diff --git a/CMakeLists.txt b/CMakeLists.txt index 5ac7ddd..9968024 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -52,9 +52,9 @@ list(APPEND vmprofiler_SOURCES "src/vmprofiles/lconst.cpp" "src/vmprofiles/lflags.cpp" "src/vmprofiles/lreg.cpp" - "src/vmprofiles/lvsp.cpp" "src/vmprofiles/mul.cpp" "src/vmprofiles/nand.cpp" + "src/vmprofiles/popvsp.cpp" "src/vmprofiles/pushvsp.cpp" "src/vmprofiles/read.cpp" "src/vmprofiles/shl.cpp" @@ -69,7 +69,6 @@ list(APPEND vmprofiler_SOURCES "include/vmctx.hpp" "include/vmhandlers.hpp" "include/vminstrs.hpp" - "include/vmlifters.hpp" "include/vmlocate.hpp" "include/vmp2.hpp" "include/vmprofiler.hpp" diff --git a/include/vmprofiles.hpp b/include/vmprofiles.hpp index 5ed98a9..1492269 100644 --- a/include/vmprofiles.hpp +++ b/include/vmprofiles.hpp @@ -18,7 +18,7 @@ namespace vm::handler CALL, JMP, VMEXIT, - LVSP, + POPVSP, PUSHVSP, PUSHVSPDW, @@ -146,7 +146,6 @@ namespace vm::handler extern vm::handler::profile_t shlq; extern vm::handler::profile_t shldw; - extern vm::handler::profile_t shlddw; extern vm::handler::profile_t nandq; @@ -175,7 +174,7 @@ namespace vm::handler extern vm::handler::profile_t mulq; extern vm::handler::profile_t divq; extern vm::handler::profile_t jmp; - extern vm::handler::profile_t lvsp; + extern vm::handler::profile_t popvsp; extern vm::handler::profile_t vmexit; /// @@ -184,7 +183,7 @@ namespace vm::handler inline std::vector< vm::handler::profile_t * > all = { &sregq, &sregdw, &sregw, &lregq, &lregdw, &lconstq, &lconstbzxw, &lconstbsxdw, &lconstbsxq, &lconstdwsxq, &lconstwsxq, &lconstwsxdw, &lconstdw, &lconstw, &addq, &adddw, - &addw, &lvsp, + &addw, &popvsp, &shlq, &shldw, &writeq, &writedw, &writeb, &nandq, &nanddw, &nandw, &nandb, diff --git a/src/vmprofiles/lvsp.cpp b/src/vmprofiles/popvsp.cpp similarity index 87% rename from src/vmprofiles/lvsp.cpp rename to src/vmprofiles/popvsp.cpp index 5bed39e..55be274 100644 --- a/src/vmprofiles/lvsp.cpp +++ b/src/vmprofiles/popvsp.cpp @@ -2,10 +2,10 @@ namespace vm::handler::profile { - vm::handler::profile_t lvsp = { + vm::handler::profile_t popvsp = { // MOV RBP [RBP] - "LVSP", - LVSP, + "POPVSP", + POPVSP, NULL, { { []( const zydis_decoded_instr_t &instr ) -> bool { return instr.mnemonic == ZYDIS_MNEMONIC_MOV && instr.operands[ 0 ].type == ZYDIS_OPERAND_TYPE_REGISTER && diff --git a/src/vmutils.cpp b/src/vmutils.cpp index 65ad96d..446f7c0 100644 --- a/src/vmutils.cpp +++ b/src/vmutils.cpp @@ -209,7 +209,8 @@ namespace vm::util for ( auto itr = routine.begin(); itr != routine.end(); ++itr ) { // dont remove these... at all... - if ( itr->instr.mnemonic == ZYDIS_MNEMONIC_PUSH || itr->instr.mnemonic == ZYDIS_MNEMONIC_POP ) + if ( itr->instr.mnemonic == ZYDIS_MNEMONIC_PUSH || itr->instr.mnemonic == ZYDIS_MNEMONIC_POP || + itr->instr.mnemonic == ZYDIS_MNEMONIC_CALL ) continue; // lol... we are only looking at linear code anyways... :P