mirror of
https://github.com/sampletext32/ParkanPlayground.git
synced 2025-05-19 03:41:18 +03:00
more cleanup
This commit is contained in:
bird_egop
parent
49f1d7d221
commit
abe4d38d4b
@ -1,8 +1,8 @@
|
||||
namespace X86Disassembler.Decompiler;
|
||||
|
||||
using System.Collections.Generic;
|
||||
using X86Disassembler.X86;
|
||||
using X86Disassembler.X86.Operands;
|
||||
using X86;
|
||||
using X86.Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Represents a control flow graph for decompilation
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
namespace X86Disassembler.Decompiler;
|
||||
|
||||
using System.Collections.Generic;
|
||||
using X86Disassembler.X86;
|
||||
using X86;
|
||||
|
||||
/// <summary>
|
||||
/// Performs data flow analysis on x86 instructions
|
||||
|
||||
@ -4,8 +4,8 @@ using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using X86Disassembler.X86;
|
||||
using X86Disassembler.X86.Operands;
|
||||
using X86;
|
||||
using X86.Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Main decompiler class that translates assembly code into higher-level code
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Adc;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for ADC r/m32, imm32 instruction (0x81 /2)
|
||||
@ -30,8 +30,7 @@ public class AdcImmToRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 2; // 2 = ADC
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class AdcImmToRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
if (!Decoder.CanReadUInt())
|
||||
{
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Adc;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for ADC r/m32, imm8 (sign-extended) instruction (0x83 /2)
|
||||
@ -30,8 +30,7 @@ public class AdcImmToRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 2; // 2 = ADC
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class AdcImmToRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
if (!Decoder.CanReadByte())
|
||||
{
|
||||
|
||||
@ -30,8 +30,7 @@ public class AddImmToRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 0; // 0 = ADD
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class AddImmToRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -30,8 +30,7 @@ public class AddImmToRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 0; // 0 = ADD
|
||||
}
|
||||
@ -52,7 +51,7 @@ public class AddImmToRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Check if we have enough bytes for the immediate value
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Add;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for ADD r/m8, imm8 instruction (0x80 /0)
|
||||
@ -29,8 +29,7 @@ public class AddImmToRm8Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 0; // 0 = ADD
|
||||
}
|
||||
@ -52,7 +51,7 @@ public class AddImmToRm8Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 8-bit
|
||||
destOperand.Size = 8;
|
||||
|
||||
@ -47,7 +47,7 @@ public class AddR32Rm32Handler : InstructionHandler
|
||||
// - The reg field specifies the destination register
|
||||
// - The r/m field with mod specifies the source operand (register or memory)
|
||||
// The sourceOperand is already created by ModRMDecoder based on mod and rm fields
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the destination register operand from the reg field
|
||||
var destinationOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -47,7 +47,7 @@ public class AddRm32R32Handler : InstructionHandler
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The reg field specifies the source register
|
||||
// The destinationOperand is already created by ModRMDecoder based on mod and rm fields
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the source register operand from the reg field
|
||||
var sourceOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.And;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for AND r/m32, imm32 instruction (0x81 /4)
|
||||
@ -30,8 +30,7 @@ public class AndImmToRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 4; // 4 = AND
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class AndImmToRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -35,8 +35,7 @@ public class AndImmToRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte to check the reg field (bits 5-3)
|
||||
byte modRM = Decoder.PeakByte();
|
||||
int reg = (modRM >> 3) & 0x7;
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
// reg = 4 means AND operation
|
||||
return reg == 4;
|
||||
@ -57,7 +56,7 @@ public class AndImmToRm32SignExtendedHandler : InstructionHandler
|
||||
// For AND r/m32, imm8 (sign-extended) (0x83 /4):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand (sign-extended from 8 to 32 bits)
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
if (!Decoder.CanReadByte())
|
||||
{
|
||||
|
||||
@ -35,8 +35,7 @@ public class AndImmToRm8Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte to check the reg field (bits 5-3)
|
||||
byte modRM = Decoder.PeakByte();
|
||||
int reg = (modRM >> 3) & 0x7;
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
// reg = 4 means AND operation
|
||||
return reg == 4;
|
||||
@ -57,7 +56,7 @@ public class AndImmToRm8Handler : InstructionHandler
|
||||
// For AND r/m8, imm8 (0x80 /4):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 8-bit
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -30,8 +30,7 @@ public class AndImmWithRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 4; // 4 = AND
|
||||
}
|
||||
@ -51,7 +50,7 @@ public class AndImmWithRm32Handler : InstructionHandler
|
||||
// For AND r/m32, imm32 (0x81 /4):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Check if we have enough bytes for the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -46,7 +46,7 @@ public class AndMemRegHandler : InstructionHandler
|
||||
// For AND r/m32, r32 (0x21):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The reg field specifies the source register
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the source register operand
|
||||
var sourceOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -46,7 +46,7 @@ public class AndR32Rm32Handler : InstructionHandler
|
||||
// For AND r32, r/m32 (0x23):
|
||||
// - The reg field specifies the destination register
|
||||
// - The r/m field with mod specifies the source operand (register or memory)
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the destination register operand
|
||||
var destinationOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.And;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for AND r8, r/m8 instruction (0x22)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.And;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for AND r/m8, r8 instruction (0x20)
|
||||
|
||||
@ -30,8 +30,7 @@ public class DivRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 6; // 6 = DIV
|
||||
}
|
||||
@ -55,7 +54,7 @@ public class DivRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For DIV r/m32 (0xF7 /6):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Verify this is a DIV instruction
|
||||
// The reg field should be 6 (DIV), which maps to RegisterIndex.Si in our enum
|
||||
|
||||
@ -30,8 +30,7 @@ public class IdivRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 7; // 7 = IDIV
|
||||
}
|
||||
@ -55,7 +54,7 @@ public class IdivRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For IDIV r/m32 (0xF7 /7):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Verify this is an IDIV instruction
|
||||
// The reg field should be 7 (IDIV)
|
||||
|
||||
@ -30,8 +30,7 @@ public class ImulRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 5; // 5 = IMUL
|
||||
}
|
||||
@ -55,7 +54,7 @@ public class ImulRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For IMUL r/m32 (0xF7 /5):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Verify this is an IMUL instruction
|
||||
// The reg field should be 5 (IMUL), which maps to RegisterIndex.Bp in our enum
|
||||
|
||||
@ -30,8 +30,7 @@ public class MulRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 4; // 4 = MUL
|
||||
}
|
||||
@ -55,7 +54,7 @@ public class MulRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For MUL r/m32 (0xF7 /4):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Verify this is a MUL instruction
|
||||
// The reg field should be 4 (MUL), which maps to RegisterIndex.Sp in our enum
|
||||
|
||||
@ -30,8 +30,7 @@ public class NegRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 3; // 3 = NEG
|
||||
}
|
||||
@ -55,7 +54,7 @@ public class NegRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For NEG r/m32 (0xF7 /3):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Verify this is a NEG instruction
|
||||
// The reg field should be 3 (NEG), which maps to RegisterIndex.B in our enum
|
||||
|
||||
@ -31,8 +31,7 @@ public class NotRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 2; // 2 = NOT
|
||||
}
|
||||
@ -56,7 +55,7 @@ public class NotRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For NOT r/m32 (0xF7 /2):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Verify this is a NOT instruction
|
||||
// The reg field should be 2 (NOT), which maps to RegisterIndex.D in our enum
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Call;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for CALL rel32 instruction (0xE8)
|
||||
|
||||
@ -35,11 +35,8 @@ public class CallRm32Handler : InstructionHandler
|
||||
return false;
|
||||
}
|
||||
|
||||
// Peek at the ModR/M byte without advancing the position
|
||||
byte modRM = Decoder.PeakByte();
|
||||
|
||||
// Extract the reg field (bits 3-5)
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
// CALL r/m32 is encoded as FF /2 (reg field = 2)
|
||||
return reg == 2;
|
||||
@ -65,7 +62,7 @@ public class CallRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For CALL r/m32 (FF /2):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Set the structured operands
|
||||
// CALL has only one operand
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Cmp;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for CMP AL, imm8 instruction (0x3C)
|
||||
|
||||
@ -30,8 +30,7 @@ public class CmpImmWithRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 7; // 7 = CMP
|
||||
}
|
||||
@ -48,7 +47,7 @@ public class CmpImmWithRm32Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Cmp;
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Cmp;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for CMP r/m32, imm8 (sign-extended) instruction (0x83 /7)
|
||||
@ -30,8 +30,7 @@ public class CmpImmWithRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 7; // 7 = CMP
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class CmpImmWithRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -30,8 +30,7 @@ public class CmpImmWithRm8Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 7; // 7 = CMP
|
||||
}
|
||||
@ -48,7 +47,7 @@ public class CmpImmWithRm8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Cmp;
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Ensure the destination operand has the correct size (8-bit)
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -43,7 +43,7 @@ public class CmpR32Rm32Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Cmp;
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the destination register operand (32-bit)
|
||||
var destinationOperand = OperandFactory.CreateRegisterOperand((RegisterIndex)reg, 32);
|
||||
|
||||
@ -46,7 +46,7 @@ public class CmpRm32R32Handler : InstructionHandler
|
||||
// For CMP r/m32, r32 (0x39):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The reg field specifies the source register
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the source register operand
|
||||
var sourceOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Dec;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for DEC r32 instructions (0x48-0x4F)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.FloatingPoint;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for FNSTSW AX instruction (0xDF 0xE0)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Inc;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for INC r32 instructions (0x40-0x47)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Jump;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for conditional jump instructions (0x70-0x7F)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Jump;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for JGE rel8 instruction (0x7D)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Jump;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for JMP rel32 instruction (0xE9)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Jump;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for JMP rel8 instruction (0xEB)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Jump;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for two-byte conditional jump instructions (0x0F 0x80-0x8F)
|
||||
@ -45,7 +45,6 @@ public class TwoByteConditionalJumpHandler : InstructionHandler
|
||||
return false;
|
||||
}
|
||||
|
||||
int position = Decoder.GetPosition();
|
||||
if (!Decoder.CanReadByte())
|
||||
{
|
||||
return false;
|
||||
|
||||
@ -41,7 +41,7 @@ public class LeaR32MHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (mod, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// LEA only works with memory operands, not registers
|
||||
if (mod == 3)
|
||||
|
||||
@ -51,7 +51,7 @@ public class MovMemRegHandler : InstructionHandler
|
||||
// For MOV r/m32, r32 (0x89) or MOV r/m8, r8 (0x88):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The reg field specifies the source register
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size based on the opcode
|
||||
destinationOperand.Size = operandSize;
|
||||
|
||||
@ -50,7 +50,7 @@ public class MovRegMemHandler : InstructionHandler
|
||||
// For MOV r32, r/m32 (0x8B) or MOV r8, r/m8 (0x8A):
|
||||
// - The reg field specifies the destination register
|
||||
// - The r/m field with mod specifies the source operand (register or memory)
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size based on the opcode
|
||||
sourceOperand.Size = operandSize;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Mov;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for MOV r/m32, imm32 instruction (0xC7)
|
||||
@ -38,7 +38,7 @@ public class MovRm32Imm32Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Mov;
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// MOV r/m32, imm32 only uses reg=0
|
||||
if (reg != 0)
|
||||
|
||||
@ -47,7 +47,7 @@ public class MovRm8Imm8Handler : InstructionHandler
|
||||
// For MOV r/m8, imm8 (0xC6):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// MOV r/m8, imm8 only uses reg=0
|
||||
if (reg != 0)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Nop;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for multi-byte NOP instructions (0x0F 0x1F ...)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Or;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for OR AL, imm8 instruction (0x0C)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Or;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for OR EAX, imm32 instruction (0x0D)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Or;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for OR r/m32, imm32 instruction (0x81 /1)
|
||||
@ -30,8 +30,7 @@ public class OrImmToRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 1; // 1 = OR
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class OrImmToRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Check if we can read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Or;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for OR r/m32, imm8 (sign-extended) instruction (0x83 /1)
|
||||
@ -30,8 +30,7 @@ public class OrImmToRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 1; // 1 = OR
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class OrImmToRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value (sign-extended from 8 to 32 bits)
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -30,8 +30,7 @@ public class OrImmToRm8Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 1; // 1 = OR
|
||||
}
|
||||
@ -56,7 +55,7 @@ public class OrImmToRm8Handler : InstructionHandler
|
||||
// For OR r/m8, imm8 (0x80 /1):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 8-bit
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Or;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for OR r32, r/m32 instruction (0x0B)
|
||||
|
||||
@ -46,7 +46,7 @@ public class OrR8Rm8Handler : InstructionHandler
|
||||
// For OR r8, r/m8 (0x0A):
|
||||
// - The reg field specifies the destination register
|
||||
// - The r/m field with mod specifies the source operand (register or memory)
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 8-bit
|
||||
sourceOperand.Size = 8;
|
||||
|
||||
@ -30,9 +30,6 @@ public class OrRm8R8Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
// Peek at the ModR/M byte to verify this is the correct instruction
|
||||
byte modRM = Decoder.PeakByte();
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -54,7 +51,7 @@ public class OrRm8R8Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Adjust the operand size to 8-bit
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Pop;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for POP r32 instruction (0x58-0x5F)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Push;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for PUSH imm32 instruction (0x68)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Push;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for PUSH imm8 instruction (0x6A)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Push;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for PUSH r32 instruction (0x50-0x57)
|
||||
|
||||
@ -35,11 +35,7 @@ public class PushRm32Handler : InstructionHandler
|
||||
return false;
|
||||
}
|
||||
|
||||
// Peek at the ModR/M byte without advancing the position
|
||||
byte modRM = Decoder.PeakByte();
|
||||
|
||||
// Extract the reg field (bits 3-5)
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
// PUSH r/m32 is encoded as FF /6 (reg field = 6)
|
||||
return reg == 6;
|
||||
@ -65,7 +61,7 @@ public class PushRm32Handler : InstructionHandler
|
||||
// Read the ModR/M byte
|
||||
// For PUSH r/m32 (FF /6):
|
||||
// - The r/m field with mod specifies the operand (register or memory)
|
||||
var (mod, reg, rm, operand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, operand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Set the structured operands
|
||||
// PUSH has only one operand
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Ret;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for RET instruction with immediate operand (0xC2)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Sbb;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for SBB r/m32, imm32 instruction (0x81 /3)
|
||||
@ -30,8 +30,7 @@ public class SbbImmFromRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 3; // 3 = SBB
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class SbbImmFromRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Sbb;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for SBB r/m32, imm8 (sign-extended) instruction (0x83 /3)
|
||||
@ -30,8 +30,7 @@ public class SbbImmFromRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 3; // 3 = SBB
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class SbbImmFromRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value (sign-extended from 8 to 32 bits)
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.String;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for string instructions (MOVS, STOS, LODS, SCAS) with and without REP/REPNE prefixes
|
||||
|
||||
@ -36,8 +36,7 @@ public class SubImmFromRm16Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Check if the reg field is 5 (SUB)
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 5; // 5 = SUB
|
||||
}
|
||||
@ -63,7 +62,7 @@ public class SubImmFromRm16Handler : InstructionHandler
|
||||
// For SUB r/m16, imm16 (0x81 /5 with 0x66 prefix):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 16-bit
|
||||
destinationOperand.Size = 16;
|
||||
|
||||
@ -36,8 +36,7 @@ public class SubImmFromRm16SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Check if the reg field is 5 (SUB)
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 5; // 5 = SUB
|
||||
}
|
||||
@ -63,7 +62,7 @@ public class SubImmFromRm16SignExtendedHandler : InstructionHandler
|
||||
// For SUB r/m16, imm8 (0x83 /5 with 0x66 prefix and sign extension):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand (sign-extended from 8 to 16 bits)
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 16-bit
|
||||
destinationOperand.Size = 16;
|
||||
|
||||
@ -30,8 +30,7 @@ public class SubImmFromRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 5; // 5 = SUB
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class SubImmFromRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -30,8 +30,7 @@ public class SubImmFromRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 5; // 5 = SUB
|
||||
}
|
||||
@ -54,7 +53,7 @@ public class SubImmFromRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Extract the fields from the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Check if we have enough bytes for the immediate value
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -30,8 +30,7 @@ public class SubImmFromRm8Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte) ((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 5; // 5 = SUB
|
||||
}
|
||||
@ -48,7 +47,7 @@ public class SubImmFromRm8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Sub;
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Ensure the destination operand has the correct size (8-bit)
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -44,7 +44,7 @@ public class SubR16Rm16Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Ensure the source operand has the correct size (16-bit)
|
||||
sourceOperand.Size = 16;
|
||||
|
||||
@ -40,7 +40,7 @@ public class SubR32Rm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Set the instruction type
|
||||
instruction.Type = InstructionType.Sub;
|
||||
|
||||
@ -43,7 +43,7 @@ public class SubR8Rm8Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Ensure the source operand has the correct size (8-bit)
|
||||
sourceOperand.Size = 8;
|
||||
|
||||
@ -44,7 +44,7 @@ public class SubRm16R16Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Ensure the destination operand has the correct size (16-bit)
|
||||
destinationOperand.Size = 16;
|
||||
|
||||
@ -43,7 +43,7 @@ public class SubRm32R32Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Sub;
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the source register operand (32-bit)
|
||||
var sourceOperand = OperandFactory.CreateRegisterOperand((RegisterIndex)reg, 32);
|
||||
|
||||
@ -38,7 +38,7 @@ public class SubRm8R8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Sub;
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Ensure the destination operand has the correct size (8-bit)
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Test;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for TEST AL, imm8 instruction (0xA8)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Test;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for TEST EAX, imm32 instruction (0xA9)
|
||||
|
||||
@ -36,8 +36,7 @@ public class TestImmWithRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Check if the reg field is 0 (TEST operation)
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 0; // 0 = TEST
|
||||
}
|
||||
@ -59,7 +58,7 @@ public class TestImmWithRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -36,8 +36,7 @@ public class TestImmWithRm8Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Check if the reg field is 0 (TEST operation)
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 0; // 0 = TEST
|
||||
}
|
||||
@ -54,7 +53,7 @@ public class TestImmWithRm8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Test;
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Check if we have enough bytes for the immediate value
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Test;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for TEST r/m8, r8 instruction (0x84)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Test;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for TEST r/m32, r32 instruction (0x85)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xchg;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XCHG EAX, r32 instruction (0x90-0x97)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR AL, imm8 instruction (0x34)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR AX, imm16 instruction (0x35 with 0x66 prefix)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR EAX, imm32 instruction (0x35)
|
||||
|
||||
@ -30,8 +30,7 @@ public class XorImmWithRm16Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 6; // 6 = XOR
|
||||
}
|
||||
@ -54,7 +53,7 @@ public class XorImmWithRm16Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Ensure the destination operand has the correct size (16-bit)
|
||||
destinationOperand.Size = 16;
|
||||
|
||||
@ -30,8 +30,7 @@ public class XorImmWithRm16SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 6; // 6 = XOR
|
||||
}
|
||||
@ -56,7 +55,7 @@ public class XorImmWithRm16SignExtendedHandler : InstructionHandler
|
||||
// For XOR r/m16, imm8 (sign-extended) (0x83 /6 with 0x66 prefix):
|
||||
// - The r/m field with mod specifies the destination operand (register or memory)
|
||||
// - The immediate value is the source operand (sign-extended from 8 to 16 bits)
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 16-bit
|
||||
destinationOperand.Size = 16;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR r/m32, imm32 instruction (0x81 /6)
|
||||
@ -30,8 +30,7 @@ public class XorImmWithRm32Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 6; // 6 = XOR
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class XorImmWithRm32Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value
|
||||
if (!Decoder.CanReadUInt())
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR r/m32, imm8 (sign-extended) instruction (0x83 /6)
|
||||
@ -30,8 +30,7 @@ public class XorImmWithRm32SignExtendedHandler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 6; // 6 = XOR
|
||||
}
|
||||
@ -53,7 +52,7 @@ public class XorImmWithRm32SignExtendedHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, _, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Read the immediate value (sign-extended from 8 to 32 bits)
|
||||
if (!Decoder.CanReadByte())
|
||||
|
||||
@ -30,8 +30,7 @@ public class XorImmWithRm8Handler : InstructionHandler
|
||||
if (!Decoder.CanReadByte())
|
||||
return false;
|
||||
|
||||
byte modRM = Decoder.PeakByte();
|
||||
byte reg = (byte)((modRM & 0x38) >> 3);
|
||||
var reg = ModRMDecoder.PeakModRMReg();
|
||||
|
||||
return reg == 6; // 6 = XOR
|
||||
}
|
||||
@ -48,7 +47,7 @@ public class XorImmWithRm8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Xor;
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, _, _, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Ensure the destination operand has the correct size (8-bit)
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR r/m32, r32 instruction (0x31)
|
||||
@ -43,7 +43,7 @@ public class XorMemRegHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the source register operand
|
||||
var srcOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -47,7 +47,7 @@ public class XorR16Rm16Handler : InstructionHandler
|
||||
// For XOR r16, r/m16 (0x33 with 0x66 prefix):
|
||||
// - The reg field specifies the destination register
|
||||
// - The r/m field with mod specifies the source operand (register or memory)
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Adjust the operand size to 16-bit
|
||||
sourceOperand.Size = 16;
|
||||
|
||||
@ -38,7 +38,7 @@ public class XorR8Rm8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Xor;
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, sourceOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, reg, _, sourceOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Ensure the source operand has the correct size (8-bit)
|
||||
sourceOperand.Size = 8;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR r32, r/m32 instruction (0x33)
|
||||
@ -45,7 +45,7 @@ public class XorRegMemHandler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, srcOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, srcOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the destination register operand
|
||||
var destOperand = OperandFactory.CreateRegisterOperand(reg, 32);
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86.Handlers.Xor;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handler for XOR r/m16, r16 instruction (0x31 with 0x66 prefix)
|
||||
@ -44,7 +44,7 @@ public class XorRm16R16Handler : InstructionHandler
|
||||
}
|
||||
|
||||
// Read the ModR/M byte
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM();
|
||||
|
||||
// Create the source register operand (16-bit)
|
||||
var sourceOperand = OperandFactory.CreateRegisterOperand(reg, 16);
|
||||
|
||||
@ -38,7 +38,7 @@ public class XorRm8R8Handler : InstructionHandler
|
||||
instruction.Type = InstructionType.Xor;
|
||||
|
||||
// Read the ModR/M byte, specifying that we're dealing with 8-bit operands
|
||||
var (mod, reg, rm, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
var (_, reg, _, destinationOperand) = ModRMDecoder.ReadModRM8();
|
||||
|
||||
// Ensure the destination operand has the correct size (8-bit)
|
||||
destinationOperand.Size = 8;
|
||||
|
||||
@ -4,7 +4,7 @@ using System.Diagnostics.Contracts;
|
||||
namespace X86Disassembler.X86;
|
||||
|
||||
using Handlers;
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Decodes x86 instructions from a byte buffer
|
||||
@ -25,7 +25,6 @@ public class InstructionDecoder
|
||||
|
||||
// Specialized decoders
|
||||
private readonly PrefixDecoder _prefixDecoder;
|
||||
private readonly ModRMDecoder _modRMDecoder;
|
||||
|
||||
/// <summary>
|
||||
/// Initializes a new instance of the InstructionDecoder class
|
||||
@ -40,7 +39,7 @@ public class InstructionDecoder
|
||||
|
||||
// Create specialized decoders
|
||||
_prefixDecoder = new PrefixDecoder();
|
||||
_modRMDecoder = new ModRMDecoder(this);
|
||||
new ModRMDecoder(this);
|
||||
|
||||
// Create the instruction handler factory
|
||||
_handlerFactory = new InstructionHandlerFactory(_codeBuffer, this, _length);
|
||||
@ -133,7 +132,6 @@ public class InstructionDecoder
|
||||
string segmentOverride = _prefixDecoder.GetSegmentOverride();
|
||||
|
||||
// Save the position before decoding
|
||||
int beforeDecodePosition = _position;
|
||||
|
||||
// Decode the instruction
|
||||
handlerSuccess = handler.Decode(opcode, instruction);
|
||||
@ -144,7 +142,7 @@ public class InstructionDecoder
|
||||
// Apply segment override to memory operands
|
||||
foreach (var operand in instruction.StructuredOperands)
|
||||
{
|
||||
if (operand is Operands.MemoryOperand memoryOperand)
|
||||
if (operand is MemoryOperand memoryOperand)
|
||||
{
|
||||
memoryOperand.SegmentOverride = segmentOverride;
|
||||
}
|
||||
@ -287,15 +285,6 @@ public class InstructionDecoder
|
||||
return _prefixDecoder.HasOperandSizePrefix();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Gets the prefix decoder
|
||||
/// </summary>
|
||||
/// <returns>The prefix decoder</returns>
|
||||
public PrefixDecoder GetPrefixDecoder()
|
||||
{
|
||||
return _prefixDecoder;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Checks if a single byte can be read from the current position
|
||||
/// </summary>
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
namespace X86Disassembler.X86;
|
||||
|
||||
using X86Disassembler.X86.Operands;
|
||||
using Operands;
|
||||
|
||||
/// <summary>
|
||||
/// Handles decoding of ModR/M bytes in x86 instructions
|
||||
@ -213,21 +213,19 @@ public class ModRMDecoder
|
||||
/// Peaks a ModR/M byte and returns the raw field values, without advancing position
|
||||
/// </summary>
|
||||
/// <returns>A tuple containing the raw mod, reg, and rm fields from the ModR/M byte</returns>
|
||||
public (byte mod, byte reg, byte rm) PeakModRMRaw()
|
||||
public byte PeakModRMReg()
|
||||
{
|
||||
if (!_decoder.CanReadByte())
|
||||
{
|
||||
return (0, 0, 0);
|
||||
return 0;
|
||||
}
|
||||
|
||||
byte modRM = _decoder.PeakByte();
|
||||
|
||||
// Extract fields from ModR/M byte
|
||||
byte mod = (byte)((modRM & MOD_MASK) >> 6); // Top 2 bits (bits 6-7)
|
||||
byte regIndex = (byte)((modRM & REG_MASK) >> 3); // Middle 3 bits (bits 3-5)
|
||||
byte rmIndex = (byte)(modRM & RM_MASK); // Bottom 3 bits (bits 0-2)
|
||||
|
||||
return (mod, regIndex, rmIndex);
|
||||
return regIndex;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user