diff options
Diffstat (limited to 'capstone/bindings/python/test_bpf.py')
| -rwxr-xr-x | capstone/bindings/python/test_bpf.py | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/capstone/bindings/python/test_bpf.py b/capstone/bindings/python/test_bpf.py new file mode 100755 index 000000000..4df7f3599 --- /dev/null +++ b/capstone/bindings/python/test_bpf.py @@ -0,0 +1,92 @@ +#!/usr/bin/env python + +# Capstone Python bindings +# BPF tests by david942j <david942j@gmail.com>, 2019 + +from __future__ import print_function +from capstone import * +from capstone.bpf import * +from xprint import to_hex, to_x_32 + + +CBPF_CODE = b"\x94\x09\x00\x00\x37\x13\x03\x00\x87\x00\x00\x00\x00\x00\x00\x00\x07\x00\x00\x00\x00\x00\x00\x00\x16\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x00\x00" +EBPF_CODE = b"\x97\x09\x00\x00\x37\x13\x03\x00\xdc\x02\x00\x00\x20\x00\x00\x00\x30\x00\x00\x00\x00\x00\x00\x00\xdb\x3a\x00\x01\x00\x00\x00\x00\x84\x02\x00\x00\x00\x00\x00\x00\x6d\x33\x17\x02\x00\x00\x00\x00" + +all_tests = ( + (CS_ARCH_BPF, CS_MODE_LITTLE_ENDIAN | CS_MODE_BPF_CLASSIC, CBPF_CODE, "cBPF Le", None), + (CS_ARCH_BPF, CS_MODE_LITTLE_ENDIAN | CS_MODE_BPF_EXTENDED, EBPF_CODE, "eBPF Le", None), + ) + +ext_name = {} +ext_name[BPF_EXT_LEN] = '#len' + +def print_insn_detail(insn): + # print address, mnemonic and operands + print("0x%x:\t%s\t%s" % (insn.address, insn.mnemonic, insn.op_str)) + + # "data" instruction generated by SKIPDATA option has no detail + if insn.id == 0: + return + + if len(insn.groups) > 0: + print('\tGroups: ' + ' '.join(map(lambda g: insn.group_name(g), insn.groups))) + + print("\tOperand count: %u" % len(insn.operands)) + for c, op in enumerate(insn.operands): + print("\t\toperands[%u].type: " % c, end='') + if op.type == BPF_OP_REG: + print("REG = " + insn.reg_name(op.reg)) + elif op.type == BPF_OP_IMM: + print("IMM = " + hex(op.imm)[:-1]) + elif op.type == BPF_OP_OFF: + print("OFF = +0x" + to_x_32(op.off)) + elif op.type == BPF_OP_MEM: + print("MEM") + if op.mem.base != 0: + print("\t\t\toperands[%u].mem.base: REG = %s" \ + % (c, insn.reg_name(op.mem.base))) + print("\t\t\toperands[%u].mem.disp: 0x%s" \ + % (c, to_x_32(op.mem.disp))) + elif op.type == BPF_OP_MMEM: + print("MMEM = 0x" + to_x_32(op.mmem)) + elif op.type == BPF_OP_MSH: + print("MSH = 4*([0x%s]&0xf)" % to_x_32(op.msh)) + elif op.type == BPF_OP_EXT: + print("EXT = " + ext_name[op.ext]) + + (regs_read, regs_write) = insn.regs_access() + + if len(regs_read) > 0: + print("\tRegisters read:", end="") + for r in regs_read: + print(" %s" % insn.reg_name(r), end="") + print("") + + if len(regs_write) > 0: + print("\tRegisters modified:", end="") + for r in regs_write: + print(" %s" % insn.reg_name(r), end="") + print("") + +def test_class(): + + for (arch, mode, code, comment, syntax) in all_tests: + print("*" * 16) + print("Platform: %s" % comment) + print("Code: %s" % to_hex(code)) + print("Disasm:") + + try: + md = Cs(arch, mode) + if syntax is not None: + md.syntax = syntax + md.detail = True + for insn in md.disasm(code, 0x0): + print_insn_detail(insn) + print () + except CsError as e: + print("ERROR: %s" % e) + + +if __name__ == '__main__': + test_class() |