1 /**
2  * @namespace   biew_plugins_I
3  * @file        plugins/disasm.h
4  * @brief       This file contains function prototypes for disassembler interface.
5  * @version     -
6  * @remark      this source file is part of Binary vIEW project (BIEW).
7  *              The Binary vIEW (BIEW) is copyright (C) 1995 Nickols_K.
8  *              All rights reserved. This software is redistributable under the
9  *              licence given in the file "Licence.en" ("Licence.ru" in russian
10  *              translation) distributed in the BIEW archive.
11  * @note        Requires POSIX compatible development system
12  *
13  * @author      Nickols_K
14  * @since       1995
15  * @note        Development, fixes and improvements
16 **/
17 #ifndef __DISASM_H
18 #define __DISASM_H
19 
20 #ifndef __COLORSET__H
21 #include "colorset.h"
22 #endif
23 
24 #ifndef __TWIN_H
25 #include "biewlib/twin.h"
26 #endif
27 
28 #ifndef __FILE_INI_RUNTIME_SUPPORT_SYSTEM__
29 #include "biewlib/file_ini.h"
30 #endif
31 
32 /** List of CPU platform. */
33 
34 #define DISASM_DATA		0  /**< indicates data disassembler */
35 #define DISASM_CPU_IX86		1  /**< indicates Intel-x86 disassembler */
36 #define DISASM_CPU_AVR		2  /**< indicates Atmel-AVR disassembler */
37 #define DISASM_JAVA		3  /**< indicates Java disassembler */
38 #define DISASM_CPU_ARM		4  /**< indicates ARM disassembler */
39 #define DISASM_CPU_PPC		5  /**< indicates PowerPC disassembler */
40                                     /* ... here may placed other constants!!! ... */
41 #define DISASM_CPU_IA64		6  /**< indicates Itanium disassembler */
42 #define DISASM_CPU_ALPHA	7  /**< indicates DEC Alpha disassembler */
43 #define DISASM_CPU_MIPS		8  /**< indicates MIPS disassembler */
44 #define DISASM_CPU_SPARC	9  /**< indicates SUN Sparc disassembler */
45 #define DISASM_CPU_SH		10 /**< indicates Hitachi SH disassembler */
46 #define DISASM_CPU_CRAY		11 /**< indicates Cray disassembler */
47                                     /* ... here may placed other constants!!! ... */
48 #define DISASM_DEFAULT		0  /**< indicates unspecified disassembler: format default */
49 
50 
51 typedef tBool (__FASTCALL__ *DisasmAction)( void );
52 typedef unsigned char * MBuffer;
53 
54 /*
55    This struct is ordered as it documented in Athlon manual
56    Publication # 22007 Rev: D
57 */
58 typedef struct tagDisasmRet
59 {
60   unsigned long pro_clone; /**< contains processor clone when normal disassembling; instruction type on __DISF_GETTYPE */
61   char         *str;       /**< contains disassembler output */
62   unsigned long field;     /**< on __DISF_GETTYPE contains offset to field for binding from begin of insn, if present. */
63   unsigned char codelen;   /**< contains length of instruction when normal disassembling; length of field for binding on __DISF_GETTYPE */
64 }DisasmRet;
65 
66 #define ASM_NOERR  0
67 #define ASM_SYNTAX 1
68 
69 /*
70    This struct is ordered as it documented in Athlon manual
71    Publication # 22007 Rev: D
72 */
73 typedef struct tagAsmRet
74 {
75   MBuffer       insn;
76   int           err_code;
77   unsigned char insn_len;
78 }AsmRet;
79 
80 /* New features: commentaries */
81 #define DISCOM_SIZE 256       /**< Size of disassembler commentaries */
82 extern char *   dis_comments; /**< Pointer to disassembler commentaries */
83 
84 #define DISCOMSEV_NONE    0 /**< means no comments were appended */
85 #define DISCOMSEV_STRING  1 /**< means comment is representation of multibyte immediate operand */
86 #define DISCOMSEV_INSNREF 2 /**< means comment is instruction reference (like ; RETURN) */
87 #define DISCOMSEV_STRPTR  3 /**< means comment is pointer to the string */
88 #define DISCOMSEV_FUNC    4 /**< means comment is function name */
89 extern unsigned dis_severity; /**< severity of disassembler commentaries */
90 
91 
92 #define PREDICT_DEPTH 15 /**< means depth of prediction is 15 insns which have max_insn_len */
93 
94 /** Flags of disassembler */
95 #define __DISF_NORMAL   0x0000 /**< Performs normal disassembling */
96 #define __DISF_GETTYPE  0x0001 /**< Tells to disassembler that field pro_clone must to contain type of instruction */
97 #define __DISF_SIZEONLY 0x8000 /**< Performs computing size of insns */
98 
99 /** Types of instruction (for __DISF_GETTYPE) in future must grow */
100 #define __INSNT_ORDINAL 0x00000000L /**< Any unspecified instruction */
101 #define __INSNT_RET     0x00000001L /**< Instruction of return class */
102 #define __INSNT_LEAVE   0x00000002L /**< Instruction of leave class: Example: pop reg1; pop reg2; mov esp, ebp; pop ebp; retx or similar */
103 #define __INSNT_JMPVVT  0x00000003L /**< Jump via virtual table */
104 #define __INSNT_JMPPIC  0x00000004L /**< Jump via PIC. Like: .i386: jmp name@GOT(ebx) */
105 #define __INSNT_JMPRIP  0x00000005L /**< Jump via RIP. Like: .i386: jmp [rip+name@GOT(rip)] */
106 
107 typedef DisasmRet (__FASTCALL__ *DisasmFunc)(__filesize_t shift,
108                                              MBuffer insn_buff,
109                                              unsigned flags);
110 typedef AsmRet    (__FASTCALL__ *AsmFunc)(const char *str);
111 
112 typedef struct tag_REGISTRY_DISASM
113 {
114   unsigned     type;		/**< DISASM_XXX constant */
115   const char * name;		/**< disassembler name */
116   const char * prompt[4];	/**< prompt on Ctrl-(F1,F3-F5) */
117   DisasmAction action[4];	/**< actions on Ctrl-(F1,F3-F5) */
118   DisasmFunc   disasm;		/**< main function of disasm */
119   AsmFunc      asm_f;		/**< assembler (vice versa of disasm) */
120   void         (__FASTCALL__ *ShowShortHelp)(void); /**< displays short help */
121   int          (__FASTCALL__ *max_insn_len)(void); /**< Max length of 1 disasm instruction */
122   ColorAttr    (__FASTCALL__ *GetInsnColor)(unsigned long clone); /**< returns color of instruction */
123   ColorAttr    (__FASTCALL__ *GetOpcodeColor)(unsigned long clone); /**< returns color of instruction */
124   ColorAttr    (__FASTCALL__ *altGetInsnColor)(unsigned long clone); /**< returns color of instruction in alternative mode */
125   ColorAttr    (__FASTCALL__ *altGetOpcodeColor)(unsigned long clone); /**< returns color of instruction in alternative mode */
126   int          (__FASTCALL__ *GetDefBitness)(void);               /**< returns currently used bitness */
127   char         (__FASTCALL__ *CloneShortName)(unsigned long clone); /**< returns short clone name of instruction */
128   void         (__FASTCALL__ *init)(void);     /**< initializing of plugin */
129   void         (__FASTCALL__ *term)(void);     /**< terminating of plugin */
130   void         (__FASTCALL__ *read_ini)(hIniProfile *);  /**< reads settings of plugin from .ini file */
131   void         (__FASTCALL__ *save_ini)(hIniProfile *);  /**< stores settings of plugin into .ini file */
132 }REGISTRY_DISASM;
133 
134 extern REGISTRY_DISASM *activeDisasm; /**< currently selected active disassembler */
135 #define PANMOD_FULL   2       /**< full mode of panel: address + instruction bytes + instruction */
136 #define PANMOD_MEDIUM 1       /**< medium mode of panel: address + instruction */
137 #define PANMOD_WIDE   0       /**< full mode of panel: instruction only */
138 extern unsigned disPanelMode; /**< contains select mode of panel */
139 
140 /* references resolution */
141 #define NEEDREF_PREDICT 3    /**< resolves all instructions and uses prediction mechanism */
142 #define NEEDREF_ALL     2    /**< resolves all instructions that has binding */
143 #define NEEDREF_JMP     1    /**< resolves only jump and call instructions */
144 #define NEEDREF_NONE    0    /**< do not resolve references */
145 extern unsigned disNeedRef;  /**< contains selected references resolution */
146 
147 extern DisasmRet Disassembler(__filesize_t ulShift,MBuffer buffer,unsigned flags);
148 
149 /** Common disassembler utility */
150 
151 extern char * __FASTCALL__ TabSpace(char * str,unsigned nSpace);
152 extern void   __FASTCALL__ disSetModifier(char *str,const char *modf);
153 
154 #define DISARG_LLONG    0x0080U /**< signed 8-byte value */
155 #define DISARG_LONG     0x0040U /**< signed 4-byte value */
156 #define DISARG_SHORT    0x0020U /**< signed 2-byte value */
157 #define DISARG_CHAR     0x0010U /**< signed 1-byte value */
158 #define DISARG_BYTE     0x0001U /**< unsigned 1-byte value */
159 #define DISARG_WORD     0x0002U /**< unsigned 2-byte value */
160 #define DISARG_DWORD    0x0004U /**< unsigned 4-byte value */
161 #define DISARG_QWORD    0x0008U /**< unsigned 8-byte value */
162 /* Contsants for references predictions */
163 #define DISARG_IMM      0x1000U /**< Immediate argument */
164 #define DISARG_DISP     0x2000U /**< Argument is displacement only */
165 #define DISARG_IDXDISP  0x4000U /**< Argument is displacement which is combined with registers */
166 #define DISARG_RIP      0x8000U /**< Argument is displacement relatively current Instruction Pointer */
167 /** Appends symbolic information instead digits to instruction string
168     @param str       string to be appended
169     @param flags     same as described in reg_form.h (APREF_* family)
170     @param ulShift   indicates offset to field for binding
171     @param codelen   contains length of field for binding
172     @param defval    contains default value if not binding
173     @param type      see above (DISARG_LONG - DISARG_DWORD family)
174     @return          see RAPREF_* constants in biewutil.h for detail
175     @remark
176     Examples:
177     *** 1 ***
178     00005678: B8 34 12       mov   ax, 1234
179     after references resolving it can will:
180                              mov   ax, off16 KERNEL.@4
181     i.e. i must call this function as:
182     strcpy(outstr,"mov ax,");
183     disAppendDigits(outstr, 0x5679, 1, 2, 0x1234, DISARG_WORD);
184     *** 2 ***
185     00005678: 8B 80 34 12       mov   ax, [bx+si+1234]
186     after references resolving it can will:
187                                 mov   ax, [bx+si+off16 KERNEL.@4]
188     i.e. i must call this function as:
189     strcpy(outstr,"mov ax,[bx+si+");
190     disAppendDigits(outstr, 0x5680, 1, 2, 0x1234, DISARG_WORD);
191     strcat(outstr,"]");
192 **/
193 extern int __FASTCALL__  disAppendDigits(char *str,__filesize_t ulShift,int flags,
194                               char codelen,void *defval,unsigned type);
195 
196 #define DISADR_SHORT   0x00
197 #define DISADR_NEAR16  0x01
198 #define DISADR_NEAR32  0x02
199 #define DISADR_NEAR64  0x04
200 #define DISADR_USESEG  0x10
201 #define DISADR_FAR16   (DISADR_USESEG | DISADR_NEAR16)
202 #define DISADR_FAR32   (DISADR_USESEG | DISADR_NEAR32)
203 /** Appends symbolic information to address field of jump instructions
204     @param str       string to be appended
205     @param ulShift   indicates offset to field for binding
206     @param codelen   contains length of field for binding
207     @param distin    contains original value of field (like defval)
208     @param r_sh      real shift to begin of insn (for pass to CodeGuider as return addr)
209     @param type      see above (DISARG_SHORT - DISARG_FAR32 family)
210     @param seg       contains segment value (optional)
211     @return          see RAPREF_* constants in biewutil.h for detail
212     @remark
213     Examples:
214     *** 1 ***
215     00001002: 9A 78 56 34 12       callf 1234:5678
216     after references resolving it may:
217                                    callf KERNEL.@90
218     i.e. i must call this function as:
219     strcpy(outstr,"callf ");
220     disAppendFAddr(outstr, 0x1003, 0x5678, 0x1002, DISADR_FAR16, 0x1234, 4);
221     *** 2 ***
222     00001002: 66 E9 78 56 34 12       calln32 12345678
223     after references resolving it may:
224                                       calln32 KERNEL32.TerminateApp
225     i.e. i must call this function as:
226     strcpy(outstr,"calln32 ");
227     disAppendFAddr(outstr, 0x1004, 0x12345678, 0x1002, DISADR_NEAR32, 0, 4);
228 **/
229 extern int __FASTCALL__  disAppendFAddr(char * str,__fileoff_t ulShift,__fileoff_t distin,
230                              __filesize_t r_sh,char type,
231                              unsigned seg,char codelen);
232 #endif
233