Expand description
§Zydis Rust Bindings
Rust bindings for Zydis, a fast and lightweight x86/x86-64 disassembler and code generator library.
[dependencies]
zydis = "4.1.1"§Example
use zydis::*;
#[rustfmt::skip]
static CODE: &'static [u8] = &[
0x51, 0x8D, 0x45, 0xFF, 0x50, 0xFF, 0x75, 0x0C, 0xFF, 0x75, 0x08,
0xFF, 0x15, 0xA0, 0xA5, 0x48, 0x76, 0x85, 0xC0, 0x0F, 0x88, 0xFC,
0xDA, 0x02, 0x00,
];
fn main() -> zydis::Result {
let fmt = Formatter::intel();
let dec = Decoder::new64();
// 0 is the address for our code.
for insn_info in dec.decode_all::<VisibleOperands>(CODE, 0) {
let (ip, _raw_bytes, insn) = insn_info?;
// We use Some(ip) here since we want absolute addressing based on the given
// instruction pointer. If we wanted relative addressing, we'd use `None` instead.
println!("0x{:016X} {}", ip, fmt.format(Some(ip), &insn)?);
}
Ok(())
}§Output
0x0000000000000000 push rcx
0x0000000000000001 lea eax, [rbp-0x01]
0x0000000000000004 push rax
0x0000000000000005 push [rbp+0x0C]
0x0000000000000008 push [rbp+0x08]
0x000000000000000B call [0x000000007648A5B1]
0x0000000000000011 test eax, eax
0x0000000000000013 js 0x000000000002DB15§Version Map
Since version 3.0.0 the binding’s major and minor versions are tethered to the Zydis version. The binding’s patch version is independent of the Zydis version and can be bumped for binding-only changes. Every cargo crate release has a corresponding git tag.
Version map for older releases
| Bindings | Zydis |
|---|---|
| v0.0.4 | v2.0.2 |
| v0.0.3 | v2.0.0-develop@e967510 |
| v0.0.2 | v2.0.0-alpha2 |
| v0.0.1 | v2.0.0-develop@4a79d57 |
§Navigation
Modules§
- ffi
- Provides the types, enums, constants and functions of the raw, unwrapped C library.
Macros§
- insn32
- Macro for conveniently creating encoder requests (32-bit variant).
- insn64
- Macro for conveniently creating encoder requests (64-bit variant).
- mem
- Macro for creating memory operands.
Structs§
- CpuFlag
- Identifies a CPU flag.
- Decoder
- Decodes raw instruction bytes into a machine-readable struct.
- Encoder
Operand - Describes an operand in an
EncoderRequest. - Encoder
Request - Describes an instruction to be encoded.
- Formatter
- Formats decoded instructions to human-readable text.
- FpuFlag
- Identifies an FPU flag.
- Instruction
- Basic information about an instruction.
- Instruction
Attributes - Attributes of an instruction.
- Instruction
Iter - Iterator decoding instructions in a buffer.
- NoOperands
- Don’t decode or store any operands.
- Operand
Action - Describes how an operand is accessed.
- Operand
Array Vec - Decode and store operands in a static array buffer.
- Operand
Attributes - Attributes of an operand.
- Output
Buffer - A convenience typed when using the
format.*ortokenize.*functions. - Token
- The type of a formatter token.
Enums§
- Address
Size Hint - Defines possible values for address size hints. See
ZydisEncoderRequestfor more information about address size hints. - Branch
Type - Defines the
ZydisBranchTypeenum. - Branch
Width - Defines encodable physical/effective sizes of relative immediate operands. See
ZydisEncoderRequest.branch_widthfor more details. - Broadcast
Mode - Defines the
ZydisBroadcastModeenum. - Conversion
Mode - Defines the
ZydisConversionModeenum. - Decoder
Mode - Defines the
ZydisDecoderModeenum. - Decorator
- Enum of all decorator types.
- Element
Type - Defines the
ZydisElementTypeenum. - Encodable
Encoding - Defines possible physical instruction encodings as bit flags, so multiple acceptable encodings can be specified simultaneously.
- Exception
Class - Defines the
ZydisExceptionClassenum. - Feature
- Defines the
ZydisFeatureenum. - Formatter
Function - Enum selecting a formatter function to be replaced with hooks.
- Formatter
Property - State of a formatter setting knob.
- Formatter
Style - Enum selecting the syntax to format the disassembly in.
- Hook
- ISAExt
- Defines the
ZydisISAExtenum. - ISASet
- Defines the
ZydisISASetenum. - Instruction
Category - Defines the
ZydisInstructionCategoryenum. - Instruction
Encoding - Defines the
ZydisInstructionEncodingenum. - Instruction
Segment - Defines the
ZydisInstructionSegmentstruct. - Machine
Mode - Defines the
ZydisMachineModeenum. - Mask
Mode - Defines the
ZydisMaskModeenum. - Memory
Operand Type - Defines the
ZydisMemoryOperandTypeenum. - Mnemonic
- Defines the
ZydisMnemonicenum. - Numeric
Base - Enum defining different mantissae to be used during formatting.
- Opcode
Map - Defines the
ZydisOpcodeMapenum. - Operand
Encoding - Defines the
ZydisOperandEncodingenum. - Operand
Size Hint - Defines possible values for operand size hints. See
ZydisEncoderRequestfor more information about operand size hints. - Operand
Type - Defines the
ZydisOperandTypeenum. - Operand
Visibility - Defines the
ZydisOperandVisibilityenum. - Padding
- Enum definining magic values that receive special treatment when used as padding properties of the formatter.
- Prefix
Type - Defines the
ZydisPrefixTypeenum. - Register
- Defines the
ZydisRegisterenum. - Register
Class - Defines the
ZydisRegisterClassenum. - Register
Kind - Defines the
ZydisRegisterKindenum. - Rounding
Mode - Defines the
ZydisRoundingModeenum. - Signedness
- Enum defining the signeness of integers to be used during formatting.
- Stack
Width - Defines the
ZydisStackWidthenum. - Status
- Status code indicating either success or failure.
- Swizzle
Mode - Defines the
ZydisSwizzleModeenum. - Zydis
Formatter Property - We wrap this in a nicer rust enum
FormatterPropertyalready, use that instead.
Constants§
- ADDRESS_
SIZE_ HINT_ MAX_ VALUE - BRANCH_
TYPE_ MAX_ VALUE - BRANCH_
WIDTH_ MAX_ VALUE - BROADCAST_
MODE_ MAX_ VALUE - CATEGORY_
MAX_ VALUE - CONVERSION_
MODE_ MAX_ VALUE - DECODER_
MODE_ MAX_ VALUE - DECORATOR_
MAX_ VALUE - ELEMENT_
TYPE_ MAX_ VALUE - ENCODABLE_
ENCODING_ MAX_ VALUE - ENCODABLE_
PREFIXES - Combination of all user-encodable prefixes.
- ENCODER_
MAX_ OPERANDS - Maximum number of encoder operands.
- EXCEPTION_
CLASS_ MAX_ VALUE - FEATURE_
MAX_ VALUE - FORMATTER_
FUNC_ MAX_ VALUE - FORMATTER_
PROP_ MAX_ VALUE - FORMATTER_
STYLE_ MAX_ VALUE - INSTRUCTION_
ENCODING_ MAX_ VALUE - INSTR_
SEGMENT_ MAX_ VALUE - ISA_
EXT_ MAX_ VALUE - ISA_
SET_ MAX_ VALUE - MACHINE_
MODE_ MAX_ VALUE - MASK_
MODE_ MAX_ VALUE - MAX_
INSTRUCTION_ LENGTH - Maximum length of an instruction in bytes.
- MAX_
OPERAND_ COUNT - Maximum number of operands (visible and hidden).
- MAX_
OPERAND_ COUNT_ VISIBLE - Maximum number of visible operands.
- MEMOP_
TYPE_ MAX_ VALUE - MNEMONIC_
MAX_ VALUE - NUMERIC_
BASE_ MAX_ VALUE - OPCODE_
MAP_ MAX_ VALUE - OPERAND_
ENCODING_ MAX_ VALUE - OPERAND_
SIZE_ HINT_ MAX_ VALUE - OPERAND_
TYPE_ MAX_ VALUE - OPERAND_
VISIBILITY_ MAX_ VALUE - PREFIX_
TYPE_ MAX_ VALUE - REGCLASS_
MAX_ VALUE - REGISTER_
MAX_ VALUE - REGKIND_
MAX_ VALUE - ROUNDING_
MODE_ MAX_ VALUE - SIGNEDNESS_
MAX_ VALUE - STACK_
WIDTH_ MAX_ VALUE - SWIZZLE_
MODE_ MAX_ VALUE - TOKEN_
ADDRESS_ ABS - TOKEN_
ADDRESS_ REL - TOKEN_
DECORATOR - TOKEN_
DELIMITER - TOKEN_
DISPLACEMENT - TOKEN_
IMMEDIATE - TOKEN_
INVALID - TOKEN_
MNEMONIC - TOKEN_
PARENTHESIS_ CLOSE - TOKEN_
PARENTHESIS_ OPEN - TOKEN_
PREFIX - TOKEN_
REGISTER - TOKEN_
SYMBOL - TOKEN_
TYPECAST - TOKEN_
USER - The base for user defined tokens.
- TOKEN_
WHITESPACE - ZYAN_
MODULE_ USER - ZYAN_
MODULE_ ZYCORE - ZYAN_
MODULE_ ZYDIS - ZYAN_
MODULE_ ZYDIS_ RS
Traits§
- Operands
- Defines storage and decoding behavior for operands.
Functions§
- version
- Returns the version of the zydis C library as a quadruple
(major, minor, patch, build).
Type Aliases§
- AllOperands
- Decode and store all (both visible and implicit) operands.
- Full
Instruction - Convenience alias for an instruction with full operand information.
- Register
Width - Result
- A convenience alias for a Result, holding either a value or a status.
- Visible
Operands - Decode and store visible operands.
- Wrapped
Decorator Func - Wrapped
General Func - Wrapped
Register Func