diff --git a/X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs b/X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs
index 183e932..e812d2e 100644
--- a/X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs
+++ b/X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs
@@ -33,7 +33,7 @@ public class InstructionHandlerFactory
private readonly byte[] _codeBuffer;
private readonly InstructionDecoder _decoder;
private readonly int _length;
-
+
///
/// Initializes a new instance of the InstructionHandlerFactory class
///
@@ -45,10 +45,10 @@ public class InstructionHandlerFactory
_codeBuffer = codeBuffer;
_decoder = decoder;
_length = length;
-
+
RegisterAllHandlers();
}
-
+
///
/// Registers all handlers
///
@@ -56,7 +56,7 @@ public class InstructionHandlerFactory
{
// Register specific instruction handlers
_handlers.Add(new Int3Handler(_codeBuffer, _decoder, _length));
-
+
// Register handlers in order of priority (most specific first)
RegisterArithmeticImmediateHandlers(); // Group 1 instructions (including 0x83)
RegisterAddHandlers();
@@ -81,7 +81,7 @@ public class InstructionHandlerFactory
RegisterSubHandlers(); // Register SUB handlers
RegisterNopHandlers(); // Register NOP handlers
}
-
+
///
/// Registers all ArithmeticUnary instruction handlers
///
@@ -89,23 +89,23 @@ public class InstructionHandlerFactory
{
// NOT handler
_handlers.Add(new NotRm32Handler(_codeBuffer, _decoder, _length));
-
+
// NEG handler
_handlers.Add(new NegRm32Handler(_codeBuffer, _decoder, _length));
-
+
// MUL handler
_handlers.Add(new MulRm32Handler(_codeBuffer, _decoder, _length));
-
+
// IMUL handler
_handlers.Add(new ImulRm32Handler(_codeBuffer, _decoder, _length));
-
+
// DIV handler
_handlers.Add(new DivRm32Handler(_codeBuffer, _decoder, _length));
-
+
// IDIV handler
_handlers.Add(new IdivRm32Handler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all ArithmeticImmediate instruction handlers
///
@@ -114,16 +114,16 @@ public class InstructionHandlerFactory
// ADC handlers
_handlers.Add(new AdcImmToRm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new AdcImmToRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
-
+
// SBB handlers
_handlers.Add(new SbbImmFromRm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SbbImmFromRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
-
+
// SUB handlers
_handlers.Add(new SubImmFromRm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubImmFromRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Return instruction handlers
///
@@ -133,7 +133,7 @@ public class InstructionHandlerFactory
_handlers.Add(new RetHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new RetImmHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Call instruction handlers
///
@@ -143,7 +143,7 @@ public class InstructionHandlerFactory
_handlers.Add(new CallRel32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new CallRm32Handler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Jump instruction handlers
///
@@ -156,7 +156,7 @@ public class InstructionHandlerFactory
_handlers.Add(new ConditionalJumpHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new TwoByteConditionalJumpHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Test instruction handlers
///
@@ -170,36 +170,36 @@ public class InstructionHandlerFactory
_handlers.Add(new TestAlImmHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new TestEaxImmHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Xor instruction handlers
///
private void RegisterXorHandlers()
{
- // 32-bit handlers
- _handlers.Add(new XorMemRegHandler(_codeBuffer, _decoder, _length));
- _handlers.Add(new XorRegMemHandler(_codeBuffer, _decoder, _length));
- _handlers.Add(new XorImmWithRm32Handler(_codeBuffer, _decoder, _length));
- _handlers.Add(new XorImmWithRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
-
// 16-bit handlers
_handlers.Add(new XorRm16R16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorR16Rm16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorImmWithRm16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorImmWithRm16SignExtendedHandler(_codeBuffer, _decoder, _length));
+ // 32-bit handlers
+ _handlers.Add(new XorMemRegHandler(_codeBuffer, _decoder, _length));
+ _handlers.Add(new XorRegMemHandler(_codeBuffer, _decoder, _length));
+ _handlers.Add(new XorImmWithRm32Handler(_codeBuffer, _decoder, _length));
+ _handlers.Add(new XorImmWithRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
+
// 8-bit handlers
_handlers.Add(new XorRm8R8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorR8Rm8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorAlImmHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorImmWithRm8Handler(_codeBuffer, _decoder, _length));
-
+
// special treatment with xor-ing eax
// precise handlers go first
_handlers.Add(new XorAxImm16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new XorEaxImmHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Or instruction handlers
///
@@ -216,7 +216,7 @@ public class InstructionHandlerFactory
_handlers.Add(new OrAlImmHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new OrEaxImmHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Lea instruction handlers
///
@@ -225,7 +225,7 @@ public class InstructionHandlerFactory
// Add Lea handlers
_handlers.Add(new LeaR32MHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Cmp instruction handlers
///
@@ -236,12 +236,12 @@ public class InstructionHandlerFactory
_handlers.Add(new CmpRm32R32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new CmpImmWithRm8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new CmpAlImmHandler(_codeBuffer, _decoder, _length));
-
+
// Add CMP immediate handlers from ArithmeticImmediate namespace
_handlers.Add(new CmpImmWithRm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new CmpImmWithRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Dec instruction handlers
///
@@ -250,7 +250,7 @@ public class InstructionHandlerFactory
// Add Dec handlers
_handlers.Add(new DecRegHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Inc instruction handlers
///
@@ -259,7 +259,7 @@ public class InstructionHandlerFactory
// Add Inc handlers
_handlers.Add(new IncRegHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Add instruction handlers
///
@@ -269,13 +269,13 @@ public class InstructionHandlerFactory
_handlers.Add(new AddR32Rm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new AddRm32R32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new AddEaxImmHandler(_codeBuffer, _decoder, _length));
-
+
// Add ADD immediate handlers from ArithmeticImmediate namespace
_handlers.Add(new AddImmToRm8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new AddImmToRm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new AddImmToRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Data Transfer instruction handlers
///
@@ -290,19 +290,19 @@ public class InstructionHandlerFactory
_handlers.Add(new MovMoffsEaxHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new MovRm32Imm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new MovRm8Imm8Handler(_codeBuffer, _decoder, _length));
-
+
// Add PUSH handlers
_handlers.Add(new PushRegHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new PushImm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new PushImm8Handler(_codeBuffer, _decoder, _length));
-
+
// Add POP handlers
_handlers.Add(new PopRegHandler(_codeBuffer, _decoder, _length));
-
+
// Add XCHG handlers
_handlers.Add(new XchgEaxRegHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all Floating Point instruction handlers
///
@@ -319,7 +319,7 @@ public class InstructionHandlerFactory
_handlers.Add(new Int16OperationHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new LoadStoreInt16Handler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all String instruction handlers
///
@@ -328,7 +328,7 @@ public class InstructionHandlerFactory
// Add String instruction handler that handles both regular and REP/REPNE prefixed string instructions
_handlers.Add(new StringInstructionHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all MOV instruction handlers
///
@@ -344,7 +344,7 @@ public class InstructionHandlerFactory
_handlers.Add(new MovRm32Imm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new MovRm8Imm8Handler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all PUSH instruction handlers
///
@@ -356,7 +356,7 @@ public class InstructionHandlerFactory
_handlers.Add(new PushImm8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new PushRm32Handler(_codeBuffer, _decoder, _length)); // Add handler for PUSH r/m32 (FF /6)
}
-
+
///
/// Registers all POP instruction handlers
///
@@ -365,7 +365,7 @@ public class InstructionHandlerFactory
// Add POP handlers
_handlers.Add(new PopRegHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all And instruction handlers
///
@@ -383,34 +383,34 @@ public class InstructionHandlerFactory
_handlers.Add(new AndAlImmHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new AndEaxImmHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all SUB instruction handlers
///
private void RegisterSubHandlers()
{
// Register SUB handlers
-
+
// 32-bit handlers
_handlers.Add(new SubRm32R32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubR32Rm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubImmFromRm32Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubImmFromRm32SignExtendedHandler(_codeBuffer, _decoder, _length));
-
+
// 16-bit handlers
_handlers.Add(new SubRm16R16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubR16Rm16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubAxImm16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubImmFromRm16Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubImmFromRm16SignExtendedHandler(_codeBuffer, _decoder, _length));
-
+
// 8-bit handlers
_handlers.Add(new SubRm8R8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubR8Rm8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubAlImm8Handler(_codeBuffer, _decoder, _length));
_handlers.Add(new SubImmFromRm8Handler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Registers all NOP instruction handlers
///
@@ -421,7 +421,7 @@ public class InstructionHandlerFactory
_handlers.Add(new TwoByteNopHandler(_codeBuffer, _decoder, _length));
_handlers.Add(new MultiByteNopHandler(_codeBuffer, _decoder, _length));
}
-
+
///
/// Gets the handler that can decode the given opcode
///
@@ -432,4 +432,4 @@ public class InstructionHandlerFactory
// For all other opcodes, use the normal handler selection logic
return _handlers.FirstOrDefault(h => h.CanHandle(opcode));
}
-}
+}
\ No newline at end of file
diff --git a/X86Disassembler/X86/Handlers/Xor/XorImmWithRm16SignExtendedHandler.cs b/X86Disassembler/X86/Handlers/Xor/XorImmWithRm16SignExtendedHandler.cs
index 1524d40..59e7398 100644
--- a/X86Disassembler/X86/Handlers/Xor/XorImmWithRm16SignExtendedHandler.cs
+++ b/X86Disassembler/X86/Handlers/Xor/XorImmWithRm16SignExtendedHandler.cs
@@ -71,7 +71,18 @@ public class XorImmWithRm16SignExtendedHandler : InstructionHandler
short imm16 = (sbyte)Decoder.ReadByte();
// Format the immediate value
- string immStr = $"0x{(ushort)imm16:X4}";
+ // For 16-bit operations, we want to show the immediate value without leading zeros
+ string immStr;
+ if (imm16 < 0)
+ {
+ // For negative values, show the full sign-extended 16-bit value
+ immStr = $"0x{(ushort)imm16:X}";
+ }
+ else
+ {
+ // For positive values, show without leading zeros
+ immStr = $"0x{imm16:X}";
+ }
// Set the operands
instruction.Operands = $"{destOperand}, {immStr}";
diff --git a/X86Disassembler/X86/Handlers/Xor/XorImmWithRm8Handler.cs b/X86Disassembler/X86/Handlers/Xor/XorImmWithRm8Handler.cs
index 6ae2b6c..5dc1def 100644
--- a/X86Disassembler/X86/Handlers/Xor/XorImmWithRm8Handler.cs
+++ b/X86Disassembler/X86/Handlers/Xor/XorImmWithRm8Handler.cs
@@ -58,6 +58,23 @@ public class XorImmWithRm8Handler : InstructionHandler
// Read the ModR/M byte
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
+ // Advance past the ModR/M byte
+ Decoder.SetPosition(position + 1);
+
+ // If mod == 3, then the r/m field specifies a register
+ if (mod == 3)
+ {
+ // Get the r/m register name (8-bit)
+ destOperand = ModRMDecoder.GetRegisterName(rm, 8);
+ }
+ else
+ {
+ // For memory operands, use the ModRMDecoder to get the full operand string
+
+ // Replace "dword ptr" with "byte ptr" to indicate 8-bit operation
+ destOperand = destOperand.Replace("dword ptr", "byte ptr");
+ }
+
// Get the updated position after ModR/M decoding
position = Decoder.GetPosition();
diff --git a/X86Disassembler/X86/Handlers/Xor/XorR8Rm8Handler.cs b/X86Disassembler/X86/Handlers/Xor/XorR8Rm8Handler.cs
index 8cb6e8c..fbf43bc 100644
--- a/X86Disassembler/X86/Handlers/Xor/XorR8Rm8Handler.cs
+++ b/X86Disassembler/X86/Handlers/Xor/XorR8Rm8Handler.cs
@@ -45,13 +45,30 @@ public class XorR8Rm8Handler : InstructionHandler
}
// Read the ModR/M byte
- var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
+ var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
+
+ // Advance past the ModR/M byte
+ Decoder.SetPosition(position + 1);
- // Get register name
+ // Get register name (8-bit)
string regName = ModRMDecoder.GetRegisterName(reg, 8);
+ // If mod == 3, then the r/m field specifies a register
+ if (mod == 3)
+ {
+ // Get the r/m register name (8-bit)
+ string rmRegName = ModRMDecoder.GetRegisterName(rm, 8);
+
+ // Set the operands
+ instruction.Operands = $"{regName}, {rmRegName}";
+ return true;
+ }
+
+ // Replace "dword ptr" with "byte ptr" to indicate 8-bit operation
+ string byteOperand = destOperand.Replace("dword ptr", "byte ptr");
+
// Set the operands
- instruction.Operands = $"{regName}, {memOperand}";
+ instruction.Operands = $"{regName}, {byteOperand}";
return true;
}
diff --git a/X86Disassembler/X86/Handlers/Xor/XorRm8R8Handler.cs b/X86Disassembler/X86/Handlers/Xor/XorRm8R8Handler.cs
index cc907a8..ee5030a 100644
--- a/X86Disassembler/X86/Handlers/Xor/XorRm8R8Handler.cs
+++ b/X86Disassembler/X86/Handlers/Xor/XorRm8R8Handler.cs
@@ -45,13 +45,30 @@ public class XorRm8R8Handler : InstructionHandler
}
// Read the ModR/M byte
- var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
+ var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
+
+ // Advance past the ModR/M byte
+ Decoder.SetPosition(position + 1);
- // Get register name
+ // Get register name (8-bit)
string regName = ModRMDecoder.GetRegisterName(reg, 8);
+ // If mod == 3, then the r/m field specifies a register
+ if (mod == 3)
+ {
+ // Get the r/m register name (8-bit)
+ string rmRegName = ModRMDecoder.GetRegisterName(rm, 8);
+
+ // Set the operands
+ instruction.Operands = $"{rmRegName}, {regName}";
+ return true;
+ }
+
+ // Replace "dword ptr" with "byte ptr" to indicate 8-bit operation
+ string byteOperand = destOperand.Replace("dword ptr", "byte ptr");
+
// Set the operands
- instruction.Operands = $"{memOperand}, {regName}";
+ instruction.Operands = $"{byteOperand}, {regName}";
return true;
}