2023-05-30 12:33:52 +02:00
|
|
|
#include "Disassembler.h"
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Disassembler::Disassembler()
|
|
|
|
|
{
|
|
|
|
|
ZydisDecoderInit(&m_decoder, ZYDIS_MACHINE_MODE_LONG_64, ZYDIS_STACK_WIDTH_64);
|
|
|
|
|
ZydisFormatterInit(&m_formatter, ZYDIS_FORMATTER_STYLE_INTEL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Disassembler::~Disassembler()
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:27:11 +02:00
|
|
|
void Disassembler::printInstruction(void* code,u64 address)//print a single instruction
|
2023-05-30 12:33:52 +02:00
|
|
|
{
|
|
|
|
|
ZydisDecodedInstruction instruction;
|
|
|
|
|
ZydisDecodedOperand operands[ZYDIS_MAX_OPERAND_COUNT_VISIBLE];
|
2023-05-30 15:27:11 +02:00
|
|
|
ZyanStatus status = ZydisDecoderDecodeFull(&m_decoder, code, sizeof(code), &instruction, operands);
|
2023-05-30 12:33:52 +02:00
|
|
|
if (!ZYAN_SUCCESS(status))
|
|
|
|
|
{
|
|
|
|
|
printf("decode instruction failed at %p\n", code);
|
2023-05-30 12:39:08 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2023-05-30 15:27:11 +02:00
|
|
|
printInst(instruction, operands,address);
|
2023-05-30 12:33:52 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-30 15:27:11 +02:00
|
|
|
void Disassembler::printInst(ZydisDecodedInstruction& inst, ZydisDecodedOperand* operands,u64 address)
|
2023-05-30 12:33:52 +02:00
|
|
|
{
|
|
|
|
|
const int bufLen = 256;
|
|
|
|
|
char szBuffer[bufLen];
|
2023-05-30 15:27:11 +02:00
|
|
|
ZydisFormatterFormatInstruction(&m_formatter, &inst, operands,inst.operand_count_visible, szBuffer, sizeof(szBuffer), address, ZYAN_NULL);
|
2023-05-30 12:33:52 +02:00
|
|
|
printf("instruction: %s\n", szBuffer);
|
|
|
|
|
}
|
