1
0
mirror of https://github.com/bitdefender/bddisasm.git synced 2024-11-24 08:28:07 +00:00
bddisasm/bddisasm_test/cet/cet_32.asm
Andrei Vlad LUTAS 9ff2543660 Added the Shadow Stack Pointer operand to the SYSCALL and SYSEXIT instructions.
Moved the CET test cases in dedicated folders.
Improved shadow-stack operand reporting - a distinction can be made between push/pop shadow stack accesses, and other shadow stack accesses.
A new field is now present in the memory information - the shadow stack access type, which indicates: explicit access, implicit via SSP, implicit push/pop via SSP or implicit via IA32_PL0_SSP.
2020-07-21 22:29:59 +03:00

12 lines
642 B
NASM

bits 32
db 0xF3, 0x0F, 0x01, 0x28 ; RSTORSSP [eax]
db 0xF3, 0x0F, 0x01, 0xEA ; SAVEPREVSSP
db 0xF3, 0x0F, 0x01, 0xE8 ; SETSSBSY
db 0xF3, 0x0F, 0x1E, 0xC8 ; RDSSPD eax
db 0xF3, 0x0F, 0x1E, 0xFA ; ENDBR64
db 0xF3, 0x0F, 0x1E, 0xFB ; ENDBR32
db 0xF3, 0x0F, 0xAE, 0x30 ; CLRSSBSY [rax]
db 0xF3, 0x0F, 0xAE, 0xE8 ; INCSSPD eax
db 0x66, 0x0F, 0x38, 0xF5, 0x00 ; WRUSSD [rax], eax
db 0x0F, 0x38, 0xF6, 0x00 ; WRSSD [rax], eax