==Brief description==
This Length-Disassembler was created for processing the executable x86 code instruction's lengths in 32bit mode. When we are saying "executable code" it means the CPU can execute the code. That is Catchy32 will NOT distinguish between the executable code and the data. There are a lot of opcodes that are not used as for now, but the place for them is reserved therefore they will be disassembled as well.

==Example==
db 0C0h,030h,001h - the instruction does not exist, but Catchy32 will disassemble it using the general disassembly rules

We used the tables with the flags 4 bits each and it allowed us to reduce the size of the engine but the beauty of the code is suffering now :-) The engine does not contain any absolute offsets, variables or external function calls.

==How to use==
To use Catcy32 you have to include it into your virus and put an offset to a disassembled instruction into EDI. If the disassembly was successful the return value is the instruction length in EAX. Otherwise EAX contains 0FFFFFFFFh. Other registers are not affected.

==Catchy32 example usage==
...	
	lea 	edi, InstructionOffset

Disassm:
	call	c_Catchy
	inc	eax
	or 	eax, eax
	jz	Error
	dec	eax
	add	edi, eax
	cmp	edi, CodeEnd
	jne	Disassm

EndOfCode:
...

==Thanks==
I'd like to say thanks to HI-TECH, WASM and TNTx groups for helping me with testing and useful remarks while developing Catchy32.

==Contacts==
If you noticed any bug, feel free to send it to me along with your questions, remarks, etc..
sars@ukrtop.com

(ñ) sars 2003