From 4c08facc1c646890e2829757443bbb52d187b5a2 Mon Sep 17 00:00:00 2001
From: Ratin Gao <ratin@knsoft.org>
Date: Thu, 28 May 2026 00:00:48 +0800
Subject: [PATCH] Fix ARM64 sign extension helper

detour_sign_extend should build the sign-extension mask from the source bit width, not from the amount used to shift the sign bit into position.

Using 64 - bits places the mask at the wrong bit position and produces incorrect results for signed values whose sign bit is set. One affected path is ARM64 import thunk decoding, where negative ADRP page offsets can be decoded incorrectly.
---
 src/detours.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/detours.cpp b/src/detours.cpp
index 91d840d1..e0368438 100644
--- a/src/detours.cpp
+++ b/src/detours.cpp
@@ -1080,7 +1080,7 @@ inline INT64 detour_sign_extend(UINT64 value, UINT bits)
     const UINT left = 64 - bits;
     const INT64 m1 = -1;
     const INT64 wide = (INT64)(value << left);
-    const INT64 sign = (wide < 0) ? (m1 << left) : 0;
+    const INT64 sign = (wide < 0) ? (m1 << bits) : 0;
     return value | sign;
 }