gdabah / distorm

Powerful Disassembler Library For x86/AMD64
Other
1.26k stars 238 forks source link

Missing Call opcode #62

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
In what mode did you try to disassemble (16/32/64)?

16 bit mode

What is the input buffer (binary stream) you used to reproduce the problem?
Use hex.

0x9A 0x00 0x00 0x00

What is the expected output (or what instruction)?

CALL (immediate) (direct)

Which tool did you use to see the expected output?

Intel MCS-86 Assembly Language Reference Guide

What do you see instead?

DB 0x9a

What version of diStorm are you using? On what platform (Python/EXE/other)?

DiStorm 3 (static build), MSVS2010, window7

Please provide any additional information below.

The function distorm_decode64 was used to disassemble.

Original issue reported on code.google.com by Aidan.Do...@googlemail.com on 24 Mar 2013 at 11:02

GoogleCodeExporter commented 9 years ago
According to http://ragestorm.net/downloads/386intel.txt
The opcode 0x9a instruction takes two operands of 16:16. Thus you're missing 
another byte and hence disassembly fails.

Original comment by distorm@gmail.com on 22 Jun 2013 at 8:21