mirror of
https://github.com/sampletext32/ParkanPlayground.git
synced 2025-05-21 21:01:17 +03:00
fixups
This commit is contained in:
bird_egop
parent
611dce32e5
commit
b215908d76
@ -75,6 +75,16 @@ public class Program
|
|||||||
// Disassemble all instructions
|
// Disassemble all instructions
|
||||||
var instructions = disassembler.Disassemble();
|
var instructions = disassembler.Disassemble();
|
||||||
|
|
||||||
|
var unknownIndex = instructions.FindIndex(
|
||||||
|
x => x.ToString()
|
||||||
|
.Contains("??") || x.ToString()
|
||||||
|
.Contains("TODO")
|
||||||
|
);
|
||||||
|
if (unknownIndex != -1)
|
||||||
|
{
|
||||||
|
_ = 5;
|
||||||
|
}
|
||||||
|
|
||||||
// Print the first 100 instructions
|
// Print the first 100 instructions
|
||||||
int count = Math.Min(100, instructions.Count);
|
int count = Math.Min(100, instructions.Count);
|
||||||
for (int i = 0; i < count; i++)
|
for (int i = 0; i < count; i++)
|
||||||
|
|||||||
@ -1,12 +1,12 @@
|
|||||||
namespace X86Disassembler.X86.Handlers;
|
namespace X86Disassembler.X86.Handlers;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Handler for CALL rel32 instruction (0xE8)
|
/// Handler for INT3 instruction (0xCC)
|
||||||
/// </summary>
|
/// </summary>
|
||||||
public class Int3Handler : InstructionHandler
|
public class Int3Handler : InstructionHandler
|
||||||
{
|
{
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Initializes a new instance of the CallRel32Handler class
|
/// Initializes a new instance of the Int3Handler class
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="codeBuffer">The buffer containing the code to decode</param>
|
/// <param name="codeBuffer">The buffer containing the code to decode</param>
|
||||||
/// <param name="decoder">The instruction decoder that owns this handler</param>
|
/// <param name="decoder">The instruction decoder that owns this handler</param>
|
||||||
@ -27,7 +27,7 @@ public class Int3Handler : InstructionHandler
|
|||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Decodes a CALL rel32 instruction
|
/// Decodes an INT3 instruction
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="opcode">The opcode of the instruction</param>
|
/// <param name="opcode">The opcode of the instruction</param>
|
||||||
/// <param name="instruction">The instruction object to populate</param>
|
/// <param name="instruction">The instruction object to populate</param>
|
||||||
|
|||||||
@ -34,36 +34,56 @@ public class MovRegMemHandler : InstructionHandler
|
|||||||
/// <returns>True if the instruction was successfully decoded</returns>
|
/// <returns>True if the instruction was successfully decoded</returns>
|
||||||
public override bool Decode(byte opcode, Instruction instruction)
|
public override bool Decode(byte opcode, Instruction instruction)
|
||||||
{
|
{
|
||||||
|
// Save the original position for raw bytes calculation
|
||||||
|
int startPosition = Decoder.GetPosition();
|
||||||
|
|
||||||
// Set the mnemonic
|
// Set the mnemonic
|
||||||
instruction.Mnemonic = "mov";
|
instruction.Mnemonic = "mov";
|
||||||
|
|
||||||
int position = Decoder.GetPosition();
|
if (startPosition >= Length)
|
||||||
|
|
||||||
if (position >= Length)
|
|
||||||
{
|
{
|
||||||
return false;
|
instruction.Operands = "??";
|
||||||
|
instruction.RawBytes = new byte[] { opcode };
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine operand size (0 = 8-bit, 1 = 32-bit)
|
// Determine operand size (0 = 8-bit, 1 = 32-bit)
|
||||||
bool operandSize32 = (opcode & 0x01) != 0;
|
bool operandSize32 = (opcode & 0x01) != 0;
|
||||||
int operandSize = operandSize32 ? 32 : 8;
|
int operandSize = operandSize32 ? 32 : 8;
|
||||||
|
|
||||||
// Read the ModR/M byte
|
// Use ModRMDecoder to decode the ModR/M byte
|
||||||
var (mod, reg, rm, memOperand) = ModRMDecoder.ReadModRM();
|
var (mod, reg, rm, rmOperand) = ModRMDecoder.ReadModRM(false); // false for 32-bit operand
|
||||||
|
|
||||||
// Get register name based on size
|
// Get register name based on size
|
||||||
string regName = ModRMDecoder.GetRegisterName(reg, operandSize);
|
string regName;
|
||||||
|
if (operandSize == 8)
|
||||||
|
{
|
||||||
|
regName = GetRegister8(reg);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
regName = GetRegister32(reg);
|
||||||
|
}
|
||||||
|
|
||||||
// For mod == 3, both operands are registers
|
// Get the position after decoding the ModR/M byte
|
||||||
if (mod == 3)
|
int newPosition = Decoder.GetPosition();
|
||||||
|
|
||||||
|
// Set the operands - register is the destination, r/m is the source (for 0x8B)
|
||||||
|
// This matches the correct x86 instruction format: MOV r32, r/m32
|
||||||
|
instruction.Operands = $"{regName}, {rmOperand}";
|
||||||
|
|
||||||
|
// Set the raw bytes
|
||||||
|
int totalBytes = newPosition - startPosition + 1; // +1 for opcode
|
||||||
|
byte[] rawBytes = new byte[totalBytes];
|
||||||
|
rawBytes[0] = opcode;
|
||||||
|
for (int i = 0; i < totalBytes - 1; i++)
|
||||||
{
|
{
|
||||||
string rmRegName = ModRMDecoder.GetRegisterName(rm, operandSize);
|
if (startPosition + i < Length)
|
||||||
instruction.Operands = $"{rmRegName}, {regName}";
|
|
||||||
}
|
|
||||||
else // Memory operand
|
|
||||||
{
|
{
|
||||||
instruction.Operands = $"{memOperand}, {regName}";
|
rawBytes[i + 1] = CodeBuffer[startPosition + i];
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
instruction.RawBytes = rawBytes;
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -37,8 +37,8 @@ public class Group1SignExtendedHandlerTests
|
|||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
// This is the sequence from the problematic example:
|
// This is the sequence from the problematic example:
|
||||||
// 08 83 C1 04 50 E8 42 01 00 00
|
// 83 C1 04 50 E8 42 01 00 00
|
||||||
byte[] codeBuffer = new byte[] { 0x08, 0x83, 0xC1, 0x04, 0x50, 0xE8, 0x42, 0x01, 0x00, 0x00 };
|
byte[] codeBuffer = new byte[] { 0x83, 0xC1, 0x04, 0x50, 0xE8, 0x42, 0x01, 0x00, 0x00 };
|
||||||
var disassembler = new Disassembler(codeBuffer, 0);
|
var disassembler = new Disassembler(codeBuffer, 0);
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
@ -47,15 +47,12 @@ public class Group1SignExtendedHandlerTests
|
|||||||
// Assert
|
// Assert
|
||||||
Assert.True(instructions.Count >= 3, $"Expected at least 3 instructions, but got {instructions.Count}");
|
Assert.True(instructions.Count >= 3, $"Expected at least 3 instructions, but got {instructions.Count}");
|
||||||
|
|
||||||
// First instruction should be OR r/m8, r8 (but might be incomplete)
|
// First instruction should be ADD ecx, 0x04
|
||||||
Assert.Equal("or", instructions[0].Mnemonic);
|
Assert.Equal("add", instructions[0].Mnemonic);
|
||||||
|
Assert.Equal("ecx, 0x00000004", instructions[0].Operands);
|
||||||
|
|
||||||
// Second instruction should be ADD ecx, 0x04
|
// Second instruction should be PUSH eax
|
||||||
Assert.Equal("add", instructions[1].Mnemonic);
|
Assert.Equal("push", instructions[1].Mnemonic);
|
||||||
Assert.Equal("ecx, 0x00000004", instructions[1].Operands);
|
Assert.Equal("eax", instructions[1].Operands);
|
||||||
|
|
||||||
// Third instruction should be PUSH eax
|
|
||||||
Assert.Equal("push", instructions[2].Mnemonic);
|
|
||||||
Assert.Equal("eax", instructions[2].Operands);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -56,5 +56,6 @@ public class HandlerSelectionTests
|
|||||||
|
|
||||||
// Third instruction should be PUSH eax
|
// Third instruction should be PUSH eax
|
||||||
Assert.Equal("push", instructions[2].Mnemonic);
|
Assert.Equal("push", instructions[2].Mnemonic);
|
||||||
|
Assert.Equal("eax", instructions[2].Operands);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user