Carry Flag wrong comparison

bitdefender / bddisasm

bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.

Apache License 2.0

887 stars 115 forks source link

Carry Flag wrong comparison #39

Closed x86asmr closed 3 years ago

x86asmr commented 3 years ago

in bdshemu.c#423

// Set CF.
if ((FM_SUB == FlagsMode) && (Src1 < Src2))

should be

// Set CF.
if ((FM_SUB == FlagsMode) && (Src1 < Dst))

instead

vlutas commented 3 years ago

Indeed, there was a problem (in fact, several problems) on rflags setting. Due to an error in the SET_FLAGS macro, src was passed instead of src1 to the ShemuSetFlags, thus wrongly setting the flags. This issue is fixed in the latest commit. Note than now, since the first and second sources are passed properly, the Src1 < Src2 condition becomes correct for SUB.

x86asmr commented 3 years ago

oh yes i see now