Capstone

We are happy to announce the Release Candidate 3 of version 3.0 of Capstone disassembly framework!

The source code is available in zip and tar.gz formats, or at tagname 3.0-rc3 in our Github repo.

Please test and feed back via our contact.

NOTE

• Do use the bindings come with this version, as all the old bindings from previous version 3.0-RC2 or 2.x are incompatible and cannot be run with the *3.0-RC3 core*.

  For Java/Ocaml/Python bindings, see the respective README files under bindings/ directory in the source on how to do fresh-reinstall.

Summary of the important changes since 3.0-RC2 (more detail):

• Better support for cross-platform analysis:

  • Use common instruction operand types REG, IMM, MEM & FP across all architectures.

  • Use common instruction group types across all architectures.

• Fix an buffer overflow bug in fill_insn() in cs.c.

• X86:

  • Remove bogus instructions X86_INS_REP/REPNE/LOCK.

  • Added prefixed symbols X86_PREFIX_REP/REPNE/LOCK/CS/DS/SS/FS/GS/ES/OPSIZE/ADDRSIZE.

• ARM: instructions B, BL, BX, BLX, BXJ belong to ARM_GRP_JUMP group.

• Mips: properly handle modes MIPS32R6 & MICRO.

• PPC: add new operand type PPC_OP_CRX.