PageRenderTime 70ms CodeModel.GetById 43ms RepoModel.GetById 1ms app.codeStats 0ms

/insn_len.h

https://github.com/oblique/insn_len
C Header | 306 lines | 144 code | 36 blank | 126 comment | 212 complexity | cef8521fb782f7aa81d4f655606d8587 MD5 | raw file
    

  1. /* Copyright 2011 oblique. All rights reserved.
    2. 

  2.  *
    3. 

  3.  * Redistribution and use in source and binary forms, with or without modification, are
    4. 

  4.  * permitted provided that the following conditions are met:
    5. 

  5.  *
    6. 

  6.  *    1. Redistributions of source code must retain the above copyright notice, this list of
    7. 

  7.  *       conditions and the following disclaimer.
    8. 

  8.  *
    9. 

  9.  *    2. Redistributions in binary form must reproduce the above copyright notice, this list
    10. 

  10.  *       of conditions and the following disclaimer in the documentation and/or other materials
    11. 

  11.  *       provided with the distribution.
    12. 

  12.  *
    13. 

  13.  * THIS SOFTWARE IS PROVIDED BY OBLIQUE ``AS IS'' AND ANY EXPRESS OR IMPLIED
    14. 

  14.  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
    15. 

  15.  * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL OBLIQUE OR
    16. 

  16.  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
    17. 

  17.  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    18. 

  18.  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
    19. 

  19.  * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
    20. 

  20.  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
    21. 

  21.  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    22. 

  22.  *
    23. 

  23.  * The views and conclusions contained in the software and documentation are those of the
    24. 

  24.  * authors and should not be interpreted as representing official policies, either expressed
    25. 

  25.  * or implied, of oblique.
    26. 

  26.  */
    27. 

  27. #ifndef INSN_LEN_H
    28. 

  28. #define INSN_LEN_H
    29. 

  29. 

  30. /* References:
    31. 

  31.  * Intel 64 and IA-32 Architectures Software Developer's Manuals - Volume 2A Ch. 2
    32. 

  32.  * http://ref.x86asm.net
    33. 

  33.  * http://sandpile.org
    34. 

  34.  */
    35. 

  35. 

  36. #ifdef __cplusplus
    37. 

  37. extern "C" {
    38. 

  38. #endif
    39. 

  39. 

  40. #define Mod_M       0xc0
    41. 

  41. #define RM_M        0x7
    42. 

  42. #define Base_M      0x7
    43. 

  43. #define REX_W       0x8
    44. 

  44. 

  45. #define MAX_INSN_LEN_x86    15
    46. 

  46. #define MAX_INSN_LEN_x86_32 MAX_INSN_LEN_x86
    47. 

  47. #define MAX_INSN_LEN_x86_64 MAX_INSN_LEN_x86
    48. 

  48. 

  49. enum __bits { __b16, __b32, __b64 };
    50. 

  50. 

  51. #ifdef __i386__
    52. 

  52. #define insn_len(insn)  insn_len_x86_32(insn)
    53. 

  53. #define MAX_INSN_LEN    MAX_INSN_LEN_x86_32
    54. 

  54. #elif defined(__x86_64__)
    55. 

  55. #define insn_len(insn)  insn_len_x86_64(insn)
    56. 

  56. #define MAX_INSN_LEN    MAX_INSN_LEN_x86_64
    57. 

  57. #endif
    58. 

  58. 

  59. /* This function returns the length of an x86 instruction.
    60. 

  60.  * I assume that instruction is valid.
    61. 

  61.  */
    62. 

  62. static inline int __insn_len_x86(void *insn, enum __bits bits) {
    63. 

  63. 	int len = 0, twobytes = 0, has_modrm = 0;
    64. 

  64. 	enum __bits operand_bits = __b32, addr_bits = bits;
    65. 

  65. 	unsigned char *c = (unsigned char*)insn, modrm, opcode;
    66. 

  66. 

  67. 	/* prefixes
    68. 

  68. 	 *
    69. 

  69. 	 * 0xf0, 0xf2, 0xf3, 0x2e, 0x36
    70. 

  70. 	 * 0x3e, 0x26, 0x64, 0x65, 0x66, 0x67
    71. 

  71. 	 */
    72. 

  72. 

  73. 	// skip prefixes
    74. 

  74. 	while (*c == 0xf0 || *c == 0xf2 || *c == 0xf3 ||
    75. 

  75. 	       *c == 0x2e || *c == 0x36 || *c == 0x3e || *c == 0x26 ||
    76. 

  76. 	       (*c & 0xfc) == 0x64) {
    77. 

  77. 		if (*c == 0x66) // 16bits operands
    78. 

  78. 			operand_bits = __b16;
    79. 

  79. 		if (*c == 0x67) // 16bits addressing (x86-32), 32bits addressing (x86-64)
    80. 

  80. 			addr_bits = bits == __b32 ? __b16 : __b32;
    81. 

  81. 		c++;
    82. 

  82. 		len++;
    83. 

  83. 	}
    84. 

  84. 

  85. 	if (bits == __b64 && (*c & 0xf0) == 0x40) { // x86-64 && REX byte
    86. 

  86. 		if (*c & REX_W)
    87. 

  87. 			operand_bits = __b64;
    88. 

  88. 		c++;
    89. 

  89. 		len++;
    90. 

  90. 	}
    91. 

  91. 

  92. 	/* 0x9b prefix is used only by the following 1byte opcodes
    93. 

  93. 	 *
    94. 

  94. 	 * 0xd9 Mod != 11 Reg/Op = 110 or 111
    95. 

  95. 	 * 0xdb ModR/M = 0xe2 or 0xe3
    96. 

  96. 	 * 0xdd Reg/Op = 110 or 111
    97. 

  97. 	 * 0xdf ModR/M = 0xe0
    98. 

  98. 	 */
    99. 

  99. 

  100. 	// check for 2bytes opcodes (0x0f prefix)
    101. 

  101. 	if (*c == 0x0f) {
    102. 

  102. 		twobytes = 1;
    103. 

  103. 		c++;
    104. 

  104. 		len++;
    105. 

  105. 	} else if (*c == 0x9b && // check 0x9b prefix
    106. 

  106. 		   ( (c[1] == 0xd9 && (c[2] & Mod_M) != Mod_M && (c[2] & 0x30) == 0x30) ||
    107. 

  107. 		     (c[1] == 0xdb && (c[2] == 0xe2 || c[2] == 0xe3)) ||
    108. 

  108. 		     (c[1] == 0xdd && (c[2] & 0x30) == 0x30) ||
    109. 

  109. 		     (c[1] == 0xdf && c[2] == 0xe0)
    110. 

  110. 			   )) {
    111. 

  111. 		c++;
    112. 

  112. 		len++;
    113. 

  113. 	}
    114. 

  114. 

  115. 	opcode = *c++;
    116. 

  116. 	len++;
    117. 

  117. 

  118. 	/* 1byte opcodes that use ModR/M byte:
    119. 

  119. 	 *
    120. 

  120. 	 * 0x00 - 0x03, 0x08 - 0x0b,
    121. 

  121. 	 * 0x10 - 0x13, 0x18 - 0x1b,
    122. 

  122. 	 * 0x20 - 0x23, 0x28 - 0x2b,
    123. 

  123. 	 * 0x30 - 0x33, 0x38 - 0x3b,
    124. 

  124. 	 * 0x62, 0x63, 0x69, 0x6b,
    125. 

  125. 	 * 0x80 - 0x8f, 0xc0, 0xc1,
    126. 

  126. 	 * 0xc4 - 0xc7,
    127. 

  127. 	 * 0xd0 - 0xd3, 0xd8 - 0xdf
    128. 

  128. 	 * 0xf6, 0xf7, 0xfe, 0xff
    129. 

  129. 	 */
    130. 

  130. 

  131. 	if (!twobytes &&
    132. 

  132. 	    ((opcode & 0xf4) == 0 || (opcode & 0xf4) == 0x10 ||
    133. 

  133. 	     (opcode & 0xf4) == 0x20 || (opcode & 0xf4) == 0x30 ||
    134. 

  134. 	     opcode == 0x62 || opcode == 0x63 || opcode == 0x69 || opcode == 0x6b ||
    135. 

  135. 	     (opcode & 0xf0) == 0x80 || opcode == 0xc0 || opcode == 0xc1 ||
    136. 

  136. 	     (opcode & 0xfc) == 0xc4 || (opcode & 0xfc) == 0xd0 ||
    137. 

  137. 	     (opcode & 0xf8) == 0xd8 || opcode == 0xf6 || opcode == 0xf7 ||
    138. 

  138. 	     opcode == 0xfe || opcode == 0xff))
    139. 

  139. 		has_modrm = 1;
    140. 

  140. 

  141. 	/* 2bytes opcodes that they *don't* use ModR/M byte:
    142. 

  142. 	 *
    143. 

  143. 	 * 0x05 - 0x09, 0x0b, 0x0e,
    144. 

  144. 	 * 0x30 - 0x37, 0x77, 0x80 - 0x8f,
    145. 

  145. 	 * 0xa0 - 0xa2, 0xa8 - 0xaa, 0xb9
    146. 

  146. 	 * 0xc8 - 0xcf
    147. 

  147. 	 */
    148. 

  148. 

  149. 	if (twobytes) {
    150. 

  150. 		if (!((opcode >= 0x05 && opcode <= 0x09) || opcode == 0x0b ||
    151. 

  151. 		      opcode == 0x0e || (opcode & 0xf8) == 0x30 || opcode == 0x77 ||
    152. 

  152. 		      (opcode & 0xf0) == 0x80 || (opcode >= 0xa0 && opcode <= 0xa2) ||
    153. 

  153. 		      (opcode >= 0xa8 && opcode <= 0xaa) || (opcode & 0xf8) == 0xc8 ||
    154. 

  154. 		      opcode == 0xb9))
    155. 

  155. 			has_modrm = 1;
    156. 

  156. 

  157. 		// 3bytes opcodes
    158. 

  158. 		if (opcode == 0x38 || opcode == 0x3a) {
    159. 

  159. 			c++;
    160. 

  160. 			len++;
    161. 

  161. 		}
    162. 

  162. 

  163. 		// 3DNow! opcode
    164. 

  164. 		if (opcode == 0x0f)
    165. 

  165. 			len++;
    166. 

  166. 	}
    167. 

  167. 

  168. 	if (has_modrm) {
    169. 

  169. 		len++;
    170. 

  170. 		modrm = *c++;
    171. 

  171. 		if (addr_bits != __b16 && (modrm & (Mod_M | RM_M)) == 5) // Mod = 00 R/M = 101
    172. 

  172. 			len += 4;
    173. 

  173. 		if (addr_bits == __b16 && (modrm & (Mod_M | RM_M)) == 6) // Mod = 00 R/M = 110 and 16bits addressing
    174. 

  174. 			len += 2;
    175. 

  175. 		if ((modrm & Mod_M) == 0x40) // Mod = 01
    176. 

  176. 			len += 1;
    177. 

  177. 		if ((modrm & Mod_M) == 0x80) // Mod = 10
    178. 

  178. 			len += addr_bits == __b16 ? 2 : 4;
    179. 

  179. 

  180. 		// check SIB byte
    181. 

  181. 		if (addr_bits != __b16 && (modrm & Mod_M) != Mod_M && (modrm & RM_M) == 4) { // if it has SIB
    182. 

  182. 			len++;
    183. 

  183. 			if ((modrm & Mod_M) == 0 && (*c & Base_M) == 5) // Mod = 00   SIB Base = 101
    184. 

  184. 				len += 4;
    185. 

  185. 			c++;
    186. 

  186. 		}
    187. 

  187. 	}
    188. 

  188. 

  189. 	/* Immediate operands
    190. 

  190. 	 *
    191. 

  191. 	 * 1byte opcode list:
    192. 

  192. 	 *
    193. 

  193. 	 * imm8 (1 byte)
    194. 

  194. 	 *
    195. 

  195. 	 * 0x04, 0x0c, 0x14, 0x1c, 0x24, 0x2c, 0x34, 0x3c, 0x6a, 0x6b, 0x70 - 0x7f,
    196. 

  196. 	 * 0x80, 0x82, 0x83, 0xa8, 0xb0 - 0xb7, 0xc0, 0xc1, 0xc6, 0xcd, 0xd4,
    197. 

  197. 	 * 0xd5, 0xe0 - 0xe7, 0xeb, 0xf6 (Reg/Op = 000 or Reg/Op = 001)
    198. 

  198. 	 *
    199. 

  199. 	 * imm16 (2 bytes)
    200. 

  200. 	 *
    201. 

  201. 	 * 0xc2, 0xca
    202. 

  202. 	 *
    203. 

  203. 	 * imm16/32 (2 bytes if operand_bits == __b16 else 4 bytes)
    204. 

  204. 	 *
    205. 

  205. 	 * 0x05, 0x0d, 0x15, 0x1d, 0x25, 0x2d, 0x35, 0x3d, 0x68, 0x69, 0x81, 0xa9
    206. 

  206. 	 * 0xc7, 0xe8, 0xe9
    207. 

  207. 	 *
    208. 

  208. 	 * imm16/32/64 (2 bytes if operand_bits == __b16, 4 bytes if __b32, 8 bytes if __b64)
    209. 

  209. 	 *
    210. 

  210. 	 * 0xb8 - 0xbf, 0xf7 (Reg/Op = 000 or Reg/Op = 001)
    211. 

  211. 	 *
    212. 

  212. 	 * moffs (2 bytes if addr_bits == __b16, 4 bytes if __b32, 8 bytes if __b64)
    213. 

  213. 	 *
    214. 

  214. 	 * 0xa0, 0xa1, 0xa2, 0xa3
    215. 

  215. 	 *
    216. 

  216. 	 * others
    217. 

  217. 	 *
    218. 

  218. 	 * 0xea, 0x9a: imm16 + imm16/32
    219. 

  219. 	 * 0xc8: imm16 + imm8
    220. 

  220. 	 *
    221. 

  221. 	 *
    222. 

  222. 	 * 2bytes opcode list:
    223. 

  223. 	 *
    224. 

  224. 	 * imm8 (1 byte)
    225. 

  225. 	 *
    226. 

  226. 	 * 0x70 - 0x73, 0xa4, 0xac, 0xba, 0xc2, 0xc4 - 0xc6
    227. 

  227. 	 *
    228. 

  228. 	 * imm16/32 (2 bytes if operand_bits == __b16 else 4 bytes)
    229. 

  229. 	 *
    230. 

  230. 	 * 0x80 - 0x8f
    231. 

  231. 	 *
    232. 

  232. 	 *
    233. 

  233. 	 * all 3bytes opcodes with 0x3a prefix have imm8
    234. 

  234. 	 */
    235. 

  235. 	if (!twobytes) { // 1byte opcodes
    236. 

  236. 		// imm8
    237. 

  237. 		if (((opcode & 7) == 4 && (opcode & 0xf0) <= 0x30) ||
    238. 

  238. 		    opcode == 0x6a || opcode == 0x6b || (opcode & 0xf0) == 0x70 ||
    239. 

  239. 		    opcode == 0x80 || opcode == 0x82 || opcode == 0x83 ||
    240. 

  240. 		    opcode == 0xa8 || (opcode & 0xf8) == 0xb0 || opcode == 0xc0 ||
    241. 

  241. 		    opcode == 0xc1 || opcode == 0xc6 || opcode == 0xcd ||
    242. 

  242. 		    opcode == 0xd4 || opcode == 0xd5 || (opcode & 0xf8) == 0xe0 ||
    243. 

  243. 		    opcode == 0xeb || (opcode == 0xf6 && (modrm & 0x30) == 0))
    244. 

  244. 			len += 1;
    245. 

  245. 

  246. 		// imm16
    247. 

  247. 		if (opcode == 0xc2 || opcode == 0xca)
    248. 

  248. 			len += 2;
    249. 

  249. 

  250. 		// imm16/32
    251. 

  251. 		if (((opcode & 7) == 5 && (opcode & 0xf0) <= 0x30) ||
    252. 

  252. 		    opcode == 0x68 || opcode == 0x69 || opcode == 0x81 ||
    253. 

  253. 		    opcode == 0xa9 || opcode == 0xc7 || opcode == 0xe8 ||
    254. 

  254. 		    opcode == 0xe9)
    255. 

  255. 			len += operand_bits == __b16 ? 2 : 4;
    256. 

  256. 

  257. 		// imm16/32/64
    258. 

  258. 		if ((opcode & 0xf8) == 0xb8 || (opcode == 0xf7 && (modrm & 0x30) == 0))
    259. 

  259. 			len += operand_bits == __b16 ? 2 : operand_bits == __b32 ? 4 : 8;
    260. 

  260. 

  261. 		// moffs
    262. 

  262. 		if ((opcode & 0xfc) == 0xa0)
    263. 

  263. 			len += addr_bits == __b16 ? 2 : addr_bits == __b32 ? 4 : 8;
    264. 

  264. 

  265. 		// others
    266. 

  266. 		if (opcode == 0xea || opcode == 0x9a)
    267. 

  267. 			len += 2 + (operand_bits == __b16 ? 2 : 4);
    268. 

  268. 		if (opcode == 0xc8)
    269. 

  269. 			len += 3;
    270. 

  270. 	} else { // 2bytes opcodes
    271. 

  271. 		// imm8
    272. 

  272. 		if ((opcode & 0xfc) == 0x70 || opcode == 0xa4 ||
    273. 

  273. 		    opcode == 0xac || opcode == 0xba || opcode == 0xc2 ||
    274. 

  274. 		    (opcode >= 0xc4 && opcode <= 0xc6))
    275. 

  275. 			len += 1;
    276. 

  276. 

  277. 		// imm16/32
    278. 

  278. 		if ((opcode & 0xf0) == 0x80)
    279. 

  279. 			len += operand_bits == __b16 ? 2 : 4;
    280. 

  280. 

  281. 		// 3bytes opcodes with 0x3a prefix
    282. 

  282. 		if (opcode == 0x3a)
    283. 

  283. 			len += 1;
    284. 

  284. 	}
    285. 

  285. 

  286. 	// wrong length
    287. 

  287. 	if (len > MAX_INSN_LEN_x86)
    288. 

  288. 		len = 1;
    289. 

  289. 

  290. 	return len;
    291. 

  291. }
    292. 

  292. 

  293. static int insn_len_x86_32(void *insn) {
    294. 

  294. 	return __insn_len_x86(insn, __b32);
    295. 

  295. }
    296. 

  296. 

  297. static int insn_len_x86_64(void *insn) {
    298. 

  298. 	return __insn_len_x86(insn, __b64);
    299. 

  299. }
    300. 

  300. 

  301. 

  302. #ifdef __cplusplus
    303. 

  303. }
    304. 

  304. #endif
    305. 

  305. 

  306. #endif
    307. 

  307.