From eb64f5d2c28a0296d2061de7fb4eb8eff3201529 Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Thu, 3 Jun 2021 00:25:03 -0700 Subject: [PATCH] idk what i added but parsing jcc's work now --- include/vmprofiler.hpp | 2 +- src/vminstrs.cpp | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/vmprofiler.hpp b/include/vmprofiler.hpp index 15bc224..63a2f1c 100644 --- a/include/vmprofiler.hpp +++ b/include/vmprofiler.hpp @@ -218,7 +218,7 @@ namespace vm { bool has_jcc; jcc_type type; - std::uintptr_t block_rva[ 2 ]; + std::uintptr_t block_addr[ 2 ]; }; struct code_block_t diff --git a/src/vminstrs.cpp b/src/vminstrs.cpp index 3677db0..344b3e2 100644 --- a/src/vminstrs.cpp +++ b/src/vminstrs.cpp @@ -252,7 +252,7 @@ namespace vm // if there is not two branches... if ( result == code_block.vinstrs.rend() ) { - jcc.block_rva[ 0 ] = code_block_addr( vmctx, last_trace ); + jcc.block_addr[ 0 ] = code_block_addr( vmctx, last_trace ); jcc.has_jcc = false; jcc.type = jcc_type::absolute; @@ -260,8 +260,8 @@ namespace vm // else there are two branches... else { - jcc.block_rva[ 0 ] = code_block_addr( vmctx, result->trace_data.vsp.qword[ 0 ] ^ xor_key ); - jcc.block_rva[ 1 ] = code_block_addr( vmctx, result->trace_data.vsp.qword[ 1 ] ^ xor_key ); + jcc.block_addr[ 0 ] = code_block_addr( vmctx, result->trace_data.vsp.qword[ 0 ] ^ xor_key ); + jcc.block_addr[ 1 ] = code_block_addr( vmctx, result->trace_data.vsp.qword[ 1 ] ^ xor_key ); jcc.has_jcc = true; jcc.type = jcc_type::branching;