Fixed decoding of implicit "1" immediate (ROL, ROR, RCL, ...)

2017-06-20 22:44:37 +02:00 · 2017-06-20 22:44:37 +02:00 · d475231a63
parent 5112e61fd8
commit d475231a63
4 changed files with 12 additions and 6 deletions
--- a/include/Zydis/InstructionInfo.h
+++ b/include/Zydis/InstructionInfo.h
@ -121,7 +121,6 @@ enum ZydisOperandEncodings
    ZYDIS_OPERAND_ENCODING_DISP16_32_64,
    ZYDIS_OPERAND_ENCODING_DISP32_32_64,
    ZYDIS_OPERAND_ENCODING_DISP16_32_32,
    ZYDIS_OPERAND_ENCODING_UIMM_CONST1,
    ZYDIS_OPERAND_ENCODING_UIMM8,
    ZYDIS_OPERAND_ENCODING_UIMM16,
    ZYDIS_OPERAND_ENCODING_UIMM32,
--- a/include/Zydis/Internal/InstructionTable.h
+++ b/include/Zydis/Internal/InstructionTable.h
@ -175,6 +175,7 @@ enum ZydisSemanticOperandTypes
    ZYDIS_SEMANTIC_OPTYPE_UNUSED,
    ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_REG,
    ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_MEM,
    ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1,
    ZYDIS_SEMANTIC_OPTYPE_GPR8,
    ZYDIS_SEMANTIC_OPTYPE_GPR16,
    ZYDIS_SEMANTIC_OPTYPE_GPR32,
--- a/include/Zydis/Internal/OperandDefinitions.inc
+++ b/include/Zydis/Internal/OperandDefinitions.inc
@ -5313,13 +5313,13 @@ const ZydisOperandDefinition operandDefinitions[] =
    /*14BE*/ { ZYDIS_SEMANTIC_OPTYPE_MMX, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   8,   8,   8 }, ZYDIS_IELEMENT_TYPE_UINT16,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_REG } },
    /*14BF*/ { ZYDIS_SEMANTIC_OPTYPE_MMX, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READ, {   4,   4,   4 }, ZYDIS_IELEMENT_TYPE_UINT16,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
    /*14C0*/ { ZYDIS_SEMANTIC_OPTYPE_MEM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
-    /*14C1*/ { ZYDIS_SEMANTIC_OPTYPE_IMM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_UIMM_CONST1 } },
+    /*14C1*/ { ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1, ZYDIS_OPERAND_VISIBILITY_IMPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_NONE } },
    /*14C2*/ { ZYDIS_SEMANTIC_OPTYPE_GPR8, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   0,   0,   0 }, ZYDIS_IELEMENT_TYPE_INVALID,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
-    /*14C3*/ { ZYDIS_SEMANTIC_OPTYPE_IMM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_UIMM_CONST1 } },
+    /*14C3*/ { ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1, ZYDIS_OPERAND_VISIBILITY_IMPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_NONE } },
    /*14C4*/ { ZYDIS_SEMANTIC_OPTYPE_MEM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   2,   4,   8 }, ZYDIS_IELEMENT_TYPE_INT,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
-    /*14C5*/ { ZYDIS_SEMANTIC_OPTYPE_IMM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_UIMM_CONST1 } },
+    /*14C5*/ { ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1, ZYDIS_OPERAND_VISIBILITY_IMPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_NONE } },
    /*14C6*/ { ZYDIS_SEMANTIC_OPTYPE_GPR16_32_64, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   0,   0,   0 }, ZYDIS_IELEMENT_TYPE_INVALID,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
-    /*14C7*/ { ZYDIS_SEMANTIC_OPTYPE_IMM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_UIMM_CONST1 } },
+    /*14C7*/ { ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1, ZYDIS_OPERAND_VISIBILITY_IMPLICIT, ZYDIS_OPERAND_ACTION_READ, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_NONE } },
    /*14C8*/ { ZYDIS_SEMANTIC_OPTYPE_MEM, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   1,   1,   1 }, ZYDIS_IELEMENT_TYPE_UINT8,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
    /*14C9*/ { ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_REG, ZYDIS_OPERAND_VISIBILITY_IMPLICIT, ZYDIS_OPERAND_ACTION_READ, {   0,   0,   0 }, ZYDIS_IELEMENT_TYPE_INVALID,  { .reg = { ZYDIS_IMPLREG_TYPE_STATIC, { .reg = ZYDIS_REGISTER_CL } } } },
    /*14CA*/ { ZYDIS_SEMANTIC_OPTYPE_GPR8, ZYDIS_OPERAND_VISIBILITY_EXPLICIT, ZYDIS_OPERAND_ACTION_READWRITE, {   0,   0,   0 }, ZYDIS_IELEMENT_TYPE_INVALID,  { .encoding = ZYDIS_OPERAND_ENCODING_MODRM_RM } },
--- a/src/Decoder.c
+++ b/src/Decoder.c
@ -1464,6 +1464,13 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru
        case ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_MEM:
            ZydisDecodeOperandImplicitMemory(context, &info->operands[i], operand);
            break;
        case ZYDIS_SEMANTIC_OPTYPE_IMPLICIT_IMM1:
            info->operands[i].type = ZYDIS_OPERAND_TYPE_IMMEDIATE;
            info->operands[i].size = 8;
            info->operands[i].imm.value.ubyte = 1;
            info->operands[i].imm.isSigned = ZYDIS_FALSE;
            info->operands[i].imm.isRelative = ZYDIS_FALSE;
            break;
        default:
            break;
        }
@ -1760,7 +1767,6 @@ static ZydisStatus ZydisDecodeOperands(ZydisDecoderContext* context, ZydisInstru
        case ZYDIS_SEMANTIC_OPTYPE_IMM:
            ZYDIS_ASSERT((immId == 0) || (immId == 1));
            info->operands[i].type = ZYDIS_OPERAND_TYPE_IMMEDIATE;
            //ZYDIS_ASSERT(operand->size[context->eoszIndex]);
            info->operands[i].size = operand->size[context->eoszIndex] * 8;
            info->operands[i].imm.value.uqword = info->details.imm[immId].value.uqword;
            info->operands[i].imm.isSigned = info->details.imm[immId].isSigned;