IDontCode
/
Theodosius
2
1
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e510662944'
${ noResults }
Theodosius/doxygen/html/d6/dc1/classtheo_1_1obf_1_1jcc__re...

251 lines
20 KiB
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=11"/>
<meta name="generator" content="Doxygen 1.9.3"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>Theodosius: theo::obf::jcc_rewrite_pass_t Class Reference</title>
<link href="../../tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="../../jquery.js"></script>
<script type="text/javascript" src="../../dynsections.js"></script>
<link href="../../search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="../../search/searchdata.js"></script>
<script type="text/javascript" src="../../search/search.js"></script>
<link href="../../doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr id="projectrow">
<td id="projectlogo"><img alt="Logo" src="../../icon.png"/></td>
<td id="projectalign">
<div id="projectname">Theodosius<span id="projectnumber">&#160;v3.0</span>
</div>
<div id="projectbrief">Jit linker, symbol mapper, and obfuscator</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.9.3 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&amp;dn=expat.txt MIT */
var searchBox = new SearchBox("searchBox", "../../search",'Search','.html');
/* @license-end */
</script>
<script type="text/javascript" src="../../menudata.js"></script>
<script type="text/javascript" src="../../menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:d3d9a9a6595521f9666a5e94cc830dab83b65699&amp;dn=expat.txt MIT */
$(function() {
initMenu('../../',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */
</script>
<div id="main-nav"></div>
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div id="nav-path" class="navpath">
<ul>
<li class="navelem"><a class="el" href="../../da/de6/namespacetheo.html">theo</a></li><li class="navelem"><a class="el" href="../../d5/da8/namespacetheo_1_1obf.html">obf</a></li><li class="navelem"><a class="el" href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html">jcc_rewrite_pass_t</a></li> </ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#pub-methods">Public Member Functions</a> &#124;
<a href="#pub-static-methods">Static Public Member Functions</a> </div>
<div class="headertitle"><div class="title">theo::obf::jcc_rewrite_pass_t Class Reference</div></div>
</div><!--header-->
<div class="contents">
<p>jcc rewrite pass which rewrites rip relative jcc's so that they are position independent.
<a href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html#details">More...</a></p>
<p><code>#include &quot;<a class="el" href="../../d2/df9/jcc__rewrite__pass_8hpp_source.html">jcc_rewrite_pass.hpp</a>&quot;</code></p>
<div class="dynheader">
Inheritance diagram for theo::obf::jcc_rewrite_pass_t:</div>
<div class="dyncontent">
<div class="center">
<img src="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.png" usemap="#theo::obf::jcc_5Frewrite_5Fpass_5Ft_map" alt=""/>
<map id="theo::obf::jcc_5Frewrite_5Fpass_5Ft_map" name="theo::obf::jcc_5Frewrite_5Fpass_5Ft_map">
<area href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html" title="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct..." alt="theo::obf::pass_t" shape="rect" coords="0,0,172,24"/>
</map>
</div></div>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a id="pub-methods" name="pub-methods"></a>
Public Member Functions</h2></td></tr>
<tr class="memitem:a5a93eb0945025ef3caefed8c63b65b23"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html#a5a93eb0945025ef3caefed8c63b65b23">run</a> (<a class="el" href="../../d9/dd5/classtheo_1_1decomp_1_1symbol__t.html">decomp::symbol_t</a> *sym)</td></tr>
<tr class="memdesc:a5a93eb0945025ef3caefed8c63b65b23"><td class="mdescLeft">&#160;</td><td class="mdescRight">virtual method which must be implimented by the pass that inherits this class. <a href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html#a5a93eb0945025ef3caefed8c63b65b23">More...</a><br /></td></tr>
<tr class="separator:a5a93eb0945025ef3caefed8c63b65b23"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="inherit_header pub_methods_classtheo_1_1obf_1_1pass__t"><td colspan="2" onclick="javascript:toggleInherit('pub_methods_classtheo_1_1obf_1_1pass__t')"><img src="../../closed.png" alt="-"/>&#160;Public Member Functions inherited from <a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html">theo::obf::pass_t</a></td></tr>
<tr class="memitem:abd4ab22cc2822b968267be7f8397d611 inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="memItemLeft" align="right" valign="top">&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#abd4ab22cc2822b968267be7f8397d611">pass_t</a> (<a class="el" href="../../d9/dbd/namespacetheo_1_1decomp.html#af96177687d0ad683c5897d8fa01135f9">decomp::sym_type_t</a> <a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#a46608a6c2dfb8ff657e44be9b50e0dfb">sym_type</a>)</td></tr>
<tr class="memdesc:abd4ab22cc2822b968267be7f8397d611 inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="mdescLeft">&#160;</td><td class="mdescRight">the explicit constructor of the <a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html" title="the pass_t class is a base clase for all passes made. you must override the pass_t::run virtual funct...">pass_t</a> base class. <a href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#abd4ab22cc2822b968267be7f8397d611">More...</a><br /></td></tr>
<tr class="separator:abd4ab22cc2822b968267be7f8397d611 inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:acfadc013ff0754d66a18baffdb1a61d1 inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="memItemLeft" align="right" valign="top">virtual void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#acfadc013ff0754d66a18baffdb1a61d1">run</a> (<a class="el" href="../../d9/dd5/classtheo_1_1decomp_1_1symbol__t.html">decomp::symbol_t</a> *sym)=0</td></tr>
<tr class="memdesc:acfadc013ff0754d66a18baffdb1a61d1 inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="mdescLeft">&#160;</td><td class="mdescRight">virtual method which must be implimented by the pass that inherits this class. <a href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#acfadc013ff0754d66a18baffdb1a61d1">More...</a><br /></td></tr>
<tr class="separator:acfadc013ff0754d66a18baffdb1a61d1 inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a46608a6c2dfb8ff657e44be9b50e0dfb inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="memItemLeft" align="right" valign="top"><a class="el" href="../../d9/dbd/namespacetheo_1_1decomp.html#af96177687d0ad683c5897d8fa01135f9">decomp::sym_type_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#a46608a6c2dfb8ff657e44be9b50e0dfb">sym_type</a> ()</td></tr>
<tr class="memdesc:a46608a6c2dfb8ff657e44be9b50e0dfb inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="mdescLeft">&#160;</td><td class="mdescRight">gets the passes symbol type. <a href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#a46608a6c2dfb8ff657e44be9b50e0dfb">More...</a><br /></td></tr>
<tr class="separator:a46608a6c2dfb8ff657e44be9b50e0dfb inherit pub_methods_classtheo_1_1obf_1_1pass__t"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a id="pub-static-methods" name="pub-static-methods"></a>
Static Public Member Functions</h2></td></tr>
<tr class="memitem:afc17278f751fe3f5868c988faffb3c92"><td class="memItemLeft" align="right" valign="top">static <a class="el" href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html">jcc_rewrite_pass_t</a> *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html#afc17278f751fe3f5868c988faffb3c92">get</a> ()</td></tr>
<tr class="separator:afc17278f751fe3f5868c988faffb3c92"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<div class="textblock"><p >jcc rewrite pass which rewrites rip relative jcc's so that they are position independent. </p>
<p >given the following code: </p><pre class="fragment">jnz label1
; other code goes here
</pre><p> label1: ; more code here</p>
<p >the jnz instruction will be rewritten so that the following code is generated: </p><pre class="fragment">jnz br2
</pre><p> br1: jmp [rip] ; address after this instruction contains the address ; of the instruction after the jcc. br2: jmp [rip] ; address after this instruction contains the address of where ; branch 2 is located.</p>
<p >its important to note that other passes will encrypt (transform) the address of the next instruction. There is actually no jmp [rip] either, push/ret is used. </p>
<p class="definition">Definition at line <a class="el" href="../../d2/df9/jcc__rewrite__pass_8hpp_source.html#l00061">61</a> of file <a class="el" href="../../d2/df9/jcc__rewrite__pass_8hpp_source.html">jcc_rewrite_pass.hpp</a>.</p>
</div><h2 class="groupheader">Member Function Documentation</h2>
<a id="afc17278f751fe3f5868c988faffb3c92" name="afc17278f751fe3f5868c988faffb3c92"></a>
<h2 class="memtitle"><span class="permalink"><a href="#afc17278f751fe3f5868c988faffb3c92">&#9670;&nbsp;</a></span>get()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname"><a class="el" href="../../d6/dc1/classtheo_1_1obf_1_1jcc__rewrite__pass__t.html">jcc_rewrite_pass_t</a> * theo::obf::jcc_rewrite_pass_t::get </td>
<td>(</td>
<td class="paramname"></td><td>)</td>
<td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">static</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p class="definition">Definition at line <a class="el" href="../../d9/db4/jcc__rewrite__pass_8cpp_source.html#l00035">35</a> of file <a class="el" href="../../d9/db4/jcc__rewrite__pass_8cpp_source.html">jcc_rewrite_pass.cpp</a>.</p>
<div class="fragment"><div class="line"><span class="lineno"> 35</span> {</div>
<div class="line"><span class="lineno"> 36</span> <span class="keyword">static</span> jcc_rewrite_pass_t obj;</div>
<div class="line"><span class="lineno"> 37</span> <span class="keywordflow">return</span> &amp;obj;</div>
<div class="line"><span class="lineno"> 38</span>}</div>
</div><!-- fragment -->
<p class="reference">Referenced by <a class="el" href="../../df/d0a/main_8cpp_source.html#l00057">main()</a>.</p>
</div>
</div>
<a id="a5a93eb0945025ef3caefed8c63b65b23" name="a5a93eb0945025ef3caefed8c63b65b23"></a>
<h2 class="memtitle"><span class="permalink"><a href="#a5a93eb0945025ef3caefed8c63b65b23">&#9670;&nbsp;</a></span>run()</h2>
<div class="memitem">
<div class="memproto">
<table class="mlabels">
<tr>
<td class="mlabels-left">
<table class="memname">
<tr>
<td class="memname">void theo::obf::jcc_rewrite_pass_t::run </td>
<td>(</td>
<td class="paramtype"><a class="el" href="../../d9/dd5/classtheo_1_1decomp_1_1symbol__t.html">decomp::symbol_t</a> *&#160;</td>
<td class="paramname"><em>sym</em></td><td>)</td>
<td></td>
</tr>
</table>
</td>
<td class="mlabels-right">
<span class="mlabels"><span class="mlabel">virtual</span></span> </td>
</tr>
</table>
</div><div class="memdoc">
<p>virtual method which must be implimented by the pass that inherits this class. </p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramname">sym</td><td>a symbol of the same type of m_sym_type.</td></tr>
</table>
</dd>
</dl>
<p>Implements <a class="el" href="../../d4/dad/classtheo_1_1obf_1_1pass__t.html#acfadc013ff0754d66a18baffdb1a61d1">theo::obf::pass_t</a>.</p>
<p class="definition">Definition at line <a class="el" href="../../d9/db4/jcc__rewrite__pass_8cpp_source.html#l00040">40</a> of file <a class="el" href="../../d9/db4/jcc__rewrite__pass_8cpp_source.html">jcc_rewrite_pass.cpp</a>.</p>
<div class="fragment"><div class="line"><span class="lineno"> 40</span> {</div>
<div class="line"><span class="lineno"> 41</span> std::int32_t disp = {};</div>
<div class="line"><span class="lineno"> 42</span> xed_decoded_inst_t inst;</div>
<div class="line"><span class="lineno"> 43</span> xed_state_t istate{XED_MACHINE_MODE_LONG_64, XED_ADDRESS_WIDTH_64b};</div>
<div class="line"><span class="lineno"> 44</span> xed_decoded_inst_zero_set_mode(&amp;inst, &amp;istate);</div>
<div class="line"><span class="lineno"> 45</span> xed_decode(&amp;inst, sym-&gt;data().data(), XED_MAX_INSTRUCTION_BYTES);</div>
<div class="line"><span class="lineno"> 46</span> </div>
<div class="line"><span class="lineno"> 47</span> <span class="comment">// if the instruction is branching...</span></div>
<div class="line"><span class="lineno"> 48</span> <span class="keywordflow">if</span> ((disp = xed_decoded_inst_get_branch_displacement(&amp;inst))) {</div>
<div class="line"><span class="lineno"> 49</span> disp += xed_decoded_inst_get_length(&amp;inst);</div>
<div class="line"><span class="lineno"> 50</span> </div>
<div class="line"><span class="lineno"> 51</span> <span class="comment">// update displacement...</span></div>
<div class="line"><span class="lineno"> 52</span> xed_decoded_inst_set_branch_displacement(</div>
<div class="line"><span class="lineno"> 53</span> &amp;inst, sym-&gt;data().size() - xed_decoded_inst_get_length(&amp;inst),</div>
<div class="line"><span class="lineno"> 54</span> xed_decoded_inst_get_branch_displacement_width(&amp;inst));</div>
<div class="line"><span class="lineno"> 55</span> </div>
<div class="line"><span class="lineno"> 56</span> xed_encoder_request_init_from_decode(&amp;inst);</div>
<div class="line"><span class="lineno"> 57</span> xed_encoder_request_t* req = &amp;inst;</div>
<div class="line"><span class="lineno"> 58</span> </div>
<div class="line"><span class="lineno"> 59</span> <span class="comment">// update jcc in the buffer...</span></div>
<div class="line"><span class="lineno"> 60</span> std::uint32_t len = {};</div>
<div class="line"><span class="lineno"> 61</span> xed_encode(req, sym-&gt;data().data(), xed_decoded_inst_get_length(&amp;inst),</div>
<div class="line"><span class="lineno"> 62</span> &amp;len);</div>
<div class="line"><span class="lineno"> 63</span> </div>
<div class="line"><span class="lineno"> 64</span> <span class="comment">// create a relocation to the instruction the branch would normally go</span></div>
<div class="line"><span class="lineno"> 65</span> <span class="comment">// too...</span></div>
<div class="line"><span class="lineno"> 66</span> <span class="keyword">auto</span> offset = disp &lt; 0 ? sym-&gt;offset() - std::abs(disp)</div>
<div class="line"><span class="lineno"> 67</span> : sym-&gt;offset() + std::abs(disp);</div>
<div class="line"><span class="lineno"> 68</span> </div>
<div class="line"><span class="lineno"> 69</span> <span class="keyword">auto</span> sym_name =</div>
<div class="line"><span class="lineno"> 70</span> std::string(</div>
<div class="line"><span class="lineno"> 71</span> sym-&gt;sym()-&gt;name.to_string(sym-&gt;img()-&gt;get_strings()).data())</div>
<div class="line"><span class="lineno"> 72</span> .append(<span class="stringliteral">&quot;@&quot;</span>)</div>
<div class="line"><span class="lineno"> 73</span> .append(std::to_string(offset));</div>
<div class="line"><span class="lineno"> 74</span> </div>
<div class="line"><span class="lineno"> 75</span> sym-&gt;relocs().push_back(</div>
<div class="line"><span class="lineno"> 76</span> recomp::reloc_t(0, <a class="code hl_function" href="../../d9/dd5/classtheo_1_1decomp_1_1symbol__t.html#a8695d75670cc4d61d275464e9109ff06" title="gets the hash of the symbol name.">decomp::symbol_t::hash</a>(sym_name), sym_name.data()));</div>
<div class="line"><span class="lineno"> 77</span> </div>
<div class="line"><span class="lineno"> 78</span> <span class="comment">// run next_inst_pass on this symbol to generate the transformations for the</span></div>
<div class="line"><span class="lineno"> 79</span> <span class="comment">// relocation to the jcc branch dest instruction...</span></div>
<div class="line"><span class="lineno"> 80</span> <a class="code hl_function" href="../../d5/d08/classtheo_1_1obf_1_1next__inst__pass__t.html#a964e6f5291ccba0442519f2563b3a2e9">next_inst_pass_t::get</a>()-&gt;<a class="code hl_function" href="../../d5/d08/classtheo_1_1obf_1_1next__inst__pass__t.html#ae4cbba78b14c2b9da794386e4d92f40f" title="virtual method which must be implimented by the pass that inherits this class.">run</a>(sym);</div>
<div class="line"><span class="lineno"> 81</span> }</div>
<div class="line"><span class="lineno"> 82</span>};</div>
</div><!-- fragment -->
<p class="reference">References <a class="el" href="../../d8/d67/symbol_8cpp_source.html#l00076">theo::decomp::symbol_t::data()</a>, <a class="el" href="../../df/d7d/next__inst__pass_8cpp_source.html#l00034">theo::obf::next_inst_pass_t::get()</a>, <a class="el" href="../../d8/d67/symbol_8cpp_source.html#l00088">theo::decomp::symbol_t::hash()</a>, <a class="el" href="../../d8/d67/symbol_8cpp_source.html#l00068">theo::decomp::symbol_t::img()</a>, <a class="el" href="../../d8/d67/symbol_8cpp_source.html#l00056">theo::decomp::symbol_t::offset()</a>, <a class="el" href="../../d8/d67/symbol_8cpp_source.html#l00096">theo::decomp::symbol_t::relocs()</a>, <a class="el" href="../../df/d7d/next__inst__pass_8cpp_source.html#l00038">theo::obf::next_inst_pass_t::run()</a>, and <a class="el" href="../../d8/d67/symbol_8cpp_source.html#l00092">theo::decomp::symbol_t::sym()</a>.</p>
</div>
</div>
<hr/>The documentation for this class was generated from the following files:<ul>
<li>include/obf/passes/<a class="el" href="../../d2/df9/jcc__rewrite__pass_8hpp_source.html">jcc_rewrite_pass.hpp</a></li>
<li>src/obf/passes/<a class="el" href="../../d9/db4/jcc__rewrite__pass_8cpp_source.html">jcc_rewrite_pass.cpp</a></li>
</ul>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated by&#160;<a href="https://www.doxygen.org/index.html"><img class="footer" src="../../doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.9.3
</small></address>
</body>
</html>
Reference in new issue View Git Blame Copy Permalink