📄 disassembler.c
字号:
case _Ev : // modR/M used - bW = 1
bW = 1;
goto _E;
case _Ew : // always USHORT size
pDis->dwFlags &= ~DIS_DATA32;
bW = 1;
goto _E;
case _Ms : // fword ptr (sgdt,sidt,lgdt,lidt)
sPtr = sFwordPtr;
goto _E1;
case _Mq : // qword ptr (cmpxchg8b)
sPtr = sQwordPtr;
goto _E1;
case _Mp : // 32 or 48 bit pointer (les,lds,lfs,lss,lgs)
case _Ep : // Always a memory pointer (call, jmp)
if( pDis->dwFlags & DIS_DATA32 )
sPtr = sFwordPtr;
else
sPtr = sDwordPtr;
goto _E1;
_E:
// Do registers first so that the rest may be done together
if( bMod == 3 )
{
// Registers depending on the w field and data size
nPos+=PICE_sprintf(pDis->szDisasm+nPos, "%s", sRegs1[DIS_GETDATASIZE(pDis->dwFlags)][bW][bRm] );
break;
}
if( bW==0 )
sPtr = sBytePtr;
else
if( pDis->dwFlags & DIS_DATA32 )
sPtr = sDwordPtr;
else
sPtr = sWordPtr;
case _M : // Pure memory pointer (lea,invlpg,floats)
if( bMod == 3 ) goto IllegalOpcode;
_E1:
if( sPtr )
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sPtr );
case _Ma : // Used by bound instruction, skip the pointer info
// Print the segment if it is overriden
//
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sSegOverride[ bSegOverride ] );
//
// Special case when sib UCHAR is present in 32 address encoding
//
if( (bRm==4) && (pDis->dwFlags & DIS_ADDRESS32) )
{
//
// Get the s-i-b UCHAR and parse it
//
bSib = NEXTUCHAR;
bSs = bSib >> 6;
bIndex = (bSib >> 3) & 7;
bBase = bSib & 7;
// Special case for base=5 && mod==0 -> fetch 32 bit offset
if( (bBase==5) && (bMod==0) )
{
dwULONG = NEXTULONG;
if(ScanExportsByAddress(&pSymbolName,dwULONG))
{
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s", pSymbolName );
}
else
{
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%08X", (unsigned int) dwULONG );
}
}
else
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s", sGenReg16_32[ 1 ][ bBase ] );
// Scaled index, no index if bIndex is 4
if( bIndex != 4 )
nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%s%s", sScale[ bSs ], sGenReg16_32[ 1 ][ bIndex ] );
else
if(bSs != 0)
nPos += PICE_sprintf( pDis->szDisasm+nPos,"<INVALID MODE>" );
// Offset 8 bit or 32 bit
if( bMod == 1 )
{
bUCHAR = NEXTUCHAR;
if( (signed char)bUCHAR < 0 )
nPos += PICE_sprintf( pDis->szDisasm+nPos,"-%02X", 0-(signed char)bUCHAR );
else
nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%02X", bUCHAR );
}
if( bMod == 2 )
{
dwULONG = NEXTULONG;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%08X", (unsigned int) dwULONG );
}
// Wrap up the instruction
nPos += PICE_sprintf( pDis->szDisasm+nPos,"]" );
break;
}
//
// 16 or 32 address bit cases with mod zero, one or two
//
// Special cases when r/m is 5 and mod is 0, immediate d16 or d32
if( bMod==0 && ((bRm==6 && !(pDis->dwFlags & DIS_ADDRESS32)) || (bRm==5 && (pDis->dwFlags & DIS_ADDRESS32))) )
{
if( pDis->dwFlags & DIS_ADDRESS32 )
{
dwULONG = NEXTULONG;
if(ScanExportsByAddress(&pSymbolName,dwULONG))
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s]", pSymbolName );
else
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%08X]", (unsigned int) dwULONG );
}
else
{
wUSHORT = NEXTUSHORT;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%04X]", wUSHORT );
}
break;
}
// Print the start of the line
nPos += PICE_sprintf( pDis->szDisasm+nPos,"[%s", sAdr1[DIS_GETADDRSIZE(pDis->dwFlags)][ bRm ] );
// Offset (8 or 16) or (8 or 32) bit - 16, 32 bits are unsigned
if( bMod==1 )
{
bUCHAR = NEXTUCHAR;
if( (signed char)bUCHAR < 0 )
nPos += PICE_sprintf( pDis->szDisasm+nPos,"-%02X", 0-(signed char)bUCHAR );
else
nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%02X", bUCHAR );
}
if( bMod==2 )
{
if( pDis->dwFlags & DIS_ADDRESS32 )
{
dwULONG = NEXTULONG;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%08X", (unsigned int) dwULONG );
}
else
{
wUSHORT = NEXTUSHORT;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"+%04X", wUSHORT );
}
}
// Wrap up the instruction
nPos += PICE_sprintf( pDis->szDisasm+nPos,"]" );
break;
case _Gb : // general, UCHAR register
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sRegs1[0][0][ bReg ] );
break;
case _Gv : // general, (d)USHORT register
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[DIS_GETDATASIZE(pDis->dwFlags)][ bReg ] );
break;
case _Yb : // ES:(E)DI pointer
case _Yv :
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s%s", sSegOverrideDefaultES[ bSegOverride ], sYptr[DIS_GETADDRSIZE(pDis->dwFlags)] );
break;
case _Xb : // DS:(E)SI pointer
case _Xv :
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s%s", sSegOverrideDefaultDS[ bSegOverride ], sXptr[DIS_GETADDRSIZE(pDis->dwFlags)] );
break;
case _Rd : // general register double USHORT
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[ 1 ][ bRm ] );
break;
case _Rw : // register USHORT
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[ 0 ][ bMod ] );
break;
case _Sw : // segment register
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sSeg[ bReg ] );
break;
case _Cd : // control register
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sControl[ bReg ] );
break;
case _Dd : // debug register
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sDebug[ bReg ] );
break;
case _Td : // test register
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sTest[ bReg ] );
break;
case _Jb : // immediate UCHAR, relative offset
bUCHAR = NEXTUCHAR;
nPos += PICE_sprintf( pDis->szDisasm+nPos, "short %08X", (unsigned int)(pDis->bpTarget + (signed char)bUCHAR + bInstrLen) );
break;
case _Jv : // immediate USHORT or ULONG, relative offset
if( pDis->dwFlags & DIS_DATA32 )
{
dwULONG = NEXTULONG;
if(ScanExportsByAddress(&pSymbolName,(unsigned int)(pDis->bpTarget + (signed long)dwULONG + bInstrLen)))
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", pSymbolName );
else
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int)(pDis->bpTarget + (signed long)dwULONG + bInstrLen) );
}
else
{
wUSHORT = NEXTUSHORT;
if(ScanExportsByAddress(&pSymbolName,(unsigned int)(pDis->bpTarget + (signed short)wUSHORT + bInstrLen)))
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", pSymbolName );
else
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int)(pDis->bpTarget + (signed short)wUSHORT + bInstrLen) );
}
break;
case _O : // Simple USHORT or ULONG offset
if( pDis->dwFlags & DIS_ADDRESS32 ) // depending on the address size
{
dwULONG = NEXTULONG;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s[%08X]", sSegOverride[ bSegOverride ], (unsigned int) dwULONG );
}
else
{
wUSHORT = NEXTUSHORT;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s[%04X]", sSegOverride[ bSegOverride ], wUSHORT );
}
break;
case _Ib : // immediate UCHAR
bUCHAR = NEXTUCHAR;
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%02X", bUCHAR );
break;
case _Iv : // immediate USHORT or ULONG
if( pDis->dwFlags & DIS_DATA32 )
{
dwULONG = NEXTULONG;
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int) dwULONG );
}
else
{
wUSHORT = NEXTUSHORT;
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%04X", wUSHORT );
}
break;
case _Iw : // Immediate USHORT
wUSHORT = NEXTUSHORT;
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%04X", wUSHORT );
break;
case _Ap : // 32 bit or 48 bit pointer (call far, jump far)
if( pDis->dwFlags & DIS_DATA32 )
{
dwULONG = NEXTULONG;
wUSHORT = NEXTUSHORT;
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%04X:%08X", wUSHORT, (unsigned int) dwULONG );
}
else
{
dwULONG = NEXTULONG;
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%08X", (unsigned int) dwULONG );
}
break;
case _1 : // numerical 1
nPos += PICE_sprintf( pDis->szDisasm+nPos,"1" );
break;
case _3 : // numerical 3
nPos += PICE_sprintf( pDis->szDisasm+nPos,"3" );
break;
// Hard coded registers
case _DX: case _AL: case _AH: case _BL: case _BH: case _CL: case _CH:
case _DL: case _DH: case _CS: case _DS: case _ES: case _SS: case _FS:
case _GS:
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sRegs2[ *pArg - _DX ] );
break;
case _eAX: case _eBX: case _eCX: case _eDX:
case _eSP: case _eBP: case _eSI: case _eDI:
nPos += PICE_sprintf( pDis->szDisasm+nPos, "%s", sGenReg16_32[DIS_GETDATASIZE(pDis->dwFlags)][ *pArg - _eAX ]);
break;
case _ST: // Coprocessor ST
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sST[9] );
break;
case _ST0: // Coprocessor ST(0) - ST(7)
case _ST1:
case _ST2:
case _ST3:
case _ST4:
case _ST5:
case _ST6:
case _ST7:
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sST[ *pArg - _ST0 ] );
break;
case _AX: // Coprocessor AX
nPos += PICE_sprintf( pDis->szDisasm+nPos,"%s", sGenReg16_32[0][0] );
break;
}
}
DisEnd:
// Set the returning values and return with the bInstrLen field
pDis->bAsciiLen = (UCHAR) nPos;
pDis->bInstrLen = bInstrLen;
return bInstrLen;
}
/******************************************************************************
* *
* BOOLEAN Disasm(PULONG pOffset,PUCHAR pchDst) *
* *
* entry point for disassembly from other modules *
******************************************************************************/
BOOLEAN Disasm(PULONG pOffset,PUCHAR pchDst)
{
TDisassembler dis;
dis.dwFlags = DIS_DATA32 | DIS_ADDRESS32;
dis.bpTarget = (UCHAR*)*pOffset;
dis.szDisasm = pchDst;
dis.wSel = CurrentCS;
*pOffset += (ULONG)Disassembler( &dis);
return TRUE;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -