From dbdb61a9cf6a0fb9816744e3133316d4a499f2ae Mon Sep 17 00:00:00 2001 From: Nguyen Anh Quynh Date: Wed, 2 Jul 2014 12:45:02 +0800 Subject: [PATCH] x86: regs_write[] of RDTSC & RDTSCP depend on @mode --- arch/X86/X86Mapping.c | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/arch/X86/X86Mapping.c b/arch/X86/X86Mapping.c index 8f998dba..ce420a51 100644 --- a/arch/X86/X86Mapping.c +++ b/arch/X86/X86Mapping.c @@ -42046,8 +42046,34 @@ void X86_get_insn_id(cs_struct *h, cs_insn *insn, unsigned int id) memcpy(insn->detail->regs_read, insns[i].regs_use, sizeof(insns[i].regs_use)); insn->detail->regs_read_count = (uint8_t)count_positive(insns[i].regs_use); - memcpy(insn->detail->regs_write, insns[i].regs_mod, sizeof(insns[i].regs_mod)); - insn->detail->regs_write_count = (uint8_t)count_positive(insns[i].regs_mod); + // special cases when regs_write[] depends on arch + switch(id) { + default: + memcpy(insn->detail->regs_write, insns[i].regs_mod, sizeof(insns[i].regs_mod)); + insn->detail->regs_write_count = (uint8_t)count_positive(insns[i].regs_mod); + break; + case X86_RDTSC: + if (h->mode == CS_MODE_64) { + memcpy(insn->detail->regs_write, insns[i].regs_mod, sizeof(insns[i].regs_mod)); + insn->detail->regs_write_count = (uint8_t)count_positive(insns[i].regs_mod); + } else { + insn->detail->regs_write[0] = X86_REG_EAX; + insn->detail->regs_write[1] = X86_REG_EDX; + insn->detail->regs_write_count = 2; + } + break; + case X86_RDTSCP: + if (h->mode == CS_MODE_64) { + memcpy(insn->detail->regs_write, insns[i].regs_mod, sizeof(insns[i].regs_mod)); + insn->detail->regs_write_count = (uint8_t)count_positive(insns[i].regs_mod); + } else { + insn->detail->regs_write[0] = X86_REG_EAX; + insn->detail->regs_write[1] = X86_REG_ECX; + insn->detail->regs_write[2] = X86_REG_EDX; + insn->detail->regs_write_count = 3; + } + break; + } memcpy(insn->detail->groups, insns[i].groups, sizeof(insns[i].groups)); insn->detail->groups_count = (uint8_t)count_positive(insns[i].groups);