x64dbg
/
zydis
mirror of https://github.com/x64dbg/zydis
1
0
Fork 0
Code Releases Activity

Merge branch 'develop' of https://github.com/zyantific/zyan-disassembler-engine into develop

This commit is contained in:
Joel Höner 2017-07-04 16:23:07 +02:00
parent a4355f4a96 b9cf56af4d
commit df9100fbd4
11 changed files with 781 additions and 460 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CMakeLists.txt
View File

@ -145,4 +145,9 @@ if (ZYDIS_BUILD_TOOLS)
target_link_libraries("ZydisFuzzIn" "Zydis")
set_target_properties("ZydisFuzzIn" PROPERTIES FOLDER "Tools")
target_compile_definitions("ZydisFuzzIn" PRIVATE "_CRT_SECURE_NO_WARNINGS")
add_executable("PerfTest" "tools/PerfTest.c")
target_link_libraries("PerfTest" "Zydis")
set_target_properties("PerfTest" PROPERTIES FOLDER "Tools")
target_compile_definitions("PerfTest" PRIVATE "_CRT_SECURE_NO_WARNINGS")
endif ()

35
README.md
View File

@ -37,29 +37,26 @@ int main()
0x88, 0xFC, 0xDA, 0x02, 0x00
};
ZydisMemoryInput input;
ZydisInputInitMemoryInput(&input, &data, sizeof(data));
ZydisDecoder decoder;
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64);
ZydisInstructionDecoder decoder;
ZydisDecoderInitInstructionDecoderEx(&decoder, ZYDIS_DISASSEMBLER_MODE_64BIT,
(ZydisCustomInput*)&input, ZYDIS_DECODER_FLAG_SKIP_DATA);
ZydisDecoderSetInstructionPointer(&decoder, 0x007FFFFFFF400000);
ZydisInstructionFormatter formatter;
ZydisFormatterInitInstructionFormatterEx(&formatter,
ZYDIS_FORMATTER_STYLE_INTEL, ZYDIS_FORMATTER_FLAG_ALWAYS_DISPLAY_MEMORY_SEGMENT);
ZydisFormatter formatter;
ZydisFormatterInitEx(&formatter, ZYDIS_FORMATTER_STYLE_INTEL,
ZYDIS_FMTFLAG_FORCE_SEGMENTS | ZYDIS_FMTFLAG_FORCE_OPERANDSIZE,
ZYDIS_FORMATTER_ADDR_ABSOLUTE, ZYDIS_FORMATTER_DISP_DEFAULT, ZYDIS_FORMATTER_IMM_DEFAULT);
ZydisInstructionInfo info;
uint64_t instructionPointer = 0x007FFFFFFF400000;
ZydisDecodedInstruction instruction;
char buffer[256];
while (ZYDIS_SUCCESS(ZydisDecoderDecodeNextInstruction(&decoder, &info)))
while (ZYDIS_SUCCESS(
ZydisDecoderDecodeBuffer(decoder, data, length, instructionPointer, &instruction)))
{
printf("%016llX ", info.instrAddress);
if (info.flags & ZYDIS_IFLAG_ERROR_MASK)
{
printf(" db %02x\n", info.data[0]);
continue;
}
ZydisFormatterFormatInstruction(&formatter, &info, &buffer[0], sizeof(buffer));
data += instruction.length;
length -= instruction.length;
instructionPointer += instruction.length;
printf("%016" PRIX64 " ", instruction.instrAddress);
ZydisFormatterFormatInstruction(&formatter, &instruction, &buffer[0], sizeof(buffer));
printf(" %s\n", &buffer[0]);
}
}

22
examples/FormatterHooks.c
View File

@ -26,9 +26,9 @@
/**
* @file
* @brief Demonstrates the hooking functionality of the @c ZydisInstructionFormatter class.
* @brief Demonstrates the hooking functionality of the @c ZydisFormatter class.
*
* This example demonstrates the hooking functionality of the @c ZydisInstructionFormatter class by
* This example demonstrates the hooking functionality of the @c ZydisFormatter class by
* rewriting the mnemonics of (V)CMPPS and (V)CMPPD to their corresponding alias-forms (based on
* the condition encoded in the immediate operand).
*/
@ -87,7 +87,7 @@ static const char* conditionCodeStrings[0x20] =
ZydisFormatterFormatFunc defaultPrintMnemonic;
static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction)
{
// We use the user-data field of the instruction-info to pass data to the
@ -152,7 +152,7 @@ static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisInstructionFormatter*
ZydisFormatterFormatOperandFunc defaultFormatOperandImm;
static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -175,11 +175,10 @@ static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisInstructionFormatte
/* Helper functions */
/* ============================================================================================== */
void disassembleBuffer(ZydisInstructionDecoder* decoder, uint8_t* data, size_t length,
ZydisBool installHooks)
void disassembleBuffer(ZydisDecoder* decoder, uint8_t* data, size_t length, ZydisBool installHooks)
{
ZydisInstructionFormatter formatter;
ZydisFormatterInitInstructionFormatterEx(&formatter, ZYDIS_FORMATTER_STYLE_INTEL,
ZydisFormatter formatter;
ZydisFormatterInitEx(&formatter, ZYDIS_FORMATTER_STYLE_INTEL,
ZYDIS_FMTFLAG_FORCE_SEGMENTS | ZYDIS_FMTFLAG_FORCE_OPERANDSIZE,
ZYDIS_FORMATTER_ADDR_ABSOLUTE, ZYDIS_FORMATTER_DISP_DEFAULT, ZYDIS_FORMATTER_IMM_DEFAULT);
@ -215,6 +214,7 @@ void disassembleBuffer(ZydisInstructionDecoder* decoder, uint8_t* data, size_t l
int main()
{
uint8_t data[] =
{
// cmpps xmm1, xmm4, 0x03
@ -227,10 +227,8 @@ int main()
0x62, 0xF1, 0x6C, 0x5F, 0xC2, 0x54, 0x98, 0x40, 0x0F
};
ZydisInstructionDecoder decoder;
ZydisDecoderInitInstructionDecoder(
&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64);
ZydisDecoder decoder;
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64);
disassembleBuffer(&decoder, &data[0], sizeof(data), ZYDIS_FALSE);
puts("");

45
include/Zydis/Decoder.h
View File

@ -46,27 +46,37 @@ extern "C" {
typedef uint32_t ZydisDecodeGranularity;
/**
* @brief Decoders modes defining how granular the instruction should be decoded.
* @brief Decoder modes defining how granular the instruction should be decoded.
*/
enum ZydisDecodeGranularities
{
ZYDIS_DECODE_GRANULARITY_DEFAULT,
/**
* @brief Minimal instruction decoding without semantic operand analysis.
* @brief Minimal instruction decoding without semantic analysis.
*
* This mode should be sufficient, if you plan to analyse code for pure relocation purposes,
* as it gives you access to the mnemonic, the instruction-length, displacements, immediates
* and the `ZYDIS_ATTRIB_IS_RELATIVE` attribute.
*
* Operands, most attributes and other specific information (like AVX info) are not
* accessible in this mode.
*/
ZYDIS_DECODE_GRANULARITY_MINIMAL,
/**
* @brief Full physical and semantical instruction-decoding.
*/
ZYDIS_DECODE_GRANULARITY_FULL
};
/**
* @brief Defines the @c ZydisInstructionDecoder datatype.
* @brief Defines the @c ZydisDecoder datatype.
*/
typedef struct ZydisInstructionDecoder_
typedef struct ZydisDecoder_
{
ZydisMachineMode machineMode;
ZydisAddressWidth addressWidth;
ZydisDecodeGranularity decodeGranularity;
} ZydisInstructionDecoder;
} ZydisDecoder;
/* ---------------------------------------------------------------------------------------------- */
@ -75,35 +85,34 @@ typedef struct ZydisInstructionDecoder_
/* ============================================================================================== */
/**
* @brief Initializes the given @c ZydisInstructionDecoder instance.
* @brief Initializes the given @c ZydisDecoder instance.
*
* @param decoder A pointer to the @c ZydisInstructionDecoder instance.
* @param machineMode The machine mode.
* @param addressWidth The address width.
* @param decoder A pointer to the @c ZydisDecoder instance.
* @param machineMode The machine mode.
* @param addressWidth The address width.
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisDecoderInitInstructionDecoder(ZydisInstructionDecoder* decoder,
ZydisMachineMode machineMode, ZydisAddressWidth addressWidth);
ZYDIS_EXPORT ZydisStatus ZydisDecoderInit(ZydisDecoder* decoder, ZydisMachineMode machineMode,
ZydisAddressWidth addressWidth);
/**
* @brief Initializes the given @c ZydisInstructionDecoder instance.
* @brief Initializes the given @c ZydisDecoder instance.
*
* @param decoder A pointer to the @c ZydisInstructionDecoder instance.
* @param decoder A pointer to the @c ZydisDecoder instance.
* @param machineMode The machine mode.
* @param addressWidth The address width.
* @param decodeGranularity The decode granularity.
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisDecoderInitInstructionDecoderEx(ZydisInstructionDecoder* decoder,
ZydisMachineMode machineMode, ZydisAddressWidth addressWidth,
ZydisDecodeGranularity decodeGranularity);
ZYDIS_EXPORT ZydisStatus ZydisDecoderInitEx(ZydisDecoder* decoder, ZydisMachineMode machineMode,
ZydisAddressWidth addressWidth, ZydisDecodeGranularity decodeGranularity);
/**
* @brief Decodes the instruction in the given input @c buffer.
*
* @param decoder A pointer to the @c ZydisInstructionDecoder instance.
* @param decoder A pointer to the @c ZydisDecoder instance.
* @param buffer A pointer to the input buffer.
* @param bufferLen The length of the input buffer.
* @param instructionPointer The instruction-pointer.
@ -112,7 +121,7 @@ ZYDIS_EXPORT ZydisStatus ZydisDecoderInitInstructionDecoderEx(ZydisInstructionDe
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisDecoderDecodeBuffer(const ZydisInstructionDecoder* decoder,
ZYDIS_EXPORT ZydisStatus ZydisDecoderDecodeBuffer(const ZydisDecoder* decoder,
const void* buffer, size_t bufferLen, uint64_t instructionPointer,
ZydisDecodedInstruction* instruction);

2
include/Zydis/DecoderTypes.h
View File

@ -1346,7 +1346,7 @@ typedef struct ZydisDecodedInstruction_
*/
uint8_t offset;
} imm[2];
} details;
} raw;
/**
* @brief This field is intended for custom data and may be freely set by the user.
*/

47
include/Zydis/Formatter.h
View File

@ -277,12 +277,12 @@ enum ZydisFormatterHookTypes
/* ---------------------------------------------------------------------------------------------- */
typedef struct ZydisInstructionFormatter_ ZydisInstructionFormatter;
typedef struct ZydisFormatter_ ZydisFormatter;
/**
* @brief Defines the @c ZydisFormatterNotifyFunc function pointer.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
*
* @return Returning a status code other than @c ZYDIS_STATUS_SUCCESS will immediately cause the
@ -291,13 +291,13 @@ typedef struct ZydisInstructionFormatter_ ZydisInstructionFormatter;
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_PRE and
* @c ZYDIS_FORMATTER_HOOK_POST hook-types.
*/
typedef ZydisStatus (*ZydisFormatterNotifyFunc)(const ZydisInstructionFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterNotifyFunc)(const ZydisFormatter* formatter,
ZydisDecodedInstruction* instruction);
/**
* @brief Defines the @c ZydisFormatterFormatFunc function pointer.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param buffer A pointer to the string-buffer.
* @param bufferLen The length of the string-buffer.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
@ -311,13 +311,13 @@ typedef ZydisStatus (*ZydisFormatterNotifyFunc)(const ZydisInstructionFormatter*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION,
* @c ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES and @c ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC hook-types.
*/
typedef ZydisStatus (*ZydisFormatterFormatFunc)(const ZydisInstructionFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterFormatFunc)(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction);
/**
* @brief Defines the @c ZydisFormatterFormatOperandFunc function pointer.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param buffer A pointer to the string-buffer.
* @param bufferLen The length of the string-buffer.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
@ -347,14 +347,14 @@ typedef ZydisStatus (*ZydisFormatterFormatFunc)(const ZydisInstructionFormatter*
* @c ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT and @c ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE
* hook-types.
*/
typedef ZydisStatus (*ZydisFormatterFormatOperandFunc)(const ZydisInstructionFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterFormatOperandFunc)(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand);
/**
* @brief Defines the @c ZydisFormatterFormatAddressFunc function pointer.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param buffer A pointer to the string-buffer.
* @param bufferLen The length of the string-buffer.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
@ -369,14 +369,14 @@ typedef ZydisStatus (*ZydisFormatterFormatOperandFunc)(const ZydisInstructionFor
*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS hook-type.
*/
typedef ZydisStatus (*ZydisFormatterFormatAddressFunc)(const ZydisInstructionFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterFormatAddressFunc)(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand, uint64_t address);
/**
* @brief Defines the @c ZydisInstructionFormatter struct.
* @brief Defines the @c ZydisFormatter struct.
*/
struct ZydisInstructionFormatter_
struct ZydisFormatter_
{
ZydisFormatterFlags flags;
ZydisFormatterAddressFormat addressFormat;
@ -409,20 +409,19 @@ struct ZydisInstructionFormatter_
/* ============================================================================================== */
/**
* @brief Initializes the given @c ZydisInstructionFormatter instance.
* @brief Initializes the given @c ZydisFormatter instance.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param style The formatter style.
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisFormatterInitInstructionFormatter(
ZydisInstructionFormatter* formatter, ZydisFormatterStyle style);
ZYDIS_EXPORT ZydisStatus ZydisFormatterInit(ZydisFormatter* formatter, ZydisFormatterStyle style);
/**
* @brief Initializes the given @c ZydisInstructionFormatter instance.
* @brief Initializes the given @c ZydisFormatter instance.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param style The formatter style.
* @param addressFormat The address format.
* @param displacementFormat The displacement format.
@ -430,34 +429,34 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterInitInstructionFormatter(
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisFormatterInitInstructionFormatterEx(
ZydisInstructionFormatter* formatter, ZydisFormatterStyle style, ZydisFormatterFlags flags,
ZydisFormatterAddressFormat addressFormat, ZydisFormatterDisplacementFormat displacementFormat,
ZYDIS_EXPORT ZydisStatus ZydisFormatterInitEx(ZydisFormatter* formatter, ZydisFormatterStyle style,
ZydisFormatterFlags flags, ZydisFormatterAddressFormat addressFormat,
ZydisFormatterDisplacementFormat displacementFormat,
ZydisFormatterImmediateFormat immmediateFormat);
/**
* @brief TODO:
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param hook The formatter hook-type.
* @param callback TODO: In Out
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisFormatterSetHook(ZydisInstructionFormatter* formatter,
ZYDIS_EXPORT ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter,
ZydisFormatterHookType hook, const void** callback);
/**
* @brief Formats the given instruction and writes it into the output buffer.
*
* @param formatter A pointer to the @c ZydisInstructionFormatter instance.
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param buffer A pointer to the output buffer.
* @param bufferLen The length of the output buffer.
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstruction(const ZydisInstructionFormatter* formatter,
ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* formatter,
ZydisDecodedInstruction* instruction, char* buffer, size_t bufferLen);
/* ============================================================================================== */

698
src/Decoder.c
View File

File diff suppressed because it is too large Load Diff

48
src/Formatter.c
View File

@ -181,7 +181,7 @@ static ZydisStatus ZydisStringBufferAppendFormat(char** buffer, size_t bufferLen
/* Intel style */
/* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisFormatterPrintPrefixesIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintPrefixesIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction)
{
if (!formatter || !buffer || !*buffer || (bufferLen <= 0) || !instruction)
@ -224,7 +224,7 @@ static ZydisStatus ZydisFormatterPrintPrefixesIntel(const ZydisInstructionFormat
return ZYDIS_STATUS_SUCCESS;
}
static ZydisStatus ZydisFormatterPrintMnemonicIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintMnemonicIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction)
{
if (!formatter || !buffer || !*buffer || (bufferLen <= 0) || !instruction)
@ -242,7 +242,7 @@ static ZydisStatus ZydisFormatterPrintMnemonicIntel(const ZydisInstructionFormat
/* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisFormatterFormatOperandRegIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterFormatOperandRegIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -259,7 +259,7 @@ static ZydisStatus ZydisFormatterFormatOperandRegIntel(const ZydisInstructionFor
return ZydisStringBufferAppend(buffer, bufferLen, ZYDIS_APPENDMODE, reg);
}
static ZydisStatus ZydisFormatterFormatOperandMemIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterFormatOperandMemIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -327,7 +327,7 @@ static ZydisStatus ZydisFormatterFormatOperandMemIntel(const ZydisInstructionFor
return ZydisStringBufferAppend(buffer, bufEnd - *buffer, ZYDIS_STRBUF_APPEND_MODE_DEFAULT, "]");
}
static ZydisStatus ZydisFormatterFormatOperandPtrIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterFormatOperandPtrIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -340,7 +340,7 @@ static ZydisStatus ZydisFormatterFormatOperandPtrIntel(const ZydisInstructionFor
"0x%04"PRIX16":0x%08"PRIX32, operand->ptr.segment, operand->ptr.offset);
}
static ZydisStatus ZydisFormatterFormatOperandImmIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterFormatOperandImmIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -386,7 +386,7 @@ static ZydisStatus ZydisFormatterFormatOperandImmIntel(const ZydisInstructionFor
/* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisFormatterPrintAddressIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintAddressIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand,
uint64_t address)
@ -410,7 +410,7 @@ static ZydisStatus ZydisFormatterPrintAddressIntel(const ZydisInstructionFormatt
}
}
static ZydisStatus ZydisFormatterPrintDisplacementIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintDisplacementIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -441,7 +441,7 @@ static ZydisStatus ZydisFormatterPrintDisplacementIntel(const ZydisInstructionFo
return ZYDIS_STATUS_SUCCESS;
}
static ZydisStatus ZydisFormatterPrintImmediateIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintImmediateIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -493,7 +493,7 @@ static ZydisStatus ZydisFormatterPrintImmediateIntel(const ZydisInstructionForma
/* ---------------------------------------------------------------------------------------------- */
static ZydisStatus ZydisFormatterPrintOperandSizeIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintOperandSizeIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -586,7 +586,7 @@ static ZydisStatus ZydisFormatterPrintOperandSizeIntel(const ZydisInstructionFor
return ZYDIS_STATUS_SUCCESS;
}
static ZydisStatus ZydisFormatterPrintSegmentIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintSegmentIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -625,7 +625,7 @@ static ZydisStatus ZydisFormatterPrintSegmentIntel(const ZydisInstructionFormatt
return ZYDIS_STATUS_SUCCESS;
}
static ZydisStatus ZydisFormatterPrintDecoratorIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterPrintDecoratorIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction,
ZydisDecodedOperand* operand)
{
@ -828,7 +828,7 @@ static ZydisStatus ZydisFormatterPrintDecoratorIntel(const ZydisInstructionForma
return ZYDIS_STATUS_SUCCESS;
}
static ZydisStatus ZydisFormatterFormatInstrIntel(const ZydisInstructionFormatter* formatter,
static ZydisStatus ZydisFormatterFormatInstrIntel(const ZydisFormatter* formatter,
char** buffer, size_t bufferLen, ZydisDecodedInstruction* instruction)
{
if (!formatter || !buffer || !*buffer || (bufferLen <= 0) || !instruction)
@ -916,16 +916,16 @@ static ZydisStatus ZydisFormatterFormatInstrIntel(const ZydisInstructionFormatte
/* Exported functions */
/* ---------------------------------------------------------------------------------------------- */
ZydisStatus ZydisFormatterInitInstructionFormatter(
ZydisInstructionFormatter* formatter, ZydisFormatterStyle style)
ZydisStatus ZydisFormatterInit(ZydisFormatter* formatter,
ZydisFormatterStyle style)
{
return ZydisFormatterInitInstructionFormatterEx(formatter, style, 0,
ZYDIS_FORMATTER_ADDR_DEFAULT, ZYDIS_FORMATTER_DISP_DEFAULT, ZYDIS_FORMATTER_IMM_DEFAULT);
return ZydisFormatterInitEx(formatter, style, 0, ZYDIS_FORMATTER_ADDR_DEFAULT,
ZYDIS_FORMATTER_DISP_DEFAULT, ZYDIS_FORMATTER_IMM_DEFAULT);
}
ZydisStatus ZydisFormatterInitInstructionFormatterEx(
ZydisInstructionFormatter* formatter, ZydisFormatterStyle style, ZydisFormatterFlags flags,
ZydisFormatterAddressFormat addressFormat, ZydisFormatterDisplacementFormat displacementFormat,
ZydisStatus ZydisFormatterInitEx(ZydisFormatter* formatter,
ZydisFormatterStyle style, ZydisFormatterFlags flags, ZydisFormatterAddressFormat addressFormat,
ZydisFormatterDisplacementFormat displacementFormat,
ZydisFormatterImmediateFormat immmediateFormat)
{
if (!formatter ||
@ -944,7 +944,7 @@ ZydisStatus ZydisFormatterInitInstructionFormatterEx(
return ZYDIS_STATUS_INVALID_PARAMETER;
}
memset(formatter, 0, sizeof(ZydisInstructionFormatter));
memset(formatter, 0, sizeof(ZydisFormatter));
formatter->flags = flags;
formatter->addressFormat = addressFormat;
formatter->displacementFormat = displacementFormat;
@ -974,8 +974,8 @@ ZydisStatus ZydisFormatterInitInstructionFormatterEx(
return ZYDIS_STATUS_SUCCESS;
}
ZydisStatus ZydisFormatterSetHook(ZydisInstructionFormatter* formatter,
ZydisFormatterHookType hook, const void** callback)
ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter, ZydisFormatterHookType hook,
const void** callback)
{
if (!formatter || !callback)
{
@ -1097,7 +1097,7 @@ ZydisStatus ZydisFormatterSetHook(ZydisInstructionFormatter* formatter,
return ZYDIS_STATUS_INVALID_PARAMETER;
}
ZydisStatus ZydisFormatterFormatInstruction(const ZydisInstructionFormatter* formatter,
ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* formatter,
ZydisDecodedInstruction* instruction, char* buffer, size_t bufferLen)
{
if (!formatter || !instruction || !buffer || (bufferLen == 0))

315
tools/PerfTest.c Normal file
View File

@ -0,0 +1,315 @@
/***************************************************************************************************
Zyan Disassembler Engine (Zydis)
Original Author : Florian Bernd
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
***************************************************************************************************/
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include <time.h>
#include <Zydis/Zydis.h>
#if defined(ZYDIS_WINDOWS)
# include <Windows.h>
#elif defined(ZYDIS_APPLE)
# include <mach/mach_time.h>
#elif defined(ZYDIS_LINUX)
# include <sys/time.h>
#else
# error "Unsupported platform detected"
#endif
/* ============================================================================================== */
/* Helper functions */
/* ============================================================================================== */
#if defined(ZYDIS_WINDOWS)
double CounterFreq = 0.0;
uint64_t CounterStart = 0;
void StartCounter()
{
LARGE_INTEGER li;
if (!QueryPerformanceFrequency(&li))
{
fputs("QueryPerformanceFrequency failed!\n", stderr);
}
CounterFreq = (double)li.QuadPart / 1000.0;
QueryPerformanceCounter(&li);
CounterStart = li.QuadPart;
}
double GetCounter()
{
LARGE_INTEGER li;
QueryPerformanceCounter(&li);
return (double)(li.QuadPart - CounterStart) / CounterFreq;
}
#elif defined(ZYDIS_APPLE)
// TODO:
#elif defined(ZYDIS_LINUX)
// TODO:
#endif
/* ============================================================================================== */
/* Internal functions */
/* ============================================================================================== */
void processBuffer(const char* buffer, size_t length, ZydisDecodeGranularity granularity,
ZydisBool format)
{
ZydisDecoder decoder;
if (!ZYDIS_SUCCESS(ZydisDecoderInitEx(&decoder,
ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64, granularity)))
{
fputs("Failed to initialize decoder\n", stderr);
exit(EXIT_FAILURE);
}
ZydisFormatter formatter;
if (format)
{
if (!ZYDIS_SUCCESS(ZydisFormatterInitEx(&formatter, ZYDIS_FORMATTER_STYLE_INTEL,
ZYDIS_FMTFLAG_FORCE_SEGMENTS | ZYDIS_FMTFLAG_FORCE_OPERANDSIZE,
ZYDIS_FORMATTER_ADDR_ABSOLUTE, ZYDIS_FORMATTER_DISP_DEFAULT,
ZYDIS_FORMATTER_IMM_DEFAULT)))
{
fputs("Failed to initialized instruction-formatter\n", stderr);
exit(EXIT_FAILURE);
}
}
size_t offset = 0;
ZydisStatus status;
ZydisDecodedInstruction instruction;
char formatBuffer[256];
while ((status = ZydisDecoderDecodeBuffer(&decoder, buffer + offset, length - offset, offset,
&instruction)) != ZYDIS_STATUS_NO_MORE_DATA)
{
ZYDIS_ASSERT(ZYDIS_SUCCESS(status));
if (!ZYDIS_SUCCESS(status))
{
puts("Unexpected decoding error");
exit(EXIT_FAILURE);
}
if (format)
{
ZydisFormatterFormatInstruction(
&formatter, &instruction, formatBuffer, sizeof(formatBuffer));
}
offset += instruction.length;
}
}
void testPerformance(const char* buffer, size_t length, ZydisDecodeGranularity granularity,
ZydisBool format)
{
StartCounter();
for (uint8_t j = 0; j < 100; ++j)
{
processBuffer(buffer, length, granularity, format);
}
printf("Granularity %d, Formatting %d: %8.2f msec\n", granularity, format, GetCounter());
}
void generateTestData(FILE* file, uint8_t encoding)
{
ZydisDecoder decoder;
if (!ZYDIS_SUCCESS(
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64)))
{
fputs("Failed to initialize decoder\n", stderr);
exit(EXIT_FAILURE);
}
uint8_t last = 0;
double size = 0;
ZydisDecodedInstruction instruction;
while (size < 1024 * 1024)
{
uint8_t data[ZYDIS_MAX_INSTRUCTION_LENGTH];
for (int i = 0; i < ZYDIS_MAX_INSTRUCTION_LENGTH; ++i)
{
data[i] = rand() % 256;
}
uint8_t offset = rand() % (ZYDIS_MAX_INSTRUCTION_LENGTH - 2);
switch (encoding)
{
case 0:
break;
case 1:
data[offset ] = 0x0F;
data[offset + 1] = 0x0F;
break;
case 2:
data[offset ] = 0x8F;
break;
case 3:
data[offset ] = 0xC4;
break;
case 4:
data[offset ] = 0xC5;
break;
case 5:
case 6:
data[offset ] = 0x62;
break;
default:
ZYDIS_UNREACHABLE;
}
if (ZYDIS_SUCCESS(ZydisDecoderDecodeBuffer(&decoder, data, sizeof(data), 0, &instruction)))
{
ZydisBool b = ZYDIS_FALSE;
switch (encoding)
{
case 0:
b = (instruction.encoding == ZYDIS_INSTRUCTION_ENCODING_DEFAULT);
break;
case 1:
b = (instruction.encoding == ZYDIS_INSTRUCTION_ENCODING_3DNOW);
break;
case 2:
b = (instruction.encoding == ZYDIS_INSTRUCTION_ENCODING_XOP);
break;
case 3:
case 4:
b = (instruction.encoding == ZYDIS_INSTRUCTION_ENCODING_VEX);
break;
case 5:
b = (instruction.encoding == ZYDIS_INSTRUCTION_ENCODING_EVEX);
break;
case 6:
b = (instruction.encoding == ZYDIS_INSTRUCTION_ENCODING_MVEX);
break;
default:
ZYDIS_UNREACHABLE;
}
if (b)
{
fwrite(&instruction.data[0], 1, instruction.length, file);
size += instruction.length;
double p = (size / (1024 * 1024) * 100);
if (last < (uint8_t)p)
{
last = (uint8_t)p;
printf("%3.0f%%\n", p);
}
}
}
}
}
/* ============================================================================================== */
/* Entry point */
/* ============================================================================================== */
int main(int argc, char** argv)
{
if (argc < 3 || (!strcmp(argv[1], "-test") && !strcmp(argv[1], "-generate")))
{
fputs("Usage: PerfTest -[test|generate] [directory]", stderr);
return EXIT_FAILURE;
}
ZydisBool generate = ZYDIS_FALSE;
if (!strcmp(argv[1], "-generate"))
{
generate = ZYDIS_TRUE;
}
const char* directory = argv[2];
static const struct
{
const char* encoding;
const char* filename;
} tests[7] =
{
{ "DEFAULT", "enc_default.dat" },
{ "3DNOW" , "enc_3dnow.dat" },
{ "XOP" , "enc_xop.dat" },
{ "VEX_C4" , "enc_vex_c4.dat" },
{ "VEX_C5" , "enc_vex_c5.dat" },
{ "EVEX" , "enc_evex.dat" },
{ "MVEX" , "enc_mvex.dat" }
};
if (generate)
{
time_t t;
srand((unsigned) time(&t));
}
for (uint8_t i = 0; i < ZYDIS_ARRAY_SIZE(tests); ++i)
{
FILE* file;
char buf[256];
strcpy(&buf[0], directory);
if (generate)
{
file = fopen(strcat(buf, tests[i].filename), "wb");
} else
{
file = fopen(strcat(buf, tests[i].filename), "rb");
}
if (!file)
{
fprintf(stderr, "Can not open file \"%s\": %s\n", &buf[0], strerror(errno));
continue;
}
if (generate)
{
printf("Generating %s ...\n", tests[i].encoding);
generateTestData(file, i);
} else
{
fseek(file, 0L, SEEK_END);
long length = ftell(file);
void* buffer = malloc(length);
rewind(file);
fread(buffer, 1, length, file);
printf("Testing %s ...\n", tests[i].encoding);
testPerformance(buffer, length, ZYDIS_DECODE_GRANULARITY_PHYSICAL, ZYDIS_FALSE);
testPerformance(buffer, length, ZYDIS_DECODE_GRANULARITY_SEMANTIC, ZYDIS_FALSE);
// testPerformance(buffer, length, ZYDIS_DECODE_GRANULARITY_SEMANTIC, ZYDIS_TRUE );
puts("");
free(buffer);
fclose(file);
}
}
getchar();
return 0;
}
/* ============================================================================================== */

12
tools/ZydisDisasm.c
View File

@ -51,17 +51,17 @@ int main(int argc, char** argv)
return EXIT_FAILURE;
}
ZydisInstructionDecoder decoder;
if (!ZYDIS_SUCCESS(ZydisDecoderInitInstructionDecoder(
&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64)))
ZydisDecoder decoder;
if (!ZYDIS_SUCCESS(
ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_ADDRESS_WIDTH_64)))
{
fputs("Failed to initialize decoder\n", stderr);
return EXIT_FAILURE;
}
ZydisInstructionFormatter formatter;
if (!ZYDIS_SUCCESS(ZydisFormatterInitInstructionFormatterEx(&formatter,
ZYDIS_FORMATTER_STYLE_INTEL, ZYDIS_FMTFLAG_FORCE_SEGMENTS | ZYDIS_FMTFLAG_FORCE_OPERANDSIZE,
ZydisFormatter formatter;
if (!ZYDIS_SUCCESS(ZydisFormatterInitEx(&formatter, ZYDIS_FORMATTER_STYLE_INTEL,
ZYDIS_FMTFLAG_FORCE_SEGMENTS | ZYDIS_FMTFLAG_FORCE_OPERANDSIZE,
ZYDIS_FORMATTER_ADDR_ABSOLUTE, ZYDIS_FORMATTER_DISP_DEFAULT, ZYDIS_FORMATTER_IMM_DEFAULT)))
{
fputs("Failed to initialized instruction-formatter\n", stderr);

12
tools/ZydisFuzzIn.c
View File

@ -63,17 +63,17 @@ int main()
return EXIT_FAILURE;
}
ZydisInstructionDecoder decoder;
if (!ZYDIS_SUCCESS(ZydisDecoderInitInstructionDecoderEx(
&decoder, controlBlock.machineMode, controlBlock.addressWidth, controlBlock.granularity)))
ZydisDecoder decoder;
if (!ZYDIS_SUCCESS(ZydisDecoderInitEx(&decoder, controlBlock.machineMode,
controlBlock.addressWidth, controlBlock.granularity)))
{
fputs("Failed to initialize decoder\n", stderr);
return EXIT_FAILURE;
}
ZydisInstructionFormatter formatter;
if (!ZYDIS_SUCCESS(ZydisFormatterInitInstructionFormatterEx(&formatter,
controlBlock.formatterStyle, controlBlock.formatterFlags, controlBlock.formatterAddrFormat,
ZydisFormatter formatter;
if (!ZYDIS_SUCCESS(ZydisFormatterInitEx(&formatter, controlBlock.formatterStyle,
controlBlock.formatterFlags, controlBlock.formatterAddrFormat,
controlBlock.formatterDispFormat, controlBlock.formatterImmFormat)))
{
fputs("failed to initialize instruction-formatter\n", stderr);