Operand size in PUSH IMM8

[GoogleCodeExporter]

Just bump into this..  safe to ignore.

Consider reporting operand sizes that actually resolves the problem of handling 
the operand. (Not sure if possible)

For example, push op with immediate of 8 bit :
6Ah PUSH 0x41

reports the size of the operand as an unusable 8 bit value. 

The actual operand size, it seems, depends on 2 factors:
""" Operand size. The D flag in the current code-segment descriptor determines 
the default operand size; it may be overridden by instruction prefixes (66H or 
REX.W). 
The operand size (16, 32, or 64 bits) determines the amount by which the stack 
pointer is decremented (2, 4 or 8)."""

Original issue reported on code.google.com by felipe.a...@gmail.com on 9 Sep 2013 at 2:26

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

That's a good point. The problem is that some people want to know the size of 
the operand itself, a byte sized operand.
And other people want to know the size it affects the stack, for that you will 
have to use flags to read the operand size of the instruction itself.

I wrote about it in https://code.google.com/p/distorm/wiki/TipsnTricks

Original comment by distorm@gmail.com on 11 Sep 2013 at 6:53

• Changed state: Invalid