问题描述
我需要一个可以计算x86-64指令长度的函数.
I need a function which can calculate the length of an x86-64 instruction.
例如,它可以像这样使用:
For example, it would be usable like so:
char ret[] = { 0xc3 };
size_t length = instructionLength(ret);
在本示例中,
length将设置为1.
length would be set to 1 in this example.
我不想包含整个反汇编库,因为我需要的唯一信息就是指令的长度.
I do not want to include an entire disassembly library, since the only information I require is the length of the instruction.
我正在寻找一种用C语言编写的极简方法,最好是尽可能地小.
I am looking for a minimalist approach, written in C, and ideally as small as possible.
并非严格要求100%完整的x86-64指令集(可以忽略诸如向量寄存器集指令之类的晦涩难懂的指令集.)
100% complete x86-64 instruction set is not strictly necessary (very obscure ones such as vector register set instructions can be omitted).
与我正在寻找的东西类似的答案(但对于错误的体系结构):
A similar answer to what I am looking for (but for the wrong architecture):
推荐答案
英特尔提供了XED库,可用于x86/x86_64指令: https://github.com/intelxed/xed ,这是使用英特尔机器代码的唯一正确方法.
There is XED library from Intel to work with x86/x86_64 instructions: https://github.com/intelxed/xed, and it is the only correct way to work with intel machine codes.
xed_decode函数将为您提供有关指令的所有信息: https://intelxed. github.io/ref-manual/group__DEC.html https://intelxed.github.io/ref-manual/group__DEC.html#ga9a27c2bb97caf98a6024567b261d0652
xed_decode function will provide you all information about instruction: https://intelxed.github.io/ref-manual/group__DEC.htmlhttps://intelxed.github.io/ref-manual/group__DEC.html#ga9a27c2bb97caf98a6024567b261d0652
xed_ild_decode用于指令长度解码: https://intelxed.github.io/ref-manual/group__DEC.html#ga4bef6152f61997a47c4e0fe4327
And xed_ild_decode is for instruction length decoding:https://intelxed.github.io/ref-manual/group__DEC.html#ga4bef6152f61997a47c4e0fe4327a3254
XED_DLL_EXPORT xed_error_enum_t xed_ild_decode ( xed_decoded_inst_t * xedd,
const xed_uint8_t * itext,
const unsigned int bytes
)
此功能仅执行指令长度解码.
This function just does instruction length decoding.
它不返回完全解码的指令.
It does not return a fully decoded instruction.
参数
- xed解码类型为xed_decoded_inst_t的已解码指令.通过xedd发送的模式/状态;参见xed_state_t.
- itext指向指令文本字节数组的指针
- bytes itext输入数组的长度. 1到15个字节,其他任何内容都将被忽略.
- xedd the decoded instruction of type xed_decoded_inst_t . Mode/state sent in via xedd; See the xed_state_t .
- itext the pointer to the array of instruction text bytes
- bytes the length of the itext input array. 1 to 15 bytes, anything more is ignored.
返回:
xed_error_enum_t表示成功(XED_ERROR_NONE)或 失败.此功能仅两个失败代码有效: XED_ERROR_BUFFER_TOO_SHORT和XED_ERROR_GENERAL_ERROR.一般来说 该功能无法判断指令是否有效.为了 有效的指令,XED可以确定是否提供了足够的字节 解码指令.如果提供的数据不足,则XED返回 XED_ERROR_BUFFER_TOO_SHORT.通过此功能, XED_ERROR_GENERAL_ERROR表示XED无法解码 指令的长度,因为指令太无效了,甚至 它的长度可能会跨越实施.
xed_error_enum_t indiciating success (XED_ERROR_NONE) or failure. Only two failure codes are valid for this function: XED_ERROR_BUFFER_TOO_SHORT and XED_ERROR_GENERAL_ERROR. In general this function cannot tell if the instruction is valid or not. For valid instructions, XED can figure out if enough bytes were provided to decode the instruction. If not enough were provided, XED returns XED_ERROR_BUFFER_TOO_SHORT. From this function, the XED_ERROR_GENERAL_ERROR is an indication that XED could not decode the instruction's length because the instruction was so invalid that even its length may across implmentations.
要从由xed_ild_decode填充的xedd中获取长度,请使用xed_decoded_inst_get_length: https://intelxed.github.io/ref-manual/group__DEC.html#gad1051f7b86c94d5670f684a6ea79fcdf
To get length from xedd filled by xed_ild_decode, use xed_decoded_inst_get_length: https://intelxed.github.io/ref-manual/group__DEC.html#gad1051f7b86c94d5670f684a6ea79fcdf
static XED_INLINE xed_uint_t xed_decoded_inst_get_length ( const xed_decoded_inst_t * p )
以字节为单位返回已解码指令的长度.
Return the length of the decoded instruction in bytes.
示例代码("Apache许可证,版本2.0",由Intel 2016发行): https://github.com/intelxed/xed/blob/master/examples/xed-ex-ild.c
Example code ("Apache License, Version 2.0", by Intel 2016): https://github.com/intelxed/xed/blob/master/examples/xed-ex-ild.c
#include "xed/xed-interface.h"
#include <stdio.h>
int main()
{
xed_bool_t long_mode = 1;
xed_decoded_inst_t xedd;
xed_state_t dstate;
unsigned char itext[15] = { 0xf2, 0x2e, 0x4f, 0x0F, 0x85, 0x99,
0x00, 0x00, 0x00 };
xed_tables_init(); // one time per process
if (long_mode)
dstate.mmode=XED_MACHINE_MODE_LONG_64;
else
dstate.mmode=XED_MACHINE_MODE_LEGACY_32;
xed_decoded_inst_zero_set_mode(&xedd, &dstate);
xed_ild_decode(&xedd, itext, XED_MAX_INSTRUCTION_BYTES);
printf("length = %u\n",xed_decoded_inst_get_length(&xedd));
return 0;
}
这篇关于获取x86-64指令的大小的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!