1 /*************************************************************************************************** 2 3 Zyan Disassembler Library (Zydis) 4 5 Original Author : Florian Bernd 6 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in all 15 * copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 * SOFTWARE. 24 25 ***************************************************************************************************/ 26 27 #ifndef ZYDIS_INTERNAL_DECODERDATA_H 28 #define ZYDIS_INTERNAL_DECODERDATA_H 29 30 #include <Zycore/Defines.h> 31 #include <Zycore/Types.h> 32 #include <Zydis/Defines.h> 33 34 #ifdef __cplusplus 35 extern "C" { 36 #endif 37 38 /* ============================================================================================== */ 39 /* Enums and types */ 40 /* ============================================================================================== */ 41 42 // MSVC does not like types other than (un-)signed int for bit-fields 43 #ifdef ZYAN_MSVC 44 # pragma warning(push) 45 # pragma warning(disable:4214) 46 #endif 47 48 #pragma pack(push, 1) 49 50 /* ---------------------------------------------------------------------------------------------- */ 51 /* Decoder tree */ 52 /* ---------------------------------------------------------------------------------------------- */ 53 54 /** 55 * Defines the `ZydisDecoderTreeNodeType` data-type. 56 */ 57 typedef ZyanU8 ZydisDecoderTreeNodeType; 58 59 /** 60 * Values that represent zydis decoder tree node types. 61 */ 62 enum ZydisDecoderTreeNodeTypes 63 { 64 ZYDIS_NODETYPE_INVALID = 0x00, 65 /** 66 * Reference to an instruction-definition. 67 */ 68 ZYDIS_NODETYPE_DEFINITION_MASK = 0x80, 69 /** 70 * Reference to an XOP-map filter. 71 */ 72 ZYDIS_NODETYPE_FILTER_XOP = 0x01, 73 /** 74 * Reference to an VEX-map filter. 75 */ 76 ZYDIS_NODETYPE_FILTER_VEX = 0x02, 77 /** 78 * Reference to an EVEX/MVEX-map filter. 79 */ 80 ZYDIS_NODETYPE_FILTER_EMVEX = 0x03, 81 /** 82 * Reference to an opcode filter. 83 */ 84 ZYDIS_NODETYPE_FILTER_OPCODE = 0x04, 85 /** 86 * Reference to an instruction-mode filter. 87 */ 88 ZYDIS_NODETYPE_FILTER_MODE = 0x05, 89 /** 90 * Reference to an compacted instruction-mode filter. 91 */ 92 ZYDIS_NODETYPE_FILTER_MODE_COMPACT = 0x06, 93 /** 94 * Reference to a ModRM.mod filter. 95 */ 96 ZYDIS_NODETYPE_FILTER_MODRM_MOD = 0x07, 97 /** 98 * Reference to a compacted ModRM.mod filter. 99 */ 100 ZYDIS_NODETYPE_FILTER_MODRM_MOD_COMPACT = 0x08, 101 /** 102 * Reference to a ModRM.reg filter. 103 */ 104 ZYDIS_NODETYPE_FILTER_MODRM_REG = 0x09, 105 /** 106 * Reference to a ModRM.rm filter. 107 */ 108 ZYDIS_NODETYPE_FILTER_MODRM_RM = 0x0A, 109 /** 110 * Reference to a PrefixGroup1 filter. 111 */ 112 ZYDIS_NODETYPE_FILTER_PREFIX_GROUP1 = 0x0B, 113 /** 114 * Reference to a mandatory-prefix filter. 115 */ 116 ZYDIS_NODETYPE_FILTER_MANDATORY_PREFIX = 0x0C, 117 /** 118 * Reference to an operand-size filter. 119 */ 120 ZYDIS_NODETYPE_FILTER_OPERAND_SIZE = 0x0D, 121 /** 122 * Reference to an address-size filter. 123 */ 124 ZYDIS_NODETYPE_FILTER_ADDRESS_SIZE = 0x0E, 125 /** 126 * Reference to a vector-length filter. 127 */ 128 ZYDIS_NODETYPE_FILTER_VECTOR_LENGTH = 0x0F, 129 /** 130 * Reference to an REX/VEX/EVEX.W filter. 131 */ 132 ZYDIS_NODETYPE_FILTER_REX_W = 0x10, 133 /** 134 * Reference to an REX/VEX/EVEX.B filter. 135 */ 136 ZYDIS_NODETYPE_FILTER_REX_B = 0x11, 137 /** 138 * Reference to an EVEX.b filter. 139 */ 140 ZYDIS_NODETYPE_FILTER_EVEX_B = 0x12, 141 /** 142 * Reference to an MVEX.E filter. 143 */ 144 ZYDIS_NODETYPE_FILTER_MVEX_E = 0x13, 145 /** 146 * Reference to a AMD-mode filter. 147 */ 148 ZYDIS_NODETYPE_FILTER_MODE_AMD = 0x14, 149 /** 150 * Reference to a KNC-mode filter. 151 */ 152 ZYDIS_NODETYPE_FILTER_MODE_KNC = 0x15, 153 /** 154 * Reference to a MPX-mode filter. 155 */ 156 ZYDIS_NODETYPE_FILTER_MODE_MPX = 0x16, 157 /** 158 * Reference to a CET-mode filter. 159 */ 160 ZYDIS_NODETYPE_FILTER_MODE_CET = 0x17, 161 /** 162 * Reference to a LZCNT-mode filter. 163 */ 164 ZYDIS_NODETYPE_FILTER_MODE_LZCNT = 0x18, 165 /** 166 * Reference to a TZCNT-mode filter. 167 */ 168 ZYDIS_NODETYPE_FILTER_MODE_TZCNT = 0x19, 169 /** 170 * Reference to a WBNOINVD-mode filter. 171 */ 172 ZYDIS_NODETYPE_FILTER_MODE_WBNOINVD = 0x1A, 173 /** 174 * Reference to a CLDEMOTE-mode filter. 175 */ 176 ZYDIS_NODETYPE_FILTER_MODE_CLDEMOTE = 0x1B, 177 /** 178 * Reference to a IPREFETCH-mode filter. 179 */ 180 ZYDIS_NODETYPE_FILTER_MODE_IPREFETCH = 0x1C, 181 /** 182 * Reference to a UD0_COMPAT-mode filter. 183 */ 184 ZYDIS_NODETYPE_FILTER_MODE_UD0_COMPAT = 0x1D 185 }; 186 187 /* ---------------------------------------------------------------------------------------------- */ 188 189 /** 190 * Defines the `ZydisDecoderTreeNodeValue` data-type. 191 */ 192 typedef ZyanU16 ZydisDecoderTreeNodeValue; 193 194 /* ---------------------------------------------------------------------------------------------- */ 195 196 /** 197 * Defines the `ZydisDecoderTreeNode` struct. 198 */ 199 typedef struct ZydisDecoderTreeNode_ 200 { 201 ZydisDecoderTreeNodeType type; 202 ZydisDecoderTreeNodeValue value; 203 } ZydisDecoderTreeNode; 204 205 /* ---------------------------------------------------------------------------------------------- */ 206 207 #pragma pack(pop) 208 209 #ifdef ZYAN_MSVC 210 # pragma warning(pop) 211 #endif 212 213 /* ---------------------------------------------------------------------------------------------- */ 214 /* Physical instruction encoding info */ 215 /* ---------------------------------------------------------------------------------------------- */ 216 217 /** 218 * Defines the `ZydisInstructionEncodingFlags` data-type. 219 */ 220 typedef ZyanU8 ZydisInstructionEncodingFlags; 221 222 /** 223 * The instruction has an optional modrm byte. 224 */ 225 #define ZYDIS_INSTR_ENC_FLAG_HAS_MODRM 0x01 226 227 /** 228 * The instruction has an optional displacement value. 229 */ 230 #define ZYDIS_INSTR_ENC_FLAG_HAS_DISP 0x02 231 232 /** 233 * The instruction has an optional immediate value. 234 */ 235 #define ZYDIS_INSTR_ENC_FLAG_HAS_IMM0 0x04 236 237 /** 238 * The instruction has a second optional immediate value. 239 */ 240 #define ZYDIS_INSTR_ENC_FLAG_HAS_IMM1 0x08 241 242 /** 243 * The instruction ignores the value of `modrm.mod` and always assumes `modrm.mod == 3` 244 * ("reg, reg" - form). 245 * 246 * Instructions with this flag can't have a SIB byte or a displacement value. 247 */ 248 #define ZYDIS_INSTR_ENC_FLAG_FORCE_REG_FORM 0x10 249 250 /** 251 * Defines the `ZydisInstructionEncodingInfo` struct. 252 */ 253 typedef struct ZydisInstructionEncodingInfo_ 254 { 255 /** 256 * Contains flags with information about the physical instruction-encoding. 257 */ 258 ZydisInstructionEncodingFlags flags; 259 /** 260 * Displacement info. 261 */ 262 struct 263 { 264 /** 265 * The size of the displacement value. 266 */ 267 ZyanU8 size[3]; 268 } disp; 269 /** 270 * Immediate info. 271 */ 272 struct 273 { 274 /** 275 * The size of the immediate value. 276 */ 277 ZyanU8 size[3]; 278 /** 279 * Signals, if the value is signed. 280 */ 281 ZyanBool is_signed; 282 /** 283 * Signals, if the value is a relative offset. 284 */ 285 ZyanBool is_relative; 286 } imm[2]; 287 } ZydisInstructionEncodingInfo; 288 289 /* ---------------------------------------------------------------------------------------------- */ 290 291 /* ============================================================================================== */ 292 /* Functions */ 293 /* ============================================================================================== */ 294 295 /* ---------------------------------------------------------------------------------------------- */ 296 /* Decoder tree */ 297 /* ---------------------------------------------------------------------------------------------- */ 298 299 extern const ZydisDecoderTreeNode zydis_decoder_tree_root; 300 301 /** 302 * Returns the root node of the instruction tree. 303 * 304 * @return The root node of the instruction tree. 305 */ 306 ZYAN_INLINE const ZydisDecoderTreeNode* ZydisDecoderTreeGetRootNode(void) 307 { 308 return &zydis_decoder_tree_root; 309 } 310 311 /** 312 * Returns the child node of `parent` specified by `index`. 313 * 314 * @param parent The parent node. 315 * @param index The index of the child node to retrieve. 316 * 317 * @return The specified child node. 318 */ 319 ZYDIS_NO_EXPORT const ZydisDecoderTreeNode* ZydisDecoderTreeGetChildNode( 320 const ZydisDecoderTreeNode* parent, ZyanU16 index); 321 322 /** 323 * Returns information about optional instruction parts (like modrm, displacement or 324 * immediates) for the instruction that is linked to the given `node`. 325 * 326 * @param node The instruction definition node. 327 * @param info A pointer to the `ZydisInstructionParts` struct. 328 */ 329 ZYDIS_NO_EXPORT void ZydisGetInstructionEncodingInfo(const ZydisDecoderTreeNode* node, 330 const ZydisInstructionEncodingInfo** info); 331 332 /* ---------------------------------------------------------------------------------------------- */ 333 334 /* ============================================================================================== */ 335 336 #ifdef __cplusplus 337 } 338 #endif 339 340 #endif /* ZYDIS_INTERNAL_DECODERDATA_H */ 341