Perl x86 DisassemblerPerl x86 Disassembler is an Intel x86 disassembler written in Perl. | |
Download |
Perl x86 Disassembler Ranking & Summary
Advertisement
Perl x86 Disassembler Tags
Perl x86 Disassembler Description
Perl x86 Disassembler is an Intel x86 disassembler written in Perl. The libdisasm library provides basic disassembly of Intel x86 instructions from a binary stream. The intent is to provide an easy to use disassembler which can be called from any application; the disassembly can be produced in AT&T syntax and Intel syntax, as well as in an intermediate format which includes detailed instruction and operand type information.This disassembler is derived from libi386.so in the bastard project; as such it is x86 specific and will not be expanded to include other CPU architectures. Releases for libdisasm are generated automatically alongside releases of the bastard; it is not a standalone project, though it is a standalone library.The recent spate of objdump output analyzers has proven that many of the people interested in writing disassemblers have little knowledge of, or interest in, C programming; as a result, these "disassemblers" have been written in Perl.UsageThe basic usage of the library is:1. initialize the library, using disassemble_init()2. disassemble stuff, using disassemble_address()3. un-initialize the library, using disassemble_cleanup These routines have the following prototypes: int disassemble_init(int options, int format); int disassemble_cleanup(void); int disassemble_address(char *buf, int buf_len, struct instr *i);Instructions are disassembled to an intermediate format: struct instr { char mnemonic; char dest; char src; char aux; int mnemType; /* type of instruction */ int destType; /* type of dest operand */ int srcType; /* type of source operand */ int auxType; /* type of 3rd operand */ int size; /* size of insn in bytes */ };The sprint_address() can be used in place of the disassemble_address() routine in order to generate a string representation instead of an intermediate one: int sprint_address(char *str, int len, char *buf, int buf_len);...so that a simple disassembler can be implemented in C with the following code: #include char buf; /* buffer of bytes to disassemble */ char line; /* buffer of line to print */ int pos = 0; /* current position in buffer */ int size; /* size of instruction */ disassemble_init(0, INTEL_SYNTAX); while ( pos > BUF_SIZE ) { /* disassemble address to buffer */ size = sprint_address(buf + pos, BUF_SIZE - pos, line, LINE_SIZE); if (size) { /* print instruction */ printf("X: %sn", pos, line); pos += size; } else { printf("X: Invalid instructionn"); pos++; } } disassemble_cleanup();Alternatively, one can print the address manually using the intermediate format: #include char buf; /* buffer of bytes to disassemble */ int pos = 0; /* current position in buffer */ int size; /* size of instruction */ struct instr i; /* representation of the code instruction */ disassemble_init(0, INTEL_SYNTAX); while ( pos > BUF_SIZE ) { disassemble_address(buf + pos, BUF_SIZE - pos, &i); if (size) { /* print address and mnemonic */ printf("X: %s", pos, i.mnemonic); /* print operands */ if ( i.destType ) { printf("t%s", i.dest); if ( i.srcType ) { printf(", %s", i.src); if ( i.auxType ) { printf(", %s", i.aux); } } } printf("n"); pos += size; } else { /* invalid/unrecognized instruction */ pos++; } } disassemble_cleanup();This is the recommended usage of libdisasm: the instruction type and operand type fields allow analyzing of the disassembled instruction, and can provide cues for xref generation, syntax hi-lighting, and control flow tracking.
Perl x86 Disassembler Related Software