Zydis  v2.0.0
Utils.h File Reference

Other utility functions. More...

#include <Zydis/Defines.h>
#include <Zydis/Status.h>
#include <Zydis/DecoderTypes.h>
Include dependency graph for Utils.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions

ZYDIS_EXPORT ZydisStatus ZydisCalcAbsoluteAddress (const ZydisDecodedInstruction *instruction, const ZydisDecodedOperand *operand, ZydisU64 *address)
 Calculates the absolute target-address for the given instruction operand. More...
 
ZYDIS_EXPORT ZydisStatus ZydisGetAccessedFlagsByAction (const ZydisDecodedInstruction *instruction, ZydisCPUFlagAction action, ZydisCPUFlagMask *flags)
 Returns a mask of accessed CPU-flags matching the given action. More...
 

Detailed Description

Other utility functions.

Function Documentation

◆ ZydisCalcAbsoluteAddress()

ZYDIS_EXPORT ZydisStatus ZydisCalcAbsoluteAddress ( const ZydisDecodedInstruction instruction,
const ZydisDecodedOperand operand,
ZydisU64 address 
)

Calculates the absolute target-address for the given instruction operand.

Parameters
instructionA pointer to the ZydisDecodedInstruction struct.
operandA pointer to the ZydisDecodedOperand struct.
addressA pointer to the memory that receives the absolute target-address.
Returns
A zydis status code.

You should use this function in the following cases:

  • IMM operands with relative address (e.g. JMP, CALL, ...)
  • MEM operands with RIP/EIP-relative address (e.g. MOV RAX, [RIP+0x12345678])
  • MEM operands with absolute address (e.g. MOV RAX, [0x12345678])
    • The displacement needs to get truncated and zero extended

◆ ZydisGetAccessedFlagsByAction()

ZYDIS_EXPORT ZydisStatus ZydisGetAccessedFlagsByAction ( const ZydisDecodedInstruction instruction,
ZydisCPUFlagAction  action,
ZydisCPUFlagMask flags 
)

Returns a mask of accessed CPU-flags matching the given action.

Parameters
instructionA pointer to the ZydisDecodedInstruction struct.
actionThe CPU-flag action.
flagsA pointer to the variable that receives the flag mask.
Returns
A zydis status code.