1 /* 2 Capstone Disassembly Engine bindings for VB6 3 Contributed by FireEye FLARE Team 4 Author: David Zimmer <david.zimmer@fireeye.com>, <dzzie@yahoo.com> 5 License: Apache 6 Copyright: FireEye 2017 7 8 This dll is a small stdcall shim so VB6 can access the capstone API 9 */ 10 11 #include <stdio.h> 12 #include <conio.h> 13 #include <string.h> 14 15 #include <capstone.h> 16 #pragma comment(lib, "capstone.lib") 17 18 #define EXPORT comment(linker, "/EXPORT:"__FUNCTION__"="__FUNCDNAME__) 19 bs_version(int * major,int * minor)20 unsigned int __stdcall bs_version(int *major, int *minor){ 21 #pragma EXPORT 22 return cs_version(major,minor); 23 } 24 bs_support(int query)25 bool __stdcall bs_support(int query){ 26 #pragma EXPORT 27 return cs_support(query); 28 } 29 bs_open(cs_arch arch,cs_mode mode,csh * handle)30 cs_err __stdcall bs_open(cs_arch arch, cs_mode mode, csh *handle){ 31 #pragma EXPORT 32 return cs_open(arch, mode, handle); 33 } 34 bs_close(csh * handle)35 cs_err __stdcall bs_close(csh *handle){ 36 #pragma EXPORT 37 return cs_close(handle); 38 } 39 bs_option(csh handle,cs_opt_type type,size_t value)40 cs_err __stdcall bs_option(csh handle, cs_opt_type type, size_t value){ 41 #pragma EXPORT 42 return cs_option(handle, type, value); 43 } 44 bs_errno(csh handle)45 cs_err __stdcall bs_errno(csh handle){ 46 #pragma EXPORT 47 return cs_errno(handle); 48 } 49 bs_strerror(cs_err code)50 const char* __stdcall bs_strerror(cs_err code){ 51 #pragma EXPORT 52 return cs_strerror(code); 53 } 54 bs_disasm(csh handle,const uint8_t * code,size_t code_size,uint64_t address,size_t count,cs_insn ** insn)55 size_t __stdcall bs_disasm(csh handle, const uint8_t *code, size_t code_size, uint64_t address, size_t count, cs_insn **insn){ 56 #pragma EXPORT 57 return cs_disasm(handle, code, code_size, address, count, insn); 58 } 59 getInstruction(cs_insn * insn,uint32_t index,void * curInst,uint32_t bufSize)60 void __stdcall getInstruction(cs_insn *insn, uint32_t index, void* curInst, uint32_t bufSize){ 61 #pragma EXPORT 62 memcpy(curInst, (void*)&insn[index], bufSize); //size lets us get a partial version of whatever we have implemented in the vbstruct... 63 } 64 bs_reg_name(csh handle,unsigned int reg_id)65 const char* __stdcall bs_reg_name(csh handle, unsigned int reg_id){ 66 #pragma EXPORT 67 return cs_reg_name(handle, reg_id); 68 } 69 bs_free(cs_insn * insn,size_t count)70 void __stdcall bs_free(cs_insn *insn, size_t count){ 71 #pragma EXPORT 72 return cs_free(insn, count); 73 } 74 bs_malloc(csh handle)75 cs_insn* __stdcall bs_malloc(csh handle){ 76 #pragma EXPORT 77 return cs_malloc(handle); 78 } 79 80 bs_op_index(csh handle,const cs_insn * insn,unsigned int op_type,unsigned int position)81 int __stdcall bs_op_index(csh handle, const cs_insn *insn, unsigned int op_type, unsigned int position){ 82 #pragma EXPORT 83 return cs_op_index(handle,insn,op_type,position); 84 } 85 bs_op_count(csh handle,const cs_insn * insn,unsigned int op_type)86 int __stdcall bs_op_count(csh handle, const cs_insn *insn, unsigned int op_type){ 87 #pragma EXPORT 88 return cs_op_count(handle,insn,op_type); 89 } 90 bs_reg_write(csh handle,const cs_insn * insn,unsigned int reg_id)91 bool __stdcall bs_reg_write(csh handle, const cs_insn *insn, unsigned int reg_id){ 92 #pragma EXPORT 93 return cs_reg_write(handle,insn,reg_id); 94 } 95 bs_reg_read(csh handle,const cs_insn * insn,unsigned int reg_id)96 bool __stdcall bs_reg_read(csh handle, const cs_insn *insn, unsigned int reg_id){ 97 #pragma EXPORT 98 return cs_reg_read(handle,insn,reg_id); 99 } 100 bs_insn_group(csh handle,const cs_insn * insn,unsigned int group_id)101 bool __stdcall bs_insn_group(csh handle, const cs_insn *insn, unsigned int group_id){ 102 #pragma EXPORT 103 return cs_insn_group(handle,insn,group_id); 104 } 105 bcs_group_name(csh handle,unsigned int group_id)106 const char* __stdcall bcs_group_name(csh handle, unsigned int group_id){ 107 #pragma EXPORT 108 return cs_group_name(handle,group_id); 109 } 110 bs_insn_name(csh handle,unsigned int insn_id)111 const char* __stdcall bs_insn_name(csh handle, unsigned int insn_id){ 112 #pragma EXPORT 113 return cs_insn_name(handle,insn_id); 114 } 115 bs_disasm_iter(csh handle,const uint8_t ** code,size_t * size,uint64_t * address,cs_insn * insn)116 bool __stdcall bs_disasm_iter(csh handle, const uint8_t **code, size_t *size, uint64_t *address, cs_insn *insn){ 117 #pragma EXPORT 118 return cs_disasm_iter(handle, code, size, address, insn); 119 } 120