added disassembler

Author: papstuc

.gitignore

@@ -79,12 +79,8 @@ mono_crash.*
 [Dd]ebugPublic/
 [Rr]elease/
 [Rr]eleases/
-x64/
-x86/
 build/
 intermediate/
-hypervisor_intermediate/
-controller_intermediate/
 [Ww][Ii][Nn]32/
 [Aa][Rr][Mm]/
 [Aa][Rr][Mm]64/

vmp-import-resolver/x86/disassembler.cpp

@@ -0,0 +1,28 @@
+#include "disassembler.hpp"
+
+std::uintptr_t x86::disassembler_t::instruction_t::absolute_address() const
+{
+    std::uintptr_t absolute_address = 0;
+
+	if (!ZYAN_SUCCESS(ZydisCalcAbsoluteAddress(&this->info, this->operands, this->runtime_address, &absolute_address)))
+	{
+		return 0;
+	}
+
+    return absolute_address;
+}
+
+bool x86::disassembler_t::initialize()
+{
+    return ZYAN_SUCCESS(ZydisDecoderInit(&this->m_decoder, ZydisMachineMode::ZYDIS_MACHINE_MODE_LONG_64, ZydisStackWidth::ZYDIS_STACK_WIDTH_64));
+}
+
+bool x86::disassembler_t::decode(const std::uintptr_t runtime_address, const void* buffer, const std::size_t length, instruction_t& instruction) const
+{
+    instruction.runtime_address = runtime_address;
+
+    ZydisDecoderContext ctx;
+
+    return  ZYAN_SUCCESS(ZydisDecoderDecodeInstruction(&this->m_decoder, &ctx, buffer, length, &instruction.info)) &&
+        ZYAN_SUCCESS(ZydisDecoderDecodeOperands(&this->m_decoder, &ctx, &instruction.info, instruction.operands, instruction.info.operand_count));
+}

vmp-import-resolver/x86/disassembler.hpp

@@ -0,0 +1,27 @@
+#pragma once
+
+#include <cstdint>
+#include <cstddef>
+#include <Zydis/Zydis.h>
+
+namespace x86
+{
+    class disassembler_t
+    {
+        ZydisDecoder m_decoder = { };
+
+    public:
+        struct instruction_t
+        {
+        	std::uintptr_t runtime_address;
+            ZydisDecodedInstruction info;
+            ZydisDecodedOperand operands[ZYDIS_MAX_OPERAND_COUNT];
+
+            [[nodiscard]] std::uintptr_t absolute_address() const;
+        };
+
+        bool initialize();
+
+        bool decode(std::uintptr_t runtime_address, const void* buffer, std::size_t length, instruction_t& instruction) const;
+    };
+}