Copyright	(c) Inokentiy Babushkin, 2016
License	BSD3
Maintainer	Inokentiy Babushkin <inokentiy.babushkin@googlemail.com>
Stability	experimental
Safe Haskell	None
Language	Haskell2010

Hapstone.Internal.Capstone

Contents

Datatypes
Skipdata setup
Instruction representation
Capstone API

Description

This module contains capstone's public API, with the necessary datatypes and functions, and some boilerplate to make it usable. Thus, it exposes an IO-based interface to capstone, which is a rough 1:1 translation of the capstone C header to Haskell. Obviously, it isn't very ideomatic to use, so a higher-level API is present in Hapstone.Capstone. The approach there is to wrap all necessary cleanup and initialization and expose an ideomatic (but heavily abstracted) interface to capstone.

This module, on the other hand, is intended to be used when performance is more critical or greater versatility is needed. This means that the abstractions introduced in the C version of the library are still present, but their use has been restricted to provide more reasonable levels of safety.

Synopsis

Datatypes

type Csh = CSize Source #

capstone's weird^M^M^M^M^Mopaque handle type

data CsArch Source #

supported architectures

Constructors

CsArchArm
CsArchArm64
CsArchMips
CsArchX86
CsArchPpc
CsArchSparc
CsArchSysz
CsArchXcore
CsArchM68k
CsArchMax
CsArchAll

Instances

Bounded CsArch Source #
Methods minBound :: CsArch # maxBound :: CsArch #
Enum CsArch Source #
Methods succ :: CsArch -> CsArch # pred :: CsArch -> CsArch # toEnum :: Int -> CsArch # fromEnum :: CsArch -> Int # enumFrom :: CsArch -> [CsArch] # enumFromThen :: CsArch -> CsArch -> [CsArch] # enumFromTo :: CsArch -> CsArch -> [CsArch] # enumFromThenTo :: CsArch -> CsArch -> CsArch -> [CsArch] #
Eq CsArch Source #
Methods (==) :: CsArch -> CsArch -> Bool # (/=) :: CsArch -> CsArch -> Bool #
Show CsArch Source #
Methods showsPrec :: Int -> CsArch -> ShowS # show :: CsArch -> String # showList :: [CsArch] -> ShowS #

data CsSupport Source #

support constants

Constructors

CsSupportDiet
CsSupportX86Reduce

Instances

Bounded CsSupport Source #
Methods minBound :: CsSupport # maxBound :: CsSupport #
Enum CsSupport Source #
Methods succ :: CsSupport -> CsSupport # pred :: CsSupport -> CsSupport # toEnum :: Int -> CsSupport # fromEnum :: CsSupport -> Int # enumFrom :: CsSupport -> [CsSupport] # enumFromThen :: CsSupport -> CsSupport -> [CsSupport] # enumFromTo :: CsSupport -> CsSupport -> [CsSupport] # enumFromThenTo :: CsSupport -> CsSupport -> CsSupport -> [CsSupport] #
Eq CsSupport Source #
Methods (==) :: CsSupport -> CsSupport -> Bool # (/=) :: CsSupport -> CsSupport -> Bool #
Show CsSupport Source #
Methods showsPrec :: Int -> CsSupport -> ShowS # show :: CsSupport -> String # showList :: [CsSupport] -> ShowS #

data CsMode Source #

working modes

Instances

Bounded CsMode Source #
Methods minBound :: CsMode # maxBound :: CsMode #
Enum CsMode Source #
Methods succ :: CsMode -> CsMode # pred :: CsMode -> CsMode # toEnum :: Int -> CsMode # fromEnum :: CsMode -> Int # enumFrom :: CsMode -> [CsMode] # enumFromThen :: CsMode -> CsMode -> [CsMode] # enumFromTo :: CsMode -> CsMode -> [CsMode] # enumFromThenTo :: CsMode -> CsMode -> CsMode -> [CsMode] #
Eq CsMode Source #
Methods (==) :: CsMode -> CsMode -> Bool # (/=) :: CsMode -> CsMode -> Bool #
Show CsMode Source #
Methods showsPrec :: Int -> CsMode -> ShowS # show :: CsMode -> String # showList :: [CsMode] -> ShowS #

data CsOption Source #

options are, interestingly, represented by different types: an option

Constructors

CsOptSyntax
CsOptDetail
CsOptMode
CsOptMem
CsOptSkipdata
CsOptSkipdataSetup
CsOptMnemonic
CsOptUnsigned

Instances

Bounded CsOption Source #
Methods minBound :: CsOption # maxBound :: CsOption #
Enum CsOption Source #
Methods succ :: CsOption -> CsOption # pred :: CsOption -> CsOption # toEnum :: Int -> CsOption # fromEnum :: CsOption -> Int # enumFrom :: CsOption -> [CsOption] # enumFromThen :: CsOption -> CsOption -> [CsOption] # enumFromTo :: CsOption -> CsOption -> [CsOption] # enumFromThenTo :: CsOption -> CsOption -> CsOption -> [CsOption] #
Eq CsOption Source #
Methods (==) :: CsOption -> CsOption -> Bool # (/=) :: CsOption -> CsOption -> Bool #
Show CsOption Source #
Methods showsPrec :: Int -> CsOption -> ShowS # show :: CsOption -> String # showList :: [CsOption] -> ShowS #

data CsOptionState Source #

... and a state of an option

Constructors

CsOptOff
CsOptSyntaxDefault
CsOptSyntaxIntel
CsOptSyntaxAtt
CsOptOn
CsOptSyntaxNoregname
CsOptSyntaxMasm

Instances

Bounded CsOptionState Source #
Methods minBound :: CsOptionState # maxBound :: CsOptionState #
Enum CsOptionState Source #
Methods succ :: CsOptionState -> CsOptionState # pred :: CsOptionState -> CsOptionState # toEnum :: Int -> CsOptionState # fromEnum :: CsOptionState -> Int # enumFrom :: CsOptionState -> [CsOptionState] # enumFromThen :: CsOptionState -> CsOptionState -> [CsOptionState] # enumFromTo :: CsOptionState -> CsOptionState -> [CsOptionState] # enumFromThenTo :: CsOptionState -> CsOptionState -> CsOptionState -> [CsOptionState] #
Eq CsOptionState Source #
Methods (==) :: CsOptionState -> CsOptionState -> Bool # (/=) :: CsOptionState -> CsOptionState -> Bool #
Show CsOptionState Source #
Methods showsPrec :: Int -> CsOptionState -> ShowS # show :: CsOptionState -> String # showList :: [CsOptionState] -> ShowS #

data CsOperand Source #

arch-uniting operand type

Constructors

CsOpInvalid
CsOpReg
CsOpImm
CsOpMem
CsOpFp

Instances

Bounded CsOperand Source #
Methods minBound :: CsOperand # maxBound :: CsOperand #
Enum CsOperand Source #
Methods succ :: CsOperand -> CsOperand # pred :: CsOperand -> CsOperand # toEnum :: Int -> CsOperand # fromEnum :: CsOperand -> Int # enumFrom :: CsOperand -> [CsOperand] # enumFromThen :: CsOperand -> CsOperand -> [CsOperand] # enumFromTo :: CsOperand -> CsOperand -> [CsOperand] # enumFromThenTo :: CsOperand -> CsOperand -> CsOperand -> [CsOperand] #
Eq CsOperand Source #
Methods (==) :: CsOperand -> CsOperand -> Bool # (/=) :: CsOperand -> CsOperand -> Bool #
Show CsOperand Source #
Methods showsPrec :: Int -> CsOperand -> ShowS # show :: CsOperand -> String # showList :: [CsOperand] -> ShowS #

data CsGroup Source #

arch-uniting instruction group type

Constructors

CsGrpInvalid
CsGrpJump
CsGrpCall
CsGrpRet
CsGrpInt
CsGrpIret
CsGrpPrivilege

Instances

Bounded CsGroup Source #
Methods minBound :: CsGroup # maxBound :: CsGroup #
Enum CsGroup Source #
Methods succ :: CsGroup -> CsGroup # pred :: CsGroup -> CsGroup # toEnum :: Int -> CsGroup # fromEnum :: CsGroup -> Int # enumFrom :: CsGroup -> [CsGroup] # enumFromThen :: CsGroup -> CsGroup -> [CsGroup] # enumFromTo :: CsGroup -> CsGroup -> [CsGroup] # enumFromThenTo :: CsGroup -> CsGroup -> CsGroup -> [CsGroup] #
Eq CsGroup Source #
Methods (==) :: CsGroup -> CsGroup -> Bool # (/=) :: CsGroup -> CsGroup -> Bool #
Show CsGroup Source #
Methods showsPrec :: Int -> CsGroup -> ShowS # show :: CsGroup -> String # showList :: [CsGroup] -> ShowS #

Skipdata setup

SKIPDATA is an option supported by the capstone disassembly engine, that allows to skip data which can't be disassembled and to represent it in form of pseudo-instructions. The types and functions given here attempt to mirror capstone's setup of this option, and a more high-level interface is available in Hapstone.Capstone.

type CsSkipdataCallback = FunPtr (Ptr Word8 -> CSize -> CSize -> Ptr () -> IO CSize) Source #

callback type for user-defined SKIPDATA work

data CsSkipdataStruct Source #

user-defined SKIPDATA setup

Constructors

CsSkipdataStruct String CsSkipdataCallback (Ptr ())

Instances

Eq CsSkipdataStruct Source #
Methods (==) :: CsSkipdataStruct -> CsSkipdataStruct -> Bool # (/=) :: CsSkipdataStruct -> CsSkipdataStruct -> Bool #
Show CsSkipdataStruct Source #
Methods showsPrec :: Int -> CsSkipdataStruct -> ShowS # show :: CsSkipdataStruct -> String # showList :: [CsSkipdataStruct] -> ShowS #
Storable CsSkipdataStruct Source #
Methods sizeOf :: CsSkipdataStruct -> Int # alignment :: CsSkipdataStruct -> Int # peekElemOff :: Ptr CsSkipdataStruct -> Int -> IO CsSkipdataStruct # pokeElemOff :: Ptr CsSkipdataStruct -> Int -> CsSkipdataStruct -> IO () # peekByteOff :: Ptr b -> Int -> IO CsSkipdataStruct # pokeByteOff :: Ptr b -> Int -> CsSkipdataStruct -> IO () # peek :: Ptr CsSkipdataStruct -> IO CsSkipdataStruct # poke :: Ptr CsSkipdataStruct -> CsSkipdataStruct -> IO () #

csSetSkipdata :: Csh -> Maybe CsSkipdataStruct -> IO CsErr Source #

safely set SKIPDATA options (reset on Nothing)

Instruction representation

data ArchInfo Source #

architecture specific information

Constructors

X86 CsX86	x86 architecture
Arm64 CsArm64	ARM64 architecture
Arm CsArm	ARM architecture
Mips CsMips	MIPS architecture
Ppc CsPpc	PPC architecture
Sparc CsSparc	SPARC architecture
SysZ CsSysZ	SystemZ architecture
XCore CsXCore	XCore architecture

Instances

Eq ArchInfo Source #
Methods (==) :: ArchInfo -> ArchInfo -> Bool # (/=) :: ArchInfo -> ArchInfo -> Bool #
Show ArchInfo Source #
Methods showsPrec :: Int -> ArchInfo -> ShowS # show :: ArchInfo -> String # showList :: [ArchInfo] -> ShowS #

The union holding architecture-specific info is not tagged. Thus, we have no way to determine what kind of data is stored in it without resorting to some kind of context lookup, as the corresponding C code would do. Thus, the peek implementation does not get architecture information, use peekDetail for that.

data CsDetail Source #

instruction information

Constructors

CsDetail
Fields regsRead :: [Word16] registers read by this instruction regsWrite :: [Word16] registers written by this instruction groups :: [Word8] instruction groups this instruction belongs to archInfo :: Maybe ArchInfo (optional) architecture-specific info

Instances

Eq CsDetail Source #
Methods (==) :: CsDetail -> CsDetail -> Bool # (/=) :: CsDetail -> CsDetail -> Bool #
Show CsDetail Source #
Methods showsPrec :: Int -> CsDetail -> ShowS # show :: CsDetail -> String # showList :: [CsDetail] -> ShowS #
Storable CsDetail Source #
Methods sizeOf :: CsDetail -> Int # alignment :: CsDetail -> Int # peekElemOff :: Ptr CsDetail -> Int -> IO CsDetail # pokeElemOff :: Ptr CsDetail -> Int -> CsDetail -> IO () # peekByteOff :: Ptr b -> Int -> IO CsDetail # pokeByteOff :: Ptr b -> Int -> CsDetail -> IO () # peek :: Ptr CsDetail -> IO CsDetail # poke :: Ptr CsDetail -> CsDetail -> IO () #

peekDetail :: CsArch -> Ptr CsDetail -> IO CsDetail Source #

an arch-sensitive peek for cs_detail

data CsInsn Source #

instructions

Constructors

CsInsn
Fields insnId :: Word32 instruction ID address :: Word64 instruction's address in memory bytes :: [Word8] raw byte representation mnemonic :: String instruction's mnemonic opStr :: String operands detail :: Maybe CsDetail (optional) detailed info

Instances

Eq CsInsn Source #
Methods (==) :: CsInsn -> CsInsn -> Bool # (/=) :: CsInsn -> CsInsn -> Bool #
Show CsInsn Source #
Methods showsPrec :: Int -> CsInsn -> ShowS # show :: CsInsn -> String # showList :: [CsInsn] -> ShowS #
Storable CsInsn Source #
Methods sizeOf :: CsInsn -> Int # alignment :: CsInsn -> Int # peekElemOff :: Ptr CsInsn -> Int -> IO CsInsn # pokeElemOff :: Ptr CsInsn -> Int -> CsInsn -> IO () # peekByteOff :: Ptr b -> Int -> IO CsInsn # pokeByteOff :: Ptr b -> Int -> CsInsn -> IO () # peek :: Ptr CsInsn -> IO CsInsn # poke :: Ptr CsInsn -> CsInsn -> IO () #

peekArch :: CsArch -> Ptr CsInsn -> IO CsInsn Source #

an arch-sensitive peek for cs_insn

peekArrayArch :: CsArch -> Int -> Ptr CsInsn -> IO [CsInsn] Source #

an arch-sensitive peekArray for cs_insn

Capstone API

csInsnOffset :: Ptr CsInsn -> Int -> Int Source #

our own port of the CS_INSN_OFFSET macro

data CsErr Source #

possible error conditions

Constructors

CsErrOk
CsErrMem
CsErrArch
CsErrHandle
CsErrCsh
CsErrMode
CsErrOption
CsErrDetail
CsErrMemsetup
CsErrVersion
CsErrDiet
CsErrSkipdata
CsErrX86Att
CsErrX86Intel
CsErrX86Masm

Instances

Bounded CsErr Source #
Methods minBound :: CsErr # maxBound :: CsErr #
Enum CsErr Source #
Methods succ :: CsErr -> CsErr # pred :: CsErr -> CsErr # toEnum :: Int -> CsErr # fromEnum :: CsErr -> Int # enumFrom :: CsErr -> [CsErr] # enumFromThen :: CsErr -> CsErr -> [CsErr] # enumFromTo :: CsErr -> CsErr -> [CsErr] # enumFromThenTo :: CsErr -> CsErr -> CsErr -> [CsErr] #
Eq CsErr Source #
Methods (==) :: CsErr -> CsErr -> Bool # (/=) :: CsErr -> CsErr -> Bool #
Show CsErr Source #
Methods showsPrec :: Int -> CsErr -> ShowS # show :: CsErr -> String # showList :: [CsErr] -> ShowS #

csSupport :: Enum a => a -> Bool Source #

get information on supported features

csOpen :: CsArch -> [CsMode] -> IO (CsErr, Csh) Source #

open a new disassembly handle

csClose :: Csh -> IO CsErr Source #

csOption :: Enum a => Csh -> CsOption -> a -> IO CsErr Source #

set an option on a handle

csErrno :: Csh -> IO CsErr Source #

get the last error from a handle

csStrerror :: CsErr -> String Source #

get the description of an error

csDisasm :: CsArch -> Csh -> [Word8] -> Word64 -> Int -> IO [CsInsn] Source #

disassemble a buffer

csDisasmIter :: Csh -> [Word8] -> Word64 -> IO ([Word8], Word64, Either CsErr CsInsn) Source #

disassemble one instruction at a time

csFree :: Ptr CsInsn -> Int -> IO () Source #

free an instruction struct array

csMalloc :: Csh -> IO (Ptr CsInsn) Source #

allocate space for an instruction structure

csRegName :: Enum e => Csh -> e -> Maybe String Source #

csInsnName :: Enum e => Csh -> e -> Maybe String Source #

csGroupName :: Enum e => Csh -> e -> Maybe String Source #

csInsnGroup :: Csh -> CsInsn -> Bool Source #

check whether an instruction is member of a group

csRegRead :: Csh -> CsInsn -> Int -> Bool Source #

check whether an instruction reads from a register

csRegWrite :: Csh -> CsInsn -> Int -> Bool Source #

check whether an instruction writes to a register

csOpCount :: Csh -> CsInsn -> Int -> Int Source #

return the number of operands of given type an instruction has

csOpIndex :: Csh -> CsInsn -> Int -> Int -> Int Source #

return the position of the first operand of given type an instruction has, given an inclusive search range

CsModeLittleEndian
CsModeArm
CsMode16
CsModeM68k000
CsMode32
CsModeM68k010
CsModeMips32
CsMode64
CsModeM68k020
CsModeMips64
CsModeThumb
CsModeMicro
CsModeV9
CsModeQpx
CsModeM68k030
CsModeMclass
CsModeMips3
CsModeM68k040
CsModeV8
CsModeMips32r6
CsModeM68k060
CsModeBigEndian