/* OpenIDA - Outil d'analyse de fichiers binaires * instruction.h - prototypes pour la gestion des instructions de l'architecture x86 * * Copyright (C) 2008 Cyrille Bagard * * This file is part of OpenIDA. * * OpenIDA is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * OpenIDA is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Foobar. If not, see . */ #ifndef _ARCH_X86_INSTRUCTION_H #define _ARCH_X86_INSTRUCTION_H #include "../instruction.h" #include "../instruction-int.h" /* Définition d'une instruction x86 */ typedef struct _asm_x86_instr asm_x86_instr; /* Enumération de tous les opcodes */ typedef enum _X86Opcodes { X86_OP_ADD_RM8_R8, /* add (0x00) */ X86_OP_ADD_RM1632_R1632, /* add ([0x66] 0x01) */ X86_OP_ADD_R8_RM8, /* add (0x02) */ X86_OP_ADD_R1632_RM1632, /* add ([0x66] 0x03) */ X86_OP_ADD_AL_IMM8, /* add (0x04) */ X86_OP_ADD_E_AX_IMM1632, /* sub ([0x66] 0x05) */ X86_OP_ADC_RM8_R8, /* adc (0x10) */ X86_OP_OR_R8_RM8, /* or (0x0a) */ X86_OP_OR_AL_IMM8, /* or (0x0c) */ X86_OP_AND_RM8_R8, /* and (0x00) */ X86_OP_SUB_R1632_RM1632, /* sub ([0x66] 0x29) */ X86_OP_SUB_R8_RM8, /* add (0x2a) */ X86_OP_SUB_AL_IMM8, /* sub (0x2c) */ X86_OP_SUB_E_AX_IMM1632, /* sub ([0x66] 0x2d) */ X86_OP_XOR_RM8_R8, /* xor (0x30) */ X86_OP_XOR_RM1632_R1632, /* xor ([0x66] 0x31) */ X86_OP_XOR_R8_RM8, /* xor (0x32) */ X86_OP_XOR_R1632_RM1632, /* xor ([0x66] 0x33) */ X86_OP_XOR_AL_IMM8, /* xor (0x34) */ X86_OP_XOR_E_AX_IMM1632, /* xor ([0x66] 0x35) */ X86_OP_CMP_RM1632_R1632, /* cmp ([0x66] 0x39) */ X86_OP_INC_E_AX, /* inc ([0x66] 0x40) */ X86_OP_INC_E_CX, /* inc ([0x66] 0x41) */ X86_OP_INC_E_DX, /* inc ([0x66] 0x42) */ X86_OP_INC_E_BX, /* inc ([0x66] 0x43) */ X86_OP_INC_E_SP, /* inc ([0x66] 0x44) */ X86_OP_INC_E_BP, /* inc ([0x66] 0x45) */ X86_OP_INC_E_SI, /* inc ([0x66] 0x46) */ X86_OP_INC_E_DI, /* inc ([0x66] 0x47) */ X86_OP_DEC_E_AX, /* dec ([0x66] 0x48) */ X86_OP_DEC_E_CX, /* dec ([0x66] 0x49) */ X86_OP_DEC_E_DX, /* dec ([0x66] 0x4a) */ X86_OP_DEC_E_BX, /* dec ([0x66] 0x4b) */ X86_OP_DEC_E_SP, /* dec ([0x66] 0x4c) */ X86_OP_DEC_E_BP, /* dec ([0x66] 0x4d) */ X86_OP_DEC_E_SI, /* dec ([0x66] 0x4e) */ X86_OP_DEC_E_DI, /* dec ([0x66] 0x4f) */ X86_OP_PUSH_E_AX, /* push ([0x66] 0x50) */ X86_OP_PUSH_E_CX, /* push ([0x66] 0x51) */ X86_OP_PUSH_E_DX, /* push ([0x66] 0x52) */ X86_OP_PUSH_E_BX, /* push ([0x66] 0x53) */ X86_OP_PUSH_E_SP, /* push ([0x66] 0x54) */ X86_OP_PUSH_E_BP, /* push ([0x66] 0x55) */ X86_OP_PUSH_E_SI, /* push ([0x66] 0x56) */ X86_OP_PUSH_E_DI, /* push ([0x66] 0x57) */ X86_OP_POP_E_AX, /* pop ([0x66] 0x58) */ X86_OP_POP_E_CX, /* pop ([0x66] 0x59) */ X86_OP_POP_E_DX, /* pop ([0x66] 0x5a) */ X86_OP_POP_E_BX, /* pop ([0x66] 0x5b) */ X86_OP_POP_E_SP, /* pop ([0x66] 0x5c) */ X86_OP_POP_E_BP, /* pop ([0x66] 0x5d) */ X86_OP_POP_E_SI, /* pop ([0x66] 0x5e) */ X86_OP_POP_E_DI, /* pop ([0x66] 0x5f) */ X86_OP_PUSH_IMM1632, /* push ([0x66] 0x68) */ X86_OP_JB_REL8, /* jb (0x72) */ X86_OP_JNB_REL8, /* jnb (0x73) */ X86_OP_JE_8, /* je (0x74) */ X86_OP_JNE_8, /* jne (0x75) */ X86_OP_JG_REL8, /* jg (0x7f) */ X86_OP_XOR_RM8_IMM8, /* xor (0x80 6) */ X86_OP_CMP_RM8_IMM8, /* cmp (0x80 7) */ X86_OP_ADD_RM1632_IMM1632, /* add ([0x66] 0x81 0) */ X86_OP_OR_RM1632_IMM1632, /* or ([0x66] 0x81 1) */ X86_OP_ADC_RM1632_IMM1632, /* adc ([0x66] 0x81 2) */ X86_OP_SBB_RM1632_IMM1632, /* sbb ([0x66] 0x81 3) */ X86_OP_AND_RM1632_IMM1632, /* and ([0x66] 0x81 4) */ X86_OP_SUB_RM1632_IMM1632, /* sub ([0x66] 0x81 5) */ X86_OP_XOR_RM1632_IMM1632, /* xor ([0x66] 0x81 6) */ X86_OP_CMP_RM1632_IMM1632, /* xor ([0x66] 0x81 7) */ X86_OP_ADD_RM1632_IMM8, /* add ([0x66] 0x83 0) */ X86_OP_OR_RM1632_IMM8, /* or ([0x66] 0x83 1) */ X86_OP_ADC_RM1632_IMM8, /* adc ([0x66] 0x83 2) */ X86_OP_SBB_RM1632_IMM8, /* sbb ([0x66] 0x83 3) */ X86_OP_AND_RM1632_IMM8, /* and ([0x66] 0x83 4) */ X86_OP_SUB_RM1632_IMM8, /* sub ([0x66] 0x83 5) */ X86_OP_XOR_RM1632_IMM8, /* xor ([0x66] 0x83 6) */ X86_OP_CMP_RM1632_IMM8, /* cmp ([0x66] 0x08 7) */ X86_OP_TEST_RM8_R8, /* test ([0x66] 0x84) */ X86_OP_TEST_RM1632_R1632, /* test ([0x66] 0x85) */ X86_OP_MOV_RM8_R8, /* mov (0x88) */ X86_OP_MOV_RM1632_R1632, /* mov ([0x66] 0x89) */ X86_OP_MOV_R1632_RM1632, /* mov ([0x66] 0x8b) */ X86_OP_LEA, /* lea ([0x66] 0x8d) */ /* 66 ? */ X86_OP_NOP, /* nop (0x90) */ X86_OP_MOV_MOFFS_TO_AL, /* mov (0xa0) */ X86_OP_MOV_MOFFS_TO_E_AX, /* mov ([0x66] 0xa1) */ X86_OP_MOV_AL_TO_MOFFS, /* mov (0xa2) */ X86_OP_MOV_E_AX_TO_MOFFS, /* mov ([0x66] 0xa3) */ X86_OP_TEST_AL, /* test (0xa8) */ X86_OP_TEST_E_AX, /* test ([0x66] 0xa9) */ X86_OP_MOV_E_AX, /* mov ([0x66] 0xb8) */ X86_OP_MOV_E_CX, /* mov ([0x66] 0xb9) */ X86_OP_MOV_E_DX, /* mov ([0x66] 0xba) */ X86_OP_MOV_E_BX, /* mov ([0x66] 0xbb) */ X86_OP_MOV_E_SP, /* mov ([0x66] 0xbc) */ X86_OP_MOV_E_BP, /* mov ([0x66] 0xbd) */ X86_OP_MOV_E_SI, /* mov ([0x66] 0xbe) */ X86_OP_MOV_E_DI, /* mov ([0x66] 0xbf) */ X86_OP_ROL_RM1632_IMM8, /* rol ([0x66] 0xc1 0) */ X86_OP_ROR_RM1632_IMM8, /* ror ([0x66] 0xc1 1) */ X86_OP_RCL_RM1632_IMM8, /* rcl ([0x66] 0xc1 2) */ X86_OP_RCR_RM1632_IMM8, /* rcr ([0x66] 0xc1 3) */ X86_OP_SHL_RM1632_IMM8, /* shl ([0x66] 0xc1 4) */ X86_OP_SHR_RM1632_IMM8, /* shr ([0x66] 0xc1 5) */ X86_OP_SAL_RM1632_IMM8, /* sal ([0x66] 0xc1 6) */ X86_OP_SAR_RM1632_IMM8, /* sar ([0x66] 0xc1 7) */ X86_OP_RET, /* ret (0xc3) */ X86_OP_MOV_IMM8_TO_RM8, /* mov (0xc6) */ X86_OP_MOV_IMM1632_TO_RM1632, /* mov ([0x66] 0xc7) */ X86_OP_LEAVE, /* leave (0xc9) */ X86_OP_INT_3, /* int 3 (0xcc) */ X86_OP_INT, /* int (0xcd) */ X86_OP_SHL_RM1632_CL, /* shl ([0x66] 0xd3 4) */ X86_OP_CALL_REL1632, /* call ([0x66] 0xe8) */ X86_OP_JMP_REL1632, /* jmp ([0x66] 0xe9) */ X86_OP_JMP_8, /* jmp (0xeb) */ X86_OP_HLT, /* hlt (0xf4) */ X86_OP_NOT_RM1632, /* not ([0x66] 0xf7 2) */ X86_OP_CLD, /* cld (0xfc) */ X86_OP_CALL_RM1632, /* call ([0x66] 0xff 2) */ X86_OP_JMP_RM1632, /* jmp ([0x66] 0xff 4) */ X86_OP_PUSH_RM1632, /* push ([0x66] 0xff 6) */ X86_OP_MOVZX_R1632_RM8, /* movzx ([0x66] 0x0f 0xb6) */ X86_OP_MOVSX_R1632_RM8, /* movsx ([0x66] 0x0f 0xbe) */ X86_OP_COUNT } X86Opcodes; /* Eventuel préfixe rencontré */ typedef enum _X86Prefix { X86_PRE_NONE = (0 << 0), /* Aucun préfixe */ /* Groupe 3 */ X86_PRE_OPSIZE = (1 << 1), /* Basculement des opérandes */ /* Autres */ X86_PRE_ESCAPE = (1 << 3) /* Opcode sur deux octets */ } X86Prefix; /* Définition d'une instruction x86 */ struct _asm_x86_instr { asm_instr base; /* A laisser en premier... */ X86Opcodes type; X86Prefix prefix; /* Eventuel préfixe trouvé */ }; #endif /* _ARCH_X86_INSTRUCTION_H */