📄 disasm.c
字号:
}
break;
case4(050):
opx->offset = gets8(data++);
opx->segment |= SEG_RELATIVE;
break;
case4(054):
opx->offset = getu64(data);
data += 8;
break;
case4(060):
opx->offset = gets16(data);
data += 2;
opx->segment |= SEG_RELATIVE;
opx->segment &= ~SEG_32BIT;
break;
case4(064):
opx->segment |= SEG_RELATIVE;
if (osize == 16) {
opx->offset = gets16(data);
data += 2;
opx->segment &= ~(SEG_32BIT|SEG_64BIT);
} else if (osize == 32) {
opx->offset = gets32(data);
data += 4;
opx->segment &= ~SEG_64BIT;
opx->segment |= SEG_32BIT;
}
if (segsize != osize) {
opx->type =
(opx->type & ~SIZE_MASK)
| ((osize == 16) ? BITS16 : BITS32);
}
break;
case4(070):
opx->offset = gets32(data);
data += 4;
opx->segment |= SEG_32BIT | SEG_RELATIVE;
break;
case4(0100):
case4(0110):
case4(0120):
case4(0130):
{
int modrm = *data++;
opx->segment |= SEG_RMREG;
data = do_ea(data, modrm, asize, segsize,
&ins->oprs[(c >> 3) & 3], ins);
if (!data)
return false;
opx->basereg = ((modrm >> 3)&7)+
(ins->rex & REX_R ? 8 : 0);
break;
}
case4(0140):
if (s_field_for == (c & 3)) {
opx->offset = gets8(data);
data++;
} else {
opx->offset = getu16(data);
data += 2;
}
break;
case4(0144):
case4(0154):
s_field_for = (*data & 0x02) ? c & 3 : -1;
if ((*data++ & ~0x02) != *r++)
return false;
break;
case4(0150):
if (s_field_for == (c & 3)) {
opx->offset = gets8(data);
data++;
} else {
opx->offset = getu32(data);
data += 4;
}
break;
case4(0160):
ins->rex |= REX_D;
ins->drexdst = c & 3;
break;
case4(0164):
ins->rex |= REX_D|REX_OC;
ins->drexdst = c & 3;
break;
case 0171:
data = do_drex(data, ins);
if (!data)
return false;
break;
case 0172:
{
uint8_t ximm = *data++;
c = *r++;
ins->oprs[c >> 3].basereg = (ximm >> 4) & regmask;
ins->oprs[c >> 3].segment |= SEG_RMREG;
ins->oprs[c & 7].offset = ximm & 15;
}
break;
case 0173:
{
uint8_t ximm = *data++;
c = *r++;
if ((c ^ ximm) & 15)
return false;
ins->oprs[c >> 4].basereg = (ximm >> 4) & regmask;
ins->oprs[c >> 4].segment |= SEG_RMREG;
}
break;
case 0174:
{
uint8_t ximm = *data++;
c = *r++;
ins->oprs[c].basereg = (ximm >> 4) & regmask;
ins->oprs[c].segment |= SEG_RMREG;
}
break;
case4(0200):
case4(0204):
case4(0210):
case4(0214):
case4(0220):
case4(0224):
case4(0230):
case4(0234):
{
int modrm = *data++;
if (((modrm >> 3) & 07) != (c & 07))
return false; /* spare field doesn't match up */
data = do_ea(data, modrm, asize, segsize,
&ins->oprs[(c >> 3) & 07], ins);
if (!data)
return false;
break;
}
case4(0260):
{
int vexm = *r++;
int vexwlp = *r++;
ins->rex |= REX_V;
if ((prefix->rex & (REX_V|REX_D|REX_P)) != REX_V)
return false;
if ((vexm & 0x1f) != prefix->vex_m)
return false;
switch (vexwlp & 030) {
case 000:
if (prefix->rex & REX_W)
return false;
break;
case 010:
if (!(prefix->rex & REX_W))
return false;
ins->rex &= ~REX_W;
break;
case 020: /* VEX.W is a don't care */
ins->rex &= ~REX_W;
break;
case 030:
break;
}
if ((vexwlp & 007) != prefix->vex_lp)
return false;
opx->segment |= SEG_RMREG;
opx->basereg = prefix->vex_v;
vex_ok = true;
break;
}
case 0270:
{
int vexm = *r++;
int vexwlp = *r++;
ins->rex |= REX_V;
if ((prefix->rex & (REX_V|REX_D|REX_P)) != REX_V)
return false;
if ((vexm & 0x1f) != prefix->vex_m)
return false;
switch (vexwlp & 030) {
case 000:
if (ins->rex & REX_W)
return false;
break;
case 010:
if (!(ins->rex & REX_W))
return false;
break;
default:
break; /* Need to do anything special here? */
}
if ((vexwlp & 007) != prefix->vex_lp)
return false;
if (prefix->vex_v != 0)
return false;
vex_ok = true;
break;
}
case 0310:
if (asize != 16)
return false;
else
a_used = true;
break;
case 0311:
if (asize == 16)
return false;
else
a_used = true;
break;
case 0312:
if (asize != segsize)
return false;
else
a_used = true;
break;
case 0313:
if (asize != 64)
return false;
else
a_used = true;
break;
case 0314:
if (prefix->rex & REX_B)
return false;
break;
case 0315:
if (prefix->rex & REX_X)
return false;
break;
case 0316:
if (prefix->rex & REX_R)
return false;
break;
case 0317:
if (prefix->rex & REX_W)
return false;
break;
case 0320:
if (osize != 16)
return false;
else
o_used = true;
break;
case 0321:
if (osize != 32)
return false;
else
o_used = true;
break;
case 0322:
if (osize != (segsize == 16) ? 16 : 32)
return false;
else
o_used = true;
break;
case 0323:
ins->rex |= REX_W; /* 64-bit only instruction */
osize = 64;
o_used = true;
break;
case 0324:
if (!(ins->rex & (REX_P|REX_W)) || osize != 64)
return false;
o_used = true;
break;
case 0330:
{
int t = *r++, d = *data++;
if (d < t || d > t + 15)
return false;
else
ins->condition = d - t;
break;
}
case 0331:
if (prefix->rep)
return false;
break;
case 0332:
if (prefix->rep != 0xF2)
return false;
drep = 0;
break;
case 0333:
if (prefix->rep != 0xF3)
return false;
drep = 0;
break;
case 0334:
if (lock) {
ins->rex |= REX_R;
lock = 0;
}
break;
case 0335:
if (drep == P_REP)
drep = P_REPE;
break;
case 0336:
case 0337:
break;
case 0340:
return false;
case4(0344):
ins->oprs[0].basereg = (*data++ >> 3) & 7;
break;
case 0360:
if (prefix->osp || prefix->rep)
return false;
break;
case 0361:
if (!prefix->osp || prefix->rep)
return false;
o_used = true;
break;
case 0362:
if (prefix->osp || prefix->rep != 0xf2)
return false;
drep = 0;
break;
case 0363:
if (prefix->osp || prefix->rep != 0xf3)
return false;
drep = 0;
break;
case 0364:
if (prefix->osp)
return false;
break;
case 0365:
if (prefix->asp)
return false;
break;
case 0366:
if (!prefix->osp)
return false;
o_used = true;
break;
case 0367:
if (!prefix->asp)
return false;
a_used = true;
break;
default:
return false; /* Unknown code */
}
}
if (!vex_ok && (ins->rex & REX_V))
return false;
/* REX cannot be combined with DREX or VEX */
if ((ins->rex & (REX_D|REX_V)) && (prefix->rex & REX_P))
return false;
/*
* Check for unused rep or a/o prefixes.
*/
for (i = 0; i < t->operands; i++) {
if (ins->oprs[i].segment != SEG_RMREG)
a_used = true;
}
if (lock) {
if (ins->prefixes[PPS_LREP])
return false;
ins->prefixes[PPS_LREP] = P_LOCK;
}
if (drep) {
if (ins->prefixes[PPS_LREP])
return false;
ins->prefixes[PPS_LREP] = drep;
}
if (!o_used) {
if (osize != ((segsize == 16) ? 16 : 32)) {
enum prefixes pfx = 0;
switch (osize) {
case 16:
pfx = P_O16;
break;
case 32:
pfx = P_O32;
break;
case 64:
pfx = P_O64;
break;
}
if (ins->prefixes[PPS_OSIZE])
return false;
ins->prefixes[PPS_OSIZE] = pfx;
}
}
if (!a_used && asize != segsize) {
if (ins->prefixes[PPS_ASIZE])
return false;
ins->prefixes[PPS_ASIZE] = asize == 16 ? P_A16 : P_A32;
}
/* Fix: check for redundant REX prefixes */
return data - origdata;
}
/* Condition names for disassembly, sorted by x86 code */
static const char * const condition_name[16] = {
"o", "no", "c", "nc", "z", "nz", "na", "a",
"s", "ns", "pe", "po", "l", "nl", "ng", "g"
};
int32_t disasm(uint8_t *data, char *output, int outbufsize, int segsize,
int32_t offset, int autosync, uint32_t prefer)
{
const struct itemplate * const *p, * const *best_p;
const struct disasm_index *ix;
uint8_t *dp;
int length, best_length = 0;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -