yetangitu/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra.git synced 2025-10-05 10:49:34 +02:00
Code Issues Releases Wiki Activity

GP-3851: Fixed aarch64 pair instructions to prevent overwrite

Browse source
This commit is contained in:
ghidorahrex 2024-02-14 17:06:32 -05:00
parent f030ecb874
commit d812c6a43d
1 changed files with 36 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

54
Ghidra/Processors/AARCH64/data/languages/AARCH64base.sinc
View file

@ -2915,8 +2915,10 @@ is size.ldstr=1 & b_2429=0x8 & b_23=1 & L=1 & b_21=0 & b_1620=0b11111 & b_15=1 &
:ldaxp Rt_GPR64, Rt2_GPR64, addrReg
is size.ldstr=3 & b_2429=0x8 & b_23=0 & L=1 & b_21=1 & b_15=1 & Rt2_GPR64 & addrReg & Rt_GPR64
{
Rt_GPR64 = *(addrReg);
Rt2_GPR64 = *(addrReg+8);
local addrval1:8 = *(addrReg);
local addrval2:8 = *(addrReg+8);
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.148 LDAXP page C6-1518 line 90122 MATCH x88608000/mask=xbfe08000
@ -2926,8 +2928,10 @@ is size.ldstr=3 & b_2429=0x8 & b_23=0 & L=1 & b_21=1 & b_15=1 & Rt2_GPR64 & addr
:ldaxp Rt_GPR32, Rt2_GPR32, addrReg
is size.ldstr=2 & b_2429=0x8 & b_23=0 & L=1 & b_21=1 & b_1620 & b_15=1 & Rt2_GPR32 & addrReg & Rt_GPR32 & Rt_GPR64 & Rt2_GPR64
{
Rt_GPR64 = zext(*:4(addrReg));
Rt2_GPR64 = zext(*:4(addrReg+4));
local addrval1:8 = zext(*:4(addrReg));
local addrval2:8 = zext(*:4(addrReg+4));
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.149 LDAXR page C6-1520 line 90256 MATCH x88408000/mask=xbfe08000
@ -3023,8 +3027,10 @@ is b_3031=0b11 & b_2329=0b0010001 & b_22=1 & b_21=0 & b_15=0 & aa_Xt & Rn_GPR64x
:ldnp Rt_GPR32, Rt2_GPR32, addrPairIndexed
is b_3031=0b00 & b_2229=0b10100001 & Rt2_GPR32 & addrPairIndexed & Rt_GPR32 & Rt_GPR64 & Rt2_GPR64
{
Rt_GPR64 = zext(*:4 addrPairIndexed);
Rt2_GPR64 = zext(*:4 (addrPairIndexed + 4));
local addrval1:8 = zext(*:4 addrPairIndexed);
local addrval2:8 = zext(*:4 (addrPairIndexed + 4));
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.163 LDNP page C6-1544 line 91702 MATCH x28400000/mask=x7fc00000
@ -3034,8 +3040,10 @@ is b_3031=0b00 & b_2229=0b10100001 & Rt2_GPR32 & addrPairIndexed & Rt_GPR32 & Rt
:ldnp Rt_GPR64, Rt2_GPR64, addrPairIndexed
is b_3031=0b10 & b_2229=0b10100001 & Rt2_GPR64 & addrPairIndexed & Rt_GPR64
{
Rt_GPR64 = *addrPairIndexed;
Rt2_GPR64 = *(addrPairIndexed + 8);
local addrval1:8 = *addrPairIndexed;
local addrval2:8 = *(addrPairIndexed + 8);
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.164 LDP page C6-1546 line 91841 MATCH x28c00000/mask=x7fc00000
@ -3049,8 +3057,10 @@ is b_3031=0b10 & b_2229=0b10100001 & Rt2_GPR64 & addrPairIndexed & Rt_GPR64
:ldp Rt_GPR32, Rt2_GPR32, addrPairIndexed
is b_3031=0b00 & b_2529=0b10100 & (b_24=1 | b_23=1) & b_22=1 & Rt2_GPR32 & addrPairIndexed & Rt_GPR32 & Rt_GPR64 & Rt2_GPR64
{
Rt_GPR64 = zext(*:4 addrPairIndexed);
Rt2_GPR64 = zext(*:4 (addrPairIndexed + 4));
local addrval1:8 = zext(*:4 addrPairIndexed);
local addrval2:8 = zext(*:4 (addrPairIndexed + 4));
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.164 LDP page C6-1546 line 91841 MATCH x28c00000/mask=x7fc00000
@ -3064,8 +3074,10 @@ is b_3031=0b00 & b_2529=0b10100 & (b_24=1 | b_23=1) & b_22=1 & Rt2_GPR32 & addrP
:ldp Rt_GPR64, Rt2_GPR64, addrPairIndexed
is b_3031=0b10 & b_2529=0b10100 & (b_24=1 | b_23=1) & b_22=1 & Rt2_GPR64 & addrPairIndexed & Rt_GPR64
{
Rt_GPR64 = *addrPairIndexed;
Rt2_GPR64 = *(addrPairIndexed + 8);
local addrval1:8 = *addrPairIndexed;
local addrval2:8 = *(addrPairIndexed + 8);
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.165 LDPSW page C6-1550 line 92077 MATCH x68c00000/mask=xffc00000
@ -3077,8 +3089,10 @@ is b_3031=0b10 & b_2529=0b10100 & (b_24=1 | b_23=1) & b_22=1 & Rt2_GPR64 & addrP
:ldpsw Rt_GPR64, Rt2_GPR64, addrPairIndexed
is b_2531=0b0110100 & (b_24=1 | b_23=1) & b_22=1 & Rt2_GPR64 & addrPairIndexed & Rt_GPR64
{
Rt_GPR64 = *(addrPairIndexed);
Rt2_GPR64 = *(addrPairIndexed+8);
local addrval1:8 = sext(*:4 addrPairIndexed);
local addrval2:8 = sext(*:4 (addrPairIndexed + 8));
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.166 LDR (immediate) page C6-1553 line 92262 MATCH xb9400000/mask=xbfc00000
@ -3551,8 +3565,10 @@ is size.ldstr=3 & b_2729=7 & v=0 & b_2425=0 & b_23=0 & b_2122=2 & b_1011=0 & Uns
:ldxp Rt_GPR64, Rt2_GPR64, addrReg
is size.ldstr=3 & b_2429=0x8 & b_23=0 & L=1 & b_21=1 & b_15=0 & Rt2_GPR64 & addrReg & Rt_GPR64
{
Rt_GPR64 = *addrReg;
Rt2_GPR64 = *(addrReg + 8);
local addrval1:8 = *addrReg;
local addrval2:8 = *(addrReg + 8);
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.208 LDXP page C6-1646 line 97748 MATCH x88600000/mask=xbfe08000
@ -3563,8 +3579,10 @@ is size.ldstr=3 & b_2429=0x8 & b_23=0 & L=1 & b_21=1 & b_15=0 & Rt2_GPR64 & addr
:ldxp Rt_GPR32, Rt2_GPR32, addrReg
is size.ldstr=2 & b_2429=0x8 & b_23=0 & L=1 & b_21=1 & b_15=0 & Rt2_GPR32 & addrReg & Rt_GPR32 & Rt_GPR64 & Rt2_GPR64
{
Rt_GPR64 = zext(*:4 addrReg);
Rt2_GPR64 = zext(*:4 (addrReg + 4));
local addrval1:8 = zext(*:4 addrReg);
local addrval2:8 = zext(*:4 (addrReg + 4));
Rt_GPR64 = addrval1;
Rt2_GPR64 = addrval2;
}
# C6.2.209 LDXR page C6-1648 line 97882 MATCH x88400000/mask=xbfe08000