search

capstone-engine / capstone

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
http://www.capstone-engine.org
7.61k stars 1.56k forks source link

Empty mnemonic for ARM lsr instruction #2189

Closed Quentin01 closed 1 year ago

Quentin01 commented 1 year ago

Hi,

On the branch next there is an issue with the disassembly of some instructions. The mnemonic is empty and is contained in op_str.

E.g for 30 02 a0 e1 the instruction should be lsr r0, r0, r2, lsr as mnemonic and r0, r0, r2 as op_str, but it's not the case, the mnemonic is empty and lsr is in op_str.

Here is a small code to reproduce the issue:

#include <capstone/capstone.h>

int main() {
    size_t handle = 0;
    if (cs_open(CS_ARCH_ARM, CS_MODE_ARM, &handle) != CS_ERR_OK) {
        printf("Couldn't create cs handle\n");
        return -1;
    }

    size_t pc = 0;
    const uint8_t *code = "\x30\x02\xa0\xe1";
    size_t size = sizeof(code);

    cs_insn *insn = cs_malloc(handle);
    if (!cs_disasm_iter(handle, &code, &size, &pc, insn)) {
        printf("Couldn't disassemble instruction");
        return -1;
    }

    printf("Instruction mnemonic: '%s'\n", insn->mnemonic);
    printf("Instruction operand str: '%s'\n", insn->op_str);

    cs_free(insn, 1);
    cs_close(&handle);

    return 0;
}

The output will be:

Instruction mnemonic: ''
Instruction operand str: 'lsr r0, r0, r2'

The same issue is happening in cstool.

I didn't test the version v5 if the issue is the same.

Rot127 commented 1 year ago

@kabeor assign me please to it.