📄 disasm.cpp
字号:
wsprintf(menemonic,"enter %04X, %02X",wMem,(BYTE)Opcode[i+3]);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"C8 %04X %02X",wOp,(BYTE)Opcode[i+3]);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=4;
Disasm->PrefixSize=PrefixesSize;
(*Index)+=3;
}
break;
case 0xC9: // LEAVE
{
lstrcat(Disasm->Assembly,"leave");
lstrcat(Disasm->Opcode,"C9");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCB: // RETF
{
lstrcat(Disasm->Assembly,"retf");
lstrcat(Disasm->Opcode,"CB");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCC: // INT 3
{
lstrcat(Disasm->Assembly,"int3");
lstrcat(Disasm->Opcode,"CC");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCD: // INT XX
{
wsprintf(menemonic,"int %02X",(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"CD %02X",(BYTE)*(Opcode+i+1));
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
++(*Index);
}
break;
case 0xCE: // INTO
{
lstrcat(Disasm->Assembly,"into");
lstrcat(Disasm->Opcode,"CE");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCF: // IRETD/W
{
if(!RegPrefix){
lstrcat(Disasm->Assembly,"iretd");
}
else if(RegPrefix==1){
lstrcat(Disasm->Assembly,"iretw");
}
lstrcat(Disasm->Opcode,"CF");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xD4:case 0xD5: // AAM/AAD
{
char opcode[5];
switch(Op)
{
case 0xD4:wsprintf(opcode,"aam");break;
case 0xD5:wsprintf(opcode,"aad");break;
}
wsprintf(menemonic,"%s %02X",opcode,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X%02X",Op,(BYTE)*(Opcode+i+1));
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
++(*Index);
}
break;
case 0xD6: // SALC
{
lstrcat(Disasm->Assembly,"salc");
lstrcat(Disasm->Opcode,"D6");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xD7: // XLAT
{
lstrcat(Disasm->Assembly,"xlat");
lstrcat(Disasm->Opcode, "D7");
wsprintf(menemonic,"Byte ptr %s:[%s+al]",Segs[SEG],Regs[ADDRM][3]);
lstrcat(Disasm->Remarks,menemonic);
Disasm->PrefixSize=PrefixesSize;
}
break;
// 0xE4 is at 'in al, xxx' cases
case 0xE5: // IN EAX/AX, XX
{
// special case Opcode, insted of reading DWORD (4 bytes), we read 1 BYTE.
char mene[10]="";
GetInstruction(Op,mene); // get instruction from opcode
if(RegPrefix==0) // no prefix
{
// read 4 bytes into EAX
wsprintf(menemonic,"%s %s, %02X",mene,Regs[REG32][0],(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
}
else if(RegPrefix==1) // prefix is being used
{
// read 2 bytes into AX
wsprintf(menemonic,"%s %s, %02X",mene,Regs[REG16][0],(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
}
wsprintf(menemonic,"%02X%02X",Op,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
++(*Index);
}
break;
case 0xE6: // OUT XX, AL
{
char mene[10]="";
GetInstruction(Op,mene);
wsprintf(menemonic,"%s %02X, al",mene,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
strcpy(Disasm->Remarks,"");
wsprintf(menemonic,"%02X%02X",Op,(BYTE)*(Opcode+i+1));
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
++(*Index);
}
break;
case 0xE7: // OUT XX, AX/EAX
{
// special case Opcode, insted of reading DWORD (4 bytes), we read 1 BYTE.
char mene[10]="";
GetInstruction(Op,mene); // get instruction from opcode
if(RegPrefix==0) // no prefix
{
// read 1 byte into EAX
wsprintf(menemonic,"%s %02X, %s",mene,(BYTE)Opcode[i+1],Regs[REG32][0]);
lstrcat(Disasm->Assembly,menemonic);
}
else if(RegPrefix==1) // prefix is being used
{
// read 1 byte into AX
wsprintf(menemonic,"%s %02X, %s",mene,(BYTE)Opcode[i+1],Regs[REG16][0]);
lstrcat(Disasm->Assembly,menemonic);
}
wsprintf(menemonic,"%02X%02X",Op,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
++(*Index);
}
break;
case 0xE8:case 0xE9: // CALL/JMP XXXX/XXXXXXXX
{
DWORD CallAddress=0;
DWORD CallSize=0;
char temp[10];
switch(Op)
{
case 0xE8:strcpy(temp,"call");break;
case 0xE9:strcpy(temp,"jmp");break;
}
if(!RegPrefix)
{
SwapDword((BYTE*)(Opcode+i+1),&dwOp,&dwMem);
dwMem+= Disasm->Address + CallSize + 5 + (PrefixesSize-RegPrefix);
wsprintf(menemonic,"%s %08X",temp,dwMem);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X %08X",Op,dwOp);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=5;
Disasm->PrefixSize = PrefixesSize;
(*Index)+=4;
}
else
{
SwapWord((BYTE*)(Opcode+i+1),&wOp,&wMem);
if(wMem>=0x0000F000)
CallAddress = (wMem + 4 + (PrefixesSize-RegPrefix))-0x0000F000;
else
CallAddress = (Disasm->Address-0x00400000) + wMem + 4 + (PrefixesSize-RegPrefix);
wsprintf(menemonic,"%s %08X",temp, CallAddress);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X %04X",Op,wOp);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=3;
Disasm->PrefixSize = PrefixesSize;
(*Index)+=2;
}
}
break;
case 0xEC: // IN AL, DX
{
lstrcat(Disasm->Assembly,"in al, dx");
lstrcat(Disasm->Opcode,"EC");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xED: // IN AX/EAX, DX
{
wsprintf(menemonic,"in %s, dx",Regs[RM][0]);
lstrcat(Disasm->Assembly,menemonic);
lstrcat(Disasm->Opcode,"ED");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xEE: // OUT DX, AL
{
lstrcat(Disasm->Assembly,"out dx, al");
lstrcat(Disasm->Opcode,"EE");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xEF: // OUT DX, AX/EAX
{
wsprintf(menemonic,"out dx, %s",Regs[RM][0]);
lstrcat(Disasm->Assembly,menemonic);
lstrcat(Disasm->Opcode,"EF");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xF1: // ICEBP (INT1)
{
lstrcat(Disasm->Assembly,"int1");
lstrcat(Disasm->Opcode,"F1");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"(icebp)");
}
break;
case 0xF4: // HLT (HALT)
{
lstrcat(Disasm->Assembly,"hlt");
lstrcat(Disasm->Opcode,"F4");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Halts CPU until RESET");
}
break;
case 0xF5: // CMC
{
lstrcat(Disasm->Assembly,"cmc");
lstrcat(Disasm->Opcode,"F4");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"inverts the Carry Flag");
}
break;
case 0xF8: // CLC
{
lstrcat(Disasm->Assembly,"clc");
lstrcat(Disasm->Opcode,"F8");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Clears the Carry Flag");
}
break;
case 0xF9: // STC
{
lstrcat(Disasm->Assembly,"stc");
lstrcat(Disasm->Opcode,"F9");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Sets the Carry Flag to 1");
}
break;
case 0xFA: // CLI
{
lstrcat(Disasm->Assembly,"cli");
lstrcat(Disasm->Opcode,"FA");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Interrupt flag to 0");
}
break;
case 0xFB: // STI
{
lstrcat(Disasm->Assembly,"sti");
lstrcat(Disasm->Opcode,"FB");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Interrupt flag to 1");
}
break;
case 0xFC: // CLD
{
lstrcat(Disasm->Assembly,"cld");
lstrcat(Disasm->Opcode,"FC");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Direction Flag to 0");
}
break;
case 0xFD: // STD
{
lstrcat(Disasm->Assembly,"std");
lstrcat(Disasm->Opcode,"FD");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Direction Flag to 1");
}
break;
}
}
void ShowDecoded(DISASSEMBLY Disasm)
{
// Printed all information regarding a
// Decoded instruction
char space[]=" ";
printf("%08X: %s %s %s /%d ; %s\n",Disasm.Address,
Disasm.Opcode,
space,
Disasm.Assembly,
Disasm.OpcodeSize+Disasm.PrefixSize,
Disasm.Remarks
);
}
void FlushDecoded(DISASSEMBLY *Disasm)
{
// Clear all information of an decoded
// Instruction
strcpy(Disasm->Assembly,""); // Clear menemonic
strcpy(Disasm->Remarks,""); // Clear commets
strcpy(Disasm->Opcode,""); // Clear opcodes linear
Disasm->OpcodeSize=1; // Smallest opcode size
Disasm->PrefixSize=0; // No Prefixes
}
/*void main()
{
DISASSEMBLY Disasm; // Creates an Disasm Struct
// Linear Address to be decoded
BYTE Opcodes[BYTES_TO_DECODE]={0xFF,0x58,0x00,0x00,0x00,0x00,0xdf,0x00,0x01,0x66,0x04,0x60,0x88,0xF7,0x12,0x13};
// Pointer to linear address
char *Linear="";
// Index of opcoded to decode
DWORD Index=0;
Linear=(char*)Opcodes; // Points to the address of array to decode.
Disasm.Address=0x00401000; // Common Entry Point (usually default..)
FlushDecoded(&Disasm); // reset all content
printf("Disassemble of Vector: ");
for(Index=0;Index<BYTES_TO_DECODE;Index++)
printf("%02X",(BYTE)Opcodes[Index]);
printf("\n\n");
for(Index=0;Index<BYTES_TO_DECODE;Index++)
{
// Decode instruction
Decode(&Disasm,Linear,&Index);
// Upper case Assembly (Optional)
CharUpper(Disasm.Assembly);
// Show Decoded instruction, size, remarks...
ShowDecoded(Disasm);
// Calculate total Size of an instruction + Prefixes, and
// Fix the address of IP
Disasm.Address+=Disasm.OpcodeSize+Disasm.PrefixSize;
// Clear all information
FlushDecoded(&Disasm);
}
getch();
}*/
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -