1
0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-11-22 07:28:07 +00:00
Commit Graph

21 Commits

Author SHA1 Message Date
Andrei Vlad LUTAS
37a8c94bc7 Applied some of the syntax recomandations from https://cdrdv2.intel.com/v1/dl/getContent/817241. 2024-03-04 12:48:18 +02:00
Andrei Vlad LUTAS
fad9c7e35c BDDISASM v2.1.0 release - please consult the CHANGELOG for details about the modifications. 2024-02-20 13:39:22 +02:00
BITDEFENDER\vlutas
089e6d5e7e Significant cleanup in disasmtool: the obsolete search functionality, and supplying registers for shemu from a file are no longer supported. 2023-02-02 21:46:24 +02:00
BITDEFENDER\vlutas
61382e95f0 Since all the shemu test file are synthetic and clean, I removed the password from the test archive. 2022-12-16 15:17:39 +02:00
BITDEFENDER\vlutas
ab3461fd06 Regenerated test archive. 2022-12-05 11:25:39 +02:00
BITDEFENDER\vlutas
f62c8a2238 https://github.com/bitdefender/bddisasm/issues/70 - fixed OF setting on ROR. 2022-08-01 15:46:38 +03:00
BITDEFENDER\vlutas
d3fd900903 Fixed OF on SHL and SHR with one bit shifts. 2022-08-01 14:13:27 +03:00
BITDEFENDER\vlutas
bf81c647e3 Make sure all flags are set for CMPXCHG (this was left intentionally incomplete).
Make sure we clear upper bits of the 256/512 bit SSE register.
2022-07-19 11:03:17 +03:00
BITDEFENDER\vlutas
6dda2c122c Make sure upper 32 bit of a CMOV destination register is cleared to 0 even if the condition is not satisfied 2022-07-16 12:21:46 +03:00
BITDEFENDER\vlutas
1805a9edec Fixed flag setting for ADC, SBB, SAR and IMUL instructions. 2022-07-14 13:42:37 +03:00
BITDEFENDER\vlutas
412f065965 Moved the formatting function in a dedicated source file.
Added support for SIDT and RDTSC in bdshemu.
2021-10-19 17:33:15 +03:00
Andrei Vlad LUTAS
08096172cc Multiple improvements
- New shemu flag - SHEMU_FLAG_SIDT, set when sheu encounters a SIDT in ring0.
- Added the CET Tracked flag to SYSCLAL, SYSENTER and INT n instructions.
- Fixed Do Not Track prefix recognition for CALL and JMP in long-mode.
- Fixed MONITOR and MONITORX implicit operands - the rAX register encodes a virtual address that will be used as the monitored range. That address is subject to a 1 byte load.
- Fixed RMPADJUST and RMPUPDATE implicit operands - the rAX register encodes a virtual address, and the rCX register encodes a virtual address of the RMP updated entry.
2021-08-31 13:37:50 +03:00
Andrei Vlad LUTAS
5a617986b7 Added new shemu flag: SHEMU_FLAG_SUD_ACCESS is raised whenever the code accesses the SharedUserData page. 2021-08-16 12:34:41 +03:00
Andrei Vlad LUTAS
c8735b437a Fixed NEG emulation - make sure flags are set. 2021-08-10 14:46:39 +03:00
Andrei Vlad LUTAS
f6050661d5 Multiple improvements in bdshemu
Fixed an emulation bug for MOVZX and MOVSX instructions (https://github.com/bitdefender/bddisasm/issues/48)
New shellcode flag - call tot Wow32 reserved.
New shellcode flag - heaven's gate.
New shellcode flag - stack-pivot.
Moved bdshemu tests in a password protected zip file, so it doesn't trigger AV detections.
2021-08-10 11:43:51 +03:00
Andrei Vlad LUTAS
15e5e2db63 Fixed several RFLAGS setting issues with airthmetic and shift instructions. 2021-02-23 18:11:40 +02:00
Andrei Vlad LUTAS
1eb1c9d0d2 Fixed https://github.com/bitdefender/bddisasm/issues/38. 2021-01-15 19:09:53 +02:00
Andrei Vlad LUTAS
ea28907359 Fix potential division error in bdshemu, when the destination operand is not large enough to hold the result. 2020-08-27 16:25:39 +03:00
Andrei Vlad LUTAS
d61a6fa5dd * INC/DEC do not modify the CF.
* Fixed FXSAVE64, PUSHAD and POPAD emulation - when explicit mnemonics were added for them, emulation support was not added, thus causing emulation to stop when encountering one of these.
2020-08-19 19:14:22 +03:00
Andrei Vlad LUTAS
752bc626c4 Fixed RET with immediate - the immediate is not sign-extended.
Fixed VEX decoding in 32 bit mode - vex.vvvv bit 3 is simply ignored.
Fixed several FMA instructions decoding (L/W flag should be ignored).
Print the 64 bit immediate value in disassembly, instead of the raw immediate (note that the operand always contains the sign-extended, full immediate).
XBEGIN always uses 32/64 bit RIP size (0x66 does not affect its size).
Decode WBINVD even if it's preceded by 0x66/0xF2 prefixes.
Several mnemonic fixes (FXSAVE64, FXRSTOR64, PUSHA/PUSHAD...).
Properly decode VPERMIL2* instructions.
Fixed SSE register decoding when it is encoded in immediate.
Decode SCATTER instructions even though they use the VSIB index as source.
Some disp8 fixes (t1s -> t1s8/t1s16).
SYSCALL/SYSRET are decoded and executed in 32 bit compat modem, even though SDM states they are invalid.
RDPID uses 32/64 bit reg size, never 16.
Various other minor tweaks & fixes.
Re-generated the test files, and added some more, new tests.
2020-07-23 14:08:01 +03:00
Andrei Vlad LUTAS
698ba367a1 Initial commit. 2020-07-21 11:19:18 +03:00