flat assembler
Message board for the users of flat assembler.

Index > Main > Length disassembler

Author
Thread Post new topic Reply to topic
TheLord



Joined: 24 Oct 2006
Posts: 42
TheLord
Hi,

I'm interrested by disassembling x86 code in order to get their reladed instructions size. So i started some read work, asked a friend some explanations, but there is something I still dont get.

How do we know where the optional fields (modr/m, SIB etc etc) start, or even are present ?, how does it work ?

if I have to make a table, what should it has in ?

I already took a look at reverend LDE but tbh, the hash table ... lol, I did not even understood the meaning, by the way, i want to do it by myself and not using code I'm not good enough to understand.

thanks,
Post 16 Oct 2009, 17:17
View user's profile Send private message Reply with quote
SFeLi



Joined: 03 Nov 2004
Posts: 140
SFeLi
Intel IA-32 Manual Volume 2b has a table listing all instructions and their operand types. You need to construct a light version of such table in your disassembler: an opcode and flags for its type(start of the 2-byte opcode, prefix, invalid) and its operands (modrm, displacement, immediate) etc. As for SIB you just need to examine modrm byte to check if SIB is present.
Post 17 Oct 2009, 05:20
View user's profile Send private message Reply with quote
Gyver



Joined: 13 Jul 2009
Posts: 7
Gyver
I suggest you to read and download the beaengine.lib!

http://beatrix2004.free.fr/

If i remeber right, there're 2 pdf documents that explain very well how decode instructions!

Good lectures!
Post 17 Oct 2009, 09:26
View user's profile Send private message Reply with quote
TheLord



Joined: 24 Oct 2006
Posts: 42
TheLord
Hi,

Thanks for answering.

SFeLi, thanks for the advice, that's also what I found out, by reading some stuff.

I thought there would be a way to determine which field are used by which instruction with a byte mask in the opcode, or a logical operation to determine if ... or something like that.

Gyver thanks, (are you french?)
I already read the pdf, It was not explaining how to determine if field are used, I did not check the source code that Beatrix gives with, maybe I should !
Post 17 Oct 2009, 10:27
View user's profile Send private message Reply with quote
TheLord



Joined: 24 Oct 2006
Posts: 42
TheLord
hi,

Just for confirming, there is no possibility for an instruction to have a SIB without modR/M right ?

all things lead me to this conclusion, but it would be better for me to get a confirmation Smile

thanks
Post 19 Oct 2009, 09:46
View user's profile Send private message Reply with quote
MazeGen



Joined: 06 Oct 2003
Posts: 977
Location: Czechoslovakia
MazeGen
SIB can be referred only through R/M field of ModR/M byte.
Post 19 Oct 2009, 10:05
View user's profile Send private message Visit poster's website Reply with quote
TheLord



Joined: 24 Oct 2006
Posts: 42
TheLord
Thanks, I did not noticed that the disp was in fact included in the SIB like this one :

MOV DL,BYTE[DS:SI+0xFF]

I was counting a SIB + a 1 byte disp which was wrong.

btw, does any one know how I can test a length disassembler against all possible instructions ? is there any tool ? any file that contains all inst etc ?

Thanks
Post 19 Oct 2009, 11:17
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.