?? disasm.cpp
字號:
SwapWord((BYTE*)(Opcode+i+1),&wOp,&wMem);
if(wMem>=0xA000)
wsprintf(menemonic,"%s %05X",code,wMem);
else
wsprintf(menemonic,"%s %04X",code,wMem);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X %04X",Op,wOp);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=3;
Disasm->PrefixSize=PrefixesSize;
if(LockPrefix==1)
lstrcat(Disasm->Remarks,"<Illegal Lock Prefix>");
(*Index)+=2;
}
break;
case 0xC3: // RET
{
lstrcat(Disasm->Assembly,"ret");
lstrcat(Disasm->Opcode,"C3");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Pop IP");
}
break;
case 0xC8: // ENTER XXXX, XX
{
SwapWord((BYTE*)(Opcode+i+1),&wOp,&wMem);
wsprintf(menemonic,"enter %04X, %02X",wMem,(BYTE)Opcode[i+3]);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"C8 %04X %02X",wOp,(BYTE)Opcode[i+3]);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=4;
Disasm->PrefixSize=PrefixesSize;
(*Index)+=3;
}
break;
case 0xC9: // LEAVE
{
lstrcat(Disasm->Assembly,"leave");
lstrcat(Disasm->Opcode,"C9");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCB: // RETF
{
lstrcat(Disasm->Assembly,"retf");
lstrcat(Disasm->Opcode,"CB");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCC: // INT 3
{
lstrcat(Disasm->Assembly,"int3");
lstrcat(Disasm->Opcode,"CC");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCD: // INT XX
{
wsprintf(menemonic,"int %02X",(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"CD %02X",(BYTE)*(Opcode+i+1));
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
++(*Index);
}
break;
case 0xCE: // INTO
{
lstrcat(Disasm->Assembly,"into");
lstrcat(Disasm->Opcode,"CE");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xCF: // IRETD/W
{
if(!RegPrefix){
lstrcat(Disasm->Assembly,"iretd");
}
else if(RegPrefix==1){
lstrcat(Disasm->Assembly,"iretw");
}
lstrcat(Disasm->Opcode,"CF");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xD4:case 0xD5: // AAM/AAD
{
char opcode[5];
switch(Op)
{
case 0xD4:wsprintf(opcode,"aam");break;
case 0xD5:wsprintf(opcode,"aad");break;
}
wsprintf(menemonic,"%s %02X",opcode,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X%02X",Op,(BYTE)*(Opcode+i+1));
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
++(*Index);
}
break;
case 0xD6: // SALC
{
lstrcat(Disasm->Assembly,"salc");
lstrcat(Disasm->Opcode,"D6");
Disasm->PrefixSize=PrefixesSize;
}
break;
case 0xD7: // XLAT
{
lstrcat(Disasm->Assembly,"xlat");
lstrcat(Disasm->Opcode, "D7");
wsprintf(menemonic,"Byte ptr %s:[%s+al]",Segs[SEG],Regs[ADDRM][3]);
lstrcat(Disasm->Remarks,menemonic);
Disasm->PrefixSize=PrefixesSize;
}
break;
// 0xE4 is at 'in al, xxx' cases
case 0xE5: // IN EAX/AX, XX
{
// special case Opcode, insted of reading DWORD (4 bytes), we read 1 BYTE.
char mene[10]="";
GetInstruction(Op,mene); // get instruction from opcode
if(RegPrefix==0) // no prefix
{
// read 4 bytes into EAX
wsprintf(menemonic,"%s %s, %02X",mene,Regs[REG32][0],(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
}
else if(RegPrefix==1) // prefix is being used
{
// read 2 bytes into AX
wsprintf(menemonic,"%s %s, %02X",mene,Regs[REG16][0],(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
}
wsprintf(menemonic,"%02X%02X",Op,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
++(*Index);
}
break;
case 0xE6: // OUT XX, AL
{
char mene[10]="";
GetInstruction(Op,mene);
wsprintf(menemonic,"%s %02X, al",mene,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Assembly,menemonic);
strcpy(Disasm->Remarks,"");
wsprintf(menemonic,"%02X%02X",Op,(BYTE)*(Opcode+i+1));
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
++(*Index);
}
break;
case 0xE7: // OUT XX, AX/EAX
{
// special case Opcode, insted of reading DWORD (4 bytes), we read 1 BYTE.
char mene[10]="";
GetInstruction(Op,mene); // get instruction from opcode
if(RegPrefix==0) // no prefix
{
// read 1 byte into EAX
wsprintf(menemonic,"%s %02X, %s",mene,(BYTE)Opcode[i+1],Regs[REG32][0]);
lstrcat(Disasm->Assembly,menemonic);
}
else if(RegPrefix==1) // prefix is being used
{
// read 1 byte into AX
wsprintf(menemonic,"%s %02X, %s",mene,(BYTE)Opcode[i+1],Regs[REG16][0]);
lstrcat(Disasm->Assembly,menemonic);
}
wsprintf(menemonic,"%02X%02X",Op,(BYTE)Opcode[i+1]);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=2;
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
++(*Index);
}
break;
case 0xE8:case 0xE9: // CALL/JMP XXXX/XXXXXXXX
{
DWORD CallAddress=0;
DWORD CallSize=0;
char temp[10];
switch(Op)
{
case 0xE8:strcpy(temp,"call");break;
case 0xE9:strcpy(temp,"jmp");break;
}
if(!RegPrefix)
{
SwapDword((BYTE*)(Opcode+i+1),&dwOp,&dwMem);
dwMem+= Disasm->Address + CallSize + 5 + (PrefixesSize-RegPrefix);
wsprintf(menemonic,"%s %08X",temp,dwMem);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X %08X",Op,dwOp);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=5;
Disasm->PrefixSize = PrefixesSize;
(*Index)+=4;
}
else
{
SwapWord((BYTE*)(Opcode+i+1),&wOp,&wMem);
if(wMem>=0x0000F000)
CallAddress = (wMem + 4 + (PrefixesSize-RegPrefix))-0x0000F000;
else
CallAddress = (Disasm->Address-0x00400000) + wMem + 4 + (PrefixesSize-RegPrefix);
wsprintf(menemonic,"%s %08X",temp, CallAddress);
lstrcat(Disasm->Assembly,menemonic);
wsprintf(menemonic,"%02X %04X",Op,wOp);
lstrcat(Disasm->Opcode,menemonic);
Disasm->OpcodeSize=3;
Disasm->PrefixSize = PrefixesSize;
(*Index)+=2;
}
}
break;
case 0xEC: // IN AL, DX
{
lstrcat(Disasm->Assembly,"in al, dx");
lstrcat(Disasm->Opcode,"EC");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xED: // IN AX/EAX, DX
{
wsprintf(menemonic,"in %s, dx",Regs[RM][0]);
lstrcat(Disasm->Assembly,menemonic);
lstrcat(Disasm->Opcode,"ED");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xEE: // OUT DX, AL
{
lstrcat(Disasm->Assembly,"out dx, al");
lstrcat(Disasm->Opcode,"EE");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xEF: // OUT DX, AX/EAX
{
wsprintf(menemonic,"out dx, %s",Regs[RM][0]);
lstrcat(Disasm->Assembly,menemonic);
lstrcat(Disasm->Opcode,"EF");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"I/O Instruction");
}
break;
case 0xF1: // ICEBP (INT1)
{
lstrcat(Disasm->Assembly,"int1");
lstrcat(Disasm->Opcode,"F1");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"(icebp)");
}
break;
case 0xF4: // HLT (HALT)
{
lstrcat(Disasm->Assembly,"hlt");
lstrcat(Disasm->Opcode,"F4");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Halts CPU until RESET");
}
break;
case 0xF5: // CMC
{
lstrcat(Disasm->Assembly,"cmc");
lstrcat(Disasm->Opcode,"F4");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"inverts the Carry Flag");
}
break;
case 0xF8: // CLC
{
lstrcat(Disasm->Assembly,"clc");
lstrcat(Disasm->Opcode,"F8");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Clears the Carry Flag");
}
break;
case 0xF9: // STC
{
lstrcat(Disasm->Assembly,"stc");
lstrcat(Disasm->Opcode,"F9");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Sets the Carry Flag to 1");
}
break;
case 0xFA: // CLI
{
lstrcat(Disasm->Assembly,"cli");
lstrcat(Disasm->Opcode,"FA");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Interrupt flag to 0");
}
break;
case 0xFB: // STI
{
lstrcat(Disasm->Assembly,"sti");
lstrcat(Disasm->Opcode,"FB");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Interrupt flag to 1");
}
break;
case 0xFC: // CLD
{
lstrcat(Disasm->Assembly,"cld");
lstrcat(Disasm->Opcode,"FC");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Direction Flag to 0");
}
break;
case 0xFD: // STD
{
lstrcat(Disasm->Assembly,"std");
lstrcat(Disasm->Opcode,"FD");
Disasm->PrefixSize=PrefixesSize;
lstrcat(Disasm->Remarks,"Set Direction Flag to 1");
}
break;
}
}
void ShowDecoded(DISASSEMBLY Disasm)
{
// Printed all information regarding a
// Decoded instruction
char space[]=" ";
printf("%08X: %s %s %s /%d ; %s\n",Disasm.Address,
Disasm.Opcode,
space,
Disasm.Assembly,
Disasm.OpcodeSize+Disasm.PrefixSize,
Disasm.Remarks
);
}
void FlushDecoded(DISASSEMBLY *Disasm)
{
// Clear all information of an decoded
// Instruction
strcpy(Disasm->Assembly,""); // Clear menemonic
strcpy(Disasm->Remarks,""); // Clear commets
strcpy(Disasm->Opcode,""); // Clear opcodes linear
Disasm->OpcodeSize=1; // Smallest opcode size
Disasm->PrefixSize=0; // No Prefixes
}
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -