Hi,
I just found out that starting from version 5.0.1, the value of CS_OP_MEM (accessed from the python library) has changed, from 3 to 128, potentially causing issues in automated tools that make use of such constant value to check the type of the operands of an instruction.
Below a python run that shows the difference, using as example the x86 instruction mov eax, dword ptr [rsp + 0x14]:
Capstone version 5.0.0
>>> import capstone as cs
>>> md = cs.Cs(cs.CS_ARCH_X86, cs.CS_MODE_64)
>>> md.detail = True
>>> md.disasm("\x8b\x44\x24\x14", 0)
>>> ins = md.disasm(b"\x8b\x44\x24\x14", 0).__next__()
>>> ins
<CsInsn 0x0 [8b442414]: mov eax, dword ptr [rsp + 0x14]>
>>> ins.operands[1].type
3
>>> cs.CS_OP_MEM
3Capstone version 5.0.1
>>> import capstone as cs
>>> cs.debug()
'python-standard-arm-arm64-bpf-evm-m680x-m68k-mips-mos65xx-ppc-riscv-sparc-sysz-tms320c64x-xcore-x86-c5.0-b5.0'
>>> md.disasm("\x8b\x44\x24\x14", 0)
>>> md.detail = True
>>> ins = md.disasm(b"\x8b\x44\x24\x14", 0).__next__()
>>> ins
<CsInsn 0x0 [8b442414]: mov eax, dword ptr [rsp + 0x14]>
>>> ins.operands[1].type
3
>>> cs.CS_OP_MEM
128So my question is: is this an issue or is there another constant available to check the operand type?
Thanks in advance for the support.
Hi,
I just found out that starting from version 5.0.1, the value of CS_OP_MEM (accessed from the python library) has changed, from 3 to 128, potentially causing issues in automated tools that make use of such constant value to check the type of the operands of an instruction.
Below a python run that shows the difference, using as example the x86 instruction
mov eax, dword ptr [rsp + 0x14]:Capstone version 5.0.0
Capstone version 5.0.1
So my question is: is this an issue or is there another constant available to check the operand type?
Thanks in advance for the support.