From af792c439a1170fb637b8f9a0de025d06d59dfc2 Mon Sep 17 00:00:00 2001 From: waddlesplash Date: Tue, 6 Aug 2024 07:27:36 -0400 Subject: [PATCH] Utils: Handle `OPERAND_TYPE_REGISTER` in `ZydisCalcAbsoluteAddressEx` (#520) --- src/Utils.c | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/src/Utils.c b/src/Utils.c index c3a5b0f9..23f5328c 100644 --- a/src/Utils.c +++ b/src/Utils.c @@ -133,23 +133,36 @@ ZyanStatus ZydisCalcAbsoluteAddressEx(const ZydisDecodedInstruction* instruction return ZYAN_STATUS_INVALID_ARGUMENT; } - if ((operand->type != ZYDIS_OPERAND_TYPE_MEMORY) || + if ((operand->type != ZYDIS_OPERAND_TYPE_REGISTER) && + ((operand->type != ZYDIS_OPERAND_TYPE_MEMORY) || ((operand->mem.base == ZYDIS_REGISTER_NONE) && (operand->mem.index == ZYDIS_REGISTER_NONE)) || (operand->mem.base == ZYDIS_REGISTER_EIP) || - (operand->mem.base == ZYDIS_REGISTER_RIP)) + (operand->mem.base == ZYDIS_REGISTER_RIP))) { return ZydisCalcAbsoluteAddress(instruction, operand, runtime_address, result_address); } - ZyanU64 value = operand->mem.disp.value; - if (operand->mem.base) + ZyanU64 value; + if (operand->type == ZYDIS_OPERAND_TYPE_REGISTER) { - value += register_context->values[operand->mem.base]; + value = register_context->values[operand->reg.value]; } - if (operand->mem.index) + else if (operand->type == ZYDIS_OPERAND_TYPE_MEMORY) { - value += register_context->values[operand->mem.index] * operand->mem.scale; + value = operand->mem.disp.value; + if (operand->mem.base) + { + value += register_context->values[operand->mem.base]; + } + if (operand->mem.index) + { + value += register_context->values[operand->mem.index] * operand->mem.scale; + } + } + else + { + return ZYAN_STATUS_INVALID_ARGUMENT; } switch (instruction->address_width)