def _if_cond(self, jump_cond, fused_inst): if fused_inst is None: self._add(cond_symbol(jump_cond)) if jump_cond in COND_ADD_ZERO: self._add(" 0") return assignment = fused_inst.id in ASSIGNMENT_OPS if assignment: self._add("(") self._add("(") self._operand(fused_inst, 0) self._add(" ") if fused_inst.id == X86_INS_TEST: self._add(cond_symbol(jump_cond)) elif assignment: self._add(inst_symbol(fused_inst)) self._add(" ") self._operand(fused_inst, 1) self._add(") ") self._add(cond_symbol(jump_cond)) else: self._add(cond_symbol(jump_cond)) self._add(" ") self._operand(fused_inst, 1) if fused_inst.id == X86_INS_TEST or \ (fused_inst.id != X86_INS_CMP and \ (jump_cond in COND_ADD_ZERO or assignment)): self._add(" 0") self._add(")")
def _sub_asm_inst(self, i, tab=0): modified = False # TODO: bad hack ops = i.operands is_imm = i.address in self.gctx.db.immediates and len(ops) == 2 and \ (ops[1].type == X86_OP_MEM or \ ops[0].type == X86_OP_REG and ops[1].type == X86_OP_IMM) and \ i.id not in [X86_INS_CMP, X86_INS_TEST] if self.gctx.capstone_string == 0: if is_imm: self._section("!") self._operand(i, 0) self._add(" = ") self._imm(self.gctx.db.immediates[i.address], self._dis.wordsize, False) return if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self._operand(i, 0) self._add(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self._operand(i, 0) self._add(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self._operand(i, 0) self._add(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self._operand(i, 0) self._add(inst_symbol(i)) elif i.id == X86_INS_LEA: self._operand(i, 0) self._add(" = ") self._operand(i, 1, show_deref=False) elif i.id == X86_INS_MOVZX: self._operand(i, 0) self._add(" = (zero ext) ") self._operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._add(" " + inst_symbol(i).rstrip('=') + " ") self._operand(i, 2) elif len(i.operands) == 2: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: self._add("ax = al * ") elif sz == 2: self._add("dx:ax = ax * ") elif sz == 4: self._add("edx:eax = eax * ") elif sz == 8: self._add("rdx:rax = rax * ") self._operand(i, 0) elif i.id == X86_INS_XADD: self._add("tmp = ") self._operand(i, 0) self._add("; ") self._operand(i, 0) self._add(" += ") self._operand(i, 1) self._add("; ") self._operand(i, 1) self._add(" = tmp") else: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) return if i.id == X86_INS_CDQE: self._add("rax = eax") return if i.id == X86_INS_IDIV: self._add('eax = edx:eax / ') self._operand(i, 0) self._add('; edx = edx:eax % ') self._operand(i, 0) return if i.id == X86_INS_MUL: lut = {1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax")} src, dst = lut[i.operands[0].size] self._add('{0} = {1} * '.format(dst, src)) self._operand(i, 0) return if i.id == X86_INS_NOT: self._operand(i, 0) self._add(' ~= ') self._operand(i, 0) return if i.id in INST_SCAS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_STOS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_LODS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_CMPS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return # Be sure to differentiate between the SSE instruction MOVSD and the non SSE move string if i.id in INST_MOVS and not is_sse_movd(i): self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_MOV_SSE: self._operand(i, 0) self._add(" = ") self._operand(i, 1) return if is_imm: self._section("!") self._add("mov ") self._operand(i, 0) self._add(", ") self._imm(self.gctx.db.immediates[i.address], self._dis.wordsize, True) return if len(i.operands) > 0: if is_pushpop(i): self._pushpop(i.mnemonic) self._add(" ") else: self._add("%s " % i.mnemonic) self._operand(i, 0) k = 1 while k < len(i.operands): self._add(", ") self._operand(i, k) k += 1 else: if is_pushpop(i): self._pushpop(i.mnemonic) else: self._add(i.mnemonic)
def _sub_asm_inst(self, i, tab=0): modified = False if self.gctx.capstone_string == 0: if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self._operand(i, 0) self._add(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self._operand(i, 0) self._add(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self._operand(i, 0) self._add(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self._operand(i, 0) self._add(inst_symbol(i)) elif i.id == X86_INS_LEA: self._operand(i, 0) self._add(" = ") self._operand(i, 1, show_deref=False) elif i.id == X86_INS_MOVZX: self._operand(i, 0) self._add(" = (zero ext) ") self._operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._add(" " + inst_symbol(i).rstrip('=') + " ") self._operand(i, 2) elif len(i.operands) == 2: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: self._add("ax = al * ") elif sz == 2: self._add("dx:ax = ax * ") elif sz == 4: self._add("edx:eax = eax * ") elif sz == 8: self._add("rdx:rax = rax * ") self._operand(i, 0) else: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) modified = True elif i.id == X86_INS_CDQE: self._add("rax = eax") modified = True elif i.id == X86_INS_IDIV: self._add('eax = edx:eax / ') self._operand(i, 0) self._add('; edx = edx:eax % ') self._operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = {1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax")} src, dst = lut[i.operands[0].size] self._add('{0} = {1} * '.format(dst, src)) self._operand(i, 0) modified = True elif i.id == X86_INS_NOT: self._operand(i, 0) self._add(' ^= -1') modified = True elif i.id in INST_SCAS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_STOS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") modified = True elif i.id in INST_LODS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_CMPS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add("' += D") modified = True elif i.id in INST_MOVS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True if not modified: if len(i.operands) > 0: self._add("%s " % i.mnemonic) self._operand(i, 0) k = 1 while k < len(i.operands): self._add(", ") self._operand(i, k) k += 1 else: self._add(i.mnemonic)
def _sub_asm_inst(self, i, tab=0): modified = False # TODO: bad hack ops = i.operands is_imm = i.address in self.gctx.db.immediates and len(ops) == 2 and \ (ops[1].type == X86_OP_MEM or \ ops[0].type == X86_OP_REG and ops[1].type == X86_OP_IMM) and \ i.id not in [X86_INS_CMP, X86_INS_TEST] if self.gctx.capstone_string == 0: if is_imm: self._section("!") self._operand(i, 0) self._add(" = ") self._imm(self.gctx.db.immediates[i.address], self._dis.wordsize, False) return if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self._operand(i, 0) self._add(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self._operand(i, 0) self._add(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self._operand(i, 0) self._add(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self._operand(i, 0) self._add(inst_symbol(i)) elif i.id == X86_INS_LEA: self._operand(i, 0) self._add(" = ") self._operand(i, 1, show_deref=False) elif i.id == X86_INS_MOVZX: self._operand(i, 0) self._add(" = (zero ext) ") self._operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._add(" " + inst_symbol(i).rstrip('=') + " ") self._operand(i, 2) elif len(i.operands) == 2: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: self._add("ax = al * ") elif sz == 2: self._add("dx:ax = ax * ") elif sz == 4: self._add("edx:eax = eax * ") elif sz == 8: self._add("rdx:rax = rax * ") self._operand(i, 0) elif i.id == X86_INS_XADD: self._add("tmp = ") self._operand(i, 0) self._add("; ") self._operand(i, 0) self._add(" += ") self._operand(i, 1) self._add("; ") self._operand(i, 1) self._add(" = tmp") else: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) return if i.id == X86_INS_CDQE: self._add("rax = eax") return if i.id == X86_INS_IDIV: self._add('eax = edx:eax / ') self._operand(i, 0) self._add('; edx = edx:eax % ') self._operand(i, 0) return if i.id == X86_INS_MUL: lut = {1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax")} src, dst = lut[i.operands[0].size] self._add('{0} = {1} * '.format(dst, src)) self._operand(i, 0) return if i.id == X86_INS_NOT: self._operand(i, 0) self._add(' ~= ') self._operand(i, 0) return if i.id in INST_SCAS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_STOS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_LODS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_CMPS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if i.id in INST_MOVS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D ? -{0} : {0}".format(i.operands[0].size)) return if is_imm: self._section("!") self._add("mov ") self._operand(i, 0) self._add(", ") self._imm(self.gctx.db.immediates[i.address], self._dis.wordsize, True) return if len(i.operands) > 0: if is_pushpop(i): self._pushpop(i.mnemonic) self._add(" ") else: self._add("%s " % i.mnemonic) self._operand(i, 0) k = 1 while k < len(i.operands): self._add(", ") self._operand(i, k) k += 1 else: if is_pushpop(i): self._pushpop(i.mnemonic) else: self._add(i.mnemonic)
def _sub_asm_inst(self, i, tab=0): modified = False if self.gctx.capstone_string == 0: if i.id in INST_CHECK: if (i.id == X86_INS_OR and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == -1): self._operand(i, 0) self._add(" = -1") elif (i.id == X86_INS_AND and i.operands[1].type == X86_OP_IMM and i.operands[1].value.imm == 0): self._operand(i, 0) self._add(" = 0") elif (all(op.type == X86_OP_REG for op in i.operands) and len(set(op.value.reg for op in i.operands)) == 1 and i.id == X86_INS_XOR): self._operand(i, 0) self._add(" = 0") elif i.id == X86_INS_INC or i.id == X86_INS_DEC: self._operand(i, 0) self._add(inst_symbol(i)) elif i.id == X86_INS_LEA: self._operand(i, 0) self._add(" = ") self._operand(i, 1, show_deref=False) elif i.id == X86_INS_MOVZX: self._operand(i, 0) self._add(" = (zero ext) ") self._operand(i, 1) elif i.id == X86_INS_IMUL: if len(i.operands) == 3: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._add(" " + inst_symbol(i).rstrip('=') + " ") self._operand(i, 2) elif len(i.operands) == 2: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) elif len(i.operands) == 1: sz = i.operands[0].size if sz == 1: self._add("ax = al * ") elif sz == 2: self._add("dx:ax = ax * ") elif sz == 4: self._add("edx:eax = eax * ") elif sz == 8: self._add("rdx:rax = rax * ") self._operand(i, 0) else: self._operand(i, 0) self._add(" " + inst_symbol(i) + " ") self._operand(i, 1) modified = True elif i.id == X86_INS_CDQE: self._add("rax = eax") modified = True elif i.id == X86_INS_IDIV: self._add('eax = edx:eax / ') self._operand(i, 0) self._add('; edx = edx:eax % ') self._operand(i, 0) modified = True elif i.id == X86_INS_MUL: lut = { 1: ("al", "ax"), 2: ("ax", "dx:ax"), 4: ("eax", "edx:eax"), 8: ("rax", "rdx:rax") } src, dst = lut[i.operands[0].size] self._add('{0} = {1} * '.format(dst, src)) self._operand(i, 0) modified = True elif i.id == X86_INS_NOT: self._operand(i, 0) self._add(' ^= -1') modified = True elif i.id in INST_SCAS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_STOS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") modified = True elif i.id in INST_LODS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True elif i.id in INST_CMPS: self._operand(i, 0) self._add(" cmp ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add("' += D") modified = True elif i.id in INST_MOVS: self._operand(i, 0) self._add(" = ") self._operand(i, 1) self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 0, show_deref=False) self._add(" += D") self._new_line() self._tabs(tab) self._address(i.address) self._operand(i, 1, show_deref=False) self._add(" += D") modified = True if not modified: if len(i.operands) > 0: self._add("%s " % i.mnemonic) self._operand(i, 0) k = 1 while k < len(i.operands): self._add(", ") self._operand(i, k) k += 1 else: self._add(i.mnemonic)