asmdb icon indicating copy to clipboard operation
asmdb copied to clipboard

Published 20 hours ago verified publisher icon asmjit

call vs jmp format inconsistency

Open robertmuth opened this issue 3 years ago • 1 comments

For (indirect) jmps the format is "D":

 ["jmp"              , "R:r32/m32"                                       , "D"       , "FF /4"                        , "X86 BND          Control=Jump"],
 ["jmp"              , "R:r64/m64"                                       , "D"       , "FF /4"                        , "X64 BND          Control=Jump"],

But calls the format is "M":

["call"             , "R:r16/m16"                                       , "M"       , "66 FF /2"                     , "X86 BND          Control=Call OF=U SF=U ZF=U AF=U PF=U CF=U"],
 ["call"             , "R:r32/m32"                                       , "M"       , "FF /2"                        , "X86 BND          Control=Call OF=U SF=U ZF=U AF=U PF=U CF=U"],
 ["call"             , "R:r64/m64"                                       , "M"       , "FF /2"                        , "X64 BND          Control=Call OF=U SF=U ZF=U AF=U PF=U CF=

I think it should also be "M" for indirect jmps

robertmuth avatar Nov 23 '21 15:11 robertmuth

Thanks, this is a bug actually - D is a displacement encoded in the instruction, these should be all M.

kobalicek avatar Nov 23 '21 15:11 kobalicek