├── Zydis
├── Zycore.lib
├── Zydis.lib
├── Zydis-x64.lib
├── Zydis-x86.lib
├── Zycore-x64.lib
├── Zycore-x86.lib
├── ZydisExportConfig.h
├── ZycoreExportConfig.h
├── LICENSE
├── Zycore
│ ├── Object.h
│ ├── API
│ │ ├── Memory.h
│ │ ├── Synchronization.h
│ │ ├── Terminal.h
│ │ └── Thread.h
│ ├── Zycore.h
│ ├── Allocator.h
│ ├── ArgParse.h
│ ├── Types.h
│ └── Status.h
└── Zydis
│ ├── Generated
│ ├── EnumISAExt.h
│ ├── EnumInstructionCategory.h
│ ├── EnumISASet.h
│ └── EnumRegister.h
│ ├── Mnemonic.h
│ ├── MetaInfo.h
│ ├── ShortString.h
│ ├── Zydis.h
│ ├── Status.h
│ ├── Internal
│ ├── EncoderData.h
│ ├── FormatterATT.h
│ └── DecoderData.h
│ ├── Utils.h
│ ├── Decoder.h
│ ├── Register.h
│ └── FormatterBuffer.h
├── Inline-PatchFinder
├── Inline-PatchFinder.user
├── Inline-PatchFinder.vcxproj.user
├── Inline-PatchFinder.filters
├── Miscellaneous
│ └── Dependancies.h
├── Utilities
│ ├── Utilities.h
│ └── Utilities.cpp
├── Inline-PatchFinder.cpp
└── Inline-PatchFinder.vcxproj
├── README.md
└── Inline-PatchFinder.sln
/Zydis/Zycore.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ch4ncellor/Inline-PatchFinder/HEAD/Zydis/Zycore.lib
--------------------------------------------------------------------------------
/Zydis/Zydis.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ch4ncellor/Inline-PatchFinder/HEAD/Zydis/Zydis.lib
--------------------------------------------------------------------------------
/Zydis/Zydis-x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ch4ncellor/Inline-PatchFinder/HEAD/Zydis/Zydis-x64.lib
--------------------------------------------------------------------------------
/Zydis/Zydis-x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ch4ncellor/Inline-PatchFinder/HEAD/Zydis/Zydis-x86.lib
--------------------------------------------------------------------------------
/Zydis/Zycore-x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ch4ncellor/Inline-PatchFinder/HEAD/Zydis/Zycore-x64.lib
--------------------------------------------------------------------------------
/Zydis/Zycore-x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ch4ncellor/Inline-PatchFinder/HEAD/Zydis/Zycore-x86.lib
--------------------------------------------------------------------------------
/Inline-PatchFinder/Inline-PatchFinder.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | true
5 |
6 |
--------------------------------------------------------------------------------
/Inline-PatchFinder/Inline-PatchFinder.vcxproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | true
5 |
6 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Inline-PatchFinder
2 |
3 | Need to see if the process you're reversing/analyzing is patching/hooking any loaded module's exports? Well, look no further.
4 |
5 |
6 |
7 | Inline-PatchFinder traverses the export table of all loaded modules in a process, and compares the first few bytes to the module on disk. If there is a difference between the one in memory and disk, you will be given relevant information.
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 | 
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 | # Credits:
24 |
25 | - [zydis](https://github.com/zyantific/zydis) (Disassembler)
--------------------------------------------------------------------------------
/Inline-PatchFinder/Inline-PatchFinder.filters:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
6 | cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx
7 |
8 |
9 |
10 |
11 | Source Files
12 |
13 |
14 | Source Files
15 |
16 |
17 |
18 |
21 |
--------------------------------------------------------------------------------
/Inline-PatchFinder/Miscellaneous/Dependancies.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include
4 | #include
5 | #include
6 | #include
7 | #include
8 | #include
9 | #include
10 | #include
11 | #include
12 | #include
13 | #include
14 | #include
15 | #include
16 | #include
17 | #include
18 | #include
19 | #include
20 | #include
21 |
22 | #include "../Utilities/Utilities.h"
23 |
24 | #include
25 | #include
26 | #include
27 | #include
28 | #include
29 |
30 | #define LOG( s, ... ) { \
31 | printf_s( (s), __VA_ARGS__); \
32 | }
33 |
34 | #define PAUSE_SYSTEM_CMD( b ) { \
35 | system(("pause")); \
36 | if (b) \
37 | return 0; \
38 | }
--------------------------------------------------------------------------------
/Inline-PatchFinder/Utilities/Utilities.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | #include "../Miscellaneous/Dependancies.h"
4 |
5 | class C_Utilities
6 | {
7 | public:
8 |
9 | HANDLE TargetProcess; // for target process
10 | DWORD TargetId; // for target process
11 | private:
12 | HANDLE GetProcess(int m_nProcessID);
13 | public:
14 |
15 | bool SetupDesiredProcess(int m_nProcessID);
16 |
17 | bool HasSpecialCharacters(const char* str)
18 | {
19 | return strlen(str) < 4 || str[strspn(str, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_")] != 0;
20 | }
21 |
22 | struct LoadedModuleData_t
23 | {
24 | std::string m_szModuleName;
25 | std::string m_szModulePath;
26 | DWORD m_ModuleSize;
27 | BYTE *m_ModuleBaseAddress;
28 | };
29 |
30 | std::vector m_OutModules;
31 |
32 | DWORD m_dSavedExportVirtualAddress = NULL;
33 | bool EnumerateModulesInProcess();
34 | }; inline C_Utilities g_Utilities;
--------------------------------------------------------------------------------
/Zydis/ZydisExportConfig.h:
--------------------------------------------------------------------------------
1 | #ifndef ZYDIS_EXPORT_H
2 | #define ZYDIS_EXPORT_H
3 |
4 | #ifdef ZYDIS_STATIC_DEFINE
5 | # define ZYDIS_EXPORT
6 | # define ZYDIS_NO_EXPORT
7 | #else
8 | # ifndef ZYDIS_EXPORT
9 | # ifdef Zydis_EXPORTS
10 | /* We are building this library */
11 | # define ZYDIS_EXPORT
12 | # else
13 | /* We are using this library */
14 | # define ZYDIS_EXPORT
15 | # endif
16 | # endif
17 |
18 | # ifndef ZYDIS_NO_EXPORT
19 | # define ZYDIS_NO_EXPORT
20 | # endif
21 | #endif
22 |
23 | #ifndef ZYDIS_DEPRECATED
24 | # define ZYDIS_DEPRECATED __declspec(deprecated)
25 | #endif
26 |
27 | #ifndef ZYDIS_DEPRECATED_EXPORT
28 | # define ZYDIS_DEPRECATED_EXPORT ZYDIS_EXPORT ZYDIS_DEPRECATED
29 | #endif
30 |
31 | #ifndef ZYDIS_DEPRECATED_NO_EXPORT
32 | # define ZYDIS_DEPRECATED_NO_EXPORT ZYDIS_NO_EXPORT ZYDIS_DEPRECATED
33 | #endif
34 |
35 | #if 0 /* DEFINE_NO_DEPRECATED */
36 | # ifndef ZYDIS_NO_DEPRECATED
37 | # define ZYDIS_NO_DEPRECATED
38 | # endif
39 | #endif
40 |
41 | #endif
--------------------------------------------------------------------------------
/Zydis/ZycoreExportConfig.h:
--------------------------------------------------------------------------------
1 | #ifndef ZYCORE_EXPORT_H
2 | #define ZYCORE_EXPORT_H
3 |
4 | #ifdef ZYCORE_STATIC_DEFINE
5 | # define ZYCORE_EXPORT
6 | # define ZYCORE_NO_EXPORT
7 | #else
8 | # ifndef ZYCORE_EXPORT
9 | # ifdef Zycore_EXPORTS
10 | /* We are building this library */
11 | # define ZYCORE_EXPORT
12 | # else
13 | /* We are using this library */
14 | # define ZYCORE_EXPORT
15 | # endif
16 | # endif
17 |
18 | # ifndef ZYCORE_NO_EXPORT
19 | # define ZYCORE_NO_EXPORT
20 | # endif
21 | #endif
22 |
23 | #ifndef ZYCORE_DEPRECATED
24 | # define ZYCORE_DEPRECATED __declspec(deprecated)
25 | #endif
26 |
27 | #ifndef ZYCORE_DEPRECATED_EXPORT
28 | # define ZYCORE_DEPRECATED_EXPORT ZYCORE_EXPORT ZYCORE_DEPRECATED
29 | #endif
30 |
31 | #ifndef ZYCORE_DEPRECATED_NO_EXPORT
32 | # define ZYCORE_DEPRECATED_NO_EXPORT ZYCORE_NO_EXPORT ZYCORE_DEPRECATED
33 | #endif
34 |
35 | #if 0 /* DEFINE_NO_DEPRECATED */
36 | # ifndef ZYCORE_NO_DEPRECATED
37 | # define ZYCORE_NO_DEPRECATED
38 | # endif
39 | #endif
40 |
41 | #endif
--------------------------------------------------------------------------------
/Zydis/LICENSE:
--------------------------------------------------------------------------------
1 | The MIT License (MIT)
2 |
3 | Copyright (c) 2014-2019 Florian Bernd
4 | Copyright (c) 2014-2019 Joel Höner
5 |
6 | Permission is hereby granted, free of charge, to any person obtaining a copy
7 | of this software and associated documentation files (the "Software"), to deal
8 | in the Software without restriction, including without limitation the rights
9 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 | copies of the Software, and to permit persons to whom the Software is
11 | furnished to do so, subject to the following conditions:
12 |
13 | The above copyright notice and this permission notice shall be included in all
14 | copies or substantial portions of the Software.
15 |
16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 | SOFTWARE.
23 |
--------------------------------------------------------------------------------
/Inline-PatchFinder.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.31515.178
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Inline-PatchFinder", "Inline-PatchFinder\Inline-PatchFinder.vcxproj", "{DF25EE2F-823C-4407-A8AB-B45B26226782}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|x64 = Debug|x64
11 | Debug|x86 = Debug|x86
12 | Release|x64 = Release|x64
13 | Release|x86 = Release|x86
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Debug|x64.ActiveCfg = Debug|x64
17 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Debug|x64.Build.0 = Debug|x64
18 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Debug|x86.ActiveCfg = Debug|Win32
19 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Debug|x86.Build.0 = Debug|Win32
20 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Release|x64.ActiveCfg = Release|x64
21 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Release|x64.Build.0 = Release|x64
22 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Release|x86.ActiveCfg = Release|Win32
23 | {DF25EE2F-823C-4407-A8AB-B45B26226782}.Release|x86.Build.0 = Release|Win32
24 | EndGlobalSection
25 | GlobalSection(SolutionProperties) = preSolution
26 | HideSolutionNode = FALSE
27 | EndGlobalSection
28 | GlobalSection(ExtensibilityGlobals) = postSolution
29 | SolutionGuid = {EB37FD20-5684-4860-BA42-DDBAAB672EDF}
30 | EndGlobalSection
31 | EndGlobal
32 |
--------------------------------------------------------------------------------
/Inline-PatchFinder/Utilities/Utilities.cpp:
--------------------------------------------------------------------------------
1 | #include "Utilities.h"
2 | #include
3 |
4 | HANDLE C_Utilities::GetProcess(int m_nProcessID)
5 | {
6 | TargetProcess = OpenProcess(PROCESS_ALL_ACCESS, false, TargetId);
7 | return TargetProcess;
8 | }
9 |
10 | bool C_Utilities::EnumerateModulesInProcess()
11 | {
12 | HANDLE hmodule = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, TargetId);
13 | MODULEENTRY32 mEntry;
14 | mEntry.dwSize = sizeof(mEntry);
15 |
16 | static bool m_bIsInitialProcessModule = false;
17 |
18 | do
19 | {
20 | _bstr_t szEntryExePath(mEntry.szModule);
21 | std::string m_szEntryExePath = std::string(szEntryExePath);
22 |
23 | WCHAR szModName[MAX_PATH];
24 | if (K32GetModuleFileNameExW(this->TargetProcess, mEntry.hModule, szModName, sizeof(szModName) / sizeof(WCHAR)))
25 | {
26 | std::wstring ws(szModName);
27 | std::string _str(ws.begin(), ws.end());
28 |
29 | if (strstr(_str.c_str(), "WINDOWS"))
30 | // VERY stupid and ghetto way to check if this module was a core windows one.
31 | {
32 | this->m_OutModules.push_back({ m_szEntryExePath, _str, mEntry.modBaseSize, mEntry.modBaseAddr });
33 | }
34 |
35 | }
36 | } while (Module32NextW(hmodule, &mEntry));
37 |
38 | CloseHandle(hmodule);
39 |
40 | return this->m_OutModules.size() != 0;
41 | }
42 |
43 |
44 | bool C_Utilities::SetupDesiredProcess(int m_nProcessID)
45 | {
46 | TargetId = m_nProcessID;
47 | const HANDLE m_hProcessHandle = this->GetProcess(m_nProcessID);
48 | return m_hProcessHandle && m_hProcessHandle != INVALID_HANDLE_VALUE;
49 | }
50 |
51 |
--------------------------------------------------------------------------------
/Zydis/Zycore/Object.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief Defines some generic object-related datatypes.
30 | */
31 |
32 | #ifndef ZYCORE_OBJECT_H
33 | #define ZYCORE_OBJECT_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | /* ============================================================================================== */
43 | /* Enums and types */
44 | /* ============================================================================================== */
45 |
46 | /**
47 | * @brief Defines the `ZyanMemberProcedure` function prototype.
48 | *
49 | * @param object A pointer to the object.
50 | */
51 | typedef void (*ZyanMemberProcedure)(void* object);
52 |
53 | /**
54 | * @brief Defines the `ZyanConstMemberProcedure` function prototype.
55 | *
56 | * @param object A pointer to the object.
57 | */
58 | typedef void (*ZyanConstMemberProcedure)(const void* object);
59 |
60 | /**
61 | * @brief Defines the `ZyanMemberFunction` function prototype.
62 | *
63 | * @param object A pointer to the object.
64 | *
65 | * @return A zyan status code.
66 | */
67 | typedef ZyanStatus (*ZyanMemberFunction)(void* object);
68 |
69 | /**
70 | * @brief Defines the `ZyanConstMemberFunction` function prototype.
71 | *
72 | * @param object A pointer to the object.
73 | *
74 | * @return A zyan status code.
75 | */
76 | typedef ZyanStatus (*ZyanConstMemberFunction)(const void* object);
77 |
78 | /* ============================================================================================== */
79 |
80 | #ifdef __cplusplus
81 | }
82 | #endif
83 |
84 | #endif /* ZYCORE_OBJECT_H */
85 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Generated/EnumISAExt.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisISAExt` enum.
3 | */
4 | typedef enum ZydisISAExt_
5 | {
6 | ZYDIS_ISA_EXT_INVALID,
7 | ZYDIS_ISA_EXT_ADOX_ADCX,
8 | ZYDIS_ISA_EXT_AES,
9 | ZYDIS_ISA_EXT_AMD3DNOW,
10 | ZYDIS_ISA_EXT_AMD3DNOW_PREFETCH,
11 | ZYDIS_ISA_EXT_AMD_INVLPGB,
12 | ZYDIS_ISA_EXT_AMX_BF16,
13 | ZYDIS_ISA_EXT_AMX_INT8,
14 | ZYDIS_ISA_EXT_AMX_TILE,
15 | ZYDIS_ISA_EXT_AVX,
16 | ZYDIS_ISA_EXT_AVX2,
17 | ZYDIS_ISA_EXT_AVX2GATHER,
18 | ZYDIS_ISA_EXT_AVX512EVEX,
19 | ZYDIS_ISA_EXT_AVX512VEX,
20 | ZYDIS_ISA_EXT_AVXAES,
21 | ZYDIS_ISA_EXT_AVX_VNNI,
22 | ZYDIS_ISA_EXT_BASE,
23 | ZYDIS_ISA_EXT_BMI1,
24 | ZYDIS_ISA_EXT_BMI2,
25 | ZYDIS_ISA_EXT_CET,
26 | ZYDIS_ISA_EXT_CLDEMOTE,
27 | ZYDIS_ISA_EXT_CLFLUSHOPT,
28 | ZYDIS_ISA_EXT_CLFSH,
29 | ZYDIS_ISA_EXT_CLWB,
30 | ZYDIS_ISA_EXT_CLZERO,
31 | ZYDIS_ISA_EXT_ENQCMD,
32 | ZYDIS_ISA_EXT_F16C,
33 | ZYDIS_ISA_EXT_FMA,
34 | ZYDIS_ISA_EXT_FMA4,
35 | ZYDIS_ISA_EXT_GFNI,
36 | ZYDIS_ISA_EXT_HRESET,
37 | ZYDIS_ISA_EXT_INVPCID,
38 | ZYDIS_ISA_EXT_KEYLOCKER,
39 | ZYDIS_ISA_EXT_KEYLOCKER_WIDE,
40 | ZYDIS_ISA_EXT_KNC,
41 | ZYDIS_ISA_EXT_KNCE,
42 | ZYDIS_ISA_EXT_KNCV,
43 | ZYDIS_ISA_EXT_LONGMODE,
44 | ZYDIS_ISA_EXT_LZCNT,
45 | ZYDIS_ISA_EXT_MCOMMIT,
46 | ZYDIS_ISA_EXT_MMX,
47 | ZYDIS_ISA_EXT_MONITOR,
48 | ZYDIS_ISA_EXT_MONITORX,
49 | ZYDIS_ISA_EXT_MOVBE,
50 | ZYDIS_ISA_EXT_MOVDIR,
51 | ZYDIS_ISA_EXT_MPX,
52 | ZYDIS_ISA_EXT_PADLOCK,
53 | ZYDIS_ISA_EXT_PAUSE,
54 | ZYDIS_ISA_EXT_PCLMULQDQ,
55 | ZYDIS_ISA_EXT_PCONFIG,
56 | ZYDIS_ISA_EXT_PKU,
57 | ZYDIS_ISA_EXT_PREFETCHWT1,
58 | ZYDIS_ISA_EXT_PT,
59 | ZYDIS_ISA_EXT_RDPID,
60 | ZYDIS_ISA_EXT_RDPRU,
61 | ZYDIS_ISA_EXT_RDRAND,
62 | ZYDIS_ISA_EXT_RDSEED,
63 | ZYDIS_ISA_EXT_RDTSCP,
64 | ZYDIS_ISA_EXT_RDWRFSGS,
65 | ZYDIS_ISA_EXT_RTM,
66 | ZYDIS_ISA_EXT_SERIALIZE,
67 | ZYDIS_ISA_EXT_SGX,
68 | ZYDIS_ISA_EXT_SGX_ENCLV,
69 | ZYDIS_ISA_EXT_SHA,
70 | ZYDIS_ISA_EXT_SMAP,
71 | ZYDIS_ISA_EXT_SMX,
72 | ZYDIS_ISA_EXT_SNP,
73 | ZYDIS_ISA_EXT_SSE,
74 | ZYDIS_ISA_EXT_SSE2,
75 | ZYDIS_ISA_EXT_SSE3,
76 | ZYDIS_ISA_EXT_SSE4,
77 | ZYDIS_ISA_EXT_SSE4A,
78 | ZYDIS_ISA_EXT_SSSE3,
79 | ZYDIS_ISA_EXT_SVM,
80 | ZYDIS_ISA_EXT_TBM,
81 | ZYDIS_ISA_EXT_TDX,
82 | ZYDIS_ISA_EXT_TSX_LDTRK,
83 | ZYDIS_ISA_EXT_UINTR,
84 | ZYDIS_ISA_EXT_VAES,
85 | ZYDIS_ISA_EXT_VMFUNC,
86 | ZYDIS_ISA_EXT_VPCLMULQDQ,
87 | ZYDIS_ISA_EXT_VTX,
88 | ZYDIS_ISA_EXT_WAITPKG,
89 | ZYDIS_ISA_EXT_X87,
90 | ZYDIS_ISA_EXT_XOP,
91 | ZYDIS_ISA_EXT_XSAVE,
92 | ZYDIS_ISA_EXT_XSAVEC,
93 | ZYDIS_ISA_EXT_XSAVEOPT,
94 | ZYDIS_ISA_EXT_XSAVES,
95 |
96 | /**
97 | * Maximum value of this enum.
98 | */
99 | ZYDIS_ISA_EXT_MAX_VALUE = ZYDIS_ISA_EXT_XSAVES,
100 | /**
101 | * The minimum number of bits required to represent all values of this enum.
102 | */
103 | ZYDIS_ISA_EXT_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_ISA_EXT_MAX_VALUE)
104 | } ZydisISAExt;
105 |
--------------------------------------------------------------------------------
/Zydis/Zycore/API/Memory.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_MEMORY_H
33 | #define ZYCORE_MEMORY_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | /* ============================================================================================== */
40 | /* Enums and types */
41 | /* ============================================================================================== */
42 |
43 | /**
44 | * @brief Defines the `ZyanMemoryManager` struct.
45 | */
46 | typedef struct ZyanMemoryManager_
47 | {
48 | int a;
49 | } ZyanMemoryManager;
50 |
51 | /* ============================================================================================== */
52 | /* Exported functions */
53 | /* ============================================================================================== */
54 |
55 | /* ---------------------------------------------------------------------------------------------- */
56 | /* Memory manager */
57 | /* ---------------------------------------------------------------------------------------------- */
58 |
59 | /**
60 | * @brief Returns the default memory manager.
61 |
62 | * @return The default memory manager.
63 | */
64 | ZYCORE_EXPORT const ZyanMemoryManager* ZyanMemoryManagerDefault(void);
65 |
66 | /* ---------------------------------------------------------------------------------------------- */
67 | /* */
68 | /* ---------------------------------------------------------------------------------------------- */
69 |
70 |
71 |
72 | /* ============================================================================================== */
73 |
74 | #endif /* ZYCORE_MEMORY_H */
75 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Mnemonic.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Mnemonic constant definitions and helper functions.
30 | */
31 |
32 | #ifndef ZYDIS_MNEMONIC_H
33 | #define ZYDIS_MNEMONIC_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | /* ============================================================================================== */
43 | /* Enums and types */
44 | /* ============================================================================================== */
45 |
46 | #include
47 |
48 | /* ============================================================================================== */
49 | /* Exported functions */
50 | /* ============================================================================================== */
51 |
52 | /**
53 | * @addtogroup mnemonic Mnemonic
54 | * Functions for retrieving mnemonic names.
55 | * @{
56 | */
57 |
58 | /**
59 | * Returns the specified instruction mnemonic string.
60 | *
61 | * @param mnemonic The mnemonic.
62 | *
63 | * @return The instruction mnemonic string or `ZYAN_NULL`, if an invalid mnemonic was passed.
64 | */
65 | ZYDIS_EXPORT const char* ZydisMnemonicGetString(ZydisMnemonic mnemonic);
66 |
67 | /**
68 | * Returns the specified instruction mnemonic as `ZydisShortString`.
69 | *
70 | * @param mnemonic The mnemonic.
71 | *
72 | * @return The instruction mnemonic string or `ZYAN_NULL`, if an invalid mnemonic was passed.
73 | *
74 | * The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case.
75 | */
76 | ZYDIS_EXPORT const ZydisShortString* ZydisMnemonicGetStringWrapped(ZydisMnemonic mnemonic);
77 |
78 | /**
79 | * @}
80 | */
81 |
82 | /* ============================================================================================== */
83 |
84 | #ifdef __cplusplus
85 | }
86 | #endif
87 |
88 | #endif /* ZYDIS_MNEMONIC_H */
89 |
--------------------------------------------------------------------------------
/Zydis/Zydis/MetaInfo.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYDIS_METAINFO_H
33 | #define ZYDIS_METAINFO_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Enums and types */
45 | /* ============================================================================================== */
46 |
47 | #include
48 | #include
49 | #include
50 |
51 | /* ============================================================================================== */
52 | /* Exported functions */
53 | /* ============================================================================================== */
54 |
55 | /**
56 | * Returns the specified instruction category string.
57 | *
58 | * @param category The instruction category.
59 | *
60 | * @return The instruction category string or `ZYAN_NULL`, if an invalid category was passed.
61 | */
62 | ZYDIS_EXPORT const char* ZydisCategoryGetString(ZydisInstructionCategory category);
63 |
64 | /**
65 | * Returns the specified isa-set string.
66 | *
67 | * @param isa_set The isa-set.
68 | *
69 | * @return The isa-set string or `ZYAN_NULL`, if an invalid isa-set was passed.
70 | */
71 | ZYDIS_EXPORT const char* ZydisISASetGetString(ZydisISASet isa_set);
72 |
73 | /**
74 | * Returns the specified isa-extension string.
75 | *
76 | * @param isa_ext The isa-extension.
77 | *
78 | * @return The isa-extension string or `ZYAN_NULL`, if an invalid isa-extension was passed.
79 | */
80 | ZYDIS_EXPORT const char* ZydisISAExtGetString(ZydisISAExt isa_ext);
81 |
82 | /* ============================================================================================== */
83 |
84 | #ifdef __cplusplus
85 | }
86 | #endif
87 |
88 | #endif /* ZYDIS_METAINFO_H */
89 |
--------------------------------------------------------------------------------
/Zydis/Zydis/ShortString.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Defines the immutable and storage-efficient `ZydisShortString` struct, which
30 | * is used to store strings in the generated tables.
31 | */
32 |
33 | #ifndef ZYDIS_SHORTSTRING_H
34 | #define ZYDIS_SHORTSTRING_H
35 |
36 | #include
37 | #include
38 | #include
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Enums and types */
46 | /* ============================================================================================== */
47 |
48 | #if !(defined(ZYAN_AARCH64) && defined(ZYAN_APPLE))
49 | # pragma pack(push, 1)
50 | #endif
51 |
52 | /**
53 | * Defines the `ZydisShortString` struct.
54 | *
55 | * This compact struct is mainly used for internal string-tables to save up some bytes.
56 | *
57 | * All fields in this struct should be considered as "private". Any changes may lead to unexpected
58 | * behavior.
59 | */
60 | typedef struct ZydisShortString_
61 | {
62 | /**
63 | * The buffer that contains the actual (null-terminated) string.
64 | */
65 | const char* data;
66 | /**
67 | * The length (number of characters) of the string (without 0-termination).
68 | */
69 | ZyanU8 size;
70 | } ZydisShortString;
71 |
72 | #if !(defined(ZYAN_AARCH64) && defined(ZYAN_APPLE))
73 | # pragma pack(pop)
74 | #endif
75 |
76 | /* ============================================================================================== */
77 | /* Macros */
78 | /* ============================================================================================== */
79 |
80 | /**
81 | * Declares a `ZydisShortString` from a static C-style string.
82 | *
83 | * @param string The C-string constant.
84 | */
85 | #define ZYDIS_MAKE_SHORTSTRING(string) \
86 | { string, sizeof(string) - 1 }
87 |
88 | /* ============================================================================================== */
89 |
90 | #ifdef __cplusplus
91 | }
92 | #endif
93 |
94 | #endif /* ZYDIS_SHORTSTRING_H */
95 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Generated/EnumInstructionCategory.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisInstructionCategory` enum.
3 | */
4 | typedef enum ZydisInstructionCategory_
5 | {
6 | ZYDIS_CATEGORY_INVALID,
7 | ZYDIS_CATEGORY_ADOX_ADCX,
8 | ZYDIS_CATEGORY_AES,
9 | ZYDIS_CATEGORY_AMD3DNOW,
10 | ZYDIS_CATEGORY_AMX_TILE,
11 | ZYDIS_CATEGORY_AVX,
12 | ZYDIS_CATEGORY_AVX2,
13 | ZYDIS_CATEGORY_AVX2GATHER,
14 | ZYDIS_CATEGORY_AVX512,
15 | ZYDIS_CATEGORY_AVX512_4FMAPS,
16 | ZYDIS_CATEGORY_AVX512_4VNNIW,
17 | ZYDIS_CATEGORY_AVX512_BITALG,
18 | ZYDIS_CATEGORY_AVX512_VBMI,
19 | ZYDIS_CATEGORY_AVX512_VP2INTERSECT,
20 | ZYDIS_CATEGORY_BINARY,
21 | ZYDIS_CATEGORY_BITBYTE,
22 | ZYDIS_CATEGORY_BLEND,
23 | ZYDIS_CATEGORY_BMI1,
24 | ZYDIS_CATEGORY_BMI2,
25 | ZYDIS_CATEGORY_BROADCAST,
26 | ZYDIS_CATEGORY_CALL,
27 | ZYDIS_CATEGORY_CET,
28 | ZYDIS_CATEGORY_CLDEMOTE,
29 | ZYDIS_CATEGORY_CLFLUSHOPT,
30 | ZYDIS_CATEGORY_CLWB,
31 | ZYDIS_CATEGORY_CLZERO,
32 | ZYDIS_CATEGORY_CMOV,
33 | ZYDIS_CATEGORY_COMPRESS,
34 | ZYDIS_CATEGORY_COND_BR,
35 | ZYDIS_CATEGORY_CONFLICT,
36 | ZYDIS_CATEGORY_CONVERT,
37 | ZYDIS_CATEGORY_DATAXFER,
38 | ZYDIS_CATEGORY_DECIMAL,
39 | ZYDIS_CATEGORY_ENQCMD,
40 | ZYDIS_CATEGORY_EXPAND,
41 | ZYDIS_CATEGORY_FCMOV,
42 | ZYDIS_CATEGORY_FLAGOP,
43 | ZYDIS_CATEGORY_FMA4,
44 | ZYDIS_CATEGORY_FP16,
45 | ZYDIS_CATEGORY_GATHER,
46 | ZYDIS_CATEGORY_GFNI,
47 | ZYDIS_CATEGORY_HRESET,
48 | ZYDIS_CATEGORY_IFMA,
49 | ZYDIS_CATEGORY_INTERRUPT,
50 | ZYDIS_CATEGORY_IO,
51 | ZYDIS_CATEGORY_IOSTRINGOP,
52 | ZYDIS_CATEGORY_KEYLOCKER,
53 | ZYDIS_CATEGORY_KEYLOCKER_WIDE,
54 | ZYDIS_CATEGORY_KMASK,
55 | ZYDIS_CATEGORY_KNC,
56 | ZYDIS_CATEGORY_KNCMASK,
57 | ZYDIS_CATEGORY_KNCSCALAR,
58 | ZYDIS_CATEGORY_LEGACY,
59 | ZYDIS_CATEGORY_LOGICAL,
60 | ZYDIS_CATEGORY_LOGICAL_FP,
61 | ZYDIS_CATEGORY_LZCNT,
62 | ZYDIS_CATEGORY_MISC,
63 | ZYDIS_CATEGORY_MMX,
64 | ZYDIS_CATEGORY_MOVDIR,
65 | ZYDIS_CATEGORY_MPX,
66 | ZYDIS_CATEGORY_NOP,
67 | ZYDIS_CATEGORY_PADLOCK,
68 | ZYDIS_CATEGORY_PCLMULQDQ,
69 | ZYDIS_CATEGORY_PCONFIG,
70 | ZYDIS_CATEGORY_PKU,
71 | ZYDIS_CATEGORY_POP,
72 | ZYDIS_CATEGORY_PREFETCH,
73 | ZYDIS_CATEGORY_PREFETCHWT1,
74 | ZYDIS_CATEGORY_PT,
75 | ZYDIS_CATEGORY_PUSH,
76 | ZYDIS_CATEGORY_RDPID,
77 | ZYDIS_CATEGORY_RDPRU,
78 | ZYDIS_CATEGORY_RDRAND,
79 | ZYDIS_CATEGORY_RDSEED,
80 | ZYDIS_CATEGORY_RDWRFSGS,
81 | ZYDIS_CATEGORY_RET,
82 | ZYDIS_CATEGORY_ROTATE,
83 | ZYDIS_CATEGORY_SCATTER,
84 | ZYDIS_CATEGORY_SEGOP,
85 | ZYDIS_CATEGORY_SEMAPHORE,
86 | ZYDIS_CATEGORY_SERIALIZE,
87 | ZYDIS_CATEGORY_SETCC,
88 | ZYDIS_CATEGORY_SGX,
89 | ZYDIS_CATEGORY_SHA,
90 | ZYDIS_CATEGORY_SHIFT,
91 | ZYDIS_CATEGORY_SMAP,
92 | ZYDIS_CATEGORY_SSE,
93 | ZYDIS_CATEGORY_STRINGOP,
94 | ZYDIS_CATEGORY_STTNI,
95 | ZYDIS_CATEGORY_SYSCALL,
96 | ZYDIS_CATEGORY_SYSRET,
97 | ZYDIS_CATEGORY_SYSTEM,
98 | ZYDIS_CATEGORY_TBM,
99 | ZYDIS_CATEGORY_TSX_LDTRK,
100 | ZYDIS_CATEGORY_UFMA,
101 | ZYDIS_CATEGORY_UINTR,
102 | ZYDIS_CATEGORY_UNCOND_BR,
103 | ZYDIS_CATEGORY_VAES,
104 | ZYDIS_CATEGORY_VBMI2,
105 | ZYDIS_CATEGORY_VEX,
106 | ZYDIS_CATEGORY_VFMA,
107 | ZYDIS_CATEGORY_VPCLMULQDQ,
108 | ZYDIS_CATEGORY_VTX,
109 | ZYDIS_CATEGORY_WAITPKG,
110 | ZYDIS_CATEGORY_WIDENOP,
111 | ZYDIS_CATEGORY_X87_ALU,
112 | ZYDIS_CATEGORY_XOP,
113 | ZYDIS_CATEGORY_XSAVE,
114 | ZYDIS_CATEGORY_XSAVEOPT,
115 |
116 | /**
117 | * Maximum value of this enum.
118 | */
119 | ZYDIS_CATEGORY_MAX_VALUE = ZYDIS_CATEGORY_XSAVEOPT,
120 | /**
121 | * The minimum number of bits required to represent all values of this enum.
122 | */
123 | ZYDIS_CATEGORY_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_CATEGORY_MAX_VALUE)
124 | } ZydisInstructionCategory;
125 |
--------------------------------------------------------------------------------
/Zydis/Zycore/Zycore.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief Master include file, including everything else.
30 | */
31 |
32 | #ifndef ZYCORE_H
33 | #define ZYCORE_H
34 |
35 | #include
36 | #include
37 |
38 | // TODO:
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Macros */
46 | /* ============================================================================================== */
47 |
48 | /* ---------------------------------------------------------------------------------------------- */
49 | /* Constants */
50 | /* ---------------------------------------------------------------------------------------------- */
51 |
52 | /**
53 | * @brief A macro that defines the zycore version.
54 | */
55 | #define ZYCORE_VERSION (ZyanU64)0x0001000000000000
56 |
57 | /* ---------------------------------------------------------------------------------------------- */
58 | /* Helper macros */
59 | /* ---------------------------------------------------------------------------------------------- */
60 |
61 | /**
62 | * @brief Extracts the major-part of the zycore version.
63 | *
64 | * @param version The zycore version value
65 | */
66 | #define ZYCORE_VERSION_MAJOR(version) (ZyanU16)((version & 0xFFFF000000000000) >> 48)
67 |
68 | /**
69 | * @brief Extracts the minor-part of the zycore version.
70 | *
71 | * @param version The zycore version value
72 | */
73 | #define ZYCORE_VERSION_MINOR(version) (ZyanU16)((version & 0x0000FFFF00000000) >> 32)
74 |
75 | /**
76 | * @brief Extracts the patch-part of the zycore version.
77 | *
78 | * @param version The zycore version value
79 | */
80 | #define ZYCORE_VERSION_PATCH(version) (ZyanU16)((version & 0x00000000FFFF0000) >> 16)
81 |
82 | /**
83 | * @brief Extracts the build-part of the zycore version.
84 | *
85 | * @param version The zycore version value
86 | */
87 | #define ZYCORE_VERSION_BUILD(version) (ZyanU16)(version & 0x000000000000FFFF)
88 |
89 | /* ---------------------------------------------------------------------------------------------- */
90 |
91 | /* ============================================================================================== */
92 | /* Exported functions */
93 | /* ============================================================================================== */
94 |
95 | /**
96 | * @brief Returns the zycore version.
97 | *
98 | * @return The zycore version.
99 | *
100 | * Use the macros provided in this file to extract the major, minor, patch and build part from the
101 | * returned version value.
102 | */
103 | ZYCORE_EXPORT ZyanU64 ZycoreGetVersion(void);
104 |
105 | /* ============================================================================================== */
106 |
107 | #ifdef __cplusplus
108 | }
109 | #endif
110 |
111 | #endif /* ZYCORE_H */
112 |
--------------------------------------------------------------------------------
/Zydis/Zycore/API/Synchronization.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_SYNCHRONIZATION_H
33 | #define ZYCORE_SYNCHRONIZATION_H
34 |
35 | #ifndef ZYAN_NO_LIBC
36 |
37 | #include
38 | #include
39 | #include
40 |
41 | #ifdef __cplusplus
42 | extern "C" {
43 | #endif
44 |
45 | /* ============================================================================================== */
46 | /* Enums and types */
47 | /* ============================================================================================== */
48 |
49 | #if defined(ZYAN_POSIX)
50 |
51 | #include
52 |
53 | /* ---------------------------------------------------------------------------------------------- */
54 | /* Critical Section */
55 | /* ---------------------------------------------------------------------------------------------- */
56 |
57 | typedef pthread_mutex_t ZyanCriticalSection;
58 |
59 | /* ---------------------------------------------------------------------------------------------- */
60 |
61 | #elif defined(ZYAN_WINDOWS)
62 |
63 | #include
64 |
65 | /* ---------------------------------------------------------------------------------------------- */
66 | /* Critical Section */
67 | /* ---------------------------------------------------------------------------------------------- */
68 |
69 | typedef CRITICAL_SECTION ZyanCriticalSection;
70 |
71 | /* ---------------------------------------------------------------------------------------------- */
72 |
73 | #else
74 | # error "Unsupported platform detected"
75 | #endif
76 |
77 | /* ============================================================================================== */
78 | /* Exported functions */
79 | /* ============================================================================================== */
80 |
81 | /* ---------------------------------------------------------------------------------------------- */
82 | /* Critical Section */
83 | /* ---------------------------------------------------------------------------------------------- */
84 |
85 | /**
86 | * @brief Initializes a critical section.
87 | *
88 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
89 | */
90 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionInitialize(ZyanCriticalSection* critical_section);
91 |
92 | /**
93 | * @brief Enters a critical section.
94 | *
95 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
96 | */
97 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionEnter(ZyanCriticalSection* critical_section);
98 |
99 | /**
100 | * @brief Tries to enter a critical section.
101 | *
102 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
103 | *
104 | * @return Returns `ZYAN_TRUE` if the critical section was successfully entered or `ZYAN_FALSE`,
105 | * if not.
106 | */
107 | ZYCORE_EXPORT ZyanBool ZyanCriticalSectionTryEnter(ZyanCriticalSection* critical_section);
108 |
109 | /**
110 | * @brief Leaves a critical section.
111 | *
112 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
113 | */
114 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionLeave(ZyanCriticalSection* critical_section);
115 |
116 | /**
117 | * @brief Deletes a critical section.
118 | *
119 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
120 | */
121 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionDelete(ZyanCriticalSection* critical_section);
122 |
123 | /* ---------------------------------------------------------------------------------------------- */
124 |
125 | /* ============================================================================================== */
126 |
127 | #ifdef __cplusplus
128 | }
129 | #endif
130 |
131 | #endif /* ZYAN_NO_LIBC */
132 |
133 | #endif /* ZYCORE_SYNCHRONIZATION_H */
134 |
--------------------------------------------------------------------------------
/Zydis/Zycore/Allocator.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_ALLOCATOR_H
33 | #define ZYCORE_ALLOCATOR_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Enums and types */
45 | /* ============================================================================================== */
46 |
47 | struct ZyanAllocator_;
48 |
49 | /**
50 | * @brief Defines the `ZyanAllocatorAllocate` function prototype.
51 | *
52 | * @param allocator A pointer to the `ZyanAllocator` instance.
53 | * @param p Receives a pointer to the first memory block sufficient to hold an
54 | * array of `n` elements with a size of `element_size`.
55 | * @param element_size The size of a single element.
56 | * @param n The number of elements to allocate storage for.
57 | *
58 | * @return A zyan status code.
59 | *
60 | * This prototype is used for the `allocate()` and `reallocate()` functions.
61 | *
62 | * The result of the `reallocate()` function is undefined, if `p` does not point to a memory block
63 | * previously obtained by `(re-)allocate()`.
64 | */
65 | typedef ZyanStatus (*ZyanAllocatorAllocate)(struct ZyanAllocator_* allocator, void** p,
66 | ZyanUSize element_size, ZyanUSize n);
67 |
68 | /**
69 | * @brief Defines the `ZyanAllocatorDeallocate` function prototype.
70 | *
71 | * @param allocator A pointer to the `ZyanAllocator` instance.
72 | * @param p The pointer obtained from `(re-)allocate()`.
73 | * @param element_size The size of a single element.
74 | * @param n The number of elements earlier passed to `(re-)allocate()`.
75 | *
76 | * @return A zyan status code.
77 | */
78 | typedef ZyanStatus (*ZyanAllocatorDeallocate)(struct ZyanAllocator_* allocator, void* p,
79 | ZyanUSize element_size, ZyanUSize n);
80 |
81 | /**
82 | * @brief Defines the `ZyanAllocator` struct.
83 | *
84 | * This is the base class for all custom allocator implementations.
85 | *
86 | * All fields in this struct should be considered as "private". Any changes may lead to unexpected
87 | * behavior.
88 | */
89 | typedef struct ZyanAllocator_
90 | {
91 | /**
92 | * @brief The allocate function.
93 | */
94 | ZyanAllocatorAllocate allocate;
95 | /**
96 | * @brief The reallocate function.
97 | */
98 | ZyanAllocatorAllocate reallocate;
99 | /**
100 | * @brief The deallocate function.
101 | */
102 | ZyanAllocatorDeallocate deallocate;
103 | } ZyanAllocator;
104 |
105 | /* ============================================================================================== */
106 | /* Exported functions */
107 | /* ============================================================================================== */
108 |
109 | /**
110 | * @brief Initializes the given `ZyanAllocator` instance.
111 | *
112 | * @param allocator A pointer to the `ZyanAllocator` instance.
113 | * @param allocate The allocate function.
114 | * @param reallocate The reallocate function.
115 | * @param deallocate The deallocate function.
116 | *
117 | * @return A zyan status code.
118 | */
119 | ZYCORE_EXPORT ZyanStatus ZyanAllocatorInit(ZyanAllocator* allocator, ZyanAllocatorAllocate allocate,
120 | ZyanAllocatorAllocate reallocate, ZyanAllocatorDeallocate deallocate);
121 |
122 | #ifndef ZYAN_NO_LIBC
123 |
124 | /**
125 | * @brief Returns the default `ZyanAllocator` instance.
126 | *
127 | * @return A pointer to the default `ZyanAllocator` instance.
128 | *
129 | * The default allocator uses the default memory manager to allocate memory on the heap.
130 | *
131 | * You should in no case modify the returned allocator instance to avoid unexpected behavior.
132 | */
133 | ZYCORE_EXPORT ZYAN_REQUIRES_LIBC ZyanAllocator* ZyanAllocatorDefault(void);
134 |
135 | #endif // ZYAN_NO_LIBC
136 |
137 | /* ============================================================================================== */
138 |
139 | #ifdef __cplusplus
140 | }
141 | #endif
142 |
143 | #endif /* ZYCORE_ALLOCATOR_H */
144 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Zydis.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Master include file, including everything else.
30 | */
31 |
32 | #ifndef ZYDIS_H
33 | #define ZYDIS_H
34 |
35 | #include
36 | #include
37 |
38 | #ifndef ZYDIS_DISABLE_DECODER
39 | # include
40 | # include
41 | #endif
42 |
43 | #ifndef ZYDIS_DISABLE_ENCODER
44 | # include
45 | #endif
46 |
47 | #ifndef ZYDIS_DISABLE_FORMATTER
48 | # include
49 | #endif
50 |
51 | #include
52 | #include
53 | #include
54 | #include
55 | #include
56 | #include
57 |
58 | #ifdef __cplusplus
59 | extern "C" {
60 | #endif
61 |
62 | /* ============================================================================================== */
63 | /* Macros */
64 | /* ============================================================================================== */
65 |
66 | /* ---------------------------------------------------------------------------------------------- */
67 | /* Constants */
68 | /* ---------------------------------------------------------------------------------------------- */
69 |
70 | /**
71 | * A macro that defines the zydis version.
72 | */
73 | #define ZYDIS_VERSION (ZyanU64)0x0004000000000000
74 |
75 | /* ---------------------------------------------------------------------------------------------- */
76 | /* Helper macros */
77 | /* ---------------------------------------------------------------------------------------------- */
78 |
79 | /**
80 | * Extracts the major-part of the zydis version.
81 | *
82 | * @param version The zydis version value
83 | */
84 | #define ZYDIS_VERSION_MAJOR(version) (ZyanU16)(((version) & 0xFFFF000000000000) >> 48)
85 |
86 | /**
87 | * Extracts the minor-part of the zydis version.
88 | *
89 | * @param version The zydis version value
90 | */
91 | #define ZYDIS_VERSION_MINOR(version) (ZyanU16)(((version) & 0x0000FFFF00000000) >> 32)
92 |
93 | /**
94 | * Extracts the patch-part of the zydis version.
95 | *
96 | * @param version The zydis version value
97 | */
98 | #define ZYDIS_VERSION_PATCH(version) (ZyanU16)(((version) & 0x00000000FFFF0000) >> 16)
99 |
100 | /**
101 | * Extracts the build-part of the zydis version.
102 | *
103 | * @param version The zydis version value
104 | */
105 | #define ZYDIS_VERSION_BUILD(version) (ZyanU16)((version) & 0x000000000000FFFF)
106 |
107 | /* ---------------------------------------------------------------------------------------------- */
108 |
109 | /* ============================================================================================== */
110 | /* Enums and types */
111 | /* ============================================================================================== */
112 |
113 | /**
114 | * Defines the `ZydisFeature` enum.
115 | */
116 | typedef enum ZydisFeature_
117 | {
118 | ZYDIS_FEATURE_DECODER,
119 | ZYDIS_FEATURE_ENCODER,
120 | ZYDIS_FEATURE_FORMATTER,
121 | ZYDIS_FEATURE_AVX512,
122 | ZYDIS_FEATURE_KNC,
123 |
124 | /**
125 | * Maximum value of this enum.
126 | */
127 | ZYDIS_FEATURE_MAX_VALUE = ZYDIS_FEATURE_KNC,
128 | /**
129 | * The minimum number of bits required to represent all values of this enum.
130 | */
131 | ZYDIS_FEATURE_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_FEATURE_MAX_VALUE)
132 | } ZydisFeature;
133 |
134 | /* ============================================================================================== */
135 | /* Exported functions */
136 | /* ============================================================================================== */
137 |
138 | /**
139 | * @addtogroup version Version
140 | * Functions for checking the library version and build options.
141 | * @{
142 | */
143 |
144 | /**
145 | * Returns the zydis version.
146 | *
147 | * @return The zydis version.
148 | *
149 | * Use the macros provided in this file to extract the major, minor, patch and build part from the
150 | * returned version value.
151 | */
152 | ZYDIS_EXPORT ZyanU64 ZydisGetVersion(void);
153 |
154 | /**
155 | * Checks, if the specified feature is enabled in the current zydis library instance.
156 | *
157 | * @param feature The feature.
158 | *
159 | * @return `ZYAN_STATUS_TRUE` if the feature is enabled, `ZYAN_STATUS_FALSE` if not. Another
160 | * zyan status code, if an error occured.
161 | */
162 | ZYDIS_EXPORT ZyanStatus ZydisIsFeatureEnabled(ZydisFeature feature);
163 |
164 | /**
165 | * @}
166 | */
167 |
168 | /* ============================================================================================== */
169 |
170 | #ifdef __cplusplus
171 | }
172 | #endif
173 |
174 | #endif /* ZYDIS_H */
175 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Generated/EnumISASet.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisISASet` enum.
3 | */
4 | typedef enum ZydisISASet_
5 | {
6 | ZYDIS_ISA_SET_INVALID,
7 | ZYDIS_ISA_SET_ADOX_ADCX,
8 | ZYDIS_ISA_SET_AES,
9 | ZYDIS_ISA_SET_AMD,
10 | ZYDIS_ISA_SET_AMD3DNOW,
11 | ZYDIS_ISA_SET_AMX_BF16,
12 | ZYDIS_ISA_SET_AMX_INT8,
13 | ZYDIS_ISA_SET_AMX_TILE,
14 | ZYDIS_ISA_SET_AVX,
15 | ZYDIS_ISA_SET_AVX2,
16 | ZYDIS_ISA_SET_AVX2GATHER,
17 | ZYDIS_ISA_SET_AVX512BW_128,
18 | ZYDIS_ISA_SET_AVX512BW_128N,
19 | ZYDIS_ISA_SET_AVX512BW_256,
20 | ZYDIS_ISA_SET_AVX512BW_512,
21 | ZYDIS_ISA_SET_AVX512BW_KOP,
22 | ZYDIS_ISA_SET_AVX512CD_128,
23 | ZYDIS_ISA_SET_AVX512CD_256,
24 | ZYDIS_ISA_SET_AVX512CD_512,
25 | ZYDIS_ISA_SET_AVX512DQ_128,
26 | ZYDIS_ISA_SET_AVX512DQ_128N,
27 | ZYDIS_ISA_SET_AVX512DQ_256,
28 | ZYDIS_ISA_SET_AVX512DQ_512,
29 | ZYDIS_ISA_SET_AVX512DQ_KOP,
30 | ZYDIS_ISA_SET_AVX512DQ_SCALAR,
31 | ZYDIS_ISA_SET_AVX512ER_512,
32 | ZYDIS_ISA_SET_AVX512ER_SCALAR,
33 | ZYDIS_ISA_SET_AVX512F_128,
34 | ZYDIS_ISA_SET_AVX512F_128N,
35 | ZYDIS_ISA_SET_AVX512F_256,
36 | ZYDIS_ISA_SET_AVX512F_512,
37 | ZYDIS_ISA_SET_AVX512F_KOP,
38 | ZYDIS_ISA_SET_AVX512F_SCALAR,
39 | ZYDIS_ISA_SET_AVX512PF_512,
40 | ZYDIS_ISA_SET_AVX512_4FMAPS_512,
41 | ZYDIS_ISA_SET_AVX512_4FMAPS_SCALAR,
42 | ZYDIS_ISA_SET_AVX512_4VNNIW_512,
43 | ZYDIS_ISA_SET_AVX512_BF16_128,
44 | ZYDIS_ISA_SET_AVX512_BF16_256,
45 | ZYDIS_ISA_SET_AVX512_BF16_512,
46 | ZYDIS_ISA_SET_AVX512_BITALG_128,
47 | ZYDIS_ISA_SET_AVX512_BITALG_256,
48 | ZYDIS_ISA_SET_AVX512_BITALG_512,
49 | ZYDIS_ISA_SET_AVX512_FP16_128,
50 | ZYDIS_ISA_SET_AVX512_FP16_128N,
51 | ZYDIS_ISA_SET_AVX512_FP16_256,
52 | ZYDIS_ISA_SET_AVX512_FP16_512,
53 | ZYDIS_ISA_SET_AVX512_FP16_SCALAR,
54 | ZYDIS_ISA_SET_AVX512_GFNI_128,
55 | ZYDIS_ISA_SET_AVX512_GFNI_256,
56 | ZYDIS_ISA_SET_AVX512_GFNI_512,
57 | ZYDIS_ISA_SET_AVX512_IFMA_128,
58 | ZYDIS_ISA_SET_AVX512_IFMA_256,
59 | ZYDIS_ISA_SET_AVX512_IFMA_512,
60 | ZYDIS_ISA_SET_AVX512_VAES_128,
61 | ZYDIS_ISA_SET_AVX512_VAES_256,
62 | ZYDIS_ISA_SET_AVX512_VAES_512,
63 | ZYDIS_ISA_SET_AVX512_VBMI2_128,
64 | ZYDIS_ISA_SET_AVX512_VBMI2_256,
65 | ZYDIS_ISA_SET_AVX512_VBMI2_512,
66 | ZYDIS_ISA_SET_AVX512_VBMI_128,
67 | ZYDIS_ISA_SET_AVX512_VBMI_256,
68 | ZYDIS_ISA_SET_AVX512_VBMI_512,
69 | ZYDIS_ISA_SET_AVX512_VNNI_128,
70 | ZYDIS_ISA_SET_AVX512_VNNI_256,
71 | ZYDIS_ISA_SET_AVX512_VNNI_512,
72 | ZYDIS_ISA_SET_AVX512_VP2INTERSECT_128,
73 | ZYDIS_ISA_SET_AVX512_VP2INTERSECT_256,
74 | ZYDIS_ISA_SET_AVX512_VP2INTERSECT_512,
75 | ZYDIS_ISA_SET_AVX512_VPCLMULQDQ_128,
76 | ZYDIS_ISA_SET_AVX512_VPCLMULQDQ_256,
77 | ZYDIS_ISA_SET_AVX512_VPCLMULQDQ_512,
78 | ZYDIS_ISA_SET_AVX512_VPOPCNTDQ_128,
79 | ZYDIS_ISA_SET_AVX512_VPOPCNTDQ_256,
80 | ZYDIS_ISA_SET_AVX512_VPOPCNTDQ_512,
81 | ZYDIS_ISA_SET_AVXAES,
82 | ZYDIS_ISA_SET_AVX_GFNI,
83 | ZYDIS_ISA_SET_AVX_VNNI,
84 | ZYDIS_ISA_SET_BMI1,
85 | ZYDIS_ISA_SET_BMI2,
86 | ZYDIS_ISA_SET_CET,
87 | ZYDIS_ISA_SET_CLDEMOTE,
88 | ZYDIS_ISA_SET_CLFLUSHOPT,
89 | ZYDIS_ISA_SET_CLFSH,
90 | ZYDIS_ISA_SET_CLWB,
91 | ZYDIS_ISA_SET_CLZERO,
92 | ZYDIS_ISA_SET_CMOV,
93 | ZYDIS_ISA_SET_CMPXCHG16B,
94 | ZYDIS_ISA_SET_ENQCMD,
95 | ZYDIS_ISA_SET_F16C,
96 | ZYDIS_ISA_SET_FAT_NOP,
97 | ZYDIS_ISA_SET_FCMOV,
98 | ZYDIS_ISA_SET_FMA,
99 | ZYDIS_ISA_SET_FMA4,
100 | ZYDIS_ISA_SET_FXSAVE,
101 | ZYDIS_ISA_SET_FXSAVE64,
102 | ZYDIS_ISA_SET_GFNI,
103 | ZYDIS_ISA_SET_HRESET,
104 | ZYDIS_ISA_SET_I186,
105 | ZYDIS_ISA_SET_I286PROTECTED,
106 | ZYDIS_ISA_SET_I286REAL,
107 | ZYDIS_ISA_SET_I386,
108 | ZYDIS_ISA_SET_I486,
109 | ZYDIS_ISA_SET_I486REAL,
110 | ZYDIS_ISA_SET_I86,
111 | ZYDIS_ISA_SET_INVPCID,
112 | ZYDIS_ISA_SET_KEYLOCKER,
113 | ZYDIS_ISA_SET_KEYLOCKER_WIDE,
114 | ZYDIS_ISA_SET_KNCE,
115 | ZYDIS_ISA_SET_KNCJKBR,
116 | ZYDIS_ISA_SET_KNCSTREAM,
117 | ZYDIS_ISA_SET_KNCV,
118 | ZYDIS_ISA_SET_KNC_MISC,
119 | ZYDIS_ISA_SET_KNC_PF_HINT,
120 | ZYDIS_ISA_SET_LAHF,
121 | ZYDIS_ISA_SET_LONGMODE,
122 | ZYDIS_ISA_SET_LWP,
123 | ZYDIS_ISA_SET_LZCNT,
124 | ZYDIS_ISA_SET_MCOMMIT,
125 | ZYDIS_ISA_SET_MONITOR,
126 | ZYDIS_ISA_SET_MONITORX,
127 | ZYDIS_ISA_SET_MOVBE,
128 | ZYDIS_ISA_SET_MOVDIR,
129 | ZYDIS_ISA_SET_MPX,
130 | ZYDIS_ISA_SET_PADLOCK_ACE,
131 | ZYDIS_ISA_SET_PADLOCK_PHE,
132 | ZYDIS_ISA_SET_PADLOCK_PMM,
133 | ZYDIS_ISA_SET_PADLOCK_RNG,
134 | ZYDIS_ISA_SET_PAUSE,
135 | ZYDIS_ISA_SET_PCLMULQDQ,
136 | ZYDIS_ISA_SET_PCONFIG,
137 | ZYDIS_ISA_SET_PENTIUMMMX,
138 | ZYDIS_ISA_SET_PENTIUMREAL,
139 | ZYDIS_ISA_SET_PKU,
140 | ZYDIS_ISA_SET_POPCNT,
141 | ZYDIS_ISA_SET_PPRO,
142 | ZYDIS_ISA_SET_PREFETCHWT1,
143 | ZYDIS_ISA_SET_PREFETCH_NOP,
144 | ZYDIS_ISA_SET_PT,
145 | ZYDIS_ISA_SET_RDPID,
146 | ZYDIS_ISA_SET_RDPMC,
147 | ZYDIS_ISA_SET_RDPRU,
148 | ZYDIS_ISA_SET_RDRAND,
149 | ZYDIS_ISA_SET_RDSEED,
150 | ZYDIS_ISA_SET_RDTSCP,
151 | ZYDIS_ISA_SET_RDWRFSGS,
152 | ZYDIS_ISA_SET_RTM,
153 | ZYDIS_ISA_SET_SERIALIZE,
154 | ZYDIS_ISA_SET_SGX,
155 | ZYDIS_ISA_SET_SGX_ENCLV,
156 | ZYDIS_ISA_SET_SHA,
157 | ZYDIS_ISA_SET_SMAP,
158 | ZYDIS_ISA_SET_SMX,
159 | ZYDIS_ISA_SET_SSE,
160 | ZYDIS_ISA_SET_SSE2,
161 | ZYDIS_ISA_SET_SSE2MMX,
162 | ZYDIS_ISA_SET_SSE3,
163 | ZYDIS_ISA_SET_SSE3X87,
164 | ZYDIS_ISA_SET_SSE4,
165 | ZYDIS_ISA_SET_SSE42,
166 | ZYDIS_ISA_SET_SSE4A,
167 | ZYDIS_ISA_SET_SSEMXCSR,
168 | ZYDIS_ISA_SET_SSE_PREFETCH,
169 | ZYDIS_ISA_SET_SSSE3,
170 | ZYDIS_ISA_SET_SSSE3MMX,
171 | ZYDIS_ISA_SET_SVM,
172 | ZYDIS_ISA_SET_TBM,
173 | ZYDIS_ISA_SET_TDX,
174 | ZYDIS_ISA_SET_TSX_LDTRK,
175 | ZYDIS_ISA_SET_UINTR,
176 | ZYDIS_ISA_SET_VAES,
177 | ZYDIS_ISA_SET_VMFUNC,
178 | ZYDIS_ISA_SET_VPCLMULQDQ,
179 | ZYDIS_ISA_SET_VTX,
180 | ZYDIS_ISA_SET_WAITPKG,
181 | ZYDIS_ISA_SET_X87,
182 | ZYDIS_ISA_SET_XOP,
183 | ZYDIS_ISA_SET_XSAVE,
184 | ZYDIS_ISA_SET_XSAVEC,
185 | ZYDIS_ISA_SET_XSAVEOPT,
186 | ZYDIS_ISA_SET_XSAVES,
187 |
188 | /**
189 | * Maximum value of this enum.
190 | */
191 | ZYDIS_ISA_SET_MAX_VALUE = ZYDIS_ISA_SET_XSAVES,
192 | /**
193 | * The minimum number of bits required to represent all values of this enum.
194 | */
195 | ZYDIS_ISA_SET_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_ISA_SET_MAX_VALUE)
196 | } ZydisISASet;
197 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Status.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Status code definitions and check macros.
30 | */
31 |
32 | #ifndef ZYDIS_STATUS_H
33 | #define ZYDIS_STATUS_H
34 |
35 | #include
36 |
37 | #ifdef __cplusplus
38 | extern "C" {
39 | #endif
40 |
41 | /* ============================================================================================== */
42 | /* Status codes */
43 | /* ============================================================================================== */
44 |
45 | /* ---------------------------------------------------------------------------------------------- */
46 | /* Module IDs */
47 | /* ---------------------------------------------------------------------------------------------- */
48 |
49 | /**
50 | * The zydis module id.
51 | */
52 | #define ZYAN_MODULE_ZYDIS 0x002u
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Status codes */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | /* ---------------------------------------------------------------------------------------------- */
59 | /* Decoder */
60 | /* ---------------------------------------------------------------------------------------------- */
61 |
62 | /**
63 | * An attempt was made to read data from an input data-source that has no more
64 | * data available.
65 | */
66 | #define ZYDIS_STATUS_NO_MORE_DATA \
67 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x00u)
68 |
69 | /**
70 | * An general error occured while decoding the current instruction. The
71 | * instruction might be undefined.
72 | */
73 | #define ZYDIS_STATUS_DECODING_ERROR \
74 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x01u)
75 |
76 | /**
77 | * The instruction exceeded the maximum length of 15 bytes.
78 | */
79 | #define ZYDIS_STATUS_INSTRUCTION_TOO_LONG \
80 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x02u)
81 |
82 | /**
83 | * The instruction encoded an invalid register.
84 | */
85 | #define ZYDIS_STATUS_BAD_REGISTER \
86 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x03u)
87 |
88 | /**
89 | * A lock-prefix (F0) was found while decoding an instruction that does not
90 | * support locking.
91 | */
92 | #define ZYDIS_STATUS_ILLEGAL_LOCK \
93 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x04u)
94 |
95 | /**
96 | * A legacy-prefix (F2, F3, 66) was found while decoding a XOP/VEX/EVEX/MVEX
97 | * instruction.
98 | */
99 | #define ZYDIS_STATUS_ILLEGAL_LEGACY_PFX \
100 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x05u)
101 |
102 | /**
103 | * A rex-prefix was found while decoding a XOP/VEX/EVEX/MVEX instruction.
104 | */
105 | #define ZYDIS_STATUS_ILLEGAL_REX \
106 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x06u)
107 |
108 | /**
109 | * An invalid opcode-map value was found while decoding a XOP/VEX/EVEX/MVEX-prefix.
110 | */
111 | #define ZYDIS_STATUS_INVALID_MAP \
112 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x07u)
113 |
114 | /**
115 | * An error occured while decoding the EVEX-prefix.
116 | */
117 | #define ZYDIS_STATUS_MALFORMED_EVEX \
118 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x08u)
119 |
120 | /**
121 | * An error occured while decoding the MVEX-prefix.
122 | */
123 | #define ZYDIS_STATUS_MALFORMED_MVEX \
124 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x09u)
125 |
126 | /**
127 | * An invalid write-mask was specified for an EVEX/MVEX instruction.
128 | */
129 | #define ZYDIS_STATUS_INVALID_MASK \
130 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x0Au)
131 |
132 | /* ---------------------------------------------------------------------------------------------- */
133 | /* Formatter */
134 | /* ---------------------------------------------------------------------------------------------- */
135 |
136 | /**
137 | * Returning this status code in some specified formatter callbacks will cause
138 | * the formatter to omit the corresponding token.
139 | *
140 | * Valid callbacks:
141 | * - `ZYDIS_FORMATTER_FUNC_PRE_OPERAND`
142 | * - `ZYDIS_FORMATTER_FUNC_POST_OPERAND`
143 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_REG`
144 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_MEM`
145 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_PTR`
146 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_IMM`
147 | */
148 | #define ZYDIS_STATUS_SKIP_TOKEN \
149 | ZYAN_MAKE_STATUS(0u, ZYAN_MODULE_ZYDIS, 0x0Bu)
150 |
151 | /* ---------------------------------------------------------------------------------------------- */
152 | /* Encoder */
153 | /* ---------------------------------------------------------------------------------------------- */
154 |
155 | #define ZYDIS_STATUS_IMPOSSIBLE_INSTRUCTION \
156 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x0Cu)
157 |
158 | /* ---------------------------------------------------------------------------------------------- */
159 |
160 | /* ============================================================================================== */
161 |
162 |
163 | #ifdef __cplusplus
164 | }
165 | #endif
166 |
167 | #endif /* ZYDIS_STATUS_H */
168 |
--------------------------------------------------------------------------------
/Zydis/Zycore/ArgParse.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief Implements command-line argument parsing.
30 | */
31 |
32 | #ifndef ZYCORE_ARGPARSE_H
33 | #define ZYCORE_ARGPARSE_H
34 |
35 | #include
36 | #include
37 | #include
38 | #include
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Structs and other types */
46 | /* ============================================================================================== */
47 |
48 | /**
49 | * @brief Definition of a single argument.
50 | */
51 | typedef struct ZyanArgParseDefinition_
52 | {
53 | /**
54 | * @brief The argument name, e.g. `--help`.
55 | *
56 | * Must start with either one or two dashes. Single dash arguments must consist of a single
57 | * character, (e.g. `-n`), double-dash arguments can be of arbitrary length.
58 | */
59 | const char* name;
60 | /**
61 | * @brief Whether the argument is boolean or expects a value.
62 | */
63 | ZyanBool boolean;
64 | /**
65 | * @brief Whether this argument is required (error if missing).
66 | */
67 | ZyanBool required;
68 | } ZyanArgParseDefinition;
69 |
70 | /**
71 | * @brief Configuration for argument parsing.
72 | */
73 | typedef struct ZyanArgParseConfig_
74 | {
75 | /**
76 | * @brief `argv` argument passed to `main` by LibC.
77 | */
78 | const char** argv;
79 | /**
80 | * @brief `argc` argument passed to `main` by LibC.
81 | */
82 | ZyanUSize argc;
83 | /**
84 | * @brief Minimum # of accepted unnamed / anonymous arguments.
85 | */
86 | ZyanUSize min_unnamed_args;
87 | /**
88 | * @brief Maximum # of accepted unnamed / anonymous arguments.
89 | */
90 | ZyanUSize max_unnamed_args;
91 | /**
92 | * @brief Argument definition array, or `ZYAN_NULL`.
93 | *
94 | * Expects a pointer to an array of `ZyanArgParseDefinition` instances. The array is
95 | * terminated by setting the `.name` field of the last element to `ZYAN_NULL`. If no named
96 | * arguments should be parsed, you can also set this to `ZYAN_NULL`.
97 | */
98 | ZyanArgParseDefinition* args;
99 | } ZyanArgParseConfig;
100 |
101 | /**
102 | * @brief Information about a parsed argument.
103 | */
104 | typedef struct ZyanArgParseArg_
105 | {
106 | /**
107 | * @brief Corresponding argument definition, or `ZYAN_NULL` for unnamed args.
108 | *
109 | * This pointer is borrowed from the `cfg` pointer passed to `ZyanArgParse`.
110 | */
111 | const ZyanArgParseDefinition* def;
112 | /**
113 | * @brief Whether the argument has a value (is non-boolean).
114 | */
115 | ZyanBool has_value;
116 | /**
117 | * @brief If `has_value == true`, then the argument value.
118 | *
119 | * This is a view into the `argv` string array passed to `ZyanArgParse` via the `cfg` argument.
120 | */
121 | ZyanStringView value;
122 | } ZyanArgParseArg;
123 |
124 | /* ============================================================================================== */
125 | /* Exported functions */
126 | /* ============================================================================================== */
127 |
128 | #ifndef ZYAN_NO_LIBC
129 |
130 | /**
131 | * @brief Parse arguments according to a `ZyanArgParseConfig` definition.
132 | *
133 | * @param cfg Argument parser config to use.
134 | * @param parsed Receives the parsed output. Vector of `ZyanArgParseArg`. Ownership is
135 | * transferred to the user. Input is expected to be uninitialized. On error,
136 | * the vector remains uninitialized.
137 | * @param error_token On error, if it makes sense, receives the argument fragment causing the
138 | * error. Optional, may be `ZYAN_NULL`. The pointer borrows into the `cfg`
139 | * struct and doesn't have to be freed by the user.
140 | *
141 | * @return A `ZyanStatus` status determining whether the parsing succeeded.
142 | */
143 | ZYCORE_EXPORT ZyanStatus ZyanArgParse(const ZyanArgParseConfig *cfg, ZyanVector* parsed,
144 | const char** error_token);
145 |
146 | #endif
147 |
148 | /**
149 | * @brief Parse arguments according to a `ZyanArgParseConfig` definition.
150 | *
151 | * This version allows specification of a custom memory allocator and thus supports no-libc.
152 | *
153 | * @param cfg Argument parser config to use.
154 | * @param parsed Receives the parsed output. Vector of `ZyanArgParseArg`. Ownership is
155 | * transferred to the user. Input is expected to be uninitialized. On error,
156 | * the vector remains uninitialized.
157 | * @param error_token On error, if it makes sense, receives the argument fragment causing the
158 | * error. Optional, may be `ZYAN_NULL`. The pointer borrows into the `cfg`
159 | * struct and doesn't have to be freed by the user.
160 | * @param allocator The `ZyanAllocator` to be used for allocating the output vector's data.
161 | *
162 | * @return A `ZyanStatus` status determining whether the parsing succeeded.
163 | */
164 | ZYCORE_EXPORT ZyanStatus ZyanArgParseEx(const ZyanArgParseConfig *cfg, ZyanVector* parsed,
165 | const char** error_token, ZyanAllocator* allocator);
166 |
167 | /* ============================================================================================== */
168 |
169 | #ifdef __cplusplus
170 | }
171 | #endif
172 |
173 | #endif /* ZYCORE_ARGPARSE_H */
174 |
--------------------------------------------------------------------------------
/Zydis/Zycore/API/Terminal.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file Provides cross-platform terminal helper functions.
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_TERMINAL_H
33 | #define ZYCORE_TERMINAL_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | #ifndef ZYAN_NO_LIBC
44 |
45 | /* ============================================================================================== */
46 | /* VT100 CSI SGR sequences */
47 | /* ============================================================================================== */
48 |
49 | /* ---------------------------------------------------------------------------------------------- */
50 | /* General */
51 | /* ---------------------------------------------------------------------------------------------- */
52 |
53 | #define ZYAN_VT100SGR_RESET "\033[0m"
54 |
55 | /* ---------------------------------------------------------------------------------------------- */
56 | /* Foreground colors */
57 | /* ---------------------------------------------------------------------------------------------- */
58 |
59 | #define ZYAN_VT100SGR_FG_DEFAULT "\033[39m"
60 |
61 | #define ZYAN_VT100SGR_FG_BLACK "\033[30m"
62 | #define ZYAN_VT100SGR_FG_RED "\033[31m"
63 | #define ZYAN_VT100SGR_FG_GREEN "\033[32m"
64 | #define ZYAN_VT100SGR_FG_YELLOW "\033[33m"
65 | #define ZYAN_VT100SGR_FG_BLUE "\033[34m"
66 | #define ZYAN_VT100SGR_FG_MAGENTA "\033[35m"
67 | #define ZYAN_VT100SGR_FG_CYAN "\033[36m"
68 | #define ZYAN_VT100SGR_FG_WHITE "\033[37m"
69 | #define ZYAN_VT100SGR_FG_BRIGHT_BLACK "\033[90m"
70 | #define ZYAN_VT100SGR_FG_BRIGHT_RED "\033[91m"
71 | #define ZYAN_VT100SGR_FG_BRIGHT_GREEN "\033[92m"
72 | #define ZYAN_VT100SGR_FG_BRIGHT_YELLOW "\033[93m"
73 | #define ZYAN_VT100SGR_FG_BRIGHT_BLUE "\033[94m"
74 | #define ZYAN_VT100SGR_FG_BRIGHT_MAGENTA "\033[95m"
75 | #define ZYAN_VT100SGR_FG_BRIGHT_CYAN "\033[96m"
76 | #define ZYAN_VT100SGR_FG_BRIGHT_WHITE "\033[97m"
77 |
78 | /* ---------------------------------------------------------------------------------------------- */
79 | /* Background color */
80 | /* ---------------------------------------------------------------------------------------------- */
81 |
82 | #define ZYAN_VT100SGR_BG_DEFAULT "\033[49m"
83 |
84 | #define ZYAN_VT100SGR_BG_BLACK "\033[40m"
85 | #define ZYAN_VT100SGR_BG_RED "\033[41m"
86 | #define ZYAN_VT100SGR_BG_GREEN "\033[42m"
87 | #define ZYAN_VT100SGR_BG_YELLOW "\033[43m"
88 | #define ZYAN_VT100SGR_BG_BLUE "\033[44m"
89 | #define ZYAN_VT100SGR_BG_MAGENTA "\033[45m"
90 | #define ZYAN_VT100SGR_BG_CYAN "\033[46m"
91 | #define ZYAN_VT100SGR_BG_WHITE "\033[47m"
92 | #define ZYAN_VT100SGR_BG_BRIGHT_BLACK "\033[100m"
93 | #define ZYAN_VT100SGR_BG_BRIGHT_RED "\033[101m"
94 | #define ZYAN_VT100SGR_BG_BRIGHT_GREEN "\033[102m"
95 | #define ZYAN_VT100SGR_BG_BRIGHT_YELLOW "\033[103m"
96 | #define ZYAN_VT100SGR_BG_BRIGHT_BLUE "\033[104m"
97 | #define ZYAN_VT100SGR_BG_BRIGHT_MAGENTA "\033[105m"
98 | #define ZYAN_VT100SGR_BG_BRIGHT_CYAN "\033[106m"
99 | #define ZYAN_VT100SGR_BG_BRIGHT_WHITE "\033[107m"
100 |
101 | /* ---------------------------------------------------------------------------------------------- */
102 |
103 | /* ============================================================================================== */
104 | /* Enums and types */
105 | /* ============================================================================================== */
106 |
107 | /**
108 | * @brief Declares the `ZyanStandardStream` enum.
109 | */
110 | typedef enum ZyanStandardStream_
111 | {
112 | /**
113 | * @brief The default input stream.
114 | */
115 | ZYAN_STDSTREAM_IN,
116 | /**
117 | * @brief The default output stream.
118 | */
119 | ZYAN_STDSTREAM_OUT,
120 | /**
121 | * @brief The default error stream.
122 | */
123 | ZYAN_STDSTREAM_ERR
124 | } ZyanStandardStream;
125 |
126 | /* ============================================================================================== */
127 | /* Exported functions */
128 | /* ============================================================================================== */
129 |
130 | /**
131 | * @brief Enables VT100 ansi escape codes for the given stream.
132 | *
133 | * @param stream Either `ZYAN_STDSTREAM_OUT` or `ZYAN_STDSTREAM_ERR`.
134 | *
135 | * @return A zyan status code.
136 | *
137 | * This functions returns `ZYAN_STATUS_SUCCESS` on all non-Windows systems without performing any
138 | * operations, assuming that VT100 is supported by default.
139 | *
140 | * On Windows systems, VT100 functionality is only supported on Windows 10 build 1607 (anniversary
141 | * update) and later.
142 | */
143 | ZYCORE_EXPORT ZyanStatus ZyanTerminalEnableVT100(ZyanStandardStream stream);
144 |
145 | /**
146 | * @brief Checks, if the given standard stream reads from or writes to a terminal.
147 | *
148 | * @param stream The standard stream to check.
149 | *
150 | * @return `ZYAN_STATUS_TRUE`, if the stream is bound to a terminal, `ZYAN_STATUS_FALSE` if not,
151 | * or another zyan status code if an error occured.
152 | */
153 | ZYCORE_EXPORT ZyanStatus ZyanTerminalIsTTY(ZyanStandardStream stream);
154 |
155 | /* ============================================================================================== */
156 |
157 | #endif // ZYAN_NO_LIBC
158 |
159 | #ifdef __cplusplus
160 | }
161 | #endif
162 |
163 | #endif /* ZYCORE_TERMINAL_H */
164 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Internal/EncoderData.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Mappa
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | #ifndef ZYDIS_INTERNAL_ENCODERDATA_H
28 | #define ZYDIS_INTERNAL_ENCODERDATA_H
29 |
30 | #include
31 | #include
32 | #include
33 |
34 | /**
35 | * Used in encoder's table to represent standard ISA sizes in form of bit flags.
36 | */
37 | typedef enum ZydisWidthFlag_
38 | {
39 | ZYDIS_WIDTH_INVALID = 0x00,
40 | ZYDIS_WIDTH_16 = 0x01,
41 | ZYDIS_WIDTH_32 = 0x02,
42 | ZYDIS_WIDTH_64 = 0x04,
43 |
44 | /**
45 | * Maximum value of this enum.
46 | */
47 | ZYDIS_WIDTH_MAX_VALUE = (ZYDIS_WIDTH_64 | (ZYDIS_WIDTH_64 - 1)),
48 | /**
49 | * The minimum number of bits required to represent all values of this enum.
50 | */
51 | ZYDIS_WIDTH_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_WIDTH_MAX_VALUE)
52 | } ZydisWidthFlag;
53 |
54 | /**
55 | * Used in encoder's table to represent mandatory instruction prefix. Using this enum instead of
56 | * actual prefix value saves space.
57 | */
58 | typedef enum ZydisMandatoryPrefix_
59 | {
60 | ZYDIS_MANDATORY_PREFIX_NONE,
61 | ZYDIS_MANDATORY_PREFIX_66,
62 | ZYDIS_MANDATORY_PREFIX_F2,
63 | ZYDIS_MANDATORY_PREFIX_F3,
64 |
65 | /**
66 | * Maximum value of this enum.
67 | */
68 | ZYDIS_MANDATORY_PREFIX_MAX_VALUE = ZYDIS_MANDATORY_PREFIX_F3,
69 | /**
70 | * The minimum number of bits required to represent all values of this enum.
71 | */
72 | ZYDIS_MANDATORY_PREFIX_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_MANDATORY_PREFIX_MAX_VALUE)
73 | } ZydisMandatoryPrefix;
74 |
75 | /**
76 | * Used in encoder's table to represent vector size supported by instruction definition.
77 | */
78 | typedef enum ZydisVectorLength_
79 | {
80 | ZYDIS_VECTOR_LENGTH_INVALID,
81 | ZYDIS_VECTOR_LENGTH_128,
82 | ZYDIS_VECTOR_LENGTH_256,
83 | ZYDIS_VECTOR_LENGTH_512,
84 |
85 | /**
86 | * Maximum value of this enum.
87 | */
88 | ZYDIS_VECTOR_LENGTH_MAX_VALUE = ZYDIS_VECTOR_LENGTH_512,
89 | /**
90 | * The minimum number of bits required to represent all values of this enum.
91 | */
92 | ZYDIS_VECTOR_LENGTH_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_VECTOR_LENGTH_MAX_VALUE)
93 | } ZydisVectorLength;
94 |
95 | /**
96 | * Used in encoder's table to represent hint type supported by instruction definition.
97 | */
98 | typedef enum ZydisSizeHint_
99 | {
100 | ZYDIS_SIZE_HINT_NONE,
101 | ZYDIS_SIZE_HINT_ASZ,
102 | ZYDIS_SIZE_HINT_OSZ,
103 |
104 | /**
105 | * Maximum value of this enum.
106 | */
107 | ZYDIS_SIZE_HINT_MAX_VALUE = ZYDIS_SIZE_HINT_OSZ,
108 | /**
109 | * The minimum number of bits required to represent all values of this enum.
110 | */
111 | ZYDIS_SIZE_HINT_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_SIZE_HINT_MAX_VALUE)
112 | } ZydisSizeHint;
113 |
114 | /**
115 | * Used in encoder's primary lookup table which allows to access a set of instruction definitions
116 | * for specified mnemonic in constant time.
117 | */
118 | typedef struct ZydisEncoderLookupEntry_
119 | {
120 | /**
121 | * Index to main array of `ZydisEncodableInstruction`.
122 | */
123 | ZyanU16 encoder_reference;
124 | /**
125 | * The number of entries.
126 | */
127 | ZyanU8 instruction_count;
128 | } ZydisEncoderLookupEntry;
129 |
130 | #pragma pack(push, 1)
131 |
132 | /**
133 | * This structure is encoder's internal representation of encodable instruction definition.
134 | */
135 | typedef struct ZydisEncodableInstruction_
136 | {
137 | /**
138 | * Index to one of decoder's instruction definition arrays.
139 | */
140 | ZyanU16 instruction_reference;
141 | /**
142 | * Compressed information about operand count and types. Operand count is stored in lowest bits.
143 | * Types of subsequent operands are stored in higher bits.
144 | */
145 | ZyanU16 operand_mask;
146 | /**
147 | * The instruction-opcode.
148 | */
149 | ZyanU8 opcode;
150 | /**
151 | * The mandatory ModR/M value.
152 | */
153 | ZyanU8 modrm;
154 | /**
155 | * The instruction-encoding.
156 | */
157 | ZyanU8 encoding ZYAN_BITFIELD(ZYDIS_INSTRUCTION_ENCODING_REQUIRED_BITS);
158 | /**
159 | * The opcode map.
160 | */
161 | ZyanU8 opcode_map ZYAN_BITFIELD(ZYDIS_OPCODE_MAP_REQUIRED_BITS);
162 | /**
163 | * The combination of allowed processor modes.
164 | */
165 | ZyanU8 modes ZYAN_BITFIELD(ZYDIS_WIDTH_REQUIRED_BITS);
166 | /**
167 | * The combination of allowed address sizes.
168 | */
169 | ZyanU8 address_sizes ZYAN_BITFIELD(ZYDIS_WIDTH_REQUIRED_BITS);
170 | /**
171 | * The combination of allowed operand sizes.
172 | */
173 | ZyanU8 operand_sizes ZYAN_BITFIELD(ZYDIS_WIDTH_REQUIRED_BITS);
174 | /**
175 | * The mandatory prefix.
176 | */
177 | ZyanU8 mandatory_prefix ZYAN_BITFIELD(ZYDIS_MANDATORY_PREFIX_REQUIRED_BITS);
178 | /**
179 | * True if `REX.W` is required for this definition.
180 | */
181 | ZyanU8 rex_w ZYAN_BITFIELD(1);
182 | /**
183 | * The vector length.
184 | */
185 | ZyanU8 vector_length ZYAN_BITFIELD(ZYDIS_MANDATORY_PREFIX_REQUIRED_BITS);
186 | /**
187 | * The accepted sizing hint.
188 | */
189 | ZyanU8 accepts_hint ZYAN_BITFIELD(ZYDIS_SIZE_HINT_REQUIRED_BITS);
190 | /**
191 | * Indicates that next instruction definition can be safely used instead of current one. This
192 | * is used with some `VEX` instructions to take advantage of 2-byte `VEX` prefix when possible.
193 | * 2-byte `VEX` allows to use high registers only when operand is encoded in `modrm_reg`
194 | * (high bit in `REX.R`). Encoder uses swappable definitions to take advantage of this
195 | * optimization opportunity.
196 | *
197 | * Second use of this field is to handle special case for `mov` instruction. This particular
198 | * conflict is described in detail inside `ZydisHandleSwappableDefinition`.
199 | */
200 | ZyanU8 swappable ZYAN_BITFIELD(1);
201 | } ZydisEncodableInstruction;
202 |
203 | #pragma pack(pop)
204 |
205 | /**
206 | * Fetches array of `ZydisEncodableInstruction` structures and its size for given instruction
207 | * mnemonic.
208 | *
209 | * @param mnemonic Instruction mnemonic.
210 | * @param instruction This variable will receive a pointer to the array of
211 | * `ZydisEncodableInstruction` structures.
212 | *
213 | * @return Entry count (0 if function failed).
214 | */
215 | ZyanU8 ZydisGetEncodableInstructions(ZydisMnemonic mnemonic,
216 | const ZydisEncodableInstruction **instruction);
217 |
218 | #endif /* ZYDIS_INTERNAL_ENCODERDATA_H */
219 |
--------------------------------------------------------------------------------
/Zydis/Zycore/Types.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zyan-C)
4 |
5 | Original Author : Florian Bernd, Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief Includes and defines some default data types.
30 | */
31 |
32 | #ifndef ZYCORE_TYPES_H
33 | #define ZYCORE_TYPES_H
34 |
35 | #include
36 |
37 | /* ============================================================================================== */
38 | /* Integer types */
39 | /* ============================================================================================== */
40 |
41 | #if !defined(ZYAN_NO_LIBC) && \
42 | (!defined(ZYAN_MSVC) && defined(ZYAN_KERNEL)) // The WDK LibC lacks stdint.h.
43 | // If is LibC present, we use stdint types.
44 | # include
45 | # include
46 | typedef uint8_t ZyanU8;
47 | typedef uint16_t ZyanU16;
48 | typedef uint32_t ZyanU32;
49 | typedef uint64_t ZyanU64;
50 | typedef int8_t ZyanI8;
51 | typedef int16_t ZyanI16;
52 | typedef int32_t ZyanI32;
53 | typedef int64_t ZyanI64;
54 | typedef size_t ZyanUSize;
55 | typedef ptrdiff_t ZyanISize;
56 | typedef uintptr_t ZyanUPointer;
57 | typedef intptr_t ZyanIPointer;
58 | #else
59 | // No LibC, use compiler built-in types / macros.
60 | # if defined(ZYAN_MSVC) || defined(ZYAN_ICC)
61 | typedef unsigned __int8 ZyanU8;
62 | typedef unsigned __int16 ZyanU16;
63 | typedef unsigned __int32 ZyanU32;
64 | typedef unsigned __int64 ZyanU64;
65 | typedef signed __int8 ZyanI8;
66 | typedef signed __int16 ZyanI16;
67 | typedef signed __int32 ZyanI32;
68 | typedef signed __int64 ZyanI64;
69 | # if _WIN64
70 | typedef ZyanU64 ZyanUSize;
71 | typedef ZyanI64 ZyanISize;
72 | typedef ZyanU64 ZyanUPointer;
73 | typedef ZyanI64 ZyanIPointer;
74 | # else
75 | typedef ZyanU32 ZyanUSize;
76 | typedef ZyanI32 ZyanISize;
77 | typedef ZyanU32 ZyanUPointer;
78 | typedef ZyanI32 ZyanIPointer;
79 | # endif
80 | # elif defined(ZYAN_GNUC)
81 | typedef __UINT8_TYPE__ ZyanU8;
82 | typedef __UINT16_TYPE__ ZyanU16;
83 | typedef __UINT32_TYPE__ ZyanU32;
84 | typedef __UINT64_TYPE__ ZyanU64;
85 | typedef __INT8_TYPE__ ZyanI8;
86 | typedef __INT16_TYPE__ ZyanI16;
87 | typedef __INT32_TYPE__ ZyanI32;
88 | typedef __INT64_TYPE__ ZyanI64;
89 | typedef __SIZE_TYPE__ ZyanUSize;
90 | typedef __PTRDIFF_TYPE__ ZyanISize;
91 | typedef __UINTPTR_TYPE__ ZyanUPointer;
92 | typedef __INTPTR_TYPE__ ZyanIPointer;
93 | # else
94 | # error "Unsupported compiler for no-libc mode."
95 | # endif
96 | #endif
97 |
98 | // Verify size assumptions.
99 | ZYAN_STATIC_ASSERT(sizeof(ZyanU8 ) == 1 );
100 | ZYAN_STATIC_ASSERT(sizeof(ZyanU16 ) == 2 );
101 | ZYAN_STATIC_ASSERT(sizeof(ZyanU32 ) == 4 );
102 | ZYAN_STATIC_ASSERT(sizeof(ZyanU64 ) == 8 );
103 | ZYAN_STATIC_ASSERT(sizeof(ZyanI8 ) == 1 );
104 | ZYAN_STATIC_ASSERT(sizeof(ZyanI16 ) == 2 );
105 | ZYAN_STATIC_ASSERT(sizeof(ZyanI32 ) == 4 );
106 | ZYAN_STATIC_ASSERT(sizeof(ZyanI64 ) == 8 );
107 | ZYAN_STATIC_ASSERT(sizeof(ZyanUSize ) == sizeof(void*)); // TODO: This one is incorrect!
108 | ZYAN_STATIC_ASSERT(sizeof(ZyanISize ) == sizeof(void*)); // TODO: This one is incorrect!
109 | ZYAN_STATIC_ASSERT(sizeof(ZyanUPointer) == sizeof(void*));
110 | ZYAN_STATIC_ASSERT(sizeof(ZyanIPointer) == sizeof(void*));
111 |
112 | // Verify signedness assumptions (relies on size checks above).
113 | ZYAN_STATIC_ASSERT((ZyanI8 )-1 >> 1 < (ZyanI8 )((ZyanU8 )-1 >> 1));
114 | ZYAN_STATIC_ASSERT((ZyanI16)-1 >> 1 < (ZyanI16)((ZyanU16)-1 >> 1));
115 | ZYAN_STATIC_ASSERT((ZyanI32)-1 >> 1 < (ZyanI32)((ZyanU32)-1 >> 1));
116 | ZYAN_STATIC_ASSERT((ZyanI64)-1 >> 1 < (ZyanI64)((ZyanU64)-1 >> 1));
117 |
118 | /* ============================================================================================== */
119 | /* NULL */
120 | /* ============================================================================================== */
121 |
122 | #define ZYAN_NULL ((void*)0)
123 |
124 | /* ============================================================================================== */
125 | /* Logic types */
126 | /* ============================================================================================== */
127 |
128 | /* ---------------------------------------------------------------------------------------------- */
129 | /* Boolean */
130 | /* ---------------------------------------------------------------------------------------------- */
131 |
132 | #define ZYAN_FALSE 0
133 | #define ZYAN_TRUE 1
134 |
135 | /**
136 | * @brief Defines the `ZyanBool` data-type.
137 | *
138 | * Represents a default boolean data-type where `0` is interpreted as `false` and all other values
139 | * as `true`.
140 | */
141 | typedef ZyanU8 ZyanBool;
142 |
143 | /* ---------------------------------------------------------------------------------------------- */
144 | /* Ternary */
145 | /* ---------------------------------------------------------------------------------------------- */
146 |
147 | /**
148 | * @brief Defines the `ZyanTernary` data-type.
149 | *
150 | * The `ZyanTernary` is a balanced ternary type that uses three truth values indicating `true`,
151 | * `false` and an indeterminate third value.
152 | */
153 | typedef ZyanI8 ZyanTernary;
154 |
155 | #define ZYAN_TERNARY_FALSE (-1)
156 | #define ZYAN_TERNARY_UNKNOWN 0x00
157 | #define ZYAN_TERNARY_TRUE 0x01
158 |
159 | /* ============================================================================================== */
160 | /* String types */
161 | /* ============================================================================================== */
162 |
163 | /* ---------------------------------------------------------------------------------------------- */
164 | /* C-style strings */
165 | /* ---------------------------------------------------------------------------------------------- */
166 |
167 | /**
168 | * @brief Defines the `ZyanCharPointer` data-type.
169 | *
170 | * This type is most often used to represent null-terminated strings aka. C-style strings.
171 | */
172 | typedef char* ZyanCharPointer;
173 |
174 | /**
175 | * @brief Defines the `ZyanConstCharPointer` data-type.
176 | *
177 | * This type is most often used to represent null-terminated strings aka. C-style strings.
178 | */
179 | typedef const char* ZyanConstCharPointer;
180 |
181 | /* ---------------------------------------------------------------------------------------------- */
182 |
183 | /* ============================================================================================== */
184 |
185 | #endif /* ZYCORE_TYPES_H */
186 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Generated/EnumRegister.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisRegister` enum.
3 | */
4 | typedef enum ZydisRegister_
5 | {
6 | ZYDIS_REGISTER_NONE,
7 |
8 | // General purpose registers 8-bit
9 | ZYDIS_REGISTER_AL,
10 | ZYDIS_REGISTER_CL,
11 | ZYDIS_REGISTER_DL,
12 | ZYDIS_REGISTER_BL,
13 | ZYDIS_REGISTER_AH,
14 | ZYDIS_REGISTER_CH,
15 | ZYDIS_REGISTER_DH,
16 | ZYDIS_REGISTER_BH,
17 | ZYDIS_REGISTER_SPL,
18 | ZYDIS_REGISTER_BPL,
19 | ZYDIS_REGISTER_SIL,
20 | ZYDIS_REGISTER_DIL,
21 | ZYDIS_REGISTER_R8B,
22 | ZYDIS_REGISTER_R9B,
23 | ZYDIS_REGISTER_R10B,
24 | ZYDIS_REGISTER_R11B,
25 | ZYDIS_REGISTER_R12B,
26 | ZYDIS_REGISTER_R13B,
27 | ZYDIS_REGISTER_R14B,
28 | ZYDIS_REGISTER_R15B,
29 | // General purpose registers 16-bit
30 | ZYDIS_REGISTER_AX,
31 | ZYDIS_REGISTER_CX,
32 | ZYDIS_REGISTER_DX,
33 | ZYDIS_REGISTER_BX,
34 | ZYDIS_REGISTER_SP,
35 | ZYDIS_REGISTER_BP,
36 | ZYDIS_REGISTER_SI,
37 | ZYDIS_REGISTER_DI,
38 | ZYDIS_REGISTER_R8W,
39 | ZYDIS_REGISTER_R9W,
40 | ZYDIS_REGISTER_R10W,
41 | ZYDIS_REGISTER_R11W,
42 | ZYDIS_REGISTER_R12W,
43 | ZYDIS_REGISTER_R13W,
44 | ZYDIS_REGISTER_R14W,
45 | ZYDIS_REGISTER_R15W,
46 | // General purpose registers 32-bit
47 | ZYDIS_REGISTER_EAX,
48 | ZYDIS_REGISTER_ECX,
49 | ZYDIS_REGISTER_EDX,
50 | ZYDIS_REGISTER_EBX,
51 | ZYDIS_REGISTER_ESP,
52 | ZYDIS_REGISTER_EBP,
53 | ZYDIS_REGISTER_ESI,
54 | ZYDIS_REGISTER_EDI,
55 | ZYDIS_REGISTER_R8D,
56 | ZYDIS_REGISTER_R9D,
57 | ZYDIS_REGISTER_R10D,
58 | ZYDIS_REGISTER_R11D,
59 | ZYDIS_REGISTER_R12D,
60 | ZYDIS_REGISTER_R13D,
61 | ZYDIS_REGISTER_R14D,
62 | ZYDIS_REGISTER_R15D,
63 | // General purpose registers 64-bit
64 | ZYDIS_REGISTER_RAX,
65 | ZYDIS_REGISTER_RCX,
66 | ZYDIS_REGISTER_RDX,
67 | ZYDIS_REGISTER_RBX,
68 | ZYDIS_REGISTER_RSP,
69 | ZYDIS_REGISTER_RBP,
70 | ZYDIS_REGISTER_RSI,
71 | ZYDIS_REGISTER_RDI,
72 | ZYDIS_REGISTER_R8,
73 | ZYDIS_REGISTER_R9,
74 | ZYDIS_REGISTER_R10,
75 | ZYDIS_REGISTER_R11,
76 | ZYDIS_REGISTER_R12,
77 | ZYDIS_REGISTER_R13,
78 | ZYDIS_REGISTER_R14,
79 | ZYDIS_REGISTER_R15,
80 | // Floating point legacy registers
81 | ZYDIS_REGISTER_ST0,
82 | ZYDIS_REGISTER_ST1,
83 | ZYDIS_REGISTER_ST2,
84 | ZYDIS_REGISTER_ST3,
85 | ZYDIS_REGISTER_ST4,
86 | ZYDIS_REGISTER_ST5,
87 | ZYDIS_REGISTER_ST6,
88 | ZYDIS_REGISTER_ST7,
89 | ZYDIS_REGISTER_X87CONTROL,
90 | ZYDIS_REGISTER_X87STATUS,
91 | ZYDIS_REGISTER_X87TAG,
92 | // Floating point multimedia registers
93 | ZYDIS_REGISTER_MM0,
94 | ZYDIS_REGISTER_MM1,
95 | ZYDIS_REGISTER_MM2,
96 | ZYDIS_REGISTER_MM3,
97 | ZYDIS_REGISTER_MM4,
98 | ZYDIS_REGISTER_MM5,
99 | ZYDIS_REGISTER_MM6,
100 | ZYDIS_REGISTER_MM7,
101 | // Floating point vector registers 128-bit
102 | ZYDIS_REGISTER_XMM0,
103 | ZYDIS_REGISTER_XMM1,
104 | ZYDIS_REGISTER_XMM2,
105 | ZYDIS_REGISTER_XMM3,
106 | ZYDIS_REGISTER_XMM4,
107 | ZYDIS_REGISTER_XMM5,
108 | ZYDIS_REGISTER_XMM6,
109 | ZYDIS_REGISTER_XMM7,
110 | ZYDIS_REGISTER_XMM8,
111 | ZYDIS_REGISTER_XMM9,
112 | ZYDIS_REGISTER_XMM10,
113 | ZYDIS_REGISTER_XMM11,
114 | ZYDIS_REGISTER_XMM12,
115 | ZYDIS_REGISTER_XMM13,
116 | ZYDIS_REGISTER_XMM14,
117 | ZYDIS_REGISTER_XMM15,
118 | ZYDIS_REGISTER_XMM16,
119 | ZYDIS_REGISTER_XMM17,
120 | ZYDIS_REGISTER_XMM18,
121 | ZYDIS_REGISTER_XMM19,
122 | ZYDIS_REGISTER_XMM20,
123 | ZYDIS_REGISTER_XMM21,
124 | ZYDIS_REGISTER_XMM22,
125 | ZYDIS_REGISTER_XMM23,
126 | ZYDIS_REGISTER_XMM24,
127 | ZYDIS_REGISTER_XMM25,
128 | ZYDIS_REGISTER_XMM26,
129 | ZYDIS_REGISTER_XMM27,
130 | ZYDIS_REGISTER_XMM28,
131 | ZYDIS_REGISTER_XMM29,
132 | ZYDIS_REGISTER_XMM30,
133 | ZYDIS_REGISTER_XMM31,
134 | // Floating point vector registers 256-bit
135 | ZYDIS_REGISTER_YMM0,
136 | ZYDIS_REGISTER_YMM1,
137 | ZYDIS_REGISTER_YMM2,
138 | ZYDIS_REGISTER_YMM3,
139 | ZYDIS_REGISTER_YMM4,
140 | ZYDIS_REGISTER_YMM5,
141 | ZYDIS_REGISTER_YMM6,
142 | ZYDIS_REGISTER_YMM7,
143 | ZYDIS_REGISTER_YMM8,
144 | ZYDIS_REGISTER_YMM9,
145 | ZYDIS_REGISTER_YMM10,
146 | ZYDIS_REGISTER_YMM11,
147 | ZYDIS_REGISTER_YMM12,
148 | ZYDIS_REGISTER_YMM13,
149 | ZYDIS_REGISTER_YMM14,
150 | ZYDIS_REGISTER_YMM15,
151 | ZYDIS_REGISTER_YMM16,
152 | ZYDIS_REGISTER_YMM17,
153 | ZYDIS_REGISTER_YMM18,
154 | ZYDIS_REGISTER_YMM19,
155 | ZYDIS_REGISTER_YMM20,
156 | ZYDIS_REGISTER_YMM21,
157 | ZYDIS_REGISTER_YMM22,
158 | ZYDIS_REGISTER_YMM23,
159 | ZYDIS_REGISTER_YMM24,
160 | ZYDIS_REGISTER_YMM25,
161 | ZYDIS_REGISTER_YMM26,
162 | ZYDIS_REGISTER_YMM27,
163 | ZYDIS_REGISTER_YMM28,
164 | ZYDIS_REGISTER_YMM29,
165 | ZYDIS_REGISTER_YMM30,
166 | ZYDIS_REGISTER_YMM31,
167 | // Floating point vector registers 512-bit
168 | ZYDIS_REGISTER_ZMM0,
169 | ZYDIS_REGISTER_ZMM1,
170 | ZYDIS_REGISTER_ZMM2,
171 | ZYDIS_REGISTER_ZMM3,
172 | ZYDIS_REGISTER_ZMM4,
173 | ZYDIS_REGISTER_ZMM5,
174 | ZYDIS_REGISTER_ZMM6,
175 | ZYDIS_REGISTER_ZMM7,
176 | ZYDIS_REGISTER_ZMM8,
177 | ZYDIS_REGISTER_ZMM9,
178 | ZYDIS_REGISTER_ZMM10,
179 | ZYDIS_REGISTER_ZMM11,
180 | ZYDIS_REGISTER_ZMM12,
181 | ZYDIS_REGISTER_ZMM13,
182 | ZYDIS_REGISTER_ZMM14,
183 | ZYDIS_REGISTER_ZMM15,
184 | ZYDIS_REGISTER_ZMM16,
185 | ZYDIS_REGISTER_ZMM17,
186 | ZYDIS_REGISTER_ZMM18,
187 | ZYDIS_REGISTER_ZMM19,
188 | ZYDIS_REGISTER_ZMM20,
189 | ZYDIS_REGISTER_ZMM21,
190 | ZYDIS_REGISTER_ZMM22,
191 | ZYDIS_REGISTER_ZMM23,
192 | ZYDIS_REGISTER_ZMM24,
193 | ZYDIS_REGISTER_ZMM25,
194 | ZYDIS_REGISTER_ZMM26,
195 | ZYDIS_REGISTER_ZMM27,
196 | ZYDIS_REGISTER_ZMM28,
197 | ZYDIS_REGISTER_ZMM29,
198 | ZYDIS_REGISTER_ZMM30,
199 | ZYDIS_REGISTER_ZMM31,
200 | // Matrix registers
201 | ZYDIS_REGISTER_TMM0,
202 | ZYDIS_REGISTER_TMM1,
203 | ZYDIS_REGISTER_TMM2,
204 | ZYDIS_REGISTER_TMM3,
205 | ZYDIS_REGISTER_TMM4,
206 | ZYDIS_REGISTER_TMM5,
207 | ZYDIS_REGISTER_TMM6,
208 | ZYDIS_REGISTER_TMM7,
209 | // Flags registers
210 | ZYDIS_REGISTER_FLAGS,
211 | ZYDIS_REGISTER_EFLAGS,
212 | ZYDIS_REGISTER_RFLAGS,
213 | // Instruction-pointer registers
214 | ZYDIS_REGISTER_IP,
215 | ZYDIS_REGISTER_EIP,
216 | ZYDIS_REGISTER_RIP,
217 | // Segment registers
218 | ZYDIS_REGISTER_ES,
219 | ZYDIS_REGISTER_CS,
220 | ZYDIS_REGISTER_SS,
221 | ZYDIS_REGISTER_DS,
222 | ZYDIS_REGISTER_FS,
223 | ZYDIS_REGISTER_GS,
224 | // Table registers
225 | ZYDIS_REGISTER_GDTR,
226 | ZYDIS_REGISTER_LDTR,
227 | ZYDIS_REGISTER_IDTR,
228 | ZYDIS_REGISTER_TR,
229 | // Test registers
230 | ZYDIS_REGISTER_TR0,
231 | ZYDIS_REGISTER_TR1,
232 | ZYDIS_REGISTER_TR2,
233 | ZYDIS_REGISTER_TR3,
234 | ZYDIS_REGISTER_TR4,
235 | ZYDIS_REGISTER_TR5,
236 | ZYDIS_REGISTER_TR6,
237 | ZYDIS_REGISTER_TR7,
238 | // Control registers
239 | ZYDIS_REGISTER_CR0,
240 | ZYDIS_REGISTER_CR1,
241 | ZYDIS_REGISTER_CR2,
242 | ZYDIS_REGISTER_CR3,
243 | ZYDIS_REGISTER_CR4,
244 | ZYDIS_REGISTER_CR5,
245 | ZYDIS_REGISTER_CR6,
246 | ZYDIS_REGISTER_CR7,
247 | ZYDIS_REGISTER_CR8,
248 | ZYDIS_REGISTER_CR9,
249 | ZYDIS_REGISTER_CR10,
250 | ZYDIS_REGISTER_CR11,
251 | ZYDIS_REGISTER_CR12,
252 | ZYDIS_REGISTER_CR13,
253 | ZYDIS_REGISTER_CR14,
254 | ZYDIS_REGISTER_CR15,
255 | // Debug registers
256 | ZYDIS_REGISTER_DR0,
257 | ZYDIS_REGISTER_DR1,
258 | ZYDIS_REGISTER_DR2,
259 | ZYDIS_REGISTER_DR3,
260 | ZYDIS_REGISTER_DR4,
261 | ZYDIS_REGISTER_DR5,
262 | ZYDIS_REGISTER_DR6,
263 | ZYDIS_REGISTER_DR7,
264 | ZYDIS_REGISTER_DR8,
265 | ZYDIS_REGISTER_DR9,
266 | ZYDIS_REGISTER_DR10,
267 | ZYDIS_REGISTER_DR11,
268 | ZYDIS_REGISTER_DR12,
269 | ZYDIS_REGISTER_DR13,
270 | ZYDIS_REGISTER_DR14,
271 | ZYDIS_REGISTER_DR15,
272 | // Mask registers
273 | ZYDIS_REGISTER_K0,
274 | ZYDIS_REGISTER_K1,
275 | ZYDIS_REGISTER_K2,
276 | ZYDIS_REGISTER_K3,
277 | ZYDIS_REGISTER_K4,
278 | ZYDIS_REGISTER_K5,
279 | ZYDIS_REGISTER_K6,
280 | ZYDIS_REGISTER_K7,
281 | // Bound registers
282 | ZYDIS_REGISTER_BND0,
283 | ZYDIS_REGISTER_BND1,
284 | ZYDIS_REGISTER_BND2,
285 | ZYDIS_REGISTER_BND3,
286 | ZYDIS_REGISTER_BNDCFG,
287 | ZYDIS_REGISTER_BNDSTATUS,
288 | // Uncategorized
289 | ZYDIS_REGISTER_MXCSR,
290 | ZYDIS_REGISTER_PKRU,
291 | ZYDIS_REGISTER_XCR0,
292 | ZYDIS_REGISTER_UIF,
293 |
294 | /**
295 | * Maximum value of this enum.
296 | */
297 | ZYDIS_REGISTER_MAX_VALUE = ZYDIS_REGISTER_UIF,
298 | /**
299 | * The minimum number of bits required to represent all values of this enum.
300 | */
301 | ZYDIS_REGISTER_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_REGISTER_MAX_VALUE)
302 | } ZydisRegister;
303 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Internal/FormatterATT.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd, Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Implements the `AT&T` style instruction-formatter.
30 | */
31 |
32 | #ifndef ZYDIS_FORMATTER_ATT_H
33 | #define ZYDIS_FORMATTER_ATT_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Formatter functions */
45 | /* ============================================================================================== */
46 |
47 | /* ---------------------------------------------------------------------------------------------- */
48 | /* Instruction */
49 | /* ---------------------------------------------------------------------------------------------- */
50 |
51 | ZyanStatus ZydisFormatterATTFormatInstruction(const ZydisFormatter* formatter,
52 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Operands */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | ZyanStatus ZydisFormatterATTFormatOperandMEM(const ZydisFormatter* formatter,
59 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
60 |
61 | /* ---------------------------------------------------------------------------------------------- */
62 | /* Elemental tokens */
63 | /* ---------------------------------------------------------------------------------------------- */
64 |
65 | ZyanStatus ZydisFormatterATTPrintMnemonic(const ZydisFormatter* formatter,
66 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
67 |
68 | ZyanStatus ZydisFormatterATTPrintRegister(const ZydisFormatter* formatter,
69 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context, ZydisRegister reg);
70 |
71 | ZyanStatus ZydisFormatterATTPrintAddressABS(const ZydisFormatter* formatter,
72 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
73 |
74 | ZyanStatus ZydisFormatterATTPrintDISP(const ZydisFormatter* formatter,
75 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
76 |
77 | ZyanStatus ZydisFormatterATTPrintIMM(const ZydisFormatter* formatter,
78 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
79 |
80 | /* ---------------------------------------------------------------------------------------------- */
81 |
82 | /* ============================================================================================== */
83 | /* Fomatter presets */
84 | /* ============================================================================================== */
85 |
86 | /* ---------------------------------------------------------------------------------------------- */
87 | /* AT&T */
88 | /* ---------------------------------------------------------------------------------------------- */
89 |
90 | /**
91 | * The default formatter configuration for `AT&T` style disassembly.
92 | */
93 | static const ZydisFormatter FORMATTER_ATT =
94 | {
95 | /* style */ ZYDIS_FORMATTER_STYLE_ATT,
96 | /* force_memory_size */ ZYAN_FALSE,
97 | /* force_memory_seg */ ZYAN_FALSE,
98 | /* force_memory_scale */ ZYAN_TRUE,
99 | /* force_relative_branches */ ZYAN_FALSE,
100 | /* force_relative_riprel */ ZYAN_FALSE,
101 | /* print_branch_size */ ZYAN_FALSE,
102 | /* detailed_prefixes */ ZYAN_FALSE,
103 | /* addr_base */ ZYDIS_NUMERIC_BASE_HEX,
104 | /* addr_signedness */ ZYDIS_SIGNEDNESS_SIGNED,
105 | /* addr_padding_absolute */ ZYDIS_PADDING_AUTO,
106 | /* addr_padding_relative */ 2,
107 | /* disp_base */ ZYDIS_NUMERIC_BASE_HEX,
108 | /* disp_signedness */ ZYDIS_SIGNEDNESS_SIGNED,
109 | /* disp_padding */ 2,
110 | /* imm_base */ ZYDIS_NUMERIC_BASE_HEX,
111 | /* imm_signedness */ ZYDIS_SIGNEDNESS_AUTO,
112 | /* imm_padding */ 2,
113 | /* case_prefixes */ ZYDIS_LETTER_CASE_DEFAULT,
114 | /* case_mnemonic */ ZYDIS_LETTER_CASE_DEFAULT,
115 | /* case_registers */ ZYDIS_LETTER_CASE_DEFAULT,
116 | /* case_typecasts */ ZYDIS_LETTER_CASE_DEFAULT,
117 | /* case_decorators */ ZYDIS_LETTER_CASE_DEFAULT,
118 | /* hex_uppercase */ ZYAN_TRUE,
119 | /* number_format */
120 | {
121 | // ZYDIS_NUMERIC_BASE_DEC
122 | {
123 | // Prefix
124 | {
125 | /* string */ ZYAN_NULL,
126 | /* string_data */ ZYAN_DEFINE_STRING_VIEW(""),
127 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
128 | },
129 | // Suffix
130 | {
131 | /* string */ ZYAN_NULL,
132 | /* string_data */ ZYAN_DEFINE_STRING_VIEW(""),
133 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
134 | }
135 | },
136 | // ZYDIS_NUMERIC_BASE_HEX
137 | {
138 | // Prefix
139 | {
140 | /* string */ &FORMATTER_ATT.number_format[
141 | ZYDIS_NUMERIC_BASE_HEX][0].string_data,
142 | /* string_data */ ZYAN_DEFINE_STRING_VIEW("0x"),
143 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
144 | },
145 | // Suffix
146 | {
147 | /* string */ ZYAN_NULL,
148 | /* string_data */ ZYAN_DEFINE_STRING_VIEW(""),
149 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
150 | }
151 | }
152 | },
153 | /* func_pre_instruction */ ZYAN_NULL,
154 | /* func_post_instruction */ ZYAN_NULL,
155 | /* func_format_instruction */ &ZydisFormatterATTFormatInstruction,
156 | /* func_pre_operand */ ZYAN_NULL,
157 | /* func_post_operand */ ZYAN_NULL,
158 | /* func_format_operand_reg */ &ZydisFormatterBaseFormatOperandREG,
159 | /* func_format_operand_mem */ &ZydisFormatterATTFormatOperandMEM,
160 | /* func_format_operand_ptr */ &ZydisFormatterBaseFormatOperandPTR,
161 | /* func_format_operand_imm */ &ZydisFormatterBaseFormatOperandIMM,
162 | /* func_print_mnemonic */ &ZydisFormatterATTPrintMnemonic,
163 | /* func_print_register */ &ZydisFormatterATTPrintRegister,
164 | /* func_print_address_abs */ &ZydisFormatterATTPrintAddressABS,
165 | /* func_print_address_rel */ &ZydisFormatterBasePrintAddressREL,
166 | /* func_print_disp */ &ZydisFormatterATTPrintDISP,
167 | /* func_print_imm */ &ZydisFormatterATTPrintIMM,
168 | /* func_print_typecast */ ZYAN_NULL,
169 | /* func_print_segment */ &ZydisFormatterBasePrintSegment,
170 | /* func_print_prefixes */ &ZydisFormatterBasePrintPrefixes,
171 | /* func_print_decorator */ &ZydisFormatterBasePrintDecorator
172 | };
173 |
174 | /* ---------------------------------------------------------------------------------------------- */
175 |
176 | /* ============================================================================================== */
177 |
178 | #ifdef __cplusplus
179 | }
180 | #endif
181 |
182 | #endif // ZYDIS_FORMATTER_ATT_H
183 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Utils.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Other utility functions.
30 | */
31 |
32 | #ifndef ZYDIS_UTILS_H
33 | #define ZYDIS_UTILS_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Macros */
45 | /* ============================================================================================== */
46 |
47 | /* ---------------------------------------------------------------------------------------------- */
48 | /* Constants */
49 | /* ---------------------------------------------------------------------------------------------- */
50 |
51 | #define ZYDIS_MAX_INSTRUCTION_SEGMENT_COUNT 9
52 |
53 | /* ---------------------------------------------------------------------------------------------- */
54 |
55 | /* ============================================================================================== */
56 | /* Enums and types */
57 | /* ============================================================================================== */
58 |
59 | /**
60 | * Defines the `ZydisInstructionSegment` struct.
61 | */
62 | typedef enum ZydisInstructionSegment_
63 | {
64 | ZYDIS_INSTR_SEGMENT_NONE,
65 | /**
66 | * The legacy prefixes (including ignored `REX` prefixes).
67 | */
68 | ZYDIS_INSTR_SEGMENT_PREFIXES,
69 | /**
70 | * The effective `REX` prefix byte.
71 | */
72 | ZYDIS_INSTR_SEGMENT_REX,
73 | /**
74 | * The `XOP` prefix bytes.
75 | */
76 | ZYDIS_INSTR_SEGMENT_XOP,
77 | /**
78 | * The `VEX` prefix bytes.
79 | */
80 | ZYDIS_INSTR_SEGMENT_VEX,
81 | /**
82 | * The `EVEX` prefix bytes.
83 | */
84 | ZYDIS_INSTR_SEGMENT_EVEX,
85 | /**
86 | * The `MVEX` prefix bytes.
87 | */
88 | ZYDIS_INSTR_SEGMENT_MVEX,
89 | /**
90 | * The opcode bytes.
91 | */
92 | ZYDIS_INSTR_SEGMENT_OPCODE,
93 | /**
94 | * The `ModRM` byte.
95 | */
96 | ZYDIS_INSTR_SEGMENT_MODRM,
97 | /**
98 | * The `SIB` byte.
99 | */
100 | ZYDIS_INSTR_SEGMENT_SIB,
101 | /**
102 | * The displacement bytes.
103 | */
104 | ZYDIS_INSTR_SEGMENT_DISPLACEMENT,
105 | /**
106 | * The immediate bytes.
107 | */
108 | ZYDIS_INSTR_SEGMENT_IMMEDIATE,
109 |
110 | /**
111 | * Maximum value of this enum.
112 | */
113 | ZYDIS_INSTR_SEGMENT_MAX_VALUE = ZYDIS_INSTR_SEGMENT_IMMEDIATE,
114 | /**
115 | * The minimum number of bits required to represent all values of this enum.
116 | */
117 | ZYDIS_INSTR_SEGMENT_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_INSTR_SEGMENT_MAX_VALUE)
118 | } ZydisInstructionSegment;
119 |
120 | /**
121 | * Defines the `ZydisInstructionSegments` struct.
122 | */
123 | typedef struct ZydisInstructionSegments_
124 | {
125 | /**
126 | * The number of logical instruction segments.
127 | */
128 | ZyanU8 count;
129 | struct
130 | {
131 | /**
132 | * The type of the segment.
133 | */
134 | ZydisInstructionSegment type;
135 | /**
136 | * The offset of the segment relative to the start of the instruction (in bytes).
137 | */
138 | ZyanU8 offset;
139 | /**
140 | * The size of the segment, in bytes.
141 | */
142 | ZyanU8 size;
143 | } segments[ZYDIS_MAX_INSTRUCTION_SEGMENT_COUNT];
144 | } ZydisInstructionSegments;
145 |
146 | /* ============================================================================================== */
147 | /* Exported functions */
148 | /* ============================================================================================== */
149 |
150 | /**
151 | * @addtogroup utils Utils
152 | * Miscellaneous utility functions. Address translation and other helpers.
153 | * @{
154 | */
155 |
156 | /* ---------------------------------------------------------------------------------------------- */
157 | /* Address calculation */
158 | /* ---------------------------------------------------------------------------------------------- */
159 |
160 | // TODO: Provide a function that works in minimal-mode and does not require a operand parameter
161 |
162 | /**
163 | * Calculates the absolute address value for the given instruction operand.
164 | *
165 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
166 | * @param operand A pointer to the `ZydisDecodedOperand` struct.
167 | * @param runtime_address The runtime address of the instruction.
168 | * @param result_address A pointer to the memory that receives the absolute address.
169 | *
170 | * @return A zyan status code.
171 | *
172 | * You should use this function in the following cases:
173 | * - `IMM` operands with relative address (e.g. `JMP`, `CALL`, ...)
174 | * - `MEM` operands with `RIP`/`EIP`-relative address (e.g. `MOV RAX, [RIP+0x12345678]`)
175 | * - `MEM` operands with absolute address (e.g. `MOV RAX, [0x12345678]`)
176 | * - The displacement needs to get truncated and zero extended
177 | */
178 | ZYDIS_EXPORT ZyanStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
179 | const ZydisDecodedOperand* operand, ZyanU64 runtime_address, ZyanU64* result_address);
180 |
181 | /**
182 | * Calculates the absolute address value for the given instruction operand.
183 | *
184 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
185 | * @param operand A pointer to the `ZydisDecodedOperand` struct.
186 | * @param runtime_address The runtime address of the instruction.
187 | * @param register_context A pointer to the `ZydisRegisterContext` struct.
188 | * @param result_address A pointer to the memory that receives the absolute target-address.
189 | *
190 | * @return A zyan status code.
191 | *
192 | * This function behaves like `ZydisCalcAbsoluteAddress` but takes an additional register-context
193 | * argument to allow calculation of addresses depending on runtime register values.
194 | *
195 | * Note that `IP/EIP/RIP` from the register-context will be ignored in favor of the passed
196 | * runtime-address.
197 | */
198 | ZYDIS_EXPORT ZyanStatus ZydisCalcAbsoluteAddressEx(const ZydisDecodedInstruction* instruction,
199 | const ZydisDecodedOperand* operand, ZyanU64 runtime_address,
200 | const ZydisRegisterContext* register_context, ZyanU64* result_address);
201 |
202 | /* ---------------------------------------------------------------------------------------------- */
203 | /* Instruction segments */
204 | /* ---------------------------------------------------------------------------------------------- */
205 |
206 | /**
207 | * Returns offsets and sizes of all logical instruction segments (e.g. `OPCODE`,
208 | * `MODRM`, ...).
209 | *
210 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
211 | * @param segments Receives the instruction segments information.
212 | *
213 | * @return A zyan status code.
214 | */
215 | ZYDIS_EXPORT ZyanStatus ZydisGetInstructionSegments(const ZydisDecodedInstruction* instruction,
216 | ZydisInstructionSegments* segments);
217 |
218 | /* ---------------------------------------------------------------------------------------------- */
219 |
220 | /**
221 | * @}
222 | */
223 |
224 | /* ============================================================================================== */
225 |
226 | #ifdef __cplusplus
227 | }
228 | #endif
229 |
230 | #endif /* ZYDIS_UTILS_H */
231 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Decoder.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Functions for decoding instructions.
30 | */
31 |
32 | #ifndef ZYDIS_DECODER_H
33 | #define ZYDIS_DECODER_H
34 |
35 | #include
36 | #include
37 | #include
38 | #include
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Enums and types */
46 | /* ============================================================================================== */
47 |
48 | /* ---------------------------------------------------------------------------------------------- */
49 | /* Decoder mode */
50 | /* ---------------------------------------------------------------------------------------------- */
51 |
52 | /**
53 | * Defines the `ZydisDecoderMode` enum.
54 | */
55 | typedef enum ZydisDecoderMode_
56 | {
57 | /**
58 | * Enables minimal instruction decoding without semantic analysis.
59 | *
60 | * This mode provides access to the mnemonic, the instruction-length, the effective
61 | * operand-size, the effective address-width, some attributes (e.g. `ZYDIS_ATTRIB_IS_RELATIVE`)
62 | * and all of the information in the `raw` field of the `ZydisDecodedInstruction` struct.
63 | *
64 | * Operands, most attributes and other specific information (like `AVX` info) are not
65 | * accessible in this mode.
66 | *
67 | * This mode is NOT enabled by default.
68 | */
69 | ZYDIS_DECODER_MODE_MINIMAL,
70 | /**
71 | * Enables the `AMD`-branch mode.
72 | *
73 | * Intel ignores the operand-size override-prefix (`0x66`) for all branches with 32-bit
74 | * immediates and forces the operand-size of the instruction to 64-bit in 64-bit mode.
75 | * In `AMD`-branch mode `0x66` is not ignored and changes the operand-size and the size of the
76 | * immediate to 16-bit.
77 | *
78 | * This mode is NOT enabled by default.
79 | */
80 | ZYDIS_DECODER_MODE_AMD_BRANCHES,
81 | /**
82 | * Enables `KNC` compatibility-mode.
83 | *
84 | * `KNC` and `KNL+` chips are sharing opcodes and encodings for some mask-related instructions.
85 | * Enable this mode to use the old `KNC` specifications (different mnemonics, operands, ..).
86 | *
87 | * This mode is NOT enabled by default.
88 | */
89 | ZYDIS_DECODER_MODE_KNC,
90 | /**
91 | * Enables the `MPX` mode.
92 | *
93 | * The `MPX` isa-extension reuses (overrides) some of the widenop instruction opcodes.
94 | *
95 | * This mode is enabled by default.
96 | */
97 | ZYDIS_DECODER_MODE_MPX,
98 | /**
99 | * Enables the `CET` mode.
100 | *
101 | * The `CET` isa-extension reuses (overrides) some of the widenop instruction opcodes.
102 | *
103 | * This mode is enabled by default.
104 | */
105 | ZYDIS_DECODER_MODE_CET,
106 | /**
107 | * Enables the `LZCNT` mode.
108 | *
109 | * The `LZCNT` isa-extension reuses (overrides) some of the widenop instruction opcodes.
110 | *
111 | * This mode is enabled by default.
112 | */
113 | ZYDIS_DECODER_MODE_LZCNT,
114 | /**
115 | * Enables the `TZCNT` mode.
116 | *
117 | * The `TZCNT` isa-extension reuses (overrides) some of the widenop instruction opcodes.
118 | *
119 | * This mode is enabled by default.
120 | */
121 | ZYDIS_DECODER_MODE_TZCNT,
122 | /**
123 | * Enables the `WBNOINVD` mode.
124 | *
125 | * The `WBINVD` instruction is interpreted as `WBNOINVD` on ICL chips, if a `F3` prefix is
126 | * used.
127 | *
128 | * This mode is disabled by default.
129 | */
130 | ZYDIS_DECODER_MODE_WBNOINVD,
131 | /**
132 | * Enables the `CLDEMOTE` mode.
133 | *
134 | * The `CLDEMOTE` isa-extension reuses (overrides) some of the widenop instruction opcodes.
135 | *
136 | * This mode is enabled by default.
137 | */
138 | ZYDIS_DECODER_MODE_CLDEMOTE,
139 |
140 | /**
141 | * Maximum value of this enum.
142 | */
143 | ZYDIS_DECODER_MODE_MAX_VALUE = ZYDIS_DECODER_MODE_CLDEMOTE,
144 | /**
145 | * The minimum number of bits required to represent all values of this enum.
146 | */
147 | ZYDIS_DECODER_MODE_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_DECODER_MODE_MAX_VALUE)
148 | } ZydisDecoderMode;
149 |
150 | /* ---------------------------------------------------------------------------------------------- */
151 | /* Decoder struct */
152 | /* ---------------------------------------------------------------------------------------------- */
153 |
154 | /**
155 | * Defines the `ZydisDecoder` struct.
156 | *
157 | * All fields in this struct should be considered as "private". Any changes may lead to unexpected
158 | * behavior.
159 | */
160 | typedef struct ZydisDecoder_
161 | {
162 | /**
163 | * The machine mode.
164 | */
165 | ZydisMachineMode machine_mode;
166 | /**
167 | * The stack width.
168 | */
169 | ZydisStackWidth stack_width;
170 | /**
171 | * The decoder mode array.
172 | */
173 | ZyanBool decoder_mode[ZYDIS_DECODER_MODE_MAX_VALUE + 1];
174 | } ZydisDecoder;
175 |
176 | /* ---------------------------------------------------------------------------------------------- */
177 |
178 | /* ============================================================================================== */
179 | /* Exported functions */
180 | /* ============================================================================================== */
181 |
182 | /**
183 | * @addtogroup decoder Decoder
184 | * Functions allowing decoding of instruction bytes to a machine interpretable struct.
185 | * @{
186 | */
187 |
188 | /**
189 | * Initializes the given `ZydisDecoder` instance.
190 | *
191 | * @param decoder A pointer to the `ZydisDecoder` instance.
192 | * @param machine_mode The machine mode.
193 | * @param stack_width The stack width.
194 | *
195 | * @return A zyan status code.
196 | */
197 | ZYDIS_EXPORT ZyanStatus ZydisDecoderInit(ZydisDecoder* decoder, ZydisMachineMode machine_mode,
198 | ZydisStackWidth stack_width);
199 |
200 | /**
201 | * Enables or disables the specified decoder-mode.
202 | *
203 | * @param decoder A pointer to the `ZydisDecoder` instance.
204 | * @param mode The decoder mode.
205 | * @param enabled `ZYAN_TRUE` to enable, or `ZYAN_FALSE` to disable the specified decoder-mode.
206 | *
207 | * @return A zyan status code.
208 | */
209 | ZYDIS_EXPORT ZyanStatus ZydisDecoderEnableMode(ZydisDecoder* decoder, ZydisDecoderMode mode,
210 | ZyanBool enabled);
211 |
212 | /**
213 | * Decodes the instruction in the given input `buffer`.
214 | *
215 | * @param decoder A pointer to the `ZydisDecoder` instance.
216 | * @param buffer A pointer to the input buffer.
217 | * @param length The length of the input buffer. Note that this can be bigger than the
218 | * actual size of the instruction -- you don't have to know the size up
219 | * front. This length is merely used to prevent Zydis from doing
220 | * out-of-bounds reads on your buffer.
221 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct, that receives the
222 | * details about the decoded instruction.
223 | *
224 | * @return A zyan status code.
225 | */
226 | ZYDIS_EXPORT ZyanStatus ZydisDecoderDecodeBuffer(const ZydisDecoder* decoder,
227 | const void* buffer, ZyanUSize length, ZydisDecodedInstruction* instruction);
228 |
229 | /** @} */
230 |
231 | /* ============================================================================================== */
232 |
233 | #ifdef __cplusplus
234 | }
235 | #endif
236 |
237 | #endif /* ZYDIS_DECODER_H */
238 |
--------------------------------------------------------------------------------
/Zydis/Zycore/API/Thread.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_THREAD_H
33 | #define ZYCORE_THREAD_H
34 |
35 | #ifndef ZYAN_NO_LIBC
36 |
37 | #include
38 | #include
39 | #include
40 |
41 | #ifdef __cplusplus
42 | extern "C" {
43 | #endif
44 |
45 | /* ============================================================================================== */
46 | /* Enums and types */
47 | /* ============================================================================================== */
48 |
49 | #if defined(ZYAN_POSIX)
50 |
51 | #include
52 |
53 | /* ---------------------------------------------------------------------------------------------- */
54 | /* General */
55 | /* ---------------------------------------------------------------------------------------------- */
56 |
57 | /**
58 | * @brief Defines the `ZyanThread` data-type.
59 | */
60 | typedef pthread_t ZyanThread;
61 |
62 | /**
63 | * @brief Defines the `ZyanThreadId` data-type.
64 | */
65 | typedef ZyanU64 ZyanThreadId;
66 |
67 | /* ---------------------------------------------------------------------------------------------- */
68 | /* Thread Local Storage (TLS) */
69 | /* ---------------------------------------------------------------------------------------------- */
70 |
71 | /**
72 | * @brief Defines the `ZyanThreadTlsIndex` data-type.
73 | */
74 | typedef pthread_key_t ZyanThreadTlsIndex;
75 |
76 | /**
77 | * @brief Defines the `ZyanThreadTlsCallback` function prototype.
78 | */
79 | typedef void(*ZyanThreadTlsCallback)(void* data);
80 |
81 | /**
82 | * @brief Declares a Thread Local Storage (TLS) callback function.
83 | *
84 | * @param name The callback function name.
85 | * @param param_type The callback data parameter type.
86 | * @param param_name The callback data parameter name.
87 | */
88 | #define ZYAN_THREAD_DECLARE_TLS_CALLBACK(name, param_type, param_name) \
89 | void name(param_type* param_name)
90 |
91 | /* ---------------------------------------------------------------------------------------------- */
92 |
93 | #elif defined(ZYAN_WINDOWS)
94 |
95 | #include
96 |
97 | /* ---------------------------------------------------------------------------------------------- */
98 | /* General */
99 | /* ---------------------------------------------------------------------------------------------- */
100 |
101 | /**
102 | * @brief Defines the `ZyanThread` data-type.
103 | */
104 | typedef HANDLE ZyanThread;
105 |
106 | /**
107 | * @brief Defines the `ZyanThreadId` data-type.
108 | */
109 | typedef DWORD ZyanThreadId;
110 |
111 | /* ---------------------------------------------------------------------------------------------- */
112 | /* Thread Local Storage (TLS) */
113 | /* ---------------------------------------------------------------------------------------------- */
114 |
115 | /**
116 | * @brief Defines the `ZyanThreadTlsIndex` data-type.
117 | */
118 | typedef DWORD ZyanThreadTlsIndex;
119 |
120 | /**
121 | * @brief Defines the `ZyanThreadTlsCallback` function prototype.
122 | */
123 | typedef PFLS_CALLBACK_FUNCTION ZyanThreadTlsCallback;
124 |
125 | /**
126 | * @brief Declares a Thread Local Storage (TLS) callback function.
127 | *
128 | * @param name The callback function name.
129 | * @param param_type The callback data parameter type.
130 | * @param param_name The callback data parameter name.
131 | */
132 | #define ZYAN_THREAD_DECLARE_TLS_CALLBACK(name, param_type, param_name) \
133 | VOID NTAPI name(param_type* param_name)
134 |
135 | /* ---------------------------------------------------------------------------------------------- */
136 |
137 | #else
138 | # error "Unsupported platform detected"
139 | #endif
140 |
141 | /* ============================================================================================== */
142 | /* Exported functions */
143 | /* ============================================================================================== */
144 |
145 | /* ---------------------------------------------------------------------------------------------- */
146 | /* General */
147 | /* ---------------------------------------------------------------------------------------------- */
148 |
149 | /**
150 | * @brief Returns the handle of the current thread.
151 | *
152 | * @param thread Receives the handle of the current thread.
153 | *
154 | * @return A zyan status code.
155 | */
156 | ZYCORE_EXPORT ZyanStatus ZyanThreadGetCurrentThread(ZyanThread* thread);
157 |
158 | /**
159 | * @brief Returns the unique id of the current thread.
160 | *
161 | * @param thread_id Receives the unique id of the current thread.
162 | *
163 | * @return A zyan status code.
164 | */
165 | ZYCORE_EXPORT ZyanStatus ZyanThreadGetCurrentThreadId(ZyanThreadId* thread_id);
166 |
167 | /* ---------------------------------------------------------------------------------------------- */
168 | /* Thread Local Storage (TLS) */
169 | /* ---------------------------------------------------------------------------------------------- */
170 |
171 | /**
172 | * @brief Allocates a new Thread Local Storage (TLS) slot.
173 | *
174 | * @param index Receives the TLS slot index.
175 | * @param destructor A pointer to a destructor callback which is invoked to finalize the data
176 | * in the TLS slot or `ZYAN_NULL`, if not needed.
177 | *
178 | * The maximum available number of TLS slots is implementation specific and different on each
179 | * platform:
180 | * - Windows
181 | * - A total amount of 128 slots per process are guaranteed
182 | * - POSIX
183 | * - A total amount of 128 slots per process are guaranteed
184 | * - Some systems guarantee larger amounts like e.g. 1024 slots per process
185 | *
186 | * Note that the invocation rules for the destructor callback are implementation specific and
187 | * different on each platform:
188 | * - Windows
189 | * - The callback is invoked when a thread exits
190 | * - The callback is invoked when the process exits
191 | * - The callback is invoked when the TLS slot is released
192 | * - POSIX
193 | * - The callback is invoked when a thread exits and the stored value is not null
194 | * - The callback is NOT invoked when the process exits
195 | * - The callback is NOT invoked when the TLS slot is released
196 | *
197 | * @return A zyan status code.
198 | */
199 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsAlloc(ZyanThreadTlsIndex* index,
200 | ZyanThreadTlsCallback destructor);
201 |
202 | /**
203 | * @brief Releases a Thread Local Storage (TLS) slot.
204 | *
205 | * @param index The TLS slot index.
206 | *
207 | * @return A zyan status code.
208 | */
209 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsFree(ZyanThreadTlsIndex index);
210 |
211 | /**
212 | * @brief Returns the value inside the given Thread Local Storage (TLS) slot for the calling
213 | * thread.
214 | *
215 | * @param index The TLS slot index.
216 | * @param data Receives the value inside the given Thread Local Storage (TLS) slot for the
217 | * calling thread.
218 | *
219 | * @return A zyan status code.
220 | */
221 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsGetValue(ZyanThreadTlsIndex index, void** data);
222 |
223 | /**
224 | * @brief Set the value of the given Thread Local Storage (TLS) slot for the calling thread.
225 | *
226 | * @param index The TLS slot index.
227 | * @param data The value to store inside the given Thread Local Storage (TLS) slot for the
228 | * calling thread
229 | *
230 | * @return A zyan status code.
231 | */
232 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsSetValue(ZyanThreadTlsIndex index, void* data);
233 |
234 | /* ---------------------------------------------------------------------------------------------- */
235 |
236 | /* ============================================================================================== */
237 |
238 | #ifdef __cplusplus
239 | }
240 | #endif
241 |
242 | #endif /* ZYAN_NO_LIBC */
243 |
244 | #endif /* ZYCORE_THREAD_H */
245 |
--------------------------------------------------------------------------------
/Zydis/Zycore/Status.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zyan-C)
4 |
5 | Original Author : Florian Bernd, Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief Status code definitions and check macros.
30 | */
31 |
32 | #ifndef ZYCORE_STATUS_H
33 | #define ZYCORE_STATUS_H
34 |
35 | #ifdef __cplusplus
36 | extern "C" {
37 | #endif
38 |
39 | #include
40 |
41 | /* ============================================================================================== */
42 | /* Enums and types */
43 | /* ============================================================================================== */
44 |
45 | /**
46 | * @brief Defines the `ZyanStatus` data type.
47 | */
48 | typedef ZyanU32 ZyanStatus;
49 |
50 | /* ============================================================================================== */
51 | /* Macros */
52 | /* ============================================================================================== */
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Definition */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | /**
59 | * @brief Defines a zyan status code.
60 | *
61 | * @param error `1`, if the status code signals an error or `0`, if not.
62 | * @param module The module id.
63 | * @param code The actual code.
64 | *
65 | * @return The zyan status code.
66 | */
67 | #define ZYAN_MAKE_STATUS(error, module, code) \
68 | (ZyanStatus)((((error) & 0x01) << 31) | (((module) & 0x7FF) << 20) | ((code) & 0xFFFFF))
69 |
70 | /* ---------------------------------------------------------------------------------------------- */
71 | /* Checks */
72 | /* ---------------------------------------------------------------------------------------------- */
73 |
74 | /**
75 | * @brief Checks if a zyan operation was successful.
76 | *
77 | * @param status The zyan status-code to check.
78 | *
79 | * @return `ZYAN_TRUE`, if the operation succeeded or `ZYAN_FALSE`, if not.
80 | */
81 | #define ZYAN_SUCCESS(status) \
82 | (!((status) & 0x80000000))
83 |
84 | /**
85 | * @brief Checks if a zyan operation failed.
86 | *
87 | * @param status The zyan status-code to check.
88 | *
89 | * @return `ZYAN_TRUE`, if the operation failed or `ZYAN_FALSE`, if not.
90 | */
91 | #define ZYAN_FAILED(status) \
92 | ((status) & 0x80000000)
93 |
94 | /**
95 | * @brief Checks if a zyan operation was successful and returns with the status-code, if not.
96 | *
97 | * @param status The zyan status-code to check.
98 | */
99 | #define ZYAN_CHECK(status) \
100 | do \
101 | { \
102 | const ZyanStatus status_047620348 = (status); \
103 | if (!ZYAN_SUCCESS(status_047620348)) \
104 | { \
105 | return status_047620348; \
106 | } \
107 | } while (0)
108 |
109 | /* ---------------------------------------------------------------------------------------------- */
110 | /* Information */
111 | /* ---------------------------------------------------------------------------------------------- */
112 |
113 | /**
114 | * @brief Returns the module id of a zyan status-code.
115 | *
116 | * @param status The zyan status-code.
117 | *
118 | * @return The module id of the zyan status-code.
119 | */
120 | #define ZYAN_STATUS_MODULE(status) \
121 | (((status) >> 20) & 0x7FF)
122 |
123 | /**
124 | * @brief Returns the code of a zyan status-code.
125 | *
126 | * @param status The zyan status-code.
127 | *
128 | * @return The code of the zyan status-code.
129 | */
130 | #define ZYAN_STATUS_CODE(status) \
131 | ((status) & 0xFFFFF)
132 |
133 | /* ============================================================================================== */
134 | /* Status codes */
135 | /* ============================================================================================== */
136 |
137 | /* ---------------------------------------------------------------------------------------------- */
138 | /* Module IDs */
139 | /* ---------------------------------------------------------------------------------------------- */
140 |
141 | /**
142 | * @brief The zycore generic module id.
143 | */
144 | #define ZYAN_MODULE_ZYCORE 0x001
145 |
146 | /**
147 | * @brief The zycore arg-parse submodule id.
148 | */
149 | #define ZYAN_MODULE_ARGPARSE 0x003
150 |
151 | /**
152 | * @brief The base module id for user-defined status codes.
153 | */
154 | #define ZYAN_MODULE_USER 0x3FF
155 |
156 | /* ---------------------------------------------------------------------------------------------- */
157 | /* Status codes (general purpose) */
158 | /* ---------------------------------------------------------------------------------------------- */
159 |
160 | /**
161 | * @brief The operation completed successfully.
162 | */
163 | #define ZYAN_STATUS_SUCCESS \
164 | ZYAN_MAKE_STATUS(0, ZYAN_MODULE_ZYCORE, 0x00)
165 |
166 | /**
167 | * @brief The operation failed with an generic error.
168 | */
169 | #define ZYAN_STATUS_FAILED \
170 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x01)
171 |
172 | /**
173 | * @brief The operation completed successfully and returned `ZYAN_TRUE`.
174 | */
175 | #define ZYAN_STATUS_TRUE \
176 | ZYAN_MAKE_STATUS(0, ZYAN_MODULE_ZYCORE, 0x02)
177 |
178 | /**
179 | * @brief The operation completed successfully and returned `ZYAN_FALSE`.
180 | */
181 | #define ZYAN_STATUS_FALSE \
182 | ZYAN_MAKE_STATUS(0, ZYAN_MODULE_ZYCORE, 0x03)
183 |
184 | /**
185 | * @brief An invalid argument was passed to a function.
186 | */
187 | #define ZYAN_STATUS_INVALID_ARGUMENT \
188 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x04)
189 |
190 | /**
191 | * @brief An attempt was made to perform an invalid operation.
192 | */
193 | #define ZYAN_STATUS_INVALID_OPERATION \
194 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x05)
195 |
196 | /**
197 | * @brief Insufficient privileges to perform the requested operation.
198 | */
199 | #define ZYAN_STATUS_ACCESS_DENIED \
200 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x06)
201 |
202 | /**
203 | * @brief The requested entity was not found.
204 | */
205 | #define ZYAN_STATUS_NOT_FOUND \
206 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x07)
207 |
208 | /**
209 | * @brief An index passed to a function was out of bounds.
210 | */
211 | #define ZYAN_STATUS_OUT_OF_RANGE \
212 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x08)
213 |
214 | /**
215 | * @brief A buffer passed to a function was too small to complete the requested operation.
216 | */
217 | #define ZYAN_STATUS_INSUFFICIENT_BUFFER_SIZE \
218 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x09)
219 |
220 | /**
221 | * @brief Insufficient memory to perform the operation.
222 | */
223 | #define ZYAN_STATUS_NOT_ENOUGH_MEMORY \
224 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x0A)
225 |
226 | /**
227 | * @brief An unknown error occurred during a system function call.
228 | */
229 | #define ZYAN_STATUS_BAD_SYSTEMCALL \
230 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x0B)
231 |
232 | /**
233 | * @brief The process ran out of resources while performing an operation.
234 | */
235 | #define ZYAN_STATUS_OUT_OF_RESOURCES \
236 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x0C)
237 |
238 | /**
239 | * @brief A dependency library was not found or does have an unexpected version number or
240 | * feature-set.
241 | */
242 | #define ZYAN_STATUS_MISSING_DEPENDENCY \
243 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ZYCORE, 0x0D)
244 |
245 | /* ---------------------------------------------------------------------------------------------- */
246 | /* Status codes (arg parse) */
247 | /* ---------------------------------------------------------------------------------------------- */
248 |
249 | /**
250 | * @brief Argument was not expected.
251 | */
252 | #define ZYAN_STATUS_ARG_NOT_UNDERSTOOD \
253 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ARGPARSE, 0x00)
254 |
255 | /**
256 | * @brief Too few arguments were provided.
257 | */
258 | #define ZYAN_STATUS_TOO_FEW_ARGS \
259 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ARGPARSE, 0x01)
260 |
261 | /**
262 | * @brief Too many arguments were provided.
263 | */
264 | #define ZYAN_STATUS_TOO_MANY_ARGS \
265 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ARGPARSE, 0x02)
266 |
267 | /**
268 | * @brief An argument that expected a value misses its value.
269 | */
270 | #define ZYAN_STATUS_ARG_MISSES_VALUE \
271 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ARGPARSE, 0x03)
272 |
273 | /**
274 | * @brief A required argument is missing.
275 | */
276 | #define ZYAN_STATUS_REQUIRED_ARG_MISSING \
277 | ZYAN_MAKE_STATUS(1, ZYAN_MODULE_ARGPARSE, 0x04)
278 |
279 | /* ---------------------------------------------------------------------------------------------- */
280 |
281 | /* ============================================================================================== */
282 |
283 | #ifdef __cplusplus
284 | }
285 | #endif
286 |
287 | #endif /* ZYCORE_STATUS_H */
288 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Register.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Utility functions and constants for registers.
30 | */
31 |
32 | #ifndef ZYDIS_REGISTER_H
33 | #define ZYDIS_REGISTER_H
34 |
35 | #include
36 | #include
37 | #include
38 | #include
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Enums and types */
46 | /* ============================================================================================== */
47 |
48 | /* ---------------------------------------------------------------------------------------------- */
49 | /* Registers */
50 | /* ---------------------------------------------------------------------------------------------- */
51 |
52 | #include
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Register classes */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | /**
59 | * Defines the `ZydisRegisterClass` enum.
60 | *
61 | * Please note that this enum does not contain a matching entry for all values of the
62 | * `ZydisRegister` enum, but only for those registers where it makes sense to logically group them
63 | * for decoding/encoding purposes.
64 | *
65 | * These are mainly the registers that can be identified by an id within their corresponding
66 | * register-class. The `IP` and `FLAGS` values are exceptions to this rule.
67 | */
68 | typedef enum ZydisRegisterClass_
69 | {
70 | ZYDIS_REGCLASS_INVALID,
71 | /**
72 | * 8-bit general-purpose registers.
73 | */
74 | ZYDIS_REGCLASS_GPR8,
75 | /**
76 | * 16-bit general-purpose registers.
77 | */
78 | ZYDIS_REGCLASS_GPR16,
79 | /**
80 | * 32-bit general-purpose registers.
81 | */
82 | ZYDIS_REGCLASS_GPR32,
83 | /**
84 | * 64-bit general-purpose registers.
85 | */
86 | ZYDIS_REGCLASS_GPR64,
87 | /**
88 | * Floating point legacy registers.
89 | */
90 | ZYDIS_REGCLASS_X87,
91 | /**
92 | * Floating point multimedia registers.
93 | */
94 | ZYDIS_REGCLASS_MMX,
95 | /**
96 | * 128-bit vector registers.
97 | */
98 | ZYDIS_REGCLASS_XMM,
99 | /**
100 | * 256-bit vector registers.
101 | */
102 | ZYDIS_REGCLASS_YMM,
103 | /**
104 | * 512-bit vector registers.
105 | */
106 | ZYDIS_REGCLASS_ZMM,
107 | /**
108 | * Matrix registers.
109 | */
110 | ZYDIS_REGCLASS_TMM,
111 | /*
112 | * Flags registers.
113 | */
114 | ZYDIS_REGCLASS_FLAGS,
115 | /**
116 | * Instruction-pointer registers.
117 | */
118 | ZYDIS_REGCLASS_IP,
119 | /**
120 | * Segment registers.
121 | */
122 | ZYDIS_REGCLASS_SEGMENT,
123 | /**
124 | * Test registers.
125 | */
126 | ZYDIS_REGCLASS_TEST,
127 | /**
128 | * Control registers.
129 | */
130 | ZYDIS_REGCLASS_CONTROL,
131 | /**
132 | * Debug registers.
133 | */
134 | ZYDIS_REGCLASS_DEBUG,
135 | /**
136 | * Mask registers.
137 | */
138 | ZYDIS_REGCLASS_MASK,
139 | /**
140 | * Bound registers.
141 | */
142 | ZYDIS_REGCLASS_BOUND,
143 |
144 | /**
145 | * Maximum value of this enum.
146 | */
147 | ZYDIS_REGCLASS_MAX_VALUE = ZYDIS_REGCLASS_BOUND,
148 | /**
149 | * The minimum number of bits required to represent all values of this enum.
150 | */
151 | ZYDIS_REGCLASS_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_REGCLASS_MAX_VALUE)
152 | } ZydisRegisterClass;
153 |
154 | /* ---------------------------------------------------------------------------------------------- */
155 | /* Register width */
156 | /* ---------------------------------------------------------------------------------------------- */
157 |
158 | /**
159 | * Defines the `ZydisRegisterWidth` data-type.
160 | */
161 | typedef ZyanU16 ZydisRegisterWidth;
162 |
163 | /* ---------------------------------------------------------------------------------------------- */
164 | /* Register context */
165 | /* ---------------------------------------------------------------------------------------------- */
166 |
167 | /**
168 | * Defines the `ZydisRegisterContext` struct.
169 | */
170 | typedef struct ZydisRegisterContext_
171 | {
172 | /**
173 | * The values stored in the register context.
174 | */
175 | ZyanU64 values[ZYDIS_REGISTER_MAX_VALUE + 1];
176 | } ZydisRegisterContext;
177 |
178 | /* ---------------------------------------------------------------------------------------------- */
179 |
180 | /* ============================================================================================== */
181 | /* Exported functions */
182 | /* ============================================================================================== */
183 |
184 | /**
185 | * @addtogroup register Register
186 | * Functions allowing retrieval of information about registers.
187 | * @{
188 | */
189 |
190 | /* ---------------------------------------------------------------------------------------------- */
191 | /* Register */
192 | /* ---------------------------------------------------------------------------------------------- */
193 |
194 | /**
195 | * Returns the register specified by the `register_class` and `id` tuple.
196 | *
197 | * @param register_class The register class.
198 | * @param id The register id.
199 | *
200 | * @return The register specified by the `register_class` and `id` tuple or `ZYDIS_REGISTER_NONE`,
201 | * if an invalid parameter was passed.
202 | */
203 | ZYDIS_EXPORT ZydisRegister ZydisRegisterEncode(ZydisRegisterClass register_class, ZyanU8 id);
204 |
205 | /**
206 | * Returns the id of the specified register.
207 | *
208 | * @param reg The register.
209 | *
210 | * @return The id of the specified register, or -1 if an invalid parameter was passed.
211 | */
212 | ZYDIS_EXPORT ZyanI8 ZydisRegisterGetId(ZydisRegister reg);
213 |
214 | /**
215 | * Returns the register-class of the specified register.
216 | *
217 | * @param reg The register.
218 | *
219 | * @return The register-class of the specified register.
220 | */
221 | ZYDIS_EXPORT ZydisRegisterClass ZydisRegisterGetClass(ZydisRegister reg);
222 |
223 | /**
224 | * Returns the width of the specified register.
225 | *
226 | * @param mode The active machine mode.
227 | * @param reg The register.
228 | *
229 | * @return The width of the specified register, or `ZYDIS_REGISTER_NONE` if the register is
230 | * invalid for the active machine-mode.
231 | */
232 | ZYDIS_EXPORT ZydisRegisterWidth ZydisRegisterGetWidth(ZydisMachineMode mode, ZydisRegister reg);
233 |
234 | /**
235 | * Returns the largest enclosing register of the given register.
236 | *
237 | * @param mode The active machine mode.
238 | * @param reg The register.
239 | *
240 | * @return The largest enclosing register of the given register, or `ZYDIS_REGISTER_NONE` if the
241 | * register is invalid for the active machine-mode or does not have an enclosing-register.
242 | */
243 | ZYDIS_EXPORT ZydisRegister ZydisRegisterGetLargestEnclosing(ZydisMachineMode mode,
244 | ZydisRegister reg);
245 |
246 | /**
247 | * Returns the specified register string.
248 | *
249 | * @param reg The register.
250 | *
251 | * @return The register string or `ZYAN_NULL`, if an invalid register was passed.
252 | */
253 | ZYDIS_EXPORT const char* ZydisRegisterGetString(ZydisRegister reg);
254 |
255 | /**
256 | * Returns the specified register string as `ZydisShortString`.
257 | *
258 | * @param reg The register.
259 | *
260 | * @return The register string or `ZYAN_NULL`, if an invalid register was passed.
261 | *
262 | * The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case.
263 | */
264 | ZYDIS_EXPORT const ZydisShortString* ZydisRegisterGetStringWrapped(ZydisRegister reg);
265 |
266 | /* ---------------------------------------------------------------------------------------------- */
267 | /* Register class */
268 | /* ---------------------------------------------------------------------------------------------- */
269 |
270 | /**
271 | * Returns the width of the specified register-class.
272 | *
273 | * @param mode The active machine mode.
274 | * @param register_class The register class.
275 | *
276 | * @return The width of the specified register.
277 | */
278 | ZYDIS_EXPORT ZydisRegisterWidth ZydisRegisterClassGetWidth(ZydisMachineMode mode,
279 | ZydisRegisterClass register_class);
280 |
281 | /* ---------------------------------------------------------------------------------------------- */
282 |
283 | /**
284 | * @}
285 | */
286 |
287 | /* ============================================================================================== */
288 |
289 | #ifdef __cplusplus
290 | }
291 | #endif
292 |
293 | #endif /* ZYDIS_REGISTER_H */
294 |
--------------------------------------------------------------------------------
/Inline-PatchFinder/Inline-PatchFinder.cpp:
--------------------------------------------------------------------------------
1 | #include "Miscellaneous/Dependancies.h"
2 |
3 | int main()
4 | {
5 | LOG("[+] Please enter the process ID of the desired process: ");
6 | int m_nProcessID = 0;
7 | std::cin >> m_nProcessID;
8 |
9 | LOG("\n\n");
10 |
11 | if (!g_Utilities.SetupDesiredProcess(m_nProcessID))
12 | {
13 | LOG("[-] Couldn't find desired process...\n");
14 | PAUSE_SYSTEM_CMD(true);
15 | }
16 |
17 | if (!g_Utilities.EnumerateModulesInProcess())
18 | {
19 | LOG("[-] Failed to enumerate modules in process...\n");
20 | PAUSE_SYSTEM_CMD(true);
21 | }
22 |
23 | for (auto& ModuleList : g_Utilities.m_OutModules)
24 | {
25 | BYTE m_ModulePEHeaders[0x10000];
26 | BOOL m_bRPMResult = ReadProcessMemory(g_Utilities.TargetProcess,
27 | reinterpret_cast(ModuleList.m_ModuleBaseAddress),
28 | &m_ModulePEHeaders,
29 | sizeof(m_ModulePEHeaders),
30 | NULL);
31 |
32 | if (!m_bRPMResult)
33 | continue;
34 |
35 | PIMAGE_DOS_HEADER m_pImageDOSHeaders = reinterpret_cast(m_ModulePEHeaders);
36 | if (m_pImageDOSHeaders->e_magic != IMAGE_DOS_SIGNATURE)
37 | {
38 | LOG("[-] Couldn't find IMAGE_DOS_SIGNATURE for module %s...\n", ModuleList.m_szModuleName.c_str());
39 | continue;
40 | }
41 |
42 | const PIMAGE_NT_HEADERS m_pImageNTHeaders = reinterpret_cast(reinterpret_cast(m_ModulePEHeaders) + m_pImageDOSHeaders->e_lfanew);
43 |
44 | if (m_pImageNTHeaders->Signature != IMAGE_NT_SIGNATURE)
45 | {
46 | LOG("[-] Couldn't find IMAGE_NT_SIGNATURE for module %s...\n", ModuleList.m_szModuleName.c_str());
47 | continue;
48 | }
49 |
50 | DWORD m_dSavedExportVirtualAddress = m_pImageNTHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
51 | DWORD m_dSavedExportSize = m_pImageNTHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].Size;
52 |
53 | if (!m_dSavedExportVirtualAddress || !m_dSavedExportSize)
54 | {
55 | LOG("[-] Couldn't find export table of module %s...\n", ModuleList.m_szModuleName.c_str());
56 | continue;
57 | }
58 |
59 | PIMAGE_SECTION_HEADER m_pImageSectionHeader = IMAGE_FIRST_SECTION(m_pImageNTHeaders);
60 |
61 | DWORD m_dStartAddressOfSection = NULL;
62 | DWORD m_dSizeOfSection = NULL;
63 |
64 | // Save off our start address and size of .text section, so we can detect OOB exports later.
65 | for (UINT i = 0; i != m_pImageNTHeaders->FileHeader.NumberOfSections; ++i, ++m_pImageSectionHeader) {
66 | if (!strstr((char*)m_pImageSectionHeader->Name, ".text"))
67 | continue;
68 |
69 | m_dStartAddressOfSection = m_pImageSectionHeader->VirtualAddress;
70 | m_dSizeOfSection = m_pImageSectionHeader->Misc.VirtualSize;
71 | }
72 |
73 | IMAGE_EXPORT_DIRECTORY m_pImageExportDirectory = { 0 };
74 | m_bRPMResult = ReadProcessMemory(g_Utilities.TargetProcess,
75 | reinterpret_cast(ModuleList.m_ModuleBaseAddress + m_dSavedExportVirtualAddress),
76 | &m_pImageExportDirectory,
77 | m_dSavedExportSize,
78 | NULL);
79 |
80 | if (!m_bRPMResult)
81 | continue;
82 |
83 | const auto m_CurrentModuleData = std::make_unique(ModuleList.m_ModuleSize);
84 | m_bRPMResult = ReadProcessMemory(g_Utilities.TargetProcess,
85 | reinterpret_cast(ModuleList.m_ModuleBaseAddress),
86 | m_CurrentModuleData.get(),
87 | ModuleList.m_ModuleSize,
88 | NULL);
89 |
90 | if (!m_bRPMResult)
91 | continue;
92 |
93 | const uint8_t *m_WholeModuleBuffer = m_CurrentModuleData.get();
94 |
95 | // Read the file
96 | const HANDLE m_hFile = CreateFileA(ModuleList.m_szModulePath.c_str(), GENERIC_READ, FILE_SHARE_READ, nullptr, OPEN_EXISTING, 0, nullptr);
97 | if (!m_hFile || m_hFile == INVALID_HANDLE_VALUE)
98 | {
99 | LOG("[-] CreateFile failed with error code #%i...\n", GetLastError());
100 | continue;
101 | }
102 |
103 | // Map the file
104 | const HANDLE m_hMappedFile = CreateFileMappingA(m_hFile, nullptr, PAGE_READONLY | SEC_IMAGE, 0, 0, nullptr);
105 | if (!m_hMappedFile || m_hMappedFile == INVALID_HANDLE_VALUE)
106 | {
107 | CloseHandle(m_hFile);
108 | LOG("[-] CreateFileMapping failed with error code #%i...\n", GetLastError());
109 | continue;
110 | }
111 |
112 | // Map the sections appropriately
113 | ZyanU8* m_FileMap = reinterpret_cast(MapViewOfFile(m_hMappedFile, FILE_MAP_READ, 0, 0, 0));
114 | if (!m_FileMap)
115 | {
116 | CloseHandle(m_hFile);
117 | CloseHandle(m_hMappedFile);
118 | LOG("[-] MapViewOfFile failed with error code #%i...\n", GetLastError());
119 | continue;
120 | }
121 |
122 | WORD* m_pOrdinalAddress = reinterpret_cast(m_pImageExportDirectory.AddressOfNameOrdinals + reinterpret_cast(&m_pImageExportDirectory) - m_dSavedExportVirtualAddress);
123 | DWORD* m_pNamesAddress = reinterpret_cast(m_pImageExportDirectory.AddressOfNames + reinterpret_cast(&m_pImageExportDirectory) - m_dSavedExportVirtualAddress);
124 | DWORD* m_pFunctionAddress = reinterpret_cast(m_pImageExportDirectory.AddressOfFunctions + reinterpret_cast(&m_pImageExportDirectory) - m_dSavedExportVirtualAddress);
125 |
126 | // Traverse through all export functions, getting all function's addresses.
127 | for (int i = 0; i < m_pImageExportDirectory.NumberOfNames; ++i)
128 | {
129 | const WORD m_OrdinalNr = m_pOrdinalAddress[i];
130 | if (m_OrdinalNr < 0 || m_OrdinalNr > m_pImageExportDirectory.NumberOfNames)
131 | continue;
132 |
133 | // I don't yet understand how this is even possible to have exports leading outside of module bounds...
134 | // But it fucking happens, and not too infrequently either.
135 | const DWORD m_AddressFromBaseAddress = m_pFunctionAddress[m_OrdinalNr];
136 | if (m_AddressFromBaseAddress >= ModuleList.m_ModuleSize)
137 | {
138 | // Too far ahead, this will cause us OOB crashes. Let's get out of here.
139 | continue;
140 | }
141 |
142 | // This fucking shitter isn't part of the .text section, GET EM OUTTA HERE.
143 | if (m_AddressFromBaseAddress < m_dStartAddressOfSection ||
144 | m_AddressFromBaseAddress > m_dStartAddressOfSection + m_dSizeOfSection)
145 | {
146 | continue;
147 | }
148 |
149 |
150 | bool bIsDifferent = false;
151 | for (int x = 0; x < 15 && !bIsDifferent; ++x)
152 | bIsDifferent = m_FileMap[m_AddressFromBaseAddress + x] != m_WholeModuleBuffer[m_AddressFromBaseAddress + x];
153 |
154 |
155 | // Print and cache differences.
156 | if (bIsDifferent)
157 | {
158 | char* m_szExportName = reinterpret_cast(m_pNamesAddress[i] + reinterpret_cast(&m_pImageExportDirectory) - m_dSavedExportVirtualAddress);
159 |
160 | std::string m_szExportNameStr(m_szExportName);
161 |
162 | if (m_szExportNameStr.empty() || g_Utilities.HasSpecialCharacters(m_szExportNameStr.c_str()))
163 | {
164 | // Something is very very wrong, I've only seen this for a few modules.
165 | continue;
166 | }
167 |
168 | LOG("[+] Found difference at %s!%s addr:0x%X\n",
169 | ModuleList.m_szModuleName.c_str(),
170 | m_szExportNameStr.c_str(),
171 | m_AddressFromBaseAddress);
172 |
173 | LOG("[+] Original Buffer: ");
174 | for (int x = 0; x < 15; ++x) {
175 | LOG("%02X ", m_FileMap[m_AddressFromBaseAddress + x]);
176 | } LOG("\n\n");
177 |
178 | LOG("=============================================\n\n");
179 |
180 | LOG("[+] Modified Buffer: ");
181 | for (int x = 0; x < 15; ++x) {
182 | LOG("%02X ", m_WholeModuleBuffer[m_AddressFromBaseAddress + x]);
183 | } LOG("\n\n");
184 |
185 |
186 | // Initialize decoder context
187 | ZydisDecoder decoder;
188 | #if defined (_WIN64)
189 | ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_64, ZydisStackWidth::ZYDIS_STACK_WIDTH_64);
190 | #else
191 | ZydisDecoderInit(&decoder, ZYDIS_MACHINE_MODE_LONG_COMPAT_32, ZydisStackWidth::ZYDIS_STACK_WIDTH_32);
192 | #endif
193 |
194 | // Initialize formatter. Only required when you actually plan to do instruction
195 | // formatting ("disassembling"), like we do here
196 | ZydisFormatter formatter;
197 | ZydisFormatterInit(&formatter, ZYDIS_FORMATTER_STYLE_INTEL);
198 |
199 | // Loop over the instructions in our buffer.
200 | // The runtime-address (instruction pointer) is chosen arbitrary here in order to better
201 | // visualize relative addressing
202 | ZyanU64 runtime_address = m_AddressFromBaseAddress;
203 | ZyanUSize offset = 0;
204 | const ZyanUSize length = 15;
205 | ZydisDecodedInstruction instruction;
206 | while (ZYAN_SUCCESS(ZydisDecoderDecodeBuffer(&decoder, m_WholeModuleBuffer + m_AddressFromBaseAddress + offset, length - offset, &instruction)))
207 | {
208 | // Print current instruction pointer.
209 | LOG("%010" "llx" " ", runtime_address);
210 |
211 | // Format & print the binary instruction structure to human readable format
212 | char buffer[256];
213 | ZydisFormatterFormatInstruction(&formatter, &instruction, buffer, sizeof(buffer), runtime_address);
214 |
215 | LOG("%s\n", buffer);
216 |
217 | offset += instruction.length;
218 | runtime_address += instruction.length;
219 | } LOG("\n");
220 | }
221 | }
222 |
223 | UnmapViewOfFile(m_FileMap);
224 | CloseHandle(m_hFile);
225 | CloseHandle(m_hMappedFile);
226 | }
227 |
228 | // Cleanup, and finish off.
229 | {
230 | CloseHandle(g_Utilities.TargetProcess);
231 | }
232 |
233 | PAUSE_SYSTEM_CMD(true);
234 | }
235 |
--------------------------------------------------------------------------------
/Zydis/Zydis/Internal/DecoderData.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | #ifndef ZYDIS_INTERNAL_DECODERDATA_H
28 | #define ZYDIS_INTERNAL_DECODERDATA_H
29 |
30 | #include
31 | #include
32 |
33 | #ifdef __cplusplus
34 | extern "C" {
35 | #endif
36 |
37 | /* ============================================================================================== */
38 | /* Enums and types */
39 | /* ============================================================================================== */
40 |
41 | // MSVC does not like types other than (un-)signed int for bit-fields
42 | #ifdef ZYAN_MSVC
43 | # pragma warning(push)
44 | # pragma warning(disable:4214)
45 | #endif
46 |
47 | #pragma pack(push, 1)
48 |
49 | /* ---------------------------------------------------------------------------------------------- */
50 | /* Decoder tree */
51 | /* ---------------------------------------------------------------------------------------------- */
52 |
53 | /**
54 | * Defines the `ZydisDecoderTreeNodeType` data-type.
55 | */
56 | typedef ZyanU8 ZydisDecoderTreeNodeType;
57 |
58 | /**
59 | * Values that represent zydis decoder tree node types.
60 | */
61 | enum ZydisDecoderTreeNodeTypes
62 | {
63 | ZYDIS_NODETYPE_INVALID = 0x00,
64 | /**
65 | * Reference to an instruction-definition.
66 | */
67 | ZYDIS_NODETYPE_DEFINITION_MASK = 0x80,
68 | /**
69 | * Reference to an XOP-map filter.
70 | */
71 | ZYDIS_NODETYPE_FILTER_XOP = 0x01,
72 | /**
73 | * Reference to an VEX-map filter.
74 | */
75 | ZYDIS_NODETYPE_FILTER_VEX = 0x02,
76 | /**
77 | * Reference to an EVEX/MVEX-map filter.
78 | */
79 | ZYDIS_NODETYPE_FILTER_EMVEX = 0x03,
80 | /**
81 | * Reference to an opcode filter.
82 | */
83 | ZYDIS_NODETYPE_FILTER_OPCODE = 0x04,
84 | /**
85 | * Reference to an instruction-mode filter.
86 | */
87 | ZYDIS_NODETYPE_FILTER_MODE = 0x05,
88 | /**
89 | * Reference to an compacted instruction-mode filter.
90 | */
91 | ZYDIS_NODETYPE_FILTER_MODE_COMPACT = 0x06,
92 | /**
93 | * Reference to a ModRM.mod filter.
94 | */
95 | ZYDIS_NODETYPE_FILTER_MODRM_MOD = 0x07,
96 | /**
97 | * Reference to a compacted ModRM.mod filter.
98 | */
99 | ZYDIS_NODETYPE_FILTER_MODRM_MOD_COMPACT = 0x08,
100 | /**
101 | * Reference to a ModRM.reg filter.
102 | */
103 | ZYDIS_NODETYPE_FILTER_MODRM_REG = 0x09,
104 | /**
105 | * Reference to a ModRM.rm filter.
106 | */
107 | ZYDIS_NODETYPE_FILTER_MODRM_RM = 0x0A,
108 | /**
109 | * Reference to a PrefixGroup1 filter.
110 | */
111 | ZYDIS_NODETYPE_FILTER_PREFIX_GROUP1 = 0x0B,
112 | /**
113 | * Reference to a mandatory-prefix filter.
114 | */
115 | ZYDIS_NODETYPE_FILTER_MANDATORY_PREFIX = 0x0C,
116 | /**
117 | * Reference to an operand-size filter.
118 | */
119 | ZYDIS_NODETYPE_FILTER_OPERAND_SIZE = 0x0D,
120 | /**
121 | * Reference to an address-size filter.
122 | */
123 | ZYDIS_NODETYPE_FILTER_ADDRESS_SIZE = 0x0E,
124 | /**
125 | * Reference to a vector-length filter.
126 | */
127 | ZYDIS_NODETYPE_FILTER_VECTOR_LENGTH = 0x0F,
128 | /**
129 | * Reference to an REX/VEX/EVEX.W filter.
130 | */
131 | ZYDIS_NODETYPE_FILTER_REX_W = 0x10,
132 | /**
133 | * Reference to an REX/VEX/EVEX.B filter.
134 | */
135 | ZYDIS_NODETYPE_FILTER_REX_B = 0x11,
136 | /**
137 | * Reference to an EVEX.b filter.
138 | */
139 | ZYDIS_NODETYPE_FILTER_EVEX_B = 0x12,
140 | /**
141 | * Reference to an MVEX.E filter.
142 | */
143 | ZYDIS_NODETYPE_FILTER_MVEX_E = 0x13,
144 | /**
145 | * Reference to a AMD-mode filter.
146 | */
147 | ZYDIS_NODETYPE_FILTER_MODE_AMD = 0x14,
148 | /**
149 | * Reference to a KNC-mode filter.
150 | */
151 | ZYDIS_NODETYPE_FILTER_MODE_KNC = 0x15,
152 | /**
153 | * Reference to a MPX-mode filter.
154 | */
155 | ZYDIS_NODETYPE_FILTER_MODE_MPX = 0x16,
156 | /**
157 | * Reference to a CET-mode filter.
158 | */
159 | ZYDIS_NODETYPE_FILTER_MODE_CET = 0x17,
160 | /**
161 | * Reference to a LZCNT-mode filter.
162 | */
163 | ZYDIS_NODETYPE_FILTER_MODE_LZCNT = 0x18,
164 | /**
165 | * Reference to a TZCNT-mode filter.
166 | */
167 | ZYDIS_NODETYPE_FILTER_MODE_TZCNT = 0x19,
168 | /**
169 | * Reference to a WBNOINVD-mode filter.
170 | */
171 | ZYDIS_NODETYPE_FILTER_MODE_WBNOINVD = 0x1A,
172 | /**
173 | * Reference to a CLDEMOTE-mode filter.
174 | */
175 | ZYDIS_NODETYPE_FILTER_MODE_CLDEMOTE = 0x1B
176 | };
177 |
178 | /* ---------------------------------------------------------------------------------------------- */
179 |
180 | /**
181 | * Defines the `ZydisDecoderTreeNodeValue` data-type.
182 | */
183 | typedef ZyanU16 ZydisDecoderTreeNodeValue;
184 |
185 | /* ---------------------------------------------------------------------------------------------- */
186 |
187 | /**
188 | * Defines the `ZydisDecoderTreeNode` struct.
189 | */
190 | typedef struct ZydisDecoderTreeNode_
191 | {
192 | ZydisDecoderTreeNodeType type;
193 | ZydisDecoderTreeNodeValue value;
194 | } ZydisDecoderTreeNode;
195 |
196 | /* ---------------------------------------------------------------------------------------------- */
197 |
198 | #pragma pack(pop)
199 |
200 | #ifdef ZYAN_MSVC
201 | # pragma warning(pop)
202 | #endif
203 |
204 | /* ---------------------------------------------------------------------------------------------- */
205 | /* Physical instruction encoding info */
206 | /* ---------------------------------------------------------------------------------------------- */
207 |
208 | /**
209 | * Defines the `ZydisInstructionEncodingFlags` data-type.
210 | */
211 | typedef ZyanU8 ZydisInstructionEncodingFlags;
212 |
213 | /**
214 | * The instruction has an optional modrm byte.
215 | */
216 | #define ZYDIS_INSTR_ENC_FLAG_HAS_MODRM 0x01
217 |
218 | /**
219 | * The instruction has an optional displacement value.
220 | */
221 | #define ZYDIS_INSTR_ENC_FLAG_HAS_DISP 0x02
222 |
223 | /**
224 | * The instruction has an optional immediate value.
225 | */
226 | #define ZYDIS_INSTR_ENC_FLAG_HAS_IMM0 0x04
227 |
228 | /**
229 | * The instruction has a second optional immediate value.
230 | */
231 | #define ZYDIS_INSTR_ENC_FLAG_HAS_IMM1 0x08
232 |
233 | /**
234 | * The instruction ignores the value of `modrm.mod` and always assumes `modrm.mod == 3`
235 | * ("reg, reg" - form).
236 | *
237 | * Instructions with this flag can't have a SIB byte or a displacement value.
238 | */
239 | #define ZYDIS_INSTR_ENC_FLAG_FORCE_REG_FORM 0x10
240 |
241 | /**
242 | * Defines the `ZydisInstructionEncodingInfo` struct.
243 | */
244 | typedef struct ZydisInstructionEncodingInfo_
245 | {
246 | /**
247 | * Contains flags with information about the physical instruction-encoding.
248 | */
249 | ZydisInstructionEncodingFlags flags;
250 | /**
251 | * Displacement info.
252 | */
253 | struct
254 | {
255 | /**
256 | * The size of the displacement value.
257 | */
258 | ZyanU8 size[3];
259 | } disp;
260 | /**
261 | * Immediate info.
262 | */
263 | struct
264 | {
265 | /**
266 | * The size of the immediate value.
267 | */
268 | ZyanU8 size[3];
269 | /**
270 | * Signals, if the value is signed.
271 | */
272 | ZyanBool is_signed;
273 | /**
274 | * Signals, if the value is a relative offset.
275 | */
276 | ZyanBool is_relative;
277 | } imm[2];
278 | } ZydisInstructionEncodingInfo;
279 |
280 | /* ---------------------------------------------------------------------------------------------- */
281 |
282 | /* ============================================================================================== */
283 | /* Functions */
284 | /* ============================================================================================== */
285 |
286 | /* ---------------------------------------------------------------------------------------------- */
287 | /* Decoder tree */
288 | /* ---------------------------------------------------------------------------------------------- */
289 |
290 | extern const ZydisDecoderTreeNode zydis_decoder_tree_root;
291 |
292 | /**
293 | * Returns the root node of the instruction tree.
294 | *
295 | * @return The root node of the instruction tree.
296 | */
297 | ZYAN_INLINE const ZydisDecoderTreeNode* ZydisDecoderTreeGetRootNode(void)
298 | {
299 | return &zydis_decoder_tree_root;
300 | }
301 |
302 | /**
303 | * Returns the child node of `parent` specified by `index`.
304 | *
305 | * @param parent The parent node.
306 | * @param index The index of the child node to retrieve.
307 | *
308 | * @return The specified child node.
309 | */
310 | ZYDIS_NO_EXPORT const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode(
311 | const ZydisDecoderTreeNode* parent, ZyanU16 index);
312 |
313 | /**
314 | * Returns information about optional instruction parts (like modrm, displacement or
315 | * immediates) for the instruction that is linked to the given `node`.
316 | *
317 | * @param node The instruction definition node.
318 | * @param info A pointer to the `ZydisInstructionParts` struct.
319 | */
320 | ZYDIS_NO_EXPORT void ZydisGetInstructionEncodingInfo(const ZydisDecoderTreeNode* node,
321 | const ZydisInstructionEncodingInfo** info);
322 |
323 | /* ---------------------------------------------------------------------------------------------- */
324 |
325 | /* ============================================================================================== */
326 |
327 | #ifdef __cplusplus
328 | }
329 | #endif
330 |
331 | #endif /* ZYDIS_INTERNAL_DECODERDATA_H */
332 |
--------------------------------------------------------------------------------
/Zydis/Zydis/FormatterBuffer.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Implements the `ZydisFormatterToken` type and provides functions to use it.
30 | */
31 |
32 | #ifndef ZYDIS_FORMATTER_TOKEN_H
33 | #define ZYDIS_FORMATTER_TOKEN_H
34 |
35 | #include
36 | #include
37 | #include
38 | #include
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Constants */
46 | /* ============================================================================================== */
47 |
48 | /* ---------------------------------------------------------------------------------------------- */
49 | /* Token types */
50 | /* ---------------------------------------------------------------------------------------------- */
51 |
52 | /**
53 | * @biref Defines the `ZydisTokenType` data-type.
54 | */
55 | typedef ZyanU8 ZydisTokenType;
56 |
57 | #define ZYDIS_TOKEN_INVALID 0x00
58 | /**
59 | * A whitespace character.
60 | */
61 | #define ZYDIS_TOKEN_WHITESPACE 0x01
62 | /**
63 | * A delimiter character (like `','`, `':'`, `'+'`, `'-'`, `'*'`).
64 | */
65 | #define ZYDIS_TOKEN_DELIMITER 0x02
66 | /**
67 | * An opening parenthesis character (like `'('`, `'['`, `'{'`).
68 | */
69 | #define ZYDIS_TOKEN_PARENTHESIS_OPEN 0x03
70 | /**
71 | * A closing parenthesis character (like `')'`, `']'`, `'}'`).
72 | */
73 | #define ZYDIS_TOKEN_PARENTHESIS_CLOSE 0x04
74 | /**
75 | * A prefix literal (like `"LOCK"`, `"REP"`).
76 | */
77 | #define ZYDIS_TOKEN_PREFIX 0x05
78 | /**
79 | * A mnemonic literal (like `"MOV"`, `"VCMPPSD"`, `"LCALL"`).
80 | */
81 | #define ZYDIS_TOKEN_MNEMONIC 0x06
82 | /**
83 | * A register literal (like `"RAX"`, `"DS"`, `"%ECX"`).
84 | */
85 | #define ZYDIS_TOKEN_REGISTER 0x07
86 | /**
87 | * An absolute address literal (like `0x00400000`).
88 | */
89 | #define ZYDIS_TOKEN_ADDRESS_ABS 0x08
90 | /**
91 | * A relative address literal (like `-0x100`).
92 | */
93 | #define ZYDIS_TOKEN_ADDRESS_REL 0x09
94 | /**
95 | * A displacement literal (like `0xFFFFFFFF`, `-0x100`, `+0x1234`).
96 | */
97 | #define ZYDIS_TOKEN_DISPLACEMENT 0x0A
98 | /**
99 | * An immediate literal (like `0xC0`, `-0x1234`, `$0x0000`).
100 | */
101 | #define ZYDIS_TOKEN_IMMEDIATE 0x0B
102 | /**
103 | * A typecast literal (like `DWORD PTR`).
104 | */
105 | #define ZYDIS_TOKEN_TYPECAST 0x0C
106 | /**
107 | * A decorator literal (like `"Z"`, `"1TO4"`).
108 | */
109 | #define ZYDIS_TOKEN_DECORATOR 0x0D
110 | /**
111 | * A symbol literal.
112 | */
113 | #define ZYDIS_TOKEN_SYMBOL 0x0E
114 |
115 | /**
116 | * The base for user-defined token types.
117 | */
118 | #define ZYDIS_TOKEN_USER 0x80
119 |
120 | /* ---------------------------------------------------------------------------------------------- */
121 |
122 | /* ============================================================================================== */
123 | /* Enums and types */
124 | /* ============================================================================================== */
125 |
126 | /* ---------------------------------------------------------------------------------------------- */
127 | /* Token */
128 | /* ---------------------------------------------------------------------------------------------- */
129 |
130 | #pragma pack(push, 1)
131 |
132 | /**
133 | * Defines the `ZydisFormatterToken` struct.
134 | *
135 | * All fields in this struct should be considered as "private". Any changes may lead to unexpected
136 | * behavior.
137 | */
138 | typedef struct ZydisFormatterToken_
139 | {
140 | /**
141 | * The token type.
142 | */
143 | ZydisTokenType type;
144 | /**
145 | * An offset to the next token, or `0`.
146 | */
147 | ZyanU8 next;
148 | } ZydisFormatterToken;
149 |
150 | #pragma pack(pop)
151 |
152 | /**
153 | * Defines the `ZydisFormatterTokenConst` data-type.
154 | */
155 | typedef const ZydisFormatterToken ZydisFormatterTokenConst;
156 |
157 | /* ---------------------------------------------------------------------------------------------- */
158 | /* Buffer */
159 | /* ---------------------------------------------------------------------------------------------- */
160 |
161 | /**
162 | * Defines the `ZydisFormatterBuffer` struct.
163 | *
164 | * All fields in this struct should be considered as "private". Any changes may
165 | * lead to unexpected behavior.
166 | */
167 | typedef struct ZydisFormatterBuffer_
168 | {
169 | /**
170 | * `ZYAN_TRUE`, if the buffer contains a token stream or `ZYAN_FALSE, if it
171 | * contains a simple string.
172 | */
173 | ZyanBool is_token_list;
174 | /**
175 | * The remaining capacity of the buffer.
176 | */
177 | ZyanUSize capacity;
178 | /**
179 | * The `ZyanString` instance that refers to the literal value of the most
180 | * recently added token.
181 | */
182 | ZyanString string;
183 | } ZydisFormatterBuffer;
184 |
185 | /* ---------------------------------------------------------------------------------------------- */
186 |
187 | /* ============================================================================================== */
188 | /* Exported functions */
189 | /* ============================================================================================== */
190 |
191 | /* ---------------------------------------------------------------------------------------------- */
192 | /* Token */
193 | /* ---------------------------------------------------------------------------------------------- */
194 |
195 | /**
196 | * Returns the `type` and the string `value` of the given `token`.
197 | *
198 | * @param token A pointer to the `ZydisFormatterToken` struct.
199 | * @param type Receives the token type.
200 | * @param value Receives a pointer to the string value of the token.
201 | *
202 | * @return A zyan status code.
203 | */
204 | ZYDIS_EXPORT ZyanStatus ZydisFormatterTokenGetValue(const ZydisFormatterToken* token,
205 | ZydisTokenType* type, ZyanConstCharPointer* value);
206 |
207 | /**
208 | * Obtains the next `token` linked to the passed one.
209 | *
210 | * @param token Receives a pointer to the next `ZydisFormatterToken` struct
211 | * linked to the passed one.
212 | *
213 | * @return A zyan status code.
214 | */
215 | ZYDIS_EXPORT ZyanStatus ZydisFormatterTokenNext(ZydisFormatterTokenConst** token);
216 |
217 | /* ---------------------------------------------------------------------------------------------- */
218 | /* Buffer */
219 | /* ---------------------------------------------------------------------------------------------- */
220 |
221 | /**
222 | * Returns the current (most recently added) token.
223 | *
224 | * @param buffer A pointer to the `ZydisFormatterBuffer` struct.
225 | * @param token Receives a pointer to the current token.
226 | *
227 | * @return A zyan status code.
228 | *
229 | * This function returns `ZYAN_STATUS_INVALID_OPERATION`, if the buffer does not contain at least
230 | * one token.
231 | */
232 | ZYDIS_EXPORT ZyanStatus ZydisFormatterBufferGetToken(const ZydisFormatterBuffer* buffer,
233 | ZydisFormatterTokenConst** token);
234 |
235 | /**
236 | * Returns the `ZyanString` instance associated with the given buffer.
237 | *
238 | * @param buffer A pointer to the `ZydisFormatterBuffer` struct.
239 | * @param string Receives a pointer to the `ZyanString` instance associated with the given
240 | * buffer.
241 | *
242 | * @return A zyan status code.
243 | *
244 | * This function returns `ZYAN_STATUS_INVALID_OPERATION`, if the buffer does not contain at least
245 | * one token.
246 | *
247 | * The returned string always refers to the literal value of the current (most recently added)
248 | * token and will remain valid until the buffer is destroyed.
249 | */
250 | ZYDIS_EXPORT ZyanStatus ZydisFormatterBufferGetString(ZydisFormatterBuffer* buffer,
251 | ZyanString** string);
252 |
253 | /**
254 | * Appends a new token to the `buffer`.
255 | *
256 | * @param buffer A pointer to the `ZydisFormatterBuffer` struct.
257 | * @param type The type of the new token.
258 | *
259 | * @return A zyan status code.
260 | *
261 | * Note that the `ZyanString` instance returned by `ZydisFormatterBufferGetString` will
262 | * automatically be updated by calling this function.
263 | */
264 | ZYDIS_EXPORT ZyanStatus ZydisFormatterBufferAppend(ZydisFormatterBuffer* buffer,
265 | ZydisTokenType type);
266 |
267 | /**
268 | * Returns a snapshot of the buffer-state.
269 | *
270 | * @param buffer A pointer to the `ZydisFormatterBuffer` struct.
271 | * @param state Receives a snapshot of the buffer-state.
272 | *
273 | * @return A zyan status code.
274 | *
275 | * Note that the buffer-state is saved inside the buffer itself and thus becomes invalid as soon
276 | * as the buffer gets overwritten or destroyed.
277 | */
278 | ZYDIS_EXPORT ZyanStatus ZydisFormatterBufferRemember(const ZydisFormatterBuffer* buffer,
279 | ZyanUPointer* state);
280 |
281 | /**
282 | * Restores a previously saved buffer-state.
283 | *
284 | * @param buffer A pointer to the `ZydisFormatterBuffer` struct.
285 | * @param state The buffer-state to restore.
286 | *
287 | * @return A zyan status code.
288 | *
289 | * All tokens added after obtaining the given `state` snapshot will be removed. This function
290 | * does NOT restore any string content.
291 | *
292 | * Note that the `ZyanString` instance returned by `ZydisFormatterBufferGetString` will
293 | * automatically be updated by calling this function.
294 | */
295 | ZYDIS_EXPORT ZyanStatus ZydisFormatterBufferRestore(ZydisFormatterBuffer* buffer,
296 | ZyanUPointer state);
297 |
298 | /* ---------------------------------------------------------------------------------------------- */
299 |
300 | /* ============================================================================================== */
301 |
302 | #ifdef __cplusplus
303 | }
304 | #endif
305 |
306 | #endif /* ZYDIS_FORMATTER_TOKEN_H */
307 |
--------------------------------------------------------------------------------
/Inline-PatchFinder/Inline-PatchFinder.vcxproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | Win32
7 |
8 |
9 | Release
10 | Win32
11 |
12 |
13 | Debug
14 | x64
15 |
16 |
17 | Release
18 | x64
19 |
20 |
21 |
22 | 16.0
23 | Win32Proj
24 | {df25ee2f-823c-4407-a8ab-b45b26226782}
25 | Inline-PatchFinder
26 | 10.0
27 | Inline-PatchFinder
28 |
29 |
31 | Application
32 | true
33 | v142
34 | Unicode
35 |
36 |
37 | Application
38 | false
39 | v142
40 | true
41 | Unicode
42 |
43 |
44 | Application
45 | true
46 | v142
47 | Unicode
48 |
49 |
50 | Application
51 | false
52 | v142
53 | true
54 | Unicode
55 |
56 |
58 |
59 |
60 |
61 |
62 |
64 |
65 |
67 |
68 |
70 |
71 |
73 |
75 | true
76 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(IncludePath)
77 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(LibraryPath)
78 |
79 |
80 | false
81 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(IncludePath)
82 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(LibraryPath)
83 |
84 |
85 | true
86 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(IncludePath)
87 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(LibraryPath)
88 |
89 |
90 | false
91 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(IncludePath)
92 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;$(LibraryPath)
93 |
94 |
95 |
96 | Level3
97 | true
98 | ZYDIS_STATIC_DEFINE;WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
99 | true
100 | stdcpp17
101 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;%(AdditionalIncludeDirectories)
102 | Disabled
103 | Size
104 | false
105 | false
106 |
107 | Console
109 | true
110 | Zycore-x86.lib;Zydis-x86.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
111 | 4194304
112 |
113 |
114 |
115 |
116 | Level3
117 | true
118 | false
119 | true
120 | ZYDIS_STATIC_DEFINE;WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
121 | true
122 | stdcpp17
123 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;%(AdditionalIncludeDirectories)
124 | Disabled
125 | false
126 | Size
127 | false
128 |
129 | Console
131 | true
132 | true
133 | true
134 | Zycore-x86.lib;Zydis-x86.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
135 | 4194304
136 |
137 |
138 |
139 |
140 | Level3
141 | true
142 | ZYDIS_STATIC_DEFINE;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
143 | true
144 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;%(AdditionalIncludeDirectories)
145 | false
146 | stdcpp17
147 | Disabled
148 | Size
149 | false
150 | false
151 |
152 | Console
154 | true
155 | Zycore-x64.lib;Zydis-x64.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
156 | 4194304
157 |
158 |
159 |
160 |
161 | Level3
162 | true
163 | false
164 | true
165 | ZYDIS_STATIC_DEFINE;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
166 | true
167 | C:\Users\polak\Desktop\development\reverse-engineering\Inline-PatchFinder\Zydis;%(AdditionalIncludeDirectories)
168 | Disabled
169 | false
170 | false
171 | stdcpp17
172 | Size
173 | false
174 |
175 | Console
177 | true
178 | true
179 | true
180 | Zycore-x64.lib;Zydis-x64.lib;kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)
181 | 4194304
182 |
183 |
184 |
185 |
188 |
189 |
192 |
194 |
195 |
--------------------------------------------------------------------------------