removing vmptest.vmp.exe and test.vmp2...

3 years ago · 956ba85f08
parent b958093117
commit 956ba85f08
4 changed files with 23 additions and 11 deletions
--- a/src/main.cpp
+++ b/src/main.cpp
@ -25,6 +25,10 @@ int __cdecl main(int argc, const char* argv[])
 		.name("--out").required(true)
 		.description("output file name for trace file...");

+	parser.add_argument()
+		.name("--advancement").required(true)
+		.description("the way in which the virtual instruction pointer advances... 'forward' or 'backward'...");
+
 	parser.enable_help();
 	auto result = parser.parse(argc, argv);

@ -64,9 +68,10 @@ int __cdecl main(int argc, const char* argv[])
 	if (!emu.get_trace(entries))
 		std::printf("[!] something failed during tracing, review the console for more information...\n");

-	std::printf("> finished tracing...\n");
-	std::printf("> creating trace file...\n");
+	std::printf("> finished tracing... number of virtual instructions = %d\n", 
+		entries.size());

+	std::printf("> creating trace file...\n");
 	std::ofstream output(parser.get<std::string>("out"), 
 		std::ios::binary);

@ -75,7 +80,9 @@ int __cdecl main(int argc, const char* argv[])

 	file_header.epoch_time = time(nullptr);
 	file_header.entry_offset = sizeof file_header;
-	file_header.advancement = vmp2::exec_type_t::forward;
+	file_header.advancement = parser.get<std::string>("advancement") == 
+		"forward" ? vmp2::exec_type_t::forward : vmp2::exec_type_t::backward;
+
 	file_header.version = vmp2::version_t::v1;
 	file_header.module_base = module_base;
 	file_header.entry_count = entries.size();
--- a/src/test.vmp2
+++ b/src/test.vmp2
--- a/src/vmemu_t.cpp
+++ b/src/vmemu_t.cpp
@ -50,7 +50,7 @@ namespace vm
 			NT_HEADER(module_base)->OptionalHeader.SizeOfImage;

 		std::uintptr_t stack_base = 0x1000000;
-		std::uintptr_t stack_addr = stack_base + (0x1000 * 20);
+		std::uintptr_t stack_addr = (stack_base + (0x1000 * 20)) - 0x6000;

 		uc_err err;
 		if ((err = uc_open(UC_ARCH_X86, UC_MODE_64, &uc)))
@ -201,10 +201,13 @@ namespace vm

 		if (address == obj->vm_entry[obj->vm_entry.size() - 1].addr)
 		{
+			uc_err err;
 			vmp2::entry_t new_entry;
-			if (!obj->create_entry(&new_entry))
+			if ((err = obj->create_entry(&new_entry)))
 			{
-				std::printf("[!] failed to create new entry... exiting...\n");
+				std::printf("[!] failed to create new entry... reason = %u, %s\n",
+					err, uc_strerror(err));
+
 				exit(0);
 			}
 			obj->trace_entries->push_back(new_entry);
@ -239,10 +242,13 @@ namespace vm
 				vm_handler_check) == obj->vm_handlers.end())
 				return;

+			uc_err err;
 			vmp2::entry_t new_entry;
-			if (!obj->create_entry(&new_entry))
+			if ((err = obj->create_entry(&new_entry)))
 			{
-				std::printf("[!] failed to create new entry... exiting...\n");
+				std::printf("[!] failed to create new entry... reason = %u, %s\n",
+					err, uc_strerror(err));
+
 				exit(0);
 			}
 			obj->trace_entries->push_back(new_entry);
@ -256,9 +262,6 @@ namespace vm
 	{
 		switch (type)
 		{
-		default:
-			// return false to indicate we want to stop emulation
-			return false;
 		case UC_MEM_WRITE_UNMAPPED:
 			printf(">>> Missing memory is being WRITE at 0x%p, data size = %u, data value = 0x%p\n",
 				address, size, value);
@ -267,6 +270,8 @@ namespace vm
 			printf(">>> Missing memory is being READ at 0x%p, data size = %u, data value = 0x%p\n",
 				address, size, value);
 			return false;
+		default:
+			return false;
 		}
 	}
 }
--- a/src/vmptest.vmp.exe
+++ b/src/vmptest.vmp.exe