package binsec

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type
exception Decode_error of string

Core functionalities for disassembly

val register_decoder : Machine.isa -> (Lreader.t -> Virtual_address.t -> 'a * Dhunk.t) -> ('a -> Instruction.Generic.t) -> unit

Worklist definition for disassembly

module W : sig ... end

Basic successors definition

module Successors : sig ... end
val get_decode_replacement : unit -> Dhunk.t Virtual_address.Map.t
val add_replacement : Virtual_address.t -> Dhunk.t -> unit

decode addr decodes the contents of address addr

  • returns

    the contents of this address and its linear successor (if applicable)

Iterators

val fold : ('a -> W.t -> Instruction.t -> Virtual_address.Set.t -> 'a * W.t) -> 'a -> W.t -> 'a

fold f wl v starts disassembly from worklist wl (i.e. an initial state) using function f to guide its choices to compute a value intialized to v.

In particular, f is called after each successful disassembly to compute a new worklist and a new value. It receives from the disassembly loop the current value, the current worklist, the decoded instruction, and a list of identified successors to this instruction.

The set of successors is computed according to the disassembly mode. The default is recursive as stated in Disasm_options.

If you want the linear successors only do:

Disasm_options.DisassemblyMode.set "linear";

before starting the fold functions.

val iter : (W.t -> Instruction.t -> Virtual_address.Set.t -> W.t) -> W.t -> unit

iter f worklist iterates disassembles an executable with function f.

Given the signature of the function, all computations, except worklist management, must take place as imperative side-effects.

Functors

module type Iterable = sig ... end
module Make (I : Iterable) : sig ... end
val decode_binstream : ?base:Virtual_address.t -> Binstream.t -> Instruction.t * Virtual_address.t option

decode_binstream b decodes stream b and returns a tuple of the first instruction contained in b and its possible linear successor.

OCaml

Innovation. Community. Security.