Show code at target of jump

[Grazfather]

If a jump is to be taken, it would be nice if the code context view could disassemble at the jump target.

[Grazfather]

Hacked it in a bit:

[hugsy]

Looking forward to see your PR for that :smile:

[hugsy]

Just don't forget to test all supported architectures (ARM, MIPS, PowerPC and SPARC).

[Grazfather]

That's what will take the most time. Right now it's x86 and only when it isn't something like jmp eax Do you know if that's something capstone can resolve?

[hugsy]

You can use gdb.parse_and_eval for that (see docs). Capstone is a disassembler, it cannot evaluate the operand values.

[Grazfather]

Sweet that'll probably be easiest. TY.

[hugsy]

No worries. The Python API for GDB documentation is actually quite complete, so you should be able to find all you need in there. It's just not that easy to search into it in a useful manner, but Google FTW

[Grazfather]

Finally got to look at this more, but it's going to be tricky. parse_and_eval can help me evaluate a target, but I'll have to recognize registers and use the correct syntax. I haven't used unicorn but if it's super lightweight maybe we could simulate the next instruction once we know its the jump and read the target pc?

Also we'll need a is_branch since we want this to work for all jumps, not just conditionals.

[hugsy]

parse_and_eval can evaluate registers as well. I can have a look at you already did, did you push it to Github ?

[Grazfather]

Just pushed. I swear I normally wouldn't push code this ugly! https://github.com/hugsy/gef/compare/master...Grazfather:show_target

[hugsy]

Ok I get your idea. I'll branch it, but it will take bit of effort to have it work on all architectures.

As always mate, thanks for the feedbacks!

[hugsy]

Current state:

• [x] x86-32 / x86-64 (introduced by a669961)
• [x] arm (introduced by a669961)
• [x] mips (introduced by a669961)
• [x] powerpc (introduced by a669961)
• [x] sparcv9 ( introduced by 5cff50f)
• [x] aarch64 (introduced by ee9422d)

[hugsy]

Pushed to master.