diff --git a/src/dbg/TraceRecord.cpp b/src/dbg/TraceRecord.cpp index 57daae50..91eb6f3d 100644 --- a/src/dbg/TraceRecord.cpp +++ b/src/dbg/TraceRecord.cpp @@ -374,7 +374,7 @@ void _dbg_dbgtraceexecute(duint CIP) if(MemRead(CIP, buffer, MAX_DISASM_BUFFER)) { TraceRecord.increaseInstructionCounter(); - Capstone instruction; + Zydis instruction; instruction.Disassemble(CIP, buffer, MAX_DISASM_BUFFER); TraceRecord.TraceExecute(CIP, instruction.Size()); } diff --git a/src/dbg/_exports.cpp b/src/dbg/_exports.cpp index 33c22d6e..06fd139c 100644 --- a/src/dbg/_exports.cpp +++ b/src/dbg/_exports.cpp @@ -98,7 +98,7 @@ extern "C" DLL_EXPORT bool _dbg_isjumpgoingtoexecute(duint addr) unsigned char data[16]; if(MemRead(addr, data, sizeof(data), nullptr, true)) { - Capstone cp; + Zydis cp; if(cp.Disassemble(addr, data)) { CONTEXT ctx; @@ -334,7 +334,7 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, BRID BRIDGE_ADDRINFO newinfo; char string_text[MAX_STRING_SIZE] = ""; - Capstone cp; + Zydis cp; auto getregs = !bOnlyCipAutoComments || addr == titcontext.cip; disasmget(cp, addr, &instr, getregs); @@ -735,10 +735,10 @@ extern "C" DLL_EXPORT duint _dbg_getbranchdestination(duint addr) unsigned char data[MAX_DISASM_BUFFER]; if(!MemIsValidReadPtr(addr, true) || !MemRead(addr, data, sizeof(data))) return 0; - Capstone cp; + Zydis cp; if(!cp.Disassemble(addr, data)) return 0; - if(cp.IsBranchType(Capstone::BT_Jmp | Capstone::BT_Call | Capstone::BT_Loop)) + if(cp.IsBranchType(Zydis::BT_Jmp | Zydis::BT_Call | Zydis::BT_Loop)) { auto opValue = cp.ResolveOpValue(0, [](ZydisRegister reg) -> size_t { diff --git a/src/dbg/analysis/CodeFollowPass.cpp b/src/dbg/analysis/CodeFollowPass.cpp index 5876aaf3..5c78e3db 100644 --- a/src/dbg/analysis/CodeFollowPass.cpp +++ b/src/dbg/analysis/CodeFollowPass.cpp @@ -50,7 +50,7 @@ duint CodeFollowPass::GetReferenceOperand(const ZydisDecodedInstruction & Contex return 0; } -duint CodeFollowPass::GetMemoryOperand(Capstone & Disasm, const ZydisDecodedInstruction & Context, bool* Indirect) +duint CodeFollowPass::GetMemoryOperand(Zydis & Disasm, const ZydisDecodedInstruction & Context, bool* Indirect) { if(Context.operandCount <= 0) return 0; diff --git a/src/dbg/analysis/CodeFollowPass.h b/src/dbg/analysis/CodeFollowPass.h index b7f6781a..b25d00d5 100644 --- a/src/dbg/analysis/CodeFollowPass.h +++ b/src/dbg/analysis/CodeFollowPass.h @@ -15,5 +15,5 @@ public: private: duint GetReferenceOperand(const ZydisDecodedInstruction & Context); - duint GetMemoryOperand(Capstone & Disasm, const ZydisDecodedInstruction & Context, bool* Indirect); + duint GetMemoryOperand(Zydis & Disasm, const ZydisDecodedInstruction & Context, bool* Indirect); }; \ No newline at end of file diff --git a/src/dbg/analysis/LinearPass.cpp b/src/dbg/analysis/LinearPass.cpp index b9c6521e..0f6a02b2 100644 --- a/src/dbg/analysis/LinearPass.cpp +++ b/src/dbg/analysis/LinearPass.cpp @@ -142,7 +142,7 @@ void LinearPass::AnalyseOverlaps() void LinearPass::AnalysisWorker(duint Start, duint End, BBlockArray* Blocks) { - Capstone disasm; + Zydis disasm; duint blockBegin = Start; // BBlock starting virtual address duint blockEnd = 0; // BBlock ending virtual address diff --git a/src/dbg/analysis/analysis.h b/src/dbg/analysis/analysis.h index 074f784d..da79e23e 100644 --- a/src/dbg/analysis/analysis.h +++ b/src/dbg/analysis/analysis.h @@ -17,7 +17,7 @@ protected: duint mBase; duint mSize; unsigned char* mData; - Capstone mCp; + Zydis mCp; bool inRange(duint addr) const { diff --git a/src/dbg/commands/cmd-searching.cpp b/src/dbg/commands/cmd-searching.cpp index 832a876e..0f9c4c72 100644 --- a/src/dbg/commands/cmd-searching.cpp +++ b/src/dbg/commands/cmd-searching.cpp @@ -284,7 +284,7 @@ bool cbInstrFindAllMem(int argc, char* argv[]) return true; } -static bool cbFindAsm(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) +static bool cbFindAsm(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) { if(!disasm || !basicinfo) //initialize { @@ -372,7 +372,7 @@ struct VALUERANGE duint end; }; -static bool cbRefFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) +static bool cbRefFind(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) { if(!disasm || !basicinfo) //initialize { @@ -454,7 +454,7 @@ bool cbInstrRefFindRange(int argc, char* argv[]) return true; } -static bool cbRefStr(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) +static bool cbRefStr(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) { if(!disasm || !basicinfo) //initialize { @@ -524,7 +524,7 @@ bool cbInstrRefStr(int argc, char* argv[]) return true; } -static bool cbModCallFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) +static bool cbModCallFind(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) { if(!disasm || !basicinfo) //initialize { @@ -714,7 +714,7 @@ struct GUIDRefInfo HKEY CLSID; }; -static bool cbGUIDFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) +static bool cbGUIDFind(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo) { if(!disasm || !basicinfo) //initialize { diff --git a/src/dbg/commands/cmd-undocumented.cpp b/src/dbg/commands/cmd-undocumented.cpp index 67d32ceb..7fd6af4b 100644 --- a/src/dbg/commands/cmd-undocumented.cpp +++ b/src/dbg/commands/cmd-undocumented.cpp @@ -326,7 +326,7 @@ bool cbInstrVisualize(int argc, char* argv[]) //DisassemblyBreakpointColor = #000000 { //initialize - Capstone _cp; + Zydis _cp; duint _base = start; duint _size = maxaddr - start; Memory _data(_size); @@ -444,7 +444,7 @@ bool cbInstrBriefcheck(int argc, char* argv[]) return false; Memory buffer(size + 16); DbgMemRead(base, buffer(), size); - Capstone cp; + Zydis cp; std::unordered_set reported; for(duint i = 0; i < size;) { diff --git a/src/dbg/debugger.cpp b/src/dbg/debugger.cpp index 80d8aadc..90606145 100644 --- a/src/dbg/debugger.cpp +++ b/src/dbg/debugger.cpp @@ -1160,7 +1160,7 @@ void cbRtrStep() #endif //_WIN64 ) { - Capstone cp; + Zydis cp; unsigned char data[MAX_DISASM_BUFFER]; memset(data, 0, sizeof(data)); MemRead(cip, data, MAX_DISASM_BUFFER); diff --git a/src/dbg/disasm_fast.cpp b/src/dbg/disasm_fast.cpp index c089c7de..5ff8ff3f 100644 --- a/src/dbg/disasm_fast.cpp +++ b/src/dbg/disasm_fast.cpp @@ -24,7 +24,7 @@ static MEMORY_SIZE argsize2memsize(int argsize) return size_byte; } -void fillbasicinfo(Capstone* cp, BASIC_INSTRUCTION_INFO* basicinfo, bool instrText) +void fillbasicinfo(Zydis* cp, BASIC_INSTRUCTION_INFO* basicinfo, bool instrText) { //zero basicinfo memset(basicinfo, 0, sizeof(BASIC_INSTRUCTION_INFO)); @@ -95,7 +95,7 @@ bool disasmfast(const unsigned char* data, duint addr, BASIC_INSTRUCTION_INFO* b { if(!data || !basicinfo) return false; - Capstone cp; + Zydis cp; cp.Disassemble(addr, data, MAX_DISASM_BUFFER); if(trydisasmfast(data, addr, basicinfo, cp.Success() ? cp.Size() : 1)) return true; diff --git a/src/dbg/disasm_fast.h b/src/dbg/disasm_fast.h index e2e1f428..6b439099 100644 --- a/src/dbg/disasm_fast.h +++ b/src/dbg/disasm_fast.h @@ -4,7 +4,7 @@ #include "_global.h" #include -void fillbasicinfo(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, bool instrText = true); +void fillbasicinfo(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, bool instrText = true); bool disasmfast(duint addr, BASIC_INSTRUCTION_INFO* basicinfo, bool cache = false); bool disasmfast(const unsigned char* data, duint addr, BASIC_INSTRUCTION_INFO* basicinfo); diff --git a/src/dbg/disasm_helper.cpp b/src/dbg/disasm_helper.cpp index b67fac85..ea3fa6db 100644 --- a/src/dbg/disasm_helper.cpp +++ b/src/dbg/disasm_helper.cpp @@ -22,7 +22,7 @@ duint disasmback(unsigned char* data, duint base, duint size, duint ip, int n) unsigned char* pdata; // Reset Disasm Structure - Capstone cp; + Zydis cp; // Check if the pointer is not null if(data == NULL) @@ -82,7 +82,7 @@ duint disasmnext(unsigned char* data, duint base, duint size, duint ip, int n) unsigned char* pdata; // Reset Disasm Structure - Capstone cp; + Zydis cp; if(data == NULL) return 0; @@ -111,7 +111,7 @@ duint disasmnext(unsigned char* data, duint base, duint size, duint ip, int n) return ip; } -static void HandleCapstoneOperand(Capstone & cp, int opindex, DISASM_ARG* arg, bool getregs) +static void HandleCapstoneOperand(Zydis & cp, int opindex, DISASM_ARG* arg, bool getregs) { auto value = cp.ResolveOpValue(opindex, [&cp, getregs](ZydisRegister reg) { @@ -185,7 +185,7 @@ static void HandleCapstoneOperand(Capstone & cp, int opindex, DISASM_ARG* arg, b } } -void disasmget(Capstone & cp, unsigned char* buffer, duint addr, DISASM_INSTR* instr, bool getregs) +void disasmget(Zydis & cp, unsigned char* buffer, duint addr, DISASM_INSTR* instr, bool getregs) { memset(instr, 0, sizeof(DISASM_INSTR)); cp.Disassemble(addr, buffer, MAX_DISASM_BUFFER); @@ -202,7 +202,7 @@ void disasmget(Capstone & cp, unsigned char* buffer, duint addr, DISASM_INSTR* i auto cpInstr = cp.GetInstr(); strcpy_s(instr->instruction, cp.InstructionText().c_str()); instr->instr_size = cpInstr->length; - if(cp.IsBranchType(Capstone::BT_Jmp | Capstone::BT_Loop | Capstone::BT_Ret | Capstone::BT_Call)) + if(cp.IsBranchType(Zydis::BT_Jmp | Zydis::BT_Loop | Zydis::BT_Ret | Zydis::BT_Call)) instr->type = instr_branch; else if(strstr(instr->instruction, "sp") || strstr(instr->instruction, "bp")) instr->type = instr_stack; @@ -213,7 +213,7 @@ void disasmget(Capstone & cp, unsigned char* buffer, duint addr, DISASM_INSTR* i HandleCapstoneOperand(cp, i, &instr->arg[i], getregs); } -void disasmget(Capstone & cp, duint addr, DISASM_INSTR* instr, bool getregs) +void disasmget(Zydis & cp, duint addr, DISASM_INSTR* instr, bool getregs) { if(!DbgIsDebugging()) { @@ -230,7 +230,7 @@ void disasmget(Capstone & cp, duint addr, DISASM_INSTR* instr, bool getregs) void disasmget(unsigned char* buffer, duint addr, DISASM_INSTR* instr, bool getregs) { - Capstone cp; + Zydis cp; disasmget(cp, buffer, addr, instr, getregs); } @@ -404,7 +404,7 @@ bool disasmgetstringatwrapper(duint addr, char* dest, bool cache) int disasmgetsize(duint addr, unsigned char* data) { - Capstone cp; + Zydis cp; if(!cp.Disassemble(addr, data, MAX_DISASM_BUFFER)) return 1; return int(EncodeMapGetSize(addr, cp.Size())); diff --git a/src/dbg/disasm_helper.h b/src/dbg/disasm_helper.h index 4f32dfba..e8d7fd8e 100644 --- a/src/dbg/disasm_helper.h +++ b/src/dbg/disasm_helper.h @@ -7,8 +7,8 @@ //functions duint disasmback(unsigned char* data, duint base, duint size, duint ip, int n); duint disasmnext(unsigned char* data, duint base, duint size, duint ip, int n); -void disasmget(Capstone & cp, unsigned char* buffer, duint addr, DISASM_INSTR* instr, bool getregs = true); -void disasmget(Capstone & cp, duint addr, DISASM_INSTR* instr, bool getregs = true); +void disasmget(Zydis & cp, unsigned char* buffer, duint addr, DISASM_INSTR* instr, bool getregs = true); +void disasmget(Zydis & cp, duint addr, DISASM_INSTR* instr, bool getregs = true); void disasmget(unsigned char* buffer, duint addr, DISASM_INSTR* instr, bool getregs = true); void disasmget(duint addr, DISASM_INSTR* instr, bool getregs = true); bool disasmispossiblestring(duint addr, STRING_TYPE* type = nullptr); diff --git a/src/dbg/encodemap.cpp b/src/dbg/encodemap.cpp index 6bd26ae6..b4b62e3c 100644 --- a/src/dbg/encodemap.cpp +++ b/src/dbg/encodemap.cpp @@ -248,7 +248,7 @@ bool EncodeMapSetType(duint addr, duint size, ENCODETYPE type, bool* created) memset(map.data + offset, (byte)enc_middle, size); if(IsCodeType(type) && size > 1) { - Capstone cp; + Zydis cp; Memory buffer(size); if(!MemRead(addr, buffer(), size)) return false; diff --git a/src/dbg/exprfunc.cpp b/src/dbg/exprfunc.cpp index 9f12441a..0580707d 100644 --- a/src/dbg/exprfunc.cpp +++ b/src/dbg/exprfunc.cpp @@ -178,7 +178,7 @@ namespace Exprfunc unsigned char data[16]; if(MemRead(addr, data, sizeof(data), nullptr, true)) { - Capstone cp; + Zydis cp; if(cp.Disassemble(addr, data)) return cp.IsNop(); } @@ -190,7 +190,7 @@ namespace Exprfunc unsigned char data[16]; if(MemRead(addr, data, sizeof(data), nullptr, true)) { - Capstone cp; + Zydis cp; if(cp.Disassemble(addr, data)) return cp.IsUnusual(); } diff --git a/src/dbg/reference.cpp b/src/dbg/reference.cpp index 0cd8d8b7..9dbd454d 100644 --- a/src/dbg/reference.cpp +++ b/src/dbg/reference.cpp @@ -63,7 +63,7 @@ int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Sile sprintf_s(fullName, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "%s (Region %p)")), Name, scanStart); // Initialize disassembler - Capstone cp; + Zydis cp; // Allow an "initialization" notice refInfo.refcount = 0; @@ -104,7 +104,7 @@ int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Sile sprintf_s(fullName, "%s (%p)", Name, scanStart); // Initialize disassembler - Capstone cp; + Zydis cp; // Allow an "initialization" notice refInfo.refcount = 0; @@ -147,7 +147,7 @@ int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Sile } // Initialize disassembler - Capstone cp; + Zydis cp; // Determine the full module sprintf_s(fullName, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "All Modules (%s)")), Name); @@ -185,7 +185,7 @@ int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Sile return refInfo.refcount; } -int RefFindInRange(duint scanStart, duint scanSize, CBREF Callback, void* UserData, bool Silent, REFINFO & refInfo, Capstone & cp, bool initCallBack, const CBPROGRESS & cbUpdateProgress, bool disasmText) +int RefFindInRange(duint scanStart, duint scanSize, CBREF Callback, void* UserData, bool Silent, REFINFO & refInfo, Zydis & cp, bool initCallBack, const CBPROGRESS & cbUpdateProgress, bool disasmText) { // Allocate and read a buffer from the remote process Memory data(scanSize, "reffind:data"); diff --git a/src/dbg/reference.h b/src/dbg/reference.h index 139d9b95..c9666943 100644 --- a/src/dbg/reference.h +++ b/src/dbg/reference.h @@ -20,10 +20,10 @@ typedef enum } REFFINDTYPE; // Reference callback typedef -typedef bool (*CBREF)(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo); +typedef bool (*CBREF)(Zydis* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo); typedef std::function CBPROGRESS; int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Silent, const char* Name, REFFINDTYPE type, bool disasmText); -int RefFindInRange(duint scanStart, duint scanSize, CBREF Callback, void* UserData, bool Silent, REFINFO & refInfo, Capstone & cp, bool initCallBack, const CBPROGRESS & cbUpdateProgress, bool disasmText); +int RefFindInRange(duint scanStart, duint scanSize, CBREF Callback, void* UserData, bool Silent, REFINFO & refInfo, Zydis & cp, bool initCallBack, const CBPROGRESS & cbUpdateProgress, bool disasmText); #endif // _REFERENCE_H \ No newline at end of file diff --git a/src/dbg/x64dbg.cpp b/src/dbg/x64dbg.cpp index 07109b73..0689735d 100644 --- a/src/dbg/x64dbg.cpp +++ b/src/dbg/x64dbg.cpp @@ -643,7 +643,7 @@ extern "C" DLL_EXPORT const char* _dbg_dbginit() json_set_alloc_funcs(json_malloc, json_free); //#endif //ENABLE_MEM_TRACE dputs(QT_TRANSLATE_NOOP("DBG", "Initializing capstone...")); - Capstone::GlobalInitialize(); + Zydis::GlobalInitialize(); dputs(QT_TRANSLATE_NOOP("DBG", "Initializing Yara...")); if(yr_initialize() != ERROR_SUCCESS) return "Failed to initialize Yara!"; @@ -780,7 +780,7 @@ extern "C" DLL_EXPORT void _dbg_dbgexitsignal() cmdfree(); varfree(); yr_finalize(); - Capstone::GlobalFinalize(); + Zydis::GlobalFinalize(); dputs(QT_TRANSLATE_NOOP("DBG", "Cleaning up wait objects...")); waitdeinitialize(); SafeDbghelpDeinitialize(); diff --git a/src/gui/Src/Disassembler/QBeaEngine.cpp b/src/gui/Src/Disassembler/QBeaEngine.cpp index 38ebc2e8..96165b2a 100644 --- a/src/gui/Src/Disassembler/QBeaEngine.cpp +++ b/src/gui/Src/Disassembler/QBeaEngine.cpp @@ -35,7 +35,7 @@ ulong QBeaEngine::DisassembleBack(byte_t* data, duint base, duint size, duint ip unsigned char* pdata; // Reset Disasm Structure - Capstone cp; + Zydis cp; // Check if the pointer is not null if(data == NULL) @@ -131,7 +131,7 @@ ulong QBeaEngine::DisassembleNext(byte_t* data, duint base, duint size, duint ip unsigned char* pdata; // Reset Disasm Structure - Capstone cp; + Zydis cp; if(data == NULL) return 0; @@ -200,14 +200,14 @@ Instruction_t QBeaEngine::DisassembleAt(byte_t* data, duint size, duint origBase auto branchType = Instruction_t::None; Instruction_t wInst; - if(success && (cp.IsBranchType(Capstone::BT_Jmp | Capstone::BT_Call | Capstone::BT_Ret | Capstone::BT_Loop))) + if(success && (cp.IsBranchType(Zydis::BT_Jmp | Zydis::BT_Call | Zydis::BT_Ret | Zydis::BT_Loop))) { wInst.branchDestination = DbgGetBranchDestination(origBase + origInstRVA); - if(cp.IsBranchType(Capstone::BT_UncondJmp)) + if(cp.IsBranchType(Zydis::BT_UncondJmp)) branchType = Instruction_t::Unconditional; - else if(cp.IsBranchType(Capstone::BT_Call)) + else if(cp.IsBranchType(Zydis::BT_Call)) branchType = Instruction_t::Call; - else if(cp.IsBranchType(Capstone::BT_CondJmp)) + else if(cp.IsBranchType(Zydis::BT_CondJmp)) branchType = Instruction_t::Conditional; } else diff --git a/src/gui/Src/Disassembler/capstone_gui.cpp b/src/gui/Src/Disassembler/capstone_gui.cpp index e3fb4ee0..afb276a0 100644 --- a/src/gui/Src/Disassembler/capstone_gui.cpp +++ b/src/gui/Src/Disassembler/capstone_gui.cpp @@ -195,7 +195,7 @@ int CapstoneTokenizer::Size() const return _success ? _cp.Size() : 1; } -const Capstone & CapstoneTokenizer::GetCapstone() const +const Zydis & CapstoneTokenizer::GetCapstone() const { return _cp; } @@ -480,7 +480,7 @@ bool CapstoneTokenizer::tokenizeImmOperand(const ZydisDecodedOperand & op) { duint value; TokenType valueType; - if(_cp.IsBranchType(Capstone::BT_Jmp | Capstone::BT_Call | Capstone::BT_Loop)) + if(_cp.IsBranchType(Zydis::BT_Jmp | Zydis::BT_Call | Zydis::BT_Loop)) { value = _cp.BranchDestination(); valueType = TokenType::Address; diff --git a/src/gui/Src/Disassembler/capstone_gui.h b/src/gui/Src/Disassembler/capstone_gui.h index e4665867..4f42f4af 100644 --- a/src/gui/Src/Disassembler/capstone_gui.h +++ b/src/gui/Src/Disassembler/capstone_gui.h @@ -149,7 +149,7 @@ public: void UpdateConfig(); void SetConfig(bool bUppercase, bool bTabbedMnemonic, bool bArgumentSpaces, bool bMemorySpaces, bool bNoHighlightOperands, bool bNoCurrentModuleText, bool b0xPrefixValues); int Size() const; - const Capstone & GetCapstone() const; + const Zydis & GetCapstone() const; static void UpdateColors(); static void UpdateStringPool(); @@ -162,7 +162,7 @@ public: static bool tokenTextPoolEquals(const QString & a, const QString & b); private: - Capstone _cp; + Zydis _cp; bool isNop; InstructionToken _inst; bool _success; diff --git a/src/gui/Src/Gui/LocalVarsView.cpp b/src/gui/Src/Gui/LocalVarsView.cpp index 9bb47d85..cc8c6268 100644 --- a/src/gui/Src/Gui/LocalVarsView.cpp +++ b/src/gui/Src/Gui/LocalVarsView.cpp @@ -184,7 +184,7 @@ void LocalVarsView::updateSlot() { if(start != this->currentFunc) //needs analyzing { - Capstone dis; + Zydis dis; unsigned char* buffer = new unsigned char[end - start + 16]; if(!DbgMemRead(start, buffer, end - start + 16)) //failed to read memory for analyzing { diff --git a/src/gui/Src/Gui/RegistersView.cpp b/src/gui/Src/Gui/RegistersView.cpp index 0321affd..1887407b 100644 --- a/src/gui/Src/Gui/RegistersView.cpp +++ b/src/gui/Src/Gui/RegistersView.cpp @@ -2342,15 +2342,15 @@ void RegistersView::drawRegister(QPainter* p, REGISTER_NAME reg, char* value) if(highlight) { const char* name = ""; - switch(highlight & ~(Capstone::Implicit | Capstone::Explicit)) + switch(highlight & ~(Zydis::Implicit | Zydis::Explicit)) { - case Capstone::Read: + case Zydis::Read: name = "RegistersHighlightReadColor"; break; - case Capstone::Write: + case Zydis::Write: name = "RegistersHighlightWriteColor"; break; - case Capstone::Read | Capstone::Write: + case Zydis::Read | Zydis::Write: name = "RegistersHighlightReadWriteColor"; break; } diff --git a/src/gui/Src/main.cpp b/src/gui/Src/main.cpp index f8429471..d91a74eb 100644 --- a/src/gui/Src/main.cpp +++ b/src/gui/Src/main.cpp @@ -107,7 +107,7 @@ int main(int argc, char* argv[]) TLS_TranslatedStringMap = new std::map(); // initialize capstone - Capstone::GlobalInitialize(); + Zydis::GlobalInitialize(); // load config file + set config font mConfiguration = new Configuration; diff --git a/src/gui/x64dbg.pro b/src/gui/x64dbg.pro index ea2377dc..85a8b814 100644 --- a/src/gui/x64dbg.pro +++ b/src/gui/x64dbg.pro @@ -350,6 +350,8 @@ LIBS += -luser32 -ladvapi32 -lwinmm -lshell32 # Windows x86 (32bit) specific build LIBS += -L"$$PWD/../zydis_wrapper/Zydis" -lZydis_x86 LIBS += -L"$$PWD/../zydis_wrapper/bin/x32$${DIR_SUFFIX}" -lzydis_wrapper + LIBS += -L"$$PWD/../capstone_wrapper/capstone" -lcapstone_x86 + LIBS += -L"$$PWD/../capstone_wrapper/bin/x32$${DIR_SUFFIX}" -lcapstone_wrapper LIBS += -L"$$PWD/Src/ThirdPartyLibs/snowman" -lsnowman_x86 LIBS += -L"$$PWD/Src/ThirdPartyLibs/ldconvert" -lldconvert_x86 LIBS += -L"$${X64_BIN_DIR}" -lx32bridge @@ -357,6 +359,8 @@ LIBS += -luser32 -ladvapi32 -lwinmm -lshell32 # Windows x64 (64bit) specific build LIBS += -L"$$PWD/../zydis_wrapper/Zydis" -lZydis_x64 LIBS += -L"$$PWD/../zydis_wrapper/bin/x64$${DIR_SUFFIX}" -lzydis_wrapper + LIBS += -L"$$PWD/../capstone_wrapper/capstone" -lcapstone_x64 + LIBS += -L"$$PWD/../capstone_wrapper/bin/x64$${DIR_SUFFIX}" -lcapstone_wrapper LIBS += -L"$$PWD/Src/ThirdPartyLibs/snowman" -lsnowman_x64 LIBS += -L"$$PWD/Src/ThirdPartyLibs/ldconvert" -lldconvert_x64 LIBS += -L"$${X64_BIN_DIR}" -lx64bridge diff --git a/src/zydis_wrapper b/src/zydis_wrapper index 093fbde4..27a0fb11 160000 --- a/src/zydis_wrapper +++ b/src/zydis_wrapper @@ -1 +1 @@ -Subproject commit 093fbde4acbe897ecd080ed157b3d4bfb95323f3 +Subproject commit 27a0fb119e5be7c532d071edfd23cb67c4628b88 diff --git a/x64dbg.sln b/x64dbg.sln index 63289896..f7c28ce4 100644 --- a/x64dbg.sln +++ b/x64dbg.sln @@ -20,6 +20,8 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "x64dbg_launcher", "src\laun EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "capstone_wrapper", "src\capstone_wrapper\capstone_wrapper.vcxproj", "{C9B06E6E-3534-4E7B-9C00-C3EA33CC4E15}" EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "zydis_wrapper", "src\zydis_wrapper\zydis_wrapper.vcxproj", "{3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Win32 = Debug|Win32 @@ -68,6 +70,14 @@ Global {C9B06E6E-3534-4E7B-9C00-C3EA33CC4E15}.Release|Win32.Build.0 = Release|Win32 {C9B06E6E-3534-4E7B-9C00-C3EA33CC4E15}.Release|x64.ActiveCfg = Release|x64 {C9B06E6E-3534-4E7B-9C00-C3EA33CC4E15}.Release|x64.Build.0 = Release|x64 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Debug|Win32.ActiveCfg = Debug|Win32 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Debug|Win32.Build.0 = Debug|Win32 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Debug|x64.ActiveCfg = Debug|x64 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Debug|x64.Build.0 = Debug|x64 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Release|Win32.ActiveCfg = Release|Win32 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Release|Win32.Build.0 = Release|Win32 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Release|x64.ActiveCfg = Release|x64 + {3B2C1EE1-FDEC-4D85-BE46-3C6A5EA69883}.Release|x64.Build.0 = Release|x64 EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE