public override string ToString(MyDictionary ProcList, VarDictionary VarDict, Dictionary <ulong, TFunc> NewSubs)
{
string s = "$" + ins.ToAsmString();
if (bytes[0] == 0xE8)
{
if (ins.Operand1.ValueType == TUP.AsmResolver.ASM.OperandType.Normal)
{
s = AddProc(((Offset)ins.Operand1.Value).FileOffset + Addr, ProcList, NewSubs);
}
}
if (bytes[0] == 0xFF)
{
if (bytes[1] == 0x15)
{
if (ins.Operand1.ValueType == TUP.AsmResolver.ASM.OperandType.DwordPointer)
{
s = AddProc(((Offset)ins.Operand1.Value).Va, ProcList, NewSubs);
}
}
}
if (bytes[0] == 0xA3)//mov somevar, EAX
{
TVar Var1 = new TVar(((Offset)ins.Operand1.Value).Va, "", 4);
if (!VarDict.ContainsKey(((Offset)ins.Operand1.Value).Va))
{
VarDict.AddVar(Var1);
}
;
s = VarDict[((Offset)ins.Operand1.Value).Va].FName + " = EAX;";
}
if ((bytes[0] == 0xC2) | //retn
(bytes[0] == 0xC3)) //ret
{
s = "$ret";
}
return(s);
}
public override string ToString(MyDictionary ProcList, VarDictionary VarDict, Dictionary<ulong, TFunc> NewSubs)
{
if (!(bytes==null))
if (bytes.Count() > 0)
switch (bytes[0])
{
case 0x74: return "$jz Loc_" + OpToString(0).Remove(0, 2);
case 0x75: return "$jnz Loc_" + OpToString(0).Remove(0, 2);
case 0xE8://call;
return AddProc(ops[0].value.imm.imm64, ProcList, NewSubs);
case 0xE9://jmp;
case 0xEB://jmp;
return "$jmp Loc_" + OpToString(0).Remove(0, 2);
case 0xA3://mov somevar, EAX
{
TVar Var1 = new TVar((ulong)disp.value.d64, "", 4);
if (!VarDict.ContainsKey((ulong)disp.value.d64))
{
VarDict.AddVar(Var1);
};
return VarDict[(ulong)disp.value.d64].FName + " = " + OpToString(1) + ";";
}
case 0xFF:
{
if (this.bytes[1] == 0x15)
return AddProc(disp.value.d64, ProcList, NewSubs);
} break;
case 0x0F:
{
if (this.bytes[1] == 0x86)
return "$jbe Loc_" + OpToString(0).Remove(0, 2);
}break;
}
string ret = "$"+mnemonic;
if (ops[0].size > 0) ret += " " + OpToString(0);
if (ops[1].size > 0) ret += ", " + OpToString(1);
if (ops[2].size > 0) ret += ", " + OpToString(2);
return ret;
}
public override string ToString(MyDictionary ProcList, VarDictionary VarDict, Dictionary<ulong, TFunc> NewSubs)
{
string s = "$"+ins.ToAsmString();
if (bytes[0] == 0xE8)
if (ins.Operand1.ValueType == TUP.AsmResolver.ASM.OperandType.Normal)
s = AddProc(((Offset)ins.Operand1.Value).FileOffset + Addr, ProcList, NewSubs);
if (bytes[0] == 0xFF)
if (bytes[1] == 0x15)
if (ins.Operand1.ValueType == TUP.AsmResolver.ASM.OperandType.DwordPointer)
s = AddProc(((Offset)ins.Operand1.Value).Va, ProcList, NewSubs);
if (bytes[0] == 0xA3)//mov somevar, EAX
{
TVar Var1 = new TVar(((Offset)ins.Operand1.Value).Va, "", 4);
if (!VarDict.ContainsKey(((Offset)ins.Operand1.Value).Va))
{
VarDict.AddVar(Var1);
};
s = VarDict[((Offset)ins.Operand1.Value).Va].FName + " = EAX;";
}
if ((bytes[0] == 0xC2) |//retn
(bytes[0] == 0xC3))//ret
s = "$ret";
return s;
}
