|
|
@ -95,14 +95,6 @@ static int modRMRequired(OpcodeType type, |
|
|
|
decision = THREEBYTE3A_SYM; |
|
|
|
decision = THREEBYTE3A_SYM; |
|
|
|
indextable = index_x86DisassemblerThreeByte3AOpcodes; |
|
|
|
indextable = index_x86DisassemblerThreeByte3AOpcodes; |
|
|
|
break; |
|
|
|
break; |
|
|
|
case THREEBYTE_A6: |
|
|
|
|
|
|
|
decision = THREEBYTEA6_SYM; |
|
|
|
|
|
|
|
indextable = index_x86DisassemblerThreeByteA6Opcodes; |
|
|
|
|
|
|
|
break; |
|
|
|
|
|
|
|
case THREEBYTE_A7: |
|
|
|
|
|
|
|
decision = THREEBYTEA7_SYM; |
|
|
|
|
|
|
|
indextable = index_x86DisassemblerThreeByteA7Opcodes; |
|
|
|
|
|
|
|
break; |
|
|
|
|
|
|
|
case XOP8_MAP: |
|
|
|
case XOP8_MAP: |
|
|
|
decision = XOP8_MAP_SYM; |
|
|
|
decision = XOP8_MAP_SYM; |
|
|
|
indextable = index_x86DisassemblerXOP8Opcodes; |
|
|
|
indextable = index_x86DisassemblerXOP8Opcodes; |
|
|
@ -157,7 +149,7 @@ static InstrUID decode(OpcodeType type, |
|
|
|
indextable = index_x86DisassemblerTwoByteOpcodes; |
|
|
|
indextable = index_x86DisassemblerTwoByteOpcodes; |
|
|
|
index = indextable[insnContext]; |
|
|
|
index = indextable[insnContext]; |
|
|
|
if (index) |
|
|
|
if (index) |
|
|
|
dec = &TWOBYTE_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
dec = &TWOBYTE_SYM[index - 1].modRMDecisions[opcode]; |
|
|
|
else |
|
|
|
else |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
break; |
|
|
|
break; |
|
|
@ -165,7 +157,7 @@ static InstrUID decode(OpcodeType type, |
|
|
|
indextable = index_x86DisassemblerThreeByte38Opcodes; |
|
|
|
indextable = index_x86DisassemblerThreeByte38Opcodes; |
|
|
|
index = indextable[insnContext]; |
|
|
|
index = indextable[insnContext]; |
|
|
|
if (index) |
|
|
|
if (index) |
|
|
|
dec = &THREEBYTE38_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
dec = &THREEBYTE38_SYM[index - 1].modRMDecisions[opcode]; |
|
|
|
else |
|
|
|
else |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
break; |
|
|
|
break; |
|
|
@ -173,23 +165,7 @@ static InstrUID decode(OpcodeType type, |
|
|
|
indextable = index_x86DisassemblerThreeByte3AOpcodes; |
|
|
|
indextable = index_x86DisassemblerThreeByte3AOpcodes; |
|
|
|
index = indextable[insnContext]; |
|
|
|
index = indextable[insnContext]; |
|
|
|
if (index) |
|
|
|
if (index) |
|
|
|
dec = &THREEBYTE3A_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
dec = &THREEBYTE3A_SYM[index - 1].modRMDecisions[opcode]; |
|
|
|
else |
|
|
|
|
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
|
|
|
|
break; |
|
|
|
|
|
|
|
case THREEBYTE_A6: |
|
|
|
|
|
|
|
indextable = index_x86DisassemblerThreeByteA6Opcodes; |
|
|
|
|
|
|
|
index = indextable[insnContext]; |
|
|
|
|
|
|
|
if (index) |
|
|
|
|
|
|
|
dec = &THREEBYTEA6_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
|
|
|
|
break; |
|
|
|
|
|
|
|
case THREEBYTE_A7: |
|
|
|
|
|
|
|
indextable = index_x86DisassemblerThreeByteA7Opcodes; |
|
|
|
|
|
|
|
index = indextable[insnContext]; |
|
|
|
|
|
|
|
if (index) |
|
|
|
|
|
|
|
dec = &THREEBYTEA7_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
|
|
|
|
else |
|
|
|
else |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
break; |
|
|
|
break; |
|
|
@ -197,7 +173,7 @@ static InstrUID decode(OpcodeType type, |
|
|
|
indextable = index_x86DisassemblerXOP8Opcodes; |
|
|
|
indextable = index_x86DisassemblerXOP8Opcodes; |
|
|
|
index = indextable[insnContext]; |
|
|
|
index = indextable[insnContext]; |
|
|
|
if (index) |
|
|
|
if (index) |
|
|
|
dec = &XOP8_MAP_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
dec = &XOP8_MAP_SYM[index - 1].modRMDecisions[opcode]; |
|
|
|
else |
|
|
|
else |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
break; |
|
|
|
break; |
|
|
@ -205,7 +181,7 @@ static InstrUID decode(OpcodeType type, |
|
|
|
indextable = index_x86DisassemblerXOP9Opcodes; |
|
|
|
indextable = index_x86DisassemblerXOP9Opcodes; |
|
|
|
index = indextable[insnContext]; |
|
|
|
index = indextable[insnContext]; |
|
|
|
if (index) |
|
|
|
if (index) |
|
|
|
dec = &XOP9_MAP_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
dec = &XOP9_MAP_SYM[index - 1].modRMDecisions[opcode]; |
|
|
|
else |
|
|
|
else |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
break; |
|
|
|
break; |
|
|
@ -213,7 +189,7 @@ static InstrUID decode(OpcodeType type, |
|
|
|
indextable = index_x86DisassemblerXOPAOpcodes; |
|
|
|
indextable = index_x86DisassemblerXOPAOpcodes; |
|
|
|
index = indextable[insnContext]; |
|
|
|
index = indextable[insnContext]; |
|
|
|
if (index) |
|
|
|
if (index) |
|
|
|
dec = &XOPA_MAP_SYM[indextable[insnContext]].modRMDecisions[opcode]; |
|
|
|
dec = &XOPA_MAP_SYM[index - 1].modRMDecisions[opcode]; |
|
|
|
else |
|
|
|
else |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
dec = &emptyTable.modRMDecisions[opcode]; |
|
|
|
break; |
|
|
|
break; |
|
|
@ -718,6 +694,11 @@ static int readPrefixes(struct InternalInstruction* insn) |
|
|
|
insn->addressSize = (hasAdSize ? 4 : 8); |
|
|
|
insn->addressSize = (hasAdSize ? 4 : 8); |
|
|
|
insn->displacementSize = 4; |
|
|
|
insn->displacementSize = 4; |
|
|
|
insn->immediateSize = 4; |
|
|
|
insn->immediateSize = 4; |
|
|
|
|
|
|
|
} else if (insn->rexPrefix) { |
|
|
|
|
|
|
|
insn->registerSize = (hasOpSize ? 2 : 4); |
|
|
|
|
|
|
|
insn->addressSize = (hasAdSize ? 4 : 8); |
|
|
|
|
|
|
|
insn->displacementSize = (hasOpSize ? 2 : 4); |
|
|
|
|
|
|
|
insn->immediateSize = (hasOpSize ? 2 : 4); |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
insn->registerSize = (hasOpSize ? 2 : 4); |
|
|
|
insn->registerSize = (hasOpSize ? 2 : 4); |
|
|
|
insn->addressSize = (hasAdSize ? 4 : 8); |
|
|
|
insn->addressSize = (hasAdSize ? 4 : 8); |
|
|
@ -837,24 +818,6 @@ static int readOpcode(struct InternalInstruction* insn) |
|
|
|
return -1; |
|
|
|
return -1; |
|
|
|
|
|
|
|
|
|
|
|
insn->opcodeType = THREEBYTE_3A; |
|
|
|
insn->opcodeType = THREEBYTE_3A; |
|
|
|
} else if (current == 0xa6) { |
|
|
|
|
|
|
|
// dbgprintf(insn, "Found a three-byte escape prefix (0x%hhx)", current);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
insn->threeByteEscape = current; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (consumeByte(insn, ¤t)) |
|
|
|
|
|
|
|
return -1; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
insn->opcodeType = THREEBYTE_A6; |
|
|
|
|
|
|
|
} else if (current == 0xa7) { |
|
|
|
|
|
|
|
// dbgprintf(insn, "Found a three-byte escape prefix (0x%hhx)", current);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
insn->threeByteEscape = current; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (consumeByte(insn, ¤t)) |
|
|
|
|
|
|
|
return -1; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
insn->opcodeType = THREEBYTE_A7; |
|
|
|
|
|
|
|
} else { |
|
|
|
} else { |
|
|
|
// dbgprintf(insn, "Didn't find a three-byte escape prefix");
|
|
|
|
// dbgprintf(insn, "Didn't find a three-byte escape prefix");
|
|
|
|
|
|
|
|
|
|
|
@ -1246,6 +1209,7 @@ static int readSIB(struct InternalInstruction* insn) |
|
|
|
|
|
|
|
|
|
|
|
switch (base) { |
|
|
|
switch (base) { |
|
|
|
case 0x5: |
|
|
|
case 0x5: |
|
|
|
|
|
|
|
case 0xd: |
|
|
|
switch (modFromModRM(insn->modRM)) { |
|
|
|
switch (modFromModRM(insn->modRM)) { |
|
|
|
case 0x0: |
|
|
|
case 0x0: |
|
|
|
insn->eaDisplacement = EA_DISP_32; |
|
|
|
insn->eaDisplacement = EA_DISP_32; |
|
|
@ -1253,13 +1217,11 @@ static int readSIB(struct InternalInstruction* insn) |
|
|
|
break; |
|
|
|
break; |
|
|
|
case 0x1: |
|
|
|
case 0x1: |
|
|
|
insn->eaDisplacement = EA_DISP_8; |
|
|
|
insn->eaDisplacement = EA_DISP_8; |
|
|
|
insn->sibBase = (insn->addressSize == 4 ? |
|
|
|
insn->sibBase = (SIBBase)(sibBaseBase + base); |
|
|
|
SIB_BASE_EBP : SIB_BASE_RBP); |
|
|
|
|
|
|
|
break; |
|
|
|
break; |
|
|
|
case 0x2: |
|
|
|
case 0x2: |
|
|
|
insn->eaDisplacement = EA_DISP_32; |
|
|
|
insn->eaDisplacement = EA_DISP_32; |
|
|
|
insn->sibBase = (insn->addressSize == 4 ? |
|
|
|
insn->sibBase = (SIBBase)(sibBaseBase + base); |
|
|
|
SIB_BASE_EBP : SIB_BASE_RBP); |
|
|
|
|
|
|
|
break; |
|
|
|
break; |
|
|
|
case 0x3: |
|
|
|
case 0x3: |
|
|
|
debug("Cannot have Mod = 0b11 and a SIB byte"); |
|
|
|
debug("Cannot have Mod = 0b11 and a SIB byte"); |
|
|
@ -1436,6 +1398,7 @@ static int readModRM(struct InternalInstruction* insn) |
|
|
|
insn->eaBase = (EABase)(insn->eaBaseBase + rm); |
|
|
|
insn->eaBase = (EABase)(insn->eaBaseBase + rm); |
|
|
|
break; |
|
|
|
break; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
break; |
|
|
|
break; |
|
|
|
case 0x1: |
|
|
|
case 0x1: |
|
|
|
insn->displacementSize = 1; |
|
|
|
insn->displacementSize = 1; |
|
|
|