From ad8e5ce6a9ca03b5e065c2a6c0f69d4c633366f0 Mon Sep 17 00:00:00 2001 From: flobernd Date: Sat, 1 Jul 2017 01:10:03 +0200 Subject: [PATCH] Minor refactorings --- include/Zydis/InstructionInfo.h | 90 +++++++++++-------- .../Zydis/Internal/InstructionDefinitions.inc | 2 +- src/Decoder.c | 88 +++++++++--------- src/Formatter.c | 32 +++---- src/Utils.c | 7 +- 5 files changed, 118 insertions(+), 101 deletions(-) diff --git a/include/Zydis/InstructionInfo.h b/include/Zydis/InstructionInfo.h index 455059e..6a434bf 100644 --- a/include/Zydis/InstructionInfo.h +++ b/include/Zydis/InstructionInfo.h @@ -333,13 +333,7 @@ typedef struct ZydisOperandInfo_ /** * @brief The displacement value */ - union - { - int8_t sbyte; - int16_t sword; - int32_t sdword; - int64_t sqword; - } value; + int64_t value; } disp; } mem; /** @@ -369,14 +363,8 @@ typedef struct ZydisOperandInfo_ */ union { - int8_t sbyte; - uint8_t ubyte; - int16_t sword; - uint16_t uword; - int32_t sdword; - uint32_t udword; - int64_t sqword; - uint64_t uqword; + uint64_t u; + int64_t s; } value; } imm; } ZydisOperandInfo; @@ -687,6 +675,46 @@ typedef uint64_t ZydisInstructionAttributes; */ #define ZYDIS_ATTRIB_HAS_ADDRESSSIZE 0x0000001000000000 +/* ---------------------------------------------------------------------------------------------- */ +/* SSE/AVX exception-class */ +/* ---------------------------------------------------------------------------------------------- */ + +/** + * @brief Defines the @c ZydisExceptionClass datatype. + */ +typedef uint16_t ZydisExceptionClass; + +/** + * @brief Values that represent exception-classes. + */ +enum ZydisExceptionClasses +{ + ZYDIS_EXCEPTION_CLASS_NONE, + // TODO: SSE and AVX + ZYDIS_EXCEPTION_CLASS_E1, + ZYDIS_EXCEPTION_CLASS_E1NF, + ZYDIS_EXCEPTION_CLASS_E2, + ZYDIS_EXCEPTION_CLASS_E2NF, + ZYDIS_EXCEPTION_CLASS_E3, + ZYDIS_EXCEPTION_CLASS_E3NF, + ZYDIS_EXCEPTION_CLASS_E4, + ZYDIS_EXCEPTION_CLASS_E4NF, + ZYDIS_EXCEPTION_CLASS_E5, + ZYDIS_EXCEPTION_CLASS_E5NF, + ZYDIS_EXCEPTION_CLASS_E6, + ZYDIS_EXCEPTION_CLASS_E6NF, + ZYDIS_EXCEPTION_CLASS_E7NM, + ZYDIS_EXCEPTION_CLASS_E7NM128, + ZYDIS_EXCEPTION_CLASS_E9NF, + ZYDIS_EXCEPTION_CLASS_E10, + ZYDIS_EXCEPTION_CLASS_E10NF, + ZYDIS_EXCEPTION_CLASS_E11, + ZYDIS_EXCEPTION_CLASS_E12, + ZYDIS_EXCEPTION_CLASS_E12NP, + ZYDIS_EXCEPTION_CLASS_K20, + ZYDIS_EXCEPTION_CLASS_K21 +}; + /* ---------------------------------------------------------------------------------------------- */ /* AVX vector-length */ /* ---------------------------------------------------------------------------------------------- */ @@ -956,9 +984,6 @@ typedef struct ZydisInstructionInfo_ * @brief The AVX data-conversion mode (MVEX only). */ ZydisConversionMode conversionMode; - - // TODO: Remove SAE from the rounding-mode enum and always add it as extra value - /** * @brief Signals, if the sae functionality is enabled for the instruction. */ @@ -967,7 +992,6 @@ typedef struct ZydisInstructionInfo_ * @brief Signals, if the instruction has a memory eviction-hint (MVEX only). */ ZydisBool hasEvictionHint; - } avx; /** * @brief Extended info about different instruction-parts like ModRM, SIB or @@ -1278,22 +1302,16 @@ typedef struct ZydisInstructionInfo_ /** * @brief The displacement value */ - union - { - int8_t sbyte; - int16_t sword; - int32_t sdword; - int64_t sqword; - } value; + int64_t value; /** * @brief The physical displacement size, in bits. */ - uint8_t dataSize; + uint8_t size; /** * @brief The offset of the displacement data, relative to the beginning of the * instruction, in bytes. */ - uint8_t dataOffset; + uint8_t offset; } disp; /** * @brief Detailed info about immediate-bytes. @@ -1314,25 +1332,19 @@ typedef struct ZydisInstructionInfo_ * @brief The immediate value. */ union - { - int8_t sbyte; - uint8_t ubyte; - int16_t sword; - uint16_t uword; - int32_t sdword; - uint32_t udword; - int64_t sqword; - uint64_t uqword; + { + uint64_t u; + int64_t s; } value; /** * @brief The physical immediate size, in bits. */ - uint8_t dataSize; + uint8_t size; /** * @brief The offset of the immediate data, relative to the beginning of the * instruction, in bytes. */ - uint8_t dataOffset; + uint8_t offset; } imm[2]; } details; /** diff --git a/include/Zydis/Internal/InstructionDefinitions.inc b/include/Zydis/Internal/InstructionDefinitions.inc index 6dbd27a..b8055e6 100644 --- a/include/Zydis/Internal/InstructionDefinitions.inc +++ b/include/Zydis/Internal/InstructionDefinitions.inc @@ -599,7 +599,7 @@ const ZydisInstructionDefinitionDEFAULT instructionDefinitionsDEFAULT[] = /*0254*/ { ZYDIS_MNEMONIC_INSW, 3, 0x0967, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_TRUE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_TRUE }, /*0255*/ { ZYDIS_MNEMONIC_INSW, 2, 0x1342, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_TRUE }, /*0256*/ { ZYDIS_MNEMONIC_INT, 2, 0x1344, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE }, - /*0257*/ { ZYDIS_MNEMONIC_INT1, 0, 0x0000, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE }, + /*0257*/ { ZYDIS_MNEMONIC_INT1, 1, 0x126F, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE }, /*0258*/ { ZYDIS_MNEMONIC_INT3, 1, 0x126F, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE }, /*0259*/ { ZYDIS_MNEMONIC_INTO, 1, 0x0912, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE }, /*025A*/ { ZYDIS_MNEMONIC_INVD, 0, 0x0000, 0x00, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE, ZYDIS_FALSE }, diff --git a/src/Decoder.c b/src/Decoder.c index c52f459..da310da 100644 --- a/src/Decoder.c +++ b/src/Decoder.c @@ -468,6 +468,7 @@ static ZydisStatus ZydisDecodeVEX(ZydisDecoderContext* context, ZydisInstruction ZYDIS_UNREACHABLE; } + // TODO: m_mmmm = 0 is only valid for some KNC instructions if (info->details.vex.m_mmmm > 0x03) { // Invalid according to the intel documentation @@ -520,7 +521,6 @@ static ZydisStatus ZydisDecodeEVEX(ZydisDecoderContext* context, ZydisInstructio info->details.evex.mm = (data[1] >> 0) & 0x03; - // TODO: Check if map = 0 is allowed for new EVEX instructions if (info->details.evex.mm == 0x00) { // Invalid according to the intel documentation @@ -538,6 +538,12 @@ static ZydisStatus ZydisDecodeEVEX(ZydisDecoderContext* context, ZydisInstructio info->details.evex.L = (data[3] >> 5) & 0x01; info->details.evex.b = (data[3] >> 4) & 0x01; info->details.evex.V2 = (data[3] >> 3) & 0x01; + + if (!info->details.evex.V2 && context->decoder->machineMode != ZYDIS_MACHINE_MODE_LONG_64) + { + return ZYDIS_STATUS_MALFORMED_EVEX; + } + info->details.evex.aaa = (data[3] >> 0) & 0x07; // Update internal fields @@ -678,10 +684,10 @@ static ZydisStatus ZydisReadDisplacement(ZydisDecoderContext* context, ZydisInst { ZYDIS_ASSERT(context); ZYDIS_ASSERT(info); - ZYDIS_ASSERT(info->details.disp.dataSize == 0); + ZYDIS_ASSERT(info->details.disp.size == 0); - info->details.disp.dataSize = size; - info->details.disp.dataOffset = info->length; + info->details.disp.size = size; + info->details.disp.offset = info->length; switch (size) { @@ -689,28 +695,28 @@ static ZydisStatus ZydisReadDisplacement(ZydisDecoderContext* context, ZydisInst { uint8_t value; ZYDIS_CHECK(ZydisInputNext(context, info, &value)); - info->details.disp.value.sqword = *(int8_t*)&value; + info->details.disp.value = *(int8_t*)&value; break; } case 16: { uint16_t value; ZYDIS_CHECK(ZydisInputNextBytes(context, info, (uint8_t*)&value, 2)); - info->details.disp.value.sqword = *(int16_t*)&value; + info->details.disp.value = *(int16_t*)&value; break; } case 32: { uint32_t value; ZYDIS_CHECK(ZydisInputNextBytes(context, info, (uint8_t*)&value, 4)); - info->details.disp.value.sqword = *(int32_t*)&value; + info->details.disp.value = *(int32_t*)&value; break; } case 64: { uint64_t value; ZYDIS_CHECK(ZydisInputNextBytes(context, info, (uint8_t*)&value, 8)); - info->details.disp.value.sqword = *(int64_t*)&value; + info->details.disp.value = *(int64_t*)&value; break; } default: @@ -741,10 +747,10 @@ static ZydisStatus ZydisReadImmediate(ZydisDecoderContext* context, ZydisInstruc ZYDIS_ASSERT(info); ZYDIS_ASSERT((id == 0) || (id == 1)); ZYDIS_ASSERT(isSigned || !isRelative); - ZYDIS_ASSERT(info->details.imm[id].dataSize == 0); + ZYDIS_ASSERT(info->details.imm[id].size == 0); - info->details.imm[id].dataSize = size; - info->details.imm[id].dataOffset = info->length; + info->details.imm[id].size = size; + info->details.imm[id].offset = info->length; info->details.imm[id].isSigned = isSigned; info->details.imm[id].isRelative = isRelative; switch (size) @@ -755,10 +761,10 @@ static ZydisStatus ZydisReadImmediate(ZydisDecoderContext* context, ZydisInstruc ZYDIS_CHECK(ZydisInputNext(context, info, &value)); if (isSigned) { - info->details.imm[id].value.sqword = (int8_t)value; + info->details.imm[id].value.s = (int8_t)value; } else { - info->details.imm[id].value.ubyte = value; + info->details.imm[id].value.u = value; } break; } @@ -768,10 +774,10 @@ static ZydisStatus ZydisReadImmediate(ZydisDecoderContext* context, ZydisInstruc ZYDIS_CHECK(ZydisInputNextBytes(context, info, (uint8_t*)&value, 2)); if (isSigned) { - info->details.imm[id].value.sqword = (int16_t)value; + info->details.imm[id].value.s = (int16_t)value; } else { - info->details.imm[id].value.uword = value; + info->details.imm[id].value.u = value; } break; } @@ -781,10 +787,10 @@ static ZydisStatus ZydisReadImmediate(ZydisDecoderContext* context, ZydisInstruc ZYDIS_CHECK(ZydisInputNextBytes(context, info, (uint8_t*)&value, 4)); if (isSigned) { - info->details.imm[id].value.sqword = (int32_t)value; + info->details.imm[id].value.s = (int32_t)value; } else { - info->details.imm[id].value.udword = value; + info->details.imm[id].value.u = value; } break; } @@ -794,10 +800,10 @@ static ZydisStatus ZydisReadImmediate(ZydisDecoderContext* context, ZydisInstruc ZYDIS_CHECK(ZydisInputNextBytes(context, info, (uint8_t*)&value, 8)); if (isSigned) { - info->details.imm[id].value.sqword = (int64_t)value; + info->details.imm[id].value.s = (int64_t)value; } else { - info->details.imm[id].value.uqword = value; + info->details.imm[id].value.u = value; } break; } @@ -880,7 +886,7 @@ static uint8_t ZydisCalcRegisterId(ZydisDecoderContext* context, ZydisInstructio (registerClass == ZYDIS_REGCLASS_ZMM)); return info->details.sib.index; case ZYDIS_REG_ENCODING_IS4: - return (info->details.imm[0].value.ubyte >> 5) & 0x07; + return (info->details.imm[0].value.u >> 5) & 0x07; case ZYDIS_REG_ENCODING_MASK: return context->cache.mask; default: @@ -987,7 +993,7 @@ static uint8_t ZydisCalcRegisterId(ZydisDecoderContext* context, ZydisInstructio return info->details.sib.index | (context->cache.X << 3) | (context->cache.V2 << 4); case ZYDIS_REG_ENCODING_IS4: { - uint8_t value = (info->details.imm[0].value.ubyte >> 4) & 0x0F; + uint8_t value = (info->details.imm[0].value.u >> 4) & 0x0F; // We have to check the instruction-encoding, because the extension by bit [3] is only // valid for EVEX and MVEX instructions if ((info->encoding == ZYDIS_INSTRUCTION_ENCODING_EVEX) || @@ -998,7 +1004,7 @@ static uint8_t ZydisCalcRegisterId(ZydisDecoderContext* context, ZydisInstructio case ZYDIS_REGCLASS_XMM: case ZYDIS_REGCLASS_YMM: case ZYDIS_REGCLASS_ZMM: - value |= (((info->details.imm[0].value.ubyte >> 3) & 0x01) << 4); + value |= ((info->details.imm[0].value.u & 0x08) << 1); default: break; } @@ -1213,10 +1219,10 @@ static void ZydisSetOperandSizeAndElementInfo(ZydisDecoderContext* context, } break; case ZYDIS_OPERAND_TYPE_POINTER: - ZYDIS_ASSERT((info->details.imm[0].dataSize == 16) || - (info->details.imm[0].dataSize == 32)); - ZYDIS_ASSERT(info->details.imm[1].dataSize == 16); - operand->size = info->details.imm[0].dataSize + info->details.imm[1].dataSize; + ZYDIS_ASSERT((info->details.imm[0].size == 16) || + (info->details.imm[0].size == 32)); + ZYDIS_ASSERT( info->details.imm[1].size == 16); + operand->size = info->details.imm[0].size + info->details.imm[1].size; break; case ZYDIS_OPERAND_TYPE_IMMEDIATE: operand->size = definition->size[context->eoszIndex] * 8; @@ -1482,9 +1488,9 @@ static ZydisStatus ZydisDecodeOperandMemory(ZydisDecoderContext* context, } if (displacementSize) { - ZYDIS_ASSERT(info->details.disp.dataSize == displacementSize); + ZYDIS_ASSERT(info->details.disp.size == displacementSize); operand->mem.disp.hasDisplacement = ZYDIS_TRUE; - operand->mem.disp.value.sqword = info->details.disp.value.sqword; + operand->mem.disp.value = info->details.disp.value; } return ZYDIS_STATUS_SUCCESS; } @@ -1700,7 +1706,7 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru case ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1: info->operands[i].type = ZYDIS_OPERAND_TYPE_IMMEDIATE; info->operands[i].size = 8; - info->operands[i].imm.value.ubyte = 1; + info->operands[i].imm.value.u = 1; info->operands[i].imm.isSigned = ZYDIS_FALSE; info->operands[i].imm.isRelative = ZYDIS_FALSE; break; @@ -1838,12 +1844,12 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru ZydisDecodeOperandMemory(context, info, &info->operands[i], ZYDIS_REGCLASS_ZMM)); break; case ZYDIS_SEMANTIC_OPTYPE_PTR: - ZYDIS_ASSERT((info->details.imm[0].dataSize == 16) || - (info->details.imm[0].dataSize == 32)); - ZYDIS_ASSERT(info->details.imm[1].dataSize == 16); + ZYDIS_ASSERT((info->details.imm[0].size == 16) || + (info->details.imm[0].size == 32)); + ZYDIS_ASSERT( info->details.imm[1].size == 16); info->operands[i].type = ZYDIS_OPERAND_TYPE_POINTER; - info->operands[i].ptr.offset = info->details.imm[0].value.sdword; - info->operands[i].ptr.segment = info->details.imm[1].value.uword; + info->operands[i].ptr.offset = (uint32_t)info->details.imm[0].value.u; + info->operands[i].ptr.segment = (uint16_t)info->details.imm[1].value.u; break; case ZYDIS_SEMANTIC_OPTYPE_AGEN: info->operands[i].action = ZYDIS_OPERAND_ACTION_INVALID; @@ -1852,10 +1858,10 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru ZydisDecodeOperandMemory(context, info, &info->operands[i], ZYDIS_REGISTER_NONE)); break; case ZYDIS_SEMANTIC_OPTYPE_MOFFS: - ZYDIS_ASSERT(info->details.disp.dataSize); + ZYDIS_ASSERT(info->details.disp.size); info->operands[i].type = ZYDIS_OPERAND_TYPE_MEMORY; info->operands[i].mem.disp.hasDisplacement = ZYDIS_TRUE; - info->operands[i].mem.disp.value.sqword = info->details.disp.value.sqword; + info->operands[i].mem.disp.value = info->details.disp.value; break; default: break; @@ -1865,9 +1871,9 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru // Handle compressed 8-bit displacement if (((info->encoding == ZYDIS_INSTRUCTION_ENCODING_EVEX) || (info->encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX)) && - (info->details.disp.dataSize == 8)) + (info->details.disp.size == 8)) { - info->operands[i].mem.disp.value.sqword *= info->avx.compressedDisp8Scale; + info->operands[i].mem.disp.value *= info->avx.compressedDisp8Scale; } goto FinalizeOperand; @@ -1885,11 +1891,11 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru if (operand->op.encoding == ZYDIS_OPERAND_ENCODING_IS4) { // The upper half of the 8-bit immediate is used to encode a register specifier - ZYDIS_ASSERT(info->details.imm[immId].dataSize == 8); - info->operands[i].imm.value.ubyte = info->details.imm[immId].value.ubyte & 0x0F; + ZYDIS_ASSERT(info->details.imm[immId].size == 8); + info->operands[i].imm.value.u = (uint8_t)info->details.imm[immId].value.u & 0x0F; } else { - info->operands[i].imm.value.uqword = info->details.imm[immId].value.uqword; + info->operands[i].imm.value.u = info->details.imm[immId].value.u; } info->operands[i].imm.isSigned = info->details.imm[immId].isSigned; info->operands[i].imm.isRelative = info->details.imm[immId].isRelative; diff --git a/src/Formatter.c b/src/Formatter.c index 39284db..3c359a7 100644 --- a/src/Formatter.c +++ b/src/Formatter.c @@ -282,7 +282,7 @@ static ZydisStatus ZydisFormatterFormatOperandMemIntel(const ZydisInstructionFor if (operand->mem.base == ZYDIS_REGISTER_NONE) { // MOFFS8/16/32/64 - address = (uint64_t)operand->mem.disp.value.sqword; + address = (uint64_t)operand->mem.disp.value; } else { // EIP/RIP-relative @@ -367,13 +367,13 @@ static ZydisStatus ZydisFormatterFormatOperandImmIntel(const ZydisInstructionFor default: return ZYDIS_STATUS_INVALID_PARAMETER; } - if (printSignedHEX && (operand->imm.value.sqword < 0)) + if (printSignedHEX && (operand->imm.value.s < 0)) { return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX32, -operand->imm.value.sdword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX32, -(int32_t)operand->imm.value.s); } return ZydisStringBufferAppendFormat(buffer, bufferLen, ZYDIS_STRBUF_APPEND_MODE_DEFAULT, - "0x%02"PRIX32, operand->imm.value.sdword); + "0x%02"PRIX32, (int32_t)operand->imm.value.s); } // The immediate operand contains an actual ordinal value @@ -413,24 +413,24 @@ static ZydisStatus ZydisFormatterPrintDisplacementIntel(const ZydisInstructionFo return ZYDIS_STATUS_INVALID_PARAMETER; } - if (operand->mem.disp.hasDisplacement && ((operand->mem.disp.value.sqword) || + if (operand->mem.disp.hasDisplacement && ((operand->mem.disp.value) || ((operand->mem.base == ZYDIS_REGISTER_NONE) && (operand->mem.index == ZYDIS_REGISTER_NONE)))) { ZydisBool printSignedHEX = (formatter->displacementFormat != ZYDIS_FORMATTER_DISP_HEX_UNSIGNED); - if (printSignedHEX && (operand->mem.disp.value.sqword < 0) && ( + if (printSignedHEX && (operand->mem.disp.value < 0) && ( (operand->mem.base != ZYDIS_REGISTER_NONE) || (operand->mem.index != ZYDIS_REGISTER_NONE))) { return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX32, -operand->mem.disp.value.sdword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX32, -operand->mem.disp.value); } const char* sign = ((operand->mem.base == ZYDIS_REGISTER_NONE) && (operand->mem.index == ZYDIS_REGISTER_NONE)) ? "" : "+"; return ZydisStringBufferAppendFormat(buffer, bufferLen, ZYDIS_STRBUF_APPEND_MODE_DEFAULT, - "%s0x%02"PRIX32, sign, operand->mem.disp.value.sdword); + "%s0x%02"PRIX32, sign, operand->mem.disp.value); } return ZYDIS_STATUS_SUCCESS; } @@ -448,22 +448,22 @@ static ZydisStatus ZydisFormatterPrintImmediateIntel(const ZydisInstructionForma { printSignedHEX = operand->imm.isSigned; } - if (printSignedHEX && (operand->imm.value.sqword < 0)) + if (printSignedHEX && (operand->imm.value.s < 0)) { switch (operand->size) { case 8: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX8, -operand->imm.value.sbyte); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX8, -(int8_t)operand->imm.value.s); case 16: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX16, -operand->imm.value.sword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX16, -(int16_t)operand->imm.value.s); case 32: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX32, -operand->imm.value.sdword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX32, -(int32_t)operand->imm.value.s); case 64: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX64, -operand->imm.value.sqword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "-0x%02"PRIX64, -operand->imm.value.s); default: return ZYDIS_STATUS_INVALID_PARAMETER; } @@ -472,13 +472,13 @@ static ZydisStatus ZydisFormatterPrintImmediateIntel(const ZydisInstructionForma { case 16: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "0x%02"PRIX16, operand->imm.value.uword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "0x%02"PRIX16, (uint16_t)operand->imm.value.u); case 32: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "0x%02"PRIX32, operand->imm.value.udword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "0x%02"PRIX32, (uint32_t)operand->imm.value.u); case 64: return ZydisStringBufferAppendFormat(buffer, bufferLen, - ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "0x%02"PRIX64, operand->imm.value.uqword); + ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "0x%02"PRIX64, operand->imm.value.u); default: return ZYDIS_STATUS_INVALID_PARAMETER; } diff --git a/src/Utils.c b/src/Utils.c index 604786e..b2a930e 100644 --- a/src/Utils.c +++ b/src/Utils.c @@ -51,20 +51,19 @@ ZydisStatus ZydisUtilsCalcAbsoluteTargetAddress(const ZydisInstructionInfo* info } if (operand->mem.base == ZYDIS_REGISTER_EIP) { - *address = (uint64_t)((uint32_t)info->instrPointer + operand->mem.disp.value.sdword); + *address = (uint64_t)((uint32_t)info->instrPointer + (uint32_t)operand->mem.disp.value); return ZYDIS_STATUS_SUCCESS; } if (operand->mem.base == ZYDIS_REGISTER_RIP) { - *address = - (uint64_t)(info->instrPointer + operand->mem.disp.value.sqword); + *address = (uint64_t)(info->instrPointer + operand->mem.disp.value); return ZYDIS_STATUS_SUCCESS; } break; case ZYDIS_OPERAND_TYPE_IMMEDIATE: if (operand->imm.isSigned && operand->imm.isRelative) { - *address = (uint64_t)((int64_t)info->instrPointer + operand->imm.value.sqword); + *address = (uint64_t)((int64_t)info->instrPointer + operand->imm.value.s); switch (info->machineMode) { case 16: