mirror of
https://github.com/bitdefender/bddisasm.git
synced 2025-01-03 20:00:54 +00:00
Added missing Default 64 flag for the ENTER instruction.
On AMD, operand size is never forced to 64 bit - instead, it only defaults to 64 bit, which means that 0x66 can be used to encode 16 bit version of the instructions.
This commit is contained in:
Andrei Vlad LUTAS
parent
7a0fa449bc
commit
e26971b4f0
@ -288,6 +288,23 @@ NdGetVersion(
|
||||
*Revision = DISASM_VERSION_REVISION;
|
||||
}
|
||||
|
||||
//
|
||||
// Do not use __TIME__ and __DATE__ macros when compiling against a kernel tree.
|
||||
//
|
||||
#if defined(__KERNEL__) && defined(__GNUC__)
|
||||
|
||||
if (NULL != BuildDate)
|
||||
{
|
||||
*BuildDate = NULL;
|
||||
}
|
||||
|
||||
if (NULL != BuildTime)
|
||||
{
|
||||
*BuildTime = NULL;
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
if (NULL != BuildDate)
|
||||
{
|
||||
*BuildDate = __DATE__;
|
||||
@ -297,6 +314,9 @@ NdGetVersion(
|
||||
{
|
||||
*BuildTime = __TIME__;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
}
|
||||
|
||||
#ifndef KERNEL_MODE
|
||||
@ -3691,9 +3711,11 @@ NdGetEffectiveOpMode(
|
||||
// Extract the flags.
|
||||
width = (0 != Instrux->Exs.w) && !(Instrux->Attributes & ND_FLAG_WIG);
|
||||
// In 64 bit mode, the operand is forced to 64 bit. Size-changing prefixes are ignored.
|
||||
f64 = 0 != (Instrux->Attributes & ND_FLAG_F64);
|
||||
// In 64 bit mode, the operand defaults to 64 bit No 32 bit form of the instruction exists.
|
||||
d64 = 0 != (Instrux->Attributes & ND_FLAG_D64);
|
||||
f64 = 0 != (Instrux->Attributes & ND_FLAG_F64) && (ND_VEND_AMD != Instrux->VendMode);
|
||||
// In 64 bit mode, the operand defaults to 64 bit. No 32 bit form of the instruction exists. Note that on AMD,
|
||||
// only default 64 bit operands exist, even for branches - no operand is forced to 64 bit.
|
||||
d64 = (0 != (Instrux->Attributes & ND_FLAG_D64)) ||
|
||||
(0 != (Instrux->Attributes & ND_FLAG_F64) && (ND_VEND_AMD == Instrux->VendMode));
|
||||
// Check if 0x66 is indeed interpreted as a size changing prefix. Note that if 0x66 is a mandatory prefix,
|
||||
// then it won't be interpreted as a size changing prefix. However, there is an exception: MOVBE and CRC32
|
||||
// have mandatory 0xF2, and 0x66 is in fact a size changing prefix.
|
||||
@ -3770,8 +3792,9 @@ NdValidateInstruction(
|
||||
if (ND_HAS_VSIB(Instrux) && Instrux->Category != ND_CAT_SCATTER)
|
||||
{
|
||||
uint8_t usedVects[32] = { 0 };
|
||||
uint32_t i;
|
||||
|
||||
for (uint32_t i = 0; i < Instrux->OperandsCount; i++)
|
||||
for (i = 0; i < Instrux->OperandsCount; i++)
|
||||
{
|
||||
if (Instrux->Operands[i].Type == ND_OP_REG && Instrux->Operands[i].Info.Register.Type == ND_REG_SSE)
|
||||
{
|
||||
@ -3903,6 +3926,7 @@ NdDecodeWithContext(
|
||||
NDSTATUS status;
|
||||
PND_INSTRUCTION pIns;
|
||||
uint32_t opIndex;
|
||||
size_t i;
|
||||
|
||||
// pre-init
|
||||
status = ND_STATUS_SUCCESS;
|
||||
@ -4000,7 +4024,7 @@ NdDecodeWithContext(
|
||||
Instrux->TupleType = pIns->TupleType;
|
||||
|
||||
// Copy the mnemonic, up until the NULL terminator.
|
||||
for (size_t i = 0; i < sizeof(Instrux->Mnemonic); i++)
|
||||
for (i = 0; i < sizeof(Instrux->Mnemonic); i++)
|
||||
{
|
||||
Instrux->Mnemonic[i] = gMnemonics[pIns->Mnemonic][i];
|
||||
if (Instrux->Mnemonic[i] == 0)
|
||||
@ -4858,13 +4882,13 @@ NdToText(
|
||||
switch (pOp->Info.Memory.DispSize)
|
||||
{
|
||||
case 1:
|
||||
normDisp = ((disp & 0x80) ? ~((uint8_t)disp) + 1UL : disp) & 0xFF;
|
||||
normDisp = ((disp & 0x80) ? ~((uint8_t)disp) + 1ULL : disp) & 0xFF;
|
||||
break;
|
||||
case 2:
|
||||
normDisp = ((disp & 0x8000) ? ~((uint16_t)disp) + 1UL : disp) & 0xFFFF;
|
||||
normDisp = ((disp & 0x8000) ? ~((uint16_t)disp) + 1ULL : disp) & 0xFFFF;
|
||||
break;
|
||||
case 4:
|
||||
normDisp = ((disp & 0x80000000) ? ~((uint32_t)disp) + 1 : disp) & 0xFFFFFFFF;
|
||||
normDisp = ((disp & 0x80000000) ? ~((uint32_t)disp) + 1ULL : disp) & 0xFFFFFFFF;
|
||||
break;
|
||||
default:
|
||||
normDisp = disp;
|
||||
@ -4876,7 +4900,7 @@ NdToText(
|
||||
// the normDisp is converted to a positive quantity, so no sign-extension is needed.
|
||||
if (pOp->Info.Memory.HasCompDisp)
|
||||
{
|
||||
normDisp = (uint32_t)normDisp * pOp->Info.Memory.CompDispSize;
|
||||
normDisp = (uint64_t)(uint32_t)normDisp * pOp->Info.Memory.CompDispSize;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -3982,7 +3982,7 @@ const ND_INSTRUCTION gInstructions[2586] =
|
||||
ND_INS_ENTER, ND_CAT_MISC, ND_SET_I186, 169,
|
||||
0,
|
||||
ND_MOD_ANY,
|
||||
0, ND_OPS_CNT(2, 3), 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, ND_OPS_CNT(2, 3), 0, 0, 0, 0, 0, 0, ND_FLAG_D64, 0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
|
||||
@ -247,7 +247,7 @@
|
||||
Segment: 2, Base: 4,
|
||||
|
||||
000000000000002B c8100020 ENTER 0x0010, 0x20
|
||||
DSIZE: 32, ASIZE: 64, VLEN: -
|
||||
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||
ISA Set: I186, Ins cat: MISC, CET tracked: no
|
||||
Valid modes
|
||||
R0: yes, R1: yes, R2: yes, R3: yes
|
||||
@ -260,9 +260,9 @@
|
||||
BND: no, BHINT: no, DNT: no
|
||||
Operand: 0, Acc: R-, Type: Immediate, Size: 2, RawSize: 2, Encoding: I
|
||||
Operand: 1, Acc: R-, Type: Immediate, Size: 1, RawSize: 1, Encoding: I
|
||||
Operand: 2, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 5, RegCount: 1
|
||||
Operand: 2, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 5, RegCount: 1
|
||||
Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 4, RegCount: 1
|
||||
Operand: 4, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||
Operand: 4, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||
Segment: 2, Base: 4,
|
||||
|
||||
000000000000002F c9 LEAVE
|
||||
|
||||
@ -197,7 +197,7 @@
|
||||
Segment: 2, Base: 4,
|
||||
|
||||
000000000000001E c8909090 ENTER 0x9090, 0x90
|
||||
DSIZE: 32, ASIZE: 64, VLEN: -
|
||||
DSIZE: 64, ASIZE: 64, VLEN: -
|
||||
ISA Set: I186, Ins cat: MISC, CET tracked: no
|
||||
Valid modes
|
||||
R0: yes, R1: yes, R2: yes, R3: yes
|
||||
@ -210,9 +210,9 @@
|
||||
BND: no, BHINT: no, DNT: no
|
||||
Operand: 0, Acc: R-, Type: Immediate, Size: 2, RawSize: 2, Encoding: I
|
||||
Operand: 1, Acc: R-, Type: Immediate, Size: 1, RawSize: 1, Encoding: I
|
||||
Operand: 2, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 5, RegCount: 1
|
||||
Operand: 2, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 5, RegCount: 1
|
||||
Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 4, RegCount: 1
|
||||
Operand: 4, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
|
||||
Operand: 4, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
|
||||
Segment: 2, Base: 4,
|
||||
|
||||
0000000000000022 90 NOP
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
#define BDSHEMU_H
|
||||
|
||||
|
||||
#include "bddisasm.h"
|
||||
#include "../bddisasm.h"
|
||||
|
||||
|
||||
//
|
||||
|
||||
@ -9,6 +9,10 @@
|
||||
# include <ntddk.h>
|
||||
# include <Ntstrsafe.h>
|
||||
|
||||
#elif defined(__KERNEL__) && defined(__GNUC__)
|
||||
|
||||
# include <linux/types.h>
|
||||
|
||||
#else
|
||||
|
||||
# include <stddef.h>
|
||||
|
||||
@ -7,6 +7,6 @@
|
||||
|
||||
#define DISASM_VERSION_MAJOR 1
|
||||
#define DISASM_VERSION_MINOR 31
|
||||
#define DISASM_VERSION_REVISION 0
|
||||
#define DISASM_VERSION_REVISION 1
|
||||
|
||||
#endif // DISASM_VER_H
|
||||
|
||||
@ -12,7 +12,7 @@ from setuptools import find_packages, setup, Command, Extension, Distribution
|
||||
from codecs import open
|
||||
|
||||
VERSION = (0, 1, 3)
|
||||
LIBRARY_VERSION = (1, 31, 0)
|
||||
LIBRARY_VERSION = (1, 31, 1)
|
||||
LIBRARY_INSTRUX_SIZE = 864
|
||||
|
||||
packages = ['pybddisasm']
|
||||
|
||||
Loading…
Reference in New Issue
Block a user