You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
vmprofiler/doxygen/html/vmutils_8cpp.html

128 lines
12 KiB

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.9.1"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<title>VMProfiler: D:/vmprofiler-qt/dependencies/vmprofiler/src/vmutils.cpp File Reference</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="search/search.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="search/searchdata.js"></script>
<script type="text/javascript" src="search/search.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td id="projectlogo"><img alt="Logo" src="icon.png"/></td>
<td id="projectalign" style="padding-left: 0.5em;">
<div id="projectname">VMProfiler
&#160;<span id="projectnumber">v1.8</span>
</div>
<div id="projectbrief">vmprofiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu.</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.9.1 -->
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
var searchBox = new SearchBox("searchBox", "search",false,'Search','.html');
/* @license-end */
</script>
<script type="text/javascript" src="menudata.js"></script>
<script type="text/javascript" src="menu.js"></script>
<script type="text/javascript">
/* @license magnet:?xt=urn:btih:cf05388f2679ee054f2beb29a391d25f4e673ac3&amp;dn=gpl-2.0.txt GPL-v2 */
$(function() {
initMenu('',true,false,'search.php','Search');
$(document).ready(function() { init_search(); });
});
/* @license-end */</script>
<div id="main-nav"></div>
<!-- window showing the filter options -->
<div id="MSearchSelectWindow"
onmouseover="return searchBox.OnSearchSelectShow()"
onmouseout="return searchBox.OnSearchSelectHide()"
onkeydown="return searchBox.OnSearchSelectKey(event)">
</div>
<!-- iframe showing the search results (closed by default) -->
<div id="MSearchResultsWindow">
<iframe src="javascript:void(0)" frameborder="0"
name="MSearchResults" id="MSearchResults">
</iframe>
</div>
<div id="nav-path" class="navpath">
<ul>
<li class="navelem"><a class="el" href="dir_68267d1309a1af8e8297ef4c3efbcdba.html">src</a></li> </ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#namespaces">Namespaces</a> &#124;
<a href="#func-members">Functions</a> </div>
<div class="headertitle">
<div class="title">vmutils.cpp File Reference</div> </div>
</div><!--header-->
<div class="contents">
<div class="textblock"><code>#include &lt;<a class="el" href="vmprofiler_8hpp_source.html">vmprofiler.hpp</a>&gt;</code><br />
</div><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="namespaces"></a>
Namespaces</h2></td></tr>
<tr class="memitem:namespacevm"><td class="memItemLeft" align="right" valign="top"> &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm.html">vm</a></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:namespacevm_1_1util"><td class="memItemLeft" align="right" valign="top"> &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html">vm::util</a></td></tr>
<tr class="memdesc:namespacevm_1_1util"><td class="mdescLeft">&#160;</td><td class="mdescRight">utils used by the other cpp files... misc things that get used a lot... <br /></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:namespacevm_1_1util_1_1reg"><td class="memItemLeft" align="right" valign="top"> &#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util_1_1reg.html">vm::util::reg</a></td></tr>
<tr class="memdesc:namespacevm_1_1util_1_1reg"><td class="mdescLeft">&#160;</td><td class="mdescRight">utils pertaining to native registers... <br /></td></tr>
<tr class="separator:"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table><table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:a00b8eb62aa844682cceca117eca5b945"><td class="memItemLeft" align="right" valign="top"><a class="el" href="vmutils_8hpp.html#ab8cac5db83e0d71d373779cccbf2d782">zydis_register_t</a>&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util_1_1reg.html#a00b8eb62aa844682cceca117eca5b945">vm::util::reg::to64</a> (<a class="el" href="vmutils_8hpp.html#ab8cac5db83e0d71d373779cccbf2d782">zydis_register_t</a> reg)</td></tr>
<tr class="memdesc:a00b8eb62aa844682cceca117eca5b945"><td class="mdescLeft">&#160;</td><td class="mdescRight">converts say... AL to RAX... <a href="namespacevm_1_1util_1_1reg.html#a00b8eb62aa844682cceca117eca5b945">More...</a><br /></td></tr>
<tr class="separator:a00b8eb62aa844682cceca117eca5b945"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:aa6e516ed1170cd627f330ca68c1bfd4b"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util_1_1reg.html#aa6e516ed1170cd627f330ca68c1bfd4b">vm::util::reg::compare</a> (<a class="el" href="vmutils_8hpp.html#ab8cac5db83e0d71d373779cccbf2d782">zydis_register_t</a> a, <a class="el" href="vmutils_8hpp.html#ab8cac5db83e0d71d373779cccbf2d782">zydis_register_t</a> b)</td></tr>
<tr class="memdesc:aa6e516ed1170cd627f330ca68c1bfd4b"><td class="mdescLeft">&#160;</td><td class="mdescRight">compares to registers with each other... calls to64 and compares... <a href="namespacevm_1_1util_1_1reg.html#aa6e516ed1170cd627f330ca68c1bfd4b">More...</a><br /></td></tr>
<tr class="separator:aa6e516ed1170cd627f330ca68c1bfd4b"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a6ef2ebfb858878e2e06d3c96ef5b275b"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#a6ef2ebfb858878e2e06d3c96ef5b275b">vm::util::get_fetch_operand</a> (const <a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;routine, <a class="el" href="structzydis__instr__t.html">zydis_instr_t</a> &amp;fetch_instr)</td></tr>
<tr class="memdesc:a6ef2ebfb858878e2e06d3c96ef5b275b"><td class="mdescLeft">&#160;</td><td class="mdescRight">get the instruction that fetches an operand out of VIP... <a href="namespacevm_1_1util.html#a6ef2ebfb858878e2e06d3c96ef5b275b">More...</a><br /></td></tr>
<tr class="separator:a6ef2ebfb858878e2e06d3c96ef5b275b"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ae2d46e089059f00dc56790216c5cc234"><td class="memItemLeft" align="right" valign="top">std::optional&lt; zydis_routine_t::iterator &gt;&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#ae2d46e089059f00dc56790216c5cc234">vm::util::get_fetch_operand</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;routine)</td></tr>
<tr class="memdesc:ae2d46e089059f00dc56790216c5cc234"><td class="mdescLeft">&#160;</td><td class="mdescRight">gets the instruction that fetches an operand out of VIP and returns an iterator to it... <a href="namespacevm_1_1util.html#ae2d46e089059f00dc56790216c5cc234">More...</a><br /></td></tr>
<tr class="separator:ae2d46e089059f00dc56790216c5cc234"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a9e29bef639bd3c9f94669b0acdc8f2b0"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#a9e29bef639bd3c9f94669b0acdc8f2b0">vm::util::print</a> (const <a class="el" href="vmutils_8hpp.html#ad180fbf8cef52662febedec0f54b6188">zydis_decoded_instr_t</a> &amp;instr)</td></tr>
<tr class="memdesc:a9e29bef639bd3c9f94669b0acdc8f2b0"><td class="mdescLeft">&#160;</td><td class="mdescRight">prints a single disassembly view of an instruction... <a href="namespacevm_1_1util.html#a9e29bef639bd3c9f94669b0acdc8f2b0">More...</a><br /></td></tr>
<tr class="separator:a9e29bef639bd3c9f94669b0acdc8f2b0"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:abcfe75a7d22f907a6187579373679204"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#abcfe75a7d22f907a6187579373679204">vm::util::print</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;routine)</td></tr>
<tr class="memdesc:abcfe75a7d22f907a6187579373679204"><td class="mdescLeft">&#160;</td><td class="mdescRight">prints a disassembly view of a routine... <a href="namespacevm_1_1util.html#abcfe75a7d22f907a6187579373679204">More...</a><br /></td></tr>
<tr class="separator:abcfe75a7d22f907a6187579373679204"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a3bb957b17b2bd94bb66c94b2407799c8"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#a3bb957b17b2bd94bb66c94b2407799c8">vm::util::is_jmp</a> (const <a class="el" href="vmutils_8hpp.html#ad180fbf8cef52662febedec0f54b6188">zydis_decoded_instr_t</a> &amp;instr)</td></tr>
<tr class="memdesc:a3bb957b17b2bd94bb66c94b2407799c8"><td class="mdescLeft">&#160;</td><td class="mdescRight">determines if a given decoded native instruction is a JCC... <a href="namespacevm_1_1util.html#a3bb957b17b2bd94bb66c94b2407799c8">More...</a><br /></td></tr>
<tr class="separator:a3bb957b17b2bd94bb66c94b2407799c8"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:a86a98ad0643716aef1ef80b3cd58d0e9"><td class="memItemLeft" align="right" valign="top">bool&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#a86a98ad0643716aef1ef80b3cd58d0e9">vm::util::flatten</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;routine, std::uintptr_t routine_addr, bool keep_jmps=false)</td></tr>
<tr class="memdesc:a86a98ad0643716aef1ef80b3cd58d0e9"><td class="mdescLeft">&#160;</td><td class="mdescRight">flatten native instruction stream, takes every JCC (follows the branch)... <a href="namespacevm_1_1util.html#a86a98ad0643716aef1ef80b3cd58d0e9">More...</a><br /></td></tr>
<tr class="separator:a86a98ad0643716aef1ef80b3cd58d0e9"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:afb0bd6aeba990fd37a612d6d318cebb5"><td class="memItemLeft" align="right" valign="top">void&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="namespacevm_1_1util.html#afb0bd6aeba990fd37a612d6d318cebb5">vm::util::deobfuscate</a> (<a class="el" href="vmutils_8hpp.html#a5fdde6e9d3e6c6eca28ecadf2e837d3c">zydis_routine_t</a> &amp;routine)</td></tr>
<tr class="memdesc:afb0bd6aeba990fd37a612d6d318cebb5"><td class="mdescLeft">&#160;</td><td class="mdescRight">deadstore deobfuscation of a flattened routine... <a href="namespacevm_1_1util.html#afb0bd6aeba990fd37a612d6d318cebb5">More...</a><br /></td></tr>
<tr class="separator:afb0bd6aeba990fd37a612d6d318cebb5"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated by&#160;<a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.9.1
</small></address>
</body>
</html>