From 4d2e196e616162726c6211abc46c043078425322 Mon Sep 17 00:00:00 2001 From: iximeow Date: Sat, 16 Dec 2023 14:12:17 -0800 Subject: abnormal memory sizes for keylocker instructions are not bugs new `does_not_decode_invalid_registers` fuzzer found other bugs! the 384-bit accesses for 128b keylocker instructions are an otherwise-unknown size and had a memory size of `BUG`. they are not bugs. give the memory size a real name. --- CHANGELOG | 3 +++ src/lib.rs | 2 +- test/long_mode/mod.rs | 5 +++++ test/protected_mode/mod.rs | 5 +++++ test/real_mode/mod.rs | 1 + 5 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index f24a628..49b361f 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -8,6 +8,9 @@ in register class `B` does not imply that there was no `rex.w` on the instruction - `rex.w` may have been present but the register number may have been <4 such that `B` was an appropriate register class anyway. +* fix missing memory access size text for 128-bit keylocker instructions (would + have text like "aesdec128kl xmm0, BUG [rcx]" rather than "..., m384b [rcx]". + instructions are otherwise decoded correctly.) ## 1.2.0 * fix incorrect old yaxpeax-arch version selection for ffi crates diff --git a/src/lib.rs b/src/lib.rs index 86354ca..188a37a 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -146,7 +146,7 @@ const MEM_SIZE_STRINGS: [&'static str; 64] = [ "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "ymmword", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", - "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", + "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "m384b", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "BUG", "ptr", "zmmword", ]; diff --git a/test/long_mode/mod.rs b/test/long_mode/mod.rs index 25a303c..6b04be2 100644 --- a/test/long_mode/mod.rs +++ b/test/long_mode/mod.rs @@ -3442,6 +3442,11 @@ fn test_sevsnp() { test_display(&[0xf2, 0x0f, 0x01, 0xfe], "rmpupdate"); } +#[test] +fn test_keylocker() { + test_display(&[0xf3, 0x0f, 0x38, 0xdd, 0x03], "aesdec128kl xmm0, m384b [rbx]"); +} + // some test cases are best just lifted from llvm or gcc. #[test] fn from_llvm() { diff --git a/test/protected_mode/mod.rs b/test/protected_mode/mod.rs index 8b5571d..752c9df 100644 --- a/test/protected_mode/mod.rs +++ b/test/protected_mode/mod.rs @@ -3118,6 +3118,11 @@ fn test_sevsnp() { test_display(&[0xf2, 0x0f, 0x01, 0xfe], "rmpupdate"); } +#[test] +fn test_keylocker() { + test_display(&[0xf3, 0x0f, 0x38, 0xdd, 0x03], "aesdec128kl xmm0, m384b [ebx]"); +} + // some test cases are best just lifted from llvm or gcc. #[test] fn from_llvm() { diff --git a/test/real_mode/mod.rs b/test/real_mode/mod.rs index 7987e4a..1b1a378 100644 --- a/test/real_mode/mod.rs +++ b/test/real_mode/mod.rs @@ -17879,6 +17879,7 @@ fn test_real_mode() { test_display(&[0xf3, 0x0f, 0x2c, 0xc1], "cvttss2si eax, xmm1"); test_display(&[0xf3, 0x0f, 0x2d, 0x01], "cvtss2si eax, dword [bx + di * 1]"); test_display(&[0xf3, 0x0f, 0x2d, 0xc1], "cvtss2si eax, xmm1"); + test_display(&[0xf3, 0x0f, 0x38, 0xdd, 0x03], "aesdec128kl xmm0, m384b [bp + di * 1]"); test_display(&[0xf3, 0x0f, 0x38, 0xf6, 0x01], "adox eax, dword [bx + di * 1]"); test_display(&[0xf3, 0x0f, 0x38, 0xf6, 0xc1], "adox eax, ecx"); test_display(&[0xf3, 0x0f, 0x51, 0x01], "sqrtss xmm0, dword [bx + di * 1]"); -- cgit v1.1