mirrors/ParkanPlayground
0
Fork 0
mirror of https://github.com/sampletext32/ParkanPlayground.git synced 2025-06-20 08:18:36 +03:00
Code Issues Releases Activity

add misc handlers, cleanup and fixes

Browse Source
This commit is contained in:
bird_egop
2025-04-17 20:47:51 +03:00
parent 124493cd94
commit a9d4c39717
22 changed files with 1086 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
X86Disassembler/X86/Handlers/Add/AddAxImmHandler.cs Normal file
View File

@ -0,0 +1,71 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.Add;
/// <summary>
/// Handler for ADD AX, imm16 instruction (0x05 with 0x66 prefix)
/// </summary>
public class AddAxImmHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the AddAxImmHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public AddAxImmHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// ADD AX, imm16 is encoded as 0x05 with 0x66 prefix
if (opcode != 0x05)
{
return false;
}
// Only handle when the operand size prefix is present
return Decoder.HasOperandSizePrefix();
}
/// <summary>
/// Decodes an ADD AX, imm16 instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Add;
// Check if we have enough bytes for the immediate value
if (!Decoder.CanReadUShort())
{
return false;
}
// Read the immediate value
ushort imm16 = Decoder.ReadUInt16();
// Create the AX register operand
var axOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.A, 16);
// Create the immediate operand
var immOperand = OperandFactory.CreateImmediateOperand(imm16);
// Set the structured operands
instruction.StructuredOperands =
[
axOperand,
immOperand
];
return true;
}
}

71
X86Disassembler/X86/Handlers/And/AndAxImmHandler.cs Normal file
View File

@ -0,0 +1,71 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.And;
/// <summary>
/// Handler for AND AX, imm16 instruction (0x25 with 0x66 prefix)
/// </summary>
public class AndAxImmHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the AndAxImmHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public AndAxImmHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// AND AX, imm16 is encoded as 0x25 with 0x66 prefix
if (opcode != 0x25)
{
return false;
}
// Only handle when the operand size prefix is present
return Decoder.HasOperandSizePrefix();
}
/// <summary>
/// Decodes an AND AX, imm16 instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.And;
// Check if we have enough bytes for the immediate value
if (!Decoder.CanReadUShort())
{
return false;
}
// Read the immediate value
ushort imm16 = Decoder.ReadUInt16();
// Create the AX register operand
var axOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.A, 16);
// Create the immediate operand
var immOperand = OperandFactory.CreateImmediateOperand(imm16);
// Set the structured operands
instruction.StructuredOperands =
[
axOperand,
immOperand
];
return true;
}
}

84
X86Disassembler/X86/Handlers/And/AndImmToRm16Handler.cs Normal file
View File

@ -0,0 +1,84 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.And;
/// <summary>
/// Handler for AND r/m16, imm16 instruction (0x81 /4 with 0x66 prefix)
/// </summary>
public class AndImmToRm16Handler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the AndImmToRm16Handler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public AndImmToRm16Handler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// AND r/m16, imm16 is encoded as 0x81 with 0x66 prefix
if (opcode != 0x81)
{
return false;
}
// Only handle when the operand size prefix is present
if (!Decoder.HasOperandSizePrefix())
{
return false;
}
// Check if we can read the ModR/M byte
if (!Decoder.CanReadByte())
{
return false;
}
// Check if the reg field of the ModR/M byte is 4 (AND)
var reg = ModRMDecoder.PeakModRMReg();
return reg == 4; // 4 = AND
}
/// <summary>
/// Decodes an AND r/m16, imm16 instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.And;
// Read the ModR/M byte to get the destination operand
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM16();
// Check if we have enough bytes for the immediate value
if (!Decoder.CanReadUShort())
{
return false;
}
// Read the immediate value
ushort imm16 = Decoder.ReadUInt16();
// Create the immediate operand
var sourceOperand = OperandFactory.CreateImmediateOperand(imm16);
// Set the structured operands
instruction.StructuredOperands =
[
destinationOperand,
sourceOperand
];
return true;
}
}

86
X86Disassembler/X86/Handlers/And/AndImmToRm16SignExtendedHandler.cs Normal file
View File

@ -0,0 +1,86 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.And;
/// <summary>
/// Handler for AND r/m16, imm8 instruction (0x83 /4 with 0x66 prefix)
/// </summary>
public class AndImmToRm16SignExtendedHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the AndImmToRm16SignExtendedHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public AndImmToRm16SignExtendedHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// AND r/m16, imm8 is encoded as 0x83 with 0x66 prefix
if (opcode != 0x83)
{
return false;
}
// Only handle when the operand size prefix is present
if (!Decoder.HasOperandSizePrefix())
{
return false;
}
// Check if we can read the ModR/M byte
if (!Decoder.CanReadByte())
{
return false;
}
// Check if the reg field of the ModR/M byte is 4 (AND)
var reg = ModRMDecoder.PeakModRMReg();
return reg == 4; // 4 = AND
}
/// <summary>
/// Decodes an AND r/m16, imm8 instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.And;
// Read the ModR/M byte to get the destination operand
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM16();
// Check if we have enough bytes for the immediate value
if (!Decoder.CanReadByte())
{
return false;
}
// Read the immediate value and sign-extend it to 16 bits
sbyte imm8 = (sbyte)Decoder.ReadByte();
short signExtendedImm = imm8;
ushort imm16 = (ushort)signExtendedImm;
// Create the immediate operand
var sourceOperand = OperandFactory.CreateImmediateOperand(imm16);
// Set the structured operands
instruction.StructuredOperands =
[
destinationOperand,
sourceOperand
];
return true;
}
}

70
X86Disassembler/X86/Handlers/And/AndR16Rm16Handler.cs Normal file
View File

@ -0,0 +1,70 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.And;
/// <summary>
/// Handler for AND r16, r/m16 instruction (0x23 with 0x66 prefix)
/// </summary>
public class AndR16Rm16Handler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the AndR16Rm16Handler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public AndR16Rm16Handler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// AND r16, r/m16 is encoded as 0x23 with 0x66 prefix
if (opcode != 0x23)
{
return false;
}
// Only handle when the operand size prefix is present
return Decoder.HasOperandSizePrefix();
}
/// <summary>
/// Decodes an AND r16, r/m16 instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.And;
// Check if we can read the ModR/M byte
if (!Decoder.CanReadByte())
{
return false;
}
// For AND r16, r/m16 (0x23 with 0x66 prefix):
// - The reg field of the ModR/M byte specifies the destination register
// - The r/m field with mod specifies the source operand (register or memory)
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM16();
// Create the destination register operand with 16-bit size
var destinationOperand = OperandFactory.CreateRegisterOperand(reg, 16);
// Set the structured operands
instruction.StructuredOperands =
[
destinationOperand,
sourceOperand
];
return true;
}
}

70
X86Disassembler/X86/Handlers/And/AndRm16R16Handler.cs Normal file
View File

@ -0,0 +1,70 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.And;
/// <summary>
/// Handler for AND r/m16, r16 instruction (0x21 with 0x66 prefix)
/// </summary>
public class AndRm16R16Handler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the AndRm16R16Handler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public AndRm16R16Handler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// AND r/m16, r16 is encoded as 0x21 with 0x66 prefix
if (opcode != 0x21)
{
return false;
}
// Only handle when the operand size prefix is present
return Decoder.HasOperandSizePrefix();
}
/// <summary>
/// Decodes an AND r/m16, r16 instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.And;
// Check if we can read the ModR/M byte
if (!Decoder.CanReadByte())
{
return false;
}
// For AND r/m16, r16 (0x21 with 0x66 prefix):
// - The reg field of the ModR/M byte specifies the source register
// - The r/m field with mod specifies the destination operand (register or memory)
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM16();
// Create the source register operand with 16-bit size
var sourceOperand = OperandFactory.CreateRegisterOperand(reg, 16);
// Set the structured operands
instruction.StructuredOperands =
[
destinationOperand,
sourceOperand
];
return true;
}
}

33
X86Disassembler/X86/Handlers/InstructionHandlerFactory.cs
View File

@ -12,6 +12,7 @@ using X86Disassembler.X86.Handlers.Imul;
using X86Disassembler.X86.Handlers.Inc;
using X86Disassembler.X86.Handlers.Jump;
using X86Disassembler.X86.Handlers.Lea;
using X86Disassembler.X86.Handlers.Misc;
using X86Disassembler.X86.Handlers.Mov;
using X86Disassembler.X86.Handlers.Mul;
using X86Disassembler.X86.Handlers.Neg;
@ -36,21 +37,15 @@ namespace X86Disassembler.X86.Handlers;
public class InstructionHandlerFactory
{
private readonly List<IInstructionHandler> _handlers = [];
private readonly byte[] _codeBuffer;
private readonly InstructionDecoder _decoder;
private readonly int _length;
/// <summary>
/// Initializes a new instance of the InstructionHandlerFactory class
/// </summary>
/// <param name="codeBuffer">The buffer containing the code to decode</param>
/// <param name="decoder">The instruction decoder that owns this factory</param>
/// <param name="length">The length of the buffer</param>
public InstructionHandlerFactory(byte[] codeBuffer, InstructionDecoder decoder, int length)
public InstructionHandlerFactory(InstructionDecoder decoder)
{
_codeBuffer = codeBuffer;
_decoder = decoder;
_length = length;
RegisterAllHandlers();
}
@ -61,7 +56,7 @@ public class InstructionHandlerFactory
private void RegisterAllHandlers()
{
// Register specific instruction handlers
_handlers.Add(new Int3Handler(_decoder));
_handlers.Add(new Nop.Int3Handler(_decoder));
// Register handlers in order of priority (most specific first)
RegisterSbbHandlers(); // SBB instructions
@ -95,7 +90,7 @@ public class InstructionHandlerFactory
RegisterSubHandlers(); // Register SUB handlers
RegisterNopHandlers(); // Register NOP handlers
RegisterBitHandlers(); // Register bit manipulation handlers
RegisterAndHandlers(); // Register AND handlers
RegisterMiscHandlers(); // Register miscellaneous instructions
}
/// <summary>
@ -471,11 +466,29 @@ public class InstructionHandlerFactory
private void RegisterNopHandlers()
{
// Register NOP handlers
_handlers.Add(new NopHandler(_decoder)); // NOP (opcode 0x90)
_handlers.Add(new Nop.NopHandler(_decoder)); // NOP (opcode 0x90)
_handlers.Add(new TwoByteNopHandler(_decoder)); // 2-byte NOP (opcode 0x66 0x90)
_handlers.Add(new MultiByteNopHandler(_decoder)); // Multi-byte NOP (opcode 0F 1F /0)
}
/// <summary>
/// Registers all miscellaneous instruction handlers
/// </summary>
private void RegisterMiscHandlers()
{
// Register miscellaneous instruction handlers
_handlers.Add(new IntHandler(_decoder)); // INT (opcode 0xCD)
_handlers.Add(new IntoHandler(_decoder)); // INTO (opcode 0xCE)
_handlers.Add(new IretHandler(_decoder)); // IRET (opcode 0xCF)
_handlers.Add(new CpuidHandler(_decoder)); // CPUID (opcode 0x0F 0xA2)
_handlers.Add(new RdtscHandler(_decoder)); // RDTSC (opcode 0x0F 0x31)
_handlers.Add(new HltHandler(_decoder)); // HLT (opcode 0xF4)
_handlers.Add(new WaitHandler(_decoder)); // WAIT (opcode 0x9B)
_handlers.Add(new LockHandler(_decoder)); // LOCK (opcode 0xF0)
_handlers.Add(new InHandler(_decoder)); // IN (opcodes 0xE4, 0xE5, 0xEC, 0xED)
_handlers.Add(new OutHandler(_decoder)); // OUT (opcodes 0xE6, 0xE7, 0xEE, 0xEF)
}
/// <summary>
/// Registers all bit manipulation instruction handlers
/// </summary>

59
X86Disassembler/X86/Handlers/Misc/CpuidHandler.cs Normal file
View File

@ -0,0 +1,59 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for CPUID instruction (0x0F 0xA2)
/// </summary>
public class CpuidHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the CpuidHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public CpuidHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// CPUID is encoded as 0x0F 0xA2
if (opcode != 0x0F)
return false;
// Check if we can read the second byte
if (!Decoder.CanReadByte())
return false;
// Check if the second byte is 0xA2
byte secondByte = Decoder.PeakByte();
return secondByte == 0xA2;
}
/// <summary>
/// Decodes a CPUID instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Cpuid;
// Read and discard the second byte (0xA2)
if (!Decoder.CanReadByte())
return false;
Decoder.ReadByte();
// CPUID has no operands
instruction.StructuredOperands = [];
return true;
}
}

44
X86Disassembler/X86/Handlers/Misc/HltHandler.cs Normal file
View File

@ -0,0 +1,44 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for HLT instruction (0xF4)
/// </summary>
public class HltHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the HltHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public HltHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// HLT is encoded as 0xF4
return opcode == 0xF4;
}
/// <summary>
/// Decodes a HLT instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Hlt;
// HLT has no operands
instruction.StructuredOperands = [];
return true;
}
}

97
X86Disassembler/X86/Handlers/Misc/InHandler.cs Normal file
View File

@ -0,0 +1,97 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for IN instruction (0xE4, 0xE5, 0xEC, 0xED)
/// </summary>
public class InHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the InHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public InHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// IN AL, imm8 is encoded as 0xE4
// IN EAX, imm8 is encoded as 0xE5
// IN AL, DX is encoded as 0xEC
// IN EAX, DX is encoded as 0xED
return opcode == 0xE4 || opcode == 0xE5 || opcode == 0xEC || opcode == 0xED;
}
/// <summary>
/// Decodes an IN instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.In;
// Determine the operands based on the opcode
Operand destOperand;
Operand srcOperand;
switch (opcode)
{
case 0xE4: // IN AL, imm8
destOperand = OperandFactory.CreateRegisterOperand8(RegisterIndex8.AL);
// Check if we can read the immediate byte
if (!Decoder.CanReadByte())
return false;
// Read the immediate byte (port number)
byte imm8 = Decoder.ReadByte();
srcOperand = OperandFactory.CreateImmediateOperand(imm8);
break;
case 0xE5: // IN EAX, imm8
destOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.A, 32);
// Check if we can read the immediate byte
if (!Decoder.CanReadByte())
return false;
// Read the immediate byte (port number)
imm8 = Decoder.ReadByte();
srcOperand = OperandFactory.CreateImmediateOperand(imm8);
break;
case 0xEC: // IN AL, DX
destOperand = OperandFactory.CreateRegisterOperand8(RegisterIndex8.AL);
srcOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.D, 16);
break;
case 0xED: // IN EAX, DX
destOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.A, 32);
srcOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.D, 16);
break;
default:
return false;
}
// Set the structured operands
instruction.StructuredOperands =
[
destOperand,
srcOperand
];
return true;
}
}

61
X86Disassembler/X86/Handlers/Misc/IntHandler.cs Normal file
View File

@ -0,0 +1,61 @@
namespace X86Disassembler.X86.Handlers.Misc;
using X86Disassembler.X86.Operands;
/// <summary>
/// Handler for INT instruction (0xCD)
/// </summary>
public class IntHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the IntHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public IntHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// INT is encoded as 0xCD
return opcode == 0xCD;
}
/// <summary>
/// Decodes an INT instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Int;
// Check if we can read the immediate byte
if (!Decoder.CanReadByte())
{
return false;
}
// Read the immediate byte (interrupt vector)
byte imm8 = Decoder.ReadByte();
// Create an immediate operand for the interrupt vector
var operand = OperandFactory.CreateImmediateOperand(imm8);
// Set the structured operands
instruction.StructuredOperands =
[
operand
];
return true;
}
}

44
X86Disassembler/X86/Handlers/Misc/IntoHandler.cs Normal file
View File

@ -0,0 +1,44 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for INTO instruction (0xCE)
/// </summary>
public class IntoHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the IntoHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public IntoHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// INTO is encoded as 0xCE
return opcode == 0xCE;
}
/// <summary>
/// Decodes an INTO instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Into;
// INTO has no operands
instruction.StructuredOperands = [];
return true;
}
}

44
X86Disassembler/X86/Handlers/Misc/IretHandler.cs Normal file
View File

@ -0,0 +1,44 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for IRET/IRETD instruction (0xCF)
/// </summary>
public class IretHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the IretHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public IretHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// IRET/IRETD is encoded as 0xCF
return opcode == 0xCF;
}
/// <summary>
/// Decodes an IRET/IRETD instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Iret;
// IRET/IRETD has no operands
instruction.StructuredOperands = [];
return true;
}
}

44
X86Disassembler/X86/Handlers/Misc/LockHandler.cs Normal file
View File

@ -0,0 +1,44 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for LOCK prefix (0xF0)
/// </summary>
public class LockHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the LockHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public LockHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// LOCK prefix is encoded as 0xF0
return opcode == 0xF0;
}
/// <summary>
/// Decodes a LOCK prefix
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Lock;
// LOCK prefix has no operands
instruction.StructuredOperands = [];
return true;
}
}

95
X86Disassembler/X86/Handlers/Misc/OutHandler.cs Normal file
View File

@ -0,0 +1,95 @@
using X86Disassembler.X86.Operands;
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for OUT instruction (0xE6, 0xE7, 0xEE, 0xEF)
/// </summary>
public class OutHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the OutHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public OutHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// OUT imm8, AL is encoded as 0xE6
// OUT imm8, EAX is encoded as 0xE7
// OUT DX, AL is encoded as 0xEE
// OUT DX, EAX is encoded as 0xEF
return opcode == 0xE6 || opcode == 0xE7 || opcode == 0xEE || opcode == 0xEF;
}
/// <summary>
/// Decodes an OUT instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Out;
// Determine the operands based on the opcode
Operand destOperand;
Operand srcOperand;
switch (opcode)
{
case 0xE6: // OUT imm8, AL
// Check if we can read the immediate byte
if (!Decoder.CanReadByte())
return false;
// Read the immediate byte (port number)
byte imm8 = Decoder.ReadByte();
destOperand = OperandFactory.CreateImmediateOperand(imm8);
srcOperand = OperandFactory.CreateRegisterOperand8(RegisterIndex8.AL);
break;
case 0xE7: // OUT imm8, EAX
// Check if we can read the immediate byte
if (!Decoder.CanReadByte())
return false;
// Read the immediate byte (port number)
imm8 = Decoder.ReadByte();
destOperand = OperandFactory.CreateImmediateOperand(imm8);
srcOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.A, 32);
break;
case 0xEE: // OUT DX, AL
destOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.D, 16);
srcOperand = OperandFactory.CreateRegisterOperand8(RegisterIndex8.AL);
break;
case 0xEF: // OUT DX, EAX
destOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.D, 16);
srcOperand = OperandFactory.CreateRegisterOperand(RegisterIndex.A, 32);
break;
default:
return false;
}
// Set the structured operands
instruction.StructuredOperands =
[
destOperand,
srcOperand
];
return true;
}
}

59
X86Disassembler/X86/Handlers/Misc/RdtscHandler.cs Normal file
View File

@ -0,0 +1,59 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for RDTSC instruction (0x0F 0x31)
/// </summary>
public class RdtscHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the RdtscHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public RdtscHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// RDTSC is encoded as 0x0F 0x31
if (opcode != 0x0F)
return false;
// Check if we can read the second byte
if (!Decoder.CanReadByte())
return false;
// Check if the second byte is 0x31
byte secondByte = Decoder.PeakByte();
return secondByte == 0x31;
}
/// <summary>
/// Decodes a RDTSC instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Rdtsc;
// Read and discard the second byte (0x31)
if (!Decoder.CanReadByte())
return false;
Decoder.ReadByte();
// RDTSC has no operands
instruction.StructuredOperands = [];
return true;
}
}

44
X86Disassembler/X86/Handlers/Misc/WaitHandler.cs Normal file
View File

@ -0,0 +1,44 @@
namespace X86Disassembler.X86.Handlers.Misc;
/// <summary>
/// Handler for WAIT/FWAIT instruction (0x9B)
/// </summary>
public class WaitHandler : InstructionHandler
{
/// <summary>
/// Initializes a new instance of the WaitHandler class
/// </summary>
/// <param name="decoder">The instruction decoder that owns this handler</param>
public WaitHandler(InstructionDecoder decoder)
: base(decoder)
{
}
/// <summary>
/// Checks if this handler can decode the given opcode
/// </summary>
/// <param name="opcode">The opcode to check</param>
/// <returns>True if this handler can decode the opcode</returns>
public override bool CanHandle(byte opcode)
{
// WAIT/FWAIT is encoded as 0x9B
return opcode == 0x9B;
}
/// <summary>
/// Decodes a WAIT/FWAIT instruction
/// </summary>
/// <param name="opcode">The opcode of the instruction</param>
/// <param name="instruction">The instruction object to populate</param>
/// <returns>True if the instruction was successfully decoded</returns>
public override bool Decode(byte opcode, Instruction instruction)
{
// Set the instruction type
instruction.Type = InstructionType.Wait;
// WAIT/FWAIT has no operands
instruction.StructuredOperands = [];
return true;
}
}