From 930c4df9709370be554a5d98aae364a829bd2d72 Mon Sep 17 00:00:00 2001 From: flobernd Date: Fri, 1 Dec 2017 20:21:25 +0100 Subject: [PATCH] Removed `ZydisDecodedInstruction.instrPointer` The instruction-pointer was always pointing to the next instruction (which is inconsistent for branch instructions). We can't always tell IF an instruction is going to branch (for the conditional ones), so we decided to completely remove it. You can always manually combine `instrAddress` and `length` to calculate this value. --- include/Zydis/DecoderTypes.h | 11 ++--------- src/Decoder.c | 4 ---- src/Utils.c | 10 ++++++---- 3 files changed, 8 insertions(+), 17 deletions(-) diff --git a/include/Zydis/DecoderTypes.h b/include/Zydis/DecoderTypes.h index 82bb59b..644fd03 100644 --- a/include/Zydis/DecoderTypes.h +++ b/include/Zydis/DecoderTypes.h @@ -829,17 +829,10 @@ typedef struct ZydisDecodedInstruction_ */ ZydisInstructionAttributes attributes; /** - * @brief The instruction address points at the current instruction (relative to the - * initial instruction pointer). + * @brief The instruction address points at the current instruction (based on the initial + * instruction pointer). */ ZydisU64 instrAddress; - /** - * @brief The instruction pointer points at the address of the next instruction (relative - * to the initial instruction pointer). - * - * This field is used to properly format relative instructions. - */ - ZydisU64 instrPointer; /** * @brief Information about accessed CPU flags. */ diff --git a/src/Decoder.c b/src/Decoder.c index 2a64174..3992235 100644 --- a/src/Decoder.c +++ b/src/Decoder.c @@ -4562,14 +4562,10 @@ ZydisStatus ZydisDecoderDecodeBuffer(const ZydisDecoder* decoder, const void* bu ZYDIS_CHECK(ZydisCollectOptionalPrefixes(&context, instruction)); ZYDIS_CHECK(ZydisDecodeInstruction(&context, instruction)); - instruction->instrPointer = instruction->instrAddress + instruction->length; - // TODO: The index, dest and mask regs for AVX2 gathers must be different. // TODO: More EVEX UD conditions (page 81) - // TODO: Set AVX-512 info - return ZYDIS_STATUS_SUCCESS; } diff --git a/src/Utils.c b/src/Utils.c index a3480de..a0ad7c9 100644 --- a/src/Utils.c +++ b/src/Utils.c @@ -50,13 +50,14 @@ ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction, } if (operand->mem.base == ZYDIS_REGISTER_EIP) { - *address = - (ZydisU64)((ZydisU32)instruction->instrPointer + (ZydisU32)operand->mem.disp.value); + *address = (ZydisU64)((ZydisU32)instruction->instrAddress + instruction->length + + (ZydisU32)operand->mem.disp.value); return ZYDIS_STATUS_SUCCESS; } if (operand->mem.base == ZYDIS_REGISTER_RIP) { - *address = (ZydisU64)(instruction->instrPointer + operand->mem.disp.value); + *address = (ZydisU64)(instruction->instrAddress + instruction->length + + operand->mem.disp.value); return ZYDIS_STATUS_SUCCESS; } if ((operand->mem.base == ZYDIS_REGISTER_NONE) && @@ -81,7 +82,8 @@ ZydisStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction, case ZYDIS_OPERAND_TYPE_IMMEDIATE: if (operand->imm.isSigned && operand->imm.isRelative) { - *address = (ZydisU64)((ZydisI64)instruction->instrPointer + operand->imm.value.s); + *address = (ZydisU64)((ZydisI64)instruction->instrAddress + instruction->length + + operand->imm.value.s); switch (instruction->machineMode) { case ZYDIS_MACHINE_MODE_LONG_COMPAT_16: