Stay up to date on releases
Create your free account today to subscribe to this repository for notifications about new releases, and build software alongside 40 million developers on GitHub.
Sign up for free See pricing for teams and enterprises
flobernd
released this
Detailed changelog (since v2.0.3)
Decoder
- Improved legacy prefix decoding
- Fixed gather register check for
VGATHERPF0{D|Q}{PS|PD}instruction - Fixed some incorrect assert conditions
- Fixed check for invalid
BOUNDregisters - Fixed incorrect value of
ZydisDecodedInstruction.raw.prefixes[n].typein some edge cases
Formatter
- Implemented
AT&Tformatter-style - Implemented
MASMformatter-style - Implemented tokenization feature to the instruction
ZydisFormatterTokenizeInstruction/ZydisFormatterTokenizeInstructionExandZydisFormatterTokenizeOperand/ZydisFormatterTokenizeOperandExgenerates a token-list instead of a simple string- Each token has a type (like
MNEMONIC,REGISTER,DELIMITER) and contains a string - Tokenization allows users to receive the formatted instructions as a stream of tokens with annotations of their purpose, allowing for easier implementation of features such as syntax highlighting
- Numeric base (decimal, hexadecimal), signedness and padding can now be independently configured for all numeric types (addresses, displacements and immediates)
- Added "detailed prefixes" mode
- Prints all instruction prefixes instead of only the effective ones
- Replaced the
ZYDIS_FORMATTER_PROP_UPPERCASEproperty with more granular options- Allows configuration of the letter-case individually for
prefixes,mnemonics,registers,typecastsanddecorators
- Allows configuration of the letter-case individually for
- Implemented more formatter options
ZYDIS_FORMATTER_PROP_FORCE_RELATIVE_BRANCHES- Prints relative addresses instead of absolute ones for branch instructions
ZYDIS_FORMATTER_PROP_FORCE_RELATIVE_RIPREL- Prints relative addresses instead of absolute ones for
EIP/RIP-relative instructions
- Prints relative addresses instead of absolute ones for
ZYDIS_FORMATTER_PROP_PRINT_BRANCH_SIZE- Prints the size of branch instructions (
short/near)
- Prints the size of branch instructions (
Database
- Added
BF16instructions - Added
vp2intersect{d|q}instructions - Added
enqcmdandenqcmdsinstructions - Added AMD
rdpruinstruction - Added
PADLOCKinstructions - Added
CLDEMOTE,MOVDIRandWAITPKGextensions - Added implicit
PKRUregister to theRDPKRU/WRPKRUinstructions - Fixed exception-class of
v4fmaddss,v4fnmaddssandvcvtps2ph - Fixed
KNLgather/scatter memory operand width - Fixed mask-mode for some EVEX instructions
- Fixed element size of
VP4DPWSSDSmemory operand - Fixed
MONITOR,MONITORX,MWAITandMWAITXoperands - Fixed
CLRSSBSYmemory operand is read-write - Fixed
VMREADdestination operand is write-only - Fixed decoding of
nop(0F 1C) with66prefix - Fixed decoding of
rdrandandrdseedwith66prefix - Fixed decoding of
xstorewith66prefix - Adjusted element-type for auto generated
FLAGS/EFLAGS/RFLAGSandX87STATUSoperands - Updated
movsxdsource register width - Introduced a new element-type for condition-codes
- This allows generic detection of condition-code operands without hardcoding any instruction mnemonics (e.g. used by
CMPPS,VCMPPD, ...)
- This allows generic detection of condition-code operands without hardcoding any instruction mnemonics (e.g. used by
- Added support for non-default address-size configurations
- Some instructions (e.g.
ENCLSorBNDCL) are using non-default address-size configurations like ignoring the address-size override prefix or forcing the address size to certain values
- Some instructions (e.g.
- Use
MODRM_RMinstead ofMODRM_REGfor the destination register ofEXTRQ - Removed
W0filter fromLLWPCB/SLWPCB(is allowed to have 64-bit operand-size) - Added new attributes for instructions that access CPU/FPU/XMM state
ZYDIS_ATTRIB_CPU_STATE_{CR|CW}for general CPU-state accessZYDIS_ATTRIB_FPU_STATE_{CR|CW}for FPU-state (x87 and MMX) accessZYDIS_ATTRIB_XMM_STATE_{CR|CW}for XMM-state access
- Fixed CPU-flag actions for instructions that
TESTandMODIFIYcertain flags at the same time- Introduced a new CPU-flag action called
TESTED_MODIFIED
- Introduced a new CPU-flag action called
- Added
ZYDIS_ATTRIB_CPU_STATE_{CR|CW}attribute toiret{d|q} - Added implicit writes for the
CSandSSregisters tosyscallandsysret
Misc
- Implemented color support (VT100) and syntax highlighting for the
ZydisInfotool - Added
ZydisGetInstructionSegmentshelper function- Returns a list that maps the different instruction segments (like
OPCODE,MODRM, ...) to an offset-size pair - The
ZydisInfotool now prints the hexadecimal instruction bytes using different colors considering the instruction segment
- Returns a list that maps the different instruction segments (like
- Added
ZydisCalcAbsoluteAddressExwhich takes an additional register-context argument to allow calculation of addresses depending on runtime register values - Introduced
ZYDIS_MINIMAL_MODECMake option- Forces
ZYDIS_DECODER_MODE_MINIMAL - Reduces file size by excluding unused code and data-tables
- Forces
- Improved MSVC project