DBG: added dis.isnop and dis.isunusual

2016-11-18 08:27:38 +01:00 · 2016-11-18 08:27:38 +01:00 · 5167a040d9
parent 58bf10ab41
commit 5167a040d9
3 changed files with 28 additions and 0 deletions
--- a/src/dbg/expressionfunctions.cpp
+++ b/src/dbg/expressionfunctions.cpp
@ -83,6 +83,8 @@ void ExpressionFunctions::Init()
    RegisterEasy("dis.isret", disisret);
    RegisterEasy("dis.iscall", disiscall);
    RegisterEasy("dis.ismem", disismem);
+    RegisterEasy("dis.isnop", disisnop);
+    RegisterEasy("dis.isunusual", disisunusual);
    RegisterEasy("dis.branchdest", disbranchdest);
    RegisterEasy("dis.branchexec", disbranchexec);
    RegisterEasy("dis.imm", disimm);
--- a/src/dbg/exprfunc.cpp
+++ b/src/dbg/exprfunc.cpp
@ -155,6 +155,30 @@ namespace Exprfunc
        return (info.type & TYPE_MEMORY) == TYPE_MEMORY;
    }

+    duint disisnop(duint addr)
+    {
+        unsigned char data[16];
+        if(MemRead(addr, data, sizeof(data), nullptr, true))
+        {
+            Capstone cp;
+            if(cp.Disassemble(addr, data))
+                return cp.IsNop();
+        }
+        return false;
+    }
+
+    duint disisunusual(duint addr)
+    {
+        unsigned char data[16];
+        if(MemRead(addr, data, sizeof(data), nullptr, true))
+        {
+            Capstone cp;
+            if(cp.Disassemble(addr, data))
+                return cp.IsUnusual();
+        }
+        return false;
+    }
+
    duint disbranchdest(duint addr)
    {
        return DbgGetBranchDestination(addr);
--- a/src/dbg/exprfunc.h
+++ b/src/dbg/exprfunc.h
@ -32,6 +32,8 @@ namespace Exprfunc
    duint disisret(duint addr);
    duint disiscall(duint addr);
    duint disismem(duint addr);
+    duint disisnop(duint addr);
+    duint disisunusual(duint addr);
    duint disbranchdest(duint addr);
    duint disbranchexec(duint addr);
    duint disimm(duint addr);