From f0b80c6ab55ede4f8ab8ede757f1f8951512affa Mon Sep 17 00:00:00 2001
From: Cyrille Bagard <nocbos@gmail.com>
Date: Fri, 1 Aug 2008 21:08:17 +0000
Subject: Handled the 'leave' and 'ret' opcodes.
git-svn-id: svn://svn.gna.org/svn/chrysalide/trunk@12 abbe820e-26c8-41b2-8c08-b7b2b41f8b0a
---
ChangeLog | 18 ++++++++++++++
src/arch/x86/Makefile.am | 2 ++
src/arch/x86/instruction.h | 3 +++
src/arch/x86/op_leave.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++
src/arch/x86/op_ret.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++
src/arch/x86/opcodes.h | 6 +++++
src/arch/x86/processor.c | 5 +++-
7 files changed, 149 insertions(+), 1 deletion(-)
create mode 100644 src/arch/x86/op_leave.c
create mode 100644 src/arch/x86/op_ret.c
diff --git a/ChangeLog b/ChangeLog
index cf5fda7..66c77d7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,21 @@
+2008-08-01 Cyrille Bagard <nocbos@gmail.com>
+
+ * src/arch/x86/instruction.h:
+ Register the new opcodes.
+
+ * src/arch/x86/Makefile.am:
+ Add op_(leave|ret).c to libarchx86_a_SOURCES.
+
+ * src/arch/x86/opcodes.h:
+ Register the new opcodes.
+
+ * src/arch/x86/op_leave.c:
+ * src/arch/x86/op_ret.c:
+ New entries: handle the 'leave' and 'ret' opcodes.
+
+ * src/arch/x86/processor.c:
+ Register the new opcodes. Avoid wrong warning messages.
+
2008-07-31 Cyrille Bagard <nocbos@gmail.com>
* src/arch/operand.c:
diff --git a/src/arch/x86/Makefile.am b/src/arch/x86/Makefile.am
index da03534..0a32def 100644
--- a/src/arch/x86/Makefile.am
+++ b/src/arch/x86/Makefile.am
@@ -8,10 +8,12 @@ libarchx86_a_SOURCES = \
op_hlt.c \
op_inc.c \
op_int.c \
+ op_leave.c \
op_nop.c \
op_mov.c \
op_pop.c \
op_push.c \
+ op_ret.c \
opcodes.h \
operand.h operand.c \
processor.h processor.c
diff --git a/src/arch/x86/instruction.h b/src/arch/x86/instruction.h
index d88e971..af1c5bc 100644
--- a/src/arch/x86/instruction.h
+++ b/src/arch/x86/instruction.h
@@ -87,6 +87,9 @@ typedef enum _X86Opcodes
X86_OP_MOV_SI, /* mov (0xbe) */
X86_OP_MOV_DI, /* mov (0xbf) */
+ X86_OP_RET, /* ret (0xc3) */
+ X86_OP_LEAVE, /* leave (0xc9) */
+
X86_OP_INT, /* int (0xcd) */
X86_OP_CALL, /* call (0xe8) */
diff --git a/src/arch/x86/op_leave.c b/src/arch/x86/op_leave.c
new file mode 100644
index 0000000..f0b67ed
--- /dev/null
+++ b/src/arch/x86/op_leave.c
@@ -0,0 +1,58 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * op_leave.c - décodage de la préparation d'une sortie d'appel
+ *
+ * Copyright (C) 2008 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include <malloc.h>
+
+
+#include "../instruction-int.h"
+#include "opcodes.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : data = flux de données à analyser. *
+* pos = position courante dans ce flux. [OUT] *
+* len = taille totale des données à analyser. *
+* offset = adresse virtuelle de l'instruction. *
+* proc = architecture ciblée par le désassemblage. *
+* *
+* Description : Décode une instruction de type 'leave'. *
+* *
+* Retour : Instruction mise en place ou NULL. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+asm_x86_instr *read_instr_leave(const uint8_t *data, off_t *pos, off_t len, uint64_t offset, const asm_x86_processor *proc)
+{
+ asm_x86_instr *result;
+
+ result = (asm_x86_instr *)calloc(1, sizeof(asm_x86_instr));
+
+ ASM_INSTRUCTION(result)->opcode = data[(*pos)++];
+
+ return result;
+
+}
diff --git a/src/arch/x86/op_ret.c b/src/arch/x86/op_ret.c
new file mode 100644
index 0000000..fa8b839
--- /dev/null
+++ b/src/arch/x86/op_ret.c
@@ -0,0 +1,58 @@
+
+/* OpenIDA - Outil d'analyse de fichiers binaires
+ * op_ret.c - décodage de la sortie d'un appel
+ *
+ * Copyright (C) 2008 Cyrille Bagard
+ *
+ * This file is part of OpenIDA.
+ *
+ * OpenIDA is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * OpenIDA is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Foobar. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include <malloc.h>
+
+
+#include "../instruction-int.h"
+#include "opcodes.h"
+
+
+
+/******************************************************************************
+* *
+* Paramètres : data = flux de données à analyser. *
+* pos = position courante dans ce flux. [OUT] *
+* len = taille totale des données à analyser. *
+* offset = adresse virtuelle de l'instruction. *
+* proc = architecture ciblée par le désassemblage. *
+* *
+* Description : Décode une instruction de type 'ret'. *
+* *
+* Retour : Instruction mise en place ou NULL. *
+* *
+* Remarques : - *
+* *
+******************************************************************************/
+
+asm_x86_instr *read_instr_ret(const uint8_t *data, off_t *pos, off_t len, uint64_t offset, const asm_x86_processor *proc)
+{
+ asm_x86_instr *result;
+
+ result = (asm_x86_instr *)calloc(1, sizeof(asm_x86_instr));
+
+ ASM_INSTRUCTION(result)->opcode = data[(*pos)++];
+
+ return result;
+
+}
diff --git a/src/arch/x86/opcodes.h b/src/arch/x86/opcodes.h
index 3efefaf..a75de7e 100644
--- a/src/arch/x86/opcodes.h
+++ b/src/arch/x86/opcodes.h
@@ -49,6 +49,9 @@ asm_x86_instr *read_instr_inc_1632(const uint8_t *, off_t *, off_t, uint64_t, co
/* Décode une instruction de type 'int'. */
asm_x86_instr *read_instr_int(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+/* Décode une instruction de type 'leave'. */
+asm_x86_instr *read_instr_leave(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+
/* Décode une instruction de type 'mov' (16 ou 32 bits). */
asm_x86_instr *read_instr_mov_to_1632(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
@@ -64,6 +67,9 @@ asm_x86_instr *read_instr_push_imm1632(const uint8_t *, off_t *, off_t, uint64_t
/* Décode une instruction de type 'push' (16 ou 32 bits). */
asm_x86_instr *read_instr_push_reg1632(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+/* Décode une instruction de type 'ret'. */
+asm_x86_instr *read_instr_ret(const uint8_t *, off_t *, off_t, uint64_t, const asm_x86_processor *);
+
#endif /* _ARCH_X86_OPCODES_H */
diff --git a/src/arch/x86/processor.c b/src/arch/x86/processor.c
index 94f2a51..487e4a0 100644
--- a/src/arch/x86/processor.c
+++ b/src/arch/x86/processor.c
@@ -223,6 +223,9 @@ void x86_register_instructions(asm_x86_processor *proc)
register_opcode(proc->opcodes[X86_OP_MOV_DI], 0x00, 0xbf, "mov", read_instr_mov_to_1632);
+ register_opcode(proc->opcodes[X86_OP_RET], 0x00, 0xc3, "ret", read_instr_ret);
+ register_opcode(proc->opcodes[X86_OP_LEAVE], 0x00, 0xc9, "leave", read_instr_leave);
+
register_opcode(proc->opcodes[X86_OP_INT], 0x00, 0xcd, "int", read_instr_int);
@@ -314,7 +317,7 @@ asm_instr *x86_fetch_instruction(const asm_x86_processor *proc, const uint8_t *d
{
result = proc->opcodes[i].read(data, pos, len, offset, proc);
if (result != NULL) result->type = i;
- printf("err while decoding :: [0x%02hhx] 0x%02hhx\n", proc->opcodes[i].prefix, proc->opcodes[i].opcode);
+ else printf("err while decoding :: [0x%02hhx] 0x%02hhx\n", proc->opcodes[i].prefix, proc->opcodes[i].opcode);
break;
}
--
cgit v0.11.2-87-g4458