Iizerd
/
Code_Virtualizer
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

xD

Browse Source
main
James 2 years ago
parent c610fd02d8
commit 84f550fc13
4 changed files with 132 additions and 65 deletions
Show Stats Download Patch File Download Diff File

7
CodeVirtualizer/Main.cpp
Unescape View File

@ -193,7 +193,8 @@ int main()
srand(time(NULL));
UINT OutSize = 0;
PUCHAR Output = VmHandlerIRegLoadMem_BISO(VM_IREG_2, VM_OPSIZE_2, &OutSize); // VmHandlerPrologue(8, &OutSize);
//PUCHAR Output = VmHandlerIRegReg(VM_IREG_3, VM_OPSIZE_16, FALSE, &OutSize); // VmHandlerPrologue(8, &OutSize);
PUCHAR Output = VmHandlerEncode2(XED_ICLASS_MOVZX, VM_OPSIZE_32, VM_OPSIZE_16, &OutSize);
if (Output && OutSize)
{
PrintByteArr(Output, OutSize);
@ -202,10 +203,10 @@ int main()
for (UINT i = 0; i < VM_IREG_COUNT; i++)
{
printf("IReg: %u, %s %s %s %s\n", i, XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_1)), XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_2)), XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_4)), XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_8)));
printf("IReg: %u, %s %s %s %s\n", i, XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_8)), XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_16)), XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_32)), XedRegEnumToString(VmIRegToXReg((VM_IREG_ENUM)i, VM_OPSIZE_64)));
}
printf("Reg2: %s %s %s %s\n", XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_1)), XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_2)), XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_4)), XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_8)));
printf("Reg2: %s %s %s %s\n", XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_8)), XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_16)), XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_32)), XedRegEnumToString(VmGetRegOfSize(XED_REG_R15, VM_OPSIZE_64)));
//UCHAR TestCode[] = { 0x48, 0x8B, 0x84, 0xD1, 0xF0, 0x06, 0x00, 0x00 }; // { 0x48, 0x89, 0xC8 };

12
CodeVirtualizer/VMDefs.h
Unescape View File

@ -29,18 +29,18 @@ enum VM_MEMOP_TYPE_ENUM : UCHAR
enum VM_IREG_ENUM : UCHAR
{
VM_IREG_0,
VM_IREG_1,
VM_IREG_2,
VM_IREG_3,
VM_IREG_COUNT,
};
enum VM_OPERAND_SIZE_ENUM : UCHAR
{
VM_OPSIZE_1,
VM_OPSIZE_2,
VM_OPSIZE_4,
VM_OPSIZE_8,
VM_OPSIZE_16,
VM_OPSIZE_32,
VM_OPSIZE_64,
VM_OPSIZE_COUNT
};
@ -73,6 +73,10 @@ enum VM_ICLASS_ENUM : USHORT
VM_ICLASS_LD_IREG_IMM_START,
VM_ICLASS_LD_IREG_IMM_END = VM_ICLASS_LD_IREG_IMM_START + (VM_IREG_COUNT * VM_OPSIZE_COUNT) - 1,
VM_ICLASS_MOV_START,
VM_ICLASS_MOV_END = VM_ICLASS_MOV_START + VM_OPSIZE_COUNT - 1,
VM_ICLASS_COUNT,
};

147
CodeVirtualizer/VirtualMachine.cpp
Unescape View File

@ -5,10 +5,10 @@ XED_REG_ENUM VmOperandSizeToRegEnumBase(VM_OPERAND_SIZE_ENUM OperandSize)
{
switch (OperandSize)
{
case VM_OPSIZE_1: return XED_REG_GPR8_FIRST;
case VM_OPSIZE_2: return XED_REG_GPR16_FIRST;
case VM_OPSIZE_4: return XED_REG_GPR32_FIRST;
case VM_OPSIZE_8: return XED_REG_GPR64_FIRST;
case VM_OPSIZE_8: return XED_REG_GPR8_FIRST;
case VM_OPSIZE_16: return XED_REG_GPR16_FIRST;
case VM_OPSIZE_32: return XED_REG_GPR32_FIRST;
case VM_OPSIZE_64: return XED_REG_GPR64_FIRST;
}
return XED_REG_INVALID;
}
@ -38,14 +38,14 @@ XED_REG_ENUM VmIRegToXReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize)
{
switch (IReg)
{
case VM_IREG_0: return VmGetRegOfSize(XED_REG_RAX, OperandSize);
case VM_IREG_1: return VmGetRegOfSize(XED_REG_RBX, OperandSize);
case VM_IREG_2: return VmGetRegOfSize(XED_REG_RCX, OperandSize);
case VM_IREG_1: return VmGetRegOfSize(XED_REG_RAX, OperandSize);
case VM_IREG_2: return VmGetRegOfSize(XED_REG_RBX, OperandSize);
case VM_IREG_3: return VmGetRegOfSize(XED_REG_RCX, OperandSize);
}
return XED_REG_INVALID;
//Less portable version.
/*if (OperandSize == VM_OPSIZE_1)
/*if (OperandSize == VM_OPSIZE_8)
{
return (XED_REG_ENUM)(XED_REG_AL + IReg);
}
@ -77,7 +77,7 @@ PUCHAR VmHandlerPrologue(UINT InstructionSize, PUINT OutSize, XED_REG_ENUM Vip,
return XedEncodeInstructions(InstList, 3, OutSize);
}
PUCHAR VmHandlerIRegLoadMem_B(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
PUCHAR VmHandlerIRegMem_B(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize)
{
/*
* movzx r8,byte ptr[rdx+2]
@ -88,10 +88,14 @@ PUCHAR VmHandlerIRegLoadMem_B(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSiz
XED_ENCODER_INSTRUCTION InstList[3];
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOVZX, 64, XedReg(XED_REG_R8), XedMemBD(XED_REG_RDX, XedDisp(2, 8), 8));
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, 64, XedReg(XED_REG_R8), XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0,0), 64));
XedInst2(&InstList[2], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemB(XED_REG_R8, OpSizeBits));
if (Load)
XedInst2(&InstList[2], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemB(XED_REG_R8, OpSizeBits));
else
XedInst2(&InstList[2], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedMemB(XED_REG_R8, OpSizeBits), XedReg(VmIRegToXReg(IReg, OperandSize)));
return XedEncodeInstructions(InstList, 3, OutSize);
}
PUCHAR VmHandlerIRegLoadMem_BO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
PUCHAR VmHandlerIRegMem_BO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize)
{
/*
* movzx r8,byte ptr[rdx+2]
@ -104,83 +108,79 @@ PUCHAR VmHandlerIRegLoadMem_BO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSi
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOVZX, 64, XedReg(XED_REG_R8), XedMemBD(XED_REG_RDX, XedDisp(2, 8), 8));
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, 64, XedReg(XED_REG_R8), XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), 64));
XedInst2(&InstList[2], XedGlobalMachineState, XED_ICLASS_MOVSXD, 64, XedReg(XED_REG_R9), XedMemBD(XED_REG_RDX, XedDisp(3, 8), 32));
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_R8, XED_REG_R9, 1, XedDisp(0, 0), OpSizeBits));
if (Load)
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_R8, XED_REG_R9, 1, XedDisp(0, 0), OpSizeBits));
else
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedMemBISD(XED_REG_R8, XED_REG_R9, 1, XedDisp(0, 0), OpSizeBits), XedReg(VmIRegToXReg(IReg, OperandSize)));
return XedEncodeInstructions(InstList, 4, OutSize);
}
PUCHAR VmHandlerIRegLoadMem_BIS(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
PUCHAR VmHandlerIRegMem_BIS(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize)
{
/*
* movzx r8,byte ptr[rdx+2]
* mov r8, qword ptr[rbp+r8*8]
* movzx r9, byte ptr[rdx+3]
* mov r9, qword ptr[rbp+r9*8]
* movzx r10, byte ptr[rdx+4] ;load scale value(unsigned)
* imul r9,r10
* mov (ireg), (size) ptr[r8+r9]
* imul r10, qword ptr[rbp+r9*8]
* mov (ireg), (size) ptr[r8+r10]
*/
UINT OpSizeBits = VmOpSizeToBits(OperandSize);
XED_ENCODER_INSTRUCTION InstList[7];
XED_ENCODER_INSTRUCTION InstList[6];
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOVZX, 64, XedReg(XED_REG_R8), XedMemBD(XED_REG_RDX, XedDisp(2, 8), 8));
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, 64, XedReg(XED_REG_R8), XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), 64));
XedInst2(&InstList[2], XedGlobalMachineState, XED_ICLASS_MOVSX, 64, XedReg(XED_REG_R9), XedMemBD(XED_REG_RDX, XedDisp(3, 8), 8));
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOV, 64, XedReg(XED_REG_R9), XedMemBISD(XED_REG_RBP, XED_REG_R9, 8, XedDisp(0, 0), 64));
XedInst2(&InstList[4], XedGlobalMachineState, XED_ICLASS_MOVSX, 64, XedReg(XED_REG_R10), XedMemBD(XED_REG_RDX, XedDisp(4, 8), 8));
XedInst2(&InstList[5], XedGlobalMachineState, XED_ICLASS_IMUL, 64, XedReg(XED_REG_R9), XedReg(XED_REG_R10));
XedInst2(&InstList[6], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_R8, XED_REG_R9, 1, XedDisp(0, 0), OpSizeBits));
return XedEncodeInstructions(InstList, 7, OutSize);
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOVSX, 64, XedReg(XED_REG_R10), XedMemBD(XED_REG_RDX, XedDisp(4, 8), 8));
XedInst2(&InstList[4], XedGlobalMachineState, XED_ICLASS_IMUL, 64, XedReg(XED_REG_R10), XedMemBISD(XED_REG_RBP, XED_REG_R9, 8, XedDisp(0, 0), 64));
if (Load)
XedInst2(&InstList[5], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_R8, XED_REG_R10, 1, XedDisp(0, 0), OpSizeBits));
else
XedInst2(&InstList[5], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedMemBISD(XED_REG_R8, XED_REG_R10, 1, XedDisp(0, 0), OpSizeBits), XedReg(VmIRegToXReg(IReg, OperandSize)));
return XedEncodeInstructions(InstList, 6, OutSize);
}
PUCHAR VmHandlerIRegLoadMem_BISO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
PUCHAR VmHandlerIRegMem_BISD(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize)
{
/*
* movzx r8, byte ptr[rdx+2]
* mov r8, qword ptr[rbp+r8*8]
* movzx r9, byte ptr[rdx+3]
* mov r9, qword ptr[rbp+r9*8]
* movzx r10, byte ptr[rdx+4] ;load scale value(unsigned)
* imul r9, r10
* movsxd r10, dword ptr[rdx+5] ;load immediate displacement
* add r9, r10 ;add immediate displacement
* mov (ireg), (size) ptr[r8+r9]
* imul r10, qword ptr[rbp+r9*8]
* movsxd r9, dword ptr[rdx+5] ;load immediate displacement
* add r10, r9 ;add immediate displacement
* mov (ireg), (size) ptr[r8+r10]
*/
UINT OpSizeBits = VmOpSizeToBits(OperandSize);
XED_ENCODER_INSTRUCTION InstList[9];
XED_ENCODER_INSTRUCTION InstList[8];
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOVZX, 64, XedReg(XED_REG_R8), XedMemBD(XED_REG_RDX, XedDisp(2, 8), 8));
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, 64, XedReg(XED_REG_R8), XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), 64));
XedInst2(&InstList[2], XedGlobalMachineState, XED_ICLASS_MOVSX, 64, XedReg(XED_REG_R9), XedMemBD(XED_REG_RDX, XedDisp(3, 8), 8));
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOV, 64, XedReg(XED_REG_R9), XedMemBISD(XED_REG_RBP, XED_REG_R9, 8, XedDisp(0, 0), 64));
XedInst2(&InstList[4], XedGlobalMachineState, XED_ICLASS_MOVSX, 64, XedReg(XED_REG_R10), XedMemBD(XED_REG_RDX, XedDisp(4, 8), 8));
XedInst2(&InstList[5], XedGlobalMachineState, XED_ICLASS_IMUL, 64, XedReg(XED_REG_R9), XedReg(XED_REG_R10));
XedInst2(&InstList[6], XedGlobalMachineState, XED_ICLASS_MOVSXD, 64, XedReg(XED_REG_R10), XedMemBD(XED_REG_RDX, XedDisp(5, 8), 32));
XedInst2(&InstList[7], XedGlobalMachineState, XED_ICLASS_ADD, 64, XedReg(XED_REG_R9), XedReg(XED_REG_R10));
XedInst2(&InstList[8], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_R8, XED_REG_R9, 1, XedDisp(0, 0), OpSizeBits));
return XedEncodeInstructions(InstList, 9, OutSize);
}
PUCHAR VmHandlerIRegLoadReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
{
/*
* movzx r8,byte ptr[rdx+2]
* mov (ireg), (size) ptr[rbp+r8*8]
*/
XedInst2(&InstList[3], XedGlobalMachineState, XED_ICLASS_MOVSX, 64, XedReg(XED_REG_R10), XedMemBD(XED_REG_RDX, XedDisp(4, 8), 8));
XedInst2(&InstList[4], XedGlobalMachineState, XED_ICLASS_IMUL, 64, XedReg(XED_REG_R10), XedMemBISD(XED_REG_RBP, XED_REG_R9, 8, XedDisp(0, 0), 64));
XedInst2(&InstList[5], XedGlobalMachineState, XED_ICLASS_MOVSXD, 64, XedReg(XED_REG_R9), XedMemBD(XED_REG_RDX, XedDisp(5, 8), 32));
XedInst2(&InstList[6], XedGlobalMachineState, XED_ICLASS_ADD, 64, XedReg(XED_REG_R10), XedReg(XED_REG_R9));
if (Load)
XedInst2(&InstList[7], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_R8, XED_REG_R10, 1, XedDisp(0, 0), OpSizeBits));
else
XedInst2(&InstList[7], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedMemBISD(XED_REG_R8, XED_REG_R10, 1, XedDisp(0, 0), OpSizeBits), XedReg(VmIRegToXReg(IReg, OperandSize)));
UINT OpSizeBits = VmOpSizeToBits(OperandSize);
XED_ENCODER_INSTRUCTION InstList[2];
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOVZX, 64, XedReg(XED_REG_R8), XedMemBD(XED_REG_RDX, XedDisp(2, 8), 8));
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), OpSizeBits));
return XedEncodeInstructions(InstList, 2, OutSize);
return XedEncodeInstructions(InstList, 8, OutSize);
}
PUCHAR VmHandlerIRegStoreReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
PUCHAR VmHandlerIRegReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize)
{
/*
* movzx r8,byte ptr[rdx+2]
* mov (size) ptr[rbp+r8*8], (ireg)
* mov (ireg), (size) ptr[rbp+r8*8]
*/
UINT OpSizeBits = VmOpSizeToBits(OperandSize);
XED_ENCODER_INSTRUCTION InstList[2];
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOVZX, 64, XedReg(XED_REG_R8), XedMemBD(XED_REG_RDX, XedDisp(2, 8), 8));
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), OpSizeBits), XedReg(VmIRegToXReg(IReg, OperandSize)));
if (Load)
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), OpSizeBits));
else
XedInst2(&InstList[1], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedMemBISD(XED_REG_RBP, XED_REG_R8, 8, XedDisp(0, 0), OpSizeBits), XedReg(VmIRegToXReg(IReg, OperandSize)));
return XedEncodeInstructions(InstList, 2, OutSize);
}
PUCHAR VmHandlerIRegLoadImm(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
@ -194,3 +194,48 @@ PUCHAR VmHandlerIRegLoadImm(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize,
XedInst2(&InstList[0], XedGlobalMachineState, XED_ICLASS_MOV, OpSizeBits, XedReg(VmIRegToXReg(IReg, OperandSize)), XedMemBD(XED_REG_RDX, XedDisp(2, 8), OpSizeBits));
return XedEncodeInstructions(InstList, 1, OutSize);
}
PUCHAR VmHandlerEncode1(XED_ICLASS_ENUM IClass, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
{
XED_ENCODER_INSTRUCTION InstList;
XedInst1(&InstList, XedGlobalMachineState, IClass, VmOpSizeToBits(OperandSize), XedReg(VmIRegToXReg(VM_IREG_1, OperandSize)));
return XedEncodeInstructions(&InstList, 1, OutSize);
}
PUCHAR VmHandlerEncode2(XED_ICLASS_ENUM IClass, VM_OPERAND_SIZE_ENUM OperandSize1, VM_OPERAND_SIZE_ENUM OperandSize2, PUINT OutSize)
{
XED_ENCODER_INSTRUCTION InstList;
XedInst2(&InstList, XedGlobalMachineState, IClass, VmOpSizeToBits(OperandSize1), XedReg(VmIRegToXReg(VM_IREG_1, OperandSize1)), XedReg(VmIRegToXReg(VM_IREG_2, OperandSize2)));
return XedEncodeInstructions(&InstList, 1, OutSize);
}
PUCHAR VmHandlerEncode3(XED_ICLASS_ENUM IClass, VM_OPERAND_SIZE_ENUM OperandSize1, VM_OPERAND_SIZE_ENUM OperandSize2, VM_OPERAND_SIZE_ENUM OperandSize3, PUINT OutSize)
{
XED_ENCODER_INSTRUCTION InstList;
XedInst3(&InstList, XedGlobalMachineState, IClass, VmOpSizeToBits(OperandSize1), XedReg(VmIRegToXReg(VM_IREG_1, OperandSize1)), XedReg(VmIRegToXReg(VM_IREG_2, OperandSize2)), XedReg(VmIRegToXReg(VM_IREG_3, OperandSize3)));
return XedEncodeInstructions(&InstList, 1, OutSize);
}
//
//PUCHAR VmHandlerMov(VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize)
//{
// XED_ENCODER_INSTRUCTION InstList;
// XedInst2(&InstList, XedGlobalMachineState, XED_ICLASS_MOV, VmOpSizeToBits(OperandSize), XedReg(VmIRegToXReg(VM_IREG_1, OperandSize)), XedReg(VmIRegToXReg(VM_IREG_2, OperandSize)));
// return XedEncodeInstructions(&InstList, 1, OutSize);
//}
//PUCHAR VmHandlerMovsx(VM_OPERAND_SIZE_ENUM NewOpSize, VM_OPERAND_SIZE_ENUM OriginalOpSize, PUINT OutSize)
//{
// XED_ENCODER_INSTRUCTION InstList;
// XedInst2(&InstList, XedGlobalMachineState, XED_ICLASS_MOVSX, VmOpSizeToBits(NewOpSize), XedReg(VmIRegToXReg(VM_IREG_1, NewOpSize)), XedReg(VmIRegToXReg(VM_IREG_2, OriginalOpSize)));
// return XedEncodeInstructions(&InstList, 1, OutSize);
//}
//PUCHAR VmHandlerMovsxd(VM_OPERAND_SIZE_ENUM NewOpSize, VM_OPERAND_SIZE_ENUM OriginalOpSize, PUINT OutSize)
//{
// XED_ENCODER_INSTRUCTION InstList;
// XedInst2(&InstList, XedGlobalMachineState, XED_ICLASS_MOVSXD, VmOpSizeToBits(NewOpSize), XedReg(VmIRegToXReg(VM_IREG_1, NewOpSize)), XedReg(VmIRegToXReg(VM_IREG_2, OriginalOpSize)));
// return XedEncodeInstructions(&InstList, 1, OutSize);
//}
//PUCHAR VmHandlerMovzx(VM_OPERAND_SIZE_ENUM NewOpSize, VM_OPERAND_SIZE_ENUM OriginalOpSize, PUINT OutSize)
//{
// XED_ENCODER_INSTRUCTION InstList;
// XedInst2(&InstList, XedGlobalMachineState, XED_ICLASS_MOVZX, VmOpSizeToBits(NewOpSize), XedReg(VmIRegToXReg(VM_IREG_1, NewOpSize)), XedReg(VmIRegToXReg(VM_IREG_2, OriginalOpSize)));
// return XedEncodeInstructions(&InstList, 1, OutSize);
//}

31
CodeVirtualizer/VirtualMachine.h
Unescape View File

@ -16,6 +16,11 @@
#define VmOpSizeToBytes(OpSize) (pow(2, (UCHAR)OpSize))
#define VmOpSizeToBits(OpSize) (VmOpSizeToBytes(OpSize) * 8)
#define VmDefaultInstId(IClass, OperandSize) (((IClass) * VM_OPSIZE_COUNT) + OperandSize)
inline PUCHAR DefaultInstBuffers[XED_ICLASS_LAST * VM_OPSIZE_COUNT] = { NULL };
/*
* Vm Structure:
* RDI = VM_HEADER
@ -26,7 +31,8 @@
* RBX = IREG1
* RCX = IREG2
*
* R8 = Not ever saved. Uses ATM: HandlerJmp,
* R8 = Not ever saved. Uses: HandlerJmp,
* R9, R10 = Not saved. Uses: Temp storage inside handlers for IReg access.
*/
XED_REG_ENUM VmOperandSizeToRegEnumBase(VM_OPERAND_SIZE_ENUM OperandSize);
XED_REG_ENUM VmGetRegOfSize(XED_REG_ENUM Reg, VM_OPERAND_SIZE_ENUM OperandSize);
@ -36,11 +42,22 @@ XED_REG_ENUM VmIRegToXReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize);
#define VM_HANDLER_PROLOGUE_SIZE 15
PUCHAR VmHandlerPrologue(UINT InstructionSize, PUINT OutSize, XED_REG_ENUM Vip = XED_REG_RDX, XED_REG_ENUM HandlerTableReg = XED_REG_RSI);
PUCHAR VmHandlerIRegLoadMem_B(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerIRegLoadMem_BO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerIRegLoadMem_BIS(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerIRegLoadMem_BISO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerIRegLoadReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerIRegStoreReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
//Internal register(IReg) store/load
PUCHAR VmHandlerIRegMem_B(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize);
PUCHAR VmHandlerIRegMem_BO(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize);
PUCHAR VmHandlerIRegMem_BIS(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize);
PUCHAR VmHandlerIRegMem_BISD(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize);
PUCHAR VmHandlerIRegReg(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, BOOL Load, PUINT OutSize);
PUCHAR VmHandlerIRegLoadImm(VM_IREG_ENUM IReg, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerEncode1(XED_ICLASS_ENUM IClass, VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
PUCHAR VmHandlerEncode2(XED_ICLASS_ENUM IClass, VM_OPERAND_SIZE_ENUM OperandSize1, VM_OPERAND_SIZE_ENUM OperandSize2, PUINT OutSize);
PUCHAR VmHandlerEncode3(XED_ICLASS_ENUM IClass, VM_OPERAND_SIZE_ENUM OperandSize1, VM_OPERAND_SIZE_ENUM OperandSize2, VM_OPERAND_SIZE_ENUM OperandSize3, PUINT OutSize);
//PUCHAR VmHandlerMov(VM_OPERAND_SIZE_ENUM OperandSize, PUINT OutSize);
//PUCHAR VmHandlerMovsx(VM_OPERAND_SIZE_ENUM NewOpSize, VM_OPERAND_SIZE_ENUM OriginalOpSize, PUINT OutSize);
//PUCHAR VmHandlerMovsxd(VM_OPERAND_SIZE_ENUM NewOpSize, VM_OPERAND_SIZE_ENUM OriginalOpSize, PUINT OutSize);
//PUCHAR VmHandlerMovzx(VM_OPERAND_SIZE_ENUM NewOpSize, VM_OPERAND_SIZE_ENUM OriginalOpSize, PUINT OutSize);
#endif
Write Preview
Loading…
Cancel
Save