Add support for TEST and more variants of SUB in trampolines

1 files changed, 44 insertions, 30 deletions

diff --git a/subhook_x86.c b/subhook_x86.c
index ce4e7f4..1a2936f 100644
--- a/subhook_x86.c
+++ b/subhook_x86.c
@@ -82,37 +82,51 @@ static int subhook_disasm(uint8_t *code, int *reloc) {
 		int flags;
 	};
 
+	/*
+	 * Refer to Intel Reference Manual volumes 2a and 2b for more information
+	 * about instruction format and encoding.
+	 */
 	static struct opcode_info opcodes[] = {
-		/* CALL rel32       */ {0xE8, 0, IMM32 | RELOC},
-		/* CALL r/m32       */ {0xFF, 2, MODRM | REG_OPCODE},
-		/* JMP rel32        */ {0xE9, 0, IMM32 | RELOC},
-		/* JMP r/m32        */ {0xFF, 4, MODRM | REG_OPCODE},
-		/* LEA r16,m        */ {0x8D, 0, MODRM},
-		/* MOV r/m8,r8      */ {0x88, 0, MODRM},
-		/* MOV r/m32,r32    */ {0x89, 0, MODRM},
-		/* MOV r8,r/m8      */ {0x8A, 0, MODRM},
-		/* MOV r32,r/m32    */ {0x8B, 0, MODRM},
-		/* MOV r/m16,Sreg   */ {0x8C, 0, MODRM},
-		/* MOV Sreg,r/m16   */ {0x8E, 0, MODRM},
-		/* MOV AL,moffs8    */ {0xA0, 0, IMM8},
-		/* MOV EAX,moffs32  */ {0xA1, 0, IMM32},
-		/* MOV moffs8,AL    */ {0xA2, 0, IMM8},
-		/* MOV moffs32,EAX  */ {0xA3, 0, IMM32},
-		/* MOV r8, imm8     */ {0xB0, 0, PLUS_R | IMM8},
-		/* MOV r32, imm32   */ {0xB8, 0, PLUS_R | IMM32},
-		/* MOV r/m8, imm8   */ {0xC6, 0, MODRM | REG_OPCODE | IMM8},
-		/* MOV r/m32, imm32 */ {0xC7, 0, MODRM | REG_OPCODE | IMM32},
-		/* POP r/m32        */ {0x8F, 0, MODRM | REG_OPCODE},
-		/* POP r32          */ {0x58, 0, PLUS_R},
-		/* PUSH r/m32       */ {0xFF, 6, MODRM | REG_OPCODE},
-		/* PUSH r32         */ {0x50, 0, PLUS_R},
-		/* PUSH imm8        */ {0x6A, 0, IMM8},
-		/* PUSH imm32       */ {0x68, 0, IMM32},
-		/* RET              */ {0xC3, 0, 0},
-		/* RET imm16        */ {0xC2, 0, IMM16},
-		/* SUB r/m32, imm8  */ {0x83, 5, MODRM | REG_OPCODE | IMM8},
-		/* SUB r/m32, r32   */ {0x29, 0, MODRM},
-		/* SUB r32, r/m32   */ {0x2B, 0, MODRM}
+		/* CALL rel32        */ {0xE8, 0, IMM32 | RELOC},
+		/* CALL r/m32        */ {0xFF, 2, MODRM | REG_OPCODE},
+		/* JMP rel32         */ {0xE9, 0, IMM32 | RELOC},
+		/* JMP r/m32         */ {0xFF, 4, MODRM | REG_OPCODE},
+		/* LEA r16,m         */ {0x8D, 0, MODRM},
+		/* MOV r/m8,r8       */ {0x88, 0, MODRM},
+		/* MOV r/m32,r32     */ {0x89, 0, MODRM},
+		/* MOV r8,r/m8       */ {0x8A, 0, MODRM},
+		/* MOV r32,r/m32     */ {0x8B, 0, MODRM},
+		/* MOV r/m16,Sreg    */ {0x8C, 0, MODRM},
+		/* MOV Sreg,r/m16    */ {0x8E, 0, MODRM},
+		/* MOV AL,moffs8     */ {0xA0, 0, IMM8},
+		/* MOV EAX,moffs32   */ {0xA1, 0, IMM32},
+		/* MOV moffs8,AL     */ {0xA2, 0, IMM8},
+		/* MOV moffs32,EAX   */ {0xA3, 0, IMM32},
+		/* MOV r8, imm8      */ {0xB0, 0, PLUS_R | IMM8},
+		/* MOV r32, imm32    */ {0xB8, 0, PLUS_R | IMM32},
+		/* MOV r/m8, imm8    */ {0xC6, 0, MODRM | REG_OPCODE | IMM8},
+		/* MOV r/m32, imm32  */ {0xC7, 0, MODRM | REG_OPCODE | IMM32},
+		/* POP r/m32         */ {0x8F, 0, MODRM | REG_OPCODE},
+		/* POP r32           */ {0x58, 0, PLUS_R},
+		/* PUSH r/m32        */ {0xFF, 6, MODRM | REG_OPCODE},
+		/* PUSH r32          */ {0x50, 0, PLUS_R},
+		/* PUSH imm8         */ {0x6A, 0, IMM8},
+		/* PUSH imm32        */ {0x68, 0, IMM32},
+		/* RET               */ {0xC3, 0, 0},
+		/* RET imm16         */ {0xC2, 0, IMM16},
+		/* SUB AL, imm8      */ {0x2C, 0, IMM8},
+		/* SUB EAX, imm32    */ {0x2D, 0, IMM32},
+		/* SUB r/m8, imm8    */ {0x80, 5, MODRM | REG_OPCODE | IMM8},
+		/* SUB r/m32, imm32  */ {0x81, 5, MODRM | REG_OPCODE | IMM8},
+		/* SUB r/m32, imm8   */ {0x83, 5, MODRM | REG_OPCODE | IMM8},
+		/* SUB r/m32, r32    */ {0x29, 0, MODRM},
+		/* SUB r32, r/m32    */ {0x2B, 0, MODRM},
+		/* TEST AL, imm8     */ {0xA8, 0, IMM8},
+		/* TEST EAX, imm32   */ {0xA9, 0, IMM32},
+		/* TEST r/m8, imm8   */ {0xF6, 0, MODRM | REG_OPCODE | IMM8},
+		/* TEST r/m32, imm32 */ {0xF7, 0, MODRM | REG_OPCODE | IMM32},
+		/* TEST r/m8, r8     */ {0x84, 0, MODRM},
+		/* TEST r/m32, r32   */ {0x85, 0, MODRM}
 	};
 
 	int i;