clamav/libclamav/disasmpriv.h

/*
 *  Copyright (C) 2008 Sourcefire, Inc.
 *
 *  Authors: aCaB <acab@clamav.net>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2 as
 *  published by the Free Software Foundation.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *  MA 02110-1301, USA.
 */

#ifndef __DISASMPRIV_H
#define __DISASMPRIV_H

#if HAVE_CONFIG_H
#include "clamav-config.h"
#endif

#include <stdio.h>
#include <string.h>
#include <assert.h>

#include "others.h"

enum X86OPS {
  OP_INVALID,
  OP_AAA,
  OP_AAD,
  OP_AAM,
  OP_AAS,
  OP_ADD,
  OP_ADC,
  OP_AND,
  OP_ARPL,
  OP_BOUND,
  OP_BSF,
  OP_BSR,
  OP_BSWAP,
  OP_BT,
  OP_BTC,
  OP_BTR,
  OP_BTS,
  OP_CALL,
  OP_CDQ,
  OP_CWD,
  OP_CWDE,
  OP_CBW,
  OP_CLC,
  OP_CLD,
  OP_CLI,
  OP_CLTS,
  OP_CMC,
  OP_CMOVO,
  OP_CMOVNO,
  OP_CMOVC,
  OP_CMOVNC,
  OP_CMOVZ,
  OP_CMOVNZ,
  OP_CMOVBE,
  OP_CMOVA,
  OP_CMOVS,
  OP_CMOVNS,
  OP_CMOVP,
  OP_CMOVNP,
  OP_CMOVL,
  OP_CMOVGE,
  OP_CMOVLE,
  OP_CMOVG,
  OP_CMP,
  OP_CMPSD,
  OP_CMPSW,
  OP_CMPSB,
  OP_CMPXCHG,
  OP_CMPXCHG8B,
  OP_CPUID,
  OP_DAA,
  OP_DAS,
  OP_DEC,
  OP_DIV,
  OP_ENTER,
  OP_FWAIT,
  OP_HLT,
  OP_IDIV,
  OP_IMUL,
  OP_INC,
  OP_IN,
  OP_INSD,
  OP_INSW,
  OP_INSB,
  OP_INT,
  OP_INT3,
  OP_INTO,
  OP_INVD,
  OP_INVLPG,
  OP_IRET,
  OP_JO,
  OP_JNO,
  OP_JC,
  OP_JNC,
  OP_JZ,
  OP_JNZ,
  OP_JBE,
  OP_JA,
  OP_JS,
  OP_JNS,
  OP_JP,
  OP_JNP,
  OP_JL,
  OP_JGE,
  OP_JLE,
  OP_JG,
  OP_JMP,
  OP_LAHF,
  OP_LAR,
  OP_LDS,
  OP_LES,
  OP_LFS,
  OP_LGS,
  OP_LEA,
  OP_LEAVE,
  OP_LGDT,
  OP_LIDT,
  OP_LLDT,
  OP_PREFIX_LOCK,
  OP_LODSD,
  OP_LODSW,
  OP_LODSB,
  OP_LOOP,
  OP_LOOPE,
  OP_LOOPNE,
  OP_JECXZ,
  OP_LSL,
  OP_LSS,
  OP_LTR,
  OP_MOV,
  OP_MOVSD,
  OP_MOVSW,
  OP_MOVSB,
  OP_MOVSX,
  OP_MOVZX,
  OP_MUL,
  OP_NEG,
  OP_NOP,
  OP_NOT,
  OP_OR,
  OP_OUT,
  OP_OUTSD,
  OP_OUTSW,
  OP_OUTSB,
  OP_PUSH,
  OP_PUSHAD,
  OP_PUSHA,
  OP_PUSHFD,
  OP_PUSHF,
  OP_POP,
  OP_POPAD,
  OP_POPFD,
  OP_POPF,
  OP_RCL,
  OP_RCR,
  OP_RDMSR,
  OP_RDPMC,
  OP_RDTSC,
  OP_PREFIX_REPE,
  OP_PREFIX_REPNE,
  OP_RETF,
  OP_RETN,
  OP_ROL,
  OP_ROR,
  OP_RSM,
  OP_SAHF,
  OP_SAR,
  OP_SBB,
  OP_SCASD,
  OP_SCASW,
  OP_SCASB,
  OP_SETO,
  OP_SETNO,
  OP_SETC,
  OP_SETNC,
  OP_SETZ,
  OP_SETNZ,
  OP_SETBE,
  OP_SETA,
  OP_SETS,
  OP_SETNS,
  OP_SETP,
  OP_SETNP,
  OP_SETL,
  OP_SETGE,
  OP_SETLE,
  OP_SETG,
  OP_SGDT,
  OP_SIDT,
  OP_SHL,
  OP_SHLD,
  OP_SHR,
  OP_SHRD,
  OP_SLDT,
  OP_STOSD,
  OP_STOSW,
  OP_STOSB,
  OP_STR,
  OP_STC,
  OP_STD,
  OP_STI,
  OP_SUB,
  OP_SYSCALL,
  OP_SYSENTER,
  OP_SYSEXIT,
  OP_SYSRET,
  OP_TEST,
  OP_UD2,
  OP_VERR,
  OP_VERRW,
  OP_WBINVD,
  OP_WRMSR,
  OP_XADD,
  OP_XCHG,
  OP_XLAT,
  OP_XOR,
  OP_PREFIX_OPSIZE,
  OP_PREFIX_ADDRSIZE,
  OP_PREFIX_SEGMENT,
  OP_2BYTE,

  OP_FPU,

  OP_F2XM1,
  OP_FABS,
  OP_FADD,
  OP_FADDP,
  OP_FBLD,
  OP_FBSTP,
  OP_FCHS,
  OP_FCLEX,
  OP_FCMOVB,
  OP_FCMOVBE,
  OP_FCMOVE,
  OP_FCMOVNB,
  OP_FCMOVNBE,
  OP_FCMOVNE,
  OP_FCMOVNU,
  OP_FCMOVU,
  OP_FCOM,
  OP_FCOMI,
  OP_FCOMIP,
  OP_FCOMP,
  OP_FCOMPP,
  OP_FCOS,
  OP_FDECSTP,
  OP_FDIV,
  OP_FDIVP,
  OP_FDIVR,
  OP_FDIVRP,
  OP_FFREE,
  OP_FIADD,
  OP_FICOM,
  OP_FICOMP,
  OP_FIDIV,
  OP_FIDIVR,
  OP_FILD,
  OP_FIMUL,
  OP_FINCSTP,
  OP_FINIT,
  OP_FIST,
  OP_FISTP,
  OP_FISTTP,
  OP_FISUB,
  OP_FISUBR,
  OP_FLD,
  OP_FLD1,
  OP_FLDCW,
  OP_FLDENV,
  OP_FLDL2E,
  OP_FLDL2T,
  OP_FLDLG2,
  OP_FLDLN2,
  OP_FLDPI,
  OP_FLDZ,
  OP_FMUL,
  OP_FMULP,
  OP_FNOP,
  OP_FPATAN,
  OP_FPREM,
  OP_FPREM1,
  OP_FPTAN,
  OP_FRNDINT,
  OP_FRSTOR,
  OP_FSCALE,
  OP_FSIN,
  OP_FSINCOS,
  OP_FSQRT,
  OP_FSAVE,
  OP_FST,
  OP_FSTCW,
  OP_FSTENV,
  OP_FSTP,
  OP_FSTSW,
  OP_FSUB,
  OP_FSUBP,
  OP_FSUBR,
  OP_FSUBRP,
  OP_FTST,
  OP_FUCOM,
  OP_FUCOMI,
  OP_FUCOMIP,
  OP_FUCOMP,
  OP_FUCOMPP,
  OP_FXAM,
  OP_FXCH,
  OP_FXTRACT,
  OP_FYL2X,
  OP_FYL2XP1
};


enum DIS_STATE {
  STATE_GETOP,
  STATE_CHECKDTYPE,
  STATE_CHECKSTYPE,
  STATE_DECODEX87,
  STATE_FINALIZE,
  STATE_COMPLETE,
  STATE_ERROR
};

enum DIS_ACCESS {
  ACCESS_NOARG, /* arg not present */
  ACCESS_IMM,   /* immediate */
  ACCESS_REL,   /* +/- immediate */
  ACCESS_REG,   /* register */
  ACCESS_MEM    /* [something] */
};

enum DIS_SIZE { /* for mem access, immediate and relative */
  SIZEB,
  SIZEW,
  SIZED,
  SIZEF,
  SIZEQ,
  SIZET,
  SIZEPTR
};


enum X86REGS {
  REG_EAX, REG_ECX, REG_EDX, REG_EBX, REG_ESP, REG_EBP, REG_ESI, REG_EDI,
  REG_AX, REG_CX, REG_DX, REG_BX, REG_SP, REG_BP, REG_SI, REG_DI,
  REG_AH, REG_CH, REG_DH, REG_BH, REG_AL, REG_CL, REG_DL, REG_BL,
  REG_ES, REG_CS, REG_SS, REG_DS, REG_FS, REG_GS,
  REG_CR0, REG_CR1, REG_CR2, REG_CR3, REG_CR4, REG_CR5, REG_CR6, REG_CR7,
  REG_DR0, REG_DR1, REG_DR2, REG_DR3, REG_DR4, REG_DR5, REG_DR6, REG_DR7,
  REG_ST0, REG_ST1, REG_ST2, REG_ST3, REG_ST4, REG_ST5, REG_ST6, REG_ST7,
  REG_INVALID
};


struct DIS_ARGS {
  enum DIS_ACCESS access;
  enum DIS_SIZE size;
  enum X86REGS reg;
  union {
    uint8_t b;
    int8_t rb;
    uint16_t w;
    int16_t rw;
    uint32_t d;
    int32_t rd;
    /*    uint48_t f; FIXME */
    uint64_t q;
    int64_t rq;
    struct {
      enum X86REGS r1;  /* scaled */
      enum X86REGS r2;  /* added */
      uint8_t scale; /* r1 multiplier */
      int32_t disp;
    } marg;
  } arg;
};


/* FIXME: pack this thing and make macroes to access it in different compilers */
struct DISASMED {
  uint16_t table_op;
  uint16_t real_op;
  enum DIS_STATE state;
  uint32_t opsize;
  uint32_t adsize;
  uint32_t segment;
  struct DIS_ARGS args[3];
  uint8_t cur;
};

#endif