OLD | NEW |
| (Empty) |
1 #include <stdio.h> | |
2 #include <stdlib.h> | |
3 #include <string.h> | |
4 | |
5 #include "libdis.h" | |
6 #include "ia32_insn.h" | |
7 #include "ia32_invariant.h" | |
8 #include "x86_operand_list.h" | |
9 | |
10 | |
11 #ifdef _MSC_VER | |
12 #define snprintf _snprintf | |
13 #define inline __inline | |
14 #endif | |
15 | |
16 unsigned int x86_disasm( unsigned char *buf, unsigned int buf_len, | |
17 uint32_t buf_rva, unsigned int offset, | |
18 x86_insn_t *insn ){ | |
19 int len, size; | |
20 unsigned char bytes[MAX_INSTRUCTION_SIZE]; | |
21 | |
22 if ( ! buf || ! insn || ! buf_len ) { | |
23 /* caller screwed up somehow */ | |
24 return 0; | |
25 } | |
26 | |
27 | |
28 /* ensure we are all NULLed up */ | |
29 memset( insn, 0, sizeof(x86_insn_t) ); | |
30 insn->addr = buf_rva + offset; | |
31 insn->offset = offset; | |
32 /* default to invalid insn */ | |
33 insn->type = insn_invalid; | |
34 insn->group = insn_none; | |
35 | |
36 if ( offset >= buf_len ) { | |
37 /* another caller screwup ;) */ | |
38 x86_report_error(report_disasm_bounds, (void*)(long)(buf_rva+off
set)); | |
39 return 0; | |
40 } | |
41 | |
42 len = buf_len - offset; | |
43 | |
44 /* copy enough bytes for disassembly into buffer : this | |
45 * helps prevent buffer overruns at the end of a file */ | |
46 memset( bytes, 0, MAX_INSTRUCTION_SIZE ); | |
47 memcpy( bytes, &buf[offset], (len < MAX_INSTRUCTION_SIZE) ? len : | |
48 MAX_INSTRUCTION_SIZE ); | |
49 | |
50 /* actually do the disassembly */ | |
51 /* TODO: allow switching when more disassemblers are added */ | |
52 size = ia32_disasm_addr( bytes, len, insn); | |
53 | |
54 /* check and see if we had an invalid instruction */ | |
55 if (! size ) { | |
56 x86_report_error(report_invalid_insn, (void*)(long)(buf_rva+offs
et)); | |
57 return 0; | |
58 } | |
59 | |
60 /* check if we overran the end of the buffer */ | |
61 if ( size > len ) { | |
62 x86_report_error( report_insn_bounds, (void*)(long)(buf_rva + of
fset)); | |
63 MAKE_INVALID( insn, bytes ); | |
64 return 0; | |
65 } | |
66 | |
67 /* fill bytes field of insn */ | |
68 memcpy( insn->bytes, bytes, size ); | |
69 | |
70 return size; | |
71 } | |
72 | |
73 unsigned int x86_disasm_range( unsigned char *buf, uint32_t buf_rva, | |
74 unsigned int offset, unsigned int len, | |
75 DISASM_CALLBACK func, void *arg ) { | |
76 x86_insn_t insn; | |
77 unsigned int buf_len, size, count = 0, bytes = 0; | |
78 | |
79 /* buf_len is implied by the arguments */ | |
80 buf_len = len + offset; | |
81 | |
82 while ( bytes < len ) { | |
83 size = x86_disasm( buf, buf_len, buf_rva, offset + bytes, | |
84 &insn ); | |
85 if ( size ) { | |
86 /* invoke callback if it exists */ | |
87 if ( func ) { | |
88 (*func)( &insn, arg ); | |
89 } | |
90 bytes += size; | |
91 count ++; | |
92 } else { | |
93 /* error */ | |
94 bytes++; /* try next byte */ | |
95 } | |
96 | |
97 x86_oplist_free( &insn ); | |
98 } | |
99 | |
100 return( count ); | |
101 } | |
102 | |
103 static inline int follow_insn_dest( x86_insn_t *insn ) { | |
104 if ( insn->type == insn_jmp || insn->type == insn_jcc || | |
105 insn->type == insn_call || insn->type == insn_callcc ) { | |
106 return(1); | |
107 } | |
108 return(0); | |
109 } | |
110 | |
111 static inline int insn_doesnt_return( x86_insn_t *insn ) { | |
112 return( (insn->type == insn_jmp || insn->type == insn_return) ? 1: 0 ); | |
113 } | |
114 | |
115 static int32_t internal_resolver( x86_op_t *op, x86_insn_t *insn ){ | |
116 int32_t next_addr = -1; | |
117 if ( x86_optype_is_address(op->type) ) { | |
118 next_addr = op->data.sdword; | |
119 } else if ( op->type == op_relative_near ) { | |
120 next_addr = insn->addr + insn->size + op->data.relative_near; | |
121 } else if ( op->type == op_relative_far ) { | |
122 next_addr = insn->addr + insn->size + op->data.relative_far; | |
123 } | |
124 return( next_addr ); | |
125 } | |
126 | |
127 unsigned int x86_disasm_forward( unsigned char *buf, unsigned int buf_len, | |
128 uint32_t buf_rva, unsigned int offset, | |
129 DISASM_CALLBACK func, void *arg, | |
130 DISASM_RESOLVER resolver, void *r_arg ){ | |
131 x86_insn_t insn; | |
132 x86_op_t *op; | |
133 int32_t next_addr; | |
134 uint32_t next_offset; | |
135 unsigned int size, count = 0, bytes = 0, cont = 1; | |
136 | |
137 while ( cont && bytes < buf_len ) { | |
138 size = x86_disasm( buf, buf_len, buf_rva, offset + bytes, | |
139 &insn ); | |
140 | |
141 if ( size ) { | |
142 /* invoke callback if it exists */ | |
143 if ( func ) { | |
144 (*func)( &insn, arg ); | |
145 } | |
146 bytes += size; | |
147 count ++; | |
148 } else { | |
149 /* error */ | |
150 bytes++; /* try next byte */ | |
151 } | |
152 | |
153 if ( follow_insn_dest(&insn) ) { | |
154 op = x86_get_dest_operand( &insn ); | |
155 next_addr = -1; | |
156 | |
157 /* if caller supplied a resolver, use it to determine | |
158 * the address to disassemble */ | |
159 if ( resolver ) { | |
160 next_addr = resolver(op, &insn, r_arg); | |
161 } else { | |
162 next_addr = internal_resolver(op, &insn); | |
163 } | |
164 | |
165 if (next_addr != -1 ) { | |
166 next_offset = next_addr - buf_rva; | |
167 /* if offset is in this buffer... */ | |
168 if ( (uint32_t)next_addr >= buf_rva && | |
169 next_offset < buf_len ) { | |
170 /* go ahead and disassemble */ | |
171 count += x86_disasm_forward( buf, | |
172 buf_len, | |
173 buf_rva, | |
174 next_offset, | |
175 func, arg, | |
176 resolver, r_arg ); | |
177 } else { | |
178 /* report unresolved address */ | |
179 x86_report_error( report_disasm_bounds, | |
180 (void*)(long)next_addr ); | |
181 } | |
182 } | |
183 } /* end follow_insn */ | |
184 | |
185 if ( insn_doesnt_return(&insn) ) { | |
186 /* stop disassembling */ | |
187 cont = 0; | |
188 } | |
189 | |
190 x86_oplist_free( &insn ); | |
191 } | |
192 return( count ); | |
193 } | |
194 | |
195 /* invariant instruction representation */ | |
196 size_t x86_invariant_disasm( unsigned char *buf, int buf_len, | |
197 x86_invariant_t *inv ){ | |
198 if (! buf || ! buf_len || ! inv ) { | |
199 return(0); | |
200 } | |
201 | |
202 return ia32_disasm_invariant(buf, buf_len, inv); | |
203 } | |
204 size_t x86_size_disasm( unsigned char *buf, unsigned int buf_len ) { | |
205 if (! buf || ! buf_len ) { | |
206 return(0); | |
207 } | |
208 | |
209 return ia32_disasm_size(buf, buf_len); | |
210 } | |
OLD | NEW |