i am going to be more strict about defining vm handler profiles now...

merge-requests/13/head
_xeroxz 3 years ago
parent 66d42bd627
commit ea3790fc1a

@ -1 +1 @@
Subproject commit 90106b0f5e748f1e67e108800ee0463bae5755e3 Subproject commit b6862d521860ec37b86539f96a6b8ca93158a4cb

@ -256,7 +256,7 @@ int __cdecl main( int argc, const char *argv[] )
if ( !emu.get_trace( code_blocks ) ) if ( !emu.get_trace( code_blocks ) )
{ {
std::printf( "[!] something failed during tracing, review the console for more information...\n" ); std::printf( "[!] something failed during tracing, review the console for more information...\n" );
continue; return -1;
} }
std::printf( "> number of blocks = %d\n", code_blocks.size() ); std::printf( "> number of blocks = %d\n", code_blocks.size() );
@ -379,7 +379,7 @@ int __cdecl main( int argc, const char *argv[] )
if ( !emu.get_trace( code_blocks ) ) if ( !emu.get_trace( code_blocks ) )
{ {
std::printf( "[!] something failed during tracing, review the console for more information...\n" ); std::printf( "[!] something failed during tracing, review the console for more information...\n" );
continue; return -1;
} }
std::printf( "> number of blocks = %d\n", code_blocks.size() ); std::printf( "> number of blocks = %d\n", code_blocks.size() );

@ -87,6 +87,9 @@ namespace vm
return false; return false;
} }
if ( !cc_block )
return false;
code_blocks.push_back( code_block ); code_blocks.push_back( code_block );
// code_blocks.size() will continue to grow as all branches are traced... // code_blocks.size() will continue to grow as all branches are traced...
@ -149,6 +152,9 @@ namespace vm
return false; return false;
} }
if ( !cc_block )
return false;
// push back new block that has been traced... // push back new block that has been traced...
code_blocks.push_back( branch_block ); code_blocks.push_back( branch_block );
@ -205,6 +211,9 @@ namespace vm
return false; return false;
} }
if ( !cc_block )
return false;
// push back new block that has been traced... // push back new block that has been traced...
code_blocks.push_back( branch_block ); code_blocks.push_back( branch_block );
break; break;
@ -262,6 +271,9 @@ namespace vm
return false; return false;
} }
if ( !cc_block )
return false;
// push back new block that has been traced... // push back new block that has been traced...
code_blocks.push_back( branch_block ); code_blocks.push_back( branch_block );
} }
@ -372,10 +384,9 @@ namespace vm
return false; return false;
} }
if ( instr.mnemonic == ZYDIS_MNEMONIC_INT1 || instr.mnemonic == ZYDIS_MNEMONIC_INVALID ) if ( instr.mnemonic == ZYDIS_MNEMONIC_INVALID )
{ {
obj->cc_block->code_block.jcc.has_jcc = false; obj->cc_block = nullptr;
obj->cc_block->code_block.jcc.type = vm::instrs::jcc_type::none;
uc_emu_stop( uc ); uc_emu_stop( uc );
return false; return false;
} }
@ -427,7 +438,7 @@ namespace vm
return false; return false;
} }
const auto &vm_handler = obj->g_vm_ctx->vm_handlers[ vm_handler_table_idx ]; auto &vm_handler = obj->g_vm_ctx->vm_handlers[ vm_handler_table_idx ];
if ( ( err = obj->create_entry( &vinstr_entry ) ) ) if ( ( err = obj->create_entry( &vinstr_entry ) ) )
{ {
@ -448,6 +459,7 @@ namespace vm
std::printf( "> vm handler index (%d) does not match vm handler address (%p)...\n", vm_handler_table_idx, std::printf( "> vm handler index (%d) does not match vm handler address (%p)...\n", vm_handler_table_idx,
vm_handler_addr ); vm_handler_addr );
obj->cc_block = nullptr;
if ( ( err = uc_emu_stop( uc ) ) ) if ( ( err = uc_emu_stop( uc ) ) )
{ {
std::printf( "> failed to stop emulation, exiting... reason = %d\n", err ); std::printf( "> failed to stop emulation, exiting... reason = %d\n", err );
@ -457,6 +469,23 @@ namespace vm
return false; return false;
} }
if ( !vm_handler.profile )
{
obj->cc_block = nullptr;
std::printf( "> virtual machine handler (0x%p): \n\n",
( vm_handler_addr - obj->g_vm_ctx->module_base ) + obj->g_vm_ctx->image_base );
vm::util::print( vm_handler.instrs );
std::printf( "\n\n" );
if ( ( err = uc_emu_stop( uc ) ) )
{
std::printf( "> failed to stop emulation, exiting... reason = %d\n", err );
exit( 0 );
}
return false;
}
auto vinstr = vm::instrs::get( *obj->g_vm_ctx, vinstr_entry ); auto vinstr = vm::instrs::get( *obj->g_vm_ctx, vinstr_entry );
if ( !vinstr.has_value() ) if ( !vinstr.has_value() )

Loading…
Cancel
Save