📄 disassembler.c
字号:
for( arg=p->args; arg!=0; arg--, pArg++, arg? nPos += PICE_sprintf( pDis->szDisasm+nPos,", ") : 0 ) { switch( *pArg ) { case _Eb : // modR/M used - bW = 0 bW = 0; goto _E; case _Ev : // modR/M used - bW = 1 bW = 1; goto _E; case _Ew : // always USHORT size pDis->dwFlags &= ~DIS_DATA32; bW = 1; goto _E; case _Ms : // fword ptr (sgdt,sidt,lgdt,lidt) sPtr = sFwordPtr; goto _E1; case _Mq : // qword ptr (cmpxchg8b) sPtr = sQwordPtr; goto _E1; case _Mp : // 32 or 48 bit pointer (les,lds,lfs,lss,lgs) case _Ep : // Always a memory pointer (call, jmp) if( pDis->dwFlags & DIS_DATA32 ) sPtr = sFwordPtr; else sPtr = sDwordPtr; goto _E1; _E: // Do registers first so that the rest may be done together if( bMod == 3 ) { // Registers depending on the w field and data size nPos+=PICE_sprintf(pDis->szDisasm+nPos, "%s", sRegs1[DIS_GETDATASIZE(pDis->dwFlags)][bW][bRm] ); break; } if( bW==0 ) sPtr = sBytePtr; else if( pDis->dwFlags & DIS_DATA32 ) sPtr = sDwordPtr; else sPtr = sWordPtr; case _M : // Pure memory pointer (lea,invlpg,floats) if( bMod == 3 ) goto IllegalOpcode; _E1: if( sPtr ) nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sPtr ); case _Ma : // Used by bound instruction, skip the pointer info // Print the segment if it is overriden // nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sSegOverride[ bSegOverride ] ); // // Special case when sib UCHAR is present in 32 address encoding // if( (bRm==4) && (pDis->dwFlags & DIS_ADDRESS32) ) { // // Get the s-i-b UCHAR and parse it // bSib = NEXTUCHAR; bSs = bSib >> 6; bIndex = (bSib >> 3) & 7; bBase = bSib & 7; // Special case for base=5 && mod==0 -> fetch 32 bit offset if( (bBase==5) && (bMod==0) ) { dwULONG = NEXTULONG;#ifdef ACTIVATE_SYMBOL_LOOKUP if(FindSymbolByAddress(&pSymbolName,dwULONG)) { nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s", pSymbolName ); } else#endif // ACTIVATE_SYMBOL_LOOKUP nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%08X", (unsigned int) dwULONG ); } else nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s", sGenReg16_32[ 1 ][ bBase ] ); // Scaled index, no index if bIndex is 4 if( bIndex != 4 ) nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%s%s", sScale[ bSs ], sGenReg16_32[ 1 ][ bIndex ] ); else if(bSs != 0) nPos += PICE_sprintf( pDis->szDisasm+nPos,"<INVALID MODE>" ); // Offset 8 bit or 32 bit if( bMod == 1 ) { bUCHAR = NEXTUCHAR; if( (signed char)bUCHAR < 0 ) nPos += PICE_sprintf( pDis->szDisasm+nPos,"-%02X", 0-(signed char)bUCHAR ); else nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%02X", bUCHAR ); } if( bMod == 2 ) { dwULONG = NEXTULONG; nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%08X", (unsigned int) dwULONG ); } // Wrap up the instruction nPos += PICE_sprintf( pDis->szDisasm+nPos,"]" ); break; } // // 16 or 32 address bit cases with mod zero, one or two // // Special cases when r/m is 5 and mod is 0, immediate d16 or d32 if( bMod==0 && ((bRm==6 && !(pDis->dwFlags & DIS_ADDRESS32)) || (bRm==5 && (pDis->dwFlags & DIS_ADDRESS32))) ) { if( pDis->dwFlags & DIS_ADDRESS32 ) { dwULONG = NEXTULONG;#ifdef ACTIVATE_SYMBOL_LOOKUP if(FindSymbolByAddress(&pSymbolName,dwULONG)) nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s]", pSymbolName ); else#endif // ACTIVATE_SYMBOL_LOOKUP nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%08X]", (unsigned int) dwULONG ); } else { wUSHORT = NEXTUSHORT; nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%04X]", wUSHORT ); } break; } // Print the start of the line nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s", sAdr1[DIS_GETADDRSIZE(pDis->dwFlags)][ bRm ] ); // Offset (8 or 16) or (8 or 32) bit - 16, 32 bits are unsigned if( bMod==1 ) { bUCHAR = NEXTUCHAR; if( (signed char)bUCHAR < 0 ) nPos += PICE_sprintf( pDis->szDisasm+nPos,"-%02X", 0-(signed char)bUCHAR ); else nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%02X", bUCHAR ); } if( bMod==2 ) { if( pDis->dwFlags & DIS_ADDRESS32 ) { dwULONG = NEXTULONG; nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%08X", (unsigned int) dwULONG ); } else { wUSHORT = NEXTUSHORT; nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%04X", wUSHORT ); } } // Wrap up the instruction nPos += PICE_sprintf( pDis->szDisasm+nPos,"]" ); break; case _Gb : // general, UCHAR register nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sRegs1[0][0][ bReg ] ); break; case _Gv : // general, (d)USHORT register nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[DIS_GETDATASIZE(pDis->dwFlags)][ bReg ] ); break; case _Yb : // ES:(E)DI pointer case _Yv : nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s%s", sSegOverrideDefaultES[ bSegOverride ], sYptr[DIS_GETADDRSIZE(pDis->dwFlags)] ); break; case _Xb : // DS:(E)SI pointer case _Xv : nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s%s", sSegOverrideDefaultDS[ bSegOverride ], sXptr[DIS_GETADDRSIZE(pDis->dwFlags)] ); break; case _Rd : // general register double USHORT nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[ 1 ][ bRm ] ); break; case _Rw : // register USHORT nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[ 0 ][ bMod ] ); break; case _Sw : // segment register nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sSeg[ bReg ] ); break; case _Cd : // control register nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sControl[ bReg ] ); break; case _Dd : // debug register nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sDebug[ bReg ] ); break; case _Td : // test register nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sTest[ bReg ] ); break; case _Jb : // immediate UCHAR, relative offset bUCHAR = NEXTUCHAR; nPos += PICE_sprintf( pDis->szDisasm+nPos, "SHORT %08X", (unsigned int)(pDis->bpTarget + (signed char)bUCHAR + bInstrLen) ); break; case _Jv : // immediate USHORT or ULONG, relative offset if( pDis->dwFlags & DIS_DATA32 ) { dwULONG = NEXTULONG;#ifdef ACTIVATE_SYMBOL_LOOKUP if(FindSymbolByAddress(&pSymbolName,(unsigned int)(pDis->bpTarget + (signed long)dwULONG + bInstrLen))) nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", pSymbolName ); else#endif // ACTIVATE_SYMBOL_LOOKUP nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int)(pDis->bpTarget + (signed long)dwULONG + bInstrLen) ); } else { wUSHORT = NEXTUSHORT;#ifdef ACTIVATE_SYMBOL_LOOKUP if(FindSymbolByAddress(&pSymbolName,(unsigned int)(pDis->bpTarget + (signed short)wUSHORT + bInstrLen))) nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", pSymbolName ); else#endif // ACTIVATE_SYMBOL_LOOKUP nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int)(pDis->bpTarget + (signed short)wUSHORT + bInstrLen) ); } break; case _O : // Simple USHORT or ULONG offset if( pDis->dwFlags & DIS_ADDRESS32 ) // depending on the address size { dwULONG = NEXTULONG; nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s[%08X]", sSegOverride[ bSegOverride ], (unsigned int) dwULONG ); } else { wUSHORT = NEXTUSHORT; nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s[%04X]", sSegOverride[ bSegOverride ], wUSHORT ); } break; case _Ib : // immediate UCHAR bUCHAR = NEXTUCHAR; nPos += PICE_sprintf( pDis->szDisasm+nPos,"%02X", bUCHAR ); break; case _Iv : // immediate USHORT or ULONG if( pDis->dwFlags & DIS_DATA32 ) { dwULONG = NEXTULONG; nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int) dwULONG ); } else { wUSHORT = NEXTUSHORT; nPos += PICE_sprintf( pDis->szDisasm+nPos, "%04X", wUSHORT ); } break; case _Iw : // Immediate USHORT wUSHORT = NEXTUSHORT; nPos += PICE_sprintf( pDis->szDisasm+nPos, "%04X", wUSHORT ); break; case _Ap : // 32 bit or 48 bit pointer (call far, jump far) if( pDis->dwFlags & DIS_DATA32 ) { dwULONG = NEXTULONG; wUSHORT = NEXTUSHORT; nPos += PICE_sprintf( pDis->szDisasm+nPos, "%04X:%08X", wUSHORT, (unsigned int) dwULONG ); } else { dwULONG = NEXTULONG; nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int) dwULONG ); } break; case _1 : // numerical 1 nPos += PICE_sprintf( pDis->szDisasm+nPos,"1" ); break; case _3 : // numerical 3 nPos += PICE_sprintf( pDis->szDisasm+nPos,"3" ); break; // Hard coded registers case _DX: case _AL: case _AH: case _BL: case _BH: case _CL: case _CH: case _DL: case _DH: case _CS: case _DS: case _ES: case _SS: case _FS: case _GS: nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sRegs2[ *pArg - _DX ] ); break; case _eAX: case _eBX: case _eCX: case _eDX: case _eSP: case _eBP: case _eSI: case _eDI: nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[DIS_GETDATASIZE(pDis->dwFlags)][ *pArg - _eAX ]); break; case _ST: // Coprocessor ST nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sST[9] ); break; case _ST0: // Coprocessor ST(0) - ST(7) case _ST1: case _ST2: case _ST3: case _ST4: case _ST5: case _ST6: case _ST7: nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sST[ *pArg - _ST0 ] ); break; case _AX: // Coprocessor AX nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sGenReg16_32[0][0] ); break; } }DisEnd: // Set the returning values and return with the bInstrLen field pDis->bAsciiLen = (UCHAR) nPos; pDis->bInstrLen = bInstrLen; return bInstrLen;}/******************************************************************************* ** BOOLEAN Disasm(PULONG pOffset,PUCHAR pchDst) ** ** entry point for disassembly from other modules *******************************************************************************/BOOLEAN Disasm(PULONG pOffset,PUCHAR pchDst){#ifdef ACTIVATE_DISASSEMBLER TDisassembler dis; dis.dwFlags = DIS_DATA32 | DIS_ADDRESS32; dis.bpTarget = (UCHAR*)*pOffset; dis.szDisasm = pchDst; dis.wSel = 0xFF; // will only use this in the future *pOffset += (ULONG)Disassembler( &dis);#else *pOffset += 1; pchDst[0] = 'X'; pchDst[1] = 0;#endif return TRUE;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -