Автор: herm1t
YAD is the IA-32 instruction parser. 32-bits mode only. It splits the instrcutions into pieces and stores it to the structure of type yad_t defined in "yad.h". The engine can also assemble the insn. back. The functions has the following prototypes:
int yad(uint8_t *opcode, yad_t *diza);
int yad_asm(uint8_t *opcode, yad_t *diza);
Both functions return the length of (dis)assembled instruction or in the case of yad() - zero, if error occured. The flags field of the structure may also had the C_BAD flag set, indicating that while insn. is still valid its highly suspicious and should not appear in the normal program. Currently, this flag is set for "00 00" and "FF FF" opcodes and instructions with redundant prefixes.
The engine might be also called "Less eXtended Disassembler Engine", because it's primarily based on XDE v. 1.02 by Z0mbie, the stuff related to operands parsing was omitted, but the table was regenerated to reflect the changes in IA-32 since the last release of XDE. There were also minor clean-ups in the code.
The constants and the data structure is partially compatible, if you gonna use this instead of XDE, you'll have to slightly change your code.
The size of the engine is about 2Kb depending on compilation options.
Скачать
Пожертвовать