vmp2
/
vmprofiler
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '64a139ffca'
${ noResults }
vmprofiler/doxygen/html/namespacevm_1_1handler.html

600 lines
42 KiB
Raw Normal View History Unescape

added doxygen to the project
3 years ago
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.9.1"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>VMProfiler: vm::handler Namespace Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectlogo"><img alt="Logo" src="icon.png"/></td>
<td id="projectalign" style="padding-left: 0.5em;">
<div id="projectname">VMProfiler
&#160;<span id="projectnumber">v1.8</span>
</div>
<div id="projectbrief">vmprofiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu.</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.9.1 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
var searchBox = new SearchBox("searchBox", "search",false,'Search','.html');
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(function() {
initMenu('',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */</script>
<div id="main-nav"></div>
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div id="nav-path" class="navpath">
<ul>
<li class="navelem"><a class="el" href="namespacevm.html">vm</a></li><li class="navelem"><a class="el" href="namespacevm_1_1handler.html">handler</a></li> </ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#namespaces">Namespaces</a> &#124;
<a href="#nested-classes">Classes</a> &#124;
<a href="#typedef-members">Typedefs</a> &#124;
<a href="#enum-members">Enumerations</a> &#124;
<a href="#func-members">Functions</a> </div>
<div class="headertitle">
<div class="title">vm::handler Namespace Reference</div> </div>
</div><!--header-->
<div class="contents">
<p>contains all information pertaining to vm handler identification...
<a href="namespacevm_1_1handler.html#details">More...</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="namespaces"></a>
Namespaces</h2></td></tr>
<tr class="memitem:namespacevm_1_1handler_1_1profile"><td class="memItemLeft" align="right" valign="top"> &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler_1_1profile.html">profile</a></td></tr>
<tr class="memdesc:namespacevm_1_1handler_1_1profile"><td class="mdescLeft">&#160;</td><td class="mdescRight">contains all profiles defined, as well as a vector of all of the defined profiles... <br /></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:namespacevm_1_1handler_1_1table"><td class="memItemLeft" align="right" valign="top"> &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler_1_1table.html">table</a></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="nested-classes"></a>
Classes</h2></td></tr>
<tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structvm_1_1handler_1_1handler__t.html">handler_t</a></td></tr>
<tr class="memdesc:"><td class="mdescLeft">&#160;</td><td class="mdescRight"><a class="el" href="structvm_1_1handler_1_1handler__t.html" title="handler_t contains all the information for a vm handler such as its immidate value size (zero if ther...">handler_t</a> contains all the information for a vm handler such as its immidate value size (zero if there is no imm), the transformations applied to the imm to decrypt it (if any), a pointer to the profile (nullptr if there is none), and other meta data... <a href="structvm_1_1handler_1_1handler__t.html#details">More...</a><br /></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:"><td class="memItemLeft" align="right" valign="top">struct &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="structvm_1_1handler_1_1profile__t.html">profile_t</a></td></tr>
<tr class="memdesc:"><td class="mdescLeft">&#160;</td><td class="mdescRight">pre defined vm handler profile containing all compiled time known information about a vm handler... <a href="structvm_1_1handler_1_1profile__t.html#details">More...</a><br /></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="typedef-members"></a>
Typedefs</h2></td></tr>
<tr class="memitem:a1016539777a69d79479f5fdf066440be"><td class="memItemLeft" align="right" valign="top">using&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#a1016539777a69d79479f5fdf066440be">zydis_callback_t</a> = std::function&lt; bool(const <a class="el" href="vmutils_8hpp.html#ad180fbf8cef52662febedec0f54b6188">zydis_decoded_instr_t</a> &amp;instr) &gt;</td></tr>
<tr class="memdesc:a1016539777a69d79479f5fdf066440be"><td class="mdescLeft">&#160;</td><td class="mdescRight">zydis callback lambda used to pattern match native instructions... <a href="namespacevm_1_1handler.html#a1016539777a69d79479f5fdf066440be">More...</a><br /></td></tr>
<tr class="separator:a1016539777a69d79479f5fdf066440be"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="enum-members"></a>
Enumerations</h2></td></tr>
<tr class="memitem:a83cdfb05acdea9268310c37165bd13c1"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1">mnemonic_t</a> { <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a9bb151fee0df242f0a304a3785191465">INVALID</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a9ee93798eb7945788dfe63a908a3f423">LRFLAGS</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aa9f0e1b43f89c1e555a7d3577f5c7b8f">PUSHVSP</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a65232b40f75ab995af9eea0d5aee6444">MULQ</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a3b8d706f88294ce7a8a8b08a9f5ff394">DIVQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a20b781d295b3872217cec880fc659ff9">CALL</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ad9ceecb5b5d78d7467ae3187dd3b0bd8">JMP</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aca4bfa0932d82166e9731d77d4ddd42e">VMEXIT</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a9c71d9caebd124594f42632b6df8c1df">LVSP</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a624092452de9f6648610ceffce32f78e">SREGQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ac41895fb285b8cb4ebe33755fc9b4974">SREGDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a918bd3d416c98957043ace785146adeb">SREGW</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a52308ac93a020fa701b6dee83c3d58f3">LREGQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ac04ea404828638e83dee7b69ef22810f">LREGDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a7691f0a92bb227b10a879f701b807c6c">LCONSTQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aa8a6a0d6b5d0cc301380df7bbdcf42b8">LCONSTBZXW</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aed58a3d6bbdb580c2817a128eb1ffe11">LCONSTBSXQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1accb986463feaa5f71f92067dc688aa93">LCONSTBSXDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aa57a3ad6bd862f3e73785b6ac54c1591">LCONSTDWSXQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1adf57df5a2ccfeec8f29a0ca75bdf595b">LCONSTWSXQ</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a1b719f2ae2d0a537fa2965ebd8b467d7">LCONSTWSXDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a21632363cca2c18a0bc30ddd9e718a6b">LCONSTDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1acf151e8e073bb5fc5d0e967fe68a92b7">LCONSTW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aedc758f639062bd366e49b155618225b">READQ</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a483ae76aeaa24a4278793ac99f32e45b">READDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a20f6daaede6cf418b6e3cb7a5b242a47">READW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a24fc686c7f66e479c8c1ae145bf2ba14">WRITEQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1af92bc6344b93fea2c0e5d1fdf8500160">WRITEDW</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ae5197ebd4240e18268cdeca4371c25d5">WRITEW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aa5646e9d21720029b354bfeca29f6241">WRITEB</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a1c1d818ac0054ac2bab61885479fd10b">ADDQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1abb62bc05ab9e2b13eea6e0a68a9a850f">ADDDW</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a658535c08ac0930a31bd92dfc8b2efc6">ADDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ae820c14a2d48db026b12e60ef2bf55b3">SHLQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ab8cddf6b4543c598ccb714551141aa81">SHLDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ac14306e538f382de3093cc8f3d4d95ec">SHRQ</a>
, <br />
&#160;&#160;<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ab36694ea7404c953f0fefdd201592d37">SHRW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1a2731b10387427c3422e7d822575bf55a">NANDQ</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1ae64f69da87f4b139ed9d2444589ef3f0">NANDDW</a>
, <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1aea25395449f2b159a0b9e1547c9b7d13">NANDW</a>
<br />
}</td></tr>
<tr class="memdesc:a83cdfb05acdea9268310c37165bd13c1"><td class="mdescLeft">&#160;</td><td class="mdescRight">vm handler mnemonic... so you dont need to compare strings! <a href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1">More...</a><br /></td></tr>
<tr class="separator:a83cdfb05acdea9268310c37165bd13c1"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ac79240b14c7251b5358709c130821e07"><td class="memItemLeft" align="right" valign="top">enum &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#ac79240b14c7251b5358709c130821e07">extention_t</a> { <a class="el" href="namespacevm_1_1handler.html#ac79240b14c7251b5358709c130821e07a8dffe0c4e6ca7a545daca4edac325522">none</a>
, <a class="el" href="namespacevm_1_1handler.html#ac79240b14c7251b5358709c130821e07acae8cc1c1114ea88d7d8affeecb19b1d">sign_extend</a>
, <a class="el" href="namespacevm_1_1handler.html#ac79240b14c7251b5358709c130821e07a6ff2bd786349a5d9affb290a9c602725">zero_extend</a>
}</td></tr>
<tr class="memdesc:ac79240b14c7251b5358709c130821e07"><td class="mdescLeft">&#160;</td><td class="mdescRight">how sign extention is handled... <a href="namespacevm_1_1handler.html#ac79240b14c7251b5358709c130821e07">More...</a><br /></td></tr>
<tr class="separator:ac79240b14c7251b5358709c130821e07"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:ab830e56e2b4ee32851937ae0fe1a4918"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#ab830e56e2b4ee32851937ae0fe1a4918">has_imm</a> (const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_handler)</td></tr>
<tr class="memdesc:ab830e56e2b4ee32851937ae0fe1a4918"><td class="mdescLeft">&#160;</td><td class="mdescRight">given a vm handler returns true if the vm handler decrypts an operand... <a href="namespacevm_1_1handler.html#ab830e56e2b4ee32851937ae0fe1a4918">More...</a><br /></td></tr>
<tr class="separator:ab830e56e2b4ee32851937ae0fe1a4918"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a073cb14b6691023771ad8eada2452138"><td class="memItemLeft" align="right" valign="top">std::optional&lt; std::uint8_t &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#a073cb14b6691023771ad8eada2452138">imm_size</a> (const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_handler)</td></tr>
<tr class="memdesc:a073cb14b6691023771ad8eada2452138"><td class="mdescLeft">&#160;</td><td class="mdescRight">gets the imm size of a vm handler... <a href="namespacevm_1_1handler.html#a073cb14b6691023771ad8eada2452138">More...</a><br /></td></tr>
<tr class="separator:a073cb14b6691023771ad8eada2452138"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:aa04be3f452edc65f17c38ef91fbed341"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#aa04be3f452edc65f17c38ef91fbed341">get</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_entry, <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_handler, std::uintptr_t handler_addr)</td></tr>
<tr class="memdesc:aa04be3f452edc65f17c38ef91fbed341"><td class="mdescLeft">&#160;</td><td class="mdescRight">gets a vm handler, puts all of the native instructions inside of the vm_handler param... <a href="namespacevm_1_1handler.html#aa04be3f452edc65f17c38ef91fbed341">More...</a><br /></td></tr>
<tr class="separator:aa04be3f452edc65f17c38ef91fbed341"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ae40eade4312e1383ae334ad2e0adacbf"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#ae40eade4312e1383ae334ad2e0adacbf">get_all</a> (std::uintptr_t module_base, std::uintptr_t image_base, <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_entry, std::uintptr_t *vm_handler_table, std::vector&lt; <a class="el" href="structvm_1_1handler_1_1handler__t.html">handler_t</a> &gt; &amp;vm_handlers)</td></tr>
<tr class="memdesc:ae40eade4312e1383ae334ad2e0adacbf"><td class="mdescLeft">&#160;</td><td class="mdescRight">get all 256 vm handlers... <a href="namespacevm_1_1handler.html#ae40eade4312e1383ae334ad2e0adacbf">More...</a><br /></td></tr>
<tr class="separator:ae40eade4312e1383ae334ad2e0adacbf"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ad63629408ca7f8b34169a38399ffcf02"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#ad63629408ca7f8b34169a38399ffcf02">get_operand_transforms</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_handler, <a class="el" href="namespacevm_1_1transform.html#af3bd71c380a50beece9341287b7cc025">transform::map_t</a> &amp;transforms)</td></tr>
<tr class="memdesc:ad63629408ca7f8b34169a38399ffcf02"><td class="mdescLeft">&#160;</td><td class="mdescRight">get operand decryption instructions given a vm handler... <a href="namespacevm_1_1handler.html#ad63629408ca7f8b34169a38399ffcf02">More...</a><br /></td></tr>
<tr class="separator:ad63629408ca7f8b34169a38399ffcf02"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ad410231628efa1c4ee7fe9a8c4c7db90"><td class="memItemLeft" align="right" valign="top"><a class="el" href="structvm_1_1handler_1_1profile__t.html">vm::handler::profile_t</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#ad410231628efa1c4ee7fe9a8c4c7db90">get_profile</a> (<a class="el" href="structvm_1_1handler_1_1handler__t.html">handler_t</a> &amp;vm_handler)</td></tr>
<tr class="memdesc:ad410231628efa1c4ee7fe9a8c4c7db90"><td class="mdescLeft">&#160;</td><td class="mdescRight">get a vm handler profile given a <a class="el" href="structvm_1_1handler_1_1handler__t.html" title="handler_t contains all the information for a vm handler such as its immidate value size (zero if ther...">handler_t</a>... <a href="namespacevm_1_1handler.html#ad410231628efa1c4ee7fe9a8c4c7db90">More...</a><br /></td></tr>
<tr class="separator:ad410231628efa1c4ee7fe9a8c4c7db90"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a0ba01b3a015d7f25b83261e9183a2e40"><td class="memItemLeft" align="right" valign="top"><a class="el" href="structvm_1_1handler_1_1profile__t.html">vm::handler::profile_t</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#a0ba01b3a015d7f25b83261e9183a2e40">get_profile</a> (<a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1">vm::handler::mnemonic_t</a> mnemonic)</td></tr>
<tr class="memdesc:a0ba01b3a015d7f25b83261e9183a2e40"><td class="mdescLeft">&#160;</td><td class="mdescRight">get a vm handler profile given the mnemonic of the vm handler... <a href="namespacevm_1_1handler.html#a0ba01b3a015d7f25b83261e9183a2e40">More...</a><br /></td></tr>
<tr class="separator:a0ba01b3a015d7f25b83261e9183a2e40"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ae5e88e98b57b69a61e344e17386a06c3"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1handler.html#ae5e88e98b57b69a61e344e17386a06c3">get_all</a> (std::uintptr_t module_base, std::uintptr_t image_base, <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;vm_entry, std::uintptr_t *vm_handler_table, std::vector&lt; <a class="el" href="structvm_1_1handler_1_1handler__t.html">vm::handler::handler_t</a> &gt; &amp;vm_handlers)</td></tr>
<tr class="separator:ae5e88e98b57b69a61e344e17386a06c3"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<div class="textblock"><p>contains all information pertaining to vm handler identification... </p>
</div><h2 class="groupheader">Typedef Documentation</h2>
<a id="a1016539777a69d79479f5fdf066440be"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a1016539777a69d79479f5fdf066440be">&#9670;&nbsp;</a></span>zydis_callback_t</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">using <a class="el" href="namespacevm_1_1handler.html#a1016539777a69d79479f5fdf066440be">vm::handler::zydis_callback_t</a> = typedef std::function&lt; bool( const <a class="el" href="vmutils_8hpp.html#ad180fbf8cef52662febedec0f54b6188">zydis_decoded_instr_t</a> &amp;instr ) &gt;</td>
</tr>
</table>
</div><div class="memdoc">
<p>zydis callback lambda used to pattern match native instructions... </p>
</div>
</div>
<h2 class="groupheader">Enumeration Type Documentation</h2>
<a id="ac79240b14c7251b5358709c130821e07"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ac79240b14c7251b5358709c130821e07">&#9670;&nbsp;</a></span>extention_t</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">enum <a class="el" href="namespacevm_1_1handler.html#ac79240b14c7251b5358709c130821e07">vm::handler::extention_t</a></td>
</tr>
</table>
</div><div class="memdoc">
<p>how sign extention is handled... </p>
<table class="fieldtable">
<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="ac79240b14c7251b5358709c130821e07a8dffe0c4e6ca7a545daca4edac325522"></a>none&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="ac79240b14c7251b5358709c130821e07acae8cc1c1114ea88d7d8affeecb19b1d"></a>sign_extend&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="ac79240b14c7251b5358709c130821e07a6ff2bd786349a5d9affb290a9c602725"></a>zero_extend&#160;</td><td class="fielddoc"></td></tr>
</table>
</div>
</div>
<a id="a83cdfb05acdea9268310c37165bd13c1"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a83cdfb05acdea9268310c37165bd13c1">&#9670;&nbsp;</a></span>mnemonic_t</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">enum <a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1">vm::handler::mnemonic_t</a></td>
</tr>
</table>
</div><div class="memdoc">
<p>vm handler mnemonic... so you dont need to compare strings! </p>
<table class="fieldtable">
<tr><th colspan="2">Enumerator</th></tr><tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a9bb151fee0df242f0a304a3785191465"></a>INVALID&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a9ee93798eb7945788dfe63a908a3f423"></a>LRFLAGS&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aa9f0e1b43f89c1e555a7d3577f5c7b8f"></a>PUSHVSP&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a65232b40f75ab995af9eea0d5aee6444"></a>MULQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a3b8d706f88294ce7a8a8b08a9f5ff394"></a>DIVQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a20b781d295b3872217cec880fc659ff9"></a>CALL&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ad9ceecb5b5d78d7467ae3187dd3b0bd8"></a>JMP&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aca4bfa0932d82166e9731d77d4ddd42e"></a>VMEXIT&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a9c71d9caebd124594f42632b6df8c1df"></a>LVSP&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a624092452de9f6648610ceffce32f78e"></a>SREGQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ac41895fb285b8cb4ebe33755fc9b4974"></a>SREGDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a918bd3d416c98957043ace785146adeb"></a>SREGW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a52308ac93a020fa701b6dee83c3d58f3"></a>LREGQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ac04ea404828638e83dee7b69ef22810f"></a>LREGDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a7691f0a92bb227b10a879f701b807c6c"></a>LCONSTQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aa8a6a0d6b5d0cc301380df7bbdcf42b8"></a>LCONSTBZXW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aed58a3d6bbdb580c2817a128eb1ffe11"></a>LCONSTBSXQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1accb986463feaa5f71f92067dc688aa93"></a>LCONSTBSXDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aa57a3ad6bd862f3e73785b6ac54c1591"></a>LCONSTDWSXQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1adf57df5a2ccfeec8f29a0ca75bdf595b"></a>LCONSTWSXQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a1b719f2ae2d0a537fa2965ebd8b467d7"></a>LCONSTWSXDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a21632363cca2c18a0bc30ddd9e718a6b"></a>LCONSTDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1acf151e8e073bb5fc5d0e967fe68a92b7"></a>LCONSTW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aedc758f639062bd366e49b155618225b"></a>READQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a483ae76aeaa24a4278793ac99f32e45b"></a>READDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a20f6daaede6cf418b6e3cb7a5b242a47"></a>READW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a24fc686c7f66e479c8c1ae145bf2ba14"></a>WRITEQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1af92bc6344b93fea2c0e5d1fdf8500160"></a>WRITEDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ae5197ebd4240e18268cdeca4371c25d5"></a>WRITEW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aa5646e9d21720029b354bfeca29f6241"></a>WRITEB&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a1c1d818ac0054ac2bab61885479fd10b"></a>ADDQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1abb62bc05ab9e2b13eea6e0a68a9a850f"></a>ADDDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a658535c08ac0930a31bd92dfc8b2efc6"></a>ADDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ae820c14a2d48db026b12e60ef2bf55b3"></a>SHLQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ab8cddf6b4543c598ccb714551141aa81"></a>SHLDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ac14306e538f382de3093cc8f3d4d95ec"></a>SHRQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ab36694ea7404c953f0fefdd201592d37"></a>SHRW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1a2731b10387427c3422e7d822575bf55a"></a>NANDQ&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1ae64f69da87f4b139ed9d2444589ef3f0"></a>NANDDW&#160;</td><td class="fielddoc"></td></tr>
<tr><td class="fieldname"><a id="a83cdfb05acdea9268310c37165bd13c1aea25395449f2b159a0b9e1547c9b7d13"></a>NANDW&#160;</td><td class="fielddoc"></td></tr>
</table>
</div>
</div>
<h2 class="groupheader">Function Documentation</h2>
<a id="aa04be3f452edc65f17c38ef91fbed341"></a>
<h2 class="memtitle"><span class="permalink"><a href="#aa04be3f452edc65f17c38ef91fbed341">&#9670;&nbsp;</a></span>get()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">bool vm::handler::get </td>
<td>(</td>
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_entry</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_handler</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::uintptr_t&#160;</td>
<td class="paramname"><em>handler_addr</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>gets a vm handler, puts all of the native instructions inside of the vm_handler param... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">vm_entry</td><td>reference to a zydis_routine_t containing the native instructions of a vm entry...</td></tr>
<tr><td class="paramname">vm_handler</td><td>reference to a zydis_routine_t that will get filled with the native instructions of the vm handler...</td></tr>
<tr><td class="paramname">handler_addr</td><td>linear virtual address to the first instruction of the vm handler...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns true if the native instructions of the vm handler was extracted...</dd></dl>
</div>
</div>
<a id="ae40eade4312e1383ae334ad2e0adacbf"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ae40eade4312e1383ae334ad2e0adacbf">&#9670;&nbsp;</a></span>get_all() <span class="overload">[1/2]</span></h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">bool vm::handler::get_all </td>
<td>(</td>
<td class="paramtype">std::uintptr_t&#160;</td>
<td class="paramname"><em>module_base</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::uintptr_t&#160;</td>
<td class="paramname"><em>image_base</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_entry</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::uintptr_t *&#160;</td>
<td class="paramname"><em>vm_handler_table</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::vector&lt; <a class="el" href="structvm_1_1handler_1_1handler__t.html">handler_t</a> &gt; &amp;&#160;</td>
<td class="paramname"><em>vm_handlers</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>get all 256 vm handlers... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">module_base</td><td>linear virtual address of the module base...</td></tr>
<tr><td class="paramname">image_base</td><td>image base from optional nt header... <a href="https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-image_optional_header64">IMAGE_OPTIONAL_HEADER64</a>...</td></tr>
<tr><td class="paramname">vm_entry</td><td>zydis_routine_t containing the deobfuscated and flattened vm entry native instructions...</td></tr>
<tr><td class="paramname">vm_handler_table</td><td>linear virtual address to the vm handler table...</td></tr>
<tr><td class="paramname">vm_handlers</td><td>vector of <a class="el" href="structvm_1_1handler_1_1handler__t.html" title="handler_t contains all the information for a vm handler such as its immidate value size (zero if ther...">handler_t</a>'s that will be filled with the vm handlers...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns true if all vm handlers were extracted, else false...</dd></dl>
</div>
</div>
<a id="ae5e88e98b57b69a61e344e17386a06c3"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ae5e88e98b57b69a61e344e17386a06c3">&#9670;&nbsp;</a></span>get_all() <span class="overload">[2/2]</span></h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">bool vm::handler::get_all </td>
<td>(</td>
<td class="paramtype">std::uintptr_t&#160;</td>
<td class="paramname"><em>module_base</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::uintptr_t&#160;</td>
<td class="paramname"><em>image_base</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_entry</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::uintptr_t *&#160;</td>
<td class="paramname"><em>vm_handler_table</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">std::vector&lt; <a class="el" href="structvm_1_1handler_1_1handler__t.html">vm::handler::handler_t</a> &gt; &amp;&#160;</td>
<td class="paramname"><em>vm_handlers</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
</div>
</div>
<a id="ad63629408ca7f8b34169a38399ffcf02"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ad63629408ca7f8b34169a38399ffcf02">&#9670;&nbsp;</a></span>get_operand_transforms()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">bool vm::handler::get_operand_transforms </td>
<td>(</td>
<td class="paramtype"><a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_handler</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="namespacevm_1_1transform.html#af3bd71c380a50beece9341287b7cc025">transform::map_t</a> &amp;&#160;</td>
<td class="paramname"><em>transforms</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>get operand decryption instructions given a vm handler... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">vm_handler</td><td>reference to a zydis_routine_t containing the deobfuscated and flattened vm handler native instructions...</td></tr>
<tr><td class="paramname">transforms</td><td>reference to a <a class="el" href="namespacevm_1_1transform.html#af3bd71c380a50beece9341287b7cc025" title="map of transform type to zydis decoded instruction of the transform...">transform::map_t</a> that will get filled up with the transforms needed to decrypt operands...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns true if the transformations were extracted successfully</dd></dl>
</div>
</div>
<a id="ad410231628efa1c4ee7fe9a8c4c7db90"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ad410231628efa1c4ee7fe9a8c4c7db90">&#9670;&nbsp;</a></span>get_profile() <span class="overload">[1/2]</span></h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="structvm_1_1handler_1_1profile__t.html">vm::handler::profile_t</a> * vm::handler::get_profile </td>
<td>(</td>
<td class="paramtype"><a class="el" href="structvm_1_1handler_1_1handler__t.html">handler_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_handler</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>get a vm handler profile given a <a class="el" href="structvm_1_1handler_1_1handler__t.html" title="handler_t contains all the information for a vm handler such as its immidate value size (zero if ther...">handler_t</a>... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">vm_handler</td><td>reference to a <a class="el" href="structvm_1_1handler_1_1handler__t.html" title="handler_t contains all the information for a vm handler such as its immidate value size (zero if ther...">handler_t</a> structure that contains all the information of a given vm handler...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns a pointer to the vm profile, else a nullptr...</dd></dl>
</div>
</div>
<a id="a0ba01b3a015d7f25b83261e9183a2e40"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a0ba01b3a015d7f25b83261e9183a2e40">&#9670;&nbsp;</a></span>get_profile() <span class="overload">[2/2]</span></h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="structvm_1_1handler_1_1profile__t.html">vm::handler::profile_t</a> * vm::handler::get_profile </td>
<td>(</td>
<td class="paramtype"><a class="el" href="namespacevm_1_1handler.html#a83cdfb05acdea9268310c37165bd13c1">vm::handler::mnemonic_t</a>&#160;</td>
<td class="paramname"><em>mnemonic</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>get a vm handler profile given the mnemonic of the vm handler... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">mnemonic</td><td>mnemonic of the vm handler...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns a pointer to the profile if the given menmonic is implimented, else a nullptr...</dd></dl>
</div>
</div>
<a id="ab830e56e2b4ee32851937ae0fe1a4918"></a>
<h2 class="memtitle"><span class="permalink"><a href="#ab830e56e2b4ee32851937ae0fe1a4918">&#9670;&nbsp;</a></span>has_imm()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">bool vm::handler::has_imm </td>
<td>(</td>
<td class="paramtype">const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_handler</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>given a vm handler returns true if the vm handler decrypts an operand... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">vm_handler</td><td>const reference to a vm handler...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns true if the vm handler decrypts an operand, else false...</dd></dl>
</div>
</div>
<a id="a073cb14b6691023771ad8eada2452138"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a073cb14b6691023771ad8eada2452138">&#9670;&nbsp;</a></span>imm_size()</h2>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">std::optional&lt; std::uint8_t &gt; vm::handler::imm_size </td>
<td>(</td>
<td class="paramtype">const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;&#160;</td>
<td class="paramname"><em>vm_handler</em></td><td>)</td>
<td></td>
</tr>
</table>
</div><div class="memdoc">
<p>gets the imm size of a vm handler... </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">vm_handler</td><td>const reference to a vm handler...</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>returns the imm size, otherwise returns an empty optional value...</dd></dl>
</div>
</div>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated by&#160;<a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.9.1
</small></address>
</body>
</html>