Merge pull request #9 from ddash-ct/stos-fix

Fix bug in stos instructions to pull address from rdi instead of edi
dod-cyber-crime-center · Jan 4, 2024 · 82dea94 · 82dea94
2 parents 53b80b2 + 512568d
commit 82dea94
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+# [Unreleased]
+- Fix bug in `stos` instructions to pull address from `rdi` instead of `edi` (@ddash-ct)
+
+
 ## [0.10.0] - 2023-11-29
 - Tested on Ghidra 10.4
 - Added `create_function()` utility function in `rugosa.func_utils`. This attempts to define a function containing the given address by looking for common start bounds. 

diff --git a/rugosa/emulation/x86_64/opcodes.py b/rugosa/emulation/x86_64/opcodes.py
@@ -1926,41 +1926,41 @@ def STD(cpu_context: ProcessorContext, instruction: Instruction):
 
 @opcode
 def STOSB(cpu_context: ProcessorContext, instruction: Instruction):
-    """Store value in AL in the address pointed to by EDI"""
+    """Store value in AL in the address pointed to by RDI"""
     value = cpu_context.registers.al
-    addr = cpu_context.registers.edi
+    addr = cpu_context.registers.rdi
     logger.debug("Storing 0x%X into 0x%X", value, addr)
     cpu_context.memory.write(addr, bytes([value]))
     if cpu_context.registers.df:
-        cpu_context.registers.edi -= 1
+        cpu_context.registers.rdi -= 1
     else:
-        cpu_context.registers.edi += 1
+        cpu_context.registers.rdi += 1
 
 
 @opcode
 def STOSW(cpu_context: ProcessorContext, instruction: Instruction):
-    """Store value in AX in the address pointed to by EDI"""
+    """Store value in AX in the address pointed to by RDI"""
     value = cpu_context.registers.ax
-    addr = cpu_context.registers.edi
+    addr = cpu_context.registers.rdi
     logger.debug("Storing 0x%X into 0x%X", value, addr)
     cpu_context.memory.write(addr, value.to_bytes(2, cpu_context.byteorder))
     if cpu_context.registers.df:
-        cpu_context.registers.edi -= 2
+        cpu_context.registers.rdi -= 2
     else:
-        cpu_context.registers.edi += 2
+        cpu_context.registers.rdi += 2
 
 
 @opcode
 def STOSD(cpu_context: ProcessorContext, instruction: Instruction):
-    """Store value in EAX in the address pointed to by EDI"""
+    """Store value in EAX in the address pointed to by RDI"""
     value = cpu_context.registers.eax
-    addr = cpu_context.registers.edi
+    addr = cpu_context.registers.rdi
     logger.debug("Storing 0x%X into 0x%X", value, addr)
     cpu_context.memory.write(addr, value.to_bytes(4, cpu_context.byteorder))
     if cpu_context.registers.df:
-        cpu_context.registers.edi -= 4
+        cpu_context.registers.rdi -= 4
     else:
-        cpu_context.registers.edi += 4
+        cpu_context.registers.rdi += 4
 
 
 @opcode