diff options
| -rw-r--r-- | ChangeLog | 17 | ||||
| -rw-r--r-- | src/arch/immediate.c | 32 | ||||
| -rw-r--r-- | src/arch/x86/op_int.c | 30 | ||||
| -rw-r--r-- | src/arch/x86/opcodes.h | 6 | ||||
| -rw-r--r-- | src/arch/x86/operand.c | 7 | ||||
| -rw-r--r-- | src/arch/x86/processor.c | 2 |
6 files changed, 68 insertions, 26 deletions
@@ -1,3 +1,20 @@ +09-05-19 Cyrille Bagard <nocbos@gmail.com> + + * src/arch/immediate.c: + Print signed values as signed values. + + * src/arch/x86/opcodes.h: + Rename x86_read_instr_int to x86_read_instr_int_imm8. + + * src/arch/x86/operand.c: + Fix various bugs in the ModRM operand. + + * src/arch/x86/op_int.c: + Rename x86_read_instr_int to x86_read_instr_int_imm8. Read the operand. + + * src/arch/x86/processor.c: + Update call to x86_read_instr_int{,_imm8}. + 09-05-18 Cyrille Bagard <nocbos@gmail.com> * src/analysis/binary.c: diff --git a/src/arch/immediate.c b/src/arch/immediate.c index 876fa88..dde5f02 100644 --- a/src/arch/immediate.c +++ b/src/arch/immediate.c @@ -351,21 +351,29 @@ static char *g_imm_operand_get_text(const GImmOperand *operand, const exe_format snprintf(result, 19, "$0x???"); break; case AOS_8_BITS_UNSIGNED: - case AOS_8_BITS_SIGNED: snprintf(result, 19, "0x%hhx", operand->unsigned_imm.val8); break; case AOS_16_BITS_UNSIGNED: - case AOS_16_BITS_SIGNED: snprintf(result, 19, "0x%hx", operand->unsigned_imm.val16); break; case AOS_32_BITS_UNSIGNED: - case AOS_32_BITS_SIGNED: snprintf(result, 19, "0x%x", operand->unsigned_imm.val32); break; case AOS_64_BITS_UNSIGNED: - case AOS_64_BITS_SIGNED: snprintf(result, 19, "0x%llx", operand->unsigned_imm.val64); break; + case AOS_8_BITS_SIGNED: + snprintf(result, 19, "0x%hhx", ~operand->signed_imm.val8 + 1); + break; + case AOS_16_BITS_SIGNED: + snprintf(result, 19, "0x%hx", ~operand->signed_imm.val16 + 1); + break; + case AOS_32_BITS_SIGNED: + snprintf(result, 19, "0x%x", ~operand->signed_imm.val32 + 1); + break; + case AOS_64_BITS_SIGNED: + snprintf(result, 19, "0x%llx", ~operand->signed_imm.val64 + 1); + break; } break; @@ -376,21 +384,29 @@ static char *g_imm_operand_get_text(const GImmOperand *operand, const exe_format snprintf(result, 19, "$0x???"); break; case AOS_8_BITS_UNSIGNED: - case AOS_8_BITS_SIGNED: snprintf(result, 19, "$0x%hhx", operand->unsigned_imm.val8); break; case AOS_16_BITS_UNSIGNED: - case AOS_16_BITS_SIGNED: snprintf(result, 19, "$0x%hx", operand->unsigned_imm.val16); break; case AOS_32_BITS_UNSIGNED: - case AOS_32_BITS_SIGNED: snprintf(result, 19, "$0x%x", operand->unsigned_imm.val32); break; case AOS_64_BITS_UNSIGNED: - case AOS_64_BITS_SIGNED: snprintf(result, 19, "$0x%llx", operand->unsigned_imm.val64); break; + case AOS_8_BITS_SIGNED: + snprintf(result, 19, "$0x%hhx", ~operand->signed_imm.val8 + 1); + break; + case AOS_16_BITS_SIGNED: + snprintf(result, 19, "$0x%hx", ~operand->signed_imm.val16 + 1); + break; + case AOS_32_BITS_SIGNED: + snprintf(result, 19, "$0x%x", ~operand->signed_imm.val32 + 1); + break; + case AOS_64_BITS_SIGNED: + snprintf(result, 19, "$0x%llx", ~operand->signed_imm.val64 + 1); + break; } break; diff --git a/src/arch/x86/op_int.c b/src/arch/x86/op_int.c index 98b5ce9..cbeda87 100644 --- a/src/arch/x86/op_int.c +++ b/src/arch/x86/op_int.c @@ -36,11 +36,10 @@ * Paramètres : data = flux de données à analyser. * * pos = position courante dans ce flux. [OUT] * * len = taille totale des données à analyser. * -* addr = adresse virtuelle de l'instruction. * -* prefix = éventuel(s) préfixe(s) remarqué(s). * +* offset = adresse virtuelle de l'instruction. * * proc = architecture ciblée par le désassemblage. * * * -* Description : Décode une instruction de type 'int'. * +* Description : Décode une instruction de type 'int 3'. * * * * Retour : Instruction mise en place ou NULL. * * * @@ -48,11 +47,15 @@ * * ******************************************************************************/ -GArchInstruction *x86_read_instr_int(const bin_t *data, off_t *pos, off_t len, vmpa_t addr, X86Prefix prefix, const GX86Processor *proc) +GArchInstruction *x86_read_instr_int_3(const bin_t *data, off_t *pos, off_t len, vmpa_t addr, X86Prefix prefix, const GX86Processor *proc) { GArchInstruction *result; /* Instruction à retourner */ + GArchOperand *three; /* Argument artificiel */ - result = g_x86_instruction_new(XOP_INT); + result = g_x86_instruction_new(XOP_INT_3); + + three = g_imm_operand_new_from_value(AOS_8_BITS, 3); + g_arch_instruction_attach_one_operand(result, three); return result; @@ -64,10 +67,11 @@ GArchInstruction *x86_read_instr_int(const bin_t *data, off_t *pos, off_t len, v * Paramètres : data = flux de données à analyser. * * pos = position courante dans ce flux. [OUT] * * len = taille totale des données à analyser. * -* offset = adresse virtuelle de l'instruction. * +* addr = adresse virtuelle de l'instruction. * +* prefix = éventuel(s) préfixe(s) remarqué(s). * * proc = architecture ciblée par le désassemblage. * * * -* Description : Décode une instruction de type 'int 3'. * +* Description : Décode une instruction de type 'int'. * * * * Retour : Instruction mise en place ou NULL. * * * @@ -75,15 +79,17 @@ GArchInstruction *x86_read_instr_int(const bin_t *data, off_t *pos, off_t len, v * * ******************************************************************************/ -GArchInstruction *x86_read_instr_int_3(const bin_t *data, off_t *pos, off_t len, vmpa_t addr, X86Prefix prefix, const GX86Processor *proc) +GArchInstruction *x86_read_instr_int_imm8(const bin_t *data, off_t *pos, off_t len, vmpa_t addr, X86Prefix prefix, const GX86Processor *proc) { GArchInstruction *result; /* Instruction à retourner */ - GArchOperand *three; /* Argument artificiel */ - result = g_x86_instruction_new(XOP_INT_3); + result = g_x86_instruction_new(XOP_INT); - three = g_imm_operand_new_from_value(AOS_8_BITS, 3); - g_arch_instruction_attach_one_operand(result, three); + if (!x86_read_one_operand(result, data, pos, len, X86_OTP_IMM8)) + { + /* TODO free(result);*/ + return NULL; + } return result; diff --git a/src/arch/x86/opcodes.h b/src/arch/x86/opcodes.h index 212d1bc..f0bbc17 100644 --- a/src/arch/x86/opcodes.h +++ b/src/arch/x86/opcodes.h @@ -111,12 +111,12 @@ GArchInstruction *x86_read_instr_hlt(const bin_t *, off_t *, off_t, vmpa_t, X86P /* Décode une instruction de type 'inc' (16 ou 32 bits). */ GArchInstruction *x86_read_instr_inc_r1632(const bin_t *, off_t *, off_t, vmpa_t, X86Prefix, const GX86Processor *); -/* Décode une instruction de type 'int'. */ -GArchInstruction *x86_read_instr_int(const bin_t *, off_t *, off_t, vmpa_t, X86Prefix, const GX86Processor *); - /* Décode une instruction de type 'int 3'. */ GArchInstruction *x86_read_instr_int_3(const bin_t *, off_t *, off_t, vmpa_t, X86Prefix, const GX86Processor *); +/* Décode une instruction de type 'int'. */ +GArchInstruction *x86_read_instr_int_imm8(const bin_t *, off_t *, off_t, vmpa_t, X86Prefix, const GX86Processor *); + /* Décode une instruction de type 'ja' (saut 8b si supérieur). */ GArchInstruction *x86_read_instr_ja_rel8(const bin_t *, off_t *, off_t, vmpa_t, X86Prefix, const GX86Processor *); diff --git a/src/arch/x86/operand.c b/src/arch/x86/operand.c index 1424b3e..bb152f8 100644 --- a/src/arch/x86/operand.c +++ b/src/arch/x86/operand.c @@ -514,7 +514,10 @@ GArchOperand *g_x86_mod_rm_operand_new(const bin_t *data, off_t *pos, off_t len, /* Vieille astuce de l'emplacement mémoire fixe ? */ if (is_x86_register_base_pointer(reg) && mod == 0x00) + { + free_x86_register(reg); return g_imm_operand_new_from_data(MDS_32_BITS/* FIXME */, data, pos, len, SRE_LITTLE); + } result = g_object_new(G_TYPE_X86_MOD_RM_OPERAND, NULL); @@ -527,14 +530,14 @@ GArchOperand *g_x86_mod_rm_operand_new(const bin_t *data, off_t *pos, off_t len, if (result->base == NULL) goto gxmron_error; result->index = get_x86_register(size, (data[*pos] & 0x38) >> 3); - if (result->base == NULL) goto gxmron_error; + if (result->index == NULL) goto gxmron_error; result->scale = ((data[*pos] & 0xc0) >> 6); if (is_x86_register_stack_pointer(result->index)) { + free_x86_register(result->index); result->index = result->base; - free_x86_register(result->base); result->base = NULL; } diff --git a/src/arch/x86/processor.c b/src/arch/x86/processor.c index 82b0f23..5bf6d9f 100644 --- a/src/arch/x86/processor.c +++ b/src/arch/x86/processor.c @@ -651,7 +651,7 @@ static GArchInstruction *g_x86_processor_decode_instruction(const GX86Processor break; case XOP_INT: - result = x86_read_instr_int(data, pos, len, addr, prefix, proc); + result = x86_read_instr_int_imm8(data, pos, len, addr, prefix, proc); break; |