[−][src]Crate capstone_sys
Low-level, unsafe Rust bindings for the Capstone disassembly library.
We recommend against using this crate directly. Instead, consider using capstone-rs, which provides a high-level, safe, "Rusty" interface.
Supported disassembly architectures
arm: ARMarm64: ARM64 (also known as AArch64)mips: MIPSppc: PowerPCsparc: SPARCsysz: System zx86: x86 family (includes 16, 32, and 64 bit modes)xcore: XCore
For each architecture, at least the following types are defined (replace ARCH with
architecture names shown above):
enum ARCH_insn: instruction idsenum ARCH_insn_group: architecture-specific group idsenum ARCH_op_type: instruction operand types idsenum ARCH_reg1: register idsstruct ARCH_op_mem: operand referring to memorystruct cs_ARCH_op: instruction operandstruct cs_ARCH: instruction
Note: documentation for functions/types was taken directly from Capstone C headers.
1: Defined as a "constified" enum modules because discriminant values are not unique. Rust requires discriminant values to be unique.
Modules
Structs
| CapstoneArchInfo | Information specific to architecture |
| __va_list_tag | |
| arm64_op_mem | Instruction's operand referring to memory This is associated with ARM64_OP_MEM operand type above |
| arm_op_mem | Instruction's operand referring to memory This is associated with ARM_OP_MEM operand type above |
| cs_arm | Instruction structure |
| cs_arm64_op | Instruction operand |
| cs_arm64 | Instruction structure |
| cs_arm64_op__bindgen_ty_1 | |
| cs_arm_op | Instruction operand |
| cs_arm_op__bindgen_ty_1 | |
| cs_detail | NOTE: All information in cs_detail is only available when CS_OPT_DETAIL = CS_OPT_ON Initialized as memset(., 0, offsetof(cs_detail, ARCH)+sizeof(cs_ARCH)) by ARCH_getInstruction in arch/ARCH/ARCHDisassembler.c if cs_detail changes, in particular if a field is added after the union, then update arch/ARCH/ARCHDisassembler.c accordingly |
| cs_evm | Instruction structure |
| cs_insn | Detail information of disassembled instruction |
| cs_m68k_op | Instruction operand |
| cs_m68k | The M68K instruction and it's operands |
| cs_m680x_op | Instruction operand |
| cs_m680x | The M680X instruction and it's operands |
| cs_m68k_op__bindgen_ty_1__bindgen_ty_1 | |
| cs_mips | Instruction structure |
| cs_mips_op | Instruction operand |
| cs_mode | Mode type |
| cs_opt_mem | User-defined dynamic memory related functions: malloc/calloc/realloc/free/vsnprintf() By default, Capstone uses system's malloc(), calloc(), realloc(), free() & vsnprintf(). |
| cs_opt_mnem | Customize mnemonic for instructions with alternative name. To reset existing customized instruction to its default mnemonic, call cs_option(CS_OPT_MNEMONIC) again with the same @id and NULL value for @mnemonic. |
| cs_opt_skipdata | User-customized setup for SKIPDATA option |
| cs_ppc | Instruction structure |
| cs_ppc_op | Instruction operand |
| cs_sparc | Instruction structure |
| cs_sparc_op | Instruction operand |
| cs_sysz | |
| cs_sysz_op | Instruction operand |
| cs_tms320c64x_op | |
| cs_tms320c64x | |
| cs_tms320c64x__bindgen_ty_1 | |
| cs_tms320c64x__bindgen_ty_2 | |
| cs_x86_op | Instruction operand |
| cs_x86_encoding | |
| cs_x86 | Instruction structure |
| cs_xcore | Instruction structure |
| cs_xcore_op | Instruction operand |
| m68k_op_mem | Instruction's operand referring to memory This is associated with M68K_OP_MEM operand type above |
| m68k_op_br_disp | |
| m68k_op_size | Operation size of the current instruction (NOT the actually size of instruction) |
| m680x_op_idx | Instruction's operand referring to indexed addressing |
| m680x_op_rel | Instruction's memory operand referring to relative addressing (Bcc/LBcc) |
| m680x_op_ext | Instruction's operand referring to extended addressing |
| mips_op_mem | Instruction's operand referring to memory This is associated with MIPS_OP_MEM operand type above |
| ppc_op_crx | |
| ppc_op_mem | Instruction's operand referring to memory This is associated with PPC_OP_MEM operand type above |
| sparc_op_mem | Instruction's operand referring to memory This is associated with SPARC_OP_MEM operand type above |
| sysz_op_mem | Instruction's operand referring to memory This is associated with SYSZ_OP_MEM operand type above |
| tms320c64x_op_mem | |
| x86_op_mem | Instruction's operand referring to memory This is associated with X86_OP_MEM operand type above |
| xcore_op_mem | Instruction's operand referring to memory This is associated with XCORE_OP_MEM operand type above |
Enums
| arm64_shifter | ARM64 shift type |
| arm64_extender | ARM64 extender type |
| arm64_cc | ARM64 condition code |
| arm64_sysreg | System registers |
| arm64_msr_reg | |
| arm64_pstate | System PState Field (MSR instruction) |
| arm64_vas | Vector arrangement specifier (for FloatingPoint/Advanced SIMD insn) |
| arm64_vess | Vector element size specifier |
| arm64_barrier_op | Memory barrier operands |
| arm64_op_type | Operand type for instruction's operands |
| arm64_tlbi_op | TLBI operations |
| arm64_at_op | AT operations |
| arm64_dc_op | DC operations |
| arm64_ic_op | IC operations |
| arm64_prefetch_op | Prefetch operations (PRFM) |
| arm64_insn | ARM64 instruction |
| arm_cc | ARM condition code |
| arm_cpsflag_type | Operand type for SETEND instruction |
| arm_cpsmode_type | |
| arm_insn | ARM instruction |
| arm_mem_barrier | The memory barrier constants map directly to the 4-bit encoding of the option field for Memory Barrier operations. |
| arm_op_type | Operand type for instruction's operands |
| arm_setend_type | Operand type for SETEND instruction |
| arm_shifter | ARM shift type |
| arm_sysreg | |
| arm_vectordata_type | Data type for elements of vector instructions. |
| cs_ac_type | Common instruction operand access types - to be consistent across all architectures. It is possible to combine access types, for example: CS_AC_READ | CS_AC_WRITE |
| cs_arch | Architecture type |
| cs_op_type | Common instruction operand types - to be consistent across all architectures. |
| cs_opt_type | Runtime option for the disassembled engine |
| evm_insn | EVM instruction |
| m68k_address_mode | M68K Addressing Modes |
| m68k_op_type | Operand type for instruction's operands |
| m68k_op_br_disp_size | Operand type for instruction's operands |
| m68k_cpu_size | Operation size of the CPU instructions |
| m68k_fpu_size | Operation size of the FPU instructions (Notice that FPU instruction can also use CPU sizes if needed) |
| m68k_size_type | Type of size that is being used for the current instruction |
| m68k_insn | M68K instruction |
| m68k_group_type | Group of M68K instructions |
| m680x_op_type | Operand type for instruction's operands |
| m680x_group_type | Group of M680X instructions |
| m680x_insn | M680X instruction IDs |
| mips_insn | MIPS instruction |
| mips_op_type | Operand type for instruction's operands |
| ppc_bc | PPC branch codes for some branch instructions |
| ppc_bh | PPC branch hint for some branch instructions |
| ppc_insn | PPC instruction |
| ppc_op_type | Operand type for instruction's operands |
| sparc_cc | Enums corresponding to Sparc condition codes, both icc's and fcc's. |
| sparc_hint | Branch hint |
| sparc_insn | SPARC instruction |
| sparc_op_type | Operand type for instruction's operands |
| sysz_cc | Enums corresponding to SystemZ condition codes |
| sysz_insn | SystemZ instruction |
| sysz_op_type | Operand type for instruction's operands |
| tms320c64x_op_type | |
| tms320c64x_mem_disp | |
| tms320c64x_mem_dir | |
| tms320c64x_mem_mod | |
| tms320c64x_insn | |
| tms320c64x_funit | |
| x86_op_type | Operand type for instruction's operands |
| x86_xop_cc | XOP Code Condition type |
| x86_avx_bcast | AVX broadcast type |
| x86_sse_cc | SSE Code Condition type |
| x86_avx_cc | AVX Code Condition type |
| x86_avx_rm | AVX static rounding mode type |
| x86_prefix | Instruction prefixes - to be used in cs_x86.prefix[] |
| x86_insn | X86 instructions |
| xcore_insn | XCore instruction |
| xcore_op_type | Operand type for instruction's operands |
Constants
| CS_MODE_16 | < 16-bit mode (X86) |
| CS_MODE_32 | < 32-bit mode (X86) |
| CS_MODE_64 | < 64-bit mode (X86, PPC) |
| CS_MODE_ARM | < 32-bit ARM |
| CS_MODE_BIG_ENDIAN | < big-endian mode |
| CS_MODE_LITTLE_ENDIAN | < little-endian mode (default mode) |
| CS_MODE_M680X_6301 | < M680X Hitachi 6301,6303 mode |
| CS_MODE_M680X_6309 | < M680X Hitachi 6309 mode |
| CS_MODE_M680X_6800 | < M680X Motorola 6800,6802 mode |
| CS_MODE_M680X_6801 | < M680X Motorola 6801,6803 mode |
| CS_MODE_M680X_6805 | < M680X Motorola/Freescale 6805 mode |
| CS_MODE_M680X_6808 | < M680X Motorola/Freescale/NXP 68HC08 mode |
| CS_MODE_M680X_6809 | < M680X Motorola 6809 mode |
| CS_MODE_M680X_6811 | < M680X Motorola/Freescale/NXP 68HC11 mode |
| CS_MODE_M680X_CPU12 | < M680X Motorola/Freescale/NXP CPU12 < used on M68HC12/HCS12 |
| CS_MODE_M680X_HCS08 | < M680X Freescale/NXP HCS08 mode |
| CS_MODE_M68K_000 | < M68K 68000 mode |
| CS_MODE_M68K_010 | < M68K 68010 mode |
| CS_MODE_M68K_020 | < M68K 68020 mode |
| CS_MODE_M68K_030 | < M68K 68030 mode |
| CS_MODE_M68K_040 | < M68K 68040 mode |
| CS_MODE_M68K_060 | < M68K 68060 mode |
| CS_MODE_MCLASS | < ARM's Cortex-M series |
| CS_MODE_MICRO | < MicroMips mode (MIPS) |
| CS_MODE_MIPS2 | < Mips II ISA |
| CS_MODE_MIPS3 | < Mips III ISA |
| CS_MODE_MIPS32 | < Mips32 ISA (Mips) |
| CS_MODE_MIPS64 | < Mips64 ISA (Mips) |
| CS_MODE_MIPS32R6 | < Mips32r6 ISA |
| CS_MODE_QPX | < Quad Processing eXtensions mode (PPC) |
| CS_MODE_THUMB | < ARM's Thumb mode, including Thumb-2 |
| CS_MODE_V8 | < ARMv8 A32 encodings for ARM |
| CS_MODE_V9 | < SparcV9 mode (Sparc) |
| CS_SUPPORT_DIET | |
| CS_SUPPORT_X86_REDUCE | |
| X86_PREFIX_REPE |
Statics
| ARCH_INCLUDES | |
| BINDINGS_FILE |
Functions
| cs_close⚠ | Close CS handle: MUST do to release the handle when it is not used anymore. NOTE: this must be only called when there is no longer usage of Capstone, not even access to cs_insn array. The reason is the this API releases some cached memory, thus access to any Capstone API after cs_close() might crash your application. |
| cs_disasm⚠ | Disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API dynamically allocate memory to contain disassembled instruction. Resulting instructions will be put into @*insn |
| cs_disasm_ex⚠ | Deprecated function - to be retired in the next version! Use cs_disasm() instead of cs_disasm_ex() |
| cs_disasm_iter⚠ | Fast API to disassemble binary code, given the code buffer, size, address and number of instructions to be decoded. This API puts the resulting instruction into a given cache in @insn. See tests/test_iter.c for sample code demonstrating this API. |
| cs_errno⚠ | Report the last error number when some API function fail. Like glibc's errno, cs_errno might not retain its old value once accessed. |
| cs_free⚠ | Free memory allocated by cs_malloc() or cs_disasm() (argument @insn) |
| cs_group_name⚠ | Return friendly name of a group id (that an instruction can belong to) Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| cs_insn_group⚠ | Check if a disassembled instruction belong to a particular group. Find the group id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) Internally, this simply verifies if @group_id matches any member of insn->groups array. |
| cs_insn_name⚠ | Return friendly name of an instruction in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| cs_malloc⚠ | Allocate memory for 1 instruction to be used by cs_disasm_iter(). |
| cs_op_count⚠ | Count the number of operands of a given type. Find the operand type in header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| cs_op_index⚠ | Retrieve the position of operand of given type in |
| cs_open⚠ | Initialize CS handle: this must be done before any usage of CS. |
| cs_option⚠ | Set option for disassembling engine at runtime |
| cs_reg_name⚠ | Return friendly name of register in a string. Find the instruction id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) |
| cs_reg_read⚠ | Check if a disassembled instruction IMPLICITLY used a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) Internally, this simply verifies if @reg_id matches any member of insn->regs_read array. |
| cs_reg_write⚠ | Check if a disassembled instruction IMPLICITLY modified a particular register. Find the register id from header file of corresponding architecture (arm.h for ARM, x86.h for X86, ...) Internally, this simply verifies if @reg_id matches any member of insn->regs_write array. |
| cs_regs_access⚠ | Retrieve all the registers accessed by an instruction, either explicitly or implicitly. |
| cs_strerror⚠ | Return a string describing given error code. |
| cs_support⚠ | This API can be used to either ask for archs supported by this library, or check to see if the library was compile with 'diet' option (or called in 'diet' mode). |
| cs_version⚠ | Return combined API version & major and minor version numbers. |
Type Definitions
| __builtin_va_list | |
| __int8_t | |
| __int16_t | |
| __int32_t | |
| __int64_t | |
| __uint8_t | |
| __uint16_t | |
| __uint32_t | |
| __uint64_t | |
| cs_calloc_t | |
| cs_free_t | |
| cs_malloc_t | |
| cs_realloc_t | |
| cs_regs | Type of array to keep the list of registers |
| cs_skipdata_cb_t | User-defined callback function for SKIPDATA option. See tests/test_skipdata.c for sample code demonstrating this API. |
| cs_vsnprintf_t | |
| csh | |
| va_list |