arno/bddisasm
1
0
Fork 0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-11-21 23:18:09 +00:00
Code Issues Releases Wiki Activity
356 Commits 3 Branches 16 Tags 8.6 MiB
b67fd766a1
Commit Graph

70 Commits

Author SHA1 Message Date
Andrei Vlad LUTAS
767bf2e5c0 Added support for new Intel AVX 10.2 instructions. 
Added support for AMD RMPREAD instruction.
Improved EVEX decoding, including the new U bit.
Fixed ENTER & LEAVE operands.
 2024-09-16 12:23:54 +03:00
vlutas
c877b5007f
Merge pull request #96 from turol/optimize 
Optimizations
 2024-08-29 17:38:46 +03:00
Turo Lamminen
8bc44ae145 Only call ND_SIGN_EX when instruction has displacement 2024-08-29 17:25:45 +03:00
Andrei KISARI
68166adcbd Add support for builds without mnemonics. 2024-08-28 10:18:10 +03:00
Turo Lamminen
b261dd447d Only set bcstSize when it's required 2024-08-26 17:29:13 +03:00
Turo Lamminen
4b320e0817 Fix comment 2024-08-26 17:29:13 +03:00
Benjamin Funke
a631012463 fix gcc warning in NdFetchData 
this PR fixes this compiler warning: bddisasm_crt.c
bdx86_decoder.c
bdx86_decoder.c: In function ‘NdFetchData’:
bdx86_decoder.c:104:12: warning: operand of ‘?:’ changes signedness from ‘int’ to ‘long unsigned int’ due to unsignedness of other operand [-Wsign-compare]
  104 |            (2 == Size) ? ND_FETCH_16(Buffer) :
      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  105 |            0;
      |            ~
bdx86_formatter.c
bdx86_helpers.c
Disasm library in ../bin/x64/Debug/libbddisasm.a
bddisasm_crt.c
bdx86_decoder.c
bdx86_decoder.c: In function ‘NdFetchData’:
bdx86_decoder.c:104:12: warning: operand of ‘?:’ changes signedness from ‘int’ to ‘long unsigned int’ due to unsignedness of other operand [-Wsign-compare]
  104 |            (2 == Size) ? ND_FETCH_16(Buffer) :
      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  105 |            0;
      |            ~
bdx86_formatter.c
bdx86_helpers.c
Disasm library in ../bin/x64/Release/libbddisasm.a
bdshemu.c
bdshemu_x86.c
Shemu library in ../bin/x64/Debug/libbdshemu.a
bdshemu.c
bdshemu_x86.c
Shemu library in ../bin/x64/Release/libbdshemu.a
 2024-07-30 18:07:56 +02:00
Turo Lamminen
c008c467dc Fix typos in comments 2024-07-27 22:54:29 +03:00
Turo Lamminen
ba68473703 Make NdToText string arrays more const 2024-07-20 22:43:15 +03:00
Turo Lamminen
a9819f76d0 Use macro to reduce code duplication in NdToText 2024-07-20 22:42:51 +03:00
Andrei Vlad LUTAS
37a8c94bc7 Applied some of the syntax recomandations from https://cdrdv2.intel.com/v1/dl/getContent/817241. 2024-03-04 12:48:18 +02:00
Andrei Vlad LUTAS
02cbe6a298 https://github.com/bitdefender/bddisasm/issues/87 - added missing R access for the rIP operand for SYSCALL instructions; added missing SCS, rCX and rDX operands for SYSEXIT instruction. 2024-02-27 09:45:05 +02:00
Andrei Vlad LUTAS
3df189f093 https://github.com/bitdefender/bddisasm/issues/87 - Fixed CALL instruction access for rIP operand - it must include read access, as the instruction pointer is saved on the stack. 2024-02-26 20:53:42 +02:00
Andrei Vlad LUTAS
fad9c7e35c BDDISASM v2.1.0 release - please consult the CHANGELOG for details about the modifications. 2024-02-20 13:39:22 +02:00
Andrei Vlad LUTAS
f53cbc51e2 Added support for new Intel ISA, per Intel® Architecture Instruction Set Extensions and Future Features document #319433-049 (June 2023): AVX-NNI-INT16, SHA512, SM3, SM4, TSE. 2023-07-21 09:38:49 +03:00
BITDEFENDER\vlutas
096b583c25 Tiny comment fix. 2023-06-02 11:22:52 +03:00
BITDEFENDER\vlutas
124521beb5 Added support for Intel AMX-COMPLEX instructions. 2023-04-05 09:45:07 +03:00
BITDEFENDER\vlutas
ee6cdd6cb6 Switched to a more parsing-friendly format for the instructions database, where individual components are sepparated by a semicolon. 2023-02-09 10:54:45 +02:00
BITDEFENDER\vlutas
fc6059109d Improved comments & improved vector length specifiers. 2023-02-04 12:02:05 +02:00
Ionel-Cristinel ANICHITEI
31457a0c02 Fix clang-cl and mingw builds 2022-12-05 12:10:30 +02:00
BITDEFENDER\vlutas
7a254037b0 Added support for AMD RMPQUERY instruction. 2022-10-27 12:37:02 +03:00
BITDEFENDER\vlutas
9ba1e6a2f9 Added support for new Intel instructions, per Intel ISA extensions document #319433-046 (September 2022): PREFETCHITI, RAO-INT, CMPCCXADD, WRMSRNS, MSRLIST, AMX-FP16, AVX-IFMA, AVX-NE-CONVERT, AVX-VNNI-INT8. 
Multiple minor fixes to existing instructions.
Moved x86 decoding tests in a separate directory & improved the test script.
 2022-10-04 12:22:59 +03:00
BITDEFENDER\vlutas
4596dbda51 Add copyright info when auto-generating files. 2022-09-10 23:15:00 +03:00
BITDEFENDER\vlutas
fe6a937f51 Switched to internally defined types. 
WRUSSD and WRUSSQ cannot be executed when CPL != 0.
 2022-01-05 14:03:13 +02:00
Eric Kilmer
68c7c4a066
Add missing sources to Makefile for bddisasm 2022-01-04 09:52:34 -05:00
BITDEFENDER\vlutas
63e3ee22a9 Fixed High8 handling in NdGetFullAccessMap. 2022-01-03 12:25:35 +02:00
BITDEFENDER\vlutas
c9d4dbca0f Added missing modifications. 2021-12-03 12:53:22 +02:00
BITDEFENDER\vlutas
656916d92d Added missing paranthesis. 2021-11-02 11:26:52 +02:00
BITDEFENDER\vlutas
433e723e07 Implemented a reverse oprand lookup table. It holds pointers to relevant operands inside INSTRUX, for quick lookup. 
Moved helper functions in bdhelpers.c.
Added a dedicated BranchInfo field inside INSTRUX, containing the most relevant branch information.
 2021-11-02 11:22:22 +02:00
BITDEFENDER\vlutas
412f065965 Moved the formatting function in a dedicated source file. 
Added support for SIDT and RDTSC in bdshemu.
 2021-10-19 17:33:15 +03:00
Andrei Vlad LUTAS
08096172cc Multiple improvements 
- New shemu flag - SHEMU_FLAG_SIDT, set when sheu encounters a SIDT in ring0.
- Added the CET Tracked flag to SYSCLAL, SYSENTER and INT n instructions.
- Fixed Do Not Track prefix recognition for CALL and JMP in long-mode.
- Fixed MONITOR and MONITORX implicit operands - the rAX register encodes a virtual address that will be used as the monitored range. That address is subject to a 1 byte load.
- Fixed RMPADJUST and RMPUPDATE implicit operands - the rAX register encodes a virtual address, and the rCX register encodes a virtual address of the RMP updated entry.
 2021-08-31 13:37:50 +03:00
Andrei Vlad LUTAS
f6050661d5 Multiple improvements in bdshemu 
Fixed an emulation bug for MOVZX and MOVSX instructions (https://github.com/bitdefender/bddisasm/issues/48)
New shellcode flag - call tot Wow32 reserved.
New shellcode flag - heaven's gate.
New shellcode flag - stack-pivot.
Moved bdshemu tests in a password protected zip file, so it doesn't trigger AV detections.
 2021-08-10 11:43:51 +03:00
Andrei Vlad LUTAS
76d92e73c2 Multiple changes 
- Add support for AVX512-FP16 instructions, as per https://software.intel.com/content/www/us/en/develop/download/intel-avx512-fp16-architecture-specification.html
- Bug fix: zeroing with no masking is not supported, so return an error if we encounter such encodings
- Bug fix: ignore VEX/EVEX.W field outside 64 bit mode for some instructions
- Several other minor fixes and improvements
 2021-07-08 12:40:39 +03:00
Andrei Vlad LUTAS
c3a6ea1c25 Updated SEAMCALL specs according to Intel® Trust Domain CPU Architectural Extensions 343754-002US May 2021. 2021-05-31 13:34:52 +03:00
Andrei Vlad LUTAS
d053de409f Although not stated in the SDM, VMCALL, VMLAUNCH, VMRESUME and VMXOFF refuse any prefix (66, F3, F2). 2021-05-31 10:42:26 +03:00
Andrei Vlad LUTAS
072f6e059b Build improvements 
Exclude string constants from build if BDDISASM_NO_FORMAT is defined.
Use extern "C" when declaring the public bddisasm/bdshemu functions.
Include wmmintrin.h for AES intrinisics when building using LLVM/clang.
 2021-05-17 09:52:04 +03:00
Andrei Vlad LUTAS
f7bf814bbc Flag the rIP operand of conditional branches as being conditionally read/write instead of plain read/write. 
Bypass self-writes option in bdshemu - if set, bdshemu will not proceed to commit modifications made by the shellcode to itself.
 2021-05-17 09:04:34 +03:00
Ionel-Cristinel ANICHITEI
e7803bdf72 Implement nd_vsnprintf_s and nd_memset if possible 2021-03-30 21:58:03 +03:00
Andrei Vlad LUTAS
fccf11915d Added support for Intel FRED and LKGS instructions. 2021-03-15 14:05:44 +02:00
Andrei Vlad LUTAS
37d47ef7e7 Display instruction bitfields support. 
Using the `-bits` option, the various bits inside the EVEX, VEX, XOP, ModR/M and SIB can be displayed.
 2021-02-19 11:10:41 +02:00
Andrei Vlad LUTAS
1eb1c9d0d2 Fixed https://github.com/bitdefender/bddisasm/issues/38. 2021-01-15 19:09:53 +02:00
Andrei Vlad LUTAS
98ea9e1d9a Fixed https://github.com/bitdefender/bddisasm/issues/34, https://github.com/bitdefender/bddisasm/issues/35, https://github.com/bitdefender/bddisasm/issues/36 and https://github.com/bitdefender/bddisasm/issues/37. 2021-01-11 11:10:04 +02:00
Andrei Vlad LUTAS
e89f56289d As per Intel SDM version 73 released in November 2020, make sure we don't decode 32-bit EVEX instructions that have EVEX.V' cleared, and 64-bit EVEX instructions that don't use EVEX.V' field, but have it cleared. 2020-11-17 10:36:26 +02:00
Andrei Vlad LUTAS
67da1892d4 Fetch the instruction bytes inside the Instrux when first entering NdDecode, and then use that buffer for further decoding. 2020-11-12 10:57:16 +02:00
Andrei Vlad LUTAS
58197cc518 Removed support for PCOMMIT and CL1INVMB (not implemented by any x86/x64 CPUs), and marked MOV to/from test registers as being invalid in long mode. 
Fixed https://github.com/bitdefender/bddisasm/issues/24
Fixed https://github.com/bitdefender/bddisasm/issues/25
Fixed https://github.com/bitdefender/bddisasm/issues/26
 2020-11-09 09:18:46 +02:00
Andrei Vlad LUTAS
bcf9a89d69 Fixed https://github.com/bitdefender/bddisasm/issues/22 and https://github.com/bitdefender/bddisasm/issues/23. 2020-11-08 11:02:46 +02:00
Andrei Vlad LUTAS
e26971b4f0 Added missing Default 64 flag for the ENTER instruction. 
On AMD, operand size is never forced to 64 bit - instead, it only defaults to 64 bit, which means that 0x66 can be used to encode 16 bit version of the instructions.
 2020-11-06 14:19:22 +02:00
Andrei Vlad LUTAS
7a0fa449bc Disassemble 4X90 as NOP as long as Rex.B is 0. Disassemble as XCHG only if Rex.B bit is set (promoting the use of R8 register). 2020-10-09 14:55:39 +03:00
Andrei Vlad LUTAS
9652450125 Added support for UINTR, HRESET and AVX-VNNI instructions, as per Intel® Architecture Instruction Set Extensions Programming Reference 41 (October 2020). 2020-10-05 13:19:03 +03:00
Andrei Vlad LUTAS
24ae7782d6 Fixed some static code check warnings. 2020-09-21 12:16:45 +03:00