Ejemplo n.º 1
0
        /// <summary>Iteratively disassemble source code.</summary>
        /// <param name="callback">A delegate that will be invoked on each disassembled
        /// instruction.</param>
        public void Disassemble(byte[] code, IterativeDisassemblyDelegate callback)
        {
            bool   shouldContinue = true;
            ulong  address        = DefaultStartAddress;
            int    totalSize      = 0;
            IntPtr nativeCode     = IntPtr.Zero;

            try {
                IntPtr nativeInstruction = IntPtr.Zero;
                using (SafeNativeInstructionHandle hInstruction = CapstoneImport.AllocateInstruction(this)) {
                    nativeInstruction = hInstruction.DangerousGetHandle();
                    // Transfer the managed byte array into a native buffer.
                    nativeCode = Marshal.AllocCoTaskMem(code.Length);
                    Marshal.Copy(code, 0, nativeCode, code.Length);
                    IntPtr remainingSize = (IntPtr)code.Length;

                    do
                    {
                        if (hInstruction.IsClosed)
                        {
                            throw new ApplicationException();
                        }
                        ulong instructionStartAddress = address;
                        shouldContinue |= CapstoneImport.DisassembleIteratively(this,
                                                                                ref nativeCode, ref remainingSize, ref address, hInstruction);
                        if (shouldContinue)
                        {
                            int instructionSize = (int)(address - instructionStartAddress);
                            totalSize      += instructionSize;
                            shouldContinue |= callback(NativeInstruction.Create(this, ref nativeInstruction),
                                                       instructionSize, address);
                        }
                    } while (shouldContinue && (0 < (long)remainingSize));
                    // TODO : Consider releasing nativeInstruction handle.
                    if (hInstruction.IsClosed)
                    {
                        throw new ApplicationException();
                    }
                    hInstruction.Dispose();
                }
            }
            finally {
                if (IntPtr.Zero != nativeCode)
                {
                    Marshal.FreeCoTaskMem(nativeCode);
                }
            }
        }
            public IntPtr MarshalManagedToNative(object ManagedObj)
            {
                SafeNativeInstructionHandle instructionHandle = (SafeNativeInstructionHandle)ManagedObj;

                if (null == instructionHandle)
                {
                    return(IntPtr.Zero);
                }

                if (_enforecFreeingLock)
                {
                    if (SafeNativeInstructionHandle._beingFreed != instructionHandle)
                    {
                        throw new InvalidOperationException();
                    }
                }
                return(instructionHandle.handle);
            }
Ejemplo n.º 3
0
 internal static extern void Free(
     [In, MarshalAs(UnmanagedType.CustomMarshaler, MarshalTypeRef = typeof(SafeNativeInstructionHandle.Marshaler), MarshalCookie = SafeNativeInstructionHandle.Marshaler.FreeMarshalerCookie)] SafeNativeInstructionHandle instructions,
     [In] IntPtr instructionCount);
 /// <summary>Release Handle.</summary>
 /// <returns>A boolean true if the handle was released. A boolean false
 /// otherwise.</returns>
 protected override bool ReleaseHandle()
 {
     lock (ReleaseLock) {
         try {
             _beingFreed = this;
             CapstoneImport.Free(this, this._instructionCount);
         }
         finally { _beingFreed = null; }
     }
     this._instructions = Enumerable.Empty<NativeInstruction>();
     return true;
 }
Ejemplo n.º 5
0
 internal static extern bool DisassembleIteratively(
     [In] SafeCapstoneContextHandle pHandle,
     [In, Out] ref IntPtr /* uint8_t ** */ code,
     [In, Out] ref IntPtr codeSize,
     [In, Out] ref ulong address,
     [In] SafeNativeInstructionHandle /* cs_insn * */ insn);