public void PushEbp()
{
code = new Byte[] { 0x55 };
Assert.AreEqual("push", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("ebp", OpcodeFormatter.GetOperands(code, 0));
Assert.AreEqual("(rBP)", OpcodeFormatter.GetEncodingFor(code));
}
private void PrintOpcodeInfoFor(byte[] code)
{
foreach (var codeByte in code)
{
Console.Write(String.Format("{0:x2}", codeByte) + " ");
}
// magic numbers that happen to look good :)
var numberOfTabs = 3 - (code.Length / 3);
for (var i = 0; i < numberOfTabs; i++)
{
Console.Write("\t");
}
Console.Write(OpcodeFormatter.GetInstructionName(code));
Console.Write("\t");
var operands = OpcodeFormatter.GetOperands(code, state.InstructionPointer);
Console.Write(operands);
if (operands.Length < 8)
{
Console.Write("\t");
}
var encoding = OpcodeFormatter.GetEncodingFor(code);
Console.Write("\t");
Console.WriteLine(encoding);
}
public void MovPtrEsp10()
{
code = new Byte[] { 0xc7, 0x04, 0x24, 0x10, 0x00, 0x00, 0x00 };
Assert.AreEqual("mov", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("[esp], 0x10", OpcodeFormatter.GetOperands(code, 0));
Assert.AreEqual("(EvIz)", OpcodeFormatter.GetEncodingFor(code));
}
public void MovPtrEaxPlusSixteenZero()
{
code = new Byte[] { 0xc6, 0x40, 0x10, 0x00 };
Assert.AreEqual("mov", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("[eax+16], 0x0", OpcodeFormatter.GetOperands(code, 0));
Assert.AreEqual("(EbIb)", OpcodeFormatter.GetEncodingFor(code));
}
public void MovEbpEsp()
{
code = new Byte[] { 0x89, 0xe5 };
Assert.AreEqual("mov", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("ebp, esp", OpcodeFormatter.GetOperands(code, 0));
Assert.AreEqual("(EvGv)", OpcodeFormatter.GetEncodingFor(code));
}
public void MovEaxZero()
{
code = new Byte[] { 0xb8, 0x00, 0x00, 0x00, 0x00 };
Assert.AreEqual("mov", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("eax, 0x0", OpcodeFormatter.GetOperands(code, 0));
Assert.AreEqual("(rAxIv)", OpcodeFormatter.GetEncodingFor(code));
}
public void JzImmediate()
{
code = new Byte[] { 0xe8, 0xb9, 0xff, 0xff, 0xff };
Assert.AreEqual("call", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("0x0804837c", OpcodeFormatter.GetOperands(code, 0x080483be));
Assert.AreEqual("(Jz)", OpcodeFormatter.GetEncodingFor(code));
}
public void MovZxEaxBytePtr()
{
code = new Byte[] { 0x0f, 0xb6, 0x05, 0x00, 0x96, 0x04, 0x08 };
// TODO: this should actually be movzx
Assert.AreEqual("mov", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("eax, [0x8049600]", OpcodeFormatter.GetOperands(code, 0));
}
public void LeaEdxEaxPlus16()
{
code = new Byte[] { 0x8d, 0x50, 0x10 };
Assert.AreEqual("lea", OpcodeFormatter.GetInstructionName(code));
Assert.AreEqual("edx, [eax+16]", OpcodeFormatter.GetOperands(code, 0));
}