Fix a bug in zydis_wrapper

Introduced in x64dbg#3192
qq3337 · Jan 6, 2024 · c3642c3 · c3642c3
1 parent 399b19f
commit c3642c3
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 7 deletions.
diff --git a/src/gui/Src/Disassembler/ZydisTokenizer.cpp b/src/gui/Src/Disassembler/ZydisTokenizer.cpp
@@ -578,7 +578,6 @@ bool ZydisTokenizer::tokenizeImmOperand(const ZydisDecodedOperand & op)
         auto opsize = mZydis.GetInstr()->info.operand_width;
         valueType = TokenType::Value;
         value = duint(op.imm.value.u) & (duint(-1) >> (sizeof(duint) * 8 - opsize));
-
     }
     auto tokenValue = TokenValue(op.size / 8, value);
     addToken(valueType, printValue(tokenValue, true), tokenValue);

diff --git a/src/zydis_wrapper/zydis_wrapper.cpp b/src/zydis_wrapper/zydis_wrapper.cpp
@@ -183,14 +183,27 @@ const char* Zydis::RegName(ZydisRegister reg) const
 std::string Zydis::OperandText(uint8_t opindex) const
 {
     if(!Success() || opindex >= mInstr.info.operand_count)
-        return std::string();
+        return {};
 
     auto & op = mInstr.operands[opindex];
-    char buf[200];
-    if(ZYAN_SUCCESS(ZydisFormatterFormatOperand(&this->mFormatter, &mInstr.info, &mInstr.operands[opindex], buf, sizeof(buf), mAddr, nullptr)))
-        return std::string(buf);
-    else
-        return std::string();
+    char buf[200] = {};
+    if(!ZYAN_SUCCESS(ZydisFormatterFormatOperand(&this->mFormatter, &mInstr.info, &op, buf, sizeof(buf), mAddr, nullptr)))
+        return {};
+
+    //Extract only the part inside the []
+    if(op.type == ZYDIS_OPERAND_TYPE_MEMORY)
+    {
+        auto openBracket = strchr(buf, '[');
+        if(openBracket)
+        {
+            std::string result;
+            result = openBracket + 1;
+            if(result.back() == ']')
+                result.pop_back();
+            return result;
+        }
+    }
+    return buf;
 }
 
 uint8_t Zydis::Size() const
@@ -604,6 +617,8 @@ uint64_t Zydis::ResolveOpValue(uint8_t opindex, const std::function<uint64_t(Zyd
     {
     case ZYDIS_OPERAND_TYPE_IMMEDIATE:
         dest = uint64_t(op.imm.value.u);
+        if(!IsBranchType(Zydis::BTJmp | Zydis::BTCall | Zydis::BTLoop | Zydis::BTXbegin))
+            dest &= (uint64_t(-1) >> (sizeof(uint64_t) * 8 - mInstr.info.operand_width));
         break;
     case ZYDIS_OPERAND_TYPE_REGISTER:
         dest = resolveReg(op.reg.value);