x64dbg
/
zydis
mirror of https://github.com/x64dbg/zydis
1
0
Fork 0
Code Releases Activity

Merge branch 'develop'

This commit is contained in:
flobernd 2015-05-19 21:47:54 +02:00
parent 634f927df7 7caec91207
commit e339291104
34 changed files with 13286 additions and 11826 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
CMakeLists.txt Normal file
View File

@ -0,0 +1,88 @@
cmake_minimum_required(VERSION 2.8.12)
include(GenerateExportHeader)
project(Zydis)
option(BUILD_SHARED_LIBS "Build shared libraries rather than static ones" FALSE)
option(FORCE_SHARED_CRT
"Forces shared linkage against the CRT even when building a static library"
FALSE)
option(BUILD_EXAMPLES "Build examples" TRUE)
option(BUILD_C_BINDINGS "Build C bindings" TRUE)
if (NOT CONFIGURED_ONCE)
if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU" OR
"${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang")
set(compiler_specific "-Werror")
set(compiler_specific_cxx "-std=c++0x")
elseif (MSVC)
set(compiler_specific "/WX /W4 /D_CRT_SECURE_NO_WARNINGS")
endif ()
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${compiler_specific} ${compiler_specific_cxx}"
CACHE STRING "Flags used by the compiler during all build types." FORCE)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${compiler_specific}"
CACHE STRING "Flags used by the compiler during all build types." FORCE)
endif ()
# CMake always orders MSVC to build with a shared CRT. Hack CMake variables in order
# to generate with a statically linked CRT when we build as a static library.
if (MSVC AND NOT BUILD_SHARED_LIBS AND NOT FORCE_SHARED_CRT)
set(manipulated_vars
CMAKE_CXX_FLAGS_DEBUG
CMAKE_CXX_FLAGS_MINSIZEREL
CMAKE_CXX_FLAGS_RELEASE
CMAKE_CXX_FLAGS_RELWITHDEBINFO
CMAKE_C_FLAGS_DEBUG
CMAKE_C_FLAGS_MINSIZEREL
CMAKE_C_FLAGS_RELEASE
CMAKE_C_FLAGS_RELWITHDEBINFO)
foreach (cur_var ${manipulated_vars})
string(REPLACE "/MD" "/MT" ${cur_var} "${${cur_var}}")
endforeach ()
endif ()
# Library
set(headers
"Zydis/Zydis.hpp"
"Zydis/ZydisInstructionDecoder.hpp"
"Zydis/ZydisInstructionFormatter.hpp"
"Zydis/ZydisOpcodeTable.hpp"
"Zydis/ZydisSymbolResolver.hpp"
"Zydis/ZydisTypes.hpp"
"Zydis/ZydisUtils.hpp")
set(sources
"Zydis/ZydisInstructionDecoder.cpp"
"Zydis/ZydisInstructionFormatter.cpp"
"Zydis/ZydisOpcodeTable.cpp"
"Zydis/ZydisSymbolResolver.cpp"
"Zydis/ZydisUtils.cpp")
if (BUILD_C_BINDINGS)
set(headers ${headers}
"Zydis/ZydisAPI.h")
set(sources ${sources}
"Zydis/ZydisAPI.cpp")
endif ()
add_library("Zydis" ${headers} ${sources})
generate_export_header(
"Zydis"
BASE_NAME "ZYDIS"
EXPORT_FILE_NAME "ZydisExportConfig.h")
include_directories(${PROJECT_BINARY_DIR})
# Examples
if (BUILD_EXAMPLES)
include_directories("Zydis")
add_executable("SimpleDemo_CPP" "Examples/CPP/SimpleDemo/SimpleDemo.cpp")
target_link_libraries("SimpleDemo_CPP" "Zydis")
if (BUILD_C_BINDINGS)
add_executable("SimpleDemo_C" "Examples/C/SimpleDemo/SimpleDemo.c")
target_link_libraries("SimpleDemo_C" "Zydis")
endif ()
endif ()
set(CONFIGURED_ONCE TRUE CACHE INTERNAL "CMake has configured at least once.")

198
Examples/C/SimpleDemo/SimpleDemo.c Normal file
View File

@ -0,0 +1,198 @@
/***************************************************************************************************
Zyan Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications : Joel Höner
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
***************************************************************************************************/
#include <ZydisAPI.h>
#include <stdio.h>
#include <stdint.h>
void PrintZydisError()
{
puts("Zydis error: ");
switch (ZydisGetLastError())
{
case ZYDIS_ERROR_SUCCESS:
puts("success");
break;
case ZYDIS_ERROR_UNKNOWN:
puts("unknown error");
break;
case ZYDIS_ERROR_NOT_ENOUGH_MEMORY:
puts("not enough memory");
break;
case ZYDIS_ERROR_INVALID_PARAMETER:
puts("invalid parameter");
break;
}
}
int main()
{
uint8_t data32[] =
{
0x8B, 0xFF, 0x55, 0x8B, 0xEC, 0x6A, 0xFE, 0x68, 0xD8, 0x18, 0x09, 0x77, 0x68, 0x85, 0xD2,
0x09, 0x77, 0x64, 0xA1, 0x00, 0x00, 0x00, 0x00, 0x50, 0x83, 0xEC, 0x14, 0x53, 0x56, 0x57,
0xA1, 0x68, 0xEE, 0x13, 0x77, 0x31, 0x45, 0xF8, 0x33, 0xC5, 0x50, 0x8D, 0x45, 0xF0, 0x64,
0xA3, 0x00, 0x00, 0x00, 0x00, 0x89, 0x65, 0xE8, 0xC7, 0x45, 0xFC, 0x00, 0x00, 0x00, 0x00,
0x8B, 0x5D, 0x08, 0xF6, 0xC3, 0x04, 0x0F, 0x85, 0x57, 0x74, 0x00, 0x00, 0x53, 0x6A, 0x00,
0xFF, 0x35, 0xA0, 0xE3, 0x13, 0x77, 0xFF, 0x15, 0x00, 0x10, 0x14, 0x77, 0x85, 0xC0, 0x0F,
0x84, 0xC6, 0x48, 0x04, 0x00, 0xC7, 0x45, 0x08, 0x00, 0x00, 0x00, 0x00, 0xC7, 0x45, 0xFC,
0xFE, 0xFF, 0xFF, 0xFF, 0x33, 0xC0, 0x8B, 0x4D, 0xF0, 0x64, 0x89, 0x0D, 0x00, 0x00, 0x00,
0x00, 0x59, 0x5F, 0x5E, 0x5B, 0x8B, 0xE5, 0x5D, 0xC2, 0x04, 0x00
};
uint8_t data64[] =
{
0x48, 0x89, 0x5C, 0x24, 0x10, 0x48, 0x89, 0x74, 0x24, 0x18, 0x89, 0x4C, 0x24, 0x08, 0x57,
0x41, 0x54, 0x41, 0x55, 0x41, 0x56, 0x41, 0x57, 0x48, 0x83, 0xEC, 0x40, 0x4C, 0x8B, 0xF2,
0x8B, 0xD9, 0x48, 0xC7, 0x44, 0x24, 0x20, 0x00, 0x00, 0x00, 0x00, 0x33, 0xF6, 0x48, 0x89,
0x74, 0x24, 0x30, 0x45, 0x33, 0xFF, 0xF7, 0xC1, 0x8D, 0xF0, 0xFF, 0xFF, 0x0F, 0x85, 0xAA,
0x53, 0x08, 0x00, 0xF6, 0xC1, 0x40, 0x8B, 0xFE, 0x41, 0xBD, 0x08, 0x00, 0x00, 0x00, 0x41,
0x0F, 0x45, 0xFD, 0xF6, 0xC1, 0x02, 0x48, 0x8B, 0x0D, 0x10, 0xD4, 0x0E, 0x00, 0x0F, 0x85,
0x40, 0xE1, 0x01, 0x00, 0x8B, 0x15, 0x4C, 0xD5, 0x0E, 0x00, 0x81, 0xC2, 0x00, 0x00, 0x14,
0x00, 0x0B, 0xD7, 0x4D, 0x8B, 0xC6, 0xFF, 0x15, 0x3B, 0x2F, 0x10, 0x00, 0x48, 0x8B, 0xD8,
0x48, 0x85, 0xC0, 0x0F, 0x84, 0x93, 0x78, 0x0A, 0x00, 0x48, 0x8B, 0xC3, 0x48, 0x8B, 0x5C,
0x24, 0x78, 0x48, 0x8B, 0xB4, 0x24, 0x80, 0x00, 0x00, 0x00, 0x48, 0x83, 0xC4, 0x40, 0x41,
0x5F, 0x41, 0x5E, 0x41, 0x5D, 0x41, 0x5C, 0x5F, 0xC3
};
ZydisInstructionInfo info;
ZydisInstructionDecoderContext* decoder = NULL;
ZydisInstructionFormatterContext* formatter = NULL;
ZydisInputContext* input32 = NULL;
ZydisInputContext* input64 = NULL;
// Create decoder and formatter instances
decoder = ZydisCreateInstructionDecoder();
if (!decoder)
{
goto ZydisError;
}
formatter = ZydisCreateIntelInstructionFormatter();
if (!formatter)
{
goto FreeZydisDecoder;
}
// Create memory data sources
input32 = ZydisCreateMemoryInput(&data32[0], sizeof(data32));
if (!input32)
{
goto FreeZydisFormatter;
}
input64 = ZydisCreateMemoryInput(&data64[0], sizeof(data64));
if (!input64)
{
goto FreeZydisInput32;
}
// Set decoder properties
ZydisSetDisassemblerMode(decoder, ZYDIS_DM_M32BIT);
ZydisSetDataSource(decoder, input32);
ZydisSetInstructionPointer(decoder, 0x77091852);
// Decode and format all instructions
puts("32 bit test ...\n\n");
while (ZydisDecodeInstruction(decoder, &info))
{
printf("%08X ", (uint32_t)(info.instrAddress & 0xFFFFFFFF));
if (info.flags & ZYDIS_IF_ERROR_MASK)
{
printf("db %02X\n", info.data[0]);
}
else
{
const char* instructionText;
if (!ZydisFormatInstruction(formatter, &info, &instructionText))
{
goto FreeZydisInput64;
}
printf("%s\n", instructionText);
}
}
// Check if an error occured in ZydisDecodeInstruction or the end of the input was reached.
if (ZydisGetLastError() != ZYDIS_ERROR_SUCCESS)
{
goto FreeZydisInput64;
}
puts("\n");
// Set decoder properties
ZydisSetDisassemblerMode(decoder, ZYDIS_DM_M64BIT);
ZydisSetDataSource(decoder, input64);
ZydisSetInstructionPointer(decoder, 0x00007FFA39A81930ull);
// Decode and format all instructions
puts("64 bit test ...\n\n");
while (ZydisDecodeInstruction(decoder, &info))
{
printf("%016llX ", info.instrAddress);
if (info.flags & ZYDIS_IF_ERROR_MASK)
{
printf("db %02X", info.data[0]);
}
else
{
const char* instructionText;
if (!ZydisFormatInstruction(formatter, &info, &instructionText))
{
goto FreeZydisInput64;
}
printf("%s\n", instructionText);
}
}
// Check if an error occured in ZydisDecodeInstruction or the end of the input was reached.
if (ZydisGetLastError() != ZYDIS_ERROR_SUCCESS)
{
goto FreeZydisInput64;
}
// Cleanup code
FreeZydisInput64:
ZydisFreeInput(input64);
FreeZydisInput32:
ZydisFreeInput(input32);
FreeZydisFormatter:
ZydisFreeInstructionFormatter(formatter);
FreeZydisDecoder:
ZydisFreeInstructionDecoder(decoder);
ZydisError:
if (ZydisGetLastError() != ZYDIS_ERROR_SUCCESS)
{
PrintZydisError();
getchar();
return 1;
}
getchar();
return 0;
}

42
Examples/SimpleDemo/Main.cpp → Examples/CPP/SimpleDemo/SimpleDemo.cpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,16 +26,14 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#include <tchar.h>
#include <stdint.h> #include <stdint.h>
#include <iostream> #include <iostream>
#include <iomanip> #include <iomanip>
#include "VXDisassembler.h" #include <Zydis.hpp>
using namespace Verteron; int main()
int _tmain(int argc, _TCHAR* argv[])
{ {
uint8_t data32[] = uint8_t data32[] =
{ {
@ -66,13 +62,13 @@ int _tmain(int argc, _TCHAR* argv[])
0x5F, 0x41, 0x5E, 0x41, 0x5D, 0x41, 0x5C, 0x5F, 0xC3 0x5F, 0x41, 0x5E, 0x41, 0x5D, 0x41, 0x5C, 0x5F, 0xC3
}; };
VXInstructionInfo info; Zydis::InstructionInfo info;
VXInstructionDecoder decoder; Zydis::InstructionDecoder decoder;
VXIntelInstructionFormatter formatter; Zydis::IntelInstructionFormatter formatter;
VXMemoryDataSource input32(&data32[0], sizeof(data32)); Zydis::MemoryInput input32(&data32[0], sizeof(data32));
VXMemoryDataSource input64(&data64[0], sizeof(data64)); Zydis::MemoryInput input64(&data64[0], sizeof(data64));
decoder.setDisassemblerMode(VXDisassemblerMode::M32BIT); decoder.setDisassemblerMode(Zydis::DisassemblerMode::M32BIT);
decoder.setDataSource(&input32); decoder.setDataSource(&input32);
decoder.setInstructionPointer(0x77091852); decoder.setInstructionPointer(0x77091852);
std::cout << "32 bit test ..." << std::endl << std::endl; std::cout << "32 bit test ..." << std::endl << std::endl;
@ -80,7 +76,7 @@ int _tmain(int argc, _TCHAR* argv[])
{ {
std::cout << std::hex << std::setw(8) << std::setfill('0') << std::uppercase std::cout << std::hex << std::setw(8) << std::setfill('0') << std::uppercase
<< info.instrAddress << " "; << info.instrAddress << " ";
if (info.flags & IF_ERROR_MASK) if (info.flags & Zydis::IF_ERROR_MASK)
{ {
std::cout << "db " << std::setw(2) << info.data[0]; std::cout << "db " << std::setw(2) << info.data[0];
} else } else
@ -91,7 +87,7 @@ int _tmain(int argc, _TCHAR* argv[])
std::cout << std::endl; std::cout << std::endl;
decoder.setDisassemblerMode(VXDisassemblerMode::M64BIT); decoder.setDisassemblerMode(Zydis::DisassemblerMode::M64BIT);
decoder.setDataSource(&input64); decoder.setDataSource(&input64);
decoder.setInstructionPointer(0x00007FFA39A81930ull); decoder.setInstructionPointer(0x00007FFA39A81930ull);
std::cout << "64 bit test ..." << std::endl << std::endl; std::cout << "64 bit test ..." << std::endl << std::endl;
@ -99,7 +95,7 @@ int _tmain(int argc, _TCHAR* argv[])
{ {
std::cout << std::hex << std::setw(16) << std::setfill('0') << std::uppercase std::cout << std::hex << std::setw(16) << std::setfill('0') << std::uppercase
<< info.instrAddress << " "; << info.instrAddress << " ";
if (info.flags & IF_ERROR_MASK) if (info.flags & Zydis::IF_ERROR_MASK)
{ {
std::cout << "db " << std::setw(2) << info.data[0]; std::cout << "db " << std::setw(2) << info.data[0];
} else } else
@ -110,4 +106,4 @@ int _tmain(int argc, _TCHAR* argv[])
std::cin.get(); std::cin.get();
return 0; return 0;
} }

157
Examples/CustomDataSource/CustomDataSource.vcxproj
View File

@ -1,157 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{EB0F5A04-EE14-4779-9B29-322876CD45C8}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>CustomDataSource</RootNamespace>
<ProjectName>2 - Custom DataSource</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\VerteronDisassemblerEngine\VerteronDisassemblerEngine.vcxproj">
<Project>{f5c6f0a7-f75d-42bd-a8ab-a2d1d5f67099}</Project>
</ProjectReference>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

6
Examples/CustomDataSource/CustomDataSource.vcxproj.filters
View File

@ -1,6 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
</Project>

38
Examples/CustomDataSource/Main.cpp
View File

@ -1,38 +0,0 @@
/**************************************************************************************************
Verteron Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications :
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
**************************************************************************************************/
#include <tchar.h>
int _tmain(int argc, _TCHAR* argv[])
{
// TODO:
return 0;
}

90
Examples/Examples.sln
View File

@ -1,90 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.30723.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "1 - Simple Demo", "SimpleDemo\SimpleDemo.vcxproj", "{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "2 - Custom DataSource", "CustomDataSource\CustomDataSource.vcxproj", "{EB0F5A04-EE14-4779-9B29-322876CD45C8}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "3 - Symbol Resolver", "SymbolResolver\SymbolResolver.vcxproj", "{B6CA4362-2714-451C-8063-12195ABD7CD7}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "VerteronDisassemblerEngine", "..\VerteronDisassemblerEngine\VerteronDisassemblerEngine.vcxproj", "{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "4 - Performance Test", "PerformanceTest\PerformanceTest.vcxproj", "{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Mixed Platforms = Debug|Mixed Platforms
Debug|Win32 = Debug|Win32
Debug|x64 = Debug|x64
Release|Mixed Platforms = Release|Mixed Platforms
Release|Win32 = Release|Win32
Release|x64 = Release|x64
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Debug|Mixed Platforms.ActiveCfg = Debug|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Debug|Mixed Platforms.Build.0 = Debug|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Debug|Win32.ActiveCfg = Debug|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Debug|Win32.Build.0 = Debug|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Debug|x64.ActiveCfg = Debug|x64
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Debug|x64.Build.0 = Debug|x64
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Release|Mixed Platforms.ActiveCfg = Release|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Release|Mixed Platforms.Build.0 = Release|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Release|Win32.ActiveCfg = Release|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Release|Win32.Build.0 = Release|Win32
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Release|x64.ActiveCfg = Release|x64
{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}.Release|x64.Build.0 = Release|x64
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Debug|Mixed Platforms.ActiveCfg = Debug|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Debug|Mixed Platforms.Build.0 = Debug|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Debug|Win32.ActiveCfg = Debug|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Debug|Win32.Build.0 = Debug|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Debug|x64.ActiveCfg = Debug|x64
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Debug|x64.Build.0 = Debug|x64
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Release|Mixed Platforms.ActiveCfg = Release|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Release|Mixed Platforms.Build.0 = Release|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Release|Win32.ActiveCfg = Release|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Release|Win32.Build.0 = Release|Win32
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Release|x64.ActiveCfg = Release|x64
{EB0F5A04-EE14-4779-9B29-322876CD45C8}.Release|x64.Build.0 = Release|x64
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Debug|Mixed Platforms.ActiveCfg = Debug|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Debug|Mixed Platforms.Build.0 = Debug|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Debug|Win32.ActiveCfg = Debug|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Debug|Win32.Build.0 = Debug|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Debug|x64.ActiveCfg = Debug|x64
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Debug|x64.Build.0 = Debug|x64
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Release|Mixed Platforms.ActiveCfg = Release|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Release|Mixed Platforms.Build.0 = Release|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Release|Win32.ActiveCfg = Release|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Release|Win32.Build.0 = Release|Win32
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Release|x64.ActiveCfg = Release|x64
{B6CA4362-2714-451C-8063-12195ABD7CD7}.Release|x64.Build.0 = Release|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|Mixed Platforms.ActiveCfg = Debug|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|Mixed Platforms.Build.0 = Debug|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|Win32.ActiveCfg = Debug|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|Win32.Build.0 = Debug|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|x64.ActiveCfg = Debug|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|x64.Build.0 = Debug|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|Mixed Platforms.ActiveCfg = Release|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|Mixed Platforms.Build.0 = Release|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|Win32.ActiveCfg = Release|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|Win32.Build.0 = Release|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|x64.ActiveCfg = Release|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|x64.Build.0 = Release|x64
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Debug|Mixed Platforms.ActiveCfg = Debug|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Debug|Mixed Platforms.Build.0 = Debug|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Debug|Win32.ActiveCfg = Debug|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Debug|Win32.Build.0 = Debug|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Debug|x64.ActiveCfg = Debug|x64
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Debug|x64.Build.0 = Debug|x64
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Release|Mixed Platforms.ActiveCfg = Release|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Release|Mixed Platforms.Build.0 = Release|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Release|Win32.ActiveCfg = Release|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Release|Win32.Build.0 = Release|Win32
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Release|x64.ActiveCfg = Release|x64
{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}.Release|x64.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

157
Examples/PerformanceTest/PerformanceTest.vcxproj
View File

@ -1,157 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{4A0B7BE7-72C9-4A95-90CA-D56C50F10401}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>PerformanceTest</RootNamespace>
<ProjectName>4 - Performance Test</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\VerteronDisassemblerEngine\VerteronDisassemblerEngine.vcxproj">
<Project>{f5c6f0a7-f75d-42bd-a8ab-a2d1d5f67099}</Project>
</ProjectReference>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

6
Examples/PerformanceTest/PerformanceTest.vcxproj.filters
View File

@ -1,6 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
</Project>

157
Examples/SimpleDemo/SimpleDemo.vcxproj
View File

@ -1,157 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{BC5CDE9B-9F84-453E-8131-B56F67FD0E4D}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>SimpleDemo</RootNamespace>
<ProjectName>1 - Simple Demo</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\VerteronDisassemblerEngine\VerteronDisassemblerEngine.vcxproj">
<Project>{f5c6f0a7-f75d-42bd-a8ab-a2d1d5f67099}</Project>
</ProjectReference>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

6
Examples/SimpleDemo/SimpleDemo.vcxproj.filters
View File

@ -1,6 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
</Project>

192
Examples/SymbolResolver/Main.cpp
View File

@ -1,192 +0,0 @@
/**************************************************************************************************
Verteron Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications :
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
**************************************************************************************************/
#include <tchar.h>
#include <fstream>
#include <iomanip>
#include <string>
#include "VXDisassembler.h"
#include <Windows.h>
using namespace Verteron;
int _tmain(int argc, _TCHAR* argv[])
{
// Find module base in memory
void *moduleBase = GetModuleHandle(L"kernel32.dll");
uintptr_t baseAddress = reinterpret_cast<uintptr_t>(moduleBase);
// Parse PE headers
PIMAGE_DOS_HEADER dosHeader = static_cast<PIMAGE_DOS_HEADER>(moduleBase);
if (dosHeader->e_magic != IMAGE_DOS_SIGNATURE)
{
return 1;
}
PIMAGE_NT_HEADERS ntHeaders =
reinterpret_cast<PIMAGE_NT_HEADERS>(baseAddress + dosHeader->e_lfanew);
if (ntHeaders->Signature != IMAGE_NT_SIGNATURE)
{
return 1;
}
// Initialize disassembler
VXInstructionInfo info;
VXInstructionDecoder decoder;
VXExactSymbolResolver resolver;
VXIntelInstructionFormatter formatter;
#ifdef _M_X64
decoder.setDisassemblerMode(VXDisassemblerMode::M64BIT);
#else
decoder.setDisassemblerMode(VXDisassemblerMode::M32BIT);
#endif
formatter.setSymbolResolver(&resolver);
// Initialize output stream
std::ofstream out;
out.open(".\\output.txt");
// Find all call and jump targets
uint64_t subCount = 0;
uint64_t locCount = 0;
PIMAGE_SECTION_HEADER sectionHeader =
reinterpret_cast<PIMAGE_SECTION_HEADER>(
reinterpret_cast<uintptr_t>(ntHeaders) + sizeof(IMAGE_NT_HEADERS)
+ ntHeaders->FileHeader.SizeOfOptionalHeader - sizeof(IMAGE_OPTIONAL_HEADER));
for (unsigned int i = 0; i < ntHeaders->FileHeader.NumberOfSections; ++i)
{
if (sectionHeader->Characteristics & IMAGE_SCN_CNT_CODE)
{
VXMemoryDataSource input(reinterpret_cast<const void*>(
baseAddress + sectionHeader->VirtualAddress), sectionHeader->SizeOfRawData);
decoder.setDataSource(&input);
decoder.setInstructionPointer(baseAddress + sectionHeader->VirtualAddress);
while (decoder.decodeInstruction(info))
{
// Skip invalid and non-relative instructions
if ((info.flags & IF_ERROR_MASK) || !(info.flags & IF_RELATIVE))
{
continue;
}
switch (info.mnemonic)
{
case VXInstructionMnemonic::CALL:
resolver.setSymbol(VDECalcAbsoluteTarget(info, info.operand[0]),
std::string("sub_" + std::to_string(subCount)).c_str());
subCount++;
break;
case VXInstructionMnemonic::JMP:
case VXInstructionMnemonic::JO:
case VXInstructionMnemonic::JNO:
case VXInstructionMnemonic::JB:
case VXInstructionMnemonic::JNB:
case VXInstructionMnemonic::JE:
case VXInstructionMnemonic::JNE:
case VXInstructionMnemonic::JBE:
case VXInstructionMnemonic::JA:
case VXInstructionMnemonic::JS:
case VXInstructionMnemonic::JNS:
case VXInstructionMnemonic::JP:
case VXInstructionMnemonic::JNP:
case VXInstructionMnemonic::JL:
case VXInstructionMnemonic::JGE:
case VXInstructionMnemonic::JLE:
case VXInstructionMnemonic::JG:
case VXInstructionMnemonic::JCXZ:
case VXInstructionMnemonic::JECXZ:
case VXInstructionMnemonic::JRCXZ:
resolver.setSymbol(VDECalcAbsoluteTarget(info, info.operand[0]),
std::string("loc_" + std::to_string(locCount)).c_str());
locCount++;
break;
default:
break;
}
}
}
sectionHeader++;
}
// Add entry point symbol
resolver.setSymbol(baseAddress + ntHeaders->OptionalHeader.AddressOfEntryPoint, "EntryPoint");
// Add exported symbols
if (ntHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress > 0)
{
PIMAGE_EXPORT_DIRECTORY exports =
reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(reinterpret_cast<LPBYTE>(baseAddress) +
ntHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
PDWORD address =
reinterpret_cast<PDWORD>(reinterpret_cast<LPBYTE>(baseAddress) +
exports->AddressOfFunctions);
PDWORD name =
reinterpret_cast<PDWORD>(reinterpret_cast<LPBYTE>(baseAddress) +
exports->AddressOfNames);
PWORD ordinal =
reinterpret_cast<PWORD>(reinterpret_cast<LPBYTE>(baseAddress) +
exports->AddressOfNameOrdinals);
for(unsigned int i = 0; i < exports->NumberOfNames; ++i)
{
resolver.setSymbol(baseAddress + address[ordinal[i]],
reinterpret_cast<char*>(baseAddress) + name[i]);
}
}
// Disassemble
sectionHeader =
reinterpret_cast<PIMAGE_SECTION_HEADER>(
reinterpret_cast<uintptr_t>(ntHeaders) + sizeof(IMAGE_NT_HEADERS)
+ ntHeaders->FileHeader.SizeOfOptionalHeader - sizeof(IMAGE_OPTIONAL_HEADER));
for (unsigned int i = 0; i < ntHeaders->FileHeader.NumberOfSections; ++i)
{
if (sectionHeader->Characteristics & IMAGE_SCN_CNT_CODE)
{
VXMemoryDataSource input(reinterpret_cast<const void*>(
baseAddress + sectionHeader->VirtualAddress), sectionHeader->SizeOfRawData);
decoder.setDataSource(&input);
decoder.setInstructionPointer(baseAddress + sectionHeader->VirtualAddress);
while (decoder.decodeInstruction(info))
{
uint64_t offset;
const char *symbol = resolver.resolveSymbol(info, info.instrAddress, offset);
if (symbol)
{
out << symbol << ": " << std::endl;
}
out << " " << std::hex << std::setw(16) << std::setfill('0')
<< info.instrAddress << " ";
if (info.flags & IF_ERROR_MASK)
{
out << "db " << std::hex << std::setw(2) << std::setfill('0')
<< static_cast<int>(info.data[0]) << std::endl;
} else
{
out << formatter.formatInstruction(info) << std::endl;
}
}
}
sectionHeader++;
}
out.close();
return 0;
}

157
Examples/SymbolResolver/SymbolResolver.vcxproj
View File

@ -1,157 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{B6CA4362-2714-451C-8063-12195ABD7CD7}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>SymbolResolver</RootNamespace>
<ProjectName>3 - Symbol Resolver</ProjectName>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<LinkIncremental>true</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<LinkIncremental>false</LinkIncremental>
<IncludePath>..\..\VerteronDisassemblerEngine\;$(IncludePath)</IncludePath>
</PropertyGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\..\VerteronDisassemblerEngine\VerteronDisassemblerEngine.vcxproj">
<Project>{f5c6f0a7-f75d-42bd-a8ab-a2d1d5f67099}</Project>
</ProjectReference>
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

6
Examples/SymbolResolver/SymbolResolver.vcxproj.filters
View File

@ -1,6 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<ClCompile Include="Main.cpp" />
</ItemGroup>
</Project>

23
README.md
View File

@ -1,4 +1,4 @@
Verteron Disassembler Engine (VDE) Zyan Disassembler Engine (Zydis)
================================== ==================================
Fast and lightweight x86/x86-64 disassembler library. Fast and lightweight x86/x86-64 disassembler library.
@ -18,15 +18,13 @@ Fast and lightweight x86/x86-64 disassembler library.
## Quick Example ## ## Quick Example ##
The following example program uses VDE to disassemble a given memory buffer and prints the output to the console. The following example program uses Zydis to disassemble a given memory buffer and prints the output to the console.
```C++ ```C++
#include <tchar.h> #include <tchar.h>
#include <iostream> #include <iostream>
#include <stdint.h> #include <stdint.h>
#include "VXDisassembler.h" #include "Zydis.hpp"
using namespace Verteron;
int _tmain(int argc, _TCHAR* argv[]) int _tmain(int argc, _TCHAR* argv[])
{ {
@ -34,13 +32,13 @@ int _tmain(int argc, _TCHAR* argv[])
{ {
0x90, 0xE9, 0x00, 0x00, 0x00, 0x00, 0xC3 0x90, 0xE9, 0x00, 0x00, 0x00, 0x00, 0xC3
}; };
VXMemoryDataSource input(&data[0], sizeof(data)); Zydis::MemoryInput input(&data[0], sizeof(data));
VXInstructionInfo info; Zydis::InstructionInfo info;
VXInstructionDecoder decoder; Zydis::InstructionDecoder decoder;
decoder.setDisassemblerMode(VXDisassemblerMode::M32BIT); decoder.setDisassemblerMode(Zydis::ZydisMode::M32BIT);
decoder.setDataSource(&input); decoder.setDataSource(&input);
decoder.setInstructionPointer(0); decoder.setInstructionPointer(0);
VXIntelInstructionFormatter formatter; Zydis::IntelInstructionFormatter formatter;
while (decoder.decodeInstruction(info)) while (decoder.decodeInstruction(info))
{ {
std::cout << formatter.formatInstruction(info) << std::endl; std::cout << formatter.formatInstruction(info) << std::endl;
@ -50,8 +48,7 @@ int _tmain(int argc, _TCHAR* argv[])
## Compilation ## ## Compilation ##
- While VDE supports other compilers in theory, compilation has not been tested with any compiler other than MSVC12 (Visual Studio 2013) Zydis builds cleanly on most platforms without any external dependencies. You can use CMake to generate project files for your favorite C++14 compiler.
- Multi-compiler support might be added in the future
## License ## ## License ##
Verteron Disassembler Engine is licensed under the MIT License. Dependencies are under their respective licenses. Zyan Disassembler Engine is licensed under the MIT License. Dependencies are under their respective licenses.

38
VerteronDisassemblerEngine.sln
View File

@ -1,38 +0,0 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2013
VisualStudioVersion = 12.0.30723.0
MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "VerteronDisassemblerEngine", "VerteronDisassemblerEngine\VerteronDisassemblerEngine.vcxproj", "{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "OptableGenerator", "OptableGenerator\OptableGenerator.vcxproj", "{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Win32 = Debug|Win32
Debug|x64 = Debug|x64
Release|Win32 = Release|Win32
Release|x64 = Release|x64
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|Win32.ActiveCfg = Debug|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|Win32.Build.0 = Debug|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|x64.ActiveCfg = Debug|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Debug|x64.Build.0 = Debug|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|Win32.ActiveCfg = Release|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|Win32.Build.0 = Release|Win32
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|x64.ActiveCfg = Release|x64
{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}.Release|x64.Build.0 = Release|x64
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Debug|Win32.ActiveCfg = Debug|Win32
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Debug|Win32.Build.0 = Debug|Win32
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Debug|x64.ActiveCfg = Debug|x64
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Debug|x64.Build.0 = Debug|x64
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Release|Win32.ActiveCfg = Release|Win32
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Release|Win32.Build.0 = Release|Win32
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Release|x64.ActiveCfg = Release|x64
{EFA075B8-AFB9-4E06-99AD-BD58F50A9500}.Release|x64.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal

37
VerteronDisassemblerEngine/VXDisassembler.h
View File

@ -1,37 +0,0 @@
/**************************************************************************************************
Verteron Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications :
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
**************************************************************************************************/
#pragma once
#include "VXDisassemblerTypes.h"
#include "VXInstructionDecoder.h"
#include "VXInstructionFormatter.h"
#include "VXDisassemblerUtils.h"

9655
VerteronDisassemblerEngine/VXOpcodeTable.cpp
View File

File diff suppressed because it is too large Load Diff

147
VerteronDisassemblerEngine/VerteronDisassemblerEngine.vcxproj
View File

@ -1,147 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClInclude Include="VXDisassembler.h" />
<ClInclude Include="VXDisassemblerUtils.h" />
<ClInclude Include="VXDisassemblerTypes.h" />
<ClInclude Include="VXInstructionDecoder.h" />
<ClInclude Include="VXInstructionFormatter.h" />
<ClInclude Include="VXOpcodeTable.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="VXDisassemblerUtils.cpp" />
<ClCompile Include="VXInstructionDecoder.cpp" />
<ClCompile Include="VXInstructionFormatter.cpp" />
<ClCompile Include="VXOpcodeTable.cpp" />
</ItemGroup>
<PropertyGroup Label="Globals">
<ProjectGuid>{F5C6F0A7-F75D-42BD-A8AB-A2D1D5F67099}</ProjectGuid>
<Keyword>Win32Proj</Keyword>
<RootNamespace>VerteronDisassemblerEngine</RootNamespace>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>StaticLibrary</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>StaticLibrary</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>StaticLibrary</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>StaticLibrary</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v120</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<PropertyGroup />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<PrecompiledHeader>
</PrecompiledHeader>
<WarningLevel>Level3</WarningLevel>
<Optimization>Disabled</Optimization>
<PreprocessorDefinitions>WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<PrecompiledHeader>
</PrecompiledHeader>
<Optimization>MaxSpeed</Optimization>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<PreprocessorDefinitions>WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
</ClCompile>
<Link>
<SubSystem>Windows</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
<EnableCOMDATFolding>true</EnableCOMDATFolding>
<OptimizeReferences>true</OptimizeReferences>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

17
VerteronDisassemblerEngine/VerteronDisassemblerEngine.vcxproj.filters
View File

@ -1,17 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<ClInclude Include="VXDisassembler.h" />
<ClInclude Include="VXDisassemblerTypes.h" />
<ClInclude Include="VXDisassemblerUtils.h" />
<ClInclude Include="VXInstructionDecoder.h" />
<ClInclude Include="VXInstructionFormatter.h" />
<ClInclude Include="VXOpcodeTable.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="VXDisassemblerUtils.cpp" />
<ClCompile Include="VXInstructionDecoder.cpp" />
<ClCompile Include="VXInstructionFormatter.cpp" />
<ClCompile Include="VXOpcodeTable.cpp" />
</ItemGroup>
</Project>

29
Examples/PerformanceTest/Main.cpp → Zydis/Zydis.hpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,11 +26,14 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#include <tchar.h>
int _tmain(int argc, _TCHAR* argv[]) #ifndef _ZYDIS_DISASSEMBLER_HPP_
{ #define _ZYDIS_DISASSEMBLER_HPP_
// TODO:
return 0; #include "ZydisInstructionDecoder.hpp"
} #include "ZydisInstructionFormatter.hpp"
#include "ZydisSymbolResolver.hpp"
#include "ZydisUtils.hpp"
#endif /*_ZYDIS_DISASSEMBLER_HPP_ */

649
Zydis/ZydisAPI.cpp Normal file
View File

@ -0,0 +1,649 @@
/***************************************************************************************************
Zyan Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications : Joel Höner
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
***************************************************************************************************/
#include "ZydisAPI.h"
#include "ZydisInstructionDecoder.hpp"
#include "ZydisInstructionFormatter.hpp"
/* Static Checks ================================================================================ */
static_assert(
sizeof(ZydisOperandInfo) == sizeof(Zydis::OperandInfo),
"struct size mismatch");
static_assert(
sizeof(ZydisInstructionInfo) == sizeof(Zydis::InstructionInfo),
"struct size mismatch");
/* Error Handling =============================================================================== */
static uint32_t g_zydisLastError = ZYDIS_ERROR_SUCCESS;
uint32_t ZydisGetLastError()
{
return g_zydisLastError;
}
void ZydisSetLastError(uint32_t errorCode)
{
g_zydisLastError = errorCode;
}
/* Conversion Helper ============================================================================ */
typedef enum _ZydisClassType
{
ZYDIS_CONTEXT_INPUT = 0x00000080,
ZYDIS_CONTEXT_INPUT_CUSTOM = ZYDIS_CONTEXT_INPUT | 0x00000001,
ZYDIS_CONTEXT_INPUT_MEMORY = ZYDIS_CONTEXT_INPUT | 0x00000002,
ZYDIS_CONTEXT_INSTRUCTIONDECODER = 0x00000040,
ZYDIS_CONTEXT_INSTRUCTIONFORMATTER = 0x00000020,
ZYDIS_CONTEXT_INSTRUCTIONFORMATTER_CUSTOM = ZYDIS_CONTEXT_INSTRUCTIONFORMATTER | 0x00000001,
ZYDIS_CONTEXT_INSTRUCTIONFORMATTER_INTEL = ZYDIS_CONTEXT_INSTRUCTIONFORMATTER | 0x00000002,
ZYDIS_CONTEXT_SYMBOLRESOLVER = 0x00000010,
ZYDIS_CONTEXT_SYMBOLRESOLVER_CUSTOM = ZYDIS_CONTEXT_SYMBOLRESOLVER | 0x00000001,
ZYDIS_CONTEXT_SYMBOLRESOLVER_EXACT = ZYDIS_CONTEXT_SYMBOLRESOLVER | 0x00000002
} ZydisClassType;
/**
* @brief This helper class extends a zydis class with a type field. It is used by the C-bindings
* to check type correctness for input parameters.
* @param ZydisClassT The zydis class type.
*/
#pragma pack(push, 1)
template <typename ZydisClassT>
class ZydisClassEx final
{
private:
using FullClassT = ZydisClassEx<ZydisClassT>;
public:
uint32_t type;
std::conditional_t<std::is_abstract<ZydisClassT>::value, char, ZydisClassT> instance;
public:
/**
* @brief Constructor
* @param InstanceCtorArgsT The argument types for the constructor of the zydis class.
* @param classType The type of the zydis class.
* @param args... The arguments for the constructor of the zydis class.
*/
template<
typename ZydisClassTT=ZydisClassT,
std::enable_if_t<!std::is_abstract<ZydisClassTT>::value, int> = 0,
typename... InstanceCtorArgsT>
ZydisClassEx(uint32_t classType, InstanceCtorArgsT... args)
: type(classType)
, instance(args...) { };
public:
/**
* @brief Returns the class type.
* @return The assigned class type.
*/
uint32_t getClassType() const
{
return type;
}
/**
* @brief Returns the zydis class instance.
* @return Pointer to the zydis class instance.
*/
ZydisClassT* getInstance()
{
return reinterpret_cast<ZydisClassT*>(&instance);
}
public:
/**
* @brief Casts the given instance to @c ZydisClassEx.
* @param instance The zydis class instance.
* @return Pointer to the @c ZydisClassEx instance.
*/
static FullClassT* fromInstance(ZydisClassT* instance)
{
return reinterpret_cast<FullClassT*>(
reinterpret_cast<uintptr_t>(instance) - offsetof(FullClassT, instance));
}
};
#pragma pack(pop)
/**
* @brief Creates a context by constructing a new wrapped zydis class instance.
* @param ContextClassT The context class.
* @param ZydisClassT The zydis class type.
* @param ZydisClassCtorArgsT The argument types for the constructor of the zydis class.
* @param classType The type of the zydis class.
* @param args... The arguments for the constructor of the zydis class.
*/
template <typename ContextClassT, typename ZydisClassT, typename... ZydisClassCtorArgsT>
ContextClassT* ZydisCreateContext(uint32_t classType, ZydisClassCtorArgsT... args)
{
auto instanceEx = new (std::nothrow) ZydisClassEx<ZydisClassT>(classType, args...);
if (!instanceEx)
{
ZydisSetLastError(ZYDIS_ERROR_NOT_ENOUGH_MEMORY);
return nullptr;
}
// Return the original instance as context.
return reinterpret_cast<ContextClassT*>(instanceEx->getInstance());
}
/**
* @brief Retrieves the zydis class instance of the given context.
* @param ContextClassT The context class.
* @param ZydisClassT The zydis class type.
* @param expectedType The expected type of the zydis class.
*/
template <typename ContextClassT, typename ZydisClassT>
ZydisClassT* ZydisRetrieveInstance(uint32_t expectedType, const ContextClassT* context)
{
auto instanceEx = ZydisClassEx<ZydisClassT>::fromInstance(
reinterpret_cast<ZydisClassT*>(const_cast<ContextClassT*>(context)));
if ((instanceEx->getClassType() & expectedType) != expectedType)
{
ZydisSetLastError(ZYDIS_ERROR_INVALID_PARAMETER);
return nullptr;
}
// The context points to the same address as the instance. We just need to cast it.
return reinterpret_cast<ZydisClassT*>(const_cast<ContextClassT*>(context));
}
/**
* @brief Creates a context by constructing a new wrapped zydis instance.
* @param ContextClassT The context class.
* @param ZydisClassT The zydis class type.
* @param expectedType The expected type of the zydis class.
*/
template <typename ContextClassT, typename ZydisClassT>
bool ZydisFreeContext(uint32_t expectedType, const ContextClassT* context)
{
auto instanceEx = ZydisClassEx<ZydisClassT>::fromInstance(
reinterpret_cast<ZydisClassT*>(const_cast<ContextClassT*>(context)));
if ((instanceEx->getClassType() & expectedType) != expectedType)
{
ZydisSetLastError(ZYDIS_ERROR_INVALID_PARAMETER);
return false;
}
delete instanceEx;
return true;
}
/* Input ======================================================================================== */
/**
* @brief Helper class for custom input implementations.
*/
class ZydisCustomInput : public Zydis::BaseInput
{
private:
void* m_userData;
ZydisCustomDestructorT m_cbDestructor;
ZydisCustomInputPeekT m_cbPeek;
ZydisCustomInputNextT m_cbNext;
ZydisCustomInputIsEndOfInputT m_cbIsEndOfInput;
ZydisCustomInputGetPositionT m_cbGetPosition;
ZydisCustomInputSetPositionT m_cbSetPosition;
protected:
uint8_t internalInputPeek() override
{
return m_cbPeek(m_userData);
}
uint8_t internalInputNext() override
{
return m_cbNext(m_userData);
}
public:
ZydisCustomInput(void* userData,
ZydisCustomInputPeekT cbPeek, ZydisCustomInputNextT cbNext,
ZydisCustomInputIsEndOfInputT cbIsEndOfInput, ZydisCustomInputGetPositionT cbGetPosition,
ZydisCustomInputSetPositionT cbSetPosition, ZydisCustomDestructorT cbDestructor)
: m_userData(userData)
, m_cbDestructor(cbDestructor)
, m_cbPeek(cbPeek)
, m_cbNext(cbNext)
, m_cbIsEndOfInput(cbIsEndOfInput)
, m_cbGetPosition(cbGetPosition)
, m_cbSetPosition(cbSetPosition)
{
}
~ZydisCustomInput() override
{
if (m_cbDestructor)
{
m_cbDestructor(m_userData);
}
}
public:
bool isEndOfInput() const override
{
return m_cbIsEndOfInput(m_userData);
}
uint64_t getPosition() const override
{
return m_cbGetPosition(m_userData);
}
bool setPosition(uint64_t position) override
{
return m_cbSetPosition(m_userData, position);
}
};
ZydisInputContext* ZydisCreateCustomInput(void* userData,
ZydisCustomInputPeekT cbPeek, ZydisCustomInputNextT cbNext,
ZydisCustomInputIsEndOfInputT cbIsEndOfInput, ZydisCustomInputGetPositionT cbGetPosition,
ZydisCustomInputSetPositionT cbSetPosition, ZydisCustomDestructorT cbDestructor)
{
if (!cbPeek || !cbNext || !cbIsEndOfInput || !cbGetPosition || !cbSetPosition)
{
ZydisSetLastError(ZYDIS_ERROR_INVALID_PARAMETER);
return nullptr;
}
return ZydisCreateContext<ZydisInputContext, ZydisCustomInput>(ZYDIS_CONTEXT_INPUT_CUSTOM,
userData, cbPeek, cbNext, cbIsEndOfInput, cbGetPosition, cbSetPosition, cbDestructor);
}
ZydisInputContext* ZydisCreateMemoryInput(const void* buffer, size_t bufferLen)
{
return ZydisCreateContext<ZydisInputContext, Zydis::MemoryInput>(
ZYDIS_CONTEXT_INPUT_MEMORY, buffer, bufferLen);
}
bool ZydisIsEndOfInput(const ZydisInputContext* input, bool* isEndOfInput)
{
Zydis::BaseInput* instance =
ZydisRetrieveInstance<ZydisInputContext, Zydis::BaseInput>(ZYDIS_CONTEXT_INPUT, input);
if (!instance)
{
return false;
}
*isEndOfInput = instance->isEndOfInput();
return true;
}
bool ZydisGetInputPosition(const ZydisInputContext* input, uint64_t* position)
{
Zydis::BaseInput* instance =
ZydisRetrieveInstance<ZydisInputContext, Zydis::BaseInput>(ZYDIS_CONTEXT_INPUT, input);
if (!instance)
{
return false;
}
*position = instance->getPosition();
return true;
}
bool ZydisSetInputPosition(const ZydisInputContext* input, uint64_t position)
{
Zydis::BaseInput* instance =
ZydisRetrieveInstance<ZydisInputContext, Zydis::BaseInput>(ZYDIS_CONTEXT_INPUT, input);
if (!instance)
{
return false;
}
ZydisSetLastError(ZYDIS_ERROR_SUCCESS);
return instance->setPosition(position);
}
bool ZydisFreeInput(const ZydisInputContext* input)
{
return ZydisFreeContext<ZydisInputContext, Zydis::BaseInput>(ZYDIS_CONTEXT_INPUT, input);
}
/* InstructionDecoder =========================================================================== */
ZydisInstructionDecoderContext* ZydisCreateInstructionDecoder()
{
return ZydisCreateContext<ZydisInstructionDecoderContext, Zydis::InstructionDecoder>(
ZYDIS_CONTEXT_INSTRUCTIONDECODER);
}
ZydisInstructionDecoderContext* ZydisCreateInstructionDecoderEx(
const ZydisInputContext* input, ZydisDisassemblerMode disassemblerMode,
ZydisInstructionSetVendor preferredVendor, uint64_t instructionPointer)
{
Zydis::BaseInput* object =
ZydisRetrieveInstance<ZydisInputContext, Zydis::BaseInput>(ZYDIS_CONTEXT_INPUT, input);
if (!object)
{
return nullptr;
}
return ZydisCreateContext<ZydisInstructionDecoderContext, Zydis::InstructionDecoder>(
ZYDIS_CONTEXT_INSTRUCTIONDECODER, object,
static_cast<Zydis::DisassemblerMode>(disassemblerMode),
static_cast<Zydis::InstructionSetVendor>(preferredVendor), instructionPointer);
}
bool ZydisDecodeInstruction(const ZydisInstructionDecoderContext* decoder,
ZydisInstructionInfo* info)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
ZydisSetLastError(ZYDIS_ERROR_SUCCESS);
return instance->decodeInstruction(*reinterpret_cast<Zydis::InstructionInfo*>(info));
}
bool ZydisGetDataSource(const ZydisInstructionDecoderContext* decoder,
ZydisInputContext** input)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
*input = reinterpret_cast<ZydisInputContext*>(instance->getDataSource());
if (!input)
{
return false;
}
return true;
}
bool ZydisSetDataSource(const ZydisInstructionDecoderContext* decoder,
ZydisInputContext* input)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
Zydis::BaseInput* object =
ZydisRetrieveInstance<ZydisInputContext, Zydis::BaseInput>(ZYDIS_CONTEXT_INPUT, input);
if (!object)
{
return false;
}
instance->setDataSource(object);
return true;
}
bool ZydisGetDisassemblerMode(const ZydisInstructionDecoderContext* decoder,
ZydisDisassemblerMode* disassemblerMode)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
*disassemblerMode = static_cast<ZydisDisassemblerMode>(instance->getDisassemblerMode());
return true;
}
bool ZydisSetDisassemblerMode(const ZydisInstructionDecoderContext* decoder,
ZydisDisassemblerMode disassemblerMode)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
instance->setDisassemblerMode(static_cast<Zydis::DisassemblerMode>(disassemblerMode));
return true;
}
bool ZydisGetPreferredVendor(const ZydisInstructionDecoderContext* decoder,
ZydisInstructionSetVendor* preferredVendor)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
*preferredVendor = static_cast<ZydisInstructionSetVendor>(instance->getPreferredVendor());
return true;
}
bool ZydisSetPreferredVendor(const ZydisInstructionDecoderContext* decoder,
ZydisInstructionSetVendor preferredVendor)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
instance->setPreferredVendor(static_cast<Zydis::InstructionSetVendor>(preferredVendor));
return true;
}
bool ZydisGetInstructionPointer(const ZydisInstructionDecoderContext* decoder,
uint64_t* instructionPointer)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
*instructionPointer = instance->getInstructionPointer();
return true;
}
bool ZydisSetInstructionPointer(const ZydisInstructionDecoderContext* decoder,
uint64_t instructionPointer)
{
Zydis::InstructionDecoder* instance =
ZydisRetrieveInstance<ZydisInstructionDecoderContext,
Zydis::InstructionDecoder>(ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
if (!instance)
{
return false;
}
instance->setInstructionPointer(instructionPointer);
return true;
}
bool ZydisFreeInstructionDecoder(const ZydisInstructionDecoderContext* decoder)
{
return ZydisFreeContext<ZydisInstructionDecoderContext, Zydis::InstructionDecoder>(
ZYDIS_CONTEXT_INSTRUCTIONDECODER, decoder);
}
/* InstructionFormatter ========================================================================= */
ZydisInstructionFormatterContext* ZydisCreateCustomInstructionFormatter(/* TODO */)
{
return nullptr;
}
ZydisInstructionFormatterContext* ZydisCreateIntelInstructionFormatter()
{
return ZydisCreateContext<ZydisInstructionFormatterContext,
Zydis::IntelInstructionFormatter>(ZYDIS_CONTEXT_INSTRUCTIONFORMATTER_INTEL);
}
bool ZydisFormatInstruction(const ZydisInstructionFormatterContext* formatter,
const ZydisInstructionInfo* info, const char** instructionText)
{
Zydis::BaseInstructionFormatter* instance =
ZydisRetrieveInstance<ZydisInstructionFormatterContext,
Zydis::BaseInstructionFormatter>(ZYDIS_CONTEXT_INSTRUCTIONFORMATTER, formatter);
if (!instance)
{
return false;
}
*instructionText =
instance->formatInstruction(*reinterpret_cast<const Zydis::InstructionInfo*>(info));
return true;
}
bool ZydisGetSymbolResolver(const ZydisInstructionFormatterContext* formatter,
ZydisSymbolResolverContext** resolver)
{
Zydis::BaseInstructionFormatter* instance =
ZydisRetrieveInstance<ZydisInstructionFormatterContext,
Zydis::BaseInstructionFormatter>(ZYDIS_CONTEXT_INSTRUCTIONFORMATTER, formatter);
if (!instance)
{
return false;
}
*resolver = reinterpret_cast<ZydisSymbolResolverContext*>(instance->getSymbolResolver());
if (!resolver)
{
return false;
}
return true;
}
bool ZydisSetSymbolResolver(const ZydisInstructionFormatterContext* formatter,
ZydisSymbolResolverContext* resolver)
{
Zydis::BaseInstructionFormatter* instance =
ZydisRetrieveInstance<ZydisInstructionFormatterContext,
Zydis::BaseInstructionFormatter>(ZYDIS_CONTEXT_INSTRUCTIONFORMATTER, formatter);
if (!instance)
{
return false;
}
Zydis::BaseSymbolResolver* object =
ZydisRetrieveInstance<ZydisSymbolResolverContext,
Zydis::BaseSymbolResolver>(ZYDIS_CONTEXT_SYMBOLRESOLVER, resolver);
if (!object)
{
return false;
}
instance->setSymbolResolver(object);
return true;
}
bool ZydisFreeInstructionFormatter(const ZydisInstructionFormatterContext* formatter)
{
return ZydisFreeContext<ZydisInstructionFormatterContext, Zydis::BaseInstructionFormatter>(
ZYDIS_CONTEXT_INSTRUCTIONFORMATTER, formatter);
}
/* SymbolResolver =============================================================================== */
ZydisSymbolResolverContext* ZydisCreateCustomSymbolResolver(/*TODO*/)
{
return nullptr;
}
ZydisSymbolResolverContext* ZydisCreateExactSymbolResolver()
{
return ZydisCreateContext<ZydisSymbolResolverContext, Zydis::ExactSymbolResolver>(
ZYDIS_CONTEXT_SYMBOLRESOLVER_EXACT);
}
bool ZydisResolveSymbol(const ZydisSymbolResolverContext* resolver,
const ZydisInstructionInfo* info, uint64_t address, const char** symbol, uint64_t* offset)
{
Zydis::BaseSymbolResolver* instance =
ZydisRetrieveInstance<ZydisSymbolResolverContext,
Zydis::BaseSymbolResolver>(ZYDIS_CONTEXT_SYMBOLRESOLVER, resolver);
if (!instance)
{
return false;
}
*symbol = instance->resolveSymbol(*reinterpret_cast<const Zydis::InstructionInfo*>(info),
address, *offset);
return true;
}
bool ZydisExactSymbolResolverContainsSymbol(
const ZydisSymbolResolverContext* resolver, uint64_t address, bool* containsSymbol)
{
Zydis::ExactSymbolResolver* instance =
ZydisRetrieveInstance<ZydisSymbolResolverContext,
Zydis::ExactSymbolResolver>(ZYDIS_CONTEXT_SYMBOLRESOLVER_EXACT, resolver);
if (!instance)
{
return false;
}
*containsSymbol = instance->containsSymbol(address);
return true;
}
bool ZydisExactSymbolResolverSetSymbol(const ZydisSymbolResolverContext* resolver,
uint64_t address, const char* name)
{
Zydis::ExactSymbolResolver* instance =
ZydisRetrieveInstance<ZydisSymbolResolverContext,
Zydis::ExactSymbolResolver>(ZYDIS_CONTEXT_SYMBOLRESOLVER_EXACT, resolver);
if (!instance)
{
return false;
}
instance->setSymbol(address, name);
return true;
}
bool ZydisExactSymbolResolverRemoveSymbol(const ZydisSymbolResolverContext* resolver,
uint64_t address)
{
Zydis::ExactSymbolResolver* instance =
ZydisRetrieveInstance<ZydisSymbolResolverContext,
Zydis::ExactSymbolResolver>(ZYDIS_CONTEXT_SYMBOLRESOLVER_EXACT, resolver);
if (!instance)
{
return false;
}
instance->removeSymbol(address);
return true;
}
bool ZydisExactSymbolResolverClear(const ZydisSymbolResolverContext* resolver)
{
Zydis::ExactSymbolResolver* instance =
ZydisRetrieveInstance<ZydisSymbolResolverContext,
Zydis::ExactSymbolResolver>(ZYDIS_CONTEXT_SYMBOLRESOLVER_EXACT, resolver);
if (!instance)
{
return false;
}
instance->clear();
return true;
}
bool ZydisFreeSymbolResolver(const ZydisSymbolResolverContext* resolver)
{
return ZydisFreeContext<ZydisSymbolResolverContext, Zydis::BaseSymbolResolver>(
ZYDIS_CONTEXT_SYMBOLRESOLVER, resolver);
}
/* ============================================================================================== */

1627
Zydis/ZydisAPI.h Normal file
View File

File diff suppressed because it is too large Load Diff

753
VerteronDisassemblerEngine/VXInstructionDecoder.cpp → Zydis/ZydisInstructionDecoder.cpp
View File

File diff suppressed because it is too large Load Diff

254
VerteronDisassemblerEngine/VXInstructionDecoder.h → Zydis/ZydisInstructionDecoder.hpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,22 +26,24 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#pragma once
#ifndef _ZYDIS_INSTRUCTIONDECODER_HPP_
#define _ZYDIS_INSTRUCTIONDECODER_HPP_
#include <type_traits> #include <type_traits>
#include <istream> #include <istream>
#include "VXDisassemblerTypes.h" #include "ZydisTypes.hpp"
namespace Verteron namespace Zydis
{ {
/////////////////////////////////////////////////////////////////////////////////////////////////// /* BaseInput ==================================================================================== */
/** /**
* @brief The base class for all data-source implementations. * @brief The base class for all data-source implementations.
*/ */
class VXBaseDataSource class BaseInput
{ {
private: private:
uint8_t m_currentInput; uint8_t m_currentInput;
@ -66,12 +66,12 @@ protected:
/** /**
* @brief Default constructor. * @brief Default constructor.
*/ */
VXBaseDataSource() { }; BaseInput() { };
public: public:
/** /**
* @brief Destructor. * @brief Destructor.
*/ */
virtual ~VXBaseDataSource() { }; virtual ~BaseInput() { };
public: public:
/** /**
* @brief Reads the next byte from the data source. This method does NOT increase the * @brief Reads the next byte from the data source. This method does NOT increase the
@ -81,7 +81,7 @@ public:
* @c flags field of the @c info parameter for error flags. * @c flags field of the @c info parameter for error flags.
* Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH. * Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH.
*/ */
uint8_t inputPeek(VXInstructionInfo &info); uint8_t inputPeek(InstructionInfo& info);
/** /**
* @brief Reads the next byte from the data source. This method increases the current * @brief Reads the next byte from the data source. This method increases the current
* input position and the @c length field of the @c info parameter. * input position and the @c length field of the @c info parameter.
@ -92,7 +92,7 @@ public:
* @c flags field of the @c info parameter for error flags. * @c flags field of the @c info parameter for error flags.
* Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH. * Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH.
*/ */
uint8_t inputNext(VXInstructionInfo &info); uint8_t inputNext(InstructionInfo& info);
/** /**
* @brief Reads the next byte(s) from the data source. This method increases the current * @brief Reads the next byte(s) from the data source. This method increases the current
* input position and the @c length field of the @c info parameter. * input position and the @c length field of the @c info parameter.
@ -104,7 +104,7 @@ public:
* Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH. * Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH.
*/ */
template <typename T> template <typename T>
T inputNext(VXInstructionInfo &info); T inputNext(InstructionInfo& info);
/** /**
* @brief Returns the current input byte. The current input byte is set everytime the * @brief Returns the current input byte. The current input byte is set everytime the
* @c inputPeek or @c inputNext method is called. * @c inputPeek or @c inputNext method is called.
@ -133,7 +133,7 @@ public:
virtual bool setPosition(uint64_t position) = 0; virtual bool setPosition(uint64_t position) = 0;
}; };
inline uint8_t VXBaseDataSource::inputPeek(VXInstructionInfo &info) inline uint8_t BaseInput::inputPeek(InstructionInfo& info)
{ {
if (info.length == 15) if (info.length == 15)
{ {
@ -149,7 +149,7 @@ inline uint8_t VXBaseDataSource::inputPeek(VXInstructionInfo &info)
return m_currentInput; return m_currentInput;
} }
inline uint8_t VXBaseDataSource::inputNext(VXInstructionInfo &info) inline uint8_t BaseInput::inputNext(InstructionInfo& info)
{ {
if (info.length == 15) if (info.length == 15)
{ {
@ -168,14 +168,14 @@ inline uint8_t VXBaseDataSource::inputNext(VXInstructionInfo &info)
} }
template <typename T> template <typename T>
inline T VXBaseDataSource::inputNext(VXInstructionInfo &info) inline T BaseInput::inputNext(InstructionInfo& info)
{ {
static_assert(std::is_integral<T>::value, "integral type required"); static_assert(std::is_integral<T>::value, "integral type required");
T result = 0; T result = 0;
for (unsigned i = 0; i < (sizeof(T) / sizeof(uint8_t)); ++i) for (unsigned i = 0; i < (sizeof(T) / sizeof(uint8_t)); ++i)
{ {
T b = inputNext(info); T b = inputNext(info);
if (!b && (info.flags & IF_ERROR_MASK)) if (!b&& (info.flags& IF_ERROR_MASK))
{ {
return 0; return 0;
} }
@ -184,20 +184,20 @@ inline T VXBaseDataSource::inputNext(VXInstructionInfo &info)
return result; return result;
} }
inline uint8_t VXBaseDataSource::inputCurrent() const inline uint8_t BaseInput::inputCurrent() const
{ {
return m_currentInput; return m_currentInput;
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* MemoryInput ================================================================================== */
/** /**
* @brief A memory-buffer based data source for the @c VXInstructionDecoder class. * @brief A memory-buffer based data source for the @c InstructionDecoder class.
*/ */
class VXMemoryDataSource : public VXBaseDataSource class MemoryInput : public BaseInput
{ {
private: private:
const void *m_inputBuffer; const void* m_inputBuffer;
uint64_t m_inputBufferLen; uint64_t m_inputBufferLen;
uint64_t m_inputBufferPos; uint64_t m_inputBufferPos;
protected: protected:
@ -219,7 +219,7 @@ public:
* @param buffer The input buffer. * @param buffer The input buffer.
* @param bufferLen The length of the input buffer. * @param bufferLen The length of the input buffer.
*/ */
VXMemoryDataSource(const void* buffer, size_t bufferLen) MemoryInput(const void* buffer, size_t bufferLen)
: m_inputBuffer(buffer) : m_inputBuffer(buffer)
, m_inputBufferLen(bufferLen) , m_inputBufferLen(bufferLen)
, m_inputBufferPos(0) { }; , m_inputBufferPos(0) { };
@ -242,42 +242,42 @@ public:
bool setPosition(uint64_t position) override; bool setPosition(uint64_t position) override;
}; };
inline uint8_t VXMemoryDataSource::internalInputPeek() inline uint8_t MemoryInput::internalInputPeek()
{ {
return *(static_cast<const uint8_t*>(m_inputBuffer) + m_inputBufferPos); return *(static_cast<const uint8_t*>(m_inputBuffer) + m_inputBufferPos);
} }
inline uint8_t VXMemoryDataSource::internalInputNext() inline uint8_t MemoryInput::internalInputNext()
{ {
++m_inputBufferPos; ++m_inputBufferPos;
return *(static_cast<const uint8_t*>(m_inputBuffer) + m_inputBufferPos - 1); return *(static_cast<const uint8_t*>(m_inputBuffer) + m_inputBufferPos - 1);
} }
inline bool VXMemoryDataSource::isEndOfInput() const inline bool MemoryInput::isEndOfInput() const
{ {
return (m_inputBufferPos >= m_inputBufferLen); return (m_inputBufferPos >= m_inputBufferLen);
} }
inline uint64_t VXMemoryDataSource::getPosition() const inline uint64_t MemoryInput::getPosition() const
{ {
return m_inputBufferPos; return m_inputBufferPos;
} }
inline bool VXMemoryDataSource::setPosition(uint64_t position) inline bool MemoryInput::setPosition(uint64_t position)
{ {
m_inputBufferPos = position; m_inputBufferPos = position;
return isEndOfInput(); return isEndOfInput();
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* StreamInput ================================================================================== */
/** /**
* @brief A stream based data source for the @c VXInstructionDecoder class. * @brief A stream based data source for the @c InstructionDecoder class.
*/ */
class VXStreamDataSource : public VXBaseDataSource class StreamInput : public BaseInput
{ {
private: private:
std::istream *m_inputStream; std::istream* m_inputStream;
protected: protected:
/** /**
* @brief Reads the next byte from the data source. This method increases the current * @brief Reads the next byte from the data source. This method increases the current
@ -296,7 +296,7 @@ public:
* @brief Constructor. * @brief Constructor.
* @param stream The input stream. * @param stream The input stream.
*/ */
explicit VXStreamDataSource(std::istream *stream) explicit StreamInput(std::istream* stream)
: m_inputStream(stream) { }; : m_inputStream(stream) { };
public: public:
/** /**
@ -317,25 +317,25 @@ public:
bool setPosition(uint64_t position) override; bool setPosition(uint64_t position) override;
}; };
inline uint8_t VXStreamDataSource::internalInputPeek() inline uint8_t StreamInput::internalInputPeek()
{ {
if (!m_inputStream) if (!m_inputStream)
{ {
return 0; return 0;
} }
return m_inputStream->peek(); return static_cast<uint8_t>(m_inputStream->peek());
} }
inline uint8_t VXStreamDataSource::internalInputNext() inline uint8_t StreamInput::internalInputNext()
{ {
if (!m_inputStream) if (!m_inputStream)
{ {
return 0; return 0;
} }
return m_inputStream->get(); return static_cast<uint8_t>(m_inputStream->get());
} }
inline bool VXStreamDataSource::isEndOfInput() const inline bool StreamInput::isEndOfInput() const
{ {
if (!m_inputStream) if (!m_inputStream)
{ {
@ -346,7 +346,7 @@ inline bool VXStreamDataSource::isEndOfInput() const
return !m_inputStream->good(); return !m_inputStream->good();
} }
inline uint64_t VXStreamDataSource::getPosition() const inline uint64_t StreamInput::getPosition() const
{ {
if (!m_inputStream) if (!m_inputStream)
{ {
@ -355,7 +355,7 @@ inline uint64_t VXStreamDataSource::getPosition() const
return m_inputStream->tellg(); return m_inputStream->tellg();
} }
inline bool VXStreamDataSource::setPosition(uint64_t position) inline bool StreamInput::setPosition(uint64_t position)
{ {
if (!m_inputStream) if (!m_inputStream)
{ {
@ -365,12 +365,12 @@ inline bool VXStreamDataSource::setPosition(uint64_t position)
return isEndOfInput(); return isEndOfInput();
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* Enums ======================================================================================== */
/** /**
* @brief Values that represent a disassembler mode. * @brief Values that represent a disassembler mode.
*/ */
enum class VXDisassemblerMode enum class DisassemblerMode : uint8_t
{ {
M16BIT, M16BIT,
M32BIT, M32BIT,
@ -380,21 +380,23 @@ enum class VXDisassemblerMode
/** /**
* @brief Values that represent an instruction-set vendor. * @brief Values that represent an instruction-set vendor.
*/ */
enum class VXInstructionSetVendor enum class InstructionSetVendor : uint8_t
{ {
ANY, ANY,
INTEL, INTEL,
AMD AMD
}; };
/* InstructionDecoder =========================================================================== */
/** /**
* @brief The @c VXInstructionDecoder class decodes x86/x86-64 assembly instructions from a * @brief The @c InstructionDecoder class decodes x86/x86-64 assembly instructions from a
* given data source. * given data source.
*/ */
class VXInstructionDecoder class InstructionDecoder
{ {
private: private:
enum class RegisterClass enum class RegisterClass : uint8_t
{ {
GENERAL_PURPOSE, GENERAL_PURPOSE,
MMX, MMX,
@ -404,10 +406,10 @@ private:
XMM XMM
}; };
private: private:
VXBaseDataSource *m_dataSource; BaseInput* m_input;
VXDisassemblerMode m_disassemblerMode; DisassemblerMode m_disassemblerMode;
VXInstructionSetVendor m_preferredVendor; InstructionSetVendor m_preferredVendor;
uint64_t m_instructionPointer; uint64_t m_instructionPointer;
private: private:
/** /**
* @brief Reads the next byte from the data source. This method does NOT increase the * @brief Reads the next byte from the data source. This method does NOT increase the
@ -417,7 +419,7 @@ private:
* @c flags field of the @c info parameter for error flags. * @c flags field of the @c info parameter for error flags.
* Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH. * Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH.
*/ */
uint8_t inputPeek(VXInstructionInfo &info); uint8_t inputPeek(InstructionInfo& info);
/** /**
* @brief Reads the next byte from the data source. This method increases the current * @brief Reads the next byte from the data source. This method increases the current
* input position and the @c length field of the @info parameter. * input position and the @c length field of the @info parameter.
@ -428,7 +430,7 @@ private:
* @c flags field of the @c info parameter for error flags. * @c flags field of the @c info parameter for error flags.
* Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH. * Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH.
*/ */
uint8_t inputNext(VXInstructionInfo &info); uint8_t inputNext(InstructionInfo& info);
/** /**
* @brief Reads the next byte(s) from the data source. This method increases the current * @brief Reads the next byte(s) from the data source. This method increases the current
* input position and the @c length field of the @info parameter. * input position and the @c length field of the @info parameter.
@ -440,7 +442,7 @@ private:
* Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH. * Possible error values are @c IF_ERROR_END_OF_INPUT or @c IF_ERROR_LENGTH.
*/ */
template <typename T> template <typename T>
T inputNext(VXInstructionInfo &info); T inputNext(InstructionInfo& info);
/** /**
* @brief Returns the current input byte. The current input byte is set everytime the * @brief Returns the current input byte. The current input byte is set everytime the
* @c inputPeek or @c inputNext method is called. * @c inputPeek or @c inputNext method is called.
@ -451,64 +453,64 @@ private:
/** /**
* @brief Decodes a register operand. * @brief Decodes a register operand.
* @param info The instruction info. * @param info The instruction info.
* @param operand The @c VXOperandInfo struct that receives the decoded data. * @param operand The @c OperandInfo struct that receives the decoded data.
* @param registerClass The register class to use. * @param registerClass The register class to use.
* @param registerId The register id. * @param registerId The register id.
* @param operandSize The defined size of the operand. * @param operandSize The defined size of the operand.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeRegisterOperand(VXInstructionInfo &info, VXOperandInfo &operand, bool decodeRegisterOperand(InstructionInfo& info, OperandInfo& operand,
RegisterClass registerClass, uint8_t registerId, VXDefinedOperandSize operandSize) const; RegisterClass registerClass, uint8_t registerId, DefinedOperandSize operandSize) const;
/** /**
* @brief Decodes a register/memory operand. * @brief Decodes a register/memory operand.
* @param info The instruction info. * @param info The instruction info.
* @param operand The @c VXOperandInfo struct that receives the decoded data. * @param operand The @c OperandInfo struct that receives the decoded data.
* @param registerClass The register class to use. * @param registerClass The register class to use.
* @param operandSize The defined size of the operand. * @param operandSize The defined size of the operand.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeRegisterMemoryOperand(VXInstructionInfo &info, VXOperandInfo &operand, bool decodeRegisterMemoryOperand(InstructionInfo& info, OperandInfo& operand,
RegisterClass registerClass, VXDefinedOperandSize operandSize); RegisterClass registerClass, DefinedOperandSize operandSize);
/** /**
* @brief Decodes an immediate operand. * @brief Decodes an immediate operand.
* @param info The instruction info. * @param info The instruction info.
* @param operand The @c VXOperandInfo struct that receives the decoded data. * @param operand The @c OperandInfo struct that receives the decoded data.
* @param operandSize The defined size of the operand. * @param operandSize The defined size of the operand.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeImmediate(VXInstructionInfo &info, VXOperandInfo &operand, bool decodeImmediate(InstructionInfo& info, OperandInfo& operand,
VXDefinedOperandSize operandSize); DefinedOperandSize operandSize);
/** /**
* @brief Decodes a displacement operand. * @brief Decodes a displacement operand.
* @param info The instruction info. * @param info The instruction info.
* @param operand The @c VXOperandInfo struct that receives the decoded data. * @param operand The @c OperandInfo struct that receives the decoded data.
* @param size The size of the displacement data. * @param size The size of the displacement data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeDisplacement(VXInstructionInfo &info, VXOperandInfo &operand, uint8_t size); bool decodeDisplacement(InstructionInfo& info, OperandInfo& operand, uint8_t size);
private: private:
/** /**
* @brief Decodes the modrm field of the instruction. This method reads an additional * @brief Decodes the modrm field of the instruction. This method reads an additional
* input byte. * input byte.
* @param The @c VXInstructionInfo struct that receives the decoded data. * @param The @c InstructionInfo struct that receives the decoded data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeModrm(VXInstructionInfo &info); bool decodeModrm(InstructionInfo& info);
/** /**
* @brief Decodes the sib field of the instruction. This method reads an additional * @brief Decodes the sib field of the instruction. This method reads an additional
* input byte. * input byte.
* @param info The @c VXInstructionInfo struct that receives the decoded data. * @param info The @c InstructionInfo struct that receives the decoded data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeSIB(VXInstructionInfo &info); bool decodeSIB(InstructionInfo& info);
/** /**
* @brief Decodes vex prefix of the instruction. This method takes the current input byte * @brief Decodes vex prefix of the instruction. This method takes the current input byte
* to determine the vex prefix type and reads one or two additional input bytes * to determine the vex prefix type and reads one or two additional input bytes
* on demand. * on demand.
* @param info The @c VXInstructionInfo struct that receives the decoded data. * @param info The @c InstructionInfo struct that receives the decoded data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeVex(VXInstructionInfo &info); bool decodeVex(InstructionInfo& info);
private: private:
/** /**
* @brief Returns the effective operand size. * @brief Returns the effective operand size.
@ -516,59 +518,59 @@ private:
* @param operandSize The defined operand size. * @param operandSize The defined operand size.
* @return The effective operand size. * @return The effective operand size.
*/ */
uint16_t getEffectiveOperandSize(const VXInstructionInfo &info, uint16_t getEffectiveOperandSize(const InstructionInfo& info,
VXDefinedOperandSize operandSize) const; DefinedOperandSize operandSize) const;
/** /**
* @brief Decodes all instruction operands. * @brief Decodes all instruction operands.
* @param info The @c VXInstructionInfo struct that receives the decoded data. * @param info The @c InstructionInfo struct that receives the decoded data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeOperands(VXInstructionInfo &info); bool decodeOperands(InstructionInfo& info);
/** /**
* @brief Decodes the specified instruction operand. * @brief Decodes the specified instruction operand.
* @param info The instruction info. * @param info The instruction info.
* @param operand The @c VXOperandInfo struct that receives the decoded data. * @param operand The @c OperandInfo struct that receives the decoded data.
* @param operandType The defined type of the operand. * @param operandType The defined type of the operand.
* @param operandSize The defined size of the operand. * @param operandSize The defined size of the operand.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeOperand(VXInstructionInfo &info, VXOperandInfo &operand, bool decodeOperand(InstructionInfo& info, OperandInfo& operand,
VXDefinedOperandType operandType, VXDefinedOperandSize operandSize); DefinedOperandType operandType, DefinedOperandSize operandSize);
private: private:
/** /**
* @brief Resolves the effective operand and address mode of the instruction. * @brief Resolves the effective operand and address mode of the instruction.
* This method requires a non-null value in the @c instrDefinition field of the * This method requires a non-null value in the @c instrDefinition field of the
* @c info struct. * @c info struct.
* @param info The @c VXInstructionInfo struct that receives the effective operand and * @param info The @c InstructionInfo struct that receives the effective operand and
* address mode. * address mode.
*/ */
void resolveOperandAndAddressMode(VXInstructionInfo &info) const; void resolveOperandAndAddressMode(InstructionInfo& info) const;
/** /**
* @brief Calculates the effective REX/VEX.w, r, x, b, l values. * @brief Calculates the effective REX/VEX.w, r, x, b, l values.
* This method requires a non-null value in the @c instrDefinition field of the * This method requires a non-null value in the @c instrDefinition field of the
* @c info struct. * @c info struct.
* @param info The @c VXInstructionInfo struct that receives the effective operand and * @param info The @c InstructionInfo struct that receives the effective operand and
* address mode. * address mode.
*/ */
void calculateEffectiveRexVexValues(VXInstructionInfo &info) const; void calculateEffectiveRexVexValues(InstructionInfo& info) const;
private: private:
/** /**
* @brief Collects and decodes optional instruction prefixes. * @brief Collects and decodes optional instruction prefixes.
* @param info The @c VXInstructionInfo struct that receives the decoded data. * @param info The @c InstructionInfo struct that receives the decoded data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodePrefixes(VXInstructionInfo &info); bool decodePrefixes(InstructionInfo& info);
/** /**
* @brief Collects and decodes the instruction opcodes using the opcode tree. * @brief Collects and decodes the instruction opcodes using the opcode tree.
* @param info The @c VXInstructionInfo struct that receives the decoded data. * @param info The @c InstructionInfo struct that receives the decoded data.
* @return True if it succeeds, false if it fails. * @return True if it succeeds, false if it fails.
*/ */
bool decodeOpcode(VXInstructionInfo &info); bool decodeOpcode(InstructionInfo& info);
public: public:
/** /**
* @brief Default constructor. * @brief Default constructor.
*/ */
VXInstructionDecoder(); InstructionDecoder();
/** /**
* @brief Constructor. * @brief Constructor.
* @param input A reference to the input data source. * @param input A reference to the input data source.
@ -576,51 +578,51 @@ public:
* @param preferredVendor The preferred instruction-set vendor. * @param preferredVendor The preferred instruction-set vendor.
* @param instructionPointer The initial instruction pointer. * @param instructionPointer The initial instruction pointer.
*/ */
explicit VXInstructionDecoder(VXBaseDataSource *input, explicit InstructionDecoder(BaseInput* input,
VXDisassemblerMode disassemblerMode = VXDisassemblerMode::M32BIT, DisassemblerMode disassemblerMode = DisassemblerMode::M32BIT,
VXInstructionSetVendor preferredVendor = VXInstructionSetVendor::ANY, InstructionSetVendor preferredVendor = InstructionSetVendor::ANY,
uint64_t instructionPointer = 0); uint64_t instructionPointer = 0);
public: public:
/** /**
* @brief Decodes the next instruction from the input data source. * @brief Decodes the next instruction from the input data source.
* @param info The @c VXInstructionInfo struct that receives the information about the * @param info The @c InstructionInfo struct that receives the information about the
* decoded instruction. * decoded instruction.
* @return This method returns false, if the current position has exceeded the maximum input * @return This method returns false, if the current position has exceeded the maximum input
* length. * length.
* In all other cases (valid and invalid instructions) the return value is true. * In all other cases (valid and invalid instructions) the return value is true.
*/ */
bool decodeInstruction(VXInstructionInfo &info); bool decodeInstruction(InstructionInfo& info);
public: public:
/** /**
* @brief Returns a pointer to the current data source. * @brief Returns a pointer to the current data source.
* @return A pointer to the current data source. * @return A pointer to the current data source.
*/ */
VXBaseDataSource* getDataSource() const; BaseInput* getDataSource() const;
/** /**
* @brief Sets a new data source. * @brief Sets a new data source.
* @param input A reference to the new input data source. * @param input A reference to the new input data source.
*/ */
void setDataSource(VXBaseDataSource *input); void setDataSource(BaseInput* input);
/** /**
* @brief Returns the current disassembler mode. * @brief Returns the current disassembler mode.
* @return The current disassembler mode. * @return The current disassembler mode.
*/ */
VXDisassemblerMode getDisassemblerMode() const; DisassemblerMode getDisassemblerMode() const;
/** /**
* @brief Sets the current disassembler mode. * @brief Sets the current disassembler mode.
* @param disassemblerMode The new disassembler mode. * @param disassemblerMode The new disassembler mode.
*/ */
void setDisassemblerMode(VXDisassemblerMode disassemblerMode); void setDisassemblerMode(DisassemblerMode disassemblerMode);
/** /**
* @brief Returns the preferred instruction-set vendor. * @brief Returns the preferred instruction-set vendor.
* @return The preferred instruction-set vendor. * @return The preferred instruction-set vendor.
*/ */
VXInstructionSetVendor getPreferredVendor() const; InstructionSetVendor getPreferredVendor() const;
/** /**
* @brief Sets the preferred instruction-set vendor. * @brief Sets the preferred instruction-set vendor.
* @param preferredVendor The new preferred instruction-set vendor. * @param preferredVendor The new preferred instruction-set vendor.
*/ */
void setPreferredVendor(VXInstructionSetVendor preferredVendor); void setPreferredVendor(InstructionSetVendor preferredVendor);
/** /**
* @brief Returns the current instruction pointer. * @brief Returns the current instruction pointer.
* @return The current instruction pointer. * @return The current instruction pointer.
@ -633,86 +635,88 @@ public:
void setInstructionPointer(uint64_t instructionPointer); void setInstructionPointer(uint64_t instructionPointer);
}; };
inline uint8_t VXInstructionDecoder::inputPeek(VXInstructionInfo &info) inline uint8_t InstructionDecoder::inputPeek(InstructionInfo& info)
{ {
if (!m_dataSource) if (!m_input)
{ {
info.flags |= IF_ERROR_END_OF_INPUT; info.flags |= IF_ERROR_END_OF_INPUT;
return 0; return 0;
} }
return m_dataSource->inputPeek(info); return m_input->inputPeek(info);
} }
inline uint8_t VXInstructionDecoder::inputNext(VXInstructionInfo &info) inline uint8_t InstructionDecoder::inputNext(InstructionInfo& info)
{ {
if (!m_dataSource) if (!m_input)
{ {
info.flags |= IF_ERROR_END_OF_INPUT; info.flags |= IF_ERROR_END_OF_INPUT;
return 0; return 0;
} }
return m_dataSource->inputNext(info); return m_input->inputNext(info);
} }
template <typename T> template <typename T>
inline T VXInstructionDecoder::inputNext(VXInstructionInfo &info) inline T InstructionDecoder::inputNext(InstructionInfo& info)
{ {
if (!m_dataSource) if (!m_input)
{ {
info.flags |= IF_ERROR_END_OF_INPUT; info.flags |= IF_ERROR_END_OF_INPUT;
return 0; return 0;
} }
return m_dataSource->inputNext<T>(info); return m_input->inputNext<T>(info);
} }
inline uint8_t VXInstructionDecoder::inputCurrent() const inline uint8_t InstructionDecoder::inputCurrent() const
{ {
if (!m_dataSource) if (!m_input)
{ {
return 0; return 0;
} }
return m_dataSource->inputCurrent(); return m_input->inputCurrent();
} }
inline VXBaseDataSource* VXInstructionDecoder::getDataSource() const inline BaseInput *InstructionDecoder::getDataSource() const
{ {
return m_dataSource; return m_input;
} }
inline void VXInstructionDecoder::setDataSource(VXBaseDataSource *input) inline void InstructionDecoder::setDataSource(BaseInput* input)
{ {
m_dataSource = input; m_input = input;
} }
inline VXDisassemblerMode VXInstructionDecoder::getDisassemblerMode() const inline DisassemblerMode InstructionDecoder::getDisassemblerMode() const
{ {
return m_disassemblerMode; return m_disassemblerMode;
} }
inline void VXInstructionDecoder::setDisassemblerMode(VXDisassemblerMode disassemblerMode) inline void InstructionDecoder::setDisassemblerMode(DisassemblerMode disassemblerMode)
{ {
m_disassemblerMode = disassemblerMode; m_disassemblerMode = disassemblerMode;
} }
inline VXInstructionSetVendor VXInstructionDecoder::getPreferredVendor() const inline InstructionSetVendor InstructionDecoder::getPreferredVendor() const
{ {
return m_preferredVendor; return m_preferredVendor;
} }
inline void VXInstructionDecoder::setPreferredVendor(VXInstructionSetVendor preferredVendor) inline void InstructionDecoder::setPreferredVendor(InstructionSetVendor preferredVendor)
{ {
m_preferredVendor = preferredVendor; m_preferredVendor = preferredVendor;
} }
inline uint64_t VXInstructionDecoder::getInstructionPointer() const inline uint64_t InstructionDecoder::getInstructionPointer() const
{ {
return m_instructionPointer; return m_instructionPointer;
} }
inline void VXInstructionDecoder::setInstructionPointer(uint64_t instructionPointer) inline void InstructionDecoder::setInstructionPointer(uint64_t instructionPointer)
{ {
m_instructionPointer = instructionPointer; m_instructionPointer = instructionPointer;
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* ============================================================================================== */
} }
#endif /* _ZYDIS_INSTRUCTIONDECODER_HPP_ */

264
VerteronDisassemblerEngine/VXInstructionFormatter.cpp → Zydis/ZydisInstructionFormatter.cpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 22. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,31 +26,20 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#include "VXInstructionFormatter.h"
#include "VXDisassemblerUtils.h" #include "ZydisInstructionFormatter.hpp"
#include "ZydisUtils.hpp"
#include <cstdarg> #include <cstdarg>
#include <cctype> #include <cctype>
#include <cstdio>
namespace Verteron namespace Zydis
{ {
/////////////////////////////////////////////////////////////////////////////////////////////////// /* BaseInstructionFormatter ================================================================ */
VXBaseSymbolResolver::~VXBaseSymbolResolver() const char *BaseInstructionFormatter::m_registerStrings[] =
{
}
const char* VXBaseSymbolResolver::resolveSymbol(const VXInstructionInfo &info, uint64_t address,
uint64_t &offset)
{
return nullptr;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
const char* VXBaseInstructionFormatter::m_registerStrings[] =
{ {
/* 8 bit general purpose registers */ /* 8 bit general purpose registers */
"al", "cl", "dl", "bl", "al", "cl", "dl", "bl",
@ -108,12 +95,12 @@ const char* VXBaseInstructionFormatter::m_registerStrings[] =
"rip" "rip"
}; };
void VXBaseInstructionFormatter::internalFormatInstruction(const VXInstructionInfo &info) void BaseInstructionFormatter::internalFormatInstruction(const InstructionInfo& /*info*/)
{ {
// Nothing to do here // Nothing to do here
} }
VXBaseInstructionFormatter::VXBaseInstructionFormatter() BaseInstructionFormatter::BaseInstructionFormatter()
: m_symbolResolver(nullptr) : m_symbolResolver(nullptr)
, m_outputStringLen(0) , m_outputStringLen(0)
, m_outputUppercase(false) , m_outputUppercase(false)
@ -121,7 +108,8 @@ VXBaseInstructionFormatter::VXBaseInstructionFormatter()
} }
VXBaseInstructionFormatter::VXBaseInstructionFormatter(VXBaseSymbolResolver *symbolResolver) BaseInstructionFormatter::BaseInstructionFormatter(
BaseSymbolResolver *symbolResolver)
: m_symbolResolver(symbolResolver) : m_symbolResolver(symbolResolver)
, m_outputStringLen(0) , m_outputStringLen(0)
, m_outputUppercase(false) , m_outputUppercase(false)
@ -129,7 +117,7 @@ VXBaseInstructionFormatter::VXBaseInstructionFormatter(VXBaseSymbolResolver *sym
} }
const char* VXBaseInstructionFormatter::formatInstruction(const VXInstructionInfo &info) const char* BaseInstructionFormatter::formatInstruction(const InstructionInfo& info)
{ {
// Clears the internal string buffer // Clears the internal string buffer
outputClear(); outputClear();
@ -138,28 +126,28 @@ const char* VXBaseInstructionFormatter::formatInstruction(const VXInstructionInf
if (m_outputBuffer.size() == 0) if (m_outputBuffer.size() == 0)
{ {
// The basic instruction formatter only returns the instruction menmonic. // The basic instruction formatter only returns the instruction menmonic.
return Internal::VDEGetInstructionMnemonicString(info.mnemonic); return Internal::GetInstructionMnemonicString(info.mnemonic);
} }
// Return the formatted instruction string // Return the formatted instruction string
return outputString(); return outputString();
} }
VXBaseInstructionFormatter::~VXBaseInstructionFormatter() BaseInstructionFormatter::~BaseInstructionFormatter()
{ {
} }
void VXBaseInstructionFormatter::outputClear() void BaseInstructionFormatter::outputClear()
{ {
m_outputStringLen = 0; m_outputStringLen = 0;
} }
char const* VXBaseInstructionFormatter::outputString() char const *BaseInstructionFormatter::outputString()
{ {
return &m_outputBuffer[0]; return& m_outputBuffer[0];
} }
void VXBaseInstructionFormatter::outputAppend(char const *text) void BaseInstructionFormatter::outputAppend(char const* text)
{ {
// Get the string length including the null-terminator char // Get the string length including the null-terminator char
size_t strLen = strlen(text) + 1; size_t strLen = strlen(text) + 1;
@ -183,12 +171,12 @@ char const* VXBaseInstructionFormatter::outputString()
{ {
for (size_t i = offset; i < m_outputStringLen - 1; ++i) for (size_t i = offset; i < m_outputStringLen - 1; ++i)
{ {
m_outputBuffer[i] = toupper(m_outputBuffer[i]); m_outputBuffer[i] = static_cast<char>(toupper(m_outputBuffer[i]));
} }
} }
} }
void VXBaseInstructionFormatter::outputAppendFormatted(char const *format, ...) void BaseInstructionFormatter::outputAppendFormatted(char const* format, ...)
{ {
va_list arguments; va_list arguments;
va_start(arguments, format); va_start(arguments, format);
@ -214,8 +202,7 @@ char const* VXBaseInstructionFormatter::outputString()
} }
// Write the formatted text to the output buffer // Write the formatted text to the output buffer
assert((bufLen - offset) > 0); assert((bufLen - offset) > 0);
strLen = strLen = std::vsnprintf(&m_outputBuffer[offset], bufLen - offset, format, arguments);
vsnprintf_s(&m_outputBuffer[offset], bufLen - offset, _TRUNCATE, format, arguments);
} while (strLen < 0); } while (strLen < 0);
// Increase the string length // Increase the string length
m_outputStringLen = offset + strLen + 1; m_outputStringLen = offset + strLen + 1;
@ -224,17 +211,17 @@ char const* VXBaseInstructionFormatter::outputString()
{ {
for (size_t i = offset; i < m_outputStringLen - 1; ++i) for (size_t i = offset; i < m_outputStringLen - 1; ++i)
{ {
m_outputBuffer[i] = toupper(m_outputBuffer[i]); m_outputBuffer[i] = static_cast<char>(toupper(m_outputBuffer[i]));
} }
} }
va_end(arguments); va_end(arguments);
} }
void VXBaseInstructionFormatter::outputAppendAddress(const VXInstructionInfo &info, void BaseInstructionFormatter::outputAppendAddress(const InstructionInfo& info,
uint64_t address, bool resolveSymbols) uint64_t address, bool resolveSymbols)
{ {
uint64_t offset = 0; uint64_t offset = 0;
const char* name = nullptr; const char *name = nullptr;
if (resolveSymbols) if (resolveSymbols)
{ {
name = resolveSymbol(info, address, offset); name = resolveSymbol(info, address, offset);
@ -250,13 +237,13 @@ void VXBaseInstructionFormatter::outputAppendAddress(const VXInstructionInfo &in
} }
} else } else
{ {
if (info.flags & IF_DISASSEMBLER_MODE_16) if (info.flags& IF_DISASSEMBLER_MODE_16)
{ {
outputAppendFormatted("%.4X", address); outputAppendFormatted("%.4X", address);
} else if (info.flags & IF_DISASSEMBLER_MODE_32) } else if (info.flags& IF_DISASSEMBLER_MODE_32)
{ {
outputAppendFormatted("%.8lX", address); outputAppendFormatted("%.8lX", address);
} else if (info.flags & IF_DISASSEMBLER_MODE_64) } else if (info.flags& IF_DISASSEMBLER_MODE_64)
{ {
outputAppendFormatted("%.16llX", address); outputAppendFormatted("%.16llX", address);
} else } else
@ -266,12 +253,12 @@ void VXBaseInstructionFormatter::outputAppendAddress(const VXInstructionInfo &in
} }
} }
void VXBaseInstructionFormatter::outputAppendImmediate(const VXInstructionInfo &info, void BaseInstructionFormatter::outputAppendImmediate(const InstructionInfo& info,
const VXOperandInfo &operand, bool resolveSymbols) const OperandInfo& operand, bool resolveSymbols)
{ {
assert(operand.type == VXOperandType::IMMEDIATE); assert(operand.type == OperandType::IMMEDIATE);
uint64_t value = 0; uint64_t value = 0;
if (operand.signed_lval && (operand.size != info.operand_mode)) if (operand.signed_lval&& (operand.size != info.operand_mode))
{ {
if (operand.size == 8) if (operand.size == 8)
{ {
@ -283,7 +270,7 @@ void VXBaseInstructionFormatter::outputAppendImmediate(const VXInstructionInfo &
} }
if (info.operand_mode < 64) if (info.operand_mode < 64)
{ {
value = value & ((1ull << info.operand_mode) - 1ull); value = value& ((1ull << info.operand_mode) - 1ull);
} }
} else } else
{ {
@ -306,7 +293,7 @@ void VXBaseInstructionFormatter::outputAppendImmediate(const VXInstructionInfo &
} }
} }
uint64_t offset = 0; uint64_t offset = 0;
const char* name = nullptr; const char *name = nullptr;
if (resolveSymbols) if (resolveSymbols)
{ {
name = resolveSymbol(info, value, offset); name = resolveSymbol(info, value, offset);
@ -326,11 +313,10 @@ void VXBaseInstructionFormatter::outputAppendImmediate(const VXInstructionInfo &
} }
} }
void VXBaseInstructionFormatter::outputAppendDisplacement(const VXInstructionInfo &info, void BaseInstructionFormatter::outputAppendDisplacement(const OperandInfo& operand)
const VXOperandInfo &operand)
{ {
assert(operand.offset > 0); assert(operand.offset > 0);
if ((operand.base == VXRegister::NONE) && (operand.index == VXRegister::NONE)) if ((operand.base == Register::NONE)&& (operand.index == Register::NONE))
{ {
// Assume the displacement value is unsigned // Assume the displacement value is unsigned
assert(operand.scale == 0); assert(operand.scale == 0);
@ -375,16 +361,15 @@ void VXBaseInstructionFormatter::outputAppendDisplacement(const VXInstructionInf
outputAppendFormatted("-%.2lX", -value); outputAppendFormatted("-%.2lX", -value);
} else } else
{ {
outputAppendFormatted("%s%.2lX", (operand.base != VXRegister::NONE || outputAppendFormatted("%s%.2lX", (operand.base != Register::NONE ||
operand.index != VXRegister::NONE) ? "+" : "", value); operand.index != Register::NONE) ? "+" : "", value);
} }
} }
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* IntelInstructionFormatter =============================================================== */
void VXIntelInstructionFormatter::outputAppendOperandCast(const VXInstructionInfo &info, void IntelInstructionFormatter::outputAppendOperandCast(const OperandInfo& operand)
const VXOperandInfo &operand)
{ {
switch(operand.size) switch(operand.size)
{ {
@ -414,33 +399,33 @@ void VXIntelInstructionFormatter::outputAppendOperandCast(const VXInstructionInf
} }
} }
void VXIntelInstructionFormatter::formatOperand(const VXInstructionInfo &info, void IntelInstructionFormatter::formatOperand(const InstructionInfo& info,
const VXOperandInfo &operand) const OperandInfo& operand)
{ {
switch (operand.type) switch (operand.type)
{ {
case VXOperandType::REGISTER: case OperandType::REGISTER:
outputAppend(registerToString(operand.base)); outputAppend(registerToString(operand.base));
break; break;
case VXOperandType::MEMORY: case OperandType::MEMORY:
if (info.flags & IF_PREFIX_SEGMENT) if (info.flags& IF_PREFIX_SEGMENT)
{ {
outputAppendFormatted("%s:", registerToString(info.segment)); outputAppendFormatted("%s:", registerToString(info.segment));
} }
outputAppend("["); outputAppend("[");
if (operand.base == VXRegister::RIP) if (operand.base == Register::RIP)
{ {
// TODO: Add option // TODO: Add option
outputAppendAddress(info, VDECalcAbsoluteTarget(info, operand), true); outputAppendAddress(info, CalcAbsoluteTarget(info, operand), true);
} else } else
{ {
if (operand.base != VXRegister::NONE) if (operand.base != Register::NONE)
{ {
outputAppend(registerToString(operand.base)); outputAppend(registerToString(operand.base));
} }
if (operand.index != VXRegister::NONE) if (operand.index != Register::NONE)
{ {
outputAppendFormatted("%s%s", operand.base != VXRegister::NONE ? "+" : "", outputAppendFormatted("%s%s", operand.base != Register::NONE ? "+" : "",
registerToString(operand.index)); registerToString(operand.index));
if (operand.scale) if (operand.scale)
{ {
@ -449,18 +434,18 @@ void VXIntelInstructionFormatter::formatOperand(const VXInstructionInfo &info,
} }
if (operand.offset) if (operand.offset)
{ {
outputAppendDisplacement(info, operand); outputAppendDisplacement(operand);
} }
} }
outputAppend("]"); outputAppend("]");
break; break;
case VXOperandType::POINTER: case OperandType::POINTER:
// TODO: resolve symbols // TODO: resolve symbols
switch (operand.size) switch (operand.size)
{ {
case 32: case 32:
outputAppendFormatted("word %.4X:%.4X", operand.lval.ptr.seg, outputAppendFormatted("word %.4X:%.4X", operand.lval.ptr.seg,
operand.lval.ptr.off & 0xFFFF); operand.lval.ptr.off& 0xFFFF);
break; break;
case 48: case 48:
outputAppendFormatted("dword %.4X:%.8lX", operand.lval.ptr.seg, operand.lval.ptr.off); outputAppendFormatted("dword %.4X:%.8lX", operand.lval.ptr.seg, operand.lval.ptr.off);
@ -469,21 +454,21 @@ void VXIntelInstructionFormatter::formatOperand(const VXInstructionInfo &info,
assert(0); assert(0);
} }
break; break;
case VXOperandType::IMMEDIATE: case OperandType::IMMEDIATE:
{ {
outputAppendImmediate(info, operand, true); outputAppendImmediate(info, operand, true);
} }
break; break;
case VXOperandType::REL_IMMEDIATE: case OperandType::REL_IMMEDIATE:
{ {
if (operand.size == 8) if (operand.size == 8)
{ {
outputAppend("short "); outputAppend("short ");
} }
outputAppendAddress(info, VDECalcAbsoluteTarget(info, operand), true); outputAppendAddress(info, CalcAbsoluteTarget(info, operand), true);
} }
break; break;
case VXOperandType::CONSTANT: case OperandType::CONSTANT:
outputAppendFormatted("%.2X", operand.lval.udword); outputAppendFormatted("%.2X", operand.lval.udword);
break; break;
default: default:
@ -492,47 +477,47 @@ void VXIntelInstructionFormatter::formatOperand(const VXInstructionInfo &info,
} }
} }
void VXIntelInstructionFormatter::internalFormatInstruction(const VXInstructionInfo &info) void IntelInstructionFormatter::internalFormatInstruction(const InstructionInfo& info)
{ {
// Append string prefixes // Append string prefixes
if (info.flags & IF_PREFIX_LOCK) if (info.flags& IF_PREFIX_LOCK)
{ {
outputAppend("lock "); outputAppend("lock ");
} }
if (info.flags & IF_PREFIX_REP) if (info.flags& IF_PREFIX_REP)
{ {
outputAppend("rep "); outputAppend("rep ");
} else if (info.flags & IF_PREFIX_REPNE) } else if (info.flags& IF_PREFIX_REPNE)
{ {
outputAppend("repne "); outputAppend("repne ");
} }
// Append the instruction mnemonic // Append the instruction mnemonic
outputAppend(Internal::VDEGetInstructionMnemonicString(info.mnemonic)); outputAppend(Internal::GetInstructionMnemonicString(info.mnemonic));
// Append the first operand // Append the first operand
if (info.operand[0].type != VXOperandType::NONE) if (info.operand[0].type != OperandType::NONE)
{ {
outputAppend(" "); outputAppend(" ");
bool cast = false; bool cast = false;
if (info.operand[0].type == VXOperandType::MEMORY) if (info.operand[0].type == OperandType::MEMORY)
{ {
if (info.operand[1].type == VXOperandType::IMMEDIATE || if (info.operand[1].type == OperandType::IMMEDIATE ||
info.operand[1].type == VXOperandType::CONSTANT || info.operand[1].type == OperandType::CONSTANT ||
info.operand[1].type == VXOperandType::NONE || info.operand[1].type == OperandType::NONE ||
(info.operand[0].size != info.operand[1].size)) (info.operand[0].size != info.operand[1].size))
{ {
cast = true; cast = true;
} else if (info.operand[1].type == VXOperandType::REGISTER && } else if (info.operand[1].type == OperandType::REGISTER&&
info.operand[1].base == VXRegister::CL) info.operand[1].base == Register::CL)
{ {
switch (info.mnemonic) switch (info.mnemonic)
{ {
case VXInstructionMnemonic::RCL: case InstructionMnemonic::RCL:
case VXInstructionMnemonic::ROL: case InstructionMnemonic::ROL:
case VXInstructionMnemonic::ROR: case InstructionMnemonic::ROR:
case VXInstructionMnemonic::RCR: case InstructionMnemonic::RCR:
case VXInstructionMnemonic::SHL: case InstructionMnemonic::SHL:
case VXInstructionMnemonic::SHR: case InstructionMnemonic::SHR:
case VXInstructionMnemonic::SAR: case InstructionMnemonic::SAR:
cast = true; cast = true;
break; break;
default: default:
@ -542,114 +527,75 @@ void VXIntelInstructionFormatter::internalFormatInstruction(const VXInstructionI
} }
if (cast) if (cast)
{ {
outputAppendOperandCast(info, info.operand[0]); outputAppendOperandCast(info.operand[0]);
} }
formatOperand(info, info.operand[0]); formatOperand(info, info.operand[0]);
} }
// Append the second operand // Append the second operand
if (info.operand[1].type != VXOperandType::NONE) if (info.operand[1].type != OperandType::NONE)
{ {
outputAppend(", "); outputAppend(", ");
bool cast = false; bool cast = false;
if (info.operand[1].type == VXOperandType::MEMORY && if (info.operand[1].type == OperandType::MEMORY&&
info.operand[0].size != info.operand[1].size && info.operand[0].size != info.operand[1].size&&
((info.operand[0].type != VXOperandType::REGISTER) || ((info.operand[0].type != OperandType::REGISTER) ||
((info.operand[0].base != VXRegister::ES) && ((info.operand[0].base != Register::ES)&&
(info.operand[0].base != VXRegister::CS) && (info.operand[0].base != Register::CS)&&
(info.operand[0].base != VXRegister::SS) && (info.operand[0].base != Register::SS)&&
(info.operand[0].base != VXRegister::DS) && (info.operand[0].base != Register::DS)&&
(info.operand[0].base != VXRegister::FS) && (info.operand[0].base != Register::FS)&&
(info.operand[0].base != VXRegister::GS)))) (info.operand[0].base != Register::GS))))
{ {
cast = true; cast = true;
} }
if (cast) if (cast)
{ {
outputAppendOperandCast(info, info.operand[1]); outputAppendOperandCast(info.operand[1]);
} }
formatOperand(info, info.operand[1]); formatOperand(info, info.operand[1]);
} }
// Append the third operand // Append the third operand
if (info.operand[2].type != VXOperandType::NONE) if (info.operand[2].type != OperandType::NONE)
{ {
outputAppend(", "); outputAppend(", ");
bool cast = false; bool cast = false;
if (info.operand[2].type == VXOperandType::MEMORY && if (info.operand[2].type == OperandType::MEMORY&&
(info.operand[2].size != info.operand[1].size)) (info.operand[2].size != info.operand[1].size))
{ {
cast = true; cast = true;
} }
if (cast) if (cast)
{ {
outputAppendOperandCast(info, info.operand[2]); outputAppendOperandCast(info.operand[2]);
} }
formatOperand(info, info.operand[2]); formatOperand(info, info.operand[2]);
} }
// Append the fourth operand // Append the fourth operand
if (info.operand[3].type != VXOperandType::NONE) if (info.operand[3].type != OperandType::NONE)
{ {
outputAppend(", "); outputAppend(", ");
formatOperand(info, info.operand[3]); formatOperand(info, info.operand[3]);
} }
} }
VXIntelInstructionFormatter::VXIntelInstructionFormatter() IntelInstructionFormatter::IntelInstructionFormatter()
: VXBaseInstructionFormatter() : BaseInstructionFormatter()
{ {
} }
VXIntelInstructionFormatter::VXIntelInstructionFormatter(VXBaseSymbolResolver* symbolResolver) IntelInstructionFormatter::IntelInstructionFormatter(
: VXBaseInstructionFormatter(symbolResolver) BaseSymbolResolver *symbolResolver)
: BaseInstructionFormatter(symbolResolver)
{ {
} }
VXIntelInstructionFormatter::~VXIntelInstructionFormatter() IntelInstructionFormatter::~IntelInstructionFormatter()
{ {
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* ============================================================================================== */
VXExactSymbolResolver::~VXExactSymbolResolver() }
{
}
const char* VXExactSymbolResolver::resolveSymbol(const VXInstructionInfo &info, uint64_t address,
uint64_t &offset)
{
std::unordered_map<uint64_t, std::string>::const_iterator iterator = m_symbolMap.find(address);
if (iterator != m_symbolMap.end())
{
offset = 0;
return iterator->second.c_str();
}
return nullptr;
}
bool VXExactSymbolResolver::containsSymbol(uint64_t address) const
{
std::unordered_map<uint64_t, std::string>::const_iterator iterator = m_symbolMap.find(address);
return (iterator != m_symbolMap.end());
}
void VXExactSymbolResolver::setSymbol(uint64_t address, const char* name)
{
m_symbolMap[address].assign(name);
}
void VXExactSymbolResolver::removeSymbol(uint64_t address)
{
m_symbolMap.erase(address);
}
void VXExactSymbolResolver::clear()
{
m_symbolMap.clear();
}
///////////////////////////////////////////////////////////////////////////////////////////////////
}

180
VerteronDisassemblerEngine/VXInstructionFormatter.h → Zydis/ZydisInstructionFormatter.hpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 22. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,54 +26,31 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#pragma once
#ifndef _ZYDIS_INSTRUCTIONFORMATTER_HPP_
#define _ZYDIS_INSTRUCTIONFORMATTER_HPP_
#include <vector> #include <vector>
#include <unordered_map> #include "ZydisTypes.hpp"
#include "VXDisassemblerTypes.h" #include "ZydisSymbolResolver.hpp"
namespace Verteron namespace Zydis
{ {
/////////////////////////////////////////////////////////////////////////////////////////////////// /* BaseInstructionFormatter ===================================================================== */
/**
* @brief Base class for all symbol resolver implementations.
*/
class VXBaseSymbolResolver
{
public:
/**
* @brief Destructor.
*/
virtual ~VXBaseSymbolResolver();
public:
/**
* @brief Resolves a symbol.
* @param info The instruction info.
* @param address The address.
* @param offset Reference to an unsigned 64 bit integer that receives an offset
* relative to the base address of the symbol.
* @return The name of the symbol, if the symbol was found, @c NULL if not.
*/
virtual const char* resolveSymbol(const VXInstructionInfo &info, uint64_t address,
uint64_t &offset);
};
///////////////////////////////////////////////////////////////////////////////////////////////////
/** /**
* @brief Base class for all instruction formatter implementations. * @brief Base class for all instruction formatter implementations.
*/ */
class VXBaseInstructionFormatter class BaseInstructionFormatter
{ {
private: private:
static const char *m_registerStrings[]; static const char* m_registerStrings[];
VXBaseSymbolResolver *m_symbolResolver; BaseSymbolResolver* m_symbolResolver;
std::vector<char> m_outputBuffer; std::vector<char> m_outputBuffer;
size_t m_outputStringLen; size_t m_outputStringLen;
bool m_outputUppercase; bool m_outputUppercase;
protected: protected:
/** /**
* @brief Clears the output string buffer. * @brief Clears the output string buffer.
@ -90,12 +65,12 @@ protected:
* @brief Appends text to the ouput string buffer. * @brief Appends text to the ouput string buffer.
* @param text The text. * @param text The text.
*/ */
void outputAppend(const char *text); void outputAppend(const char* text);
/** /**
* @brief Appends formatted text to the output string buffer. * @brief Appends formatted text to the output string buffer.
* @param format The format string. * @param format The format string.
*/ */
void outputAppendFormatted(const char *format, ...); void outputAppendFormatted(const char* format, ...);
/** /**
* @brief Changes automatic conversion of characters to uppercase. * @brief Changes automatic conversion of characters to uppercase.
* @param uppercase Set true to enable automatic uppercase conversion. * @param uppercase Set true to enable automatic uppercase conversion.
@ -108,7 +83,7 @@ protected:
* @param resolveSymbols If this parameter is true, the method will try to display a * @param resolveSymbols If this parameter is true, the method will try to display a
* smybol name instead of the numeric value. * smybol name instead of the numeric value.
*/ */
void outputAppendAddress(const VXInstructionInfo &info, uint64_t address, void outputAppendAddress(const InstructionInfo& info, uint64_t address,
bool resolveSymbols = true); bool resolveSymbols = true);
/** /**
* @brief Appends a formatted immediate value to the output string buffer. * @brief Appends a formatted immediate value to the output string buffer.
@ -117,21 +92,20 @@ protected:
* @param resolveSymbols If this parameter is true, the method will try to display a * @param resolveSymbols If this parameter is true, the method will try to display a
* smybol name instead of the numeric value. * smybol name instead of the numeric value.
*/ */
void outputAppendImmediate(const VXInstructionInfo &info, const VXOperandInfo &operand, void outputAppendImmediate(const InstructionInfo& info, const OperandInfo& operand,
bool resolveSymbols = false); bool resolveSymbols = false);
/** /**
* @brief Appends a formatted memory displacement value to the output string buffer. * @brief Appends a formatted memory displacement value to the output string buffer.
* @param info The instruction info.
* @param operand The memory operand. * @param operand The memory operand.
*/ */
void outputAppendDisplacement(const VXInstructionInfo &info, const VXOperandInfo &operand); void outputAppendDisplacement(const OperandInfo& operand);
protected: protected:
/** /**
* @brief Returns the string representation of a given register. * @brief Returns the string representation of a given register.
* @param reg The register. * @param reg The register.
* @return The string representation of the given register. * @return The string representation of the given register.
*/ */
const char* registerToString(VXRegister reg) const; const char *registerToString(Register reg) const;
/** /**
* @brief Resolves a symbol. * @brief Resolves a symbol.
* @param info The instruction info. * @param info The instruction info.
@ -140,8 +114,8 @@ protected:
* relative to the base address of the symbol. * relative to the base address of the symbol.
* @return The name of the symbol, if the symbol was found, @c NULL if not. * @return The name of the symbol, if the symbol was found, @c NULL if not.
*/ */
const char* resolveSymbol(const VXInstructionInfo &info, uint64_t address, const char* resolveSymbol(const InstructionInfo& info, uint64_t address,
uint64_t &offset) const; uint64_t& offset) const;
protected: protected:
/** /**
* @brief Override this method to implement a custom disassembly syntax. Use the * @brief Override this method to implement a custom disassembly syntax. Use the
@ -149,59 +123,59 @@ protected:
* string buffer. * string buffer.
* @param info The instruction info. * @param info The instruction info.
*/ */
virtual void internalFormatInstruction(const VXInstructionInfo &info); virtual void internalFormatInstruction(const InstructionInfo& info);
/** /**
* @brief Default constructor. * @brief Default constructor.
*/ */
VXBaseInstructionFormatter(); BaseInstructionFormatter();
/** /**
* @brief Constructor. * @brief Constructor.
* @param symbolResolver Pointer to a symbol resolver instance or @c NULL, if no smybol * @param symbolResolver Pointer to a symbol resolver instance or @c NULL, if no smybol
* resolver should be used. * resolver should be used.
*/ */
explicit VXBaseInstructionFormatter(VXBaseSymbolResolver *symbolResolver); explicit BaseInstructionFormatter(BaseSymbolResolver* symbolResolver);
public: public:
/** /**
* @brief Destructor. * @brief Destructor.
*/ */
virtual ~VXBaseInstructionFormatter(); virtual ~BaseInstructionFormatter();
public: public:
/** /**
* @brief Formats a decoded instruction. * @brief Formats a decoded instruction.
* @param info The instruction info. * @param info The instruction info.
* @return Pointer to the formatted instruction string. * @return Pointer to the formatted instruction string.
*/ */
const char* formatInstruction(const VXInstructionInfo &info); const char* formatInstruction(const InstructionInfo& info);
public: public:
/** /**
* @brief Returns a pointer to the current symbol resolver. * @brief Returns a pointer to the current symbol resolver.
* @return Pointer to the current symbol resolver or @c NULL, if no symbol resolver is used. * @return Pointer to the current symbol resolver or @c NULL, if no symbol resolver is used.
*/ */
VXBaseSymbolResolver* getSymbolResolver() const; BaseSymbolResolver* getSymbolResolver() const;
/** /**
* @brief Sets a new symbol resolver. * @brief Sets a new symbol resolver.
* @param symbolResolver Pointer to a symbol resolver instance or @c NULL, if no smybol * @param symbolResolver Pointer to a symbol resolver instance or @c NULL, if no smybol
* resolver should be used. * resolver should be used.
*/ */
void setSymbolResolver(VXBaseSymbolResolver *symbolResolver); void setSymbolResolver(BaseSymbolResolver* symbolResolver);
}; };
inline void VXBaseInstructionFormatter::outputSetUppercase(bool uppercase) inline void BaseInstructionFormatter::outputSetUppercase(bool uppercase)
{ {
m_outputUppercase = uppercase; m_outputUppercase = uppercase;
} }
inline char const* VXBaseInstructionFormatter::registerToString(VXRegister reg) const inline char const* BaseInstructionFormatter::registerToString(Register reg) const
{ {
if (reg == VXRegister::NONE) if (reg == Register::NONE)
{ {
return "error"; return "error";
} }
return m_registerStrings[static_cast<uint16_t>(reg) - 1]; return m_registerStrings[static_cast<uint16_t>(reg) - 1];
} }
inline char const* VXBaseInstructionFormatter::resolveSymbol(const VXInstructionInfo &info, inline char const* BaseInstructionFormatter::resolveSymbol(const InstructionInfo& info,
uint64_t address, uint64_t &offset) const uint64_t address, uint64_t& offset) const
{ {
if (m_symbolResolver) if (m_symbolResolver)
{ {
@ -210,110 +184,62 @@ inline char const* VXBaseInstructionFormatter::resolveSymbol(const VXInstruction
return nullptr; return nullptr;
} }
inline VXBaseSymbolResolver* VXBaseInstructionFormatter::getSymbolResolver() const inline BaseSymbolResolver* BaseInstructionFormatter::getSymbolResolver() const
{ {
return m_symbolResolver; return m_symbolResolver;
} }
inline void VXBaseInstructionFormatter::setSymbolResolver(VXBaseSymbolResolver *symbolResolver) inline void BaseInstructionFormatter::setSymbolResolver(
BaseSymbolResolver* symbolResolver)
{ {
m_symbolResolver = symbolResolver; m_symbolResolver = symbolResolver;
} }
/////////////////////////////////////////////////////////////////////////////////////////////////// /* IntelInstructionFormatter ==================================================================== */
/** /**
* @brief Intel syntax instruction formatter. * @brief Intel syntax instruction formatter.
*/ */
class VXIntelInstructionFormatter : public VXBaseInstructionFormatter class IntelInstructionFormatter : public BaseInstructionFormatter
{ {
private: private:
/** /**
* @brief Appends an operand cast to the output string buffer. * @brief Appends an operand cast to the output string buffer.
* @param info The instruction info.
* @param operand The operand. * @param operand The operand.
*/ */
void outputAppendOperandCast(const VXInstructionInfo &info, const VXOperandInfo &operand); void outputAppendOperandCast(const OperandInfo& operand);
/** /**
* @brief Formats the specified operand and appends the resulting string to the output * @brief Formats the specified operand and appends the resulting string to the output
* buffer. * buffer.
* @param info The instruction info. * @param info The instruction info.
* @param operand The operand. * @param operand The operand.
*/ */
void formatOperand(const VXInstructionInfo &info, const VXOperandInfo &operand); void formatOperand(const InstructionInfo& info, const OperandInfo& operand);
protected: protected:
/** /**
* @brief Fills the internal string buffer with an intel style formatted instruction string. * @brief Fills the internal string buffer with an intel style formatted instruction string.
* @param info The instruction info. * @param info The instruction info.
*/ */
void internalFormatInstruction(const VXInstructionInfo &info) override; void internalFormatInstruction(const InstructionInfo& info) override;
public: public:
/** /**
* @brief Default constructor. * @brief Default constructor.
*/ */
VXIntelInstructionFormatter(); IntelInstructionFormatter();
/** /**
* @brief Constructor. * @brief Constructor.
* @param symbolResolver Pointer to a symbol resolver instance or @c NULL, if no smybol * @param symbolResolver Pointer to a symbol resolver instance or @c NULL, if no smybol
* resolver should be used. * resolver should be used.
*/ */
explicit VXIntelInstructionFormatter(VXBaseSymbolResolver *symbolResolver); explicit IntelInstructionFormatter(BaseSymbolResolver* symbolResolver);
/** /**
* @brief Destructor. * @brief Destructor.
*/ */
~VXIntelInstructionFormatter() override; ~IntelInstructionFormatter() override;
}; };
/////////////////////////////////////////////////////////////////////////////////////////////////// /* ============================================================================================== */
/**
* @brief Simple symbol resolver that only matches exact addresses.
*/
class VXExactSymbolResolver : public VXBaseSymbolResolver
{
private:
std::unordered_map<uint64_t, std::string> m_symbolMap;
public:
/**
* @brief Destructor.
*/
~VXExactSymbolResolver() override;
public:
/**
* @brief Resolves a symbol.
* @param info The instruction info.
* @param address The address.
* @param offset Reference to an unsigned 64 bit integer that receives an offset
* relative to the base address of the symbol.
* @return The name of the symbol, if the symbol was found, @c NULL if not.
*/
const char* resolveSymbol(const VXInstructionInfo &info, uint64_t address,
uint64_t &offset) override;
public:
/**
* @brief Query if the given address is a known symbol.
* @param address The address.
* @return True if the address is known, false if not.
*/
bool containsSymbol(uint64_t address) const;
/**
* @brief Adds or changes a symbol.
* @param address The address.
* @param name The symbol name.
*/
void setSymbol(uint64_t address, const char* name);
/**
* @brief Removes the symbol described by address. This will invalidate all char pointers
* to the specific symbol name.
* @param address The address.
*/
void removeSymbol(uint64_t address);
/**
* @brief Clears the symbol tree.
*/
void clear();
};
///////////////////////////////////////////////////////////////////////////////////////////////////
} }
#endif /* _ZYDIS_INSTRUCTIONFORMATTER_HPP_ */

9654
Zydis/ZydisOpcodeTable.cpp Normal file
View File

File diff suppressed because it is too large Load Diff

144
VerteronDisassemblerEngine/VXOpcodeTable.h → Zydis/ZydisOpcodeTable.hpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 29. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,19 +26,21 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#pragma once
#include "stdint.h" #ifndef _ZYDIS_OPCODETABLE_HPP_
#include "assert.h" #define _ZYDIS_OPCODETABLE_HPP_
namespace Verteron #include <stdint.h>
#include <cassert>
namespace Zydis
{ {
/** /**
* @brief Values that represent an instruction mnemonic. * @brief Values that represent an instruction mnemonic.
*/ */
enum class VXInstructionMnemonic : uint16_t enum class InstructionMnemonic : uint16_t
{ {
/* 000 */ INVALID, /* 000 */ INVALID,
/* 001 */ AAA, /* 001 */ AAA,
@ -953,12 +953,12 @@ enum class VXInstructionMnemonic : uint16_t
* @brief Defines an alias representing an opcode tree node. An opcode tree node is a 16 bit * @brief Defines an alias representing an opcode tree node. An opcode tree node is a 16 bit
* unsigned integer value with its first 4 bits reserved for the node type. * unsigned integer value with its first 4 bits reserved for the node type.
*/ */
typedef uint16_t VXOpcodeTreeNode; typedef uint16_t OpcodeTreeNode;
/** /**
* @brief Values that represent the type of an opcode tree node. * @brief Values that represent the type of an opcode tree node.
*/ */
enum class VXOpcodeTreeNodeType : uint8_t enum class OpcodeTreeNodeType : uint8_t
{ {
/** /**
* @brief Reference to a concrete instruction definition. * @brief Reference to a concrete instruction definition.
@ -1025,7 +1025,7 @@ enum class VXOpcodeTreeNodeType : uint8_t
/** /**
* @brief Values that represent the type of an operand in the instruction definition. * @brief Values that represent the type of an operand in the instruction definition.
*/ */
enum class VXDefinedOperandType : uint8_t enum class DefinedOperandType : uint8_t
{ {
/* /*
* @brief No operand. * @brief No operand.
@ -1286,7 +1286,7 @@ enum class VXDefinedOperandType : uint8_t
* @brief Values that represent the size of an operand in the instruction definition. * @brief Values that represent the size of an operand in the instruction definition.
* Do not change the order or the values of this enum! * Do not change the order or the values of this enum!
*/ */
enum class VXDefinedOperandSize : uint8_t enum class DefinedOperandSize : uint8_t
{ {
/** /**
* @brief No operand. * @brief No operand.
@ -1386,7 +1386,7 @@ enum class VXDefinedOperandSize : uint8_t
* @brief Values that represent optional flags in the instruction definition. * @brief Values that represent optional flags in the instruction definition.
* Do not change the order or the values of this enum! * Do not change the order or the values of this enum!
*/ */
enum VXInstructionDefinitionFlags : uint16_t enum InstructionDefinitionFlags : uint16_t
{ {
/** /**
* @brief The instruction accepts the rex.b prefix value. * @brief The instruction accepts the rex.b prefix value.
@ -1454,30 +1454,30 @@ enum VXInstructionDefinitionFlags : uint16_t
/** /**
* @brief An operand definition. * @brief An operand definition.
*/ */
struct VXOperandDefinition struct OperandDefinition
{ {
/** /**
* @brief The defined operand type. * @brief The defined operand type.
*/ */
VXDefinedOperandType type; DefinedOperandType type;
/** /**
* @brief The defined operand size. * @brief The defined operand size.
*/ */
VXDefinedOperandSize size; DefinedOperandSize size;
}; };
/** /**
* @brief An instruction definition. * @brief An instruction definition.
*/ */
struct VXInstructionDefinition struct InstructionDefinition
{ {
/** /**
* @brief The instruction mnemonic. * @brief The instruction mnemonic.
*/ */
VXInstructionMnemonic mnemonic; InstructionMnemonic mnemonic;
/** /**
* @brief The operand definitions for all four possible operands. * @brief The operand definitions for all four possible operands.
*/ */
VXOperandDefinition operand[4]; OperandDefinition operand[4];
/** /**
* @brief Additional flags for the instruction definition. * @brief Additional flags for the instruction definition.
*/ */
@ -1492,24 +1492,24 @@ namespace Internal
* @brief Contains all opcode tables. * @brief Contains all opcode tables.
* Indexed by the numeric value of the opcode. * Indexed by the numeric value of the opcode.
*/ */
extern const VXOpcodeTreeNode optreeTable[][256]; extern const OpcodeTreeNode optreeTable[][256];
/** /**
* @brief Contains all modrm_mod switch tables. * @brief Contains all modrm_mod switch tables.
* Index values: * Index values:
* 0 = [modrm_mod == !11] * 0 = [modrm_mod == !11]
* 1 = [modrm_mod == 11] * 1 = [modrm_mod == 11]
*/ */
extern const VXOpcodeTreeNode optreeModrmMod[][2]; extern const OpcodeTreeNode optreeModrmMod[][2];
/** /**
* @brief Contains all modrm_reg switch tables. * @brief Contains all modrm_reg switch tables.
* Indexed by the numeric value of the modrm_reg field. * Indexed by the numeric value of the modrm_reg field.
*/ */
extern const VXOpcodeTreeNode optreeModrmReg[][8]; extern const OpcodeTreeNode optreeModrmReg[][8];
/** /**
* @brief Contains all modrm_rm switch tables. * @brief Contains all modrm_rm switch tables.
* Indexed by the numeric value of the modrm_rm field. * Indexed by the numeric value of the modrm_rm field.
*/ */
extern const VXOpcodeTreeNode optreeModrmRm[][8]; extern const OpcodeTreeNode optreeModrmRm[][8];
/** /**
* @brief Contains all mandatory-prefix switch tables. * @brief Contains all mandatory-prefix switch tables.
* Index values: * Index values:
@ -1518,13 +1518,13 @@ extern const VXOpcodeTreeNode optreeModrmRm[][8];
* 2 = F3 * 2 = F3
* 3 = 66 * 3 = 66
*/ */
extern const VXOpcodeTreeNode optreeMandatory[][4]; extern const OpcodeTreeNode optreeMandatory[][4];
/** /**
* @brief Contains all x87 opcode tables. * @brief Contains all x87 opcode tables.
* Indexed by the numeric value of the 6 lowest bits of the modrm byte (modrm_mod should * Indexed by the numeric value of the 6 lowest bits of the modrm byte (modrm_mod should
* always be 11). * always be 11).
*/ */
extern const VXOpcodeTreeNode optreeX87[][64]; extern const OpcodeTreeNode optreeX87[][64];
/** /**
* @brief Contains all address-size switch tables. * @brief Contains all address-size switch tables.
* Index values: * Index values:
@ -1532,7 +1532,7 @@ extern const VXOpcodeTreeNode optreeX87[][64];
* 1 = 32 * 1 = 32
* 2 = 64 * 2 = 64
*/ */
extern const VXOpcodeTreeNode optreeAddressSize[][3]; extern const OpcodeTreeNode optreeAddressSize[][3];
/** /**
* @brief Contains all operand-size switch tables. * @brief Contains all operand-size switch tables.
* Index values: * Index values:
@ -1540,26 +1540,26 @@ extern const VXOpcodeTreeNode optreeAddressSize[][3];
* 1 = 32 * 1 = 32
* 2 = 64 * 2 = 64
*/ */
extern const VXOpcodeTreeNode optreeOperandSize[][3]; extern const OpcodeTreeNode optreeOperandSize[][3];
/** /**
* @brief Contains all cpu-mode switch tables. * @brief Contains all cpu-mode switch tables.
* Index values: * Index values:
* 0 = [!= 64] * 0 = [!= 64]
* 1 = 64 * 1 = 64
*/ */
extern const VXOpcodeTreeNode optreeMode[][2]; extern const OpcodeTreeNode optreeMode[][2];
/** /**
* @brief Contains all vendor switch tables. * @brief Contains all vendor switch tables.
* Index values: * Index values:
* 0 = AMD * 0 = AMD
* 1 = Intel * 1 = Intel
*/ */
extern const VXOpcodeTreeNode optreeVendor[][2]; extern const OpcodeTreeNode optreeVendor[][2];
/** /**
* @brief Contains all 3dnow! switch tables. * @brief Contains all 3dnow! switch tables.
* Indexed by the numeric value of the 3dnow! opcode. * Indexed by the numeric value of the 3dnow! opcode.
*/ */
extern const VXOpcodeTreeNode optree3dnow[][256]; extern const OpcodeTreeNode optree3dnow[][256];
/** /**
* @brief Contains all vex switch tables. * @brief Contains all vex switch tables.
* Index values: * Index values:
@ -1580,21 +1580,21 @@ extern const VXOpcodeTreeNode optree3dnow[][256];
* E = F2_0F38 * E = F2_0F38
* F = F2_0F3A * F = F2_0F3A
*/ */
extern const VXOpcodeTreeNode optreeVex[][16]; extern const OpcodeTreeNode optreeVex[][16];
/** /**
* @brief Contains all vex_w switch tables. * @brief Contains all vex_w switch tables.
* Indexed by the numeric value of the vex_w field. * Indexed by the numeric value of the vex_w field.
*/ */
extern const VXOpcodeTreeNode optreeVexW[][2]; extern const OpcodeTreeNode optreeVexW[][2];
/** /**
* @brief Contains all vex_l switch tables. * @brief Contains all vex_l switch tables.
* Indexed by the numeric value of the vex_l field. * Indexed by the numeric value of the vex_l field.
*/ */
extern const VXOpcodeTreeNode optreeVexL[][2]; extern const OpcodeTreeNode optreeVexL[][2];
/** /**
* @brief Contains all instruction definitions. * @brief Contains all instruction definitions.
*/ */
extern const VXInstructionDefinition instrDefinitions[]; extern const InstructionDefinition instrDefinitions[];
/** /**
* @brief Contains all instruction mnemonic strings. * @brief Contains all instruction mnemonic strings.
*/ */
@ -1605,9 +1605,9 @@ extern const char* instrMnemonicStrings[];
* @param node The node. * @param node The node.
* @return The type of the specified opcode tree node. * @return The type of the specified opcode tree node.
*/ */
inline VXOpcodeTreeNodeType VDEGetOpcodeNodeType(VXOpcodeTreeNode node) inline OpcodeTreeNodeType GetOpcodeNodeType(OpcodeTreeNode node)
{ {
return static_cast<VXOpcodeTreeNodeType>((node >> 12) & 0x0F); return static_cast<OpcodeTreeNodeType>((node >> 12)& 0x0F);
} }
/** /**
@ -1615,16 +1615,16 @@ inline VXOpcodeTreeNodeType VDEGetOpcodeNodeType(VXOpcodeTreeNode node)
* @param node The node. * @param node The node.
* @return The value of the specified opcode tree node. * @return The value of the specified opcode tree node.
*/ */
inline uint16_t VDEGetOpcodeNodeValue(VXOpcodeTreeNode node) inline uint16_t GetOpcodeNodeValue(OpcodeTreeNode node)
{ {
return (node & 0x0FFF); return (node& 0x0FFF);
} }
/** /**
* @brief Returns the root node of the opcode tree. * @brief Returns the root node of the opcode tree.
* @return The root node of the opcode tree. * @return The root node of the opcode tree.
*/ */
inline VXOpcodeTreeNode VDEGetOpcodeTreeRoot() inline OpcodeTreeNode GetOpcodeTreeRoot()
{ {
return 0x1000; return 0x1000;
} }
@ -1635,53 +1635,53 @@ inline VXOpcodeTreeNode VDEGetOpcodeTreeRoot()
* @param index The index of the child node to retrieve. * @param index The index of the child node to retrieve.
* @return The specified child node. * @return The specified child node.
*/ */
inline VXOpcodeTreeNode VDEGetOpcodeTreeChild(VXOpcodeTreeNode parent, uint16_t index) inline OpcodeTreeNode GetOpcodeTreeChild(OpcodeTreeNode parent, uint16_t index)
{ {
using namespace Internal; using namespace Internal;
VXOpcodeTreeNodeType nodeType = VDEGetOpcodeNodeType(parent); OpcodeTreeNodeType nodeType = GetOpcodeNodeType(parent);
uint16_t tableIndex = VDEGetOpcodeNodeValue(parent); uint16_t tableIndex = GetOpcodeNodeValue(parent);
switch (nodeType) switch (nodeType)
{ {
case VXOpcodeTreeNodeType::TABLE: case OpcodeTreeNodeType::TABLE:
assert(index < 256); assert(index < 256);
return optreeTable[tableIndex][index]; return optreeTable[tableIndex][index];
case VXOpcodeTreeNodeType::MODRM_MOD: case OpcodeTreeNodeType::MODRM_MOD:
assert(index < 2); assert(index < 2);
return optreeModrmMod[tableIndex][index]; return optreeModrmMod[tableIndex][index];
case VXOpcodeTreeNodeType::MODRM_REG: case OpcodeTreeNodeType::MODRM_REG:
assert(index < 8); assert(index < 8);
return optreeModrmReg[tableIndex][index]; return optreeModrmReg[tableIndex][index];
case VXOpcodeTreeNodeType::MODRM_RM: case OpcodeTreeNodeType::MODRM_RM:
assert(index < 8); assert(index < 8);
return optreeModrmRm[tableIndex][index]; return optreeModrmRm[tableIndex][index];
case VXOpcodeTreeNodeType::MANDATORY: case OpcodeTreeNodeType::MANDATORY:
assert(index < 4); assert(index < 4);
return optreeMandatory[tableIndex][index]; return optreeMandatory[tableIndex][index];
case VXOpcodeTreeNodeType::X87: case OpcodeTreeNodeType::X87:
assert(index < 64); assert(index < 64);
return optreeX87[tableIndex][index]; return optreeX87[tableIndex][index];
case VXOpcodeTreeNodeType::ADDRESS_SIZE: case OpcodeTreeNodeType::ADDRESS_SIZE:
assert(index < 3); assert(index < 3);
return optreeAddressSize[tableIndex][index]; return optreeAddressSize[tableIndex][index];
case VXOpcodeTreeNodeType::OPERAND_SIZE: case OpcodeTreeNodeType::OPERAND_SIZE:
assert(index < 3); assert(index < 3);
return optreeOperandSize[tableIndex][index]; return optreeOperandSize[tableIndex][index];
case VXOpcodeTreeNodeType::MODE: case OpcodeTreeNodeType::MODE:
assert(index < 2); assert(index < 2);
return optreeMode[tableIndex][index]; return optreeMode[tableIndex][index];
case VXOpcodeTreeNodeType::VENDOR: case OpcodeTreeNodeType::VENDOR:
assert(index < 3); assert(index < 3);
return optreeVendor[tableIndex][index]; return optreeVendor[tableIndex][index];
case VXOpcodeTreeNodeType::AMD3DNOW: case OpcodeTreeNodeType::AMD3DNOW:
assert(index < 256); assert(index < 256);
return optree3dnow[tableIndex][index]; return optree3dnow[tableIndex][index];
case VXOpcodeTreeNodeType::VEX: case OpcodeTreeNodeType::VEX:
assert(index < 16); assert(index < 16);
return optreeVex[tableIndex][index]; return optreeVex[tableIndex][index];
case VXOpcodeTreeNodeType::VEXW: case OpcodeTreeNodeType::VEXW:
assert(index < 2); assert(index < 2);
return optreeVexW[tableIndex][index]; return optreeVexW[tableIndex][index];
case VXOpcodeTreeNodeType::VEXL: case OpcodeTreeNodeType::VEXL:
assert(index < 2); assert(index < 2);
return optreeVexL[tableIndex][index]; return optreeVexL[tableIndex][index];
default: default:
@ -1695,10 +1695,10 @@ inline VXOpcodeTreeNode VDEGetOpcodeTreeChild(VXOpcodeTreeNode parent, uint16_t
* @param node The instruction definition node. * @param node The instruction definition node.
* @return Pointer to the instruction definition. * @return Pointer to the instruction definition.
*/ */
inline const VXInstructionDefinition* VDEGetInstructionDefinition(VXOpcodeTreeNode node) inline const InstructionDefinition* GetInstructionDefinition(OpcodeTreeNode node)
{ {
assert(VDEGetOpcodeNodeType(node) == VXOpcodeTreeNodeType::INSTRUCTION_DEFINITION); assert(GetOpcodeNodeType(node) == OpcodeTreeNodeType::INSTRUCTION_DEFINITION);
return &instrDefinitions[node & 0x0FFF]; return& instrDefinitions[node& 0x0FFF];
} }
/** /**
@ -1706,7 +1706,7 @@ inline const VXInstructionDefinition* VDEGetInstructionDefinition(VXOpcodeTreeNo
* @param mnemonic The mnemonic. * @param mnemonic The mnemonic.
* @return The instruction mnemonic string. * @return The instruction mnemonic string.
*/ */
inline const char* VDEGetInstructionMnemonicString(VXInstructionMnemonic mnemonic) inline const char* GetInstructionMnemonicString(InstructionMnemonic mnemonic)
{ {
return instrMnemonicStrings[static_cast<uint16_t>(mnemonic)]; return instrMnemonicStrings[static_cast<uint16_t>(mnemonic)];
} }
@ -1716,14 +1716,14 @@ inline const char* VDEGetInstructionMnemonicString(VXInstructionMnemonic mnemoni
* @param operandSize The defined operand size. * @param operandSize The defined operand size.
* @return The the numeric value for the simple operand size definition. * @return The the numeric value for the simple operand size definition.
*/ */
inline uint16_t VDEGetSimpleOperandSize(VXDefinedOperandSize operandSize) inline uint16_t GetSimpleOperandSize(DefinedOperandSize operandSize)
{ {
static uint16_t operandSizes[8] = static uint16_t operandSizes[8] =
{ {
8, 16, 32, 64, 80, 12, 128, 256 8, 16, 32, 64, 80, 12, 128, 256
}; };
uint16_t index = uint16_t index =
static_cast<uint8_t>(operandSize) - static_cast<uint8_t>(VXDefinedOperandSize::B); static_cast<uint8_t>(operandSize) - static_cast<uint8_t>(DefinedOperandSize::B);
assert(index < 8); assert(index < 8);
return operandSizes[index]; return operandSizes[index];
} }
@ -1733,9 +1733,9 @@ inline uint16_t VDEGetSimpleOperandSize(VXDefinedOperandSize operandSize)
* @param operandSize The defined operand size. * @param operandSize The defined operand size.
* @return The memory-size part of the operand size definition. * @return The memory-size part of the operand size definition.
*/ */
inline VXDefinedOperandSize VDEGetComplexOperandMemSize(VXDefinedOperandSize operandSize) inline DefinedOperandSize GetComplexOperandMemSize(DefinedOperandSize operandSize)
{ {
return static_cast<VXDefinedOperandSize>(static_cast<uint8_t>(operandSize) & 0x0F); return static_cast<DefinedOperandSize>(static_cast<uint8_t>(operandSize)& 0x0F);
} }
/** /**
@ -1743,11 +1743,13 @@ inline VXDefinedOperandSize VDEGetComplexOperandMemSize(VXDefinedOperandSize ope
* @param operandSize The defined operand size. * @param operandSize The defined operand size.
* @return The register-size part of the operand size definition. * @return The register-size part of the operand size definition.
*/ */
inline VXDefinedOperandSize VDEGetComplexOperandRegSize(VXDefinedOperandSize operandSize) inline DefinedOperandSize GetComplexOperandRegSize(DefinedOperandSize operandSize)
{ {
return static_cast<VXDefinedOperandSize>((static_cast<uint8_t>(operandSize) >> 4) & 0x0F); return static_cast<DefinedOperandSize>((static_cast<uint8_t>(operandSize) >> 4)& 0x0F);
} }
} }
} }
#endif /* _ZYDIS_OPCODETABLE_HPP_ */

91
Zydis/ZydisSymbolResolver.cpp Normal file
View File

@ -0,0 +1,91 @@
/***************************************************************************************************
Zyan Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications : Joel Höner
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
***************************************************************************************************/
#include "ZydisSymbolResolver.hpp"
namespace Zydis
{
/* BaseSymbolResolver ====================================================================== */
BaseSymbolResolver::~BaseSymbolResolver()
{
}
const char* BaseSymbolResolver::resolveSymbol(const InstructionInfo& /*info*/,
uint64_t /*address*/, uint64_t& /*offset*/)
{
return nullptr;
}
/* ExactSymbolResolver ===================================================================== */
ExactSymbolResolver::~ExactSymbolResolver()
{
}
const char* ExactSymbolResolver::resolveSymbol(const InstructionInfo& /*info*/,
uint64_t address, uint64_t& offset)
{
std::unordered_map<uint64_t, std::string>::const_iterator iterator = m_symbolMap.find(address);
if (iterator != m_symbolMap.cend())
{
offset = 0;
return iterator->second.c_str();
}
return nullptr;
}
bool ExactSymbolResolver::containsSymbol(uint64_t address) const
{
std::unordered_map<uint64_t, std::string>::const_iterator iterator = m_symbolMap.find(address);
return (iterator != m_symbolMap.end());
}
void ExactSymbolResolver::setSymbol(uint64_t address, const char *name)
{
m_symbolMap[address].assign(name);
}
void ExactSymbolResolver::removeSymbol(uint64_t address)
{
m_symbolMap.erase(address);
}
void ExactSymbolResolver::clear()
{
m_symbolMap.clear();
}
/* ============================================================================================== */
}

119
Zydis/ZydisSymbolResolver.hpp Normal file
View File

@ -0,0 +1,119 @@
/***************************************************************************************************
Zyan Disassembler Engine
Version 1.0
Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd
Modifications : Joel Höner
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
***************************************************************************************************/
#ifndef _ZYDIS_SYMBOLRESOLVER_HPP_
#define _ZYDIS_SYMBOLRESOLVER_HPP_
#include <unordered_map>
#include "ZydisTypes.hpp"
namespace Zydis
{
/* BaseSymbolResolver =========================================================================== */
/**
* @brief Base class for all symbol resolver implementations.
*/
class BaseSymbolResolver
{
public:
/**
* @brief Destructor.
*/
virtual ~BaseSymbolResolver();
public:
/**
* @brief Resolves a symbol.
* @param info The instruction info.
* @param address The address.
* @param offset Reference to an unsigned 64 bit integer that receives an offset
* relative to the base address of the symbol.
* @return The name of the symbol, if the symbol was found, @c NULL if not.
*/
virtual const char* resolveSymbol(const InstructionInfo& info, uint64_t address,
uint64_t& offset);
};
/* ExactSymbolResolver ========================================================================== */
/**
* @brief Simple symbol resolver that only matches exact addresses.
*/
class ExactSymbolResolver : public BaseSymbolResolver
{
private:
std::unordered_map<uint64_t, std::string> m_symbolMap;
public:
/**
* @brief Destructor.
*/
~ExactSymbolResolver() override;
public:
/**
* @brief Resolves a symbol.
* @param info The instruction info.
* @param address The address.
* @param offset Reference to an unsigned 64 bit integer that receives an offset
* relative to the base address of the symbol.
* @return The name of the symbol, if the symbol was found, @c NULL if not.
*/
const char* resolveSymbol(const InstructionInfo& info, uint64_t address,
uint64_t& offset) override;
public:
/**
* @brief Query if the given address is a known symbol.
* @param address The address.
* @return True if the address is known, false if not.
*/
bool containsSymbol(uint64_t address) const;
/**
* @brief Adds or changes a symbol.
* @param address The address.
* @param name The symbol name.
*/
void setSymbol(uint64_t address, const char* name);
/**
* @brief Removes the symbol described by address. This will invalidate all char pointers
* to the specific symbol name.
* @param address The address.
*/
void removeSymbol(uint64_t address);
/**
* @brief Clears the symbol tree.
*/
void clear();
};
/* ============================================================================================== */
}
#endif /* _ZYDIS_SYMBOLRESOLVER_HPP_ */

62
VerteronDisassemblerEngine/VXDisassemblerTypes.h → Zydis/ZydisTypes.hpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 22. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,15 +26,19 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#pragma once
#ifndef _ZYDIS_TYPES_HPP_
#define _ZYDIS_TYPES_HPP_
#include <stdint.h> #include <stdint.h>
#include "VXOpcodeTable.h" #include "ZydisOpcodeTable.hpp"
namespace Verteron namespace Zydis
{ {
/* InstructionFlags ============================================================================= */
/** /**
* @brief Values that represent additional flags of a decoded instruction. * @brief Values that represent additional flags of a decoded instruction.
*/ */
@ -125,10 +127,12 @@ enum InstructionFlags : uint32_t
IF_ERROR_OPERAND = 0x01000000 IF_ERROR_OPERAND = 0x01000000
}; };
/* Register ===================================================================================== */
/** /**
* @brief Values that represent a cpu register. * @brief Values that represent a cpu register.
*/ */
enum class VXRegister : uint16_t enum class Register : uint16_t
{ {
NONE, NONE,
/* 8 bit general purpose registers */ /* 8 bit general purpose registers */
@ -185,10 +189,12 @@ enum class VXRegister : uint16_t
RIP RIP
}; };
/* OperandType ================================================================================== */
/** /**
* @brief Values that represent the type of a decoded operand. * @brief Values that represent the type of a decoded operand.
*/ */
enum class VXOperandType enum class OperandType : uint8_t
{ {
/** /**
* @brief The operand is not used. * @brief The operand is not used.
@ -220,10 +226,12 @@ enum class VXOperandType
CONSTANT CONSTANT
}; };
/* ZydisOperandAccessMode ============================================================================ */
/** /**
* @brief Values that represent the operand access mode. * @brief Values that represent the operand access mode.
*/ */
enum class VXOperandAccessMode enum class OperandAccessMode : uint8_t
{ {
NA, NA,
/** /**
@ -240,15 +248,17 @@ enum class VXOperandAccessMode
READWRITE READWRITE
}; };
/* OperandInfo ================================================================================== */
/** /**
* @brief This struct holds information about a decoded operand. * @brief This struct holds information about a decoded operand.
*/ */
struct VXOperandInfo struct OperandInfo
{ {
/** /**
* @brief The type of the operand. * @brief The type of the operand.
*/ */
VXOperandType type; OperandType type;
/** /**
* @brief The size of the operand. * @brief The size of the operand.
*/ */
@ -256,15 +266,15 @@ struct VXOperandInfo
/** /**
* @brief The operand access mode. * @brief The operand access mode.
*/ */
VXOperandAccessMode access_mode; OperandAccessMode access_mode;
/** /**
* @brief The base register. * @brief The base register.
*/ */
VXRegister base; Register base;
/** /**
* @brief The index register. * @brief The index register.
*/ */
VXRegister index; Register index;
/** /**
* @brief The scale factor. * @brief The scale factor.
*/ */
@ -297,10 +307,12 @@ struct VXOperandInfo
} lval; } lval;
}; };
/* InstructionInfo ============================================================================== */
/** /**
* @brief This struct holds information about a decoded instruction. * @brief This struct holds information about a decoded instruction.
*/ */
struct VXInstructionInfo struct InstructionInfo
{ {
/** /**
* @brief The instruction flags. * @brief The instruction flags.
@ -309,7 +321,7 @@ struct VXInstructionInfo
/** /**
* @brief The instruction mnemonic. * @brief The instruction mnemonic.
*/ */
VXInstructionMnemonic mnemonic; InstructionMnemonic mnemonic;
/** /**
* @brief The total length of the instruction. * @brief The total length of the instruction.
*/ */
@ -337,12 +349,12 @@ struct VXInstructionInfo
/** /**
* @brief The decoded operands. * @brief The decoded operands.
*/ */
VXOperandInfo operand[4]; OperandInfo operand[4];
/** /**
* @brief The segment register. This value will default to @c NONE, if no segment register * @brief The segment register. This value will default to @c NONE, if no segment register
* prefix is present. * prefix is present.
*/ */
VXRegister segment; Register segment;
/** /**
* @brief The rex prefix byte. * @brief The rex prefix byte.
*/ */
@ -512,7 +524,7 @@ struct VXInstructionInfo
/** /**
* @brief The instruction definition. * @brief The instruction definition.
*/ */
const VXInstructionDefinition *instrDefinition; const InstructionDefinition* instrDefinition;
/** /**
* @brief The instruction address points to the current instruction (relative to the * @brief The instruction address points to the current instruction (relative to the
* initial instruction pointer). * initial instruction pointer).
@ -527,3 +539,5 @@ struct VXInstructionInfo
}; };
} }
#endif /* _ZYDIS_TYPES_HPP_ */

43
VerteronDisassemblerEngine/VXDisassemblerUtils.cpp → Zydis/ZydisUtils.cpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 30. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,47 +26,48 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#include "VXDisassemblerUtils.h"
#include <assert.h>
namespace Verteron #include "ZydisUtils.hpp"
#include <cassert>
namespace Zydis
{ {
uint64_t VDECalcAbsoluteTarget(const VXInstructionInfo &info, const VXOperandInfo &operand) uint64_t CalcAbsoluteTarget(const InstructionInfo& info, const OperandInfo& operand)
{ {
assert((operand.type == VXOperandType::REL_IMMEDIATE) || assert((operand.type == OperandType::REL_IMMEDIATE) ||
((operand.type == VXOperandType::MEMORY) && (operand.base == VXRegister::RIP))); ((operand.type == OperandType::MEMORY)&& (operand.base == Register::RIP)));
uint64_t truncMask = 0xFFFFFFFFFFFFFFFFull; uint64_t truncMask = 0xFFFFFFFFFFFFFFFFull;
if (!(info.flags & IF_DISASSEMBLER_MODE_64)) if (!(info.flags& IF_DISASSEMBLER_MODE_64))
{ {
truncMask >>= (64 - info.operand_mode); truncMask >>= (64 - info.operand_mode);
} }
uint16_t size = operand.size; uint16_t size = operand.size;
if ((operand.type == VXOperandType::MEMORY) && (operand.base == VXRegister::RIP)) if ((operand.type == OperandType::MEMORY)&& (operand.base == Register::RIP))
{ {
size = operand.offset; size = operand.offset;
} }
switch (size) switch (size)
{ {
case 8: case 8:
return (info.instrPointer + operand.lval.sbyte) & truncMask; return (info.instrPointer + operand.lval.sbyte)& truncMask;
case 16: case 16:
{ {
uint32_t delta = operand.lval.sword & truncMask; uint32_t delta = operand.lval.sword& truncMask;
if ((info.instrPointer + delta) > 0xFFFF) if ((info.instrPointer + delta) > 0xFFFF)
{ {
return (info.instrPointer & 0xF0000) + ((info.instrPointer + delta) & 0xFFFF); return (info.instrPointer& 0xF0000) + ((info.instrPointer + delta)& 0xFFFF);
} }
return info.instrPointer + delta; return info.instrPointer + delta;
} }
case 32: case 32:
return (info.instrPointer + operand.lval.sdword) & truncMask; return (info.instrPointer + operand.lval.sdword)& truncMask;
default: default:
assert(0); assert(0);
} }
return 0; return 0;
} }
} }

26
VerteronDisassemblerEngine/VXDisassemblerUtils.h → Zydis/ZydisUtils.hpp
View File

@ -1,14 +1,12 @@
/************************************************************************************************** /***************************************************************************************************
Verteron Disassembler Engine Zyan Disassembler Engine
Version 1.0 Version 1.0
Remarks : Freeware, Copyright must be included Remarks : Freeware, Copyright must be included
Original Author : Florian Bernd Original Author : Florian Bernd
Modifications : Modifications : Joel Höner
Last change : 30. October 2014
* Permission is hereby granted, free of charge, to any person obtaining a copy * Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
@ -16,10 +14,10 @@
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in all * The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software. * copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@ -28,13 +26,15 @@
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE. * SOFTWARE.
**************************************************************************************************/ ***************************************************************************************************/
#pragma once
#ifndef _ZYDIS_UTILS_HPP_
#define _ZYDIS_UTILS_HPP_
#include <stdint.h> #include <stdint.h>
#include "VXDisassemblerTypes.h" #include "ZydisTypes.hpp"
namespace Verteron namespace Zydis
{ {
/** /**
@ -43,6 +43,8 @@ namespace Verteron
* @param operand The operand. * @param operand The operand.
* @return The absolute target address. * @return The absolute target address.
*/ */
uint64_t VDECalcAbsoluteTarget(const VXInstructionInfo &info, const VXOperandInfo &operand); uint64_t CalcAbsoluteTarget(const InstructionInfo& info, const OperandInfo& operand);
} }
#endif /* _ZYDIS_UTILS_HPP_ */