SPARC_INS_FOR,
351 | SPARC_INS_FORNOT1,
352 | SPARC_INS_FORNOT1S,
353 | SPARC_INS_FORNOT2,
354 | SPARC_INS_FORNOT2S,
355 | SPARC_INS_FORS,
356 | SPARC_INS_FPACK16,
357 | SPARC_INS_FPACK32,
358 | SPARC_INS_FPACKFIX,
359 | SPARC_INS_FPADD16,
360 | SPARC_INS_FPADD16S,
361 | SPARC_INS_FPADD32,
362 | SPARC_INS_FPADD32S,
363 | SPARC_INS_FPADD64,
364 | SPARC_INS_FPMERGE,
365 | SPARC_INS_FPSUB16,
366 | SPARC_INS_FPSUB16S,
367 | SPARC_INS_FPSUB32,
368 | SPARC_INS_FPSUB32S,
369 | SPARC_INS_FQTOD,
370 | SPARC_INS_FQTOI,
371 | SPARC_INS_FQTOS,
372 | SPARC_INS_FQTOX,
373 | SPARC_INS_FSLAS16,
374 | SPARC_INS_FSLAS32,
375 | SPARC_INS_FSLL16,
376 | SPARC_INS_FSLL32,
377 | SPARC_INS_FSMULD,
378 | SPARC_INS_FSQRTD,
379 | SPARC_INS_FSQRTQ,
380 | SPARC_INS_FSQRTS,
381 | SPARC_INS_FSRA16,
382 | SPARC_INS_FSRA32,
383 | SPARC_INS_FSRC1,
384 | SPARC_INS_FSRC1S,
385 | SPARC_INS_FSRC2,
386 | SPARC_INS_FSRC2S,
387 | SPARC_INS_FSRL16,
388 | SPARC_INS_FSRL32,
389 | SPARC_INS_FSTOD,
390 | SPARC_INS_FSTOI,
391 | SPARC_INS_FSTOQ,
392 | SPARC_INS_FSTOX,
393 | SPARC_INS_FSUBD,
394 | SPARC_INS_FSUBQ,
395 | SPARC_INS_FSUBS,
396 | SPARC_INS_FXNOR,
397 | SPARC_INS_FXNORS,
398 | SPARC_INS_FXOR,
399 | SPARC_INS_FXORS,
400 | SPARC_INS_FXTOD,
401 | SPARC_INS_FXTOQ,
402 | SPARC_INS_FXTOS,
403 | SPARC_INS_FZERO,
404 | SPARC_INS_FZEROS,
405 | SPARC_INS_JMPL,
406 | SPARC_INS_LDD,
407 | SPARC_INS_LD,
408 | SPARC_INS_LDQ,
409 | SPARC_INS_LDSB,
410 | SPARC_INS_LDSH,
411 | SPARC_INS_LDSW,
412 | SPARC_INS_LDUB,
413 | SPARC_INS_LDUH,
414 | SPARC_INS_LDX,
415 | SPARC_INS_LZCNT,
416 | SPARC_INS_MEMBAR,
417 | SPARC_INS_MOVDTOX,
418 | SPARC_INS_MOV,
419 | SPARC_INS_MOVRGEZ,
420 | SPARC_INS_MOVRGZ,
421 | SPARC_INS_MOVRLEZ,
422 | SPARC_INS_MOVRLZ,
423 | SPARC_INS_MOVRNZ,
424 | SPARC_INS_MOVRZ,
425 | SPARC_INS_MOVSTOSW,
426 | SPARC_INS_MOVSTOUW,
427 | SPARC_INS_MULX,
428 | SPARC_INS_NOP,
429 | SPARC_INS_ORCC,
430 | SPARC_INS_ORNCC,
431 | SPARC_INS_ORN,
432 | SPARC_INS_OR,
433 | SPARC_INS_PDIST,
434 | SPARC_INS_PDISTN,
435 | SPARC_INS_POPC,
436 | SPARC_INS_RD,
437 | SPARC_INS_RESTORE,
438 | SPARC_INS_RETT,
439 | SPARC_INS_SAVE,
440 | SPARC_INS_SDIVCC,
441 | SPARC_INS_SDIVX,
442 | SPARC_INS_SDIV,
443 | SPARC_INS_SETHI,
444 | SPARC_INS_SHUTDOWN,
445 | SPARC_INS_SIAM,
446 | SPARC_INS_SLLX,
447 | SPARC_INS_SLL,
448 | SPARC_INS_SMULCC,
449 | SPARC_INS_SMUL,
450 | SPARC_INS_SRAX,
451 | SPARC_INS_SRA,
452 | SPARC_INS_SRLX,
453 | SPARC_INS_SRL,
454 | SPARC_INS_STBAR,
455 | SPARC_INS_STB,
456 | SPARC_INS_STD,
457 | SPARC_INS_ST,
458 | SPARC_INS_STH,
459 | SPARC_INS_STQ,
460 | SPARC_INS_STX,
461 | SPARC_INS_SUBCC,
462 | SPARC_INS_SUBX,
463 | SPARC_INS_SUBXCC,
464 | SPARC_INS_SUB,
465 | SPARC_INS_SWAP,
466 | SPARC_INS_TADDCCTV,
467 | SPARC_INS_TADDCC,
468 | SPARC_INS_T,
469 | SPARC_INS_TSUBCCTV,
470 | SPARC_INS_TSUBCC,
471 | SPARC_INS_UDIVCC,
472 | SPARC_INS_UDIVX,
473 | SPARC_INS_UDIV,
474 | SPARC_INS_UMULCC,
475 | SPARC_INS_UMULXHI,
476 | SPARC_INS_UMUL,
477 | SPARC_INS_UNIMP,
478 | SPARC_INS_FCMPED,
479 | SPARC_INS_FCMPEQ,
480 | SPARC_INS_FCMPES,
481 | SPARC_INS_WR,
482 | SPARC_INS_XMULX,
483 | SPARC_INS_XMULXHI,
484 | SPARC_INS_XNORCC,
485 | SPARC_INS_XNOR,
486 | SPARC_INS_XORCC,
487 | SPARC_INS_XOR,
488 |
489 | // alias instructions
490 | SPARC_INS_RET,
491 | SPARC_INS_RETL,
492 |
493 | SPARC_INS_ENDING, // <-- mark the end of the list of instructions
494 | } sparc_insn;
495 |
496 | /// Group of SPARC instructions
497 | typedef enum sparc_insn_group {
498 | SPARC_GRP_INVALID = 0, ///< = CS_GRP_INVALID
499 |
500 | // Generic groups
501 | // all jump instructions (conditional+direct+indirect jumps)
502 | SPARC_GRP_JUMP, ///< = CS_GRP_JUMP
503 |
504 | // Architecture-specific groups
505 | SPARC_GRP_HARDQUAD = 128,
506 | SPARC_GRP_V9,
507 | SPARC_GRP_VIS,
508 | SPARC_GRP_VIS2,
509 | SPARC_GRP_VIS3,
510 | SPARC_GRP_32BIT,
511 | SPARC_GRP_64BIT,
512 |
513 | SPARC_GRP_ENDING, // <-- mark the end of the list of groups
514 | } sparc_insn_group;
515 |
516 | #ifdef __cplusplus
517 | }
518 | #endif
519 |
520 | #endif
521 |
--------------------------------------------------------------------------------
/capstonex64/include/capstone/tms320c64x.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* TMS320C64x Backend by Fotis Loukos 2016 */
3 |
4 | #ifndef CAPSTONE_TMS320C64X_H
5 | #define CAPSTONE_TMS320C64X_H
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include
12 | #include "platform.h"
13 |
14 | #ifdef _MSC_VER
15 | #pragma warning(disable:4201)
16 | #endif
17 |
18 | typedef enum tms320c64x_op_type {
19 | TMS320C64X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
20 | TMS320C64X_OP_REG, ///< = CS_OP_REG (Register operand).
21 | TMS320C64X_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
22 | TMS320C64X_OP_MEM, ///< = CS_OP_MEM (Memory operand).
23 | TMS320C64X_OP_REGPAIR = 64, ///< Register pair for double word ops
24 | } tms320c64x_op_type;
25 |
26 | typedef enum tms320c64x_mem_disp {
27 | TMS320C64X_MEM_DISP_INVALID = 0,
28 | TMS320C64X_MEM_DISP_CONSTANT,
29 | TMS320C64X_MEM_DISP_REGISTER,
30 | } tms320c64x_mem_disp;
31 |
32 | typedef enum tms320c64x_mem_dir {
33 | TMS320C64X_MEM_DIR_INVALID = 0,
34 | TMS320C64X_MEM_DIR_FW,
35 | TMS320C64X_MEM_DIR_BW,
36 | } tms320c64x_mem_dir;
37 |
38 | typedef enum tms320c64x_mem_mod {
39 | TMS320C64X_MEM_MOD_INVALID = 0,
40 | TMS320C64X_MEM_MOD_NO,
41 | TMS320C64X_MEM_MOD_PRE,
42 | TMS320C64X_MEM_MOD_POST,
43 | } tms320c64x_mem_mod;
44 |
45 | typedef struct tms320c64x_op_mem {
46 | unsigned int base; ///< base register
47 | unsigned int disp; ///< displacement/offset value
48 | unsigned int unit; ///< unit of base and offset register
49 | unsigned int scaled; ///< offset scaled
50 | unsigned int disptype; ///< displacement type
51 | unsigned int direction; ///< direction
52 | unsigned int modify; ///< modification
53 | } tms320c64x_op_mem;
54 |
55 | typedef struct cs_tms320c64x_op {
56 | tms320c64x_op_type type; ///< operand type
57 | union {
58 | unsigned int reg; ///< register value for REG operand or first register for REGPAIR operand
59 | int32_t imm; ///< immediate value for IMM operand
60 | tms320c64x_op_mem mem; ///< base/disp value for MEM operand
61 | };
62 | } cs_tms320c64x_op;
63 |
64 | typedef struct cs_tms320c64x {
65 | uint8_t op_count;
66 | cs_tms320c64x_op operands[8]; ///< operands for this instruction.
67 | struct {
68 | unsigned int reg;
69 | unsigned int zero;
70 | } condition;
71 | struct {
72 | unsigned int unit;
73 | unsigned int side;
74 | unsigned int crosspath;
75 | } funit;
76 | unsigned int parallel;
77 | } cs_tms320c64x;
78 |
79 | typedef enum tms320c64x_reg {
80 | TMS320C64X_REG_INVALID = 0,
81 |
82 | TMS320C64X_REG_AMR,
83 | TMS320C64X_REG_CSR,
84 | TMS320C64X_REG_DIER,
85 | TMS320C64X_REG_DNUM,
86 | TMS320C64X_REG_ECR,
87 | TMS320C64X_REG_GFPGFR,
88 | TMS320C64X_REG_GPLYA,
89 | TMS320C64X_REG_GPLYB,
90 | TMS320C64X_REG_ICR,
91 | TMS320C64X_REG_IER,
92 | TMS320C64X_REG_IERR,
93 | TMS320C64X_REG_ILC,
94 | TMS320C64X_REG_IRP,
95 | TMS320C64X_REG_ISR,
96 | TMS320C64X_REG_ISTP,
97 | TMS320C64X_REG_ITSR,
98 | TMS320C64X_REG_NRP,
99 | TMS320C64X_REG_NTSR,
100 | TMS320C64X_REG_REP,
101 | TMS320C64X_REG_RILC,
102 | TMS320C64X_REG_SSR,
103 | TMS320C64X_REG_TSCH,
104 | TMS320C64X_REG_TSCL,
105 | TMS320C64X_REG_TSR,
106 | TMS320C64X_REG_A0,
107 | TMS320C64X_REG_A1,
108 | TMS320C64X_REG_A2,
109 | TMS320C64X_REG_A3,
110 | TMS320C64X_REG_A4,
111 | TMS320C64X_REG_A5,
112 | TMS320C64X_REG_A6,
113 | TMS320C64X_REG_A7,
114 | TMS320C64X_REG_A8,
115 | TMS320C64X_REG_A9,
116 | TMS320C64X_REG_A10,
117 | TMS320C64X_REG_A11,
118 | TMS320C64X_REG_A12,
119 | TMS320C64X_REG_A13,
120 | TMS320C64X_REG_A14,
121 | TMS320C64X_REG_A15,
122 | TMS320C64X_REG_A16,
123 | TMS320C64X_REG_A17,
124 | TMS320C64X_REG_A18,
125 | TMS320C64X_REG_A19,
126 | TMS320C64X_REG_A20,
127 | TMS320C64X_REG_A21,
128 | TMS320C64X_REG_A22,
129 | TMS320C64X_REG_A23,
130 | TMS320C64X_REG_A24,
131 | TMS320C64X_REG_A25,
132 | TMS320C64X_REG_A26,
133 | TMS320C64X_REG_A27,
134 | TMS320C64X_REG_A28,
135 | TMS320C64X_REG_A29,
136 | TMS320C64X_REG_A30,
137 | TMS320C64X_REG_A31,
138 | TMS320C64X_REG_B0,
139 | TMS320C64X_REG_B1,
140 | TMS320C64X_REG_B2,
141 | TMS320C64X_REG_B3,
142 | TMS320C64X_REG_B4,
143 | TMS320C64X_REG_B5,
144 | TMS320C64X_REG_B6,
145 | TMS320C64X_REG_B7,
146 | TMS320C64X_REG_B8,
147 | TMS320C64X_REG_B9,
148 | TMS320C64X_REG_B10,
149 | TMS320C64X_REG_B11,
150 | TMS320C64X_REG_B12,
151 | TMS320C64X_REG_B13,
152 | TMS320C64X_REG_B14,
153 | TMS320C64X_REG_B15,
154 | TMS320C64X_REG_B16,
155 | TMS320C64X_REG_B17,
156 | TMS320C64X_REG_B18,
157 | TMS320C64X_REG_B19,
158 | TMS320C64X_REG_B20,
159 | TMS320C64X_REG_B21,
160 | TMS320C64X_REG_B22,
161 | TMS320C64X_REG_B23,
162 | TMS320C64X_REG_B24,
163 | TMS320C64X_REG_B25,
164 | TMS320C64X_REG_B26,
165 | TMS320C64X_REG_B27,
166 | TMS320C64X_REG_B28,
167 | TMS320C64X_REG_B29,
168 | TMS320C64X_REG_B30,
169 | TMS320C64X_REG_B31,
170 | TMS320C64X_REG_PCE1,
171 |
172 | TMS320C64X_REG_ENDING, // <-- mark the end of the list of registers
173 |
174 | // Alias registers
175 | TMS320C64X_REG_EFR = TMS320C64X_REG_ECR,
176 | TMS320C64X_REG_IFR = TMS320C64X_REG_ISR,
177 | } tms320c64x_reg;
178 |
179 | typedef enum tms320c64x_insn {
180 | TMS320C64X_INS_INVALID = 0,
181 |
182 | TMS320C64X_INS_ABS,
183 | TMS320C64X_INS_ABS2,
184 | TMS320C64X_INS_ADD,
185 | TMS320C64X_INS_ADD2,
186 | TMS320C64X_INS_ADD4,
187 | TMS320C64X_INS_ADDAB,
188 | TMS320C64X_INS_ADDAD,
189 | TMS320C64X_INS_ADDAH,
190 | TMS320C64X_INS_ADDAW,
191 | TMS320C64X_INS_ADDK,
192 | TMS320C64X_INS_ADDKPC,
193 | TMS320C64X_INS_ADDU,
194 | TMS320C64X_INS_AND,
195 | TMS320C64X_INS_ANDN,
196 | TMS320C64X_INS_AVG2,
197 | TMS320C64X_INS_AVGU4,
198 | TMS320C64X_INS_B,
199 | TMS320C64X_INS_BDEC,
200 | TMS320C64X_INS_BITC4,
201 | TMS320C64X_INS_BNOP,
202 | TMS320C64X_INS_BPOS,
203 | TMS320C64X_INS_CLR,
204 | TMS320C64X_INS_CMPEQ,
205 | TMS320C64X_INS_CMPEQ2,
206 | TMS320C64X_INS_CMPEQ4,
207 | TMS320C64X_INS_CMPGT,
208 | TMS320C64X_INS_CMPGT2,
209 | TMS320C64X_INS_CMPGTU4,
210 | TMS320C64X_INS_CMPLT,
211 | TMS320C64X_INS_CMPLTU,
212 | TMS320C64X_INS_DEAL,
213 | TMS320C64X_INS_DOTP2,
214 | TMS320C64X_INS_DOTPN2,
215 | TMS320C64X_INS_DOTPNRSU2,
216 | TMS320C64X_INS_DOTPRSU2,
217 | TMS320C64X_INS_DOTPSU4,
218 | TMS320C64X_INS_DOTPU4,
219 | TMS320C64X_INS_EXT,
220 | TMS320C64X_INS_EXTU,
221 | TMS320C64X_INS_GMPGTU,
222 | TMS320C64X_INS_GMPY4,
223 | TMS320C64X_INS_LDB,
224 | TMS320C64X_INS_LDBU,
225 | TMS320C64X_INS_LDDW,
226 | TMS320C64X_INS_LDH,
227 | TMS320C64X_INS_LDHU,
228 | TMS320C64X_INS_LDNDW,
229 | TMS320C64X_INS_LDNW,
230 | TMS320C64X_INS_LDW,
231 | TMS320C64X_INS_LMBD,
232 | TMS320C64X_INS_MAX2,
233 | TMS320C64X_INS_MAXU4,
234 | TMS320C64X_INS_MIN2,
235 | TMS320C64X_INS_MINU4,
236 | TMS320C64X_INS_MPY,
237 | TMS320C64X_INS_MPY2,
238 | TMS320C64X_INS_MPYH,
239 | TMS320C64X_INS_MPYHI,
240 | TMS320C64X_INS_MPYHIR,
241 | TMS320C64X_INS_MPYHL,
242 | TMS320C64X_INS_MPYHLU,
243 | TMS320C64X_INS_MPYHSLU,
244 | TMS320C64X_INS_MPYHSU,
245 | TMS320C64X_INS_MPYHU,
246 | TMS320C64X_INS_MPYHULS,
247 | TMS320C64X_INS_MPYHUS,
248 | TMS320C64X_INS_MPYLH,
249 | TMS320C64X_INS_MPYLHU,
250 | TMS320C64X_INS_MPYLI,
251 | TMS320C64X_INS_MPYLIR,
252 | TMS320C64X_INS_MPYLSHU,
253 | TMS320C64X_INS_MPYLUHS,
254 | TMS320C64X_INS_MPYSU,
255 | TMS320C64X_INS_MPYSU4,
256 | TMS320C64X_INS_MPYU,
257 | TMS320C64X_INS_MPYU4,
258 | TMS320C64X_INS_MPYUS,
259 | TMS320C64X_INS_MVC,
260 | TMS320C64X_INS_MVD,
261 | TMS320C64X_INS_MVK,
262 | TMS320C64X_INS_MVKL,
263 | TMS320C64X_INS_MVKLH,
264 | TMS320C64X_INS_NOP,
265 | TMS320C64X_INS_NORM,
266 | TMS320C64X_INS_OR,
267 | TMS320C64X_INS_PACK2,
268 | TMS320C64X_INS_PACKH2,
269 | TMS320C64X_INS_PACKH4,
270 | TMS320C64X_INS_PACKHL2,
271 | TMS320C64X_INS_PACKL4,
272 | TMS320C64X_INS_PACKLH2,
273 | TMS320C64X_INS_ROTL,
274 | TMS320C64X_INS_SADD,
275 | TMS320C64X_INS_SADD2,
276 | TMS320C64X_INS_SADDU4,
277 | TMS320C64X_INS_SADDUS2,
278 | TMS320C64X_INS_SAT,
279 | TMS320C64X_INS_SET,
280 | TMS320C64X_INS_SHFL,
281 | TMS320C64X_INS_SHL,
282 | TMS320C64X_INS_SHLMB,
283 | TMS320C64X_INS_SHR,
284 | TMS320C64X_INS_SHR2,
285 | TMS320C64X_INS_SHRMB,
286 | TMS320C64X_INS_SHRU,
287 | TMS320C64X_INS_SHRU2,
288 | TMS320C64X_INS_SMPY,
289 | TMS320C64X_INS_SMPY2,
290 | TMS320C64X_INS_SMPYH,
291 | TMS320C64X_INS_SMPYHL,
292 | TMS320C64X_INS_SMPYLH,
293 | TMS320C64X_INS_SPACK2,
294 | TMS320C64X_INS_SPACKU4,
295 | TMS320C64X_INS_SSHL,
296 | TMS320C64X_INS_SSHVL,
297 | TMS320C64X_INS_SSHVR,
298 | TMS320C64X_INS_SSUB,
299 | TMS320C64X_INS_STB,
300 | TMS320C64X_INS_STDW,
301 | TMS320C64X_INS_STH,
302 | TMS320C64X_INS_STNDW,
303 | TMS320C64X_INS_STNW,
304 | TMS320C64X_INS_STW,
305 | TMS320C64X_INS_SUB,
306 | TMS320C64X_INS_SUB2,
307 | TMS320C64X_INS_SUB4,
308 | TMS320C64X_INS_SUBAB,
309 | TMS320C64X_INS_SUBABS4,
310 | TMS320C64X_INS_SUBAH,
311 | TMS320C64X_INS_SUBAW,
312 | TMS320C64X_INS_SUBC,
313 | TMS320C64X_INS_SUBU,
314 | TMS320C64X_INS_SWAP4,
315 | TMS320C64X_INS_UNPKHU4,
316 | TMS320C64X_INS_UNPKLU4,
317 | TMS320C64X_INS_XOR,
318 | TMS320C64X_INS_XPND2,
319 | TMS320C64X_INS_XPND4,
320 | // Aliases
321 | TMS320C64X_INS_IDLE,
322 | TMS320C64X_INS_MV,
323 | TMS320C64X_INS_NEG,
324 | TMS320C64X_INS_NOT,
325 | TMS320C64X_INS_SWAP2,
326 | TMS320C64X_INS_ZERO,
327 |
328 | TMS320C64X_INS_ENDING, // <-- mark the end of the list of instructions
329 | } tms320c64x_insn;
330 |
331 | typedef enum tms320c64x_insn_group {
332 | TMS320C64X_GRP_INVALID = 0, ///< = CS_GRP_INVALID
333 |
334 | TMS320C64X_GRP_JUMP, ///< = CS_GRP_JUMP
335 |
336 | TMS320C64X_GRP_FUNIT_D = 128,
337 | TMS320C64X_GRP_FUNIT_L,
338 | TMS320C64X_GRP_FUNIT_M,
339 | TMS320C64X_GRP_FUNIT_S,
340 | TMS320C64X_GRP_FUNIT_NO,
341 |
342 | TMS320C64X_GRP_ENDING, // <-- mark the end of the list of groups
343 | } tms320c64x_insn_group;
344 |
345 | typedef enum tms320c64x_funit {
346 | TMS320C64X_FUNIT_INVALID = 0,
347 | TMS320C64X_FUNIT_D,
348 | TMS320C64X_FUNIT_L,
349 | TMS320C64X_FUNIT_M,
350 | TMS320C64X_FUNIT_S,
351 | TMS320C64X_FUNIT_NO
352 | } tms320c64x_funit;
353 |
354 | #ifdef __cplusplus
355 | }
356 | #endif
357 |
358 | #endif
359 |
360 |
--------------------------------------------------------------------------------
/capstonex64/include/capstone/xcore.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_XCORE_H
2 | #define CAPSTONE_XCORE_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2014-2015 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | /// Operand type for instruction's operands
18 | typedef enum xcore_op_type {
19 | XCORE_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
20 | XCORE_OP_REG, ///< = CS_OP_REG (Register operand).
21 | XCORE_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
22 | XCORE_OP_MEM, ///< = CS_OP_MEM (Memory operand).
23 | } xcore_op_type;
24 |
25 | /// XCore registers
26 | typedef enum xcore_reg {
27 | XCORE_REG_INVALID = 0,
28 |
29 | XCORE_REG_CP,
30 | XCORE_REG_DP,
31 | XCORE_REG_LR,
32 | XCORE_REG_SP,
33 | XCORE_REG_R0,
34 | XCORE_REG_R1,
35 | XCORE_REG_R2,
36 | XCORE_REG_R3,
37 | XCORE_REG_R4,
38 | XCORE_REG_R5,
39 | XCORE_REG_R6,
40 | XCORE_REG_R7,
41 | XCORE_REG_R8,
42 | XCORE_REG_R9,
43 | XCORE_REG_R10,
44 | XCORE_REG_R11,
45 |
46 | // pseudo registers
47 | XCORE_REG_PC, ///< pc
48 |
49 | // internal thread registers
50 | // see The-XMOS-XS1-Architecture(X7879A).pdf
51 | XCORE_REG_SCP, ///< save pc
52 | XCORE_REG_SSR, //< save status
53 | XCORE_REG_ET, //< exception type
54 | XCORE_REG_ED, //< exception data
55 | XCORE_REG_SED, //< save exception data
56 | XCORE_REG_KEP, //< kernel entry pointer
57 | XCORE_REG_KSP, //< kernel stack pointer
58 | XCORE_REG_ID, //< thread ID
59 |
60 | XCORE_REG_ENDING, // <-- mark the end of the list of registers
61 | } xcore_reg;
62 |
63 | /// Instruction's operand referring to memory
64 | /// This is associated with XCORE_OP_MEM operand type above
65 | typedef struct xcore_op_mem {
66 | uint8_t base; ///< base register, can be safely interpreted as
67 | ///< a value of type `xcore_reg`, but it is only
68 | ///< one byte wide
69 | uint8_t index; ///< index register, same conditions apply here
70 | int32_t disp; ///< displacement/offset value
71 | int direct; ///< +1: forward, -1: backward
72 | } xcore_op_mem;
73 |
74 | /// Instruction operand
75 | typedef struct cs_xcore_op {
76 | xcore_op_type type; ///< operand type
77 | union {
78 | xcore_reg reg; ///< register value for REG operand
79 | int32_t imm; ///< immediate value for IMM operand
80 | xcore_op_mem mem; ///< base/disp value for MEM operand
81 | };
82 | } cs_xcore_op;
83 |
84 | /// Instruction structure
85 | typedef struct cs_xcore {
86 | /// Number of operands of this instruction,
87 | /// or 0 when instruction has no operand.
88 | uint8_t op_count;
89 | cs_xcore_op operands[8]; ///< operands for this instruction.
90 | } cs_xcore;
91 |
92 | /// XCore instruction
93 | typedef enum xcore_insn {
94 | XCORE_INS_INVALID = 0,
95 |
96 | XCORE_INS_ADD,
97 | XCORE_INS_ANDNOT,
98 | XCORE_INS_AND,
99 | XCORE_INS_ASHR,
100 | XCORE_INS_BAU,
101 | XCORE_INS_BITREV,
102 | XCORE_INS_BLA,
103 | XCORE_INS_BLAT,
104 | XCORE_INS_BL,
105 | XCORE_INS_BF,
106 | XCORE_INS_BT,
107 | XCORE_INS_BU,
108 | XCORE_INS_BRU,
109 | XCORE_INS_BYTEREV,
110 | XCORE_INS_CHKCT,
111 | XCORE_INS_CLRE,
112 | XCORE_INS_CLRPT,
113 | XCORE_INS_CLRSR,
114 | XCORE_INS_CLZ,
115 | XCORE_INS_CRC8,
116 | XCORE_INS_CRC32,
117 | XCORE_INS_DCALL,
118 | XCORE_INS_DENTSP,
119 | XCORE_INS_DGETREG,
120 | XCORE_INS_DIVS,
121 | XCORE_INS_DIVU,
122 | XCORE_INS_DRESTSP,
123 | XCORE_INS_DRET,
124 | XCORE_INS_ECALLF,
125 | XCORE_INS_ECALLT,
126 | XCORE_INS_EDU,
127 | XCORE_INS_EEF,
128 | XCORE_INS_EET,
129 | XCORE_INS_EEU,
130 | XCORE_INS_ENDIN,
131 | XCORE_INS_ENTSP,
132 | XCORE_INS_EQ,
133 | XCORE_INS_EXTDP,
134 | XCORE_INS_EXTSP,
135 | XCORE_INS_FREER,
136 | XCORE_INS_FREET,
137 | XCORE_INS_GETD,
138 | XCORE_INS_GET,
139 | XCORE_INS_GETN,
140 | XCORE_INS_GETR,
141 | XCORE_INS_GETSR,
142 | XCORE_INS_GETST,
143 | XCORE_INS_GETTS,
144 | XCORE_INS_INCT,
145 | XCORE_INS_INIT,
146 | XCORE_INS_INPW,
147 | XCORE_INS_INSHR,
148 | XCORE_INS_INT,
149 | XCORE_INS_IN,
150 | XCORE_INS_KCALL,
151 | XCORE_INS_KENTSP,
152 | XCORE_INS_KRESTSP,
153 | XCORE_INS_KRET,
154 | XCORE_INS_LADD,
155 | XCORE_INS_LD16S,
156 | XCORE_INS_LD8U,
157 | XCORE_INS_LDA16,
158 | XCORE_INS_LDAP,
159 | XCORE_INS_LDAW,
160 | XCORE_INS_LDC,
161 | XCORE_INS_LDW,
162 | XCORE_INS_LDIVU,
163 | XCORE_INS_LMUL,
164 | XCORE_INS_LSS,
165 | XCORE_INS_LSUB,
166 | XCORE_INS_LSU,
167 | XCORE_INS_MACCS,
168 | XCORE_INS_MACCU,
169 | XCORE_INS_MJOIN,
170 | XCORE_INS_MKMSK,
171 | XCORE_INS_MSYNC,
172 | XCORE_INS_MUL,
173 | XCORE_INS_NEG,
174 | XCORE_INS_NOT,
175 | XCORE_INS_OR,
176 | XCORE_INS_OUTCT,
177 | XCORE_INS_OUTPW,
178 | XCORE_INS_OUTSHR,
179 | XCORE_INS_OUTT,
180 | XCORE_INS_OUT,
181 | XCORE_INS_PEEK,
182 | XCORE_INS_REMS,
183 | XCORE_INS_REMU,
184 | XCORE_INS_RETSP,
185 | XCORE_INS_SETCLK,
186 | XCORE_INS_SET,
187 | XCORE_INS_SETC,
188 | XCORE_INS_SETD,
189 | XCORE_INS_SETEV,
190 | XCORE_INS_SETN,
191 | XCORE_INS_SETPSC,
192 | XCORE_INS_SETPT,
193 | XCORE_INS_SETRDY,
194 | XCORE_INS_SETSR,
195 | XCORE_INS_SETTW,
196 | XCORE_INS_SETV,
197 | XCORE_INS_SEXT,
198 | XCORE_INS_SHL,
199 | XCORE_INS_SHR,
200 | XCORE_INS_SSYNC,
201 | XCORE_INS_ST16,
202 | XCORE_INS_ST8,
203 | XCORE_INS_STW,
204 | XCORE_INS_SUB,
205 | XCORE_INS_SYNCR,
206 | XCORE_INS_TESTCT,
207 | XCORE_INS_TESTLCL,
208 | XCORE_INS_TESTWCT,
209 | XCORE_INS_TSETMR,
210 | XCORE_INS_START,
211 | XCORE_INS_WAITEF,
212 | XCORE_INS_WAITET,
213 | XCORE_INS_WAITEU,
214 | XCORE_INS_XOR,
215 | XCORE_INS_ZEXT,
216 |
217 | XCORE_INS_ENDING, // <-- mark the end of the list of instructions
218 | } xcore_insn;
219 |
220 | /// Group of XCore instructions
221 | typedef enum xcore_insn_group {
222 | XCORE_GRP_INVALID = 0, ///< = CS_GRP_INVALID
223 |
224 | // Generic groups
225 | // all jump instructions (conditional+direct+indirect jumps)
226 | XCORE_GRP_JUMP, ///< = CS_GRP_JUMP
227 |
228 | XCORE_GRP_ENDING, // <-- mark the end of the list of groups
229 | } xcore_insn_group;
230 |
231 | #ifdef __cplusplus
232 | }
233 | #endif
234 |
235 | #endif
236 |
--------------------------------------------------------------------------------
/capstonex64/include/platform.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* By Axel Souchet & Nguyen Anh Quynh, 2014 */
3 |
4 | #ifndef CAPSTONE_PLATFORM_H
5 | #define CAPSTONE_PLATFORM_H
6 |
7 | // handle C99 issue (for pre-2013 VisualStudio)
8 | #if !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
9 | // MSVC
10 |
11 | // stdbool.h
12 | #if (_MSC_VER < 1800) || defined(_KERNEL_MODE)
13 | // this system does not have stdbool.h
14 | #ifndef __cplusplus
15 | typedef unsigned char bool;
16 | #define false 0
17 | #define true 1
18 | #endif
19 |
20 | #else
21 | // VisualStudio 2013+ -> C99 is supported
22 | #include
23 | #endif
24 |
25 | #else
26 | // not MSVC -> C99 is supported
27 | #include
28 | #endif
29 |
30 |
31 | // handle C99 issue (for pre-2013 VisualStudio)
32 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
33 | // this system does not have inttypes.h
34 |
35 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
36 | // this system does not have stdint.h
37 | typedef signed char int8_t;
38 | typedef signed short int16_t;
39 | typedef signed int int32_t;
40 | typedef unsigned char uint8_t;
41 | typedef unsigned short uint16_t;
42 | typedef unsigned int uint32_t;
43 | typedef signed long long int64_t;
44 | typedef unsigned long long uint64_t;
45 |
46 | #define INT8_MIN (-127i8 - 1)
47 | #define INT16_MIN (-32767i16 - 1)
48 | #define INT32_MIN (-2147483647i32 - 1)
49 | #define INT64_MIN (-9223372036854775807i64 - 1)
50 | #define INT8_MAX 127i8
51 | #define INT16_MAX 32767i16
52 | #define INT32_MAX 2147483647i32
53 | #define INT64_MAX 9223372036854775807i64
54 | #define UINT8_MAX 0xffui8
55 | #define UINT16_MAX 0xffffui16
56 | #define UINT32_MAX 0xffffffffui32
57 | #define UINT64_MAX 0xffffffffffffffffui64
58 | #endif
59 |
60 | #define __PRI_8_LENGTH_MODIFIER__ "hh"
61 | #define __PRI_64_LENGTH_MODIFIER__ "ll"
62 |
63 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d"
64 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i"
65 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o"
66 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u"
67 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x"
68 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X"
69 |
70 | #define PRId16 "hd"
71 | #define PRIi16 "hi"
72 | #define PRIo16 "ho"
73 | #define PRIu16 "hu"
74 | #define PRIx16 "hx"
75 | #define PRIX16 "hX"
76 |
77 | #if defined(_MSC_VER) && _MSC_VER <= 1700
78 | #define PRId32 "ld"
79 | #define PRIi32 "li"
80 | #define PRIo32 "lo"
81 | #define PRIu32 "lu"
82 | #define PRIx32 "lx"
83 | #define PRIX32 "lX"
84 | #else // OSX
85 | #define PRId32 "d"
86 | #define PRIi32 "i"
87 | #define PRIo32 "o"
88 | #define PRIu32 "u"
89 | #define PRIx32 "x"
90 | #define PRIX32 "X"
91 | #endif
92 |
93 | #if defined(_MSC_VER) && _MSC_VER <= 1700
94 | // redefine functions from inttypes.h used in cstool
95 | #define strtoull _strtoui64
96 | #endif
97 |
98 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d"
99 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i"
100 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o"
101 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u"
102 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x"
103 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X"
104 |
105 | #else
106 | // this system has inttypes.h by default
107 | #include
108 | #endif
109 |
110 | #endif
111 |
--------------------------------------------------------------------------------
/capstonex64/include/windowsce/intrin.h:
--------------------------------------------------------------------------------
1 |
2 | #if defined(_MSC_VER) && defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) && !defined(__INTRIN_H_) && !defined(_INTRIN)
3 | #define _STDINT
4 |
5 | #ifdef _M_ARM
6 | #include
7 | #if (_WIN32_WCE >= 0x700) && defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__)
8 | #include
9 | #endif
10 | #endif // _M_ARM
11 |
12 | #endif
13 |
--------------------------------------------------------------------------------
/capstonex64/include/windowsce/stdint.h:
--------------------------------------------------------------------------------
1 |
2 | #if defined(_MSC_VER) && defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) && !defined(_STDINT_H_) && !defined(_STDINT)
3 | #define _STDINT
4 |
5 | typedef __int8
6 | int8_t,
7 | int_least8_t;
8 |
9 | typedef __int16
10 | int16_t,
11 | int_least16_t;
12 |
13 | typedef __int32
14 | int32_t,
15 | int_least32_t,
16 | int_fast8_t,
17 | int_fast16_t,
18 | int_fast32_t;
19 |
20 | typedef __int64
21 | int64_t,
22 | intmax_t,
23 | int_least64_t,
24 | int_fast64_t;
25 |
26 | typedef unsigned __int8
27 | uint8_t,
28 | uint_least8_t;
29 |
30 | typedef unsigned __int16
31 | uint16_t,
32 | uint_least16_t;
33 |
34 | typedef unsigned __int32
35 | uint32_t,
36 | uint_least32_t,
37 | uint_fast8_t,
38 | uint_fast16_t,
39 | uint_fast32_t;
40 |
41 | typedef unsigned __int64
42 | uint64_t,
43 | uintmax_t,
44 | uint_least64_t,
45 | uint_fast64_t;
46 |
47 | #ifndef _INTPTR_T_DEFINED
48 | #define _INTPTR_T_DEFINED
49 | typedef __int32 intptr_t;
50 | #endif
51 |
52 | #ifndef _UINTPTR_T_DEFINED
53 | #define _UINTPTR_T_DEFINED
54 | typedef unsigned __int32 uintptr_t;
55 | #endif
56 |
57 | #define INT8_MIN (-127i8 - 1)
58 | #define INT16_MIN (-32767i16 - 1)
59 | #define INT32_MIN (-2147483647i32 - 1)
60 | #define INT64_MIN (-9223372036854775807i64 - 1)
61 | #define INT8_MAX 127i8
62 | #define INT16_MAX 32767i16
63 | #define INT32_MAX 2147483647i32
64 | #define INT64_MAX 9223372036854775807i64
65 | #define UINT8_MAX 0xffui8
66 | #define UINT16_MAX 0xffffui16
67 | #define UINT32_MAX 0xffffffffui32
68 | #define UINT64_MAX 0xffffffffffffffffui64
69 |
70 | #define INT_LEAST8_MIN INT8_MIN
71 | #define INT_LEAST16_MIN INT16_MIN
72 | #define INT_LEAST32_MIN INT32_MIN
73 | #define INT_LEAST64_MIN INT64_MIN
74 | #define INT_LEAST8_MAX INT8_MAX
75 | #define INT_LEAST16_MAX INT16_MAX
76 | #define INT_LEAST32_MAX INT32_MAX
77 | #define INT_LEAST64_MAX INT64_MAX
78 | #define UINT_LEAST8_MAX UINT8_MAX
79 | #define UINT_LEAST16_MAX UINT16_MAX
80 | #define UINT_LEAST32_MAX UINT32_MAX
81 | #define UINT_LEAST64_MAX UINT64_MAX
82 |
83 | #define INT_FAST8_MIN INT8_MIN
84 | #define INT_FAST16_MIN INT32_MIN
85 | #define INT_FAST32_MIN INT32_MIN
86 | #define INT_FAST64_MIN INT64_MIN
87 | #define INT_FAST8_MAX INT8_MAX
88 | #define INT_FAST16_MAX INT32_MAX
89 | #define INT_FAST32_MAX INT32_MAX
90 | #define INT_FAST64_MAX INT64_MAX
91 | #define UINT_FAST8_MAX UINT8_MAX
92 | #define UINT_FAST16_MAX UINT32_MAX
93 | #define UINT_FAST32_MAX UINT32_MAX
94 | #define UINT_FAST64_MAX UINT64_MAX
95 |
96 | #define INTPTR_MIN INT32_MIN
97 | #define INTPTR_MAX INT32_MAX
98 | #define UINTPTR_MAX UINT32_MAX
99 |
100 | #define INTMAX_MIN INT64_MIN
101 | #define INTMAX_MAX INT64_MAX
102 | #define UINTMAX_MAX UINT64_MAX
103 |
104 | #define PTRDIFF_MIN INTPTR_MIN
105 | #define PTRDIFF_MAX INTPTR_MAX
106 |
107 | #ifndef SIZE_MAX
108 | #define SIZE_MAX UINTPTR_MAX
109 | #endif
110 |
111 | #define SIG_ATOMIC_MIN INT32_MIN
112 | #define SIG_ATOMIC_MAX INT32_MAX
113 |
114 | #define WCHAR_MIN 0x0000
115 | #define WCHAR_MAX 0xffff
116 |
117 | #define WINT_MIN 0x0000
118 | #define WINT_MAX 0xffff
119 |
120 | #define INT8_C(x) (x)
121 | #define INT16_C(x) (x)
122 | #define INT32_C(x) (x)
123 | #define INT64_C(x) (x ## LL)
124 |
125 | #define UINT8_C(x) (x)
126 | #define UINT16_C(x) (x)
127 | #define UINT32_C(x) (x ## U)
128 | #define UINT64_C(x) (x ## ULL)
129 |
130 | #define INTMAX_C(x) INT64_C(x)
131 | #define UINTMAX_C(x) UINT64_C(x)
132 |
133 | #endif
134 |
--------------------------------------------------------------------------------
/capstonex86/include/capstone/evm.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_EVM_H
2 | #define CAPSTONE_EVM_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2013-2018 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | /// Instruction structure
18 | typedef struct cs_evm {
19 | unsigned char pop; ///< number of items popped from the stack
20 | unsigned char push; ///< number of items pushed into the stack
21 | unsigned int fee; ///< gas fee for the instruction
22 | } cs_evm;
23 |
24 | /// EVM instruction
25 | typedef enum evm_insn {
26 | EVM_INS_STOP = 0,
27 | EVM_INS_ADD = 1,
28 | EVM_INS_MUL = 2,
29 | EVM_INS_SUB = 3,
30 | EVM_INS_DIV = 4,
31 | EVM_INS_SDIV = 5,
32 | EVM_INS_MOD = 6,
33 | EVM_INS_SMOD = 7,
34 | EVM_INS_ADDMOD = 8,
35 | EVM_INS_MULMOD = 9,
36 | EVM_INS_EXP = 10,
37 | EVM_INS_SIGNEXTEND = 11,
38 | EVM_INS_LT = 16,
39 | EVM_INS_GT = 17,
40 | EVM_INS_SLT = 18,
41 | EVM_INS_SGT = 19,
42 | EVM_INS_EQ = 20,
43 | EVM_INS_ISZERO = 21,
44 | EVM_INS_AND = 22,
45 | EVM_INS_OR = 23,
46 | EVM_INS_XOR = 24,
47 | EVM_INS_NOT = 25,
48 | EVM_INS_BYTE = 26,
49 | EVM_INS_SHA3 = 32,
50 | EVM_INS_ADDRESS = 48,
51 | EVM_INS_BALANCE = 49,
52 | EVM_INS_ORIGIN = 50,
53 | EVM_INS_CALLER = 51,
54 | EVM_INS_CALLVALUE = 52,
55 | EVM_INS_CALLDATALOAD = 53,
56 | EVM_INS_CALLDATASIZE = 54,
57 | EVM_INS_CALLDATACOPY = 55,
58 | EVM_INS_CODESIZE = 56,
59 | EVM_INS_CODECOPY = 57,
60 | EVM_INS_GASPRICE = 58,
61 | EVM_INS_EXTCODESIZE = 59,
62 | EVM_INS_EXTCODECOPY = 60,
63 | EVM_INS_RETURNDATASIZE = 61,
64 | EVM_INS_RETURNDATACOPY = 62,
65 | EVM_INS_BLOCKHASH = 64,
66 | EVM_INS_COINBASE = 65,
67 | EVM_INS_TIMESTAMP = 66,
68 | EVM_INS_NUMBER = 67,
69 | EVM_INS_DIFFICULTY = 68,
70 | EVM_INS_GASLIMIT = 69,
71 | EVM_INS_POP = 80,
72 | EVM_INS_MLOAD = 81,
73 | EVM_INS_MSTORE = 82,
74 | EVM_INS_MSTORE8 = 83,
75 | EVM_INS_SLOAD = 84,
76 | EVM_INS_SSTORE = 85,
77 | EVM_INS_JUMP = 86,
78 | EVM_INS_JUMPI = 87,
79 | EVM_INS_PC = 88,
80 | EVM_INS_MSIZE = 89,
81 | EVM_INS_GAS = 90,
82 | EVM_INS_JUMPDEST = 91,
83 | EVM_INS_PUSH1 = 96,
84 | EVM_INS_PUSH2 = 97,
85 | EVM_INS_PUSH3 = 98,
86 | EVM_INS_PUSH4 = 99,
87 | EVM_INS_PUSH5 = 100,
88 | EVM_INS_PUSH6 = 101,
89 | EVM_INS_PUSH7 = 102,
90 | EVM_INS_PUSH8 = 103,
91 | EVM_INS_PUSH9 = 104,
92 | EVM_INS_PUSH10 = 105,
93 | EVM_INS_PUSH11 = 106,
94 | EVM_INS_PUSH12 = 107,
95 | EVM_INS_PUSH13 = 108,
96 | EVM_INS_PUSH14 = 109,
97 | EVM_INS_PUSH15 = 110,
98 | EVM_INS_PUSH16 = 111,
99 | EVM_INS_PUSH17 = 112,
100 | EVM_INS_PUSH18 = 113,
101 | EVM_INS_PUSH19 = 114,
102 | EVM_INS_PUSH20 = 115,
103 | EVM_INS_PUSH21 = 116,
104 | EVM_INS_PUSH22 = 117,
105 | EVM_INS_PUSH23 = 118,
106 | EVM_INS_PUSH24 = 119,
107 | EVM_INS_PUSH25 = 120,
108 | EVM_INS_PUSH26 = 121,
109 | EVM_INS_PUSH27 = 122,
110 | EVM_INS_PUSH28 = 123,
111 | EVM_INS_PUSH29 = 124,
112 | EVM_INS_PUSH30 = 125,
113 | EVM_INS_PUSH31 = 126,
114 | EVM_INS_PUSH32 = 127,
115 | EVM_INS_DUP1 = 128,
116 | EVM_INS_DUP2 = 129,
117 | EVM_INS_DUP3 = 130,
118 | EVM_INS_DUP4 = 131,
119 | EVM_INS_DUP5 = 132,
120 | EVM_INS_DUP6 = 133,
121 | EVM_INS_DUP7 = 134,
122 | EVM_INS_DUP8 = 135,
123 | EVM_INS_DUP9 = 136,
124 | EVM_INS_DUP10 = 137,
125 | EVM_INS_DUP11 = 138,
126 | EVM_INS_DUP12 = 139,
127 | EVM_INS_DUP13 = 140,
128 | EVM_INS_DUP14 = 141,
129 | EVM_INS_DUP15 = 142,
130 | EVM_INS_DUP16 = 143,
131 | EVM_INS_SWAP1 = 144,
132 | EVM_INS_SWAP2 = 145,
133 | EVM_INS_SWAP3 = 146,
134 | EVM_INS_SWAP4 = 147,
135 | EVM_INS_SWAP5 = 148,
136 | EVM_INS_SWAP6 = 149,
137 | EVM_INS_SWAP7 = 150,
138 | EVM_INS_SWAP8 = 151,
139 | EVM_INS_SWAP9 = 152,
140 | EVM_INS_SWAP10 = 153,
141 | EVM_INS_SWAP11 = 154,
142 | EVM_INS_SWAP12 = 155,
143 | EVM_INS_SWAP13 = 156,
144 | EVM_INS_SWAP14 = 157,
145 | EVM_INS_SWAP15 = 158,
146 | EVM_INS_SWAP16 = 159,
147 | EVM_INS_LOG0 = 160,
148 | EVM_INS_LOG1 = 161,
149 | EVM_INS_LOG2 = 162,
150 | EVM_INS_LOG3 = 163,
151 | EVM_INS_LOG4 = 164,
152 | EVM_INS_CREATE = 240,
153 | EVM_INS_CALL = 241,
154 | EVM_INS_CALLCODE = 242,
155 | EVM_INS_RETURN = 243,
156 | EVM_INS_DELEGATECALL = 244,
157 | EVM_INS_CALLBLACKBOX = 245,
158 | EVM_INS_STATICCALL = 250,
159 | EVM_INS_REVERT = 253,
160 | EVM_INS_SUICIDE = 255,
161 |
162 | EVM_INS_INVALID = 512,
163 | EVM_INS_ENDING, // <-- mark the end of the list of instructions
164 | } evm_insn;
165 |
166 | /// Group of EVM instructions
167 | typedef enum evm_insn_group {
168 | EVM_GRP_INVALID = 0, ///< = CS_GRP_INVALID
169 |
170 | EVM_GRP_JUMP, ///< all jump instructions
171 |
172 | EVM_GRP_MATH = 8, ///< math instructions
173 | EVM_GRP_STACK_WRITE, ///< instructions write to stack
174 | EVM_GRP_STACK_READ, ///< instructions read from stack
175 | EVM_GRP_MEM_WRITE, ///< instructions write to memory
176 | EVM_GRP_MEM_READ, ///< instructions read from memory
177 | EVM_GRP_STORE_WRITE, ///< instructions write to storage
178 | EVM_GRP_STORE_READ, ///< instructions read from storage
179 | EVM_GRP_HALT, ///< instructions halt execution
180 |
181 | EVM_GRP_ENDING, ///< <-- mark the end of the list of groups
182 | } evm_insn_group;
183 |
184 | #ifdef __cplusplus
185 | }
186 | #endif
187 |
188 | #endif
189 |
--------------------------------------------------------------------------------
/capstonex86/include/capstone/platform.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* By Axel Souchet & Nguyen Anh Quynh, 2014 */
3 |
4 | #ifndef CAPSTONE_PLATFORM_H
5 | #define CAPSTONE_PLATFORM_H
6 |
7 |
8 | // handle C99 issue (for pre-2013 VisualStudio)
9 | #if !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
10 | // MSVC
11 |
12 | // stdbool.h
13 | #if (_MSC_VER < 1800) || defined(_KERNEL_MODE)
14 | // this system does not have stdbool.h
15 | #ifndef __cplusplus
16 | typedef unsigned char bool;
17 | #define false 0
18 | #define true 1
19 | #endif // __cplusplus
20 |
21 | #else
22 | // VisualStudio 2013+ -> C99 is supported
23 | #include
24 | #endif // (_MSC_VER < 1800) || defined(_KERNEL_MODE)
25 |
26 | #else
27 | // not MSVC -> C99 is supported
28 | #include
29 | #endif // !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
30 |
31 |
32 | // handle inttypes.h / stdint.h compatibility
33 | #if defined(_WIN32_WCE) && (_WIN32_WCE < 0x800)
34 | #include "windowsce/stdint.h"
35 | #endif // defined(_WIN32_WCE) && (_WIN32_WCE < 0x800)
36 |
37 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
38 | // this system does not have inttypes.h
39 |
40 | #if defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE))
41 | // this system does not have stdint.h
42 | typedef signed char int8_t;
43 | typedef signed short int16_t;
44 | typedef signed int int32_t;
45 | typedef unsigned char uint8_t;
46 | typedef unsigned short uint16_t;
47 | typedef unsigned int uint32_t;
48 | typedef signed long long int64_t;
49 | typedef unsigned long long uint64_t;
50 | #endif // defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE))
51 |
52 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
53 | #define INT8_MIN (-127i8 - 1)
54 | #define INT16_MIN (-32767i16 - 1)
55 | #define INT32_MIN (-2147483647i32 - 1)
56 | #define INT64_MIN (-9223372036854775807i64 - 1)
57 | #define INT8_MAX 127i8
58 | #define INT16_MAX 32767i16
59 | #define INT32_MAX 2147483647i32
60 | #define INT64_MAX 9223372036854775807i64
61 | #define UINT8_MAX 0xffui8
62 | #define UINT16_MAX 0xffffui16
63 | #define UINT32_MAX 0xffffffffui32
64 | #define UINT64_MAX 0xffffffffffffffffui64
65 | #endif // defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
66 |
67 | #ifdef CAPSTONE_HAS_OSXKERNEL
68 | // this system has stdint.h
69 | #include
70 | #endif
71 |
72 | #define __PRI_8_LENGTH_MODIFIER__ "hh"
73 | #define __PRI_64_LENGTH_MODIFIER__ "ll"
74 |
75 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d"
76 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i"
77 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o"
78 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u"
79 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x"
80 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X"
81 |
82 | #define PRId16 "hd"
83 | #define PRIi16 "hi"
84 | #define PRIo16 "ho"
85 | #define PRIu16 "hu"
86 | #define PRIx16 "hx"
87 | #define PRIX16 "hX"
88 |
89 | #if defined(_MSC_VER) && _MSC_VER <= 1700
90 | #define PRId32 "ld"
91 | #define PRIi32 "li"
92 | #define PRIo32 "lo"
93 | #define PRIu32 "lu"
94 | #define PRIx32 "lx"
95 | #define PRIX32 "lX"
96 | #else // OSX
97 | #define PRId32 "d"
98 | #define PRIi32 "i"
99 | #define PRIo32 "o"
100 | #define PRIu32 "u"
101 | #define PRIx32 "x"
102 | #define PRIX32 "X"
103 | #endif // defined(_MSC_VER) && _MSC_VER <= 1700
104 |
105 | #if defined(_MSC_VER) && _MSC_VER <= 1700
106 | // redefine functions from inttypes.h used in cstool
107 | #define strtoull _strtoui64
108 | #endif
109 |
110 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d"
111 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i"
112 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o"
113 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u"
114 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x"
115 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X"
116 |
117 | #else
118 | // this system has inttypes.h by default
119 | #include
120 | #endif // defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
121 |
122 | #endif
123 |
--------------------------------------------------------------------------------
/capstonex86/include/capstone/sparc.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_SPARC_H
2 | #define CAPSTONE_SPARC_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2014-2015 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | // GCC SPARC toolchain has a default macro called "sparc" which breaks
14 | // compilation
15 | #undef sparc
16 |
17 | #ifdef _MSC_VER
18 | #pragma warning(disable:4201)
19 | #endif
20 |
21 | /// Enums corresponding to Sparc condition codes, both icc's and fcc's.
22 | typedef enum sparc_cc {
23 | SPARC_CC_INVALID = 0, ///< invalid CC (default)
24 | // Integer condition codes
25 | SPARC_CC_ICC_A = 8+256, ///< Always
26 | SPARC_CC_ICC_N = 0+256, ///< Never
27 | SPARC_CC_ICC_NE = 9+256, ///< Not Equal
28 | SPARC_CC_ICC_E = 1+256, ///< Equal
29 | SPARC_CC_ICC_G = 10+256, ///< Greater
30 | SPARC_CC_ICC_LE = 2+256, ///< Less or Equal
31 | SPARC_CC_ICC_GE = 11+256, ///< Greater or Equal
32 | SPARC_CC_ICC_L = 3+256, ///< Less
33 | SPARC_CC_ICC_GU = 12+256, ///< Greater Unsigned
34 | SPARC_CC_ICC_LEU = 4+256, ///< Less or Equal Unsigned
35 | SPARC_CC_ICC_CC = 13+256, ///< Carry Clear/Great or Equal Unsigned
36 | SPARC_CC_ICC_CS = 5+256, ///< Carry Set/Less Unsigned
37 | SPARC_CC_ICC_POS = 14+256, ///< Positive
38 | SPARC_CC_ICC_NEG = 6+256, ///< Negative
39 | SPARC_CC_ICC_VC = 15+256, ///< Overflow Clear
40 | SPARC_CC_ICC_VS = 7+256, ///< Overflow Set
41 |
42 | // Floating condition codes
43 | SPARC_CC_FCC_A = 8+16+256, ///< Always
44 | SPARC_CC_FCC_N = 0+16+256, ///< Never
45 | SPARC_CC_FCC_U = 7+16+256, ///< Unordered
46 | SPARC_CC_FCC_G = 6+16+256, ///< Greater
47 | SPARC_CC_FCC_UG = 5+16+256, ///< Unordered or Greater
48 | SPARC_CC_FCC_L = 4+16+256, ///< Less
49 | SPARC_CC_FCC_UL = 3+16+256, ///< Unordered or Less
50 | SPARC_CC_FCC_LG = 2+16+256, ///< Less or Greater
51 | SPARC_CC_FCC_NE = 1+16+256, ///< Not Equal
52 | SPARC_CC_FCC_E = 9+16+256, ///< Equal
53 | SPARC_CC_FCC_UE = 10+16+256, ///< Unordered or Equal
54 | SPARC_CC_FCC_GE = 11+16+256, ///< Greater or Equal
55 | SPARC_CC_FCC_UGE = 12+16+256, ///< Unordered or Greater or Equal
56 | SPARC_CC_FCC_LE = 13+16+256, ///< Less or Equal
57 | SPARC_CC_FCC_ULE = 14+16+256, ///< Unordered or Less or Equal
58 | SPARC_CC_FCC_O = 15+16+256, ///< Ordered
59 | } sparc_cc;
60 |
61 | /// Branch hint
62 | typedef enum sparc_hint {
63 | SPARC_HINT_INVALID = 0, ///< no hint
64 | SPARC_HINT_A = 1 << 0, ///< annul delay slot instruction
65 | SPARC_HINT_PT = 1 << 1, ///< branch taken
66 | SPARC_HINT_PN = 1 << 2, ///< branch NOT taken
67 | } sparc_hint;
68 |
69 | /// Operand type for instruction's operands
70 | typedef enum sparc_op_type {
71 | SPARC_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
72 | SPARC_OP_REG, ///< = CS_OP_REG (Register operand).
73 | SPARC_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
74 | SPARC_OP_MEM, ///< = CS_OP_MEM (Memory operand).
75 | } sparc_op_type;
76 |
77 | /// SPARC registers
78 | typedef enum sparc_reg {
79 | SPARC_REG_INVALID = 0,
80 |
81 | SPARC_REG_F0,
82 | SPARC_REG_F1,
83 | SPARC_REG_F2,
84 | SPARC_REG_F3,
85 | SPARC_REG_F4,
86 | SPARC_REG_F5,
87 | SPARC_REG_F6,
88 | SPARC_REG_F7,
89 | SPARC_REG_F8,
90 | SPARC_REG_F9,
91 | SPARC_REG_F10,
92 | SPARC_REG_F11,
93 | SPARC_REG_F12,
94 | SPARC_REG_F13,
95 | SPARC_REG_F14,
96 | SPARC_REG_F15,
97 | SPARC_REG_F16,
98 | SPARC_REG_F17,
99 | SPARC_REG_F18,
100 | SPARC_REG_F19,
101 | SPARC_REG_F20,
102 | SPARC_REG_F21,
103 | SPARC_REG_F22,
104 | SPARC_REG_F23,
105 | SPARC_REG_F24,
106 | SPARC_REG_F25,
107 | SPARC_REG_F26,
108 | SPARC_REG_F27,
109 | SPARC_REG_F28,
110 | SPARC_REG_F29,
111 | SPARC_REG_F30,
112 | SPARC_REG_F31,
113 | SPARC_REG_F32,
114 | SPARC_REG_F34,
115 | SPARC_REG_F36,
116 | SPARC_REG_F38,
117 | SPARC_REG_F40,
118 | SPARC_REG_F42,
119 | SPARC_REG_F44,
120 | SPARC_REG_F46,
121 | SPARC_REG_F48,
122 | SPARC_REG_F50,
123 | SPARC_REG_F52,
124 | SPARC_REG_F54,
125 | SPARC_REG_F56,
126 | SPARC_REG_F58,
127 | SPARC_REG_F60,
128 | SPARC_REG_F62,
129 | SPARC_REG_FCC0, // Floating condition codes
130 | SPARC_REG_FCC1,
131 | SPARC_REG_FCC2,
132 | SPARC_REG_FCC3,
133 | SPARC_REG_FP,
134 | SPARC_REG_G0,
135 | SPARC_REG_G1,
136 | SPARC_REG_G2,
137 | SPARC_REG_G3,
138 | SPARC_REG_G4,
139 | SPARC_REG_G5,
140 | SPARC_REG_G6,
141 | SPARC_REG_G7,
142 | SPARC_REG_I0,
143 | SPARC_REG_I1,
144 | SPARC_REG_I2,
145 | SPARC_REG_I3,
146 | SPARC_REG_I4,
147 | SPARC_REG_I5,
148 | SPARC_REG_I7,
149 | SPARC_REG_ICC, // Integer condition codes
150 | SPARC_REG_L0,
151 | SPARC_REG_L1,
152 | SPARC_REG_L2,
153 | SPARC_REG_L3,
154 | SPARC_REG_L4,
155 | SPARC_REG_L5,
156 | SPARC_REG_L6,
157 | SPARC_REG_L7,
158 | SPARC_REG_O0,
159 | SPARC_REG_O1,
160 | SPARC_REG_O2,
161 | SPARC_REG_O3,
162 | SPARC_REG_O4,
163 | SPARC_REG_O5,
164 | SPARC_REG_O7,
165 | SPARC_REG_SP,
166 | SPARC_REG_Y,
167 |
168 | // special register
169 | SPARC_REG_XCC,
170 |
171 | SPARC_REG_ENDING, // <-- mark the end of the list of registers
172 |
173 | // extras
174 | SPARC_REG_O6 = SPARC_REG_SP,
175 | SPARC_REG_I6 = SPARC_REG_FP,
176 | } sparc_reg;
177 |
178 | /// Instruction's operand referring to memory
179 | /// This is associated with SPARC_OP_MEM operand type above
180 | typedef struct sparc_op_mem {
181 | uint8_t base; ///< base register, can be safely interpreted as
182 | ///< a value of type `sparc_reg`, but it is only
183 | ///< one byte wide
184 | uint8_t index; ///< index register, same conditions apply here
185 | int32_t disp; ///< displacement/offset value
186 | } sparc_op_mem;
187 |
188 | /// Instruction operand
189 | typedef struct cs_sparc_op {
190 | sparc_op_type type; ///< operand type
191 | union {
192 | sparc_reg reg; ///< register value for REG operand
193 | int64_t imm; ///< immediate value for IMM operand
194 | sparc_op_mem mem; ///< base/disp value for MEM operand
195 | };
196 | } cs_sparc_op;
197 |
198 | /// Instruction structure
199 | typedef struct cs_sparc {
200 | sparc_cc cc; ///< code condition for this insn
201 | sparc_hint hint; ///< branch hint: encoding as bitwise OR of sparc_hint.
202 | /// Number of operands of this instruction,
203 | /// or 0 when instruction has no operand.
204 | uint8_t op_count;
205 | cs_sparc_op operands[4]; ///< operands for this instruction.
206 | } cs_sparc;
207 |
208 | /// SPARC instruction
209 | typedef enum sparc_insn {
210 | SPARC_INS_INVALID = 0,
211 |
212 | SPARC_INS_ADDCC,
213 | SPARC_INS_ADDX,
214 | SPARC_INS_ADDXCC,
215 | SPARC_INS_ADDXC,
216 | SPARC_INS_ADDXCCC,
217 | SPARC_INS_ADD,
218 | SPARC_INS_ALIGNADDR,
219 | SPARC_INS_ALIGNADDRL,
220 | SPARC_INS_ANDCC,
221 | SPARC_INS_ANDNCC,
222 | SPARC_INS_ANDN,
223 | SPARC_INS_AND,
224 | SPARC_INS_ARRAY16,
225 | SPARC_INS_ARRAY32,
226 | SPARC_INS_ARRAY8,
227 | SPARC_INS_B,
228 | SPARC_INS_JMP,
229 | SPARC_INS_BMASK,
230 | SPARC_INS_FB,
231 | SPARC_INS_BRGEZ,
232 | SPARC_INS_BRGZ,
233 | SPARC_INS_BRLEZ,
234 | SPARC_INS_BRLZ,
235 | SPARC_INS_BRNZ,
236 | SPARC_INS_BRZ,
237 | SPARC_INS_BSHUFFLE,
238 | SPARC_INS_CALL,
239 | SPARC_INS_CASX,
240 | SPARC_INS_CAS,
241 | SPARC_INS_CMASK16,
242 | SPARC_INS_CMASK32,
243 | SPARC_INS_CMASK8,
244 | SPARC_INS_CMP,
245 | SPARC_INS_EDGE16,
246 | SPARC_INS_EDGE16L,
247 | SPARC_INS_EDGE16LN,
248 | SPARC_INS_EDGE16N,
249 | SPARC_INS_EDGE32,
250 | SPARC_INS_EDGE32L,
251 | SPARC_INS_EDGE32LN,
252 | SPARC_INS_EDGE32N,
253 | SPARC_INS_EDGE8,
254 | SPARC_INS_EDGE8L,
255 | SPARC_INS_EDGE8LN,
256 | SPARC_INS_EDGE8N,
257 | SPARC_INS_FABSD,
258 | SPARC_INS_FABSQ,
259 | SPARC_INS_FABSS,
260 | SPARC_INS_FADDD,
261 | SPARC_INS_FADDQ,
262 | SPARC_INS_FADDS,
263 | SPARC_INS_FALIGNDATA,
264 | SPARC_INS_FAND,
265 | SPARC_INS_FANDNOT1,
266 | SPARC_INS_FANDNOT1S,
267 | SPARC_INS_FANDNOT2,
268 | SPARC_INS_FANDNOT2S,
269 | SPARC_INS_FANDS,
270 | SPARC_INS_FCHKSM16,
271 | SPARC_INS_FCMPD,
272 | SPARC_INS_FCMPEQ16,
273 | SPARC_INS_FCMPEQ32,
274 | SPARC_INS_FCMPGT16,
275 | SPARC_INS_FCMPGT32,
276 | SPARC_INS_FCMPLE16,
277 | SPARC_INS_FCMPLE32,
278 | SPARC_INS_FCMPNE16,
279 | SPARC_INS_FCMPNE32,
280 | SPARC_INS_FCMPQ,
281 | SPARC_INS_FCMPS,
282 | SPARC_INS_FDIVD,
283 | SPARC_INS_FDIVQ,
284 | SPARC_INS_FDIVS,
285 | SPARC_INS_FDMULQ,
286 | SPARC_INS_FDTOI,
287 | SPARC_INS_FDTOQ,
288 | SPARC_INS_FDTOS,
289 | SPARC_INS_FDTOX,
290 | SPARC_INS_FEXPAND,
291 | SPARC_INS_FHADDD,
292 | SPARC_INS_FHADDS,
293 | SPARC_INS_FHSUBD,
294 | SPARC_INS_FHSUBS,
295 | SPARC_INS_FITOD,
296 | SPARC_INS_FITOQ,
297 | SPARC_INS_FITOS,
298 | SPARC_INS_FLCMPD,
299 | SPARC_INS_FLCMPS,
300 | SPARC_INS_FLUSHW,
301 | SPARC_INS_FMEAN16,
302 | SPARC_INS_FMOVD,
303 | SPARC_INS_FMOVQ,
304 | SPARC_INS_FMOVRDGEZ,
305 | SPARC_INS_FMOVRQGEZ,
306 | SPARC_INS_FMOVRSGEZ,
307 | SPARC_INS_FMOVRDGZ,
308 | SPARC_INS_FMOVRQGZ,
309 | SPARC_INS_FMOVRSGZ,
310 | SPARC_INS_FMOVRDLEZ,
311 | SPARC_INS_FMOVRQLEZ,
312 | SPARC_INS_FMOVRSLEZ,
313 | SPARC_INS_FMOVRDLZ,
314 | SPARC_INS_FMOVRQLZ,
315 | SPARC_INS_FMOVRSLZ,
316 | SPARC_INS_FMOVRDNZ,
317 | SPARC_INS_FMOVRQNZ,
318 | SPARC_INS_FMOVRSNZ,
319 | SPARC_INS_FMOVRDZ,
320 | SPARC_INS_FMOVRQZ,
321 | SPARC_INS_FMOVRSZ,
322 | SPARC_INS_FMOVS,
323 | SPARC_INS_FMUL8SUX16,
324 | SPARC_INS_FMUL8ULX16,
325 | SPARC_INS_FMUL8X16,
326 | SPARC_INS_FMUL8X16AL,
327 | SPARC_INS_FMUL8X16AU,
328 | SPARC_INS_FMULD,
329 | SPARC_INS_FMULD8SUX16,
330 | SPARC_INS_FMULD8ULX16,
331 | SPARC_INS_FMULQ,
332 | SPARC_INS_FMULS,
333 | SPARC_INS_FNADDD,
334 | SPARC_INS_FNADDS,
335 | SPARC_INS_FNAND,
336 | SPARC_INS_FNANDS,
337 | SPARC_INS_FNEGD,
338 | SPARC_INS_FNEGQ,
339 | SPARC_INS_FNEGS,
340 | SPARC_INS_FNHADDD,
341 | SPARC_INS_FNHADDS,
342 | SPARC_INS_FNOR,
343 | SPARC_INS_FNORS,
344 | SPARC_INS_FNOT1,
345 | SPARC_INS_FNOT1S,
346 | SPARC_INS_FNOT2,
347 | SPARC_INS_FNOT2S,
348 | SPARC_INS_FONE,
349 | SPARC_INS_FONES,
350 | SPARC_INS_FOR,
351 | SPARC_INS_FORNOT1,
352 | SPARC_INS_FORNOT1S,
353 | SPARC_INS_FORNOT2,
354 | SPARC_INS_FORNOT2S,
355 | SPARC_INS_FORS,
356 | SPARC_INS_FPACK16,
357 | SPARC_INS_FPACK32,
358 | SPARC_INS_FPACKFIX,
359 | SPARC_INS_FPADD16,
360 | SPARC_INS_FPADD16S,
361 | SPARC_INS_FPADD32,
362 | SPARC_INS_FPADD32S,
363 | SPARC_INS_FPADD64,
364 | SPARC_INS_FPMERGE,
365 | SPARC_INS_FPSUB16,
366 | SPARC_INS_FPSUB16S,
367 | SPARC_INS_FPSUB32,
368 | SPARC_INS_FPSUB32S,
369 | SPARC_INS_FQTOD,
370 | SPARC_INS_FQTOI,
371 | SPARC_INS_FQTOS,
372 | SPARC_INS_FQTOX,
373 | SPARC_INS_FSLAS16,
374 | SPARC_INS_FSLAS32,
375 | SPARC_INS_FSLL16,
376 | SPARC_INS_FSLL32,
377 | SPARC_INS_FSMULD,
378 | SPARC_INS_FSQRTD,
379 | SPARC_INS_FSQRTQ,
380 | SPARC_INS_FSQRTS,
381 | SPARC_INS_FSRA16,
382 | SPARC_INS_FSRA32,
383 | SPARC_INS_FSRC1,
384 | SPARC_INS_FSRC1S,
385 | SPARC_INS_FSRC2,
386 | SPARC_INS_FSRC2S,
387 | SPARC_INS_FSRL16,
388 | SPARC_INS_FSRL32,
389 | SPARC_INS_FSTOD,
390 | SPARC_INS_FSTOI,
391 | SPARC_INS_FSTOQ,
392 | SPARC_INS_FSTOX,
393 | SPARC_INS_FSUBD,
394 | SPARC_INS_FSUBQ,
395 | SPARC_INS_FSUBS,
396 | SPARC_INS_FXNOR,
397 | SPARC_INS_FXNORS,
398 | SPARC_INS_FXOR,
399 | SPARC_INS_FXORS,
400 | SPARC_INS_FXTOD,
401 | SPARC_INS_FXTOQ,
402 | SPARC_INS_FXTOS,
403 | SPARC_INS_FZERO,
404 | SPARC_INS_FZEROS,
405 | SPARC_INS_JMPL,
406 | SPARC_INS_LDD,
407 | SPARC_INS_LD,
408 | SPARC_INS_LDQ,
409 | SPARC_INS_LDSB,
410 | SPARC_INS_LDSH,
411 | SPARC_INS_LDSW,
412 | SPARC_INS_LDUB,
413 | SPARC_INS_LDUH,
414 | SPARC_INS_LDX,
415 | SPARC_INS_LZCNT,
416 | SPARC_INS_MEMBAR,
417 | SPARC_INS_MOVDTOX,
418 | SPARC_INS_MOV,
419 | SPARC_INS_MOVRGEZ,
420 | SPARC_INS_MOVRGZ,
421 | SPARC_INS_MOVRLEZ,
422 | SPARC_INS_MOVRLZ,
423 | SPARC_INS_MOVRNZ,
424 | SPARC_INS_MOVRZ,
425 | SPARC_INS_MOVSTOSW,
426 | SPARC_INS_MOVSTOUW,
427 | SPARC_INS_MULX,
428 | SPARC_INS_NOP,
429 | SPARC_INS_ORCC,
430 | SPARC_INS_ORNCC,
431 | SPARC_INS_ORN,
432 | SPARC_INS_OR,
433 | SPARC_INS_PDIST,
434 | SPARC_INS_PDISTN,
435 | SPARC_INS_POPC,
436 | SPARC_INS_RD,
437 | SPARC_INS_RESTORE,
438 | SPARC_INS_RETT,
439 | SPARC_INS_SAVE,
440 | SPARC_INS_SDIVCC,
441 | SPARC_INS_SDIVX,
442 | SPARC_INS_SDIV,
443 | SPARC_INS_SETHI,
444 | SPARC_INS_SHUTDOWN,
445 | SPARC_INS_SIAM,
446 | SPARC_INS_SLLX,
447 | SPARC_INS_SLL,
448 | SPARC_INS_SMULCC,
449 | SPARC_INS_SMUL,
450 | SPARC_INS_SRAX,
451 | SPARC_INS_SRA,
452 | SPARC_INS_SRLX,
453 | SPARC_INS_SRL,
454 | SPARC_INS_STBAR,
455 | SPARC_INS_STB,
456 | SPARC_INS_STD,
457 | SPARC_INS_ST,
458 | SPARC_INS_STH,
459 | SPARC_INS_STQ,
460 | SPARC_INS_STX,
461 | SPARC_INS_SUBCC,
462 | SPARC_INS_SUBX,
463 | SPARC_INS_SUBXCC,
464 | SPARC_INS_SUB,
465 | SPARC_INS_SWAP,
466 | SPARC_INS_TADDCCTV,
467 | SPARC_INS_TADDCC,
468 | SPARC_INS_T,
469 | SPARC_INS_TSUBCCTV,
470 | SPARC_INS_TSUBCC,
471 | SPARC_INS_UDIVCC,
472 | SPARC_INS_UDIVX,
473 | SPARC_INS_UDIV,
474 | SPARC_INS_UMULCC,
475 | SPARC_INS_UMULXHI,
476 | SPARC_INS_UMUL,
477 | SPARC_INS_UNIMP,
478 | SPARC_INS_FCMPED,
479 | SPARC_INS_FCMPEQ,
480 | SPARC_INS_FCMPES,
481 | SPARC_INS_WR,
482 | SPARC_INS_XMULX,
483 | SPARC_INS_XMULXHI,
484 | SPARC_INS_XNORCC,
485 | SPARC_INS_XNOR,
486 | SPARC_INS_XORCC,
487 | SPARC_INS_XOR,
488 |
489 | // alias instructions
490 | SPARC_INS_RET,
491 | SPARC_INS_RETL,
492 |
493 | SPARC_INS_ENDING, // <-- mark the end of the list of instructions
494 | } sparc_insn;
495 |
496 | /// Group of SPARC instructions
497 | typedef enum sparc_insn_group {
498 | SPARC_GRP_INVALID = 0, ///< = CS_GRP_INVALID
499 |
500 | // Generic groups
501 | // all jump instructions (conditional+direct+indirect jumps)
502 | SPARC_GRP_JUMP, ///< = CS_GRP_JUMP
503 |
504 | // Architecture-specific groups
505 | SPARC_GRP_HARDQUAD = 128,
506 | SPARC_GRP_V9,
507 | SPARC_GRP_VIS,
508 | SPARC_GRP_VIS2,
509 | SPARC_GRP_VIS3,
510 | SPARC_GRP_32BIT,
511 | SPARC_GRP_64BIT,
512 |
513 | SPARC_GRP_ENDING, // <-- mark the end of the list of groups
514 | } sparc_insn_group;
515 |
516 | #ifdef __cplusplus
517 | }
518 | #endif
519 |
520 | #endif
521 |
--------------------------------------------------------------------------------
/capstonex86/include/capstone/tms320c64x.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* TMS320C64x Backend by Fotis Loukos 2016 */
3 |
4 | #ifndef CAPSTONE_TMS320C64X_H
5 | #define CAPSTONE_TMS320C64X_H
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include
12 | #include "platform.h"
13 |
14 | #ifdef _MSC_VER
15 | #pragma warning(disable:4201)
16 | #endif
17 |
18 | typedef enum tms320c64x_op_type {
19 | TMS320C64X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
20 | TMS320C64X_OP_REG, ///< = CS_OP_REG (Register operand).
21 | TMS320C64X_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
22 | TMS320C64X_OP_MEM, ///< = CS_OP_MEM (Memory operand).
23 | TMS320C64X_OP_REGPAIR = 64, ///< Register pair for double word ops
24 | } tms320c64x_op_type;
25 |
26 | typedef enum tms320c64x_mem_disp {
27 | TMS320C64X_MEM_DISP_INVALID = 0,
28 | TMS320C64X_MEM_DISP_CONSTANT,
29 | TMS320C64X_MEM_DISP_REGISTER,
30 | } tms320c64x_mem_disp;
31 |
32 | typedef enum tms320c64x_mem_dir {
33 | TMS320C64X_MEM_DIR_INVALID = 0,
34 | TMS320C64X_MEM_DIR_FW,
35 | TMS320C64X_MEM_DIR_BW,
36 | } tms320c64x_mem_dir;
37 |
38 | typedef enum tms320c64x_mem_mod {
39 | TMS320C64X_MEM_MOD_INVALID = 0,
40 | TMS320C64X_MEM_MOD_NO,
41 | TMS320C64X_MEM_MOD_PRE,
42 | TMS320C64X_MEM_MOD_POST,
43 | } tms320c64x_mem_mod;
44 |
45 | typedef struct tms320c64x_op_mem {
46 | unsigned int base; ///< base register
47 | unsigned int disp; ///< displacement/offset value
48 | unsigned int unit; ///< unit of base and offset register
49 | unsigned int scaled; ///< offset scaled
50 | unsigned int disptype; ///< displacement type
51 | unsigned int direction; ///< direction
52 | unsigned int modify; ///< modification
53 | } tms320c64x_op_mem;
54 |
55 | typedef struct cs_tms320c64x_op {
56 | tms320c64x_op_type type; ///< operand type
57 | union {
58 | unsigned int reg; ///< register value for REG operand or first register for REGPAIR operand
59 | int32_t imm; ///< immediate value for IMM operand
60 | tms320c64x_op_mem mem; ///< base/disp value for MEM operand
61 | };
62 | } cs_tms320c64x_op;
63 |
64 | typedef struct cs_tms320c64x {
65 | uint8_t op_count;
66 | cs_tms320c64x_op operands[8]; ///< operands for this instruction.
67 | struct {
68 | unsigned int reg;
69 | unsigned int zero;
70 | } condition;
71 | struct {
72 | unsigned int unit;
73 | unsigned int side;
74 | unsigned int crosspath;
75 | } funit;
76 | unsigned int parallel;
77 | } cs_tms320c64x;
78 |
79 | typedef enum tms320c64x_reg {
80 | TMS320C64X_REG_INVALID = 0,
81 |
82 | TMS320C64X_REG_AMR,
83 | TMS320C64X_REG_CSR,
84 | TMS320C64X_REG_DIER,
85 | TMS320C64X_REG_DNUM,
86 | TMS320C64X_REG_ECR,
87 | TMS320C64X_REG_GFPGFR,
88 | TMS320C64X_REG_GPLYA,
89 | TMS320C64X_REG_GPLYB,
90 | TMS320C64X_REG_ICR,
91 | TMS320C64X_REG_IER,
92 | TMS320C64X_REG_IERR,
93 | TMS320C64X_REG_ILC,
94 | TMS320C64X_REG_IRP,
95 | TMS320C64X_REG_ISR,
96 | TMS320C64X_REG_ISTP,
97 | TMS320C64X_REG_ITSR,
98 | TMS320C64X_REG_NRP,
99 | TMS320C64X_REG_NTSR,
100 | TMS320C64X_REG_REP,
101 | TMS320C64X_REG_RILC,
102 | TMS320C64X_REG_SSR,
103 | TMS320C64X_REG_TSCH,
104 | TMS320C64X_REG_TSCL,
105 | TMS320C64X_REG_TSR,
106 | TMS320C64X_REG_A0,
107 | TMS320C64X_REG_A1,
108 | TMS320C64X_REG_A2,
109 | TMS320C64X_REG_A3,
110 | TMS320C64X_REG_A4,
111 | TMS320C64X_REG_A5,
112 | TMS320C64X_REG_A6,
113 | TMS320C64X_REG_A7,
114 | TMS320C64X_REG_A8,
115 | TMS320C64X_REG_A9,
116 | TMS320C64X_REG_A10,
117 | TMS320C64X_REG_A11,
118 | TMS320C64X_REG_A12,
119 | TMS320C64X_REG_A13,
120 | TMS320C64X_REG_A14,
121 | TMS320C64X_REG_A15,
122 | TMS320C64X_REG_A16,
123 | TMS320C64X_REG_A17,
124 | TMS320C64X_REG_A18,
125 | TMS320C64X_REG_A19,
126 | TMS320C64X_REG_A20,
127 | TMS320C64X_REG_A21,
128 | TMS320C64X_REG_A22,
129 | TMS320C64X_REG_A23,
130 | TMS320C64X_REG_A24,
131 | TMS320C64X_REG_A25,
132 | TMS320C64X_REG_A26,
133 | TMS320C64X_REG_A27,
134 | TMS320C64X_REG_A28,
135 | TMS320C64X_REG_A29,
136 | TMS320C64X_REG_A30,
137 | TMS320C64X_REG_A31,
138 | TMS320C64X_REG_B0,
139 | TMS320C64X_REG_B1,
140 | TMS320C64X_REG_B2,
141 | TMS320C64X_REG_B3,
142 | TMS320C64X_REG_B4,
143 | TMS320C64X_REG_B5,
144 | TMS320C64X_REG_B6,
145 | TMS320C64X_REG_B7,
146 | TMS320C64X_REG_B8,
147 | TMS320C64X_REG_B9,
148 | TMS320C64X_REG_B10,
149 | TMS320C64X_REG_B11,
150 | TMS320C64X_REG_B12,
151 | TMS320C64X_REG_B13,
152 | TMS320C64X_REG_B14,
153 | TMS320C64X_REG_B15,
154 | TMS320C64X_REG_B16,
155 | TMS320C64X_REG_B17,
156 | TMS320C64X_REG_B18,
157 | TMS320C64X_REG_B19,
158 | TMS320C64X_REG_B20,
159 | TMS320C64X_REG_B21,
160 | TMS320C64X_REG_B22,
161 | TMS320C64X_REG_B23,
162 | TMS320C64X_REG_B24,
163 | TMS320C64X_REG_B25,
164 | TMS320C64X_REG_B26,
165 | TMS320C64X_REG_B27,
166 | TMS320C64X_REG_B28,
167 | TMS320C64X_REG_B29,
168 | TMS320C64X_REG_B30,
169 | TMS320C64X_REG_B31,
170 | TMS320C64X_REG_PCE1,
171 |
172 | TMS320C64X_REG_ENDING, // <-- mark the end of the list of registers
173 |
174 | // Alias registers
175 | TMS320C64X_REG_EFR = TMS320C64X_REG_ECR,
176 | TMS320C64X_REG_IFR = TMS320C64X_REG_ISR,
177 | } tms320c64x_reg;
178 |
179 | typedef enum tms320c64x_insn {
180 | TMS320C64X_INS_INVALID = 0,
181 |
182 | TMS320C64X_INS_ABS,
183 | TMS320C64X_INS_ABS2,
184 | TMS320C64X_INS_ADD,
185 | TMS320C64X_INS_ADD2,
186 | TMS320C64X_INS_ADD4,
187 | TMS320C64X_INS_ADDAB,
188 | TMS320C64X_INS_ADDAD,
189 | TMS320C64X_INS_ADDAH,
190 | TMS320C64X_INS_ADDAW,
191 | TMS320C64X_INS_ADDK,
192 | TMS320C64X_INS_ADDKPC,
193 | TMS320C64X_INS_ADDU,
194 | TMS320C64X_INS_AND,
195 | TMS320C64X_INS_ANDN,
196 | TMS320C64X_INS_AVG2,
197 | TMS320C64X_INS_AVGU4,
198 | TMS320C64X_INS_B,
199 | TMS320C64X_INS_BDEC,
200 | TMS320C64X_INS_BITC4,
201 | TMS320C64X_INS_BNOP,
202 | TMS320C64X_INS_BPOS,
203 | TMS320C64X_INS_CLR,
204 | TMS320C64X_INS_CMPEQ,
205 | TMS320C64X_INS_CMPEQ2,
206 | TMS320C64X_INS_CMPEQ4,
207 | TMS320C64X_INS_CMPGT,
208 | TMS320C64X_INS_CMPGT2,
209 | TMS320C64X_INS_CMPGTU4,
210 | TMS320C64X_INS_CMPLT,
211 | TMS320C64X_INS_CMPLTU,
212 | TMS320C64X_INS_DEAL,
213 | TMS320C64X_INS_DOTP2,
214 | TMS320C64X_INS_DOTPN2,
215 | TMS320C64X_INS_DOTPNRSU2,
216 | TMS320C64X_INS_DOTPRSU2,
217 | TMS320C64X_INS_DOTPSU4,
218 | TMS320C64X_INS_DOTPU4,
219 | TMS320C64X_INS_EXT,
220 | TMS320C64X_INS_EXTU,
221 | TMS320C64X_INS_GMPGTU,
222 | TMS320C64X_INS_GMPY4,
223 | TMS320C64X_INS_LDB,
224 | TMS320C64X_INS_LDBU,
225 | TMS320C64X_INS_LDDW,
226 | TMS320C64X_INS_LDH,
227 | TMS320C64X_INS_LDHU,
228 | TMS320C64X_INS_LDNDW,
229 | TMS320C64X_INS_LDNW,
230 | TMS320C64X_INS_LDW,
231 | TMS320C64X_INS_LMBD,
232 | TMS320C64X_INS_MAX2,
233 | TMS320C64X_INS_MAXU4,
234 | TMS320C64X_INS_MIN2,
235 | TMS320C64X_INS_MINU4,
236 | TMS320C64X_INS_MPY,
237 | TMS320C64X_INS_MPY2,
238 | TMS320C64X_INS_MPYH,
239 | TMS320C64X_INS_MPYHI,
240 | TMS320C64X_INS_MPYHIR,
241 | TMS320C64X_INS_MPYHL,
242 | TMS320C64X_INS_MPYHLU,
243 | TMS320C64X_INS_MPYHSLU,
244 | TMS320C64X_INS_MPYHSU,
245 | TMS320C64X_INS_MPYHU,
246 | TMS320C64X_INS_MPYHULS,
247 | TMS320C64X_INS_MPYHUS,
248 | TMS320C64X_INS_MPYLH,
249 | TMS320C64X_INS_MPYLHU,
250 | TMS320C64X_INS_MPYLI,
251 | TMS320C64X_INS_MPYLIR,
252 | TMS320C64X_INS_MPYLSHU,
253 | TMS320C64X_INS_MPYLUHS,
254 | TMS320C64X_INS_MPYSU,
255 | TMS320C64X_INS_MPYSU4,
256 | TMS320C64X_INS_MPYU,
257 | TMS320C64X_INS_MPYU4,
258 | TMS320C64X_INS_MPYUS,
259 | TMS320C64X_INS_MVC,
260 | TMS320C64X_INS_MVD,
261 | TMS320C64X_INS_MVK,
262 | TMS320C64X_INS_MVKL,
263 | TMS320C64X_INS_MVKLH,
264 | TMS320C64X_INS_NOP,
265 | TMS320C64X_INS_NORM,
266 | TMS320C64X_INS_OR,
267 | TMS320C64X_INS_PACK2,
268 | TMS320C64X_INS_PACKH2,
269 | TMS320C64X_INS_PACKH4,
270 | TMS320C64X_INS_PACKHL2,
271 | TMS320C64X_INS_PACKL4,
272 | TMS320C64X_INS_PACKLH2,
273 | TMS320C64X_INS_ROTL,
274 | TMS320C64X_INS_SADD,
275 | TMS320C64X_INS_SADD2,
276 | TMS320C64X_INS_SADDU4,
277 | TMS320C64X_INS_SADDUS2,
278 | TMS320C64X_INS_SAT,
279 | TMS320C64X_INS_SET,
280 | TMS320C64X_INS_SHFL,
281 | TMS320C64X_INS_SHL,
282 | TMS320C64X_INS_SHLMB,
283 | TMS320C64X_INS_SHR,
284 | TMS320C64X_INS_SHR2,
285 | TMS320C64X_INS_SHRMB,
286 | TMS320C64X_INS_SHRU,
287 | TMS320C64X_INS_SHRU2,
288 | TMS320C64X_INS_SMPY,
289 | TMS320C64X_INS_SMPY2,
290 | TMS320C64X_INS_SMPYH,
291 | TMS320C64X_INS_SMPYHL,
292 | TMS320C64X_INS_SMPYLH,
293 | TMS320C64X_INS_SPACK2,
294 | TMS320C64X_INS_SPACKU4,
295 | TMS320C64X_INS_SSHL,
296 | TMS320C64X_INS_SSHVL,
297 | TMS320C64X_INS_SSHVR,
298 | TMS320C64X_INS_SSUB,
299 | TMS320C64X_INS_STB,
300 | TMS320C64X_INS_STDW,
301 | TMS320C64X_INS_STH,
302 | TMS320C64X_INS_STNDW,
303 | TMS320C64X_INS_STNW,
304 | TMS320C64X_INS_STW,
305 | TMS320C64X_INS_SUB,
306 | TMS320C64X_INS_SUB2,
307 | TMS320C64X_INS_SUB4,
308 | TMS320C64X_INS_SUBAB,
309 | TMS320C64X_INS_SUBABS4,
310 | TMS320C64X_INS_SUBAH,
311 | TMS320C64X_INS_SUBAW,
312 | TMS320C64X_INS_SUBC,
313 | TMS320C64X_INS_SUBU,
314 | TMS320C64X_INS_SWAP4,
315 | TMS320C64X_INS_UNPKHU4,
316 | TMS320C64X_INS_UNPKLU4,
317 | TMS320C64X_INS_XOR,
318 | TMS320C64X_INS_XPND2,
319 | TMS320C64X_INS_XPND4,
320 | // Aliases
321 | TMS320C64X_INS_IDLE,
322 | TMS320C64X_INS_MV,
323 | TMS320C64X_INS_NEG,
324 | TMS320C64X_INS_NOT,
325 | TMS320C64X_INS_SWAP2,
326 | TMS320C64X_INS_ZERO,
327 |
328 | TMS320C64X_INS_ENDING, // <-- mark the end of the list of instructions
329 | } tms320c64x_insn;
330 |
331 | typedef enum tms320c64x_insn_group {
332 | TMS320C64X_GRP_INVALID = 0, ///< = CS_GRP_INVALID
333 |
334 | TMS320C64X_GRP_JUMP, ///< = CS_GRP_JUMP
335 |
336 | TMS320C64X_GRP_FUNIT_D = 128,
337 | TMS320C64X_GRP_FUNIT_L,
338 | TMS320C64X_GRP_FUNIT_M,
339 | TMS320C64X_GRP_FUNIT_S,
340 | TMS320C64X_GRP_FUNIT_NO,
341 |
342 | TMS320C64X_GRP_ENDING, // <-- mark the end of the list of groups
343 | } tms320c64x_insn_group;
344 |
345 | typedef enum tms320c64x_funit {
346 | TMS320C64X_FUNIT_INVALID = 0,
347 | TMS320C64X_FUNIT_D,
348 | TMS320C64X_FUNIT_L,
349 | TMS320C64X_FUNIT_M,
350 | TMS320C64X_FUNIT_S,
351 | TMS320C64X_FUNIT_NO
352 | } tms320c64x_funit;
353 |
354 | #ifdef __cplusplus
355 | }
356 | #endif
357 |
358 | #endif
359 |
360 |
--------------------------------------------------------------------------------
/capstonex86/include/capstone/xcore.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_XCORE_H
2 | #define CAPSTONE_XCORE_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2014-2015 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | /// Operand type for instruction's operands
18 | typedef enum xcore_op_type {
19 | XCORE_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
20 | XCORE_OP_REG, ///< = CS_OP_REG (Register operand).
21 | XCORE_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
22 | XCORE_OP_MEM, ///< = CS_OP_MEM (Memory operand).
23 | } xcore_op_type;
24 |
25 | /// XCore registers
26 | typedef enum xcore_reg {
27 | XCORE_REG_INVALID = 0,
28 |
29 | XCORE_REG_CP,
30 | XCORE_REG_DP,
31 | XCORE_REG_LR,
32 | XCORE_REG_SP,
33 | XCORE_REG_R0,
34 | XCORE_REG_R1,
35 | XCORE_REG_R2,
36 | XCORE_REG_R3,
37 | XCORE_REG_R4,
38 | XCORE_REG_R5,
39 | XCORE_REG_R6,
40 | XCORE_REG_R7,
41 | XCORE_REG_R8,
42 | XCORE_REG_R9,
43 | XCORE_REG_R10,
44 | XCORE_REG_R11,
45 |
46 | // pseudo registers
47 | XCORE_REG_PC, ///< pc
48 |
49 | // internal thread registers
50 | // see The-XMOS-XS1-Architecture(X7879A).pdf
51 | XCORE_REG_SCP, ///< save pc
52 | XCORE_REG_SSR, //< save status
53 | XCORE_REG_ET, //< exception type
54 | XCORE_REG_ED, //< exception data
55 | XCORE_REG_SED, //< save exception data
56 | XCORE_REG_KEP, //< kernel entry pointer
57 | XCORE_REG_KSP, //< kernel stack pointer
58 | XCORE_REG_ID, //< thread ID
59 |
60 | XCORE_REG_ENDING, // <-- mark the end of the list of registers
61 | } xcore_reg;
62 |
63 | /// Instruction's operand referring to memory
64 | /// This is associated with XCORE_OP_MEM operand type above
65 | typedef struct xcore_op_mem {
66 | uint8_t base; ///< base register, can be safely interpreted as
67 | ///< a value of type `xcore_reg`, but it is only
68 | ///< one byte wide
69 | uint8_t index; ///< index register, same conditions apply here
70 | int32_t disp; ///< displacement/offset value
71 | int direct; ///< +1: forward, -1: backward
72 | } xcore_op_mem;
73 |
74 | /// Instruction operand
75 | typedef struct cs_xcore_op {
76 | xcore_op_type type; ///< operand type
77 | union {
78 | xcore_reg reg; ///< register value for REG operand
79 | int32_t imm; ///< immediate value for IMM operand
80 | xcore_op_mem mem; ///< base/disp value for MEM operand
81 | };
82 | } cs_xcore_op;
83 |
84 | /// Instruction structure
85 | typedef struct cs_xcore {
86 | /// Number of operands of this instruction,
87 | /// or 0 when instruction has no operand.
88 | uint8_t op_count;
89 | cs_xcore_op operands[8]; ///< operands for this instruction.
90 | } cs_xcore;
91 |
92 | /// XCore instruction
93 | typedef enum xcore_insn {
94 | XCORE_INS_INVALID = 0,
95 |
96 | XCORE_INS_ADD,
97 | XCORE_INS_ANDNOT,
98 | XCORE_INS_AND,
99 | XCORE_INS_ASHR,
100 | XCORE_INS_BAU,
101 | XCORE_INS_BITREV,
102 | XCORE_INS_BLA,
103 | XCORE_INS_BLAT,
104 | XCORE_INS_BL,
105 | XCORE_INS_BF,
106 | XCORE_INS_BT,
107 | XCORE_INS_BU,
108 | XCORE_INS_BRU,
109 | XCORE_INS_BYTEREV,
110 | XCORE_INS_CHKCT,
111 | XCORE_INS_CLRE,
112 | XCORE_INS_CLRPT,
113 | XCORE_INS_CLRSR,
114 | XCORE_INS_CLZ,
115 | XCORE_INS_CRC8,
116 | XCORE_INS_CRC32,
117 | XCORE_INS_DCALL,
118 | XCORE_INS_DENTSP,
119 | XCORE_INS_DGETREG,
120 | XCORE_INS_DIVS,
121 | XCORE_INS_DIVU,
122 | XCORE_INS_DRESTSP,
123 | XCORE_INS_DRET,
124 | XCORE_INS_ECALLF,
125 | XCORE_INS_ECALLT,
126 | XCORE_INS_EDU,
127 | XCORE_INS_EEF,
128 | XCORE_INS_EET,
129 | XCORE_INS_EEU,
130 | XCORE_INS_ENDIN,
131 | XCORE_INS_ENTSP,
132 | XCORE_INS_EQ,
133 | XCORE_INS_EXTDP,
134 | XCORE_INS_EXTSP,
135 | XCORE_INS_FREER,
136 | XCORE_INS_FREET,
137 | XCORE_INS_GETD,
138 | XCORE_INS_GET,
139 | XCORE_INS_GETN,
140 | XCORE_INS_GETR,
141 | XCORE_INS_GETSR,
142 | XCORE_INS_GETST,
143 | XCORE_INS_GETTS,
144 | XCORE_INS_INCT,
145 | XCORE_INS_INIT,
146 | XCORE_INS_INPW,
147 | XCORE_INS_INSHR,
148 | XCORE_INS_INT,
149 | XCORE_INS_IN,
150 | XCORE_INS_KCALL,
151 | XCORE_INS_KENTSP,
152 | XCORE_INS_KRESTSP,
153 | XCORE_INS_KRET,
154 | XCORE_INS_LADD,
155 | XCORE_INS_LD16S,
156 | XCORE_INS_LD8U,
157 | XCORE_INS_LDA16,
158 | XCORE_INS_LDAP,
159 | XCORE_INS_LDAW,
160 | XCORE_INS_LDC,
161 | XCORE_INS_LDW,
162 | XCORE_INS_LDIVU,
163 | XCORE_INS_LMUL,
164 | XCORE_INS_LSS,
165 | XCORE_INS_LSUB,
166 | XCORE_INS_LSU,
167 | XCORE_INS_MACCS,
168 | XCORE_INS_MACCU,
169 | XCORE_INS_MJOIN,
170 | XCORE_INS_MKMSK,
171 | XCORE_INS_MSYNC,
172 | XCORE_INS_MUL,
173 | XCORE_INS_NEG,
174 | XCORE_INS_NOT,
175 | XCORE_INS_OR,
176 | XCORE_INS_OUTCT,
177 | XCORE_INS_OUTPW,
178 | XCORE_INS_OUTSHR,
179 | XCORE_INS_OUTT,
180 | XCORE_INS_OUT,
181 | XCORE_INS_PEEK,
182 | XCORE_INS_REMS,
183 | XCORE_INS_REMU,
184 | XCORE_INS_RETSP,
185 | XCORE_INS_SETCLK,
186 | XCORE_INS_SET,
187 | XCORE_INS_SETC,
188 | XCORE_INS_SETD,
189 | XCORE_INS_SETEV,
190 | XCORE_INS_SETN,
191 | XCORE_INS_SETPSC,
192 | XCORE_INS_SETPT,
193 | XCORE_INS_SETRDY,
194 | XCORE_INS_SETSR,
195 | XCORE_INS_SETTW,
196 | XCORE_INS_SETV,
197 | XCORE_INS_SEXT,
198 | XCORE_INS_SHL,
199 | XCORE_INS_SHR,
200 | XCORE_INS_SSYNC,
201 | XCORE_INS_ST16,
202 | XCORE_INS_ST8,
203 | XCORE_INS_STW,
204 | XCORE_INS_SUB,
205 | XCORE_INS_SYNCR,
206 | XCORE_INS_TESTCT,
207 | XCORE_INS_TESTLCL,
208 | XCORE_INS_TESTWCT,
209 | XCORE_INS_TSETMR,
210 | XCORE_INS_START,
211 | XCORE_INS_WAITEF,
212 | XCORE_INS_WAITET,
213 | XCORE_INS_WAITEU,
214 | XCORE_INS_XOR,
215 | XCORE_INS_ZEXT,
216 |
217 | XCORE_INS_ENDING, // <-- mark the end of the list of instructions
218 | } xcore_insn;
219 |
220 | /// Group of XCore instructions
221 | typedef enum xcore_insn_group {
222 | XCORE_GRP_INVALID = 0, ///< = CS_GRP_INVALID
223 |
224 | // Generic groups
225 | // all jump instructions (conditional+direct+indirect jumps)
226 | XCORE_GRP_JUMP, ///< = CS_GRP_JUMP
227 |
228 | XCORE_GRP_ENDING, // <-- mark the end of the list of groups
229 | } xcore_insn_group;
230 |
231 | #ifdef __cplusplus
232 | }
233 | #endif
234 |
235 | #endif
236 |
--------------------------------------------------------------------------------
/capstonex86/include/platform.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* By Axel Souchet & Nguyen Anh Quynh, 2014 */
3 |
4 | #ifndef CAPSTONE_PLATFORM_H
5 | #define CAPSTONE_PLATFORM_H
6 |
7 | // handle C99 issue (for pre-2013 VisualStudio)
8 | #if !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
9 | // MSVC
10 |
11 | // stdbool.h
12 | #if (_MSC_VER < 1800) || defined(_KERNEL_MODE)
13 | // this system does not have stdbool.h
14 | #ifndef __cplusplus
15 | typedef unsigned char bool;
16 | #define false 0
17 | #define true 1
18 | #endif
19 |
20 | #else
21 | // VisualStudio 2013+ -> C99 is supported
22 | #include
23 | #endif
24 |
25 | #else
26 | // not MSVC -> C99 is supported
27 | #include
28 | #endif
29 |
30 |
31 | // handle C99 issue (for pre-2013 VisualStudio)
32 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
33 | // this system does not have inttypes.h
34 |
35 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
36 | // this system does not have stdint.h
37 | typedef signed char int8_t;
38 | typedef signed short int16_t;
39 | typedef signed int int32_t;
40 | typedef unsigned char uint8_t;
41 | typedef unsigned short uint16_t;
42 | typedef unsigned int uint32_t;
43 | typedef signed long long int64_t;
44 | typedef unsigned long long uint64_t;
45 |
46 | #define INT8_MIN (-127i8 - 1)
47 | #define INT16_MIN (-32767i16 - 1)
48 | #define INT32_MIN (-2147483647i32 - 1)
49 | #define INT64_MIN (-9223372036854775807i64 - 1)
50 | #define INT8_MAX 127i8
51 | #define INT16_MAX 32767i16
52 | #define INT32_MAX 2147483647i32
53 | #define INT64_MAX 9223372036854775807i64
54 | #define UINT8_MAX 0xffui8
55 | #define UINT16_MAX 0xffffui16
56 | #define UINT32_MAX 0xffffffffui32
57 | #define UINT64_MAX 0xffffffffffffffffui64
58 | #endif
59 |
60 | #define __PRI_8_LENGTH_MODIFIER__ "hh"
61 | #define __PRI_64_LENGTH_MODIFIER__ "ll"
62 |
63 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d"
64 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i"
65 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o"
66 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u"
67 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x"
68 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X"
69 |
70 | #define PRId16 "hd"
71 | #define PRIi16 "hi"
72 | #define PRIo16 "ho"
73 | #define PRIu16 "hu"
74 | #define PRIx16 "hx"
75 | #define PRIX16 "hX"
76 |
77 | #if defined(_MSC_VER) && _MSC_VER <= 1700
78 | #define PRId32 "ld"
79 | #define PRIi32 "li"
80 | #define PRIo32 "lo"
81 | #define PRIu32 "lu"
82 | #define PRIx32 "lx"
83 | #define PRIX32 "lX"
84 | #else // OSX
85 | #define PRId32 "d"
86 | #define PRIi32 "i"
87 | #define PRIo32 "o"
88 | #define PRIu32 "u"
89 | #define PRIx32 "x"
90 | #define PRIX32 "X"
91 | #endif
92 |
93 | #if defined(_MSC_VER) && _MSC_VER <= 1700
94 | // redefine functions from inttypes.h used in cstool
95 | #define strtoull _strtoui64
96 | #endif
97 |
98 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d"
99 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i"
100 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o"
101 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u"
102 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x"
103 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X"
104 |
105 | #else
106 | // this system has inttypes.h by default
107 | #include
108 | #endif
109 |
110 | #endif
111 |
--------------------------------------------------------------------------------
/capstonex86/include/windowsce/intrin.h:
--------------------------------------------------------------------------------
1 |
2 | #if defined(_MSC_VER) && defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) && !defined(__INTRIN_H_) && !defined(_INTRIN)
3 | #define _STDINT
4 |
5 | #ifdef _M_ARM
6 | #include
7 | #if (_WIN32_WCE >= 0x700) && defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__)
8 | #include
9 | #endif
10 | #endif // _M_ARM
11 |
12 | #endif
13 |
--------------------------------------------------------------------------------
/capstonex86/include/windowsce/stdint.h:
--------------------------------------------------------------------------------
1 |
2 | #if defined(_MSC_VER) && defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) && !defined(_STDINT_H_) && !defined(_STDINT)
3 | #define _STDINT
4 |
5 | typedef __int8
6 | int8_t,
7 | int_least8_t;
8 |
9 | typedef __int16
10 | int16_t,
11 | int_least16_t;
12 |
13 | typedef __int32
14 | int32_t,
15 | int_least32_t,
16 | int_fast8_t,
17 | int_fast16_t,
18 | int_fast32_t;
19 |
20 | typedef __int64
21 | int64_t,
22 | intmax_t,
23 | int_least64_t,
24 | int_fast64_t;
25 |
26 | typedef unsigned __int8
27 | uint8_t,
28 | uint_least8_t;
29 |
30 | typedef unsigned __int16
31 | uint16_t,
32 | uint_least16_t;
33 |
34 | typedef unsigned __int32
35 | uint32_t,
36 | uint_least32_t,
37 | uint_fast8_t,
38 | uint_fast16_t,
39 | uint_fast32_t;
40 |
41 | typedef unsigned __int64
42 | uint64_t,
43 | uintmax_t,
44 | uint_least64_t,
45 | uint_fast64_t;
46 |
47 | #ifndef _INTPTR_T_DEFINED
48 | #define _INTPTR_T_DEFINED
49 | typedef __int32 intptr_t;
50 | #endif
51 |
52 | #ifndef _UINTPTR_T_DEFINED
53 | #define _UINTPTR_T_DEFINED
54 | typedef unsigned __int32 uintptr_t;
55 | #endif
56 |
57 | #define INT8_MIN (-127i8 - 1)
58 | #define INT16_MIN (-32767i16 - 1)
59 | #define INT32_MIN (-2147483647i32 - 1)
60 | #define INT64_MIN (-9223372036854775807i64 - 1)
61 | #define INT8_MAX 127i8
62 | #define INT16_MAX 32767i16
63 | #define INT32_MAX 2147483647i32
64 | #define INT64_MAX 9223372036854775807i64
65 | #define UINT8_MAX 0xffui8
66 | #define UINT16_MAX 0xffffui16
67 | #define UINT32_MAX 0xffffffffui32
68 | #define UINT64_MAX 0xffffffffffffffffui64
69 |
70 | #define INT_LEAST8_MIN INT8_MIN
71 | #define INT_LEAST16_MIN INT16_MIN
72 | #define INT_LEAST32_MIN INT32_MIN
73 | #define INT_LEAST64_MIN INT64_MIN
74 | #define INT_LEAST8_MAX INT8_MAX
75 | #define INT_LEAST16_MAX INT16_MAX
76 | #define INT_LEAST32_MAX INT32_MAX
77 | #define INT_LEAST64_MAX INT64_MAX
78 | #define UINT_LEAST8_MAX UINT8_MAX
79 | #define UINT_LEAST16_MAX UINT16_MAX
80 | #define UINT_LEAST32_MAX UINT32_MAX
81 | #define UINT_LEAST64_MAX UINT64_MAX
82 |
83 | #define INT_FAST8_MIN INT8_MIN
84 | #define INT_FAST16_MIN INT32_MIN
85 | #define INT_FAST32_MIN INT32_MIN
86 | #define INT_FAST64_MIN INT64_MIN
87 | #define INT_FAST8_MAX INT8_MAX
88 | #define INT_FAST16_MAX INT32_MAX
89 | #define INT_FAST32_MAX INT32_MAX
90 | #define INT_FAST64_MAX INT64_MAX
91 | #define UINT_FAST8_MAX UINT8_MAX
92 | #define UINT_FAST16_MAX UINT32_MAX
93 | #define UINT_FAST32_MAX UINT32_MAX
94 | #define UINT_FAST64_MAX UINT64_MAX
95 |
96 | #define INTPTR_MIN INT32_MIN
97 | #define INTPTR_MAX INT32_MAX
98 | #define UINTPTR_MAX UINT32_MAX
99 |
100 | #define INTMAX_MIN INT64_MIN
101 | #define INTMAX_MAX INT64_MAX
102 | #define UINTMAX_MAX UINT64_MAX
103 |
104 | #define PTRDIFF_MIN INTPTR_MIN
105 | #define PTRDIFF_MAX INTPTR_MAX
106 |
107 | #ifndef SIZE_MAX
108 | #define SIZE_MAX UINTPTR_MAX
109 | #endif
110 |
111 | #define SIG_ATOMIC_MIN INT32_MIN
112 | #define SIG_ATOMIC_MAX INT32_MAX
113 |
114 | #define WCHAR_MIN 0x0000
115 | #define WCHAR_MAX 0xffff
116 |
117 | #define WINT_MIN 0x0000
118 | #define WINT_MAX 0xffff
119 |
120 | #define INT8_C(x) (x)
121 | #define INT16_C(x) (x)
122 | #define INT32_C(x) (x)
123 | #define INT64_C(x) (x ## LL)
124 |
125 | #define UINT8_C(x) (x)
126 | #define UINT16_C(x) (x)
127 | #define UINT32_C(x) (x ## U)
128 | #define UINT64_C(x) (x ## ULL)
129 |
130 | #define INTMAX_C(x) INT64_C(x)
131 | #define UINTMAX_C(x) UINT64_C(x)
132 |
133 | #endif
134 |
--------------------------------------------------------------------------------
/console_output.txt:
--------------------------------------------------------------------------------
1 | Function Address : 0x769335B0
2 | Real Function Address : 0x7651F600
3 | Function Size : 251
4 | 0x76400000: push 0x18
5 | 0x76400002: push 0x765d5ae0
6 | 0x76400007: call 0x764257c0
7 | 0x7640000c: xor ecx, ecx
8 | 0x7640000e: mov dword ptr [ebp - 0x20], ecx
9 | 0x76400011: mov dword ptr [ebp - 0x1c], ecx
10 | 0x76400014: mov esi, dword ptr [ebp + 0x14]
11 | 0x76400017: test esi, esi
12 | 0x76400019: je 0x7640001d
13 | 0x7640001b: mov dword ptr [esi], ecx
14 | 0x7640001d: mov edi, dword ptr [ebp + 8]
15 | 0x76400020: cmp edi, -0xc
16 | 0x76400023: je 0x76431ce8
17 | 0x76400029: cmp edi, -0xb
18 | 0x7640002c: je 0x76431cd7
19 | 0x76400032: cmp edi, -0xa
20 | 0x76400035: je 0x76431cc6
21 | 0x7640003b: mov ebx, dword ptr [ebp + 0x18]
22 | 0x7640003e: push ecx
23 | 0x7640003f: test ebx, ebx
24 | 0x76400041: je 0x764000a7
25 | 0x76400043: mov dword ptr [ebx], 0x103
26 | 0x76400049: mov eax, dword ptr [ebx + 8]
27 | 0x7640004c: mov dword ptr [ebp - 0x28], eax
28 | 0x7640004f: mov eax, dword ptr [ebx + 0xc]
29 | 0x76400052: mov dword ptr [ebp - 0x24], eax
30 | 0x76400055: lea eax, [ebp - 0x28]
31 | 0x76400058: push eax
32 | 0x76400059: push dword ptr [ebp + 0x10]
33 | 0x7640005c: push dword ptr [ebp + 0xc]
34 | 0x7640005f: push ebx
35 | 0x76400060: mov eax, dword ptr [ebx + 0x10]
36 | 0x76400063: and al, 1
37 | 0x76400065: movzx eax, al
38 | 0x76400068: neg eax
39 | 0x7640006a: sbb eax, eax
40 | 0x7640006c: not eax
41 | 0x7640006e: and eax, ebx
42 | 0x76400070: push eax
43 | 0x76400071: push ecx
44 | 0x76400072: push dword ptr [ebx + 0x10]
45 | 0x76400075: push edi
46 | 0x76400076: call dword ptr [0x765ec7c8]
47 | 0x7640007c: mov ecx, eax
48 | 0x7640007e: mov edx, 0xc0000000
49 | 0x76400083: and ecx, edx
50 | 0x76400085: cmp eax, 0x103
51 | 0x7640008a: jne 0x764000e0
52 | 0x7640008c: mov ecx, eax
53 | 0x7640008e: call 0x76401c90
54 | 0x76400093: xor eax, eax
55 | 0x76400095: mov ecx, dword ptr [ebp - 0x10]
56 | 0x76400098: mov dword ptr fs:[0], ecx
57 | 0x7640009f: pop ecx
58 | 0x764000a0: pop edi
59 | 0x764000a1: pop esi
60 | 0x764000a2: pop ebx
61 | 0x764000a3: leave
62 | 0x764000a4: ret 0x14
63 | 0x764000a7: push ecx
64 | 0x764000a8: push dword ptr [ebp + 0x10]
65 | 0x764000ab: push dword ptr [ebp + 0xc]
66 | 0x764000ae: lea eax, [ebp - 0x20]
67 | 0x764000b1: push eax
68 | 0x764000b2: push ecx
69 | 0x764000b3: push ecx
70 | 0x764000b4: push ecx
71 | 0x764000b5: push edi
72 | 0x764000b6: call dword ptr [0x765ec7c8]
73 | 0x764000bc: mov ecx, eax
74 | 0x764000be: cmp ecx, 0x103
75 | 0x764000c4: je 0x76431d1a
76 | 0x764000ca: test ecx, ecx
77 | 0x764000cc: js 0x76431d33
78 | 0x764000d2: test esi, esi
79 | 0x764000d4: je 0x764000db
80 | 0x764000d6: mov eax, dword ptr [ebp - 0x1c]
81 | 0x764000d9: mov dword ptr [esi], eax
82 | 0x764000db: xor eax, eax
83 | 0x764000dd: inc eax
84 | 0x764000de: jmp 0x76400095
85 | 0x764000e0: cmp ecx, edx
86 | 0x764000e2: je 0x7640008c
87 | 0x764000e4: test esi, esi
88 | 0x764000e6: je 0x764000db
89 | 0x764000e8: and dword ptr [ebp - 4], 0
90 | 0x764000ec: mov eax, dword ptr [ebx + 4]
91 | 0x764000ef: mov dword ptr [esi], eax
92 | 0x764000f1: mov dword ptr [ebp - 4], 0xfffffffe
93 | 0x764000f8: jmp 0x764000db
94 | Function Size : 251
95 | Original Write File lpBuffer : API HOOKING
96 | ON WINDOWS 10 :)
97 |
98 |
--------------------------------------------------------------------------------
/csinclude/capstone.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CaptanMoss/API-Hooking-on-Windows10/73b6d12d47a58721f17165f2ed3eaa183004a6d0/csinclude/capstone.lib
--------------------------------------------------------------------------------
/csinclude/capstone/evm.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_EVM_H
2 | #define CAPSTONE_EVM_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2013-2018 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | /// Instruction structure
18 | typedef struct cs_evm {
19 | unsigned char pop; ///< number of items popped from the stack
20 | unsigned char push; ///< number of items pushed into the stack
21 | unsigned int fee; ///< gas fee for the instruction
22 | } cs_evm;
23 |
24 | /// EVM instruction
25 | typedef enum evm_insn {
26 | EVM_INS_STOP = 0,
27 | EVM_INS_ADD = 1,
28 | EVM_INS_MUL = 2,
29 | EVM_INS_SUB = 3,
30 | EVM_INS_DIV = 4,
31 | EVM_INS_SDIV = 5,
32 | EVM_INS_MOD = 6,
33 | EVM_INS_SMOD = 7,
34 | EVM_INS_ADDMOD = 8,
35 | EVM_INS_MULMOD = 9,
36 | EVM_INS_EXP = 10,
37 | EVM_INS_SIGNEXTEND = 11,
38 | EVM_INS_LT = 16,
39 | EVM_INS_GT = 17,
40 | EVM_INS_SLT = 18,
41 | EVM_INS_SGT = 19,
42 | EVM_INS_EQ = 20,
43 | EVM_INS_ISZERO = 21,
44 | EVM_INS_AND = 22,
45 | EVM_INS_OR = 23,
46 | EVM_INS_XOR = 24,
47 | EVM_INS_NOT = 25,
48 | EVM_INS_BYTE = 26,
49 | EVM_INS_SHA3 = 32,
50 | EVM_INS_ADDRESS = 48,
51 | EVM_INS_BALANCE = 49,
52 | EVM_INS_ORIGIN = 50,
53 | EVM_INS_CALLER = 51,
54 | EVM_INS_CALLVALUE = 52,
55 | EVM_INS_CALLDATALOAD = 53,
56 | EVM_INS_CALLDATASIZE = 54,
57 | EVM_INS_CALLDATACOPY = 55,
58 | EVM_INS_CODESIZE = 56,
59 | EVM_INS_CODECOPY = 57,
60 | EVM_INS_GASPRICE = 58,
61 | EVM_INS_EXTCODESIZE = 59,
62 | EVM_INS_EXTCODECOPY = 60,
63 | EVM_INS_RETURNDATASIZE = 61,
64 | EVM_INS_RETURNDATACOPY = 62,
65 | EVM_INS_BLOCKHASH = 64,
66 | EVM_INS_COINBASE = 65,
67 | EVM_INS_TIMESTAMP = 66,
68 | EVM_INS_NUMBER = 67,
69 | EVM_INS_DIFFICULTY = 68,
70 | EVM_INS_GASLIMIT = 69,
71 | EVM_INS_POP = 80,
72 | EVM_INS_MLOAD = 81,
73 | EVM_INS_MSTORE = 82,
74 | EVM_INS_MSTORE8 = 83,
75 | EVM_INS_SLOAD = 84,
76 | EVM_INS_SSTORE = 85,
77 | EVM_INS_JUMP = 86,
78 | EVM_INS_JUMPI = 87,
79 | EVM_INS_PC = 88,
80 | EVM_INS_MSIZE = 89,
81 | EVM_INS_GAS = 90,
82 | EVM_INS_JUMPDEST = 91,
83 | EVM_INS_PUSH1 = 96,
84 | EVM_INS_PUSH2 = 97,
85 | EVM_INS_PUSH3 = 98,
86 | EVM_INS_PUSH4 = 99,
87 | EVM_INS_PUSH5 = 100,
88 | EVM_INS_PUSH6 = 101,
89 | EVM_INS_PUSH7 = 102,
90 | EVM_INS_PUSH8 = 103,
91 | EVM_INS_PUSH9 = 104,
92 | EVM_INS_PUSH10 = 105,
93 | EVM_INS_PUSH11 = 106,
94 | EVM_INS_PUSH12 = 107,
95 | EVM_INS_PUSH13 = 108,
96 | EVM_INS_PUSH14 = 109,
97 | EVM_INS_PUSH15 = 110,
98 | EVM_INS_PUSH16 = 111,
99 | EVM_INS_PUSH17 = 112,
100 | EVM_INS_PUSH18 = 113,
101 | EVM_INS_PUSH19 = 114,
102 | EVM_INS_PUSH20 = 115,
103 | EVM_INS_PUSH21 = 116,
104 | EVM_INS_PUSH22 = 117,
105 | EVM_INS_PUSH23 = 118,
106 | EVM_INS_PUSH24 = 119,
107 | EVM_INS_PUSH25 = 120,
108 | EVM_INS_PUSH26 = 121,
109 | EVM_INS_PUSH27 = 122,
110 | EVM_INS_PUSH28 = 123,
111 | EVM_INS_PUSH29 = 124,
112 | EVM_INS_PUSH30 = 125,
113 | EVM_INS_PUSH31 = 126,
114 | EVM_INS_PUSH32 = 127,
115 | EVM_INS_DUP1 = 128,
116 | EVM_INS_DUP2 = 129,
117 | EVM_INS_DUP3 = 130,
118 | EVM_INS_DUP4 = 131,
119 | EVM_INS_DUP5 = 132,
120 | EVM_INS_DUP6 = 133,
121 | EVM_INS_DUP7 = 134,
122 | EVM_INS_DUP8 = 135,
123 | EVM_INS_DUP9 = 136,
124 | EVM_INS_DUP10 = 137,
125 | EVM_INS_DUP11 = 138,
126 | EVM_INS_DUP12 = 139,
127 | EVM_INS_DUP13 = 140,
128 | EVM_INS_DUP14 = 141,
129 | EVM_INS_DUP15 = 142,
130 | EVM_INS_DUP16 = 143,
131 | EVM_INS_SWAP1 = 144,
132 | EVM_INS_SWAP2 = 145,
133 | EVM_INS_SWAP3 = 146,
134 | EVM_INS_SWAP4 = 147,
135 | EVM_INS_SWAP5 = 148,
136 | EVM_INS_SWAP6 = 149,
137 | EVM_INS_SWAP7 = 150,
138 | EVM_INS_SWAP8 = 151,
139 | EVM_INS_SWAP9 = 152,
140 | EVM_INS_SWAP10 = 153,
141 | EVM_INS_SWAP11 = 154,
142 | EVM_INS_SWAP12 = 155,
143 | EVM_INS_SWAP13 = 156,
144 | EVM_INS_SWAP14 = 157,
145 | EVM_INS_SWAP15 = 158,
146 | EVM_INS_SWAP16 = 159,
147 | EVM_INS_LOG0 = 160,
148 | EVM_INS_LOG1 = 161,
149 | EVM_INS_LOG2 = 162,
150 | EVM_INS_LOG3 = 163,
151 | EVM_INS_LOG4 = 164,
152 | EVM_INS_CREATE = 240,
153 | EVM_INS_CALL = 241,
154 | EVM_INS_CALLCODE = 242,
155 | EVM_INS_RETURN = 243,
156 | EVM_INS_DELEGATECALL = 244,
157 | EVM_INS_CALLBLACKBOX = 245,
158 | EVM_INS_STATICCALL = 250,
159 | EVM_INS_REVERT = 253,
160 | EVM_INS_SUICIDE = 255,
161 |
162 | EVM_INS_INVALID = 512,
163 | EVM_INS_ENDING, // <-- mark the end of the list of instructions
164 | } evm_insn;
165 |
166 | /// Group of EVM instructions
167 | typedef enum evm_insn_group {
168 | EVM_GRP_INVALID = 0, ///< = CS_GRP_INVALID
169 |
170 | EVM_GRP_JUMP, ///< all jump instructions
171 |
172 | EVM_GRP_MATH = 8, ///< math instructions
173 | EVM_GRP_STACK_WRITE, ///< instructions write to stack
174 | EVM_GRP_STACK_READ, ///< instructions read from stack
175 | EVM_GRP_MEM_WRITE, ///< instructions write to memory
176 | EVM_GRP_MEM_READ, ///< instructions read from memory
177 | EVM_GRP_STORE_WRITE, ///< instructions write to storage
178 | EVM_GRP_STORE_READ, ///< instructions read from storage
179 | EVM_GRP_HALT, ///< instructions halt execution
180 |
181 | EVM_GRP_ENDING, ///< <-- mark the end of the list of groups
182 | } evm_insn_group;
183 |
184 | #ifdef __cplusplus
185 | }
186 | #endif
187 |
188 | #endif
189 |
--------------------------------------------------------------------------------
/csinclude/capstone/m680x.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_M680X_H
2 | #define CAPSTONE_M680X_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* M680X Backend by Wolfgang Schwotzer 2017 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | #define M680X_OPERAND_COUNT 9
18 |
19 | /// M680X registers and special registers
20 | typedef enum m680x_reg {
21 | M680X_REG_INVALID = 0,
22 |
23 | M680X_REG_A, ///< M6800/1/2/3/9, HD6301/9
24 | M680X_REG_B, ///< M6800/1/2/3/9, HD6301/9
25 | M680X_REG_E, ///< HD6309
26 | M680X_REG_F, ///< HD6309
27 | M680X_REG_0, ///< HD6309
28 |
29 | M680X_REG_D, ///< M6801/3/9, HD6301/9
30 | M680X_REG_W, ///< HD6309
31 |
32 | M680X_REG_CC, ///< M6800/1/2/3/9, M6301/9
33 | M680X_REG_DP, ///< M6809/M6309
34 | M680X_REG_MD, ///< M6309
35 |
36 | M680X_REG_HX, ///< M6808
37 | M680X_REG_H, ///< M6808
38 | M680X_REG_X, ///< M6800/1/2/3/9, M6301/9
39 | M680X_REG_Y, ///< M6809/M6309
40 | M680X_REG_S, ///< M6809/M6309
41 | M680X_REG_U, ///< M6809/M6309
42 | M680X_REG_V, ///< M6309
43 |
44 | M680X_REG_Q, ///< M6309
45 |
46 | M680X_REG_PC, ///< M6800/1/2/3/9, M6301/9
47 |
48 | M680X_REG_TMP2, ///< CPU12
49 | M680X_REG_TMP3, ///< CPU12
50 |
51 | M680X_REG_ENDING, ///< <-- mark the end of the list of registers
52 | } m680x_reg;
53 |
54 | /// Operand type for instruction's operands
55 | typedef enum m680x_op_type {
56 | M680X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
57 | M680X_OP_REGISTER, ///< = Register operand.
58 | M680X_OP_IMMEDIATE, ///< = Immediate operand.
59 | M680X_OP_INDEXED, ///< = Indexed addressing operand.
60 | M680X_OP_EXTENDED, ///< = Extended addressing operand.
61 | M680X_OP_DIRECT, ///< = Direct addressing operand.
62 | M680X_OP_RELATIVE, ///< = Relative addressing operand.
63 | M680X_OP_CONSTANT, ///< = constant operand (Displayed as number only).
64 | ///< Used e.g. for a bit index or page number.
65 | } m680x_op_type;
66 |
67 | // Supported bit values for mem.idx.offset_bits
68 | #define M680X_OFFSET_NONE 0
69 | #define M680X_OFFSET_BITS_5 5
70 | #define M680X_OFFSET_BITS_8 8
71 | #define M680X_OFFSET_BITS_9 9
72 | #define M680X_OFFSET_BITS_16 16
73 |
74 | // Supported bit flags for mem.idx.flags
75 | // These flags can be combined
76 | #define M680X_IDX_INDIRECT 1
77 | #define M680X_IDX_NO_COMMA 2
78 | #define M680X_IDX_POST_INC_DEC 4
79 |
80 | /// Instruction's operand referring to indexed addressing
81 | typedef struct m680x_op_idx {
82 | m680x_reg base_reg; ///< base register (or M680X_REG_INVALID if
83 | ///< irrelevant)
84 | m680x_reg offset_reg; ///< offset register (or M680X_REG_INVALID if
85 | ///< irrelevant)
86 | int16_t offset; ///< 5-,8- or 16-bit offset. See also offset_bits.
87 | uint16_t offset_addr; ///< = offset addr. if base_reg == M680X_REG_PC.
88 | ///< calculated as offset + PC
89 | uint8_t offset_bits; ///< offset width in bits for indexed addressing
90 | int8_t inc_dec; ///< inc. or dec. value:
91 | ///< 0: no inc-/decrement
92 | ///< 1 .. 8: increment by 1 .. 8
93 | ///< -1 .. -8: decrement by 1 .. 8
94 | ///< if flag M680X_IDX_POST_INC_DEC set it is post
95 | ///< inc-/decrement otherwise pre inc-/decrement
96 | uint8_t flags; ///< 8-bit flags (see above)
97 | } m680x_op_idx;
98 |
99 | /// Instruction's memory operand referring to relative addressing (Bcc/LBcc)
100 | typedef struct m680x_op_rel {
101 | uint16_t address; ///< The absolute address.
102 | ///< calculated as PC + offset. PC is the first
103 | ///< address after the instruction.
104 | int16_t offset; ///< the offset/displacement value
105 | } m680x_op_rel;
106 |
107 | /// Instruction's operand referring to extended addressing
108 | typedef struct m680x_op_ext {
109 | uint16_t address; ///< The absolute address
110 | bool indirect; ///< true if extended indirect addressing
111 | } m680x_op_ext;
112 |
113 | /// Instruction operand
114 | typedef struct cs_m680x_op {
115 | m680x_op_type type;
116 | union {
117 | int32_t imm; ///< immediate value for IMM operand
118 | m680x_reg reg; ///< register value for REG operand
119 | m680x_op_idx idx; ///< Indexed addressing operand
120 | m680x_op_rel rel; ///< Relative address. operand (Bcc/LBcc)
121 | m680x_op_ext ext; ///< Extended address
122 | uint8_t direct_addr; ///< C99 is supported
23 | #include
24 | #endif // (_MSC_VER < 1800) || defined(_KERNEL_MODE)
25 |
26 | #else
27 | // not MSVC -> C99 is supported
28 | #include
29 | #endif // !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
30 |
31 |
32 | // handle inttypes.h / stdint.h compatibility
33 | #if defined(_WIN32_WCE) && (_WIN32_WCE < 0x800)
34 | #include "windowsce/stdint.h"
35 | #endif // defined(_WIN32_WCE) && (_WIN32_WCE < 0x800)
36 |
37 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
38 | // this system does not have inttypes.h
39 |
40 | #if defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE))
41 | // this system does not have stdint.h
42 | typedef signed char int8_t;
43 | typedef signed short int16_t;
44 | typedef signed int int32_t;
45 | typedef unsigned char uint8_t;
46 | typedef unsigned short uint16_t;
47 | typedef unsigned int uint32_t;
48 | typedef signed long long int64_t;
49 | typedef unsigned long long uint64_t;
50 | #endif // defined(_MSC_VER) && (_MSC_VER <= 1600 || defined(_KERNEL_MODE))
51 |
52 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
53 | #define INT8_MIN (-127i8 - 1)
54 | #define INT16_MIN (-32767i16 - 1)
55 | #define INT32_MIN (-2147483647i32 - 1)
56 | #define INT64_MIN (-9223372036854775807i64 - 1)
57 | #define INT8_MAX 127i8
58 | #define INT16_MAX 32767i16
59 | #define INT32_MAX 2147483647i32
60 | #define INT64_MAX 9223372036854775807i64
61 | #define UINT8_MAX 0xffui8
62 | #define UINT16_MAX 0xffffui16
63 | #define UINT32_MAX 0xffffffffui32
64 | #define UINT64_MAX 0xffffffffffffffffui64
65 | #endif // defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
66 |
67 | #ifdef CAPSTONE_HAS_OSXKERNEL
68 | // this system has stdint.h
69 | #include
70 | #endif
71 |
72 | #define __PRI_8_LENGTH_MODIFIER__ "hh"
73 | #define __PRI_64_LENGTH_MODIFIER__ "ll"
74 |
75 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d"
76 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i"
77 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o"
78 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u"
79 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x"
80 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X"
81 |
82 | #define PRId16 "hd"
83 | #define PRIi16 "hi"
84 | #define PRIo16 "ho"
85 | #define PRIu16 "hu"
86 | #define PRIx16 "hx"
87 | #define PRIX16 "hX"
88 |
89 | #if defined(_MSC_VER) && _MSC_VER <= 1700
90 | #define PRId32 "ld"
91 | #define PRIi32 "li"
92 | #define PRIo32 "lo"
93 | #define PRIu32 "lu"
94 | #define PRIx32 "lx"
95 | #define PRIX32 "lX"
96 | #else // OSX
97 | #define PRId32 "d"
98 | #define PRIi32 "i"
99 | #define PRIo32 "o"
100 | #define PRIu32 "u"
101 | #define PRIx32 "x"
102 | #define PRIX32 "X"
103 | #endif // defined(_MSC_VER) && _MSC_VER <= 1700
104 |
105 | #if defined(_MSC_VER) && _MSC_VER <= 1700
106 | // redefine functions from inttypes.h used in cstool
107 | #define strtoull _strtoui64
108 | #endif
109 |
110 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d"
111 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i"
112 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o"
113 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u"
114 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x"
115 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X"
116 |
117 | #else
118 | // this system has inttypes.h by default
119 | #include
120 | #endif // defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
121 |
122 | #endif
123 |
--------------------------------------------------------------------------------
/csinclude/capstone/sparc.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_SPARC_H
2 | #define CAPSTONE_SPARC_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2014-2015 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | // GCC SPARC toolchain has a default macro called "sparc" which breaks
14 | // compilation
15 | #undef sparc
16 |
17 | #ifdef _MSC_VER
18 | #pragma warning(disable:4201)
19 | #endif
20 |
21 | /// Enums corresponding to Sparc condition codes, both icc's and fcc's.
22 | typedef enum sparc_cc {
23 | SPARC_CC_INVALID = 0, ///< invalid CC (default)
24 | // Integer condition codes
25 | SPARC_CC_ICC_A = 8+256, ///< Always
26 | SPARC_CC_ICC_N = 0+256, ///< Never
27 | SPARC_CC_ICC_NE = 9+256, ///< Not Equal
28 | SPARC_CC_ICC_E = 1+256, ///< Equal
29 | SPARC_CC_ICC_G = 10+256, ///< Greater
30 | SPARC_CC_ICC_LE = 2+256, ///< Less or Equal
31 | SPARC_CC_ICC_GE = 11+256, ///< Greater or Equal
32 | SPARC_CC_ICC_L = 3+256, ///< Less
33 | SPARC_CC_ICC_GU = 12+256, ///< Greater Unsigned
34 | SPARC_CC_ICC_LEU = 4+256, ///< Less or Equal Unsigned
35 | SPARC_CC_ICC_CC = 13+256, ///< Carry Clear/Great or Equal Unsigned
36 | SPARC_CC_ICC_CS = 5+256, ///< Carry Set/Less Unsigned
37 | SPARC_CC_ICC_POS = 14+256, ///< Positive
38 | SPARC_CC_ICC_NEG = 6+256, ///< Negative
39 | SPARC_CC_ICC_VC = 15+256, ///< Overflow Clear
40 | SPARC_CC_ICC_VS = 7+256, ///< Overflow Set
41 |
42 | // Floating condition codes
43 | SPARC_CC_FCC_A = 8+16+256, ///< Always
44 | SPARC_CC_FCC_N = 0+16+256, ///< Never
45 | SPARC_CC_FCC_U = 7+16+256, ///< Unordered
46 | SPARC_CC_FCC_G = 6+16+256, ///< Greater
47 | SPARC_CC_FCC_UG = 5+16+256, ///< Unordered or Greater
48 | SPARC_CC_FCC_L = 4+16+256, ///< Less
49 | SPARC_CC_FCC_UL = 3+16+256, ///< Unordered or Less
50 | SPARC_CC_FCC_LG = 2+16+256, ///< Less or Greater
51 | SPARC_CC_FCC_NE = 1+16+256, ///< Not Equal
52 | SPARC_CC_FCC_E = 9+16+256, ///< Equal
53 | SPARC_CC_FCC_UE = 10+16+256, ///< Unordered or Equal
54 | SPARC_CC_FCC_GE = 11+16+256, ///< Greater or Equal
55 | SPARC_CC_FCC_UGE = 12+16+256, ///< Unordered or Greater or Equal
56 | SPARC_CC_FCC_LE = 13+16+256, ///< Less or Equal
57 | SPARC_CC_FCC_ULE = 14+16+256, ///< Unordered or Less or Equal
58 | SPARC_CC_FCC_O = 15+16+256, ///< Ordered
59 | } sparc_cc;
60 |
61 | /// Branch hint
62 | typedef enum sparc_hint {
63 | SPARC_HINT_INVALID = 0, ///< no hint
64 | SPARC_HINT_A = 1 << 0, ///< annul delay slot instruction
65 | SPARC_HINT_PT = 1 << 1, ///< branch taken
66 | SPARC_HINT_PN = 1 << 2, ///< branch NOT taken
67 | } sparc_hint;
68 |
69 | /// Operand type for instruction's operands
70 | typedef enum sparc_op_type {
71 | SPARC_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
72 | SPARC_OP_REG, ///< = CS_OP_REG (Register operand).
73 | SPARC_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
74 | SPARC_OP_MEM, ///< = CS_OP_MEM (Memory operand).
75 | } sparc_op_type;
76 |
77 | /// SPARC registers
78 | typedef enum sparc_reg {
79 | SPARC_REG_INVALID = 0,
80 |
81 | SPARC_REG_F0,
82 | SPARC_REG_F1,
83 | SPARC_REG_F2,
84 | SPARC_REG_F3,
85 | SPARC_REG_F4,
86 | SPARC_REG_F5,
87 | SPARC_REG_F6,
88 | SPARC_REG_F7,
89 | SPARC_REG_F8,
90 | SPARC_REG_F9,
91 | SPARC_REG_F10,
92 | SPARC_REG_F11,
93 | SPARC_REG_F12,
94 | SPARC_REG_F13,
95 | SPARC_REG_F14,
96 | SPARC_REG_F15,
97 | SPARC_REG_F16,
98 | SPARC_REG_F17,
99 | SPARC_REG_F18,
100 | SPARC_REG_F19,
101 | SPARC_REG_F20,
102 | SPARC_REG_F21,
103 | SPARC_REG_F22,
104 | SPARC_REG_F23,
105 | SPARC_REG_F24,
106 | SPARC_REG_F25,
107 | SPARC_REG_F26,
108 | SPARC_REG_F27,
109 | SPARC_REG_F28,
110 | SPARC_REG_F29,
111 | SPARC_REG_F30,
112 | SPARC_REG_F31,
113 | SPARC_REG_F32,
114 | SPARC_REG_F34,
115 | SPARC_REG_F36,
116 | SPARC_REG_F38,
117 | SPARC_REG_F40,
118 | SPARC_REG_F42,
119 | SPARC_REG_F44,
120 | SPARC_REG_F46,
121 | SPARC_REG_F48,
122 | SPARC_REG_F50,
123 | SPARC_REG_F52,
124 | SPARC_REG_F54,
125 | SPARC_REG_F56,
126 | SPARC_REG_F58,
127 | SPARC_REG_F60,
128 | SPARC_REG_F62,
129 | SPARC_REG_FCC0, // Floating condition codes
130 | SPARC_REG_FCC1,
131 | SPARC_REG_FCC2,
132 | SPARC_REG_FCC3,
133 | SPARC_REG_FP,
134 | SPARC_REG_G0,
135 | SPARC_REG_G1,
136 | SPARC_REG_G2,
137 | SPARC_REG_G3,
138 | SPARC_REG_G4,
139 | SPARC_REG_G5,
140 | SPARC_REG_G6,
141 | SPARC_REG_G7,
142 | SPARC_REG_I0,
143 | SPARC_REG_I1,
144 | SPARC_REG_I2,
145 | SPARC_REG_I3,
146 | SPARC_REG_I4,
147 | SPARC_REG_I5,
148 | SPARC_REG_I7,
149 | SPARC_REG_ICC, // Integer condition codes
150 | SPARC_REG_L0,
151 | SPARC_REG_L1,
152 | SPARC_REG_L2,
153 | SPARC_REG_L3,
154 | SPARC_REG_L4,
155 | SPARC_REG_L5,
156 | SPARC_REG_L6,
157 | SPARC_REG_L7,
158 | SPARC_REG_O0,
159 | SPARC_REG_O1,
160 | SPARC_REG_O2,
161 | SPARC_REG_O3,
162 | SPARC_REG_O4,
163 | SPARC_REG_O5,
164 | SPARC_REG_O7,
165 | SPARC_REG_SP,
166 | SPARC_REG_Y,
167 |
168 | // special register
169 | SPARC_REG_XCC,
170 |
171 | SPARC_REG_ENDING, // <-- mark the end of the list of registers
172 |
173 | // extras
174 | SPARC_REG_O6 = SPARC_REG_SP,
175 | SPARC_REG_I6 = SPARC_REG_FP,
176 | } sparc_reg;
177 |
178 | /// Instruction's operand referring to memory
179 | /// This is associated with SPARC_OP_MEM operand type above
180 | typedef struct sparc_op_mem {
181 | uint8_t base; ///< base register, can be safely interpreted as
182 | ///< a value of type `sparc_reg`, but it is only
183 | ///< one byte wide
184 | uint8_t index; ///< index register, same conditions apply here
185 | int32_t disp; ///< displacement/offset value
186 | } sparc_op_mem;
187 |
188 | /// Instruction operand
189 | typedef struct cs_sparc_op {
190 | sparc_op_type type; ///< operand type
191 | union {
192 | sparc_reg reg; ///< register value for REG operand
193 | int64_t imm; ///< immediate value for IMM operand
194 | sparc_op_mem mem; ///< base/disp value for MEM operand
195 | };
196 | } cs_sparc_op;
197 |
198 | /// Instruction structure
199 | typedef struct cs_sparc {
200 | sparc_cc cc; ///< code condition for this insn
201 | sparc_hint hint; ///< branch hint: encoding as bitwise OR of sparc_hint.
202 | /// Number of operands of this instruction,
203 | /// or 0 when instruction has no operand.
204 | uint8_t op_count;
205 | cs_sparc_op operands[4]; ///< operands for this instruction.
206 | } cs_sparc;
207 |
208 | /// SPARC instruction
209 | typedef enum sparc_insn {
210 | SPARC_INS_INVALID = 0,
211 |
212 | SPARC_INS_ADDCC,
213 | SPARC_INS_ADDX,
214 | SPARC_INS_ADDXCC,
215 | SPARC_INS_ADDXC,
216 | SPARC_INS_ADDXCCC,
217 | SPARC_INS_ADD,
218 | SPARC_INS_ALIGNADDR,
219 | SPARC_INS_ALIGNADDRL,
220 | SPARC_INS_ANDCC,
221 | SPARC_INS_ANDNCC,
222 | SPARC_INS_ANDN,
223 | SPARC_INS_AND,
224 | SPARC_INS_ARRAY16,
225 | SPARC_INS_ARRAY32,
226 | SPARC_INS_ARRAY8,
227 | SPARC_INS_B,
228 | SPARC_INS_JMP,
229 | SPARC_INS_BMASK,
230 | SPARC_INS_FB,
231 | SPARC_INS_BRGEZ,
232 | SPARC_INS_BRGZ,
233 | SPARC_INS_BRLEZ,
234 | SPARC_INS_BRLZ,
235 | SPARC_INS_BRNZ,
236 | SPARC_INS_BRZ,
237 | SPARC_INS_BSHUFFLE,
238 | SPARC_INS_CALL,
239 | SPARC_INS_CASX,
240 | SPARC_INS_CAS,
241 | SPARC_INS_CMASK16,
242 | SPARC_INS_CMASK32,
243 | SPARC_INS_CMASK8,
244 | SPARC_INS_CMP,
245 | SPARC_INS_EDGE16,
246 | SPARC_INS_EDGE16L,
247 | SPARC_INS_EDGE16LN,
248 | SPARC_INS_EDGE16N,
249 | SPARC_INS_EDGE32,
250 | SPARC_INS_EDGE32L,
251 | SPARC_INS_EDGE32LN,
252 | SPARC_INS_EDGE32N,
253 | SPARC_INS_EDGE8,
254 | SPARC_INS_EDGE8L,
255 | SPARC_INS_EDGE8LN,
256 | SPARC_INS_EDGE8N,
257 | SPARC_INS_FABSD,
258 | SPARC_INS_FABSQ,
259 | SPARC_INS_FABSS,
260 | SPARC_INS_FADDD,
261 | SPARC_INS_FADDQ,
262 | SPARC_INS_FADDS,
263 | SPARC_INS_FALIGNDATA,
264 | SPARC_INS_FAND,
265 | SPARC_INS_FANDNOT1,
266 | SPARC_INS_FANDNOT1S,
267 | SPARC_INS_FANDNOT2,
268 | SPARC_INS_FANDNOT2S,
269 | SPARC_INS_FANDS,
270 | SPARC_INS_FCHKSM16,
271 | SPARC_INS_FCMPD,
272 | SPARC_INS_FCMPEQ16,
273 | SPARC_INS_FCMPEQ32,
274 | SPARC_INS_FCMPGT16,
275 | SPARC_INS_FCMPGT32,
276 | SPARC_INS_FCMPLE16,
277 | SPARC_INS_FCMPLE32,
278 | SPARC_INS_FCMPNE16,
279 | SPARC_INS_FCMPNE32,
280 | SPARC_INS_FCMPQ,
281 | SPARC_INS_FCMPS,
282 | SPARC_INS_FDIVD,
283 | SPARC_INS_FDIVQ,
284 | SPARC_INS_FDIVS,
285 | SPARC_INS_FDMULQ,
286 | SPARC_INS_FDTOI,
287 | SPARC_INS_FDTOQ,
288 | SPARC_INS_FDTOS,
289 | SPARC_INS_FDTOX,
290 | SPARC_INS_FEXPAND,
291 | SPARC_INS_FHADDD,
292 | SPARC_INS_FHADDS,
293 | SPARC_INS_FHSUBD,
294 | SPARC_INS_FHSUBS,
295 | SPARC_INS_FITOD,
296 | SPARC_INS_FITOQ,
297 | SPARC_INS_FITOS,
298 | SPARC_INS_FLCMPD,
299 | SPARC_INS_FLCMPS,
300 | SPARC_INS_FLUSHW,
301 | SPARC_INS_FMEAN16,
302 | SPARC_INS_FMOVD,
303 | SPARC_INS_FMOVQ,
304 | SPARC_INS_FMOVRDGEZ,
305 | SPARC_INS_FMOVRQGEZ,
306 | SPARC_INS_FMOVRSGEZ,
307 | SPARC_INS_FMOVRDGZ,
308 | SPARC_INS_FMOVRQGZ,
309 | SPARC_INS_FMOVRSGZ,
310 | SPARC_INS_FMOVRDLEZ,
311 | SPARC_INS_FMOVRQLEZ,
312 | SPARC_INS_FMOVRSLEZ,
313 | SPARC_INS_FMOVRDLZ,
314 | SPARC_INS_FMOVRQLZ,
315 | SPARC_INS_FMOVRSLZ,
316 | SPARC_INS_FMOVRDNZ,
317 | SPARC_INS_FMOVRQNZ,
318 | SPARC_INS_FMOVRSNZ,
319 | SPARC_INS_FMOVRDZ,
320 | SPARC_INS_FMOVRQZ,
321 | SPARC_INS_FMOVRSZ,
322 | SPARC_INS_FMOVS,
323 | SPARC_INS_FMUL8SUX16,
324 | SPARC_INS_FMUL8ULX16,
325 | SPARC_INS_FMUL8X16,
326 | SPARC_INS_FMUL8X16AL,
327 | SPARC_INS_FMUL8X16AU,
328 | SPARC_INS_FMULD,
329 | SPARC_INS_FMULD8SUX16,
330 | SPARC_INS_FMULD8ULX16,
331 | SPARC_INS_FMULQ,
332 | SPARC_INS_FMULS,
333 | SPARC_INS_FNADDD,
334 | SPARC_INS_FNADDS,
335 | SPARC_INS_FNAND,
336 | SPARC_INS_FNANDS,
337 | SPARC_INS_FNEGD,
338 | SPARC_INS_FNEGQ,
339 | SPARC_INS_FNEGS,
340 | SPARC_INS_FNHADDD,
341 | SPARC_INS_FNHADDS,
342 | SPARC_INS_FNOR,
343 | SPARC_INS_FNORS,
344 | SPARC_INS_FNOT1,
345 | SPARC_INS_FNOT1S,
346 | SPARC_INS_FNOT2,
347 | SPARC_INS_FNOT2S,
348 | SPARC_INS_FONE,
349 | SPARC_INS_FONES,
350 | SPARC_INS_FOR,
351 | SPARC_INS_FORNOT1,
352 | SPARC_INS_FORNOT1S,
353 | SPARC_INS_FORNOT2,
354 | SPARC_INS_FORNOT2S,
355 | SPARC_INS_FORS,
356 | SPARC_INS_FPACK16,
357 | SPARC_INS_FPACK32,
358 | SPARC_INS_FPACKFIX,
359 | SPARC_INS_FPADD16,
360 | SPARC_INS_FPADD16S,
361 | SPARC_INS_FPADD32,
362 | SPARC_INS_FPADD32S,
363 | SPARC_INS_FPADD64,
364 | SPARC_INS_FPMERGE,
365 | SPARC_INS_FPSUB16,
366 | SPARC_INS_FPSUB16S,
367 | SPARC_INS_FPSUB32,
368 | SPARC_INS_FPSUB32S,
369 | SPARC_INS_FQTOD,
370 | SPARC_INS_FQTOI,
371 | SPARC_INS_FQTOS,
372 | SPARC_INS_FQTOX,
373 | SPARC_INS_FSLAS16,
374 | SPARC_INS_FSLAS32,
375 | SPARC_INS_FSLL16,
376 | SPARC_INS_FSLL32,
377 | SPARC_INS_FSMULD,
378 | SPARC_INS_FSQRTD,
379 | SPARC_INS_FSQRTQ,
380 | SPARC_INS_FSQRTS,
381 | SPARC_INS_FSRA16,
382 | SPARC_INS_FSRA32,
383 | SPARC_INS_FSRC1,
384 | SPARC_INS_FSRC1S,
385 | SPARC_INS_FSRC2,
386 | SPARC_INS_FSRC2S,
387 | SPARC_INS_FSRL16,
388 | SPARC_INS_FSRL32,
389 | SPARC_INS_FSTOD,
390 | SPARC_INS_FSTOI,
391 | SPARC_INS_FSTOQ,
392 | SPARC_INS_FSTOX,
393 | SPARC_INS_FSUBD,
394 | SPARC_INS_FSUBQ,
395 | SPARC_INS_FSUBS,
396 | SPARC_INS_FXNOR,
397 | SPARC_INS_FXNORS,
398 | SPARC_INS_FXOR,
399 | SPARC_INS_FXORS,
400 | SPARC_INS_FXTOD,
401 | SPARC_INS_FXTOQ,
402 | SPARC_INS_FXTOS,
403 | SPARC_INS_FZERO,
404 | SPARC_INS_FZEROS,
405 | SPARC_INS_JMPL,
406 | SPARC_INS_LDD,
407 | SPARC_INS_LD,
408 | SPARC_INS_LDQ,
409 | SPARC_INS_LDSB,
410 | SPARC_INS_LDSH,
411 | SPARC_INS_LDSW,
412 | SPARC_INS_LDUB,
413 | SPARC_INS_LDUH,
414 | SPARC_INS_LDX,
415 | SPARC_INS_LZCNT,
416 | SPARC_INS_MEMBAR,
417 | SPARC_INS_MOVDTOX,
418 | SPARC_INS_MOV,
419 | SPARC_INS_MOVRGEZ,
420 | SPARC_INS_MOVRGZ,
421 | SPARC_INS_MOVRLEZ,
422 | SPARC_INS_MOVRLZ,
423 | SPARC_INS_MOVRNZ,
424 | SPARC_INS_MOVRZ,
425 | SPARC_INS_MOVSTOSW,
426 | SPARC_INS_MOVSTOUW,
427 | SPARC_INS_MULX,
428 | SPARC_INS_NOP,
429 | SPARC_INS_ORCC,
430 | SPARC_INS_ORNCC,
431 | SPARC_INS_ORN,
432 | SPARC_INS_OR,
433 | SPARC_INS_PDIST,
434 | SPARC_INS_PDISTN,
435 | SPARC_INS_POPC,
436 | SPARC_INS_RD,
437 | SPARC_INS_RESTORE,
438 | SPARC_INS_RETT,
439 | SPARC_INS_SAVE,
440 | SPARC_INS_SDIVCC,
441 | SPARC_INS_SDIVX,
442 | SPARC_INS_SDIV,
443 | SPARC_INS_SETHI,
444 | SPARC_INS_SHUTDOWN,
445 | SPARC_INS_SIAM,
446 | SPARC_INS_SLLX,
447 | SPARC_INS_SLL,
448 | SPARC_INS_SMULCC,
449 | SPARC_INS_SMUL,
450 | SPARC_INS_SRAX,
451 | SPARC_INS_SRA,
452 | SPARC_INS_SRLX,
453 | SPARC_INS_SRL,
454 | SPARC_INS_STBAR,
455 | SPARC_INS_STB,
456 | SPARC_INS_STD,
457 | SPARC_INS_ST,
458 | SPARC_INS_STH,
459 | SPARC_INS_STQ,
460 | SPARC_INS_STX,
461 | SPARC_INS_SUBCC,
462 | SPARC_INS_SUBX,
463 | SPARC_INS_SUBXCC,
464 | SPARC_INS_SUB,
465 | SPARC_INS_SWAP,
466 | SPARC_INS_TADDCCTV,
467 | SPARC_INS_TADDCC,
468 | SPARC_INS_T,
469 | SPARC_INS_TSUBCCTV,
470 | SPARC_INS_TSUBCC,
471 | SPARC_INS_UDIVCC,
472 | SPARC_INS_UDIVX,
473 | SPARC_INS_UDIV,
474 | SPARC_INS_UMULCC,
475 | SPARC_INS_UMULXHI,
476 | SPARC_INS_UMUL,
477 | SPARC_INS_UNIMP,
478 | SPARC_INS_FCMPED,
479 | SPARC_INS_FCMPEQ,
480 | SPARC_INS_FCMPES,
481 | SPARC_INS_WR,
482 | SPARC_INS_XMULX,
483 | SPARC_INS_XMULXHI,
484 | SPARC_INS_XNORCC,
485 | SPARC_INS_XNOR,
486 | SPARC_INS_XORCC,
487 | SPARC_INS_XOR,
488 |
489 | // alias instructions
490 | SPARC_INS_RET,
491 | SPARC_INS_RETL,
492 |
493 | SPARC_INS_ENDING, // <-- mark the end of the list of instructions
494 | } sparc_insn;
495 |
496 | /// Group of SPARC instructions
497 | typedef enum sparc_insn_group {
498 | SPARC_GRP_INVALID = 0, ///< = CS_GRP_INVALID
499 |
500 | // Generic groups
501 | // all jump instructions (conditional+direct+indirect jumps)
502 | SPARC_GRP_JUMP, ///< = CS_GRP_JUMP
503 |
504 | // Architecture-specific groups
505 | SPARC_GRP_HARDQUAD = 128,
506 | SPARC_GRP_V9,
507 | SPARC_GRP_VIS,
508 | SPARC_GRP_VIS2,
509 | SPARC_GRP_VIS3,
510 | SPARC_GRP_32BIT,
511 | SPARC_GRP_64BIT,
512 |
513 | SPARC_GRP_ENDING, // <-- mark the end of the list of groups
514 | } sparc_insn_group;
515 |
516 | #ifdef __cplusplus
517 | }
518 | #endif
519 |
520 | #endif
521 |
--------------------------------------------------------------------------------
/csinclude/capstone/tms320c64x.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* TMS320C64x Backend by Fotis Loukos 2016 */
3 |
4 | #ifndef CAPSTONE_TMS320C64X_H
5 | #define CAPSTONE_TMS320C64X_H
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include
12 | #include "platform.h"
13 |
14 | #ifdef _MSC_VER
15 | #pragma warning(disable:4201)
16 | #endif
17 |
18 | typedef enum tms320c64x_op_type {
19 | TMS320C64X_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
20 | TMS320C64X_OP_REG, ///< = CS_OP_REG (Register operand).
21 | TMS320C64X_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
22 | TMS320C64X_OP_MEM, ///< = CS_OP_MEM (Memory operand).
23 | TMS320C64X_OP_REGPAIR = 64, ///< Register pair for double word ops
24 | } tms320c64x_op_type;
25 |
26 | typedef enum tms320c64x_mem_disp {
27 | TMS320C64X_MEM_DISP_INVALID = 0,
28 | TMS320C64X_MEM_DISP_CONSTANT,
29 | TMS320C64X_MEM_DISP_REGISTER,
30 | } tms320c64x_mem_disp;
31 |
32 | typedef enum tms320c64x_mem_dir {
33 | TMS320C64X_MEM_DIR_INVALID = 0,
34 | TMS320C64X_MEM_DIR_FW,
35 | TMS320C64X_MEM_DIR_BW,
36 | } tms320c64x_mem_dir;
37 |
38 | typedef enum tms320c64x_mem_mod {
39 | TMS320C64X_MEM_MOD_INVALID = 0,
40 | TMS320C64X_MEM_MOD_NO,
41 | TMS320C64X_MEM_MOD_PRE,
42 | TMS320C64X_MEM_MOD_POST,
43 | } tms320c64x_mem_mod;
44 |
45 | typedef struct tms320c64x_op_mem {
46 | unsigned int base; ///< base register
47 | unsigned int disp; ///< displacement/offset value
48 | unsigned int unit; ///< unit of base and offset register
49 | unsigned int scaled; ///< offset scaled
50 | unsigned int disptype; ///< displacement type
51 | unsigned int direction; ///< direction
52 | unsigned int modify; ///< modification
53 | } tms320c64x_op_mem;
54 |
55 | typedef struct cs_tms320c64x_op {
56 | tms320c64x_op_type type; ///< operand type
57 | union {
58 | unsigned int reg; ///< register value for REG operand or first register for REGPAIR operand
59 | int32_t imm; ///< immediate value for IMM operand
60 | tms320c64x_op_mem mem; ///< base/disp value for MEM operand
61 | };
62 | } cs_tms320c64x_op;
63 |
64 | typedef struct cs_tms320c64x {
65 | uint8_t op_count;
66 | cs_tms320c64x_op operands[8]; ///< operands for this instruction.
67 | struct {
68 | unsigned int reg;
69 | unsigned int zero;
70 | } condition;
71 | struct {
72 | unsigned int unit;
73 | unsigned int side;
74 | unsigned int crosspath;
75 | } funit;
76 | unsigned int parallel;
77 | } cs_tms320c64x;
78 |
79 | typedef enum tms320c64x_reg {
80 | TMS320C64X_REG_INVALID = 0,
81 |
82 | TMS320C64X_REG_AMR,
83 | TMS320C64X_REG_CSR,
84 | TMS320C64X_REG_DIER,
85 | TMS320C64X_REG_DNUM,
86 | TMS320C64X_REG_ECR,
87 | TMS320C64X_REG_GFPGFR,
88 | TMS320C64X_REG_GPLYA,
89 | TMS320C64X_REG_GPLYB,
90 | TMS320C64X_REG_ICR,
91 | TMS320C64X_REG_IER,
92 | TMS320C64X_REG_IERR,
93 | TMS320C64X_REG_ILC,
94 | TMS320C64X_REG_IRP,
95 | TMS320C64X_REG_ISR,
96 | TMS320C64X_REG_ISTP,
97 | TMS320C64X_REG_ITSR,
98 | TMS320C64X_REG_NRP,
99 | TMS320C64X_REG_NTSR,
100 | TMS320C64X_REG_REP,
101 | TMS320C64X_REG_RILC,
102 | TMS320C64X_REG_SSR,
103 | TMS320C64X_REG_TSCH,
104 | TMS320C64X_REG_TSCL,
105 | TMS320C64X_REG_TSR,
106 | TMS320C64X_REG_A0,
107 | TMS320C64X_REG_A1,
108 | TMS320C64X_REG_A2,
109 | TMS320C64X_REG_A3,
110 | TMS320C64X_REG_A4,
111 | TMS320C64X_REG_A5,
112 | TMS320C64X_REG_A6,
113 | TMS320C64X_REG_A7,
114 | TMS320C64X_REG_A8,
115 | TMS320C64X_REG_A9,
116 | TMS320C64X_REG_A10,
117 | TMS320C64X_REG_A11,
118 | TMS320C64X_REG_A12,
119 | TMS320C64X_REG_A13,
120 | TMS320C64X_REG_A14,
121 | TMS320C64X_REG_A15,
122 | TMS320C64X_REG_A16,
123 | TMS320C64X_REG_A17,
124 | TMS320C64X_REG_A18,
125 | TMS320C64X_REG_A19,
126 | TMS320C64X_REG_A20,
127 | TMS320C64X_REG_A21,
128 | TMS320C64X_REG_A22,
129 | TMS320C64X_REG_A23,
130 | TMS320C64X_REG_A24,
131 | TMS320C64X_REG_A25,
132 | TMS320C64X_REG_A26,
133 | TMS320C64X_REG_A27,
134 | TMS320C64X_REG_A28,
135 | TMS320C64X_REG_A29,
136 | TMS320C64X_REG_A30,
137 | TMS320C64X_REG_A31,
138 | TMS320C64X_REG_B0,
139 | TMS320C64X_REG_B1,
140 | TMS320C64X_REG_B2,
141 | TMS320C64X_REG_B3,
142 | TMS320C64X_REG_B4,
143 | TMS320C64X_REG_B5,
144 | TMS320C64X_REG_B6,
145 | TMS320C64X_REG_B7,
146 | TMS320C64X_REG_B8,
147 | TMS320C64X_REG_B9,
148 | TMS320C64X_REG_B10,
149 | TMS320C64X_REG_B11,
150 | TMS320C64X_REG_B12,
151 | TMS320C64X_REG_B13,
152 | TMS320C64X_REG_B14,
153 | TMS320C64X_REG_B15,
154 | TMS320C64X_REG_B16,
155 | TMS320C64X_REG_B17,
156 | TMS320C64X_REG_B18,
157 | TMS320C64X_REG_B19,
158 | TMS320C64X_REG_B20,
159 | TMS320C64X_REG_B21,
160 | TMS320C64X_REG_B22,
161 | TMS320C64X_REG_B23,
162 | TMS320C64X_REG_B24,
163 | TMS320C64X_REG_B25,
164 | TMS320C64X_REG_B26,
165 | TMS320C64X_REG_B27,
166 | TMS320C64X_REG_B28,
167 | TMS320C64X_REG_B29,
168 | TMS320C64X_REG_B30,
169 | TMS320C64X_REG_B31,
170 | TMS320C64X_REG_PCE1,
171 |
172 | TMS320C64X_REG_ENDING, // <-- mark the end of the list of registers
173 |
174 | // Alias registers
175 | TMS320C64X_REG_EFR = TMS320C64X_REG_ECR,
176 | TMS320C64X_REG_IFR = TMS320C64X_REG_ISR,
177 | } tms320c64x_reg;
178 |
179 | typedef enum tms320c64x_insn {
180 | TMS320C64X_INS_INVALID = 0,
181 |
182 | TMS320C64X_INS_ABS,
183 | TMS320C64X_INS_ABS2,
184 | TMS320C64X_INS_ADD,
185 | TMS320C64X_INS_ADD2,
186 | TMS320C64X_INS_ADD4,
187 | TMS320C64X_INS_ADDAB,
188 | TMS320C64X_INS_ADDAD,
189 | TMS320C64X_INS_ADDAH,
190 | TMS320C64X_INS_ADDAW,
191 | TMS320C64X_INS_ADDK,
192 | TMS320C64X_INS_ADDKPC,
193 | TMS320C64X_INS_ADDU,
194 | TMS320C64X_INS_AND,
195 | TMS320C64X_INS_ANDN,
196 | TMS320C64X_INS_AVG2,
197 | TMS320C64X_INS_AVGU4,
198 | TMS320C64X_INS_B,
199 | TMS320C64X_INS_BDEC,
200 | TMS320C64X_INS_BITC4,
201 | TMS320C64X_INS_BNOP,
202 | TMS320C64X_INS_BPOS,
203 | TMS320C64X_INS_CLR,
204 | TMS320C64X_INS_CMPEQ,
205 | TMS320C64X_INS_CMPEQ2,
206 | TMS320C64X_INS_CMPEQ4,
207 | TMS320C64X_INS_CMPGT,
208 | TMS320C64X_INS_CMPGT2,
209 | TMS320C64X_INS_CMPGTU4,
210 | TMS320C64X_INS_CMPLT,
211 | TMS320C64X_INS_CMPLTU,
212 | TMS320C64X_INS_DEAL,
213 | TMS320C64X_INS_DOTP2,
214 | TMS320C64X_INS_DOTPN2,
215 | TMS320C64X_INS_DOTPNRSU2,
216 | TMS320C64X_INS_DOTPRSU2,
217 | TMS320C64X_INS_DOTPSU4,
218 | TMS320C64X_INS_DOTPU4,
219 | TMS320C64X_INS_EXT,
220 | TMS320C64X_INS_EXTU,
221 | TMS320C64X_INS_GMPGTU,
222 | TMS320C64X_INS_GMPY4,
223 | TMS320C64X_INS_LDB,
224 | TMS320C64X_INS_LDBU,
225 | TMS320C64X_INS_LDDW,
226 | TMS320C64X_INS_LDH,
227 | TMS320C64X_INS_LDHU,
228 | TMS320C64X_INS_LDNDW,
229 | TMS320C64X_INS_LDNW,
230 | TMS320C64X_INS_LDW,
231 | TMS320C64X_INS_LMBD,
232 | TMS320C64X_INS_MAX2,
233 | TMS320C64X_INS_MAXU4,
234 | TMS320C64X_INS_MIN2,
235 | TMS320C64X_INS_MINU4,
236 | TMS320C64X_INS_MPY,
237 | TMS320C64X_INS_MPY2,
238 | TMS320C64X_INS_MPYH,
239 | TMS320C64X_INS_MPYHI,
240 | TMS320C64X_INS_MPYHIR,
241 | TMS320C64X_INS_MPYHL,
242 | TMS320C64X_INS_MPYHLU,
243 | TMS320C64X_INS_MPYHSLU,
244 | TMS320C64X_INS_MPYHSU,
245 | TMS320C64X_INS_MPYHU,
246 | TMS320C64X_INS_MPYHULS,
247 | TMS320C64X_INS_MPYHUS,
248 | TMS320C64X_INS_MPYLH,
249 | TMS320C64X_INS_MPYLHU,
250 | TMS320C64X_INS_MPYLI,
251 | TMS320C64X_INS_MPYLIR,
252 | TMS320C64X_INS_MPYLSHU,
253 | TMS320C64X_INS_MPYLUHS,
254 | TMS320C64X_INS_MPYSU,
255 | TMS320C64X_INS_MPYSU4,
256 | TMS320C64X_INS_MPYU,
257 | TMS320C64X_INS_MPYU4,
258 | TMS320C64X_INS_MPYUS,
259 | TMS320C64X_INS_MVC,
260 | TMS320C64X_INS_MVD,
261 | TMS320C64X_INS_MVK,
262 | TMS320C64X_INS_MVKL,
263 | TMS320C64X_INS_MVKLH,
264 | TMS320C64X_INS_NOP,
265 | TMS320C64X_INS_NORM,
266 | TMS320C64X_INS_OR,
267 | TMS320C64X_INS_PACK2,
268 | TMS320C64X_INS_PACKH2,
269 | TMS320C64X_INS_PACKH4,
270 | TMS320C64X_INS_PACKHL2,
271 | TMS320C64X_INS_PACKL4,
272 | TMS320C64X_INS_PACKLH2,
273 | TMS320C64X_INS_ROTL,
274 | TMS320C64X_INS_SADD,
275 | TMS320C64X_INS_SADD2,
276 | TMS320C64X_INS_SADDU4,
277 | TMS320C64X_INS_SADDUS2,
278 | TMS320C64X_INS_SAT,
279 | TMS320C64X_INS_SET,
280 | TMS320C64X_INS_SHFL,
281 | TMS320C64X_INS_SHL,
282 | TMS320C64X_INS_SHLMB,
283 | TMS320C64X_INS_SHR,
284 | TMS320C64X_INS_SHR2,
285 | TMS320C64X_INS_SHRMB,
286 | TMS320C64X_INS_SHRU,
287 | TMS320C64X_INS_SHRU2,
288 | TMS320C64X_INS_SMPY,
289 | TMS320C64X_INS_SMPY2,
290 | TMS320C64X_INS_SMPYH,
291 | TMS320C64X_INS_SMPYHL,
292 | TMS320C64X_INS_SMPYLH,
293 | TMS320C64X_INS_SPACK2,
294 | TMS320C64X_INS_SPACKU4,
295 | TMS320C64X_INS_SSHL,
296 | TMS320C64X_INS_SSHVL,
297 | TMS320C64X_INS_SSHVR,
298 | TMS320C64X_INS_SSUB,
299 | TMS320C64X_INS_STB,
300 | TMS320C64X_INS_STDW,
301 | TMS320C64X_INS_STH,
302 | TMS320C64X_INS_STNDW,
303 | TMS320C64X_INS_STNW,
304 | TMS320C64X_INS_STW,
305 | TMS320C64X_INS_SUB,
306 | TMS320C64X_INS_SUB2,
307 | TMS320C64X_INS_SUB4,
308 | TMS320C64X_INS_SUBAB,
309 | TMS320C64X_INS_SUBABS4,
310 | TMS320C64X_INS_SUBAH,
311 | TMS320C64X_INS_SUBAW,
312 | TMS320C64X_INS_SUBC,
313 | TMS320C64X_INS_SUBU,
314 | TMS320C64X_INS_SWAP4,
315 | TMS320C64X_INS_UNPKHU4,
316 | TMS320C64X_INS_UNPKLU4,
317 | TMS320C64X_INS_XOR,
318 | TMS320C64X_INS_XPND2,
319 | TMS320C64X_INS_XPND4,
320 | // Aliases
321 | TMS320C64X_INS_IDLE,
322 | TMS320C64X_INS_MV,
323 | TMS320C64X_INS_NEG,
324 | TMS320C64X_INS_NOT,
325 | TMS320C64X_INS_SWAP2,
326 | TMS320C64X_INS_ZERO,
327 |
328 | TMS320C64X_INS_ENDING, // <-- mark the end of the list of instructions
329 | } tms320c64x_insn;
330 |
331 | typedef enum tms320c64x_insn_group {
332 | TMS320C64X_GRP_INVALID = 0, ///< = CS_GRP_INVALID
333 |
334 | TMS320C64X_GRP_JUMP, ///< = CS_GRP_JUMP
335 |
336 | TMS320C64X_GRP_FUNIT_D = 128,
337 | TMS320C64X_GRP_FUNIT_L,
338 | TMS320C64X_GRP_FUNIT_M,
339 | TMS320C64X_GRP_FUNIT_S,
340 | TMS320C64X_GRP_FUNIT_NO,
341 |
342 | TMS320C64X_GRP_ENDING, // <-- mark the end of the list of groups
343 | } tms320c64x_insn_group;
344 |
345 | typedef enum tms320c64x_funit {
346 | TMS320C64X_FUNIT_INVALID = 0,
347 | TMS320C64X_FUNIT_D,
348 | TMS320C64X_FUNIT_L,
349 | TMS320C64X_FUNIT_M,
350 | TMS320C64X_FUNIT_S,
351 | TMS320C64X_FUNIT_NO
352 | } tms320c64x_funit;
353 |
354 | #ifdef __cplusplus
355 | }
356 | #endif
357 |
358 | #endif
359 |
360 |
--------------------------------------------------------------------------------
/csinclude/capstone/xcore.h:
--------------------------------------------------------------------------------
1 | #ifndef CAPSTONE_XCORE_H
2 | #define CAPSTONE_XCORE_H
3 |
4 | /* Capstone Disassembly Engine */
5 | /* By Nguyen Anh Quynh , 2014-2015 */
6 |
7 | #ifdef __cplusplus
8 | extern "C" {
9 | #endif
10 |
11 | #include "platform.h"
12 |
13 | #ifdef _MSC_VER
14 | #pragma warning(disable:4201)
15 | #endif
16 |
17 | /// Operand type for instruction's operands
18 | typedef enum xcore_op_type {
19 | XCORE_OP_INVALID = 0, ///< = CS_OP_INVALID (Uninitialized).
20 | XCORE_OP_REG, ///< = CS_OP_REG (Register operand).
21 | XCORE_OP_IMM, ///< = CS_OP_IMM (Immediate operand).
22 | XCORE_OP_MEM, ///< = CS_OP_MEM (Memory operand).
23 | } xcore_op_type;
24 |
25 | /// XCore registers
26 | typedef enum xcore_reg {
27 | XCORE_REG_INVALID = 0,
28 |
29 | XCORE_REG_CP,
30 | XCORE_REG_DP,
31 | XCORE_REG_LR,
32 | XCORE_REG_SP,
33 | XCORE_REG_R0,
34 | XCORE_REG_R1,
35 | XCORE_REG_R2,
36 | XCORE_REG_R3,
37 | XCORE_REG_R4,
38 | XCORE_REG_R5,
39 | XCORE_REG_R6,
40 | XCORE_REG_R7,
41 | XCORE_REG_R8,
42 | XCORE_REG_R9,
43 | XCORE_REG_R10,
44 | XCORE_REG_R11,
45 |
46 | // pseudo registers
47 | XCORE_REG_PC, ///< pc
48 |
49 | // internal thread registers
50 | // see The-XMOS-XS1-Architecture(X7879A).pdf
51 | XCORE_REG_SCP, ///< save pc
52 | XCORE_REG_SSR, //< save status
53 | XCORE_REG_ET, //< exception type
54 | XCORE_REG_ED, //< exception data
55 | XCORE_REG_SED, //< save exception data
56 | XCORE_REG_KEP, //< kernel entry pointer
57 | XCORE_REG_KSP, //< kernel stack pointer
58 | XCORE_REG_ID, //< thread ID
59 |
60 | XCORE_REG_ENDING, // <-- mark the end of the list of registers
61 | } xcore_reg;
62 |
63 | /// Instruction's operand referring to memory
64 | /// This is associated with XCORE_OP_MEM operand type above
65 | typedef struct xcore_op_mem {
66 | uint8_t base; ///< base register, can be safely interpreted as
67 | ///< a value of type `xcore_reg`, but it is only
68 | ///< one byte wide
69 | uint8_t index; ///< index register, same conditions apply here
70 | int32_t disp; ///< displacement/offset value
71 | int direct; ///< +1: forward, -1: backward
72 | } xcore_op_mem;
73 |
74 | /// Instruction operand
75 | typedef struct cs_xcore_op {
76 | xcore_op_type type; ///< operand type
77 | union {
78 | xcore_reg reg; ///< register value for REG operand
79 | int32_t imm; ///< immediate value for IMM operand
80 | xcore_op_mem mem; ///< base/disp value for MEM operand
81 | };
82 | } cs_xcore_op;
83 |
84 | /// Instruction structure
85 | typedef struct cs_xcore {
86 | /// Number of operands of this instruction,
87 | /// or 0 when instruction has no operand.
88 | uint8_t op_count;
89 | cs_xcore_op operands[8]; ///< operands for this instruction.
90 | } cs_xcore;
91 |
92 | /// XCore instruction
93 | typedef enum xcore_insn {
94 | XCORE_INS_INVALID = 0,
95 |
96 | XCORE_INS_ADD,
97 | XCORE_INS_ANDNOT,
98 | XCORE_INS_AND,
99 | XCORE_INS_ASHR,
100 | XCORE_INS_BAU,
101 | XCORE_INS_BITREV,
102 | XCORE_INS_BLA,
103 | XCORE_INS_BLAT,
104 | XCORE_INS_BL,
105 | XCORE_INS_BF,
106 | XCORE_INS_BT,
107 | XCORE_INS_BU,
108 | XCORE_INS_BRU,
109 | XCORE_INS_BYTEREV,
110 | XCORE_INS_CHKCT,
111 | XCORE_INS_CLRE,
112 | XCORE_INS_CLRPT,
113 | XCORE_INS_CLRSR,
114 | XCORE_INS_CLZ,
115 | XCORE_INS_CRC8,
116 | XCORE_INS_CRC32,
117 | XCORE_INS_DCALL,
118 | XCORE_INS_DENTSP,
119 | XCORE_INS_DGETREG,
120 | XCORE_INS_DIVS,
121 | XCORE_INS_DIVU,
122 | XCORE_INS_DRESTSP,
123 | XCORE_INS_DRET,
124 | XCORE_INS_ECALLF,
125 | XCORE_INS_ECALLT,
126 | XCORE_INS_EDU,
127 | XCORE_INS_EEF,
128 | XCORE_INS_EET,
129 | XCORE_INS_EEU,
130 | XCORE_INS_ENDIN,
131 | XCORE_INS_ENTSP,
132 | XCORE_INS_EQ,
133 | XCORE_INS_EXTDP,
134 | XCORE_INS_EXTSP,
135 | XCORE_INS_FREER,
136 | XCORE_INS_FREET,
137 | XCORE_INS_GETD,
138 | XCORE_INS_GET,
139 | XCORE_INS_GETN,
140 | XCORE_INS_GETR,
141 | XCORE_INS_GETSR,
142 | XCORE_INS_GETST,
143 | XCORE_INS_GETTS,
144 | XCORE_INS_INCT,
145 | XCORE_INS_INIT,
146 | XCORE_INS_INPW,
147 | XCORE_INS_INSHR,
148 | XCORE_INS_INT,
149 | XCORE_INS_IN,
150 | XCORE_INS_KCALL,
151 | XCORE_INS_KENTSP,
152 | XCORE_INS_KRESTSP,
153 | XCORE_INS_KRET,
154 | XCORE_INS_LADD,
155 | XCORE_INS_LD16S,
156 | XCORE_INS_LD8U,
157 | XCORE_INS_LDA16,
158 | XCORE_INS_LDAP,
159 | XCORE_INS_LDAW,
160 | XCORE_INS_LDC,
161 | XCORE_INS_LDW,
162 | XCORE_INS_LDIVU,
163 | XCORE_INS_LMUL,
164 | XCORE_INS_LSS,
165 | XCORE_INS_LSUB,
166 | XCORE_INS_LSU,
167 | XCORE_INS_MACCS,
168 | XCORE_INS_MACCU,
169 | XCORE_INS_MJOIN,
170 | XCORE_INS_MKMSK,
171 | XCORE_INS_MSYNC,
172 | XCORE_INS_MUL,
173 | XCORE_INS_NEG,
174 | XCORE_INS_NOT,
175 | XCORE_INS_OR,
176 | XCORE_INS_OUTCT,
177 | XCORE_INS_OUTPW,
178 | XCORE_INS_OUTSHR,
179 | XCORE_INS_OUTT,
180 | XCORE_INS_OUT,
181 | XCORE_INS_PEEK,
182 | XCORE_INS_REMS,
183 | XCORE_INS_REMU,
184 | XCORE_INS_RETSP,
185 | XCORE_INS_SETCLK,
186 | XCORE_INS_SET,
187 | XCORE_INS_SETC,
188 | XCORE_INS_SETD,
189 | XCORE_INS_SETEV,
190 | XCORE_INS_SETN,
191 | XCORE_INS_SETPSC,
192 | XCORE_INS_SETPT,
193 | XCORE_INS_SETRDY,
194 | XCORE_INS_SETSR,
195 | XCORE_INS_SETTW,
196 | XCORE_INS_SETV,
197 | XCORE_INS_SEXT,
198 | XCORE_INS_SHL,
199 | XCORE_INS_SHR,
200 | XCORE_INS_SSYNC,
201 | XCORE_INS_ST16,
202 | XCORE_INS_ST8,
203 | XCORE_INS_STW,
204 | XCORE_INS_SUB,
205 | XCORE_INS_SYNCR,
206 | XCORE_INS_TESTCT,
207 | XCORE_INS_TESTLCL,
208 | XCORE_INS_TESTWCT,
209 | XCORE_INS_TSETMR,
210 | XCORE_INS_START,
211 | XCORE_INS_WAITEF,
212 | XCORE_INS_WAITET,
213 | XCORE_INS_WAITEU,
214 | XCORE_INS_XOR,
215 | XCORE_INS_ZEXT,
216 |
217 | XCORE_INS_ENDING, // <-- mark the end of the list of instructions
218 | } xcore_insn;
219 |
220 | /// Group of XCore instructions
221 | typedef enum xcore_insn_group {
222 | XCORE_GRP_INVALID = 0, ///< = CS_GRP_INVALID
223 |
224 | // Generic groups
225 | // all jump instructions (conditional+direct+indirect jumps)
226 | XCORE_GRP_JUMP, ///< = CS_GRP_JUMP
227 |
228 | XCORE_GRP_ENDING, // <-- mark the end of the list of groups
229 | } xcore_insn_group;
230 |
231 | #ifdef __cplusplus
232 | }
233 | #endif
234 |
235 | #endif
236 |
--------------------------------------------------------------------------------
/csinclude/platform.h:
--------------------------------------------------------------------------------
1 | /* Capstone Disassembly Engine */
2 | /* By Axel Souchet & Nguyen Anh Quynh, 2014 */
3 |
4 | #ifndef CAPSTONE_PLATFORM_H
5 | #define CAPSTONE_PLATFORM_H
6 |
7 | // handle C99 issue (for pre-2013 VisualStudio)
8 | #if !defined(__CYGWIN__) && !defined(__MINGW32__) && !defined(__MINGW64__) && (defined (WIN32) || defined (WIN64) || defined (_WIN32) || defined (_WIN64))
9 | // MSVC
10 |
11 | // stdbool.h
12 | #if (_MSC_VER < 1800) || defined(_KERNEL_MODE)
13 | // this system does not have stdbool.h
14 | #ifndef __cplusplus
15 | typedef unsigned char bool;
16 | #define false 0
17 | #define true 1
18 | #endif
19 |
20 | #else
21 | // VisualStudio 2013+ -> C99 is supported
22 | #include
23 | #endif
24 |
25 | #else
26 | // not MSVC -> C99 is supported
27 | #include
28 | #endif
29 |
30 |
31 | // handle C99 issue (for pre-2013 VisualStudio)
32 | #if defined(CAPSTONE_HAS_OSXKERNEL) || (defined(_MSC_VER) && (_MSC_VER <= 1700 || defined(_KERNEL_MODE)))
33 | // this system does not have inttypes.h
34 |
35 | #if defined(_MSC_VER) && (_MSC_VER < 1600 || defined(_KERNEL_MODE))
36 | // this system does not have stdint.h
37 | typedef signed char int8_t;
38 | typedef signed short int16_t;
39 | typedef signed int int32_t;
40 | typedef unsigned char uint8_t;
41 | typedef unsigned short uint16_t;
42 | typedef unsigned int uint32_t;
43 | typedef signed long long int64_t;
44 | typedef unsigned long long uint64_t;
45 |
46 | #define INT8_MIN (-127i8 - 1)
47 | #define INT16_MIN (-32767i16 - 1)
48 | #define INT32_MIN (-2147483647i32 - 1)
49 | #define INT64_MIN (-9223372036854775807i64 - 1)
50 | #define INT8_MAX 127i8
51 | #define INT16_MAX 32767i16
52 | #define INT32_MAX 2147483647i32
53 | #define INT64_MAX 9223372036854775807i64
54 | #define UINT8_MAX 0xffui8
55 | #define UINT16_MAX 0xffffui16
56 | #define UINT32_MAX 0xffffffffui32
57 | #define UINT64_MAX 0xffffffffffffffffui64
58 | #endif
59 |
60 | #define __PRI_8_LENGTH_MODIFIER__ "hh"
61 | #define __PRI_64_LENGTH_MODIFIER__ "ll"
62 |
63 | #define PRId8 __PRI_8_LENGTH_MODIFIER__ "d"
64 | #define PRIi8 __PRI_8_LENGTH_MODIFIER__ "i"
65 | #define PRIo8 __PRI_8_LENGTH_MODIFIER__ "o"
66 | #define PRIu8 __PRI_8_LENGTH_MODIFIER__ "u"
67 | #define PRIx8 __PRI_8_LENGTH_MODIFIER__ "x"
68 | #define PRIX8 __PRI_8_LENGTH_MODIFIER__ "X"
69 |
70 | #define PRId16 "hd"
71 | #define PRIi16 "hi"
72 | #define PRIo16 "ho"
73 | #define PRIu16 "hu"
74 | #define PRIx16 "hx"
75 | #define PRIX16 "hX"
76 |
77 | #if defined(_MSC_VER) && _MSC_VER <= 1700
78 | #define PRId32 "ld"
79 | #define PRIi32 "li"
80 | #define PRIo32 "lo"
81 | #define PRIu32 "lu"
82 | #define PRIx32 "lx"
83 | #define PRIX32 "lX"
84 | #else // OSX
85 | #define PRId32 "d"
86 | #define PRIi32 "i"
87 | #define PRIo32 "o"
88 | #define PRIu32 "u"
89 | #define PRIx32 "x"
90 | #define PRIX32 "X"
91 | #endif
92 |
93 | #if defined(_MSC_VER) && _MSC_VER <= 1700
94 | // redefine functions from inttypes.h used in cstool
95 | #define strtoull _strtoui64
96 | #endif
97 |
98 | #define PRId64 __PRI_64_LENGTH_MODIFIER__ "d"
99 | #define PRIi64 __PRI_64_LENGTH_MODIFIER__ "i"
100 | #define PRIo64 __PRI_64_LENGTH_MODIFIER__ "o"
101 | #define PRIu64 __PRI_64_LENGTH_MODIFIER__ "u"
102 | #define PRIx64 __PRI_64_LENGTH_MODIFIER__ "x"
103 | #define PRIX64 __PRI_64_LENGTH_MODIFIER__ "X"
104 |
105 | #else
106 | // this system has inttypes.h by default
107 | #include
108 | #endif
109 |
110 | #endif
111 |
--------------------------------------------------------------------------------
/csinclude/windowsce/intrin.h:
--------------------------------------------------------------------------------
1 |
2 | #if defined(_MSC_VER) && defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) && !defined(__INTRIN_H_) && !defined(_INTRIN)
3 | #define _STDINT
4 |
5 | #ifdef _M_ARM
6 | #include
7 | #if (_WIN32_WCE >= 0x700) && defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__)
8 | #include
9 | #endif
10 | #endif // _M_ARM
11 |
12 | #endif
13 |
--------------------------------------------------------------------------------
/csinclude/windowsce/stdint.h:
--------------------------------------------------------------------------------
1 |
2 | #if defined(_MSC_VER) && defined(_WIN32_WCE) && (_WIN32_WCE < 0x800) && !defined(_STDINT_H_) && !defined(_STDINT)
3 | #define _STDINT
4 |
5 | typedef __int8
6 | int8_t,
7 | int_least8_t;
8 |
9 | typedef __int16
10 | int16_t,
11 | int_least16_t;
12 |
13 | typedef __int32
14 | int32_t,
15 | int_least32_t,
16 | int_fast8_t,
17 | int_fast16_t,
18 | int_fast32_t;
19 |
20 | typedef __int64
21 | int64_t,
22 | intmax_t,
23 | int_least64_t,
24 | int_fast64_t;
25 |
26 | typedef unsigned __int8
27 | uint8_t,
28 | uint_least8_t;
29 |
30 | typedef unsigned __int16
31 | uint16_t,
32 | uint_least16_t;
33 |
34 | typedef unsigned __int32
35 | uint32_t,
36 | uint_least32_t,
37 | uint_fast8_t,
38 | uint_fast16_t,
39 | uint_fast32_t;
40 |
41 | typedef unsigned __int64
42 | uint64_t,
43 | uintmax_t,
44 | uint_least64_t,
45 | uint_fast64_t;
46 |
47 | #ifndef _INTPTR_T_DEFINED
48 | #define _INTPTR_T_DEFINED
49 | typedef __int32 intptr_t;
50 | #endif
51 |
52 | #ifndef _UINTPTR_T_DEFINED
53 | #define _UINTPTR_T_DEFINED
54 | typedef unsigned __int32 uintptr_t;
55 | #endif
56 |
57 | #define INT8_MIN (-127i8 - 1)
58 | #define INT16_MIN (-32767i16 - 1)
59 | #define INT32_MIN (-2147483647i32 - 1)
60 | #define INT64_MIN (-9223372036854775807i64 - 1)
61 | #define INT8_MAX 127i8
62 | #define INT16_MAX 32767i16
63 | #define INT32_MAX 2147483647i32
64 | #define INT64_MAX 9223372036854775807i64
65 | #define UINT8_MAX 0xffui8
66 | #define UINT16_MAX 0xffffui16
67 | #define UINT32_MAX 0xffffffffui32
68 | #define UINT64_MAX 0xffffffffffffffffui64
69 |
70 | #define INT_LEAST8_MIN INT8_MIN
71 | #define INT_LEAST16_MIN INT16_MIN
72 | #define INT_LEAST32_MIN INT32_MIN
73 | #define INT_LEAST64_MIN INT64_MIN
74 | #define INT_LEAST8_MAX INT8_MAX
75 | #define INT_LEAST16_MAX INT16_MAX
76 | #define INT_LEAST32_MAX INT32_MAX
77 | #define INT_LEAST64_MAX INT64_MAX
78 | #define UINT_LEAST8_MAX UINT8_MAX
79 | #define UINT_LEAST16_MAX UINT16_MAX
80 | #define UINT_LEAST32_MAX UINT32_MAX
81 | #define UINT_LEAST64_MAX UINT64_MAX
82 |
83 | #define INT_FAST8_MIN INT8_MIN
84 | #define INT_FAST16_MIN INT32_MIN
85 | #define INT_FAST32_MIN INT32_MIN
86 | #define INT_FAST64_MIN INT64_MIN
87 | #define INT_FAST8_MAX INT8_MAX
88 | #define INT_FAST16_MAX INT32_MAX
89 | #define INT_FAST32_MAX INT32_MAX
90 | #define INT_FAST64_MAX INT64_MAX
91 | #define UINT_FAST8_MAX UINT8_MAX
92 | #define UINT_FAST16_MAX UINT32_MAX
93 | #define UINT_FAST32_MAX UINT32_MAX
94 | #define UINT_FAST64_MAX UINT64_MAX
95 |
96 | #define INTPTR_MIN INT32_MIN
97 | #define INTPTR_MAX INT32_MAX
98 | #define UINTPTR_MAX UINT32_MAX
99 |
100 | #define INTMAX_MIN INT64_MIN
101 | #define INTMAX_MAX INT64_MAX
102 | #define UINTMAX_MAX UINT64_MAX
103 |
104 | #define PTRDIFF_MIN INTPTR_MIN
105 | #define PTRDIFF_MAX INTPTR_MAX
106 |
107 | #ifndef SIZE_MAX
108 | #define SIZE_MAX UINTPTR_MAX
109 | #endif
110 |
111 | #define SIG_ATOMIC_MIN INT32_MIN
112 | #define SIG_ATOMIC_MAX INT32_MAX
113 |
114 | #define WCHAR_MIN 0x0000
115 | #define WCHAR_MAX 0xffff
116 |
117 | #define WINT_MIN 0x0000
118 | #define WINT_MAX 0xffff
119 |
120 | #define INT8_C(x) (x)
121 | #define INT16_C(x) (x)
122 | #define INT32_C(x) (x)
123 | #define INT64_C(x) (x ## LL)
124 |
125 | #define UINT8_C(x) (x)
126 | #define UINT16_C(x) (x)
127 | #define UINT32_C(x) (x ## U)
128 | #define UINT64_C(x) (x ## ULL)
129 |
130 | #define INTMAX_C(x) INT64_C(x)
131 | #define UINTMAX_C(x) UINT64_C(x)
132 |
133 | #endif
134 |
--------------------------------------------------------------------------------
/function_defeniton.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #pragma warning(disable : 4996)
3 | #include
4 |
5 | #include "hook.h"
6 | #include "ldr.h"
7 |
8 |
9 | BOOL WriteFile_engine(HANDLE hFile,LPCVOID lpBuffer);
10 |
11 | typedef BOOL(WINAPI* _WriteFile)( //WriteFile strucre
12 | HANDLE hFile,
13 | LPCVOID lpBuffer,
14 | DWORD nNumberOfBytesToWrite,
15 | LPDWORD lpNumberOfBytesWritten,
16 | LPOVERLAPPED lpOverlapped
17 | );
18 |
19 | BOOL WINAPI _hookWriteFile( //hooked Write File Function
20 | HANDLE hFile,
21 | LPCVOID lpBuffer,
22 | DWORD nNumberOfBytesToWrite,
23 | LPDWORD lpNumberOfBytesWritten,
24 | LPOVERLAPPED lpOverlapped
25 | );
26 |
27 | _WriteFile _originalWriteFile = NULL;
--------------------------------------------------------------------------------
/hook.c:
--------------------------------------------------------------------------------
1 | #include "hook.h"
2 | #include "ldr.h"
3 |
4 |
5 |
6 | DWORD _initialize(unsigned int dll_hash, LPCSTR lpProcName, BOOL ishook)
7 | {
8 | DWORD _handle = NULL;
9 |
10 | _handle = _findDllAddress(dll_hash);
11 |
12 | if (_handle == NULL)
13 | {
14 | return 0x0;
15 | }
16 |
17 | DWORD _functionAddress = NULL;
18 |
19 | _functionAddress = _findFunctionAddress(_handle, lpProcName);
20 |
21 | if (_functionAddress == NULL)
22 | {
23 | return 0x0;
24 | }
25 | if ((dll_hash == djb2_values[1] || dll_hash == djb2_values[7]) && ishook)
26 | _functionAddress = _getFunctionAddress(_functionAddress);// kernel32.dll ve advapi32.dll
27 |
28 | _hookInfo._oldFunction = _functionAddress;
29 | return _functionAddress;
30 | }
31 |
32 |
33 |
34 | DWORD _inithook(int _control, unsigned char* _hookFuncAddres)
35 | {
36 | int _architecture = 0;
37 | _architecture = _processArchitectureInfo();
38 |
39 | size_t _size = 0;
40 | int control = 0x1;
41 | _size = _getSize(_hookInfo._oldFunction, control); //control for relative address
42 | //find relative adress and function size
43 | DWORD _protection = 0;
44 | _protection = _allocation(_hookInfo._oldFunction, _size, _control);
45 |
46 | _trambolin(_hookInfo._oldFunction, _hookFuncAddres, _architecture, _size, _protection);
47 |
48 | return _hookInfo._newFunction;
49 |
50 | }
51 |
52 | uint64_t _getFunctionAddress(DWORD _fAddress)
53 | {
54 | uint64_t _functionAddress = (uint64_t)_fAddress;
55 |
56 |
57 | #if defined(__x86_64__) || defined(_M_X64)
58 | //unsigned char* _getAddress = _functionAddress;
59 | //unsigned char _getOffset[8];
60 | //uint64_t _offset = 0x0;
61 | //uint64_t* _realAddress = 0x0;
62 | //int count = 0;
63 |
64 | //memset(_getOffset, '\0', sizeof(char) * 8);
65 |
66 | //for (int i = 0; i < 5; i++)
67 | //{
68 | // if (_getAddress[i] == 0xFF || _getAddress[i] == 0x25) // jmp and null
69 | // {
70 | // continue;
71 | // }
72 | // else
73 | // {
74 | // _getOffset[count] = *(_getAddress + i);
75 | // count++;
76 | // }
77 | //}
78 | //_offset = *(uint64_t*)_getOffset;
79 | //_realAddress = _functionAddress + _offset + 0x6;
80 | //printf_s("Real Function Address : 0x%llX\n", *_realAddress); // real adres : 0x7FFE12C94FD0 + 5D1E2
81 |
82 | //return *_realAddress;
83 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
84 |
85 | wchar_t* _getAddress = _functionAddress;
86 | BYTE x = 0x0;
87 |
88 | __asm
89 | {
90 | pushad
91 | pushfd
92 | mov edi, esp
93 | xor eax, eax
94 | xor ebx, ebx
95 | mov eax, dword ptr[_getAddress]
96 | loop1:
97 | mov bx, word ptr[eax]
98 | add eax, 1
99 | cmp bx, CALLRETURN //for stub function return
100 | jz ayh
101 | cmp bx, CALLRETURN2 //for stub function kernelbase.dll
102 | jz ayh
103 | cmp bx, JMPOPCODE//FF 25 jump opcode near jump relative address
104 | jz _find
105 | cmp bh, CALLOPCODE //stub function
106 | jz _find2
107 | jnz loop1
108 |
109 | _find :
110 | mov edx, [eax + 1]
111 | mov ecx, [edx]
112 | mov dword ptr[_getAddress], ecx
113 | jmp ayh
114 |
115 | _find2 :
116 | mov edx, [eax + 1]
117 | add edx, 5
118 | add edx, eax
119 | mov dword ptr[_getAddress], edx
120 | jmp ayh
121 |
122 | ayh :
123 | mov esp, edi
124 | popfd
125 | popad
126 |
127 | }
128 | return _getAddress;
129 | #endif
130 | }
131 |
132 | int _processArchitectureInfo()
133 | {
134 | wchar_t lpFilename[MAX_PATH];
135 |
136 | HMODULE _module = GetModuleHandle(NULL);
137 | GetModuleFileNameW(_module, lpFilename, MAX_PATH);
138 | IMAGE_DOS_HEADER* _dosHeader = (IMAGE_DOS_HEADER*)_module;
139 | IMAGE_NT_HEADERS* _ntHeader = (IMAGE_NT_HEADERS*)(((char*)_dosHeader) + _dosHeader->e_lfanew);
140 |
141 | return _ntHeader->FileHeader.Machine;
142 | }
143 |
144 |
145 | int _getSize(unsigned char* _fAddress, int _control)
146 | {
147 | csh g_capstone;
148 | unsigned char* addr;
149 | cs_insn* insn;
150 | size_t j;
151 |
152 | unsigned char* _opcodeValue = NULL;
153 | unsigned char* _bytes;
154 | int size = 0, inc = 0;
155 | uint32_t* _getRel;
156 | uint32_t diff;
157 |
158 | unsigned __int64* _prologOpcode = NULL;
159 |
160 | _hookInfo._relativeCount = 0;
161 |
162 |
163 | #if defined(__x86_64__) || defined(_M_X64)
164 | if (cs_open(CS_ARCH_X86, CS_MODE_64, &g_capstone) != CS_ERR_OK)
165 | return -1;
166 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
167 | if (cs_open(CS_ARCH_X86, CS_MODE_32, &g_capstone) != CS_ERR_OK)
168 | return -1;
169 | #endif
170 |
171 | addr = _fAddress;
172 | size_t count = cs_disasm(g_capstone, addr, 0x10000, (uintptr_t)addr, 0, &insn);
173 |
174 | if (count > 0)
175 | {
176 | for (j = 0; j < count; j++)
177 | {
178 | _opcodeValue = insn[j].address;
179 | _bytes = &insn[j].bytes[0];
180 |
181 | if (addr != _opcodeValue && *(_opcodeValue) == 0x8B && *(_opcodeValue + 1) == 0xFF && *(_opcodeValue + 2) == 0x55 && *(_opcodeValue + 3) == 0x8B && *(_opcodeValue + 4) == 0xEC)
182 | break;
183 |
184 | if (findOpcode(_opcodeValue, 0x0) && findOpcode(_opcodeValue, 0x1) && findOpcode(_opcodeValue, 0x2) && findOpcode(_opcodeValue, 0x3))
185 | break;
186 |
187 | else if (relativeOpcode(_bytes, 0x0) && insn[j].size >= 5) //call size 5
188 | {
189 | if (_control == 0x1)
190 | _calculateRelativeAddress(&insn[j].op_str[2]);
191 | else
192 | {
193 | diff = (_hookInfo._relativeValue[inc++] - insn[j].address - 0x5);
194 | *(uint32_t*)(_opcodeValue + 1) = diff;
195 | }
196 | }
197 | else if (jmpOpcode(_bytes, 0x0)) //jmp 6 size
198 | {
199 | if (_control == 0x1)
200 | _calculateRelativeAddress(&insn[j].op_str[2]);
201 | else
202 | {
203 | diff = (unsigned char*)(_hookInfo._relativeValue[inc++] - insn[j].address - 0x6);
204 | *(uint32_t*)(_opcodeValue + 2) = diff;
205 | }
206 | }
207 | else if (*_bytes == 0xFF && insn[j].size >= 5) {//call 6 size
208 | if (_control == 0x1)
209 | {
210 | _getRel = &insn[j].bytes[0x2];
211 | _hookInfo._relativeValue[_hookInfo._relativeCount] = *_getRel;
212 | _hookInfo._relativeCount = _hookInfo._relativeCount + 1;
213 | }
214 | else
215 | {
216 | *(uint32_t*)(_opcodeValue + 2) = _hookInfo._relativeValue[inc++];
217 | }
218 | }
219 |
220 | size += insn[j].size;
221 |
222 | if (_control == 0x0)
223 | printf("0x%"PRIx64":\t%s\t\t%s\t\n", insn[j].address, insn[j].mnemonic, insn[j].op_str);
224 | }
225 | cs_free(insn, count);
226 | }
227 | else
228 | printf("ERROR: Failed to disassemble given code!\n");
229 |
230 | return size;
231 | }
232 |
233 | int _calculateRelativeAddress(uint32_t* _address)
234 | {
235 | uint64_t _tmp;
236 | uint32_t _getRel;
237 |
238 | _tmp = _address;
239 | _getRel = strtol(_tmp, 0, 16);
240 | _hookInfo._relativeValue[_hookInfo._relativeCount] = _getRel;
241 | _hookInfo._relativeCount = _hookInfo._relativeCount + 1;
242 | }
243 |
244 | int _allocation(unsigned char* _fAddress, size_t _functionSize, int _control)
245 | {
246 | unsigned char* _newFunctionAddress = _fAddress - _functionSize - 0x400;
247 | unsigned char* _newFunction = NULL;
248 |
249 | while (_newFunction == NULL)
250 | {
251 | _newFunction = VirtualAlloc(_newFunctionAddress, _functionSize + 0x20, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE);
252 | _newFunctionAddress -= 0x1000; //1 page 4kb = 4096
253 | }
254 |
255 | memset(_newFunction, 0x90, _functionSize + 0x20);
256 | memcpy(_newFunction, _fAddress, _functionSize);
257 |
258 | if (_control != 0x1)
259 | _getSize(_newFunction, _control); //fix relative adress and print
260 |
261 | DWORD _protection = 0;
262 | if (!VirtualProtect(_fAddress, _functionSize, PAGE_EXECUTE_READWRITE, &_protection))
263 | {
264 | VirtualFree(_newFunction, _functionSize + 0x20, MEM_RELEASE);
265 | }
266 |
267 | _hookInfo._newFunction = _newFunction;
268 |
269 | memset(_fAddress, 0x90, _functionSize);
270 |
271 |
272 | return _protection;
273 | }
274 |
275 | void _trambolin(unsigned char* _fAddress, unsigned char* _hookFuncAddres, int _arch, size_t _size, DWORD _protection)
276 | {
277 |
278 | #if defined(__x86_64__) || defined(_M_X64)
279 | //mov rax, 64BIT_FUNCTION_ADDRESS
280 | //jmp rax
281 | //*_fAddress = (unsigned char)0x48;//rax
282 | //*(_fAddress + 1) = (unsigned char)0xB8;//mov
283 | //*(long long int*)(_fAddress + 2) = (long long int)_hookFuncAddres;
284 | //*(unsigned short*)(_fAddress + 10) = 0xE0FF;
285 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
286 | uint32_t _address = _getHookFunctionAddress(_hookFuncAddres);
287 | int _JMPOffset = _fAddress - _address;
288 | _JMPOffset = -_JMPOffset;
289 | _JMPOffset = _JMPOffset - 0x5;
290 | *_fAddress = (unsigned char)0xE9;
291 | *((int*)(_fAddress + 1)) = _JMPOffset;
292 |
293 | VirtualProtect(_fAddress, _size, _protection, &_protection);
294 |
295 | _hookInfo._hookFunction = _address;
296 | #endif
297 |
298 | }
299 |
300 | int _getHookFunctionAddress(int _fAddress)
301 | {
302 | unsigned char* _adress = _fAddress;
303 | unsigned char _getOffset[4];
304 | int count = 0;
305 |
306 | memset(_getOffset, '\0', sizeof(char) * 4);
307 |
308 |
309 | if (*_adress != 0xE9) //control for relative address
310 | return _adress;
311 |
312 | for (int i = 0; i < 5; i++)
313 | {
314 | if (_adress[i] == 0xE9 || _adress[i] == 0x00) // jmp and null
315 | {
316 | continue;
317 | }
318 | else
319 | {
320 | _getOffset[count] = *(_adress + i);
321 | count++;
322 | }
323 | }
324 |
325 | uint32_t _offset = *(uint32_t*)_getOffset;
326 | uint32_t _realAddress = _fAddress + _offset + 0x5;
327 |
328 | return _realAddress;
329 | }
330 |
--------------------------------------------------------------------------------
/hook.h:
--------------------------------------------------------------------------------
1 | #ifdef __cplusplus
2 | extern "C" {
3 | #endif
4 | #pragma once
5 |
6 | //install capstone
7 | #if defined(__x86_64__) || defined(_M_X64)
8 | #include "csinclude/capstone/capstone.h"
9 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
10 | #include "../csinclude/capstone/capstone.h"
11 | #endif
12 |
13 | #include
14 |
15 | #define JMPOPCODE 0x25FF
16 | #define CALLOPCODE 0xE8
17 | #define CALLRETURN 0xC35D
18 | #define CALLRETURN2 0xC25D
19 | #define _JMP 0xE9
20 | #define findOpcode(_opcodeValue,offset)(*(_opcodeValue + offset) == 0XCC || *(_opcodeValue + offset) == 0x90 || *(_opcodeValue + offset) == 0x00)
21 | #define relativeOpcode(_relativeValue) ((0xE0<=*(_relativeValue) && *(_relativeValue)<= 0xE3) || *(_relativeValue) == 0xE8 || *(_relativeValue)== 0xE9 || *(_relativeValue) == 0xEB)
22 | #define jmpOpcode(_opcode,offset)((0x80<=*(_opcode+offset+1) && *(_opcode+offset+1)<= 0x8F) && *(_opcode+offset) == 0x0F) //condition jump
23 | #define MAX_RELATIVE 32
24 |
25 | struct _HOOKINFO
26 | {
27 | uint64_t* _oldFunction; //Original Function Address
28 | uint64_t* _newFunction; //New Function Address
29 | uint64_t* _hookFunction; //Hooked Function Address
30 | uint64_t _relativeValue[MAX_RELATIVE];
31 | uint8_t _relativeCount;
32 | uint8_t _FuncSize;
33 | };
34 |
35 |
36 | struct _HOOKINFO _hookInfo;
37 |
38 | int _processArchitectureInfo();
39 | uint64_t _getFunctionAddress(DWORD _fAddress);
40 | int _getSize(unsigned char* _fAddress, int _control);
41 | int _allocation(unsigned char* _fAddress, size_t _functionSize, int _control);
42 | void _trambolin(unsigned char* _fAddress, unsigned char* _hookFuncAddres, int _arch, size_t _size, DWORD _protection);
43 | int _getHookFunctionAddress(int _fAddress);
44 |
45 | #ifdef __cplusplus
46 | }
47 | #endif
--------------------------------------------------------------------------------
/hook_function.cpp:
--------------------------------------------------------------------------------
1 | #include "function_defeniton.h"
2 |
3 | BOOL WriteFile_engine(HANDLE hFile, LPCVOID lpBuffer)
4 | {
5 | static BOOL isHook = FALSE;
6 | static _WriteFile _pWriteFile = NULL;
7 |
8 | if (!isHook)
9 | {
10 | SecureZeroMemory(&_hookInfo, sizeof(_HOOKINFO));
11 |
12 | _pWriteFile = (_WriteFile)_initialize(djb2_values[1], "WriteFile", 0x0);
13 |
14 | DWORD _newFunction = _inithook(0x2, (unsigned char*)_hookWriteFile); //0x0 print disass, give function address
15 |
16 | _originalWriteFile = (_WriteFile)_hookInfo._newFunction;
17 |
18 | isHook = TRUE;
19 |
20 | }
21 | DWORD written = 0;
22 | BOOL ret = _pWriteFile(hFile, lpBuffer, strlen((const char*)lpBuffer), &written, 0x0);
23 |
24 | return ret;
25 | }
26 |
27 |
28 | BOOL WINAPI _hookWriteFile(
29 | HANDLE hFile,
30 | LPCVOID lpBuffer,
31 | DWORD nNumberOfBytesToWrite,
32 | LPDWORD lpNumberOfBytesWritten,
33 | LPOVERLAPPED lpOverlapped
34 | )
35 | {
36 | const void* _msg = "ON WINDOWS 10 :)";
37 |
38 | int _size = (nNumberOfBytesToWrite + 0x40) * sizeof(char);
39 | void* _hookData = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, _size);
40 | int _hookDataLen = strlen((const char*)_msg);
41 |
42 | //printf_s("Original Write File lpBuffer : %s \n", lpBuffer);
43 |
44 | strcpy((char*)_hookData, (const char*)lpBuffer); //API HOOKING
45 | strcat((char*)_hookData, (const char*)_msg); //API HOOKING ON WINDOWS 10 :)
46 |
47 | BOOL result;
48 | result = _originalWriteFile(hFile, _hookData, nNumberOfBytesToWrite + _hookDataLen, lpNumberOfBytesWritten, lpOverlapped);
49 |
50 | if (result)
51 | {
52 | *lpNumberOfBytesWritten -= _hookDataLen;
53 | }
54 | else
55 | {
56 | printf_s("Unsuccessful API Hooking\n");
57 | }
58 |
59 | HeapFree(GetProcessHeap(), 0, _hookData);
60 |
61 | return result;
62 | }
--------------------------------------------------------------------------------
/initial.h:
--------------------------------------------------------------------------------
1 |
2 |
3 | #pragma once
4 | #pragma warning(disable : 4996)
5 |
6 | #include
7 | #include
8 |
9 |
10 | DWORD _initialize(unsigned int dll_hash, LPCSTR lpProcName, BOOL ishook);
11 | DWORD _inithook(int _control, unsigned char* _hookFuncAddres);
12 |
13 |
--------------------------------------------------------------------------------
/ldr.cpp:
--------------------------------------------------------------------------------
1 | #include "ldr.h"
2 | #include
3 |
4 | DWORD string_compare(PWSTR param1, PWSTR param2)
5 | {
6 | DWORD _ret = 0x0;
7 | #if defined(__x86_64__) || defined(_M_X64)
8 |
9 | printf_s("x64 coming soon\n");
10 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
11 | __asm
12 | {
13 | pushad
14 | pushfd
15 | mov edi, esp
16 |
17 | xor eax, eax
18 | xor ebx, ebx
19 | xor ecx, ecx
20 | xor edx, edx
21 |
22 | mov eax, [param1]
23 | mov ebx, [param2]
24 |
25 | loop1:
26 | mov dl, [eax + ecx]
27 | mov dh, [ebx + ecx]
28 | inc ecx
29 | cmp dl, 0
30 | je _find
31 | cmp dl, dh
32 | je loop1
33 | jl _condition1
34 | jg _condition2
35 |
36 | _find : //s1 == s2
37 | cmp dh, 0
38 | jne _condition1
39 | mov edx, 0x1
40 | jmp far ayh
41 |
42 | _condition1 : // s1 < s2
43 | mov edx, 0x2
44 | jmp far ayh
45 |
46 | _condition2 : // s1 > s2
47 | mov edx, 0x3
48 | jmp far ayh
49 |
50 | ayh :
51 | mov _ret, edx
52 | mov esp, edi
53 | popfd
54 | popad
55 |
56 |
57 | }
58 | #endif
59 | return _ret;
60 | }
61 |
62 | //TEB->PEB->Ldr->InMemoryOrderLoadList->currentProgram->ntdll->kernel32.BaseDll
63 |
64 | DWORD _findDllAddress(unsigned int dll)
65 | {
66 |
67 | DWORD dll_base = 0x0;
68 | DWORD _NULL_dll = NULL;
69 |
70 | #if defined(__x86_64__) || defined(_M_X64)
71 |
72 | printf_s("x64 coming soon\n");
73 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
74 |
75 | __asm
76 | {
77 |
78 | pushad
79 | pushfd
80 | mov edi, esp
81 |
82 | xor eax, eax
83 | xor ebx, ebx
84 | xor ecx, ecx
85 | xor esi, esi
86 |
87 | mov eax, fs : [0x30] //PEB
88 | mov eax, [eax + 0xC] //_PEB_findDllAddress_DATA LDR
89 | mov eax, [eax + 0x14] //LDR_DATA_TABLE_ENTRY InMemoryOrderModuleList
90 | mov ebx, eax
91 | nop
92 |
93 | loop1 :
94 | mov ecx, dword ptr[ebx - 0x8 + 0x2C + 0x4] //BaseDllName
95 | cmp ecx, _NULL_dll
96 | mov esi, [ebx - 0x8 + 0x18] //Dllbase
97 | je ayh
98 | push ecx
99 | push dll
100 | call djb2
101 | mov ebx, [ebx]
102 | cmp eax, 0x1
103 | jne loop1
104 | jz _find
105 |
106 | _find :
107 | mov esi, esi
108 | mov dll_base, esi
109 | jmp ayh
110 | ayh :
111 | mov esp, edi
112 | popfd
113 | popad
114 |
115 |
116 | }
117 | #endif
118 |
119 | return dll_base;
120 | }
121 |
122 | //Function RVA = IMAGE_EXPORT_DIRECTORY -> Address Table RVA + (Ordinal * 4)
123 |
124 | DWORD _findFunctionAddress(DWORD dll, LPCSTR function)
125 | {
126 |
127 | DWORD function_address = 0;
128 |
129 | #if defined(__x86_64__) || defined(_M_X64)
130 | printf_s("x64 coming soon\n");
131 | #elif defined(i386) || defined(__i386__) || defined(__i386) || defined(_M_IX86)
132 | __asm
133 | {
134 | pushad
135 | pushfd
136 |
137 | mov edi, esp
138 |
139 | sub esp, 0x14
140 |
141 | mov[edi - 0x4], eax // Dll Base
142 | mov[edi - 0x8], eax // Number of Functions
143 | mov[edi - 0xC], eax // Address Table RVA
144 | mov[edi - 0x10], eax // Name Pointer Table RVA
145 | mov[edi - 0x14], eax // Ordinal Table RVA
146 |
147 | mov ebx, dll
148 | mov[edi - 0x4], ebx //store dll base ebx
149 |
150 | mov eax, [ebx + 0x3C] //kernel32.dll -> IMAGE_DOS_HEADER -> 0X3C = 0XF8
151 | add eax, ebx //IMAGE_NT_HEADER -> 0XF8 = 4550 (dllbase + 0xF8)
152 |
153 | mov eax, [eax + 0x78] // 0xF8 + 0x78 = 0x170 RVA of Export Table 0
154 | add eax, ebx // Export Table RVA + dllbase
155 |
156 | mov ecx, [eax + 0x14] // IMAGE_EXPORT_DIRECTORY -> 0x14 = Number of Functions
157 | mov[edi - 0x8], ecx
158 |
159 | mov ecx, [eax + 0x1C] // IMAGE_EXPORT_DIRECTORY -> 0x1C = Address Table RVA
160 | mov[edi - 0xC], ecx
161 |
162 | mov ecx, [eax + 0x20] // IMAGE_EXPORT_DIRECTORY -> 0x20 = Name Pointer Table RVA
163 | mov[edi - 0x10], ecx
164 |
165 | mov ecx, [eax + 0x24] // IMAGE_EXPORT_DIRECTORY -> 0x24 = Ordinal Table RVA
166 | mov[edi - 0x14], ecx
167 |
168 | mov esi, 0x0
169 |
170 | mov edx, [edi - 0x10] // IMAGE_EXPORT_DIRECTORY -> 0x20 = Name Pointer Table RVA = 0x000947f4
171 | add edx, ebx
172 |
173 | loop1 :
174 | mov eax, [edx + esi * 4]
175 | add eax, ebx
176 | push eax
177 | push function
178 | call string_compare
179 | sub eax, 0x1
180 | cmp eax, 0x0
181 | je _find
182 | xor eax, eax
183 | mov eax, [edi - 0x8]
184 | sub eax, esi
185 | cmp eax, 0x0
186 | je ayh
187 | inc esi
188 | jne loop1
189 |
190 | _find :
191 | xor eax, eax
192 | xor ebx, ebx
193 | xor ecx, ecx
194 | xor edx, edx
195 | mov eax, [edi - 0x14]
196 | add esi, esi
197 | add eax, esi
198 | mov edx, [edi - 0x4]
199 | add eax, edx
200 | mov cx, word ptr[eax]
201 | add cx, cx
202 | add cx, cx
203 | mov ebx, [edi - 0xC]
204 | add ebx, ecx
205 | add ebx, edx
206 | mov ebx, [ebx]
207 | add edx, ebx
208 | mov function_address, edx
209 | jmp ayh
210 |
211 | ayh :
212 | add esp, 0x14
213 | mov esp, edi
214 | popfd
215 | popad
216 | }
217 | #endif
218 |
219 | return function_address;
220 | }
221 |
222 | DWORD djb2(unsigned int* dll_hash, PWSTR word)
223 | {
224 | unsigned int hash = 5381;
225 | int c;
226 | unsigned int dhash = reinterpret_cast(dll_hash);
227 |
228 |
229 | while ((c = *word++))
230 | {
231 | if (isupper(c))
232 | {
233 | c = c + 32;
234 | }
235 |
236 | hash = ((hash << 5) + hash) + c;
237 | }
238 |
239 | if (dhash == hash)
240 | return 0x1;
241 | else
242 | return 0x0;
243 | }
244 |
245 | /*LdrLoadDll: This is a low-level function to load a DLL into a process, just like LoadLibrary.
246 | Normal programs use LoadLibrary, and the presence of this import may indicate a program that is attempting to be stealthy.*/
247 |
248 | void _LoadLibrary(const wchar_t* ldrstring) //give Dll Name
249 | {
250 | UNICODE_STRING ldrldll;
251 |
252 |
253 | _RtlInitUnicodeString _pRtlInitUnicodeString = (_RtlInitUnicodeString)_initialize(djb2_values[0], (LPCSTR)"RtlInitUnicodeString", 0);
254 | _LdrLoadDll _pLdrLoadDll = (_LdrLoadDll)_initialize(djb2_values[0], (LPCSTR)"LdrLoadDll", 0);
255 |
256 | (_RtlInitUnicodeString)_pRtlInitUnicodeString(&ldrldll, ldrstring);
257 | HANDLE _dllModule = NULL;
258 | (_LdrLoadDll)_pLdrLoadDll(NULL, 0, &ldrldll, &_dllModule);
259 |
260 | }
--------------------------------------------------------------------------------
/ldr.h:
--------------------------------------------------------------------------------
1 | #ifdef __cplusplus
2 | extern "C" {
3 | #endif
4 |
5 | #pragma once
6 | #include
7 | #include
8 | //#include
9 |
10 | DWORD _initialize(unsigned int dll_hash, LPCSTR lpProcName, BOOL ishook);
11 | DWORD _inithook(int _control, unsigned char* _hookFuncAddres);
12 |
13 | DWORD _findDllAddress(unsigned int dll);
14 |
15 | DWORD _findFunctionAddress(DWORD dll, LPCSTR function);
16 |
17 | DWORD string_compare(PWSTR param1, PWSTR param2);
18 |
19 | void _LoadLibrary(const wchar_t* ldrstring);
20 |
21 | static unsigned int djb2_values[] = { 0x22d3b5ed,0x7040ee75,0x2722e788,0x5a6bd3f3,0xe092e076,0x721d7aaa,0x9ad10b0f,0x67208a49,0x60c3db35,0xf92c2394,0xecf21d5a,0x7d5e04ec,0x87594a69,0x8dbd9c6d,0x12956686 };
22 | //static const char* const values[] = {"NTDLL.DLL","KERNEL32.DLL","GDI32.DLL","USER32.DLL","COMCTL32.DLL","COMDLG32.DLL","WS2_32.DLL","ADVAPI32.DLL","NETAPI32.DLL","OLE32.DLL","MSVCRT.DLL,","ucrtbased.dll","combase.dll","Crypt32.dll"};
23 | typedef NTSTATUS(NTAPI* _RtlInitUnicodeString)(PUNICODE_STRING, PCWSTR);
24 | typedef NTSTATUS(NTAPI* _LdrLoadDll)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE);
25 |
26 | DWORD djb2(unsigned int* dll_hash, PWSTR word);
27 |
28 | #ifdef __cplusplus
29 | }
30 | #endif
31 |
--------------------------------------------------------------------------------