public UInt32 disassemble(ulong offset, out IInstruction instr, ref DISASM_INOUT_PARAMS param)
{
byte[] bt = assembly.ReadBytes(offset, 10);
dsm = new TUP.AsmResolver.ASM.x86Disassembler(bt);
dsm.CurrentOffset = 0;
Instr instr1 = new Instr();
instr1.Addr = offset;
instr1.ins = dsm.DisassembleNextInstruction();
instr1.bytes = assembly.ReadBytes(offset, instr1.ins.Size);
if (instr1.bytes[0] == 0xFF)
if (instr1.bytes[1] == 0x15)
if (instr1.ins.Operand1 != null)
instr1.disp.value.d64 = ((Offset)instr1.ins.Operand1.Value).Va;//Call ExitProcess probably
instr = instr1;
return (UInt32)instr1.ins.Size;
}
public UInt32 disassemble(ulong offset, out IInstruction instr, ref DISASM_INOUT_PARAMS param)
{
byte[] bt = assembly.ReadBytes(offset, 10);
dsm = new TUP.AsmResolver.ASM.x86Disassembler(bt);
dsm.CurrentOffset = 0;
Instr instr1 = new Instr();
instr1.Addr = offset;
instr1.ins = dsm.DisassembleNextInstruction();
instr1.bytes = assembly.ReadBytes(offset, instr1.ins.Size);
if (instr1.bytes[0] == 0xFF)
{
if (instr1.bytes[1] == 0x15)
{
if (instr1.ins.Operand1 != null)
{
instr1.disp.value.d64 = ((Offset)instr1.ins.Operand1.Value).Va;//Call ExitProcess probably
}
}
}
instr = instr1;
return((UInt32)instr1.ins.Size);
}