arno
/
bddisasm
mirror of https://github.com/bitdefender/bddisasm.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Renamed REG_* fields to NDR_*, so that we don't conflict with _GNU_SOURCES.

Browse Source
pull/15/head
Andrei Vlad LUTAS 4 years ago
parent 02b7177b99
commit 144baa5140
10 changed files with 1115 additions and 1115 deletions
Show Stats Download Patch File Download Diff File

176
bddisasm/bddisasm.c
Unescape View File

@ -912,7 +912,7 @@ NdFetchModrmAndSib(
}
// If needed, fetch the SIB.
if ((Instrux->ModRm.rm == REG_RSP) && (Instrux->ModRm.mod != 3) && (Instrux->AddrMode != ND_ADDR_16))
if ((Instrux->ModRm.rm == NDR_RSP) && (Instrux->ModRm.mod != 3) && (Instrux->AddrMode != ND_ADDR_16))
{
// At least one more byte must be available, for the sib.
RET_GT((size_t)Offset + 1, Size, ND_STATUS_BUFFER_TOO_SMALL);
@ -1180,17 +1180,17 @@ NdGetSegOverride(
switch (Instrux->Seg)
{
case ND_PREFIX_G2_SEG_CS:
return REG_CS;
return NDR_CS;
case ND_PREFIX_G2_SEG_DS:
return REG_DS;
return NDR_DS;
case ND_PREFIX_G2_SEG_ES:
return REG_ES;
return NDR_ES;
case ND_PREFIX_G2_SEG_SS:
return REG_SS;
return NDR_SS;
case ND_PREFIX_G2_SEG_FS:
return REG_FS;
return NDR_FS;
case ND_PREFIX_G2_SEG_GS:
return REG_GS;
return NDR_GS;
default:
return DefaultSeg;
}
@ -1714,7 +1714,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RAX;
operand->Info.Register.Reg = NDR_RAX;
break;
case ND_OPT_GPR_AH:
@ -1722,7 +1722,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = ND_SIZE_8BIT;
operand->Info.Register.Reg = REG_AH;
operand->Info.Register.Reg = NDR_AH;
operand->Info.Register.IsHigh8 = true;
break;
@ -1731,7 +1731,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RCX;
operand->Info.Register.Reg = NDR_RCX;
break;
case ND_OPT_GPR_rDX:
@ -1739,7 +1739,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RDX;
operand->Info.Register.Reg = NDR_RDX;
break;
case ND_OPT_GPR_rBX:
@ -1747,7 +1747,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RBX;
operand->Info.Register.Reg = NDR_RBX;
break;
case ND_OPT_GPR_rBP:
@ -1755,7 +1755,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RBP;
operand->Info.Register.Reg = NDR_RBP;
break;
case ND_OPT_GPR_rSP:
@ -1763,7 +1763,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RSP;
operand->Info.Register.Reg = NDR_RSP;
break;
case ND_OPT_GPR_rSI:
@ -1771,7 +1771,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RSI;
operand->Info.Register.Reg = NDR_RSI;
break;
case ND_OPT_GPR_rDI:
@ -1779,7 +1779,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_RDI;
operand->Info.Register.Reg = NDR_RDI;
break;
case ND_OPT_GPR_rR11:
@ -1787,7 +1787,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_R11;
operand->Info.Register.Reg = NDR_R11;
break;
case ND_OPT_SEG_CS:
@ -1795,7 +1795,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_CS;
operand->Info.Register.Reg = NDR_CS;
break;
case ND_OPT_SEG_SS:
@ -1803,7 +1803,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_SS;
operand->Info.Register.Reg = NDR_SS;
break;
case ND_OPT_SEG_DS:
@ -1811,7 +1811,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_DS;
operand->Info.Register.Reg = NDR_DS;
break;
case ND_OPT_SEG_ES:
@ -1819,7 +1819,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_ES;
operand->Info.Register.Reg = NDR_ES;
break;
case ND_OPT_SEG_FS:
@ -1827,7 +1827,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_FS;
operand->Info.Register.Reg = NDR_FS;
break;
case ND_OPT_SEG_GS:
@ -1835,7 +1835,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SEG;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_GS;
operand->Info.Register.Reg = NDR_GS;
break;
case ND_OPT_FPU_ST0:
@ -1868,7 +1868,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_CR;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_CR0;
operand->Info.Register.Reg = NDR_CR0;
break;
case ND_OPT_SYS_GDTR:
@ -1876,7 +1876,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_GDTR;
operand->Info.Register.Reg = NDR_GDTR;
break;
case ND_OPT_SYS_IDTR:
@ -1884,7 +1884,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_IDTR;
operand->Info.Register.Reg = NDR_IDTR;
break;
case ND_OPT_SYS_LDTR:
@ -1892,7 +1892,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_LDTR;
operand->Info.Register.Reg = NDR_LDTR;
break;
case ND_OPT_SYS_TR:
@ -1900,7 +1900,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = (ND_REG_SIZE)size;
operand->Info.Register.Reg = REG_TR;
operand->Info.Register.Reg = NDR_TR;
break;
case ND_OPT_X87_CONTROL:
@ -1908,7 +1908,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = ND_SIZE_16BIT;
operand->Info.Register.Reg = REG_X87_CONTROL;
operand->Info.Register.Reg = NDR_X87_CONTROL;
break;
case ND_OPT_X87_TAG:
@ -1916,7 +1916,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = ND_SIZE_16BIT;
operand->Info.Register.Reg = REG_X87_TAG;
operand->Info.Register.Reg = NDR_X87_TAG;
break;
case ND_OPT_X87_STATUS:
@ -1924,7 +1924,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_SYS;
operand->Info.Register.Size = ND_SIZE_16BIT;
operand->Info.Register.Reg = REG_X87_STATUS;
operand->Info.Register.Reg = NDR_X87_STATUS;
break;
case ND_OPT_MXCSR:
@ -1964,7 +1964,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_TSC;
operand->Info.Register.Reg = NDR_IA32_TSC;
break;
case ND_OPT_MSR_TSCAUX:
@ -1972,7 +1972,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_TSC_AUX;
operand->Info.Register.Reg = NDR_IA32_TSC_AUX;
break;
case ND_OPT_MSR_SCS:
@ -1980,7 +1980,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_SYSENTER_CS;
operand->Info.Register.Reg = NDR_IA32_SYSENTER_CS;
break;
case ND_OPT_MSR_SESP:
@ -1988,7 +1988,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_SYSENTER_ESP;
operand->Info.Register.Reg = NDR_IA32_SYSENTER_ESP;
break;
case ND_OPT_MSR_SEIP:
@ -1996,7 +1996,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_SYSENTER_EIP;
operand->Info.Register.Reg = NDR_IA32_SYSENTER_EIP;
break;
case ND_OPT_MSR_STAR:
@ -2004,7 +2004,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_STAR;
operand->Info.Register.Reg = NDR_IA32_STAR;
break;
case ND_OPT_MSR_LSTAR:
@ -2012,7 +2012,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_LSTAR;
operand->Info.Register.Reg = NDR_IA32_LSTAR;
break;
case ND_OPT_MSR_FMASK:
@ -2020,7 +2020,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_FMASK;
operand->Info.Register.Reg = NDR_IA32_FMASK;
break;
case ND_OPT_MSR_FSBASE:
@ -2028,7 +2028,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_FS_BASE;
operand->Info.Register.Reg = NDR_IA32_FS_BASE;
break;
case ND_OPT_MSR_GSBASE:
@ -2036,7 +2036,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_GS_BASE;
operand->Info.Register.Reg = NDR_IA32_GS_BASE;
break;
case ND_OPT_MSR_KGSBASE:
@ -2044,7 +2044,7 @@ NdParseOperand(
operand->Type = ND_OP_REG;
operand->Info.Register.Type = ND_REG_MSR;
operand->Info.Register.Size = ND_SIZE_64BIT;
operand->Info.Register.Reg = REG_IA32_GS_BASE;
operand->Info.Register.Reg = NDR_IA32_GS_BASE;
break;
case ND_OPT_XCR:
@ -2071,7 +2071,7 @@ NdParseOperand(
operand->Size = operand->RawSize = Instrux->WordLength;
operand->Info.Register.Type = ND_REG_GPR;
operand->Info.Register.Size = Instrux->WordLength;
operand->Info.Register.Reg = REG_EAX;
operand->Info.Register.Reg = NDR_EAX;
operand->Info.Register.Count = 8;
operand->Info.Register.IsBlock = true;
}
@ -2181,7 +2181,7 @@ NdParseOperand(
}
// If CS is loaded - #UD.
if ((operand->Info.Register.Reg == REG_CS) && operand->Access.Write)
if ((operand->Info.Register.Reg == NDR_CS) && operand->Access.Write)
{
return ND_STATUS_CS_LOAD;
}
@ -2225,10 +2225,10 @@ NdParseOperand(
operand->Type = ND_OP_MEM;
operand->Info.Memory.IsStack = true;
operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_RSP;
operand->Info.Memory.Base = NDR_RSP;
operand->Info.Memory.BaseSize = szLut[Instrux->DefStack];
operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = REG_SS;
operand->Info.Memory.Seg = NDR_SS;
Instrux->StackWords = (uint8_t)(operand->Size / Instrux->WordLength);
Instrux->StackAccess |= operand->Access.Access;
}
@ -2414,7 +2414,7 @@ NdParseOperand(
operand->Info.Memory.DispSize = Instrux->MoffsetLength;
operand->Info.Memory.Disp = Instrux->Moffset;
operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS);
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
Offset = Instrux->Length;
}
@ -2447,58 +2447,58 @@ memory:
operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BX;
operand->Info.Memory.Index = REG_SI;
operand->Info.Memory.Base = NDR_BX;
operand->Info.Memory.Index = NDR_SI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
break;
case 1:
// [bx + di]
operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BX;
operand->Info.Memory.Index = REG_DI;
operand->Info.Memory.Base = NDR_BX;
operand->Info.Memory.Index = NDR_DI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
break;
case 2:
// [bp + si]
operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BP;
operand->Info.Memory.Index = REG_SI;
operand->Info.Memory.Base = NDR_BP;
operand->Info.Memory.Index = NDR_SI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_SS;
operand->Info.Memory.Seg = NDR_SS;
break;
case 3:
// [bp + di]
operand->Info.Memory.HasBase = true;
operand->Info.Memory.HasIndex = true;
operand->Info.Memory.Scale = 1;
operand->Info.Memory.Base = REG_BP;
operand->Info.Memory.Index = REG_DI;
operand->Info.Memory.Base = NDR_BP;
operand->Info.Memory.Index = NDR_DI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.IndexSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_SS;
operand->Info.Memory.Seg = NDR_SS;
break;
case 4:
// [si]
operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_SI;
operand->Info.Memory.Base = NDR_SI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
break;
case 5:
// [di]
operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_DI;
operand->Info.Memory.Base = NDR_DI;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
break;
case 6:
// [bp]
@ -2506,22 +2506,22 @@ memory:
{
// If mod is not zero, than we have "[bp + displacement]".
operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_BP;
operand->Info.Memory.Base = NDR_BP;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_SS;
operand->Info.Memory.Seg = NDR_SS;
}
else
{
// If mod is zero, than we only have a displacement that is used to directly address mem.
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
}
break;
case 7:
// [bx]
operand->Info.Memory.HasBase = true;
operand->Info.Memory.Base = REG_BX;
operand->Info.Memory.Base = NDR_BX;
operand->Info.Memory.BaseSize = ND_SIZE_16BIT;
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
break;
}
@ -2535,12 +2535,12 @@ memory:
uint8_t defsize = (Instrux->AddrMode == ND_ADDR_32 ? ND_SIZE_32BIT : ND_SIZE_64BIT);
// Implicit segment is DS.
operand->Info.Memory.Seg = REG_DS;
operand->Info.Memory.Seg = NDR_DS;
if (Instrux->HasSib)
{
// Check for base.
if ((Instrux->ModRm.mod == 0) && (Instrux->Sib.base == REG_RBP))
if ((Instrux->ModRm.mod == 0) && (Instrux->Sib.base == NDR_RBP))
{
// Mod is mem without displacement and base reg is RBP -> no base reg used.
// Note that this addressing mode is not RIP relative.
@ -2551,14 +2551,14 @@ memory:
operand->Info.Memory.BaseSize = defsize;
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.b << 3) | Instrux->Sib.base);
if ((operand->Info.Memory.Base == REG_RSP) || (operand->Info.Memory.Base == REG_RBP))
if ((operand->Info.Memory.Base == NDR_RSP) || (operand->Info.Memory.Base == NDR_RBP))
{
operand->Info.Memory.Seg = REG_SS;
operand->Info.Memory.Seg = NDR_SS;
}
}
// Check for index.
if ((((Instrux->Exs.x << 3) | Instrux->Sib.index) != REG_RSP) || ND_HAS_VSIB(Instrux))
if ((((Instrux->Exs.x << 3) | Instrux->Sib.index) != NDR_RSP) || ND_HAS_VSIB(Instrux))
{
// Index * Scale is present.
operand->Info.Memory.HasIndex = true;
@ -2576,7 +2576,7 @@ memory:
}
else
{
if ((Instrux->ModRm.mod == 0) && (Instrux->ModRm.rm == REG_RBP))
if ((Instrux->ModRm.mod == 0) && (Instrux->ModRm.rm == NDR_RBP))
{
//
// RIP relative addressing addresses a memory region relative to the current RIP; However,
@ -2599,9 +2599,9 @@ memory:
operand->Info.Memory.BaseSize = defsize;
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.b << 3) | Instrux->ModRm.rm);
if ((operand->Info.Memory.Base == REG_RSP) || (operand->Info.Memory.Base == REG_RBP))
if ((operand->Info.Memory.Base == NDR_RSP) || (operand->Info.Memory.Base == NDR_RBP))
{
operand->Info.Memory.Seg = REG_SS;
operand->Info.Memory.Seg = NDR_SS;
}
}
}
@ -2802,16 +2802,16 @@ memory:
operand->Info.Memory.HasBase = true;
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Base = (uint8_t)(((opt == ND_OPT_X) ? REG_RSI : REG_RDI));
operand->Info.Memory.Base = (uint8_t)(((opt == ND_OPT_X) ? NDR_RSI : NDR_RDI));
operand->Info.Memory.IsString = (ND_OPT_X == opt || ND_OPT_Y == opt);
// DS:rSI supports segment overriding. ES:rDI does not.
if (opt == ND_OPT_Y)
{
operand->Info.Memory.Seg = REG_ES;
operand->Info.Memory.Seg = NDR_ES;
}
else
{
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS);
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
}
break;
@ -2823,11 +2823,11 @@ memory:
operand->Info.Memory.HasIndex = true;
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.IndexSize = ND_SIZE_8BIT; // Always 1 Byte.
operand->Info.Memory.Base = REG_RBX; // Always rBX.
operand->Info.Memory.Index = REG_AL; // Always AL.
operand->Info.Memory.Base = NDR_RBX; // Always rBX.
operand->Info.Memory.Index = NDR_AL; // Always AL.
operand->Info.Memory.Scale = 1; // Always 1.
operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS);
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
break;
case ND_OPT_MEM_SHS:
@ -2960,7 +2960,7 @@ memory:
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.r << 3) | Instrux->ModRm.reg);
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = REG_ES;
operand->Info.Memory.Seg = NDR_ES;
break;
case ND_OPT_mM:
@ -2970,7 +2970,7 @@ memory:
operand->Info.Memory.Base = (uint8_t)((Instrux->Exs.m << 3) | Instrux->ModRm.rm);
operand->Info.Memory.BaseSize = 2 << Instrux->AddrMode;
operand->Info.Memory.HasSeg = true;
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, REG_DS);
operand->Info.Memory.Seg = NdGetSegOverride(Instrux, NDR_DS);
break;
case ND_OPT_rT:
@ -4632,8 +4632,8 @@ NdToText(
return ND_STATUS_INVALID_INSTRUX;
}
if ((ND_CODE_64 != Instrux->DefCode) || (REG_FS == pOp->Info.Memory.Seg) ||
(REG_GS == pOp->Info.Memory.Seg))
if ((ND_CODE_64 != Instrux->DefCode) || (NDR_FS == pOp->Info.Memory.Seg) ||
(NDR_GS == pOp->Info.Memory.Seg))
{
res = nd_strcat_s(Buffer, BufferSize, gRegSeg[pOp->Info.Memory.Seg]);
RET_EQ(res, NULL, ND_STATUS_BUFFER_OVERFLOW);
@ -4957,8 +4957,8 @@ NdGetFullAccessMap(
if (pOp->Info.Memory.IsStack)
{
AccessMap->StackAccess |= pOp->Access.Access;
AccessMap->GprAccess[REG_RSP] |= ND_ACCESS_READ|ND_ACCESS_WRITE;
AccessMap->SegAccess[REG_SS] |= ND_ACCESS_READ;
AccessMap->GprAccess[NDR_RSP] |= ND_ACCESS_READ|ND_ACCESS_WRITE;
AccessMap->SegAccess[NDR_SS] |= ND_ACCESS_READ;
}
else
{

1448
bddisasm/include/instructions.h
View File

File diff suppressed because it is too large Load Diff

222
bdshemu/bdshemu.c
Unescape View File

@ -321,60 +321,60 @@ ShemuSetFlags(
// PF set if the first bytes has an even number of 1 bits.
if ((pfArr[Dst & 0xF] + pfArr[(Dst >> 4) & 0xF]) % 2 == 0)
{
Context->Registers.RegFlags |= REG_RFLAG_PF;
Context->Registers.RegFlags |= NDR_RFLAG_PF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_PF;
Context->Registers.RegFlags &= ~NDR_RFLAG_PF;
}
// ZF set if the result is zero.
if (Dst == 0)
{
Context->Registers.RegFlags |= REG_RFLAG_ZF;
Context->Registers.RegFlags |= NDR_RFLAG_ZF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_ZF;
Context->Registers.RegFlags &= ~NDR_RFLAG_ZF;
}
// SF is set if the sign flag is set.
if (ND_GET_SIGN(Size, Dst) != 0)
{
Context->Registers.RegFlags |= REG_RFLAG_SF;
Context->Registers.RegFlags |= NDR_RFLAG_SF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_SF;
Context->Registers.RegFlags &= ~NDR_RFLAG_SF;
}
// OF and CF are handled differently for some instructions.
if (FM_LOGIC == FlagsMode)
{
// OF and CF are cleared on logic instructions.
Context->Registers.RegFlags &= ~(REG_RFLAG_OF | REG_RFLAG_CF);
Context->Registers.RegFlags &= ~(NDR_RFLAG_OF | NDR_RFLAG_CF);
}
else if (FM_SHL == FlagsMode)
{
// CF is the last bit shifted out of the destination.
if (ND_GET_BIT(Src1, (Size * 8) - Src2))
{
Context->Registers.RegFlags |= REG_RFLAG_CF;
Context->Registers.RegFlags |= NDR_RFLAG_CF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_CF;
Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
}
if (Src2 == 1)
{
if (ND_GET_BIT(Size * 8 - 1, Dst) ^ ND_GET_BIT(Src1, (Size * 8) - Src2))
{
Context->Registers.RegFlags |= REG_RFLAG_OF;
Context->Registers.RegFlags |= NDR_RFLAG_OF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_OF;
Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
}
}
}
@ -383,22 +383,22 @@ ShemuSetFlags(
// CF is the last bit shifted out of the destination.
if (ND_GET_BIT(Src1, Src2 - 1))
{
Context->Registers.RegFlags |= REG_RFLAG_CF;
Context->Registers.RegFlags |= NDR_RFLAG_CF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_CF;
Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
}
if (Src2 == 1)
{
if (ND_GET_BIT(Size * 8 - 1, Dst))
{
Context->Registers.RegFlags |= REG_RFLAG_OF;
Context->Registers.RegFlags |= NDR_RFLAG_OF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_OF;
Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
}
}
}
@ -407,29 +407,29 @@ ShemuSetFlags(
// CF is the last bit shifted out of the destination.
if (ND_GET_BIT(Src1, Src2 - 1))
{
Context->Registers.RegFlags |= REG_RFLAG_CF;
Context->Registers.RegFlags |= NDR_RFLAG_CF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_CF;
Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
}
Context->Registers.RegFlags &= ~REG_RFLAG_OF;
Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
}
else
{
// Set CF.
if ((FM_SUB == FlagsMode) && (Src1 < Src2))
{
Context->Registers.RegFlags |= REG_RFLAG_CF;
Context->Registers.RegFlags |= NDR_RFLAG_CF;
}
else if ((FM_ADD == FlagsMode) && (Dst < Src1))
{
Context->Registers.RegFlags |= REG_RFLAG_CF;
Context->Registers.RegFlags |= NDR_RFLAG_CF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_CF;
Context->Registers.RegFlags &= ~NDR_RFLAG_CF;
}
// Set OF.
@ -438,11 +438,11 @@ ShemuSetFlags(
if ((ND_GET_SIGN(Size, Src1) && !ND_GET_SIGN(Size, Src2) && !ND_GET_SIGN(Size, Dst)) ||
(!ND_GET_SIGN(Size, Src1) && ND_GET_SIGN(Size, Src2) && ND_GET_SIGN(Size, Dst)))
{
Context->Registers.RegFlags |= REG_RFLAG_OF;
Context->Registers.RegFlags |= NDR_RFLAG_OF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_OF;
Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
}
}
else if (FM_ADD == FlagsMode)
@ -450,11 +450,11 @@ ShemuSetFlags(
if (ND_GET_SIGN(Size, Src1) == ND_GET_SIGN(Size, Src2) &&
ND_GET_SIGN(Size, Src1) != ND_GET_SIGN(Size, Dst))
{
Context->Registers.RegFlags |= REG_RFLAG_OF;
Context->Registers.RegFlags |= NDR_RFLAG_OF;
}
else
{
Context->Registers.RegFlags &= ~REG_RFLAG_OF;
Context->Registers.RegFlags &= ~NDR_RFLAG_OF;
}
}
}
@ -473,99 +473,99 @@ ShemuEvalCondition(
switch (ConditionCode)
{
case ND_COND_OVERFLOW: // O
if (GET_FLAG(Context, REG_RFLAG_OF) == 1)
if (GET_FLAG(Context, NDR_RFLAG_OF) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_OVERFLOW): // NO
if (GET_FLAG(Context, REG_RFLAG_OF) == 0)
if (GET_FLAG(Context, NDR_RFLAG_OF) == 0)
{
return true;
}
break;
case ND_COND_CARRY: // C/B/NAE
if (GET_FLAG(Context, REG_RFLAG_CF) == 1)
if (GET_FLAG(Context, NDR_RFLAG_CF) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_CARRY): // NC/NB/AE
if (GET_FLAG(Context, REG_RFLAG_CF) == 0)
if (GET_FLAG(Context, NDR_RFLAG_CF) == 0)
{
return true;
}
break;
case ND_COND_ZERO: // E/Z
if (GET_FLAG(Context, REG_RFLAG_ZF) == 1)
if (GET_FLAG(Context, NDR_RFLAG_ZF) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_ZERO): // NE/NZ
if (GET_FLAG(Context, REG_RFLAG_ZF) == 0)
if (GET_FLAG(Context, NDR_RFLAG_ZF) == 0)
{
return true;
}
break;
case ND_COND_BELOW_OR_EQUAL: // BE/NA
if ((GET_FLAG(Context, REG_RFLAG_CF) | (GET_FLAG(Context, REG_RFLAG_ZF))) == 1)
if ((GET_FLAG(Context, NDR_RFLAG_CF) | (GET_FLAG(Context, NDR_RFLAG_ZF))) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_BELOW_OR_EQUAL): // A/NBE
if ((GET_FLAG(Context, REG_RFLAG_CF) | (GET_FLAG(Context, REG_RFLAG_ZF))) == 0)
if ((GET_FLAG(Context, NDR_RFLAG_CF) | (GET_FLAG(Context, NDR_RFLAG_ZF))) == 0)
{
return true;
}
break;
case ND_COND_SIGN: // S
if (GET_FLAG(Context, REG_RFLAG_SF) == 1)
if (GET_FLAG(Context, NDR_RFLAG_SF) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_SIGN): // NS
if (GET_FLAG(Context, REG_RFLAG_SF) == 0)
if (GET_FLAG(Context, NDR_RFLAG_SF) == 0)
{
return true;
}
break;
case ND_COND_PARITY: // P
if (GET_FLAG(Context, REG_RFLAG_PF) == 1)
if (GET_FLAG(Context, NDR_RFLAG_PF) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_PARITY): // NP
if (GET_FLAG(Context, REG_RFLAG_PF) == 0)
if (GET_FLAG(Context, NDR_RFLAG_PF) == 0)
{
return true;
}
break;
case ND_COND_LESS: // L/NGE
if ((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) == 1)
if ((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_LESS): // NL/GE
if ((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) == 0)
if ((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) == 0)
{
return true;
}
break;
case ND_COND_LESS_OR_EQUAL: // LE/NG
if (((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) |
(GET_FLAG(Context, REG_RFLAG_ZF))) == 1)
if (((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) |
(GET_FLAG(Context, NDR_RFLAG_ZF))) == 1)
{
return true;
}
break;
case ND_COND_NOT(ND_COND_LESS_OR_EQUAL): // NLE/G
if (((GET_FLAG(Context, REG_RFLAG_SF) ^ GET_FLAG(Context, REG_RFLAG_OF)) |
(GET_FLAG(Context, REG_RFLAG_ZF))) == 0)
if (((GET_FLAG(Context, NDR_RFLAG_SF) ^ GET_FLAG(Context, NDR_RFLAG_OF)) |
(GET_FLAG(Context, NDR_RFLAG_ZF))) == 0)
{
return true;
}
@ -696,17 +696,17 @@ ShemuGetSegValue(
{
switch (Reg)
{
case REG_ES:
case NDR_ES:
return Context->Segments.Es.Selector;
case REG_CS:
case NDR_CS:
return Context->Segments.Cs.Selector;
case REG_SS:
case NDR_SS:
return Context->Segments.Ss.Selector;
case REG_DS:
case NDR_DS:
return Context->Segments.Ds.Selector;
case REG_FS:
case NDR_FS:
return Context->Segments.Fs.Selector;
case REG_GS:
case NDR_GS:
return Context->Segments.Gs.Selector;
}
@ -726,22 +726,22 @@ ShemuSetSegValue(
{
switch (Reg)
{
case REG_ES:
case NDR_ES:
Context->Segments.Es.Selector = Value;
break;
case REG_CS:
case NDR_CS:
Context->Segments.Cs.Selector = Value;
break;
case REG_SS:
case NDR_SS:
Context->Segments.Ss.Selector = Value;
break;
case REG_DS:
case NDR_DS:
Context->Segments.Ds.Selector = Value;
break;
case REG_FS:
case NDR_FS:
Context->Segments.Fs.Selector = Value;
break;
case REG_GS:
case NDR_GS:
Context->Segments.Gs.Selector = Value;
break;
}
@ -759,17 +759,17 @@ ShemuGetSegBase(
{
switch (Reg)
{
case REG_ES:
case NDR_ES:
return Context->Segments.Es.Base;
case REG_CS:
case NDR_CS:
return Context->Segments.Cs.Base;
case REG_SS:
case NDR_SS:
return Context->Segments.Ss.Base;
case REG_DS:
case NDR_DS:
return Context->Segments.Ds.Base;
case REG_FS:
case NDR_FS:
return Context->Segments.Fs.Base;
case REG_GS:
case NDR_GS:
return Context->Segments.Gs.Base;
}
@ -1084,19 +1084,19 @@ ShemuGetOperandValue(
case ND_REG_CR:
switch (op->Info.Register.Reg)
{
case REG_CR0:
case NDR_CR0:
Value->Value.Qwords[0] = Context->Registers.RegCr0;
break;
case REG_CR2:
case NDR_CR2:
Value->Value.Qwords[0] = Context->Registers.RegCr2;
break;
case REG_CR3:
case NDR_CR3:
Value->Value.Qwords[0] = Context->Registers.RegCr3;
break;
case REG_CR4:
case NDR_CR4:
Value->Value.Qwords[0] = Context->Registers.RegCr4;
break;
case REG_CR8:
case NDR_CR8:
Value->Value.Qwords[0] = Context->Registers.RegCr8;
break;
default:
@ -1163,11 +1163,11 @@ ShemuGetOperandValue(
// If this is a stack access, we need to update the stack pointer.
if (op->Info.Memory.IsStack)
{
uint64_t regval = ShemuGetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), false);
uint64_t regval = ShemuGetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), false);
regval += op->Size;
ShemuSetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), regval, false);
ShemuSetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), regval, false);
}
// If this is a string operation, make sure we update RSI/RDI.
@ -1175,7 +1175,7 @@ ShemuGetOperandValue(
{
uint64_t regval = ShemuGetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, false);
regval = GET_FLAG(Context, REG_RFLAG_DF) ? regval - op->Size : regval + op->Size;
regval = GET_FLAG(Context, NDR_RFLAG_DF) ? regval - op->Size : regval + op->Size;
ShemuSetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, regval, false);
}
@ -1260,19 +1260,19 @@ ShemuSetOperandValue(
case ND_REG_CR:
switch (op->Info.Register.Reg)
{
case REG_CR0:
case NDR_CR0:
Context->Registers.RegCr0 = Value->Value.Qwords[0];
break;
case REG_CR2:
case NDR_CR2:
Context->Registers.RegCr2 = Value->Value.Qwords[0];
break;
case REG_CR3:
case NDR_CR3:
Context->Registers.RegCr3 = Value->Value.Qwords[0];
break;
case REG_CR4:
case NDR_CR4:
Context->Registers.RegCr4 = Value->Value.Qwords[0];
break;
case REG_CR8:
case NDR_CR8:
Context->Registers.RegCr8 = Value->Value.Qwords[0];
break;
default:
@ -1359,11 +1359,11 @@ ShemuSetOperandValue(
// If this is a stack access, we need to update the stack pointer.
if (op->Info.Memory.IsStack)
{
uint64_t regval = ShemuGetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), false);
uint64_t regval = ShemuGetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), false);
regval -= op->Size;
ShemuSetGprValue(Context, REG_RSP, (2 << Context->Instruction.DefStack), regval, false);
ShemuSetGprValue(Context, NDR_RSP, (2 << Context->Instruction.DefStack), regval, false);
}
// If this is a string operation, make sure we update RSI/RDI.
@ -1371,7 +1371,7 @@ ShemuSetOperandValue(
{
uint64_t regval = ShemuGetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, false);
regval = GET_FLAG(Context, REG_RFLAG_DF) ? regval - op->Size : regval + op->Size;
regval = GET_FLAG(Context, NDR_RFLAG_DF) ? regval - op->Size : regval + op->Size;
ShemuSetGprValue(Context, op->Info.Memory.Base, op->Info.Memory.BaseSize, regval, false);
}
@ -1660,12 +1660,12 @@ ShemuEmulate(
{
GET_OP(Context, 1, &src);
SET_OP(Context, 0, &src);
SET_FLAG(Context, REG_RFLAG_ZF, 1);
SET_FLAG(Context, NDR_RFLAG_ZF, 1);
}
else
{
SET_OP(Context, 2, &dst);
SET_FLAG(Context, REG_RFLAG_ZF, 0);
SET_FLAG(Context, NDR_RFLAG_ZF, 0);
}
break;
@ -1676,7 +1676,7 @@ ShemuEmulate(
if (ND_INS_ADC == Context->Instruction.Instruction)
{
src.Value.Qwords[0] += GET_FLAG(Context, REG_RFLAG_CF);
src.Value.Qwords[0] += GET_FLAG(Context, NDR_RFLAG_CF);
}
res.Size = src.Size;
@ -1695,7 +1695,7 @@ ShemuEmulate(
if (ND_INS_SBB == Context->Instruction.Instruction)
{
src.Value.Qwords[0] += GET_FLAG(Context, REG_RFLAG_CF);
src.Value.Qwords[0] += GET_FLAG(Context, NDR_RFLAG_CF);
}
res.Size = src.Size;
@ -1864,31 +1864,31 @@ ShemuEmulate(
while (tempcnt != 0)
{
tempCF = ND_MSB(dst.Size, dst.Value.Qwords[0]);
dst.Value.Qwords[0] = (dst.Value.Qwords[0] << 1) + GET_FLAG(Context, REG_RFLAG_CF);
SET_FLAG(Context, REG_RFLAG_CF, tempCF);
dst.Value.Qwords[0] = (dst.Value.Qwords[0] << 1) + GET_FLAG(Context, NDR_RFLAG_CF);
SET_FLAG(Context, NDR_RFLAG_CF, tempCF);
tempcnt--;
}
if ((cnt & cntmask) == 1)
{
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, REG_RFLAG_CF));
SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, NDR_RFLAG_CF));
}
}
else if (ND_INS_RCR == Context->Instruction.Instruction)
{
if ((cnt & cntmask) == 1)
{
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, REG_RFLAG_CF));
SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, NDR_RFLAG_CF));
}
while (tempcnt != 0)
{
tempCF = ND_LSB(dst.Size, dst.Value.Qwords[0]);
dst.Value.Qwords[0] = (dst.Value.Qwords[0] >> 1) +
((uint64_t)GET_FLAG(Context, REG_RFLAG_CF) << (dst.Size * 8 - 1));
SET_FLAG(Context, REG_RFLAG_CF, tempCF);
((uint64_t)GET_FLAG(Context, NDR_RFLAG_CF) << (dst.Size * 8 - 1));
SET_FLAG(Context, NDR_RFLAG_CF, tempCF);
tempcnt--;
}
}
@ -1903,13 +1903,13 @@ ShemuEmulate(
if ((cnt & cntmask) != 0)
{
SET_FLAG(Context, REG_RFLAG_CF, dst.Value.Qwords[0] & 1);
SET_FLAG(Context, NDR_RFLAG_CF, dst.Value.Qwords[0] & 1);
}
if ((cnt & cntmask) == 1)
{
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, REG_RFLAG_CF));
SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^
GET_FLAG(Context, NDR_RFLAG_CF));
}
}
else // ND_INS_ROR
@ -1923,12 +1923,12 @@ ShemuEmulate(
if ((cnt & cntmask) != 0)
{
SET_FLAG(Context, REG_RFLAG_CF, ND_MSB(dst.Size, dst.Value.Qwords[0]));
SET_FLAG(Context, NDR_RFLAG_CF, ND_MSB(dst.Size, dst.Value.Qwords[0]));
}
if ((cnt & cntmask) == 1)
{
SET_FLAG(Context, REG_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ tempCF);
SET_FLAG(Context, NDR_RFLAG_OF, ND_MSB(dst.Size, dst.Value.Qwords[0]) ^ tempCF);
}
}
@ -1988,7 +1988,7 @@ ShemuEmulate(
src.Value.Qwords[0] %= dst.Size * 8;
// Store the bit inside CF.
SET_FLAG(Context, REG_RFLAG_CF, (dst.Value.Qwords[0] >> src.Value.Qwords[0]) & 1);
SET_FLAG(Context, NDR_RFLAG_CF, (dst.Value.Qwords[0] >> src.Value.Qwords[0]) & 1);
if (ND_INS_BTS == Context->Instruction.Instruction)
{
@ -2041,8 +2041,8 @@ ShemuEmulate(
SET_OP(Context, 1, &rcx);
if (rcx.Value.Qwords[0] > 0)
{
if (((ND_INS_LOOPNZ == Context->Instruction.Instruction) && (0 == GET_FLAG(Context, REG_RFLAG_ZF))) ||
((ND_INS_LOOPZ == Context->Instruction.Instruction) && (0 != GET_FLAG(Context, REG_RFLAG_ZF))) ||
if (((ND_INS_LOOPNZ == Context->Instruction.Instruction) && (0 == GET_FLAG(Context, NDR_RFLAG_ZF))) ||
((ND_INS_LOOPZ == Context->Instruction.Instruction) && (0 != GET_FLAG(Context, NDR_RFLAG_ZF))) ||
(ND_INS_LOOP == Context->Instruction.Instruction))
{
// Modify the RIP if the branch is taken.
@ -2156,12 +2156,12 @@ ShemuEmulate(
rcx.Value.Qwords[0]--;
SET_OP(Context, 2, &rcx);
if (Context->Instruction.HasRepRepzXrelease && !GET_FLAG(Context, REG_RFLAG_ZF))
if (Context->Instruction.HasRepRepzXrelease && !GET_FLAG(Context, NDR_RFLAG_ZF))
{
break;
}
if (Context->Instruction.HasRepnzXacquireBnd && GET_FLAG(Context, REG_RFLAG_ZF))
if (Context->Instruction.HasRepnzXacquireBnd && GET_FLAG(Context, NDR_RFLAG_ZF))
{
break;
}
@ -2287,8 +2287,8 @@ ShemuEmulate(
break;
}
SET_FLAG(Context, REG_RFLAG_CF, cfof);
SET_FLAG(Context, REG_RFLAG_OF, cfof);
SET_FLAG(Context, NDR_RFLAG_CF, cfof);
SET_FLAG(Context, NDR_RFLAG_OF, cfof);
}
else
{
@ -2318,8 +2318,8 @@ ShemuEmulate(
break;
}
SET_FLAG(Context, REG_RFLAG_CF, cfof);
SET_FLAG(Context, REG_RFLAG_OF, cfof);
SET_FLAG(Context, NDR_RFLAG_CF, cfof);
SET_FLAG(Context, NDR_RFLAG_OF, cfof);
}
break;
@ -2416,23 +2416,23 @@ ShemuEmulate(
break;
case ND_INS_CLD:
SET_FLAG(Context, REG_RFLAG_DF, 0);
SET_FLAG(Context, NDR_RFLAG_DF, 0);
break;
case ND_INS_STD:
SET_FLAG(Context, REG_RFLAG_DF, 1);
SET_FLAG(Context, NDR_RFLAG_DF, 1);
break;
case ND_INS_CLC:
SET_FLAG(Context, REG_RFLAG_CF, 0);
SET_FLAG(Context, NDR_RFLAG_CF, 0);
break;
case ND_INS_STC:
SET_FLAG(Context, REG_RFLAG_CF, 1);
SET_FLAG(Context, NDR_RFLAG_CF, 1);
break;
case ND_INS_CMC:
Context->Registers.RegFlags ^= REG_RFLAG_CF;
Context->Registers.RegFlags ^= NDR_RFLAG_CF;
break;
case ND_INS_STI:
@ -2441,7 +2441,7 @@ ShemuEmulate(
return SHEMU_ABORT_NO_PRIVILEGE;
}
SET_FLAG(Context, REG_RFLAG_IF, 1);
SET_FLAG(Context, NDR_RFLAG_IF, 1);
break;
case ND_INS_CLI:
@ -2450,7 +2450,7 @@ ShemuEmulate(
return SHEMU_ABORT_NO_PRIVILEGE;
}
SET_FLAG(Context, REG_RFLAG_IF, 0);
SET_FLAG(Context, NDR_RFLAG_IF, 0);
break;
case ND_INS_SAHF:
@ -2471,7 +2471,7 @@ ShemuEmulate(
break;
case ND_INS_SALC:
if (GET_FLAG(Context, REG_RFLAG_CF))
if (GET_FLAG(Context, NDR_RFLAG_CF))
{
*((uint8_t *)&Context->Registers.RegRax) = 0xFF;
}

4
disasmtool/disasmtool.c
Unescape View File

@ -34,7 +34,7 @@ typedef struct _DISASM_OPTIONS
uint8_t Ring; // Ring - 0, 1, 2 or 3.
uint8_t Vendor; // Proffered vendor.
char *FileName; // Input file, if any.
size_t ShemuRegs[REG_R15 + 1];
size_t ShemuRegs[NDR_R15 + 1];
BOOLEAN UseShemuRegs;
} DISASM_OPTIONS, *PDISASM_OPTIONS;
@ -1439,7 +1439,7 @@ handle_shemu(
ctx.Registers.RegRsp = 0x101000;
ctx.IntbufSize = (DWORD)shellSize + STACK_SIZE;
ctx.Registers.RegFlags = REG_RFLAG_IF | 2;
ctx.Registers.RegFlags = NDR_RFLAG_IF | 2;
ctx.Registers.RegRip = ctx.ShellcodeBase + offset;
ctx.Segments.Cs.Selector = 0x10;

48
disasmtool_lix/dumpers.cpp
Unescape View File

@ -1764,36 +1764,36 @@ std::string reg_to_str(const int reg, const ND_REG_TYPE type)
case ND_REG_GPR:
switch (reg) {
case REG_RAX: return "rax";
case REG_RCX: return "rcx";
case REG_RDX: return "rdx";
case REG_RBX: return "rbx";
case REG_RSP: return "rsp";
case REG_RBP: return "rbp";
case REG_RSI: return "rsi";
case REG_RDI: return "rdi";
case REG_R8: return "r8";
case REG_R9: return "r9";
case REG_R10: return "r10";
case REG_R11: return "r11";
case REG_R12: return "r12";
case REG_R13: return "r13";
case REG_R14: return "r14";
case REG_R15: return "r15";
case NDR_RAX: return "rax";
case NDR_RCX: return "rcx";
case NDR_RDX: return "rdx";
case NDR_RBX: return "rbx";
case NDR_RSP: return "rsp";
case NDR_RBP: return "rbp";
case NDR_RSI: return "rsi";
case NDR_RDI: return "rdi";
case NDR_R8: return "r8";
case NDR_R9: return "r9";
case NDR_R10: return "r10";
case NDR_R11: return "r11";
case NDR_R12: return "r12";
case NDR_R13: return "r13";
case NDR_R14: return "r14";
case NDR_R15: return "r15";
}
return "<u>";
case ND_REG_SEG:
switch (reg) {
case REG_ES: return "es";
case REG_CS: return "cs";
case REG_SS: return "ss";
case REG_DS: return "ds";
case REG_FS: return "fs";
case REG_GS: return "gs";
case REG_INV6: return "inv6";
case REG_INV7: return "inv7";
case NDR_ES: return "es";
case NDR_CS: return "cs";
case NDR_SS: return "ss";
case NDR_DS: return "ds";
case NDR_FS: return "fs";
case NDR_GS: return "gs";
case NDR_INV6: return "inv6";
case NDR_INV7: return "inv7";
}
return "<u>";

194
inc/cpuidflags.h
Unescape View File

@ -7,102 +7,102 @@
#define ND_CFF(leaf, subleaf, reg, bit) ((uint64_t)(leaf) | ((uint64_t)((subleaf) & 0xFFFFFF) << 32) | ((uint64_t)(reg) << 56) | ((uint64_t)(bit) << 59))
#define ND_CFF_FPU ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 0)
#define ND_CFF_MSR ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 5)
#define ND_CFF_CX8 ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 8)
#define ND_CFF_SEP ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 11)
#define ND_CFF_CMOV ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 15)
#define ND_CFF_CLFSH ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 19)
#define ND_CFF_MMX ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 23)
#define ND_CFF_FXSAVE ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 24)
#define ND_CFF_SSE ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 25)
#define ND_CFF_SSE2 ND_CFF(0x00000001, 0xFFFFFFFF, REG_EDX, 26)
#define ND_CFF_SSE3 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 0)
#define ND_CFF_PCLMULQDQ ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 1)
#define ND_CFF_MONITOR ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 3)
#define ND_CFF_VTX ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 5)
#define ND_CFF_SMX ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 6)
#define ND_CFF_SSSE3 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 9)
#define ND_CFF_FMA ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 12)
#define ND_CFF_SSE4 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 19)
#define ND_CFF_SSE42 ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 20)
#define ND_CFF_MOVBE ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 22)
#define ND_CFF_POPCNT ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 23)
#define ND_CFF_AES ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 25)
#define ND_CFF_XSAVE ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 26)
#define ND_CFF_AVX ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 28)
#define ND_CFF_F16C ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 29)
#define ND_CFF_RDRAND ND_CFF(0x00000001, 0xFFFFFFFF, REG_ECX, 30)
#define ND_CFF_RDWRFSGS ND_CFF(0x00000007, 0x00000000, REG_EBX, 0)
#define ND_CFF_SGX ND_CFF(0x00000007, 0x00000000, REG_EBX, 2)
#define ND_CFF_BMI1 ND_CFF(0x00000007, 0x00000000, REG_EBX, 3)
#define ND_CFF_HLE ND_CFF(0x00000007, 0x00000000, REG_EBX, 4)
#define ND_CFF_AVX2 ND_CFF(0x00000007, 0x00000000, REG_EBX, 5)
#define ND_CFF_BMI2 ND_CFF(0x00000007, 0x00000000, REG_EBX, 8)
#define ND_CFF_INVPCID ND_CFF(0x00000007, 0x00000000, REG_EBX, 10)
#define ND_CFF_RTM ND_CFF(0x00000007, 0x00000000, REG_EBX, 11)
#define ND_CFF_MPX ND_CFF(0x00000007, 0x00000000, REG_EBX, 14)
#define ND_CFF_AVX512F ND_CFF(0x00000007, 0x00000000, REG_EBX, 16)
#define ND_CFF_AVX512DQ ND_CFF(0x00000007, 0x00000000, REG_EBX, 17)
#define ND_CFF_RDSEED ND_CFF(0x00000007, 0x00000000, REG_EBX, 18)
#define ND_CFF_ADX ND_CFF(0x00000007, 0x00000000, REG_EBX, 19)
#define ND_CFF_SMAP ND_CFF(0x00000007, 0x00000000, REG_EBX, 20)
#define ND_CFF_AVX512IFMA ND_CFF(0x00000007, 0x00000000, REG_EBX, 21)
#define ND_CFF_PCOMMIT ND_CFF(0x00000007, 0x00000000, REG_EBX, 22)
#define ND_CFF_CLFSHOPT ND_CFF(0x00000007, 0x00000000, REG_EBX, 23)
#define ND_CFF_CLWB ND_CFF(0x00000007, 0x00000000, REG_EBX, 24)
#define ND_CFF_AVX512PF ND_CFF(0x00000007, 0x00000000, REG_EBX, 26)
#define ND_CFF_AVX512ER ND_CFF(0x00000007, 0x00000000, REG_EBX, 27)
#define ND_CFF_AVX512CD ND_CFF(0x00000007, 0x00000000, REG_EBX, 28)
#define ND_CFF_SHA ND_CFF(0x00000007, 0x00000000, REG_EBX, 29)
#define ND_CFF_AVX512BW ND_CFF(0x00000007, 0x00000000, REG_EBX, 30)
#define ND_CFF_PREFETCHWT1 ND_CFF(0x00000007, 0x00000000, REG_ECX, 0)
#define ND_CFF_AVX512VBMI ND_CFF(0x00000007, 0x00000000, REG_ECX, 1)
#define ND_CFF_PKU ND_CFF(0x00000007, 0x00000000, REG_ECX, 3)
#define ND_CFF_WAITPKG ND_CFF(0x00000007, 0x00000000, REG_ECX, 5)
#define ND_CFF_AVX512VBMI2 ND_CFF(0x00000007, 0x00000000, REG_ECX, 6)
#define ND_CFF_CET_SS ND_CFF(0x00000007, 0x00000000, REG_ECX, 7)
#define ND_CFF_GFNI ND_CFF(0x00000007, 0x00000000, REG_ECX, 8)
#define ND_CFF_VAES ND_CFF(0x00000007, 0x00000000, REG_ECX, 9)
#define ND_CFF_VPCLMULQDQ ND_CFF(0x00000007, 0x00000000, REG_ECX, 10)
#define ND_CFF_AVX512VNNI ND_CFF(0x00000007, 0x00000000, REG_ECX, 11)
#define ND_CFF_AVX512BITALG ND_CFF(0x00000007, 0x00000000, REG_ECX, 12)
#define ND_CFF_AVX512VPOPCNTDQ ND_CFF(0x00000007, 0x00000000, REG_ECX, 14)
#define ND_CFF_RDPID ND_CFF(0x00000007, 0x00000000, REG_ECX, 22)
#define ND_CFF_CLDEMOTE ND_CFF(0x00000007, 0x00000000, REG_ECX, 25)
#define ND_CFF_MOVDIRI ND_CFF(0x00000007, 0x00000000, REG_ECX, 27)
#define ND_CFF_MOVDIR64B ND_CFF(0x00000007, 0x00000000, REG_ECX, 28)
#define ND_CFF_ENQCMD ND_CFF(0x00000007, 0x00000000, REG_ECX, 29)
#define ND_CFF_AVX5124VNNIW ND_CFF(0x00000007, 0x00000000, REG_EDX, 2)
#define ND_CFF_AVX5124FMAPS ND_CFF(0x00000007, 0x00000000, REG_EDX, 3)
#define ND_CFF_AVX512VP2INTERSECT ND_CFF(0x00000007, 0x00000000, REG_EDX, 8)
#define ND_CFF_SERIALIZE ND_CFF(0x00000007, 0x00000000, REG_EDX, 14)
#define ND_CFF_TSXLDTRK ND_CFF(0x00000007, 0x00000000, REG_EDX, 16)
#define ND_CFF_PCONFIG ND_CFF(0x00000007, 0x00000000, REG_EDX, 18)
#define ND_CFF_CET_IBT ND_CFF(0x00000007, 0x00000000, REG_EDX, 20)
#define ND_CFF_AMXBF16 ND_CFF(0x00000007, 0x00000000, REG_EDX, 22)
#define ND_CFF_AMXTILE ND_CFF(0x00000007, 0x00000000, REG_EDX, 24)
#define ND_CFF_AMXINT8 ND_CFF(0x00000007, 0x00000000, REG_EDX, 25)
#define ND_CFF_AVX512BF16 ND_CFF(0x00000007, 0x00000001, REG_EAX, 5)
#define ND_CFF_XSAVEOPT ND_CFF(0x0000000D, 0x00000001, REG_EAX, 0)
#define ND_CFF_XSAVEC ND_CFF(0x0000000D, 0x00000001, REG_EAX, 1)
#define ND_CFF_XSAVES ND_CFF(0x0000000D, 0x00000001, REG_EAX, 3)
#define ND_CFF_PTWRITE ND_CFF(0x00000014, 0x00000000, REG_EBX, 4)
#define ND_CFF_SVM ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 2)
#define ND_CFF_LZCNT ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 5)
#define ND_CFF_SSE4A ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 6)
#define ND_CFF_PREFETCHW ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 8)
#define ND_CFF_FSC ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 11)
#define ND_CFF_XOP ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 11)
#define ND_CFF_LWP ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 15)
#define ND_CFF_FMA4 ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 16)
#define ND_CFF_TBM ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 21)
#define ND_CFF_INVLPGB ND_CFF(0x80000001, 0xFFFFFFFF, REG_EDX, 24)
#define ND_CFF_RDTSCP ND_CFF(0x80000001, 0xFFFFFFFF, REG_ECX, 27)
#define ND_CFF_3DNOW ND_CFF(0x80000001, 0xFFFFFFFF, REG_EDX, 31)
#define ND_CFF_WBNOINVD ND_CFF(0x80000008, 0xFFFFFFFF, REG_EBX, 9)
#define ND_CFF_RDPRU ND_CFF(0x80000008, 0xFFFFFFFF, REG_EBX, 4)
#define ND_CFF_MCOMMIT ND_CFF(0x80000008, 0xFFFFFFFF, REG_EBX, 8)
#define ND_CFF_SNP ND_CFF(0x8000001F, 0xFFFFFFFF, REG_EAX, 4)
#define ND_CFF_FPU ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 0)
#define ND_CFF_MSR ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 5)
#define ND_CFF_CX8 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 8)
#define ND_CFF_SEP ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 11)
#define ND_CFF_CMOV ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 15)
#define ND_CFF_CLFSH ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 19)
#define ND_CFF_MMX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 23)
#define ND_CFF_FXSAVE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 24)
#define ND_CFF_SSE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 25)
#define ND_CFF_SSE2 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_EDX, 26)
#define ND_CFF_SSE3 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 0)
#define ND_CFF_PCLMULQDQ ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 1)
#define ND_CFF_MONITOR ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 3)
#define ND_CFF_VTX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 5)
#define ND_CFF_SMX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 6)
#define ND_CFF_SSSE3 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 9)
#define ND_CFF_FMA ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 12)
#define ND_CFF_SSE4 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 19)
#define ND_CFF_SSE42 ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 20)
#define ND_CFF_MOVBE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 22)
#define ND_CFF_POPCNT ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 23)
#define ND_CFF_AES ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 25)
#define ND_CFF_XSAVE ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 26)
#define ND_CFF_AVX ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 28)
#define ND_CFF_F16C ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 29)
#define ND_CFF_RDRAND ND_CFF(0x00000001, 0xFFFFFFFF, NDR_ECX, 30)
#define ND_CFF_RDWRFSGS ND_CFF(0x00000007, 0x00000000, NDR_EBX, 0)
#define ND_CFF_SGX ND_CFF(0x00000007, 0x00000000, NDR_EBX, 2)
#define ND_CFF_BMI1 ND_CFF(0x00000007, 0x00000000, NDR_EBX, 3)
#define ND_CFF_HLE ND_CFF(0x00000007, 0x00000000, NDR_EBX, 4)
#define ND_CFF_AVX2 ND_CFF(0x00000007, 0x00000000, NDR_EBX, 5)
#define ND_CFF_BMI2 ND_CFF(0x00000007, 0x00000000, NDR_EBX, 8)
#define ND_CFF_INVPCID ND_CFF(0x00000007, 0x00000000, NDR_EBX, 10)
#define ND_CFF_RTM ND_CFF(0x00000007, 0x00000000, NDR_EBX, 11)
#define ND_CFF_MPX ND_CFF(0x00000007, 0x00000000, NDR_EBX, 14)
#define ND_CFF_AVX512F ND_CFF(0x00000007, 0x00000000, NDR_EBX, 16)
#define ND_CFF_AVX512DQ ND_CFF(0x00000007, 0x00000000, NDR_EBX, 17)
#define ND_CFF_RDSEED ND_CFF(0x00000007, 0x00000000, NDR_EBX, 18)
#define ND_CFF_ADX ND_CFF(0x00000007, 0x00000000, NDR_EBX, 19)
#define ND_CFF_SMAP ND_CFF(0x00000007, 0x00000000, NDR_EBX, 20)
#define ND_CFF_AVX512IFMA ND_CFF(0x00000007, 0x00000000, NDR_EBX, 21)
#define ND_CFF_PCOMMIT ND_CFF(0x00000007, 0x00000000, NDR_EBX, 22)
#define ND_CFF_CLFSHOPT ND_CFF(0x00000007, 0x00000000, NDR_EBX, 23)
#define ND_CFF_CLWB ND_CFF(0x00000007, 0x00000000, NDR_EBX, 24)
#define ND_CFF_AVX512PF ND_CFF(0x00000007, 0x00000000, NDR_EBX, 26)
#define ND_CFF_AVX512ER ND_CFF(0x00000007, 0x00000000, NDR_EBX, 27)
#define ND_CFF_AVX512CD ND_CFF(0x00000007, 0x00000000, NDR_EBX, 28)
#define ND_CFF_SHA ND_CFF(0x00000007, 0x00000000, NDR_EBX, 29)
#define ND_CFF_AVX512BW ND_CFF(0x00000007, 0x00000000, NDR_EBX, 30)
#define ND_CFF_PREFETCHWT1 ND_CFF(0x00000007, 0x00000000, NDR_ECX, 0)
#define ND_CFF_AVX512VBMI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 1)
#define ND_CFF_PKU ND_CFF(0x00000007, 0x00000000, NDR_ECX, 3)
#define ND_CFF_WAITPKG ND_CFF(0x00000007, 0x00000000, NDR_ECX, 5)
#define ND_CFF_AVX512VBMI2 ND_CFF(0x00000007, 0x00000000, NDR_ECX, 6)
#define ND_CFF_CET_SS ND_CFF(0x00000007, 0x00000000, NDR_ECX, 7)
#define ND_CFF_GFNI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 8)
#define ND_CFF_VAES ND_CFF(0x00000007, 0x00000000, NDR_ECX, 9)
#define ND_CFF_VPCLMULQDQ ND_CFF(0x00000007, 0x00000000, NDR_ECX, 10)
#define ND_CFF_AVX512VNNI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 11)
#define ND_CFF_AVX512BITALG ND_CFF(0x00000007, 0x00000000, NDR_ECX, 12)
#define ND_CFF_AVX512VPOPCNTDQ ND_CFF(0x00000007, 0x00000000, NDR_ECX, 14)
#define ND_CFF_RDPID ND_CFF(0x00000007, 0x00000000, NDR_ECX, 22)
#define ND_CFF_CLDEMOTE ND_CFF(0x00000007, 0x00000000, NDR_ECX, 25)
#define ND_CFF_MOVDIRI ND_CFF(0x00000007, 0x00000000, NDR_ECX, 27)
#define ND_CFF_MOVDIR64B ND_CFF(0x00000007, 0x00000000, NDR_ECX, 28)
#define ND_CFF_ENQCMD ND_CFF(0x00000007, 0x00000000, NDR_ECX, 29)
#define ND_CFF_AVX5124VNNIW ND_CFF(0x00000007, 0x00000000, NDR_EDX, 2)
#define ND_CFF_AVX5124FMAPS ND_CFF(0x00000007, 0x00000000, NDR_EDX, 3)
#define ND_CFF_AVX512VP2INTERSECT ND_CFF(0x00000007, 0x00000000, NDR_EDX, 8)
#define ND_CFF_SERIALIZE ND_CFF(0x00000007, 0x00000000, NDR_EDX, 14)
#define ND_CFF_TSXLDTRK ND_CFF(0x00000007, 0x00000000, NDR_EDX, 16)
#define ND_CFF_PCONFIG ND_CFF(0x00000007, 0x00000000, NDR_EDX, 18)
#define ND_CFF_CET_IBT ND_CFF(0x00000007, 0x00000000, NDR_EDX, 20)
#define ND_CFF_AMXBF16 ND_CFF(0x00000007, 0x00000000, NDR_EDX, 22)
#define ND_CFF_AMXTILE ND_CFF(0x00000007, 0x00000000, NDR_EDX, 24)
#define ND_CFF_AMXINT8 ND_CFF(0x00000007, 0x00000000, NDR_EDX, 25)
#define ND_CFF_AVX512BF16 ND_CFF(0x00000007, 0x00000001, NDR_EAX, 5)
#define ND_CFF_XSAVEOPT ND_CFF(0x0000000D, 0x00000001, NDR_EAX, 0)
#define ND_CFF_XSAVEC ND_CFF(0x0000000D, 0x00000001, NDR_EAX, 1)
#define ND_CFF_XSAVES ND_CFF(0x0000000D, 0x00000001, NDR_EAX, 3)
#define ND_CFF_PTWRITE ND_CFF(0x00000014, 0x00000000, NDR_EBX, 4)
#define ND_CFF_SVM ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 2)
#define ND_CFF_LZCNT ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 5)
#define ND_CFF_SSE4A ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 6)
#define ND_CFF_PREFETCHW ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 8)
#define ND_CFF_FSC ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 11)
#define ND_CFF_XOP ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 11)
#define ND_CFF_LWP ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 15)
#define ND_CFF_FMA4 ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 16)
#define ND_CFF_TBM ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 21)
#define ND_CFF_INVLPGB ND_CFF(0x80000001, 0xFFFFFFFF, NDR_EDX, 24)
#define ND_CFF_RDTSCP ND_CFF(0x80000001, 0xFFFFFFFF, NDR_ECX, 27)
#define ND_CFF_3DNOW ND_CFF(0x80000001, 0xFFFFFFFF, NDR_EDX, 31)
#define ND_CFF_WBNOINVD ND_CFF(0x80000008, 0xFFFFFFFF, NDR_EBX, 9)
#define ND_CFF_RDPRU ND_CFF(0x80000008, 0xFFFFFFFF, NDR_EBX, 4)
#define ND_CFF_MCOMMIT ND_CFF(0x80000008, 0xFFFFFFFF, NDR_EBX, 8)
#define ND_CFF_SNP ND_CFF(0x8000001F, 0xFFFFFFFF, NDR_EAX, 4)
#endif // CPUID_FLAGS_H

126
inc/registers.h
Unescape View File

@ -10,139 +10,139 @@
//
enum
{
REG_RAX, REG_RCX, REG_RDX, REG_RBX, REG_RSP, REG_RBP, REG_RSI, REG_RDI,
REG_R8, REG_R9, REG_R10, REG_R11, REG_R12, REG_R13, REG_R14, REG_R15,
NDR_RAX, NDR_RCX, NDR_RDX, NDR_RBX, NDR_RSP, NDR_RBP, NDR_RSI, NDR_RDI,
NDR_R8, NDR_R9, NDR_R10, NDR_R11, NDR_R12, NDR_R13, NDR_R14, NDR_R15,
};
enum
{
REG_EAX, REG_ECX, REG_EDX, REG_EBX, REG_ESP, REG_EBP, REG_ESI, REG_EDI,
REG_R8D, REG_R9D, REG_R10D,REG_R11D,REG_R12D,REG_R13D,REG_R14D,REG_R15D,
NDR_EAX, NDR_ECX, NDR_EDX, NDR_EBX, NDR_ESP, NDR_EBP, NDR_ESI, NDR_EDI,
NDR_R8D, NDR_R9D, NDR_R10D,NDR_R11D,NDR_R12D,NDR_R13D,NDR_R14D,NDR_R15D,
};
enum
{
REG_AX, REG_CX, REG_DX, REG_BX, REG_SP, REG_BP, REG_SI, REG_DI,
REG_R8W, REG_R9W, REG_R10W,REG_R11W,REG_R12W,REG_R13W,REG_R14W,REG_R15W,
NDR_AX, NDR_CX, NDR_DX, NDR_BX, NDR_SP, NDR_BP, NDR_SI, NDR_DI,
NDR_R8W, NDR_R9W, NDR_R10W,NDR_R11W,NDR_R12W,NDR_R13W,NDR_R14W,NDR_R15W,
};
enum
{
REG_AL, REG_CL, REG_DL, REG_BL, REG_AH, REG_CH, REG_DH, REG_BH,
NDR_AL, NDR_CL, NDR_DL, NDR_BL, NDR_AH, NDR_CH, NDR_DH, NDR_BH,
};
enum
{
REG_AL64, REG_CL64, REG_DL64, REG_BL64, REG_SPL, REG_BPL, REG_SIL, REG_DIL,
REG_R8L, REG_R9L, REG_R10L, REG_R11L, REG_R12L, REG_R13L, REG_R14L, REG_R15L,
NDR_AL64, NDR_CL64, NDR_DL64, NDR_BL64, NDR_SPL, NDR_BPL, NDR_SIL, NDR_DIL,
NDR_R8L, NDR_R9L, NDR_R10L, NDR_R11L, NDR_R12L, NDR_R13L, NDR_R14L, NDR_R15L,
};
enum
{
REG_ES, REG_CS, REG_SS, REG_DS, REG_FS, REG_GS, REG_INV6, REG_INV7,
NDR_ES, NDR_CS, NDR_SS, NDR_DS, NDR_FS, NDR_GS, NDR_INV6, NDR_INV7,
};
enum
{
REG_CR0, REG_CR1, REG_CR2, REG_CR3, REG_CR4, REG_CR5, REG_CR6, REG_CR7,
REG_CR8, REG_CR9, REG_CR10, REG_CR11, REG_CR12, REG_CR13, REG_CR14, REG_CR15,
NDR_CR0, NDR_CR1, NDR_CR2, NDR_CR3, NDR_CR4, NDR_CR5, NDR_CR6, NDR_CR7,
NDR_CR8, NDR_CR9, NDR_CR10, NDR_CR11, NDR_CR12, NDR_CR13, NDR_CR14, NDR_CR15,
};
enum
{
REG_DR0, REG_DR1, REG_DR2, REG_DR3, REG_DR4, REG_DR5, REG_DR6, REG_DR7,
REG_DR8, REG_DR9, REG_DR10, REG_DR11, REG_DR12, REG_DR13, REG_DR14, REG_DR15,
NDR_DR0, NDR_DR1, NDR_DR2, NDR_DR3, NDR_DR4, NDR_DR5, NDR_DR6, NDR_DR7,
NDR_DR8, NDR_DR9, NDR_DR10, NDR_DR11, NDR_DR12, NDR_DR13, NDR_DR14, NDR_DR15,
};
enum
{
REG_TR0, REG_TR1, REG_TR2, REG_TR3, REG_TR4, REG_TR5, REG_TR6, REG_TR7,
REG_TR8, REG_TR9, REG_TR10, REG_TR11, REG_TR12, REG_TR13, REG_TR14, REG_TR15,
NDR_TR0, NDR_TR1, NDR_TR2, NDR_TR3, NDR_TR4, NDR_TR5, NDR_TR6, NDR_TR7,
NDR_TR8, NDR_TR9, NDR_TR10, NDR_TR11, NDR_TR12, NDR_TR13, NDR_TR14, NDR_TR15,
};
enum
{
REG_K0, REG_K1, REG_K2, REG_K3, REG_K4, REG_K5, REG_K6, REG_K7,
NDR_K0, NDR_K1, NDR_K2, NDR_K3, NDR_K4, NDR_K5, NDR_K6, NDR_K7,
};
enum
{
REG_BND0, REG_BND1, REG_BND2, REG_BND3,
NDR_BND0, NDR_BND1, NDR_BND2, NDR_BND3,
};
enum
{
REG_ST0, REG_ST1, REG_ST2, REG_ST3, REG_ST4, REG_ST5, REG_ST6, REG_ST7,
NDR_ST0, NDR_ST1, NDR_ST2, NDR_ST3, NDR_ST4, NDR_ST5, NDR_ST6, NDR_ST7,
};
enum
{
REG_XMM0, REG_XMM1, REG_XMM2, REG_XMM3, REG_XMM4, REG_XMM5, REG_XMM6, REG_XMM7,
REG_XMM8, REG_XMM9, REG_XMM10, REG_XMM11, REG_XMM12, REG_XMM13, REG_XMM14, REG_XMM15,
REG_XMM16, REG_XMM17, REG_XMM18, REG_XMM19, REG_XMM20, REG_XMM21, REG_XMM22, REG_XMM23,
REG_XMM24, REG_XMM25, REG_XMM26, REG_XMM27, REG_XMM28, REG_XMM29, REG_XMM30, REG_XMM31,
NDR_XMM0, NDR_XMM1, NDR_XMM2, NDR_XMM3, NDR_XMM4, NDR_XMM5, NDR_XMM6, NDR_XMM7,
NDR_XMM8, NDR_XMM9, NDR_XMM10, NDR_XMM11, NDR_XMM12, NDR_XMM13, NDR_XMM14, NDR_XMM15,
NDR_XMM16, NDR_XMM17, NDR_XMM18, NDR_XMM19, NDR_XMM20, NDR_XMM21, NDR_XMM22, NDR_XMM23,
NDR_XMM24, NDR_XMM25, NDR_XMM26, NDR_XMM27, NDR_XMM28, NDR_XMM29, NDR_XMM30, NDR_XMM31,
};
enum
{
REG_YMM0, REG_YMM1, REG_YMM2, REG_YMM3, REG_YMM4, REG_YMM5, REG_YMM6, REG_YMM7,
REG_YMM8, REG_YMM9, REG_YMM10, REG_YMM11, REG_YMM12, REG_YMM13, REG_YMM14, REG_YMM15,
REG_YMM16, REG_YMM17, REG_YMM18, REG_YMM19, REG_YMM20, REG_YMM21, REG_YMM22, REG_YMM23,
REG_YMM24, REG_YMM25, REG_YMM26, REG_YMM27, REG_YMM28, REG_YMM29, REG_YMM30, REG_YMM31,
NDR_YMM0, NDR_YMM1, NDR_YMM2, NDR_YMM3, NDR_YMM4, NDR_YMM5, NDR_YMM6, NDR_YMM7,
NDR_YMM8, NDR_YMM9, NDR_YMM10, NDR_YMM11, NDR_YMM12, NDR_YMM13, NDR_YMM14, NDR_YMM15,
NDR_YMM16, NDR_YMM17, NDR_YMM18, NDR_YMM19, NDR_YMM20, NDR_YMM21, NDR_YMM22, NDR_YMM23,
NDR_YMM24, NDR_YMM25, NDR_YMM26, NDR_YMM27, NDR_YMM28, NDR_YMM29, NDR_YMM30, NDR_YMM31,
};
enum
{
REG_ZMM0, REG_ZMM1, REG_ZMM2, REG_ZMM3, REG_ZMM4, REG_ZMM5, REG_ZMM6, REG_ZMM7,
REG_ZMM8, REG_ZMM9, REG_ZMM10, REG_ZMM11, REG_ZMM12, REG_ZMM13, REG_ZMM14, REG_ZMM15,
REG_ZMM16, REG_ZMM17, REG_ZMM18, REG_ZMM19, REG_ZMM20, REG_ZMM21, REG_ZMM22, REG_ZMM23,
REG_ZMM24, REG_ZMM25, REG_ZMM26, REG_ZMM27, REG_ZMM28, REG_ZMM29, REG_ZMM30, REG_ZMM31,
NDR_ZMM0, NDR_ZMM1, NDR_ZMM2, NDR_ZMM3, NDR_ZMM4, NDR_ZMM5, NDR_ZMM6, NDR_ZMM7,
NDR_ZMM8, NDR_ZMM9, NDR_ZMM10, NDR_ZMM11, NDR_ZMM12, NDR_ZMM13, NDR_ZMM14, NDR_ZMM15,
NDR_ZMM16, NDR_ZMM17, NDR_ZMM18, NDR_ZMM19, NDR_ZMM20, NDR_ZMM21, NDR_ZMM22, NDR_ZMM23,
NDR_ZMM24, NDR_ZMM25, NDR_ZMM26, NDR_ZMM27, NDR_ZMM28, NDR_ZMM29, NDR_ZMM30, NDR_ZMM31,
};
enum
{
REG_GDTR, REG_IDTR, REG_LDTR, REG_TR,
NDR_GDTR, NDR_IDTR, NDR_LDTR, NDR_TR,
};
enum
{
REG_X87_CONTROL, REG_X87_TAG, REG_X87_STATUS,
NDR_X87_CONTROL, NDR_X87_TAG, NDR_X87_STATUS,
};
enum
{
REG_XCR0, REG_XCR1, REG_XCR_ANY = 0xFF,
NDR_XCR0, NDR_XCR1, NDR_XCR_ANY = 0xFF,
};
#define REG_IA32_TSC 0x00000010
#define REG_IA32_SYSENTER_CS 0x00000174
#define REG_IA32_SYSENTER_ESP 0x00000175
#define REG_IA32_SYSENTER_EIP 0x00000176
#define REG_IA32_STAR 0xC0000081
#define REG_IA32_LSTAR 0xC0000082
#define REG_IA32_FMASK 0xC0000084
#define REG_IA32_FS_BASE 0xC0000100
#define REG_IA32_GS_BASE 0xC0000101
#define REG_IA32_KERNEL_GS_BASE 0xC0000102
#define REG_IA32_TSC_AUX 0xC0000103
#define REG_MSR_ANY 0xFFFFFFFF
#define NDR_IA32_TSC 0x00000010
#define NDR_IA32_SYSENTER_CS 0x00000174
#define NDR_IA32_SYSENTER_ESP 0x00000175
#define NDR_IA32_SYSENTER_EIP 0x00000176
#define NDR_IA32_STAR 0xC0000081
#define NDR_IA32_LSTAR 0xC0000082
#define NDR_IA32_FMASK 0xC0000084
#define NDR_IA32_FS_BASE 0xC0000100
#define NDR_IA32_GS_BASE 0xC0000101
#define NDR_IA32_KERNEL_GS_BASE 0xC0000102
#define NDR_IA32_TSC_AUX 0xC0000103
#define NDR_MSR_ANY 0xFFFFFFFF
#define REG_RFLAG_CF (1 << 0)
#define REG_RFLAG_PF (1 << 2)
#define REG_RFLAG_AF (1 << 4)
#define REG_RFLAG_ZF (1 << 6)
#define REG_RFLAG_SF (1 << 7)
#define REG_RFLAG_TF (1 << 8)
#define REG_RFLAG_IF (1 << 9)
#define REG_RFLAG_DF (1 << 10)
#define REG_RFLAG_OF (1 << 11)
#define REG_RFLAG_IOPL (3 << 12)
#define REG_RFLAG_NT (1 << 14)
#define REG_RFLAG_RF (1 << 16)
#define REG_RFLAG_VM (1 << 17)
#define REG_RFLAG_AC (1 << 18)
#define REG_RFLAG_VIF (1 << 19)
#define REG_RFLAG_VIP (1 << 20)
#define REG_RFLAG_ID (1 << 21)
#define NDR_RFLAG_CF (1 << 0)
#define NDR_RFLAG_PF (1 << 2)
#define NDR_RFLAG_AF (1 << 4)
#define NDR_RFLAG_ZF (1 << 6)
#define NDR_RFLAG_SF (1 << 7)
#define NDR_RFLAG_TF (1 << 8)
#define NDR_RFLAG_IF (1 << 9)
#define NDR_RFLAG_DF (1 << 10)
#define NDR_RFLAG_OF (1 << 11)
#define NDR_RFLAG_IOPL (3 << 12)
#define NDR_RFLAG_NT (1 << 14)
#define NDR_RFLAG_RF (1 << 16)
#define NDR_RFLAG_VM (1 << 17)
#define NDR_RFLAG_AC (1 << 18)
#define NDR_RFLAG_VIF (1 << 19)
#define NDR_RFLAG_VIP (1 << 20)
#define NDR_RFLAG_ID (1 << 21)
#endif

4
inc/version.h
Unescape View File

@ -6,7 +6,7 @@
#define DISASM_VER_H
#define DISASM_VERSION_MAJOR 1
#define DISASM_VERSION_MINOR 26
#define DISASM_VERSION_REVISION 3
#define DISASM_VERSION_MINOR 27
#define DISASM_VERSION_REVISION 0
#endif // DISASM_VER_H

4
isagenerator/generate_tables.py
Unescape View File

@ -540,7 +540,7 @@ def cdef_instruction(self):
if m == '1' or m == '0':
dst = dst + self.RevFlagsAccess['u']
for f in dst:
flg += '|REG_RFLAG_%s' % f.upper()
flg += '|NDR_RFLAG_%s' % f.upper()
c += "\n %s," % flg
# Add the instruction operands
@ -1202,7 +1202,7 @@ def generate_features(features, fname):
f.write('\n')
for c in features:
f.write('#define ND_CFF_%s%sND_CFF(%s, %s, %s, %s)\n' % (c.Name, ' ' * (25 - len(c.Name)), c.Leaf, c.SubLeaf, 'REG_' + c.Reg, c.Bit))
f.write('#define ND_CFF_%s%sND_CFF(%s, %s, %s, %s)\n' % (c.Name, ' ' * (25 - len(c.Name)), c.Leaf, c.SubLeaf, 'NDR_' + c.Reg, c.Bit))
f.write('\n')

4
pydis/_pydis/pydis.c
Unescape View File

@ -33,7 +33,7 @@ nd_vsnprintf_s(char *str, size_t sizeOfBuffer, size_t count, const char *format,
return vsnprintf(str, count, format, args);
}
int nd_memset(void *s, int c, size_t n)
void *nd_memset(void *s, int c, size_t n)
{
memset(s, c, n);
return memset(s, c, n);
}

Write Preview
Loading…
Cancel
Save