8.3. Disassembler¶
Stream disassembler module.
Usage:
local asm = require('misc/asm')
8.3.1. API¶
8.3.2. Disassembler syntax¶
- asm.new_disassembler(architecture, mode) → asm_handle¶
Parameters: - architecture (string) – Hardware architecture.
- mode (string) – Hardware mode.
Returns: - asm_handle (AsmHandle) – Disassembler handler.
Initialize the disassembler module with selected architecture and mode.
- asm.new_instruction(address = 0) → asm_inst¶
Parameters: - address (int) – Instruction address.
Returns: - asm_inst (AsmInstruction) – Instruction.
Create a new instruction.
Supported architecture¶
- arm
- arm64
- mips
- x86
- ppc
Supported mode¶
- arm
- 16
- 32
- 64
- thumb
- object asm.AsmHandle¶
- AsmHandle:setsyntax(syntax)¶
Parameters: - syntax (string) – Syntax flavor.
Set the assembly syntax (‘att’ or ‘intel’).
- AsmHandle:disassemble(code, inst) → ret¶
Parameters: - code (vbuffer_iterator) – Code to disassemble.
- inst (AsmInstruction.) – Instruction.
Returns: - ret (bool) – true in case of succesfful dissassembly; false otherwise (e.g. broken instruction).
Disassemble code into instructions.
Note
Disassembly skips bad instructions. Whenever a bad instruction is encountered, the mnemonic instruction field is set to (bad). Disasembly stops when it reaches the end of the stream or when it encounters a broken instruction.
- AsmHandle:dump_instructions(code[, nb])¶
Parameters: - code (vbuffer_iterator) – Code to disassemble.
- nb (number) – Number of instructions to dump.
Disassemble and dump instructions.
- object asm.AsmInstruction¶
- <AsmInstruction>.id¶
Type: number Instruction id.
- <AsmInstruction>.address¶
Type: number Instruction address.
- AsmInstruction:mnemonic() → mnemonic¶
Returns: - mnemonic (string) – Instruction mnemonic.
Note
The mnemonic is set to (bad) when the disassembler encounters an invalid opcode.
- AsmInstruction:op_str() → operands¶
Returns: - operands (string) – Instruction operands.
- <AsmInstruction>.size¶
Type: number Instruction size.
- AsmInstruction:bytes() → bytes¶
Returns: - bytes (string) – Instruction byte sequence.
- AsmInstruction:pprint()¶
Dump instruction.
8.3.3. Example¶
local asm_module = require('misc/asm')
inst = asm_module.new_instruction()
asm = asm_module.new_disassembler('x86', '32')
asm:setsyntax('att')
local code = haka.vbuffer_from("\x41\x42\x48\x8b\x05\xb8\x13\x60\x60")
local start = code:pos('begin')
local size, bytes
while asm:disassemble(start, inst) do
io.write(string.format("0x%08x %-8s %-16s ", inst.address, inst:mnemonic(), inst:op_str()))
size = inst.size
bytes = inst:bytes()
for i = 1,inst.size do
io.write(string.format('%02X ', bytes:byte(i)))
end
print("")
end