📄 dsasm_functions.cpp
字号:
break;
case 0xDE: // FPU Instruction
{
switch((BYTE)(*(*Opcode+Pos+1)))
{
case 0xC0:case 0xC1:case 0xC2:case 0xC3:
case 0xC4:case 0xC5:case 0xC6:case 0xC7:
{
wsprintf(assembly,"faddp %s,st",FpuRegs[reg2]);
}
break;
case 0xC8:case 0xC9:case 0xCA:case 0xCB:
case 0xCC:case 0xCD:case 0xCE:case 0xCF:
{
wsprintf(assembly,"fmulp %s,st",FpuRegs[reg2]);
}
break;
case 0xD0:case 0xD1:case 0xD2:case 0xD3:
case 0xD4:case 0xD5:case 0xD6:case 0xD7:
{
wsprintf(assembly,"ficom %s",FpuRegs[reg2]);
}
break;
case 0xD8:case 0xD9:case 0xDA:case 0xDB:
case 0xDC:case 0xDD:case 0xDE:case 0xDF:
{
wsprintf(assembly,"ficomp %s",FpuRegs[reg2]);
}
break;
case 0xE0:case 0xE1:case 0xE2:case 0xE3:
case 0xE4:case 0xE5:case 0xE6:case 0xE7:
{
wsprintf(assembly,"fsubrp %s,st",FpuRegs[reg2]);
}
break;
case 0xE9:
{
strcpy(assembly,"fcompp");
}
break;
case 0xE8:case 0xEA:case 0xEB:
case 0xEC:case 0xED:case 0xEE:case 0xEF:
{
wsprintf(assembly,"fsubp %s,st",FpuRegs[reg2]);
}
break;
case 0xF0:case 0xF1:case 0xF2:case 0xF3:
case 0xF4:case 0xF5:case 0xF6:case 0xF7:
{
wsprintf(assembly,"fdivrp %s,st",FpuRegs[reg2]);
}
break;
case 0xF8:case 0xF9:case 0xFA:case 0xFB:
case 0xFC:case 0xFD:case 0xFE:case 0xFF:
{
wsprintf(assembly,"fdivp %s,st",FpuRegs[reg2]);
}
break;
}
}
break;
case 0xDF: // FPU Instruction
{
switch((BYTE)(*(*Opcode+Pos+1)))
{
case 0xC0:case 0xC1:case 0xC2:case 0xC3:
case 0xC4:case 0xC5:case 0xC6:case 0xC7:
{
wsprintf(assembly,"ffreep %s",FpuRegs[reg2]);
}
break;
case 0xC8:case 0xC9:case 0xCA:case 0xCB:
case 0xCC:case 0xCD:case 0xCE:case 0xCF:
{
lstrcat((*Disasm)->Remarks,"Invalid Instruction");
strcpy(assembly,"???");
}
break;
case 0xD0:case 0xD1:case 0xD2:case 0xD3:
case 0xD4:case 0xD5:case 0xD6:case 0xD7:
{
wsprintf(assembly,"fist %s",FpuRegs[reg2]);
}
break;
case 0xD8:case 0xD9:case 0xDA:case 0xDB:
case 0xDC:case 0xDD:case 0xDE:case 0xDF:
{
wsprintf(assembly,"fistp %s",FpuRegs[reg2]);
}
break;
case 0xE0:
{
strcpy(assembly,"fnstsw ax");
}
break;
case 0xE1:case 0xE2:case 0xE3:
case 0xE4:case 0xE5:case 0xE6:case 0xE7:
{
wsprintf(assembly,"fbld %s",FpuRegs[reg2]);
}
break;
case 0xE9:case 0xE8:case 0xEA:case 0xEB:
case 0xEC:case 0xED:case 0xEE:case 0xEF:
{
wsprintf(assembly,"fucomip st,%s",FpuRegs[reg2]);
}
break;
case 0xF0:case 0xF1:case 0xF2:case 0xF3:
case 0xF4:case 0xF5:case 0xF6:case 0xF7:
{
wsprintf(assembly,"fcomip st,%s",FpuRegs[reg2]);
}
break;
case 0xF8:case 0xF9:case 0xFA:case 0xFB:
case 0xFC:case 0xFD:case 0xFE:case 0xFF:
{
wsprintf(assembly,"fistp %s",FpuRegs[reg2]);
}
break;
}
}
break;
case 0xF6:
{
if(reg1==0 || reg1==1)
{
SwapWord((BYTE*)(*Opcode+Pos+1),&wOp,&wMem);
wsprintf(assembly,"%s %s,%02X",InstructionsSet2[REG],regs[RM][reg2],wOp&0x00FF);
(*(*index))++;
m_OpcodeSize++;
wsprintf(m_Bytes,"%02X",wOp&0x00FF);
lstrcat(temp,m_Bytes);
}
else
wsprintf(assembly,"%s %s",InstructionsSet2[REG],regs[RM][reg2]);
}
break;
case 0xF7:
{
if(reg1==0 || reg1==1)
{
if(!PrefixReg) // no 0x66 prefix used (read DWORD)
{
SwapDword((BYTE*)(*Opcode+Pos+2),&dwOp,&dwMem);
wsprintf(assembly,"%s %s,%08X",InstructionsSet2[REG],regs[RM][reg2],dwMem);
wsprintf(m_Bytes," %08X",dwOp);
(*(*index))+=4;
m_OpcodeSize+=4;
}
else // prefix 0x66 is being used (read WORD)
{
SwapWord((BYTE*)(*Opcode+Pos+2),&wOp,&wMem);
wsprintf(assembly,"%s %s,%04X",InstructionsSet2[REG],regs[RM][reg2],wMem);
wsprintf(m_Bytes," %04X",wOp);
(*(*index))+=2;
m_OpcodeSize+=2;
}
lstrcat(temp,m_Bytes);
}
else
wsprintf(assembly,"%s %s",InstructionsSet2[REG],regs[RM][reg2]);
}
break;
case 0xFE: // MIX Instructions (INC,DEC,INVALID,INVALID...)
{
wsprintf(assembly,"%s %s",InstructionsSet3[REG],regs[RM][reg2]);
if(REG>1)
lstrcat((*Disasm)->Remarks,"Illegal Instruction");
}
break;
case 0xFF:
{
wsprintf(assembly,"%s %s",InstructionsSet4[REG],regs[RM][reg2]);
if(REG==7)
lstrcat((*Disasm)->Remarks,"Illegal Instruction");
}
break;
case 0x8D:{
wsprintf(assembly,"%s %s, %s",instruction,regs[RM][reg2],regs[RM][reg1]);
lstrcat((*Disasm)->Remarks,"Illegal Instruction");
}
break;
// Default General Instructions
default: wsprintf(assembly,"%s %s, %s",instruction,regs[RM][reg1],regs[RM][reg2]); break;
}
lstrcat((*Disasm)->Assembly,assembly);
(*Disasm)->OpcodeSize=m_OpcodeSize;
lstrcat((*Disasm)->Opcode,temp);
(*(*index))+=IndexAdd;
// strcpy(menemonic,assembly);
}
return; // RET
}
void Mod_RM_SIB(
DISASSEMBLY **Disasm,
char **Opcode, int pos,
bool AddrPrefix,
int SEG,
DWORD **index,
BYTE Bit_d,
BYTE Bit_w,
char *instruction,
BYTE Op,
bool PrefixReg,
bool PrefixSeg,
bool PrefixAddr
)
{
/*
This Function will resolve BigSet menemonics:
ADC, ADD, AND, CMP, MOV, OR, SBB, SUB, XOR,ARPL, BOUND..
We analyze the opcode using ;
BitD, BitW,SIB ( SS III BBB : Sacle-Index-Base)
MOD/RM
*/
// Set Defaults
DWORD dwOp,dwMem;
int RM=REG8,SCALE=0,SIB,ADDRM=REG32;
WORD wOp,wMem;
bool bound=0,UsesFPU=0;
char RSize[10]="byte",Aritmathic[5]="+",tempAritmathic[5]="+";
BYTE reg1=0,reg2=0,REG=0,Extension=0,FOpcode=0;
char menemonic[128]="",tempMeme[128]="",Addr[15]="",temp[128]="";
char instr[50]="";
// Get used Register
// Get target register, example:
// 1. add byte ptr [ecx], -> al <-
// 2. add -> al <- ,byte ptr [ecx]
REG=(BYTE)(*(*Opcode+pos+1));
REG>>=3;
REG&=0x07;
//Displacement MOD (none|BYTE/WORD|DWORD)
Extension=(BYTE)(*(*Opcode+pos+1))>>6;
/*
There are 3 types of Displacement to RegMem
00 -> [00] 000 000 ; no byte extention ([RegMem])
40-> [01] 000 000 ; 1 byte extenton ([RegMem+XX])
80 -> [10] 000 000 ; 4 bytes extention ([RegMem+XXXXXXXX])
*/
//===================//
// Bitwise OverRides //
//===================//
// Arpl, Bound, Test, Xchg menemonics are special cases! when alone.
// so we need to set specific static bits for d/w
// We specify Size of Data corresponding to each mnemonic.
switch((BYTE)(*(*Opcode+pos)))
{
case 0x20: { PrefixReg=0; } break; // Force Byte Size Regardless Operands.
case 0x39: case 0x3B: strcpy(RSize,regSize[1]); break; // DWORD
case 0x63: { Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // DWORD
case 0x62: { RM=REG32; bound=1; Bit_d=1; Bit_w=0; strcpy(RSize,regSize[0]); } break; // QWORD
case 0x69: { Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // DWORD
case 0x6B: { Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // DWORD
case 0x84: case 0x86: { Bit_d=0; Bit_w=0; } break; // BYTE
case 0x85: case 0x87: { Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // DWORD
case 0x80: case 0x82: case 0xC6: case 0xF6:{ Bit_d=0;Bit_w=0; strcpy(RSize,regSize[3]); } break; // BYTE
case 0x81: case 0x83: case 0xC7: case 0xF7: case 0x89:{ Bit_d=0;Bit_w=1; strcpy(RSize,regSize[1]); } break;
case 0x8B: strcpy(RSize,regSize[1]); break; // DWORD
case 0x8C: case 0x8E: { strcpy(RSize,regSize[2]); } break; // WORD
case 0x8D: case 0x8F: { Bit_d=1; Bit_w=1; strcpy(RSize,regSize[1]); } break; // POP/LEA
case 0xC0: { Bit_d=1; Bit_w=0;} break; // BYTE
case 0xC1: { Bit_d=1; Bit_w=1; strcpy(RSize,regSize[1]); } break; // MIX
case 0xC4: case 0xC5: { RM=REG32; Bit_d=1; Bit_w=0; strcpy(RSize,regSize[4]); } break; // LES/LDS
case 0xD0: case 0xD2: { Bit_d=0; Bit_w=0; strcpy(RSize,regSize[3]); } break; // MIX
case 0xD1: case 0xD3: { Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // MIXED
case 0xD8: { UsesFPU=1; Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // FPU
case 0xD9:{
UsesFPU=1; Bit_d=0; Bit_w=0;
switch(REG)
{
case 0: case 2: case 3:strcpy(RSize,regSize[1]); break; // DWORD (REAL4)
case 4: case 6: strcpy(RSize,regSize[6]); break; // 28Bytes
case 5: case 7: strcpy(RSize,regSize[2]); break; // WORD (REAL2)
}
}
break; // FPU
case 0xDA: { UsesFPU=1; Bit_d=0; Bit_w=1; strcpy(RSize,regSize[1]); } break; // FPU
case 0xDB: { UsesFPU=1; Bit_d=0; Bit_w=0; if(REG<4) strcpy(RSize,regSize[1]); else strcpy(RSize,regSize[5]);} break; // FPU
case 0xDC: { UsesFPU=1; Bit_d=0; Bit_w=0; strcpy(RSize,regSize[0]); } break; // FPU
case 0xDD: {
UsesFPU=1; Bit_d=0; Bit_w=0;
switch(REG)
{
case 0: case 1: case 2: case 3: strcpy(RSize,regSize[0]); break; // QWORD
case 4: case 5: case 6: strcpy(RSize,regSize[7]); break; // (108)Byte
case 7: strcpy(RSize,regSize[2]); break; // WORD
}
}
break; // FPU
case 0xDE: { UsesFPU=1; Bit_d=0; Bit_w=0; strcpy(RSize,regSize[2]); } break; // WORD
case 0xDF: {
UsesFPU=1; Bit_d=0; Bit_w=0;
switch(REG)
{
case 0: case 1: case 2: case 3: strcpy(RSize,regSize[2]); break; // WORD
case 4: case 6: strcpy(RSize,regSize[5]); break; // TByte
case 5: case 7: strcpy(RSize,regSize[0]); break; // QWord
}
}
break;
case 0xFE: { Bit_d=0; Bit_w=0; strcpy(RSize,regSize[3]); } break; // BYTE
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -