我正在做项目,他的目的是创建补丁程序,我想通过在 Capstone 中使用来添加反汇编程序,我试图运行下一个代码
/* test1.c */
#include <stdio.h>
#include <inttypes.h>
#include <capstone/capstone.h>
#include "capstone/capstone.h"
#define CODE "\x55\x48\x8b\x05\xb8\x13\x00\x00"
int main(void)
{
csh handle;
cs_err();
cs_insn* insn;
size_t count;
if (cs_open(CS_ARCH_X86, CS_MODE_64, &handle) != CS_ERR_OK)
return -1;
count = cs_disasm(handle, (const uint8_t*)CODE, sizeof(CODE) - 1, 0x1000, 0, &insn);
if (count > 0) {
size_t j;
for (j = 0; j < count; j++) {
printf("0x%" PRIx64 ":\t%s\t\t%s\n", insn[j].address, insn[j].mnemonic,
insn[j].op_str);
}
cs_free(insn, count);
}
else
printf("ERROR: Failed to disassemble given code!\n");
cs_close(&handle);
return 0;
}
由于某种原因它不起作用,从调试 cs.ci 中看到,在 cs_open 函数中,cs_arch_init 数组在他的所有单元格中都是 0x000000,这导致 cs_arch_init[arch] 为假,有人知道如何修复它吗?
cs_err CAPSTONE_API cs_open(cs_arch arch, cs_mode mode, csh *handle)
{
cs_err err;
struct cs_struct *ud;
if (!cs_mem_malloc || !cs_mem_calloc || !cs_mem_realloc || !cs_mem_free || !cs_vsnprintf)
// Error: before cs_open(), dynamic memory management must be initialized
// with cs_option(CS_OPT_MEM)
return CS_ERR_MEMSETUP;
if (arch < CS_ARCH_MAX && cs_arch_init[arch]) {
// verify if requested mode is valid
if (mode & cs_arch_disallowed_mode_mask[arch]) {
*handle = 0;
return CS_ERR_MODE;
}
ud = cs_mem_calloc(1, sizeof(*ud));
if (!ud) {
// memory insufficient
return CS_ERR_MEM;
}
ud->errnum = CS_ERR_OK;
ud->arch = arch;
ud->mode = mode;
// by default, do not break instruction into details
ud->detail = CS_OPT_OFF;
// default skipdata setup
ud->skipdata_setup.mnemonic = SKIPDATA_MNEM;
err = cs_arch_init[ud->arch](ud);
if (err) {
cs_mem_free(ud);
*handle = 0;
return err;
}
*handle = (uintptr_t)ud;
return CS_ERR_OK;
} else {
*handle = 0;
return CS_ERR_ARCH;
}
}