Further improvements on #13

2017-04-09 23:11:16 +02:00 · 2017-04-09 23:11:16 +02:00 · 8dd599555f
parent 839729bfb2
commit 8dd599555f
2 changed files with 5 additions and 13 deletions
--- a/src/Decoder.c
+++ b/src/Decoder.c
@ -2386,16 +2386,6 @@ ZydisStatus ZydisDecoderDecodeInstructionEx(ZydisInstructionDecoder* decoder,
        }
    }

-    // For relative operands, apply instruction length offset.
-    for (size_t i = 0; i < info->operandCount; ++i)
-    {
-        if (info->operands[i].type == ZYDIS_OPERAND_TYPE_IMMEDIATE &&
-            info->operands[i].imm.isRelative)
-        {
-            info->operands[i].imm.value.sqword += info->length;
-        }
-    }
-
    // Replace XCHG rAX, rAX with NOP alias
    if (info->mnemonic == ZYDIS_MNEMONIC_XCHG)
    {
--- a/src/Utils.c
+++ b/src/Utils.c
@ -51,19 +51,21 @@ ZydisStatus ZydisUtilsCalcAbsoluteTargetAddress(const ZydisInstructionInfo* info
        }
        if (operand->mem.base == ZYDIS_REGISTER_EIP)
        {
-            *address = (uint64_t)((uint32_t)info->instrPointer + operand->mem.disp.value.sdword); 
+            *address = (uint64_t)((uint32_t)info->instrPointer + operand->mem.disp.value.sdword);
            return ZYDIS_STATUS_SUCCESS;   
        }
        if (operand->mem.base == ZYDIS_REGISTER_RIP)
        {
-            *address = (uint64_t)(info->instrPointer + operand->mem.disp.value.sqword); 
+            *address = 
+                (uint64_t)(info->instrPointer + operand->mem.disp.value.sqword);
            return ZYDIS_STATUS_SUCCESS;   
        }
        break;
    case ZYDIS_OPERAND_TYPE_IMMEDIATE:
        if (operand->imm.isSigned && operand->imm.isRelative)
        {
-            *address = (uint64_t)((int64_t)info->instrPointer + operand->imm.value.sqword);
+            *address = 
+                (uint64_t)((int64_t)info->instrPointer + info->length + operand->imm.value.sqword);
            switch (info->mode)
            {
            case ZYDIS_DISASSEMBLER_MODE_16BIT: