This commit is contained in:
Nguyen Anh Quynh 2016-01-06 00:19:29 +07:00
commit 443e9de61a
46 changed files with 3713 additions and 3185 deletions

View File

@ -57,10 +57,10 @@ template = {
'comment_close': '', 'comment_close': '',
}, },
'dotnet': { 'dotnet': {
'header': "// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT\n\nnamespace UnicornEngine.Const\n\nopen System\n\n[<AutoOpen>]\nmodule %s =\n", 'header': "// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT\n\nnamespace UnicornManaged.Const\n\nopen System\n\n[<AutoOpen>]\nmodule %s =\n",
'footer': "\n", 'footer': "\n",
'line_format': ' let UC_%s = %s\n', 'line_format': ' let UC_%s = %s\n',
'out_file': os.path.join('dotnet', 'Unicorn', 'Const', '%s.fs'), 'out_file': os.path.join('dotnet', 'UnicornManaged', 'Const', '%s.fs'),
# prefixes for constant filenames of all archs - case sensitive # prefixes for constant filenames of all archs - case sensitive
'arm.h': 'Arm', 'arm.h': 'Arm',
'arm64.h': 'Arm64', 'arm64.h': 'Arm64',
@ -69,7 +69,7 @@ template = {
'sparc.h': 'Sparc', 'sparc.h': 'Sparc',
'm68k.h': 'M68k', 'm68k.h': 'M68k',
'unicorn.h': 'Common', 'unicorn.h': 'Common',
'comment_open': '//', 'comment_open': ' //',
'comment_close': '', 'comment_close': '',
}, },
} }

View File

@ -1,133 +0,0 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornEngine.Const
open System
[<AutoOpen>]
module Arm =
// ARM registers
let UC_ARM_REG_INVALID = 0
let UC_ARM_REG_APSR = 1
let UC_ARM_REG_APSR_NZCV = 2
let UC_ARM_REG_CPSR = 3
let UC_ARM_REG_FPEXC = 4
let UC_ARM_REG_FPINST = 5
let UC_ARM_REG_FPSCR = 6
let UC_ARM_REG_FPSCR_NZCV = 7
let UC_ARM_REG_FPSID = 8
let UC_ARM_REG_ITSTATE = 9
let UC_ARM_REG_LR = 10
let UC_ARM_REG_PC = 11
let UC_ARM_REG_SP = 12
let UC_ARM_REG_SPSR = 13
let UC_ARM_REG_D0 = 14
let UC_ARM_REG_D1 = 15
let UC_ARM_REG_D2 = 16
let UC_ARM_REG_D3 = 17
let UC_ARM_REG_D4 = 18
let UC_ARM_REG_D5 = 19
let UC_ARM_REG_D6 = 20
let UC_ARM_REG_D7 = 21
let UC_ARM_REG_D8 = 22
let UC_ARM_REG_D9 = 23
let UC_ARM_REG_D10 = 24
let UC_ARM_REG_D11 = 25
let UC_ARM_REG_D12 = 26
let UC_ARM_REG_D13 = 27
let UC_ARM_REG_D14 = 28
let UC_ARM_REG_D15 = 29
let UC_ARM_REG_D16 = 30
let UC_ARM_REG_D17 = 31
let UC_ARM_REG_D18 = 32
let UC_ARM_REG_D19 = 33
let UC_ARM_REG_D20 = 34
let UC_ARM_REG_D21 = 35
let UC_ARM_REG_D22 = 36
let UC_ARM_REG_D23 = 37
let UC_ARM_REG_D24 = 38
let UC_ARM_REG_D25 = 39
let UC_ARM_REG_D26 = 40
let UC_ARM_REG_D27 = 41
let UC_ARM_REG_D28 = 42
let UC_ARM_REG_D29 = 43
let UC_ARM_REG_D30 = 44
let UC_ARM_REG_D31 = 45
let UC_ARM_REG_FPINST2 = 46
let UC_ARM_REG_MVFR0 = 47
let UC_ARM_REG_MVFR1 = 48
let UC_ARM_REG_MVFR2 = 49
let UC_ARM_REG_Q0 = 50
let UC_ARM_REG_Q1 = 51
let UC_ARM_REG_Q2 = 52
let UC_ARM_REG_Q3 = 53
let UC_ARM_REG_Q4 = 54
let UC_ARM_REG_Q5 = 55
let UC_ARM_REG_Q6 = 56
let UC_ARM_REG_Q7 = 57
let UC_ARM_REG_Q8 = 58
let UC_ARM_REG_Q9 = 59
let UC_ARM_REG_Q10 = 60
let UC_ARM_REG_Q11 = 61
let UC_ARM_REG_Q12 = 62
let UC_ARM_REG_Q13 = 63
let UC_ARM_REG_Q14 = 64
let UC_ARM_REG_Q15 = 65
let UC_ARM_REG_R0 = 66
let UC_ARM_REG_R1 = 67
let UC_ARM_REG_R2 = 68
let UC_ARM_REG_R3 = 69
let UC_ARM_REG_R4 = 70
let UC_ARM_REG_R5 = 71
let UC_ARM_REG_R6 = 72
let UC_ARM_REG_R7 = 73
let UC_ARM_REG_R8 = 74
let UC_ARM_REG_R9 = 75
let UC_ARM_REG_R10 = 76
let UC_ARM_REG_R11 = 77
let UC_ARM_REG_R12 = 78
let UC_ARM_REG_S0 = 79
let UC_ARM_REG_S1 = 80
let UC_ARM_REG_S2 = 81
let UC_ARM_REG_S3 = 82
let UC_ARM_REG_S4 = 83
let UC_ARM_REG_S5 = 84
let UC_ARM_REG_S6 = 85
let UC_ARM_REG_S7 = 86
let UC_ARM_REG_S8 = 87
let UC_ARM_REG_S9 = 88
let UC_ARM_REG_S10 = 89
let UC_ARM_REG_S11 = 90
let UC_ARM_REG_S12 = 91
let UC_ARM_REG_S13 = 92
let UC_ARM_REG_S14 = 93
let UC_ARM_REG_S15 = 94
let UC_ARM_REG_S16 = 95
let UC_ARM_REG_S17 = 96
let UC_ARM_REG_S18 = 97
let UC_ARM_REG_S19 = 98
let UC_ARM_REG_S20 = 99
let UC_ARM_REG_S21 = 100
let UC_ARM_REG_S22 = 101
let UC_ARM_REG_S23 = 102
let UC_ARM_REG_S24 = 103
let UC_ARM_REG_S25 = 104
let UC_ARM_REG_S26 = 105
let UC_ARM_REG_S27 = 106
let UC_ARM_REG_S28 = 107
let UC_ARM_REG_S29 = 108
let UC_ARM_REG_S30 = 109
let UC_ARM_REG_S31 = 110
let UC_ARM_REG_ENDING = 111
// alias registers
let UC_ARM_REG_R13 = 12
let UC_ARM_REG_R14 = 10
let UC_ARM_REG_R15 = 11
let UC_ARM_REG_SB = 75
let UC_ARM_REG_SL = 76
let UC_ARM_REG_FP = 77
let UC_ARM_REG_IP = 78

View File

@ -1,282 +0,0 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornEngine.Const
open System
[<AutoOpen>]
module Arm64 =
// ARM64 registers
let UC_ARM64_REG_INVALID = 0
let UC_ARM64_REG_X29 = 1
let UC_ARM64_REG_X30 = 2
let UC_ARM64_REG_NZCV = 3
let UC_ARM64_REG_SP = 4
let UC_ARM64_REG_WSP = 5
let UC_ARM64_REG_WZR = 6
let UC_ARM64_REG_XZR = 7
let UC_ARM64_REG_B0 = 8
let UC_ARM64_REG_B1 = 9
let UC_ARM64_REG_B2 = 10
let UC_ARM64_REG_B3 = 11
let UC_ARM64_REG_B4 = 12
let UC_ARM64_REG_B5 = 13
let UC_ARM64_REG_B6 = 14
let UC_ARM64_REG_B7 = 15
let UC_ARM64_REG_B8 = 16
let UC_ARM64_REG_B9 = 17
let UC_ARM64_REG_B10 = 18
let UC_ARM64_REG_B11 = 19
let UC_ARM64_REG_B12 = 20
let UC_ARM64_REG_B13 = 21
let UC_ARM64_REG_B14 = 22
let UC_ARM64_REG_B15 = 23
let UC_ARM64_REG_B16 = 24
let UC_ARM64_REG_B17 = 25
let UC_ARM64_REG_B18 = 26
let UC_ARM64_REG_B19 = 27
let UC_ARM64_REG_B20 = 28
let UC_ARM64_REG_B21 = 29
let UC_ARM64_REG_B22 = 30
let UC_ARM64_REG_B23 = 31
let UC_ARM64_REG_B24 = 32
let UC_ARM64_REG_B25 = 33
let UC_ARM64_REG_B26 = 34
let UC_ARM64_REG_B27 = 35
let UC_ARM64_REG_B28 = 36
let UC_ARM64_REG_B29 = 37
let UC_ARM64_REG_B30 = 38
let UC_ARM64_REG_B31 = 39
let UC_ARM64_REG_D0 = 40
let UC_ARM64_REG_D1 = 41
let UC_ARM64_REG_D2 = 42
let UC_ARM64_REG_D3 = 43
let UC_ARM64_REG_D4 = 44
let UC_ARM64_REG_D5 = 45
let UC_ARM64_REG_D6 = 46
let UC_ARM64_REG_D7 = 47
let UC_ARM64_REG_D8 = 48
let UC_ARM64_REG_D9 = 49
let UC_ARM64_REG_D10 = 50
let UC_ARM64_REG_D11 = 51
let UC_ARM64_REG_D12 = 52
let UC_ARM64_REG_D13 = 53
let UC_ARM64_REG_D14 = 54
let UC_ARM64_REG_D15 = 55
let UC_ARM64_REG_D16 = 56
let UC_ARM64_REG_D17 = 57
let UC_ARM64_REG_D18 = 58
let UC_ARM64_REG_D19 = 59
let UC_ARM64_REG_D20 = 60
let UC_ARM64_REG_D21 = 61
let UC_ARM64_REG_D22 = 62
let UC_ARM64_REG_D23 = 63
let UC_ARM64_REG_D24 = 64
let UC_ARM64_REG_D25 = 65
let UC_ARM64_REG_D26 = 66
let UC_ARM64_REG_D27 = 67
let UC_ARM64_REG_D28 = 68
let UC_ARM64_REG_D29 = 69
let UC_ARM64_REG_D30 = 70
let UC_ARM64_REG_D31 = 71
let UC_ARM64_REG_H0 = 72
let UC_ARM64_REG_H1 = 73
let UC_ARM64_REG_H2 = 74
let UC_ARM64_REG_H3 = 75
let UC_ARM64_REG_H4 = 76
let UC_ARM64_REG_H5 = 77
let UC_ARM64_REG_H6 = 78
let UC_ARM64_REG_H7 = 79
let UC_ARM64_REG_H8 = 80
let UC_ARM64_REG_H9 = 81
let UC_ARM64_REG_H10 = 82
let UC_ARM64_REG_H11 = 83
let UC_ARM64_REG_H12 = 84
let UC_ARM64_REG_H13 = 85
let UC_ARM64_REG_H14 = 86
let UC_ARM64_REG_H15 = 87
let UC_ARM64_REG_H16 = 88
let UC_ARM64_REG_H17 = 89
let UC_ARM64_REG_H18 = 90
let UC_ARM64_REG_H19 = 91
let UC_ARM64_REG_H20 = 92
let UC_ARM64_REG_H21 = 93
let UC_ARM64_REG_H22 = 94
let UC_ARM64_REG_H23 = 95
let UC_ARM64_REG_H24 = 96
let UC_ARM64_REG_H25 = 97
let UC_ARM64_REG_H26 = 98
let UC_ARM64_REG_H27 = 99
let UC_ARM64_REG_H28 = 100
let UC_ARM64_REG_H29 = 101
let UC_ARM64_REG_H30 = 102
let UC_ARM64_REG_H31 = 103
let UC_ARM64_REG_Q0 = 104
let UC_ARM64_REG_Q1 = 105
let UC_ARM64_REG_Q2 = 106
let UC_ARM64_REG_Q3 = 107
let UC_ARM64_REG_Q4 = 108
let UC_ARM64_REG_Q5 = 109
let UC_ARM64_REG_Q6 = 110
let UC_ARM64_REG_Q7 = 111
let UC_ARM64_REG_Q8 = 112
let UC_ARM64_REG_Q9 = 113
let UC_ARM64_REG_Q10 = 114
let UC_ARM64_REG_Q11 = 115
let UC_ARM64_REG_Q12 = 116
let UC_ARM64_REG_Q13 = 117
let UC_ARM64_REG_Q14 = 118
let UC_ARM64_REG_Q15 = 119
let UC_ARM64_REG_Q16 = 120
let UC_ARM64_REG_Q17 = 121
let UC_ARM64_REG_Q18 = 122
let UC_ARM64_REG_Q19 = 123
let UC_ARM64_REG_Q20 = 124
let UC_ARM64_REG_Q21 = 125
let UC_ARM64_REG_Q22 = 126
let UC_ARM64_REG_Q23 = 127
let UC_ARM64_REG_Q24 = 128
let UC_ARM64_REG_Q25 = 129
let UC_ARM64_REG_Q26 = 130
let UC_ARM64_REG_Q27 = 131
let UC_ARM64_REG_Q28 = 132
let UC_ARM64_REG_Q29 = 133
let UC_ARM64_REG_Q30 = 134
let UC_ARM64_REG_Q31 = 135
let UC_ARM64_REG_S0 = 136
let UC_ARM64_REG_S1 = 137
let UC_ARM64_REG_S2 = 138
let UC_ARM64_REG_S3 = 139
let UC_ARM64_REG_S4 = 140
let UC_ARM64_REG_S5 = 141
let UC_ARM64_REG_S6 = 142
let UC_ARM64_REG_S7 = 143
let UC_ARM64_REG_S8 = 144
let UC_ARM64_REG_S9 = 145
let UC_ARM64_REG_S10 = 146
let UC_ARM64_REG_S11 = 147
let UC_ARM64_REG_S12 = 148
let UC_ARM64_REG_S13 = 149
let UC_ARM64_REG_S14 = 150
let UC_ARM64_REG_S15 = 151
let UC_ARM64_REG_S16 = 152
let UC_ARM64_REG_S17 = 153
let UC_ARM64_REG_S18 = 154
let UC_ARM64_REG_S19 = 155
let UC_ARM64_REG_S20 = 156
let UC_ARM64_REG_S21 = 157
let UC_ARM64_REG_S22 = 158
let UC_ARM64_REG_S23 = 159
let UC_ARM64_REG_S24 = 160
let UC_ARM64_REG_S25 = 161
let UC_ARM64_REG_S26 = 162
let UC_ARM64_REG_S27 = 163
let UC_ARM64_REG_S28 = 164
let UC_ARM64_REG_S29 = 165
let UC_ARM64_REG_S30 = 166
let UC_ARM64_REG_S31 = 167
let UC_ARM64_REG_W0 = 168
let UC_ARM64_REG_W1 = 169
let UC_ARM64_REG_W2 = 170
let UC_ARM64_REG_W3 = 171
let UC_ARM64_REG_W4 = 172
let UC_ARM64_REG_W5 = 173
let UC_ARM64_REG_W6 = 174
let UC_ARM64_REG_W7 = 175
let UC_ARM64_REG_W8 = 176
let UC_ARM64_REG_W9 = 177
let UC_ARM64_REG_W10 = 178
let UC_ARM64_REG_W11 = 179
let UC_ARM64_REG_W12 = 180
let UC_ARM64_REG_W13 = 181
let UC_ARM64_REG_W14 = 182
let UC_ARM64_REG_W15 = 183
let UC_ARM64_REG_W16 = 184
let UC_ARM64_REG_W17 = 185
let UC_ARM64_REG_W18 = 186
let UC_ARM64_REG_W19 = 187
let UC_ARM64_REG_W20 = 188
let UC_ARM64_REG_W21 = 189
let UC_ARM64_REG_W22 = 190
let UC_ARM64_REG_W23 = 191
let UC_ARM64_REG_W24 = 192
let UC_ARM64_REG_W25 = 193
let UC_ARM64_REG_W26 = 194
let UC_ARM64_REG_W27 = 195
let UC_ARM64_REG_W28 = 196
let UC_ARM64_REG_W29 = 197
let UC_ARM64_REG_W30 = 198
let UC_ARM64_REG_X0 = 199
let UC_ARM64_REG_X1 = 200
let UC_ARM64_REG_X2 = 201
let UC_ARM64_REG_X3 = 202
let UC_ARM64_REG_X4 = 203
let UC_ARM64_REG_X5 = 204
let UC_ARM64_REG_X6 = 205
let UC_ARM64_REG_X7 = 206
let UC_ARM64_REG_X8 = 207
let UC_ARM64_REG_X9 = 208
let UC_ARM64_REG_X10 = 209
let UC_ARM64_REG_X11 = 210
let UC_ARM64_REG_X12 = 211
let UC_ARM64_REG_X13 = 212
let UC_ARM64_REG_X14 = 213
let UC_ARM64_REG_X15 = 214
let UC_ARM64_REG_X16 = 215
let UC_ARM64_REG_X17 = 216
let UC_ARM64_REG_X18 = 217
let UC_ARM64_REG_X19 = 218
let UC_ARM64_REG_X20 = 219
let UC_ARM64_REG_X21 = 220
let UC_ARM64_REG_X22 = 221
let UC_ARM64_REG_X23 = 222
let UC_ARM64_REG_X24 = 223
let UC_ARM64_REG_X25 = 224
let UC_ARM64_REG_X26 = 225
let UC_ARM64_REG_X27 = 226
let UC_ARM64_REG_X28 = 227
let UC_ARM64_REG_V0 = 228
let UC_ARM64_REG_V1 = 229
let UC_ARM64_REG_V2 = 230
let UC_ARM64_REG_V3 = 231
let UC_ARM64_REG_V4 = 232
let UC_ARM64_REG_V5 = 233
let UC_ARM64_REG_V6 = 234
let UC_ARM64_REG_V7 = 235
let UC_ARM64_REG_V8 = 236
let UC_ARM64_REG_V9 = 237
let UC_ARM64_REG_V10 = 238
let UC_ARM64_REG_V11 = 239
let UC_ARM64_REG_V12 = 240
let UC_ARM64_REG_V13 = 241
let UC_ARM64_REG_V14 = 242
let UC_ARM64_REG_V15 = 243
let UC_ARM64_REG_V16 = 244
let UC_ARM64_REG_V17 = 245
let UC_ARM64_REG_V18 = 246
let UC_ARM64_REG_V19 = 247
let UC_ARM64_REG_V20 = 248
let UC_ARM64_REG_V21 = 249
let UC_ARM64_REG_V22 = 250
let UC_ARM64_REG_V23 = 251
let UC_ARM64_REG_V24 = 252
let UC_ARM64_REG_V25 = 253
let UC_ARM64_REG_V26 = 254
let UC_ARM64_REG_V27 = 255
let UC_ARM64_REG_V28 = 256
let UC_ARM64_REG_V29 = 257
let UC_ARM64_REG_V30 = 258
let UC_ARM64_REG_V31 = 259
// pseudo registers
let UC_ARM64_REG_PC = 260
let UC_ARM64_REG_ENDING = 261
// alias registers
let UC_ARM64_REG_IP1 = 215
let UC_ARM64_REG_IP0 = 216
let UC_ARM64_REG_FP = 1
let UC_ARM64_REG_LR = 2

View File

@ -1,96 +0,0 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornEngine.Const
open System
[<AutoOpen>]
module Common =
let UC_API_MAJOR = 0
let UC_API_MINOR = 9
let UC_SECOND_SCALE = 1000000
let UC_MILISECOND_SCALE = 1000
let UC_ARCH_ARM = 1
let UC_ARCH_ARM64 = 2
let UC_ARCH_MIPS = 3
let UC_ARCH_X86 = 4
let UC_ARCH_PPC = 5
let UC_ARCH_SPARC = 6
let UC_ARCH_M68K = 7
let UC_ARCH_MAX = 8
let UC_MODE_LITTLE_ENDIAN = 0
let UC_MODE_ARM = 0
let UC_MODE_16 = 2
let UC_MODE_32 = 4
let UC_MODE_64 = 8
let UC_MODE_THUMB = 16
let UC_MODE_MCLASS = 32
let UC_MODE_V8 = 64
let UC_MODE_MICRO = 16
let UC_MODE_MIPS3 = 32
let UC_MODE_MIPS32R6 = 64
let UC_MODE_V9 = 16
let UC_MODE_QPX = 16
let UC_MODE_BIG_ENDIAN = 1073741824
let UC_MODE_MIPS32 = 4
let UC_MODE_MIPS64 = 8
let UC_ERR_OK = 0
let UC_ERR_NOMEM = 1
let UC_ERR_ARCH = 2
let UC_ERR_HANDLE = 3
let UC_ERR_MODE = 4
let UC_ERR_VERSION = 5
let UC_ERR_READ_UNMAPPED = 6
let UC_ERR_WRITE_UNMAPPED = 7
let UC_ERR_FETCH_UNMAPPED = 8
let UC_ERR_HOOK = 9
let UC_ERR_INSN_INVALID = 10
let UC_ERR_MAP = 11
let UC_ERR_WRITE_PROT = 12
let UC_ERR_READ_PROT = 13
let UC_ERR_FETCH_PROT = 14
let UC_ERR_ARG = 15
let UC_ERR_READ_UNALIGNED = 16
let UC_ERR_WRITE_UNALIGNED = 17
let UC_ERR_FETCH_UNALIGNED = 18
let UC_ERR_HOOK_EXIST = 19
let UC_ERR_RESOURCE = 20
let UC_MEM_READ = 16
let UC_MEM_WRITE = 17
let UC_MEM_FETCH = 18
let UC_MEM_READ_UNMAPPED = 19
let UC_MEM_WRITE_UNMAPPED = 20
let UC_MEM_FETCH_UNMAPPED = 21
let UC_MEM_WRITE_PROT = 22
let UC_MEM_READ_PROT = 23
let UC_MEM_FETCH_PROT = 24
let UC_HOOK_INTR = 1
let UC_HOOK_INSN = 2
let UC_HOOK_CODE = 4
let UC_HOOK_BLOCK = 8
let UC_HOOK_MEM_READ_UNMAPPED = 16
let UC_HOOK_MEM_WRITE_UNMAPPED = 32
let UC_HOOK_MEM_FETCH_UNMAPPED = 64
let UC_HOOK_MEM_READ_PROT = 128
let UC_HOOK_MEM_WRITE_PROT = 256
let UC_HOOK_MEM_FETCH_PROT = 512
let UC_HOOK_MEM_READ = 1024
let UC_HOOK_MEM_WRITE = 2048
let UC_HOOK_MEM_FETCH = 4096
let UC_HOOK_MEM_UNMAPPED = 112
let UC_HOOK_MEM_PROT = 896
let UC_HOOK_MEM_READ_INVALID = 144
let UC_HOOK_MEM_WRITE_INVALID = 288
let UC_HOOK_MEM_FETCH_INVALID = 576
let UC_HOOK_MEM_INVALID = 1008
let UC_PROT_NONE = 0
let UC_PROT_READ = 1
let UC_PROT_WRITE = 2
let UC_PROT_EXEC = 4
let UC_PROT_ALL = 7

View File

@ -1,32 +0,0 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornEngine.Const
open System
[<AutoOpen>]
module M68k =
// M68K registers
let UC_M68K_REG_INVALID = 0
let UC_M68K_REG_A0 = 1
let UC_M68K_REG_A1 = 2
let UC_M68K_REG_A2 = 3
let UC_M68K_REG_A3 = 4
let UC_M68K_REG_A4 = 5
let UC_M68K_REG_A5 = 6
let UC_M68K_REG_A6 = 7
let UC_M68K_REG_A7 = 8
let UC_M68K_REG_D0 = 9
let UC_M68K_REG_D1 = 10
let UC_M68K_REG_D2 = 11
let UC_M68K_REG_D3 = 12
let UC_M68K_REG_D4 = 13
let UC_M68K_REG_D5 = 14
let UC_M68K_REG_D6 = 15
let UC_M68K_REG_D7 = 16
let UC_M68K_REG_SR = 17
let UC_M68K_REG_PC = 18
let UC_M68K_REG_ENDING = 19

View File

@ -1,203 +0,0 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornEngine.Const
open System
[<AutoOpen>]
module Mips =
// MIPS registers
let UC_MIPS_REG_INVALID = 0
// General purpose registers
let UC_MIPS_REG_PC = 1
let UC_MIPS_REG_0 = 2
let UC_MIPS_REG_1 = 3
let UC_MIPS_REG_2 = 4
let UC_MIPS_REG_3 = 5
let UC_MIPS_REG_4 = 6
let UC_MIPS_REG_5 = 7
let UC_MIPS_REG_6 = 8
let UC_MIPS_REG_7 = 9
let UC_MIPS_REG_8 = 10
let UC_MIPS_REG_9 = 11
let UC_MIPS_REG_10 = 12
let UC_MIPS_REG_11 = 13
let UC_MIPS_REG_12 = 14
let UC_MIPS_REG_13 = 15
let UC_MIPS_REG_14 = 16
let UC_MIPS_REG_15 = 17
let UC_MIPS_REG_16 = 18
let UC_MIPS_REG_17 = 19
let UC_MIPS_REG_18 = 20
let UC_MIPS_REG_19 = 21
let UC_MIPS_REG_20 = 22
let UC_MIPS_REG_21 = 23
let UC_MIPS_REG_22 = 24
let UC_MIPS_REG_23 = 25
let UC_MIPS_REG_24 = 26
let UC_MIPS_REG_25 = 27
let UC_MIPS_REG_26 = 28
let UC_MIPS_REG_27 = 29
let UC_MIPS_REG_28 = 30
let UC_MIPS_REG_29 = 31
let UC_MIPS_REG_30 = 32
let UC_MIPS_REG_31 = 33
// DSP registers
let UC_MIPS_REG_DSPCCOND = 34
let UC_MIPS_REG_DSPCARRY = 35
let UC_MIPS_REG_DSPEFI = 36
let UC_MIPS_REG_DSPOUTFLAG = 37
let UC_MIPS_REG_DSPOUTFLAG16_19 = 38
let UC_MIPS_REG_DSPOUTFLAG20 = 39
let UC_MIPS_REG_DSPOUTFLAG21 = 40
let UC_MIPS_REG_DSPOUTFLAG22 = 41
let UC_MIPS_REG_DSPOUTFLAG23 = 42
let UC_MIPS_REG_DSPPOS = 43
let UC_MIPS_REG_DSPSCOUNT = 44
// ACC registers
let UC_MIPS_REG_AC0 = 45
let UC_MIPS_REG_AC1 = 46
let UC_MIPS_REG_AC2 = 47
let UC_MIPS_REG_AC3 = 48
// COP registers
let UC_MIPS_REG_CC0 = 49
let UC_MIPS_REG_CC1 = 50
let UC_MIPS_REG_CC2 = 51
let UC_MIPS_REG_CC3 = 52
let UC_MIPS_REG_CC4 = 53
let UC_MIPS_REG_CC5 = 54
let UC_MIPS_REG_CC6 = 55
let UC_MIPS_REG_CC7 = 56
// FPU registers
let UC_MIPS_REG_F0 = 57
let UC_MIPS_REG_F1 = 58
let UC_MIPS_REG_F2 = 59
let UC_MIPS_REG_F3 = 60
let UC_MIPS_REG_F4 = 61
let UC_MIPS_REG_F5 = 62
let UC_MIPS_REG_F6 = 63
let UC_MIPS_REG_F7 = 64
let UC_MIPS_REG_F8 = 65
let UC_MIPS_REG_F9 = 66
let UC_MIPS_REG_F10 = 67
let UC_MIPS_REG_F11 = 68
let UC_MIPS_REG_F12 = 69
let UC_MIPS_REG_F13 = 70
let UC_MIPS_REG_F14 = 71
let UC_MIPS_REG_F15 = 72
let UC_MIPS_REG_F16 = 73
let UC_MIPS_REG_F17 = 74
let UC_MIPS_REG_F18 = 75
let UC_MIPS_REG_F19 = 76
let UC_MIPS_REG_F20 = 77
let UC_MIPS_REG_F21 = 78
let UC_MIPS_REG_F22 = 79
let UC_MIPS_REG_F23 = 80
let UC_MIPS_REG_F24 = 81
let UC_MIPS_REG_F25 = 82
let UC_MIPS_REG_F26 = 83
let UC_MIPS_REG_F27 = 84
let UC_MIPS_REG_F28 = 85
let UC_MIPS_REG_F29 = 86
let UC_MIPS_REG_F30 = 87
let UC_MIPS_REG_F31 = 88
let UC_MIPS_REG_FCC0 = 89
let UC_MIPS_REG_FCC1 = 90
let UC_MIPS_REG_FCC2 = 91
let UC_MIPS_REG_FCC3 = 92
let UC_MIPS_REG_FCC4 = 93
let UC_MIPS_REG_FCC5 = 94
let UC_MIPS_REG_FCC6 = 95
let UC_MIPS_REG_FCC7 = 96
// AFPR128
let UC_MIPS_REG_W0 = 97
let UC_MIPS_REG_W1 = 98
let UC_MIPS_REG_W2 = 99
let UC_MIPS_REG_W3 = 100
let UC_MIPS_REG_W4 = 101
let UC_MIPS_REG_W5 = 102
let UC_MIPS_REG_W6 = 103
let UC_MIPS_REG_W7 = 104
let UC_MIPS_REG_W8 = 105
let UC_MIPS_REG_W9 = 106
let UC_MIPS_REG_W10 = 107
let UC_MIPS_REG_W11 = 108
let UC_MIPS_REG_W12 = 109
let UC_MIPS_REG_W13 = 110
let UC_MIPS_REG_W14 = 111
let UC_MIPS_REG_W15 = 112
let UC_MIPS_REG_W16 = 113
let UC_MIPS_REG_W17 = 114
let UC_MIPS_REG_W18 = 115
let UC_MIPS_REG_W19 = 116
let UC_MIPS_REG_W20 = 117
let UC_MIPS_REG_W21 = 118
let UC_MIPS_REG_W22 = 119
let UC_MIPS_REG_W23 = 120
let UC_MIPS_REG_W24 = 121
let UC_MIPS_REG_W25 = 122
let UC_MIPS_REG_W26 = 123
let UC_MIPS_REG_W27 = 124
let UC_MIPS_REG_W28 = 125
let UC_MIPS_REG_W29 = 126
let UC_MIPS_REG_W30 = 127
let UC_MIPS_REG_W31 = 128
let UC_MIPS_REG_HI = 129
let UC_MIPS_REG_LO = 130
let UC_MIPS_REG_P0 = 131
let UC_MIPS_REG_P1 = 132
let UC_MIPS_REG_P2 = 133
let UC_MIPS_REG_MPL0 = 134
let UC_MIPS_REG_MPL1 = 135
let UC_MIPS_REG_MPL2 = 136
let UC_MIPS_REG_ENDING = 137
let UC_MIPS_REG_ZERO = 2
let UC_MIPS_REG_AT = 3
let UC_MIPS_REG_V0 = 4
let UC_MIPS_REG_V1 = 5
let UC_MIPS_REG_A0 = 6
let UC_MIPS_REG_A1 = 7
let UC_MIPS_REG_A2 = 8
let UC_MIPS_REG_A3 = 9
let UC_MIPS_REG_T0 = 10
let UC_MIPS_REG_T1 = 11
let UC_MIPS_REG_T2 = 12
let UC_MIPS_REG_T3 = 13
let UC_MIPS_REG_T4 = 14
let UC_MIPS_REG_T5 = 15
let UC_MIPS_REG_T6 = 16
let UC_MIPS_REG_T7 = 17
let UC_MIPS_REG_S0 = 18
let UC_MIPS_REG_S1 = 19
let UC_MIPS_REG_S2 = 20
let UC_MIPS_REG_S3 = 21
let UC_MIPS_REG_S4 = 22
let UC_MIPS_REG_S5 = 23
let UC_MIPS_REG_S6 = 24
let UC_MIPS_REG_S7 = 25
let UC_MIPS_REG_T8 = 26
let UC_MIPS_REG_T9 = 27
let UC_MIPS_REG_K0 = 28
let UC_MIPS_REG_K1 = 29
let UC_MIPS_REG_GP = 30
let UC_MIPS_REG_SP = 31
let UC_MIPS_REG_FP = 32
let UC_MIPS_REG_S8 = 32
let UC_MIPS_REG_RA = 33
let UC_MIPS_REG_HI0 = 45
let UC_MIPS_REG_HI1 = 46
let UC_MIPS_REG_HI2 = 47
let UC_MIPS_REG_HI3 = 48
let UC_MIPS_REG_LO0 = 45
let UC_MIPS_REG_LO1 = 46
let UC_MIPS_REG_LO2 = 47
let UC_MIPS_REG_LO3 = 48

View File

@ -1,104 +0,0 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornEngine.Const
open System
[<AutoOpen>]
module Sparc =
// SPARC registers
let UC_SPARC_REG_INVALID = 0
let UC_SPARC_REG_F0 = 1
let UC_SPARC_REG_F1 = 2
let UC_SPARC_REG_F2 = 3
let UC_SPARC_REG_F3 = 4
let UC_SPARC_REG_F4 = 5
let UC_SPARC_REG_F5 = 6
let UC_SPARC_REG_F6 = 7
let UC_SPARC_REG_F7 = 8
let UC_SPARC_REG_F8 = 9
let UC_SPARC_REG_F9 = 10
let UC_SPARC_REG_F10 = 11
let UC_SPARC_REG_F11 = 12
let UC_SPARC_REG_F12 = 13
let UC_SPARC_REG_F13 = 14
let UC_SPARC_REG_F14 = 15
let UC_SPARC_REG_F15 = 16
let UC_SPARC_REG_F16 = 17
let UC_SPARC_REG_F17 = 18
let UC_SPARC_REG_F18 = 19
let UC_SPARC_REG_F19 = 20
let UC_SPARC_REG_F20 = 21
let UC_SPARC_REG_F21 = 22
let UC_SPARC_REG_F22 = 23
let UC_SPARC_REG_F23 = 24
let UC_SPARC_REG_F24 = 25
let UC_SPARC_REG_F25 = 26
let UC_SPARC_REG_F26 = 27
let UC_SPARC_REG_F27 = 28
let UC_SPARC_REG_F28 = 29
let UC_SPARC_REG_F29 = 30
let UC_SPARC_REG_F30 = 31
let UC_SPARC_REG_F31 = 32
let UC_SPARC_REG_F32 = 33
let UC_SPARC_REG_F34 = 34
let UC_SPARC_REG_F36 = 35
let UC_SPARC_REG_F38 = 36
let UC_SPARC_REG_F40 = 37
let UC_SPARC_REG_F42 = 38
let UC_SPARC_REG_F44 = 39
let UC_SPARC_REG_F46 = 40
let UC_SPARC_REG_F48 = 41
let UC_SPARC_REG_F50 = 42
let UC_SPARC_REG_F52 = 43
let UC_SPARC_REG_F54 = 44
let UC_SPARC_REG_F56 = 45
let UC_SPARC_REG_F58 = 46
let UC_SPARC_REG_F60 = 47
let UC_SPARC_REG_F62 = 48
let UC_SPARC_REG_FCC0 = 49
let UC_SPARC_REG_FCC1 = 50
let UC_SPARC_REG_FCC2 = 51
let UC_SPARC_REG_FCC3 = 52
let UC_SPARC_REG_G0 = 53
let UC_SPARC_REG_G1 = 54
let UC_SPARC_REG_G2 = 55
let UC_SPARC_REG_G3 = 56
let UC_SPARC_REG_G4 = 57
let UC_SPARC_REG_G5 = 58
let UC_SPARC_REG_G6 = 59
let UC_SPARC_REG_G7 = 60
let UC_SPARC_REG_I0 = 61
let UC_SPARC_REG_I1 = 62
let UC_SPARC_REG_I2 = 63
let UC_SPARC_REG_I3 = 64
let UC_SPARC_REG_I4 = 65
let UC_SPARC_REG_I5 = 66
let UC_SPARC_REG_FP = 67
let UC_SPARC_REG_I7 = 68
let UC_SPARC_REG_ICC = 69
let UC_SPARC_REG_L0 = 70
let UC_SPARC_REG_L1 = 71
let UC_SPARC_REG_L2 = 72
let UC_SPARC_REG_L3 = 73
let UC_SPARC_REG_L4 = 74
let UC_SPARC_REG_L5 = 75
let UC_SPARC_REG_L6 = 76
let UC_SPARC_REG_L7 = 77
let UC_SPARC_REG_O0 = 78
let UC_SPARC_REG_O1 = 79
let UC_SPARC_REG_O2 = 80
let UC_SPARC_REG_O3 = 81
let UC_SPARC_REG_O4 = 82
let UC_SPARC_REG_O5 = 83
let UC_SPARC_REG_SP = 84
let UC_SPARC_REG_O7 = 85
let UC_SPARC_REG_Y = 86
let UC_SPARC_REG_XCC = 87
let UC_SPARC_REG_PC = 88
let UC_SPARC_REG_ENDING = 89
let UC_SPARC_REG_O6 = 84
let UC_SPARC_REG_I6 = 67

File diff suppressed because it is too large Load Diff

View File

@ -1,53 +0,0 @@
(*
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*)
namespace UnicornEngine
open System
open System.Runtime.InteropServices
// internal hooks to be passed to native Unicorn library
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal CodeHookInternal = delegate of IntPtr * UInt64 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal BlockHookInternal = delegate of IntPtr * UInt64 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal InterruptHookInternal = delegate of IntPtr * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal MemReadHookInternal = delegate of IntPtr * UInt64 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal MemWriteHookInternal = delegate of IntPtr * UInt64 * Int32 * UInt64 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal EventMemHookInternal = delegate of IntPtr * UInt64 * Int32 * UInt64 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal InHookInternal = delegate of IntPtr * Int32 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal OutHookInternal = delegate of IntPtr * Int32 * Int32 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal SyscallHookInternal = delegate of IntPtr * IntPtr -> unit

View File

@ -1,95 +0,0 @@
(*
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*)
namespace UnicornEngine
open System
open System.Runtime.InteropServices
module NativeUnicornEngine =
module private Imported =
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_version(UIntPtr major, UIntPtr minor)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_open(UInt32 arch, UInt32 mode, UIntPtr[] engine)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_close(UIntPtr eng)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_map(UIntPtr eng, UInt64 address, UIntPtr size, UInt32 perm)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_write(UIntPtr eng, UInt64 address, Byte[] value, UIntPtr size)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_read(UIntPtr eng, UInt64 address, Byte[] value, UIntPtr size)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_reg_write(UIntPtr eng, Int32 regId, Byte[] value)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_reg_read(UIntPtr eng, Int32 regId, Byte[] value)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_emu_start(UIntPtr eng, UInt64 beginAddr, UInt64 untilAddr, UInt64 timeout, UIntPtr count)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_emu_stop(UIntPtr eng)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Boolean uc_arch_supported(Int32 arch)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_errno(UIntPtr eng)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern IntPtr uc_strerror(Int32 err)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl, EntryPoint = "uc_hook_add")>]
extern Int32 uc_hook_add_noarg(UIntPtr eng, UIntPtr hh, Int32 callbackType, UIntPtr callback, IntPtr userData)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl, EntryPoint = "uc_hook_add")>]
extern Int32 uc_hook_add_arg0(UIntPtr eng, UIntPtr hh, Int32 callbackType, UIntPtr callback, IntPtr userData, IntPtr arg0)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl, EntryPoint = "uc_hook_add")>]
extern Int32 uc_hook_add_arg0_arg1(UIntPtr eng, UIntPtr hh, Int32 callbackType, UIntPtr callback, IntPtr userData, UInt64 arg0, UInt64 arg1)
// by using a mutables variables it is easier to create testing code
let mutable version = fun(major, minor) -> Imported.uc_version(major, minor)
let mutable uc_open = fun(arch, mode, uc) -> Imported.uc_open(arch, mode, uc)
let mutable close = fun(eng) -> Imported.uc_close(eng)
let mutable mem_map = fun(eng, adress, size, perm) -> Imported.uc_mem_map(eng, adress, size, perm)
let mutable mem_write = fun(eng, adress, value, size) -> Imported.uc_mem_write(eng, adress, value, size)
let mutable mem_read = fun(eng, adress, value, size) -> Imported.uc_mem_read(eng, adress, value, size)
let mutable reg_write = fun(eng, regId, value) -> Imported.uc_reg_write(eng, regId, value)
let mutable reg_read = fun(eng, regId, value) -> Imported.uc_reg_read(eng, regId, value)
let mutable emu_start = fun(eng, beginAddr, untilAddr, timeout, count) -> Imported.uc_emu_start(eng, beginAddr, untilAddr, timeout, count)
let mutable emu_stop = fun(eng) -> Imported.uc_emu_stop(eng)
let mutable arch_supported = fun(arch) -> Imported.uc_arch_supported(arch)
let mutable errno = fun(eng) -> Imported.uc_errno(eng)
let mutable strerror = fun(err) -> Imported.uc_strerror(err)
let mutable hook_add_noarg = fun(eng, hh, callbackType, callback, userData) -> Imported.uc_hook_add_noarg(eng, hh, callbackType, callback, userData)
let mutable hook_add_arg0 = fun(eng, hh, callbackType, callback, userData, arg0) -> Imported.uc_hook_add_arg0(eng, hh, callbackType, callback, userData, arg0)
let mutable hook_add_arg0_arg1 = fun(eng, hh, callbackType, callback, userData, arg0, arg1) -> Imported.uc_hook_add_arg0_arg1(eng, hh, callbackType, callback, userData, arg0, arg1)

View File

@ -1,277 +0,0 @@
(*
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*)
namespace UnicornEngine
open System
open System.Threading
open System.Collections.Generic
open System.Runtime.InteropServices
open UnicornEngine.Const
// exported hooks
type CodeHook = delegate of Unicorn * UInt64 * Int32 * Object -> unit
and BlockHook = delegate of Unicorn * UInt64 * Int32 * Object -> unit
and InterruptHook = delegate of Unicorn * Int32 * Object -> unit
and MemReadHook = delegate of Unicorn * UInt64 * Int32 * Object -> unit
and MemWriteHook = delegate of Unicorn * UInt64 * Int32 * UInt64 * Object -> unit
and EventMemHook = delegate of Unicorn * UInt64 * Int32 * UInt64 * Object -> unit
and InHook = delegate of Unicorn * Int32 * Int32 * Object -> unit
and OutHook = delegate of Unicorn * Int32 * Int32 * Int32 * Object -> unit
and SyscallHook = delegate of Unicorn * Object -> unit
// the managed unicorn engine
and Unicorn(arch: Int32, mode: Int32) =
// hook callback list
let _codeHooks = new Dictionary<IntPtr, (CodeHook * Object)>()
let _blockHooks = new Dictionary<IntPtr, (BlockHook * Object)>()
let _interruptHooks = new Dictionary<IntPtr, (InterruptHook * Object)>()
let _memReadHooks = new Dictionary<IntPtr, (MemReadHook * Object)>()
let _memWriteHooks = new Dictionary<IntPtr, (MemWriteHook * Object)>()
let _memEventHooks = new Dictionary<IntPtr, (EventMemHook * Object)>()
let _inHooks = new Dictionary<IntPtr, (InHook * Object)>()
let _outHooks = new Dictionary<IntPtr, (OutHook * Object)>()
let _syscallHooks = new Dictionary<IntPtr, (SyscallHook * Object)>()
let mutable _eng = [|UIntPtr.Zero|]
let checkResult(errCode: Int32, errMsg: String) =
if errCode <> Common.UC_ERR_OK then raise(ApplicationException(String.Format("{0}. Error: {1}", errMsg, errCode)))
let getId =
let counter = ref 0
fun () -> new IntPtr(Interlocked.Increment(counter))
let hookDel(callbacks: Dictionary<IntPtr, 'a * Object>) (callback: 'a)=
// TODO: invoke the native function in order to not call the trampoline anymore
callbacks.Keys
|> Seq.tryFind(fun k -> match callbacks.[k] with | (c, _) -> c = callback)
|> (fun k -> if k.IsSome then callbacks.Remove(k.Value) |> ignore)
do
let mem = Marshal.AllocHGlobal(IntPtr.Size)
_eng <- [|new UIntPtr(mem.ToPointer())|]
let err = NativeUnicornEngine.uc_open(uint32 arch, uint32 mode, _eng)
checkResult(err, "Unable to open the Unicorn Engine")
member private this.CheckResult(errorCode: Int32) =
// return the exception instead of raising it in order to have a more meaningful stack trace
if errorCode <> Common.UC_ERR_OK then
let errorMessage = this.StrError(errorCode)
Some <| UnicornEngineException(errorCode, errorMessage)
else None
member this.MemMap(address: UInt64, size: UIntPtr, perm: Int32) =
match NativeUnicornEngine.mem_map(_eng.[0], address, size, uint32 perm) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemWrite(address: UInt64, value: Byte array) =
match NativeUnicornEngine.mem_write(_eng.[0], address, value, new UIntPtr(uint32 value.Length)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemRead(address: UInt64, memValue: Byte array) =
match NativeUnicornEngine.mem_read(_eng.[0], address, memValue, new UIntPtr(uint32 memValue.Length)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.RegWrite(regId: Int32, value: Byte array) =
match NativeUnicornEngine.reg_write(_eng.[0], regId, value) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.RegRead(regId: Int32, regValue: Byte array) =
match NativeUnicornEngine.reg_read(_eng.[0], regId, regValue) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.EmuStart(beginAddr: UInt64, untilAddr: UInt64, timeout: UInt64, count: UIntPtr) =
match NativeUnicornEngine.emu_start(_eng.[0], beginAddr, untilAddr, timeout, count) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.EmuStop() =
match NativeUnicornEngine.emu_stop(_eng.[0]) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.Close() =
match NativeUnicornEngine.close(_eng.[0]) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.ArchSupported(arch: Int32) =
NativeUnicornEngine.arch_supported(arch)
member this.ErrNo() =
NativeUnicornEngine.errno(_eng.[0])
member this.StrError(errorNo: Int32) =
let errorStringPointer = NativeUnicornEngine.strerror(errorNo)
Marshal.PtrToStringAnsi(errorStringPointer)
member this.AddCodeHook(callback: CodeHook, userData: Object, beginAdd: UInt64, endAddr: UInt64) =
let trampoline(u: IntPtr) (addr: UInt64) (size: Int32) (user: IntPtr) =
let (exist, (callback, userData)) = _codeHooks.TryGetValue(user)
if exist then callback.Invoke(this, addr, size, userData)
let id = getId()
_codeHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new CodeHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0_arg1(_eng.[0], hh, Common.UC_HOOK_CODE, new UIntPtr(funcPointer.ToPointer()), id, beginAdd, endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.HookDel(callback: CodeHook) =
hookDel _codeHooks callback
member this.AddBlockHook(callback: BlockHook, userData: Object, beginAdd: UInt64, endAddr: UInt64) =
let trampoline(u: IntPtr) (addr: UInt64) (size: Int32) (user: IntPtr) =
let (exist, (callback, userData)) = _blockHooks.TryGetValue(user)
if exist then callback.Invoke(this, addr, size, userData)
let id = getId()
_blockHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new BlockHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0_arg1(_eng.[0], hh, Common.UC_HOOK_BLOCK, new UIntPtr(funcPointer.ToPointer()), id, beginAdd, endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.HookDel(callback: BlockHook) =
hookDel _blockHooks callback
member this.AddInterruptHook(callback: InterruptHook, userData: Object) =
let trampoline(u: IntPtr) (intNumber: Int32) (user: IntPtr) =
let (exist, (callback, userData)) = _interruptHooks.TryGetValue(user)
if exist then callback.Invoke(this, intNumber, userData)
let id = getId()
_interruptHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new InterruptHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_noarg(_eng.[0], hh, Common.UC_HOOK_INTR, new UIntPtr(funcPointer.ToPointer()), id) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.HookDel(callback: InterruptHook) =
hookDel _interruptHooks callback
member this.AddMemReadHook(callback: MemReadHook, userData: Object, beginAdd: UInt64, endAddr: UInt64) =
let trampoline(u: IntPtr) (addr: UInt64) (size: Int32) (user: IntPtr) =
let (exist, (callback, userData)) = _memReadHooks.TryGetValue(user)
if exist then callback.Invoke(this, addr, size, userData)
let id = getId()
_memReadHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new MemReadHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0_arg1(_eng.[0], hh, Common.UC_HOOK_MEM_READ, new UIntPtr(funcPointer.ToPointer()), id, beginAdd, endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.HookDel(callback: MemReadHook) =
hookDel _memReadHooks callback
member this.AddMemWriteHook(callback: MemWriteHook, userData: Object, beginAdd: UInt64, endAddr: UInt64) =
let trampoline(u: IntPtr) (addr: UInt64) (size: Int32) (value: UInt64) (user: IntPtr) =
let (exist, (callback, userData)) = _memWriteHooks.TryGetValue(user)
if exist then callback.Invoke(this, addr, size, value, userData)
let id = getId()
_memWriteHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new MemWriteHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0_arg1(_eng.[0], hh, Common.UC_HOOK_MEM_WRITE, new UIntPtr(funcPointer.ToPointer()), id, beginAdd, endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.HookDel(callback: MemWriteHook) =
hookDel _memWriteHooks callback
member this.AddEventMemHook(callback: EventMemHook, eventType: Int32, userData: Object) =
let trampoline(u: IntPtr) (addr: UInt64) (size: Int32) (value: UInt64) (user: IntPtr) =
let (exist, (callback, userData)) = _memEventHooks.TryGetValue(user)
if exist then callback.Invoke(this, addr, size, value, userData)
let registEventMemHook(check: Int32) =
let id = getId()
_memEventHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new EventMemHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_noarg(_eng.[0], hh, check, new UIntPtr(funcPointer.ToPointer()), id) |> this.CheckResult with
| Some e -> raise e | None -> ()
// test all the events types agains the input eventType
[
Common.UC_HOOK_MEM_READ_UNMAPPED
Common.UC_HOOK_MEM_WRITE_UNMAPPED
Common.UC_HOOK_MEM_FETCH_UNMAPPED
Common.UC_HOOK_MEM_READ_PROT
Common.UC_HOOK_MEM_WRITE_PROT
Common.UC_HOOK_MEM_FETCH_PROT
]
|> List.filter(fun eventFlag -> eventType &&& eventFlag <> 0)
|> List.map registEventMemHook
|> List.rev |> List.head
member this.HookDel(callback: EventMemHook) =
hookDel _memEventHooks callback
member this.AddInHook(callback: InHook, userData: Object) =
let trampoline(u: IntPtr) (port: Int32) (size: Int32) (user: IntPtr) =
let (exist, (callback, userData)) = _inHooks.TryGetValue(user)
if exist then callback.Invoke(this, port, size, userData)
let id = getId()
_inHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new InHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0(_eng.[0], hh, Common.UC_HOOK_INSN, new UIntPtr(funcPointer.ToPointer()), id, new IntPtr(X86.UC_X86_INS_IN)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.AddOutHook(callback: OutHook, userData: Object) =
let trampoline(u: IntPtr) (port: Int32) (size: Int32) (value: Int32) (user: IntPtr) =
let (exist, (callback, userData)) = _outHooks.TryGetValue(user)
if exist then callback.Invoke(this, port, size, value, userData)
let id = getId()
_outHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new OutHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0(_eng.[0], hh, Common.UC_HOOK_INSN, new UIntPtr(funcPointer.ToPointer()), id, new IntPtr(X86.UC_X86_INS_OUT)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.AddSyscallHook(callback: SyscallHook, userData: Object) =
let trampoline(u: IntPtr) (user: IntPtr) =
let (exist, (callback, userData)) = _syscallHooks.TryGetValue(user)
if exist then callback.Invoke(this, userData)
let id = getId()
_syscallHooks.Add(id, (callback, userData))
let funcPointer = Marshal.GetFunctionPointerForDelegate(new SyscallHookInternal(trampoline))
let hh = new UIntPtr(Marshal.AllocHGlobal(IntPtr.Size).ToPointer())
match NativeUnicornEngine.hook_add_arg0(_eng.[0], hh, Common.UC_HOOK_INSN, new UIntPtr(funcPointer.ToPointer()), id, new IntPtr(X86.UC_X86_INS_SYSCALL)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.Version() =
let (major, minor) = (new UIntPtr(), new UIntPtr())
let combined = NativeUnicornEngine.version(major, minor)
(major.ToUInt32(), minor.ToUInt32(), combined)

View File

@ -1,30 +0,0 @@
(*
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*)
namespace UnicornEngine
open System
type UnicornEngineException(errNo: Int32, msg: String) =
inherit ApplicationException(msg)
member this.ErrorNo = errNo

View File

@ -0,0 +1,28 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 14
VisualStudioVersion = 14.0.23107.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UnicornSamples", "UnicornSamples\UnicornSamples.csproj", "{B80B5987-1E24-4309-8BF9-C4F91270F21C}"
EndProject
Project("{F2A71F9B-5D33-465A-A702-920D77279786}") = "UnicornManaged", "UnicornManaged\UnicornManaged.fsproj", "{0C21F1C1-2725-4A46-9022-1905F85822A5}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{B80B5987-1E24-4309-8BF9-C4F91270F21C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{B80B5987-1E24-4309-8BF9-C4F91270F21C}.Debug|Any CPU.Build.0 = Debug|Any CPU
{B80B5987-1E24-4309-8BF9-C4F91270F21C}.Release|Any CPU.ActiveCfg = Release|Any CPU
{B80B5987-1E24-4309-8BF9-C4F91270F21C}.Release|Any CPU.Build.0 = Release|Any CPU
{0C21F1C1-2725-4A46-9022-1905F85822A5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{0C21F1C1-2725-4A46-9022-1905F85822A5}.Debug|Any CPU.Build.0 = Debug|Any CPU
{0C21F1C1-2725-4A46-9022-1905F85822A5}.Release|Any CPU.ActiveCfg = Release|Any CPU
{0C21F1C1-2725-4A46-9022-1905F85822A5}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

View File

@ -0,0 +1,41 @@
namespace UnicornManaged.AssemblyInfo
open System.Reflection
open System.Runtime.CompilerServices
open System.Runtime.InteropServices
// General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information
// associated with an assembly.
[<assembly: AssemblyTitle("UnicornManaged")>]
[<assembly: AssemblyDescription("")>]
[<assembly: AssemblyConfiguration("")>]
[<assembly: AssemblyCompany("")>]
[<assembly: AssemblyProduct("UnicornManaged")>]
[<assembly: AssemblyCopyright("Copyright © Antonio Parata 2016")>]
[<assembly: AssemblyTrademark("")>]
[<assembly: AssemblyCulture("")>]
// Setting ComVisible to false makes the types in this assembly not visible
// to COM components. If you need to access a type in this assembly from
// COM, set the ComVisible attribute to true on that type.
[<assembly: ComVisible(false)>]
// The following GUID is for the ID of the typelib if this project is exposed to COM
[<assembly: Guid("0c21f1c1-2725-4a46-9022-1905f85822a5")>]
// Version information for an assembly consists of the following four values:
//
// Major Version
// Minor Version
// Build Number
// Revision
//
// You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below:
// [<assembly: AssemblyVersion("1.0.*")>]
[<assembly: AssemblyVersion("1.0.0.0")>]
[<assembly: AssemblyFileVersion("1.0.0.0")>]
do
()

View File

@ -0,0 +1,13 @@
namespace UnicornManaged.Binding
open System
module BindingFactory =
let mutable _instance = NativeBinding.instance
let setDefaultBinding(binding: IBinding) =
_instance <- binding
let getDefault() =
_instance

View File

@ -0,0 +1,28 @@
namespace UnicornManaged.Binding
open System
type IBinding =
interface
abstract Version : UIntPtr * UIntPtr -> Int32
abstract ArchSupported : Int32 -> Boolean
abstract UcOpen : UInt32 * UInt32 * UIntPtr array -> Int32
abstract Close : UIntPtr -> Int32
abstract Strerror : Int32 -> IntPtr
abstract Errono : UIntPtr -> Int32
abstract RegRead : UIntPtr * Int32 * Byte array -> Int32
abstract RegWrite : UIntPtr * Int32 * Byte array -> Int32
abstract MemRead : UIntPtr * UInt64 * Byte array * UIntPtr -> Int32
abstract MemWrite : UIntPtr * UInt64 * Byte array * UIntPtr -> Int32
abstract EmuStart : UIntPtr * UInt64 * UInt64 * UInt64 * UInt64 -> Int32
abstract EmuStop : UIntPtr -> Int32
abstract HookDel : UIntPtr * UIntPtr -> Int32
abstract MemMap : UIntPtr * UInt64 * UIntPtr * UInt32 -> Int32
abstract MemMapPtr : UIntPtr * UInt64 * UIntPtr * UInt32 * UIntPtr -> Int32
abstract MemUnmap : UIntPtr * UInt64 * UIntPtr -> Int32
abstract MemProtect : UIntPtr * UInt64 * UIntPtr * UInt32 -> Int32
abstract HookAddNoarg : UIntPtr * UIntPtr * Int32 * UIntPtr * IntPtr -> Int32
abstract HookAddArg0 : UIntPtr * UIntPtr * Int32 * UIntPtr * IntPtr * Int32 -> Int32
abstract HookAddArg0Arg1 : UIntPtr * UIntPtr * Int32 * UIntPtr * IntPtr * UInt64 * UInt64 -> Int32
end

View File

@ -0,0 +1,51 @@
namespace UnicornManaged.Binding
open System
module internal MockBinding =
// by using a mutables variables it is easier to create testing code
let mutable version = fun(major, minor) -> 0
let mutable uc_open = fun(arch, mode, uc) -> 0
let mutable close = fun(eng) -> 0
let mutable mem_map = fun(eng, adress, size, perm) -> 0
let mutable mem_map_ptr = fun(eng, address, size, perms, ptr) -> 0
let mutable mem_unmap = fun(eng, address, size) -> 0
let mutable mem_protect = fun(eng, address, size, perms) -> 0
let mutable mem_write = fun(eng, adress, value, size) -> 0
let mutable mem_read = fun(eng, adress, value, size) -> 0
let mutable reg_write = fun(eng, regId, value) -> 0
let mutable reg_read = fun(eng, regId, value) -> 0
let mutable emu_start = fun(eng, beginAddr, untilAddr, timeout, count) -> 0
let mutable emu_stop = fun(eng) -> 0
let mutable hook_del = fun(eng, hook) -> 0
let mutable arch_supported = fun(arch) -> true
let mutable errno = fun(eng) -> 0
let mutable strerror = fun(err) -> new nativeint(0)
let mutable hook_add_noarg = fun(eng, hh, callbackType, callback, userData) -> 0
let mutable hook_add_arg0 = fun(eng, hh, callbackType, callback, userData, arg0) -> 0
let mutable hook_add_arg0_arg1 = fun(eng, hh, callbackType, callback, userData, arg0, arg1) -> 0
let instance =
{new IBinding with
member thi.Version(major, minor) = version(major, minor)
member thi.UcOpen(arch, mode, uc) = uc_open(arch, mode, uc)
member thi.Close(eng) = close(eng)
member thi.MemMap(eng, adress, size, perm) = mem_map(eng, adress, size, perm)
member thi.MemWrite(eng, adress, value, size) = mem_write(eng, adress, value, size)
member thi.MemRead(eng, adress, value, size) = mem_read(eng, adress, value, size)
member thi.RegWrite(eng, regId, value) = reg_write(eng, regId, value)
member thi.RegRead(eng, regId, value) = reg_read(eng, regId, value)
member thi.EmuStart(eng, beginAddr, untilAddr, timeout, count) = emu_start(eng, beginAddr, untilAddr, timeout, count)
member thi.EmuStop(eng) = emu_stop(eng)
member this.HookDel(eng, hook) = hook_del(eng, hook)
member thi.ArchSupported(arch) = arch_supported(arch)
member thi.Errono(eng) = errno(eng)
member thi.Strerror(err) = strerror(err)
member this.MemMapPtr(eng, address, size, perms, ptr) = mem_map_ptr(eng, address, size, perms, ptr)
member this.MemUnmap(eng, address, size) = mem_unmap(eng, address, size)
member this.MemProtect(eng, address, size, perms) = mem_protect(eng, address, size, perms)
member thi.HookAddNoarg(eng, hh, callbackType, callback, userData) = hook_add_noarg(eng, hh, callbackType, callback, userData)
member thi.HookAddArg0(eng, hh, callbackType, callback, userData, arg0) = hook_add_arg0(eng, hh, callbackType, callback, userData, arg0)
member thi.HookAddArg0Arg1(eng, hh, callbackType, callback, userData, arg0, arg1) = hook_add_arg0_arg1(eng, hh, callbackType, callback, userData, arg0, arg1)
}

View File

@ -0,0 +1,93 @@
namespace UnicornManaged.Binding
open System
open System.Runtime.InteropServices
module NativeBinding =
[<AutoOpen>]
module private Imported =
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_version(UIntPtr major, UIntPtr minor)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_open(UInt32 arch, UInt32 mode, UIntPtr[] engine)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_close(UIntPtr eng)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_map(UIntPtr eng, UInt64 address, UIntPtr size, UInt32 perm)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_map_ptr(UIntPtr eng, UInt64 address, UIntPtr size, UInt32 perm, UIntPtr ptr)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_unmap(UIntPtr eng, UInt64 address, UIntPtr size)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_protect(UIntPtr eng, UInt64 address, UIntPtr size, UInt32 perms)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_write(UIntPtr eng, UInt64 address, Byte[] value, UIntPtr size)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_mem_read(UIntPtr eng, UInt64 address, Byte[] value, UIntPtr size)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_reg_write(UIntPtr eng, Int32 regId, Byte[] value)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_reg_read(UIntPtr eng, Int32 regId, Byte[] value)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_emu_start(UIntPtr eng, UInt64 beginAddr, UInt64 untilAddr, UInt64 timeout, UInt64 count)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_emu_stop(UIntPtr eng)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_hook_del(UIntPtr eng, UIntPtr hook)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Boolean uc_arch_supported(Int32 arch)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern Int32 uc_errno(UIntPtr eng)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl)>]
extern IntPtr uc_strerror(Int32 err)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl, EntryPoint = "uc_hook_add")>]
extern Int32 uc_hook_add_noarg(UIntPtr eng, UIntPtr hh, Int32 callbackType, UIntPtr callback, IntPtr userData)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl, EntryPoint = "uc_hook_add")>]
extern Int32 uc_hook_add_arg0(UIntPtr eng, UIntPtr hh, Int32 callbackType, UIntPtr callback, IntPtr userData, Int32 arg0)
[<DllImport("unicorn", CallingConvention = CallingConvention.Cdecl, EntryPoint = "uc_hook_add")>]
extern Int32 uc_hook_add_arg0_arg1(UIntPtr eng, UIntPtr hh, Int32 callbackType, UIntPtr callback, IntPtr userData, UInt64 arg0, UInt64 arg1)
let instance =
{new IBinding with
member thi.Version(major, minor) = uc_version(major, minor)
member thi.UcOpen(arch, mode, uc) = uc_open(arch, mode, uc)
member thi.Close(eng) = uc_close(eng)
member thi.MemMap(eng, adress, size, perm) = uc_mem_map(eng, adress, size, perm)
member thi.MemWrite(eng, adress, value, size) = uc_mem_write(eng, adress, value, size)
member thi.MemRead(eng, adress, value, size) = uc_mem_read(eng, adress, value, size)
member thi.RegWrite(eng, regId, value) = uc_reg_write(eng, regId, value)
member thi.RegRead(eng, regId, value) = uc_reg_read(eng, regId, value)
member thi.EmuStart(eng, beginAddr, untilAddr, timeout, count) = uc_emu_start(eng, beginAddr, untilAddr, timeout, count)
member thi.EmuStop(eng) = uc_emu_stop(eng)
member this.HookDel(eng, hook) = uc_hook_del(eng, hook)
member thi.ArchSupported(arch) = uc_arch_supported(arch)
member thi.Errono(eng) = uc_errno(eng)
member thi.Strerror(err) = uc_strerror(err)
member this.MemMapPtr(eng, address, size, perms, ptr) = uc_mem_map_ptr(eng, address, size, perms, ptr)
member this.MemUnmap(eng, address, size) = uc_mem_unmap(eng, address, size)
member this.MemProtect(eng, address, size, perms) = uc_mem_protect(eng, address, size, perms)
member thi.HookAddNoarg(eng, hh, callbackType, callback, userData) = uc_hook_add_noarg(eng, hh, callbackType, callback, userData)
member thi.HookAddArg0(eng, hh, callbackType, callback, userData, arg0) = uc_hook_add_arg0(eng, hh, callbackType, callback, userData, arg0)
member thi.HookAddArg0Arg1(eng, hh, callbackType, callback, userData, arg0, arg1) = uc_hook_add_arg0_arg1(eng, hh, callbackType, callback, userData, arg0, arg1)
}

View File

@ -0,0 +1,133 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornManaged.Const
open System
[<AutoOpen>]
module Arm =
// ARM registers
let UC_ARM_REG_INVALID = 0
let UC_ARM_REG_APSR = 1
let UC_ARM_REG_APSR_NZCV = 2
let UC_ARM_REG_CPSR = 3
let UC_ARM_REG_FPEXC = 4
let UC_ARM_REG_FPINST = 5
let UC_ARM_REG_FPSCR = 6
let UC_ARM_REG_FPSCR_NZCV = 7
let UC_ARM_REG_FPSID = 8
let UC_ARM_REG_ITSTATE = 9
let UC_ARM_REG_LR = 10
let UC_ARM_REG_PC = 11
let UC_ARM_REG_SP = 12
let UC_ARM_REG_SPSR = 13
let UC_ARM_REG_D0 = 14
let UC_ARM_REG_D1 = 15
let UC_ARM_REG_D2 = 16
let UC_ARM_REG_D3 = 17
let UC_ARM_REG_D4 = 18
let UC_ARM_REG_D5 = 19
let UC_ARM_REG_D6 = 20
let UC_ARM_REG_D7 = 21
let UC_ARM_REG_D8 = 22
let UC_ARM_REG_D9 = 23
let UC_ARM_REG_D10 = 24
let UC_ARM_REG_D11 = 25
let UC_ARM_REG_D12 = 26
let UC_ARM_REG_D13 = 27
let UC_ARM_REG_D14 = 28
let UC_ARM_REG_D15 = 29
let UC_ARM_REG_D16 = 30
let UC_ARM_REG_D17 = 31
let UC_ARM_REG_D18 = 32
let UC_ARM_REG_D19 = 33
let UC_ARM_REG_D20 = 34
let UC_ARM_REG_D21 = 35
let UC_ARM_REG_D22 = 36
let UC_ARM_REG_D23 = 37
let UC_ARM_REG_D24 = 38
let UC_ARM_REG_D25 = 39
let UC_ARM_REG_D26 = 40
let UC_ARM_REG_D27 = 41
let UC_ARM_REG_D28 = 42
let UC_ARM_REG_D29 = 43
let UC_ARM_REG_D30 = 44
let UC_ARM_REG_D31 = 45
let UC_ARM_REG_FPINST2 = 46
let UC_ARM_REG_MVFR0 = 47
let UC_ARM_REG_MVFR1 = 48
let UC_ARM_REG_MVFR2 = 49
let UC_ARM_REG_Q0 = 50
let UC_ARM_REG_Q1 = 51
let UC_ARM_REG_Q2 = 52
let UC_ARM_REG_Q3 = 53
let UC_ARM_REG_Q4 = 54
let UC_ARM_REG_Q5 = 55
let UC_ARM_REG_Q6 = 56
let UC_ARM_REG_Q7 = 57
let UC_ARM_REG_Q8 = 58
let UC_ARM_REG_Q9 = 59
let UC_ARM_REG_Q10 = 60
let UC_ARM_REG_Q11 = 61
let UC_ARM_REG_Q12 = 62
let UC_ARM_REG_Q13 = 63
let UC_ARM_REG_Q14 = 64
let UC_ARM_REG_Q15 = 65
let UC_ARM_REG_R0 = 66
let UC_ARM_REG_R1 = 67
let UC_ARM_REG_R2 = 68
let UC_ARM_REG_R3 = 69
let UC_ARM_REG_R4 = 70
let UC_ARM_REG_R5 = 71
let UC_ARM_REG_R6 = 72
let UC_ARM_REG_R7 = 73
let UC_ARM_REG_R8 = 74
let UC_ARM_REG_R9 = 75
let UC_ARM_REG_R10 = 76
let UC_ARM_REG_R11 = 77
let UC_ARM_REG_R12 = 78
let UC_ARM_REG_S0 = 79
let UC_ARM_REG_S1 = 80
let UC_ARM_REG_S2 = 81
let UC_ARM_REG_S3 = 82
let UC_ARM_REG_S4 = 83
let UC_ARM_REG_S5 = 84
let UC_ARM_REG_S6 = 85
let UC_ARM_REG_S7 = 86
let UC_ARM_REG_S8 = 87
let UC_ARM_REG_S9 = 88
let UC_ARM_REG_S10 = 89
let UC_ARM_REG_S11 = 90
let UC_ARM_REG_S12 = 91
let UC_ARM_REG_S13 = 92
let UC_ARM_REG_S14 = 93
let UC_ARM_REG_S15 = 94
let UC_ARM_REG_S16 = 95
let UC_ARM_REG_S17 = 96
let UC_ARM_REG_S18 = 97
let UC_ARM_REG_S19 = 98
let UC_ARM_REG_S20 = 99
let UC_ARM_REG_S21 = 100
let UC_ARM_REG_S22 = 101
let UC_ARM_REG_S23 = 102
let UC_ARM_REG_S24 = 103
let UC_ARM_REG_S25 = 104
let UC_ARM_REG_S26 = 105
let UC_ARM_REG_S27 = 106
let UC_ARM_REG_S28 = 107
let UC_ARM_REG_S29 = 108
let UC_ARM_REG_S30 = 109
let UC_ARM_REG_S31 = 110
let UC_ARM_REG_ENDING = 111
// alias registers
let UC_ARM_REG_R13 = 12
let UC_ARM_REG_R14 = 10
let UC_ARM_REG_R15 = 11
let UC_ARM_REG_SB = 75
let UC_ARM_REG_SL = 76
let UC_ARM_REG_FP = 77
let UC_ARM_REG_IP = 78

View File

@ -0,0 +1,282 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornManaged.Const
open System
[<AutoOpen>]
module Arm64 =
// ARM64 registers
let UC_ARM64_REG_INVALID = 0
let UC_ARM64_REG_X29 = 1
let UC_ARM64_REG_X30 = 2
let UC_ARM64_REG_NZCV = 3
let UC_ARM64_REG_SP = 4
let UC_ARM64_REG_WSP = 5
let UC_ARM64_REG_WZR = 6
let UC_ARM64_REG_XZR = 7
let UC_ARM64_REG_B0 = 8
let UC_ARM64_REG_B1 = 9
let UC_ARM64_REG_B2 = 10
let UC_ARM64_REG_B3 = 11
let UC_ARM64_REG_B4 = 12
let UC_ARM64_REG_B5 = 13
let UC_ARM64_REG_B6 = 14
let UC_ARM64_REG_B7 = 15
let UC_ARM64_REG_B8 = 16
let UC_ARM64_REG_B9 = 17
let UC_ARM64_REG_B10 = 18
let UC_ARM64_REG_B11 = 19
let UC_ARM64_REG_B12 = 20
let UC_ARM64_REG_B13 = 21
let UC_ARM64_REG_B14 = 22
let UC_ARM64_REG_B15 = 23
let UC_ARM64_REG_B16 = 24
let UC_ARM64_REG_B17 = 25
let UC_ARM64_REG_B18 = 26
let UC_ARM64_REG_B19 = 27
let UC_ARM64_REG_B20 = 28
let UC_ARM64_REG_B21 = 29
let UC_ARM64_REG_B22 = 30
let UC_ARM64_REG_B23 = 31
let UC_ARM64_REG_B24 = 32
let UC_ARM64_REG_B25 = 33
let UC_ARM64_REG_B26 = 34
let UC_ARM64_REG_B27 = 35
let UC_ARM64_REG_B28 = 36
let UC_ARM64_REG_B29 = 37
let UC_ARM64_REG_B30 = 38
let UC_ARM64_REG_B31 = 39
let UC_ARM64_REG_D0 = 40
let UC_ARM64_REG_D1 = 41
let UC_ARM64_REG_D2 = 42
let UC_ARM64_REG_D3 = 43
let UC_ARM64_REG_D4 = 44
let UC_ARM64_REG_D5 = 45
let UC_ARM64_REG_D6 = 46
let UC_ARM64_REG_D7 = 47
let UC_ARM64_REG_D8 = 48
let UC_ARM64_REG_D9 = 49
let UC_ARM64_REG_D10 = 50
let UC_ARM64_REG_D11 = 51
let UC_ARM64_REG_D12 = 52
let UC_ARM64_REG_D13 = 53
let UC_ARM64_REG_D14 = 54
let UC_ARM64_REG_D15 = 55
let UC_ARM64_REG_D16 = 56
let UC_ARM64_REG_D17 = 57
let UC_ARM64_REG_D18 = 58
let UC_ARM64_REG_D19 = 59
let UC_ARM64_REG_D20 = 60
let UC_ARM64_REG_D21 = 61
let UC_ARM64_REG_D22 = 62
let UC_ARM64_REG_D23 = 63
let UC_ARM64_REG_D24 = 64
let UC_ARM64_REG_D25 = 65
let UC_ARM64_REG_D26 = 66
let UC_ARM64_REG_D27 = 67
let UC_ARM64_REG_D28 = 68
let UC_ARM64_REG_D29 = 69
let UC_ARM64_REG_D30 = 70
let UC_ARM64_REG_D31 = 71
let UC_ARM64_REG_H0 = 72
let UC_ARM64_REG_H1 = 73
let UC_ARM64_REG_H2 = 74
let UC_ARM64_REG_H3 = 75
let UC_ARM64_REG_H4 = 76
let UC_ARM64_REG_H5 = 77
let UC_ARM64_REG_H6 = 78
let UC_ARM64_REG_H7 = 79
let UC_ARM64_REG_H8 = 80
let UC_ARM64_REG_H9 = 81
let UC_ARM64_REG_H10 = 82
let UC_ARM64_REG_H11 = 83
let UC_ARM64_REG_H12 = 84
let UC_ARM64_REG_H13 = 85
let UC_ARM64_REG_H14 = 86
let UC_ARM64_REG_H15 = 87
let UC_ARM64_REG_H16 = 88
let UC_ARM64_REG_H17 = 89
let UC_ARM64_REG_H18 = 90
let UC_ARM64_REG_H19 = 91
let UC_ARM64_REG_H20 = 92
let UC_ARM64_REG_H21 = 93
let UC_ARM64_REG_H22 = 94
let UC_ARM64_REG_H23 = 95
let UC_ARM64_REG_H24 = 96
let UC_ARM64_REG_H25 = 97
let UC_ARM64_REG_H26 = 98
let UC_ARM64_REG_H27 = 99
let UC_ARM64_REG_H28 = 100
let UC_ARM64_REG_H29 = 101
let UC_ARM64_REG_H30 = 102
let UC_ARM64_REG_H31 = 103
let UC_ARM64_REG_Q0 = 104
let UC_ARM64_REG_Q1 = 105
let UC_ARM64_REG_Q2 = 106
let UC_ARM64_REG_Q3 = 107
let UC_ARM64_REG_Q4 = 108
let UC_ARM64_REG_Q5 = 109
let UC_ARM64_REG_Q6 = 110
let UC_ARM64_REG_Q7 = 111
let UC_ARM64_REG_Q8 = 112
let UC_ARM64_REG_Q9 = 113
let UC_ARM64_REG_Q10 = 114
let UC_ARM64_REG_Q11 = 115
let UC_ARM64_REG_Q12 = 116
let UC_ARM64_REG_Q13 = 117
let UC_ARM64_REG_Q14 = 118
let UC_ARM64_REG_Q15 = 119
let UC_ARM64_REG_Q16 = 120
let UC_ARM64_REG_Q17 = 121
let UC_ARM64_REG_Q18 = 122
let UC_ARM64_REG_Q19 = 123
let UC_ARM64_REG_Q20 = 124
let UC_ARM64_REG_Q21 = 125
let UC_ARM64_REG_Q22 = 126
let UC_ARM64_REG_Q23 = 127
let UC_ARM64_REG_Q24 = 128
let UC_ARM64_REG_Q25 = 129
let UC_ARM64_REG_Q26 = 130
let UC_ARM64_REG_Q27 = 131
let UC_ARM64_REG_Q28 = 132
let UC_ARM64_REG_Q29 = 133
let UC_ARM64_REG_Q30 = 134
let UC_ARM64_REG_Q31 = 135
let UC_ARM64_REG_S0 = 136
let UC_ARM64_REG_S1 = 137
let UC_ARM64_REG_S2 = 138
let UC_ARM64_REG_S3 = 139
let UC_ARM64_REG_S4 = 140
let UC_ARM64_REG_S5 = 141
let UC_ARM64_REG_S6 = 142
let UC_ARM64_REG_S7 = 143
let UC_ARM64_REG_S8 = 144
let UC_ARM64_REG_S9 = 145
let UC_ARM64_REG_S10 = 146
let UC_ARM64_REG_S11 = 147
let UC_ARM64_REG_S12 = 148
let UC_ARM64_REG_S13 = 149
let UC_ARM64_REG_S14 = 150
let UC_ARM64_REG_S15 = 151
let UC_ARM64_REG_S16 = 152
let UC_ARM64_REG_S17 = 153
let UC_ARM64_REG_S18 = 154
let UC_ARM64_REG_S19 = 155
let UC_ARM64_REG_S20 = 156
let UC_ARM64_REG_S21 = 157
let UC_ARM64_REG_S22 = 158
let UC_ARM64_REG_S23 = 159
let UC_ARM64_REG_S24 = 160
let UC_ARM64_REG_S25 = 161
let UC_ARM64_REG_S26 = 162
let UC_ARM64_REG_S27 = 163
let UC_ARM64_REG_S28 = 164
let UC_ARM64_REG_S29 = 165
let UC_ARM64_REG_S30 = 166
let UC_ARM64_REG_S31 = 167
let UC_ARM64_REG_W0 = 168
let UC_ARM64_REG_W1 = 169
let UC_ARM64_REG_W2 = 170
let UC_ARM64_REG_W3 = 171
let UC_ARM64_REG_W4 = 172
let UC_ARM64_REG_W5 = 173
let UC_ARM64_REG_W6 = 174
let UC_ARM64_REG_W7 = 175
let UC_ARM64_REG_W8 = 176
let UC_ARM64_REG_W9 = 177
let UC_ARM64_REG_W10 = 178
let UC_ARM64_REG_W11 = 179
let UC_ARM64_REG_W12 = 180
let UC_ARM64_REG_W13 = 181
let UC_ARM64_REG_W14 = 182
let UC_ARM64_REG_W15 = 183
let UC_ARM64_REG_W16 = 184
let UC_ARM64_REG_W17 = 185
let UC_ARM64_REG_W18 = 186
let UC_ARM64_REG_W19 = 187
let UC_ARM64_REG_W20 = 188
let UC_ARM64_REG_W21 = 189
let UC_ARM64_REG_W22 = 190
let UC_ARM64_REG_W23 = 191
let UC_ARM64_REG_W24 = 192
let UC_ARM64_REG_W25 = 193
let UC_ARM64_REG_W26 = 194
let UC_ARM64_REG_W27 = 195
let UC_ARM64_REG_W28 = 196
let UC_ARM64_REG_W29 = 197
let UC_ARM64_REG_W30 = 198
let UC_ARM64_REG_X0 = 199
let UC_ARM64_REG_X1 = 200
let UC_ARM64_REG_X2 = 201
let UC_ARM64_REG_X3 = 202
let UC_ARM64_REG_X4 = 203
let UC_ARM64_REG_X5 = 204
let UC_ARM64_REG_X6 = 205
let UC_ARM64_REG_X7 = 206
let UC_ARM64_REG_X8 = 207
let UC_ARM64_REG_X9 = 208
let UC_ARM64_REG_X10 = 209
let UC_ARM64_REG_X11 = 210
let UC_ARM64_REG_X12 = 211
let UC_ARM64_REG_X13 = 212
let UC_ARM64_REG_X14 = 213
let UC_ARM64_REG_X15 = 214
let UC_ARM64_REG_X16 = 215
let UC_ARM64_REG_X17 = 216
let UC_ARM64_REG_X18 = 217
let UC_ARM64_REG_X19 = 218
let UC_ARM64_REG_X20 = 219
let UC_ARM64_REG_X21 = 220
let UC_ARM64_REG_X22 = 221
let UC_ARM64_REG_X23 = 222
let UC_ARM64_REG_X24 = 223
let UC_ARM64_REG_X25 = 224
let UC_ARM64_REG_X26 = 225
let UC_ARM64_REG_X27 = 226
let UC_ARM64_REG_X28 = 227
let UC_ARM64_REG_V0 = 228
let UC_ARM64_REG_V1 = 229
let UC_ARM64_REG_V2 = 230
let UC_ARM64_REG_V3 = 231
let UC_ARM64_REG_V4 = 232
let UC_ARM64_REG_V5 = 233
let UC_ARM64_REG_V6 = 234
let UC_ARM64_REG_V7 = 235
let UC_ARM64_REG_V8 = 236
let UC_ARM64_REG_V9 = 237
let UC_ARM64_REG_V10 = 238
let UC_ARM64_REG_V11 = 239
let UC_ARM64_REG_V12 = 240
let UC_ARM64_REG_V13 = 241
let UC_ARM64_REG_V14 = 242
let UC_ARM64_REG_V15 = 243
let UC_ARM64_REG_V16 = 244
let UC_ARM64_REG_V17 = 245
let UC_ARM64_REG_V18 = 246
let UC_ARM64_REG_V19 = 247
let UC_ARM64_REG_V20 = 248
let UC_ARM64_REG_V21 = 249
let UC_ARM64_REG_V22 = 250
let UC_ARM64_REG_V23 = 251
let UC_ARM64_REG_V24 = 252
let UC_ARM64_REG_V25 = 253
let UC_ARM64_REG_V26 = 254
let UC_ARM64_REG_V27 = 255
let UC_ARM64_REG_V28 = 256
let UC_ARM64_REG_V29 = 257
let UC_ARM64_REG_V30 = 258
let UC_ARM64_REG_V31 = 259
// pseudo registers
let UC_ARM64_REG_PC = 260
let UC_ARM64_REG_ENDING = 261
// alias registers
let UC_ARM64_REG_IP1 = 215
let UC_ARM64_REG_IP0 = 216
let UC_ARM64_REG_FP = 1
let UC_ARM64_REG_LR = 2

View File

@ -0,0 +1,96 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornManaged.Const
open System
[<AutoOpen>]
module Common =
let UC_API_MAJOR = 0
let UC_API_MINOR = 9
let UC_SECOND_SCALE = 1000000
let UC_MILISECOND_SCALE = 1000
let UC_ARCH_ARM = 1
let UC_ARCH_ARM64 = 2
let UC_ARCH_MIPS = 3
let UC_ARCH_X86 = 4
let UC_ARCH_PPC = 5
let UC_ARCH_SPARC = 6
let UC_ARCH_M68K = 7
let UC_ARCH_MAX = 8
let UC_MODE_LITTLE_ENDIAN = 0
let UC_MODE_ARM = 0
let UC_MODE_16 = 2
let UC_MODE_32 = 4
let UC_MODE_64 = 8
let UC_MODE_THUMB = 16
let UC_MODE_MCLASS = 32
let UC_MODE_V8 = 64
let UC_MODE_MICRO = 16
let UC_MODE_MIPS3 = 32
let UC_MODE_MIPS32R6 = 64
let UC_MODE_V9 = 16
let UC_MODE_QPX = 16
let UC_MODE_BIG_ENDIAN = 1073741824
let UC_MODE_MIPS32 = 4
let UC_MODE_MIPS64 = 8
let UC_ERR_OK = 0
let UC_ERR_NOMEM = 1
let UC_ERR_ARCH = 2
let UC_ERR_HANDLE = 3
let UC_ERR_MODE = 4
let UC_ERR_VERSION = 5
let UC_ERR_READ_UNMAPPED = 6
let UC_ERR_WRITE_UNMAPPED = 7
let UC_ERR_FETCH_UNMAPPED = 8
let UC_ERR_HOOK = 9
let UC_ERR_INSN_INVALID = 10
let UC_ERR_MAP = 11
let UC_ERR_WRITE_PROT = 12
let UC_ERR_READ_PROT = 13
let UC_ERR_FETCH_PROT = 14
let UC_ERR_ARG = 15
let UC_ERR_READ_UNALIGNED = 16
let UC_ERR_WRITE_UNALIGNED = 17
let UC_ERR_FETCH_UNALIGNED = 18
let UC_ERR_HOOK_EXIST = 19
let UC_ERR_RESOURCE = 20
let UC_MEM_READ = 16
let UC_MEM_WRITE = 17
let UC_MEM_FETCH = 18
let UC_MEM_READ_UNMAPPED = 19
let UC_MEM_WRITE_UNMAPPED = 20
let UC_MEM_FETCH_UNMAPPED = 21
let UC_MEM_WRITE_PROT = 22
let UC_MEM_READ_PROT = 23
let UC_MEM_FETCH_PROT = 24
let UC_HOOK_INTR = 1
let UC_HOOK_INSN = 2
let UC_HOOK_CODE = 4
let UC_HOOK_BLOCK = 8
let UC_HOOK_MEM_READ_UNMAPPED = 16
let UC_HOOK_MEM_WRITE_UNMAPPED = 32
let UC_HOOK_MEM_FETCH_UNMAPPED = 64
let UC_HOOK_MEM_READ_PROT = 128
let UC_HOOK_MEM_WRITE_PROT = 256
let UC_HOOK_MEM_FETCH_PROT = 512
let UC_HOOK_MEM_READ = 1024
let UC_HOOK_MEM_WRITE = 2048
let UC_HOOK_MEM_FETCH = 4096
let UC_HOOK_MEM_UNMAPPED = 112
let UC_HOOK_MEM_PROT = 896
let UC_HOOK_MEM_READ_INVALID = 144
let UC_HOOK_MEM_WRITE_INVALID = 288
let UC_HOOK_MEM_FETCH_INVALID = 576
let UC_HOOK_MEM_INVALID = 1008
let UC_PROT_NONE = 0
let UC_PROT_READ = 1
let UC_PROT_WRITE = 2
let UC_PROT_EXEC = 4
let UC_PROT_ALL = 7

View File

@ -0,0 +1,32 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornManaged.Const
open System
[<AutoOpen>]
module M68k =
// M68K registers
let UC_M68K_REG_INVALID = 0
let UC_M68K_REG_A0 = 1
let UC_M68K_REG_A1 = 2
let UC_M68K_REG_A2 = 3
let UC_M68K_REG_A3 = 4
let UC_M68K_REG_A4 = 5
let UC_M68K_REG_A5 = 6
let UC_M68K_REG_A6 = 7
let UC_M68K_REG_A7 = 8
let UC_M68K_REG_D0 = 9
let UC_M68K_REG_D1 = 10
let UC_M68K_REG_D2 = 11
let UC_M68K_REG_D3 = 12
let UC_M68K_REG_D4 = 13
let UC_M68K_REG_D5 = 14
let UC_M68K_REG_D6 = 15
let UC_M68K_REG_D7 = 16
let UC_M68K_REG_SR = 17
let UC_M68K_REG_PC = 18
let UC_M68K_REG_ENDING = 19

View File

@ -0,0 +1,203 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornManaged.Const
open System
[<AutoOpen>]
module Mips =
// MIPS registers
let UC_MIPS_REG_INVALID = 0
// General purpose registers
let UC_MIPS_REG_PC = 1
let UC_MIPS_REG_0 = 2
let UC_MIPS_REG_1 = 3
let UC_MIPS_REG_2 = 4
let UC_MIPS_REG_3 = 5
let UC_MIPS_REG_4 = 6
let UC_MIPS_REG_5 = 7
let UC_MIPS_REG_6 = 8
let UC_MIPS_REG_7 = 9
let UC_MIPS_REG_8 = 10
let UC_MIPS_REG_9 = 11
let UC_MIPS_REG_10 = 12
let UC_MIPS_REG_11 = 13
let UC_MIPS_REG_12 = 14
let UC_MIPS_REG_13 = 15
let UC_MIPS_REG_14 = 16
let UC_MIPS_REG_15 = 17
let UC_MIPS_REG_16 = 18
let UC_MIPS_REG_17 = 19
let UC_MIPS_REG_18 = 20
let UC_MIPS_REG_19 = 21
let UC_MIPS_REG_20 = 22
let UC_MIPS_REG_21 = 23
let UC_MIPS_REG_22 = 24
let UC_MIPS_REG_23 = 25
let UC_MIPS_REG_24 = 26
let UC_MIPS_REG_25 = 27
let UC_MIPS_REG_26 = 28
let UC_MIPS_REG_27 = 29
let UC_MIPS_REG_28 = 30
let UC_MIPS_REG_29 = 31
let UC_MIPS_REG_30 = 32
let UC_MIPS_REG_31 = 33
// DSP registers
let UC_MIPS_REG_DSPCCOND = 34
let UC_MIPS_REG_DSPCARRY = 35
let UC_MIPS_REG_DSPEFI = 36
let UC_MIPS_REG_DSPOUTFLAG = 37
let UC_MIPS_REG_DSPOUTFLAG16_19 = 38
let UC_MIPS_REG_DSPOUTFLAG20 = 39
let UC_MIPS_REG_DSPOUTFLAG21 = 40
let UC_MIPS_REG_DSPOUTFLAG22 = 41
let UC_MIPS_REG_DSPOUTFLAG23 = 42
let UC_MIPS_REG_DSPPOS = 43
let UC_MIPS_REG_DSPSCOUNT = 44
// ACC registers
let UC_MIPS_REG_AC0 = 45
let UC_MIPS_REG_AC1 = 46
let UC_MIPS_REG_AC2 = 47
let UC_MIPS_REG_AC3 = 48
// COP registers
let UC_MIPS_REG_CC0 = 49
let UC_MIPS_REG_CC1 = 50
let UC_MIPS_REG_CC2 = 51
let UC_MIPS_REG_CC3 = 52
let UC_MIPS_REG_CC4 = 53
let UC_MIPS_REG_CC5 = 54
let UC_MIPS_REG_CC6 = 55
let UC_MIPS_REG_CC7 = 56
// FPU registers
let UC_MIPS_REG_F0 = 57
let UC_MIPS_REG_F1 = 58
let UC_MIPS_REG_F2 = 59
let UC_MIPS_REG_F3 = 60
let UC_MIPS_REG_F4 = 61
let UC_MIPS_REG_F5 = 62
let UC_MIPS_REG_F6 = 63
let UC_MIPS_REG_F7 = 64
let UC_MIPS_REG_F8 = 65
let UC_MIPS_REG_F9 = 66
let UC_MIPS_REG_F10 = 67
let UC_MIPS_REG_F11 = 68
let UC_MIPS_REG_F12 = 69
let UC_MIPS_REG_F13 = 70
let UC_MIPS_REG_F14 = 71
let UC_MIPS_REG_F15 = 72
let UC_MIPS_REG_F16 = 73
let UC_MIPS_REG_F17 = 74
let UC_MIPS_REG_F18 = 75
let UC_MIPS_REG_F19 = 76
let UC_MIPS_REG_F20 = 77
let UC_MIPS_REG_F21 = 78
let UC_MIPS_REG_F22 = 79
let UC_MIPS_REG_F23 = 80
let UC_MIPS_REG_F24 = 81
let UC_MIPS_REG_F25 = 82
let UC_MIPS_REG_F26 = 83
let UC_MIPS_REG_F27 = 84
let UC_MIPS_REG_F28 = 85
let UC_MIPS_REG_F29 = 86
let UC_MIPS_REG_F30 = 87
let UC_MIPS_REG_F31 = 88
let UC_MIPS_REG_FCC0 = 89
let UC_MIPS_REG_FCC1 = 90
let UC_MIPS_REG_FCC2 = 91
let UC_MIPS_REG_FCC3 = 92
let UC_MIPS_REG_FCC4 = 93
let UC_MIPS_REG_FCC5 = 94
let UC_MIPS_REG_FCC6 = 95
let UC_MIPS_REG_FCC7 = 96
// AFPR128
let UC_MIPS_REG_W0 = 97
let UC_MIPS_REG_W1 = 98
let UC_MIPS_REG_W2 = 99
let UC_MIPS_REG_W3 = 100
let UC_MIPS_REG_W4 = 101
let UC_MIPS_REG_W5 = 102
let UC_MIPS_REG_W6 = 103
let UC_MIPS_REG_W7 = 104
let UC_MIPS_REG_W8 = 105
let UC_MIPS_REG_W9 = 106
let UC_MIPS_REG_W10 = 107
let UC_MIPS_REG_W11 = 108
let UC_MIPS_REG_W12 = 109
let UC_MIPS_REG_W13 = 110
let UC_MIPS_REG_W14 = 111
let UC_MIPS_REG_W15 = 112
let UC_MIPS_REG_W16 = 113
let UC_MIPS_REG_W17 = 114
let UC_MIPS_REG_W18 = 115
let UC_MIPS_REG_W19 = 116
let UC_MIPS_REG_W20 = 117
let UC_MIPS_REG_W21 = 118
let UC_MIPS_REG_W22 = 119
let UC_MIPS_REG_W23 = 120
let UC_MIPS_REG_W24 = 121
let UC_MIPS_REG_W25 = 122
let UC_MIPS_REG_W26 = 123
let UC_MIPS_REG_W27 = 124
let UC_MIPS_REG_W28 = 125
let UC_MIPS_REG_W29 = 126
let UC_MIPS_REG_W30 = 127
let UC_MIPS_REG_W31 = 128
let UC_MIPS_REG_HI = 129
let UC_MIPS_REG_LO = 130
let UC_MIPS_REG_P0 = 131
let UC_MIPS_REG_P1 = 132
let UC_MIPS_REG_P2 = 133
let UC_MIPS_REG_MPL0 = 134
let UC_MIPS_REG_MPL1 = 135
let UC_MIPS_REG_MPL2 = 136
let UC_MIPS_REG_ENDING = 137
let UC_MIPS_REG_ZERO = 2
let UC_MIPS_REG_AT = 3
let UC_MIPS_REG_V0 = 4
let UC_MIPS_REG_V1 = 5
let UC_MIPS_REG_A0 = 6
let UC_MIPS_REG_A1 = 7
let UC_MIPS_REG_A2 = 8
let UC_MIPS_REG_A3 = 9
let UC_MIPS_REG_T0 = 10
let UC_MIPS_REG_T1 = 11
let UC_MIPS_REG_T2 = 12
let UC_MIPS_REG_T3 = 13
let UC_MIPS_REG_T4 = 14
let UC_MIPS_REG_T5 = 15
let UC_MIPS_REG_T6 = 16
let UC_MIPS_REG_T7 = 17
let UC_MIPS_REG_S0 = 18
let UC_MIPS_REG_S1 = 19
let UC_MIPS_REG_S2 = 20
let UC_MIPS_REG_S3 = 21
let UC_MIPS_REG_S4 = 22
let UC_MIPS_REG_S5 = 23
let UC_MIPS_REG_S6 = 24
let UC_MIPS_REG_S7 = 25
let UC_MIPS_REG_T8 = 26
let UC_MIPS_REG_T9 = 27
let UC_MIPS_REG_K0 = 28
let UC_MIPS_REG_K1 = 29
let UC_MIPS_REG_GP = 30
let UC_MIPS_REG_SP = 31
let UC_MIPS_REG_FP = 32
let UC_MIPS_REG_S8 = 32
let UC_MIPS_REG_RA = 33
let UC_MIPS_REG_HI0 = 45
let UC_MIPS_REG_HI1 = 46
let UC_MIPS_REG_HI2 = 47
let UC_MIPS_REG_HI3 = 48
let UC_MIPS_REG_LO0 = 45
let UC_MIPS_REG_LO1 = 46
let UC_MIPS_REG_LO2 = 47
let UC_MIPS_REG_LO3 = 48

View File

@ -0,0 +1,104 @@
// For Unicorn Engine. AUTO-GENERATED FILE, DO NOT EDIT
namespace UnicornManaged.Const
open System
[<AutoOpen>]
module Sparc =
// SPARC registers
let UC_SPARC_REG_INVALID = 0
let UC_SPARC_REG_F0 = 1
let UC_SPARC_REG_F1 = 2
let UC_SPARC_REG_F2 = 3
let UC_SPARC_REG_F3 = 4
let UC_SPARC_REG_F4 = 5
let UC_SPARC_REG_F5 = 6
let UC_SPARC_REG_F6 = 7
let UC_SPARC_REG_F7 = 8
let UC_SPARC_REG_F8 = 9
let UC_SPARC_REG_F9 = 10
let UC_SPARC_REG_F10 = 11
let UC_SPARC_REG_F11 = 12
let UC_SPARC_REG_F12 = 13
let UC_SPARC_REG_F13 = 14
let UC_SPARC_REG_F14 = 15
let UC_SPARC_REG_F15 = 16
let UC_SPARC_REG_F16 = 17
let UC_SPARC_REG_F17 = 18
let UC_SPARC_REG_F18 = 19
let UC_SPARC_REG_F19 = 20
let UC_SPARC_REG_F20 = 21
let UC_SPARC_REG_F21 = 22
let UC_SPARC_REG_F22 = 23
let UC_SPARC_REG_F23 = 24
let UC_SPARC_REG_F24 = 25
let UC_SPARC_REG_F25 = 26
let UC_SPARC_REG_F26 = 27
let UC_SPARC_REG_F27 = 28
let UC_SPARC_REG_F28 = 29
let UC_SPARC_REG_F29 = 30
let UC_SPARC_REG_F30 = 31
let UC_SPARC_REG_F31 = 32
let UC_SPARC_REG_F32 = 33
let UC_SPARC_REG_F34 = 34
let UC_SPARC_REG_F36 = 35
let UC_SPARC_REG_F38 = 36
let UC_SPARC_REG_F40 = 37
let UC_SPARC_REG_F42 = 38
let UC_SPARC_REG_F44 = 39
let UC_SPARC_REG_F46 = 40
let UC_SPARC_REG_F48 = 41
let UC_SPARC_REG_F50 = 42
let UC_SPARC_REG_F52 = 43
let UC_SPARC_REG_F54 = 44
let UC_SPARC_REG_F56 = 45
let UC_SPARC_REG_F58 = 46
let UC_SPARC_REG_F60 = 47
let UC_SPARC_REG_F62 = 48
let UC_SPARC_REG_FCC0 = 49
let UC_SPARC_REG_FCC1 = 50
let UC_SPARC_REG_FCC2 = 51
let UC_SPARC_REG_FCC3 = 52
let UC_SPARC_REG_G0 = 53
let UC_SPARC_REG_G1 = 54
let UC_SPARC_REG_G2 = 55
let UC_SPARC_REG_G3 = 56
let UC_SPARC_REG_G4 = 57
let UC_SPARC_REG_G5 = 58
let UC_SPARC_REG_G6 = 59
let UC_SPARC_REG_G7 = 60
let UC_SPARC_REG_I0 = 61
let UC_SPARC_REG_I1 = 62
let UC_SPARC_REG_I2 = 63
let UC_SPARC_REG_I3 = 64
let UC_SPARC_REG_I4 = 65
let UC_SPARC_REG_I5 = 66
let UC_SPARC_REG_FP = 67
let UC_SPARC_REG_I7 = 68
let UC_SPARC_REG_ICC = 69
let UC_SPARC_REG_L0 = 70
let UC_SPARC_REG_L1 = 71
let UC_SPARC_REG_L2 = 72
let UC_SPARC_REG_L3 = 73
let UC_SPARC_REG_L4 = 74
let UC_SPARC_REG_L5 = 75
let UC_SPARC_REG_L6 = 76
let UC_SPARC_REG_L7 = 77
let UC_SPARC_REG_O0 = 78
let UC_SPARC_REG_O1 = 79
let UC_SPARC_REG_O2 = 80
let UC_SPARC_REG_O3 = 81
let UC_SPARC_REG_O4 = 82
let UC_SPARC_REG_O5 = 83
let UC_SPARC_REG_SP = 84
let UC_SPARC_REG_O7 = 85
let UC_SPARC_REG_Y = 86
let UC_SPARC_REG_XCC = 87
let UC_SPARC_REG_PC = 88
let UC_SPARC_REG_ENDING = 89
let UC_SPARC_REG_O6 = 84
let UC_SPARC_REG_I6 = 67

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,21 @@
namespace UnicornManaged
open System
[<AutoOpen>]
module internal ConvertUtility =
let int64ToBytes(v: Int64) =
let res = Array.zeroCreate<Byte> 8
let mutable uv = uint64 v
for i = 0 to res.Length-1 do
res.[i] <- byte (uv &&& uint64 0xFF)
uv <- uv >>> 8
res
let bytesToInt64(v: Byte array) =
let mutable res = uint64 0
for i = 0 to v.Length-1 do
let tmpV = v.[i] &&& byte 0xFF
res <- res + (uint64 tmpV <<< (i * 8))
int64 res

View File

@ -0,0 +1,32 @@
namespace UnicornManaged
open System
open System.Runtime.InteropServices
// internal hooks to be passed to native Unicorn library
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal CodeHookInternal = delegate of IntPtr * Int64 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal BlockHookInternal = delegate of IntPtr * Int64 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal InterruptHookInternal = delegate of IntPtr * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal MemReadHookInternal = delegate of IntPtr * Int64 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal MemWriteHookInternal = delegate of IntPtr * Int64 * Int32 * Int64 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal EventMemHookInternal = delegate of IntPtr * Int32 * Int64 * Int32 * Int64 * IntPtr-> Boolean
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal InHookInternal = delegate of IntPtr * Int32 * Int32 * IntPtr -> Int32
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal OutHookInternal = delegate of IntPtr * Int32 * Int32 * Int32 * IntPtr -> unit
[<UnmanagedFunctionPointer(CallingConvention.Cdecl)>]
type internal SyscallHookInternal = delegate of IntPtr * IntPtr -> unit

View File

@ -0,0 +1,343 @@
namespace UnicornManaged
open System
open System.Threading
open System.Collections.Generic
open System.Runtime.InteropServices
open System.Linq
open UnicornManaged.Const
open UnicornManaged.Binding
// exported hooks
type CodeHook = delegate of Unicorn * Int64 * Int32 * Object -> unit
and BlockHook = delegate of Unicorn * Int64 * Int32 * Object -> unit
and InterruptHook = delegate of Unicorn * Int32 * Object -> unit
and MemReadHook = delegate of Unicorn * Int64 * Int32 * Object -> unit
and MemWriteHook = delegate of Unicorn * Int64 * Int32 * Int64 * Object -> unit
and EventMemHook = delegate of Unicorn * Int32 * Int64 * Int32 * Int64 * Object -> Boolean
and InHook = delegate of Unicorn * Int32 * Int32 * Object -> Int32
and OutHook = delegate of Unicorn * Int32 * Int32 * Int32 * Object -> unit
and SyscallHook = delegate of Unicorn * Object -> unit
// the managed unicorn engine
and Unicorn(arch: Int32, mode: Int32, binding: IBinding) =
// hook callback list
let _codeHooks = new List<(CodeHook * Object)>()
let _blockHooks = new List<(BlockHook * Object)>()
let _interruptHooks = new List<(InterruptHook * Object)>()
let _memReadHooks = new List<(MemReadHook * Object)>()
let _memWriteHooks = new List<(MemWriteHook * Object)>()
let _memEventHooks = new Dictionary<Int32, List<(EventMemHook * Object)>>()
let _inHooks = new List<(InHook * Object)>()
let _outHooks = new List<(OutHook * Object)>()
let _syscallHooks = new List<(SyscallHook * Object)>()
let _disposablePointers = new List<nativeint>()
let _eventMemMap =
[
(UC_HOOK_MEM_READ_UNMAPPED, UC_MEM_READ_UNMAPPED)
(UC_HOOK_MEM_WRITE_UNMAPPED, UC_MEM_WRITE_UNMAPPED)
(UC_HOOK_MEM_FETCH_UNMAPPED, UC_MEM_FETCH_UNMAPPED)
(UC_HOOK_MEM_READ_PROT, UC_MEM_READ_PROT)
(UC_HOOK_MEM_WRITE_PROT, UC_MEM_WRITE_PROT)
(UC_HOOK_MEM_FETCH_PROT, UC_MEM_FETCH_PROT)
] |> dict
let mutable _eng = [|UIntPtr.Zero|]
let checkResult(errCode: Int32, errMsg: String) =
if errCode <> Common.UC_ERR_OK then raise(ApplicationException(String.Format("{0}. Error: {1}", errMsg, errCode)))
let hookDel(callbacks: List<'a * Object>) (callback: 'a)=
// TODO: invoke the native function in order to not call the trampoline anymore
callbacks
|> Seq.tryFind(fun item -> match item with | (c, _) -> c = callback)
|> (fun k -> if k.IsSome then callbacks.Remove(k.Value) |> ignore)
let allocate(size: Int32) =
let mem = Marshal.AllocHGlobal(size)
_disposablePointers.Add(mem)
mem.ToPointer()
do
// initialize event list
_eventMemMap
|> Seq.map(fun kv -> kv.Key)
|> Seq.iter (fun eventType -> _memEventHooks.Add(eventType, new List<EventMemHook * Object>()))
// init engine
_eng <- [|new UIntPtr(allocate(IntPtr.Size))|]
let err = binding.UcOpen(uint32 arch, uint32 mode, _eng)
checkResult(err, "Unable to open the Unicorn Engine")
new(arch, mode) = new Unicorn(arch, mode, BindingFactory.getDefault())
member private this.CheckResult(errorCode: Int32) =
// return the exception instead of raising it in order to have a more meaningful stack trace
if errorCode <> Common.UC_ERR_OK then
let errorMessage = this.StrError(errorCode)
Some <| UnicornEngineException(errorCode, errorMessage)
else None
member this.MemMap(address: Int64, size: Int64, perm: Int32) =
let size = new UIntPtr(uint64 size)
match binding.MemMap(_eng.[0], uint64 address, size, uint32 perm) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemMapPtr(address: Int64, size: Int64, perm: Int32, ptr: IntPtr) =
let size = new UIntPtr(uint64 size)
let ptr = new UIntPtr(ptr.ToPointer())
match binding.MemMapPtr(_eng.[0], uint64 address, size, uint32 perm, ptr) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemUnmap(address: Int64, size: Int64) =
let size = new UIntPtr(uint64 size)
match binding.MemUnmap(_eng.[0], uint64 address, size) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemProtect(address: Int64, size: Int64, ?perm: Int32) =
let size = new UIntPtr(uint64 size)
let perm = defaultArg perm Common.UC_PROT_ALL
match binding.MemProtect(_eng.[0], uint64 address, size, uint32 perm) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemWrite(address: Int64, value: Byte array) =
match binding.MemWrite(_eng.[0], uint64 address, value, new UIntPtr(uint32 value.Length)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.MemRead(address: Int64, memValue: Byte array) =
match binding.MemRead(_eng.[0], uint64 address, memValue, new UIntPtr(uint32 memValue.Length)) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.RegWrite(regId: Int32, value: Byte array) =
match binding.RegWrite(_eng.[0], regId, value) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.RegWrite(regId: Int32, value: Int64) =
this.RegWrite(regId, int64ToBytes value)
member this.RegRead(regId: Int32, regValue: Byte array) =
match binding.RegRead(_eng.[0], regId, regValue) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.RegRead(regId: Int32) =
let buffer = Array.zeroCreate<Byte> 8
this.RegRead(regId, buffer)
bytesToInt64 buffer
member this.EmuStart(beginAddr: Int64, untilAddr: Int64, timeout: Int64, count: Int64) =
match binding.EmuStart(_eng.[0], uint64 beginAddr, uint64 untilAddr, uint64 timeout, uint64 count) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.EmuStop() =
match binding.EmuStop(_eng.[0]) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.Close() =
match binding.Close(_eng.[0]) |> this.CheckResult with
| Some e -> raise e | None -> ()
member this.ArchSupported(arch: Int32) =
binding.ArchSupported(arch)
member this.ErrNo() =
binding.Errono(_eng.[0])
member this.StrError(errorNo: Int32) =
let errorStringPointer = binding.Strerror(errorNo)
Marshal.PtrToStringAnsi(errorStringPointer)
member this.AddCodeHook(callback: CodeHook, userData: Object, beginAddr: Int64, endAddr: Int64) =
let trampoline(u: IntPtr) (addr: Int64) (size: Int32) (user: IntPtr) =
_codeHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, addr, size, userData))
if _codeHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new CodeHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0Arg1(_eng.[0], hh, Common.UC_HOOK_CODE, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, uint64 beginAddr, uint64 endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
_codeHooks.Add(callback, userData)
member this.AddCodeHook(callback: CodeHook, beginAddr: Int64, endAddr: Int64) =
this.AddCodeHook(callback, null, beginAddr, endAddr)
member this.HookDel(callback: CodeHook) =
hookDel _codeHooks callback
member this.AddBlockHook(callback: BlockHook, userData: Object, beginAddr: Int64, endAddr: Int64) =
let trampoline(u: IntPtr) (addr: Int64) (size: Int32) (user: IntPtr) =
_blockHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, addr, size, userData))
if _blockHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new BlockHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0Arg1(_eng.[0], hh, Common.UC_HOOK_BLOCK, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, uint64 beginAddr, uint64 endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
_blockHooks.Add(callback, userData)
member this.HookDel(callback: BlockHook) =
hookDel _blockHooks callback
member this.AddInterruptHook(callback: InterruptHook, userData: Object) =
let trampoline(u: IntPtr) (intNumber: Int32) (user: IntPtr) =
_interruptHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, intNumber, userData))
if _interruptHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new InterruptHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddNoarg(_eng.[0], hh, Common.UC_HOOK_INTR, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero) |> this.CheckResult with
| Some e -> raise e | None -> ()
_interruptHooks.Add(callback, userData)
member this.AddInterruptHook(callback: InterruptHook) =
this.AddInterruptHook(callback, null)
member this.HookDel(callback: InterruptHook) =
hookDel _interruptHooks callback
member this.AddMemReadHook(callback: MemReadHook, userData: Object, beginAddr: Int64, endAddr: Int64) =
let trampoline(u: IntPtr) (addr: Int64) (size: Int32) (user: IntPtr) =
_memReadHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, addr, size, userData))
if _memReadHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new MemReadHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0Arg1(_eng.[0], hh, Common.UC_HOOK_MEM_READ, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, uint64 beginAddr, uint64 endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
_memReadHooks.Add(callback, userData)
member this.HookDel(callback: MemReadHook) =
hookDel _memReadHooks callback
member this.AddMemWriteHook(callback: MemWriteHook, userData: Object, beginAddr: Int64, endAddr: Int64) =
let trampoline(u: IntPtr) (addr: Int64) (size: Int32) (value: Int64) (user: IntPtr) =
_memWriteHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, addr, size, value, userData))
if _memWriteHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new MemWriteHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0Arg1(_eng.[0], hh, Common.UC_HOOK_MEM_WRITE, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, uint64 beginAddr, uint64 endAddr) |> this.CheckResult with
| Some e -> raise e | None -> ()
_memWriteHooks.Add(callback, userData)
member this.HookDel(callback: MemWriteHook) =
hookDel _memWriteHooks callback
member this.AddEventMemHook(callback: EventMemHook, eventType: Int32, userData: Object) =
let trampoline(u: IntPtr) (eventType: Int32) (addr: Int64) (size: Int32) (value: Int64) (user: IntPtr) =
_memEventHooks.Keys
|> Seq.filter(fun eventFlag -> (eventType &&& eventFlag) <> 0)
|> Seq.map(fun eventflag -> _memEventHooks.[eventflag])
|> Seq.concat
|> Seq.map(fun (callback, userData) -> callback.Invoke(this, eventType, addr, size, value, userData))
|> Seq.forall id
// register the event if not already done
_memEventHooks.Keys
|> Seq.filter(fun eventFlag -> (eventType &&& eventFlag) <> 0)
|> Seq.filter(fun eventFlag -> _memEventHooks.[eventFlag] |> Seq.isEmpty)
|> Seq.iter(fun eventFlag ->
let funcPointer = Marshal.GetFunctionPointerForDelegate(new EventMemHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddNoarg(_eng.[0], hh, eventFlag, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero) |> this.CheckResult with
| Some e -> raise e | None -> ()
)
// register the callbacks
_memEventHooks.Keys
|> Seq.filter(fun eventFlag -> (eventType &&& eventFlag) <> 0)
|> Seq.iter(fun eventFlag -> _memEventHooks.[eventFlag].Add((callback, userData)))
member this.AddEventMemHook(callback: EventMemHook, eventType: Int32) =
this.AddEventMemHook(callback, eventType, null)
member this.HookDel(callback: EventMemHook) =
let callbacks = (_memEventHooks.Values |> Seq.concat).ToList()
hookDel callbacks callback
member this.AddInHook(callback: InHook, userData: Object) =
let trampoline(u: IntPtr) (port: Int32) (size: Int32) (user: IntPtr) =
_inHooks
|> Seq.map(fun (callback, userData) -> callback.Invoke(this, port, size, userData))
|> Seq.last
if _inHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new InHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0(_eng.[0], hh, Common.UC_HOOK_INSN, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, X86.UC_X86_INS_IN) |> this.CheckResult with
| Some e -> raise e | None -> ()
_inHooks.Add(callback, userData)
member this.AddInHook(callback: InHook) =
this.AddInHook(callback, null)
member this.AddOutHook(callback: OutHook, userData: Object) =
let trampoline(u: IntPtr) (port: Int32) (size: Int32) (value: Int32) (user: IntPtr) =
_outHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, port, size, value, userData))
if _outHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new OutHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0(_eng.[0], hh, Common.UC_HOOK_INSN, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, X86.UC_X86_INS_OUT) |> this.CheckResult with
| Some e -> raise e | None -> ()
_outHooks.Add(callback, userData)
member this.AddOutHook(callback: OutHook) =
this.AddOutHook(callback, null)
member this.AddSyscallHook(callback: SyscallHook, userData: Object) =
let trampoline(u: IntPtr) (user: IntPtr) =
_syscallHooks
|> Seq.iter(fun (callback, userData) -> callback.Invoke(this, userData))
if _syscallHooks |> Seq.isEmpty then
let funcPointer = Marshal.GetFunctionPointerForDelegate(new SyscallHookInternal(trampoline))
let hh = new UIntPtr(allocate(IntPtr.Size))
match binding.HookAddArg0(_eng.[0], hh, Common.UC_HOOK_INSN, new UIntPtr(funcPointer.ToPointer()), IntPtr.Zero, X86.UC_X86_INS_SYSCALL) |> this.CheckResult with
| Some e -> raise e | None -> ()
_syscallHooks.Add(callback, userData)
member this.AddSyscallHook(callback: SyscallHook) =
this.AddSyscallHook(callback, null)
member this.Version() =
let (major, minor) = (new UIntPtr(), new UIntPtr())
let combined = binding.Version(major, minor)
(major.ToUInt32(), minor.ToUInt32(), combined)
abstract Dispose : Boolean -> unit
default this.Dispose(disposing: Boolean) =
if (disposing) then
// free managed resources, this is the default dispose implementation pattern
()
_disposablePointers
|> Seq.filter(fun pointer -> pointer <> IntPtr.Zero)
|> Seq.iter Marshal.FreeHGlobal
_disposablePointers.Clear()
member this.Dispose() =
this.Dispose(true)
GC.SuppressFinalize(this)
override this.Finalize() =
this.Dispose(false)
interface IDisposable with
member this.Dispose() =
this.Dispose()

View File

@ -0,0 +1,9 @@
namespace UnicornManaged
open System
type UnicornEngineException(errNo: Int32, msg: String) =
inherit ApplicationException(msg)
member this.ErrorNo = errNo

View File

@ -1,17 +1,18 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> <Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" /> <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup> <PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<SchemaVersion>2.0</SchemaVersion> <SchemaVersion>2.0</SchemaVersion>
<ProjectGuid>6f0e55fa-a056-45ff-bb24-641457b430a8</ProjectGuid> <ProjectGuid>0c21f1c1-2725-4a46-9022-1905f85822a5</ProjectGuid>
<OutputType>Library</OutputType> <OutputType>Library</OutputType>
<RootNamespace>UnicornSln</RootNamespace> <RootNamespace>UnicornManaged</RootNamespace>
<AssemblyName>UnicornSln</AssemblyName> <AssemblyName>UnicornManaged</AssemblyName>
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion> <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<TargetFSharpCoreVersion>4.3.0.0</TargetFSharpCoreVersion> <TargetFSharpCoreVersion>4.3.1.0</TargetFSharpCoreVersion>
<Name>Unicorn</Name> <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
<Name>UnicornManaged</Name>
<TargetFrameworkProfile /> <TargetFrameworkProfile />
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
@ -22,8 +23,7 @@
<OutputPath>bin\Debug\</OutputPath> <OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants> <DefineConstants>DEBUG;TRACE</DefineConstants>
<WarningLevel>3</WarningLevel> <WarningLevel>3</WarningLevel>
<DocumentationFile>bin\Debug\UnicornSln.XML</DocumentationFile> <DocumentationFile>bin\Debug\UnicornManaged.XML</DocumentationFile>
<PlatformTarget>x86</PlatformTarget>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<DebugType>pdbonly</DebugType> <DebugType>pdbonly</DebugType>
@ -32,7 +32,7 @@
<OutputPath>bin\Release\</OutputPath> <OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants> <DefineConstants>TRACE</DefineConstants>
<WarningLevel>3</WarningLevel> <WarningLevel>3</WarningLevel>
<DocumentationFile>bin\Release\UnicornSln.XML</DocumentationFile> <DocumentationFile>bin\Release\UnicornManaged.XML</DocumentationFile>
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>
<Reference Include="mscorlib" /> <Reference Include="mscorlib" />
@ -44,6 +44,7 @@
<Reference Include="System.Numerics" /> <Reference Include="System.Numerics" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<Compile Include="AssemblyInfo.fs" />
<Compile Include="Const\Arm.fs" /> <Compile Include="Const\Arm.fs" />
<Compile Include="Const\Arm64.fs" /> <Compile Include="Const\Arm64.fs" />
<Compile Include="Const\Common.fs" /> <Compile Include="Const\Common.fs" />
@ -51,9 +52,13 @@
<Compile Include="Const\Mips.fs" /> <Compile Include="Const\Mips.fs" />
<Compile Include="Const\Sparc.fs" /> <Compile Include="Const\Sparc.fs" />
<Compile Include="Const\X86.fs" /> <Compile Include="Const\X86.fs" />
<Compile Include="Hooks.fs" /> <Compile Include="Binding\IBinding.fs" />
<Compile Include="NativeUnicorn.fs" /> <Compile Include="Binding\MockBinding.fs" />
<Compile Include="Binding\NativeBinding.fs" />
<Compile Include="Binding\BindingFactory.fs" />
<Compile Include="UnicornEngineException.fs" /> <Compile Include="UnicornEngineException.fs" />
<Compile Include="InternalHooks.fs" />
<Compile Include="ConvertUtility.fs" />
<Compile Include="Unicorn.fs" /> <Compile Include="Unicorn.fs" />
</ItemGroup> </ItemGroup>
<PropertyGroup> <PropertyGroup>

View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8" ?> <?xml version="1.0" encoding="utf-8"?>
<configuration> <configuration>
<startup> <startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5.1" /> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5"/>
</startup> </startup>
</configuration> </configuration>

View File

@ -0,0 +1,23 @@
using System;
namespace UnicornSamples
{
class Program
{
static void Main(string[] args)
{
// X86 tests 32bit
X86Sample32.X86Code32();
X86Sample32.X86Code32InvalidMemRead();
X86Sample32.X86Code32InvalidMemWriteWithRuntimeFix();
X86Sample32.X86Code32InOut();
// Run all shellcode tests
ShellcodeSample.X86Code32Self();
ShellcodeSample.X86Code32();
Console.Write("Tests completed");
Console.ReadLine();
}
}
}

View File

@ -5,12 +5,12 @@ using System.Runtime.InteropServices;
// General Information about an assembly is controlled through the following // General Information about an assembly is controlled through the following
// set of attributes. Change these attribute values to modify the information // set of attributes. Change these attribute values to modify the information
// associated with an assembly. // associated with an assembly.
[assembly: AssemblyTitle("UnicornTests")] [assembly: AssemblyTitle("UnicornSamples")]
[assembly: AssemblyDescription("")] [assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")] [assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")] [assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("UnicornTests")] [assembly: AssemblyProduct("UnicornSamples")]
[assembly: AssemblyCopyright("Copyright © Antonio Parata 2015")] [assembly: AssemblyCopyright("Copyright © Antonio Parata 2016")]
[assembly: AssemblyTrademark("")] [assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")] [assembly: AssemblyCulture("")]
@ -20,7 +20,7 @@ using System.Runtime.InteropServices;
[assembly: ComVisible(false)] [assembly: ComVisible(false)]
// The following GUID is for the ID of the typelib if this project is exposed to COM // The following GUID is for the ID of the typelib if this project is exposed to COM
[assembly: Guid("29557dcf-999c-44d0-b544-df99f4b06231")] [assembly: Guid("b80b5987-1e24-4309-8bf9-c4f91270f21c")]
// Version information for an assembly consists of the following four values: // Version information for an assembly consists of the following four values:
// //

View File

@ -1,40 +1,22 @@
/* using Gee.External.Capstone;
using Gee.External.Capstone.X86;
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Diagnostics;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using System.Text; using System.Text;
using System.Threading.Tasks; using System.Threading.Tasks;
using UnicornEngine; using UnicornManaged;
using UnicornEngine.Const; using UnicornManaged.Const;
namespace UnicornTests namespace UnicornSamples
{ {
internal class ShellcodeTest internal class ShellcodeSample
{ {
private const UInt64 ADDRESS = 0x1000000; private const Int64 ADDRESS = 0x1000000;
public static void TestX86Code32Self() public static void X86Code32Self()
{ {
Byte[] X86_CODE32_SELF = Byte[] X86_CODE32_SELF =
{ {
@ -44,14 +26,10 @@ namespace UnicornTests
0x6e, 0x89, 0xe3, 0x52, 0x53, 0x89, 0xe1, 0xca, 0x7d, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 0x6e, 0x89, 0xe3, 0x52, 0x53, 0x89, 0xe1, 0xca, 0x7d, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41
}; };
Console.WriteLine(); Run(X86_CODE32_SELF);
Console.WriteLine("*** Start Shellcode: " + MethodInfo.GetCurrentMethod().Name);
RunTest(X86_CODE32_SELF, ADDRESS);
Console.WriteLine("End Shellcode: " + MethodInfo.GetCurrentMethod().Name);
Console.WriteLine();
} }
public static void TestX86Code32() public static void X86Code32()
{ {
Byte[] X86_CODE32 = Byte[] X86_CODE32 =
{ {
@ -60,55 +38,75 @@ namespace UnicornTests
0x6c, 0x6c, 0x6f 0x6c, 0x6c, 0x6f
}; };
Run(X86_CODE32);
}
private static void Run(Byte[] code)
{
Console.WriteLine(); Console.WriteLine();
Console.WriteLine("*** Start Shellcode: " + MethodInfo.GetCurrentMethod().Name); var stackTrace = new StackTrace();
RunTest(X86_CODE32, ADDRESS); var stackFrame = stackTrace.GetFrames()[1];
Console.WriteLine("End Shellcode: " + MethodInfo.GetCurrentMethod().Name); var methodName = stackFrame.GetMethod().Name;
Console.WriteLine("*** Start: " + methodName);
RunTest(code, ADDRESS);
Console.WriteLine("*** End: " + methodName);
Console.WriteLine(); Console.WriteLine();
} }
public static void RunTest(Byte[] code, UInt64 address)
private static void RunTest(Byte[] code, Int64 address)
{ {
try try
{ {
var u = new Unicorn(Common.UC_ARCH_X86, Common.UC_MODE_32); using (var u = new Unicorn(Common.UC_ARCH_X86, Common.UC_MODE_32))
Console.WriteLine("Unicorn version: {0}", u.Version()); using(var disassembler = CapstoneDisassembler.CreateX86Disassembler(DisassembleMode.Bit32))
{
Console.WriteLine("Unicorn version: {0}", u.Version());
// map 2MB of memory for this emulation
u.MemMap(address, 2 * 1024 * 1024, Common.UC_PROT_ALL);
// map 2MB of memory for this emulation // write machine code to be emulated to memory
u.MemMap(address, new UIntPtr(2 * 1024 * 1024), Common.UC_PROT_ALL); u.MemWrite(address, code);
// initialize machine registers
u.RegWrite(X86.UC_X86_REG_ESP, Utils.Int64ToBytes(address + 0x200000));
// write machine code to be emulated to memory var regv = new Byte[4];
u.MemWrite(address, code); u.RegRead(X86.UC_X86_REG_ESP, regv);
// initialize machine registers // tracing all instructions by having @begin > @end
u.RegWrite(X86.UC_X86_REG_ESP, Utils.Int64ToBytes(address + 0x200000)); u.AddCodeHook((uc, addr, size, userData) => CodeHookCallback(disassembler, uc, addr, size, userData), 1, 0);
// tracing all instructions by having @begin > @end // handle interrupt ourself
u.AddCodeHook(CodeHookCallback, null, 1, 0); u.AddInterruptHook(InterruptHookCallback);
// handle interrupt ourself // handle SYSCALL
u.AddInterruptHook(InterruptHookCallback, null); u.AddSyscallHook(SyscallHookCallback);
Console.WriteLine(">>> Start tracing code");
// handle SYSCALL // emulate machine code in infinite time
u.AddSyscallHook(SyscallHookCallback, null); u.EmuStart(address, address + code.Length, 0u, 0u);
Console.WriteLine(">>> Start tracing linux code"); Console.WriteLine(">>> Emulation Done!");
}
// emulate machine code in infinite time
u.EmuStart(address, address + (UInt64)code.Length, 0u, new UIntPtr(0));
Console.WriteLine(">>> Emulation Done!");
} }
catch (UnicornEngineException ex) catch (UnicornEngineException ex)
{ {
Console.Error.WriteLine("Emulation FAILED! " + ex.Message); Console.Error.WriteLine("Emulation FAILED! " + ex.Message);
} }
} }
private static void CodeHookCallback(Unicorn u, UInt64 addr, Int32 size, Object userData) private static void CodeHookCallback(
CapstoneDisassembler<X86Instruction, X86Register, X86InstructionGroup,X86InstructionDetail> disassembler,
Unicorn u,
Int64 addr,
Int32 size,
Object userData)
{ {
Console.Write("Tracing >>> 0x{0} ", addr.ToString("X")); Console.Write("[+] 0x{0}: ", addr.ToString("X"));
var eipBuffer = new Byte[4]; var eipBuffer = new Byte[4];
u.RegRead(X86.UC_X86_REG_EIP, eipBuffer); u.RegRead(X86.UC_X86_REG_EIP, eipBuffer);
@ -117,12 +115,13 @@ namespace UnicornTests
var tmp = new Byte[effectiveSize]; var tmp = new Byte[effectiveSize];
u.MemRead(addr, tmp); u.MemRead(addr, tmp);
var sb = new StringBuilder();
foreach (var t in tmp) foreach (var t in tmp)
{ {
Console.Write("{0} ", (0xFF & t).ToString("X")); sb.AppendFormat("{0} ", (0xFF & t).ToString("X"));
} }
Console.Write("{0,-20}", sb);
Console.WriteLine(); Console.WriteLine(Utils.Disassemble(disassembler, tmp));
} }
private static void SyscallHookCallback(Unicorn u, Object userData) private static void SyscallHookCallback(Unicorn u, Object userData)
@ -131,7 +130,7 @@ namespace UnicornTests
u.RegRead(X86.UC_X86_REG_EAX, eaxBuffer); u.RegRead(X86.UC_X86_REG_EAX, eaxBuffer);
var eax = Utils.ToInt(eaxBuffer); var eax = Utils.ToInt(eaxBuffer);
Console.WriteLine("Syscall >>> EAX = 0x{0}", eax.ToString("X")); Console.WriteLine("[!] Syscall EAX = 0x{0}", eax.ToString("X"));
u.EmuStop(); u.EmuStop();
} }
@ -156,10 +155,10 @@ namespace UnicornTests
switch (eax) switch (eax)
{ {
default: default:
Console.WriteLine("Interrupt >>> 0x{0} num {1}, EAX=0x{2}", eip.ToString("X"), intNumber.ToString("X"), eax.ToString("X")); Console.WriteLine("[!] Interrupt 0x{0} num {1}, EAX=0x{2}", eip.ToString("X"), intNumber.ToString("X"), eax.ToString("X"));
break; break;
case 1: // sys_exit case 1: // sys_exit
Console.WriteLine("Interrupt >>> 0x{0} num {1}, SYS_EXIT", eip.ToString("X"), intNumber.ToString("X")); Console.WriteLine("[!] Interrupt 0x{0} num {1}, SYS_EXIT", eip.ToString("X"), intNumber.ToString("X"));
u.EmuStop(); u.EmuStop();
break; break;
case 4: // sys_write case 4: // sys_write
@ -183,7 +182,7 @@ namespace UnicornTests
var content = Encoding.Default.GetString(buffer); var content = Encoding.Default.GetString(buffer);
Console.WriteLine( Console.WriteLine(
"Interrupt >>> 0x{0}: num {1}, SYS_WRITE. buffer = 0x{2}, size = , content = '{3}'", "[!] Interrupt 0x{0}: num {1}, SYS_WRITE. buffer = 0x{2}, size = , content = '{3}'",
eip.ToString("X"), eip.ToString("X"),
ecx.ToString("X"), ecx.ToString("X"),
edx.ToString("X"), edx.ToString("X"),

View File

@ -0,0 +1,108 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{B80B5987-1E24-4309-8BF9-C4F91270F21C}</ProjectGuid>
<OutputType>Exe</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>UnicornSamples</RootNamespace>
<AssemblyName>UnicornSamples</AssemblyName>
<TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
<AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
<TargetFrameworkProfile />
<PublishUrl>publish\</PublishUrl>
<Install>true</Install>
<InstallFrom>Disk</InstallFrom>
<UpdateEnabled>false</UpdateEnabled>
<UpdateMode>Foreground</UpdateMode>
<UpdateInterval>7</UpdateInterval>
<UpdateIntervalUnits>Days</UpdateIntervalUnits>
<UpdatePeriodically>false</UpdatePeriodically>
<UpdateRequired>false</UpdateRequired>
<MapFileExtensions>true</MapFileExtensions>
<ApplicationRevision>0</ApplicationRevision>
<ApplicationVersion>1.0.0.%2a</ApplicationVersion>
<IsWebBootstrapper>false</IsWebBootstrapper>
<UseApplicationTrust>false</UseApplicationTrust>
<BootstrapperEnabled>true</BootstrapperEnabled>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
<UseVSHostingProcess>false</UseVSHostingProcess>
<CodeAnalysisIgnoreGeneratedCode>false</CodeAnalysisIgnoreGeneratedCode>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
<Reference Include="Gee.External.Capstone, Version=1.2.2.0, Culture=neutral, processorArchitecture=x86">
<HintPath>..\packages\Gee.External.Capstone.1.2.2\lib\net45\Gee.External.Capstone.dll</HintPath>
<Private>True</Private>
</Reference>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Data" />
<Reference Include="System.Net.Http" />
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="ShellcodeSample.cs" />
<Compile Include="Utils.cs" />
<Compile Include="X86Sample32.cs" />
</ItemGroup>
<ItemGroup>
<None Include="App.config" />
<None Include="packages.config" />
</ItemGroup>
<ItemGroup>
<BootstrapperPackage Include=".NETFramework,Version=v4.5">
<Visible>False</Visible>
<ProductName>Microsoft .NET Framework 4.5 %28x86 and x64%29</ProductName>
<Install>true</Install>
</BootstrapperPackage>
<BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1">
<Visible>False</Visible>
<ProductName>.NET Framework 3.5 SP1</ProductName>
<Install>false</Install>
</BootstrapperPackage>
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\UnicornManaged\UnicornManaged.fsproj">
<Project>{0c21f1c1-2725-4a46-9022-1905f85822a5}</Project>
<Name>UnicornManaged</Name>
</ProjectReference>
</ItemGroup>
<ItemGroup>
<Content Include="capstone.dll" />
<Content Include="Gee.External.Capstone.Proxy.dll" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<!-- To modify your build process, add your task inside one of the targets below and uncomment it.
Other similar extension points exist, see Microsoft.Common.targets.
<Target Name="BeforeBuild">
</Target>
<Target Name="AfterBuild">
</Target>
-->
</Project>

View File

@ -0,0 +1,47 @@
using Gee.External.Capstone;
using Gee.External.Capstone.X86;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace UnicornSamples
{
internal static class Utils
{
public static Int64 ToInt(Byte[] val)
{
UInt64 res = 0;
for (var i = 0; i < val.Length; i++)
{
var v = val[i] & 0xFF;
res += (UInt64)(v << (i * 8));
}
return (Int64)res;
}
public static Byte[] Int64ToBytes(Int64 intVal)
{
var res = new Byte[8];
var uval = (UInt64)intVal;
for (var i = 0; i < res.Length; i++)
{
res[i] = (Byte)(uval & 0xff);
uval = uval >> 8;
}
return res;
}
public static String Disassemble(CapstoneDisassembler<X86Instruction, X86Register, X86InstructionGroup, X86InstructionDetail> disassembler, Byte[] code)
{
var sb = new StringBuilder();
var instructions = disassembler.DisassembleAll(code);
foreach (var instruction in instructions)
{
sb.AppendFormat("{0} {1}{2}", instruction.Mnemonic, instruction.Operand, Environment.NewLine);
}
return sb.ToString().Trim();
}
}
}

View File

@ -0,0 +1,328 @@
using Gee.External.Capstone;
using Gee.External.Capstone.X86;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Linq;
using System.Reflection;
using System.Text;
using System.Threading.Tasks;
using UnicornManaged;
using UnicornManaged.Const;
namespace UnicornSamples
{
internal class X86Sample32
{
private const Int64 ADDRESS = 0x1000000;
public static void X86Code32()
{
Byte[] X86_CODE32 =
{
// INC ecx; DEC edx
0x41, 0x4a
};
Run(X86_CODE32);
}
public static void X86Code32InvalidMemRead()
{
Byte[] X86_CODE32_MEM_READ =
{
// mov ecx,[0xaaaaaaaa]; INC ecx; DEC edx
0x8B, 0x0D, 0xAA, 0xAA, 0xAA, 0xAA, 0x41, 0x4a
};
Run(X86_CODE32_MEM_READ, true);
}
public static void X86Code32InvalidMemWriteWithRuntimeFix()
{
Byte[] X86_CODE32_MEM_WRITE =
{
// mov [0xaaaaaaaa], ecx; INC ecx; DEC edx
0x89, 0x0D, 0xAA, 0xAA, 0xAA, 0xAA, 0x41, 0x4a
};
Run(X86_CODE32_MEM_WRITE);
}
public static void X86Code32InOut()
{
Byte[] X86_CODE32_INOUT =
{
// INC ecx; IN AL, 0x3f; DEC edx; OUT 0x46, AL; INC ebx
0x41, 0xE4, 0x3F, 0x4a, 0xE6, 0x46, 0x43
};
Run(X86_CODE32_INOUT);
}
private static void Run(Byte[] code, Boolean raiseException = false)
{
Console.WriteLine();
var stackTrace = new StackTrace();
var stackFrame = stackTrace.GetFrames()[1];
var methodName = stackFrame.GetMethod().Name;
Console.WriteLine("*** Start: " + methodName);
Exception e = null;
try
{
RunTest(code, ADDRESS, Common.UC_MODE_32);
}
catch (UnicornEngineException ex)
{
e = ex;
}
if (!raiseException && e != null)
{
Console.Error.WriteLine("Emulation FAILED! " + e.Message);
}
Console.WriteLine("*** End: " + methodName);
Console.WriteLine();
}
private static void RunTest(Byte[] code, Int64 address, Int32 mode)
{
using (var u = new Unicorn(Common.UC_ARCH_X86, mode))
using (var disassembler = CapstoneDisassembler.CreateX86Disassembler(DisassembleMode.Bit32))
{
Console.WriteLine("Unicorn version: {0}", u.Version());
// map 2MB of memory for this emulation
u.MemMap(address, 2 * 1024 * 1024, Common.UC_PROT_ALL);
// initialize machine registers
u.RegWrite(X86.UC_X86_REG_EAX, 0x1234);
u.RegWrite(X86.UC_X86_REG_ECX, 0x1234);
u.RegWrite(X86.UC_X86_REG_EDX, 0x7890);
// write machine code to be emulated to memory
u.MemWrite(address, code);
// initialize machine registers
u.RegWrite(X86.UC_X86_REG_ESP, Utils.Int64ToBytes(address + 0x200000));
// handle IN & OUT instruction
u.AddInHook(InHookCallback);
u.AddOutHook(OutHookCallback);
// tracing all instructions by having @begin > @end
u.AddCodeHook((uc, addr, size, userData) => CodeHookCallback(disassembler, uc, addr, size, userData), 1, 0);
// handle interrupt ourself
u.AddInterruptHook(InterruptHookCallback);
// handle SYSCALL
u.AddSyscallHook(SyscallHookCallback);
// intercept invalid memory events
u.AddEventMemHook(MemMapHookCallback, Common.UC_HOOK_MEM_READ_UNMAPPED | Common.UC_HOOK_MEM_WRITE_UNMAPPED);
Console.WriteLine(">>> Start tracing code");
// emulate machine code in infinite time
u.EmuStart(address, address + code.Length, 0u, 0u);
// print registers
var ecx = u.RegRead(X86.UC_X86_REG_ECX);
var edx = u.RegRead(X86.UC_X86_REG_EDX);
var eax = u.RegRead(X86.UC_X86_REG_EAX);
Console.WriteLine("[!] EAX = {0}", eax.ToString("X"));
Console.WriteLine("[!] ECX = {0}", ecx.ToString("X"));
Console.WriteLine("[!] EDX = {0}", edx.ToString("X"));
Console.WriteLine(">>> Emulation Done!");
}
}
private static Int32 InHookCallback(Unicorn u, Int32 port, Int32 size, Object userData)
{
var eip = u.RegRead(X86.UC_X86_REG_EIP);
Console.WriteLine("[!] Reading from port 0x{0}, size: {1}, address: 0x{2}", port.ToString("X"), size.ToString("X"), eip.ToString("X"));
var res = 0;
switch (size)
{
case 1:
// read 1 byte to AL
res = 0xf1;
break;
case 2:
// read 2 byte to AX
res = 0xf2;
break;
case 4:
// read 4 byte to EAX
res = 0xf4;
break;
}
Console.WriteLine("[!] Return value: {0}", res.ToString("X"));
return res;
}
private static void OutHookCallback(Unicorn u, Int32 port, Int32 size, Int32 value, Object userData)
{
var eip = u.RegRead(X86.UC_X86_REG_EIP);
Console.WriteLine("[!] Writing to port 0x{0}, size: {1}, value: 0x{2}, address: 0x{3}", port.ToString("X"), size.ToString("X"), value.ToString("X"), eip.ToString("X"));
// confirm that value is indeed the value of AL/ AX / EAX
var v = 0L;
var regName = String.Empty;
switch (size)
{
case 1:
// read 1 byte in AL
v = u.RegRead(X86.UC_X86_REG_AL);
regName = "AL";
break;
case 2:
// read 2 byte in AX
v = u.RegRead(X86.UC_X86_REG_AX);
regName = "AX";
break;
case 4:
// read 4 byte in EAX
v = u.RegRead(X86.UC_X86_REG_EAX);
regName = "EAX";
break;
}
Console.WriteLine("[!] Register {0}: {1}", regName, v.ToString("X"));
}
private static Boolean MemMapHookCallback(Unicorn u, Int32 eventType, Int64 address, Int32 size, Int64 value, Object userData)
{
if (eventType == Common.UC_MEM_WRITE_UNMAPPED)
{
Console.WriteLine("[!] Missing memory is being WRITE at 0x{0}, data size = {1}, data value = 0x{2}. Map memory.", address.ToString("X"), size.ToString("X"), value.ToString("X"));
u.MemMap(0xaaaa0000, 2 * 1024 * 1024, Common.UC_PROT_ALL);
return true;
}
else
{
return false;
}
}
private static void CodeHookCallback1(
CapstoneDisassembler<X86Instruction, X86Register, X86InstructionGroup, X86InstructionDetail> disassembler,
Unicorn u,
Int64 addr,
Int32 size,
Object userData)
{
Console.Write("[+] 0x{0}: ", addr.ToString("X"));
var eipBuffer = new Byte[4];
u.RegRead(X86.UC_X86_REG_EIP, eipBuffer);
var effectiveSize = Math.Min(16, size);
var tmp = new Byte[effectiveSize];
u.MemRead(addr, tmp);
var sb = new StringBuilder();
foreach (var t in tmp)
{
sb.AppendFormat("{0} ", (0xFF & t).ToString("X"));
}
Console.Write("{0,-20}", sb);
Console.WriteLine(Utils.Disassemble(disassembler, tmp));
}
private static void CodeHookCallback(
CapstoneDisassembler<X86Instruction, X86Register, X86InstructionGroup, X86InstructionDetail> disassembler,
Unicorn u,
Int64 addr,
Int32 size,
Object userData)
{
Console.Write("[+] 0x{0}: ", addr.ToString("X"));
var eipBuffer = new Byte[4];
u.RegRead(X86.UC_X86_REG_EIP, eipBuffer);
var effectiveSize = Math.Min(16, size);
var tmp = new Byte[effectiveSize];
u.MemRead(addr, tmp);
var sb = new StringBuilder();
foreach (var t in tmp)
{
sb.AppendFormat("{0} ", (0xFF & t).ToString("X"));
}
Console.Write("{0,-20}", sb);
Console.WriteLine(Utils.Disassemble(disassembler, tmp));
}
private static void SyscallHookCallback(Unicorn u, Object userData)
{
var eaxBuffer = new Byte[4];
u.RegRead(X86.UC_X86_REG_EAX, eaxBuffer);
var eax = Utils.ToInt(eaxBuffer);
Console.WriteLine("[!] Syscall EAX = 0x{0}", eax.ToString("X"));
u.EmuStop();
}
private static void InterruptHookCallback(Unicorn u, Int32 intNumber, Object userData)
{
// only handle Linux syscall
if (intNumber != 0x80)
{
return;
}
var eaxBuffer = new Byte[4];
var eipBuffer = new Byte[4];
u.RegRead(X86.UC_X86_REG_EAX, eaxBuffer);
u.RegRead(X86.UC_X86_REG_EIP, eipBuffer);
var eax = Utils.ToInt(eaxBuffer);
var eip = Utils.ToInt(eipBuffer);
switch (eax)
{
default:
Console.WriteLine("[!] Interrupt 0x{0} num {1}, EAX=0x{2}", eip.ToString("X"), intNumber.ToString("X"), eax.ToString("X"));
break;
case 1: // sys_exit
Console.WriteLine("[!] Interrupt 0x{0} num {1}, SYS_EXIT", eip.ToString("X"), intNumber.ToString("X"));
u.EmuStop();
break;
case 4: // sys_write
// ECX = buffer address
var ecxBuffer = new Byte[4];
// EDX = buffer size
var edxBuffer = new Byte[4];
u.RegRead(X86.UC_X86_REG_ECX, ecxBuffer);
u.RegRead(X86.UC_X86_REG_EDX, edxBuffer);
var ecx = Utils.ToInt(ecxBuffer);
var edx = Utils.ToInt(edxBuffer);
// read the buffer in
var size = Math.Min(256, edx);
var buffer = new Byte[size];
u.MemRead(ecx, buffer);
var content = Encoding.Default.GetString(buffer);
Console.WriteLine(
"[!] Interrupt 0x{0}: num {1}, SYS_WRITE. buffer = 0x{2}, size = , content = '{3}'",
eip.ToString("X"),
ecx.ToString("X"),
edx.ToString("X"),
content);
break;
}
}
}
}

Binary file not shown.

View File

@ -0,0 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Gee.External.Capstone" version="1.2.2" targetFramework="net45" />
</packages>

View File

@ -1,28 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.30723.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{F2A71F9B-5D33-465A-A702-920D77279786}") = "Unicorn", "Unicorn\Unicorn.fsproj", "{6F0E55FA-A056-45FF-BB24-641457B430A8}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "UnicornTests", "UnicornTests\UnicornTests.csproj", "{6437C22A-9DBD-47CE-8792-403BED230B54}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{6F0E55FA-A056-45FF-BB24-641457B430A8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{6F0E55FA-A056-45FF-BB24-641457B430A8}.Debug|Any CPU.Build.0 = Debug|Any CPU
{6F0E55FA-A056-45FF-BB24-641457B430A8}.Release|Any CPU.ActiveCfg = Release|Any CPU
{6F0E55FA-A056-45FF-BB24-641457B430A8}.Release|Any CPU.Build.0 = Release|Any CPU
{6437C22A-9DBD-47CE-8792-403BED230B54}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{6437C22A-9DBD-47CE-8792-403BED230B54}.Debug|Any CPU.Build.0 = Debug|Any CPU
{6437C22A-9DBD-47CE-8792-403BED230B54}.Release|Any CPU.ActiveCfg = Release|Any CPU
{6437C22A-9DBD-47CE-8792-403BED230B54}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

View File

@ -1,39 +0,0 @@
/*
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
using System;
using System.Collections.Generic;
using System.Text;
using UnicornEngine;
using UnicornEngine.Const;
namespace UnicornTests
{
class Program
{
static void Main(String[] args)
{
// Run all shellcode tests
ShellcodeTest.TestX86Code32Self();
ShellcodeTest.TestX86Code32();
}
}
}

View File

@ -1,68 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
<PropertyGroup>
<Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
<Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
<ProjectGuid>{6437C22A-9DBD-47CE-8792-403BED230B54}</ProjectGuid>
<OutputType>Exe</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>UnicornTests</RootNamespace>
<AssemblyName>UnicornTests</AssemblyName>
<TargetFrameworkVersion>v4.5.1</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
<AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
<PlatformTarget>x86</PlatformTarget>
<DebugSymbols>true</DebugSymbols>
<DebugType>full</DebugType>
<Optimize>false</Optimize>
<OutputPath>bin\Debug\</OutputPath>
<DefineConstants>DEBUG;TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget>
<DebugType>pdbonly</DebugType>
<Optimize>true</Optimize>
<OutputPath>bin\Release\</OutputPath>
<DefineConstants>TRACE</DefineConstants>
<ErrorReport>prompt</ErrorReport>
<WarningLevel>4</WarningLevel>
<AllowUnsafeBlocks>false</AllowUnsafeBlocks>
</PropertyGroup>
<ItemGroup>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />
<Reference Include="Microsoft.CSharp" />
<Reference Include="System.Data" />
<Reference Include="System.Xml" />
</ItemGroup>
<ItemGroup>
<Compile Include="Program.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
<Compile Include="ShellcodeTest.cs" />
<Compile Include="Utils.cs" />
</ItemGroup>
<ItemGroup>
<None Include="App.config" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\Unicorn\Unicorn.fsproj">
<Project>{6f0e55fa-a056-45ff-bb24-641457b430a8}</Project>
<Name>Unicorn</Name>
</ProjectReference>
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<!-- To modify your build process, add your task inside one of the targets below and uncomment it.
Other similar extension points exist, see Microsoft.Common.targets.
<Target Name="BeforeBuild">
</Target>
<Target Name="AfterBuild">
</Target>
-->
</Project>

View File

@ -1,55 +0,0 @@
/*
.NET bindings for the UnicornEngine Emulator Engine
Copyright(c) 2015 Antonio Parata
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using UnicornEngine.Const;
namespace UnicornTests
{
internal static class Utils
{
public static UInt64 ToInt(Byte[] val)
{
UInt64 res = 0;
for (var i = 0; i < val.Length; i++)
{
var v = val[i] & 0xFF;
res += (UInt64)(v << (i * 8));
}
return res;
}
public static Byte[] Int64ToBytes(UInt64 intVal)
{
var res = new Byte[8];
for (var i = 0; i < res.Length; i++)
{
res[i] = (Byte)(intVal & 0xff);
intVal = intVal >> 8;
}
return res;
}
}
}

View File

@ -5,8 +5,8 @@
#include <unicorn/unicorn.h> #include <unicorn/unicorn.h>
#define ADDRESS1 0x1000000 #define ADDRESS1 0x10000000
#define ADDRESS2 0x2000000 #define ADDRESS2 0x20000000
#define SIZE (80 * 1024 * 1024) #define SIZE (80 * 1024 * 1024)
static void VM_exec() static void VM_exec()

View File

@ -135,7 +135,7 @@ static bool hook_mem_invalid(uc_engine *uc, uc_mem_type type,
default: default:
printf("not ok %d - memory invalid type: %d at 0x%" PRIx64 "\n", log_num++, type, addr); printf("not ok %d - memory invalid type: %d at 0x%" PRIx64 "\n", log_num++, type, addr);
return false; return false;
case UC_MEM_WRITE: case UC_MEM_WRITE_UNMAPPED:
printf("# write to invalid memory at 0x%"PRIx64 ", data size = %u, data value = 0x%"PRIx64 "\n", addr, size, value); printf("# write to invalid memory at 0x%"PRIx64 ", data size = %u, data value = 0x%"PRIx64 "\n", addr, size, value);
if (uc_mem_read(uc, addr, &testval, sizeof(testval)) != UC_ERR_OK) { if (uc_mem_read(uc, addr, &testval, sizeof(testval)) != UC_ERR_OK) {