From 8084cd96d9cbbd2484895d6058c227f2dfa2721d Mon Sep 17 00:00:00 2001
From: el2ro <sami.torola@gmail.com>
Date: Sat, 15 Apr 2017 05:34:50 +0300
Subject: [PATCH] Fix for incorrect operand size in 64bit CALL / JMP when x66
 prefix in use (#777)

---
 arch/X86/X86DisassemblerDecoder.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/arch/X86/X86DisassemblerDecoder.c b/arch/X86/X86DisassemblerDecoder.c
index 1be10d5c..9a6e7919 100644
--- a/arch/X86/X86DisassemblerDecoder.c
+++ b/arch/X86/X86DisassemblerDecoder.c
@@ -1251,6 +1251,15 @@ static int getID(struct InternalInstruction *insn)
 	if (getIDWithAttrMask(&instructionID, insn, attrMask))
 		return -1;
 
+	/* Fixing CALL and JMP instruction when in 64bit mode and x66 prefix is used */
+	if (insn->mode == MODE_64BIT && insn->isPrefix66 &&
+	   (insn->opcode == 0xE8 || insn->opcode == 0xE9))
+	{
+		attrMask ^= ATTR_OPSIZE;
+		if (getIDWithAttrMask(&instructionID, insn, attrMask))
+			return -1;
+	}
+
 	/*
 	 * JCXZ/JECXZ need special handling for 16-bit mode because the meaning
 	 * of the AdSize prefix is inverted w.r.t. 32-bit mode.
@@ -2377,3 +2386,4 @@ int decodeInstruction(struct InternalInstruction *insn,
 }
 
 #endif
+