1
0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-11-26 09:28:07 +00:00
Commit Graph

11 Commits

Author SHA1 Message Date
Andrei Vlad LUTAS
1d43b7b1ba Improved stack string detection heuristic: only consider registers which have been modified during emulation; registers which were provided as "input" can be ignored, as they most likely contain addresses or other data relevant to the emulated code. We are only interested in string dynamically built during our emulation. 2020-08-11 09:26:48 +03:00
Andrei Vlad LUTAS
ed564dba32 Specifically flag multi-byte NOP operands as not-accessed.
New capability - bddisasm can now be instructed whether to decode some instructions as NOPs are as MPX/CET/CLDEMOTE. This is the case for instructions that are mapped onto the wide NOP space: in that case, an encoding might be NOP if the feature is off, but might be something else (even #UD) if the feature is on.
Added NdDecodeWithContext API - this becomes the base decode API; it received the input information filled in a ND_CONTEXT structure, whih has to be initialized only once, and can be reused across calls. The NdInitContext function must be used to initialize the context, as it ensures backwards compatibility by filling new options with default values.
Improvements to the README file.
2020-07-30 11:07:14 +03:00
Andrei Vlad LUTAS
144baa5140 Renamed REG_* fields to NDR_*, so that we don't conflict with _GNU_SOURCES. 2020-07-29 11:05:27 +03:00
Ionel-Cristinel ANICHITEI
049ecc0ab7 Don't use reserved identifiers for include guards
This fixes #5
2020-07-27 16:51:16 +03:00
Andrei Vlad LUTAS
d622f56211 Added SERIAL flag to the SERIALIZE instruction.
CLWB memory operand is subject to load access checks, while CLDEMOTE does not access memory at all (similar to PREFETCH).
2020-07-25 20:32:06 +03:00
Andrei Vlad LUTAS
4b2f2aee66 Added dedicated Prefetch operand access type.
Internally, store the access type sepparately than the flags.
Dump conditional operand accesses with exi option too.
2020-07-25 17:16:35 +03:00
Andrei Vlad LUTAS
cfb0f97897 Truncate the output of a relative addressing if 0x67 prefix is used. 2020-07-23 15:31:05 +03:00
Andrei Vlad LUTAS
752bc626c4 Fixed RET with immediate - the immediate is not sign-extended.
Fixed VEX decoding in 32 bit mode - vex.vvvv bit 3 is simply ignored.
Fixed several FMA instructions decoding (L/W flag should be ignored).
Print the 64 bit immediate value in disassembly, instead of the raw immediate (note that the operand always contains the sign-extended, full immediate).
XBEGIN always uses 32/64 bit RIP size (0x66 does not affect its size).
Decode WBINVD even if it's preceded by 0x66/0xF2 prefixes.
Several mnemonic fixes (FXSAVE64, FXRSTOR64, PUSHA/PUSHAD...).
Properly decode VPERMIL2* instructions.
Fixed SSE register decoding when it is encoded in immediate.
Decode SCATTER instructions even though they use the VSIB index as source.
Some disp8 fixes (t1s -> t1s8/t1s16).
SYSCALL/SYSRET are decoded and executed in 32 bit compat modem, even though SDM states they are invalid.
RDPID uses 32/64 bit reg size, never 16.
Various other minor tweaks & fixes.
Re-generated the test files, and added some more, new tests.
2020-07-23 14:08:01 +03:00
Andrei Vlad LUTAS
8392c97f97 Use the documented byte granularity for cache-line accesses.
Fixed CET CPUID feature flag - split into CET_SS and CET_IBT.
2020-07-22 00:47:46 +03:00
Andrei Vlad LUTAS
811c3d0f7c Fixed several issues with CET instructions specification - shadow stack and shadow stack pointer implicit operands were missing from SETSSBSY instruction, and flags access was missing from them. 2020-07-21 17:36:19 +03:00
Andrei Vlad LUTAS
698ba367a1 Initial commit. 2020-07-21 11:19:18 +03:00