1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#pragma once
#include <sys/uio.h>
#include <capstone/capstone.h>
struct archinfo {
unsigned long progmctr;
unsigned long stackptr;
unsigned long bp_insn;
unsigned long bp_mask;
unsigned long bp_adjust;
int cs_arch;
int cs_mode;
unsigned cs_call;
unsigned wordsize;
};
extern void architecture_info(struct archinfo *ai, const struct iovec *regs);
/* Architecture Definitions */
#if defined(__x86_64__) || defined(i386) || defined(__i386__)
typedef union {
struct user_regs_64 {
unsigned long long int r15, r14, r13, r12, rbp, rbx, r11, r10, r9, r8,
rax, rcx, rdx, rsi, rdi, orig_rax, rip, cs, eflags, rsp,
ss, fs_base, gs_base, ds, es, fs, gs;
} x86_64;
struct user_regs_32 {
unsigned int ebx, ecx, edx, esi, edi, ebp, eax, xds, xes, xfs, xgs,
orig_eax, eip, xcs, eflags, esp, xss;
} x86_32;
} user_regs_t;
#define ARCH_X86
#define PROGMCTR_64 x86_64.rip
#define STACKPTR_64 x86_64.rsp
#define BREAKPOINT_INSN_64 0xccul
#define BREAKPOINT_MASK_64 0xfful
#define BREAKPOINT_ADJS_64 0x1
#define CAPSTONE_ARCH_64 CS_ARCH_X86
#define CAPSTONE_MODE_64 CS_MODE_64
#define CAPSTONE_CALL_64 X86_INS_CALL
#define WORDSIZE_64 8
#define PROGMCTR_32 x86_32.eip
#define STACKPTR_32 x86_32.esp
#define BREAKPOINT_INSN_32 0xccul
#define BREAKPOINT_MASK_32 0xfful
#define BREAKPOINT_ADJS_32 0x1
#define CAPSTONE_ARCH_32 CS_ARCH_X86
#define CAPSTONE_MODE_32 CS_MODE_32
#define CAPSTONE_CALL_32 X86_INS_CALL
#define WORDSIZE_32 4
#else
#error Detected architecture is not supported!
#endif
|
