private void AddExportedEntryPoints(Address addrLoad, ImageMap imageMap, List <EntryPoint> entryPoints)
{
ImageReader rdr = imgLoaded.CreateLeReader(rvaExportTable);
rdr.ReadLeUInt32(); // Characteristics
rdr.ReadLeUInt32(); // timestamp
rdr.ReadLeUInt32(); // version.
rdr.ReadLeUInt32(); // binary name.
rdr.ReadLeUInt32(); // base ordinal
int nExports = rdr.ReadLeInt32();
int nNames = rdr.ReadLeInt32();
if (nExports != nNames)
{
throw new BadImageFormatException("Unexpected discrepancy in PE image.");
}
uint rvaApfn = rdr.ReadLeUInt32();
uint rvaNames = rdr.ReadLeUInt32();
ImageReader rdrAddrs = imgLoaded.CreateLeReader(rvaApfn);
ImageReader rdrNames = imgLoaded.CreateLeReader(rvaNames);
for (int i = 0; i < nNames; ++i)
{
EntryPoint ep = LoadEntryPoint(addrLoad, rdrAddrs, rdrNames);
if (imageMap.IsExecutableAddress(ep.Address))
{
entryPoints.Add(ep);
}
}
}
public C64BasicInstruction ReadLine(Address addr)
{
var rdr = image.CreateLeReader(addr);
ushort next;
ushort line;
byte b;
if (!rdr.TryReadLeUInt16(out next))
{
return(null);
}
if (!rdr.TryReadLeUInt16(out line))
{
return(null);
}
if (next < 0x0801)
{
return(null);
}
var mem = new MemoryStream();
while (rdr.TryReadByte(out b) && b != 0)
{
mem.WriteByte(b);
}
return(new C64BasicInstruction
{
Address = Address.Ptr16(line),
NextAddress = next,
Line = mem.ToArray()
});
}
public void Rotations()
{
X86TextAssembler asm = new X86TextAssembler(new X86ArchitectureReal());
var lr = asm.AssembleFragment(
Address.SegPtr(0xB96, 0),
"foo proc\r\n"+
"rol ax,cl\r\n"+
"ror word ptr [bx+2],cl\r\n"+
"rcr word ptr [bp+4],4\r\n"+
"rcl ax,1\r\n");
LoadedImage img = lr.Image;
CreateDisassembler16(img.CreateLeReader(img.BaseAddress));
StringBuilder sb = new StringBuilder();
foreach (var instr in dasm.Take(4))
{
sb.AppendFormat("{0}\r\n", instr.ToString());
}
string s = sb.ToString();
Assert.AreEqual(
"rol\tax,cl\r\n" +
"ror\tword ptr [bx+02],cl\r\n" +
"rcr\tword ptr [bp+04],04\r\n" +
"rcl\tax,01\r\n", s);
}
protected static Arm32Instruction Disassemble(byte[] bytes)
{
var image = new LoadedImage(Address.Ptr32(0x00100000), bytes);
var dasm = new Arm32Disassembler(new Arm32ProcessorArchitecture(), image.CreateLeReader(0));
return(dasm.First());
}
private IntelInstruction Disassemble64(params byte[] bytes)
{
var img = new LoadedImage(Address.Ptr64(0x10000), bytes);
var rdr = img.CreateLeReader(img.BaseAddress);
var dasm = new X86Disassembler(rdr, PrimitiveType.Word32, PrimitiveType.Word64, true);
return(dasm.First());
}
private X86Instruction Disassemble32(params byte[] bytes)
{
var img = new LoadedImage(Address.Ptr32(0x10000), bytes);
var rdr = img.CreateLeReader(img.BaseAddress);
var dasm = new X86Disassembler(ProcessorMode.Protected32, rdr, PrimitiveType.Word32, PrimitiveType.Word32, false);
return(dasm.First());
}
private void CreateDisassembler32(LoadedImage image)
{
dasm = new X86Disassembler(
image.CreateLeReader(image.BaseAddress),
PrimitiveType.Word32,
PrimitiveType.Word32,
false);
}
private IntelInstruction Disassemble16(params byte[] bytes)
{
LoadedImage img = new LoadedImage(Address.SegPtr(0xC00, 0), bytes);
ImageReader rdr = img.CreateLeReader(img.BaseAddress);
var dasm = new X86Disassembler(rdr, PrimitiveType.Word16, PrimitiveType.Word16, false);
return(dasm.First());
}
private void CreateDisassembler16(LoadedImage image)
{
dasm = new X86Disassembler(
ProcessorMode.Real,
image.CreateLeReader(image.BaseAddress),
PrimitiveType.Word16,
PrimitiveType.Word16,
false);
}
private void RunTest(string sExp, params byte[] bytes)
{
var image = new LoadedImage(Address.Ptr32(0x0100000), bytes);
var dasm = new CilDisassembler(image.CreateLeReader(0)).GetEnumerator();
Assert.IsTrue(dasm.MoveNext());
var instr = dasm.Current;
Assert.AreEqual(sExp, instr.ToString());
}
protected MachineInstruction Disassemble(uint instr)
{
var image = new LoadedImage(Address.Ptr32(0x00100000), new byte[4]);
LeImageWriter w = new LeImageWriter(image.Bytes);
w.WriteLeUInt32(0, instr);
var arch = CreateArchitecture();
var dasm = CreateDisassembler(arch, image.CreateLeReader(0));
Assert.IsTrue(dasm.MoveNext());
return(dasm.Current);
}
public void X86Dis_RelocatedOperand()
{
byte[] image = new byte[] { 0xB8, 0x78, 0x56, 0x34, 0x12 }; // mov eax,0x12345678
LoadedImage img = new LoadedImage(Address.Ptr32(0x00100000), image);
img.Relocations.AddPointerReference(0x00100001ul - img.BaseAddress.ToLinear(), 0x12345678);
ImageReader rdr = img.CreateLeReader(img.BaseAddress);
X86Disassembler dasm = new X86Disassembler(rdr, PrimitiveType.Word32, PrimitiveType.Word32, false);
IntelInstruction instr = dasm.First();
Assert.AreEqual("mov\teax,12345678", instr.ToString());
Assert.AreEqual("ptr32", instr.op2.Width.ToString());
}
public void X86Dis_RelocatedSegment()
{
byte[] image = new byte[] { 0x2E, 0xC7, 0x06, 0x01, 0x00, 0x00, 0x08 }; // mov cs:[0001],0800
LoadedImage img = new LoadedImage(Address.SegPtr(0x900, 0), image);
img.Relocations.AddSegmentReference(5, 0x0800);
ImageReader rdr = img.CreateLeReader(img.BaseAddress);
CreateDisassembler16(rdr);
IntelInstruction instr = dasm.First();
Assert.AreEqual("mov\tword ptr cs:[0001],0800", instr.ToString());
Assert.AreEqual("selector", instr.op2.Width.ToString());
}
protected MachineInstruction DisassembleBits(string bitPattern)
{
var image = new LoadedImage(Address.Ptr32(0x00100000), new byte[4]);
LeImageWriter w = new LeImageWriter(image.Bytes);
uint instr = ParseBitPattern(bitPattern);
w.WriteLeUInt32(0, instr);
var b = image.Bytes;
Debug.Print("Instruction bytes: {0:X2} {1:X2} {2:X2} {3:X2}", b[0], b[1], b[2], b[3]);
var arch = CreateArchitecture();
var dasm = arch.CreateDisassembler(image.CreateLeReader(0));
return(dasm.First());
}
protected MachineInstruction Disassemble16(params ushort[] instrs)
{
var image = new LoadedImage(Address.Ptr32(0x00100000), new byte[4]);
LeImageWriter w = new LeImageWriter(image.Bytes);
foreach (var instr in instrs)
{
w.WriteLeUInt16(instr);
}
var arch = CreateArchitecture();
var dasm = CreateDisassembler(arch, image.CreateLeReader(0));
Assert.IsTrue(dasm.MoveNext());
var armInstr = dasm.Current;
dasm.Dispose();
return(armInstr);
}
private void Given_Program()
{
var addrBase = Address.Ptr32(0x10000);
var image = new LoadedImage(addrBase, new byte[100]);
var map = image.CreateImageMap();
var arch = mr.Stub <IProcessorArchitecture>();
var dasm = mr.Stub <IEnumerable <MachineInstruction> >();
var e = mr.Stub <IEnumerator <MachineInstruction> >();
arch.Stub(a => a.CreateDisassembler(Arg <ImageReader> .Is.NotNull)).Return(dasm);
arch.Stub(a => a.InstructionBitSize).Return(8);
arch.Stub(a => a.CreateImageReader(
Arg <LoadedImage> .Is.NotNull,
Arg <Address> .Is.NotNull)).Return(image.CreateLeReader(addrBase));
dasm.Stub(d => d.GetEnumerator()).Return(e);
arch.Replay();
dasm.Replay();
e.Replay();
this.program = new Program(image, map, arch, null);
}
protected override IEnumerable <RtlInstructionCluster> GetInstructionStream(Frame frame, IRewriterHost host)
{
return(new Rewriter(arch, image.CreateLeReader(0), new Mos6502ProcessorState(arch), new Frame(arch.FramePointerType), host));
}
protected override IEnumerable <RtlInstructionCluster> GetInstructionStream(Frame frame, IRewriterHost host)
{
return(arch.CreateRewriter(image.CreateLeReader(0), arch.CreateProcessorState(), arch.CreateFrame(), host));
}
