Added missing Default 64 flag for the ENTER instruction.

On AMD, operand size is never forced to 64 bit - instead, it only defaults to 64 bit, which means that 0x66 can be used to encode 16 bit version of the instructions.
pull/29/head
Andrei Vlad LUTAS 3 years ago
parent 7a0fa449bc
commit e26971b4f0

@ -288,6 +288,23 @@ NdGetVersion(
*Revision = DISASM_VERSION_REVISION;
}
//
// Do not use __TIME__ and __DATE__ macros when compiling against a kernel tree.
//
#if defined(__KERNEL__) && defined(__GNUC__)
if (NULL != BuildDate)
{
*BuildDate = NULL;
}
if (NULL != BuildTime)
{
*BuildTime = NULL;
}
#else
if (NULL != BuildDate)
{
*BuildDate = __DATE__;
@ -297,6 +314,9 @@ NdGetVersion(
{
*BuildTime = __TIME__;
}
#endif
}
#ifndef KERNEL_MODE
@ -3691,9 +3711,11 @@ NdGetEffectiveOpMode(
// Extract the flags.
width = (0 != Instrux->Exs.w) && !(Instrux->Attributes & ND_FLAG_WIG);
// In 64 bit mode, the operand is forced to 64 bit. Size-changing prefixes are ignored.
f64 = 0 != (Instrux->Attributes & ND_FLAG_F64);
// In 64 bit mode, the operand defaults to 64 bit No 32 bit form of the instruction exists.
d64 = 0 != (Instrux->Attributes & ND_FLAG_D64);
f64 = 0 != (Instrux->Attributes & ND_FLAG_F64) && (ND_VEND_AMD != Instrux->VendMode);
// In 64 bit mode, the operand defaults to 64 bit. No 32 bit form of the instruction exists. Note that on AMD,
// only default 64 bit operands exist, even for branches - no operand is forced to 64 bit.
d64 = (0 != (Instrux->Attributes & ND_FLAG_D64)) ||
(0 != (Instrux->Attributes & ND_FLAG_F64) && (ND_VEND_AMD == Instrux->VendMode));
// Check if 0x66 is indeed interpreted as a size changing prefix. Note that if 0x66 is a mandatory prefix,
// then it won't be interpreted as a size changing prefix. However, there is an exception: MOVBE and CRC32
// have mandatory 0xF2, and 0x66 is in fact a size changing prefix.
@ -3770,8 +3792,9 @@ NdValidateInstruction(
if (ND_HAS_VSIB(Instrux) && Instrux->Category != ND_CAT_SCATTER)
{
uint8_t usedVects[32] = { 0 };
uint32_t i;
for (uint32_t i = 0; i < Instrux->OperandsCount; i++)
for (i = 0; i < Instrux->OperandsCount; i++)
{
if (Instrux->Operands[i].Type == ND_OP_REG && Instrux->Operands[i].Info.Register.Type == ND_REG_SSE)
{
@ -3903,6 +3926,7 @@ NdDecodeWithContext(
NDSTATUS status;
PND_INSTRUCTION pIns;
uint32_t opIndex;
size_t i;
// pre-init
status = ND_STATUS_SUCCESS;
@ -4000,7 +4024,7 @@ NdDecodeWithContext(
Instrux->TupleType = pIns->TupleType;
// Copy the mnemonic, up until the NULL terminator.
for (size_t i = 0; i < sizeof(Instrux->Mnemonic); i++)
for (i = 0; i < sizeof(Instrux->Mnemonic); i++)
{
Instrux->Mnemonic[i] = gMnemonics[pIns->Mnemonic][i];
if (Instrux->Mnemonic[i] == 0)
@ -4858,13 +4882,13 @@ NdToText(
switch (pOp->Info.Memory.DispSize)
{
case 1:
normDisp = ((disp & 0x80) ? ~((uint8_t)disp) + 1UL : disp) & 0xFF;
normDisp = ((disp & 0x80) ? ~((uint8_t)disp) + 1ULL : disp) & 0xFF;
break;
case 2:
normDisp = ((disp & 0x8000) ? ~((uint16_t)disp) + 1UL : disp) & 0xFFFF;
normDisp = ((disp & 0x8000) ? ~((uint16_t)disp) + 1ULL : disp) & 0xFFFF;
break;
case 4:
normDisp = ((disp & 0x80000000) ? ~((uint32_t)disp) + 1 : disp) & 0xFFFFFFFF;
normDisp = ((disp & 0x80000000) ? ~((uint32_t)disp) + 1ULL : disp) & 0xFFFFFFFF;
break;
default:
normDisp = disp;
@ -4876,7 +4900,7 @@ NdToText(
// the normDisp is converted to a positive quantity, so no sign-extension is needed.
if (pOp->Info.Memory.HasCompDisp)
{
normDisp = (uint32_t)normDisp * pOp->Info.Memory.CompDispSize;
normDisp = (uint64_t)(uint32_t)normDisp * pOp->Info.Memory.CompDispSize;
}
}

@ -3982,7 +3982,7 @@ const ND_INSTRUCTION gInstructions[2586] =
ND_INS_ENTER, ND_CAT_MISC, ND_SET_I186, 169,
0,
ND_MOD_ANY,
0, ND_OPS_CNT(2, 3), 0, 0, 0, 0, 0, 0, 0, 0,
0, ND_OPS_CNT(2, 3), 0, 0, 0, 0, 0, 0, ND_FLAG_D64, 0,
0,
0,
0,

@ -247,7 +247,7 @@
Segment: 2, Base: 4,
000000000000002B c8100020 ENTER 0x0010, 0x20
DSIZE: 32, ASIZE: 64, VLEN: -
DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: I186, Ins cat: MISC, CET tracked: no
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -260,9 +260,9 @@
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: R-, Type: Immediate, Size: 2, RawSize: 2, Encoding: I
Operand: 1, Acc: R-, Type: Immediate, Size: 1, RawSize: 1, Encoding: I
Operand: 2, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 5, RegCount: 1
Operand: 2, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 5, RegCount: 1
Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 4, RegCount: 1
Operand: 4, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
Operand: 4, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
Segment: 2, Base: 4,
000000000000002F c9 LEAVE

@ -197,7 +197,7 @@
Segment: 2, Base: 4,
000000000000001E c8909090 ENTER 0x9090, 0x90
DSIZE: 32, ASIZE: 64, VLEN: -
DSIZE: 64, ASIZE: 64, VLEN: -
ISA Set: I186, Ins cat: MISC, CET tracked: no
Valid modes
R0: yes, R1: yes, R2: yes, R3: yes
@ -210,9 +210,9 @@
BND: no, BHINT: no, DNT: no
Operand: 0, Acc: R-, Type: Immediate, Size: 2, RawSize: 2, Encoding: I
Operand: 1, Acc: R-, Type: Immediate, Size: 1, RawSize: 1, Encoding: I
Operand: 2, Acc: RW, Type: Register, Size: 4, RawSize: 4, Encoding: S, RegType: General Purpose, RegSize: 4, RegId: 5, RegCount: 1
Operand: 2, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 5, RegCount: 1
Operand: 3, Acc: RW, Type: Register, Size: 8, RawSize: 8, Encoding: S, RegType: General Purpose, RegSize: 8, RegId: 4, RegCount: 1
Operand: 4, Acc: -W, Type: Memory, Size: 4, RawSize: 4, Encoding: S, Stack: yes,
Operand: 4, Acc: -W, Type: Memory, Size: 8, RawSize: 8, Encoding: S, Stack: yes,
Segment: 2, Base: 4,
0000000000000022 90 NOP

@ -6,7 +6,7 @@
#define BDSHEMU_H
#include "bddisasm.h"
#include "../bddisasm.h"
//

@ -9,6 +9,10 @@
# include <ntddk.h>
# include <Ntstrsafe.h>
#elif defined(__KERNEL__) && defined(__GNUC__)
# include <linux/types.h>
#else
# include <stddef.h>

@ -7,6 +7,6 @@
#define DISASM_VERSION_MAJOR 1
#define DISASM_VERSION_MINOR 31
#define DISASM_VERSION_REVISION 0
#define DISASM_VERSION_REVISION 1
#endif // DISASM_VER_H

@ -12,7 +12,7 @@ from setuptools import find_packages, setup, Command, Extension, Distribution
from codecs import open
VERSION = (0, 1, 3)
LIBRARY_VERSION = (1, 31, 0)
LIBRARY_VERSION = (1, 31, 1)
LIBRARY_INSTRUX_SIZE = 864
packages = ['pybddisasm']

Loading…
Cancel
Save