Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New architecture: BPF #1388

Merged
merged 36 commits into from Feb 18, 2019

Conversation

@david942j
Copy link
Contributor

commented Feb 17, 2019

closes #838

Berkeley Packet Filter

  • Supports both classic and extended BPF (CS_MODE_BPF_CLASSIC, CS_MODE_BPF_EXTENDED)
  • Fully tested
  • Python bindings

references:

david942j added some commits Feb 17, 2019

@aquynh

This comment has been minimized.

Copy link
Owner

commented Feb 17, 2019

wow nice work! let me go thru the code & give some comments

cstool/cstool_bpf.c Outdated Show resolved Hide resolved
arch/BPF/BPFInstPrinter.c Outdated Show resolved Hide resolved
@aquynh

This comment has been minimized.

Copy link
Owner

commented Feb 17, 2019

the code looks very clean, you did an amazing job!

@HarDToBelieve @catenacyber this also updates your regression testsuite & fuzzer, please ack.

@aquynh

This comment has been minimized.

Copy link
Owner

commented Feb 17, 2019

@david942j david942j force-pushed the david942j:bpf branch from 1009bd8 to 5ce04b9 Feb 18, 2019

@@ -189,14 +189,24 @@ static struct platform platforms[] = {
CS_MODE_BIG_ENDIAN,
"tms320c64x"
},
#if CS_NEXT_VERSION >= 5

This comment has been minimized.

Copy link
@catenacyber

catenacyber Feb 18, 2019

Contributor

I think the ifdef needs to remain so that both next and master branch can be fuzzed

This comment has been minimized.

Copy link
@david942j

david942j Feb 18, 2019

Author Contributor

Oh I found both master and next branch has the same CS_NEXT_VERSION = 5, that's why I removed it.

This comment has been minimized.

Copy link
@catenacyber

catenacyber Feb 18, 2019

Contributor

Ok thanks @david942j so your code is good

@aquynh how can a program know at compile time which architectures are supported by the current capstone ie branch master and branch next ?

@catenacyber

This comment has been minimized.

Copy link
Contributor

commented Feb 18, 2019

Great !

Cheers @david942j
PS : if you know about BPF, could you take a look at the-tcpdump-group/libpcap#777

@aquynh aquynh merged commit cac94cc into aquynh:next Feb 18, 2019

0 of 2 checks passed

continuous-integration/appveyor/pr Waiting for AppVeyor build to complete
Details
continuous-integration/travis-ci/pr The Travis CI build is in progress
Details
@aquynh

This comment has been minimized.

Copy link
Owner

commented Feb 18, 2019

merged, thanks for this amazing work!

@aquynh

This comment has been minimized.

Copy link
Owner

commented Feb 18, 2019

@david942j, i had a commit to print out BPF for cstool -v at 7ed49b3

@david942j

This comment has been minimized.

Copy link
Contributor Author

commented Feb 18, 2019

Oops I missed it, thanks!

@david942j david942j deleted the david942j:bpf branch Feb 18, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.