arno
/
bddisasm
mirror of https://github.com/bitdefender/bddisasm.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Renamed REG_* fields to NDR_*, so that we don't conflict with _GNU_SOURCES.

Browse Source
pull/15/head
Andrei Vlad LUTAS 4 years ago
parent 02b7177b99
commit 144baa5140
10 changed files with 1115 additions and 1115 deletions
Show Stats Download Patch File Download Diff File

176
bddisasm/bddisasm.c
Unescape View File

@ -912,7 +912,7 @@ NdFetchModrmAndSib(
} }
// If needed, fetch the SIB. // If needed, fetch the SIB.
if ((Instrux->ModRm.rm == REG_RSP) && (Instrux->ModRm.mod != 3) && (Instrux->AddrMode != ND_ADDR_16)) if ((Instrux->ModRm.rm == NDR_RSP) && (Instrux->ModRm.mod != 3) && (Instrux->AddrMode != ND_ADDR_16))
{ {
// At least one more byte must be available, for the sib. // At least one more byte must be available, for the sib.
RET_GT((size_t)Offset + 1, Size, ND_STATUS_BUFFER_TOO_SMALL); RET_GT((size_t)Offset + 1, Size, ND_STATUS_BUFFER_TOO_SMALL);
@ -1180,17 +1180,17 @@ NdGetSegOverride(
switch (Instrux->Seg) switch (Instrux->Seg)
{ {
case ND_PREFIX_G2_SEG_CS: case ND_PREFIX_G2_SEG_CS:
return REG_CS; return NDR_CS;
case ND_PREFIX_G2_SEG_DS: case ND_PREFIX_G2_SEG_DS:
return REG_DS; return NDR_DS;
case ND_PREFIX_G2_SEG_ES: case ND_PREFIX_G2_SEG_ES:
return REG_ES; return NDR_ES;
case ND_PREFIX_G2_SEG_SS: case ND_PREFIX_G2_SEG_SS:
return REG_SS; return NDR_SS;
case ND_PREFIX_G2_SEG_FS: case ND_PREFIX_G2_SEG_FS:
return REG_FS; return NDR_FS;
case ND_PREFIX_G2_SEG_GS: case ND_PREFIX_G2_SEG_GS:
return REG_GS; return NDR_GS;
default: default:
return DefaultSeg; return DefaultSeg;
} }
@ -1714,7 +1714,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RAX; operand->Info.Register.Reg = NDR_RAX;
break; break;
case ND_OPT_GPR_AH: case ND_OPT_GPR_AH:
@ -1722,7 +1722,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = ND_SIZE_8BIT; operand->Info.Register.Size = ND_SIZE_8BIT;
operand->Info.Register.Reg = REG_AH; operand->Info.Register.Reg = NDR_AH;
operand->Info.Register.IsHigh8 = true; operand->Info.Register.IsHigh8 = true;
break; break;
@ -1731,7 +1731,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RCX; operand->Info.Register.Reg = NDR_RCX;
break; break;
case ND_OPT_GPR_rDX: case ND_OPT_GPR_rDX:
@ -1739,7 +1739,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RDX; operand->Info.Register.Reg = NDR_RDX;
break; break;
case ND_OPT_GPR_rBX: case ND_OPT_GPR_rBX:
@ -1747,7 +1747,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RBX; operand->Info.Register.Reg = NDR_RBX;
break; break;
case ND_OPT_GPR_rBP: case ND_OPT_GPR_rBP:
@ -1755,7 +1755,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RBP; operand->Info.Register.Reg = NDR_RBP;
break; break;
case ND_OPT_GPR_rSP: case ND_OPT_GPR_rSP:
@ -1763,7 +1763,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RSP; operand->Info.Register.Reg = NDR_RSP;
break; break;
case ND_OPT_GPR_rSI: case ND_OPT_GPR_rSI:
@ -1771,7 +1771,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RSI; operand->Info.Register.Reg = NDR_RSI;
break; break;
case ND_OPT_GPR_rDI: case ND_OPT_GPR_rDI:
@ -1779,7 +1779,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RDI; operand->Info.Register.Reg = NDR_RDI;
break; break;
case ND_OPT_GPR_rR11: case ND_OPT_GPR_rR11:
@ -1787,7 +1787,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_R11; operand->Info.Register.Reg = NDR_R11;
break; break;
case ND_OPT_SEG_CS: case ND_OPT_SEG_CS:
@ -1795,7 +1795,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG; operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_CS; operand->Info.Register.Reg = NDR_CS;
break; break;
case ND_OPT_SEG_SS: case ND_OPT_SEG_SS:
@ -1803,7 +1803,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG; operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_SS; operand->Info.Register.Reg = NDR_SS;
break; break;
case ND_OPT_SEG_DS: case ND_OPT_SEG_DS:
@ -1811,7 +1811,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG; operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_DS; operand->Info.Register.Reg = NDR_DS;
break; break;
case ND_OPT_SEG_ES: case ND_OPT_SEG_ES:
@ -1819,7 +1819,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG; operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_ES; operand->Info.Register.Reg = NDR_ES;
break; break;
case ND_OPT_SEG_FS: case ND_OPT_SEG_FS:
@ -1827,7 +1827,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG; operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_FS; operand->Info.Register.Reg = NDR_FS;
break; break;
case ND_OPT_SEG_GS: case ND_OPT_SEG_GS:
@ -1835,7 +1835,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG; operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_GS; operand->Info.Register.Reg = NDR_GS;
break; break;
case ND_OPT_FPU_ST0: case ND_OPT_FPU_ST0:
@ -1868,7 +1868,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_CR; operand->Info.Register.Type = ND_REG_CR;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_CR0; operand->Info.Register.Reg = NDR_CR0;
break; break;
case ND_OPT_SYS_GDTR: case ND_OPT_SYS_GDTR:
@ -1876,7 +1876,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_GDTR; operand->Info.Register.Reg = NDR_GDTR;
break; break;
case ND_OPT_SYS_IDTR: case ND_OPT_SYS_IDTR:
@ -1884,7 +1884,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_IDTR; operand->Info.Register.Reg = NDR_IDTR;
break; break;
case ND_OPT_SYS_LDTR: case ND_OPT_SYS_LDTR:
@ -1892,7 +1892,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_LDTR; operand->Info.Register.Reg = NDR_LDTR;
break; break;
case ND_OPT_SYS_TR: case ND_OPT_SYS_TR:
@ -1900,7 +1900,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size; operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_TR; operand->Info.Register.Reg = NDR_TR;
break; break;
case ND_OPT_X87_CONTROL: case ND_OPT_X87_CONTROL:
@ -1908,7 +1908,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = ND_SIZE_16BIT; operand->Info.Register.Size = ND_SIZE_16BIT;
operand->Info.Register.Reg = REG_X87_CONTROL; operand->Info.Register.Reg = NDR_X87_CONTROL;
break; break;
case ND_OPT_X87_TAG: case ND_OPT_X87_TAG:
@ -1916,7 +1916,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = ND_SIZE_16BIT; operand->Info.Register.Size = ND_SIZE_16BIT;
operand->Info.Register.Reg = REG_X87_TAG; operand->Info.Register.Reg = NDR_X87_TAG;
break; break;
case ND_OPT_X87_STATUS: case ND_OPT_X87_STATUS:
@ -1924,7 +1924,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS; operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = ND_SIZE_16BIT; operand->Info.Register.Size = ND_SIZE_16BIT;
operand->Info.Register.Reg = REG_X87_STATUS; operand->Info.Register.Reg = NDR_X87_STATUS;
break; break;
case ND_OPT_MXCSR: case ND_OPT_MXCSR:
@ -1964,7 +1964,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_TSC; operand->Info.Register.Reg = NDR_IA32_TSC;
break; break;
case ND_OPT_MSR_TSCAUX: case ND_OPT_MSR_TSCAUX:
@ -1972,7 +1972,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_TSC_AUX; operand->Info.Register.Reg = NDR_IA32_TSC_AUX;
break; break;
case ND_OPT_MSR_SCS: case ND_OPT_MSR_SCS:
@ -1980,7 +1980,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_SYSENTER_CS; operand->Info.Register.Reg = NDR_IA32_SYSENTER_CS;
break; break;
case ND_OPT_MSR_SESP: case ND_OPT_MSR_SESP:
@ -1988,7 +1988,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_SYSENTER_ESP; operand->Info.Register.Reg = NDR_IA32_SYSENTER_ESP;
break; break;
case ND_OPT_MSR_SEIP: case ND_OPT_MSR_SEIP:
@ -1996,7 +1996,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_SYSENTER_EIP; operand->Info.Register.Reg = NDR_IA32_SYSENTER_EIP;
break; break;
case ND_OPT_MSR_STAR: case ND_OPT_MSR_STAR:
@ -2004,7 +2004,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_STAR; operand->Info.Register.Reg = NDR_IA32_STAR;
break; break;
case ND_OPT_MSR_LSTAR: case ND_OPT_MSR_LSTAR:
@ -2012,7 +2012,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_LSTAR; operand->Info.Register.Reg = NDR_IA32_LSTAR;
break; break;
case ND_OPT_MSR_FMASK: case ND_OPT_MSR_FMASK:
@ -2020,7 +2020,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_FMASK; operand->Info.Register.Reg = NDR_IA32_FMASK;
break; break;
case ND_OPT_MSR_FSBASE: case ND_OPT_MSR_FSBASE:
@ -2028,7 +2028,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_FS_BASE; operand->Info.Register.Reg = NDR_IA32_FS_BASE;
break; break;
case ND_OPT_MSR_GSBASE: case ND_OPT_MSR_GSBASE:
@ -2036,7 +2036,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_GS_BASE; operand->Info.Register.Reg = NDR_IA32_GS_BASE;
break; break;
case ND_OPT_MSR_KGSBASE: case ND_OPT_MSR_KGSBASE:
@ -2044,7 +2044,7 @@ NdParseOperand(
operand->Type = ND_OP_REG; operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR; operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT; operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_GS_BASE; operand->Info.Register.Reg = NDR_IA32_GS_BASE;
break; break;
case ND_OPT_XCR: case ND_OPT_XCR:
@ -2071,7 +2071,7 @@ NdParseOperand(
operand->Size = operand->RawSize = Instrux->WordLength; operand->Size = operand->RawSize = Instrux->WordLength;
operand->Info.Register.Type = ND_REG_GPR; operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = Instrux->WordLength; operand->Info.Register.Size = Instrux->WordLength;
operand->Info.Register.Reg = REG_EAX; operand->Info.Register.Reg = NDR_EAX;
operand->Info.Register.Count = 8; operand->Info.Register.Count = 8;
operand->Info.Register.IsBlock = true; operand->Info.Register.IsBlock = true;
} }
@ -2181,7 +2181,7 @@ NdParseOperand(
} }
// If CS is loaded - #UD. // If CS is loaded - #UD.
if ((operand->Info.Register.Reg == REG_CS) && operand->Access.Write) if ((operand->Info.Register.Reg == NDR_CS) && operand->Access.Write)
{ {
return ND_STATUS_CS_LOAD; return ND_STATUS_CS_LOAD;
} }
@ -2225,10 +2225,10 @@ NdParseOperand(
operand->Type = ND_OP_MEM; operand->Type = ND_OP_MEM;
operand->Info.Memory.IsStack = true; operand->Info.Memory.IsStack = true;
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_RSP; operand->Info.Memory.Base = NDR_RSP;
operand->Info.Memory.BaseSize = szLut[Instrux->DefStack]; operand->Info.Memory.BaseSize = szLut[Instrux->DefStack];
operand->Info.Memory.HasSeg = true; operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = REG_SS; operand->Info.Memory.Seg = NDR_SS;
Instrux->StackWords = (uint8_t)(operand->Size / Instrux->WordLength); Instrux->StackWords = (uint8_t)(operand->Size / Instrux->WordLength);
Instrux->StackAccess |= operand->Access.Access; Instrux->StackAccess |= operand->Access.Access;
} }
@ -2414,7 +2414,7 @@ NdParseOperand(
operand->Info.Memory.DispSize = Instrux->MoffsetLength; operand->Info.Memory.DispSize = Instrux->MoffsetLength;
operand->Info.Memory.Disp = Instrux->Moffset; operand->Info.Memory.Disp = Instrux->Moffset;
operand->Info.Memory.HasSeg = true; operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS); operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
Offset = Instrux->Length; Offset = Instrux->Length;
} }
@ -2447,58 +2447,58 @@ memory:
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true; operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1; operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BX; operand->Info.Memory.Base = NDR_BX;
operand->Info.Memory.Index = REG_SI; operand->Info.Memory.Index = NDR_SI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT; operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
break; break;
case 1: case 1:
// [bx + di] // [bx + di]
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true; operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1; operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BX; operand->Info.Memory.Base = NDR_BX;
operand->Info.Memory.Index = REG_DI; operand->Info.Memory.Index = NDR_DI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT; operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
break; break;
case 2: case 2:
// [bp + si] // [bp + si]
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true; operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1; operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BP; operand->Info.Memory.Base = NDR_BP;
operand->Info.Memory.Index = REG_SI; operand->Info.Memory.Index = NDR_SI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT; operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_SS; operand->Info.Memory.Seg = NDR_SS;
break; break;
case 3: case 3:
// [bp + di] // [bp + di]
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true; operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1; operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BP; operand->Info.Memory.Base = NDR_BP;
operand->Info.Memory.Index = REG_DI; operand->Info.Memory.Index = NDR_DI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT; operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_SS; operand->Info.Memory.Seg = NDR_SS;
break; break;
case 4: case 4:
// [si] // [si]
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_SI; operand->Info.Memory.Base = NDR_SI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
break; break;
case 5: case 5:
// [di] // [di]
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_DI; operand->Info.Memory.Base = NDR_DI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
break; break;
case 6: case 6:
// [bp] // [bp]
@ -2506,22 +2506,22 @@ memory:
{ {
// If mod is not zero, than we have "[bp + displacement]". // If mod is not zero, than we have "[bp + displacement]".
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_BP; operand->Info.Memory.Base = NDR_BP;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_SS; operand->Info.Memory.Seg = NDR_SS;
} }
else else
{ {
// If mod is zero, than we only have a displacement that is used to directly address mem. // If mod is zero, than we only have a displacement that is used to directly address mem.
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
} }
break; break;
case 7: case 7:
// [bx] // [bx]
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_BX; operand->Info.Memory.Base = NDR_BX;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT; operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
break; break;
} }
@ -2535,12 +2535,12 @@ memory:
uint8_t defsize = (Instrux->AddrMode == ND_ADDR_32 ? ND_SIZE_32BIT : ND_SIZE_64BIT); uint8_t defsize = (Instrux->AddrMode == ND_ADDR_32 ? ND_SIZE_32BIT : ND_SIZE_64BIT);
// Implicit segment is DS. // Implicit segment is DS.
operand->Info.Memory.Seg = REG_DS; operand->Info.Memory.Seg = NDR_DS;
if (Instrux->HasSib) if (Instrux->HasSib)
{ {
// Check for base. // Check for base.
if ((Instrux->ModRm.mod == 0) && (Instrux->Sib.base == REG_RBP)) if ((Instrux->ModRm.mod == 0) && (Instrux->Sib.base == NDR_RBP))
{ {
// Mod is mem without displacement and base reg is RBP -> no base reg used. // Mod is mem without displacement and base reg is RBP -> no base reg used.
// Note that this addressing mode is not RIP relative. // Note that this addressing mode is not RIP relative.
@ -2551,14 +2551,14 @@ memory:
operand->Info.Memory.BaseSize = defsize; operand->Info.Memory.BaseSize = defsize;
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.b << 3) | Instrux->Sib.base); operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.b << 3) | Instrux->Sib.base);
if ((operand->Info.Memory.Base == REG_RSP) || (operand->Info.Memory.Base == REG_RBP)) if ((operand->Info.Memory.Base == NDR_RSP) || (operand->Info.Memory.Base == NDR_RBP))
{ {
operand->Info.Memory.Seg = REG_SS; operand->Info.Memory.Seg = NDR_SS;
} }
} }
// Check for index. // Check for index.
if ((((Instrux->Exs.x << 3) | Instrux->Sib.index) != REG_RSP) || ND_HAS_VSIB(Instrux)) if ((((Instrux->Exs.x << 3) | Instrux->Sib.index) != NDR_RSP) || ND_HAS_VSIB(Instrux))
{ {
// Index * Scale is present. // Index * Scale is present.
operand->Info.Memory.HasIndex = true; operand->Info.Memory.HasIndex = true;
@ -2576,7 +2576,7 @@ memory:
} }
else else
{ {
if ((Instrux->ModRm.mod == 0) && (Instrux->ModRm.rm == REG_RBP)) if ((Instrux->ModRm.mod == 0) && (Instrux->ModRm.rm == NDR_RBP))
{ {
// //
// RIP relative addressing addresses a memory region relative to the current RIP; However, // RIP relative addressing addresses a memory region relative to the current RIP; However,
@ -2599,9 +2599,9 @@ memory:
operand->Info.Memory.BaseSize = defsize; operand->Info.Memory.BaseSize = defsize;
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.b << 3) | Instrux->ModRm.rm); operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.b << 3) | Instrux->ModRm.rm);
if ((operand->Info.Memory.Base == REG_RSP) || (operand->Info.Memory.Base == REG_RBP)) if ((operand->Info.Memory.Base == NDR_RSP) || (operand->Info.Memory.Base == NDR_RBP))
{ {
operand->Info.Memory.Seg = REG_SS; operand->Info.Memory.Seg = NDR_SS;
} }
} }
} }
@ -2802,16 +2802,16 @@ memory:
operand->Info.Memory.HasBase = true; operand->Info.Memory.HasBase = true;
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode; operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.HasSeg = true; operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Base = (uint8_t)(((opt == ND_OPT_X) ? REG_RSI : REG_RDI)); operand->Info.Memory.Base = (uint8_t)(((opt == ND_OPT_X) ? NDR_RSI : NDR_RDI));
operand->Info.Memory.IsString = (ND_OPT_X == opt || ND_OPT_Y == opt); operand->Info.Memory.IsString = (ND_OPT_X == opt || ND_OPT_Y == opt);
// DS:rSI supports segment overriding. ES:rDI does not. // DS:rSI supports segment overriding. ES:rDI does not.
if (opt == ND_OPT_Y) if (opt == ND_OPT_Y)
{ {
operand->Info.Memory.Seg = REG_ES; operand->Info.Memory.Seg = NDR_ES;
} }
else else
{ {
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS); operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
} }
break; break;
@ -2823,11 +2823,11 @@ memory:
operand->Info.Memory.HasIndex = true; operand->Info.Memory.HasIndex = true;
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode; operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.IndexSize = ND_SIZE_8BIT; // Always 1 Byte. operand->Info.Memory.IndexSize = ND_SIZE_8BIT; // Always 1 Byte.
operand->Info.Memory.Base = REG_RBX; // Always rBX. operand->Info.Memory.Base = NDR_RBX; // Always rBX.
operand->Info.Memory.Index = REG_AL; // Always AL. operand->Info.Memory.Index = NDR_AL; // Always AL.
operand->Info.Memory.Scale = 1; // Always 1. operand->Info.Memory.Scale = 1; // Always 1.
operand->Info.Memory.HasSeg = true; operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS); operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
break; break;
case ND_OPT_MEM_SHS: case ND_OPT_MEM_SHS:
@ -2960,7 +2960,7 @@ memory:
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.r << 3) | Instrux->ModRm.reg); operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.r << 3) | Instrux->ModRm.reg);
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode; operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.HasSeg = true; operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = REG_ES; operand->Info.Memory.Seg = NDR_ES;
break; break;
case ND_OPT_mM: case ND_OPT_mM:
@ -2970,7 +2970,7 @@ memory:
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.m << 3) | Instrux->ModRm.rm); operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.m << 3) | Instrux->ModRm.rm);
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode; operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.HasSeg = true; operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS); operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
break; break;
case ND_OPT_rT: case ND_OPT_rT:
@ -4632,8 +4632,8 @@ NdToText(
return ND_STATUS_INVALID_INSTRUX; return ND_STATUS_INVALID_INSTRUX;
} }
if ((ND_CODE_64 != Instrux->DefCode) || (REG_FS == pOp->Info.Memory.Seg) || if ((ND_CODE_64 != Instrux->DefCode) || (NDR_FS == pOp->Info.Memory.Seg) ||
(REG_GS == pOp->Info.Memory.Seg)) (NDR_GS == pOp->Info.Memory.Seg))
{ {
res = nd_strcat_s(Buffer, BufferSize, gRegSeg[pOp->Info.Memory.Seg]); res = nd_strcat_s(Buffer, BufferSize, gRegSeg[pOp->Info.Memory.Seg]);
RET_EQ(res, NULL, ND_STATUS_BUFFER_OVERFLOW); RET_EQ(res, NULL, ND_STATUS_BUFFER_OVERFLOW);
@ -4957,8 +4957,8 @@ NdGetFullAccessMap(
if (pOp->Info.Memory.IsStack) if (pOp->Info.Memory.IsStack)
{ {
AccessMap->StackAccess |= pOp->Access.Access; AccessMap->StackAccess |= pOp->Access.Access;
AccessMap->GprAccess[REG_RSP] |= ND_ACCESS_READ|ND_ACCESS_WRITE; AccessMap->GprAccess[NDR_RSP] |= ND_ACCESS_READ|ND_ACCESS_WRITE;
AccessMap->SegAccess[REG_SS] |= ND_ACCESS_READ; AccessMap->SegAccess[NDR_SS] |= ND_ACCESS_READ;
} }
else else
{ {

1448
bddisasm/include/instructions.h
View File

File diff suppressed because it is too large Load Diff

222
bdshemu/bdshemu.c
Unescape View File

@ -321,60 +321,60 @@ ShemuSetFlags(
// PF set if the first bytes has an even number of 1 bits. // PF set if the first bytes has an even number of 1 bits.
if ((pfArr[Dst & 0xF] + pfArr[(Dst >> 4) & 0xF]) % 2 == 0) if ((pfArr[Dst & 0xF] + pfArr[(Dst >> 4) & 0xF]) % 2 == 0)
{ {
Context->Registers.RegFlags |= REG_RFLAG_PF; Context->Registers.RegFlags |= NDR_RFLAG_PF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_PF; Context->Registers.RegFlags &= ~NDR_RFLAG_PF;
} }
// ZF set if the result is zero. // ZF set if the result is zero.
if (Dst == 0) if (Dst == 0)
{ {
Context->Registers.RegFlags |= REG_RFLAG_ZF; Context->Registers.RegFlags |= NDR_RFLAG_ZF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_ZF; Context->Registers.RegFlags &= ~NDR_RFLAG_ZF;
} }
// SF is set if the sign flag is set. // SF is set if the sign flag is set.
if (ND_GET_SIGN(Size, Dst) != 0) if (ND_GET_SIGN(Size, Dst) != 0)
{ {
Context->Registers.RegFlags |= REG_RFLAG_SF; Context->Registers.RegFlags |= NDR_RFLAG_SF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_SF; Context->Registers.RegFlags &= ~NDR_RFLAG_SF;
} }
// OF and CF are handled differently for some instructions. // OF and CF are handled differently for some instructions.
if (FM_LOGIC == FlagsMode) if (FM_LOGIC == FlagsMode)
{ {
// OF and CF are cleared on logic instructions. // OF and CF are cleared on logic instructions.
Context->Registers.RegFlags &= ~(REG_RFLAG_OF | REG_RFLAG_CF); Context->Registers.RegFlags &= ~(NDR_RFLAG_OF | NDR_RFLAG_CF);
} }
else if (FM_SHL == FlagsMode) else if (FM_SHL == FlagsMode)
{ {
// CF is the last bit shifted out of the destination. // CF is the last bit shifted out of the destination.
if (ND_GET_BIT(Src1, (Size * 8) - Src2)) if (ND_GET_BIT(Src1, (Size * 8) - Src2))
{ {
Context->Registers.RegFlags |= REG_RFLAG_CF; Context->Registers.RegFlags |= NDR_RFLAG_CF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_CF; Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
} }
if (Src2 == 1) if (Src2 == 1)
{ {
if (ND_GET_BIT(Size * 8 - 1, Dst) ^ ND_GET_BIT(Src1, (Size * 8) - Src2)) if (ND_GET_BIT(Size * 8 - 1, Dst) ^ ND_GET_BIT(Src1, (Size * 8) - Src2))
{ {
Context->Registers.RegFlags |= REG_RFLAG_OF; Context->Registers.RegFlags |= NDR_RFLAG_OF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_OF; Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
} }
} }
} }
@ -383,22 +383,22 @@ ShemuSetFlags(
// CF is the last bit shifted out of the destination. // CF is the last bit shifted out of the destination.
if (ND_GET_BIT(Src1, Src2 - 1)) if (ND_GET_BIT(Src1, Src2 - 1))
{ {
Context->Registers.RegFlags |= REG_RFLAG_CF; Context->Registers.RegFlags |= NDR_RFLAG_CF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_CF; Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
} }
if (Src2 == 1) if (Src2 == 1)
{ {
if (ND_GET_BIT(Size * 8 - 1, Dst)) if (ND_GET_BIT(Size * 8 - 1, Dst))
{ {
Context->Registers.RegFlags |= REG_RFLAG_OF; Context->Registers.RegFlags |= NDR_RFLAG_OF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_OF; Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
} }
} }
} }
@ -407,29 +407,29 @@ ShemuSetFlags(
// CF is the last bit shifted out of the destination. // CF is the last bit shifted out of the destination.
if (ND_GET_BIT(Src1, Src2 - 1)) if (ND_GET_BIT(Src1, Src2 - 1))
{ {
Context->Registers.RegFlags |= REG_RFLAG_CF; Context->Registers.RegFlags |= NDR_RFLAG_CF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_CF; Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
} }
Context->Registers.RegFlags &= ~REG_RFLAG_OF; Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
} }
else else
{ {
// Set CF. // Set CF.
if ((FM_SUB == FlagsMode) && (Src1 < Src2)) if ((FM_SUB == FlagsMode) && (Src1 < Src2))
{ {
Context->Registers.RegFlags |= REG_RFLAG_CF; Context->Registers.RegFlags |= NDR_RFLAG_CF;
} }
else if ((FM_ADD == FlagsMode) && (Dst < Src1)) else if ((FM_ADD == FlagsMode) && (Dst < Src1))
{ {
Context->Registers.RegFlags |= REG_RFLAG_CF; Context->Registers.RegFlags |= NDR_RFLAG_CF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_CF; Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
} }
// Set OF. // Set OF.
@ -438,11 +438,11 @@ ShemuSetFlags(
if ((ND_GET_SIGN(Size, Src1) && !ND_GET_SIGN(Size, Src2) && !ND_GET_SIGN(Size, Dst)) || if ((ND_GET_SIGN(Size, Src1) && !ND_GET_SIGN(Size, Src2) && !ND_GET_SIGN(Size, Dst)) ||
(!ND_GET_SIGN(Size, Src1) && ND_GET_SIGN(Size, Src2) && ND_GET_SIGN(Size, Dst))) (!ND_GET_SIGN(Size, Src1) && ND_GET_SIGN(Size, Src2) && ND_GET_SIGN(Size, Dst)))
{ {
Context->Registers.RegFlags |= REG_RFLAG_OF; Context->Registers.RegFlags |= NDR_RFLAG_OF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_OF; Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
} }
} }
else if (FM_ADD == FlagsMode) else if (FM_ADD == FlagsMode)
@ -450,11 +450,11 @@ ShemuSetFlags(
if (ND_GET_SIGN(Size, Src1) == ND_GET_SIGN(Size, Src2) && if (ND_GET_SIGN(Size, Src1) == ND_GET_SIGN(Size, Src2) &&
ND_GET_SIGN(Size, Src1) != ND_GET_SIGN(Size, Dst)) ND_GET_SIGN(Size, Src1) != ND_GET_SIGN(Size, Dst))
{ {
Context->Registers.RegFlags |= REG_RFLAG_OF; Context->Registers.RegFlags |= NDR_RFLAG_OF;
} }
else else
{ {
Context->Registers.RegFlags &= ~REG_RFLAG_OF; Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
} }
} }
} }
@ -473,99 +473,99 @@ ShemuEvalCondition(
switch (ConditionCode) switch (ConditionCode)
{ {
case ND_COND_OVERFLOW: // O case ND_COND_OVERFLOW: // O
if (GET_FLAG(Context, REG_RFLAG_OF) == 1) if (GET_FLAG(Context, NDR_RFLAG_OF) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_OVERFLOW): // NO case ND_COND_NOT(ND_COND_OVERFLOW): // NO
if (GET_FLAG(Context, REG_RFLAG_OF) == 0) if (GET_FLAG(Context, NDR_RFLAG_OF) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_CARRY: // C/B/NAE case ND_COND_CARRY: // C/B/NAE
if (GET_FLAG(Context, REG_RFLAG_CF) == 1) if (GET_FLAG(Context, NDR_RFLAG_CF) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_CARRY): // NC/NB/AE case ND_COND_NOT(ND_COND_CARRY): // NC/NB/AE
if (GET_FLAG(Context, REG_RFLAG_CF) == 0) if (GET_FLAG(Context, NDR_RFLAG_CF) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_ZERO: // E/Z case ND_COND_ZERO: // E/Z
if (GET_FLAG(Context, REG_RFLAG_ZF) == 1) if (GET_FLAG(Context, NDR_RFLAG_ZF) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_ZERO): // NE/NZ case ND_COND_NOT(ND_COND_ZERO): // NE/NZ
if (GET_FLAG(Context, REG_RFLAG_ZF) == 0) if (GET_FLAG(Context, NDR_RFLAG_ZF) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_BELOW_OR_EQUAL: // BE/NA case ND_COND_BELOW_OR_EQUAL: // BE/NA
if ((GET_FLAG(Context, REG_RFLAG_CF) | (GET_FLAG(Context, REG_RFLAG_ZF))) == 1) if ((GET_FLAG(Context, NDR_RFLAG_CF) | (GET_FLAG(Context, NDR_RFLAG_ZF))) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_BELOW_OR_EQUAL): // A/NBE case ND_COND_NOT(ND_COND_BELOW_OR_EQUAL): // A/NBE
if ((GET_FLAG(Context, REG_RFLAG_CF) | (GET_FLAG(Context, REG_RFLAG_ZF))) == 0) if ((GET_FLAG(Context, NDR_RFLAG_CF) | (GET_FLAG(Context, NDR_RFLAG_ZF))) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_SIGN: // S case ND_COND_SIGN: // S
if (GET_FLAG(Context, REG_RFLAG_SF) == 1) if (GET_FLAG(Context, NDR_RFLAG_SF) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_SIGN): // NS case ND_COND_NOT(ND_COND_SIGN): // NS
if (GET_FLAG(Context, REG_RFLAG_SF) == 0) if (GET_FLAG(Context, NDR_RFLAG_SF) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_PARITY: // P case ND_COND_PARITY: // P
if (GET_FLAG(Context, REG_RFLAG_PF) == 1) if (GET_FLAG(Context, NDR_RFLAG_PF) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_PARITY): // NP case ND_COND_NOT(ND_COND_PARITY): // NP
if (GET_FLAG(Context, REG_RFLAG_PF) == 0) if (GET_FLAG(Context, NDR_RFLAG_PF) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_LESS: // L/NGE case ND_COND_LESS: // L/NGE
if ((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) == 1) if ((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_LESS): // NL/GE case ND_COND_NOT(ND_COND_LESS): // NL/GE
if ((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) == 0) if ((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) == 0)
{ {
return true; return true;
} }
break; break;
case ND_COND_LESS_OR_EQUAL: // LE/NG case ND_COND_LESS_OR_EQUAL: // LE/NG
if (((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) | if (((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) |
(GET_FLAG(Context, REG_RFLAG_ZF))) == 1) (GET_FLAG(Context, NDR_RFLAG_ZF))) == 1)
{ {
return true; return true;
} }
break; break;
case ND_COND_NOT(ND_COND_LESS_OR_EQUAL): // NLE/G case ND_COND_NOT(ND_COND_LESS_OR_EQUAL): // NLE/G
if (((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) | if (((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) |
(GET_FLAG(Context, REG_RFLAG_ZF))) == 0) (GET_FLAG(Context, NDR_RFLAG_ZF))) == 0)
{ {
return true; return true;
} }
@ -696,17 +696,17 @@ ShemuGetSegValue(
{ {
switch (Reg) switch (Reg)
{ {
case REG_ES: case NDR_ES:
return Context->Segments.Es.Selector; return Context->Segments.Es.Selector;
case REG_CS: case NDR_CS:
return Context->Segments.Cs.Selector; return Context->Segments.Cs.Selector;
case REG_SS: case NDR_SS:
return Context->Segments.Ss.Selector; return Context->Segments.Ss.Selector;
case REG_DS: case NDR_DS:
return Context->Segments.Ds.Selector; return Context->Segments.Ds.Selector;
case REG_FS: case NDR_FS:
return Context->Segments.Fs.Selector; return Context->Segments.Fs.Selector;
case REG_GS: case NDR_GS:
return Context->Segments.Gs.Selector; return Context->Segments.Gs.Selector;
} }
@ -726,22 +726,22 @@ ShemuSetSegValue(
{ {
switch (Reg) switch (Reg)
{ {
case REG_ES: case NDR_ES:
Context->Segments.Es.Selector = Value; Context->Segments.Es.Selector = Value;
break; break;
case REG_CS: case NDR_CS:
Context->Segments.Cs.Selector = Value; Context->Segments.Cs.Selector = Value;
break; break;
case REG_SS: case NDR_SS:
Context->Segments.Ss.Selector = Value; Context->Segments.Ss.Selector = Value;
break; break;
case REG_DS: case NDR_DS:
Context->Segments.Ds.Selector = Value; Context->Segments.Ds.Selector = Value;
break; break;
case REG_FS: case NDR_FS:
Context->Segments.Fs.Selector = Value; Context->Segments.Fs.Selector = Value;
break; break;
case REG_GS: case NDR_GS:
Context->Segments.Gs.Selector = Value; Context->Segments.Gs.Selector = Value;
break; break;
} }
@ -759,17 +759,17 @@ ShemuGetSegBase(
{ {
switch (Reg) switch (Reg)
{ {
case REG_ES: case NDR_ES:
return Context->Segments.Es.Base; return Context->Segments.Es.Base;
case REG_CS: case NDR_CS:
return Context->Segments.Cs.Base; return Context->Segments.Cs.Base;
case REG_SS: case NDR_SS:
return Context->Segments.Ss.Base; return Context->Segments.Ss.Base;
case REG_DS: case NDR_DS:
return Context->Segments.Ds.Base; return Context->Segments.Ds.Base;
case REG_FS: case NDR_FS:
return Context->Segments.Fs.Base; return Context->Segments.Fs.Base;
case REG_GS: case NDR_GS:
return Context->Segments.Gs.Base; return Context->Segments.Gs.Base;
} }
@ -1084,19 +1084,19 @@ ShemuGetOperandValue(
case ND_REG_CR: case ND_REG_CR:
switch (op->Info.Register.Reg) switch (op->Info.Register.Reg)
{ {
case REG_CR0: case NDR_CR0:
Value->Value.Qwords[0] = Context->Registers.RegCr0; Value->Value.Qwords[0] = Context->Registers.RegCr0;
break; break;
case REG_CR2: case NDR_CR2:
Value->Value.Qwords[0] = Context->Registers.RegCr2; Value->Value.Qwords[0] = Context->Registers.RegCr2;
break; break;
case REG_CR3: case NDR_CR3:
Value->Value.Qwords[0] = Context->Registers.RegCr3; Value->Value.Qwords[0] = Context->Registers.RegCr3;
break; break;
case REG_CR4: case NDR_CR4:
Value->Value.Qwords[0] = Context->Registers.RegCr4; Value->Value.Qwords[0] = Context->Registers.RegCr4;
break; break;
case REG_CR8: case NDR_CR8:
Value->Value.Qwords[0] = Context->Registers.RegCr8; Value->Value.Qwords[0] = Context->Registers.RegCr8;
break; break;
default: default:
@ -1163,11 +1163,11 @@ ShemuGetOperandValue(
// If this is a stack access, we need to update the stack pointer. // If this is a stack access, we need to update the stack pointer.
if (op->Info.Memory.IsStack) if (op->Info.Memory.IsStack)
{ {
uint64_t regval = ShemuGetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), false); uint64_t regval = ShemuGetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), false);
regval += op->Size; regval += op->Size;
ShemuSetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), regval, false); ShemuSetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), regval, false);
} }
// If this is a string operation, make sure we update RSI/RDI. // If this is a string operation, make sure we update RSI/RDI.
@ -1175,7 +1175,7 @@ ShemuGetOperandValue(
{ {
uint64_t regval = ShemuGetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, false); uint64_t regval = ShemuGetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, false);
regval = GET_FLAG(Context, REG_RFLAG_DF) ? regval - op->Size : regval + op->Size; regval = GET_FLAG(Context, NDR_RFLAG_DF) ? regval - op->Size : regval + op->Size;
ShemuSetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, regval, false); ShemuSetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, regval, false);
} }
@ -1260,19 +1260,19 @@ ShemuSetOperandValue(
case ND_REG_CR: case ND_REG_CR:
switch (op->Info.Register.Reg) switch (op->Info.Register.Reg)
{ {
case REG_CR0: case NDR_CR0:
Context->Registers.RegCr0 = Value->Value.Qwords[0]; Context->Registers.RegCr0 = Value->Value.Qwords[0];
break; break;
case REG_CR2: case NDR_CR2:
Context->Registers.RegCr2 = Value->Value.Qwords[0]; Context->Registers.RegCr2 = Value->Value.Qwords[0];
break; break;
case REG_CR3: case NDR_CR3:
Context->Registers.RegCr3 = Value->Value.Qwords[0]; Context->Registers.RegCr3 = Value->Value.Qwords[0];
break; break;
case REG_CR4: case NDR_CR4:
Context->Registers.RegCr4 = Value->Value.Qwords[0]; Context->Registers.RegCr4 = Value->Value.Qwords[0];
break; break;
case REG_CR8: case NDR_CR8:
Context->Registers.RegCr8 = Value->Value.Qwords[0]; Context->Registers.RegCr8 = Value->Value.Qwords[0];
break; break;
default: default:
@ -1359,11 +1359,11 @@ ShemuSetOperandValue(
// If this is a stack access, we need to update the stack pointer. // If this is a stack access, we need to update the stack pointer.
if (op->Info.Memory.IsStack) if (op->Info.Memory.IsStack)
{ {
uint64_t regval = ShemuGetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), false); uint64_t regval = ShemuGetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), false);
regval -= op->Size; regval -= op->Size;
ShemuSetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), regval, false); ShemuSetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), regval, false);
} }
// If this is a string operation, make sure we update RSI/RDI. // If this is a string operation, make sure we update RSI/RDI.
@ -1371,7 +1371,7 @@ ShemuSetOperandValue(
{ {
uint64_t regval = ShemuGetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, false); uint64_t regval = ShemuGetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, false);
regval = GET_FLAG(Context, REG_RFLAG_DF) ? regval - op->Size : regval + op->Size; regval = GET_FLAG(Context, NDR_RFLAG_DF) ? regval - op->Size : regval + op->Size;
ShemuSetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, regval, false); ShemuSetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, regval, false);
} }
@ -1660,12 +1660,12 @@ ShemuEmulate(
{ {
GET_OP(Context, 1, &src); GET_OP(Context, 1, &src);
SET_OP(Context, 0, &src); SET_OP(Context, 0, &src);
SET_FLAG(Context, REG_RFLAG_ZF, 1); SET_FLAG(Context, NDR_RFLAG_ZF, 1);
} }
else else
{ {
SET_OP(Context, 2, &dst); SET_OP(Context, 2, &dst);
SET_FLAG(Context, REG_RFLAG_ZF, 0); SET_FLAG(Context, NDR_RFLAG_ZF, 0);
} }
break; break;
@ -1676,7 +1676,7 @@ ShemuEmulate(
if (ND_INS_ADC == Context->Instruction.Instruction) if (ND_INS_ADC == Context->Instruction.Instruction)
{ {
src.Value.Qwords[0] += GET_FLAG(Context, REG_RFLAG_CF); src.Value.Qwords[0] += GET_FLAG(Context, NDR_RFLAG_CF);
} }
res.Size = src.Size; res.Size = src.Size;
@ -1695,7 +1695,7 @@ ShemuEmulate(
if (ND_INS_SBB == Context->Instruction.Instruction) if (ND_INS_SBB == Context->Instruction.Instruction)
{ {
src.Value.Qwords[0] += GET_FLAG(Context, REG_RFLAG_CF); src.Value.Qwords[0] += GET_FLAG(Context, NDR_RFLAG_CF);
} }
res.Size = src.Size; res.Size = src.Size;
@ -1864,31 +1864,31 @@ ShemuEmulate(
while (tempcnt != 0) while (tempcnt != 0)
{ {
tempCF = ND_MSB(dst.Size, dst.Value.Qwords[0]); tempCF = ND_MSB(dst.Size, dst.Value.Qwords[0]);
dst.Value.Qwords[0] = (dst.Value.Qwords[0] << 1) + GET_FLAG(Context, REG_RFLAG_CF); dst.Value.Qwords[0] = (dst.Value.Qwords[0] << 1) + GET_FLAG(Context, NDR_RFLAG_CF);
SET_FLAG(Context, REG_RFLAG_CF, tempCF); SET_FLAG(Context, NDR_RFLAG_CF, tempCF);
tempcnt--; tempcnt--;
} }
if ((cnt & cntmask) == 1) if ((cnt & cntmask) == 1)
{ {
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, REG_RFLAG_CF)); GET_FLAG(Context, NDR_RFLAG_CF));
} }
} }
else if (ND_INS_RCR == Context->Instruction.Instruction) else if (ND_INS_RCR == Context->Instruction.Instruction)
{ {
if ((cnt & cntmask) == 1) if ((cnt & cntmask) == 1)
{ {
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, REG_RFLAG_CF)); GET_FLAG(Context, NDR_RFLAG_CF));
} }
while (tempcnt != 0) while (tempcnt != 0)
{ {
tempCF = ND_LSB(dst.Size, dst.Value.Qwords[0]); tempCF = ND_LSB(dst.Size, dst.Value.Qwords[0]);
dst.Value.Qwords[0] = (dst.Value.Qwords[0] >> 1) + dst.Value.Qwords[0] = (dst.Value.Qwords[0] >> 1) +
((uint64_t)GET_FLAG(Context, REG_RFLAG_CF) << (dst.Size * 8 - 1)); ((uint64_t)GET_FLAG(Context, NDR_RFLAG_CF) << (dst.Size * 8 - 1));
SET_FLAG(Context, REG_RFLAG_CF, tempCF); SET_FLAG(Context, NDR_RFLAG_CF, tempCF);
tempcnt--; tempcnt--;
} }
} }
@ -1903,13 +1903,13 @@ ShemuEmulate(
if ((cnt & cntmask) != 0) if ((cnt & cntmask) != 0)
{ {
SET_FLAG(Context, REG_RFLAG_CF, dst.Value.Qwords[0] & 1); SET_FLAG(Context, NDR_RFLAG_CF, dst.Value.Qwords[0] & 1);
} }
if ((cnt & cntmask) == 1) if ((cnt & cntmask) == 1)
{ {
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, REG_RFLAG_CF)); GET_FLAG(Context, NDR_RFLAG_CF));
} }
} }
else // ND_INS_ROR else // ND_INS_ROR
@ -1923,12 +1923,12 @@ ShemuEmulate(
if ((cnt & cntmask) != 0) if ((cnt & cntmask) != 0)
{ {
SET_FLAG(Context, REG_RFLAG_CF, ND_MSB(dst.Size, dst.Value.Qwords[0])); SET_FLAG(Context, NDR_RFLAG_CF, ND_MSB(dst.Size, dst.Value.Qwords[0]));
} }
if ((cnt & cntmask) == 1) if ((cnt & cntmask) == 1)
{ {
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ tempCF); SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ tempCF);
} }
} }
@ -1988,7 +1988,7 @@ ShemuEmulate(
src.Value.Qwords[0] %= dst.Size * 8; src.Value.Qwords[0] %= dst.Size * 8;
// Store the bit inside CF. // Store the bit inside CF.
SET_FLAG(Context, REG_RFLAG_CF, (dst.Value.Qwords[0] >> src.Value.Qwords[0]) & 1); SET_FLAG(Context, NDR_RFLAG_CF, (dst.Value.Qwords[0] >> src.Value.Qwords[0]) & 1);
if (ND_INS_BTS == Context->Instruction.Instruction) if (ND_INS_BTS == Context->Instruction.Instruction)
{ {
@ -2041,8 +2041,8 @@ ShemuEmulate(
SET_OP(Context, 1, &rcx); SET_OP(Context, 1, &rcx);
if (rcx.Value.Qwords[0] > 0) if (rcx.Value.Qwords[0] > 0)
{ {
if (((ND_INS_LOOPNZ == Context->Instruction.Instruction) && (0 == GET_FLAG(Context, REG_RFLAG_ZF))) || if (((ND_INS_LOOPNZ == Context->Instruction.Instruction) && (0 == GET_FLAG(Context, NDR_RFLAG_ZF))) ||
((ND_INS_LOOPZ == Context->Instruction.Instruction) && (0 != GET_FLAG(Context, REG_RFLAG_ZF))) || ((ND_INS_LOOPZ == Context->Instruction.Instruction) && (0 != GET_FLAG(Context, NDR_RFLAG_ZF))) ||
(ND_INS_LOOP == Context->Instruction.Instruction)) (ND_INS_LOOP == Context->Instruction.Instruction))
{ {
// Modify the RIP if the branch is taken. // Modify the RIP if the branch is taken.
@ -2156,12 +2156,12 @@ ShemuEmulate(
rcx.Value.Qwords[0]--; rcx.Value.Qwords[0]--;
SET_OP(Context, 2, &rcx); SET_OP(Context, 2, &rcx);
if (Context->Instruction.HasRepRepzXrelease && !GET_FLAG(Context, REG_RFLAG_ZF)) if (Context->Instruction.HasRepRepzXrelease && !GET_FLAG(Context, NDR_RFLAG_ZF))
{ {
break; break;
} }
if (Context->Instruction.HasRepnzXacquireBnd && GET_FLAG(Context, REG_RFLAG_ZF)) if (Context->Instruction.HasRepnzXacquireBnd && GET_FLAG(Context, NDR_RFLAG_ZF))
{ {
break; break;
} }
@ -2287,8 +2287,8 @@ ShemuEmulate(
break; break;
} }
SET_FLAG(Context, REG_RFLAG_CF, cfof); SET_FLAG(Context, NDR_RFLAG_CF, cfof);
SET_FLAG(Context, REG_RFLAG_OF, cfof); SET_FLAG(Context, NDR_RFLAG_OF, cfof);
} }
else else
{ {
@ -2318,8 +2318,8 @@ ShemuEmulate(
break; break;
} }
SET_FLAG(Context, REG_RFLAG_CF, cfof); SET_FLAG(Context, NDR_RFLAG_CF, cfof);
SET_FLAG(Context, REG_RFLAG_OF, cfof); SET_FLAG(Context, NDR_RFLAG_OF, cfof);
} }
break; break;
@ -2416,23 +2416,23 @@ ShemuEmulate(
break; break;
case ND_INS_CLD: case ND_INS_CLD:
SET_FLAG(Context, REG_RFLAG_DF, 0); SET_FLAG(Context, NDR_RFLAG_DF, 0);
break; break;
case ND_INS_STD: case ND_INS_STD:
SET_FLAG(Context, REG_RFLAG_DF, 1); SET_FLAG(Context, NDR_RFLAG_DF, 1);
break; break;
case ND_INS_CLC: case ND_INS_CLC:
SET_FLAG(Context, REG_RFLAG_CF, 0); SET_FLAG(Context, NDR_RFLAG_CF, 0);
break; break;
case ND_INS_STC: case ND_INS_STC:
SET_FLAG(Context, REG_RFLAG_CF, 1); SET_FLAG(Context, NDR_RFLAG_CF, 1);
break; break;
case ND_INS_CMC: case ND_INS_CMC:
Context->Registers.RegFlags ^= REG_RFLAG_CF; Context->Registers.RegFlags ^= NDR_RFLAG_CF;
break; break;
case ND_INS_STI: case ND_INS_STI:
@ -2441,7 +2441,7 @@ ShemuEmulate(
return SHEMU_ABORT_NO_PRIVILEGE; return SHEMU_ABORT_NO_PRIVILEGE;
} }
SET_FLAG(Context, REG_RFLAG_IF, 1); SET_FLAG(Context, NDR_RFLAG_IF, 1);
break; break;
case ND_INS_CLI: case ND_INS_CLI:
@ -2450,7 +2450,7 @@ ShemuEmulate(
return SHEMU_ABORT_NO_PRIVILEGE; return SHEMU_ABORT_NO_PRIVILEGE;
} }
SET_FLAG(Context, REG_RFLAG_IF, 0); SET_FLAG(Context, NDR_RFLAG_IF, 0);
break; break;
case ND_INS_SAHF: case ND_INS_SAHF:
@ -2471,7 +2471,7 @@ ShemuEmulate(
break; break;
case ND_INS_SALC: case ND_INS_SALC:
if (GET_FLAG(Context, REG_RFLAG_CF)) if (GET_FLAG(Context, NDR_RFLAG_CF))
{ {
*((uint8_t *)&Context->Registers.RegRax) = 0xFF; *((uint8_t *)&Context->Registers.RegRax) = 0xFF;
} }

4
disasmtool/disasmtool.c
Unescape View File

@ -34,7 +34,7 @@ typedef struct _DISASM_OPTIONS
uint8_t Ring; // Ring - 0, 1, 2 or 3. uint8_t Ring; // Ring - 0, 1, 2 or 3.
uint8_t Vendor; // Proffered vendor. uint8_t Vendor; // Proffered vendor.
char *FileName; // Input file, if any. char *FileName; // Input file, if any.
size_t ShemuRegs[REG_R15 + 1]; size_t ShemuRegs[NDR_R15 + 1];
BOOLEAN UseShemuRegs; BOOLEAN UseShemuRegs;
} DISASM_OPTIONS, *PDISASM_OPTIONS; } DISASM_OPTIONS, *PDISASM_OPTIONS;
@ -1439,7 +1439,7 @@ handle_shemu(
ctx.Registers.RegRsp = 0x101000; ctx.Registers.RegRsp = 0x101000;
ctx.IntbufSize = (DWORD)shellSize + STACK_SIZE; ctx.IntbufSize = (DWORD)shellSize + STACK_SIZE;
ctx.Registers.RegFlags = REG_RFLAG_IF | 2; ctx.Registers.RegFlags = NDR_RFLAG_IF | 2;
ctx.Registers.RegRip = ctx.ShellcodeBase + offset; ctx.Registers.RegRip = ctx.ShellcodeBase + offset;
ctx.Segments.Cs.Selector = 0x10; ctx.Segments.Cs.Selector = 0x10;

48
disasmtool_lix/dumpers.cpp
Unescape View File

@ -1764,36 +1764,36 @@ std::string reg_to_str(const int reg, const ND_REG_TYPE type)
case ND_REG_GPR: case ND_REG_GPR:
switch (reg) { switch (reg) {
case REG_RAX: return "rax"; case NDR_RAX: return "rax";
case REG_RCX: return "rcx"; case NDR_RCX: return "rcx";
case REG_RDX: return "rdx"; case NDR_RDX: return "rdx";
case REG_RBX: return "rbx"; case NDR_RBX: return "rbx";
case REG_RSP: return "rsp"; case NDR_RSP: return "rsp";
case REG_RBP: return "rbp"; case NDR_RBP: return "rbp";
case REG_RSI: return "rsi"; case NDR_RSI: return "rsi";
case REG_RDI: return "rdi"; case NDR_RDI: return "rdi";
case REG_R8: return "r8"; case NDR_R8: return "r8";
case REG_R9: return "r9"; case NDR_R9: return "r9";
case REG_R10: return "r10"; case NDR_R10: return "r10";
case REG_R11: return "r11"; case NDR_R11: return "r11";
case REG_R12: return "r12"; case NDR_R12: return "r12";
case REG_R13: return "r13"; case NDR_R13: return "r13";
case REG_R14: return "r14"; case NDR_R14: return "r14";
case REG_R15: return "r15"; case NDR_R15: return "r15";
} }
return "<u>"; return "<u>";
case ND_REG_SEG: case ND_REG_SEG:
switch (reg) { switch (reg) {
case REG_ES: return "es"; case NDR_ES: return "es";
case REG_CS: return "cs"; case NDR_CS: return "cs";
case REG_SS: return "ss"; case NDR_SS: return "ss";
case REG_DS: return "ds"; case NDR_DS: return "ds";
case REG_FS: return "fs"; case NDR_FS: return "fs";
case REG_GS: return "gs"; case NDR_GS: return "gs";
case REG_INV6: return "inv6"; case NDR_INV6: return "inv6";
case REG_INV7: return "inv7"; case NDR_INV7: return "inv7";
} }
return "<u>"; return "<u>";

194
inc/cpuidflags.h
Unescape View File

@ -7,102 +7,102 @@
#define ND_CFF(leaf, subleaf, reg, bit) ((uint64_t)(leaf) | ((uint64_t)((subleaf) & 0xFFFFFF) << 32) | ((uint64_t)(reg) << 56) | ((uint64_t)(bit) << 59)) #define ND_CFF(leaf, subleaf, reg, bit) ((uint64_t)(leaf) | ((uint64_t)((subleaf) & 0xFFFFFF) << 32) | ((uint64_t)(reg) << 56) | ((uint64_t)(bit) << 59))
#define ND_CFF_FPU ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 0) #define ND_CFF_FPU ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 0)
#define ND_CFF_MSR ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 5) #define ND_CFF_MSR ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 5)
#define ND_CFF_CX8 ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 8) #define ND_CFF_CX8 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 8)
#define ND_CFF_SEP ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 11) #define ND_CFF_SEP ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 11)
#define ND_CFF_CMOV ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 15) #define ND_CFF_CMOV ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 15)
#define ND_CFF_CLFSH ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 19) #define ND_CFF_CLFSH ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 19)
#define ND_CFF_MMX ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 23) #define ND_CFF_MMX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 23)
#define ND_CFF_FXSAVE ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 24) #define ND_CFF_FXSAVE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 24)
#define ND_CFF_SSE ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 25) #define ND_CFF_SSE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 25)
#define ND_CFF_SSE2 ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 26) #define ND_CFF_SSE2 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 26)
#define ND_CFF_SSE3 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 0) #define ND_CFF_SSE3 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 0)
#define ND_CFF_PCLMULQDQ ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 1) #define ND_CFF_PCLMULQDQ ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 1)
#define ND_CFF_MONITOR ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 3) #define ND_CFF_MONITOR ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 3)
#define ND_CFF_VTX ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 5) #define ND_CFF_VTX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 5)
#define ND_CFF_SMX ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 6) #define ND_CFF_SMX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 6)
#define ND_CFF_SSSE3 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 9) #define ND_CFF_SSSE3 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 9)
#define ND_CFF_FMA ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 12) #define ND_CFF_FMA ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 12)
#define ND_CFF_SSE4 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 19) #define ND_CFF_SSE4 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 19)
#define ND_CFF_SSE42 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 20) #define ND_CFF_SSE42 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 20)
#define ND_CFF_MOVBE ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 22) #define ND_CFF_MOVBE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 22)
#define ND_CFF_POPCNT ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 23) #define ND_CFF_POPCNT ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 23)
#define ND_CFF_AES ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 25) #define ND_CFF_AES ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 25)
#define ND_CFF_XSAVE ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 26) #define ND_CFF_XSAVE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 26)
#define ND_CFF_AVX ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 28) #define ND_CFF_AVX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 28)
#define ND_CFF_F16C ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 29) #define ND_CFF_F16C ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 29)
#define ND_CFF_RDRAND ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 30) #define ND_CFF_RDRAND ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 30)
#define ND_CFF_RDWRFSGS ND_CFF(0x00000007, 0x00000000, REG_EBX, 0) #define ND_CFF_RDWRFSGS ND_CFF(0x00000007, 0x00000000, NDR_EBX, 0)
#define ND_CFF_SGX ND_CFF(0x00000007, 0x00000000, REG_EBX, 2) #define ND_CFF_SGX ND_CFF(0x00000007, 0x00000000, NDR_EBX, 2)
#define ND_CFF_BMI1 ND_CFF(0x00000007, 0x00000000, REG_EBX, 3) #define ND_CFF_BMI1 ND_CFF(0x00000007, 0x00000000, NDR_EBX, 3)
#define ND_CFF_HLE ND_CFF(0x00000007, 0x00000000, REG_EBX, 4) #define ND_CFF_HLE ND_CFF(0x00000007, 0x00000000, NDR_EBX, 4)
#define ND_CFF_AVX2 ND_CFF(0x00000007, 0x00000000, REG_EBX, 5) #define ND_CFF_AVX2 ND_CFF(0x00000007, 0x00000000, NDR_EBX, 5)
#define ND_CFF_BMI2 ND_CFF(0x00000007, 0x00000000, REG_EBX, 8) #define ND_CFF_BMI2 ND_CFF(0x00000007, 0x00000000, NDR_EBX, 8)
#define ND_CFF_INVPCID ND_CFF(0x00000007, 0x00000000, REG_EBX, 10) #define ND_CFF_INVPCID ND_CFF(0x00000007, 0x00000000, NDR_EBX, 10)
#define ND_CFF_RTM ND_CFF(0x00000007, 0x00000000, REG_EBX, 11) #define ND_CFF_RTM ND_CFF(0x00000007, 0x00000000, NDR_EBX, 11)
#define ND_CFF_MPX ND_CFF(0x00000007, 0x00000000, REG_EBX, 14) #define ND_CFF_MPX ND_CFF(0x00000007, 0x00000000, NDR_EBX, 14)
#define ND_CFF_AVX512F ND_CFF(0x00000007, 0x00000000, REG_EBX, 16) #define ND_CFF_AVX512F ND_CFF(0x00000007, 0x00000000, NDR_EBX, 16)
#define ND_CFF_AVX512DQ ND_CFF(0x00000007, 0x00000000, REG_EBX, 17) #define ND_CFF_AVX512DQ ND_CFF(0x00000007, 0x00000000, NDR_EBX, 17)
#define ND_CFF_RDSEED ND_CFF(0x00000007, 0x00000000, REG_EBX, 18) #define ND_CFF_RDSEED ND_CFF(0x00000007, 0x00000000, NDR_EBX, 18)
#define ND_CFF_ADX ND_CFF(0x00000007, 0x00000000, REG_EBX, 19) #define ND_CFF_ADX ND_CFF(0x00000007, 0x00000000, NDR_EBX, 19)
#define ND_CFF_SMAP ND_CFF(0x00000007, 0x00000000, REG_EBX, 20) #define ND_CFF_SMAP ND_CFF(0x00000007, 0x00000000, NDR_EBX, 20)
#define ND_CFF_AVX512IFMA ND_CFF(0x00000007, 0x00000000, REG_EBX, 21) #define ND_CFF_AVX512IFMA ND_CFF(0x00000007, 0x00000000, NDR_EBX, 21)
#define ND_CFF_PCOMMIT ND_CFF(0x00000007, 0x00000000, REG_EBX, 22) #define ND_CFF_PCOMMIT ND_CFF(0x00000007, 0x00000000, NDR_EBX, 22)
#define ND_CFF_CLFSHOPT ND_CFF(0x00000007, 0x00000000, REG_EBX, 23) #define ND_CFF_CLFSHOPT ND_CFF(0x00000007, 0x00000000, NDR_EBX, 23)
#define ND_CFF_CLWB ND_CFF(0x00000007, 0x00000000, REG_EBX, 24) #define ND_CFF_CLWB ND_CFF(0x00000007, 0x00000000, NDR_EBX, 24)
#define ND_CFF_AVX512PF ND_CFF(0x00000007, 0x00000000, REG_EBX, 26) #define ND_CFF_AVX512PF ND_CFF(0x00000007, 0x00000000, NDR_EBX, 26)
#define ND_CFF_AVX512ER ND_CFF(0x00000007, 0x00000000, REG_EBX, 27) #define ND_CFF_AVX512ER ND_CFF(0x00000007, 0x00000000, NDR_EBX, 27)
#define ND_CFF_AVX512CD ND_CFF(0x00000007, 0x00000000, REG_EBX, 28) #define ND_CFF_AVX512CD ND_CFF(0x00000007, 0x00000000, NDR_EBX, 28)
#define ND_CFF_SHA ND_CFF(0x00000007, 0x00000000, REG_EBX, 29) #define ND_CFF_SHA ND_CFF(0x00000007, 0x00000000, NDR_EBX, 29)
#define ND_CFF_AVX512BW ND_CFF(0x00000007, 0x00000000, REG_EBX, 30) #define ND_CFF_AVX512BW ND_CFF(0x00000007, 0x00000000, NDR_EBX, 30)
#define ND_CFF_PREFETCHWT1 ND_CFF(0x00000007, 0x00000000, REG_ECX, 0) #define ND_CFF_PREFETCHWT1 ND_CFF(0x00000007, 0x00000000, NDR_ECX, 0)
#define ND_CFF_AVX512VBMI ND_CFF(0x00000007, 0x00000000, REG_ECX, 1) #define ND_CFF_AVX512VBMI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 1)
#define ND_CFF_PKU ND_CFF(0x00000007, 0x00000000, REG_ECX, 3) #define ND_CFF_PKU ND_CFF(0x00000007, 0x00000000, NDR_ECX, 3)
#define ND_CFF_WAITPKG ND_CFF(0x00000007, 0x00000000, REG_ECX, 5) #define ND_CFF_WAITPKG ND_CFF(0x00000007, 0x00000000, NDR_ECX, 5)
#define ND_CFF_AVX512VBMI2 ND_CFF(0x00000007, 0x00000000, REG_ECX, 6) #define ND_CFF_AVX512VBMI2 ND_CFF(0x00000007, 0x00000000, NDR_ECX, 6)
#define ND_CFF_CET_SS ND_CFF(0x00000007, 0x00000000, REG_ECX, 7) #define ND_CFF_CET_SS ND_CFF(0x00000007, 0x00000000, NDR_ECX, 7)
#define ND_CFF_GFNI ND_CFF(0x00000007, 0x00000000, REG_ECX, 8) #define ND_CFF_GFNI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 8)
#define ND_CFF_VAES ND_CFF(0x00000007, 0x00000000, REG_ECX, 9) #define ND_CFF_VAES ND_CFF(0x00000007, 0x00000000, NDR_ECX, 9)
#define ND_CFF_VPCLMULQDQ ND_CFF(0x00000007, 0x00000000, REG_ECX, 10) #define ND_CFF_VPCLMULQDQ ND_CFF(0x00000007, 0x00000000, NDR_ECX, 10)
#define ND_CFF_AVX512VNNI ND_CFF(0x00000007, 0x00000000, REG_ECX, 11) #define ND_CFF_AVX512VNNI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 11)
#define ND_CFF_AVX512BITALG ND_CFF(0x00000007, 0x00000000, REG_ECX, 12) #define ND_CFF_AVX512BITALG ND_CFF(0x00000007, 0x00000000, NDR_ECX, 12)
#define ND_CFF_AVX512VPOPCNTDQ ND_CFF(0x00000007, 0x00000000, REG_ECX, 14) #define ND_CFF_AVX512VPOPCNTDQ ND_CFF(0x00000007, 0x00000000, NDR_ECX, 14)
#define ND_CFF_RDPID ND_CFF(0x00000007, 0x00000000, REG_ECX, 22) #define ND_CFF_RDPID ND_CFF(0x00000007, 0x00000000, NDR_ECX, 22)
#define ND_CFF_CLDEMOTE ND_CFF(0x00000007, 0x00000000, REG_ECX, 25) #define ND_CFF_CLDEMOTE ND_CFF(0x00000007, 0x00000000, NDR_ECX, 25)
#define ND_CFF_MOVDIRI ND_CFF(0x00000007, 0x00000000, REG_ECX, 27) #define ND_CFF_MOVDIRI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 27)
#define ND_CFF_MOVDIR64B ND_CFF(0x00000007, 0x00000000, REG_ECX, 28) #define ND_CFF_MOVDIR64B ND_CFF(0x00000007, 0x00000000, NDR_ECX, 28)
#define ND_CFF_ENQCMD ND_CFF(0x00000007, 0x00000000, REG_ECX, 29) #define ND_CFF_ENQCMD ND_CFF(0x00000007, 0x00000000, NDR_ECX, 29)
#define ND_CFF_AVX5124VNNIW ND_CFF(0x00000007, 0x00000000, REG_EDX, 2) #define ND_CFF_AVX5124VNNIW ND_CFF(0x00000007, 0x00000000, NDR_EDX, 2)
#define ND_CFF_AVX5124FMAPS ND_CFF(0x00000007, 0x00000000, REG_EDX, 3) #define ND_CFF_AVX5124FMAPS ND_CFF(0x00000007, 0x00000000, NDR_EDX, 3)
#define ND_CFF_AVX512VP2INTERSECT ND_CFF(0x00000007, 0x00000000, REG_EDX, 8) #define ND_CFF_AVX512VP2INTERSECT ND_CFF(0x00000007, 0x00000000, NDR_EDX, 8)
#define ND_CFF_SERIALIZE ND_CFF(0x00000007, 0x00000000, REG_EDX, 14) #define ND_CFF_SERIALIZE ND_CFF(0x00000007, 0x00000000, NDR_EDX, 14)
#define ND_CFF_TSXLDTRK ND_CFF(0x00000007, 0x00000000, REG_EDX, 16) #define ND_CFF_TSXLDTRK ND_CFF(0x00000007, 0x00000000, NDR_EDX, 16)
#define ND_CFF_PCONFIG ND_CFF(0x00000007, 0x00000000, REG_EDX, 18) #define ND_CFF_PCONFIG ND_CFF(0x00000007, 0x00000000, NDR_EDX, 18)
#define ND_CFF_CET_IBT ND_CFF(0x00000007, 0x00000000, REG_EDX, 20) #define ND_CFF_CET_IBT ND_CFF(0x00000007, 0x00000000, NDR_EDX, 20)
#define ND_CFF_AMXBF16 ND_CFF(0x00000007, 0x00000000, REG_EDX, 22) #define ND_CFF_AMXBF16 ND_CFF(0x00000007, 0x00000000, NDR_EDX, 22)
#define ND_CFF_AMXTILE ND_CFF(0x00000007, 0x00000000, REG_EDX, 24) #define ND_CFF_AMXTILE ND_CFF(0x00000007, 0x00000000, NDR_EDX, 24)
#define ND_CFF_AMXINT8 ND_CFF(0x00000007, 0x00000000, REG_EDX, 25) #define ND_CFF_AMXINT8 ND_CFF(0x00000007, 0x00000000, NDR_EDX, 25)
#define ND_CFF_AVX512BF16 ND_CFF(0x00000007, 0x00000001, REG_EAX, 5) #define ND_CFF_AVX512BF16 ND_CFF(0x00000007, 0x00000001, NDR_EAX, 5)
#define ND_CFF_XSAVEOPT ND_CFF(0x0000000D, 0x00000001, REG_EAX, 0) #define ND_CFF_XSAVEOPT ND_CFF(0x0000000D, 0x00000001, NDR_EAX, 0)
#define ND_CFF_XSAVEC ND_CFF(0x0000000D, 0x00000001, REG_EAX, 1) #define ND_CFF_XSAVEC ND_CFF(0x0000000D, 0x00000001, NDR_EAX, 1)
#define ND_CFF_XSAVES ND_CFF(0x0000000D, 0x00000001, REG_EAX, 3) #define ND_CFF_XSAVES ND_CFF(0x0000000D, 0x00000001, NDR_EAX, 3)
#define ND_CFF_PTWRITE ND_CFF(0x00000014, 0x00000000, REG_EBX, 4) #define ND_CFF_PTWRITE ND_CFF(0x00000014, 0x00000000, NDR_EBX, 4)
#define ND_CFF_SVM ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 2) #define ND_CFF_SVM ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 2)
#define ND_CFF_LZCNT ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 5) #define ND_CFF_LZCNT ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 5)
#define ND_CFF_SSE4A ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 6) #define ND_CFF_SSE4A ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 6)
#define ND_CFF_PREFETCHW ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 8) #define ND_CFF_PREFETCHW ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 8)
#define ND_CFF_FSC ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 11) #define ND_CFF_FSC ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 11)
#define ND_CFF_XOP ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 11) #define ND_CFF_XOP ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 11)
#define ND_CFF_LWP ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 15) #define ND_CFF_LWP ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 15)
#define ND_CFF_FMA4 ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 16) #define ND_CFF_FMA4 ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 16)
#define ND_CFF_TBM ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 21) #define ND_CFF_TBM ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 21)
#define ND_CFF_INVLPGB ND_CFF(0x80000001, 0xFFFFFFFF, REG_EDX, 24) #define ND_CFF_INVLPGB ND_CFF(0x80000001, 0xFFFFFFFF, NDR_EDX, 24)
#define ND_CFF_RDTSCP ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 27) #define ND_CFF_RDTSCP ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 27)
#define ND_CFF_3DNOW ND_CFF(0x80000001, 0xFFFFFFFF, REG_EDX, 31) #define ND_CFF_3DNOW ND_CFF(0x80000001, 0xFFFFFFFF, NDR_EDX, 31)
#define ND_CFF_WBNOINVD ND_CFF(0x80000008, 0xFFFFFFFF, REG_EBX, 9) #define ND_CFF_WBNOINVD ND_CFF(0x80000008, 0xFFFFFFFF, NDR_EBX, 9)
#define ND_CFF_RDPRU ND_CFF(0x80000008, 0xFFFFFFFF, REG_EBX, 4) #define ND_CFF_RDPRU ND_CFF(0x80000008, 0xFFFFFFFF, NDR_EBX, 4)
#define ND_CFF_MCOMMIT ND_CFF(0x80000008, 0xFFFFFFFF, REG_EBX, 8) #define ND_CFF_MCOMMIT ND_CFF(0x80000008, 0xFFFFFFFF, NDR_EBX, 8)
#define ND_CFF_SNP ND_CFF(0x8000001F, 0xFFFFFFFF, REG_EAX, 4) #define ND_CFF_SNP ND_CFF(0x8000001F, 0xFFFFFFFF, NDR_EAX, 4)
#endif // CPUID_FLAGS_H #endif // CPUID_FLAGS_H

126
inc/registers.h
Unescape View File

@ -10,139 +10,139 @@
// //
enum enum
{ {
REG_RAX, REG_RCX, REG_RDX, REG_RBX, REG_RSP, REG_RBP, REG_RSI, REG_RDI, NDR_RAX, NDR_RCX, NDR_RDX, NDR_RBX, NDR_RSP, NDR_RBP, NDR_RSI, NDR_RDI,
REG_R8, REG_R9, REG_R10, REG_R11, REG_R12, REG_R13, REG_R14, REG_R15, NDR_R8, NDR_R9, NDR_R10, NDR_R11, NDR_R12, NDR_R13, NDR_R14, NDR_R15,
}; };
enum enum
{ {
REG_EAX, REG_ECX, REG_EDX, REG_EBX, REG_ESP, REG_EBP, REG_ESI, REG_EDI, NDR_EAX, NDR_ECX, NDR_EDX, NDR_EBX, NDR_ESP, NDR_EBP, NDR_ESI, NDR_EDI,
REG_R8D, REG_R9D, REG_R10D,REG_R11D,REG_R12D,REG_R13D,REG_R14D,REG_R15D, NDR_R8D, NDR_R9D, NDR_R10D,NDR_R11D,NDR_R12D,NDR_R13D,NDR_R14D,NDR_R15D,
}; };
enum enum
{ {
REG_AX, REG_CX, REG_DX, REG_BX, REG_SP, REG_BP, REG_SI, REG_DI, NDR_AX, NDR_CX, NDR_DX, NDR_BX, NDR_SP, NDR_BP, NDR_SI, NDR_DI,
REG_R8W, REG_R9W, REG_R10W,REG_R11W,REG_R12W,REG_R13W,REG_R14W,REG_R15W, NDR_R8W, NDR_R9W, NDR_R10W,NDR_R11W,NDR_R12W,NDR_R13W,NDR_R14W,NDR_R15W,
}; };
enum enum
{ {
REG_AL, REG_CL, REG_DL, REG_BL, REG_AH, REG_CH, REG_DH, REG_BH, NDR_AL, NDR_CL, NDR_DL, NDR_BL, NDR_AH, NDR_CH, NDR_DH, NDR_BH,
}; };
enum enum
{ {
REG_AL64, REG_CL64, REG_DL64, REG_BL64, REG_SPL, REG_BPL, REG_SIL, REG_DIL, NDR_AL64, NDR_CL64, NDR_DL64, NDR_BL64, NDR_SPL, NDR_BPL, NDR_SIL, NDR_DIL,
REG_R8L, REG_R9L, REG_R10L, REG_R11L, REG_R12L, REG_R13L, REG_R14L, REG_R15L, NDR_R8L, NDR_R9L, NDR_R10L, NDR_R11L, NDR_R12L, NDR_R13L, NDR_R14L, NDR_R15L,
}; };
enum enum
{ {
REG_ES, REG_CS, REG_SS, REG_DS, REG_FS, REG_GS, REG_INV6, REG_INV7, NDR_ES, NDR_CS, NDR_SS, NDR_DS, NDR_FS, NDR_GS, NDR_INV6, NDR_INV7,
}; };
enum enum
{ {
REG_CR0, REG_CR1, REG_CR2, REG_CR3, REG_CR4, REG_CR5, REG_CR6, REG_CR7, NDR_CR0, NDR_CR1, NDR_CR2, NDR_CR3, NDR_CR4, NDR_CR5, NDR_CR6, NDR_CR7,
REG_CR8, REG_CR9, REG_CR10, REG_CR11, REG_CR12, REG_CR13, REG_CR14, REG_CR15, NDR_CR8, NDR_CR9, NDR_CR10, NDR_CR11, NDR_CR12, NDR_CR13, NDR_CR14, NDR_CR15,
}; };
enum enum
{ {
REG_DR0, REG_DR1, REG_DR2, REG_DR3, REG_DR4, REG_DR5, REG_DR6, REG_DR7, NDR_DR0, NDR_DR1, NDR_DR2, NDR_DR3, NDR_DR4, NDR_DR5, NDR_DR6, NDR_DR7,
REG_DR8, REG_DR9, REG_DR10, REG_DR11, REG_DR12, REG_DR13, REG_DR14, REG_DR15, NDR_DR8, NDR_DR9, NDR_DR10, NDR_DR11, NDR_DR12, NDR_DR13, NDR_DR14, NDR_DR15,
}; };
enum enum
{ {
REG_TR0, REG_TR1, REG_TR2, REG_TR3, REG_TR4, REG_TR5, REG_TR6, REG_TR7, NDR_TR0, NDR_TR1, NDR_TR2, NDR_TR3, NDR_TR4, NDR_TR5, NDR_TR6, NDR_TR7,
REG_TR8, REG_TR9, REG_TR10, REG_TR11, REG_TR12, REG_TR13, REG_TR14, REG_TR15, NDR_TR8, NDR_TR9, NDR_TR10, NDR_TR11, NDR_TR12, NDR_TR13, NDR_TR14, NDR_TR15,
}; };
enum enum
{ {
REG_K0, REG_K1, REG_K2, REG_K3, REG_K4, REG_K5, REG_K6, REG_K7, NDR_K0, NDR_K1, NDR_K2, NDR_K3, NDR_K4, NDR_K5, NDR_K6, NDR_K7,
}; };
enum enum
{ {
REG_BND0, REG_BND1, REG_BND2, REG_BND3, NDR_BND0, NDR_BND1, NDR_BND2, NDR_BND3,
}; };
enum enum
{ {
REG_ST0, REG_ST1, REG_ST2, REG_ST3, REG_ST4, REG_ST5, REG_ST6, REG_ST7, NDR_ST0, NDR_ST1, NDR_ST2, NDR_ST3, NDR_ST4, NDR_ST5, NDR_ST6, NDR_ST7,
}; };
enum enum
{ {
REG_XMM0, REG_XMM1, REG_XMM2, REG_XMM3, REG_XMM4, REG_XMM5, REG_XMM6, REG_XMM7, NDR_XMM0, NDR_XMM1, NDR_XMM2, NDR_XMM3, NDR_XMM4, NDR_XMM5, NDR_XMM6, NDR_XMM7,
REG_XMM8, REG_XMM9, REG_XMM10, REG_XMM11, REG_XMM12, REG_XMM13, REG_XMM14, REG_XMM15, NDR_XMM8, NDR_XMM9, NDR_XMM10, NDR_XMM11, NDR_XMM12, NDR_XMM13, NDR_XMM14, NDR_XMM15,
REG_XMM16, REG_XMM17, REG_XMM18, REG_XMM19, REG_XMM20, REG_XMM21, REG_XMM22, REG_XMM23, NDR_XMM16, NDR_XMM17, NDR_XMM18, NDR_XMM19, NDR_XMM20, NDR_XMM21, NDR_XMM22, NDR_XMM23,
REG_XMM24, REG_XMM25, REG_XMM26, REG_XMM27, REG_XMM28, REG_XMM29, REG_XMM30, REG_XMM31, NDR_XMM24, NDR_XMM25, NDR_XMM26, NDR_XMM27, NDR_XMM28, NDR_XMM29, NDR_XMM30, NDR_XMM31,
}; };
enum enum
{ {
REG_YMM0, REG_YMM1, REG_YMM2, REG_YMM3, REG_YMM4, REG_YMM5, REG_YMM6, REG_YMM7, NDR_YMM0, NDR_YMM1, NDR_YMM2, NDR_YMM3, NDR_YMM4, NDR_YMM5, NDR_YMM6, NDR_YMM7,
REG_YMM8, REG_YMM9, REG_YMM10, REG_YMM11, REG_YMM12, REG_YMM13, REG_YMM14, REG_YMM15, NDR_YMM8, NDR_YMM9, NDR_YMM10, NDR_YMM11, NDR_YMM12, NDR_YMM13, NDR_YMM14, NDR_YMM15,
REG_YMM16, REG_YMM17, REG_YMM18, REG_YMM19, REG_YMM20, REG_YMM21, REG_YMM22, REG_YMM23, NDR_YMM16, NDR_YMM17, NDR_YMM18, NDR_YMM19, NDR_YMM20, NDR_YMM21, NDR_YMM22, NDR_YMM23,
REG_YMM24, REG_YMM25, REG_YMM26, REG_YMM27, REG_YMM28, REG_YMM29, REG_YMM30, REG_YMM31, NDR_YMM24, NDR_YMM25, NDR_YMM26, NDR_YMM27, NDR_YMM28, NDR_YMM29, NDR_YMM30, NDR_YMM31,
}; };
enum enum
{ {
REG_ZMM0, REG_ZMM1, REG_ZMM2, REG_ZMM3, REG_ZMM4, REG_ZMM5, REG_ZMM6, REG_ZMM7, NDR_ZMM0, NDR_ZMM1, NDR_ZMM2, NDR_ZMM3, NDR_ZMM4, NDR_ZMM5, NDR_ZMM6, NDR_ZMM7,
REG_ZMM8, REG_ZMM9, REG_ZMM10, REG_ZMM11, REG_ZMM12, REG_ZMM13, REG_ZMM14, REG_ZMM15, NDR_ZMM8, NDR_ZMM9, NDR_ZMM10, NDR_ZMM11, NDR_ZMM12, NDR_ZMM13, NDR_ZMM14, NDR_ZMM15,
REG_ZMM16, REG_ZMM17, REG_ZMM18, REG_ZMM19, REG_ZMM20, REG_ZMM21, REG_ZMM22, REG_ZMM23, NDR_ZMM16, NDR_ZMM17, NDR_ZMM18, NDR_ZMM19, NDR_ZMM20, NDR_ZMM21, NDR_ZMM22, NDR_ZMM23,
REG_ZMM24, REG_ZMM25, REG_ZMM26, REG_ZMM27, REG_ZMM28, REG_ZMM29, REG_ZMM30, REG_ZMM31, NDR_ZMM24, NDR_ZMM25, NDR_ZMM26, NDR_ZMM27, NDR_ZMM28, NDR_ZMM29, NDR_ZMM30, NDR_ZMM31,
}; };
enum enum
{ {
REG_GDTR, REG_IDTR, REG_LDTR, REG_TR, NDR_GDTR, NDR_IDTR, NDR_LDTR, NDR_TR,
}; };
enum enum
{ {
REG_X87_CONTROL, REG_X87_TAG, REG_X87_STATUS, NDR_X87_CONTROL, NDR_X87_TAG, NDR_X87_STATUS,
}; };
enum enum
{ {
REG_XCR0, REG_XCR1, REG_XCR_ANY = 0xFF, NDR_XCR0, NDR_XCR1, NDR_XCR_ANY = 0xFF,
}; };
#define REG_IA32_TSC 0x00000010 #define NDR_IA32_TSC 0x00000010
#define REG_IA32_SYSENTER_CS 0x00000174 #define NDR_IA32_SYSENTER_CS 0x00000174
#define REG_IA32_SYSENTER_ESP 0x00000175 #define NDR_IA32_SYSENTER_ESP 0x00000175
#define REG_IA32_SYSENTER_EIP 0x00000176 #define NDR_IA32_SYSENTER_EIP 0x00000176
#define REG_IA32_STAR 0xC0000081 #define NDR_IA32_STAR 0xC0000081
#define REG_IA32_LSTAR 0xC0000082 #define NDR_IA32_LSTAR 0xC0000082
#define REG_IA32_FMASK 0xC0000084 #define NDR_IA32_FMASK 0xC0000084
#define REG_IA32_FS_BASE 0xC0000100 #define NDR_IA32_FS_BASE 0xC0000100
#define REG_IA32_GS_BASE 0xC0000101 #define NDR_IA32_GS_BASE 0xC0000101
#define REG_IA32_KERNEL_GS_BASE 0xC0000102 #define NDR_IA32_KERNEL_GS_BASE 0xC0000102
#define REG_IA32_TSC_AUX 0xC0000103 #define NDR_IA32_TSC_AUX 0xC0000103
#define REG_MSR_ANY 0xFFFFFFFF #define NDR_MSR_ANY 0xFFFFFFFF
#define REG_RFLAG_CF (1 << 0) #define NDR_RFLAG_CF (1 << 0)
#define REG_RFLAG_PF (1 << 2) #define NDR_RFLAG_PF (1 << 2)
#define REG_RFLAG_AF (1 << 4) #define NDR_RFLAG_AF (1 << 4)
#define REG_RFLAG_ZF (1 << 6) #define NDR_RFLAG_ZF (1 << 6)
#define REG_RFLAG_SF (1 << 7) #define NDR_RFLAG_SF (1 << 7)
#define REG_RFLAG_TF (1 << 8) #define NDR_RFLAG_TF (1 << 8)
#define REG_RFLAG_IF (1 << 9) #define NDR_RFLAG_IF (1 << 9)
#define REG_RFLAG_DF (1 << 10) #define NDR_RFLAG_DF (1 << 10)
#define REG_RFLAG_OF (1 << 11) #define NDR_RFLAG_OF (1 << 11)
#define REG_RFLAG_IOPL (3 << 12) #define NDR_RFLAG_IOPL (3 << 12)
#define REG_RFLAG_NT (1 << 14) #define NDR_RFLAG_NT (1 << 14)
#define REG_RFLAG_RF (1 << 16) #define NDR_RFLAG_RF (1 << 16)
#define REG_RFLAG_VM (1 << 17) #define NDR_RFLAG_VM (1 << 17)
#define REG_RFLAG_AC (1 << 18) #define NDR_RFLAG_AC (1 << 18)
#define REG_RFLAG_VIF (1 << 19) #define NDR_RFLAG_VIF (1 << 19)
#define REG_RFLAG_VIP (1 << 20) #define NDR_RFLAG_VIP (1 << 20)
#define REG_RFLAG_ID (1 << 21) #define NDR_RFLAG_ID (1 << 21)
#endif #endif

4
inc/version.h
Unescape View File

@ -6,7 +6,7 @@
#define DISASM_VER_H #define DISASM_VER_H
#define DISASM_VERSION_MAJOR 1 #define DISASM_VERSION_MAJOR 1
#define DISASM_VERSION_MINOR 26 #define DISASM_VERSION_MINOR 27
#define DISASM_VERSION_REVISION 3 #define DISASM_VERSION_REVISION 0
#endif // DISASM_VER_H #endif // DISASM_VER_H

4
isagenerator/generate_tables.py
Unescape View File

@ -540,7 +540,7 @@ def cdef_instruction(self):
if m == '1' or m == '0': if m == '1' or m == '0':
dst = dst + self.RevFlagsAccess['u'] dst = dst + self.RevFlagsAccess['u']
for f in dst: for f in dst:
flg += '|REG_RFLAG_%s' % f.upper() flg += '|NDR_RFLAG_%s' % f.upper()
c += "\n %s," % flg c += "\n %s," % flg
# Add the instruction operands # Add the instruction operands
@ -1202,7 +1202,7 @@ def generate_features(features, fname):
f.write('\n') f.write('\n')
for c in features: for c in features:
f.write('#define ND_CFF_%s%sND_CFF(%s, %s, %s, %s)\n' % (c.Name, ' ' * (25 - len(c.Name)), c.Leaf, c.SubLeaf, 'REG_' + c.Reg, c.Bit)) f.write('#define ND_CFF_%s%sND_CFF(%s, %s, %s, %s)\n' % (c.Name, ' ' * (25 - len(c.Name)), c.Leaf, c.SubLeaf, 'NDR_' + c.Reg, c.Bit))
f.write('\n') f.write('\n')

4
pydis/_pydis/pydis.c
Unescape View File

@ -33,7 +33,7 @@ nd_vsnprintf_s(char *str, size_t sizeOfBuffer, size_t count, const char *format,
return vsnprintf(str, count, format, args); return vsnprintf(str, count, format, args);
} }
int nd_memset(void *s, int c, size_t n) void *nd_memset(void *s, int c, size_t n)
{ {
memset(s, c, n); return memset(s, c, n);
} }

Write Preview
Loading…
Cancel
Save