laie
laie
~After analyzing the ZydisEncoder's dual encoding modes (`ZydisEncoderEncodeInstructionAbsolute` and `ZydisEncoderEncodeInstruction`), I've identified an opportunity to improve the structural design by explicitly separating relative immediate values from regular immediate operands.~ ~Currently,...
[1] The fully decoded instruction byte count is reported 1128 bytes on my build environment [2] This big decoded instruction size makes infeasible to fully decompile some real world EXE...
``` namespace report_case { std::pair testcase_assemble_abs(size_t runtime_address, unsigned char* buffer, size_t length, ZydisMnemonic mnem, const std::vector& operands) { if (5 < operands.size()) throw std::runtime_error("Too many operands"); unsigned char ret_length =...
Currently I am preallocating 15 bytes(absolute maximum size) per an insn, for a recompilation. However, most of the instructions are not that large. And the preallocation gets too big compared...