Crate bad64[−][src]
Expand description
bad64
bad64 is a set of Rust bindings to the Binja Arm64 Disassembler.
For more information about the disassembler, please see the upstream repo.
There are two main entry points:
decode
for decoding a single instruction.
use bad64::{decode, Op}; // nop - "\x1f\x20\x03\xd5" let decoded = decode(0xd503201f, 0x1000).unwrap(); assert_eq!(decoded.address(), 0x1000); assert_eq!(decoded.operands().len(), 0); assert_eq!(decoded.op(), Op::NOP); assert_eq!(decoded.op().mnem(), "nop");
disasm
for disassembling a byte sequence.
use bad64::{disasm, Op, Operand, Reg, Imm}; // 1000: str x0, [sp, #-16]! ; "\xe0\x0f\x1f\xf8" // 1004: ldr x0, [sp], #16 ; "\xe0\x07\x41\xf8" let mut decoded_iter = disasm(b"\xe0\x0f\x1f\xf8\xe0\x07\x41\xf8", 0x1000); let push = decoded_iter.next().unwrap().unwrap(); // check out the push assert_eq!(push.address(), 0x1000); assert_eq!(push.operands().len(), 2); assert_eq!(push.op(), Op::STR); assert_eq!( push.operands()[0], Operand::Reg { reg: Reg::X0, arrspec: None } ); assert_eq!( push.operands()[1], Operand::MemPreIdx { reg: Reg::SP, imm: Imm::Signed(-16) } ); assert_eq!(push.operands().get(2), None); let pop = decoded_iter.next().unwrap().unwrap(); // check out the pop assert_eq!(pop.address(), 0x1004); assert_eq!(pop.operands().len(), 2); assert_eq!(pop.op(), Op::LDR); assert_eq!( pop.operands().get(0), Some(&Operand::Reg { reg: Reg::X0, arrspec: None }) ); assert_eq!( pop.operands().get(1), Some(&Operand::MemPostIdxImm { reg: Reg::SP, imm: Imm::Signed(16) }) ); assert_eq!(pop.operands().get(2), None); // make sure there's nothing left assert_eq!(decoded_iter.next(), None);
Structs
A decoded instruction
Enums
An arrangement specifier
A condition
Decoding errors types
An instruction immediate
An instruction operation
An instruction operand
A register
A shift applied to a register or immediate
A system register