|
|
|
@ -94,7 +94,7 @@ BOOL NcCreateLabels(PNATIVE_CODE_BLOCK Block)
|
|
|
|
|
XED_OPERAND_TYPE_ENUM OperandType = XedOperandType(Operand);
|
|
|
|
|
if (OperandType != XED_OPERAND_TYPE_IMM && OperandType != XED_OPERAND_TYPE_IMM_CONST)
|
|
|
|
|
{
|
|
|
|
|
printf("Found jump to non immediate value. Cat: %s\n", XedCategoryEnumToString(Category));
|
|
|
|
|
printf("Found jump to non immediate value. Category: %s\n", XedCategoryEnumToString(Category));
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -112,21 +112,53 @@ BOOL NcCreateLabels(PNATIVE_CODE_BLOCK Block)
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
NcInsertLinkBefore(JmpPos, new NATIVE_CODE_LINK(CurrentLabelId++));
|
|
|
|
|
NcInsertLinkBefore(JmpPos, new NATIVE_CODE_LINK(CurrentLabelId));
|
|
|
|
|
T->Label = CurrentLabelId;
|
|
|
|
|
++CurrentLabelId;
|
|
|
|
|
}
|
|
|
|
|
T->Flags |= CODE_FLAG_IS_REL_JMP;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PNATIVE_CODE_LINK NcValidateJmp(PNATIVE_CODE_LINK Jmp, INT32 Delta)
|
|
|
|
|
{
|
|
|
|
|
if (Delta < 0)
|
|
|
|
|
PNATIVE_CODE_LINK T;
|
|
|
|
|
if (Delta > 0)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
T = Jmp->Next;
|
|
|
|
|
while (Delta > 0 && T)
|
|
|
|
|
{
|
|
|
|
|
if (T->Flags & CODE_FLAG_IS_LABEL)
|
|
|
|
|
continue;
|
|
|
|
|
Delta -= XedDecodedInstGetLength(&T->XedInst);
|
|
|
|
|
T = T->Next;
|
|
|
|
|
}
|
|
|
|
|
else if (Delta > 0)
|
|
|
|
|
if (Delta != 0 || !T)
|
|
|
|
|
return NULL;
|
|
|
|
|
while (T && (T->Flags & CODE_FLAG_IS_LABEL))
|
|
|
|
|
T = T->Next;
|
|
|
|
|
return T;
|
|
|
|
|
}
|
|
|
|
|
else if (Delta < 0)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
T = Jmp;
|
|
|
|
|
while (T)
|
|
|
|
|
{
|
|
|
|
|
if (T->Flags & CODE_FLAG_IS_LABEL)
|
|
|
|
|
continue;
|
|
|
|
|
Delta += XedDecodedInstGetLength(&T->XedInst);
|
|
|
|
|
if (Delta >= 0)
|
|
|
|
|
break;
|
|
|
|
|
T = T->Next;
|
|
|
|
|
}
|
|
|
|
|
if (Delta != 0 || !T)
|
|
|
|
|
return NULL;
|
|
|
|
|
while (T && (T->Flags & CODE_FLAG_IS_LABEL))
|
|
|
|
|
T = T->Next;
|
|
|
|
|
return T;
|
|
|
|
|
}
|
|
|
|
|
//return the jmp if that delta is zero
|
|
|
|
|
return Jmp;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
BOOL NcFromBuffer(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize)
|
|
|
|
@ -160,6 +192,8 @@ BOOL NcFromBuffer(PNATIVE_CODE_BLOCK Block, PVOID Buffer, ULONG BufferSize)
|
|
|
|
|
Block->Start = Block->Start->Next;
|
|
|
|
|
delete StartLink;
|
|
|
|
|
|
|
|
|
|
NcCreateLabels(Block);
|
|
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|