RubyGems - metasm - Versions diffs - 1.0.0 - Mend

metasm 1.0.0

Files changed (192) hide show

data/BUGS +11 -0
data/CREDITS +17 -0
data/README +270 -0
data/TODO +114 -0
data/doc/code_organisation.txt +146 -0
data/doc/const_missing.txt +16 -0
data/doc/core_classes.txt +75 -0
data/doc/feature_list.txt +53 -0
data/doc/index.txt +59 -0
data/doc/install_notes.txt +170 -0
data/doc/style.css +3 -0
data/doc/use_cases.txt +18 -0
data/lib/metasm.rb +80 -0
data/lib/metasm/arm.rb +12 -0
data/lib/metasm/arm/debug.rb +39 -0
data/lib/metasm/arm/decode.rb +167 -0
data/lib/metasm/arm/encode.rb +77 -0
data/lib/metasm/arm/main.rb +75 -0
data/lib/metasm/arm/opcodes.rb +177 -0
data/lib/metasm/arm/parse.rb +130 -0
data/lib/metasm/arm/render.rb +55 -0
data/lib/metasm/compile_c.rb +1457 -0
data/lib/metasm/dalvik.rb +8 -0
data/lib/metasm/dalvik/decode.rb +196 -0
data/lib/metasm/dalvik/main.rb +60 -0
data/lib/metasm/dalvik/opcodes.rb +366 -0
data/lib/metasm/decode.rb +213 -0
data/lib/metasm/decompile.rb +2659 -0
data/lib/metasm/disassemble.rb +2068 -0
data/lib/metasm/disassemble_api.rb +1280 -0
data/lib/metasm/dynldr.rb +1329 -0
data/lib/metasm/encode.rb +333 -0
data/lib/metasm/exe_format/a_out.rb +194 -0
data/lib/metasm/exe_format/autoexe.rb +82 -0
data/lib/metasm/exe_format/bflt.rb +189 -0
data/lib/metasm/exe_format/coff.rb +455 -0
data/lib/metasm/exe_format/coff_decode.rb +901 -0
data/lib/metasm/exe_format/coff_encode.rb +1078 -0
data/lib/metasm/exe_format/dex.rb +457 -0
data/lib/metasm/exe_format/dol.rb +145 -0
data/lib/metasm/exe_format/elf.rb +923 -0
data/lib/metasm/exe_format/elf_decode.rb +979 -0
data/lib/metasm/exe_format/elf_encode.rb +1375 -0
data/lib/metasm/exe_format/macho.rb +827 -0
data/lib/metasm/exe_format/main.rb +228 -0
data/lib/metasm/exe_format/mz.rb +164 -0
data/lib/metasm/exe_format/nds.rb +172 -0
data/lib/metasm/exe_format/pe.rb +437 -0
data/lib/metasm/exe_format/serialstruct.rb +246 -0
data/lib/metasm/exe_format/shellcode.rb +114 -0
data/lib/metasm/exe_format/xcoff.rb +167 -0
data/lib/metasm/gui.rb +23 -0
data/lib/metasm/gui/cstruct.rb +373 -0
data/lib/metasm/gui/dasm_coverage.rb +199 -0
data/lib/metasm/gui/dasm_decomp.rb +369 -0
data/lib/metasm/gui/dasm_funcgraph.rb +103 -0
data/lib/metasm/gui/dasm_graph.rb +1354 -0
data/lib/metasm/gui/dasm_hex.rb +543 -0
data/lib/metasm/gui/dasm_listing.rb +599 -0
data/lib/metasm/gui/dasm_main.rb +906 -0
data/lib/metasm/gui/dasm_opcodes.rb +291 -0
data/lib/metasm/gui/debug.rb +1228 -0
data/lib/metasm/gui/gtk.rb +884 -0
data/lib/metasm/gui/qt.rb +495 -0
data/lib/metasm/gui/win32.rb +3004 -0
data/lib/metasm/gui/x11.rb +621 -0
data/lib/metasm/ia32.rb +14 -0
data/lib/metasm/ia32/compile_c.rb +1523 -0
data/lib/metasm/ia32/debug.rb +193 -0
data/lib/metasm/ia32/decode.rb +1167 -0
data/lib/metasm/ia32/decompile.rb +564 -0
data/lib/metasm/ia32/encode.rb +314 -0
data/lib/metasm/ia32/main.rb +233 -0
data/lib/metasm/ia32/opcodes.rb +872 -0
data/lib/metasm/ia32/parse.rb +327 -0
data/lib/metasm/ia32/render.rb +91 -0
data/lib/metasm/main.rb +1193 -0
data/lib/metasm/mips.rb +11 -0
data/lib/metasm/mips/compile_c.rb +7 -0
data/lib/metasm/mips/decode.rb +253 -0
data/lib/metasm/mips/encode.rb +51 -0
data/lib/metasm/mips/main.rb +72 -0
data/lib/metasm/mips/opcodes.rb +443 -0
data/lib/metasm/mips/parse.rb +51 -0
data/lib/metasm/mips/render.rb +43 -0
data/lib/metasm/os/gnu_exports.rb +270 -0
data/lib/metasm/os/linux.rb +1112 -0
data/lib/metasm/os/main.rb +1686 -0
data/lib/metasm/os/remote.rb +527 -0
data/lib/metasm/os/windows.rb +2027 -0
data/lib/metasm/os/windows_exports.rb +745 -0
data/lib/metasm/parse.rb +876 -0
data/lib/metasm/parse_c.rb +3938 -0
data/lib/metasm/pic16c/decode.rb +42 -0
data/lib/metasm/pic16c/main.rb +17 -0
data/lib/metasm/pic16c/opcodes.rb +68 -0
data/lib/metasm/ppc.rb +11 -0
data/lib/metasm/ppc/decode.rb +264 -0
data/lib/metasm/ppc/decompile.rb +251 -0
data/lib/metasm/ppc/encode.rb +51 -0
data/lib/metasm/ppc/main.rb +129 -0
data/lib/metasm/ppc/opcodes.rb +410 -0
data/lib/metasm/ppc/parse.rb +52 -0
data/lib/metasm/preprocessor.rb +1277 -0
data/lib/metasm/render.rb +130 -0
data/lib/metasm/sh4.rb +8 -0
data/lib/metasm/sh4/decode.rb +336 -0
data/lib/metasm/sh4/main.rb +292 -0
data/lib/metasm/sh4/opcodes.rb +381 -0
data/lib/metasm/x86_64.rb +12 -0
data/lib/metasm/x86_64/compile_c.rb +1025 -0
data/lib/metasm/x86_64/debug.rb +59 -0
data/lib/metasm/x86_64/decode.rb +268 -0
data/lib/metasm/x86_64/encode.rb +264 -0
data/lib/metasm/x86_64/main.rb +135 -0
data/lib/metasm/x86_64/opcodes.rb +118 -0
data/lib/metasm/x86_64/parse.rb +68 -0
data/misc/bottleneck.rb +61 -0
data/misc/cheader-findpppath.rb +58 -0
data/misc/hexdiff.rb +74 -0
data/misc/hexdump.rb +55 -0
data/misc/metasm-all.rb +13 -0
data/misc/objdiff.rb +47 -0
data/misc/objscan.rb +40 -0
data/misc/pdfparse.rb +661 -0
data/misc/ppc_pdf2oplist.rb +192 -0
data/misc/tcp_proxy_hex.rb +84 -0
data/misc/txt2html.rb +440 -0
data/samples/a.out.rb +31 -0
data/samples/asmsyntax.rb +77 -0
data/samples/bindiff.rb +555 -0
data/samples/compilation-steps.rb +49 -0
data/samples/cparser_makestackoffset.rb +55 -0
data/samples/dasm-backtrack.rb +38 -0
data/samples/dasmnavig.rb +318 -0
data/samples/dbg-apihook.rb +228 -0
data/samples/dbghelp.rb +143 -0
data/samples/disassemble-gui.rb +102 -0
data/samples/disassemble.rb +133 -0
data/samples/dump_upx.rb +95 -0
data/samples/dynamic_ruby.rb +1929 -0
data/samples/elf_list_needed.rb +46 -0
data/samples/elf_listexports.rb +33 -0
data/samples/elfencode.rb +25 -0
data/samples/exeencode.rb +128 -0
data/samples/factorize-headers-elfimports.rb +77 -0
data/samples/factorize-headers-peimports.rb +109 -0
data/samples/factorize-headers.rb +43 -0
data/samples/gdbclient.rb +583 -0
data/samples/generate_libsigs.rb +102 -0
data/samples/hotfix_gtk_dbg.rb +59 -0
data/samples/install_win_env.rb +78 -0
data/samples/lindebug.rb +924 -0
data/samples/linux_injectsyscall.rb +95 -0
data/samples/machoencode.rb +31 -0
data/samples/metasm-shell.rb +91 -0
data/samples/pe-hook.rb +69 -0
data/samples/pe-ia32-cpuid.rb +203 -0
data/samples/pe-mips.rb +35 -0
data/samples/pe-shutdown.rb +78 -0
data/samples/pe-testrelocs.rb +51 -0
data/samples/pe-testrsrc.rb +24 -0
data/samples/pe_listexports.rb +31 -0
data/samples/peencode.rb +19 -0
data/samples/peldr.rb +494 -0
data/samples/preprocess-flatten.rb +19 -0
data/samples/r0trace.rb +308 -0
data/samples/rubstop.rb +399 -0
data/samples/scan_pt_gnu_stack.rb +54 -0
data/samples/scanpeexports.rb +62 -0
data/samples/shellcode-c.rb +40 -0
data/samples/shellcode-dynlink.rb +146 -0
data/samples/source.asm +34 -0
data/samples/struct_offset.rb +47 -0
data/samples/testpe.rb +32 -0
data/samples/testraw.rb +45 -0
data/samples/win32genloader.rb +132 -0
data/samples/win32hooker-advanced.rb +169 -0
data/samples/win32hooker.rb +96 -0
data/samples/win32livedasm.rb +33 -0
data/samples/win32remotescan.rb +133 -0
data/samples/wintrace.rb +92 -0
data/tests/all.rb +8 -0
data/tests/dasm.rb +39 -0
data/tests/dynldr.rb +35 -0
data/tests/encodeddata.rb +132 -0
data/tests/ia32.rb +82 -0
data/tests/mips.rb +116 -0
data/tests/parse_c.rb +239 -0
data/tests/preprocessor.rb +269 -0
data/tests/x86_64.rb +62 -0
metadata +255 -0

@@ -0,0 +1,314 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/ia32/opcodes'
+require 'metasm/encode'
+module Metasm
+class Ia32
+	class InvalidModRM < Exception ; end
+	class ModRM
+		# returns the byte representing the register encoded as modrm
+		# works with Reg/SimdReg
+		def self.encode_reg(reg, mregval = 0)
+			0xc0 | (mregval << 3) | reg.val
+		end
+		# The argument is an integer representing the 'reg' field of the mrm
+		#
+		# caller is responsible for setting the adsz
+		# returns an array, 1 element per possible immediate size (for un-reduce()able Expression)
+		def encode(reg = 0, endianness = :little)
+			reg = reg.val if reg.kind_of? Argument
+			case @adsz
+			when 16; encode16(reg, endianness)
+			when 32; encode32(reg, endianness)
+			end
+		end
+		private
+		def encode16(reg, endianness)
+			if not b
+				# imm only
+				return [EncodedData.new << (6 | (reg << 3)) << @imm.encode(:u16, endianness)]
+			end
+			imm = @imm.reduce if self.imm
+			imm = nil if imm == 0
+			ret = EncodedData.new
+			ret <<
+			case [@b.val, (@i.val if i)]
+			when [3, 6], [6, 3]; 0
+			when [3, 7], [7, 3]; 1
+			when [5, 6], [6, 5]; 2
+			when [5, 7], [7, 5]; 3
+			when [6, nil]; 4
+			when [7, nil]; 5
+			when [5, nil]
+				imm ||= 0
+				6
+			when [3, nil]; 7
+			else raise InvalidModRM, 'invalid modrm16'
+			end
+			# add bits in the first octet of ret.data (1.9 compatibility layer)
+			or_bits = lambda { |v|	# rape me
+				if ret.data[0].kind_of? Integer
+					ret.data[0] |= v
+				else
+					ret.data[0] = (ret.data[0].unpack('C').first | v).chr
+				end
+			}
+			or_bits[reg << 3]
+			if imm
+				case Expression.in_range?(imm, :i8)
+				when true
+					or_bits[1 << 6]
+					[ret << Expression.encode_imm(imm, :i8, endianness)]
+				when false
+					or_bits[2 << 6]
+					[ret << Expression.encode_imm(imm, :a16, endianness)]
+				when nil
+					rets = ret.dup
+					or_bits[1<<6]
+					ret << @imm.encode(:i8, endianness)
+					ret, rets = rets, ret	# or_bits uses ret
+					or_bits[2<<6]
+					ret << @imm.encode(:a16, endianness)
+					[ret, rets]
+				end
+			else
+				[ret]
+			end
+		end
+		def encode32(reg, endianness)
+			# 0 => [ [0      ], [1      ], [2      ], [3      ], [:sib      ], [:i32   ], [6      ], [7      ] ], \
+			# 1 => [ [0, :i8 ], [1, :i8 ], [2, :i8 ], [3, :i8 ], [:sib, :i8 ], [5, :i8 ], [6, :i8 ], [7, :i8 ] ], \
+			# 2 => [ [0, :i32], [1, :i32], [2, :i32], [3, :i32], [:sib, :i32], [5, :i32], [6, :i32], [7, :i32] ]
+			#
+			# b => 0  1  2  3  4  5+i|i 6  7
+			# i => 0  1  2  3 nil   5   6  7
+			ret = EncodedData.new << (reg << 3)
+			# add bits in the first octet of ret.data (1.9 compatibility layer)
+			or_bits = lambda { |v|	# rape me
+				if ret.data[0].kind_of? Integer
+					ret.data[0] |= v
+				else
+					ret.data[0] = (ret.data[0].unpack('C').first | v).chr
+				end
+			}
+			if not self.b and not self.i
+				or_bits[5]
+				[ret << @imm.encode(:a32, endianness)]
+			elsif not self.b and self.s != 1
+				# sib with no b
+				raise EncodeError, "Invalid ModRM #{self}" if @i.val == 4
+				or_bits[4]
+				s = {8=>3, 4=>2, 2=>1}[@s]
+				imm = self.imm || Expression[0]
+				fu = (s << 6) | (@i.val << 3) | 5
+				fu = fu.chr if s >= 2	# rb1.9 encoding fix
+				[ret << fu << imm.encode(:a32, endianness)]
+			else
+				imm = @imm.reduce if self.imm
+				imm = nil if imm == 0
+				if not self.i or (not self.b and self.s == 1)
+					# no sib byte (except for [esp])
+					b = self.b || self.i
+					or_bits[b.val]
+					ret << 0x24 if b.val == 4
+				else
+					# sib
+					or_bits[4]
+					i, b = @i, @b
+					b, i = i, b if @s == 1 and (i.val == 4 or b.val == 5)
+					raise EncodeError, "Invalid ModRM #{self}" if i.val == 4
+					s = {8=>3, 4=>2, 2=>1, 1=>0}[@s]
+					fu = (s << 6) | (i.val << 3) | b.val
+					fu = fu.chr if s >= 2	# rb1.9 encoding fix
+					ret << fu
+				end
+				imm ||= 0 if b.val == 5
+				if imm
+					case Expression.in_range?(imm, :i8)
+					when true
+						or_bits[1<<6]
+						[ret << Expression.encode_imm(imm, :i8, endianness)]
+					when false
+						or_bits[2<<6]
+						[ret << Expression.encode_imm(imm, :a32, endianness)]
+					when nil
+						rets = ret.dup
+						or_bits[1<<6]
+						ret << @imm.encode(:i8, endianness)
+						rets, ret = ret, rets	# or_bits[] modifies ret directly
+						or_bits[2<<6]
+						ret << @imm.encode(:a32, endianness)
+						[ret, rets]
+					end
+				else
+					[ret]
+				end
+			end
+		end
+	end
+	class Farptr
+		def encode(endianness, atype)
+			@addr.encode(atype, endianness) << @seg.encode(:u16, endianness)
+		end
+	end
+	# returns all forms of the encoding of instruction i using opcode op
+	# program may be used to create a new label for relative jump/call
+	def encode_instr_op(program, i, op)
+		base      = op.bin.dup
+		oi        = op.args.zip(i.args)
+		set_field = lambda { |f, v|
+			v ||= 0		# ST => ST(0)
+			fld = op.fields[f]
+			base[fld[0]] |= v << fld[1]
+		}
+		size = i.prefix[:sz] || @size
+		#
+		# handle prefixes and bit fields
+		#
+		pfx = i.prefix.map { |k, v|
+			case k
+			when :jmp;  {:jmp => 0x3e, :nojmp => 0x2e}[v]
+			when :lock; 0xf0
+			when :rep;  {'repnz' => 0xf2, 'repz' => 0xf3, 'rep' => 0xf2}[v] # TODO
+			end
+		}.compact.pack 'C*'
+		pfx << op.props[:needpfx] if op.props[:needpfx]
+		if op.name == 'movsx' or op.name == 'movzx'
+			pfx << 0x66 if size == 48-i.args[0].sz
+		else
+			opsz = op.props[:argsz]
+			oi.each { |oa, ia|
+				case oa
+				when :reg, :reg_eax, :modrm, :modrmA, :mrm_imm
+					raise EncodeError, "Incompatible arg size in #{i}" if ia.sz and opsz and opsz != ia.sz
+					opsz = ia.sz
+				end
+			}
+			pfx << 0x66 if (not op.props[:argsz] or opsz != op.props[:argsz]) and (
+				(opsz and size == 48 - opsz) or (op.props[:opsz] and op.props[:opsz] != size))
+			if op.props[:opsz] and size == 48 - op.props[:opsz]
+				opsz = op.props[:opsz]
+			end
+		end
+		opsz ||= size
+		if op.props[:adsz] and size == 48 - op.props[:adsz]
+			pfx << 0x67
+			adsz = 48 - size
+		end
+		adsz ||= size
+		# addrsize override / segment override
+		if mrm = i.args.grep(ModRM).first
+			if not op.props[:adsz] and ((mrm.b and mrm.b.sz != adsz) or (mrm.i and mrm.i.sz != adsz))
+				pfx << 0x67
+				adsz = 48 - adsz
+			end
+			pfx << [0x26, 0x2E, 0x36, 0x3E, 0x64, 0x65][mrm.seg.val] if mrm.seg
+		end
+		#
+		# encode embedded arguments
+		#
+		postponed = []
+		oi.each { |oa, ia|
+			case oa
+			when :reg, :seg3, :seg3A, :seg2, :seg2A, :eeec, :eeed, :regfp, :regmmx, :regxmm
+				# field arg
+				set_field[oa, ia.val]
+				pfx << 0x66 if oa == :regmmx and op.props[:xmmx] and ia.sz == 128
+			when :imm_val1, :imm_val3, :reg_cl, :reg_eax, :reg_dx, :regfp0
+				# implicit
+			else
+				postponed << [oa, ia]
+			end
+		}
+		if !(op.args & [:modrm, :modrmA, :modrmxmm, :modrmmmx]).empty?
+			# reg field of modrm
+			regval = (base[-1] >> 3) & 7
+			base.pop
+		end
+		# convert label name for jmp/call/loop to relative offset
+		if op.props[:setip] and op.name[0, 3] != 'ret' and i.args.first.kind_of? Expression
+			postlabel = program.new_label('post'+op.name)
+			target = postponed.first[1]
+			target = target.rexpr if target.kind_of? Expression and target.op == :+ and not target.lexpr
+			postponed.first[1] = Expression[target, :-, postlabel]
+		end
+		#
+		# append other arguments
+		#
+		ret = EncodedData.new(pfx + base.pack('C*'))
+		postponed.each { |oa, ia|
+			case oa
+			when :farptr; ed = ia.encode(@endianness, "a#{opsz}".to_sym)
+			when :modrm, :modrmA, :modrmmmx, :modrmxmm
+				if ia.kind_of? ModRM
+					ed = ia.encode(regval, @endianness)
+					if ed.kind_of?(::Array)
+						if ed.length > 1
+							# we know that no opcode can have more than 1 modrm
+							ary = []
+							ed.each { |m|
+								ary << (ret.dup << m)
+							}
+							ret = ary
+							next
+						else
+							ed = ed.first
+						end
+					end
+				else
+					ed = ModRM.encode_reg(ia, regval)
+				end
+			when :mrm_imm; ed = ia.imm.encode("a#{adsz}".to_sym, @endianness)
+			when :i8, :u8, :u16; ed = ia.encode(oa, @endianness)
+			when :i; ed = ia.encode("a#{opsz}".to_sym, @endianness)
+			else raise SyntaxError, "Internal error: want to encode field #{oa.inspect} as arg in #{i}"
+			end
+			if ret.kind_of?(::Array)
+				ret.each { |e| e << ed }
+			else
+				ret << ed
+			end
+		}
+		# we know that no opcode with setip accept both modrm and immediate arg, so ret is not an ::Array
+		ret.add_export(postlabel, ret.virtsize) if postlabel
+		ret
+	end
+end
+end

data/lib/metasm/ia32/main.rb ADDED

@@ -0,0 +1,233 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/main'
+module Metasm
+# The ia32 aka x86 CPU
+# currently limited to 16 and 32bit modes
+class Ia32 < CPU
+	# some ruby magic to declare classes with index -> name association (registers)
+	class Argument
+		class << self
+			# for subclasses
+			attr_accessor :i_to_s, :s_to_i
+		end
+		private
+		# index -> name, name -> index
+		def self.simple_map(a)
+			# { 1 => 'dr1' }
+			@i_to_s = Hash[*a.flatten]
+			# { 'dr1' => 1 }
+			@s_to_i = @i_to_s.invert
+			class_eval {
+				attr_accessor :val
+				def initialize(v)
+					raise Exception, "invalid #{self.class} #{v}" unless self.class.i_to_s[v]
+					@val = v
+				end
+				def self.from_str(s) new(@s_to_i[s]) end
+			}
+		end
+		# size -> (index -> name), name -> [index, size]
+		def self.double_map(h)
+			# { 32 => { 1 => 'ecx' } }
+			@i_to_s = h
+			# { 'ecx' => [1, 32] }
+			@s_to_i = {} ; @i_to_s.each { |sz, hh| hh.each_with_index { |r, i| @s_to_i[r] = [i, sz] } }
+			class_eval {
+				attr_accessor :val, :sz
+				def initialize(v, sz)
+					raise Exception, "invalid #{self.class} #{sz}/#{v}" unless self.class.i_to_s[sz] and self.class.i_to_s[sz][v]
+					@val = v
+					@sz = sz
+				end
+				def self.from_str(s)
+					raise "Bad #{name} #{s.inspect}" if not x = @s_to_i[s]
+					new(*x)
+				end
+			}
+		end
+	end
+	# segment register: es, cs, ss, ds, fs, gs and the theoretical segr6/7
+	class SegReg < Argument
+		simple_map((0..7).zip(%w(es cs ss ds fs gs segr6 segr7)))
+	end
+	# debug register (dr0..dr3, dr6, dr7), and theoretical dr4/5
+	class DbgReg < Argument
+		simple_map((0..7).map { |i| [i, "dr#{i}"] })
+	end
+	# control register (cr0, cr2, cr3, cr4) and theoretical cr1/5/6/7
+	class CtrlReg < Argument
+		simple_map((0..7).map { |i| [i, "cr#{i}"] })
+	end
+	# floating point registers
+	class FpReg < Argument
+		simple_map((0..7).map { |i| [i, "ST(#{i})"] } << [nil, 'ST'])
+	end
+	# a single operation multiple data register (mm0..mm7, xmm0..xmm7)
+	class SimdReg < Argument
+		double_map  64 => (0..7).map { |n| "mm#{n}" },
+			   128 => (0..7).map { |n| "xmm#{n}" }
+		def symbolic(di=nil) ; to_s.to_sym end
+	end
+	# general purpose registers, all sizes
+	class Reg < Argument
+		double_map  8 => %w{ al  cl  dl  bl  ah  ch  dh  bh},
+			   16 => %w{ ax  cx  dx  bx  sp  bp  si  di},
+			   32 => %w{eax ecx edx ebx esp ebp esi edi}
+		Sym = @i_to_s[32].map { |s| s.to_sym }
+		# returns a symbolic representation of the register:
+		# eax => :eax
+		# cx => :ecx & 0xffff
+		# ah => (:eax >> 8) & 0xff
+		def symbolic(di=nil)
+			s = Sym[@val]
+			if @sz == 8 and to_s[-1] == ?h
+				Expression[[Sym[@val-4], :>>, 8], :&, 0xff]
+			elsif @sz == 8
+				Expression[s, :&, 0xff]
+			elsif @sz == 16
+				Expression[s, :&, 0xffff]
+			else
+				s
+			end
+		end
+		# checks if two registers have bits in common
+		def share?(other)
+			other.val % (other.sz >> 1) == @val % (@sz >> 1) and (other.sz != @sz or @sz != 8 or other.val == @val)
+		end
+	end
+	# a far pointer
+	# an immediate (numeric) pointer and an immediate segment selector
+	class Farptr < Argument
+		attr_accessor :seg, :addr
+		def initialize(seg, addr)
+			@seg, @addr = seg, addr
+		end
+	end
+	# ModRM represents indirections in x86 (eg dword ptr [eax+4*ebx+12h])
+	class ModRM < Argument
+		# valid combinaisons for a modrm
+		# ints are reg indexes, symbols are immediates, except :sib
+		Sum = {
+		    16 => {
+			0 => [ [3, 6], [3, 7], [5, 6], [5, 7], [6], [7], [:i16], [3] ],
+			1 => [ [3, 6, :i8 ], [3, 7, :i8 ], [5, 6, :i8 ], [5, 7, :i8 ], [6, :i8 ], [7, :i8 ], [5, :i8 ], [3, :i8 ] ],
+			2 => [ [3, 6, :i16], [3, 7, :i16], [5, 6, :i16], [5, 7, :i16], [6, :i16], [7, :i16], [5, :i16], [3, :i16] ]
+		    },
+		    32 => {
+			0 => [ [0], [1], [2], [3], [:sib], [:i32], [6], [7] ],
+			1 => [ [0, :i8 ], [1, :i8 ], [2, :i8 ], [3, :i8 ], [:sib, :i8 ], [5, :i8 ], [6, :i8 ], [7, :i8 ] ],
+			2 => [ [0, :i32], [1, :i32], [2, :i32], [3, :i32], [:sib, :i32], [5, :i32], [6, :i32], [7, :i32] ]
+		    }
+		}
+		attr_accessor :adsz, :sz
+		attr_accessor :seg
+		attr_accessor :s, :i, :b, :imm
+		# creates a new ModRM with the specified attributes:
+		# - adsz (16/32), sz (8/16/32: byte ptr, word ptr, dword ptr)
+		# - s, i, b, imm
+		# - segment selector override
+		def initialize(adsz, sz, s, i, b, imm, seg = nil)
+			@adsz, @sz = adsz, sz
+			@s, @i = s, i if i
+			@b = b if b
+			@imm = imm if imm
+			@seg = seg if seg
+		end
+		# returns the symbolic representation of the ModRM (ie an Indirection)
+		# segment selectors are represented as eg "segment_base_fs"
+		# not present when same as implicit (ds:edx, ss:esp)
+		def symbolic(di=nil)
+			p = nil
+			p = Expression[p, :+, @b.symbolic(di)] if b
+			p = Expression[p, :+, [@s, :*, @i.symbolic(di)]] if i
+			p = Expression[p, :+, @imm] if imm
+			p = Expression["segment_base_#@seg", :+, p] if seg and seg.val != ((b && (@b.val == 4 || @b.val == 5)) ? 2 : 3)
+			Indirection[p.reduce, @sz/8, (di.address if di)]
+		end
+	end
+	# Create a new instance of an Ia32 cpu
+	# arguments (any order)
+	# - size in bits (16, 32) [32]
+	# - instruction set (386, 486, pentium...) [latest]
+	# - endianness [:little]
+	def initialize(*a)
+		super()
+		@size = (a & [16, 32]).first || 32
+		a.delete @size
+		@endianness = (a & [:big, :little]).first || :little
+		a.delete @endianness
+		@family = a.pop || :latest
+		raise "Invalid arguments #{a.inspect}" if not a.empty?
+		raise "Invalid Ia32 family #{@family.inspect}" if not respond_to?("init_#@family")
+	end
+	# wrapper to transparently forward Ia32.new(64) to X86_64.new
+	def self.new(*a)
+		return X86_64.new(*a) if a.include? 64 and self == Ia32
+		super(*a)
+	end
+	# initializes the @opcode_list according to @family
+	def init_opcode_list
+		send("init_#@family")
+		@opcode_list
+	end
+	# defines some preprocessor macros to say who we are:
+	# _M_IX86 = 500, _X86_, __i386__
+	# pass any value in nodefine to just call super w/o defining anything of our own
+	def tune_prepro(pp, nodefine = false)
+		super(pp)
+		return if nodefine
+		pp.define_weak('_M_IX86', 500)
+		pp.define_weak('_X86_')
+		pp.define_weak('__i386__')
+	end
+	# returns a Reg object if the arg is a valid register (eg 'ax' => Reg.new(0, 16))
+	# returns nil if str is invalid
+	def str_to_reg(str)
+		Reg.from_str(str) if Reg.s_to_i.has_key? str
+	end
+	def shortname
+		"ia32#{'_16' if @size == 16}#{'_be' if @endianness == :big}"
+	end
+end
+X86 = Ia32
+end