Fixed handlers, added writedr7, fixed names

xtremegamer1 2 years ago
parent 1829b58cc6
commit 4776d1e49f

@ -72,9 +72,10 @@ profiler_t jmp = {
i.operands[1].reg.value == write_dep;
});
if (mov_reg_write_dep == instrs.end()) return {};
vsp = mov_reg_write_dep->m_instr.operands[0].reg.value;
if (mov_reg_write_dep == instrs.end())
vsp = write_dep;
else
vsp = mov_reg_write_dep->m_instr.operands[0].reg.value;
} else {
// find the MOV REG, [VSP] instruction...
const auto mov_reg_deref_vsp = std::find_if(
@ -87,7 +88,8 @@ profiler_t jmp = {
i.operands[1].mem.base == vsp;
});
if (mov_reg_deref_vsp == instrs.end()) return {};
if (mov_reg_deref_vsp == instrs.end())
return {};
// find the MOV REG, mov_reg_deref_vsp->operands[0].reg.value
const auto mov_vip_reg = std::find_if(
@ -101,7 +103,8 @@ profiler_t jmp = {
mov_reg_deref_vsp->m_instr.operands[0].reg.value;
});
if (mov_vip_reg == instrs.end()) return {};
if (mov_vip_reg == instrs.end())
return {};
vip = mov_vip_reg->m_instr.operands[0].reg.value;

@ -2,7 +2,7 @@
namespace vm::instrs {
profiler_t shl = {
"SHR",
"SHL",
mnemonic_t::shl,
{{// MOV REG, [VSP]
LOAD_VALUE,

@ -2,7 +2,7 @@
namespace vm::instrs {
profiler_t shld = {
"SHR",
"SHLD",
mnemonic_t::shld,
{{// MOV REG, [VSP]
LOAD_VALUE,

@ -2,7 +2,7 @@
namespace vm::instrs {
profiler_t shr = {
"SHR",
"SHRD",
mnemonic_t::shr,
{{// MOV REG, [VSP]
LOAD_VALUE,

@ -2,7 +2,7 @@
namespace vm::instrs {
profiler_t shrd = {
"SHR",
"SHRD",
mnemonic_t::shrd,
{{// MOV REG, [VSP]
LOAD_VALUE,

@ -0,0 +1,35 @@
#include <vminstrs.hpp>
namespace vm::instrs {
profiler_t writedr7 = {
"WRITEDR7",
mnemonic_t::writedr7,
{
// MOV REG, [VSP+OFFSET]
LOAD_VALUE,
// ADD VSP, OFFSET
[](const zydis_reg_t vip, const zydis_reg_t vsp,
const zydis_decoded_instr_t& instr) -> bool {
return instr.mnemonic == ZYDIS_MNEMONIC_ADD &&
instr.operands[0].type == ZYDIS_OPERAND_TYPE_REGISTER &&
instr.operands[0].reg.value == vsp &&
instr.operands[1].type == ZYDIS_OPERAND_TYPE_IMMEDIATE;
},
// MOV DR7, REG
[](const zydis_reg_t vip, const zydis_reg_t vsp,
const zydis_decoded_instr_t& instr) -> bool {
return instr.mnemonic == ZYDIS_MNEMONIC_MOV &&
instr.operands[0].type == ZYDIS_OPERAND_TYPE_REGISTER &&
instr.operands[0].reg.value == ZYDIS_REGISTER_DR7 &&
instr.operands[1].type == ZYDIS_OPERAND_TYPE_REGISTER &&
instr.operands[1].reg.value != vsp;
}
},
[](zydis_reg_t& vip, zydis_reg_t& vsp,
hndlr_trace_t& hndlr) -> std::optional<vinstr_t> {
vinstr_t res{mnemonic_t::write};
res.imm.has_imm = false;
return res;
}
};
}
Loading…
Cancel
Save