SHR al, 1 // OF - Githubissues

bitdefender / bddisasm

bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.

Apache License 2.0

875 stars 112 forks source link

SHR al, 1 // OF #69

Closed icyfox168168 closed 2 years ago

icyfox168168 commented 2 years ago

"\x55\x50\x48\x89\xE5\x68\x46\x02\x00\x00\x9D\x48\xC7\xC0\xFE\x00\x00\x00\xD0\xE8\x9C\x58\x48\x89\x45\x00\x48\x89\xE8\xB9\x0B\x00\x00\x00\x48\x0F\xA3\x08\xB8\x99\x00\x00\x00\x48\x83\xD0\xFF\x48\x83\xC4\x08\x5D\xC3"

long long asmadc() { long long ret = 0; ;

__asm
{
    push 0x246
    popf
    mov rax, 0x00000000000000fe
    SHR       al, 1
}

ret = __readeflags();

if (_bittest64((LONG64*)&ret, RFLAG_OF))
{
    ret = 0x99;
}
else
{
    ret = 0x98;
}
return ret;

}

vlutas commented 2 years ago

https://github.com/bitdefender/bddisasm/commit/d3fd900903a1cf646335927b15fa2aa94220345b fixes the issue.

Thanks!