1
0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-12-27 08:28:07 +00:00
Commit Graph

25 Commits

Author SHA1 Message Date
Andrei Vlad LUTAS
5a617986b7 Added new shemu flag: SHEMU_FLAG_SUD_ACCESS is raised whenever the code accesses the SharedUserData page. 2021-08-16 12:34:41 +03:00
Andrei Vlad LUTAS
f6050661d5 Multiple improvements in bdshemu
Fixed an emulation bug for MOVZX and MOVSX instructions (https://github.com/bitdefender/bddisasm/issues/48)
New shellcode flag - call tot Wow32 reserved.
New shellcode flag - heaven's gate.
New shellcode flag - stack-pivot.
Moved bdshemu tests in a password protected zip file, so it doesn't trigger AV detections.
2021-08-10 11:43:51 +03:00
Andrei Vlad LUTAS
76d92e73c2 Multiple changes
- Add support for AVX512-FP16 instructions, as per https://software.intel.com/content/www/us/en/develop/download/intel-avx512-fp16-architecture-specification.html
- Bug fix: zeroing with no masking is not supported, so return an error if we encounter such encodings
- Bug fix: ignore VEX/EVEX.W field outside 64 bit mode for some instructions
- Several other minor fixes and improvements
2021-07-08 12:40:39 +03:00
Andrei Vlad LUTAS
072f6e059b Build improvements
Exclude string constants from build if BDDISASM_NO_FORMAT is defined.
Use extern "C" when declaring the public bddisasm/bdshemu functions.
Include wmmintrin.h for AES intrinisics when building using LLVM/clang.
2021-05-17 09:52:04 +03:00
Ionel-Cristinel ANICHITEI
e7803bdf72 Implement nd_vsnprintf_s and nd_memset if possible 2021-03-30 21:58:03 +03:00
Ionel-Cristinel ANICHITEI
dbbc8b82af cmake: Space between if/else/elseif and condition
It just looks better IMO
2021-03-30 12:36:35 +03:00
Ionel-Cristinel ANICHITEI
283c00b4c7 cmake: Format the cmake scripts 2021-03-30 12:20:47 +03:00
Ionel-Cristinel ANICHITEI
3495a7cc84 cmake: Various improvements, especially to the way the bddisasm package is consumed
This should make integrating the project easier. CMake also works on Windows now.
2021-03-30 12:20:31 +03:00
Andrei Vlad LUTAS
fccf11915d Added support for Intel FRED and LKGS instructions. 2021-03-15 14:05:44 +02:00
Andrei Vlad LUTAS
37d47ef7e7 Display instruction bitfields support.
Using the `-bits` option, the various bits inside the EVEX, VEX, XOP, ModR/M and SIB can be displayed.
2021-02-19 11:10:41 +02:00
Andrei Vlad LUTAS
f8a3011a49 Added support for AESDEC, AESDECLAST and AESIMC emulation, using compiler intrinsics - they will be used only if the SHEMU_OPT_SUPPORT_AES is set (so the integrator can properly check for AES-NI support in hardware).
Fixed shemu option on Linux - make sure proper RIP is provided.
2020-12-04 10:52:56 +02:00
Ionel-Cristinel ANICHITEI
c1c3770cc6 Move bdhsemu.h to inc/ 2020-11-17 16:05:40 +02:00
Andrei Vlad LUTAS
58197cc518 Removed support for PCOMMIT and CL1INVMB (not implemented by any x86/x64 CPUs), and marked MOV to/from test registers as being invalid in long mode.
Fixed https://github.com/bitdefender/bddisasm/issues/24
Fixed https://github.com/bitdefender/bddisasm/issues/25
Fixed https://github.com/bitdefender/bddisasm/issues/26
2020-11-09 09:18:46 +02:00
Andrei Vlad LUTAS
9652450125 Added support for UINTR, HRESET and AVX-VNNI instructions, as per Intel® Architecture Instruction Set Extensions Programming Reference 41 (October 2020). 2020-10-05 13:19:03 +03:00
Andrei Vlad LUTAS
24ae7782d6 Fixed some static code check warnings. 2020-09-21 12:16:45 +03:00
Andrei Vlad LUTAS
4f8b030ddd Added support for Intel Key Locker instructions, as per https://software.intel.com/content/www/us/en/develop/download/intel-key-locker-specification.html. 2020-09-16 11:56:05 +03:00
Andrei Vlad LUTAS
fc62fc0b36 Updated INSTRUX size in setup.py (pybddisasm). 2020-09-10 11:12:51 +03:00
Andrei Vlad LUTAS
33078e4670 Added support for TDX instructions, per https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-cpu-architectural-specification.pdf. 2020-09-10 11:06:20 +03:00
Andrei Vlad LUTAS
ed564dba32 Specifically flag multi-byte NOP operands as not-accessed.
New capability - bddisasm can now be instructed whether to decode some instructions as NOPs are as MPX/CET/CLDEMOTE. This is the case for instructions that are mapped onto the wide NOP space: in that case, an encoding might be NOP if the feature is off, but might be something else (even #UD) if the feature is on.
Added NdDecodeWithContext API - this becomes the base decode API; it received the input information filled in a ND_CONTEXT structure, whih has to be initialized only once, and can be reused across calls. The NdInitContext function must be used to initialize the context, as it ensures backwards compatibility by filling new options with default values.
Improvements to the README file.
2020-07-30 11:07:14 +03:00
Andrei Vlad LUTAS
144baa5140 Renamed REG_* fields to NDR_*, so that we don't conflict with _GNU_SOURCES. 2020-07-29 11:05:27 +03:00
Andrei Vlad LUTAS
4b2f2aee66 Added dedicated Prefetch operand access type.
Internally, store the access type sepparately than the flags.
Dump conditional operand accesses with exi option too.
2020-07-25 17:16:35 +03:00
Andrei Vlad LUTAS
752bc626c4 Fixed RET with immediate - the immediate is not sign-extended.
Fixed VEX decoding in 32 bit mode - vex.vvvv bit 3 is simply ignored.
Fixed several FMA instructions decoding (L/W flag should be ignored).
Print the 64 bit immediate value in disassembly, instead of the raw immediate (note that the operand always contains the sign-extended, full immediate).
XBEGIN always uses 32/64 bit RIP size (0x66 does not affect its size).
Decode WBINVD even if it's preceded by 0x66/0xF2 prefixes.
Several mnemonic fixes (FXSAVE64, FXRSTOR64, PUSHA/PUSHAD...).
Properly decode VPERMIL2* instructions.
Fixed SSE register decoding when it is encoded in immediate.
Decode SCATTER instructions even though they use the VSIB index as source.
Some disp8 fixes (t1s -> t1s8/t1s16).
SYSCALL/SYSRET are decoded and executed in 32 bit compat modem, even though SDM states they are invalid.
RDPID uses 32/64 bit reg size, never 16.
Various other minor tweaks & fixes.
Re-generated the test files, and added some more, new tests.
2020-07-23 14:08:01 +03:00
Andrei Vlad LUTAS
8392c97f97 Use the documented byte granularity for cache-line accesses.
Fixed CET CPUID feature flag - split into CET_SS and CET_IBT.
2020-07-22 00:47:46 +03:00
Andrei Vlad LUTAS
9ff2543660 Added the Shadow Stack Pointer operand to the SYSCALL and SYSEXIT instructions.
Moved the CET test cases in dedicated folders.
Improved shadow-stack operand reporting - a distinction can be made between push/pop shadow stack accesses, and other shadow stack accesses.
A new field is now present in the memory information - the shadow stack access type, which indicates: explicit access, implicit via SSP, implicit push/pop via SSP or implicit via IA32_PL0_SSP.
2020-07-21 22:29:59 +03:00
Andrei Vlad LUTAS
698ba367a1 Initial commit. 2020-07-21 11:19:18 +03:00