mirror of https://github.com/x64dbg/zydis
Fixed examples and tools
This commit is contained in:
parent
66fe376f36
commit
d12059e043
|
@ -37,6 +37,7 @@
|
|||
#include <Zydis/Zydis.h>
|
||||
#include "FormatHelper.h"
|
||||
#include <stdlib.h>
|
||||
#include <time.h>
|
||||
|
||||
/* ============================================================================================== */
|
||||
/* Static data */
|
||||
|
@ -87,75 +88,78 @@ static const char* conditionCodeStrings[0x20] =
|
|||
|
||||
ZydisFormatterFormatFunc defaultPrintMnemonic;
|
||||
|
||||
static ZydisStatus ZydisFormatterPrintMnemonic(ZydisInstructionFormatter* formatter,
|
||||
char** buffer, size_t bufferLen, ZydisInstructionInfo* info)
|
||||
static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisInstructionFormatter* formatter,
|
||||
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction)
|
||||
{
|
||||
// We use the user-data field of the instruction-info to pass data to the
|
||||
// @c ZydisFormatterFormatOperandImm function.
|
||||
// In this case we are using a simple ordinal value, but you could pass a pointer to a
|
||||
// complex datatype as well.
|
||||
info->userData = (void*)1;
|
||||
instruction->userData = (void*)1;
|
||||
|
||||
// Rewrite the instruction-mnemonic for the given instructions
|
||||
if ((info->operandCount == 3) && (info->operands[2].type == ZYDIS_OPERAND_TYPE_IMMEDIATE))
|
||||
if (instruction->operands[instruction->operandCount - 1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE)
|
||||
{
|
||||
uint8_t conditionCode = info->operands[2].imm.value.ubyte;
|
||||
if (conditionCode < 0x08)
|
||||
{
|
||||
switch (info->mnemonic)
|
||||
uint8_t conditionCode =
|
||||
(uint8_t)instruction->operands[instruction->operandCount - 1].imm.value.u;
|
||||
switch (instruction->mnemonic)
|
||||
{
|
||||
case ZYDIS_MNEMONIC_CMPPS:
|
||||
if (conditionCode < 0x08)
|
||||
{
|
||||
return ZydisStringBufferAppendFormat(buffer, bufferLen,
|
||||
ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "cmp%sps",
|
||||
conditionCodeStrings[conditionCode]);
|
||||
}
|
||||
break;
|
||||
case ZYDIS_MNEMONIC_CMPPD:
|
||||
if (conditionCode < 0x08)
|
||||
{
|
||||
return ZydisStringBufferAppendFormat(buffer, bufferLen,
|
||||
ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "cmp%spd",
|
||||
conditionCodeStrings[conditionCode]);
|
||||
default:
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ((info->operandCount == 4) && (info->operands[3].type == ZYDIS_OPERAND_TYPE_IMMEDIATE))
|
||||
{
|
||||
uint8_t conditionCode = info->operands[3].imm.value.ubyte;
|
||||
case ZYDIS_MNEMONIC_VCMPPS:
|
||||
if (conditionCode < 0x20)
|
||||
{
|
||||
switch (info->mnemonic)
|
||||
{
|
||||
case ZYDIS_MNEMONIC_VCMPPS:
|
||||
return ZydisStringBufferAppendFormat(buffer, bufferLen,
|
||||
ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "vcmp%sps",
|
||||
conditionCodeStrings[conditionCode]);
|
||||
}
|
||||
break;
|
||||
case ZYDIS_MNEMONIC_VCMPPD:
|
||||
if (conditionCode < 0x20)
|
||||
{
|
||||
return ZydisStringBufferAppendFormat(buffer, bufferLen,
|
||||
ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "vcmp%spd",
|
||||
conditionCodeStrings[conditionCode]);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// We did not rewrite the instruction-mnemonic. Signal the @c ZydisFormatterFormatOperandImm
|
||||
// function not to omit the operand
|
||||
info->userData = (void*)0;
|
||||
instruction->userData = (void*)0;
|
||||
|
||||
// Default mnemonic printing
|
||||
return defaultPrintMnemonic(formatter, buffer, bufferLen, info);
|
||||
return defaultPrintMnemonic(formatter, buffer, bufferLen, instruction);
|
||||
}
|
||||
|
||||
/* ---------------------------------------------------------------------------------------------- */
|
||||
|
||||
ZydisFormatterFormatOperandFunc defaultFormatOperandImm;
|
||||
|
||||
static ZydisStatus ZydisFormatterFormatOperandImm(ZydisInstructionFormatter* formatter,
|
||||
char** buffer, size_t bufferLen, ZydisInstructionInfo* info, ZydisOperandInfo* operand)
|
||||
static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisInstructionFormatter* formatter,
|
||||
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
|
||||
ZydisDecodedOperand* operand)
|
||||
{
|
||||
// The @c ZydisFormatterFormatMnemonic sinals us to omit the immediate (condition-code)
|
||||
// operand, because it got replaced by the alias-mnemonic
|
||||
if ((uintptr_t)info->userData == 1)
|
||||
if ((uintptr_t)instruction->userData == 1)
|
||||
{
|
||||
// The formatter will automatically omit the operand, if the buffer remains unchanged
|
||||
// after the callback returns
|
||||
|
@ -163,7 +167,7 @@ static ZydisStatus ZydisFormatterFormatOperandImm(ZydisInstructionFormatter* for
|
|||
}
|
||||
|
||||
// Default immediate formatting
|
||||
return defaultFormatOperandImm(formatter, buffer, bufferLen, info, operand);
|
||||
return defaultFormatOperandImm(formatter, buffer, bufferLen, instruction, operand);
|
||||
}
|
||||
|
||||
/* ---------------------------------------------------------------------------------------------- */
|
||||
|
@ -192,16 +196,16 @@ void disassembleBuffer(ZydisInstructionDecoder* decoder, uint8_t* data, size_t l
|
|||
|
||||
uint64_t instructionPointer = 0x007FFFFFFF400000;
|
||||
|
||||
ZydisInstructionInfo info;
|
||||
ZydisDecodedInstruction instruction;
|
||||
char buffer[256];
|
||||
while (ZYDIS_SUCCESS(
|
||||
ZydisDecoderDecodeBuffer(decoder, data, length, instructionPointer, &info)))
|
||||
ZydisDecoderDecodeBuffer(decoder, data, length, instructionPointer, &instruction)))
|
||||
{
|
||||
data += info.length;
|
||||
length -= info.length;
|
||||
instructionPointer += info.length;
|
||||
printf("%016" PRIX64 " ", info.instrAddress);
|
||||
ZydisFormatterFormatInstruction(&formatter, &info, &buffer[0], sizeof(buffer));
|
||||
data += instruction.length;
|
||||
length -= instruction.length;
|
||||
instructionPointer += instruction.length;
|
||||
printf("%016" PRIX64 " ", instruction.instrAddress);
|
||||
ZydisFormatterFormatInstruction(&formatter, &instruction, &buffer[0], sizeof(buffer));
|
||||
printf(" %s\n", &buffer[0]);
|
||||
}
|
||||
}
|
||||
|
@ -223,13 +227,14 @@ int main()
|
|||
// vcmppd xmm1, xmm2, xmm3, 0x17
|
||||
0xC5, 0xE9, 0xC2, 0xCB, 0x17,
|
||||
|
||||
// vcmpps k2 {k7}, zmm2, dword ptr ds:[rax + rbx*4 + 0x100] {1to16}, 0x0F
|
||||
// vcmpps k2 {k7}, zmm2, zmmword ptr ds:[rax + rbx*4 + 0x100] {1to16}, 0x0F
|
||||
0x62, 0xF1, 0x6C, 0x5F, 0xC2, 0x54, 0x98, 0x40, 0x0F
|
||||
};
|
||||
|
||||
|
||||
ZydisInstructionDecoder decoder;
|
||||
ZydisDecoderInitInstructionDecoder(
|
||||
&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_INVALID);
|
||||
&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64);
|
||||
|
||||
disassembleBuffer(&decoder, &data[0], sizeof(data), ZYDIS_FALSE);
|
||||
puts("");
|
||||
|
|
|
@ -53,7 +53,7 @@ int main(int argc, char** argv)
|
|||
|
||||
ZydisInstructionDecoder decoder;
|
||||
if (!ZYDIS_SUCCESS(ZydisDecoderInitInstructionDecoder(
|
||||
&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_INVALID)))
|
||||
&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64)))
|
||||
{
|
||||
fputs("Failed to initialize decoder\n", stderr);
|
||||
return EXIT_FAILURE;
|
||||
|
@ -74,28 +74,22 @@ int main(int argc, char** argv)
|
|||
{
|
||||
numBytesRead = fread(readBuf, 1, sizeof(readBuf), file);
|
||||
|
||||
ZydisInstructionInfo info;
|
||||
ZydisDecodedInstruction instruction;
|
||||
ZydisStatus status;
|
||||
size_t readOffs = 0;
|
||||
while ((status = ZydisDecoderDecodeBuffer(
|
||||
&decoder,
|
||||
readBuf + readOffs,
|
||||
numBytesRead - readOffs,
|
||||
readOffs,
|
||||
&info
|
||||
)) != ZYDIS_STATUS_NO_MORE_DATA)
|
||||
while ((status = ZydisDecoderDecodeBuffer(&decoder, readBuf + readOffs,
|
||||
numBytesRead - readOffs, readOffs, &instruction)) != ZYDIS_STATUS_NO_MORE_DATA)
|
||||
{
|
||||
if (!ZYDIS_SUCCESS(status))
|
||||
{
|
||||
++readOffs;
|
||||
printf("db %02X\n", info.data[0]);
|
||||
printf("db %02X\n", instruction.data[0]);
|
||||
continue;
|
||||
}
|
||||
|
||||
char printBuffer[256];
|
||||
ZydisFormatterFormatInstruction(
|
||||
&formatter, &info, printBuffer, sizeof(printBuffer)
|
||||
);
|
||||
&formatter, &instruction, printBuffer, sizeof(printBuffer));
|
||||
puts(printBuffer);
|
||||
|
||||
// TODO: Remove
|
||||
|
@ -124,7 +118,7 @@ int main(int argc, char** argv)
|
|||
#endif
|
||||
// DEBUG CODE END
|
||||
|
||||
readOffs += info.length;
|
||||
readOffs += instruction.length;
|
||||
}
|
||||
|
||||
if (readOffs < sizeof(readBuf))
|
||||
|
|
|
@ -41,6 +41,7 @@
|
|||
|
||||
typedef struct ZydisFuzzControlBlock_ {
|
||||
ZydisMachineMode machineMode;
|
||||
ZydisAddressWidth addressWidth;
|
||||
ZydisDecodeGranularity granularity;
|
||||
ZydisFormatterStyle formatterStyle;
|
||||
ZydisFormatterFlags formatterFlags;
|
||||
|
@ -64,8 +65,7 @@ int main()
|
|||
|
||||
ZydisInstructionDecoder decoder;
|
||||
if (!ZYDIS_SUCCESS(ZydisDecoderInitInstructionDecoderEx(
|
||||
&decoder, controlBlock.machineMode,
|
||||
ZYDIS_ADDRESS_WIDTH_INVALID, controlBlock.granularity)))
|
||||
&decoder, controlBlock.machineMode, controlBlock.addressWidth, controlBlock.granularity)))
|
||||
{
|
||||
fputs("Failed to initialize decoder\n", stderr);
|
||||
return EXIT_FAILURE;
|
||||
|
@ -86,16 +86,11 @@ int main()
|
|||
{
|
||||
numBytesRead = fread(readBuf, 1, sizeof(readBuf), stdin);
|
||||
|
||||
ZydisInstructionInfo info;
|
||||
ZydisDecodedInstruction instruction;
|
||||
ZydisStatus status;
|
||||
size_t readOffs = 0;
|
||||
while ((status = ZydisDecoderDecodeBuffer(
|
||||
&decoder,
|
||||
readBuf + readOffs,
|
||||
numBytesRead - readOffs,
|
||||
readOffs,
|
||||
&info
|
||||
)) != ZYDIS_STATUS_NO_MORE_DATA)
|
||||
while ((status = ZydisDecoderDecodeBuffer(&decoder, readBuf + readOffs,
|
||||
numBytesRead - readOffs, readOffs, &instruction)) != ZYDIS_STATUS_NO_MORE_DATA)
|
||||
{
|
||||
if (!ZYDIS_SUCCESS(status))
|
||||
{
|
||||
|
@ -104,8 +99,9 @@ int main()
|
|||
}
|
||||
|
||||
char printBuffer[256];
|
||||
ZydisFormatterFormatInstruction(&formatter, &info, printBuffer, sizeof(printBuffer));
|
||||
readOffs += info.length;
|
||||
ZydisFormatterFormatInstruction(
|
||||
&formatter, &instruction, printBuffer, sizeof(printBuffer));
|
||||
readOffs += instruction.length;
|
||||
}
|
||||
|
||||
if (readOffs < sizeof(readBuf))
|
||||
|
|
Loading…
Reference in New Issue