vmprofiler/include/vmutils.hpp

#pragma once
#include <Zydis/Utils.h>
#include <Zydis/Zydis.h>

#include <optional>
#include <vector>
#include <xmmintrin.h>

#define NOMINMAX
#include <Windows.h>

using u8 = unsigned char;
using u16 = unsigned short;
using u32 = unsigned int;
using u64 = unsigned long long;
using u128 = __m128;

using zydis_decoded_instr_t = ZydisDecodedInstruction;
using zydis_register_t = ZydisRegister;
using zydis_mnemonic_t = ZydisMnemonic;

struct zydis_instr_t
{
    zydis_decoded_instr_t instr;
    std::vector< u8 > raw;
    std::uintptr_t addr;
};

using zydis_routine_t = std::vector< zydis_instr_t >;

namespace vm::util
{
    namespace reg
    {
        // converts say... AL to RAX...
        zydis_register_t to64( zydis_register_t reg );
        bool compare( zydis_register_t a, zydis_register_t b );
    } // namespace reg

    bool get_fetch_operand( const zydis_routine_t &routine, zydis_instr_t &fetch_instr );
    std::optional< zydis_routine_t::iterator > get_fetch_operand( zydis_routine_t &routine );

    void print( zydis_routine_t &routine );
    void print( const zydis_decoded_instr_t &instr );
    bool is_jmp( const zydis_decoded_instr_t &instr );

    bool flatten( zydis_routine_t &routine, std::uintptr_t routine_addr, bool keep_jmps = false );
    void deobfuscate( zydis_routine_t &routine );
} // namespace vm::util