From ea3790fc1a9d0f8a26e2e531191d70cb3acdf337 Mon Sep 17 00:00:00 2001
From: _xeroxz <xerox@back.engineering>
Date: Sun, 22 Aug 2021 11:57:21 -0700
Subject: [PATCH 1/2] i am going to be more strict about defining vm handler
 profiles now...

---
 dependencies/vmprofiler |  2 +-
 src/main.cpp            |  6 +++---
 src/vmemu_t.cpp         | 37 +++++++++++++++++++++++++++++++++----
 3 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/dependencies/vmprofiler b/dependencies/vmprofiler
index 90106b0..b6862d5 160000
--- a/dependencies/vmprofiler
+++ b/dependencies/vmprofiler
@@ -1 +1 @@
-Subproject commit 90106b0f5e748f1e67e108800ee0463bae5755e3
+Subproject commit b6862d521860ec37b86539f96a6b8ca93158a4cb
diff --git a/src/main.cpp b/src/main.cpp
index 146a259..455ddfb 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -256,7 +256,7 @@ int __cdecl main( int argc, const char *argv[] )
             if ( !emu.get_trace( code_blocks ) )
             {
                 std::printf( "[!] something failed during tracing, review the console for more information...\n" );
-                continue;
+                return -1;
             }
 
             std::printf( "> number of blocks = %d\n", code_blocks.size() );
@@ -282,7 +282,7 @@ int __cdecl main( int argc, const char *argv[] )
         output.write( reinterpret_cast< const char * >( &file_header ), sizeof file_header );
         output.write( reinterpret_cast< const char * >( module_base ), image_size );
 
-        for ( auto& [ vm_enter_offset, virt_rtn ] : virt_rtns )
+        for ( auto &[ vm_enter_offset, virt_rtn ] : virt_rtns )
         {
             vmp2::v4::rtn_t rtn{ virt_rtn.size() };
             std::vector< vmp2::v4::code_block_t * > vmp2_blocks;
@@ -379,7 +379,7 @@ int __cdecl main( int argc, const char *argv[] )
             if ( !emu.get_trace( code_blocks ) )
             {
                 std::printf( "[!] something failed during tracing, review the console for more information...\n" );
-                continue;
+                return -1;
             }
 
             std::printf( "> number of blocks = %d\n", code_blocks.size() );
diff --git a/src/vmemu_t.cpp b/src/vmemu_t.cpp
index e94c308..5e8f475 100644
--- a/src/vmemu_t.cpp
+++ b/src/vmemu_t.cpp
@@ -87,6 +87,9 @@ namespace vm
             return false;
         }
 
+        if ( !cc_block )
+            return false;
+
         code_blocks.push_back( code_block );
 
         // code_blocks.size() will continue to grow as all branches are traced...
@@ -149,6 +152,9 @@ namespace vm
                     return false;
                 }
 
+                if ( !cc_block )
+                    return false;
+
                 // push back new block that has been traced...
                 code_blocks.push_back( branch_block );
 
@@ -205,6 +211,9 @@ namespace vm
                     return false;
                 }
 
+                if ( !cc_block )
+                    return false;
+
                 // push back new block that has been traced...
                 code_blocks.push_back( branch_block );
                 break;
@@ -262,6 +271,9 @@ namespace vm
                         return false;
                     }
 
+                    if ( !cc_block )
+                        return false;
+
                     // push back new block that has been traced...
                     code_blocks.push_back( branch_block );
                 }
@@ -372,10 +384,9 @@ namespace vm
             return false;
         }
 
-        if ( instr.mnemonic == ZYDIS_MNEMONIC_INT1 || instr.mnemonic == ZYDIS_MNEMONIC_INVALID )
+        if ( instr.mnemonic == ZYDIS_MNEMONIC_INVALID )
         {
-            obj->cc_block->code_block.jcc.has_jcc = false;
-            obj->cc_block->code_block.jcc.type = vm::instrs::jcc_type::none;
+            obj->cc_block = nullptr;
             uc_emu_stop( uc );
             return false;
         }
@@ -427,7 +438,7 @@ namespace vm
             return false;
         }
 
-        const auto &vm_handler = obj->g_vm_ctx->vm_handlers[ vm_handler_table_idx ];
+        auto &vm_handler = obj->g_vm_ctx->vm_handlers[ vm_handler_table_idx ];
 
         if ( ( err = obj->create_entry( &vinstr_entry ) ) )
         {
@@ -448,6 +459,7 @@ namespace vm
             std::printf( "> vm handler index (%d) does not match vm handler address (%p)...\n", vm_handler_table_idx,
                          vm_handler_addr );
 
+            obj->cc_block = nullptr;
             if ( ( err = uc_emu_stop( uc ) ) )
             {
                 std::printf( "> failed to stop emulation, exiting... reason = %d\n", err );
@@ -457,6 +469,23 @@ namespace vm
             return false;
         }
 
+        if ( !vm_handler.profile )
+        {
+            obj->cc_block = nullptr;
+            std::printf( "> virtual machine handler (0x%p): \n\n",
+                         ( vm_handler_addr - obj->g_vm_ctx->module_base ) + obj->g_vm_ctx->image_base );
+
+            vm::util::print( vm_handler.instrs );
+            std::printf( "\n\n" );
+
+            if ( ( err = uc_emu_stop( uc ) ) )
+            {
+                std::printf( "> failed to stop emulation, exiting... reason = %d\n", err );
+                exit( 0 );
+            }
+            return false;
+        }
+
         auto vinstr = vm::instrs::get( *obj->g_vm_ctx, vinstr_entry );
 
         if ( !vinstr.has_value() )

From 83f17d32ba8d30c9167380f39062c25f022113e6 Mon Sep 17 00:00:00 2001
From: _xeroxz <xerox@back.engineering>
Date: Thu, 26 Aug 2021 16:50:51 -0700
Subject: [PATCH 2/2] updated vmprofiler dep...

---
 dependencies/vmprofiler | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dependencies/vmprofiler b/dependencies/vmprofiler
index b6862d5..d96f065 160000
--- a/dependencies/vmprofiler
+++ b/dependencies/vmprofiler
@@ -1 +1 @@
-Subproject commit b6862d521860ec37b86539f96a6b8ca93158a4cb
+Subproject commit d96f065dd3a696f0b0ef790378e287f2356ecc8d