1 /** 2 * @namespace biew_plugins_I 3 * @file plugins/disasm.h 4 * @brief This file contains function prototypes for disassembler interface. 5 * @version - 6 * @remark this source file is part of Binary vIEW project (BIEW). 7 * The Binary vIEW (BIEW) is copyright (C) 1995 Nickols_K. 8 * All rights reserved. This software is redistributable under the 9 * licence given in the file "Licence.en" ("Licence.ru" in russian 10 * translation) distributed in the BIEW archive. 11 * @note Requires POSIX compatible development system 12 * 13 * @author Nickols_K 14 * @since 1995 15 * @note Development, fixes and improvements 16 **/ 17 #ifndef __DISASM_H 18 #define __DISASM_H 19 20 #ifndef __COLORSET__H 21 #include "colorset.h" 22 #endif 23 24 #ifndef __TWIN_H 25 #include "biewlib/twin.h" 26 #endif 27 28 #ifndef __FILE_INI_RUNTIME_SUPPORT_SYSTEM__ 29 #include "biewlib/file_ini.h" 30 #endif 31 32 /** List of CPU platform. */ 33 34 #define DISASM_DATA 0 /**< indicates data disassembler */ 35 #define DISASM_CPU_IX86 1 /**< indicates Intel-x86 disassembler */ 36 #define DISASM_CPU_AVR 2 /**< indicates Atmel-AVR disassembler */ 37 #define DISASM_JAVA 3 /**< indicates Java disassembler */ 38 #define DISASM_CPU_ARM 4 /**< indicates ARM disassembler */ 39 #define DISASM_CPU_PPC 5 /**< indicates PowerPC disassembler */ 40 /* ... here may placed other constants!!! ... */ 41 #define DISASM_CPU_IA64 6 /**< indicates Itanium disassembler */ 42 #define DISASM_CPU_ALPHA 7 /**< indicates DEC Alpha disassembler */ 43 #define DISASM_CPU_MIPS 8 /**< indicates MIPS disassembler */ 44 #define DISASM_CPU_SPARC 9 /**< indicates SUN Sparc disassembler */ 45 #define DISASM_CPU_SH 10 /**< indicates Hitachi SH disassembler */ 46 #define DISASM_CPU_CRAY 11 /**< indicates Cray disassembler */ 47 /* ... here may placed other constants!!! ... */ 48 #define DISASM_DEFAULT 0 /**< indicates unspecified disassembler: format default */ 49 50 51 typedef tBool (__FASTCALL__ *DisasmAction)( void ); 52 typedef unsigned char * MBuffer; 53 54 /* 55 This struct is ordered as it documented in Athlon manual 56 Publication # 22007 Rev: D 57 */ 58 typedef struct tagDisasmRet 59 { 60 unsigned long pro_clone; /**< contains processor clone when normal disassembling; instruction type on __DISF_GETTYPE */ 61 char *str; /**< contains disassembler output */ 62 unsigned long field; /**< on __DISF_GETTYPE contains offset to field for binding from begin of insn, if present. */ 63 unsigned char codelen; /**< contains length of instruction when normal disassembling; length of field for binding on __DISF_GETTYPE */ 64 }DisasmRet; 65 66 #define ASM_NOERR 0 67 #define ASM_SYNTAX 1 68 69 /* 70 This struct is ordered as it documented in Athlon manual 71 Publication # 22007 Rev: D 72 */ 73 typedef struct tagAsmRet 74 { 75 MBuffer insn; 76 int err_code; 77 unsigned char insn_len; 78 }AsmRet; 79 80 /* New features: commentaries */ 81 #define DISCOM_SIZE 256 /**< Size of disassembler commentaries */ 82 extern char * dis_comments; /**< Pointer to disassembler commentaries */ 83 84 #define DISCOMSEV_NONE 0 /**< means no comments were appended */ 85 #define DISCOMSEV_STRING 1 /**< means comment is representation of multibyte immediate operand */ 86 #define DISCOMSEV_INSNREF 2 /**< means comment is instruction reference (like ; RETURN) */ 87 #define DISCOMSEV_STRPTR 3 /**< means comment is pointer to the string */ 88 #define DISCOMSEV_FUNC 4 /**< means comment is function name */ 89 extern unsigned dis_severity; /**< severity of disassembler commentaries */ 90 91 92 #define PREDICT_DEPTH 15 /**< means depth of prediction is 15 insns which have max_insn_len */ 93 94 /** Flags of disassembler */ 95 #define __DISF_NORMAL 0x0000 /**< Performs normal disassembling */ 96 #define __DISF_GETTYPE 0x0001 /**< Tells to disassembler that field pro_clone must to contain type of instruction */ 97 #define __DISF_SIZEONLY 0x8000 /**< Performs computing size of insns */ 98 99 /** Types of instruction (for __DISF_GETTYPE) in future must grow */ 100 #define __INSNT_ORDINAL 0x00000000L /**< Any unspecified instruction */ 101 #define __INSNT_RET 0x00000001L /**< Instruction of return class */ 102 #define __INSNT_LEAVE 0x00000002L /**< Instruction of leave class: Example: pop reg1; pop reg2; mov esp, ebp; pop ebp; retx or similar */ 103 #define __INSNT_JMPVVT 0x00000003L /**< Jump via virtual table */ 104 #define __INSNT_JMPPIC 0x00000004L /**< Jump via PIC. Like: .i386: jmp name@GOT(ebx) */ 105 #define __INSNT_JMPRIP 0x00000005L /**< Jump via RIP. Like: .i386: jmp [rip+name@GOT(rip)] */ 106 107 typedef DisasmRet (__FASTCALL__ *DisasmFunc)(__filesize_t shift, 108 MBuffer insn_buff, 109 unsigned flags); 110 typedef AsmRet (__FASTCALL__ *AsmFunc)(const char *str); 111 112 typedef struct tag_REGISTRY_DISASM 113 { 114 unsigned type; /**< DISASM_XXX constant */ 115 const char * name; /**< disassembler name */ 116 const char * prompt[4]; /**< prompt on Ctrl-(F1,F3-F5) */ 117 DisasmAction action[4]; /**< actions on Ctrl-(F1,F3-F5) */ 118 DisasmFunc disasm; /**< main function of disasm */ 119 AsmFunc asm_f; /**< assembler (vice versa of disasm) */ 120 void (__FASTCALL__ *ShowShortHelp)(void); /**< displays short help */ 121 int (__FASTCALL__ *max_insn_len)(void); /**< Max length of 1 disasm instruction */ 122 ColorAttr (__FASTCALL__ *GetInsnColor)(unsigned long clone); /**< returns color of instruction */ 123 ColorAttr (__FASTCALL__ *GetOpcodeColor)(unsigned long clone); /**< returns color of instruction */ 124 ColorAttr (__FASTCALL__ *altGetInsnColor)(unsigned long clone); /**< returns color of instruction in alternative mode */ 125 ColorAttr (__FASTCALL__ *altGetOpcodeColor)(unsigned long clone); /**< returns color of instruction in alternative mode */ 126 int (__FASTCALL__ *GetDefBitness)(void); /**< returns currently used bitness */ 127 char (__FASTCALL__ *CloneShortName)(unsigned long clone); /**< returns short clone name of instruction */ 128 void (__FASTCALL__ *init)(void); /**< initializing of plugin */ 129 void (__FASTCALL__ *term)(void); /**< terminating of plugin */ 130 void (__FASTCALL__ *read_ini)(hIniProfile *); /**< reads settings of plugin from .ini file */ 131 void (__FASTCALL__ *save_ini)(hIniProfile *); /**< stores settings of plugin into .ini file */ 132 }REGISTRY_DISASM; 133 134 extern REGISTRY_DISASM *activeDisasm; /**< currently selected active disassembler */ 135 #define PANMOD_FULL 2 /**< full mode of panel: address + instruction bytes + instruction */ 136 #define PANMOD_MEDIUM 1 /**< medium mode of panel: address + instruction */ 137 #define PANMOD_WIDE 0 /**< full mode of panel: instruction only */ 138 extern unsigned disPanelMode; /**< contains select mode of panel */ 139 140 /* references resolution */ 141 #define NEEDREF_PREDICT 3 /**< resolves all instructions and uses prediction mechanism */ 142 #define NEEDREF_ALL 2 /**< resolves all instructions that has binding */ 143 #define NEEDREF_JMP 1 /**< resolves only jump and call instructions */ 144 #define NEEDREF_NONE 0 /**< do not resolve references */ 145 extern unsigned disNeedRef; /**< contains selected references resolution */ 146 147 extern DisasmRet Disassembler(__filesize_t ulShift,MBuffer buffer,unsigned flags); 148 149 /** Common disassembler utility */ 150 151 extern char * __FASTCALL__ TabSpace(char * str,unsigned nSpace); 152 extern void __FASTCALL__ disSetModifier(char *str,const char *modf); 153 154 #define DISARG_LLONG 0x0080U /**< signed 8-byte value */ 155 #define DISARG_LONG 0x0040U /**< signed 4-byte value */ 156 #define DISARG_SHORT 0x0020U /**< signed 2-byte value */ 157 #define DISARG_CHAR 0x0010U /**< signed 1-byte value */ 158 #define DISARG_BYTE 0x0001U /**< unsigned 1-byte value */ 159 #define DISARG_WORD 0x0002U /**< unsigned 2-byte value */ 160 #define DISARG_DWORD 0x0004U /**< unsigned 4-byte value */ 161 #define DISARG_QWORD 0x0008U /**< unsigned 8-byte value */ 162 /* Contsants for references predictions */ 163 #define DISARG_IMM 0x1000U /**< Immediate argument */ 164 #define DISARG_DISP 0x2000U /**< Argument is displacement only */ 165 #define DISARG_IDXDISP 0x4000U /**< Argument is displacement which is combined with registers */ 166 #define DISARG_RIP 0x8000U /**< Argument is displacement relatively current Instruction Pointer */ 167 /** Appends symbolic information instead digits to instruction string 168 @param str string to be appended 169 @param flags same as described in reg_form.h (APREF_* family) 170 @param ulShift indicates offset to field for binding 171 @param codelen contains length of field for binding 172 @param defval contains default value if not binding 173 @param type see above (DISARG_LONG - DISARG_DWORD family) 174 @return see RAPREF_* constants in biewutil.h for detail 175 @remark 176 Examples: 177 *** 1 *** 178 00005678: B8 34 12 mov ax, 1234 179 after references resolving it can will: 180 mov ax, off16 KERNEL.@4 181 i.e. i must call this function as: 182 strcpy(outstr,"mov ax,"); 183 disAppendDigits(outstr, 0x5679, 1, 2, 0x1234, DISARG_WORD); 184 *** 2 *** 185 00005678: 8B 80 34 12 mov ax, [bx+si+1234] 186 after references resolving it can will: 187 mov ax, [bx+si+off16 KERNEL.@4] 188 i.e. i must call this function as: 189 strcpy(outstr,"mov ax,[bx+si+"); 190 disAppendDigits(outstr, 0x5680, 1, 2, 0x1234, DISARG_WORD); 191 strcat(outstr,"]"); 192 **/ 193 extern int __FASTCALL__ disAppendDigits(char *str,__filesize_t ulShift,int flags, 194 char codelen,void *defval,unsigned type); 195 196 #define DISADR_SHORT 0x00 197 #define DISADR_NEAR16 0x01 198 #define DISADR_NEAR32 0x02 199 #define DISADR_NEAR64 0x04 200 #define DISADR_USESEG 0x10 201 #define DISADR_FAR16 (DISADR_USESEG | DISADR_NEAR16) 202 #define DISADR_FAR32 (DISADR_USESEG | DISADR_NEAR32) 203 /** Appends symbolic information to address field of jump instructions 204 @param str string to be appended 205 @param ulShift indicates offset to field for binding 206 @param codelen contains length of field for binding 207 @param distin contains original value of field (like defval) 208 @param r_sh real shift to begin of insn (for pass to CodeGuider as return addr) 209 @param type see above (DISARG_SHORT - DISARG_FAR32 family) 210 @param seg contains segment value (optional) 211 @return see RAPREF_* constants in biewutil.h for detail 212 @remark 213 Examples: 214 *** 1 *** 215 00001002: 9A 78 56 34 12 callf 1234:5678 216 after references resolving it may: 217 callf KERNEL.@90 218 i.e. i must call this function as: 219 strcpy(outstr,"callf "); 220 disAppendFAddr(outstr, 0x1003, 0x5678, 0x1002, DISADR_FAR16, 0x1234, 4); 221 *** 2 *** 222 00001002: 66 E9 78 56 34 12 calln32 12345678 223 after references resolving it may: 224 calln32 KERNEL32.TerminateApp 225 i.e. i must call this function as: 226 strcpy(outstr,"calln32 "); 227 disAppendFAddr(outstr, 0x1004, 0x12345678, 0x1002, DISADR_NEAR32, 0, 4); 228 **/ 229 extern int __FASTCALL__ disAppendFAddr(char * str,__fileoff_t ulShift,__fileoff_t distin, 230 __filesize_t r_sh,char type, 231 unsigned seg,char codelen); 232 #endif 233