#pragma once #include #include #include namespace vm { ///

/// vm::ctx_t class is used to auto generate vm_entry, calc_jmp, and other per-vm entry information... /// creating a vm::ctx_t object can make it easier to pass around information pertaining to a given vm entry... ///

class ctx_t { public: ///

/// default constructor for vm::ctx_t... all information for a given vm entry must be provided... ///

/// the linear virtual address of the module base... /// image base from optional nt header... IMAGE_OPTIONAL_HEADER64... /// image size from optional nt header... IMAGE_OPTIONAL_HEADER64... /// relative virtual address from the module base address to the first push prior to /// a vm entry... explicit ctx_t( std::uintptr_t module_base, std::uintptr_t image_base, std::uintptr_t image_size, std::uintptr_t vm_entry_rva ); ///

/// init all per-vm entry data such as vm_entry, calc_jmp, and vm handlers... ///

/// returns true if no errors... bool init(); const std::uintptr_t module_base, image_base, vm_entry_rva, image_size; ///

/// the order in which VIP advances... ///

vmp2::exec_type_t exec_type; zydis_routine_t vm_entry, calc_jmp; ///

/// all the vm handlers for the given vm entry... ///

std::vector< vm::handler::handler_t > vm_handlers; }; } // namespace vm