alexaltea / capstone.js Goto Github PK

Capstone has a diet compile time flag, described here: http://www.capstone-engine.org/diet.html

This reduces the library size. It would be quite useful to provide builds with this flag, considering that capstone-x86.min.js is 2MB, which is prohibitively large for some JavaScript projects.

After manually building the library with Grunt and Emscripten, using both capstone.min.js and capstone-x86.min.js, without adding any extra JS code:

capstone-x86_new.min.js:7 Uncaught TypeError: MCapstone is not a function
    at capstone-x86_new.min.js:7:13
(anonymous) @ capstone-x86_new.min.js:7
capstone_new.min.js:535 Uncaught TypeError: MCapstone._malloc is not a function
    at new Capstone (capstone_new.min.js:535:37)
    at main.js:7:18

When disassembling with capstone it throws the error that it cannot grow memory further because it exceeded the compiletime limit.

I passed the flag -s ALLOW_MEMORY_GROWTH=1 in build.py and recompiled the project

After that it said "MCapstone.ccall is undefined"

Thus I added the flag to export that symbol as explained on emscripten and it works fine.

However the code now runs in the browser without any errors but seems to fail each time trying to disassemble something.

Can anyone here help me get it to compile without having the default memory boundaries?

UPDATE:

looks like this is caused by minification (I'm using capstone.min.js, because couldn't compile from source):

asmcrypto/asmcrypto.js#82

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

I've got another issue for you ;)

This might be resolved, if as you said, the latest version gets recompiled with the latest capstone and emscripten, but for now I'm getting this localized error in FF:

TypeError: asm.js type error: expecting argument type declaration for 'a' of the form 'arg = arg|0' or 'arg = +arg' or 'arg = fround(arg)'

It also doesn't seem to run in safari, but no console errors. This could be an issue with how I'm using the library however.

Anyway, something to be aware of, as for now this only seems to work on Chrome for me, which isn't so great.

I will update this with more information if I find some.

The APIs used in sections 3 and 4 from http://www.capstone-engine.org/lang_c.html would be nice to have exposed. A somewhat slow, but convenient way to extract data from C code is to write a JSON string on the C/C++ side then parse it on the JS side.

Take the homepage's example code and add d.option(cs.OPT_DETAIL, cs.OPT_ON);

Now try to print instr.detail.op, it should be an array, but it's not given. op_count from here is also 0, but shouldn't it be a real value if detail mode is on?

Expected behavior

On recent Python capstone (4.0.2):

from capstone import *

CODE = b"\x55\x48\x8b\x05\xb8\x13\x00\x00"

md = Cs(CS_ARCH_X86, CS_MODE_64)
for i in md.disasm(CODE, 0x10000001234):
    print("0x%x:\t%s\t%s" %(i.address, i.mnemonic, i.op_str))

Output:

0x10000001234:  push    rbp
0x10000001235:  mov     rax, qword ptr [rip + 0x13b8]

I would expect the same on JavaScript.

Problem

Using x86-capstone.js from last release (capstone.js v3.0.5-RC1 - from 2017...):

var buffer = [0x55, 0x31, 0xD2, 0x89, 0xE5, 0x8B, 0x45, 0x08];
var offset = 0x10000001234;

var d = new cs.Capstone(cs.ARCH_X86, cs.MODE_32);
var instructions = d.disasm(buffer, offset);

instructions.forEach(instr => console.log(`0x${instr.address.toString(16)}: ${instr.mnemonic} ${instr.op_str}`));

d.close();

Output:

"0x1234: push ebp"
"0x1235: xor edx, edx"
"0x1237: mov ebp, esp"
"0x1239: mov eax, dword ptr [ebp + 8]"

I assume this is probably due to outdated build not supporting 64-bit offsets.

It would be nice to have this library available through npm.
The dependency to this library would be easier to manage with front end frameworks already using npm, but more importantly, it could be used in node.js where it's currently very complicated to integrate this library.

On my minor conquest to reduce the size of capstone-x86.min.js, I noticed that the cs object exported by capstone-x86.min.js also contains constants for other architectures (ARM_*, MIPS_*, etc.).

I believe these could be safely removed to achieve a decent (about 12k) size reduction.

The following line, in node.js, after successfully npm installing the package @alexaltea/capstone-js :

const cs = require("@alexaltea/capstone-js")

results in an error :

Error: Cannot find module '@alexaltea/capstone-js'

Don't know if this project is still live, if not a shame, because seems pretty awesome.

But your suggested install mechanism: bower install capstone seems to fail with bower ENOTFOUND Package capstone not found