def __print_inst(self, i, tab=0, prefix=""): def get_inst_str(): nonlocal i return "%s %s" % (i.mnemonic, i.op_str) print_tabbed_no_end(color_addr(i.address), tab) if is_ret(i): print_no_end(color_retcall(get_inst_str())) return if is_call(i): print_no_end(color_retcall(i.mnemonic) + " ") self.print_operand(i, 0, hexa=True) return # Here we can have conditional jump with the option --dump if is_jump(i): if i.operands[0].type != X86_OP_IMM: print_no_end(i.mnemonic + " ") self.print_operand(i, 0) if is_uncond_jump(i) and self.ctx.comments: print_comment_no_end(" # STOPPED") return try: addr = i.operands[0].value.imm print_no_end(i.mnemonic + " " + color(hex(addr), self.ctx.addr_color[addr])) except KeyError: print_no_end(i.mnemonic + " " + hex(addr)) return modified = False if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self.print_operand(i, 0) print_no_end(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self.print_operand(i, 0) print_no_end(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self.print_operand(i, 0) print_no_end(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self.print_operand(i, 0) print_no_end(inst_symbol(i)) elif i.id == X86_INS_LEA: self.print_operand(i, 0) print_no_end(" = &(") self.print_operand(i, 1) print_no_end(")") elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print_no_end(" " + inst_symbol(i).rstrip('=') + " ") self.print_operand(i, 2) elif len(i.operands) == 2: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: print_no_end("ax = al * ") elif sz == 2: print_no_end("dx:ax = ax * ") elif sz == 4: print_no_end("edx:eax = eax * ") elif sz == 8: print_no_end("rdx:rax = rax * ") self.print_operand(i, 0) else: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) modified = True elif i.id == X86_INS_CDQE: print_no_end("rax = eax") modified = True elif i.id == X86_INS_IDIV: print_no_end('eax = edx:eax / ') self.print_operand(i, 0) print_no_end('; edx = edx:eax % ') self.print_operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = {1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax")} src, dst = lut[i.operands[0].size] print_no_end('{0} = {1} * '.format(dst, src)) self.print_operand(i, 0) modified = True elif i.id == X86_INS_NOT: self.print_operand(i, 0) print_no_end(' ^= -1') modified = True elif i.id == X86_INS_SCASB and i.prefix[0] == X86_PREFIX_REPNE: print_no_end('while (') self.print_operand(i, 1) print_no_end(' != ') self.print_operand(i, 0) print_no_end(') { ') self.print_operand(i, 1, show_deref=False) print_no_end('++; cx--; } ') self.print_operand(i, 1, show_deref=False) print_no_end('++; cx--;') modified = True else: print_no_end("%s " % i.mnemonic) if len(i.operands) > 0: modified = self.print_operand(i, 0) k = 1 while k < len(i.operands): print_no_end(", ") modified |= self.print_operand(i, k) k += 1 return modified
def _sub_asm_inst(self, i, tab=0, prefix=""): tab = self._rep_begin(i, tab) if is_ret(i): self._retcall(self.get_inst_str(i)) return False if is_call(i): self._retcall(i.mnemonic) self._add(" ") if self.ctx.sectionsname: op = i.operands[0] if op.type == X86_OP_IMM: s = self.binary.get_section(op.value.imm) if s is not None: self._add("(") self._section(s.name) self._add(") ") self._operand(i, 0, hexa=True, force_dont_print_data=True) return False # Here we can have conditional jump with the option --dump if is_jump(i): self._add(i.mnemonic + " ") if i.operands[0].type != X86_OP_IMM: self._operand(i, 0, force_dont_print_data=True) self.inst_end_here() if is_uncond_jump(i) and self.ctx.comments and not self.ctx.dump \ and not i.address in self.ctx.dis.jmptables: self._add(" ") self._comment("# STOPPED") return False self._operand(i, 0, hexa=True, force_dont_print_data=True) return False modified = False if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self._operand(i, 0) self._add(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self._operand(i, 0) self._add(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self._operand(i, 0) self._add(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self._operand(i, 0) self._add(inst_symbol(i)) elif i.id == X86_INS_LEA: self._operand(i, 0) self._add(" = ") self._operand(i, 1, show_deref=False) elif i.id == X86_INS_MOVZX: self._operand(i, 0) self._add(" = (zero ext) ") self._operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._add(" " + inst_symbol(i).rstrip('=') + " ") self._operand(i, 2) elif len(i.operands) == 2: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: self._add("ax = al * ") elif sz == 2: self._add("dx:ax = ax * ") elif sz == 4: self._add("edx:eax = eax * ") elif sz == 8: self._add("rdx:rax = rax * ") self._operand(i, 0) else: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) modified = True elif i.id == X86_INS_CDQE: self._add("rax = eax") modified = True elif i.id == X86_INS_IDIV: self._add('eax = edx:eax / ') self._operand(i, 0) self._add('; edx = edx:eax % ') self._operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = { 1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax") } src, dst = lut[i.operands[0].size] self._add('{0} = {1} * '.format(dst, src)) self._operand(i, 0) modified = True elif i.id == X86_INS_NOT: self._operand(i, 0) self._add(' ^= -1') modified = True elif i.id in INST_SCAS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_STOS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") modified = True elif i.id in INST_LODS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_CMPS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add("' += D") modified = True elif i.id in INST_MOVS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True else: if len(i.operands) > 0: self._add("%s " % i.mnemonic) modified = self._operand(i, 0) k = 1 while k < len(i.operands): self._add(", ") modified |= self._operand(i, k) k += 1 else: self._add(i.mnemonic) self._rep_end(i, tab) return modified
def __print_inst(self, i, tab=0, prefix=""): def get_inst_str(): nonlocal i return "%s %s" % (i.mnemonic, i.op_str) def print_rep_begin(): nonlocal tab if i.prefix[0] in REP_PREFIX: print_tabbed_no_end(color_keyword("while"), tab) # TODO: for 16 and 32 bits print_no_end(" (!rcx)") print(") {") tab += 1 def print_rep_end(): nonlocal tab if i.prefix[0] in REP_PREFIX: print() print_label_or_addr(i.address, tab) print("rcx--") if i.prefix[0] == X86_PREFIX_REPNE: print_tabbed_no_end(color_keyword("if"), tab) print_no_end(" (!Z) ") print(color_keyword("break")) tab -= 1 print_tabbed_no_end("}", tab) print_rep_begin() print_label_and_addr(i.address, tab) self.print_bytes(i) if is_ret(i): print_no_end(color_retcall(get_inst_str())) return if is_call(i): print_no_end(color_retcall(i.mnemonic) + " ") return self.print_operand(i, 0, hexa=True) # Here we can have conditional jump with the option --dump if is_jump(i): print_no_end(i.mnemonic + " ") if i.operands[0].type != X86_OP_IMM: self.print_operand(i, 0) if is_uncond_jump(i) and self.ctx.comments and not self.ctx.dump \ and not i.address in self.ctx.dis.jmptables: print_comment_no_end(" # STOPPED") return addr = i.operands[0].value.imm if addr in self.ctx.addr_color: print_label_or_addr(addr, -1, False) else: print_no_end(hex(addr)) return modified = False if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self.print_operand(i, 0) print_no_end(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self.print_operand(i, 0) print_no_end(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self.print_operand(i, 0) print_no_end(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self.print_operand(i, 0) print_no_end(inst_symbol(i)) elif i.id == X86_INS_LEA: self.print_operand(i, 0) print_no_end(" = &(") self.print_operand(i, 1) print_no_end(")") elif i.id == X86_INS_MOVZX: self.print_operand(i, 0) print_no_end(" = (zero ext) ") self.print_operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print_no_end(" " + inst_symbol(i).rstrip('=') + " ") self.print_operand(i, 2) elif len(i.operands) == 2: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: print_no_end("ax = al * ") elif sz == 2: print_no_end("dx:ax = ax * ") elif sz == 4: print_no_end("edx:eax = eax * ") elif sz == 8: print_no_end("rdx:rax = rax * ") self.print_operand(i, 0) else: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) modified = True elif i.id == X86_INS_CDQE: print_no_end("rax = eax") modified = True elif i.id == X86_INS_IDIV: print_no_end('eax = edx:eax / ') self.print_operand(i, 0) print_no_end('; edx = edx:eax % ') self.print_operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = {1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax")} src, dst = lut[i.operands[0].size] print_no_end('{0} = {1} * '.format(dst, src)) self.print_operand(i, 0) modified = True elif i.id == X86_INS_NOT: self.print_operand(i, 0) print_no_end(' ^= -1') modified = True elif i.id in INST_SCAS: self.print_operand(i, 0) print_no_end(" cmp ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end(" += D") modified = True elif i.id in INST_STOS: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 0, show_deref=False) print_no_end(" += D") modified = True elif i.id in INST_LODS: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end(" += D") modified = True elif i.id in INST_CMPS: self.print_operand(i, 0) print_no_end(" cmp ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 0, show_deref=False) print(" += D") print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end("' += D") modified = True elif i.id in INST_MOVS: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 0, show_deref=False) print(" += D") print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end(" += D") modified = True else: print_no_end("%s " % i.mnemonic) if len(i.operands) > 0: modified = self.print_operand(i, 0) k = 1 while k < len(i.operands): print_no_end(", ") modified |= self.print_operand(i, k) k += 1 print_rep_end() return modified
def __print_inst(self, i, tab=0, prefix=""): def get_inst_str(): nonlocal i return "%s %s" % (i.mnemonic, i.op_str) print_tabbed_no_end(color_addr(i.address), tab) self.print_bytes(i) if is_ret(i): print_no_end(color_retcall(get_inst_str())) return if is_call(i): print_no_end(color_retcall(i.mnemonic) + " ") self.print_operand(i, 0, hexa=True) return # Here we can have conditional jump with the option --dump if is_jump(i): if i.operands[0].type != X86_OP_IMM: print_no_end(i.mnemonic + " ") self.print_operand(i, 0) if is_uncond_jump( i) and self.ctx.comments and not self.ctx.dump: print_comment_no_end(" # STOPPED") return try: addr = i.operands[0].value.imm print_no_end(i.mnemonic + " " + color(hex(addr), self.ctx.addr_color[addr])) except KeyError: print_no_end(i.mnemonic + " " + hex(addr)) return modified = False if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self.print_operand(i, 0) print_no_end(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self.print_operand(i, 0) print_no_end(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self.print_operand(i, 0) print_no_end(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self.print_operand(i, 0) print_no_end(inst_symbol(i)) elif i.id == X86_INS_LEA: self.print_operand(i, 0) print_no_end(" = &(") self.print_operand(i, 1) print_no_end(")") elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print_no_end(" " + inst_symbol(i).rstrip('=') + " ") self.print_operand(i, 2) elif len(i.operands) == 2: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: print_no_end("ax = al * ") elif sz == 2: print_no_end("dx:ax = ax * ") elif sz == 4: print_no_end("edx:eax = eax * ") elif sz == 8: print_no_end("rdx:rax = rax * ") self.print_operand(i, 0) else: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) modified = True elif i.id == X86_INS_CDQE: print_no_end("rax = eax") modified = True elif i.id == X86_INS_IDIV: print_no_end('eax = edx:eax / ') self.print_operand(i, 0) print_no_end('; edx = edx:eax % ') self.print_operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = { 1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax") } src, dst = lut[i.operands[0].size] print_no_end('{0} = {1} * '.format(dst, src)) self.print_operand(i, 0) modified = True elif i.id == X86_INS_NOT: self.print_operand(i, 0) print_no_end(' ^= -1') modified = True elif i.id == X86_INS_SCASB and i.prefix[0] == X86_PREFIX_REPNE: print_no_end('while (') self.print_operand(i, 1) print_no_end(' != ') self.print_operand(i, 0) print_no_end(') { ') self.print_operand(i, 1, show_deref=False) print_no_end('++; cx--; } ') self.print_operand(i, 1, show_deref=False) print_no_end('++; cx--;') modified = True else: print_no_end("%s " % i.mnemonic) if len(i.operands) > 0: modified = self.print_operand(i, 0) k = 1 while k < len(i.operands): print_no_end(", ") modified |= self.print_operand(i, k) k += 1 return modified
def _sub_asm_inst(self, i, tab=0, prefix=""): tab = self._rep_begin(i, tab) self._label_and_address(i.address, tab) self._bytes(i) if is_ret(i): self._retcall(self.get_inst_str(i)) return False if is_call(i): self._retcall(i.mnemonic) self._add(" ") self._operand(i, 0, hexa=True, force_dont_print_data=True) return False # Here we can have conditional jump with the option --dump if is_jump(i): self._add(i.mnemonic + " ") if i.operands[0].type != X86_OP_IMM: self._operand(i, 0, force_dont_print_data=True) self.inst_end_here() if is_uncond_jump(i) and self.ctx.comments and not self.ctx.dump \ and not i.address in self.ctx.dis.jmptables: self._add(" ") self._comment("# STOPPED") return False addr = i.operands[0].value.imm if addr in self.ctx.addr_color: self._label_or_address(addr, -1, False) else: self._add(hex(addr)) return False modified = False if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self._operand(i, 0) self._add(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self._operand(i, 0) self._add(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self._operand(i, 0) self._add(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self._operand(i, 0) self._add(inst_symbol(i)) elif i.id == X86_INS_LEA: self._operand(i, 0) self._add(" = ") self._operand(i, 1, show_deref=False) elif i.id == X86_INS_MOVZX: self._operand(i, 0) self._add(" = (zero ext) ") self._operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._add(" " + inst_symbol(i).rstrip('=') + " ") self._operand(i, 2) elif len(i.operands) == 2: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: self._add("ax = al * ") elif sz == 2: self._add("dx:ax = ax * ") elif sz == 4: self._add("edx:eax = eax * ") elif sz == 8: self._add("rdx:rax = rax * ") self._operand(i, 0) else: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) modified = True elif i.id == X86_INS_CDQE: self._add("rax = eax") modified = True elif i.id == X86_INS_IDIV: self._add('eax = edx:eax / ') self._operand(i, 0) self._add('; edx = edx:eax % ') self._operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = {1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax")} src, dst = lut[i.operands[0].size] self._add('{0} = {1} * '.format(dst, src)) self._operand(i, 0) modified = True elif i.id == X86_INS_NOT: self._operand(i, 0) self._add(' ^= -1') modified = True elif i.id in INST_SCAS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._label_or_address(i.address, tab) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_STOS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._label_or_address(i.address, tab) self._operand(i, 0, show_deref=False) self._add(" += D") modified = True elif i.id in INST_LODS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._label_or_address(i.address, tab) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_CMPS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._label_or_address(i.address, tab) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._label_or_address(i.address, tab) self._operand(i, 1, show_deref=False) self._add("' += D") modified = True elif i.id in INST_MOVS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._label_or_address(i.address, tab) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._label_or_address(i.address, tab) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True else: if len(i.operands) > 0: self._add("%s " % i.mnemonic) modified = self._operand(i, 0) k = 1 while k < len(i.operands): self._add(", ") modified |= self._operand(i, k) k += 1 else: self._add(i.mnemonic) self._rep_end(i, tab) return modified
def __print_inst(self, i, tab=0, prefix=""): def get_inst_str(): nonlocal i return "%s %s" % (i.mnemonic, i.op_str) def print_rep_begin(): nonlocal tab if i.prefix[0] in REP_PREFIX: print_tabbed_no_end(color_keyword("while"), tab) # TODO: for 16 and 32 bits print_no_end(" (!rcx)") print(") {") tab += 1 def print_rep_end(): nonlocal tab if i.prefix[0] in REP_PREFIX: print() print_label_or_addr(i.address, tab) print("rcx--") if i.prefix[0] == X86_PREFIX_REPNE: print_tabbed_no_end(color_keyword("if"), tab) print_no_end(" (!Z) ") print(color_keyword("break")) tab -= 1 print_tabbed_no_end("}", tab) print_rep_begin() print_label_and_addr(i.address, tab) self.print_bytes(i) if is_ret(i): print_no_end(color_retcall(get_inst_str())) return if is_call(i): print_no_end(color_retcall(i.mnemonic) + " ") return self.print_operand(i, 0, hexa=True) # Here we can have conditional jump with the option --dump if is_jump(i): print_no_end(i.mnemonic + " ") if i.operands[0].type != X86_OP_IMM: self.print_operand(i, 0) if is_uncond_jump( i) and self.ctx.comments and not self.ctx.dump: print_comment_no_end(" # STOPPED") return addr = i.operands[0].value.imm if addr in self.ctx.addr_color: print_label_or_addr(addr, -1, False) else: print_no_end(hex(addr)) return modified = False if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self.print_operand(i, 0) print_no_end(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self.print_operand(i, 0) print_no_end(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self.print_operand(i, 0) print_no_end(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self.print_operand(i, 0) print_no_end(inst_symbol(i)) elif i.id == X86_INS_LEA: self.print_operand(i, 0) print_no_end(" = &(") self.print_operand(i, 1) print_no_end(")") elif i.id == X86_INS_MOVZX: self.print_operand(i, 0) print_no_end(" = (zero ext) ") self.print_operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print_no_end(" " + inst_symbol(i).rstrip('=') + " ") self.print_operand(i, 2) elif len(i.operands) == 2: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: print_no_end("ax = al * ") elif sz == 2: print_no_end("dx:ax = ax * ") elif sz == 4: print_no_end("edx:eax = eax * ") elif sz == 8: print_no_end("rdx:rax = rax * ") self.print_operand(i, 0) else: self.print_operand(i, 0) print_no_end(" " + inst_symbol(i) + " ") self.print_operand(i, 1) modified = True elif i.id == X86_INS_CDQE: print_no_end("rax = eax") modified = True elif i.id == X86_INS_IDIV: print_no_end('eax = edx:eax / ') self.print_operand(i, 0) print_no_end('; edx = edx:eax % ') self.print_operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = { 1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax") } src, dst = lut[i.operands[0].size] print_no_end('{0} = {1} * '.format(dst, src)) self.print_operand(i, 0) modified = True elif i.id == X86_INS_NOT: self.print_operand(i, 0) print_no_end(' ^= -1') modified = True elif i.id in INST_SCAS: self.print_operand(i, 0) print_no_end(" cmp ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end(" += D") modified = True elif i.id in INST_STOS: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 0, show_deref=False) print_no_end(" += D") modified = True elif i.id in INST_LODS: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end(" += D") modified = True elif i.id in INST_CMPS: self.print_operand(i, 0) print_no_end(" cmp ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 0, show_deref=False) print(" += D") print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end("' += D") modified = True elif i.id in INST_MOVS: self.print_operand(i, 0) print_no_end(" = ") self.print_operand(i, 1) print() print_label_or_addr(i.address, tab) self.print_operand(i, 0, show_deref=False) print(" += D") print_label_or_addr(i.address, tab) self.print_operand(i, 1, show_deref=False) print_no_end(" += D") modified = True else: print_no_end("%s " % i.mnemonic) if len(i.operands) > 0: modified = self.print_operand(i, 0) k = 1 while k < len(i.operands): print_no_end(", ") modified |= self.print_operand(i, k) k += 1 print_rep_end() return modified