IDontCode
/
Theodosius
2
1
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a26be3fd80'
${ noResults }
Theodosius/doxygen/latex/d6/dc1/classtheo_1_1obf_1_1jcc__re...

131 lines
7.4 KiB
Raw Blame History

\hypertarget{classtheo_1_1obf_1_1jcc__rewrite__pass__t}{}\doxysection{theo\+::obf\+::jcc\+\_\+rewrite\+\_\+pass\+\_\+t Class Reference}
\label{classtheo_1_1obf_1_1jcc__rewrite__pass__t}\index{theo::obf::jcc\_rewrite\_pass\_t@{theo::obf::jcc\_rewrite\_pass\_t}}
jcc rewrite pass which rewrites rip relative jcc\textquotesingle{}s so that they are position independent.
{\ttfamily \#include $<$jcc\+\_\+rewrite\+\_\+pass.\+hpp$>$}
Inheritance diagram for theo\+::obf\+::jcc\+\_\+rewrite\+\_\+pass\+\_\+t\+:\begin{figure}[H]
\begin{center}
\leavevmode
\includegraphics[height=2.000000cm]{d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t}
\end{center}
\end{figure}
\doxysubsection*{Public Member Functions}
\begin{DoxyCompactItemize}
\item
void \mbox{\hyperlink{classtheo_1_1obf_1_1jcc__rewrite__pass__t_a5a93eb0945025ef3caefed8c63b65b23}{run}} (\mbox{\hyperlink{classtheo_1_1decomp_1_1symbol__t}{decomp\+::symbol\+\_\+t}} $\ast$sym)
\begin{DoxyCompactList}\small\item\em virtual method which must be implimented by the pass that inherits this class. \end{DoxyCompactList}\end{DoxyCompactItemize}
\doxysubsection*{Static Public Member Functions}
\begin{DoxyCompactItemize}
\item
static \mbox{\hyperlink{classtheo_1_1obf_1_1jcc__rewrite__pass__t}{jcc\+\_\+rewrite\+\_\+pass\+\_\+t}} $\ast$ \mbox{\hyperlink{classtheo_1_1obf_1_1jcc__rewrite__pass__t_afc17278f751fe3f5868c988faffb3c92}{get}} ()
\end{DoxyCompactItemize}
\doxysubsection{Detailed Description}
jcc rewrite pass which rewrites rip relative jcc\textquotesingle{}s so that they are position independent.
given the following code\+: \begin{DoxyVerb}jnz label1
; other code goes here
\end{DoxyVerb}
label1\+: ; more code here
the jnz instruction will be rewritten so that the following code is generated\+: \begin{DoxyVerb}jnz br2
\end{DoxyVerb}
br1\+: jmp \mbox{[}rip\mbox{]} ; address after this instruction contains the address ; of the instruction after the jcc. br2\+: jmp \mbox{[}rip\mbox{]} ; address after this instruction contains the address of where ; branch 2 is located.
its important to note that other passes will encrypt (transform) the address of the next instruction. There is actually no jmp \mbox{[}rip\mbox{]} either, push/ret is used.
\doxysubsection{Member Function Documentation}
\mbox{\Hypertarget{classtheo_1_1obf_1_1jcc__rewrite__pass__t_afc17278f751fe3f5868c988faffb3c92}\label{classtheo_1_1obf_1_1jcc__rewrite__pass__t_afc17278f751fe3f5868c988faffb3c92}}
\index{theo::obf::jcc\_rewrite\_pass\_t@{theo::obf::jcc\_rewrite\_pass\_t}!get@{get}}
\index{get@{get}!theo::obf::jcc\_rewrite\_pass\_t@{theo::obf::jcc\_rewrite\_pass\_t}}
\doxysubsubsection{\texorpdfstring{get()}{get()}}
{\footnotesize\ttfamily \mbox{\hyperlink{classtheo_1_1obf_1_1jcc__rewrite__pass__t}{jcc\+\_\+rewrite\+\_\+pass\+\_\+t}} $\ast$ theo\+::obf\+::jcc\+\_\+rewrite\+\_\+pass\+\_\+t\+::get (\begin{DoxyParamCaption}{ }\end{DoxyParamCaption})\hspace{0.3cm}{\ttfamily [static]}}
\begin{DoxyCode}{0}
\DoxyCodeLine{35 \{}
\DoxyCodeLine{36 \textcolor{keyword}{static} jcc\_rewrite\_pass\_t obj;}
\DoxyCodeLine{37 \textcolor{keywordflow}{return} \&obj;}
\DoxyCodeLine{38 \}}
\end{DoxyCode}
\mbox{\Hypertarget{classtheo_1_1obf_1_1jcc__rewrite__pass__t_a5a93eb0945025ef3caefed8c63b65b23}\label{classtheo_1_1obf_1_1jcc__rewrite__pass__t_a5a93eb0945025ef3caefed8c63b65b23}}
\index{theo::obf::jcc\_rewrite\_pass\_t@{theo::obf::jcc\_rewrite\_pass\_t}!run@{run}}
\index{run@{run}!theo::obf::jcc\_rewrite\_pass\_t@{theo::obf::jcc\_rewrite\_pass\_t}}
\doxysubsubsection{\texorpdfstring{run()}{run()}}
{\footnotesize\ttfamily void theo\+::obf\+::jcc\+\_\+rewrite\+\_\+pass\+\_\+t\+::run (\begin{DoxyParamCaption}\item[{\mbox{\hyperlink{classtheo_1_1decomp_1_1symbol__t}{decomp\+::symbol\+\_\+t}} $\ast$}]{sym }\end{DoxyParamCaption})\hspace{0.3cm}{\ttfamily [virtual]}}
virtual method which must be implimented by the pass that inherits this class.
\begin{DoxyParams}{Parameters}
{\em sym} & a symbol of the same type of m\+\_\+sym\+\_\+type.\\
\hline
\end{DoxyParams}
Implements \mbox{\hyperlink{classtheo_1_1obf_1_1pass__t_acfadc013ff0754d66a18baffdb1a61d1}{theo\+::obf\+::pass\+\_\+t}}.
\begin{DoxyCode}{0}
\DoxyCodeLine{40 \{}
\DoxyCodeLine{41 std::int32\_t disp = \{\};}
\DoxyCodeLine{42 xed\_decoded\_inst\_t inst;}
\DoxyCodeLine{43 xed\_state\_t istate\{XED\_MACHINE\_MODE\_LONG\_64, XED\_ADDRESS\_WIDTH\_64b\};}
\DoxyCodeLine{44 xed\_decoded\_inst\_zero\_set\_mode(\&inst, \&istate);}
\DoxyCodeLine{45 xed\_decode(\&inst, sym-\/>data().data(), XED\_MAX\_INSTRUCTION\_BYTES);}
\DoxyCodeLine{46 }
\DoxyCodeLine{47 \textcolor{comment}{// if the instruction is branching...}}
\DoxyCodeLine{48 \textcolor{keywordflow}{if} ((disp = xed\_decoded\_inst\_get\_branch\_displacement(\&inst))) \{}
\DoxyCodeLine{49 disp += xed\_decoded\_inst\_get\_length(\&inst);}
\DoxyCodeLine{50 }
\DoxyCodeLine{51 \textcolor{comment}{// update displacement...}}
\DoxyCodeLine{52 xed\_decoded\_inst\_set\_branch\_displacement(}
\DoxyCodeLine{53 \&inst, sym-\/>data().size() -\/ xed\_decoded\_inst\_get\_length(\&inst),}
\DoxyCodeLine{54 xed\_decoded\_inst\_get\_branch\_displacement\_width(\&inst));}
\DoxyCodeLine{55 }
\DoxyCodeLine{56 xed\_encoder\_request\_init\_from\_decode(\&inst);}
\DoxyCodeLine{57 xed\_encoder\_request\_t* req = \&inst;}
\DoxyCodeLine{58 }
\DoxyCodeLine{59 \textcolor{comment}{// update jcc in the buffer...}}
\DoxyCodeLine{60 std::uint32\_t len = \{\};}
\DoxyCodeLine{61 xed\_encode(req, sym-\/>data().data(), xed\_decoded\_inst\_get\_length(\&inst),}
\DoxyCodeLine{62 \&len);}
\DoxyCodeLine{63 }
\DoxyCodeLine{64 \textcolor{comment}{// create a relocation to the instruction the branch would normally go}}
\DoxyCodeLine{65 \textcolor{comment}{// too...}}
\DoxyCodeLine{66 \textcolor{keyword}{auto} offset = disp < 0 ? sym-\/>offset() -\/ std::abs(disp)}
\DoxyCodeLine{67 : sym-\/>offset() + std::abs(disp);}
\DoxyCodeLine{68 }
\DoxyCodeLine{69 \textcolor{keyword}{auto} sym\_name =}
\DoxyCodeLine{70 std::string(}
\DoxyCodeLine{71 sym-\/>sym()-\/>name.to\_string(sym-\/>img()-\/>get\_strings()).data())}
\DoxyCodeLine{72 .append(\textcolor{stringliteral}{"{}@"{}})}
\DoxyCodeLine{73 .append(std::to\_string(offset));}
\DoxyCodeLine{74 }
\DoxyCodeLine{75 sym-\/>relocs().push\_back(}
\DoxyCodeLine{76 recomp::reloc\_t(0, \mbox{\hyperlink{classtheo_1_1decomp_1_1symbol__t_a8695d75670cc4d61d275464e9109ff06}{decomp::symbol\_t::hash}}(sym\_name), sym\_name.data()));}
\DoxyCodeLine{77 }
\DoxyCodeLine{78 \textcolor{comment}{// run next\_inst\_pass on this symbol to generate the transformations for the}}
\DoxyCodeLine{79 \textcolor{comment}{// relocation to the jcc branch dest instruction...}}
\DoxyCodeLine{80 \mbox{\hyperlink{classtheo_1_1obf_1_1next__inst__pass__t_a964e6f5291ccba0442519f2563b3a2e9}{next\_inst\_pass\_t::get}}()-\/>\mbox{\hyperlink{classtheo_1_1obf_1_1next__inst__pass__t_ae4cbba78b14c2b9da794386e4d92f40f}{run}}(sym);}
\DoxyCodeLine{81 \}}
\DoxyCodeLine{82 \};}
\end{DoxyCode}
The documentation for this class was generated from the following files\+:\begin{DoxyCompactItemize}
\item
include/obf/passes/\mbox{\hyperlink{jcc__rewrite__pass_8hpp}{jcc\+\_\+rewrite\+\_\+pass.\+hpp}}\item
src/obf/passes/\mbox{\hyperlink{jcc__rewrite__pass_8cpp}{jcc\+\_\+rewrite\+\_\+pass.\+cpp}}\end{DoxyCompactItemize}
Reference in new issue View Git Blame Copy Permalink