In fde32 for C code:

not working, because parameters passed through registers as 64 bit fastcall convention.
To work i use next code:

Please fix it.

Hi yoshimitsu,

I downloaded and compiled your Extended Length Disassembler Engine, works very nicely and as far as I could see determines the length reliably -- in contrast to most of the others out there. I wonder if if the Dec2012 version is the most current or if you continued to work on it. In the latter case, could I obtain an update?

I also have a question: as far as I understand, using the structs etc you provide its easy to extract which registers, addresses etc are affected by a given instruction. But how can I determine which of those operands are read or written?

Thanks for that piece of code!!

Cheers,
bertomatik

@bertomatik:
I'm atm setting it up on github.com (fde32/fde64). However, I haven't changed anything so far. If I will do so, I'll push it to that github-repository, though.

You mean like whether it's mov [eax],eax or mov eax,[eax]? This is not implemented, you'd have to check it yourself by comparing the opcode to either 89h or 8bh (to get the opcodes check the intel manuals or use e.g. ollydbg, I will also upload the fde-source with a commented opcode table to the repo).

@Treant:
I just reviewed it and I'm not quite sure why I did that back then.. the function itself uses ecx and edx, but C uses cdecl which uses the stack, I must've set the compiler to emit fastcalls, I'll fix it, thanks.