Get a functions length 3

**(+)** · June 30th, 2012

Still cannot follow jumps but better than previous ones.
You will need the hacker disassembler engine or whatever you want.
Hacker Disassembler Engine Source Codes

PHP Code:

 DWORD WINAPI GetFuncLen( PBYTE dwFunction )
{
    DWORD OpLen = NULL;
    DWORD Len = NULL;
    hde32s hs2;
        
    do
    {
        OpLen =  hde32_disasm( dwFunction, &hs2 );

        if( *dwFunction == 0xC3 || *dwFunction == 0xC2 )
        {
            dwFunction +=OpLen;
            Len +=OpLen;
            break;
        }

        dwFunction +=OpLen;
        Len +=OpLen;
    }
    while( 1 );

    return Len;
}

**(+)** · July 3rd, 2012

Here is one by at ColdCristal @ UCForum.

Code:

 DWORD GetFuncLen(DWORD Addr)
{
    DWORD Highest = 0;
    DWORD Offset = 0;
    hde32s disasm;

    while (true)
    {
        DWORD Target = Offset;
        hde32_disasm((void*)(Addr+Offset), &disasm);

        if ((disasm.opcode>=0x70 && disasm.opcode<=0x7F) || disasm.opcode==0xEB)
        {
            Target += disasm.len+(char)disasm.imm.imm8;
        } else if ((disasm.opcode==0x0F && disasm.opcode2>=0x80 && disasm.opcode2<=0x8F) || disasm.opcode==0xE9) {
            Target += disasm.len+(int)disasm.imm.imm32;
        } else if (disasm.opcode==0xC3 || disasm.opcode==0xC2) {
            if (Offset>Highest)
            {
                Offset += disasm.len;
                break;
            }
        }

        if (Target>Highest)
            Highest = Target;

        Offset += disasm.len;
    }

    return Offset;
}

Thread: Get a functions length 3

LinkBack

Thread Tools

Display

Get a functions length 3

Re: Get a functions length 3

Bookmarks

Bookmarks

Posting Permissions