x64dbg
/
zydis
mirror of https://github.com/x64dbg/zydis
1
0
Fork 0
Code Releases Activity

Refactored `ZydisFormatter` 

- Added `ZYDIS_FORMATTER_HOOK_PRE_OPERAND`, `ZYDIS_FORMATTER_HOOK_POST_OPERAND` and `ZYDIS_FORMATTER_HOOK_PRINT_REGISTER`
- Renamed `ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT` to `ZYDIS_FORMATTER_HOOK_PRINT_DISP`
- Renamed `ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE` to `ZYDIS_FORMATTER_HOOK_PRINT_IMM`
- Renamed `ZYDIS_FORMATTER_HOOK_PRINT_OPERANDSIZE` to `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE`
- Removed `ZYDIS_FORMATTER_HOOK_PRINT_SEGMENT`
- Renamed some enums and types
- Revised documentation
- Fixed examples and tools
This commit is contained in:
flobernd 2017-12-03 18:49:45 +01:00 committed by Joel Höner
parent e145402d2e
commit dff821402b
8 changed files with 620 additions and 551 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
examples/FormatterHooks.c
View File

@ -133,7 +133,7 @@ typedef struct ZydisCustomUserData_
/* Hook callbacks */
/* ============================================================================================== */
ZydisFormatterFormatFunc defaultPrintMnemonic;
ZydisFormatterFunc defaultPrintMnemonic;
static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, ZydisCustomUserData* userData)
@ -191,7 +191,7 @@ static ZydisStatus ZydisFormatterPrintMnemonic(const ZydisFormatter* formatter,
/* ---------------------------------------------------------------------------------------------- */
ZydisFormatterFormatOperandFunc defaultFormatOperandImm;
ZydisFormatterOperandFunc defaultFormatOperandImm;
static ZydisStatus ZydisFormatterFormatOperandImm(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction,
@ -220,15 +220,15 @@ void disassembleBuffer(ZydisDecoder* decoder, uint8_t* data, size_t length, Zydi
{
ZydisFormatter formatter;
ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL);
ZydisFormatterSetProperty(&formatter, ZYDIS_FORMATTER_PROP_FORCE_SEGMENTS, ZYDIS_TRUE);
ZydisFormatterSetProperty(&formatter, ZYDIS_FORMATTER_PROP_FORCE_OPERANDSIZE, ZYDIS_TRUE);
ZydisFormatterSetProperty(&formatter, ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE);
ZydisFormatterSetProperty(&formatter, ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE);
if (installHooks)
{
defaultPrintMnemonic = (ZydisFormatterFormatFunc)&ZydisFormatterPrintMnemonic;
defaultPrintMnemonic = (ZydisFormatterFunc)&ZydisFormatterPrintMnemonic;
ZydisFormatterSetHook(&formatter, ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC,
(const void**)&defaultPrintMnemonic);
defaultFormatOperandImm = (ZydisFormatterFormatOperandFunc)&ZydisFormatterFormatOperandImm;
defaultFormatOperandImm = (ZydisFormatterOperandFunc)&ZydisFormatterFormatOperandImm;
ZydisFormatterSetHook(&formatter, ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM,
(const void**)&defaultFormatOperandImm);
}

4
examples/ZydisPerfTest.c
View File

@ -174,9 +174,9 @@ uint64_t processBuffer(const char* buffer, size_t length, ZydisBool minimalMode,
{
if (!ZYDIS_SUCCESS(ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_SEGMENTS, ZYDIS_TRUE)) ||
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_OPERANDSIZE, ZYDIS_TRUE)))
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE)))
{
fputs("Failed to initialize instruction-formatter\n", stderr);
exit(EXIT_FAILURE);

375
include/Zydis/Formatter.h
View File

@ -50,7 +50,7 @@ extern "C" {
/* ---------------------------------------------------------------------------------------------- */
/**
* @brief Defines the @c ZydisFormatterStyle datatype.
* @brief Defines the `ZydisFormatterStyle` datatype.
*/
typedef ZydisU8 ZydisFormatterStyle;
@ -75,7 +75,7 @@ enum ZydisFormatterStyles
/* ---------------------------------------------------------------------------------------------- */
/**
* @brief Defines the @c ZydisFormatterProperty datatype.
* @brief Defines the `ZydisFormatterProperty` datatype.
*/
typedef ZydisU8 ZydisFormatterProperty;
@ -100,16 +100,16 @@ enum ZydisFormatterProperties
*
* The default value is `ZYDIS_FALSE`.
*/
ZYDIS_FORMATTER_PROP_FORCE_SEGMENTS,
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG,
/**
* @brief Controls the printing of operand-sizes.
* @brief Controls the printing of memory-operand sizes.
*
* Pass `ZYDIS_TRUE` as value to force the formatter to always print the size of memory-operands
* or `ZYDIS_FALSE` to only print it on demand.
*
* The default value is `ZYDIS_FALSE`.
*/
ZYDIS_FORMATTER_PROP_FORCE_OPERANDSIZE,
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE,
/**
* @brief Controls the format of addresses.
@ -141,7 +141,7 @@ enum ZydisFormatterProperties
/**
* @brief Sets the prefix for hexadecimal values.
*
* The default value is `0x`.
* The default value is `"0x"`.
*/
ZYDIS_FORMATTER_PROP_HEX_PREFIX,
/**
@ -176,7 +176,7 @@ enum ZydisFormatterProperties
};
/* ---------------------------------------------------------------------------------------------- */
/* Address format constants */
/* Address format */
/* ---------------------------------------------------------------------------------------------- */
/**
@ -194,25 +194,23 @@ enum ZydisAddressFormat
/**
* @brief Uses signed hexadecimal values to display relative addresses.
*
* Using this value will cause the formatter to invoke either
* `ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT` or `ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE` to
* format addresses.
* Using this value will cause the formatter to either invoke
* `ZYDIS_FORMATTER_HOOK_PRINT_DISP` or `ZYDIS_FORMATTER_HOOK_PRINT_IMM` to format addresses.
*
* Examples:
* "JMP 0x20"
* "JMP -0x20"
* - `"JMP 0x20"`
* - `"JMP -0x20"`
*/
ZYDIS_ADDR_FORMAT_RELATIVE_SIGNED,
/**
* @brief Uses unsigned hexadecimal values to display relative addresses.
*
* Using this value will cause the formatter to invoke either
* `ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT` or `ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE` to
* format addresses.
* Using this value will cause the formatter to either invoke
* `ZYDIS_FORMATTER_HOOK_PRINT_DISP` or `ZYDIS_FORMATTER_HOOK_PRINT_IMM` to format addresses.
*
* Examples:
* "JMP 0x20"
* "JMP 0xE0"
* - `"JMP 0x20"`
* - `"JMP 0xE0"`
*/
ZYDIS_ADDR_FORMAT_RELATIVE_UNSIGNED,
@ -223,7 +221,7 @@ enum ZydisAddressFormat
};
/* ---------------------------------------------------------------------------------------------- */
/* Displacement formats */
/* Displacement format */
/* ---------------------------------------------------------------------------------------------- */
/**
@ -235,16 +233,16 @@ enum ZydisDisplacementFormat
* @brief Formats displacements as signed hexadecimal values.
*
* Examples:
* "MOV EAX, DWORD PTR SS:[ESP+0x400]"
* "MOV EAX, DWORD PTR SS:[ESP-0x400]"
* - `"MOV EAX, DWORD PTR SS:[ESP+0x400]"`
* - `"MOV EAX, DWORD PTR SS:[ESP-0x400]"`
*/
ZYDIS_DISP_FORMAT_HEX_SIGNED,
/**
* @brief Formats displacements as unsigned hexadecimal values.
*
* Examples:
* "MOV EAX, DWORD PTR SS:[ESP+0x400]"
* "MOV EAX, DWORD PTR SS:[ESP+0xFFFFFC00]"
* - `"MOV EAX, DWORD PTR SS:[ESP+0x400]"`
* - `"MOV EAX, DWORD PTR SS:[ESP+0xFFFFFC00]"`
*/
ZYDIS_DISP_FORMAT_HEX_UNSIGNED,
@ -255,7 +253,7 @@ enum ZydisDisplacementFormat
};
/* ---------------------------------------------------------------------------------------------- */
/* Immediate formats */
/* Immediate format */
/* ---------------------------------------------------------------------------------------------- */
/**
@ -265,23 +263,23 @@ enum ZydisImmediateFormat
{
/**
* @brief Automatically chooses the most suitable formatting-mode based on the operands
* @c ZydisOperandInfo.imm.isSigned attribute.
* `ZydisOperandInfo.imm.isSigned` attribute.
*/
ZYDIS_IMM_FORMAT_HEX_AUTO,
/**
* @brief Formats immediates as signed hexadecimal values.
*
* Examples:
* "MOV EAX, 0x400"
* "MOV EAX, -0x400"
* - `"MOV EAX, 0x400"`
* - `"MOV EAX, -0x400"`
*/
ZYDIS_IMM_FORMAT_HEX_SIGNED,
/**
* @brief Formats immediates as unsigned hexadecimal values.
*
* Examples:
* "MOV EAX, 0x400"
* "MOV EAX, 0xFFFFFC00"
* - `"MOV EAX, 0x400"`
* - `"MOV EAX, 0xFFFFFC00"`
*/
ZYDIS_IMM_FORMAT_HEX_UNSIGNED,
@ -296,7 +294,7 @@ enum ZydisImmediateFormat
/* ---------------------------------------------------------------------------------------------- */
/**
* @brief Defines the @c ZydisFormatterHookType datatype.
* @brief Defines the `ZydisFormatterHookType` datatype.
*/
typedef ZydisU8 ZydisFormatterHookType;
@ -306,90 +304,98 @@ typedef ZydisU8 ZydisFormatterHookType;
enum ZydisFormatterHookTypes
{
/**
* @brief This function is called before the formatter starts formatting an instruction.
* @brief This function is invoked before the formatter formats an instruction.
*/
ZYDIS_FORMATTER_HOOK_PRE,
ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION,
/**
* @brief This function is called before the formatter finished formatting an instruction.
* @brief This function is invoked before the formatter formatted an instruction.
*/
ZYDIS_FORMATTER_HOOK_POST,
ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION,
/**
* @brief This function refers to the main formatting function, that internally calls all
* other function except the ones that are hooked by @c ZYDIS_FORMATTER_HOOK_PRE and
* @c ZYDIS_FORMATTER_HOOK_POST.
* @brief This function is invoked before the formatter formats an operand.
*/
ZYDIS_FORMATTER_HOOK_PRE_OPERAND,
/**
* @brief This function is invoked before the formatter formatted an operand.
*/
ZYDIS_FORMATTER_HOOK_POST_OPERAND,
/**
* @brief This function refers to the main formatting function.
*
* Replacing this function allows for complete custom formatting, but indirectly disables all
* other hooks except for @c ZYDIS_FORMATTER_HOOK_PRE and @c ZYDIS_FORMATTER_HOOK_POST.
* other hooks except for `ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION` and
* `ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION`.
*/
ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION,
/**
* @brief This function is called to print the instruction prefixes.
*/
ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES,
/**
* @brief This function is called to print the instruction mnemonic.
*/
ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC,
/**
* @brief This function is called to format an register operand.
* @brief This function is invoked to format a register operand.
*/
ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_REG,
/**
* @brief This function is called to format an memory operand.
* @brief This function is invoked to format a memory operand.
*
* Replacing this function might indirectly disable some specific calls to the
* @c ZYDIS_FORMATTER_PRINT_ADDRESS and @c ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT functions.
* `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` and `ZYDIS_FORMATTER_HOOK_PRINT_DISP` functions.
*/
ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM,
/**
* @brief This function is called to format an pointer operand.
* @brief This function is invoked to format a pointer operand.
*/
ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_PTR,
/**
* @brief This function is called to format an immediate operand.
* @brief This function is invoked to format an immediate operand.
*
* Replacing this function might indirectly disable some specific calls to the
* @c ZYDIS_FORMATTER_PRINT_ADDRESS and @c ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE functions.
* `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS` and `ZYDIS_FORMATTER_HOOK_PRINT_IMM` functions.
*/
ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM,
/**
* @brief This function is called right before formatting an memory operand to print the
* optional size-specifier.
* @brief This function is invoked to print the instruction mnemonic.
*/
ZYDIS_FORMATTER_HOOK_PRINT_OPERANDSIZE,
ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC,
/**
* @brief This function is called right before formatting an memory operand to print the
* optional segment-register.
* @brief This function is invoked to print a register.
*/
ZYDIS_FORMATTER_HOOK_PRINT_SEGMENT,
ZYDIS_FORMATTER_HOOK_PRINT_REGISTER,
/**
* @brief This function is called right after formatting an operand to print the optional
* EVEX/MVEX operand-decorator.
*/
ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR,
/**
* @brief This function is called to print an absolute address.
* @brief This function is invoked to print an absolute address.
*/
ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS,
/**
* @brief This function is called to print a memory displacement value.
* @brief This function is invoked to print a memory displacement value.
*/
ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT,
ZYDIS_FORMATTER_HOOK_PRINT_DISP,
/**
* @brief This function is called to print an immediate value.
* @brief This function is invoked to print an immediate value.
*/
ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE,
ZYDIS_FORMATTER_HOOK_PRINT_IMM,
/**
* @brief This function is invoked to print the size of a memory operand.
*/
ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE,
/**
* @brief This function is invoked to print the instruction prefixes.
*/
ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES,
/**
* @brief This function is invoked after formatting an operand to print a `EVEX`/`MVEX`
* decorator.
*/
ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR,
/**
* @brief Maximum value of this enum.
*/
ZYDIS_FORMATTER_HOOK_MAX_VALUE = ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE
ZYDIS_FORMATTER_HOOK_MAX_VALUE = ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR
};
/* ---------------------------------------------------------------------------------------------- */
/**
* @brief Defines the @c ZydisDecoratorType datatype.
* @brief Defines the `ZydisDecoratorType` datatype.
*/
typedef ZydisU8 ZydisDecoratorType;
@ -399,18 +405,39 @@ typedef ZydisU8 ZydisDecoratorType;
enum ZydisDecoratorTypes
{
ZYDIS_DECORATOR_TYPE_INVALID,
/**
* @brief The embedded-mask decorator.
*/
ZYDIS_DECORATOR_TYPE_MASK,
ZYDIS_DECORATOR_TYPE_BROADCAST,
ZYDIS_DECORATOR_TYPE_ROUNDING_CONTROL,
/**
* @brief The broadcast decorator.
*/
ZYDIS_DECORATOR_TYPE_BC,
/**
* @brief The rounding-control decorator.
*/
ZYDIS_DECORATOR_TYPE_RC,
/**
* @brief The suppress-all-exceptions decorator.
*/
ZYDIS_DECORATOR_TYPE_SAE,
/**
* @brief The register-swizzle decorator.
*/
ZYDIS_DECORATOR_TYPE_SWIZZLE,
/**
* @brief The conversion decorator.
*/
ZYDIS_DECORATOR_TYPE_CONVERSION,
ZYDIS_DECORATOR_TYPE_EVICTION_HINT,
/**
* @brief The eviction-hint decorator.
*/
ZYDIS_DECORATOR_TYPE_EH,
/**
* @brief Maximum value of this enum.
*/
ZYDIS_DECORATOR_TYPE_MAX_VALUE = ZYDIS_DECORATOR_TYPE_EVICTION_HINT
ZYDIS_DECORATOR_TYPE_MAX_VALUE = ZYDIS_DECORATOR_TYPE_EH
};
/* ---------------------------------------------------------------------------------------------- */
@ -418,108 +445,128 @@ enum ZydisDecoratorTypes
typedef struct ZydisFormatter_ ZydisFormatter;
/**
* @brief Defines the @c ZydisFormatterNotifyFunc function pointer.
* @brief Defines the `ZydisFormatterFunc` function pointer.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param string A pointer to the string.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param userData A pointer to user-defined data.
*
* @return Returning a status code other than @c ZYDIS_STATUS_SUCCESS will immediately cause the
* formatting process to fail.
* @return A zydis status code.
*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_PRE and
* @c ZYDIS_FORMATTER_HOOK_POST hook-types.
* Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the formatting
* process to fail.
*
* Returning `ZYDIS_STATUS_SUCCESS` in `ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES` without writing to
* the string is valid and signals that the corresponding element should not be printed.
*
* This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRE_INSTRUCTION`
* - `ZYDIS_FORMATTER_HOOK_POST_INSTRUCTION`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION`
* - `ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC`
* - `ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES`
*/
typedef ZydisStatus (*ZydisFormatterNotifyFunc)(const ZydisFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, void* userData);
/**
* @brief Defines the @c ZydisFormatterFormatFunc function pointer.
* @brief Defines the `ZydisFormatterOperandFunc` function pointer.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param string A pointer to the string.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param userData A pointer to user-defined data.
*
* @return Returning a status code other than @c ZYDIS_STATUS_SUCCESS will immediately cause the
* formatting process to fail.
* @return A zydis status code.
*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_FORMAT_INSTRUCTION,
* @c ZYDIS_FORMATTER_HOOK_PRINT_PREFIXES and @c ZYDIS_FORMATTER_HOOK_PRINT_MNEMONIC hook-types.
*/
typedef ZydisStatus (*ZydisFormatterFormatFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction, void* userData);
/**
* @brief Defines the @c ZydisFormatterFormatOperandFunc function pointer.
* Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the formatting
* process to fail.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param string A pointer to the string.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param operand A pointer to the @c ZydisDecodedOperand struct.
* @param userData A pointer to user-defined data.
*
* @return Returning a status code other than @c ZYDIS_STATUS_SUCCESS will immediately cause the
* formatting process to fail.
*
* Returning @c ZYDIS_STATUS_SUCCESS in one of the @c ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_X hooks
* Returning `ZYDIS_STATUS_SUCCESS` in one of the `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_X` hooks
* without writing to the string is valid and will cause the formatter to omit the current
* operand.
*
* Returning @c ZYDIS_STATUS_SUCCESS in @c ZYDIS_FORMATTER_HOOK_PRINT_OPERANDSIZE,
* @c ZYDIS_FORMATTER_HOOK_PRINT_SEGMENT or @c ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR without
* writing to the string is valid and signals that the corresponding element should not be
* printed for the current operand.
* Returning `ZYDIS_STATUS_SUCCESS` in `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE` or
* `ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR` without writing to the string is valid and signals that
* the corresponding element should not be printed for the current operand.
*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_REG,
* @c ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM, @c ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_PTR,
* @c ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM, @c ZYDIS_FORMATTER_HOOK_PRINT_OPERANDSIZE,
* @c ZYDIS_FORMATTER_HOOK_PRINT_SEGMENT, @c ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR,
* @c ZYDIS_FORMATTER_HOOK_PRINT_DISPLACEMENT and @c ZYDIS_FORMATTER_HOOK_PRINT_IMMEDIATE
* hook-types.
* This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRE_OPERAND`
* - `ZYDIS_FORMATTER_HOOK_POST_OPERAND`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_REG`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_MEM`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_PTR`
* - `ZYDIS_FORMATTER_HOOK_FORMAT_OPERAND_IMM`
* - `ZYDIS_FORMATTER_HOOK_PRINT_DISP`
* - `ZYDIS_FORMATTER_HOOK_PRINT_IMM`
* - `ZYDIS_FORMATTER_HOOK_PRINT_MEMSIZE`
*/
typedef ZydisStatus (*ZydisFormatterFormatOperandFunc)(const ZydisFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterOperandFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, void* userData);
/**
* @brief Defines the @c ZydisFormatterFormatAddressFunc function pointer.
* @brief Defines the `ZydisFormatterRegisterFunc` function pointer.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param string A pointer to the string.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param operand A pointer to the @c ZydisDecodedOperand struct.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param reg The register.
* @param userData A pointer to user-defined data.
*
* @return Returning a status code other than @c ZYDIS_STATUS_SUCCESS will immediately cause the
* @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the
* formatting process to fail.
*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS hook-type.
* This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRINT_REGISTER`.
*/
typedef ZydisStatus (*ZydisFormatterFormatAddressFunc)(const ZydisFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterRegisterFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisRegister reg, void* userData);
/**
* @brief Defines the `ZydisFormatterAddressFunc` function pointer.
*
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param string A pointer to the string.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param address The address.
* @param userData A pointer to user-defined data.
*
* @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the
* formatting process to fail.
*
* This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRINT_ADDRESS`
*/
typedef ZydisStatus (*ZydisFormatterAddressFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisU64 address, void* userData);
/**
* @brief Defines the @c ZydisFormatterFormatDecoratorFunc function pointer.
* @brief Defines the `ZydisFormatterDecoratorFunc` function pointer.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param string A pointer to the string.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param operand A pointer to the @c ZydisDecodedOperand struct.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param operand A pointer to the `ZydisDecodedOperand` struct.
* @param type The decorator type.
* @param userData A pointer to user-defined data.
*
* @return Returning a status code other than @c ZYDIS_STATUS_SUCCESS will immediately cause the
* @return Returning a status code other than `ZYDIS_STATUS_SUCCESS` will immediately cause the
* formatting process to fail.
*
* Returning @c ZYDIS_STATUS_SUCCESS without writing to the string is valid and will cause the
* Returning `ZYDIS_STATUS_SUCCESS` without writing to the string is valid and will cause the
* formatter to omit the current decorator.
*
* This function type is used for the @c ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR hook-type.
* This function type is used for:
* - `ZYDIS_FORMATTER_HOOK_PRINT_DECORATOR`
*/
typedef ZydisStatus (*ZydisFormatterFormatDecoratorFunc)(const ZydisFormatter* formatter,
typedef ZydisStatus (*ZydisFormatterDecoratorFunc)(const ZydisFormatter* formatter,
ZydisString* string, const ZydisDecodedInstruction* instruction,
const ZydisDecodedOperand* operand, ZydisDecoratorType type, void* userData);
@ -528,39 +575,41 @@ typedef ZydisStatus (*ZydisFormatterFormatDecoratorFunc)(const ZydisFormatter* f
/* ---------------------------------------------------------------------------------------------- */
/**
* @brief Defines the @c ZydisFormatter struct.
* @brief Defines the `ZydisFormatter` struct.
*/
struct ZydisFormatter_
{
ZydisU8 letterCase;
ZydisBool forceSegments;
ZydisBool forceOperandSize;
ZydisU8 addressFormat;
ZydisU8 displacementFormat;
ZydisU8 immediateFormat;
ZydisLetterCase letterCase;
ZydisBool forceMemorySegment;
ZydisBool forceMemorySize;
ZydisU8 formatAddress;
ZydisU8 formatDisp;
ZydisU8 formatImm;
ZydisBool hexUppercase;
ZydisString* hexPrefix;
ZydisString hexPrefixData;
ZydisString* hexSuffix;
ZydisString hexSuffixData;
ZydisU8 hexPaddingAddress;
ZydisU8 hexPaddingDisplacement;
ZydisU8 hexPaddingImmediate;
ZydisFormatterNotifyFunc funcPre;
ZydisFormatterNotifyFunc funcPost;
ZydisFormatterFormatFunc funcFormatInstruction;
ZydisFormatterFormatFunc funcPrintPrefixes;
ZydisFormatterFormatFunc funcPrintMnemonic;
ZydisFormatterFormatOperandFunc funcFormatOperandReg;
ZydisFormatterFormatOperandFunc funcFormatOperandMem;
ZydisFormatterFormatOperandFunc funcFormatOperandPtr;
ZydisFormatterFormatOperandFunc funcFormatOperandImm;
ZydisFormatterFormatOperandFunc funcPrintOperandSize;
ZydisFormatterFormatOperandFunc funcPrintSegment;
ZydisFormatterFormatDecoratorFunc funcPrintDecorator;
ZydisFormatterFormatAddressFunc funcPrintAddress;
ZydisFormatterFormatOperandFunc funcPrintDisplacement;
ZydisFormatterFormatOperandFunc funcPrintImmediate;
ZydisU8 hexPaddingDisp;
ZydisU8 hexPaddingImm;
ZydisFormatterFunc funcPreInstruction;
ZydisFormatterFunc funcPostInstruction;
ZydisFormatterOperandFunc funcPreOperand;
ZydisFormatterOperandFunc funcPostOperand;
ZydisFormatterFunc funcFormatInstruction;
ZydisFormatterOperandFunc funcFormatOperandReg;
ZydisFormatterOperandFunc funcFormatOperandMem;
ZydisFormatterOperandFunc funcFormatOperandPtr;
ZydisFormatterOperandFunc funcFormatOperandImm;
ZydisFormatterFunc funcPrintMnemonic;
ZydisFormatterRegisterFunc funcPrintRegister;
ZydisFormatterAddressFunc funcPrintAddress;
ZydisFormatterOperandFunc funcPrintDisp;
ZydisFormatterOperandFunc funcPrintImm;
ZydisFormatterOperandFunc funcPrintMemSize;
ZydisFormatterFunc funcPrintPrefixes;
ZydisFormatterDecoratorFunc funcPrintDecorator;
};
/* ---------------------------------------------------------------------------------------------- */
@ -570,9 +619,9 @@ struct ZydisFormatter_
/* ============================================================================================== */
/**
* @brief Initializes the given @c ZydisFormatter instance.
* @brief Initializes the given `ZydisFormatter` instance.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param style The formatter style.
*
* @return A zydis status code.
@ -582,20 +631,20 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterInit(ZydisFormatter* formatter, ZydisForm
/**
* @brief Sets the value of the specified formatter `attribute`.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param property The id of the formatter-property.
* @param value The new value.
*
* @return A zydis status code.
*/
ZYDIS_EXPORT ZydisStatus ZydisFormatterSetProperty(ZydisFormatter* formatter,
ZydisFormatterProperty property, ZydisUSize value);
ZydisFormatterProperty property, ZydisUPointer value);
/**
* @brief Replaces a formatter function with a custom callback and/or retrieves the currently
* used function.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param hook The formatter hook-type.
* @param callback A pointer to a variable that contains the pointer of the callback function
* and receives the pointer of the currently used function.
@ -611,8 +660,8 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterSetHook(ZydisFormatter* formatter,
/**
* @brief Formats the given instruction and writes it into the output buffer.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param buffer A pointer to the output buffer.
* @param bufferLen The length of the output buffer.
*
@ -624,8 +673,8 @@ ZYDIS_EXPORT ZydisStatus ZydisFormatterFormatInstruction(const ZydisFormatter* f
/**
* @brief Formats the given instruction and writes it into the output buffer.
*
* @param formatter A pointer to the @c ZydisFormatter instance.
* @param instruction A pointer to the @c ZydisDecodedInstruction struct.
* @param formatter A pointer to the `ZydisFormatter` instance.
* @param instruction A pointer to the `ZydisDecodedInstruction` struct.
* @param buffer A pointer to the output buffer.
* @param bufferLen The length of the output buffer.
* @param userData A pointer to user-defined data which can be used in custom formatter

746
src/Formatter.c
View File

File diff suppressed because it is too large Load Diff

6
src/MetaInfo.c
View File

@ -40,7 +40,7 @@
const char* ZydisCategoryGetString(ZydisInstructionCategory category)
{
if (category > ZYDIS_ARRAY_SIZE(zydisInstructionCategoryStrings) - 1)
if (category >= ZYDIS_ARRAY_SIZE(zydisInstructionCategoryStrings))
{
return ZYDIS_NULL;
}
@ -49,7 +49,7 @@ const char* ZydisCategoryGetString(ZydisInstructionCategory category)
const char* ZydisISASetGetString(ZydisISASet isaSet)
{
if (isaSet > ZYDIS_ARRAY_SIZE(zydisISASetStrings) - 1)
if (isaSet >= ZYDIS_ARRAY_SIZE(zydisISASetStrings))
{
return ZYDIS_NULL;
}
@ -58,7 +58,7 @@ const char* ZydisISASetGetString(ZydisISASet isaSet)
const char* ZydisISAExtGetString(ZydisISAExt isaExt)
{
if (isaExt > ZYDIS_ARRAY_SIZE(zydisISAExtStrings) - 1)
if (isaExt >= ZYDIS_ARRAY_SIZE(zydisISAExtStrings))
{
return ZYDIS_NULL;
}

4
src/Mnemonic.c
View File

@ -33,7 +33,7 @@
const char* ZydisMnemonicGetString(ZydisMnemonic mnemonic)
{
if (mnemonic > ZYDIS_ARRAY_SIZE(zydisMnemonicStrings) - 1)
if (mnemonic >= ZYDIS_ARRAY_SIZE(zydisMnemonicStrings))
{
return ZYDIS_NULL;
}
@ -42,7 +42,7 @@ const char* ZydisMnemonicGetString(ZydisMnemonic mnemonic)
const ZydisStaticString* ZydisMnemonicGetStaticString(ZydisMnemonic mnemonic)
{
if (mnemonic > ZYDIS_ARRAY_SIZE(zydisMnemonicStrings) - 1)
if (mnemonic >= ZYDIS_ARRAY_SIZE(zydisMnemonicStrings))
{
return ZYDIS_NULL;
}

4
tools/ZydisDisasm.c
View File

@ -69,9 +69,9 @@ int main(int argc, char** argv)
ZydisFormatter formatter;
if (!ZYDIS_SUCCESS(ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_SEGMENTS, ZYDIS_TRUE)) ||
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE)) ||
!ZYDIS_SUCCESS(ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_OPERANDSIZE, ZYDIS_TRUE)))
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE)))
{
fputs("Failed to initialized instruction-formatter\n", stderr);
return EXIT_FAILURE;

4
tools/ZydisInfo.c
View File

@ -551,9 +551,9 @@ void printInstruction(ZydisDecodedInstruction* instruction)
ZydisFormatter formatter;
if (!ZYDIS_SUCCESS((status = ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL))) ||
!ZYDIS_SUCCESS((status = ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_SEGMENTS, ZYDIS_TRUE))) ||
ZYDIS_FORMATTER_PROP_FORCE_MEMSEG, ZYDIS_TRUE))) ||
!ZYDIS_SUCCESS((status = ZydisFormatterSetProperty(&formatter,
ZYDIS_FORMATTER_PROP_FORCE_OPERANDSIZE, ZYDIS_TRUE))))
ZYDIS_FORMATTER_PROP_FORCE_MEMSIZE, ZYDIS_TRUE))))
{
fputs("Failed to initialize instruction-formatter\n", stderr);
exit(status);