DBG: added Capstone::IsLoop and fixed Capstone::IsFilling
This commit is contained in:
parent
0c8b6c8df7
commit
53fd990c83
|
|
@ -17,6 +17,7 @@
|
|||
#include <vector>
|
||||
#include <stack>
|
||||
#include <map>
|
||||
#include <set>
|
||||
#include <algorithm>
|
||||
#include <unordered_map>
|
||||
#include <tlhelp32.h>
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ String Capstone::OperandText(int opindex)
|
|||
|
||||
case X86_OP_IMM:
|
||||
{
|
||||
if(InGroup(CS_GRP_JUMP) || InGroup(CS_GRP_CALL))
|
||||
if(InGroup(CS_GRP_JUMP) || InGroup(CS_GRP_CALL) || IsLoop())
|
||||
sprintf_s(temp, "%"fext"X", op.imm + mInstr->size);
|
||||
else
|
||||
sprintf_s(temp, "%"fext"X", op.imm);
|
||||
|
|
@ -163,8 +163,27 @@ const cs_x86 & Capstone::x86()
|
|||
|
||||
bool Capstone::IsFilling()
|
||||
{
|
||||
uint8_t opcode = x86().opcode[0];
|
||||
return opcode == 0x90 || opcode == 0xCC;
|
||||
switch(GetId())
|
||||
{
|
||||
case X86_INS_NOP:
|
||||
case X86_INS_INT3:
|
||||
return true;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
bool Capstone::IsLoop()
|
||||
{
|
||||
switch(GetId())
|
||||
{
|
||||
case X86_INS_LOOP:
|
||||
case X86_INS_LOOPE:
|
||||
case X86_INS_LOOPNE:
|
||||
return true;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
x86_insn Capstone::GetId()
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ public:
|
|||
const uint Address();
|
||||
const cs_x86 & x86();
|
||||
bool IsFilling();
|
||||
bool IsLoop();
|
||||
x86_insn GetId();
|
||||
String InstructionText();
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ void fillbasicinfo(Capstone* cp, BASIC_INSTRUCTION_INFO* basicinfo)
|
|||
basicinfo->branch = true;
|
||||
basicinfo->call = true;
|
||||
}
|
||||
else if(cp->InGroup(CS_GRP_JUMP))
|
||||
else if(cp->InGroup(CS_GRP_JUMP) || cp->IsLoop())
|
||||
{
|
||||
basicinfo->branch = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -204,7 +204,7 @@ void disasmget(unsigned char* buffer, uint addr, DISASM_INSTR* instr)
|
|||
sprintf_s(instr->instruction, "%s %s", cp.GetInstr()->mnemonic, cp.GetInstr()->op_str);
|
||||
const cs_x86 & x86 = cp.GetInstr()->detail->x86;
|
||||
instr->instr_size = cp.GetInstr()->size;
|
||||
if(cp.InGroup(CS_GRP_JUMP) || cp.InGroup(CS_GRP_RET) || cp.InGroup(CS_GRP_CALL))
|
||||
if(cp.InGroup(CS_GRP_JUMP) || cp.IsLoop() || cp.InGroup(CS_GRP_RET) || cp.InGroup(CS_GRP_CALL))
|
||||
instr->type = instr_branch;
|
||||
else if(strstr(cp.GetInstr()->op_str, "sp") || strstr(cp.GetInstr()->op_str, "bp"))
|
||||
instr->type = instr_stack;
|
||||
|
|
|
|||
|
|
@ -112,7 +112,7 @@ uint FunctionAnalysis::FindFunctionEnd(uint start, uint maxaddr)
|
|||
break;
|
||||
|
||||
const cs_x86_op & operand = _cp.x86().operands[0];
|
||||
if(_cp.InGroup(CS_GRP_JUMP) && operand.type == X86_OP_IMM) //jump
|
||||
if((_cp.InGroup(CS_GRP_JUMP) || _cp.IsLoop()) && operand.type == X86_OP_IMM) //jump
|
||||
{
|
||||
uint dest = (uint)operand.imm;
|
||||
|
||||
|
|
@ -124,7 +124,7 @@ uint FunctionAnalysis::FindFunctionEnd(uint start, uint maxaddr)
|
|||
{
|
||||
fardest = dest;
|
||||
}
|
||||
else if(end && dest < end && _cp.GetId() == X86_INS_JMP) //save the last JMP backwards
|
||||
else if(end && dest < end && (_cp.GetId() == X86_INS_JMP || _cp.GetId() == X86_INS_LOOP)) //save the last JMP backwards
|
||||
{
|
||||
jumpback = addr;
|
||||
}
|
||||
|
|
@ -149,7 +149,7 @@ uint FunctionAnalysis::GetReferenceOperand()
|
|||
for(int i = 0; i < _cp.x86().op_count; i++)
|
||||
{
|
||||
const cs_x86_op & operand = _cp.x86().operands[i];
|
||||
if(_cp.InGroup(CS_GRP_JUMP)) //skip jumps
|
||||
if(_cp.InGroup(CS_GRP_JUMP) || _cp.IsLoop()) //skip jumps/loops
|
||||
continue;
|
||||
if(operand.type == X86_OP_IMM) //we are looking for immediate references
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue