static void
decode_reg(struct ud *u,
struct ud_operand *opr,
int type,
int num,
int size)
{
int reg;
size = resolve_operand_size(u, size);
switch (type) {
case REGCLASS_GPR : reg = decode_gpr(u, size, num); break;
case REGCLASS_MMX : reg = UD_R_MM0 + (num & 7); break;
case REGCLASS_XMM : reg = UD_R_XMM0 + num; break;
case REGCLASS_CR : reg = UD_R_CR0 + num; break;
case REGCLASS_DB : reg = UD_R_DR0 + num; break;
case REGCLASS_SEG : {
/*
* Only 6 segment registers, anything else is an error.
*/
if ((num & 7) > 5) {
UDERR(u, "invalid segment register value\n");
return;
} else {
reg = UD_R_ES + (num & 7);
}
break;
}
default:
UD_ASSERT(!"invalid register type");
return;
}
opr->type = UD_OP_REG;
opr->base = reg;
opr->size = size;
}
/* =============================================================================
* ud_input_skip
* Skip n input bytes.
* ============================================================================
*/
void
ud_input_skip(struct ud* u, size_t n)
{
if (u->inp_end) {
return;
}
if (u->inp_buf == NULL) {
while (n--) {
int c = u->inp_hook(u);
if (c == UD_EOI) {
goto eoi;
}
}
return;
} else {
if (n > u->inp_buf_size ||
u->inp_buf_index > u->inp_buf_size - n) {
u->inp_buf_index = u->inp_buf_size;
goto eoi;
}
u->inp_buf_index += n;
return;
}
eoi:
u->inp_end = 1;
UDERR(u, "cannot skip, eoi received\b");
return;
}
static int resolve_mnemonic( struct ud* u )
{
/* resolve 3dnow weirdness. */
if ( u->mnemonic == UD_I3dnow ) {
u->mnemonic = ud_itab[ u->le->table[ inp_curr( u ) ] ].mnemonic;
}
/* SWAPGS is only valid in 64bits mode */
if ( u->mnemonic == UD_Iswapgs && u->dis_mode != 64 ) {
UDERR(u, "swapgs invalid in 64bits mode\n");
return -1;
}
if (u->mnemonic == UD_Ixchg) {
if ((u->operand[0].type == UD_OP_REG && u->operand[0].base == UD_R_AX &&
u->operand[1].type == UD_OP_REG && u->operand[1].base == UD_R_AX) ||
(u->operand[0].type == UD_OP_REG && u->operand[0].base == UD_R_EAX &&
u->operand[1].type == UD_OP_REG && u->operand[1].base == UD_R_EAX)) {
u->operand[0].type = UD_NONE;
u->operand[1].type = UD_NONE;
u->mnemonic = UD_Inop;
}
}
if (u->mnemonic == UD_Inop && u->pfx_repe) {
u->pfx_repe = 0;
u->mnemonic = UD_Ipause;
}
return 0;
}
/*
* ud_inp_next
* Loads and returns the next byte from input.
*
* inp_curr and inp_fill are pointers to the cache. The program is
* written based on the property that they are 8-bits in size, and
* will eventually wrap around forming a circular buffer. So, the
* size of the cache is 256 in size, kind of unnecessary yet
* optimal.
*
* A buffer inp_sess stores the bytes disassembled for a single
* session.
*/
uint8_t
ud_inp_next(struct ud* u)
{
int c = -1;
/* if current pointer is not upto the fill point in the
* input cache.
*/
if (u->inp_curr != u->inp_fill) {
c = u->inp_cache[ ++u->inp_curr ];
/* if !end-of-input, call the input hook and get a byte */
} else if (u->inp_end || (c = u->inp_hook(u)) == -1) {
/* end-of-input, mark it as an error, since the decoder,
* expected a byte more.
*/
UDERR(u, "byte expected, eoi received");
/* flag end of input */
u->inp_end = 1;
return 0;
} else {
/* increment pointers, we have a new byte. */
u->inp_curr = ++u->inp_fill;
/* add the byte to the cache */
u->inp_cache[u->inp_fill] = c;
}
/* record bytes input per decode-session. */
u->inp_sess[u->inp_ctr++] = c;
/* return byte */
return (uint8_t) c;
}
static int
resolve_mode( struct ud* u )
{
/* if in error state, bail out */
if ( u->error ) return -1;
/* propagate prefix effects */
if ( u->dis_mode == 64 ) { /* set 64bit-mode flags */
/* Check validity of instruction m64 */
if ( P_INV64( u->itab_entry->prefix ) ) {
UDERR(u, "instruction invalid in 64bits");
return -1;
}
/* effective rex prefix is the effective mask for the
* instruction hard-coded in the opcode map.
*/
u->pfx_rex = ( u->pfx_rex & 0x40 ) |
( u->pfx_rex & REX_PFX_MASK( u->itab_entry->prefix ) );
/* whether this instruction has a default operand size of
* 64bit, also hardcoded into the opcode map.
*/
u->default64 = P_DEF64( u->itab_entry->prefix );
/* calculate effective operand size */
if ( REX_W( u->pfx_rex ) ) {
u->opr_mode = 64;
} else if ( u->pfx_opr ) {
u->opr_mode = 16;
} else {
/* unless the default opr size of instruction is 64,
* the effective operand size in the absence of rex.w
* prefix is 32.
*/
u->opr_mode = ( u->default64 ) ? 64 : 32;
}
/* calculate effective address size */
u->adr_mode = (u->pfx_adr) ? 32 : 64;
} else if ( u->dis_mode == 32 ) { /* set 32bit-mode flags */
u->opr_mode = ( u->pfx_opr ) ? 16 : 32;
u->adr_mode = ( u->pfx_adr ) ? 16 : 32;
} else if ( u->dis_mode == 16 ) { /* set 16bit-mode flags */
u->opr_mode = ( u->pfx_opr ) ? 32 : 16;
u->adr_mode = ( u->pfx_adr ) ? 32 : 16;
}
/* set flags for implicit addressing */
u->implicit_addr = P_IMPADDR( u->itab_entry->prefix );
return 0;
}
static uint8_t
inp_next(struct ud *u)
{
if (u->inp_end == 0) {
if (u->inp_buf != NULL) {
if (u->inp_buf_index < u->inp_buf_size) {
u->inp_ctr++;
return (u->inp_curr = u->inp_buf[u->inp_buf_index++]);
}
} else {
int c;
if ((c = u->inp_hook(u)) != UD_EOI) {
u->inp_curr = c;
u->inp_sess[u->inp_ctr++] = u->inp_curr;
return u->inp_curr;
}
}
}
u->inp_end = 1;
UDERR(u, "byte expected, eoi received\n");
return 0;
}
/* -----------------------------------------------------------------------------
* decode_operands() - Disassembles Operands.
* -----------------------------------------------------------------------------
*/
static int
decode_operand(struct ud *u,
struct ud_operand *operand,
enum ud_operand_code type,
unsigned int size)
{
operand->_oprcode = type;
switch (type) {
case OP_A :
decode_a(u, operand);
break;
case OP_MR:
decode_modrm_rm(u, operand, REGCLASS_GPR,
MODRM_MOD(modrm(u)) == 3 ?
Mx_reg_size(size) : Mx_mem_size(size));
break;
case OP_F:
u->br_far = 1;
/* intended fall through */
case OP_M:
if (MODRM_MOD(modrm(u)) == 3) {
UDERR(u, "expected modrm.mod != 3\n");
}
/* intended fall through */
case OP_E:
decode_modrm_rm(u, operand, REGCLASS_GPR, size);
break;
case OP_G:
decode_modrm_reg(u, operand, REGCLASS_GPR, size);
break;
case OP_sI:
case OP_I:
decode_imm(u, size, operand);
break;
case OP_I1:
operand->type = UD_OP_CONST;
operand->lval.udword = 1;
break;
case OP_N:
if (MODRM_MOD(modrm(u)) != 3) {
UDERR(u, "expected modrm.mod == 3\n");
}
/* intended fall through */
case OP_Q:
decode_modrm_rm(u, operand, REGCLASS_MMX, size);
break;
case OP_P:
decode_modrm_reg(u, operand, REGCLASS_MMX, size);
break;
case OP_U:
if (MODRM_MOD(modrm(u)) != 3) {
UDERR(u, "expected modrm.mod == 3\n");
}
/* intended fall through */
case OP_W:
decode_modrm_rm(u, operand, REGCLASS_XMM, size);
break;
case OP_V:
decode_modrm_reg(u, operand, REGCLASS_XMM, size);
break;
case OP_MU:
decode_modrm_rm(u, operand, REGCLASS_XMM,
MODRM_MOD(modrm(u)) == 3 ?
Mx_reg_size(size) : Mx_mem_size(size));
break;
case OP_S:
decode_modrm_reg(u, operand, REGCLASS_SEG, size);
break;
case OP_O:
decode_moffset(u, size, operand);
break;
case OP_R0:
case OP_R1:
case OP_R2:
case OP_R3:
case OP_R4:
case OP_R5:
case OP_R6:
case OP_R7:
decode_reg(u, operand, REGCLASS_GPR,
(REX_B(u->pfx_rex) << 3) | (type - OP_R0), size);
break;
case OP_AL:
case OP_AX:
case OP_eAX:
case OP_rAX:
decode_reg(u, operand, REGCLASS_GPR, 0, size);
break;
case OP_CL:
case OP_CX:
case OP_eCX:
decode_reg(u, operand, REGCLASS_GPR, 1, size);
break;
case OP_DL:
case OP_DX:
case OP_eDX:
decode_reg(u, operand, REGCLASS_GPR, 2, size);
break;
case OP_ES:
case OP_CS:
case OP_DS:
case OP_SS:
case OP_FS:
case OP_GS:
/* in 64bits mode, only fs and gs are allowed */
if (u->dis_mode == 64) {
if (type != OP_FS && type != OP_GS) {
UDERR(u, "invalid segment register in 64bits\n");
}
}
operand->type = UD_OP_REG;
operand->base = (type - OP_ES) + UD_R_ES;
operand->size = 16;
break;
case OP_J :
decode_imm(u, size, operand);
operand->type = UD_OP_JIMM;
break ;
case OP_R :
if (MODRM_MOD(modrm(u)) != 3) {
UDERR(u, "expected modrm.mod == 3\n");
}
decode_modrm_rm(u, operand, REGCLASS_GPR, size);
break;
case OP_C:
decode_modrm_reg(u, operand, REGCLASS_CR, size);
break;
case OP_D:
decode_modrm_reg(u, operand, REGCLASS_DB, size);
break;
case OP_I3 :
operand->type = UD_OP_CONST;
operand->lval.sbyte = 3;
break;
case OP_ST0:
case OP_ST1:
case OP_ST2:
case OP_ST3:
case OP_ST4:
case OP_ST5:
case OP_ST6:
case OP_ST7:
operand->type = UD_OP_REG;
operand->base = (type - OP_ST0) + UD_R_ST0;
operand->size = 80;
break;
default :
break;
}
return 0;
}