-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path1760-x86-Fix-indirect-far-jumps-calls.patch
110 lines (96 loc) · 6.41 KB
/
1760-x86-Fix-indirect-far-jumps-calls.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: saruman9 <[email protected]>
Date: Tue, 7 Apr 2020 13:32:44 +0300
Subject: [PATCH] 1760: [x86] Fix indirect far jumps/calls
Align stack while Far Call
Push CS register onto the stack according to operand and address sizes.
Fix #1715.
---
Ghidra/Processors/x86/data/languages/ia.sinc | 43 +++++++++++---------
1 file changed, 23 insertions(+), 20 deletions(-)
diff --git a/Ghidra/Processors/x86/data/languages/ia.sinc b/Ghidra/Processors/x86/data/languages/ia.sinc
index 29981824cb..9b1da5ad96 100644
--- a/Ghidra/Processors/x86/data/languages/ia.sinc
+++ b/Ghidra/Processors/x86/data/languages/ia.sinc
@@ -1380,6 +1380,12 @@ ptr1616: reloc is protectedMode=0 & imm16; j16 [ reloc = j16*0x10 + imm16; ] {
ptr1616: reloc is protectedMode=1 & imm16; j16 [ reloc = j16*0x10000 + imm16; ] { CS = j16; export *[ram]:4 reloc; }
ptr1632: j16":"imm32 is imm32; j16 { CS = j16; export *:4 imm32; }
+m1616: Mem is Mem { reloc:4 = zext(*:2 Mem); CS = *:2 (Mem + 2); export reloc; }
+m1632: Mem is Mem { reloc:4 = *:4 Mem; CS = *:2 (Mem + 4); export reloc; }
+@ifdef IA64
+m1664: Mem is Mem { reloc:8 = *:8 Mem; CS = *:2 (Mem + 8); export reloc; }
+@endif
+
# conditions
cc: "O" is cond=0 { export OF; }
@@ -1523,9 +1529,9 @@ macro push44(x) {
}
macro pushseg44(x) {
- mysave:2 = x;
+ mysave:4 = zext(x);
$(STACKPTR) = $(STACKPTR) - 4;
- *:2 $(STACKPTR) = mysave;
+ *:4 $(STACKPTR) = mysave;
}
macro push48(x) {
@@ -1554,9 +1560,9 @@ macro push88(x) {
}
macro pushseg88(x) {
- mysave:2 = x;
+ mysave:8 = zext(x);
$(STACKPTR) = $(STACKPTR) - 8;
- *:2 $(STACKPTR) = mysave;
+ *:8 $(STACKPTR) = mysave;
}
@endif
@@ -2530,20 +2536,17 @@ with : lockprefx=0 {
:CALLF ptr1616 is vexMode=0 & addrsize=1 & opsize=0 & byte=0x9a; ptr1616 { push42(CS); build ptr1616; push42(&:2 inst_next); call ptr1616; }
:CALLF ptr1632 is vexMode=0 & addrsize=0 & opsize=1 & byte=0x9a; ptr1632 { push22(CS); build ptr1632; push24(&:4 inst_next); call ptr1632; }
:CALLF ptr1632 is vexMode=0 & addrsize=1 & opsize=1 & byte=0x9a; ptr1632 { pushseg44(CS); build ptr1632; push44(&:4 inst_next); call ptr1632; }
-:CALLF addr16 is vexMode=0 & addrsize=0 & opsize=0 & byte=0xff; addr16 & reg_opcode=3 ... { local ptr:$(SIZE) = segment(DS,addr16); local addrptr:$(SIZE) = segment(*:2 (ptr+2),*:2 ptr);
- push22(CS); push22(&:2 inst_next); call [addrptr]; }
-:CALLF addr32 is vexMode=0 & addrsize=1 & opsize=0 & byte=0xff; addr32 & reg_opcode=3 ... { local dest:4 = addr32; push42(CS); push42(&:2 inst_next); call [dest]; }
+:CALLF m1616 is vexMode=0 & addrsize=0 & opsize=0 & byte=0xff; m1616 & reg_opcode=3 ... { push22(CS); build m1616; push22(&:2 inst_next); call [m1616]; }
+:CALLF m1616 is vexMode=0 & addrsize=1 & opsize=0 & byte=0xff; m1616 & reg_opcode=3 ... { push42(CS); build m1616; push42(&:2 inst_next); call [m1616]; }
@ifdef IA64
-:CALLF addr64 is $(LONGMODE_ON) & vexMode=0 & addrsize=2 & opsize=0 & byte=0xff; addr64 & reg_opcode=3 ... { local dest:8 = addr64; push82(CS); push82(&:2 inst_next); call [dest]; }
+:CALLF m1616 is $(LONGMODE_ON) & vexMode=0 & addrsize=2 & opsize=0 & byte=0xff; m1616 & reg_opcode=3 ... { push82(CS); build m1616; push82(&:2 inst_next); call [m1616]; }
@endif
-
-
-:CALLF addr16 is vexMode=0 & addrsize=0 & opsize=1 & byte=0xff; addr16 & reg_opcode=3 ... { local dest:2 = addr16; push22(CS); push24(&:4 inst_next); call [dest]; }
-:CALLF addr32 is vexMode=0 & addrsize=1 & opsize=1 & byte=0xff; addr32 & reg_opcode=3 ... { local dest:4 = addr32; pushseg44(CS); push44(&:4 inst_next); call [dest]; }
+:CALLF m1632 is vexMode=0 & addrsize=0 & opsize=1 & byte=0xff; m1632 & reg_opcode=3 ... { push22(CS); build m1632; push24(&:4 inst_next); call [m1632]; }
+:CALLF m1632 is vexMode=0 & addrsize=1 & opsize=1 & byte=0xff; m1632 & reg_opcode=3 ... { pushseg44(CS); build m1632; push44(&:4 inst_next); call [m1632]; }
@ifdef IA64
-:CALLF addr32 is $(LONGMODE_ON) &vexMode=0 & addrsize=1 & opsize=2 & byte=0xff; addr32 & reg_opcode=3 ... { local dest:4 = addr32; pushseg88(CS); push88(&:8 inst_next); call [dest]; }
-:CALLF addr64 is $(LONGMODE_ON) &vexMode=0 & addrsize=2 & opsize=1 & byte=0xff; addr64 & reg_opcode=3 ... { local dest:8 = addr64; pushseg44(CS); push84(&:4 inst_next); call [dest]; }
-:CALLF addr64 is $(LONGMODE_ON) &vexMode=0 & addrsize=2 & opsize=2 & byte=0xff; addr64 & reg_opcode=3 ... { local dest:8 = addr64; pushseg88(CS); push88(&:8 inst_next); call [dest]; }
+:CALLF m1664 is $(LONGMODE_ON) &vexMode=0 & addrsize=1 & opsize=2 & byte=0xff; m1664 & reg_opcode=3 ... { pushseg88(CS); build m1664; push88(&:8 inst_next); call [m1664]; }
+:CALLF m1632 is $(LONGMODE_ON) &vexMode=0 & addrsize=2 & opsize=1 & byte=0xff; m1632 & reg_opcode=3 ... { pushseg44(CS); build m1632; push84(&:4 inst_next); call [m1632]; }
+:CALLF m1664 is $(LONGMODE_ON) &vexMode=0 & addrsize=2 & opsize=2 & byte=0xff; m1664 & reg_opcode=3 ... { pushseg88(CS); build m1664; push88(&:8 inst_next); call [m1664]; }
@endif
:CBW is vexMode=0 & opsize=0 & byte=0x98 { AX = sext(AL); }
@@ -3253,17 +3256,17 @@ enterFrames: low5 is low5 { tmp:1 = low5; export tmp; }
:JMPF ptr1616 is vexMode=0 & opsize=0 & byte=0xea; ptr1616 { goto ptr1616; }
:JMPF ptr1632 is vexMode=0 & opsize=1 & byte=0xea; ptr1632 { goto ptr1632; }
-:JMPF Mem is vexMode=0 & opsize=0 & byte=0xff; Mem & reg_opcode=5 ... { target:$(SIZE) = zext(*:2 Mem); goto [target]; }
-:JMPF Mem is vexMode=0 & opsize=1 & byte=0xff; Mem & reg_opcode=5 ... {
+:JMPF m1616 is vexMode=0 & opsize=0 & byte=0xff; m1616 & reg_opcode=5 ... { goto [m1616]; }
+:JMPF m1632 is vexMode=0 & opsize=1 & byte=0xff; m1632 & reg_opcode=5 ... {
@ifdef IA64
- target:$(SIZE) = zext(*:4 Mem);
+ target:$(SIZE) = zext(m1632);
@else
- target:$(SIZE) = *:4 Mem;
+ target:$(SIZE) = m1632;
@endif
goto [target];
}
@ifdef IA64
-:JMPF Mem is vexMode=0 & opsize=2 & byte=0xff; Mem & reg_opcode=5 ... { target:$(SIZE) = *:8 Mem; goto [target]; }
+:JMPF m1664 is vexMode=0 & opsize=2 & byte=0xff; m1664 & reg_opcode=5 ... { goto m1664; }
@endif
# Initially disallowed in 64bit mode, but later reintroduced
--
2.45.1