CTF(Capture The Flag) で x86/x64 バイナリを objdump -d または -D して逆アセンブル結果を見ることがよくあるので、逆アセンブル出力ファイル用のシンタックス定義を書いてみました。
見様見真似で書いたので、直した方がいいところがあったら教えてください。
私は逆アセンブル出力ファイル名を *.dis とか *.dis-intel といったファイル名にすることが多いので、それらのファイルを開いたときに自動的に適用する定義も書いておきました。
gitリポジトリも作成しておきました。
https://github.com/shiracamus/vim-syntax-x86-objdump-d
~/.vim/filetype.vim
augroup filetypedetect
auBufRead,BufNewFile *.dis* setfiletype dis
augroup END
~/.vim/syntax/dis.vim
" Vim syntax file" Language: x86/x64 GNU Disassembler (objdump -d -Mintel)" Maintainer: @shiracamus <shiracamus@gmail.com>" Last Change: 2013 Dec 30" For version 5.x: Clear all syntax items" For version 6.0 and later: Quit when a syntax file was already loadedifversion<600syntax clear
elseif exists("b:current_syntax")finishendiflets:cpo_save =&cposetcpo&vimsyn case ignore
synmatch disOffset "[+-]"synmatch disNumber "[+-]\?\<0x[0-9a-f]\+\>" contains=disOffset
synmatch disNumber "[+-]\?\<[0-9a-f]\+\>" contains=disOffset
synmatch disRegister "\<[re]\?[abcd][xhl]\>"synmatch disRegister "\<[re]\?[sd]il\?\>"synmatch disRegister "\<[re]\?[sbi]pl\?\>"synmatch disRegister "\<r[0-9]\+[dwb]\?\>"synmatch disRegister "[^\t]\<[cdefgs]s\>"hs=s+1synmatch disAt "@"synmatch disSection " \.[a-z][a-z_\.-]*:"he=e-1synmatch disSection "@[a-z0-9_][a-z0-9_-]\+"hs=s+1 contains=disAt,disNumber
synmatch disLabel "<[a-z0-9_.][a-z0-9_.@+-]\+>"hs=s+1,he=e-1 contains=disNumber,disSection
synmatch disHexDump ":\t\([0-9a-f][0-9a-f] \)\+"hs=s+1synmatch disError "<internal disassembler error>"synmatch disError "(bad)"syn keyword disTodo contained TODO
syn region disComment start="/\*"end="\*/" contains=disTodo
synmatch disComment "[#;!|].*" contains=disLabel,disTodo
synmatch disSpecial display contained "\\\(x\x\+\|\o\{1,3}\|.\|$\)"syn region disString start=+"+ skip=+\\\\\|\\"\|\\$+ excludenl end=+"+end=+$+ keepend contains=disSpecial
syn region disString start=+'+ skip=+\\\\\|\\'\|\\$+ excludenl end=+'+end=+$+ keepend contains=disSpecial
synmatch disFormat ": \+file format "synmatch disTitle "^[^ ]\+: \+file format .*$" contains=disFormat
synmatch disMacro "FWORD"synmatch disMacro "QWORD"synmatch disMacro "DWORD"synmatch disMacro "BYTE"synmatch disMacro "PTR"synmatch disData ".word"synmatch disData ".short"synmatch disData ".byte"" Opecode matched disNumbersynmatch disOpecode "\<add "synmatch disOpecode "\<adc "synmatch disOpecode "\<dec "synmatch disOpecode "\<fadd "syn case match" Define the default highlighting." For version 5.7 and earlier: only when not done already" For version 5.8 and later: only when an item doesn't have highlighting yetifversion>=508||!exists("did_dis_syntax_inits")ifversion<508let did_dis_syntax_inits =1
command -nargs=+ HiLink hi link <args>else
command -nargs=+ HiLink hidef link <args>endif" The default methods for highlighting. Can be overridden later" Comment
HiLink disComment Comment
" Constant: String, Character, Number, Boolean, Float
HiLink disNumber Number
HiLink disString String
" Identifier: Function
HiLink disHexDump Identifier
"Statement: Conditional, Repeat, Label, Operator, Keyword, Exception
HiLink disLabel Label
" PreProc: Include, Define, Macro, PreCondit
HiLink disData Define
HiLink disMacro Macro
" Type: StorageClass, Structure, Typedef
HiLink disRegister StorageClass
HiLink disTitle Typedef
" Special: SpecialChar, Tag, Delimiter, SpecialComment, Debug
HiLink disSpecial SpecialChar
HiLink disSection Special
" Underlined" Ignore" Error
HiLink disError Error" Todo
HiLink disTodo Todo
delcommand HiLink
endifletb:current_syntax ="dis"let&cpo=s:cpo_save
unlet s:cpo_save
" vim: ts=8 sts=4 sw=2