x64dbg
/
zydis
mirror of https://github.com/x64dbg/zydis
1
0
Fork 0
Code Releases Activity

Removed all trailing whitespaces

This commit is contained in:
flobernd 2018-02-28 18:15:18 +01:00
parent dd90a66d99
commit 7d2a3c05ad
No known key found for this signature in database
GPG Key ID: 9C3AE0ED4A969F10
27 changed files with 1032 additions and 1032 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
examples/FormatterHooks.c
View File

@ -27,9 +27,9 @@
/** /**
* @file * @file
* @brief Demonstrates the hooking functionality of the @c ZydisFormatter class. * @brief Demonstrates the hooking functionality of the @c ZydisFormatter class.
* *
* This example demonstrates the hooking functionality of the @c ZydisFormatter class by * This example demonstrates the hooking functionality of the @c ZydisFormatter class by
* rewriting the mnemonics of (V)CMPPS and (V)CMPPD to their corresponding alias-forms (based on * rewriting the mnemonics of (V)CMPPS and (V)CMPPD to their corresponding alias-forms (based on
* the condition encoded in the immediate operand). * the condition encoded in the immediate operand).
*/ */
@ -49,8 +49,8 @@
* @param string A pointer to the string. * @param string A pointer to the string.
* @param format The format string. * @param format The format string.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given text. * sufficient to append the given text.
*/ */
ZYDIS_INLINE ZydisStatus ZydisStringAppendFormatC(ZydisString* string, const char* format, ...) ZYDIS_INLINE ZydisStatus ZydisStringAppendFormatC(ZydisString* string, const char* format, ...)
@ -62,7 +62,7 @@ ZYDIS_INLINE ZydisStatus ZydisStringAppendFormatC(ZydisString* string, const cha
va_list arglist; va_list arglist;
va_start(arglist, format); va_start(arglist, format);
const int w = vsnprintf(string->buffer + string->length, string->capacity - string->length, const int w = vsnprintf(string->buffer + string->length, string->capacity - string->length,
format, arglist); format, arglist);
if ((w < 0) || ((size_t)w > string->capacity - string->length)) if ((w < 0) || ((size_t)w > string->capacity - string->length))
{ {
@ -84,36 +84,36 @@ ZYDIS_INLINE ZydisStatus ZydisStringAppendFormatC(ZydisString* string, const cha
static const char* conditionCodeStrings[0x20] = static const char* conditionCodeStrings[0x20] =
{ {
/*00*/ "eq", /*00*/ "eq",
/*01*/ "lt", /*01*/ "lt",
/*02*/ "le", /*02*/ "le",
/*03*/ "unord", /*03*/ "unord",
/*04*/ "neq", /*04*/ "neq",
/*05*/ "nlt", /*05*/ "nlt",
/*06*/ "nle", /*06*/ "nle",
/*07*/ "ord", /*07*/ "ord",
/*08*/ "eq_uq", /*08*/ "eq_uq",
/*09*/ "nge", /*09*/ "nge",
/*0A*/ "ngt", /*0A*/ "ngt",
/*0B*/ "false", /*0B*/ "false",
/*0C*/ "oq", /*0C*/ "oq",
/*0D*/ "ge", /*0D*/ "ge",
/*0E*/ "gt", /*0E*/ "gt",
/*0F*/ "true", /*0F*/ "true",
/*10*/ "eq_os", /*10*/ "eq_os",
/*11*/ "lt_oq", /*11*/ "lt_oq",
/*12*/ "le_oq", /*12*/ "le_oq",
/*13*/ "unord_s", /*13*/ "unord_s",
/*14*/ "neq_us", /*14*/ "neq_us",
/*15*/ "nlt_uq", /*15*/ "nlt_uq",
/*16*/ "nle_uq", /*16*/ "nle_uq",
/*17*/ "ord_s", /*17*/ "ord_s",
/*18*/ "eq_us", /*18*/ "eq_us",
/*19*/ "nge_uq", /*19*/ "nge_uq",
/*1A*/ "ngt_uq", /*1A*/ "ngt_uq",
/*1B*/ "false_os", /*1B*/ "false_os",
/*1C*/ "neq_os", /*1C*/ "neq_os",
/*1D*/ "ge_oq", /*1D*/ "ge_oq",
/*1E*/ "gt_oq", /*1E*/ "gt_oq",
/*1F*/ "true_us" /*1F*/ "true_us"
}; };
@ -135,7 +135,7 @@ typedef struct ZydisCustomUserData_
ZydisFormatterFunc defaultPrintMnemonic; ZydisFormatterFunc defaultPrintMnemonic;
static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter, static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisCustomUserData* userData) ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisCustomUserData* userData)
{ {
// We use the user-data to pass data to the @c ZydisFormatterFormatOperandImm function // We use the user-data to pass data to the @c ZydisFormatterFormatOperandImm function
@ -143,8 +143,8 @@ static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
// Rewrite the instruction-mnemonic for the given instructions // Rewrite the instruction-mnemonic for the given instructions
if (instruction->operands[instruction->operandCount - 1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE) if (instruction->operands[instruction->operandCount - 1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE)
{ {
const ZydisU8 conditionCode = const ZydisU8 conditionCode =
(ZydisU8)instruction->operands[instruction->operandCount - 1].imm.value.u; (ZydisU8)instruction->operands[instruction->operandCount - 1].imm.value.u;
switch (instruction->mnemonic) switch (instruction->mnemonic)
{ {
@ -162,7 +162,7 @@ static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
string, "cmp%spd", conditionCodeStrings[conditionCode]); string, "cmp%spd", conditionCodeStrings[conditionCode]);
} }
break; break;
case ZYDIS_MNEMONIC_VCMPPS: case ZYDIS_MNEMONIC_VCMPPS:
if (conditionCode < 0x20) if (conditionCode < 0x20)
{ {
return ZydisStringAppendFormatC( return ZydisStringAppendFormatC(
@ -181,12 +181,12 @@ static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
} }
} }
// We did not rewrite the instruction-mnemonic. Signal the @c ZydisFormatterFormatOperandImm // We did not rewrite the instruction-mnemonic. Signal the @c ZydisFormatterFormatOperandImm
// function not to omit the operand // function not to omit the operand
userData->ommitImmediate = ZYDIS_FALSE; userData->ommitImmediate = ZYDIS_FALSE;
// Default mnemonic printing // Default mnemonic printing
return defaultPrintMnemonic(formatter, string, instruction, userData); return defaultPrintMnemonic(formatter, string, instruction, userData);
} }
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
@ -194,14 +194,14 @@ static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
ZydisFormatterOperandFunc defaultFormatOperandImm; ZydisFormatterOperandFunc defaultFormatOperandImm;
static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisFormatter* formatter, static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisCustomUserData* userData) const ZydisDecodedOperand* operand, ZydisCustomUserData* userData)
{ {
// The @c ZydisFormatterFormatMnemonic sinals us to omit the immediate (condition-code) // The @c ZydisFormatterFormatMnemonic sinals us to omit the immediate (condition-code)
// operand, because it got replaced by the alias-mnemonic // operand, because it got replaced by the alias-mnemonic
if (userData->ommitImmediate) if (userData->ommitImmediate)
{ {
return ZYDIS_STATUS_SKIP_OPERAND; return ZYDIS_STATUS_SKIP_OPERAND;
} }
// Default immediate formatting // Default immediate formatting
@ -214,7 +214,7 @@ static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisFormatter* formatte
/* Helper functions */ /* Helper functions */
/* ============================================================================================== */ /* ============================================================================================== */
void disassembleBuffer(ZydisDecoder* decoder, ZydisU8* data, ZydisUSize length, void disassembleBuffer(ZydisDecoder* decoder, ZydisU8* data, ZydisUSize length,
ZydisBool installHooks) ZydisBool installHooks)
{ {
ZydisFormatter formatter; ZydisFormatter formatter;
@ -225,10 +225,10 @@ void disassembleBuffer(ZydisDecoder* decoder, ZydisU8* data, ZydisUSize length,
if (installHooks) if (installHooks)
{ {
defaultPrintMnemonic = (ZydisFormatterFunc)&ZydisFormatterPrintMnemonic; defaultPrintMnemonic = (ZydisFormatterFunc)&ZydisFormatterPrintMnemonic;
ZydisFormatterSetHook(&formatter, ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC, ZydisFormatterSetHook(&formatter, ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC,
(const void**)&defaultPrintMnemonic); (const void**)&defaultPrintMnemonic);
defaultFormatOperandImm = (ZydisFormatterOperandFunc)&ZydisFormatterFormatOperandImm; defaultFormatOperandImm = (ZydisFormatterOperandFunc)&ZydisFormatterFormatOperandImm;
ZydisFormatterSetHook(&formatter, ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM, ZydisFormatterSetHook(&formatter, ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM,
(const void**)&defaultFormatOperandImm); (const void**)&defaultFormatOperandImm);
} }
@ -245,9 +245,9 @@ void disassembleBuffer(ZydisDecoder* decoder, ZydisU8* data, ZydisUSize length,
instructionPointer += instruction.length; instructionPointer += instruction.length;
printf("%016" PRIX64 " ", instruction.instrAddress); printf("%016" PRIX64 " ", instruction.instrAddress);
ZydisFormatterFormatInstructionEx( ZydisFormatterFormatInstructionEx(
&formatter, &instruction, &buffer[0], sizeof(buffer), &userData); &formatter, &instruction, &buffer[0], sizeof(buffer), &userData);
printf(" %s\n", &buffer[0]); printf(" %s\n", &buffer[0]);
} }
} }
/* ============================================================================================== */ /* ============================================================================================== */
@ -262,10 +262,10 @@ int main()
return EXIT_FAILURE; return EXIT_FAILURE;
} }
ZydisU8 data[] = ZydisU8 data[] =
{ {
// cmpps xmm1, xmm4, 0x03 // cmpps xmm1, xmm4, 0x03
0x0F, 0xC2, 0xCC, 0x03, 0x0F, 0xC2, 0xCC, 0x03,
// vcmppd xmm1, xmm2, xmm3, 0x17 // vcmppd xmm1, xmm2, xmm3, 0x17
0xC5, 0xE9, 0xC2, 0xCB, 0x17, 0xC5, 0xE9, 0xC2, 0xCB, 0x17,

10
examples/ZydisFuzzIn.c
View File

@ -26,7 +26,7 @@
/** /**
* @file * @file
* *
* This file implements a tool that is supposed to be fed as input for fuzzers like AFL, * This file implements a tool that is supposed to be fed as input for fuzzers like AFL,
* reading a control block from stdin, allowing the fuzzer to reach every possible * reading a control block from stdin, allowing the fuzzer to reach every possible
* code-path, testing any possible combination of disassembler configurations. * code-path, testing any possible combination of disassembler configurations.
@ -39,7 +39,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <Zydis/Zydis.h> #include <Zydis/Zydis.h>
typedef struct ZydisFuzzControlBlock_ typedef struct ZydisFuzzControlBlock_
{ {
ZydisMachineMode machineMode; ZydisMachineMode machineMode;
ZydisAddressWidth addressWidth; ZydisAddressWidth addressWidth;
@ -120,13 +120,13 @@ int doIteration()
{ {
case ZYDIS_FORMATTER_PROP_HEX_PREFIX: case ZYDIS_FORMATTER_PROP_HEX_PREFIX:
case ZYDIS_FORMATTER_PROP_HEX_SUFFIX: case ZYDIS_FORMATTER_PROP_HEX_SUFFIX:
controlBlock.formatterProperties[prop] = controlBlock.formatterProperties[prop] =
controlBlock.formatterProperties[prop] ? (uintptr_t)&controlBlock.string : 0; controlBlock.formatterProperties[prop] ? (uintptr_t)&controlBlock.string : 0;
break; break;
default: default:
break; break;
} }
if (!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter, prop, if (!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter, prop,
controlBlock.formatterProperties[prop]))) controlBlock.formatterProperties[prop])))
{ {
ZYDIS_MAYBE_FPUTS("Failed to set formatter-attribute\n", stderr); ZYDIS_MAYBE_FPUTS("Failed to set formatter-attribute\n", stderr);
@ -143,7 +143,7 @@ int doIteration()
ZydisDecodedInstruction instruction; ZydisDecodedInstruction instruction;
ZydisStatus status; ZydisStatus status;
size_t readOffs = 0; size_t readOffs = 0;
while ((status = ZydisDecoderDecodeBuffer(&decoder, readBuf + readOffs, while ((status = ZydisDecoderDecodeBuffer(&decoder, readBuf + readOffs,
numBytesRead - readOffs, readOffs, &instruction)) != ZYDIS_STATUS_NO_MORE_DATA) numBytesRead - readOffs, readOffs, &instruction)) != ZYDIS_STATUS_NO_MORE_DATA)
{ {
if (!ZYDIS_SUCCESS(status)) if (!ZYDIS_SUCCESS(status))

38
examples/ZydisPerfTest.c
View File

@ -166,16 +166,16 @@ uint64_t processBuffer(const char* buffer, size_t length, ZydisBool minimalMode,
ZydisDecoderEnableMode(&decoder, ZYDIS_DECODER_MODE_MINIMAL, minimalMode))) ZydisDecoderEnableMode(&decoder, ZYDIS_DECODER_MODE_MINIMAL, minimalMode)))
{ {
fputs("Failed to adjust decoder-mode\n", stderr); fputs("Failed to adjust decoder-mode\n", stderr);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
ZydisFormatter formatter; ZydisFormatter formatter;
if (format) if (format)
{ {
if (!ZYDIS_SUCCESS(ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL)) || if (!ZYDIS_SUCCESS(ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter, !ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE)) || ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter, !ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE))) ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE)))
{ {
fputs("Failed to initialize instruction-formatter\n", stderr); fputs("Failed to initialize instruction-formatter\n", stderr);
@ -188,7 +188,7 @@ uint64_t processBuffer(const char* buffer, size_t length, ZydisBool minimalMode,
ZydisStatus status; ZydisStatus status;
ZydisDecodedInstruction instruction; ZydisDecodedInstruction instruction;
char formatBuffer[256]; char formatBuffer[256];
while ((status = ZydisDecoderDecodeBuffer(&decoder, buffer + offset, length - offset, offset, while ((status = ZydisDecoderDecodeBuffer(&decoder, buffer + offset, length - offset, offset,
&instruction)) != ZYDIS_STATUS_NO_MORE_DATA) &instruction)) != ZYDIS_STATUS_NO_MORE_DATA)
{ {
ZYDIS_ASSERT(ZYDIS_SUCCESS(status)); ZYDIS_ASSERT(ZYDIS_SUCCESS(status));
@ -202,10 +202,10 @@ uint64_t processBuffer(const char* buffer, size_t length, ZydisBool minimalMode,
{ {
ZydisFormatterFormatInstruction( ZydisFormatterFormatInstruction(
&formatter, &instruction, formatBuffer, sizeof(formatBuffer)); &formatter, &instruction, formatBuffer, sizeof(formatBuffer));
} }
offset += instruction.length; offset += instruction.length;
} }
return count; return count;
} }
@ -221,8 +221,8 @@ void testPerformance(const char* buffer, size_t length, ZydisBool minimalMode, Z
{ {
count += processBuffer(buffer, length, minimalMode, format); count += processBuffer(buffer, length, minimalMode, format);
} }
printf("Minimal-Mode %d, Formatting %d, Instructions: %6.2fM, Time: %8.2f msec\n", printf("Minimal-Mode %d, Formatting %d, Instructions: %6.2fM, Time: %8.2f msec\n",
minimalMode, format, (double)count / 1000000, GetCounter()); minimalMode, format, (double)count / 1000000, GetCounter());
} }
void generateTestData(FILE* file, uint8_t encoding) void generateTestData(FILE* file, uint8_t encoding)
@ -234,7 +234,7 @@ void generateTestData(FILE* file, uint8_t encoding)
fputs("Failed to initialize decoder\n", stderr); fputs("Failed to initialize decoder\n", stderr);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
uint8_t last = 0; uint8_t last = 0;
uint32_t count = 0; uint32_t count = 0;
ZydisDecodedInstruction instruction; ZydisDecodedInstruction instruction;
@ -308,7 +308,7 @@ void generateTestData(FILE* file, uint8_t encoding)
last = p; last = p;
printf("%3.0d%%\n", p); printf("%3.0d%%\n", p);
} }
} }
} }
} }
@ -337,7 +337,7 @@ int main(int argc, char** argv)
{ {
generate = ZYDIS_TRUE; generate = ZYDIS_TRUE;
} }
const char* directory = argv[2]; const char* directory = argv[2];
static const struct static const struct
{ {
@ -353,7 +353,7 @@ int main(int argc, char** argv)
{ "EVEX" , "enc_evex.dat" }, { "EVEX" , "enc_evex.dat" },
{ "MVEX" , "enc_mvex.dat" } { "MVEX" , "enc_mvex.dat" }
}; };
if (generate) if (generate)
{ {
time_t t; time_t t;
@ -372,7 +372,7 @@ int main(int argc, char** argv)
strncpy(&buf[0], directory, sizeof(buf) - 1); strncpy(&buf[0], directory, sizeof(buf) - 1);
if (generate) if (generate)
{ {
file = fopen(strncat(buf, tests[i].filename, sizeof(buf) - len - 1), "wb"); file = fopen(strncat(buf, tests[i].filename, sizeof(buf) - len - 1), "wb");
} else } else
{ {
file = fopen(strncat(buf, tests[i].filename, sizeof(buf) - len - 1), "rb"); file = fopen(strncat(buf, tests[i].filename, sizeof(buf) - len - 1), "rb");
@ -394,16 +394,16 @@ int main(int argc, char** argv)
void* buffer = malloc(length); void* buffer = malloc(length);
if (!buffer) if (!buffer)
{ {
fprintf(stderr, fprintf(stderr,
"Failed to allocate %" PRIu64 " bytes on the heap", (uint64_t)length); "Failed to allocate %" PRIu64 " bytes on the heap", (uint64_t)length);
goto NextFile2; goto NextFile2;
} }
rewind(file); rewind(file);
if (fread(buffer, 1, length, file) != (size_t)length) if (fread(buffer, 1, length, file) != (size_t)length)
{ {
fprintf(stderr, fprintf(stderr,
"Could not read %" PRIu64 " bytes from file \"%s\"", (uint64_t)length, &buf[0]); "Could not read %" PRIu64 " bytes from file \"%s\"", (uint64_t)length, &buf[0]);
goto NextFile1; goto NextFile1;
} }
@ -413,7 +413,7 @@ int main(int argc, char** argv)
testPerformance(buffer, length, ZYDIS_FALSE, ZYDIS_TRUE ); testPerformance(buffer, length, ZYDIS_FALSE, ZYDIS_TRUE );
puts(""); puts("");
NextFile1: NextFile1:
free(buffer); free(buffer);
} }

10
include/Zydis/CommonTypes.h
View File

@ -54,7 +54,7 @@
typedef ptrdiff_t ZydisISize; typedef ptrdiff_t ZydisISize;
typedef uintptr_t ZydisUPointer; typedef uintptr_t ZydisUPointer;
typedef intptr_t ZydisIPointer; typedef intptr_t ZydisIPointer;
#else #else
// No LibC, use compiler built-in types / macros. // No LibC, use compiler built-in types / macros.
# if defined(ZYDIS_MSVC) # if defined(ZYDIS_MSVC)
typedef unsigned __int8 ZydisU8; typedef unsigned __int8 ZydisU8;
@ -65,18 +65,18 @@
typedef signed __int16 ZydisI16; typedef signed __int16 ZydisI16;
typedef signed __int32 ZydisI32; typedef signed __int32 ZydisI32;
typedef signed __int64 ZydisI64; typedef signed __int64 ZydisI64;
# if _WIN64 # if _WIN64
typedef ZydisU64 ZydisUSize; typedef ZydisU64 ZydisUSize;
typedef ZydisI64 ZydisISize; typedef ZydisI64 ZydisISize;
typedef ZydisU64 ZydisUPointer; typedef ZydisU64 ZydisUPointer;
typedef ZydisI64 ZydisIPointer; typedef ZydisI64 ZydisIPointer;
# else # else
typedef ZydisU32 ZydisUSize; typedef ZydisU32 ZydisUSize;
typedef ZydisI32 ZydisISize; typedef ZydisI32 ZydisISize;
typedef ZydisU32 ZydisUPointer; typedef ZydisU32 ZydisUPointer;
typedef ZydisI32 ZydisIPointer; typedef ZydisI32 ZydisIPointer;
# endif # endif
# elif defined(ZYDIS_GNUC) # elif defined(ZYDIS_GNUC)
typedef __UINT8_TYPE__ ZydisU8; typedef __UINT8_TYPE__ ZydisU8;
typedef __UINT16_TYPE__ ZydisU16; typedef __UINT16_TYPE__ ZydisU16;
typedef __UINT32_TYPE__ ZydisU32; typedef __UINT32_TYPE__ ZydisU32;

72
include/Zydis/Decoder.h
View File

@ -61,76 +61,76 @@ enum ZydisDecoderModes
{ {
/** /**
* @brief Enables minimal instruction decoding without semantic analysis. * @brief Enables minimal instruction decoding without semantic analysis.
* *
* This mode provides access to the mnemonic, the instruction-length, the effective * This mode provides access to the mnemonic, the instruction-length, the effective
* operand-size, the effective address-width, some attributes (e.g. `ZYDIS_ATTRIB_IS_RELATIVE`) * operand-size, the effective address-width, some attributes (e.g. `ZYDIS_ATTRIB_IS_RELATIVE`)
* and all of the information in the `raw` field of the `ZydisDecodedInstruction` struct. * and all of the information in the `raw` field of the `ZydisDecodedInstruction` struct.
* *
* Operands, most attributes and other specific information (like AVX info) are not * Operands, most attributes and other specific information (like AVX info) are not
* accessible in this mode. * accessible in this mode.
* *
* This mode is NOT enabled by default. * This mode is NOT enabled by default.
*/ */
ZYDIS_DECODER_MODE_MINIMAL, ZYDIS_DECODER_MODE_MINIMAL,
/** /**
* @brief Enables the AMD-branch mode. * @brief Enables the AMD-branch mode.
* *
* Intel ignores the operand-size override-prefix (`0x66`) for all branches with 32-bit * Intel ignores the operand-size override-prefix (`0x66`) for all branches with 32-bit
* immediates and forces the operand-size of the instruction to 64-bit in 64-bit mode. * immediates and forces the operand-size of the instruction to 64-bit in 64-bit mode.
* In AMD-branch mode `0x66` is not ignored and changes the operand-size and the size of the * In AMD-branch mode `0x66` is not ignored and changes the operand-size and the size of the
* immediate to 16-bit. * immediate to 16-bit.
* *
* This mode is NOT enabled by default. * This mode is NOT enabled by default.
*/ */
ZYDIS_DECODER_MODE_AMD_BRANCHES, ZYDIS_DECODER_MODE_AMD_BRANCHES,
/** /**
* @brief Enables KNC compatibility-mode. * @brief Enables KNC compatibility-mode.
* *
* KNC and KNL+ chips are sharing opcodes and encodings for some mask-related instructions. * KNC and KNL+ chips are sharing opcodes and encodings for some mask-related instructions.
* Enable this mode to use the old KNC specifications (different mnemonics, operands, ..). * Enable this mode to use the old KNC specifications (different mnemonics, operands, ..).
* *
* This mode is NOT enabled by default. * This mode is NOT enabled by default.
*/ */
ZYDIS_DECODER_MODE_KNC, ZYDIS_DECODER_MODE_KNC,
/** /**
* @brief Enables the MPX mode. * @brief Enables the MPX mode.
* *
* The MPX isa-extension reuses (overrides) some of the widenop instruction opcodes. * The MPX isa-extension reuses (overrides) some of the widenop instruction opcodes.
* *
* This mode is enabled by default. * This mode is enabled by default.
*/ */
ZYDIS_DECODER_MODE_MPX, ZYDIS_DECODER_MODE_MPX,
/** /**
* @brief Enables the CET mode. * @brief Enables the CET mode.
* *
* The CET isa-extension reuses (overrides) some of the widenop instruction opcodes. * The CET isa-extension reuses (overrides) some of the widenop instruction opcodes.
* *
* This mode is enabled by default. * This mode is enabled by default.
*/ */
ZYDIS_DECODER_MODE_CET, ZYDIS_DECODER_MODE_CET,
/** /**
* @brief Enables the LZCNT mode. * @brief Enables the LZCNT mode.
* *
* The LZCNT isa-extension reuses (overrides) some of the widenop instruction opcodes. * The LZCNT isa-extension reuses (overrides) some of the widenop instruction opcodes.
* *
* This mode is enabled by default. * This mode is enabled by default.
*/ */
ZYDIS_DECODER_MODE_LZCNT, ZYDIS_DECODER_MODE_LZCNT,
/** /**
* @brief Enables the TZCNT mode. * @brief Enables the TZCNT mode.
* *
* The TZCNT isa-extension reuses (overrides) some of the widenop instruction opcodes. * The TZCNT isa-extension reuses (overrides) some of the widenop instruction opcodes.
* *
* This mode is enabled by default. * This mode is enabled by default.
*/ */
ZYDIS_DECODER_MODE_TZCNT, ZYDIS_DECODER_MODE_TZCNT,
/** /**
* @brief Enables the WBNOINVD mode. * @brief Enables the WBNOINVD mode.
* *
* The `WBINVD` instruction is interpreted as `WBNOINVD` on ICL chips, if a `F3` prefix is * The `WBINVD` instruction is interpreted as `WBNOINVD` on ICL chips, if a `F3` prefix is
* used. * used.
* *
* This mode is disabled by default. * This mode is disabled by default.
*/ */
ZYDIS_DECODER_MODE_WBNOINVD, ZYDIS_DECODER_MODE_WBNOINVD,
@ -169,7 +169,7 @@ typedef struct ZydisDecoder_
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisDecoderInit(ZydisDecoder* decoder, ZydisMachineMode machineMode, ZYDIS_EXPORT ZydisStatus ZydisDecoderInit(ZydisDecoder* decoder, ZydisMachineMode machineMode,
ZydisAddressWidth addressWidth); ZydisAddressWidth addressWidth);
/** /**
@ -191,13 +191,13 @@ ZYDIS_EXPORT ZydisStatus ZydisDecoderEnableMode(ZydisDecoder* decoder, ZydisDeco
* @param buffer A pointer to the input buffer. * @param buffer A pointer to the input buffer.
* @param bufferLen The length of the input buffer. * @param bufferLen The length of the input buffer.
* @param instructionPointer The instruction-pointer. * @param instructionPointer The instruction-pointer.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct, that receives * @param instruction A pointer to the @c ZydisDecodedInstruction struct, that receives
* the details about the decoded instruction. * the details about the decoded instruction.
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisDecoderDecodeBuffer(const ZydisDecoder* decoder, ZYDIS_EXPORT ZydisStatus ZydisDecoderDecodeBuffer(const ZydisDecoder* decoder,
const void* buffer, ZydisUSize bufferLen, ZydisU64 instructionPointer, const void* buffer, ZydisUSize bufferLen, ZydisU64 instructionPointer,
ZydisDecodedInstruction* instruction); ZydisDecodedInstruction* instruction);
/* ============================================================================================== */ /* ============================================================================================== */

100
include/Zydis/DecoderTypes.h
View File

@ -71,7 +71,7 @@ enum ZydisMemoryOperandTypes
*/ */
ZYDIS_MEMOP_TYPE_AGEN, ZYDIS_MEMOP_TYPE_AGEN,
/** /**
* @brief A memory operand using `SIB` addressing form, where the index register is not used * @brief A memory operand using `SIB` addressing form, where the index register is not used
* in address calculation and scale is ignored. No real memory-access is caused. * in address calculation and scale is ignored. No real memory-access is caused.
*/ */
ZYDIS_MEMOP_TYPE_MIB, ZYDIS_MEMOP_TYPE_MIB,
@ -106,7 +106,7 @@ typedef struct ZydisDecodedOperand_
/** /**
* @brief The operand-action. * @brief The operand-action.
*/ */
ZydisOperandAction action; ZydisOperandAction action;
/** /**
* @brief The operand-encoding. * @brief The operand-encoding.
*/ */
@ -114,7 +114,7 @@ typedef struct ZydisDecodedOperand_
/** /**
* @brief The logical size of the operand (in bits). * @brief The logical size of the operand (in bits).
*/ */
ZydisU16 size; ZydisU16 size;
/** /**
* @brief The element-type. * @brief The element-type.
*/ */
@ -135,7 +135,7 @@ typedef struct ZydisDecodedOperand_
/** /**
* @brief The register value. * @brief The register value.
*/ */
ZydisRegister value; ZydisRegister value;
// TODO: AVX512_4VNNIW MULTISOURCE registers // TODO: AVX512_4VNNIW MULTISOURCE registers
} reg; } reg;
/** /**
@ -181,7 +181,7 @@ typedef struct ZydisDecodedOperand_
/** /**
* @brief Extended info for pointer-operands. * @brief Extended info for pointer-operands.
*/ */
struct struct
{ {
ZydisU16 segment; ZydisU16 segment;
ZydisU32 offset; ZydisU32 offset;
@ -196,17 +196,17 @@ typedef struct ZydisDecodedOperand_
*/ */
ZydisBool isSigned; ZydisBool isSigned;
/** /**
* @brief Signals, if the immediate value contains a relative offset. You can use * @brief Signals, if the immediate value contains a relative offset. You can use
* @c ZydisCalcAbsoluteAddress to determine the absolute address value. * @c ZydisCalcAbsoluteAddress to determine the absolute address value.
*/ */
ZydisBool isRelative; ZydisBool isRelative;
/** /**
* @brief The immediate value. * @brief The immediate value.
*/ */
union union
{ {
ZydisU64 u; ZydisU64 u;
ZydisI64 s; ZydisI64 s;
} value; } value;
} imm; } imm;
} ZydisDecodedOperand; } ZydisDecodedOperand;
@ -271,39 +271,39 @@ typedef ZydisU64 ZydisInstructionAttributes;
#define ZYDIS_ATTRIB_IS_FAR_BRANCH 0x0000001000000000 // (1 << 36) // TODO: rebase #define ZYDIS_ATTRIB_IS_FAR_BRANCH 0x0000001000000000 // (1 << 36) // TODO: rebase
/** /**
* @brief The instruction accepts the lock prefix (0xF0). * @brief The instruction accepts the lock prefix (0xF0).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_LOCK 0x0000000000000200 // (1 << 9) #define ZYDIS_ATTRIB_ACCEPTS_LOCK 0x0000000000000200 // (1 << 9)
/** /**
* @brief The instruction accepts the rep prefix (0xF3). * @brief The instruction accepts the rep prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_REP 0x0000000000000400 // (1 << 10) #define ZYDIS_ATTRIB_ACCEPTS_REP 0x0000000000000400 // (1 << 10)
/** /**
* @brief The instruction accepts the repe/repz prefix (0xF3). * @brief The instruction accepts the repe/repz prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_REPE 0x0000000000000800 // (1 << 11) #define ZYDIS_ATTRIB_ACCEPTS_REPE 0x0000000000000800 // (1 << 11)
/** /**
* @brief The instruction accepts the repe/repz prefix (0xF3). * @brief The instruction accepts the repe/repz prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_REPZ 0x0000000000000800 // (1 << 11) #define ZYDIS_ATTRIB_ACCEPTS_REPZ 0x0000000000000800 // (1 << 11)
/** /**
* @brief The instruction accepts the repne/repnz prefix (0xF2). * @brief The instruction accepts the repne/repnz prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_REPNE 0x0000000000001000 // (1 << 12) #define ZYDIS_ATTRIB_ACCEPTS_REPNE 0x0000000000001000 // (1 << 12)
/** /**
* @brief The instruction accepts the repne/repnz prefix (0xF2). * @brief The instruction accepts the repne/repnz prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_REPNZ 0x0000000000001000 // (1 << 12) #define ZYDIS_ATTRIB_ACCEPTS_REPNZ 0x0000000000001000 // (1 << 12)
/** /**
* @brief The instruction accepts the bound prefix (0xF2). * @brief The instruction accepts the bound prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_BOUND 0x0000000000002000 // (1 << 13) #define ZYDIS_ATTRIB_ACCEPTS_BOUND 0x0000000000002000 // (1 << 13)
/** /**
* @brief The instruction accepts the xacquire prefix (0xF2). * @brief The instruction accepts the xacquire prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_XACQUIRE 0x0000000000004000 // (1 << 14) #define ZYDIS_ATTRIB_ACCEPTS_XACQUIRE 0x0000000000004000 // (1 << 14)
/** /**
* @brief The instruction accepts the xrelease prefix (0xF3). * @brief The instruction accepts the xrelease prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_XRELEASE 0x0000000000008000 // (1 << 15) #define ZYDIS_ATTRIB_ACCEPTS_XRELEASE 0x0000000000008000 // (1 << 15)
/** /**
@ -320,47 +320,47 @@ typedef ZydisU64 ZydisInstructionAttributes;
*/ */
#define ZYDIS_ATTRIB_ACCEPTS_SEGMENT 0x0000000000040000 // (1 << 18) #define ZYDIS_ATTRIB_ACCEPTS_SEGMENT 0x0000000000040000 // (1 << 18)
/** /**
* @brief The instruction has the lock prefix (0xF0). * @brief The instruction has the lock prefix (0xF0).
*/ */
#define ZYDIS_ATTRIB_HAS_LOCK 0x0000000000080000 // (1 << 19) #define ZYDIS_ATTRIB_HAS_LOCK 0x0000000000080000 // (1 << 19)
/** /**
* @brief The instruction has the rep prefix (0xF3). * @brief The instruction has the rep prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_HAS_REP 0x0000000000100000 // (1 << 20) #define ZYDIS_ATTRIB_HAS_REP 0x0000000000100000 // (1 << 20)
/** /**
* @brief The instruction has the repe/repz prefix (0xF3). * @brief The instruction has the repe/repz prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_HAS_REPE 0x0000000000200000 // (1 << 21) #define ZYDIS_ATTRIB_HAS_REPE 0x0000000000200000 // (1 << 21)
/** /**
* @brief The instruction has the repe/repz prefix (0xF3). * @brief The instruction has the repe/repz prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_HAS_REPZ 0x0000000000200000 // (1 << 21) #define ZYDIS_ATTRIB_HAS_REPZ 0x0000000000200000 // (1 << 21)
/** /**
* @brief The instruction has the repne/repnz prefix (0xF2). * @brief The instruction has the repne/repnz prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_HAS_REPNE 0x0000000000400000 // (1 << 22) #define ZYDIS_ATTRIB_HAS_REPNE 0x0000000000400000 // (1 << 22)
/** /**
* @brief The instruction has the repne/repnz prefix (0xF2). * @brief The instruction has the repne/repnz prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_HAS_REPNZ 0x0000000000400000 // (1 << 22) #define ZYDIS_ATTRIB_HAS_REPNZ 0x0000000000400000 // (1 << 22)
/** /**
* @brief The instruction has the bound prefix (0xF2). * @brief The instruction has the bound prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_HAS_BOUND 0x0000000000800000 // (1 << 23) #define ZYDIS_ATTRIB_HAS_BOUND 0x0000000000800000 // (1 << 23)
/** /**
* @brief The instruction has the xacquire prefix (0xF2). * @brief The instruction has the xacquire prefix (0xF2).
*/ */
#define ZYDIS_ATTRIB_HAS_XACQUIRE 0x0000000001000000 // (1 << 24) #define ZYDIS_ATTRIB_HAS_XACQUIRE 0x0000000001000000 // (1 << 24)
/** /**
* @brief The instruction has the xrelease prefix (0xF3). * @brief The instruction has the xrelease prefix (0xF3).
*/ */
#define ZYDIS_ATTRIB_HAS_XRELEASE 0x0000000002000000 // (1 << 25) #define ZYDIS_ATTRIB_HAS_XRELEASE 0x0000000002000000 // (1 << 25)
/** /**
* @brief The instruction has the branch-not-taken hint (0x2E). * @brief The instruction has the branch-not-taken hint (0x2E).
*/ */
#define ZYDIS_ATTRIB_HAS_BRANCH_NOT_TAKEN 0x0000000004000000 // (1 << 26) #define ZYDIS_ATTRIB_HAS_BRANCH_NOT_TAKEN 0x0000000004000000 // (1 << 26)
/** /**
* @brief The instruction has the branch-taken hint (0x3E). * @brief The instruction has the branch-taken hint (0x3E).
*/ */
#define ZYDIS_ATTRIB_HAS_BRANCH_TAKEN 0x0000000008000000 // (1 << 27) #define ZYDIS_ATTRIB_HAS_BRANCH_TAKEN 0x0000000008000000 // (1 << 27)
/** /**
@ -368,35 +368,35 @@ typedef ZydisU64 ZydisInstructionAttributes;
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT 0x00000003F0000000 #define ZYDIS_ATTRIB_HAS_SEGMENT 0x00000003F0000000
/** /**
* @brief The instruction has the CS segment modifier (0x2E). * @brief The instruction has the CS segment modifier (0x2E).
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT_CS 0x0000000010000000 // (1 << 28) #define ZYDIS_ATTRIB_HAS_SEGMENT_CS 0x0000000010000000 // (1 << 28)
/** /**
* @brief The instruction has the SS segment modifier (0x36). * @brief The instruction has the SS segment modifier (0x36).
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT_SS 0x0000000020000000 // (1 << 29) #define ZYDIS_ATTRIB_HAS_SEGMENT_SS 0x0000000020000000 // (1 << 29)
/** /**
* @brief The instruction has the DS segment modifier (0x3E). * @brief The instruction has the DS segment modifier (0x3E).
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT_DS 0x0000000040000000 // (1 << 30) #define ZYDIS_ATTRIB_HAS_SEGMENT_DS 0x0000000040000000 // (1 << 30)
/** /**
* @brief The instruction has the ES segment modifier (0x26). * @brief The instruction has the ES segment modifier (0x26).
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT_ES 0x0000000080000000 // (1 << 31) #define ZYDIS_ATTRIB_HAS_SEGMENT_ES 0x0000000080000000 // (1 << 31)
/** /**
* @brief The instruction has the FS segment modifier (0x64). * @brief The instruction has the FS segment modifier (0x64).
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT_FS 0x0000000100000000 // (1 << 32) #define ZYDIS_ATTRIB_HAS_SEGMENT_FS 0x0000000100000000 // (1 << 32)
/** /**
* @brief The instruction has the GS segment modifier (0x65). * @brief The instruction has the GS segment modifier (0x65).
*/ */
#define ZYDIS_ATTRIB_HAS_SEGMENT_GS 0x0000000200000000 // (1 << 33) #define ZYDIS_ATTRIB_HAS_SEGMENT_GS 0x0000000200000000 // (1 << 33)
/** /**
* @brief The instruction has the operand-size prefix (0x66). * @brief The instruction has the operand-size prefix (0x66).
*/ */
#define ZYDIS_ATTRIB_HAS_OPERANDSIZE 0x0000000400000000 // (1 << 34) // TODO: rename #define ZYDIS_ATTRIB_HAS_OPERANDSIZE 0x0000000400000000 // (1 << 34) // TODO: rename
/** /**
* @brief The instruction has the address-size prefix (0x67). * @brief The instruction has the address-size prefix (0x67).
*/ */
#define ZYDIS_ATTRIB_HAS_ADDRESSSIZE 0x0000000800000000 // (1 << 35) // TODO: rename #define ZYDIS_ATTRIB_HAS_ADDRESSSIZE 0x0000000800000000 // (1 << 35) // TODO: rename
@ -641,7 +641,7 @@ enum ZydisMaskModes
// the `isControlMask` field // the `isControlMask` field
/** /**
* @brief The embedded mask register is used as a merge-mask. This is the default mode for * @brief The embedded mask register is used as a merge-mask. This is the default mode for
* all EVEX/MVEX-instructions. * all EVEX/MVEX-instructions.
*/ */
ZYDIS_MASK_MODE_MERGE, ZYDIS_MASK_MODE_MERGE,
@ -801,7 +801,7 @@ typedef struct ZydisDecodedInstruction_
/** /**
* @brief The instruction-mnemonic. * @brief The instruction-mnemonic.
*/ */
ZydisMnemonic mnemonic; ZydisMnemonic mnemonic;
/** /**
* @brief The length of the decoded instruction. * @brief The length of the decoded instruction.
*/ */
@ -858,8 +858,8 @@ typedef struct ZydisDecodedInstruction_
{ {
/** /**
* @brief The CPU-flag action. * @brief The CPU-flag action.
* *
* You can call `ZydisGetAccessedFlagsByAction` to get a mask with all flags matching a * You can call `ZydisGetAccessedFlagsByAction` to get a mask with all flags matching a
* specific action. * specific action.
*/ */
ZydisCPUFlagAction action; ZydisCPUFlagAction action;
@ -887,7 +887,7 @@ typedef struct ZydisDecodedInstruction_
*/ */
ZydisRegister reg; ZydisRegister reg;
/** /**
* @brief Signals, if the mask-register is used as a control mask. * @brief Signals, if the mask-register is used as a control mask.
*/ */
ZydisBool isControlMask; ZydisBool isControlMask;
} mask; } mask;
@ -898,7 +898,7 @@ typedef struct ZydisDecodedInstruction_
{ {
/** /**
* @brief Signals, if the broadcast is a static broadcast. * @brief Signals, if the broadcast is a static broadcast.
* *
* This is the case for instructions with inbuild broadcast functionality, that is * This is the case for instructions with inbuild broadcast functionality, that is
* always active and not be controlled by a flag in the XOP/VEX/EVEX/MVEX-prefix. * always active and not be controlled by a flag in the XOP/VEX/EVEX/MVEX-prefix.
*/ */
@ -916,7 +916,7 @@ typedef struct ZydisDecodedInstruction_
/** /**
* @brief The AVX rounding-mode. * @brief The AVX rounding-mode.
*/ */
ZydisRoundingMode mode; ZydisRoundingMode mode;
} rounding; } rounding;
/** /**
* @brief Contains info about the AVX register-swizzle (`MVEX` only). * @brief Contains info about the AVX register-swizzle (`MVEX` only).
@ -926,7 +926,7 @@ typedef struct ZydisDecodedInstruction_
/** /**
* @brief The AVX register-swizzle mode (`MVEX` only). * @brief The AVX register-swizzle mode (`MVEX` only).
*/ */
ZydisSwizzleMode mode; ZydisSwizzleMode mode;
} swizzle; } swizzle;
/** /**
* @brief Contains info about the AVX data-conversion (`MVEX` only). * @brief Contains info about the AVX data-conversion (`MVEX` only).
@ -936,7 +936,7 @@ typedef struct ZydisDecodedInstruction_
/** /**
* @brief The AVX data-conversion mode (`MVEX` only). * @brief The AVX data-conversion mode (`MVEX` only).
*/ */
ZydisConversionMode mode; ZydisConversionMode mode;
} conversion; } conversion;
/** /**
* @brief Signals, if the sae functionality is enabled for the instruction. * @brief Signals, if the sae functionality is enabled for the instruction.
@ -971,7 +971,7 @@ typedef struct ZydisDecodedInstruction_
ZydisExceptionClass exceptionClass; ZydisExceptionClass exceptionClass;
} meta; } meta;
/** /**
* @brief Extended info about different instruction-parts like ModRM, SIB or * @brief Extended info about different instruction-parts like ModRM, SIB or
* encoding-prefixes. * encoding-prefixes.
*/ */
struct struct
@ -1024,7 +1024,7 @@ typedef struct ZydisDecodedInstruction_
* @brief Extension of the ModRM.rm, SIB.base, or opcode.reg field. * @brief Extension of the ModRM.rm, SIB.base, or opcode.reg field.
*/ */
ZydisU8 B; ZydisU8 B;
} rex; } rex;
/** /**
* @brief Detailed info about the XOP-prefix. * @brief Detailed info about the XOP-prefix.
*/ */
@ -1299,9 +1299,9 @@ typedef struct ZydisDecodedInstruction_
/** /**
* @brief Signals, if the immediate value is signed. * @brief Signals, if the immediate value is signed.
*/ */
ZydisBool isSigned; ZydisBool isSigned;
/** /**
* @brief Signals, if the immediate value contains a relative offset. You can use * @brief Signals, if the immediate value contains a relative offset. You can use
* @c ZydisCalcAbsoluteAddress to determine the absolute address value. * @c ZydisCalcAbsoluteAddress to determine the absolute address value.
*/ */
ZydisBool isRelative; ZydisBool isRelative;
@ -1309,7 +1309,7 @@ typedef struct ZydisDecodedInstruction_
* @brief The immediate value. * @brief The immediate value.
*/ */
union union
{ {
ZydisU64 u; ZydisU64 u;
ZydisI64 s; ZydisI64 s;
} value; } value;

4
include/Zydis/Defines.h
View File

@ -93,7 +93,7 @@
/* ============================================================================================== */ /* ============================================================================================== */
/* Debug/Release detection */ /* Debug/Release detection */
/* ============================================================================================== */ /* ============================================================================================== */
#if defined(ZYDIS_MSVC) || defined(ZYDIS_BORLAND) #if defined(ZYDIS_MSVC) || defined(ZYDIS_BORLAND)
# ifdef _DEBUG # ifdef _DEBUG
@ -116,7 +116,7 @@
/* ============================================================================================== */ /* ============================================================================================== */
#if defined(ZYDIS_MSVC) || defined(ZYDIS_BORLAND) #if defined(ZYDIS_MSVC) || defined(ZYDIS_BORLAND)
# define ZYDIS_INLINE __inline # define ZYDIS_INLINE __inline
#else #else
# define ZYDIS_INLINE static inline # define ZYDIS_INLINE static inline
#endif #endif

186
include/Zydis/Formatter.h
View File

@ -85,86 +85,86 @@ typedef ZydisU8 ZydisFormatterProperty;
enum ZydisFormatterProperties enum ZydisFormatterProperties
{ {
/** /**
* @brief Controls the letter-case. * @brief Controls the letter-case.
* *
* Pass `ZYDIS_TRUE` as value to format in uppercase and `ZYDIS_FALSE` to format in lowercase. * Pass `ZYDIS_TRUE` as value to format in uppercase and `ZYDIS_FALSE` to format in lowercase.
* *
* The default value is `ZYDIS_FALSE`. * The default value is `ZYDIS_FALSE`.
*/ */
ZYDIS_FORMATTER_PROP_UPPERCASE, ZYDIS_FORMATTER_PROP_UPPERCASE,
/** /**
* @brief Controls the printing of segment prefixes. * @brief Controls the printing of segment prefixes.
* *
* Pass `ZYDIS_TRUE` as value to force the formatter to always print the segment register of * Pass `ZYDIS_TRUE` as value to force the formatter to always print the segment register of
* memory-operands or `ZYDIS_FALSE` to ommit implicit DS/SS segments. * memory-operands or `ZYDIS_FALSE` to ommit implicit DS/SS segments.
* *
* The default value is `ZYDIS_FALSE`. * The default value is `ZYDIS_FALSE`.
*/ */
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_FORMATTER_PROP_FORCE_MEMSEG,
/** /**
* @brief Controls the printing of memory-operand sizes. * @brief Controls the printing of memory-operand sizes.
* *
* Pass `ZYDIS_TRUE` as value to force the formatter to always print the size of memory-operands * Pass `ZYDIS_TRUE` as value to force the formatter to always print the size of memory-operands
* or `ZYDIS_FALSE` to only print it on demand. * or `ZYDIS_FALSE` to only print it on demand.
* *
* The default value is `ZYDIS_FALSE`. * The default value is `ZYDIS_FALSE`.
*/ */
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE,
/** /**
* @brief Controls the format of addresses. * @brief Controls the format of addresses.
* *
* The default value is `ZYDIS_ADDR_FORMAT_ABSOLUTE`. * The default value is `ZYDIS_ADDR_FORMAT_ABSOLUTE`.
*/ */
ZYDIS_FORMATTER_PROP_ADDR_FORMAT, ZYDIS_FORMATTER_PROP_ADDR_FORMAT,
/** /**
* @brief Controls the format of displacement values. * @brief Controls the format of displacement values.
* *
* The default value is `ZYDIS_DISP_FORMAT_HEX_SIGNED`. * The default value is `ZYDIS_DISP_FORMAT_HEX_SIGNED`.
*/ */
ZYDIS_FORMATTER_PROP_DISP_FORMAT, ZYDIS_FORMATTER_PROP_DISP_FORMAT,
/** /**
* @brief Controls the format of immediate values. * @brief Controls the format of immediate values.
* *
* The default value is `ZYDIS_IMM_FORMAT_HEX_UNSIGNED`. * The default value is `ZYDIS_IMM_FORMAT_HEX_UNSIGNED`.
*/ */
ZYDIS_FORMATTER_PROP_IMM_FORMAT, ZYDIS_FORMATTER_PROP_IMM_FORMAT,
/** /**
* @brief Controls the letter-case of hexadecimal values. * @brief Controls the letter-case of hexadecimal values.
* *
* Pass `ZYDIS_TRUE` as value to format in uppercase and `ZYDIS_FALSE` to format in lowercase. * Pass `ZYDIS_TRUE` as value to format in uppercase and `ZYDIS_FALSE` to format in lowercase.
* *
* The default value is `ZYDIS_TRUE`. * The default value is `ZYDIS_TRUE`.
*/ */
ZYDIS_FORMATTER_PROP_HEX_UPPERCASE, ZYDIS_FORMATTER_PROP_HEX_UPPERCASE,
/** /**
* @brief Sets the prefix for hexadecimal values. * @brief Sets the prefix for hexadecimal values.
* *
* The default value is `"0x"`. * The default value is `"0x"`.
*/ */
ZYDIS_FORMATTER_PROP_HEX_PREFIX, ZYDIS_FORMATTER_PROP_HEX_PREFIX,
/** /**
* @brief Sets the suffix for hexadecimal values. * @brief Sets the suffix for hexadecimal values.
* *
* The default value is `NULL`. * The default value is `NULL`.
*/ */
ZYDIS_FORMATTER_PROP_HEX_SUFFIX, ZYDIS_FORMATTER_PROP_HEX_SUFFIX,
/** /**
* @brief Controls the padding (minimum number of chars) of hexadecimal address values. * @brief Controls the padding (minimum number of chars) of hexadecimal address values.
* *
* The default value is `2`. * The default value is `2`.
*/ */
ZYDIS_FORMATTER_PROP_HEX_PADDING_ADDR, ZYDIS_FORMATTER_PROP_HEX_PADDING_ADDR,
/** /**
* @brief Controls the padding (minimum number of chars) of hexadecimal displacement values. * @brief Controls the padding (minimum number of chars) of hexadecimal displacement values.
* *
* The default value is `2`. * The default value is `2`.
*/ */
ZYDIS_FORMATTER_PROP_HEX_PADDING_DISP, ZYDIS_FORMATTER_PROP_HEX_PADDING_DISP,
/** /**
* @brief Controls the padding (minimum number of chars) of hexadecimal immediate values. * @brief Controls the padding (minimum number of chars) of hexadecimal immediate values.
* *
* The default value is `2`. * The default value is `2`.
*/ */
ZYDIS_FORMATTER_PROP_HEX_PADDING_IMM, ZYDIS_FORMATTER_PROP_HEX_PADDING_IMM,
@ -183,20 +183,20 @@ enum ZydisFormatterProperties
* @brief Values that represent address-formats. * @brief Values that represent address-formats.
*/ */
enum ZydisAddressFormat enum ZydisAddressFormat
{ {
/** /**
* @brief Displays absolute addresses instead of relative ones. * @brief Displays absolute addresses instead of relative ones.
* *
* Using this value will cause the formatter to invoke `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` * Using this value will cause the formatter to invoke `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS`
* for every address. * for every address.
*/ */
ZYDIS_ADDR_FORMAT_ABSOLUTE, ZYDIS_ADDR_FORMAT_ABSOLUTE,
/** /**
* @brief Uses signed hexadecimal values to display relative addresses. * @brief Uses signed hexadecimal values to display relative addresses.
* *
* Using this value will cause the formatter to either invoke * Using this value will cause the formatter to either invoke
* `ZYDIS_FORMATTER_HOOK_PRINT_DISP` or `ZYDIS_FORMATTER_HOOK_PRINT_IMM` to format addresses. * `ZYDIS_FORMATTER_HOOK_PRINT_DISP` or `ZYDIS_FORMATTER_HOOK_PRINT_IMM` to format addresses.
* *
* Examples: * Examples:
* - `"JMP 0x20"` * - `"JMP 0x20"`
* - `"JMP -0x20"` * - `"JMP -0x20"`
@ -204,10 +204,10 @@ enum ZydisAddressFormat
ZYDIS_ADDR_FORMAT_RELATIVE_SIGNED, ZYDIS_ADDR_FORMAT_RELATIVE_SIGNED,
/** /**
* @brief Uses unsigned hexadecimal values to display relative addresses. * @brief Uses unsigned hexadecimal values to display relative addresses.
* *
* Using this value will cause the formatter to either invoke * Using this value will cause the formatter to either invoke
* `ZYDIS_FORMATTER_HOOK_PRINT_DISP` or `ZYDIS_FORMATTER_HOOK_PRINT_IMM` to format addresses. * `ZYDIS_FORMATTER_HOOK_PRINT_DISP` or `ZYDIS_FORMATTER_HOOK_PRINT_IMM` to format addresses.
* *
* Examples: * Examples:
* - `"JMP 0x20"` * - `"JMP 0x20"`
* - `"JMP 0xE0"` * - `"JMP 0xE0"`
@ -231,16 +231,16 @@ enum ZydisDisplacementFormat
{ {
/** /**
* @brief Formats displacements as signed hexadecimal values. * @brief Formats displacements as signed hexadecimal values.
* *
* Examples: * Examples:
* - `"MOV EAX, DWORD PTR SS:[ESP+0x400]"` * - `"MOV EAX, DWORD PTR SS:[ESP+0x400]"`
* - `"MOV EAX, DWORD PTR SS:[ESP-0x400]"` * - `"MOV EAX, DWORD PTR SS:[ESP-0x400]"`
*/ */
ZYDIS_DISP_FORMAT_HEX_SIGNED, ZYDIS_DISP_FORMAT_HEX_SIGNED,
/** /**
* @brief Formats displacements as unsigned hexadecimal values. * @brief Formats displacements as unsigned hexadecimal values.
* *
* Examples: * Examples:
* - `"MOV EAX, DWORD PTR SS:[ESP+0x400]"` * - `"MOV EAX, DWORD PTR SS:[ESP+0x400]"`
* - `"MOV EAX, DWORD PTR SS:[ESP+0xFFFFFC00]"` * - `"MOV EAX, DWORD PTR SS:[ESP+0xFFFFFC00]"`
*/ */
@ -268,16 +268,16 @@ enum ZydisImmediateFormat
ZYDIS_IMM_FORMAT_HEX_AUTO, ZYDIS_IMM_FORMAT_HEX_AUTO,
/** /**
* @brief Formats immediates as signed hexadecimal values. * @brief Formats immediates as signed hexadecimal values.
* *
* Examples: * Examples:
* - `"MOV EAX, 0x400"` * - `"MOV EAX, 0x400"`
* - `"MOV EAX, -0x400"` * - `"MOV EAX, -0x400"`
*/ */
ZYDIS_IMM_FORMAT_HEX_SIGNED, ZYDIS_IMM_FORMAT_HEX_SIGNED,
/** /**
* @brief Formats immediates as unsigned hexadecimal values. * @brief Formats immediates as unsigned hexadecimal values.
* *
* Examples: * Examples:
* - `"MOV EAX, 0x400"` * - `"MOV EAX, 0x400"`
* - `"MOV EAX, 0xFFFFFC00"` * - `"MOV EAX, 0xFFFFFC00"`
*/ */
@ -322,10 +322,10 @@ enum ZydisFormatterHookTypes
/** /**
* @brief This function refers to the main formatting function. * @brief This function refers to the main formatting function.
* *
* Replacing this function allows for complete custom formatting, but indirectly disables all * Replacing this function allows for complete custom formatting, but indirectly disables all
* other hooks except for `ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION` and * other hooks except for `ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION` and
* `ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION`. * `ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION`.
*/ */
ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION, ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION,
/** /**
@ -335,8 +335,8 @@ enum ZydisFormatterHookTypes
/** /**
* @brief This function is invoked to format a memory operand. * @brief This function is invoked to format a memory operand.
* *
* Replacing this function might indirectly disable some specific calls to the * Replacing this function might indirectly disable some specific calls to the
* `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE`, `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` and * `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE`, `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` and
* `ZYDIS_FORMATTER_HOOK_PRINT_DISP` functions. * `ZYDIS_FORMATTER_HOOK_PRINT_DISP` functions.
*/ */
ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM, ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM,
@ -347,10 +347,10 @@ enum ZydisFormatterHookTypes
/** /**
* @brief This function is invoked to format an immediate operand. * @brief This function is invoked to format an immediate operand.
* *
* Replacing this function might indirectly disable some specific calls to the * Replacing this function might indirectly disable some specific calls to the
* `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` and `ZYDIS_FORMATTER_HOOK_PRINT_IMM` functions. * `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` and `ZYDIS_FORMATTER_HOOK_PRINT_IMM` functions.
*/ */
ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM, ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM,
/** /**
* @brief This function is invoked to print the instruction mnemonic. * @brief This function is invoked to print the instruction mnemonic.
@ -376,13 +376,13 @@ enum ZydisFormatterHookTypes
/** /**
* @brief This function is invoked to print the size of a memory operand. * @brief This function is invoked to print the size of a memory operand.
*/ */
ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE, ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE,
/** /**
* @brief This function is invoked to print the instruction prefixes. * @brief This function is invoked to print the instruction prefixes.
*/ */
ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES, ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES,
/** /**
* @brief This function is invoked after formatting an operand to print a `EVEX`/`MVEX` * @brief This function is invoked after formatting an operand to print a `EVEX`/`MVEX`
* decorator. * decorator.
*/ */
ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR, ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR,
@ -452,20 +452,20 @@ typedef struct ZydisFormatter_ ZydisFormatter;
* @param string A pointer to the string. * @param string A pointer to the string.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct. * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param userData A pointer to user-defined data. * @param userData A pointer to user-defined data.
* *
* @return A zydis status code. * @return A zydis status code.
* *
* Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the formatting * Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the formatting
* process to fail. * process to fail.
* *
* This function type is used for: * This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION` * - `ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION`
* - `ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION` * - `ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION` * - `ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION`
* - `ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC` * - `ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC`
* - `ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES` * - `ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES`
*/ */
typedef ZydisStatus (*ZydisFormatterFunc)(const ZydisFormatter* formatter, typedef ZydisStatus (*ZydisFormatterFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, void* userData); ZydisString* string, const ZydisDecodedInstruction* instruction, void* userData);
/** /**
@ -476,20 +476,20 @@ typedef ZydisStatus (*ZydisFormatterFunc)(const ZydisFormatter* formatter,
* @param instruction A pointer to the `ZydisDecodedInstruction` struct. * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param operand A pointer to the `ZydisDecodedOperand` struct. * @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param userData A pointer to user-defined data. * @param userData A pointer to user-defined data.
* *
* @return A zydis status code. * @return A zydis status code.
* *
* Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the formatting * Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the formatting
* process to fail (see exceptions below). * process to fail (see exceptions below).
* *
* Returning `ZYDIS_STATUS_SKIP_OPERAND` is valid for `ZYDIS_FORMATTER_HOOK_PRE_OPERAND`, * Returning `ZYDIS_STATUS_SKIP_OPERAND` is valid for `ZYDIS_FORMATTER_HOOK_PRE_OPERAND`,
* `ZYDIS_FORMATTER_HOOK_POST_OPERAND` and all of the `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_XXX` * `ZYDIS_FORMATTER_HOOK_POST_OPERAND` and all of the `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_XXX`
* callbacks. This will cause the formatter to omit the current operand. * callbacks. This will cause the formatter to omit the current operand.
* *
* DEPRECATED: * DEPRECATED:
* Returning `ZYDIS_STATUS_SUCCESS` without writing to the string is valid for * Returning `ZYDIS_STATUS_SUCCESS` without writing to the string is valid for
* `ZYDIS_FORMATTER_HOOK_PRE_OPERAND`, `ZYDIS_FORMATTER_HOOK_POST_OPERAND` and all of the * `ZYDIS_FORMATTER_HOOK_PRE_OPERAND`, `ZYDIS_FORMATTER_HOOK_POST_OPERAND` and all of the
* `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_XXX`. This will cause the formatter to omit the current * `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_XXX`. This will cause the formatter to omit the current
* operand. * operand.
* *
* This function type is used for: * This function type is used for:
@ -497,14 +497,14 @@ typedef ZydisStatus (*ZydisFormatterFunc)(const ZydisFormatter* formatter,
* - `ZYDIS_FORMATTER_HOOK_POST_OPERAND` * - `ZYDIS_FORMATTER_HOOK_POST_OPERAND`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_REG` * - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_REG`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM` * - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_PTR` * - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_PTR`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM` * - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM`
* - `ZYDIS_FORMATTER_HOOK_PRINT_DISP` * - `ZYDIS_FORMATTER_HOOK_PRINT_DISP`
* - `ZYDIS_FORMATTER_HOOK_PRINT_IMM` * - `ZYDIS_FORMATTER_HOOK_PRINT_IMM`
* - `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE` * - `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE`
*/ */
typedef ZydisStatus (*ZydisFormatterOperandFunc)(const ZydisFormatter* formatter, typedef ZydisStatus (*ZydisFormatterOperandFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, void* userData); const ZydisDecodedOperand* operand, void* userData);
/** /**
@ -516,15 +516,15 @@ typedef ZydisStatus (*ZydisFormatterOperandFunc)(const ZydisFormatter* formatter
* @param operand A pointer to the `ZydisDecodedOperand` struct. * @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param reg The register. * @param reg The register.
* @param userData A pointer to user-defined data. * @param userData A pointer to user-defined data.
* *
* @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the * @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the
* formatting process to fail. * formatting process to fail.
* *
* This function type is used for: * This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRINT_REGISTER`. * - `ZYDIS_FORMATTER_HOOK_PRINT_REGISTER`.
*/ */
typedef ZydisStatus (*ZydisFormatterRegisterFunc)(const ZydisFormatter* formatter, typedef ZydisStatus (*ZydisFormatterRegisterFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisRegister reg, void* userData); const ZydisDecodedOperand* operand, ZydisRegister reg, void* userData);
/** /**
@ -536,15 +536,15 @@ typedef ZydisStatus (*ZydisFormatterRegisterFunc)(const ZydisFormatter* formatte
* @param operand A pointer to the `ZydisDecodedOperand` struct. * @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param address The address. * @param address The address.
* @param userData A pointer to user-defined data. * @param userData A pointer to user-defined data.
* *
* @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the * @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the
* formatting process to fail. * formatting process to fail.
* *
* This function type is used for: * This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` * - `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS`
*/ */
typedef ZydisStatus (*ZydisFormatterAddressFunc)(const ZydisFormatter* formatter, typedef ZydisStatus (*ZydisFormatterAddressFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisU64 address, void* userData); const ZydisDecodedOperand* operand, ZydisU64 address, void* userData);
/** /**
@ -556,15 +556,15 @@ typedef ZydisStatus (*ZydisFormatterAddressFunc)(const ZydisFormatter* formatter
* @param operand A pointer to the `ZydisDecodedOperand` struct. * @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param decorator The decorator type. * @param decorator The decorator type.
* @param userData A pointer to user-defined data. * @param userData A pointer to user-defined data.
* *
* @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the * @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the
* formatting process to fail. * formatting process to fail.
* *
* This function type is used for: * This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR` * - `ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR`
*/ */
typedef ZydisStatus (*ZydisFormatterDecoratorFunc)(const ZydisFormatter* formatter, typedef ZydisStatus (*ZydisFormatterDecoratorFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisDecoratorType decorator, void* userData); const ZydisDecodedOperand* operand, ZydisDecoratorType decorator, void* userData);
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
@ -603,7 +603,7 @@ struct ZydisFormatter_
ZydisFormatterRegisterFunc funcPrintRegister; ZydisFormatterRegisterFunc funcPrintRegister;
ZydisFormatterAddressFunc funcPrintAddress; ZydisFormatterAddressFunc funcPrintAddress;
ZydisFormatterOperandFunc funcPrintDisp; ZydisFormatterOperandFunc funcPrintDisp;
ZydisFormatterOperandFunc funcPrintImm; ZydisFormatterOperandFunc funcPrintImm;
ZydisFormatterOperandFunc funcPrintMemSize; ZydisFormatterOperandFunc funcPrintMemSize;
ZydisFormatterFunc funcPrintPrefixes; ZydisFormatterFunc funcPrintPrefixes;
ZydisFormatterDecoratorFunc funcPrintDecorator; ZydisFormatterDecoratorFunc funcPrintDecorator;
@ -647,11 +647,11 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter,
* and receives the pointer of the currently used function. * and receives the pointer of the currently used function.
* *
* @return A zydis status code. * @return A zydis status code.
* *
* Call this function with `callback` pointing to a `NULL` value to retrieve the currently used * Call this function with `callback` pointing to a `NULL` value to retrieve the currently used
* function without replacing it. * function without replacing it.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter, ZYDIS_EXPORT ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter,
ZydisFormatterHookType hook, const void** callback); ZydisFormatterHookType hook, const void** callback);
/** /**
@ -664,7 +664,7 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter,
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* formatter, ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen); const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen);
/** /**
@ -674,12 +674,12 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* f
* @param instruction A pointer to the `ZydisDecodedInstruction` struct. * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param buffer A pointer to the output buffer. * @param buffer A pointer to the output buffer.
* @param bufferLen The length of the output buffer. * @param bufferLen The length of the output buffer.
* @param userData A pointer to user-defined data which can be used in custom formatter * @param userData A pointer to user-defined data which can be used in custom formatter
* callbacks. * callbacks.
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstructionEx(const ZydisFormatter* formatter, ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstructionEx(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen, void* userData); const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen, void* userData);
/** /**
@ -692,11 +692,11 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstructionEx(const ZydisFormatter*
* @param bufferLen The length of the output buffer. * @param bufferLen The length of the output buffer.
* *
* @return A zydis status code. * @return A zydis status code.
* *
* Use `ZydisFormatterFormatInstruction` or `ZydisFormatterFormatInstructionEx` to format a * Use `ZydisFormatterFormatInstruction` or `ZydisFormatterFormatInstructionEx` to format a
* complete instruction. * complete instruction.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatOperand(const ZydisFormatter* formatter, ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatOperand(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen); const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen);
/** /**
@ -707,16 +707,16 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatOperand(const ZydisFormatter* forma
* @param index The index of the operand to format. * @param index The index of the operand to format.
* @param buffer A pointer to the output buffer. * @param buffer A pointer to the output buffer.
* @param bufferLen The length of the output buffer. * @param bufferLen The length of the output buffer.
* @param userData A pointer to user-defined data which can be used in custom formatter * @param userData A pointer to user-defined data which can be used in custom formatter
* callbacks. * callbacks.
* *
* @return A zydis status code. * @return A zydis status code.
* *
* Use `ZydisFormatterFormatInstruction` or `ZydisFormatterFormatInstructionEx` to format a * Use `ZydisFormatterFormatInstruction` or `ZydisFormatterFormatInstructionEx` to format a
* complete instruction. * complete instruction.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatOperandEx(const ZydisFormatter* formatter, ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatOperandEx(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen, const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen,
void* userData); void* userData);
/* ============================================================================================== */ /* ============================================================================================== */

16
include/Zydis/Internal/DecoderData.h
View File

@ -52,7 +52,7 @@ extern "C" {
/** /**
* @brief Defines the @c ZydisDecoderTreeNodeType datatype. * @brief Defines the @c ZydisDecoderTreeNodeType datatype.
*/ */
typedef ZydisU8 ZydisDecoderTreeNodeType; typedef ZydisU8 ZydisDecoderTreeNodeType;
/** /**
@ -99,7 +99,7 @@ enum ZydisDecoderTreeNodeTypes
ZYDIS_NODETYPE_FILTER_MODRM_MOD_COMPACT = 0x08, ZYDIS_NODETYPE_FILTER_MODRM_MOD_COMPACT = 0x08,
/** /**
* @brief Reference to a ModRM.reg filter. * @brief Reference to a ModRM.reg filter.
*/ */
ZYDIS_NODETYPE_FILTER_MODRM_REG = 0x09, ZYDIS_NODETYPE_FILTER_MODRM_REG = 0x09,
/** /**
* @brief Reference to a ModRM.rm filter. * @brief Reference to a ModRM.rm filter.
@ -221,7 +221,7 @@ typedef ZydisU8 ZydisInstructionEncodingFlags;
/** /**
* @brief The instruction ignores the value of `modrm.mod` and always assumes `modrm.mod == 3` * @brief The instruction ignores the value of `modrm.mod` and always assumes `modrm.mod == 3`
* ("reg, reg" - form). * ("reg, reg" - form).
* *
* Instructions with this flag can't have a SIB byte or a displacement value. * Instructions with this flag can't have a SIB byte or a displacement value.
*/ */
#define ZYDIS_INSTR_ENC_FLAG_FORCE_REG_FORM 0x10 #define ZYDIS_INSTR_ENC_FLAG_FORCE_REG_FORM 0x10
@ -232,7 +232,7 @@ typedef ZydisU8 ZydisInstructionEncodingFlags;
typedef struct ZydisInstructionEncodingInfo_ typedef struct ZydisInstructionEncodingInfo_
{ {
/** /**
* @brief Contains flags with information about the physical instruction-encoding. * @brief Contains flags with information about the physical instruction-encoding.
*/ */
ZydisInstructionEncodingFlags flags; ZydisInstructionEncodingFlags flags;
/** /**
@ -287,20 +287,20 @@ ZYDIS_NO_EXPORT const ZydisDecoderTreeNode* ZydisDecoderTreeGetRootNode(void);
* *
* @param parent The parent node. * @param parent The parent node.
* @param index The index of the child node to retrieve. * @param index The index of the child node to retrieve.
* *
* @return The specified child node. * @return The specified child node.
*/ */
ZYDIS_NO_EXPORT const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode( ZYDIS_NO_EXPORT const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode(
const ZydisDecoderTreeNode* parent, ZydisU16 index); const ZydisDecoderTreeNode* parent, ZydisU16 index);
/** /**
* @brief Returns information about optional instruction parts (like modrm, displacement or * @brief Returns information about optional instruction parts (like modrm, displacement or
* immediates) for the instruction that is linked to the given @c node. * immediates) for the instruction that is linked to the given @c node.
* *
* @param node The instruction definition node. * @param node The instruction definition node.
* @param info A pointer to the @c ZydisInstructionParts struct. * @param info A pointer to the @c ZydisInstructionParts struct.
*/ */
ZYDIS_NO_EXPORT void ZydisGetInstructionEncodingInfo(const ZydisDecoderTreeNode* node, ZYDIS_NO_EXPORT void ZydisGetInstructionEncodingInfo(const ZydisDecoderTreeNode* node,
const ZydisInstructionEncodingInfo** info); const ZydisInstructionEncodingInfo** info);
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */

22
include/Zydis/Internal/SharedData.h
View File

@ -71,9 +71,9 @@ enum ZydisSemanticOperandTypes
ZYDIS_SEMANTIC_OPTYPE_GPR16, ZYDIS_SEMANTIC_OPTYPE_GPR16,
ZYDIS_SEMANTIC_OPTYPE_GPR32, ZYDIS_SEMANTIC_OPTYPE_GPR32,
ZYDIS_SEMANTIC_OPTYPE_GPR64, ZYDIS_SEMANTIC_OPTYPE_GPR64,
ZYDIS_SEMANTIC_OPTYPE_GPR16_32_64, ZYDIS_SEMANTIC_OPTYPE_GPR16_32_64,
ZYDIS_SEMANTIC_OPTYPE_GPR32_32_64, ZYDIS_SEMANTIC_OPTYPE_GPR32_32_64,
ZYDIS_SEMANTIC_OPTYPE_GPR16_32_32, ZYDIS_SEMANTIC_OPTYPE_GPR16_32_32,
ZYDIS_SEMANTIC_OPTYPE_FPR, ZYDIS_SEMANTIC_OPTYPE_FPR,
ZYDIS_SEMANTIC_OPTYPE_MMX, ZYDIS_SEMANTIC_OPTYPE_MMX,
ZYDIS_SEMANTIC_OPTYPE_XMM, ZYDIS_SEMANTIC_OPTYPE_XMM,
@ -141,7 +141,7 @@ typedef struct ZydisOperandDefinition_
ZydisInternalElementType elementType ZYDIS_BITFIELD(5); ZydisInternalElementType elementType ZYDIS_BITFIELD(5);
union union
{ {
ZydisOperandEncoding encoding; ZydisOperandEncoding encoding;
struct struct
{ {
ZydisU8 type ZYDIS_BITFIELD(3); ZydisU8 type ZYDIS_BITFIELD(3);
@ -151,10 +151,10 @@ typedef struct ZydisOperandDefinition_
ZydisU8 id ZYDIS_BITFIELD(6); ZydisU8 id ZYDIS_BITFIELD(6);
} reg; } reg;
} reg; } reg;
struct struct
{ {
ZydisU8 seg ZYDIS_BITFIELD(3); ZydisU8 seg ZYDIS_BITFIELD(3);
ZydisU8 base ZYDIS_BITFIELD(3); ZydisU8 base ZYDIS_BITFIELD(3);
} mem; } mem;
} op; } op;
} ZydisOperandDefinition; } ZydisOperandDefinition;
@ -182,7 +182,7 @@ enum ZydisImplicitMemBase
ZYDIS_IMPLMEM_BASE_ASP, ZYDIS_IMPLMEM_BASE_ASP,
ZYDIS_IMPLMEM_BASE_ABP, ZYDIS_IMPLMEM_BASE_ABP,
ZYDIS_IMPLMEM_BASE_ASI, ZYDIS_IMPLMEM_BASE_ASI,
ZYDIS_IMPLMEM_BASE_ADI ZYDIS_IMPLMEM_BASE_ADI
}; };
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
@ -200,7 +200,7 @@ typedef ZydisU8 ZydisRegisterConstraint;
enum ZydisRegisterConstraints enum ZydisRegisterConstraints
{ {
ZYDIS_REG_CONSTRAINTS_UNUSED, ZYDIS_REG_CONSTRAINTS_UNUSED,
ZYDIS_REG_CONSTRAINTS_NONE, ZYDIS_REG_CONSTRAINTS_NONE,
ZYDIS_REG_CONSTRAINTS_GPR, ZYDIS_REG_CONSTRAINTS_GPR,
ZYDIS_REG_CONSTRAINTS_SR_DEST, ZYDIS_REG_CONSTRAINTS_SR_DEST,
ZYDIS_REG_CONSTRAINTS_SR, ZYDIS_REG_CONSTRAINTS_SR,
@ -489,11 +489,11 @@ enum ZydisVEXStaticBroadcasts
ZYDIS_VEX_STATIC_BROADCAST_NONE, ZYDIS_VEX_STATIC_BROADCAST_NONE,
ZYDIS_VEX_STATIC_BROADCAST_1_TO_2, ZYDIS_VEX_STATIC_BROADCAST_1_TO_2,
ZYDIS_VEX_STATIC_BROADCAST_1_TO_4, ZYDIS_VEX_STATIC_BROADCAST_1_TO_4,
ZYDIS_VEX_STATIC_BROADCAST_1_TO_8, ZYDIS_VEX_STATIC_BROADCAST_1_TO_8,
ZYDIS_VEX_STATIC_BROADCAST_1_TO_16, ZYDIS_VEX_STATIC_BROADCAST_1_TO_16,
ZYDIS_VEX_STATIC_BROADCAST_1_TO_32, ZYDIS_VEX_STATIC_BROADCAST_1_TO_32,
ZYDIS_VEX_STATIC_BROADCAST_2_TO_4, ZYDIS_VEX_STATIC_BROADCAST_2_TO_4,
ZYDIS_VEX_STATIC_BROADCAST_MAX_VALUE = ZYDIS_VEX_STATIC_BROADCAST_2_TO_4 ZYDIS_VEX_STATIC_BROADCAST_MAX_VALUE = ZYDIS_VEX_STATIC_BROADCAST_2_TO_4
}; };
@ -729,10 +729,10 @@ ZYDIS_NO_EXPORT void ZydisGetInstructionDefinition(ZydisInstructionEncoding enco
* @param definition A pointer to the instruction-definition. * @param definition A pointer to the instruction-definition.
* @param operand A pointer to the variable that receives a pointer to the first operand- * @param operand A pointer to the variable that receives a pointer to the first operand-
* definition of the instruction. * definition of the instruction.
* *
* @return The number of operands for the given instruction-definition. * @return The number of operands for the given instruction-definition.
*/ */
ZYDIS_NO_EXPORT ZydisU8 ZydisGetOperandDefinitions(const ZydisInstructionDefinition* definition, ZYDIS_NO_EXPORT ZydisU8 ZydisGetOperandDefinitions(const ZydisInstructionDefinition* definition,
const ZydisOperandDefinition** operand); const ZydisOperandDefinition** operand);
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */

16
include/Zydis/MetaInfo.h
View File

@ -26,7 +26,7 @@
/** /**
* @file * @file
* @brief * @brief
*/ */
#ifndef ZYDIS_METAINFO_H #ifndef ZYDIS_METAINFO_H
@ -43,7 +43,7 @@ extern "C" {
/* Enums and types */ /* Enums and types */
/* ============================================================================================== */ /* ============================================================================================== */
#include <Zydis/Generated/EnumInstructionCategory.h> #include <Zydis/Generated/EnumInstructionCategory.h>
#include <Zydis/Generated/EnumISASet.h> #include <Zydis/Generated/EnumISASet.h>
#include <Zydis/Generated/EnumISAExt.h> #include <Zydis/Generated/EnumISAExt.h>
@ -53,27 +53,27 @@ extern "C" {
/** /**
* @brief Returns the specified instruction category string. * @brief Returns the specified instruction category string.
* *
* @param category The instruction category. * @param category The instruction category.
* *
* @return The instruction category string or @c NULL, if an invalid category was passed. * @return The instruction category string or @c NULL, if an invalid category was passed.
*/ */
ZYDIS_EXPORT const char* ZydisCategoryGetString(ZydisInstructionCategory category); ZYDIS_EXPORT const char* ZydisCategoryGetString(ZydisInstructionCategory category);
/** /**
* @brief Returns the specified isa-set string. * @brief Returns the specified isa-set string.
* *
* @param isaSet The isa-set. * @param isaSet The isa-set.
* *
* @return The isa-set string or @c NULL, if an invalid isa-set was passed. * @return The isa-set string or @c NULL, if an invalid isa-set was passed.
*/ */
ZYDIS_EXPORT const char* ZydisISASetGetString(ZydisISASet isaSet); ZYDIS_EXPORT const char* ZydisISASetGetString(ZydisISASet isaSet);
/** /**
* @brief Returns the specified isa-extension string. * @brief Returns the specified isa-extension string.
* *
* @param isaExt The isa-extension. * @param isaExt The isa-extension.
* *
* @return The isa-extension string or @c NULL, if an invalid isa-extension was passed. * @return The isa-extension string or @c NULL, if an invalid isa-extension was passed.
*/ */
ZYDIS_EXPORT const char* ZydisISAExtGetString(ZydisISAExt isaExt); ZYDIS_EXPORT const char* ZydisISAExtGetString(ZydisISAExt isaExt);

12
include/Zydis/Mnemonic.h
View File

@ -43,7 +43,7 @@ extern "C" {
/* Enums and types */ /* Enums and types */
/* ============================================================================================== */ /* ============================================================================================== */
#include <Zydis/Generated/EnumMnemonic.h> #include <Zydis/Generated/EnumMnemonic.h>
/* ============================================================================================== */ /* ============================================================================================== */
/* Exported functions */ /* Exported functions */
@ -51,20 +51,20 @@ extern "C" {
/** /**
* @brief Returns the specified instruction mnemonic string. * @brief Returns the specified instruction mnemonic string.
* *
* @param mnemonic The mnemonic. * @param mnemonic The mnemonic.
* *
* @return The instruction mnemonic string or @c NULL, if an invalid mnemonic was passed. * @return The instruction mnemonic string or @c NULL, if an invalid mnemonic was passed.
*/ */
ZYDIS_EXPORT const char* ZydisMnemonicGetString(ZydisMnemonic mnemonic); ZYDIS_EXPORT const char* ZydisMnemonicGetString(ZydisMnemonic mnemonic);
/** /**
* @brief Returns the specified instruction mnemonic as `ZydisStaticString`. * @brief Returns the specified instruction mnemonic as `ZydisStaticString`.
* *
* @param mnemonic The mnemonic. * @param mnemonic The mnemonic.
* *
* @return The instruction mnemonic string or @c NULL, if an invalid mnemonic was passed. * @return The instruction mnemonic string or @c NULL, if an invalid mnemonic was passed.
* *
* The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case. * The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case.
*/ */
ZYDIS_EXPORT const ZydisStaticString* ZydisMnemonicGetStaticString(ZydisMnemonic mnemonic); ZYDIS_EXPORT const ZydisStaticString* ZydisMnemonicGetStaticString(ZydisMnemonic mnemonic);

6
include/Zydis/Register.h
View File

@ -143,9 +143,9 @@ enum ZydisRegisterClasses
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
/* Register width */ /* Register width */
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
/** /**
* @brief Defines the @c ZydisRegisterWidth datatype. * @brief Defines the @c ZydisRegisterWidth datatype.
*/ */
typedef ZydisU16 ZydisRegisterWidth; typedef ZydisU16 ZydisRegisterWidth;
@ -217,7 +217,7 @@ ZYDIS_EXPORT const char* ZydisRegisterGetString(ZydisRegister reg);
* @param reg The register. * @param reg The register.
* *
* @return The register string or @c NULL, if an invalid register was passed. * @return The register string or @c NULL, if an invalid register was passed.
* *
* The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case. * The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case.
*/ */
ZYDIS_EXPORT const ZydisStaticString* ZydisRegisterGetStaticString(ZydisRegister reg); ZYDIS_EXPORT const ZydisStaticString* ZydisRegisterGetStaticString(ZydisRegister reg);

8
include/Zydis/SharedTypes.h
View File

@ -274,7 +274,7 @@ enum ZydisOperandVisibilities
{ {
ZYDIS_OPERAND_VISIBILITY_INVALID, ZYDIS_OPERAND_VISIBILITY_INVALID,
/** /**
* @brief The operand is explicitly encoded in the instruction. * @brief The operand is explicitly encoded in the instruction.
*/ */
ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_VISIBILITY_EXPLICIT,
/** /**
@ -340,13 +340,13 @@ enum ZydisOperandActions
* @brief Mask combining all writing access flags. * @brief Mask combining all writing access flags.
*/ */
ZYDIS_OPERAND_ACTION_MASK_WRITE = ZYDIS_OPERAND_ACTION_WRITE | ZYDIS_OPERAND_ACTION_MASK_WRITE = ZYDIS_OPERAND_ACTION_WRITE |
ZYDIS_OPERAND_ACTION_READWRITE | ZYDIS_OPERAND_ACTION_CONDWRITE | ZYDIS_OPERAND_ACTION_READWRITE | ZYDIS_OPERAND_ACTION_CONDWRITE |
ZYDIS_OPERAND_ACTION_READ_CONDWRITE | ZYDIS_OPERAND_ACTION_CONDREAD_WRITE, ZYDIS_OPERAND_ACTION_READ_CONDWRITE | ZYDIS_OPERAND_ACTION_CONDREAD_WRITE,
/** /**
* @brief Mask combining all reading access flags. * @brief Mask combining all reading access flags.
*/ */
ZYDIS_OPERAND_ACTION_MASK_READ = ZYDIS_OPERAND_ACTION_READ | ZYDIS_OPERAND_ACTION_READWRITE | ZYDIS_OPERAND_ACTION_MASK_READ = ZYDIS_OPERAND_ACTION_READ | ZYDIS_OPERAND_ACTION_READWRITE |
ZYDIS_OPERAND_ACTION_CONDREAD | ZYDIS_OPERAND_ACTION_READ_CONDWRITE | ZYDIS_OPERAND_ACTION_CONDREAD | ZYDIS_OPERAND_ACTION_READ_CONDWRITE |
ZYDIS_OPERAND_ACTION_CONDREAD_WRITE, ZYDIS_OPERAND_ACTION_CONDREAD_WRITE,
/** /**

24
include/Zydis/Status.h
View File

@ -78,7 +78,7 @@ enum ZydisStatusCodes
/* ------------------------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------------------------ */
/** /**
* @brief An attempt was made to read data from an input data-source that has no more data * @brief An attempt was made to read data from an input data-source that has no more data
* available. * available.
*/ */
ZYDIS_STATUS_NO_MORE_DATA, ZYDIS_STATUS_NO_MORE_DATA,
@ -86,7 +86,7 @@ enum ZydisStatusCodes
* @brief An general error occured while decoding the current instruction. The instruction * @brief An general error occured while decoding the current instruction. The instruction
* might be undefined. * might be undefined.
*/ */
ZYDIS_STATUS_DECODING_ERROR, ZYDIS_STATUS_DECODING_ERROR,
/** /**
* @brief The instruction exceeded the maximum length of 15 bytes. * @brief The instruction exceeded the maximum length of 15 bytes.
*/ */
@ -97,32 +97,32 @@ enum ZydisStatusCodes
ZYDIS_STATUS_BAD_REGISTER, ZYDIS_STATUS_BAD_REGISTER,
/** /**
* @brief A lock-prefix (F0) was found while decoding an instruction that does not support * @brief A lock-prefix (F0) was found while decoding an instruction that does not support
* locking. * locking.
*/ */
ZYDIS_STATUS_ILLEGAL_LOCK, ZYDIS_STATUS_ILLEGAL_LOCK,
/** /**
* @brief A legacy-prefix (F2, F3, 66) was found while decoding a XOP/VEX/EVEX/MVEX * @brief A legacy-prefix (F2, F3, 66) was found while decoding a XOP/VEX/EVEX/MVEX
* instruction. * instruction.
*/ */
ZYDIS_STATUS_ILLEGAL_LEGACY_PFX, ZYDIS_STATUS_ILLEGAL_LEGACY_PFX,
/** /**
* @brief A rex-prefix was found while decoding a XOP/VEX/EVEX/MVEX instruction. * @brief A rex-prefix was found while decoding a XOP/VEX/EVEX/MVEX instruction.
*/ */
ZYDIS_STATUS_ILLEGAL_REX, ZYDIS_STATUS_ILLEGAL_REX,
/** /**
* @brief An invalid opcode-map value was found while decoding a XOP/VEX/EVEX/MVEX-prefix. * @brief An invalid opcode-map value was found while decoding a XOP/VEX/EVEX/MVEX-prefix.
*/ */
ZYDIS_STATUS_INVALID_MAP, ZYDIS_STATUS_INVALID_MAP,
/** /**
* @brief An error occured while decoding the EVEX-prefix. * @brief An error occured while decoding the EVEX-prefix.
*/ */
ZYDIS_STATUS_MALFORMED_EVEX, ZYDIS_STATUS_MALFORMED_EVEX,
/** /**
* @brief An error occured while decoding the MVEX-prefix. * @brief An error occured while decoding the MVEX-prefix.
*/ */
ZYDIS_STATUS_MALFORMED_MVEX, // TODO: Do we need this? ZYDIS_STATUS_MALFORMED_MVEX, // TODO: Do we need this?
/** /**
* @brief An invalid write-mask was specified for an EVEX/MVEX instruction. * @brief An invalid write-mask was specified for an EVEX/MVEX instruction.
*/ */
ZYDIS_STATUS_INVALID_MASK, ZYDIS_STATUS_INVALID_MASK,
@ -131,7 +131,7 @@ enum ZydisStatusCodes
/* ------------------------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------------------------ */
/** /**
* @brief Returning this status code in operand-related custom formatter callbacks will cause * @brief Returning this status code in operand-related custom formatter callbacks will cause
* the formatter to omit the operand. * the formatter to omit the operand.
*/ */
ZYDIS_STATUS_SKIP_OPERAND, ZYDIS_STATUS_SKIP_OPERAND,
@ -151,7 +151,7 @@ enum ZydisStatusCodes
*/ */
ZYDIS_STATUS_USER = 0x10000000 ZYDIS_STATUS_USER = 0x10000000
// Max value entry intentionally omitted since users might define custom error codes for // Max value entry intentionally omitted since users might define custom error codes for
// formatter hooks. // formatter hooks.
}; };

110
include/Zydis/String.h
View File

@ -42,7 +42,7 @@
/** /**
* @brief Defines the `ZydisString` struct. * @brief Defines the `ZydisString` struct.
*/ */
typedef struct ZydisString_ typedef struct ZydisString_
{ {
/** /**
* @brief The buffer that contains the actual string (0-termination is optional!). * @brief The buffer that contains the actual string (0-termination is optional!).
@ -65,8 +65,8 @@ typedef struct ZydisString_
#pragma pack(push, 1) #pragma pack(push, 1)
/** /**
* @brief Defines the `ZydisStaticString` struct. * @brief Defines the `ZydisStaticString` struct.
* *
* This more compact struct is mainly used for internal string-tables to save up some bytes. * This more compact struct is mainly used for internal string-tables to save up some bytes.
*/ */
typedef struct ZydisStaticString_ typedef struct ZydisStaticString_
@ -128,16 +128,16 @@ enum ZydisLetterCases
/** /**
* @brief Creates a `ZydisString` struct from a static C-string. * @brief Creates a `ZydisString` struct from a static C-string.
* *
* @param string The C-string constant. * @param string The C-string constant.
*/ */
#define ZYDIS_MAKE_STRING(string) \ #define ZYDIS_MAKE_STRING(string) \
{ (char*)string, sizeof(string) - 1, sizeof(string) - 1 } { (char*)string, sizeof(string) - 1, sizeof(string) - 1 }
/** /**
* @brief Creates a `ZydisStaticString` from a static C-string. * @brief Creates a `ZydisStaticString` from a static C-string.
* *
* @param string The C-string constant. * @param string The C-string constant.
*/ */
#define ZYDIS_MAKE_STATIC_STRING(string) \ #define ZYDIS_MAKE_STATIC_STRING(string) \
{ string, sizeof(string) - 1 } { string, sizeof(string) - 1 }
@ -154,19 +154,19 @@ enum ZydisLetterCases
/** /**
* @brief Initializes a `ZydisString` struct with a C-string. * @brief Initializes a `ZydisString` struct with a C-string.
* *
* @param string The string to initialize. * @param string The string to initialize.
* @param text The C-string constant. * @param text The C-string constant.
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringInit(ZydisString* string, char* text); ZYDIS_EXPORT ZydisStatus ZydisStringInit(ZydisString* string, char* text);
/** /**
* @brief Finalizes a `ZydisString` struct by adding a terminating zero byte. * @brief Finalizes a `ZydisString` struct by adding a terminating zero byte.
* *
* @param string The string to finalize. * @param string The string to finalize.
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringFinalize(ZydisString* string); ZYDIS_EXPORT ZydisStatus ZydisStringFinalize(ZydisString* string);
@ -179,8 +179,8 @@ ZYDIS_EXPORT ZydisStatus ZydisStringFinalize(ZydisString* string);
* @param string The string to append to. * @param string The string to append to.
* @param text The string to append. * @param text The string to append.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c text. * sufficient to append the given @c text.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppend(ZydisString* string, const ZydisString* text); ZYDIS_EXPORT ZydisStatus ZydisStringAppend(ZydisString* string, const ZydisString* text);
@ -193,8 +193,8 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppend(ZydisString* string, const ZydisStrin
* @param text The string to append. * @param text The string to append.
* @param letterCase The letter case to use. * @param letterCase The letter case to use.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c text. * sufficient to append the given @c text.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendEx(ZydisString* string, const ZydisString* text, ZYDIS_EXPORT ZydisStatus ZydisStringAppendEx(ZydisString* string, const ZydisString* text,
@ -206,8 +206,8 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppendEx(ZydisString* string, const ZydisStr
* @param string The string to append to. * @param string The string to append to.
* @param text The C-string to append. * @param text The C-string to append.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c text. * sufficient to append the given @c text.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendC(ZydisString* string, const char* text); ZYDIS_EXPORT ZydisStatus ZydisStringAppendC(ZydisString* string, const char* text);
@ -220,11 +220,11 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppendC(ZydisString* string, const char* tex
* @param text The C-string to append. * @param text The C-string to append.
* @param letterCase The letter case to use. * @param letterCase The letter case to use.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c text. * sufficient to append the given @c text.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendExC(ZydisString* string, const char* text, ZYDIS_EXPORT ZydisStatus ZydisStringAppendExC(ZydisString* string, const char* text,
ZydisLetterCase letterCase); ZydisLetterCase letterCase);
/** /**
@ -233,26 +233,26 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppendExC(ZydisString* string, const char* t
* @param string The string to append to. * @param string The string to append to.
* @param text The static-string to append. * @param text The static-string to append.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c text. * sufficient to append the given @c text.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendStatic(ZydisString* string, ZYDIS_EXPORT ZydisStatus ZydisStringAppendStatic(ZydisString* string,
const ZydisStaticString* text, ZydisLetterCase letterCase); const ZydisStaticString* text, ZydisLetterCase letterCase);
/** /**
* @brief Appends the given 'ZydisStaticString' to a `ZydisString`, converting it to the * @brief Appends the given 'ZydisStaticString' to a `ZydisString`, converting it to the
* specified letter-case. * specified letter-case.
* *
* @param string The string to append to. * @param string The string to append to.
* @param text The static-string to append. * @param text The static-string to append.
* @param letterCase The letter case to use. * @param letterCase The letter case to use.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c text. * sufficient to append the given @c text.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendExStatic(ZydisString* string, ZYDIS_EXPORT ZydisStatus ZydisStringAppendExStatic(ZydisString* string,
const ZydisStaticString* text, ZydisLetterCase letterCase); const ZydisStaticString* text, ZydisLetterCase letterCase);
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
@ -260,7 +260,7 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppendExStatic(ZydisString* string,
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
/** /**
* @brief Formats the given unsigned ordinal @c value to its decimal text-representation and * @brief Formats the given unsigned ordinal @c value to its decimal text-representation and
* appends it to the @c string. * appends it to the @c string.
* *
* @param string A pointer to the string. * @param string A pointer to the string.
@ -268,18 +268,18 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppendExStatic(ZydisString* string,
* @param paddingLength Padds the converted value with leading zeros, if the number of chars is * @param paddingLength Padds the converted value with leading zeros, if the number of chars is
* less than the @c paddingLength. * less than the @c paddingLength.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c value. * sufficient to append the given @c value.
* *
* The string-buffer pointer is increased by the number of chars written, if the call was * The string-buffer pointer is increased by the number of chars written, if the call was
* successfull. * successfull.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendDecU(ZydisString* string, ZydisU64 value, ZYDIS_EXPORT ZydisStatus ZydisStringAppendDecU(ZydisString* string, ZydisU64 value,
ZydisU8 paddingLength); ZydisU8 paddingLength);
/** /**
* @brief Formats the given signed ordinal @c value to its decimal text-representation and * @brief Formats the given signed ordinal @c value to its decimal text-representation and
* appends it to the @c string. * appends it to the @c string.
* *
* @param string A pointer to the string. * @param string A pointer to the string.
@ -287,62 +287,62 @@ ZYDIS_EXPORT ZydisStatus ZydisStringAppendDecU(ZydisString* string, ZydisU64 val
* @param paddingLength Padds the converted value with leading zeros, if the number of chars is * @param paddingLength Padds the converted value with leading zeros, if the number of chars is
* less than the @c paddingLength (the sign char is ignored). * less than the @c paddingLength (the sign char is ignored).
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c value. * sufficient to append the given @c value.
* *
* The string-buffer pointer is increased by the number of chars written, if the call was * The string-buffer pointer is increased by the number of chars written, if the call was
* successfull. * successfull.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendDecS(ZydisString* string, ZydisI64 value, ZYDIS_EXPORT ZydisStatus ZydisStringAppendDecS(ZydisString* string, ZydisI64 value,
ZydisU8 paddingLength); ZydisU8 paddingLength);
/** /**
* @brief Formats the given unsigned ordinal @c value to its hexadecimal text-representation and * @brief Formats the given unsigned ordinal @c value to its hexadecimal text-representation and
* appends it to the @c string. * appends it to the @c string.
* *
* @param string A pointer to the string. * @param string A pointer to the string.
* @param value The value. * @param value The value.
* @param paddingLength Padds the converted value with leading zeros, if the number of chars is * @param paddingLength Padds the converted value with leading zeros, if the number of chars is
* less than the @c paddingLength. * less than the @c paddingLength.
* @param uppercase Set @c TRUE to print the hexadecimal value in uppercase letters instead * @param uppercase Set @c TRUE to print the hexadecimal value in uppercase letters instead
* of lowercase ones. * of lowercase ones.
* @param prefix The string to use as prefix or `NULL`, if not needed. * @param prefix The string to use as prefix or `NULL`, if not needed.
* @param suffix The string to use as suffix or `NULL`, if not needed. * @param suffix The string to use as suffix or `NULL`, if not needed.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c value. * sufficient to append the given @c value.
* *
* The string-buffer pointer is increased by the number of chars written, if the call was * The string-buffer pointer is increased by the number of chars written, if the call was
* successfull. * successfull.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendHexU(ZydisString* string, ZydisU64 value, ZYDIS_EXPORT ZydisStatus ZydisStringAppendHexU(ZydisString* string, ZydisU64 value,
ZydisU8 paddingLength, ZydisBool uppercase, const ZydisString* prefix, ZydisU8 paddingLength, ZydisBool uppercase, const ZydisString* prefix,
const ZydisString* suffix); const ZydisString* suffix);
/** /**
* @brief Formats the given signed ordinal @c value to its hexadecimal text-representation and * @brief Formats the given signed ordinal @c value to its hexadecimal text-representation and
* appends it to the @c string. * appends it to the @c string.
* *
* @param string A pointer to the string. * @param string A pointer to the string.
* @param value The value. * @param value The value.
* @param paddingLength Padds the converted value with leading zeros, if the number of chars is * @param paddingLength Padds the converted value with leading zeros, if the number of chars is
* less than the @c paddingLength (the sign char is ignored). * less than the @c paddingLength (the sign char is ignored).
* @param uppercase Set @c TRUE to print the hexadecimal value in uppercase letters instead * @param uppercase Set @c TRUE to print the hexadecimal value in uppercase letters instead
* of lowercase ones. * of lowercase ones.
* @param prefix The string to use as prefix or `NULL`, if not needed. * @param prefix The string to use as prefix or `NULL`, if not needed.
* @param suffix The string to use as suffix or `NULL`, if not needed. * @param suffix The string to use as suffix or `NULL`, if not needed.
* *
* @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or * @return @c ZYDIS_STATUS_SUCCESS, if the function succeeded, or
* @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not * @c ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE, if the size of the buffer was not
* sufficient to append the given @c value. * sufficient to append the given @c value.
* *
* The string-buffer pointer is increased by the number of chars written, if the call was * The string-buffer pointer is increased by the number of chars written, if the call was
* successfull. * successfull.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisStringAppendHexS(ZydisString* string, ZydisI64 value, ZYDIS_EXPORT ZydisStatus ZydisStringAppendHexS(ZydisString* string, ZydisI64 value,
ZydisU8 paddingLength, ZydisBool uppercase, const ZydisString* prefix, ZydisU8 paddingLength, ZydisBool uppercase, const ZydisString* prefix,
const ZydisString* suffix); const ZydisString* suffix);
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */

6
include/Zydis/Utils.h
View File

@ -52,14 +52,14 @@ extern "C" {
* @param address A pointer to the memory that receives the absolute target-address. * @param address A pointer to the memory that receives the absolute target-address.
* *
* @return A zydis status code. * @return A zydis status code.
* *
* You should use this function in the following cases: * You should use this function in the following cases:
* - `IMM` operands with relative address (e.g. `JMP`, `CALL`, ...) * - `IMM` operands with relative address (e.g. `JMP`, `CALL`, ...)
* - `MEM` operands with RIP/EIP-relative address (e.g. `MOV RAX, [RIP+0x12345678]`) * - `MEM` operands with RIP/EIP-relative address (e.g. `MOV RAX, [RIP+0x12345678]`)
* - `MEM` operands with absolute address (e.g. `MOV RAX, [0x12345678]`) * - `MEM` operands with absolute address (e.g. `MOV RAX, [0x12345678]`)
* - The displacement needs to get truncated and zero extended * - The displacement needs to get truncated and zero extended
*/ */
ZYDIS_EXPORT ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction, ZYDIS_EXPORT ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisU64* address); const ZydisDecodedOperand* operand, ZydisU64* address);
/* ============================================================================================== */ /* ============================================================================================== */
@ -75,7 +75,7 @@ ZYDIS_EXPORT ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction*
* *
* @return A zydis status code. * @return A zydis status code.
*/ */
ZYDIS_EXPORT ZydisStatus ZydisGetAccessedFlagsByAction(const ZydisDecodedInstruction* instruction, ZYDIS_EXPORT ZydisStatus ZydisGetAccessedFlagsByAction(const ZydisDecodedInstruction* instruction,
ZydisCPUFlagAction action, ZydisCPUFlagMask* flags); ZydisCPUFlagAction action, ZydisCPUFlagMask* flags);
/* ============================================================================================== */ /* ============================================================================================== */

6
include/Zydis/Zydis.h
View File

@ -39,7 +39,7 @@
#include <Zydis/Formatter.h> #include <Zydis/Formatter.h>
#include <Zydis/MetaInfo.h> #include <Zydis/MetaInfo.h>
#include <Zydis/Mnemonic.h> #include <Zydis/Mnemonic.h>
#include <Zydis/Register.h> #include <Zydis/Register.h>
#include <Zydis/SharedTypes.h> #include <Zydis/SharedTypes.h>
#include <Zydis/Status.h> #include <Zydis/Status.h>
#include <Zydis/String.h> #include <Zydis/String.h>
@ -122,8 +122,8 @@ enum ZydisFeatures
* @brief Returns the zydis version. * @brief Returns the zydis version.
* *
* @return The zydis version. * @return The zydis version.
* *
* Use the macros provided in this file to extract the major, minor, patch and build part from the * Use the macros provided in this file to extract the major, minor, patch and build part from the
* returned version value. * returned version value.
*/ */
ZYDIS_EXPORT ZydisU64 ZydisGetVersion(void); ZYDIS_EXPORT ZydisU64 ZydisGetVersion(void);

774
src/Decoder.c
View File

File diff suppressed because it is too large Load Diff

104
src/DecoderData.c
View File

@ -36,7 +36,7 @@
/** /**
* @brief Contains all XOP-map filters. * @brief Contains all XOP-map filters.
* *
* Index values: * Index values:
* 00 = POP instruction (default encoding) * 00 = POP instruction (default encoding)
* 01 = XOP8 * 01 = XOP8
@ -56,18 +56,18 @@ extern const ZydisDecoderTreeNode filtersXOP[][13];
/** /**
* @brief Contains all VEX-map filters. * @brief Contains all VEX-map filters.
* *
* Index values: * Index values:
* 00 = LES or LDS instruction (default encoding) * 00 = LES or LDS instruction (default encoding)
* 01 = VEX MAP0 * 01 = VEX MAP0
* 02 = 0F * 02 = 0F
* 03 = 0F38 * 03 = 0F38
* 04 = 0F3A * 04 = 0F3A
* 05 = 66 * 05 = 66
* 06 = 66_0F * 06 = 66_0F
* 07 = 66_0F38 * 07 = 66_0F38
* 08 = 66_0F3A * 08 = 66_0F3A
* 09 = F3 * 09 = F3
* 0A = F3_0F * 0A = F3_0F
* 0B = F3_0F38 * 0B = F3_0F38
* 0C = F3_0F3A * 0C = F3_0F3A
@ -80,34 +80,34 @@ extern const ZydisDecoderTreeNode filtersVEX[][17];
/** /**
* @brief Contains all EVEX/MVEX-map filters. * @brief Contains all EVEX/MVEX-map filters.
* *
* Index values: * Index values:
* 00 = BOUND instruction (default encoding) * 00 = BOUND instruction (default encoding)
* 01 = EVEX MAP0 * 01 = EVEX MAP0
* 02 = EVEX 0F * 02 = EVEX 0F
* 03 = EVEX 0F38 * 03 = EVEX 0F38
* 04 = EVEX 0F3A * 04 = EVEX 0F3A
* 05 = EVEX 66 * 05 = EVEX 66
* 06 = EVEX 66_0F * 06 = EVEX 66_0F
* 07 = EVEX 66_0F38 * 07 = EVEX 66_0F38
* 08 = EVEX 66_0F3A * 08 = EVEX 66_0F3A
* 09 = EVEX F3 * 09 = EVEX F3
* 0A = EVEX F3_0F * 0A = EVEX F3_0F
* 0B = EVEX F3_0F38 * 0B = EVEX F3_0F38
* 0C = EVEX F3_0F3A * 0C = EVEX F3_0F3A
* 0D = EVEX EVEX F2 * 0D = EVEX EVEX F2
* 0E = EVEX F2_0F * 0E = EVEX F2_0F
* 0F = EVEX * 0F = EVEX
* 10 = EVEX F2_0F3A * 10 = EVEX F2_0F3A
* 11 = MVEX MAP0 * 11 = MVEX MAP0
* 12 = MVEX 0F * 12 = MVEX 0F
* 13 = MVEX 0F38 * 13 = MVEX 0F38
* 14 = MVEX 0F3A * 14 = MVEX 0F3A
* 15 = MVEX 66 * 15 = MVEX 66
* 16 = MVEX 66_0F * 16 = MVEX 66_0F
* 17 = MVEX 66_0F38 * 17 = MVEX 66_0F38
* 18 = MVEX 66_0F3A * 18 = MVEX 66_0F3A
* 19 = MVEX F3 * 19 = MVEX F3
* 1A = MVEX F3_0F * 1A = MVEX F3_0F
* 1B = MVEX F3_0F38 * 1B = MVEX F3_0F38
* 1C = MVEX F3_0F3A * 1C = MVEX F3_0F3A
@ -120,14 +120,14 @@ extern const ZydisDecoderTreeNode filtersEMVEX[][33];
/** /**
* @brief Contains all opcode filters. * @brief Contains all opcode filters.
* *
* Indexed by the numeric value of the opcode. * Indexed by the numeric value of the opcode.
*/ */
extern const ZydisDecoderTreeNode filtersOpcode[][256]; extern const ZydisDecoderTreeNode filtersOpcode[][256];
/** /**
* @brief Contains all instruction-mode filters. * @brief Contains all instruction-mode filters.
* *
* Index values: * Index values:
* 0 = 16 bit mode * 0 = 16 bit mode
* 1 = 32 bit mode * 1 = 32 bit mode
@ -137,7 +137,7 @@ extern const ZydisDecoderTreeNode filtersMode[][3];
/** /**
* @brief Contains all compacted instruction-mode filters. * @brief Contains all compacted instruction-mode filters.
* *
* Index values: * Index values:
* 0 = 64 bit mode * 0 = 64 bit mode
* 1 = not 64 bit mode * 1 = not 64 bit mode
@ -146,14 +146,14 @@ extern const ZydisDecoderTreeNode filtersModeCompact[][2];
/** /**
* @brief Contains all ModRM.mod filters. * @brief Contains all ModRM.mod filters.
* *
* Indexed by the ordinal value of the ModRM.mod field. * Indexed by the ordinal value of the ModRM.mod field.
*/ */
extern const ZydisDecoderTreeNode filtersModrmMod[][4]; extern const ZydisDecoderTreeNode filtersModrmMod[][4];
/** /**
* @brief Contains all compacted ModRM.mod filters. * @brief Contains all compacted ModRM.mod filters.
* *
* Index values: * Index values:
* 0 = [ModRM.mod == 11] = register * 0 = [ModRM.mod == 11] = register
* 1 = [ModRM.mod == !11] = memory * 1 = [ModRM.mod == !11] = memory
@ -162,70 +162,70 @@ extern const ZydisDecoderTreeNode filtersModrmModCompact[][2];
/** /**
* @brief Contains all ModRM.reg filters. * @brief Contains all ModRM.reg filters.
* *
* Indexed by the numeric value of the ModRM.reg field. * Indexed by the numeric value of the ModRM.reg field.
*/ */
extern const ZydisDecoderTreeNode filtersModrmReg[][8]; extern const ZydisDecoderTreeNode filtersModrmReg[][8];
/** /**
* @brief Contains all ModRM.rm filters. * @brief Contains all ModRM.rm filters.
* *
* Indexed by the numeric value of the ModRM.rm field. * Indexed by the numeric value of the ModRM.rm field.
*/ */
extern const ZydisDecoderTreeNode filtersModrmRm[][8]; extern const ZydisDecoderTreeNode filtersModrmRm[][8];
/** /**
* @brief Contains all mandatory-prefix switch tables. * @brief Contains all mandatory-prefix switch tables.
* *
* Index values: * Index values:
* 0 = ignored (prefixes are not interpreted as mandatory-prefix) * 0 = ignored (prefixes are not interpreted as mandatory-prefix)
* 1 = none * 1 = none
* 2 = 66 * 2 = 66
* 3 = F3 * 3 = F3
* 4 = F2 * 4 = F2
*/ */
extern const ZydisDecoderTreeNode filtersMandatoryPrefix[][5]; extern const ZydisDecoderTreeNode filtersMandatoryPrefix[][5];
/** /**
* @brief Contains all operand-size filters. * @brief Contains all operand-size filters.
* *
* Index values: * Index values:
* 0 = 16 bit * 0 = 16 bit
* 1 = 32 bit * 1 = 32 bit
* 2 = 64 bit * 2 = 64 bit
*/ */
extern const ZydisDecoderTreeNode filtersOperandSize[][3]; extern const ZydisDecoderTreeNode filtersOperandSize[][3];
/** /**
* @brief Contains all address-size filters. * @brief Contains all address-size filters.
* *
* Index values: * Index values:
* 0 = 16 bit * 0 = 16 bit
* 1 = 32 bit * 1 = 32 bit
* 2 = 64 bit * 2 = 64 bit
*/ */
extern const ZydisDecoderTreeNode filtersAddressSize[][3]; extern const ZydisDecoderTreeNode filtersAddressSize[][3];
/** /**
* @brief Contains all vector-length filters. * @brief Contains all vector-length filters.
* *
* Index values: * Index values:
* 0 = 128 bit * 0 = 128 bit
* 1 = 256 bit * 1 = 256 bit
* 2 = 512 bit * 2 = 512 bit
*/ */
extern const ZydisDecoderTreeNode filtersVectorLength[][3]; extern const ZydisDecoderTreeNode filtersVectorLength[][3];
/** /**
* @brief Contains all REX/VEX/EVEX.w filters. * @brief Contains all REX/VEX/EVEX.w filters.
* *
* Indexed by the numeric value of the REX/VEX/EVEX.w field. * Indexed by the numeric value of the REX/VEX/EVEX.w field.
*/ */
extern const ZydisDecoderTreeNode filtersREXW[][2]; extern const ZydisDecoderTreeNode filtersREXW[][2];
/** /**
* @brief Contains all REX/VEX/EVEX.B filters. * @brief Contains all REX/VEX/EVEX.B filters.
* *
* Indexed by the numeric value of the REX/VEX/EVEX.B field. * Indexed by the numeric value of the REX/VEX/EVEX.B field.
*/ */
extern const ZydisDecoderTreeNode filtersREXB[][2]; extern const ZydisDecoderTreeNode filtersREXB[][2];
@ -233,7 +233,7 @@ extern const ZydisDecoderTreeNode filtersREXB[][2];
#ifndef ZYDIS_DISABLE_EVEX #ifndef ZYDIS_DISABLE_EVEX
/** /**
* @brief Contains all EVEX.b filters. * @brief Contains all EVEX.b filters.
* *
* Indexed by the numeric value of the EVEX.b field. * Indexed by the numeric value of the EVEX.b field.
*/ */
extern const ZydisDecoderTreeNode filtersEVEXB[][2]; extern const ZydisDecoderTreeNode filtersEVEXB[][2];
@ -242,7 +242,7 @@ extern const ZydisDecoderTreeNode filtersEVEXB[][2];
#ifndef ZYDIS_DISABLE_MVEX #ifndef ZYDIS_DISABLE_MVEX
/** /**
* @brief Contains all MVEX.E filters. * @brief Contains all MVEX.E filters.
* *
* Indexed by the numeric value of the MVEX.E field. * Indexed by the numeric value of the MVEX.E field.
*/ */
extern const ZydisDecoderTreeNode filtersMVEXE[][2]; extern const ZydisDecoderTreeNode filtersMVEXE[][2];
@ -283,11 +283,11 @@ extern const ZydisDecoderTreeNode filtersMVEXE[][2];
const ZydisDecoderTreeNode* ZydisDecoderTreeGetRootNode(void) const ZydisDecoderTreeNode* ZydisDecoderTreeGetRootNode(void)
{ {
static const ZydisDecoderTreeNode root = { ZYDIS_NODETYPE_FILTER_OPCODE, 0x0000 }; static const ZydisDecoderTreeNode root = { ZYDIS_NODETYPE_FILTER_OPCODE, 0x0000 };
return &root; return &root;
} }
const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode(const ZydisDecoderTreeNode* parent, const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode(const ZydisDecoderTreeNode* parent,
ZydisU16 index) ZydisU16 index)
{ {
switch (parent->type) switch (parent->type)
@ -370,10 +370,10 @@ const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode(const ZydisDecoderTreeN
return &filtersModeTZCNT[parent->value][index]; return &filtersModeTZCNT[parent->value][index];
default: default:
ZYDIS_UNREACHABLE; ZYDIS_UNREACHABLE;
} }
} }
void ZydisGetInstructionEncodingInfo(const ZydisDecoderTreeNode* node, void ZydisGetInstructionEncodingInfo(const ZydisDecoderTreeNode* node,
const ZydisInstructionEncodingInfo** info) const ZydisInstructionEncodingInfo** info)
{ {
ZYDIS_ASSERT(node->type & ZYDIS_NODETYPE_DEFINITION_MASK); ZYDIS_ASSERT(node->type & ZYDIS_NODETYPE_DEFINITION_MASK);

278
src/Formatter.c
View File

@ -36,7 +36,7 @@
/* General */ /* General */
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisFormatInstruction(const ZydisFormatter* formatter, const static ZydisStatus ZydisFormatInstruction(const ZydisFormatter* formatter, const
ZydisDecodedInstruction* instruction, ZydisString* string, void* userData) ZydisDecodedInstruction* instruction, ZydisString* string, void* userData)
{ {
if (formatter->funcPreInstruction) if (formatter->funcPreInstruction)
@ -60,7 +60,7 @@ static ZydisStatus ZydisFormatInstruction(const ZydisFormatter* formatter, const
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, void* userData) const ZydisDecodedInstruction* instruction, void* userData)
{ {
if (!formatter || !string || !instruction) if (!formatter || !string || !instruction)
@ -91,7 +91,7 @@ static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisS
const ZydisUSize strLenPreOperand = string->length; const ZydisUSize strLenPreOperand = string->length;
// Print embedded-mask registers as decorator instead of a regular operand // Print embedded-mask registers as decorator instead of a regular operand
if ((i == 1) && (instruction->operands[i].type == ZYDIS_OPERAND_TYPE_REGISTER) && if ((i == 1) && (instruction->operands[i].type == ZYDIS_OPERAND_TYPE_REGISTER) &&
(instruction->operands[i].encoding == ZYDIS_OPERAND_ENCODING_MASK)) (instruction->operands[i].encoding == ZYDIS_OPERAND_ENCODING_MASK))
{ {
goto SkipOperand; goto SkipOperand;
@ -100,7 +100,7 @@ static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisS
ZydisStatus status; ZydisStatus status;
if (formatter->funcPreOperand) if (formatter->funcPreOperand)
{ {
status = formatter->funcPreOperand(formatter, string, instruction, status = formatter->funcPreOperand(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
if (status == ZYDIS_STATUS_SKIP_OPERAND) if (status == ZYDIS_STATUS_SKIP_OPERAND)
{ {
@ -115,21 +115,21 @@ static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisS
switch (instruction->operands[i].type) switch (instruction->operands[i].type)
{ {
case ZYDIS_OPERAND_TYPE_REGISTER: case ZYDIS_OPERAND_TYPE_REGISTER:
status = formatter->funcFormatOperandReg(formatter, string, instruction, status = formatter->funcFormatOperandReg(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
break; break;
case ZYDIS_OPERAND_TYPE_MEMORY: case ZYDIS_OPERAND_TYPE_MEMORY:
{ {
status = formatter->funcFormatOperandMem(formatter, string, instruction, status = formatter->funcFormatOperandMem(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
break; break;
} }
case ZYDIS_OPERAND_TYPE_POINTER: case ZYDIS_OPERAND_TYPE_POINTER:
status = formatter->funcFormatOperandPtr(formatter, string, instruction, status = formatter->funcFormatOperandPtr(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
break; break;
case ZYDIS_OPERAND_TYPE_IMMEDIATE: case ZYDIS_OPERAND_TYPE_IMMEDIATE:
status = formatter->funcFormatOperandImm(formatter, string, instruction, status = formatter->funcFormatOperandImm(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
break; break;
default: default:
@ -146,7 +146,7 @@ static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisS
if (formatter->funcPostOperand) if (formatter->funcPostOperand)
{ {
status = formatter->funcPostOperand(formatter, string, instruction, status = formatter->funcPostOperand(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
if (status == ZYDIS_STATUS_SKIP_OPERAND) if (status == ZYDIS_STATUS_SKIP_OPERAND)
{ {
@ -157,7 +157,7 @@ static ZydisStatus ZydisFormatInstrIntel(const ZydisFormatter* formatter, ZydisS
return status; return status;
} }
} }
if (strLenPreOperand == string->length) if (strLenPreOperand == string->length)
{ {
SkipOperand: SkipOperand:
@ -166,7 +166,7 @@ SkipOperand:
if (formatter->funcPostOperand) if (formatter->funcPostOperand)
{ {
formatter->funcPostOperand(formatter, string, instruction, formatter->funcPostOperand(formatter, string, instruction,
&instruction->operands[i], userData); &instruction->operands[i], userData);
} }
@ -176,36 +176,36 @@ SkipOperand:
if ((instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_EVEX) || if ((instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_EVEX) ||
(instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX)) (instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX))
{ {
if ((i == 0) && if ((i == 0) &&
(instruction->operands[i + 1].encoding == ZYDIS_OPERAND_ENCODING_MASK)) (instruction->operands[i + 1].encoding == ZYDIS_OPERAND_ENCODING_MASK))
{ {
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_MASK, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_MASK, userData));
} }
if (instruction->operands[i].type == ZYDIS_OPERAND_TYPE_MEMORY) if (instruction->operands[i].type == ZYDIS_OPERAND_TYPE_MEMORY)
{ {
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_BC, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_BC, userData));
if (instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX) if (instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX)
{ {
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_CONVERSION, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_CONVERSION, userData));
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_EH, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_EH, userData));
} }
} else } else
{ {
if ((i == (instruction->operandCount - 1)) || if ((i == (instruction->operandCount - 1)) ||
(instruction->operands[i + 1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE)) (instruction->operands[i + 1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE))
{ {
if (instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX) if (instruction->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX)
{ {
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_SWIZZLE, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_SWIZZLE, userData));
} }
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_RC, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_RC, userData));
ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction, ZYDIS_CHECK(formatter->funcPrintDecorator(formatter, string, instruction,
&instruction->operands[i], ZYDIS_DECORATOR_TYPE_SAE, userData)); &instruction->operands[i], ZYDIS_DECORATOR_TYPE_SAE, userData));
} }
} }
@ -215,7 +215,7 @@ SkipOperand:
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
static ZydisStatus ZydisFormatOperandRegIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisFormatOperandRegIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
if (!operand) if (!operand)
@ -223,11 +223,11 @@ static ZydisStatus ZydisFormatOperandRegIntel(const ZydisFormatter* formatter, Z
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
return formatter->funcPrintRegister(formatter, string, instruction, operand, return formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->reg.value, userData); operand->reg.value, userData);
} }
static ZydisStatus ZydisFormatOperandMemIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisFormatOperandMemIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
if (!formatter || !instruction || !operand) if (!formatter || !instruction || !operand)
@ -243,24 +243,24 @@ static ZydisStatus ZydisFormatOperandMemIntel(const ZydisFormatter* formatter, Z
case ZYDIS_REGISTER_CS: case ZYDIS_REGISTER_CS:
case ZYDIS_REGISTER_FS: case ZYDIS_REGISTER_FS:
case ZYDIS_REGISTER_GS: case ZYDIS_REGISTER_GS:
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->mem.segment, userData)); operand->mem.segment, userData));
ZYDIS_CHECK(ZydisStringAppendC(string, ":")); ZYDIS_CHECK(ZydisStringAppendC(string, ":"));
break; break;
case ZYDIS_REGISTER_SS: case ZYDIS_REGISTER_SS:
if ((formatter->forceMemorySegment) || if ((formatter->forceMemorySegment) ||
(instruction->attributes & ZYDIS_ATTRIB_HAS_SEGMENT_SS)) (instruction->attributes & ZYDIS_ATTRIB_HAS_SEGMENT_SS))
{ {
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->mem.segment, userData)); operand->mem.segment, userData));
ZYDIS_CHECK(ZydisStringAppendC(string, ":")); ZYDIS_CHECK(ZydisStringAppendC(string, ":"));
} }
break; break;
case ZYDIS_REGISTER_DS: case ZYDIS_REGISTER_DS:
if ((formatter->forceMemorySegment) || if ((formatter->forceMemorySegment) ||
(instruction->attributes & ZYDIS_ATTRIB_HAS_SEGMENT_DS)) (instruction->attributes & ZYDIS_ATTRIB_HAS_SEGMENT_DS))
{ {
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->mem.segment, userData)); operand->mem.segment, userData));
ZYDIS_CHECK(ZydisStringAppendC(string, ":")); ZYDIS_CHECK(ZydisStringAppendC(string, ":"));
} }
@ -270,10 +270,10 @@ static ZydisStatus ZydisFormatOperandMemIntel(const ZydisFormatter* formatter, Z
} }
ZYDIS_CHECK(ZydisStringAppendC(string, "[")); ZYDIS_CHECK(ZydisStringAppendC(string, "["));
if (operand->mem.disp.hasDisplacement && ( if (operand->mem.disp.hasDisplacement && (
(operand->mem.base == ZYDIS_REGISTER_NONE) || (operand->mem.base == ZYDIS_REGISTER_NONE) ||
(operand->mem.base == ZYDIS_REGISTER_EIP) || (operand->mem.base == ZYDIS_REGISTER_EIP) ||
(operand->mem.base == ZYDIS_REGISTER_RIP)) && (operand->mem.base == ZYDIS_REGISTER_RIP)) &&
(operand->mem.index == ZYDIS_REGISTER_NONE) && (operand->mem.scale == 0)) (operand->mem.index == ZYDIS_REGISTER_NONE) && (operand->mem.scale == 0))
{ {
@ -283,45 +283,45 @@ static ZydisStatus ZydisFormatOperandMemIntel(const ZydisFormatter* formatter, Z
{ {
ZydisU64 address; ZydisU64 address;
ZYDIS_CHECK(ZydisCalcAbsoluteAddress(instruction, operand, &address)); ZYDIS_CHECK(ZydisCalcAbsoluteAddress(instruction, operand, &address));
ZYDIS_CHECK(formatter->funcPrintAddress(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintAddress(formatter, string, instruction, operand,
address, userData)); address, userData));
} else } else
{ {
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->mem.base, userData)); operand->mem.base, userData));
ZYDIS_CHECK(formatter->funcPrintDisp(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintDisp(formatter, string, instruction, operand,
userData)); userData));
} }
} else } else
{ {
// Regular memory operand // Regular memory operand
if (operand->mem.base != ZYDIS_REGISTER_NONE) if (operand->mem.base != ZYDIS_REGISTER_NONE)
{ {
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->mem.base, userData)); operand->mem.base, userData));
} }
if ((operand->mem.index != ZYDIS_REGISTER_NONE) && if ((operand->mem.index != ZYDIS_REGISTER_NONE) &&
(operand->mem.type != ZYDIS_MEMOP_TYPE_MIB)) (operand->mem.type != ZYDIS_MEMOP_TYPE_MIB))
{ {
if (operand->mem.base != ZYDIS_REGISTER_NONE) if (operand->mem.base != ZYDIS_REGISTER_NONE)
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, "+")); ZYDIS_CHECK(ZydisStringAppendC(string, "+"));
} }
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
operand->mem.index, userData)); operand->mem.index, userData));
if (operand->mem.scale) if (operand->mem.scale)
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, "*")); ZYDIS_CHECK(ZydisStringAppendC(string, "*"));
ZYDIS_CHECK(ZydisStringAppendDecU(string, operand->mem.scale, 0)); ZYDIS_CHECK(ZydisStringAppendDecU(string, operand->mem.scale, 0));
} }
} }
ZYDIS_CHECK(formatter->funcPrintDisp(formatter, string, instruction, operand, userData)); ZYDIS_CHECK(formatter->funcPrintDisp(formatter, string, instruction, operand, userData));
} }
return ZydisStringAppendC(string, "]"); return ZydisStringAppendC(string, "]");
} }
static ZydisStatus ZydisFormatOperandPtrIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisFormatOperandPtrIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(instruction); ZYDIS_UNUSED_PARAMETER(instruction);
@ -332,14 +332,14 @@ static ZydisStatus ZydisFormatOperandPtrIntel(const ZydisFormatter* formatter, Z
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
ZYDIS_CHECK(ZydisStringAppendHexU(string, operand->ptr.segment, 4, ZYDIS_CHECK(ZydisStringAppendHexU(string, operand->ptr.segment, 4,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix)); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix));
ZYDIS_CHECK(ZydisStringAppendC(string, ":")); ZYDIS_CHECK(ZydisStringAppendC(string, ":"));
return ZydisStringAppendHexU(string, operand->ptr.offset, 8, return ZydisStringAppendHexU(string, operand->ptr.offset, 8,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
} }
static ZydisStatus ZydisFormatOperandImmIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisFormatOperandImmIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
if (!formatter || !instruction || !operand) if (!formatter || !instruction || !operand)
@ -357,7 +357,7 @@ static ZydisStatus ZydisFormatOperandImmIntel(const ZydisFormatter* formatter, Z
{ {
ZydisU64 address; ZydisU64 address;
ZYDIS_CHECK(ZydisCalcAbsoluteAddress(instruction, operand, &address)); ZYDIS_CHECK(ZydisCalcAbsoluteAddress(instruction, operand, &address));
return formatter->funcPrintAddress(formatter, string, instruction, operand, address, return formatter->funcPrintAddress(formatter, string, instruction, operand, address,
userData); userData);
} }
case ZYDIS_ADDR_FORMAT_RELATIVE_SIGNED: case ZYDIS_ADDR_FORMAT_RELATIVE_SIGNED:
@ -368,15 +368,15 @@ static ZydisStatus ZydisFormatOperandImmIntel(const ZydisFormatter* formatter, Z
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
if (printSignedHEX) if (printSignedHEX)
{ {
return ZydisStringAppendHexS(string, (ZydisI32)operand->imm.value.s, return ZydisStringAppendHexS(string, (ZydisI32)operand->imm.value.s,
formatter->hexPaddingAddress, formatter->hexUppercase, formatter->hexPrefix, formatter->hexPaddingAddress, formatter->hexUppercase, formatter->hexPrefix,
formatter->hexSuffix); formatter->hexSuffix);
} }
return ZydisStringAppendHexU(string, operand->imm.value.u, return ZydisStringAppendHexU(string, operand->imm.value.u,
formatter->hexPaddingAddress, formatter->hexUppercase, formatter->hexPrefix, formatter->hexPaddingAddress, formatter->hexUppercase, formatter->hexPrefix,
formatter->hexSuffix); formatter->hexSuffix);
} }
@ -386,7 +386,7 @@ static ZydisStatus ZydisFormatOperandImmIntel(const ZydisFormatter* formatter, Z
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisPrintMnemonicIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintMnemonicIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, void* userData) const ZydisDecodedInstruction* instruction, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(userData); ZYDIS_UNUSED_PARAMETER(userData);
@ -402,7 +402,7 @@ static ZydisStatus ZydisPrintMnemonicIntel(const ZydisFormatter* formatter, Zydi
return ZydisStringAppendExC(string, "invalid", formatter->letterCase); return ZydisStringAppendExC(string, "invalid", formatter->letterCase);
} }
ZYDIS_CHECK(ZydisStringAppendExStatic(string, mnemonic, formatter->letterCase)); ZYDIS_CHECK(ZydisStringAppendExStatic(string, mnemonic, formatter->letterCase));
if (instruction->attributes & ZYDIS_ATTRIB_IS_FAR_BRANCH) if (instruction->attributes & ZYDIS_ATTRIB_IS_FAR_BRANCH)
{ {
return ZydisStringAppendExC(string, " far", formatter->letterCase); return ZydisStringAppendExC(string, " far", formatter->letterCase);
@ -411,8 +411,8 @@ static ZydisStatus ZydisPrintMnemonicIntel(const ZydisFormatter* formatter, Zydi
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
static ZydisStatus ZydisPrintRegisterIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintRegisterIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand,
ZydisRegister reg, void* userData) ZydisRegister reg, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(instruction); ZYDIS_UNUSED_PARAMETER(instruction);
@ -432,8 +432,8 @@ static ZydisStatus ZydisPrintRegisterIntel(const ZydisFormatter* formatter, Zydi
return ZydisStringAppendExStatic(string, str, formatter->letterCase); return ZydisStringAppendExStatic(string, str, formatter->letterCase);
} }
static ZydisStatus ZydisPrintAddrIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintAddrIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand,
ZydisU64 address, void* userData) ZydisU64 address, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(operand); ZYDIS_UNUSED_PARAMETER(operand);
@ -447,20 +447,20 @@ static ZydisStatus ZydisPrintAddrIntel(const ZydisFormatter* formatter, ZydisStr
switch (instruction->stackWidth) switch (instruction->stackWidth)
{ {
case 16: case 16:
return ZydisStringAppendHexU(string, (ZydisU16)address, 4, return ZydisStringAppendHexU(string, (ZydisU16)address, 4,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
case 32: case 32:
return ZydisStringAppendHexU(string, (ZydisU32)address, 8, return ZydisStringAppendHexU(string, (ZydisU32)address, 8,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
case 64: case 64:
return ZydisStringAppendHexU(string, address, 16, return ZydisStringAppendHexU(string, address, 16,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
} }
static ZydisStatus ZydisPrintDispIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintDispIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(instruction); ZYDIS_UNUSED_PARAMETER(instruction);
@ -471,31 +471,31 @@ static ZydisStatus ZydisPrintDispIntel(const ZydisFormatter* formatter, ZydisStr
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
if (operand->mem.disp.hasDisplacement && ((operand->mem.disp.value) || if (operand->mem.disp.hasDisplacement && ((operand->mem.disp.value) ||
((operand->mem.base == ZYDIS_REGISTER_NONE) && ((operand->mem.base == ZYDIS_REGISTER_NONE) &&
(operand->mem.index == ZYDIS_REGISTER_NONE)))) (operand->mem.index == ZYDIS_REGISTER_NONE))))
{ {
const ZydisBool printSignedHEX = (formatter->formatDisp != ZYDIS_DISP_FORMAT_HEX_UNSIGNED); const ZydisBool printSignedHEX = (formatter->formatDisp != ZYDIS_DISP_FORMAT_HEX_UNSIGNED);
if (printSignedHEX && (operand->mem.disp.value < 0) && ( if (printSignedHEX && (operand->mem.disp.value < 0) && (
(operand->mem.base != ZYDIS_REGISTER_NONE) || (operand->mem.base != ZYDIS_REGISTER_NONE) ||
(operand->mem.index != ZYDIS_REGISTER_NONE))) (operand->mem.index != ZYDIS_REGISTER_NONE)))
{ {
return ZydisStringAppendHexS(string, operand->mem.disp.value, formatter->hexPaddingDisp, return ZydisStringAppendHexS(string, operand->mem.disp.value, formatter->hexPaddingDisp,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
} }
if ((operand->mem.base != ZYDIS_REGISTER_NONE) || if ((operand->mem.base != ZYDIS_REGISTER_NONE) ||
(operand->mem.index != ZYDIS_REGISTER_NONE)) (operand->mem.index != ZYDIS_REGISTER_NONE))
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, "+")); ZYDIS_CHECK(ZydisStringAppendC(string, "+"));
} }
return ZydisStringAppendHexU(string, (ZydisU64)operand->mem.disp.value, return ZydisStringAppendHexU(string, (ZydisU64)operand->mem.disp.value,
formatter->hexPaddingDisp, formatter->hexUppercase, formatter->hexPrefix, formatter->hexPaddingDisp, formatter->hexUppercase, formatter->hexPrefix,
formatter->hexSuffix); formatter->hexSuffix);
} }
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
static ZydisStatus ZydisPrintImmIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintImmIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(userData); ZYDIS_UNUSED_PARAMETER(userData);
@ -508,7 +508,7 @@ static ZydisStatus ZydisPrintImmIntel(const ZydisFormatter* formatter, ZydisStri
ZydisBool printSignedHEX = (formatter->formatImm == ZYDIS_IMM_FORMAT_HEX_SIGNED); ZydisBool printSignedHEX = (formatter->formatImm == ZYDIS_IMM_FORMAT_HEX_SIGNED);
if (formatter->formatImm == ZYDIS_IMM_FORMAT_HEX_AUTO) if (formatter->formatImm == ZYDIS_IMM_FORMAT_HEX_AUTO)
{ {
printSignedHEX = operand->imm.isSigned; printSignedHEX = operand->imm.isSigned;
} }
if (printSignedHEX && (operand->imm.value.s < 0)) if (printSignedHEX && (operand->imm.value.s < 0))
@ -516,44 +516,44 @@ static ZydisStatus ZydisPrintImmIntel(const ZydisFormatter* formatter, ZydisStri
switch (operand->size) switch (operand->size)
{ {
case 8: case 8:
return ZydisStringAppendHexS(string, (ZydisI8)operand->imm.value.s, return ZydisStringAppendHexS(string, (ZydisI8)operand->imm.value.s,
formatter->formatImm, formatter->hexUppercase, formatter->hexPrefix, formatter->formatImm, formatter->hexUppercase, formatter->hexPrefix,
formatter->hexSuffix); formatter->hexSuffix);
case 16: case 16:
return ZydisStringAppendHexS(string, (ZydisI16)operand->imm.value.s, return ZydisStringAppendHexS(string, (ZydisI16)operand->imm.value.s,
formatter->formatImm, formatter->hexUppercase, formatter->hexPrefix, formatter->formatImm, formatter->hexUppercase, formatter->hexPrefix,
formatter->hexSuffix); formatter->hexSuffix);
case 32: case 32:
return ZydisStringAppendHexS(string, (ZydisI32)operand->imm.value.s, return ZydisStringAppendHexS(string, (ZydisI32)operand->imm.value.s,
formatter->formatImm, formatter->hexUppercase, formatter->hexPrefix, formatter->formatImm, formatter->hexUppercase, formatter->hexPrefix,
formatter->hexSuffix); formatter->hexSuffix);
case 64: case 64:
return ZydisStringAppendHexS(string, operand->imm.value.s, formatter->formatImm, return ZydisStringAppendHexS(string, operand->imm.value.s, formatter->formatImm,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
} }
switch (instruction->operandWidth) switch (instruction->operandWidth)
{ {
case 8: case 8:
return ZydisStringAppendHexU(string, (ZydisU8)operand->imm.value.u, formatter->formatImm, return ZydisStringAppendHexU(string, (ZydisU8)operand->imm.value.u, formatter->formatImm,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
case 16: case 16:
return ZydisStringAppendHexU(string, (ZydisU16)operand->imm.value.u, formatter->formatImm, return ZydisStringAppendHexU(string, (ZydisU16)operand->imm.value.u, formatter->formatImm,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
case 32: case 32:
return ZydisStringAppendHexU(string, (ZydisU32)operand->imm.value.u, formatter->formatImm, return ZydisStringAppendHexU(string, (ZydisU32)operand->imm.value.u, formatter->formatImm,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
case 64: case 64:
return ZydisStringAppendHexU(string, operand->imm.value.u, formatter->formatImm, return ZydisStringAppendHexU(string, operand->imm.value.u, formatter->formatImm,
formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix); formatter->hexUppercase, formatter->hexPrefix, formatter->hexSuffix);
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
} }
static ZydisStatus ZydisPrintMemSizeIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintMemSizeIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData) const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(userData); ZYDIS_UNUSED_PARAMETER(userData);
@ -568,25 +568,25 @@ static ZydisStatus ZydisPrintMemSizeIntel(const ZydisFormatter* formatter, Zydis
ZydisU32 typecast = 0; ZydisU32 typecast = 0;
if (formatter->forceMemorySize) if (formatter->forceMemorySize)
{ {
if ((operand->type == ZYDIS_OPERAND_TYPE_MEMORY) && if ((operand->type == ZYDIS_OPERAND_TYPE_MEMORY) &&
(operand->mem.type == ZYDIS_MEMOP_TYPE_MEM)) (operand->mem.type == ZYDIS_MEMOP_TYPE_MEM))
{ {
typecast = instruction->operands[operand->id].size; typecast = instruction->operands[operand->id].size;
} }
} else } else
if ((operand->type == ZYDIS_OPERAND_TYPE_MEMORY) && if ((operand->type == ZYDIS_OPERAND_TYPE_MEMORY) &&
(operand->mem.type == ZYDIS_MEMOP_TYPE_MEM)) (operand->mem.type == ZYDIS_MEMOP_TYPE_MEM))
{ {
switch (operand->id) switch (operand->id)
{ {
case 0: case 0:
typecast = typecast =
((instruction->operands[1].type == ZYDIS_OPERAND_TYPE_UNUSED) || ((instruction->operands[1].type == ZYDIS_OPERAND_TYPE_UNUSED) ||
(instruction->operands[1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE) || (instruction->operands[1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE) ||
(instruction->operands[0].size != instruction->operands[1].size)) ? (instruction->operands[0].size != instruction->operands[1].size)) ?
instruction->operands[0].size : 0; instruction->operands[0].size : 0;
if (!typecast && if (!typecast &&
(instruction->operands[1].type == ZYDIS_OPERAND_TYPE_REGISTER) && (instruction->operands[1].type == ZYDIS_OPERAND_TYPE_REGISTER) &&
(instruction->operands[1].reg.value == ZYDIS_REGISTER_CL)) (instruction->operands[1].reg.value == ZYDIS_REGISTER_CL))
{ {
switch (instruction->mnemonic) switch (instruction->mnemonic)
@ -606,9 +606,9 @@ static ZydisStatus ZydisPrintMemSizeIntel(const ZydisFormatter* formatter, Zydis
break; break;
case 1: case 1:
case 2: case 2:
typecast = typecast =
(instruction->operands[operand->id - 1].size != (instruction->operands[operand->id - 1].size !=
instruction->operands[operand->id].size) ? instruction->operands[operand->id].size) ?
instruction->operands[operand->id].size : 0; instruction->operands[operand->id].size : 0;
break; break;
default: default:
@ -662,7 +662,7 @@ static ZydisStatus ZydisPrintMemSizeIntel(const ZydisFormatter* formatter, Zydis
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisPrintPrefixesIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintPrefixesIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, void* userData) const ZydisDecodedInstruction* instruction, void* userData)
{ {
ZYDIS_UNUSED_PARAMETER(userData); ZYDIS_UNUSED_PARAMETER(userData);
@ -688,8 +688,8 @@ static ZydisStatus ZydisPrintPrefixesIntel(const ZydisFormatter* formatter, Zydi
if (instruction->attributes & ZYDIS_ATTRIB_HAS_REPNE) if (instruction->attributes & ZYDIS_ATTRIB_HAS_REPNE)
{ {
return ZydisStringAppendExC(string, "repne ", formatter->letterCase); return ZydisStringAppendExC(string, "repne ", formatter->letterCase);
} }
if (instruction->attributes & ZYDIS_ATTRIB_HAS_BOUND) if (instruction->attributes & ZYDIS_ATTRIB_HAS_BOUND)
{ {
return ZydisStringAppendExC(string, "bnd ", formatter->letterCase); return ZydisStringAppendExC(string, "bnd ", formatter->letterCase);
@ -698,17 +698,17 @@ static ZydisStatus ZydisPrintPrefixesIntel(const ZydisFormatter* formatter, Zydi
if (instruction->attributes & ZYDIS_ATTRIB_HAS_XACQUIRE) if (instruction->attributes & ZYDIS_ATTRIB_HAS_XACQUIRE)
{ {
return ZydisStringAppendExC(string, "xacquire ", formatter->letterCase); return ZydisStringAppendExC(string, "xacquire ", formatter->letterCase);
} }
if (instruction->attributes & ZYDIS_ATTRIB_HAS_XRELEASE) if (instruction->attributes & ZYDIS_ATTRIB_HAS_XRELEASE)
{ {
return ZydisStringAppendExC(string, "xrelease ", formatter->letterCase); return ZydisStringAppendExC(string, "xrelease ", formatter->letterCase);
} }
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, ZydisString* string, static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, ZydisString* string,
const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand, const ZydisDecodedInstruction* instruction, const ZydisDecodedOperand* operand,
ZydisDecoratorType type, void* userData) ZydisDecoratorType type, void* userData)
{ {
if (!formatter || !instruction) if (!formatter || !instruction)
@ -723,14 +723,14 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
#if !defined(ZYDIS_DISABLE_EVEX) || !defined(ZYDIS_DISABLE_MVEX) #if !defined(ZYDIS_DISABLE_EVEX) || !defined(ZYDIS_DISABLE_MVEX)
if (instruction->avx.mask.reg != ZYDIS_REGISTER_K0) if (instruction->avx.mask.reg != ZYDIS_REGISTER_K0)
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, " {")); ZYDIS_CHECK(ZydisStringAppendC(string, " {"));
ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand, ZYDIS_CHECK(formatter->funcPrintRegister(formatter, string, instruction, operand,
instruction->avx.mask.reg, userData)); instruction->avx.mask.reg, userData));
ZYDIS_CHECK(ZydisStringAppendC(string, "}")); ZYDIS_CHECK(ZydisStringAppendC(string, "}"));
if (instruction->avx.mask.mode == ZYDIS_MASK_MODE_ZERO) if (instruction->avx.mask.mode == ZYDIS_MASK_MODE_ZERO)
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, " {z}")); ZYDIS_CHECK(ZydisStringAppendC(string, " {z}"));
} }
} }
#endif #endif
break; break;
@ -773,7 +773,7 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
{ {
switch (instruction->avx.rounding.mode) switch (instruction->avx.rounding.mode)
{ {
case ZYDIS_ROUNDING_MODE_INVALID: case ZYDIS_ROUNDING_MODE_INVALID:
break; break;
case ZYDIS_ROUNDING_MODE_RN: case ZYDIS_ROUNDING_MODE_RN:
ZYDIS_CHECK(ZydisStringAppendC(string, " {rn-sae}")); ZYDIS_CHECK(ZydisStringAppendC(string, " {rn-sae}"));
@ -789,7 +789,7 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
break; break;
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
} else } else
{ {
switch (instruction->avx.rounding.mode) switch (instruction->avx.rounding.mode)
@ -810,7 +810,7 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
break; break;
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
} }
#endif #endif
break; break;
@ -818,7 +818,7 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
#if !defined(ZYDIS_DISABLE_EVEX) #if !defined(ZYDIS_DISABLE_EVEX)
if (instruction->avx.hasSAE && !instruction->avx.rounding.mode) if (instruction->avx.hasSAE && !instruction->avx.rounding.mode)
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, " {sae}")); ZYDIS_CHECK(ZydisStringAppendC(string, " {sae}"));
} }
#endif #endif
break; break;
@ -829,7 +829,7 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
case ZYDIS_SWIZZLE_MODE_INVALID: case ZYDIS_SWIZZLE_MODE_INVALID:
case ZYDIS_SWIZZLE_MODE_DCBA: case ZYDIS_SWIZZLE_MODE_DCBA:
// Nothing to do here // Nothing to do here
break; break;
case ZYDIS_SWIZZLE_MODE_CDAB: case ZYDIS_SWIZZLE_MODE_CDAB:
ZYDIS_CHECK(ZydisStringAppendC(string, " {cdab}")); ZYDIS_CHECK(ZydisStringAppendC(string, " {cdab}"));
break; break;
@ -886,7 +886,7 @@ static ZydisStatus ZydisPrintDecoratorIntel(const ZydisFormatter* formatter, Zyd
#if !defined(ZYDIS_DISABLE_MVEX) #if !defined(ZYDIS_DISABLE_MVEX)
if (instruction->avx.hasEvictionHint) if (instruction->avx.hasEvictionHint)
{ {
ZYDIS_CHECK(ZydisStringAppendC(string, " {eh}")); ZYDIS_CHECK(ZydisStringAppendC(string, " {eh}"));
} }
#endif #endif
break; break;
@ -937,7 +937,7 @@ ZydisStatus ZydisFormatterInit(ZydisFormatter* formatter, ZydisFormatterStyle st
formatter->funcFormatOperandReg = &ZydisFormatOperandRegIntel; formatter->funcFormatOperandReg = &ZydisFormatOperandRegIntel;
formatter->funcFormatOperandMem = &ZydisFormatOperandMemIntel; formatter->funcFormatOperandMem = &ZydisFormatOperandMemIntel;
formatter->funcFormatOperandPtr = &ZydisFormatOperandPtrIntel; formatter->funcFormatOperandPtr = &ZydisFormatOperandPtrIntel;
formatter->funcFormatOperandImm = &ZydisFormatOperandImmIntel; formatter->funcFormatOperandImm = &ZydisFormatOperandImmIntel;
formatter->funcPrintMnemonic = &ZydisPrintMnemonicIntel; formatter->funcPrintMnemonic = &ZydisPrintMnemonicIntel;
formatter->funcPrintRegister = &ZydisPrintRegisterIntel; formatter->funcPrintRegister = &ZydisPrintRegisterIntel;
formatter->funcPrintAddress = &ZydisPrintAddrIntel; formatter->funcPrintAddress = &ZydisPrintAddrIntel;
@ -951,17 +951,17 @@ ZydisStatus ZydisFormatterInit(ZydisFormatter* formatter, ZydisFormatterStyle st
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter, ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter,
ZydisFormatterProperty property, ZydisUPointer value) ZydisFormatterProperty property, ZydisUPointer value)
{ {
if (!formatter) if (!formatter)
{ {
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
switch (property) switch (property)
{ {
case ZYDIS_FORMATTER_PROP_UPPERCASE: case ZYDIS_FORMATTER_PROP_UPPERCASE:
@ -987,7 +987,7 @@ ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter,
} }
formatter->formatDisp = (ZydisU8)value; formatter->formatDisp = (ZydisU8)value;
break; break;
case ZYDIS_FORMATTER_PROP_IMM_FORMAT: case ZYDIS_FORMATTER_PROP_IMM_FORMAT:
if (value > ZYDIS_IMM_FORMAT_MAX_VALUE) if (value > ZYDIS_IMM_FORMAT_MAX_VALUE)
{ {
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
@ -1011,21 +1011,21 @@ ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter,
return ZydisStringInit(&formatter->hexSuffixData, (char*)value); return ZydisStringInit(&formatter->hexSuffixData, (char*)value);
} }
break; break;
case ZYDIS_FORMATTER_PROP_HEX_PADDING_ADDR: case ZYDIS_FORMATTER_PROP_HEX_PADDING_ADDR:
if (value > 20) if (value > 20)
{ {
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
formatter->hexPaddingAddress = (ZydisU8)value; formatter->hexPaddingAddress = (ZydisU8)value;
break; break;
case ZYDIS_FORMATTER_PROP_HEX_PADDING_DISP: case ZYDIS_FORMATTER_PROP_HEX_PADDING_DISP:
if (value > 20) if (value > 20)
{ {
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
formatter->hexPaddingDisp = (ZydisU8)value; formatter->hexPaddingDisp = (ZydisU8)value;
break; break;
case ZYDIS_FORMATTER_PROP_HEX_PADDING_IMM: case ZYDIS_FORMATTER_PROP_HEX_PADDING_IMM:
if (value > 20) if (value > 20)
{ {
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
@ -1039,7 +1039,7 @@ ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter,
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter, ZydisFormatterHookType hook, ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter, ZydisFormatterHookType hook,
const void** callback) const void** callback)
{ {
if (!formatter || !callback) if (!formatter || !callback)
@ -1174,13 +1174,13 @@ ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter, ZydisFormatterHookT
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* formatter, ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen) const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen)
{ {
return ZydisFormatterFormatInstructionEx(formatter, instruction, buffer, bufferLen, ZYDIS_NULL); return ZydisFormatterFormatInstructionEx(formatter, instruction, buffer, bufferLen, ZYDIS_NULL);
} }
ZydisStatus ZydisFormatterFormatInstructionEx(const ZydisFormatter* formatter, ZydisStatus ZydisFormatterFormatInstructionEx(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen, void* userData) const ZydisDecodedInstruction* instruction, char* buffer, ZydisUSize bufferLen, void* userData)
{ {
if (!formatter || !instruction || !buffer || (bufferLen == 0)) if (!formatter || !instruction || !buffer || (bufferLen == 0))
@ -1204,18 +1204,18 @@ ZydisStatus ZydisFormatterFormatInstructionEx(const ZydisFormatter* formatter,
return status; return status;
} }
ZydisStatus ZydisFormatterFormatOperand(const ZydisFormatter* formatter, ZydisStatus ZydisFormatterFormatOperand(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen) const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen)
{ {
return ZydisFormatterFormatOperandEx( return ZydisFormatterFormatOperandEx(
formatter, instruction, index, buffer, bufferLen, ZYDIS_NULL); formatter, instruction, index, buffer, bufferLen, ZYDIS_NULL);
} }
ZydisStatus ZydisFormatterFormatOperandEx(const ZydisFormatter* formatter, ZydisStatus ZydisFormatterFormatOperandEx(const ZydisFormatter* formatter,
const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen, const ZydisDecodedInstruction* instruction, ZydisU8 index, char* buffer, ZydisUSize bufferLen,
void* userData) void* userData)
{ {
if (!formatter || !instruction || index >= instruction->operandCount || !buffer || if (!formatter || !instruction || index >= instruction->operandCount || !buffer ||
(bufferLen == 0)) (bufferLen == 0))
{ {
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
@ -1243,19 +1243,19 @@ ZydisStatus ZydisFormatterFormatOperandEx(const ZydisFormatter* formatter,
switch (operand->type) switch (operand->type)
{ {
case ZYDIS_OPERAND_TYPE_REGISTER: case ZYDIS_OPERAND_TYPE_REGISTER:
status = formatter->funcFormatOperandReg(formatter, &string, instruction, operand, status = formatter->funcFormatOperandReg(formatter, &string, instruction, operand,
userData); userData);
break; break;
case ZYDIS_OPERAND_TYPE_MEMORY: case ZYDIS_OPERAND_TYPE_MEMORY:
status = formatter->funcFormatOperandMem(formatter, &string, instruction, operand, status = formatter->funcFormatOperandMem(formatter, &string, instruction, operand,
userData); userData);
break; break;
case ZYDIS_OPERAND_TYPE_IMMEDIATE: case ZYDIS_OPERAND_TYPE_IMMEDIATE:
status = formatter->funcFormatOperandImm(formatter, &string, instruction, operand, status = formatter->funcFormatOperandImm(formatter, &string, instruction, operand,
userData); userData);
break; break;
case ZYDIS_OPERAND_TYPE_POINTER: case ZYDIS_OPERAND_TYPE_POINTER:
status = formatter->funcFormatOperandPtr(formatter, &string, instruction, operand, status = formatter->funcFormatOperandPtr(formatter, &string, instruction, operand,
userData); userData);
break; break;
default: default:

6
src/MetaInfo.c
View File

@ -44,7 +44,7 @@ const char* ZydisCategoryGetString(ZydisInstructionCategory category)
{ {
return ZYDIS_NULL; return ZYDIS_NULL;
} }
return zydisInstructionCategoryStrings[category]; return zydisInstructionCategoryStrings[category];
} }
const char* ZydisISASetGetString(ZydisISASet isaSet) const char* ZydisISASetGetString(ZydisISASet isaSet)
@ -53,7 +53,7 @@ const char* ZydisISASetGetString(ZydisISASet isaSet)
{ {
return ZYDIS_NULL; return ZYDIS_NULL;
} }
return zydisISASetStrings[isaSet]; return zydisISASetStrings[isaSet];
} }
const char* ZydisISAExtGetString(ZydisISAExt isaExt) const char* ZydisISAExtGetString(ZydisISAExt isaExt)
@ -62,7 +62,7 @@ const char* ZydisISAExtGetString(ZydisISAExt isaExt)
{ {
return ZYDIS_NULL; return ZYDIS_NULL;
} }
return zydisISAExtStrings[isaExt]; return zydisISAExtStrings[isaExt];
} }
/* ============================================================================================== */ /* ============================================================================================== */

2
src/SharedData.c
View File

@ -144,7 +144,7 @@ void ZydisGetInstructionDefinition(ZydisInstructionEncoding encoding, ZydisU16 i
/* Operand definition */ /* Operand definition */
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
ZydisU8 ZydisGetOperandDefinitions(const ZydisInstructionDefinition* definition, ZydisU8 ZydisGetOperandDefinitions(const ZydisInstructionDefinition* definition,
const ZydisOperandDefinition** operand) const ZydisOperandDefinition** operand)
{ {
if (definition->operandCount == 0) if (definition->operandCount == 0)

56
src/String.c
View File

@ -53,7 +53,7 @@ static const char* decimalLookup =
"60616263646566676869" "60616263646566676869"
"70717273747576777879" "70717273747576777879"
"80818283848586878889" "80818283848586878889"
"90919293949596979899"; "90919293949596979899";
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
@ -84,7 +84,7 @@ ZydisStatus ZydisStringAppendDecU32(ZydisString* string, ZydisU32 value, ZydisU8
ZydisMemoryCopy(p, &decimalLookup[value * 2], sizeof(ZydisU16)); ZydisMemoryCopy(p, &decimalLookup[value * 2], sizeof(ZydisU16));
const ZydisUSize n = &temp[ZYDIS_MAXCHARS_DEC_32] - p; const ZydisUSize n = &temp[ZYDIS_MAXCHARS_DEC_32] - p;
if ((string->capacity - string->length < (ZydisUSize)(n + 1)) || if ((string->capacity - string->length < (ZydisUSize)(n + 1)) ||
(string->capacity - string->length < (ZydisUSize)(paddingLength + 1))) (string->capacity - string->length < (ZydisUSize)(paddingLength + 1)))
{ {
return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE; return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE;
@ -103,7 +103,7 @@ ZydisStatus ZydisStringAppendDecU32(ZydisString* string, ZydisU32 value, ZydisU8
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
ZydisStatus ZydisStringAppendHexU32(ZydisString* string, ZydisU32 value, ZydisU8 paddingLength, ZydisStatus ZydisStringAppendHexU32(ZydisString* string, ZydisU32 value, ZydisU8 paddingLength,
ZydisBool uppercase, const ZydisString* prefix, const ZydisString* suffix) ZydisBool uppercase, const ZydisString* prefix, const ZydisString* suffix)
{ {
ZYDIS_ASSERT(string); ZYDIS_ASSERT(string);
@ -113,7 +113,7 @@ ZydisStatus ZydisStringAppendHexU32(ZydisString* string, ZydisU32 value, ZydisU8
{ {
ZYDIS_CHECK(ZydisStringAppend(string, prefix)); ZYDIS_CHECK(ZydisStringAppend(string, prefix));
} }
char* buffer = string->buffer + string->length; char* buffer = string->buffer + string->length;
const ZydisUSize remaining = string->capacity - string->length; const ZydisUSize remaining = string->capacity - string->length;
@ -133,7 +133,7 @@ ZydisStatus ZydisStringAppendHexU32(ZydisString* string, ZydisU32 value, ZydisU8
ZydisMemorySet(buffer, '0', n); ZydisMemorySet(buffer, '0', n);
string->length += n; string->length += n;
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
@ -150,7 +150,7 @@ ZydisStatus ZydisStringAppendHexU32(ZydisString* string, ZydisU32 value, ZydisU8
if (remaining <= (ZydisU8)(i + 1)) // TODO: +1? if (remaining <= (ZydisU8)(i + 1)) // TODO: +1?
{ {
return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE; return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE;
} }
if (paddingLength > i) if (paddingLength > i)
{ {
n = paddingLength - i - 1; n = paddingLength - i - 1;
@ -159,17 +159,17 @@ ZydisStatus ZydisStringAppendHexU32(ZydisString* string, ZydisU32 value, ZydisU8
} }
if (uppercase) if (uppercase)
{ {
buffer[n++] = "0123456789ABCDEF"[v]; buffer[n++] = "0123456789ABCDEF"[v];
} else } else
{ {
buffer[n++] = "0123456789abcdef"[v]; buffer[n++] = "0123456789abcdef"[v];
} }
} }
string->length += n; string->length += n;
if (suffix) if (suffix)
{ {
ZYDIS_CHECK(ZydisStringAppend(string, suffix)); ZYDIS_CHECK(ZydisStringAppend(string, suffix));
} }
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
@ -194,7 +194,7 @@ ZydisStatus ZydisStringAppendDecU64(ZydisString* string, ZydisU64 value, ZydisU8
ZydisMemoryCopy(p, &decimalLookup[value * 2], sizeof(ZydisU16)); ZydisMemoryCopy(p, &decimalLookup[value * 2], sizeof(ZydisU16));
const ZydisUSize n = &temp[ZYDIS_MAXCHARS_DEC_64] - p; const ZydisUSize n = &temp[ZYDIS_MAXCHARS_DEC_64] - p;
if ((string->capacity - string->length < (ZydisUSize)(n + 1)) || if ((string->capacity - string->length < (ZydisUSize)(n + 1)) ||
(string->capacity - string->length < (ZydisUSize)(paddingLength + 1))) (string->capacity - string->length < (ZydisUSize)(paddingLength + 1)))
{ {
return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE; return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE;
@ -223,7 +223,7 @@ ZydisStatus ZydisStringAppendHexU64(ZydisString* string, ZydisU64 value, ZydisU8
{ {
ZYDIS_CHECK(ZydisStringAppend(string, prefix)); ZYDIS_CHECK(ZydisStringAppend(string, prefix));
} }
char* buffer = string->buffer + string->length; char* buffer = string->buffer + string->length;
const ZydisUSize remaining = string->capacity - string->length; const ZydisUSize remaining = string->capacity - string->length;
@ -243,12 +243,12 @@ ZydisStatus ZydisStringAppendHexU64(ZydisString* string, ZydisU64 value, ZydisU8
ZydisMemorySet(buffer, '0', n); ZydisMemorySet(buffer, '0', n);
string->length += n; string->length += n;
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
ZydisU8 n = 0; ZydisU8 n = 0;
const ZydisU8 c = const ZydisU8 c =
((value & 0xFFFFFFFF00000000) ? ZYDIS_MAXCHARS_HEX_64 : ZYDIS_MAXCHARS_HEX_32); ((value & 0xFFFFFFFF00000000) ? ZYDIS_MAXCHARS_HEX_64 : ZYDIS_MAXCHARS_HEX_32);
for (ZydisI8 i = c - 1; i >= 0; --i) for (ZydisI8 i = c - 1; i >= 0; --i)
{ {
@ -262,7 +262,7 @@ ZydisStatus ZydisStringAppendHexU64(ZydisString* string, ZydisU64 value, ZydisU8
if (remaining <= (ZydisU8)(i + 1)) // TODO: +1? if (remaining <= (ZydisU8)(i + 1)) // TODO: +1?
{ {
return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE; return ZYDIS_STATUS_INSUFFICIENT_BUFFER_SIZE;
} }
if (paddingLength > i) if (paddingLength > i)
{ {
n = paddingLength - i - 1; n = paddingLength - i - 1;
@ -271,17 +271,17 @@ ZydisStatus ZydisStringAppendHexU64(ZydisString* string, ZydisU64 value, ZydisU8
} }
if (uppercase) if (uppercase)
{ {
buffer[n++] = "0123456789ABCDEF"[v]; buffer[n++] = "0123456789ABCDEF"[v];
} else } else
{ {
buffer[n++] = "0123456789abcdef"[v]; buffer[n++] = "0123456789abcdef"[v];
} }
} }
string->length += n; string->length += n;
if (suffix) if (suffix)
{ {
ZYDIS_CHECK(ZydisStringAppend(string, suffix)); ZYDIS_CHECK(ZydisStringAppend(string, suffix));
} }
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
@ -307,8 +307,8 @@ ZydisStatus ZydisStringInit(ZydisString* string, char* text)
const ZydisUSize length = ZydisStrLen(text); const ZydisUSize length = ZydisStrLen(text);
string->buffer = text; string->buffer = text;
string->length = length; string->length = length;
string->capacity = length; string->capacity = length;
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
@ -334,7 +334,7 @@ ZydisStatus ZydisStringAppend(ZydisString* string, const ZydisString* text)
return ZydisStringAppendEx(string, text, ZYDIS_LETTER_CASE_DEFAULT); return ZydisStringAppendEx(string, text, ZYDIS_LETTER_CASE_DEFAULT);
} }
ZydisStatus ZydisStringAppendEx(ZydisString* string, const ZydisString* text, ZydisStatus ZydisStringAppendEx(ZydisString* string, const ZydisString* text,
ZydisLetterCase letterCase) ZydisLetterCase letterCase)
{ {
if (!string || !text) if (!string || !text)
@ -392,7 +392,7 @@ ZydisStatus ZydisStringAppendC(ZydisString* string, const char* text)
{ {
ZydisString other; ZydisString other;
ZYDIS_CHECK(ZydisStringInit(&other, (char*)text)); ZYDIS_CHECK(ZydisStringInit(&other, (char*)text));
return ZydisStringAppendEx(string, &other, ZYDIS_LETTER_CASE_DEFAULT); return ZydisStringAppendEx(string, &other, ZYDIS_LETTER_CASE_DEFAULT);
} }
@ -400,11 +400,11 @@ ZydisStatus ZydisStringAppendExC(ZydisString* string, const char* text, ZydisLet
{ {
ZydisString other; ZydisString other;
ZYDIS_CHECK(ZydisStringInit(&other, (char*)text)); ZYDIS_CHECK(ZydisStringInit(&other, (char*)text));
return ZydisStringAppendEx(string, &other, letterCase); return ZydisStringAppendEx(string, &other, letterCase);
} }
ZydisStatus ZydisStringAppendStatic(ZydisString* string, const ZydisStaticString* text, ZydisStatus ZydisStringAppendStatic(ZydisString* string, const ZydisStaticString* text,
ZydisLetterCase letterCase) ZydisLetterCase letterCase)
{ {
if (!text || !text->buffer) if (!text || !text->buffer)
@ -415,11 +415,11 @@ ZydisStatus ZydisStringAppendStatic(ZydisString* string, const ZydisStaticString
ZydisString other; ZydisString other;
other.buffer = (char*)text->buffer; other.buffer = (char*)text->buffer;
other.length = text->length; other.length = text->length;
return ZydisStringAppendEx(string, &other, letterCase); return ZydisStringAppendEx(string, &other, letterCase);
} }
ZydisStatus ZydisStringAppendExStatic(ZydisString* string, const ZydisStaticString* text, ZydisStatus ZydisStringAppendExStatic(ZydisString* string, const ZydisStaticString* text,
ZydisLetterCase letterCase) ZydisLetterCase letterCase)
{ {
if (!text || !text->buffer) if (!text || !text->buffer)
@ -430,7 +430,7 @@ ZydisStatus ZydisStringAppendExStatic(ZydisString* string, const ZydisStaticStri
ZydisString other; ZydisString other;
other.buffer = (char*)text->buffer; other.buffer = (char*)text->buffer;
other.length = text->length; other.length = text->length;
return ZydisStringAppendEx(string, &other, letterCase); return ZydisStringAppendEx(string, &other, letterCase);
} }
@ -450,7 +450,7 @@ ZydisStatus ZydisStringAppendDecU(ZydisString* string, ZydisU64 value, ZydisU8 p
{ {
return ZydisStringAppendDecU32(string, (ZydisU32)value, paddingLength); return ZydisStringAppendDecU32(string, (ZydisU32)value, paddingLength);
} }
#endif #endif
} }
ZydisStatus ZydisStringAppendDecS(ZydisString* string, ZydisI64 value, ZydisU8 paddingLength) ZydisStatus ZydisStringAppendDecS(ZydisString* string, ZydisI64 value, ZydisU8 paddingLength)
@ -492,7 +492,7 @@ ZydisStatus ZydisStringAppendHexS(ZydisString* string, ZydisI64 value, ZydisU8 p
} }
return ZydisStringAppendHexU(string, -value, paddingLength, uppercase, ZYDIS_NULL, suffix); return ZydisStringAppendHexU(string, -value, paddingLength, uppercase, ZYDIS_NULL, suffix);
} }
return ZydisStringAppendHexU(string, value, paddingLength, uppercase, prefix, suffix); return ZydisStringAppendHexU(string, value, paddingLength, uppercase, prefix, suffix);
} }
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */

18
src/Utils.c
View File

@ -34,7 +34,7 @@
/* Exported functions */ /* Exported functions */
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction, ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisU64* address) const ZydisDecodedOperand* operand, ZydisU64* address)
{ {
if (!instruction || !operand || !address) if (!instruction || !operand || !address)
@ -50,15 +50,15 @@ ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
} }
if (operand->mem.base == ZYDIS_REGISTER_EIP) if (operand->mem.base == ZYDIS_REGISTER_EIP)
{ {
*address = ((ZydisU32)instruction->instrAddress + instruction->length + *address = ((ZydisU32)instruction->instrAddress + instruction->length +
(ZydisU32)operand->mem.disp.value); (ZydisU32)operand->mem.disp.value);
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
if (operand->mem.base == ZYDIS_REGISTER_RIP) if (operand->mem.base == ZYDIS_REGISTER_RIP)
{ {
*address = (ZydisU64)(instruction->instrAddress + instruction->length + *address = (ZydisU64)(instruction->instrAddress + instruction->length +
operand->mem.disp.value); operand->mem.disp.value);
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
if ((operand->mem.base == ZYDIS_REGISTER_NONE) && if ((operand->mem.base == ZYDIS_REGISTER_NONE) &&
(operand->mem.index == ZYDIS_REGISTER_NONE)) (operand->mem.index == ZYDIS_REGISTER_NONE))
@ -76,13 +76,13 @@ ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
} }
break; break;
case ZYDIS_OPERAND_TYPE_IMMEDIATE: case ZYDIS_OPERAND_TYPE_IMMEDIATE:
if (operand->imm.isSigned && operand->imm.isRelative) if (operand->imm.isSigned && operand->imm.isRelative)
{ {
*address = (ZydisU64)((ZydisI64)instruction->instrAddress + instruction->length + *address = (ZydisU64)((ZydisI64)instruction->instrAddress + instruction->length +
operand->imm.value.s); operand->imm.value.s);
switch (instruction->machineMode) switch (instruction->machineMode)
{ {
@ -101,7 +101,7 @@ ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
default: default:
return ZYDIS_STATUS_INVALID_PARAMETER; return ZYDIS_STATUS_INVALID_PARAMETER;
} }
return ZYDIS_STATUS_SUCCESS; return ZYDIS_STATUS_SUCCESS;
} }
break; break;
default: default:
@ -120,7 +120,7 @@ ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
/* Exported functions */ /* Exported functions */
/* ---------------------------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------------------------- */
ZydisStatus ZydisGetAccessedFlagsByAction(const ZydisDecodedInstruction* instruction, ZydisStatus ZydisGetAccessedFlagsByAction(const ZydisDecodedInstruction* instruction,
ZydisCPUFlagAction action, ZydisCPUFlagMask* flags) ZydisCPUFlagAction action, ZydisCPUFlagMask* flags)
{ {
if (!instruction) if (!instruction)

14
tools/ZydisDisasm.c
View File

@ -50,7 +50,7 @@ int main(int argc, char** argv)
fprintf(stderr, "Usage: %s [input file]\n", (argc > 0 ? argv[0] : "ZydisDisasm")); fprintf(stderr, "Usage: %s [input file]\n", (argc > 0 ? argv[0] : "ZydisDisasm"));
return EXIT_FAILURE; return EXIT_FAILURE;
} }
FILE* file = argc >= 2 ? fopen(argv[1], "rb") : stdin; FILE* file = argc >= 2 ? fopen(argv[1], "rb") : stdin;
if (!file) if (!file)
{ {
@ -68,9 +68,9 @@ int main(int argc, char** argv)
ZydisFormatter formatter; ZydisFormatter formatter;
if (!ZYDIS_SUCCESS(ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL)) || if (!ZYDIS_SUCCESS(ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter, !ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE)) || ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter, !ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE))) ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE)))
{ {
fputs("Failed to initialized instruction-formatter\n", stderr); fputs("Failed to initialized instruction-formatter\n", stderr);
@ -82,11 +82,11 @@ int main(int argc, char** argv)
do do
{ {
numBytesRead = fread(readBuf, 1, sizeof(readBuf), file); numBytesRead = fread(readBuf, 1, sizeof(readBuf), file);
ZydisDecodedInstruction instruction; ZydisDecodedInstruction instruction;
ZydisStatus status; ZydisStatus status;
size_t readOffs = 0; size_t readOffs = 0;
while ((status = ZydisDecoderDecodeBuffer(&decoder, readBuf + readOffs, while ((status = ZydisDecoderDecodeBuffer(&decoder, readBuf + readOffs,
numBytesRead - readOffs, readOffs, &instruction)) != ZYDIS_STATUS_NO_MORE_DATA) numBytesRead - readOffs, readOffs, &instruction)) != ZYDIS_STATUS_NO_MORE_DATA)
{ {
if (!ZYDIS_SUCCESS(status)) if (!ZYDIS_SUCCESS(status))
@ -133,10 +133,10 @@ int main(int argc, char** argv)
ZYDIS_ASSERT(!memcmp(encBuffer, readBuf + readOffs, encBufferSize)); ZYDIS_ASSERT(!memcmp(encBuffer, readBuf + readOffs, encBufferSize));
#endif #endif
// DEBUG CODE END // DEBUG CODE END
readOffs += instruction.length; readOffs += instruction.length;
} }
if (readOffs < sizeof(readBuf)) if (readOffs < sizeof(readBuf))
{ {
memmove(readBuf, readBuf + readOffs, sizeof(readBuf) - readOffs); memmove(readBuf, readBuf + readOffs, sizeof(readBuf) - readOffs);

64
tools/ZydisInfo.c
View File

@ -92,7 +92,7 @@ void printOperands(ZydisDecodedInstruction* instruction)
static const char* operandVisibilities[] = static const char* operandVisibilities[] =
{ {
"INVALID", "INVALID",
"EXPLICIT", "EXPLICIT",
"IMPLICIT", "IMPLICIT",
"HIDDEN" "HIDDEN"
}; };
@ -164,7 +164,7 @@ void printOperands(ZydisDecodedInstruction* instruction)
"AGEN", "AGEN",
"MIB" "MIB"
}; };
printf("%2d %9s %10s %6s %12s %5d %4d %6d %8s", printf("%2d %9s %10s %6s %12s %5d %4d %6d %8s",
i, i,
operandTypes[instruction->operands[i].type], operandTypes[instruction->operands[i].type],
operandVisibilities[instruction->operands[i].visibility], operandVisibilities[instruction->operands[i].visibility],
@ -172,7 +172,7 @@ void printOperands(ZydisDecodedInstruction* instruction)
operandEncodings[instruction->operands[i].encoding], operandEncodings[instruction->operands[i].encoding],
instruction->operands[i].size, instruction->operands[i].size,
instruction->operands[i].elementCount, instruction->operands[i].elementCount,
instruction->operands[i].elementSize, instruction->operands[i].elementSize,
elementTypes[instruction->operands[i].elementType]); elementTypes[instruction->operands[i].elementType]);
switch (instruction->operands[i].type) switch (instruction->operands[i].type)
{ {
@ -181,14 +181,14 @@ void printOperands(ZydisDecodedInstruction* instruction)
break; break;
case ZYDIS_OPERAND_TYPE_MEMORY: case ZYDIS_OPERAND_TYPE_MEMORY:
printf(" TYPE =%20s\n", memopTypes[instruction->operands[i].mem.type]); printf(" TYPE =%20s\n", memopTypes[instruction->operands[i].mem.type]);
printf(" %84s =%20s\n", printf(" %84s =%20s\n",
"SEG ", ZydisRegisterGetString(instruction->operands[i].mem.segment)); "SEG ", ZydisRegisterGetString(instruction->operands[i].mem.segment));
printf(" %84s =%20s\n", printf(" %84s =%20s\n",
"BASE ", ZydisRegisterGetString(instruction->operands[i].mem.base)); "BASE ", ZydisRegisterGetString(instruction->operands[i].mem.base));
printf(" %84s =%20s\n", printf(" %84s =%20s\n",
"INDEX", ZydisRegisterGetString(instruction->operands[i].mem.index)); "INDEX", ZydisRegisterGetString(instruction->operands[i].mem.index));
printf(" %84s =%20d\n", "SCALE", instruction->operands[i].mem.scale); printf(" %84s =%20d\n", "SCALE", instruction->operands[i].mem.scale);
printf(" %84s = 0x%016"PRIX64, printf(" %84s = 0x%016"PRIX64,
"DISP ", instruction->operands[i].mem.disp.value); "DISP ", instruction->operands[i].mem.disp.value);
break; break;
case ZYDIS_OPERAND_TYPE_POINTER: case ZYDIS_OPERAND_TYPE_POINTER:
@ -196,19 +196,19 @@ void printOperands(ZydisDecodedInstruction* instruction)
case ZYDIS_OPERAND_TYPE_IMMEDIATE: case ZYDIS_OPERAND_TYPE_IMMEDIATE:
if (instruction->operands[i].imm.isSigned) if (instruction->operands[i].imm.isSigned)
{ {
printf(" (%s %s %2d) 0x%016" PRIX64, printf(" (%s %s %2d) 0x%016" PRIX64,
instruction->operands[i].imm.isSigned ? "S" : "U", instruction->operands[i].imm.isSigned ? "S" : "U",
instruction->operands[i].imm.isRelative ? "R" : "_", instruction->operands[i].imm.isRelative ? "R" : "_",
instruction->raw.imm[immId].size, instruction->raw.imm[immId].size,
instruction->operands[i].imm.value.s); instruction->operands[i].imm.value.s);
} else } else
{ {
printf(" SIGN =%20s\n", instruction->operands[i].imm.isSigned ? "Y" : "N"); printf(" SIGN =%20s\n", instruction->operands[i].imm.isSigned ? "Y" : "N");
printf(" %84s =%20s\n", printf(" %84s =%20s\n",
"REL ", instruction->operands[i].imm.isRelative ? "Y" : "N"); "REL ", instruction->operands[i].imm.isRelative ? "Y" : "N");
printf(" %84s = %2d\n", printf(" %84s = %2d\n",
"SIZE ", instruction->raw.imm[immId].size); "SIZE ", instruction->raw.imm[immId].size);
printf(" %84s = 0x%016" PRIX64, printf(" %84s = 0x%016" PRIX64,
"VALUE", instruction->operands[i].imm.value.u); "VALUE", instruction->operands[i].imm.value.u);
} }
++immId; ++immId;
@ -219,7 +219,7 @@ void printOperands(ZydisDecodedInstruction* instruction)
puts(""); puts("");
} }
fputs("-- --------- ---------- ------ ------------ ---- ----- ------", stdout); fputs("-- --------- ---------- ------ ------------ ---- ----- ------", stdout);
fputs(" -------- ---------------------------\n", stdout); fputs(" -------- ---------------------------\n", stdout);
} }
void printFlags(ZydisDecodedInstruction* instruction) void printFlags(ZydisDecodedInstruction* instruction)
@ -351,7 +351,7 @@ void printAVXInfo(ZydisDecodedInstruction* instruction)
fputs("=======================================\n", stdout); fputs("=======================================\n", stdout);
printf(" VECTORLEN: %03d\n", instruction->avx.vectorLength); printf(" VECTORLEN: %03d\n", instruction->avx.vectorLength);
printf(" BROADCAST: %s%s", broadcastStrings[instruction->avx.broadcast.mode], printf(" BROADCAST: %s%s", broadcastStrings[instruction->avx.broadcast.mode],
instruction->avx.broadcast.isStatic ? " (static)" : ""); instruction->avx.broadcast.isStatic ? " (static)" : "");
switch (instruction->encoding) switch (instruction->encoding)
@ -359,8 +359,8 @@ void printAVXInfo(ZydisDecodedInstruction* instruction)
case ZYDIS_INSTRUCTION_ENCODING_EVEX: case ZYDIS_INSTRUCTION_ENCODING_EVEX:
printf("\n ROUNDING: %s", roundingModeStrings[instruction->avx.rounding.mode]); printf("\n ROUNDING: %s", roundingModeStrings[instruction->avx.rounding.mode]);
printf("\n SAE: %s", instruction->avx.hasSAE ? "Y" : "N"); printf("\n SAE: %s", instruction->avx.hasSAE ? "Y" : "N");
printf("\n MASK: %s [%5s]%s", ZydisRegisterGetString(instruction->avx.mask.reg), printf("\n MASK: %s [%5s]%s", ZydisRegisterGetString(instruction->avx.mask.reg),
maskModeStrings[instruction->avx.mask.mode], maskModeStrings[instruction->avx.mask.mode],
instruction->avx.mask.isControlMask ? " (control-mask)" : ""); instruction->avx.mask.isControlMask ? " (control-mask)" : "");
break; break;
case ZYDIS_INSTRUCTION_ENCODING_MVEX: case ZYDIS_INSTRUCTION_ENCODING_MVEX:
@ -450,10 +450,10 @@ void printInstruction(ZydisDecodedInstruction* instruction)
{ {
ZydisInstructionAttributes attrMask; ZydisInstructionAttributes attrMask;
const char* str; const char* str;
} attributeMap[] = } attributeMap[] =
{ {
{ ZYDIS_ATTRIB_HAS_MODRM, "HAS_MODRM" }, { ZYDIS_ATTRIB_HAS_MODRM, "HAS_MODRM" },
{ ZYDIS_ATTRIB_HAS_SIB, "HAS_SIB" }, { ZYDIS_ATTRIB_HAS_SIB, "HAS_SIB" },
{ ZYDIS_ATTRIB_HAS_REX, "HAS_REX" }, { ZYDIS_ATTRIB_HAS_REX, "HAS_REX" },
{ ZYDIS_ATTRIB_HAS_XOP, "HAS_XOP" }, { ZYDIS_ATTRIB_HAS_XOP, "HAS_XOP" },
{ ZYDIS_ATTRIB_HAS_VEX, "HAS_VEX" }, { ZYDIS_ATTRIB_HAS_VEX, "HAS_VEX" },
@ -498,7 +498,7 @@ void printInstruction(ZydisDecodedInstruction* instruction)
fputs("== [ BASIC ] =====================================================", stdout); fputs("== [ BASIC ] =====================================================", stdout);
fputs("=======================================\n", stdout); fputs("=======================================\n", stdout);
printf(" MNEMONIC: %s [ENC: %s, MAP: %s, OPC: %02X]\n", printf(" MNEMONIC: %s [ENC: %s, MAP: %s, OPC: %02X]\n",
ZydisMnemonicGetString(instruction->mnemonic), ZydisMnemonicGetString(instruction->mnemonic),
instructionEncodingStrings[instruction->encoding], instructionEncodingStrings[instruction->encoding],
opcodeMapStrings[instruction->opcodeMap], opcodeMapStrings[instruction->opcodeMap],
@ -511,7 +511,7 @@ void printInstruction(ZydisDecodedInstruction* instruction)
printf(" ISA-SET: %s\n", ZydisISASetGetString(instruction->meta.isaSet)); printf(" ISA-SET: %s\n", ZydisISASetGetString(instruction->meta.isaSet));
printf(" ISA-EXT: %s\n", ZydisISAExtGetString(instruction->meta.isaExt)); printf(" ISA-EXT: %s\n", ZydisISAExtGetString(instruction->meta.isaExt));
printf(" EXCEPTIONS: %s\n", exceptionClassStrings[instruction->meta.exceptionClass]); printf(" EXCEPTIONS: %s\n", exceptionClassStrings[instruction->meta.exceptionClass]);
if (instruction->attributes) if (instruction->attributes)
{ {
fputs (" ATTRIBUTES: ", stdout); fputs (" ATTRIBUTES: ", stdout);
@ -524,13 +524,13 @@ void printInstruction(ZydisDecodedInstruction* instruction)
} }
fputs("\n", stdout); fputs("\n", stdout);
} }
if (instruction->operandCount > 0) if (instruction->operandCount > 0)
{ {
puts(""); puts("");
printOperands(instruction); printOperands(instruction);
} }
if (ZydisRegisterGetClass( if (ZydisRegisterGetClass(
instruction->operands[instruction->operandCount - 1].reg.value) == ZYDIS_REGCLASS_FLAGS) instruction->operands[instruction->operandCount - 1].reg.value) == ZYDIS_REGCLASS_FLAGS)
{ {
@ -550,9 +550,9 @@ void printInstruction(ZydisDecodedInstruction* instruction)
ZydisStatus status; ZydisStatus status;
ZydisFormatter formatter; ZydisFormatter formatter;
if (!ZYDIS_SUCCESS((status = ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL))) || if (!ZYDIS_SUCCESS((status = ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL))) ||
!ZYDIS_SUCCESS((status = ZydisFormatterSetProperty(&formatter, !ZYDIS_SUCCESS((status = ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE))) || ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE))) ||
!ZYDIS_SUCCESS((status = ZydisFormatterSetProperty(&formatter, !ZYDIS_SUCCESS((status = ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE)))) ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE))))
{ {
fputs("Failed to initialize instruction-formatter\n", stderr); fputs("Failed to initialize instruction-formatter\n", stderr);
@ -586,19 +586,19 @@ int main(int argc, char** argv)
ZydisDecoder decoder; ZydisDecoder decoder;
if (!strcmp(argv[1], "-real")) if (!strcmp(argv[1], "-real"))
{ {
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_REAL_16, ZYDIS_ADDRESS_WIDTH_16); ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_REAL_16, ZYDIS_ADDRESS_WIDTH_16);
} else } else
if (!strcmp(argv[1], "-16")) if (!strcmp(argv[1], "-16"))
{ {
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_COMPAT_16, ZYDIS_ADDRESS_WIDTH_16); ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_COMPAT_16, ZYDIS_ADDRESS_WIDTH_16);
} else } else
if (!strcmp(argv[1], "-32")) if (!strcmp(argv[1], "-32"))
{ {
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_COMPAT_32, ZYDIS_ADDRESS_WIDTH_32); ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_COMPAT_32, ZYDIS_ADDRESS_WIDTH_32);
} else } else
if (!strcmp(argv[1], "-64")) if (!strcmp(argv[1], "-64"))
{ {
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64); ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64);
} else } else
{ {
fputs("Usage: ZydisInfo -[real|16|32|64] [hexbytes]\n", stderr); fputs("Usage: ZydisInfo -[real|16|32|64] [hexbytes]\n", stderr);
@ -631,7 +631,7 @@ int main(int argc, char** argv)
data[length] = (uint8_t)value; data[length] = (uint8_t)value;
++length; ++length;
} }
} }
ZydisDecodedInstruction instruction; ZydisDecodedInstruction instruction;
ZydisStatus status = ZydisDecoderDecodeBuffer(&decoder, &data, length, 0, &instruction); ZydisStatus status = ZydisDecoderDecodeBuffer(&decoder, &data, length, 0, &instruction);
@ -639,8 +639,8 @@ int main(int argc, char** argv)
{ {
if (status >= ZYDIS_STATUS_USER) if (status >= ZYDIS_STATUS_USER)
{ {
fprintf(stderr, fprintf(stderr,
"Could not decode instruction: User defined status code 0x%" PRIx32, status); "Could not decode instruction: User defined status code 0x%" PRIx32, status);
} else } else
{ {
fprintf(stderr, "Could not decode instruction: %s", ZydisFormatStatus(status)); fprintf(stderr, "Could not decode instruction: %s", ZydisFormatStatus(status));