search

microsoft / Detours

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
MIT License
5.27k stars 1.02k forks source link

Condition will always be false. #94

Open alf-p-steinbach opened 4 years ago

alf-p-steinbach commented 4 years ago

https://github.com/microsoft/Detours/blob/404c153ff390cb14f1787c7feeb4908c6d79b0ab/src/disasm.cpp#L3344

bgianfo commented 4 years ago

Thanks for the report, I'll take a look!

frerich commented 4 years ago

Assuming that the comment

        // 1111100xx001xxxx1111xxxxxxxxxxxx : PLD, PLI

is accurate, the bit mask (0xFE70F000) is correct -- but the expected value should be 0xF810F000. I.e. the lowest byte of the upper 32bit should be zero. The comment shows that this byte is not relevant (xxxx) and thus it makes sense to mask it out -- but then we'd expect all zeroes in the result.

Maybe this is a small brain fault since a few lines below, a slightly different mask is used, 0xFE7FF000 and in that case, the expected value would indeed by 0xF81FF000.

I suspect a unit test for this disassembler bug should be straightforward.