mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
580 lines
23 KiB
580 lines
23 KiB
/* @ Author: Gerd Immeyer @ Version: */
|
|
/* */
|
|
/* @ Creation Date: 10.19.89 @ Modification Date: */
|
|
/* */
|
|
/***************************************************************************/
|
|
|
|
//
|
|
// Munged for my purposes on 10/20/99 (v-johnwh)
|
|
//
|
|
#include <string.h>
|
|
|
|
typedef unsigned long DWORD;
|
|
typedef unsigned long ULONG;
|
|
typedef unsigned short USHORT;
|
|
typedef unsigned __int64 ULONGLONG;
|
|
typedef int BOOL;
|
|
typedef ULONG *PULONG;
|
|
typedef void * PVOID;
|
|
#define ADDR_V86 ((USHORT)0x0002)
|
|
#define ADDR_16 ((USHORT)0x0004)
|
|
#define FALSE 0
|
|
#define TRUE 1
|
|
#define BIT20(b) (b & 0x07)
|
|
#define BIT53(b) (b >> 3 & 0x07)
|
|
#define BIT76(b) (b >> 6 & 0x03)
|
|
#define MAXL 16
|
|
#define MAXOPLEN 10
|
|
#define REGDS 3
|
|
#define REGSS 15
|
|
#define REGEBX 6
|
|
#define REGEBP 10
|
|
#define REGEDI 4
|
|
#define REGESI 5
|
|
#define REGEAX 9
|
|
#define REGECX 8
|
|
#define REGEDX 7
|
|
#define REGESP 14
|
|
#define Off(x) ((x).off)
|
|
#define Type(x) ((x).type)
|
|
|
|
#define OBOFFSET 26
|
|
#define OBOPERAND 34
|
|
#define OBLINEEND 77
|
|
#define MAX_SYMNAME_SIZE 1024
|
|
|
|
#include "86dis.h"
|
|
|
|
ULONG X86BrkptLength = 1L;
|
|
ULONG X86TrapInstr = 0xcc;
|
|
|
|
/***** static tables and variables *****/
|
|
static char regtab[] = "alcldlblahchdhbhaxcxdxbxspbpsidi"; /* reg table */
|
|
static char *mrmtb16[] = { "bx+si", /* modRM string table (16-bit) */
|
|
"bx+di",
|
|
"bp+si",
|
|
"bp+di",
|
|
"si",
|
|
"di",
|
|
"bp",
|
|
"bx"
|
|
};
|
|
|
|
static char *mrmtb32[] = { "eax", /* modRM string table (32-bit) */
|
|
"ecx",
|
|
"edx",
|
|
"ebx",
|
|
"esp",
|
|
"ebp",
|
|
"esi",
|
|
"edi"
|
|
};
|
|
|
|
static char seg16[8] = { REGDS, REGDS, REGSS, REGSS,
|
|
REGDS, REGDS, REGSS, REGDS };
|
|
static char reg16[8] = { REGEBX, REGEBX, REGEBP, REGEBP,
|
|
REGESI, REGEDI, REGEBP, REGEBX };
|
|
static char reg16_2[4] = { REGESI, REGEDI, REGESI, REGEDI };
|
|
|
|
static char seg32[8] = { REGDS, REGDS, REGDS, REGDS,
|
|
REGSS, REGSS, REGDS, REGDS };
|
|
static char reg32[8] = { REGEAX, REGECX, REGEDX, REGEBX,
|
|
REGESP, REGEBP, REGESI, REGEDI };
|
|
|
|
static char sregtab[] = "ecsdfg"; // first letter of ES, CS, SS, DS, FS, GS
|
|
|
|
char hexdigit[] = { '0', '1', '2', '3', '4', '5', '6', '7',
|
|
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
|
|
|
|
typedef struct _DECODEDATA
|
|
{
|
|
int mod; /* mod of mod/rm byte */
|
|
int rm; /* rm of mod/rm byte */
|
|
int ttt; /* return reg value (of mod/rm) */
|
|
unsigned char *pMem; /* current position in instruction */
|
|
ADDR EAaddr[2]; // offset of effective address
|
|
int EAsize[2]; // size of effective address item
|
|
char *pchEAseg[2]; // normal segment for operand
|
|
BOOL fMovX; // indicates a MOVSX or MOVZX
|
|
BOOL fMmRegEa; // Use mm? registers in reg-only EA.
|
|
} DECODEDATA;
|
|
/*...........................internal function..............................*/
|
|
/* */
|
|
/* generate a mod/rm string */
|
|
/* */
|
|
|
|
void DIdoModrm (char **ppchBuf, int segOvr, DECODEDATA *decodeData)
|
|
{
|
|
int mrm; /* modrm byte */
|
|
char *src; /* source string */
|
|
int sib;
|
|
int ss;
|
|
int ind;
|
|
int oldrm;
|
|
|
|
mrm = *(decodeData->pMem)++; /* get the mrm byte from instruction */
|
|
decodeData->mod = BIT76(mrm); /* get mod */
|
|
decodeData->ttt = BIT53(mrm); /* get reg - used outside routine */
|
|
decodeData->rm = BIT20(mrm); /* get rm */
|
|
|
|
if (decodeData->mod == 3) { /* register only mode */
|
|
if (decodeData->fMmRegEa) {
|
|
*(*ppchBuf)++ = 'm';
|
|
*(*ppchBuf)++ = 'm';
|
|
*(*ppchBuf)++ = decodeData->rm + '0';
|
|
} else {
|
|
src = ®tab[decodeData->rm * 2]; /* point to 16-bit register */
|
|
if (decodeData->EAsize[0] > 1) {
|
|
src += 16; /* point to 16-bit register */
|
|
if (!(decodeData->fMovX))
|
|
*(*ppchBuf)++ = 'e'; /* make it a 32-bit register */
|
|
}
|
|
*(*ppchBuf)++ = *src++; /* copy register name */
|
|
*(*ppchBuf)++ = *src;
|
|
}
|
|
decodeData->EAsize[0] = 0; // no EA value to output
|
|
return;
|
|
}
|
|
|
|
if (1) { /* 32-bit addressing mode */
|
|
oldrm = decodeData->rm;
|
|
if (decodeData->rm == 4) { /* rm == 4 implies sib byte */
|
|
sib = *(decodeData->pMem)++; /* get s_i_b byte */
|
|
decodeData->rm = BIT20(sib); /* return base */
|
|
}
|
|
|
|
*(*ppchBuf)++ = '[';
|
|
if (decodeData->mod == 0 && decodeData->rm == 5) {
|
|
decodeData->pMem += 4;
|
|
}
|
|
|
|
if (oldrm == 4) { // finish processing sib
|
|
ind = BIT53(sib);
|
|
if (ind != 4) {
|
|
*(*ppchBuf)++ = '+';
|
|
ss = 1 << BIT76(sib);
|
|
if (ss != 1) {
|
|
*(*ppchBuf)++ = '*';
|
|
*(*ppchBuf)++ = (char)(ss + '0');
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// output any displacement
|
|
|
|
if (decodeData->mod == 1) {
|
|
decodeData->pMem++;
|
|
}
|
|
else if (decodeData->mod == 2) {
|
|
long tmp = 0;
|
|
if (1) {
|
|
decodeData->pMem += 4;
|
|
}
|
|
else {
|
|
decodeData->pMem += 2;
|
|
}
|
|
}
|
|
}
|
|
|
|
DWORD GetInstructionLengthFromAddress(PVOID paddr)
|
|
{
|
|
PULONG pOffset = 0;
|
|
int G_mode_32;
|
|
int mode_32; /* local addressing mode indicator */
|
|
int opsize_32; /* operand size flag */
|
|
int opcode; /* current opcode */
|
|
int olen = 2; /* operand length */
|
|
int alen = 2; /* address length */
|
|
int end = FALSE; /* end of instruction flag */
|
|
int mrm = FALSE; /* indicator that modrm is generated*/
|
|
unsigned char *action; /* action for operand interpretation*/
|
|
long tmp; /* temporary storage field */
|
|
int indx; /* temporary index */
|
|
int action2; /* secondary action */
|
|
int instlen; /* instruction length */
|
|
int segOvr = 0; /* segment override opcode */
|
|
unsigned char *membuf; /* current instruction buffer */
|
|
char *pEAlabel = ""; /* optional label for operand */
|
|
char RepPrefixBuffer[32]; /* rep prefix buffer */
|
|
char *pchRepPrefixBuf = RepPrefixBuffer; /* pointer to prefix buffer */
|
|
char OpcodeBuffer[8]; /* opcode buffer */
|
|
char *pchOpcodeBuf = OpcodeBuffer; /* pointer to opcode buffer */
|
|
char OperandBuffer[MAX_SYMNAME_SIZE + 20]; /* operand buffer */
|
|
char *pchOperandBuf = OperandBuffer; /* pointer to operand buffer */
|
|
char ModrmBuffer[MAX_SYMNAME_SIZE + 20]; /* modRM buffer */
|
|
char *pchModrmBuf = ModrmBuffer; /* pointer to modRM buffer */
|
|
char EABuffer[42]; /* effective address buffer */
|
|
char *pchEABuf = EABuffer; /* pointer to EA buffer */
|
|
|
|
unsigned char BOPaction;
|
|
int subcode; /* bop subcode */
|
|
DECODEDATA decodeData;
|
|
|
|
decodeData.fMovX = FALSE;
|
|
decodeData.fMmRegEa = FALSE;
|
|
decodeData.EAsize[0] = decodeData.EAsize[1] = 0; // no effective address
|
|
decodeData.pchEAseg[0] = dszDS_;
|
|
decodeData.pchEAseg[1] = dszES_;
|
|
|
|
G_mode_32 = 1;
|
|
|
|
mode_32 = opsize_32 = (G_mode_32 == 1); /* local addressing mode */
|
|
olen = alen = (1 + mode_32) << 1; // set operand/address lengths
|
|
// 2 for 16-bit and 4 for 32-bit
|
|
#if MULTIMODE
|
|
if (paddr->type & (ADDR_V86 | ADDR_16)) {
|
|
mode_32 = opsize_32 = 0;
|
|
olen = alen = 2;
|
|
}
|
|
#endif
|
|
|
|
membuf = (unsigned char *)paddr;
|
|
|
|
decodeData.pMem = membuf; /* point to begin of instruction */
|
|
opcode = *(decodeData.pMem)++; /* get opcode */
|
|
|
|
if ( opcode == 0xc4 && *(decodeData.pMem) == 0xC4 ) {
|
|
(decodeData.pMem)++;
|
|
action = &BOPaction;
|
|
BOPaction = IB | END;
|
|
subcode = *(decodeData.pMem);
|
|
if ( subcode == 0x50 || subcode == 0x52 || subcode == 0x53 || subcode == 0x54 || subcode == 0x57 || subcode == 0x58 || subcode == 0x58 ) {
|
|
BOPaction = IW | END;
|
|
}
|
|
} else {
|
|
action = actiontbl + distbl[opcode].opr; /* get operand action */
|
|
}
|
|
|
|
/***** loop through all operand actions *****/
|
|
|
|
do {
|
|
action2 = (*action) & 0xc0;
|
|
switch((*action++) & 0x3f) {
|
|
case ALT: /* alter the opcode if 32-bit */
|
|
if (opsize_32) {
|
|
indx = *action++;
|
|
pchOpcodeBuf = &OpcodeBuffer[indx];
|
|
if (indx == 0)
|
|
;
|
|
else {
|
|
*pchOpcodeBuf++ = 'd';
|
|
if (indx == 1)
|
|
*pchOpcodeBuf++ = 'q';
|
|
}
|
|
}
|
|
break;
|
|
|
|
case STROP:
|
|
// compute size of operands in indx
|
|
// also if dword operands, change fifth
|
|
// opcode letter from 'w' to 'd'.
|
|
|
|
if (opcode & 1) {
|
|
if (opsize_32) {
|
|
indx = 4;
|
|
OpcodeBuffer[4] = 'd';
|
|
}
|
|
else
|
|
indx = 2;
|
|
}
|
|
else
|
|
indx = 1;
|
|
|
|
if (*action & 1) {
|
|
}
|
|
if (*action++ & 2) {
|
|
}
|
|
break;
|
|
|
|
case CHR: /* insert a character */
|
|
*pchOperandBuf++ = *action++;
|
|
break;
|
|
|
|
case CREG: /* set debug, test or control reg */
|
|
if ((opcode - SECTAB_OFFSET_2)&0x04) //remove bias from opcode
|
|
*pchOperandBuf++ = 't';
|
|
else if ((opcode - SECTAB_OFFSET_2) & 0x01)
|
|
*pchOperandBuf++ = 'd';
|
|
else
|
|
*pchOperandBuf++ = 'c';
|
|
*pchOperandBuf++ = 'r';
|
|
*pchOperandBuf++ = (char)('0' + decodeData.ttt);
|
|
break;
|
|
|
|
case SREG2: /* segment register */
|
|
// Handle special case for fs/gs (OPC0F adds SECTAB_OFFSET_5
|
|
// to these codes)
|
|
if (opcode > 0x7e)
|
|
decodeData.ttt = BIT53((opcode-SECTAB_OFFSET_5));
|
|
else
|
|
decodeData.ttt = BIT53(opcode); // set value to fall through
|
|
|
|
case SREG3: /* segment register */
|
|
*pchOperandBuf++ = sregtab[decodeData.ttt]; // reg is part of modrm
|
|
*pchOperandBuf++ = 's';
|
|
break;
|
|
|
|
case BRSTR: /* get index to register string */
|
|
decodeData.ttt = *action++; /* from action table */
|
|
goto BREGlabel;
|
|
|
|
case BOREG: /* byte register (in opcode) */
|
|
decodeData.ttt = BIT20(opcode); /* register is part of opcode */
|
|
goto BREGlabel;
|
|
|
|
case ALSTR:
|
|
decodeData.ttt = 0; /* point to AL register */
|
|
BREGlabel:
|
|
case BREG: /* general register */
|
|
*pchOperandBuf++ = regtab[decodeData.ttt * 2];
|
|
*pchOperandBuf++ = regtab[decodeData.ttt * 2 + 1];
|
|
break;
|
|
|
|
case WRSTR: /* get index to register string */
|
|
decodeData.ttt = *action++; /* from action table */
|
|
goto WREGlabel;
|
|
|
|
case VOREG: /* register is part of opcode */
|
|
decodeData.ttt = BIT20(opcode);
|
|
goto VREGlabel;
|
|
|
|
case AXSTR:
|
|
decodeData.ttt = 0; /* point to eAX register */
|
|
VREGlabel:
|
|
case VREG: /* general register */
|
|
if (opsize_32) /* test for 32bit mode */
|
|
*pchOperandBuf++ = 'e';
|
|
WREGlabel:
|
|
case WREG: /* register is word size */
|
|
*pchOperandBuf++ = regtab[decodeData.ttt * 2 + 16];
|
|
*pchOperandBuf++ = regtab[decodeData.ttt * 2 + 17];
|
|
break;
|
|
|
|
case MMWREG:
|
|
*pchOperandBuf++ = 'm';
|
|
*pchOperandBuf++ = 'm';
|
|
*pchOperandBuf++ = decodeData.ttt + '0';
|
|
break;
|
|
|
|
case IST_ST:
|
|
*(pchOperandBuf - 5) += (char)decodeData.rm;
|
|
break;
|
|
|
|
case ST_IST:
|
|
;
|
|
case IST:
|
|
;
|
|
*(pchOperandBuf - 2) += (char)decodeData.rm;
|
|
break;
|
|
|
|
case xBYTE: /* set instruction to byte only */
|
|
decodeData.EAsize[0] = 1;
|
|
break;
|
|
|
|
case VAR:
|
|
if (opsize_32)
|
|
goto DWORDlabel;
|
|
|
|
case xWORD:
|
|
decodeData.EAsize[0] = 2;
|
|
break;
|
|
|
|
case EDWORD:
|
|
opsize_32 = 1; // for control reg move, use eRegs
|
|
case xDWORD:
|
|
DWORDlabel:
|
|
decodeData.EAsize[0] = 4;
|
|
break;
|
|
|
|
case MMQWORD:
|
|
decodeData.fMmRegEa = TRUE;
|
|
|
|
case QWORD:
|
|
decodeData.EAsize[0] = 8;
|
|
break;
|
|
|
|
case TBYTE:
|
|
decodeData.EAsize[0] = 10;
|
|
break;
|
|
|
|
case FARPTR:
|
|
if (opsize_32) {
|
|
decodeData.EAsize[0] = 6;
|
|
}
|
|
else {
|
|
decodeData.EAsize[0] = 4;
|
|
}
|
|
break;
|
|
|
|
case LMODRM: // output modRM data type
|
|
if (decodeData.mod != 3)
|
|
;
|
|
else
|
|
decodeData.EAsize[0] = 0;
|
|
|
|
case MODRM: /* output modrm string */
|
|
if (segOvr) /* in case of segment override */
|
|
0;
|
|
break;
|
|
|
|
case ADDRP: /* address pointer */
|
|
decodeData.pMem += olen + 2;
|
|
break;
|
|
|
|
case REL8: /* relative address 8-bit */
|
|
if (opcode == 0xe3 && mode_32) {
|
|
pchOpcodeBuf = OpcodeBuffer;
|
|
}
|
|
tmp = (long)*(char *)(decodeData.pMem)++; /* get the 8-bit rel offset */
|
|
goto DoRelDispl;
|
|
|
|
case REL16: /* relative address 16-/32-bit */
|
|
tmp = 0;
|
|
if (mode_32)
|
|
memmove(&tmp,decodeData.pMem,sizeof(long));
|
|
else
|
|
memmove(&tmp,decodeData.pMem,sizeof(short));
|
|
decodeData.pMem += alen; /* skip over offset */
|
|
DoRelDispl:
|
|
// tmp += *pOffset + (decodeData.pMem - membuf); /* calculate address */
|
|
// address
|
|
break;
|
|
|
|
case UBYTE: // unsigned byte for int/in/out
|
|
decodeData.pMem++;
|
|
break;
|
|
|
|
case IB: /* operand is immediate byte */
|
|
if ((opcode & ~1) == 0xd4) { // postop for AAD/AAM is 0x0a
|
|
if (*(decodeData.pMem)++ != 0x0a) // test post-opcode byte
|
|
0;
|
|
break;
|
|
}
|
|
olen = 1; /* set operand length */
|
|
goto DoImmed;
|
|
|
|
case IW: /* operand is immediate word */
|
|
olen = 2; /* set operand length */
|
|
|
|
case IV: /* operand is word or dword */
|
|
DoImmed:
|
|
decodeData.pMem += olen;
|
|
break;
|
|
|
|
case OFFS: /* operand is offset */
|
|
decodeData.EAsize[0] = (opcode & 1) ? olen : 1;
|
|
|
|
if (segOvr) /* in case of segment override */
|
|
0;
|
|
|
|
decodeData.pMem += alen;
|
|
break;
|
|
|
|
case GROUP: /* operand is of group 1,2,4,6 or 8 */
|
|
/* output opcode symbol */
|
|
action++;
|
|
break;
|
|
|
|
case GROUPT: /* operand is of group 3,5 or 7 */
|
|
indx = *action; /* get indx into group from action */
|
|
goto doGroupT;
|
|
|
|
case EGROUPT: /* x87 ESC (D8-DF) group index */
|
|
indx = BIT20(opcode) * 2; /* get group index from opcode */
|
|
if (decodeData.mod == 3) { /* some operand variations exists */
|
|
/* for x87 and mod == 3 */
|
|
++indx; /* take the next group table entry */
|
|
if (indx == 3) { /* for x87 ESC==D9 and mod==3 */
|
|
if (decodeData.ttt > 3) { /* for those D9 instructions */
|
|
indx = 12 + decodeData.ttt; /* offset index to table by 12 */
|
|
decodeData.ttt = decodeData.rm; /* set secondary index to rm */
|
|
}
|
|
}
|
|
else if (indx == 7) { /* for x87 ESC==DB and mod==3 */
|
|
if (decodeData.ttt == 4) { /* if ttt==4 */
|
|
decodeData.ttt = decodeData.rm; /* set secondary group table index */
|
|
} else if ((decodeData.ttt<4)||(decodeData.ttt>4 && decodeData.ttt<7)) {
|
|
// adjust for pentium pro opcodes
|
|
indx = 24; /* offset index to table by 24*/
|
|
}
|
|
}
|
|
}
|
|
doGroupT:
|
|
/* handle group with different types of operands */
|
|
action = actiontbl + groupt[indx][decodeData.ttt].opr;
|
|
/* get new action */
|
|
break;
|
|
//
|
|
// The secondary opcode table has been compressed in the
|
|
// original design. Hence while disassembling the 0F sequence,
|
|
// opcode needs to be displaced by an appropriate amount depending
|
|
// on the number of "filled" entries in the secondary table.
|
|
// These displacements are used throughout the code.
|
|
//
|
|
|
|
case OPC0F: /* secondary opcode table (opcode 0F) */
|
|
opcode = *(decodeData.pMem)++; /* get real opcode */
|
|
decodeData.fMovX = (BOOL)(opcode == 0xBF || opcode == 0xB7);
|
|
if (opcode < 12) /* for the first 12 opcodes */
|
|
opcode += SECTAB_OFFSET_1; // point to begin of sec op tab
|
|
else if (opcode > 0x1f && opcode < 0x27)
|
|
opcode += SECTAB_OFFSET_2; // adjust for undefined opcodes
|
|
else if (opcode > 0x2f && opcode < 0x34)
|
|
opcode += SECTAB_OFFSET_3; // adjust for undefined opcodes
|
|
else if (opcode > 0x3f && opcode < 0x50)
|
|
opcode += SECTAB_OFFSET_4; // adjust for undefined opcodes
|
|
else if (opcode > 0x5f && opcode < 0xff)
|
|
opcode += SECTAB_OFFSET_5; // adjust for undefined opcodes
|
|
else
|
|
opcode = SECTAB_OFFSET_UNDEF; // all non-existing opcodes
|
|
goto getNxtByte1;
|
|
|
|
case ADR_OVR: /* address override */
|
|
mode_32 = !G_mode_32; /* override addressing mode */
|
|
alen = (mode_32 + 1) << 1; /* toggle address length */
|
|
goto getNxtByte;
|
|
|
|
case OPR_OVR: /* operand size override */
|
|
opsize_32 = !G_mode_32; /* override operand size */
|
|
olen = (opsize_32 + 1) << 1; /* toggle operand length */
|
|
goto getNxtByte;
|
|
|
|
case SEG_OVR: /* handle segment override */
|
|
segOvr = opcode; /* save segment override opcode */
|
|
pchOpcodeBuf = OpcodeBuffer; // restart the opcode string
|
|
goto getNxtByte;
|
|
|
|
case REP: /* handle rep/lock prefixes */
|
|
if (pchRepPrefixBuf != RepPrefixBuffer)
|
|
*pchRepPrefixBuf++ = ' ';
|
|
pchOpcodeBuf = OpcodeBuffer;
|
|
getNxtByte:
|
|
opcode = *(decodeData.pMem)++; /* next byte is opcode */
|
|
getNxtByte1:
|
|
action = actiontbl + distbl[opcode].opr;
|
|
|
|
default: /* opcode has no operand */
|
|
break;
|
|
}
|
|
switch (action2) { /* secondary action */
|
|
case MRM: /* generate modrm for later use */
|
|
if (!mrm) { /* ignore if it has been generated */
|
|
DIdoModrm(&pchModrmBuf, segOvr, &decodeData);
|
|
mrm = TRUE; /* remember its generation */
|
|
}
|
|
break;
|
|
|
|
case COM: /* insert a comma after operand */
|
|
break;
|
|
|
|
case END: /* end of instruction */
|
|
end = TRUE;
|
|
break;
|
|
}
|
|
} while (!end); /* loop til end of instruction */
|
|
|
|
instlen = (decodeData.pMem) - membuf;
|
|
|
|
return instlen;
|
|
}
|