• from patch from Jason Hood:
  • recognise float types (ByteInfo::typeFloat)
  • allow -1 in arrays
  • added the functions to dump raw bytes and output C-escaped strings
  • added more instructions to GetUseType (adapted)
  • Windows API function argument reference (winapifn.lst file)
  • custom function aliases and arguments (customfn.lst file)
  • comparison instructions will use condition codes, other instructions flags (eg: "cmp eax, 0" / "je ADDR", but "test eax, eax" / "jz ADDR")
  • made the "Referenced by" output an option, instead just using delineators to indicate calls ("========") and jumps/constants ("--------"), also indicating how many forward/backward references (eg: "=1<=2>==" means this function is called once before this address and twice after)
• mark reference detected in complex reference and use them
• dump even data
• update floating point disassembly (up to Pentium 4)

• from patch from Jason Hood:
  • if there are no code sections, treat the section containing EP as code
  • primitive recognition of Unicode strings (`(StringData)L"unicode"') !!! WONDERFUL !!!
  • display only the first 100 characters of strings
  • if the instruction is 11 bytes, keep the bytes on one line
  • display strings using "StringZ" pseudo-instruction (adapted)
  • display base address using 2, 4 or 8 digits, depending on its value
  • add a tab after BYTE/WORD/DWORD
  • made the REP actual prefixes for string instructions (eg: "rep movsb")
  • added short options for most of the long
  • added --show-cRef for the original "Referenced by" display (calls)
  • added --show-URef for the original "Referenced by" display (uncond. jumps)
  • added --show-CRef for the original "Referenced by" display (cond. jumps)
  • added --show-refs for the original "Referenced by" display (all of above)
  • add space after each colon in DLL display (eg: "Addr:xxx" -> "Addr: xxx")
  • minor fixes
• added --no-entry-code options to specify that entry point does not point to code (happen with some driver)

For developers

• add GetLiteralSize support for offsets in Param
• add Instruction::IsNop (adapted from Jason patch)

• from patch from Jason Hood:
  • reduced the file header, added option for original display
  • dump known resource types, added option for original display
  • use three columns to display relocations
  • added space after the comma (eg: "mov al, 0")
  • only use "repe" (and "repne", not "repnz") when appropriate, "rep" otherwise
  • made the REP actual prefixes for string instructions (eg: "rep movsb")
  • "normalised" the condition codes
  • added --full-headers(-H) for the original headers display
  • added --raw-resources(-R) for the original resource display
  • replace "Ord." with "Ord#"

For developer

• changed GetStringStats to IsPossibleString

• from patch from Jason Hood:
  • fix crash fix crash when importing by ordinal
  • some typo fix
  • PUNPCKLDQ was stored as PUNOCKLDQ
  • FEMMS & PREFETCH (swapped opcodes)
  • MOVLPS (swapped src/dst)
  • PACKSSWB (was PACKUSDW)
  • PACKUSWB (was PACKSSWB)
  • ARPL (EwGw not EvGv)
  • FUCOMPP (was FUCOMPUU)
  • TEST/XCHG ("mem,reg" instead of "reg,mem")
  • improve a lot disasm adding SSE/SSE2
  • start float handling
  • enhanced x86test (read from file, read bytes on command line)
• read correctly across sections
• enable warning if compiled with gcc
• do not use CFLAGS/CXXFLAGS in configure

• fix dll search under win32

• DevC++ produced buggy executable
• --addr-start --addr-end options to disassemble partially

For developer

• Rewritten options code

• do not try to search full api name for export
• print possible strings references (idea and partial implementation from Jeremy Smith)
• find external dll to read full api names (if ordinal) (used current directory on Unix, SearchPath on windows)

For developer

• OutOfAddress is now global
• cleanup and constification
• new ::DataReader class (removing dependency for dasm)
• renames ReadByte/Word/Dword in ReadU8/U16LE/U32LE (now only on DataReader)

• updated DevC++ project
• print wrong disassembly on some cases (without -b option)
• a bit faster

For developer

• renamed api to symbol and FileByte to ObjectModule
• review Relocation classes for bfd use
• move Symbols and entryPoint infos into ObjectModule
• many cleanup
• new mode to read object (ObjectModule::DataReader class)

• add ws2_32 to cache
• fix overlapped instruction printing output
• filler skip relocation on 0 byte sequences
• fix overlapping beetween code and data

• print import name if imported by ordinal
• if unknown data contain relocation are printed as DWORD, not single bytes (this is the main reason for this fast release)

• updated site layout

• removed ole2 and added odbc32 from cache
• print hexadecimal file characteristics
• print more flag of file characteristics
• filled some missing directory names

• correct spelling in README
• for some dll (wsock32, ole32, oleaut32 for the moment) show imports name even if imported by ordinal (for now cached in executable)

• wrong check if byte occupied (I promise I'll always do regression test from now on :) )
• some spell fix on doc and syntax usage

• add option to select what output (useful for script or other things)
• show decimal and hex for ordinals
• update man page

For developer

• fix make distcheck
• add GUI to dist (still in alpha)

• Projects for DevC++ (console and GUI)
• Project for Anjuta 1.9 (console)
• begin GUI (some preliminary code only)
• import without Hint-Name handled correctly (Borland and early Microsoft compiler)

For developer:

• moved some utils file to a new directory
• transform many defines to enum

• fix len check marking data
• option for icon extraction
• test for little endian during compilation

• fix compile problem with VC++ in release mode (severe BUG)
• some file cleanup

• do not collapse symbols for same address

• unicode handling fixed if wchar_t is not 16bit unicode
• invalid esc decode instruction (small 0.0089 only bug)
• some cleanup
• fixed some missed include

• started redesign code

• NEWS: project ported to SourceForge (perdr.sourceforge.net)
• fixed priority for complex memory references
• raw-dump rewind file for empty section
• fixed relocation detection with some strange file
• fixed small problem with MSVC compiler
• disabled unsafe heuristic, too unsafe
• improved config scripts

• invalid SECC instruction reported as valid
• removed overwriting information with bad one marking integer
• import marked as loader bytes
• added Borland C++ project files to source

For developer:

• some cleanup in code
• added note.txt to source

• removed log print
• missing some list item separator in man page

For developer:

• removed silly dependency from peformat.h

  Notes

• This project is not dead! I'm the only programmer and every single problem can slow down developing!

• removed some wrong relocation checking (3D Now! and SECC1)
• checked memory parameter for 3D Now!
• correct too restrictive debug check (stupid mistake)
• incorrect cvtpi2ps handling
• Fixed some constant for performance and size optimization

For developer:

• renamed inst_offset to pc
• revisited pc handling in x86dasm
• removed bit field from PE structure

• finished all Pentium III instructions
• Athlon instruction and parameter
• --raw-dump parameter

For developer:

• removed old C style code
• RelocationInfo associated with FileByte

• man page for UNIX
• .spec file use rpm global options
• small precision improvement

For developer:

• many changes to encapsulate old style C code to object oriented
• preparing to merge with bdf (now code is GPL, so I can include bdf without license problem)

  Note

• there are no BUG FIX in this version!
• why I waited for so many time ?
  • I had many other work (and other problem too)
  • I studied other freeware project for merging or optimize my work (bdf, DCC, PEDasm and others)

• fixed data resided in two section
• bad address reference for some complex reference
• bad label marking for some jmp dword ptr [x*4+y] reference
• some minor correction
• print information on complex reference
• if bad parameters print usage and return error
• added some instruction processing

For developer:

• Fixed TIstrInfos constant use

• not infinite loop for some overlapped code (rarest)
• don't overwrite priority on data
• correct condition on heuristic motor
• not relocation on string!
• rewrite auto_ptr (more compatible)
• rewrite some PE structure (more compatible)

For developer:

• separate complex reference analysis from code.cpp to codescan.cpp
• eliminate TCodeRange class (not used)
• renamed export identifier (keyword on some compiler)
• fix table for registry information (x86reg)

• Source code released.

• not extend sign on byte constant for byte registry operation
• add --show-priority to options

• wrong priority order
• no overlapped code
• fixed loader data exclusion on some file
• Added global reference to heuristic motor

• xchg eax,ebx printed as xchg ax,ebx
• internal uninitialized error (3 day of work!!)
• fixed some insignificant memory leak
• instruction movntq (found AMD doc)
• jmp dword [4*reg+constant] improved
• start global analysis
• some optimization

I start revision program output

• string/loader data length not reported correctly
• loader data not handle correctly
• resource with name handled as ID
• overflow on section name printing
• segment override not printed
• print [] if param is [00000000h]
• if [xxx] xxx constant write always unsigned
• if file has no relocation handled as with relocation
• option for version and processor disabling

• cmpxcghg8b have bad parameter
• Pentium III control instruction (prefetchX, fxsave, fxrstor, ldmxcsr, stmxcsr, sysenter, sysexit, sfence)
• Pentium III MMX instruction (maskmovq, pextrw, pmovmskb, pavgb, pavgw, pinsrw, pminub, pminsw, pmaxub, pmaxsw, pmulhuw, psadbw, pshufw)
• full AMD 3DNow! instruction extension

• Correct disassembly for Imm8 signed extended, now extend sign
• Wrong size setting of memory
• Excluded loader code
• Added api call to heuristic motor

• Relocation on instruction not handled correctly
• More label than needed
• String are now handled correctly
• No code and code overlap on complex jmp
• Relocation on code finished
• Options (--bytes)
• Better data analysis

• Don't add many reference
• Not initialized data pointer are not correct
• relocation use

• Don't exit if some instruction is unknown
• fixed error printing Numeric export
• data analysis for pointer in code
• check for string in code - many new BUG :-)

Project started on September 1999