jcc rewrite pass which rewrites rip relative jcc's so that they are position independent. More...
#include <jcc_rewrite_pass.hpp>
Public Member Functions | |
| void | run (decomp::symbol_t *sym) |
| virtual method which must be implimented by the pass that inherits this class. More... | |
 Public Member Functions inherited from theo::obf::pass_t | |
| pass_t (decomp::sym_type_t sym_type) | |
| the explicit constructor of the pass_t base class. More... | |
| decomp::sym_type_t | sym_type () |
| gets the passes symbol type. More... | |
Static Public Member Functions | |
| static jcc_rewrite_pass_t * | get () |
Detailed Description
jcc rewrite pass which rewrites rip relative jcc's so that they are position independent.
given the following code:
jnz label1 ; other code goes here
label1: ; more code here
the jnz instruction will be rewritten so that the following code is generated:
jnz br2
br1: jmp [rip] ; address after this instruction contains the address ; of the instruction after the jcc. br2: jmp [rip] ; address after this instruction contains the address of where ; branch 2 is located.
its important to note that other passes will encrypt (transform) the address of the next instruction. There is actually no jmp [rip] either, push/ret is used.
Member Function Documentation
◆ get()
|
static |
◆ run()
|
virtual |
virtual method which must be implimented by the pass that inherits this class.
- Parameters
-
sym a symbol of the same type of m_sym_type.
Implements theo::obf::pass_t.
The documentation for this class was generated from the following files:
- include/obf/passes/jcc_rewrite_pass.hpp
- src/obf/passes/jcc_rewrite_pass.cpp
