diff options
| -rw-r--r-- | src/shared/evex.in | 9 | ||||
| -rw-r--r-- | test/long_mode/mod.rs | 12 |
2 files changed, 20 insertions, 1 deletions
diff --git a/src/shared/evex.in b/src/shared/evex.in index b9a77e8..989d463 100644 --- a/src/shared/evex.in +++ b/src/shared/evex.in @@ -14,6 +14,14 @@ pub(crate) fn read_evex<T: Reader<<Arch as yaxpeax_arch::Arch>::Address, <Arch a let evex_byte_two = words.next().ok().ok_or(DecodeError::ExhaustedInput)?; let evex_byte_three = words.next().ok().ok_or(DecodeError::ExhaustedInput)?; let p = evex_byte_two & 0x03; + if evex_byte_one & 0x0c != 0 { + // the two bits above `m` are reserved and must be 0 + return Err(DecodeError::InvalidOpcode); + } + if evex_byte_two & 0x04 == 0 { + // the one bit above `p` is reserved and must be 1 + return Err(DecodeError::InvalidOpcode); + } let m = evex_byte_one & 0x03; if m == 0 { return Err(DecodeError::InvalidOpcode); @@ -340,7 +348,6 @@ pub(crate) fn read_evex_operands<T: Reader<<Arch as yaxpeax_arch::Arch>::Address set_reg_sizes(instruction, RegisterBank::X); } generated::EVEXOperandCode::Gm_V_Ed_LL_sae => { - deny_vex_reg(instruction)?; check_mask_reg(instruction)?; let modrm = read_modrm(words)?; diff --git a/test/long_mode/mod.rs b/test/long_mode/mod.rs index 0e28ea3..974e141 100644 --- a/test/long_mode/mod.rs +++ b/test/long_mode/mod.rs @@ -3147,6 +3147,18 @@ fn test_x87() { #[test] fn test_mishegos_finds() { + test_invalid(&[0x67, 0x66, 0x42, 0x0f, 0x01, 0xfe]); + test_display(&[0x62, 0x52, 0x05, 0xff, 0xad, 0xfd], "vfnmadd213ss xmm15{k7}{z}{rz-sae}, xmm15, xmm13"); + test_display(&[0x26, 0xf3, 0x0f, 0x3a, 0xf0, 0xc0, 0x24], "hreset 0x24"); + test_invalid(&[0xf2, 0x67, 0x4a, 0x0f, 0x01, 0xd6]); + test_invalid(&[0x36, 0x64, 0x62, 0x33, 0x39, 0xef, 0x55, 0xc2, 0x68]); + test_invalid(&[0x36, 0x66, 0x67, 0xf3, 0x0f, 0x01, 0xce]); + test_invalid(&[0x62, 0x0f, 0xc1, 0x35, 0x38, 0xf8, 0xc8]); + test_invalid(&[0x66, 0x2e, 0x64, 0x26, 0x0f, 0x01, 0xc1]); + test_invalid(&[0x2e, 0x2e, 0xf2, 0x36, 0x40, 0x0e, 0xb2, 0xdb, 0x42, 0xd6, 0xa3, 0x16]); + test_invalid(&[0x2e, 0xf2, 0x36, 0x40, 0x0f, 0xb2, 0xdb, 0x42, 0xd6, 0xa3, 0x16]); + test_invalid(&[0x3e, 0x3e, 0x3e, 0x66, 0x4b, 0x35, 0x58, 0x3e]); + test_display(&[0xf2, 0xf3, 0x66, 0x65, 0x4f, 0x25, 0x9b, 0x5e, 0xda, 0x44], "and rax, 0x44da5e9b"); test_display(&[0x65, 0x67, 0x65, 0x65, 0x0f, 0x0e], "femms"); test_display(&[0x26, 0x66, 0x67, 0x41, 0x0f, 0x38, 0xdf, 0xe4], "aesdeclast xmm4, xmm12"); test_display(&[0x65, 0x66, 0x66, 0x64, 0x48, 0x0f, 0x38, 0xdb, 0x0f], "aesimc xmm1, xmmword fs:[rdi]"); |