Capstone 4.0.1 support

[knightsc]

Using both the capstone source diffs between 3.0.4 and 4.0.1 as well as this story from the Capstone project I've updated the Go bindings to support 4.0.1

https://github.com/aquynh/capstone/issues/1315

I had one change to the Engine structure based on some weirdness with running the test suite. See the comment on a9fe16a

I purposely left off the new engines from this PR as I didn't want this PR to get to large to review. But I intend to create 4 separate PRs for the 4 new engines: EVM, M68K, M680X & TMS320C64x

[knightsc]

I'm looking into the build failures still. On my macOS machine the TestTest suite runs fine but on Travis the diffs aren't matching.

[knightsc]

So I had the failing TestTest print out the size of the strings it was comparing. On the Travis CI machines I get this:

len(fs) = 6525 len(string(spec) = 0

On my machine I get

len(fs) = 6525 len(string(spec) = 6525

I'm not sure why Travis CI would have this happen. It's not failing to read the fail. The test explicitly checks if ReadFile returns an error

[knightsc]

Ok, I figured out what was going on. Someone on Gophers slack pointed out the issue. Capstone 3.0.4 had the test generator named test.c and in 4.0.1 it got renamed to test_basic.c.

I updated the genspec script in 85692e3 which fixes the issue with no output. But I realize now that it's expected for the gapstone output to exactly match the capstone output. In order for that to happen I think I need to implement the new cs_regs_access function in the Engine and update the test output in Gapstone to output immediate and external registers that are modified.

The local go test suite however does run fine

[knightsc]

Ok I think this branch is ready for review. Please note the Travis CI builds are still failing because of a bug in the capstone test_x86 output. I've submitted a fix here https://github.com/aquynh/capstone/pull/1365 but I didn't want to make some weird work around in gapstone for something the main test suite was doing wrong.

Also commit cebe3ed has the support for cs_regs_access. I'm not sure if there's a better way to do it but it's awkward since that API takes a pointer to a cs_insn and we don't keep that memory around.

[knightsc]

@bnagy Is this project maintained anymore? Should I just commit this to my own fork?

[knightsc]

@bnagy Any chance of getting this PR'ed merged?

[guitmz]

@bnagy would be cool to have an update on this and on the general repo status.. im sure there are people who would gladly take over your work if thats the case for you.

also tracking here: https://github.com/bnagy/gapstone/issues/24

Thanks!

[knightsc]

@guitmz I've considered just making this a PR on my fork and then merging it into master and trying to get the Capstone project to update links. I'm happy to continue contributing to this repo directly though since this is where all the community links actually go

[guitmz]

@knightsc would be nice if you could merge your changes into your own fork (so I don't have to create one myself, you did a very good job with this branch). At least until we get an answer from @bnagy we can use it and perhaps see about the future of this repo. Not sure why he is not replying us, he is active in social media recently...

[knightsc]

@guitmz You should just be able to do something like this

go get github.com/knightsc/gapstone@capstone4

And that should use the branch that I have pushed up versus creating a fork yourself

[bnagy]

Hi! Sorry, I don't read git notifications often, and they don't go to any of the email addresses I use.

If someone is happy to maintain the bindings, I would suggest that you take my code and run - I'm not active in infosec or RE at present, and may not be again.

If there's a working fork that's up to date, then I am happy to update the README here to push people towards it, and I'll let Q know that he should change any links at the capstone end.

[david942j]

Hi @bnagy , could you also update the README.md of Ruby bindings crabstone? I have a fork works for capstone 4 support and I will keep maintaining.

[knightsc]

@bnagy Thanks for merging. I think I'm willing to take over gapstone ownership. If you could update the README here to go to point folks towards https://github.com/knightsc/gapstone and let Q know on the capstone side that would be great. Thanks!

[aquynh]

@bnagy, please approve the change at https://github.com/aquynh/capstone/pull/1532.

cheers.

[bnagy]

Hopefully we're all done here. Thanks all, and thanks @knightsc for volunteering to take over :)