[Capstone-users] disassembling functions using cs_disasm

[JonathonS <the...@gm...>]

Hi, I've been trying use capstone to disassemble functions in memory (e.g.
printf, fread, etc.).  Ideally, I'd like to see the function
prologue/epilogue as well as function body.

I've been using this code here (
https://toastedcornflakes.github.io/articles/fuzzing_capstone_with_afl.html)
as a starting point but I haven't figured out how accomplish what I want.
I am a bit confused on what to provide cs_disasm.

Here is what I a have:

#include "capstone.h"

int main(int argc, char** argv) {
    csh handle;
    cs_insn *insn;
    size_t count;
    uint8_t buf[128] = {0};

        if (cs_open(CS_ARCH_ARM, CS_MODE_ARM, &handle) == CS_ERR_OK) {
            count = cs_disasm(handle, buf, sizeof(buf), (uint64_t)
printf, 0, &insn);

            // TODO: Print instructions

            cs_free(insn, count);
        }
        cs_close(&handle);
    return 0;}

However, when I run this code and when I print the instructions, I keep
getting

andeq r0,r0,r0

which I guess is the equivalent of 0/no-op on ARM.  This seems incorrect.

Thanks in advance for any help!