[Penalyze2-commit] penalyze2 ChangeLog include/vm.h include/vm

penalyze2-commit
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Penalyze2-commit] penalyze2 ChangeLog include/vm.h include/vm_ins...

From:	Stephan Peijnik
Subject:	[Penalyze2-commit] penalyze2 ChangeLog include/vm.h include/vm_ins...
Date:	Mon, 04 Sep 2006 10:31:47 +0000
CVSROOT:        /sources/penalyze2
Module name:    penalyze2
Changes by:     Stephan Peijnik <sp>    06/09/04 10:31:47

Modified files:
        .              : ChangeLog 
        include        : vm.h vm_ins.h 
        src            : vm.c 
        src/vm_chooks  : kernel32.dll.c 
        src/vm_ins     : vm_ins_push.c 

Log message:
        Added basic operand size support for other sizes than 32bit
        Made vm_ins_push() use the new method
        Added PE loader documentation

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/penalyze2/ChangeLog?cvsroot=penalyze2&r1=1.2&r2=1.3
http://cvs.savannah.gnu.org/viewcvs/penalyze2/include/vm.h?cvsroot=penalyze2&r1=1.1&r2=1.2
http://cvs.savannah.gnu.org/viewcvs/penalyze2/include/vm_ins.h?cvsroot=penalyze2&r1=1.1&r2=1.2
http://cvs.savannah.gnu.org/viewcvs/penalyze2/src/vm.c?cvsroot=penalyze2&r1=1.1&r2=1.2
http://cvs.savannah.gnu.org/viewcvs/penalyze2/src/vm_chooks/kernel32.dll.c?cvsroot=penalyze2&r1=1.1&r2=1.2
http://cvs.savannah.gnu.org/viewcvs/penalyze2/src/vm_ins/vm_ins_push.c?cvsroot=penalyze2&r1=1.1&r2=1.2

Patches:
Index: ChangeLog
===================================================================
RCS file: /sources/penalyze2/penalyze2/ChangeLog,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- ChangeLog   22 Aug 2006 09:24:09 -0000      1.2
+++ ChangeLog   4 Sep 2006 10:31:46 -0000       1.3
@@ -1,3 +1,9 @@
+2006-09-04 Stephan Peijnik <sp at sp dot or dot at>
+
+    * Added basic operand size support for other sizes than 32Bit
+    * Made vm_ins_push() use the new method
+    * Added (incomplete) PE loader documentation
+    
 2006-08-22 Stephan Peijnik <sp at sp dot or dot at>
 
        * Removed unused build targets from libdasm Makefile

Index: include/vm.h
===================================================================
RCS file: /sources/penalyze2/penalyze2/include/vm.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- include/vm.h        17 Aug 2006 20:03:40 -0000      1.1
+++ include/vm.h        4 Sep 2006 10:31:46 -0000       1.2
@@ -25,6 +25,7 @@
 
 #include "libdasm.h"
 
+#include "basic_types.h"
 #include "pe.h"
 #include "vm_chooks.h"
 #include "vm_mem.h"
@@ -32,6 +33,7 @@
 struct vm_registers;
 struct vm_ctx;
 struct vm_ins_ctx;
+struct vm_op_info;
 
 #define VM_NUM_HANDLERS                INSTRUCTION_TYPE_PRIV   /* 
sizeof(Instruction)! */
 
@@ -105,9 +107,31 @@
   struct pe                            *pe;
 };
 
+/* there is only one flag right now, more are to be defined
+ * when there is need for them
+ */
+#define VM_OP_FLAG_PRESENT             0x1
+
+#define vm_op_is_present(op)   ((op)->flags & VM_OP_FLAG_PRESENT)
+
+struct vm_op_info 
+{
+  byte  flags;                 /* operand flags, see VM_OP_FLAG_* */
+  void *real_addr;
+  union
+  {
+    dword addr;
+    dword immediate;
+  } virt;
+  dword size;
+};
+
 struct vm_ins_ctx
 {
   INSTRUCTION ins;
+  struct vm_op_info    op0;
+  struct vm_op_info op1;
+  struct vm_op_info op2;
 };
 
 extern void 
@@ -120,7 +144,7 @@
 vm_entrypoint_set(struct vm_ctx *vm_ctx, dword virt);
 
 extern void
-vm_stack_push(struct vm_ctx *vm_ctx, unsigned int value);
+vm_stack_push(struct vm_ctx *vm_ctx, dword value);
 extern unsigned int
 vm_stack_pop(struct vm_ctx *vm_ctx);
 
@@ -148,5 +172,8 @@
 extern int
 vm_op_get_addresses(struct vm_ctx *vm_ctx, POPERAND op, dword *virt, 
                     void **real, dword *size);
+extern void
+vm_operands_get(struct vm_ctx *vm_ctx, struct vm_ins_ctx *vm_ins_ctx);
+
 
 #endif /* _VM_H */

Index: include/vm_ins.h
===================================================================
RCS file: /sources/penalyze2/penalyze2/include/vm_ins.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- include/vm_ins.h    17 Aug 2006 20:03:40 -0000      1.1
+++ include/vm_ins.h    4 Sep 2006 10:31:46 -0000       1.2
@@ -51,6 +51,4 @@
 define_ins(xchg);
 define_ins(xor);
 
-#undef define_ins
-
 #endif /* _VM_INS_H */

Index: src/vm.c
===================================================================
RCS file: /sources/penalyze2/penalyze2/src/vm.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- src/vm.c    17 Aug 2006 20:03:40 -0000      1.1
+++ src/vm.c    4 Sep 2006 10:31:46 -0000       1.2
@@ -183,6 +183,8 @@
   {
     int hres;
     
+    vm_operands_get(vm_ctx, &vm_ins_ctx);
+    
     hres = vm_ctx->handlers[vm_ins_ctx.ins.type](vm_ctx, &vm_ins_ctx);
      
     return hres;
@@ -442,6 +444,52 @@
   return op_types[type];
 }
 
+/**
+ * @param vm_ctx VM context
+ * @param vm_ins_ctx VM instruction context
+ *
+ * Prepares the vm_op_info values of vm_ins_ctx
+ */
+void
+vm_operands_get(struct vm_ctx *vm_ctx, struct vm_ins_ctx *vm_ins_ctx)
+{
+  POPERAND op0, op1, op2;
+  int res;
+  
+  assert(NULL != vm_ctx);
+  assert(NULL != vm_ins_ctx);
+  
+  /* first operand */
+  op0 = &vm_ins_ctx->ins.op1;
+  
+  res = vm_op_get_addresses(vm_ctx, op0, (dword *) &vm_ins_ctx->op0.virt, 
+                            &vm_ins_ctx->op0.real_addr, &vm_ins_ctx->op0.size);
+  
+  /* if the first operand is not set a second will *NOT* follow */
+  if (res == OPERAND_TYPE_NONE)
+    return;
+
+  vm_ins_ctx->op0.flags |= VM_OP_FLAG_PRESENT;
+
+  op1 = &vm_ins_ctx->ins.op2;
+  
+  res = vm_op_get_addresses(vm_ctx, op1, (dword *) &vm_ins_ctx->op1.virt,
+                            &vm_ins_ctx->op1.real_addr, &vm_ins_ctx->op1.size);
+
+  if (res == OPERAND_TYPE_NONE)
+    return;
+  
+  vm_ins_ctx->op1.flags |= VM_OP_FLAG_PRESENT;
+  
+  op2 = &vm_ins_ctx->ins.op3;
+  
+  res = vm_op_get_addresses(vm_ctx, op2, (dword *) &vm_ins_ctx->op2.virt,
+                            &vm_ins_ctx->op2.real_addr, &vm_ins_ctx->op2.size);
+ 
+  if (res != OPERAND_TYPE_NONE)
+    vm_ins_ctx->op2.flags |= VM_OP_FLAG_PRESENT;
+}
+
 int
 vm_op_get_addresses(struct vm_ctx *vm_ctx, POPERAND op, dword *virt, 
                     void **real, dword *size)
@@ -471,8 +519,6 @@
       *virt = op->reg;
       *real = &regs[op->reg];
       
-      /* this code *WILL* break things on big endian systems */
-      
       /* TODO: add checks for operand size override */
       switch(MASK_OT(op->flags))
       {

Index: src/vm_chooks/kernel32.dll.c
===================================================================
RCS file: /sources/penalyze2/penalyze2/src/vm_chooks/kernel32.dll.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- src/vm_chooks/kernel32.dll.c        17 Aug 2006 20:03:40 -0000      1.1
+++ src/vm_chooks/kernel32.dll.c        4 Sep 2006 10:31:47 -0000       1.2
@@ -84,11 +84,11 @@
   }
   
   vm_chook_func_add(lib, "AddAtomA", 1, Unimplemented, 0x0, 0x0);
-  vm_chook_func_add(lib, "ExitProcess", 155, kernel32_ExitProcess, 0x0, 0x0);
-  vm_chook_func_add(lib, "FindAtomA", 175, Unimplemented, 0x0, 0x0);
-  vm_chook_func_add(lib, "GetAtomNameA", 220, Unimplemented, 0x0, 0x0);
-  vm_chook_func_add(lib, "LoadLibraryA", 0, Unimplemented, 0x0, 0x0);
-  vm_chook_func_add(lib, "GetProcAddress", 0, Unimplemented, 0x0, 0x0);
+  vm_chook_func_add(lib, "ExitProcess", 145, kernel32_ExitProcess, 0x0, 0x0);
+  vm_chook_func_add(lib, "FindAtomA", 162, Unimplemented, 0x0, 0x0);
+  vm_chook_func_add(lib, "GetAtomNameA", 207, Unimplemented, 0x0, 0x0);
+  vm_chook_func_add(lib, "LoadLibraryA", 486, Unimplemented, 0x0, 0x0);
+  vm_chook_func_add(lib, "GetProcAddress", 344, Unimplemented, 0x0, 0x0);
   vm_chook_func_add(lib, "VirtualProtect", 0, Unimplemented, 0x0, 0x0);
   vm_chook_func_add(lib, "SetUnhandledExceptionFilter", 736, 
                     kernel32_SetUnhandledExceptionFilter, 0x0, 0x0);

Index: src/vm_ins/vm_ins_push.c
===================================================================
RCS file: /sources/penalyze2/penalyze2/src/vm_ins/vm_ins_push.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- src/vm_ins/vm_ins_push.c    17 Aug 2006 20:03:40 -0000      1.1
+++ src/vm_ins/vm_ins_push.c    4 Sep 2006 10:31:47 -0000       1.2
@@ -22,30 +22,15 @@
 
 #include "libdasm.h"
 #include "vm.h"
+#include "basic_types.h"
 
 unsigned int
 vm_ins_push(struct vm_ctx *vm_ctx, struct vm_ins_ctx *vm_ins_ctx)
 {
-  POPERAND op;
-  dword op_type;
-  dword op_virt;
-  void *op_real;
-  dword op_size;
   dword val;
 
-  op = &vm_ins_ctx->ins.op1;
-  
-  op_type = vm_op_get_addresses(vm_ctx, op, &op_virt, &op_real, &op_size);
-  
-  if ((op_type == OPERAND_TYPE_MEMORY) || (op_type == OPERAND_TYPE_REGISTER))
-  {
-    val = *((dword*)op_real);
-  }
-  else if (op_type == OPERAND_TYPE_IMMEDIATE)
-  {
-    val = op_virt;
-  }
-  else if (op_type == OPERAND_TYPE_NONE)
+  /* no operand flags present... */
+  if (!(vm_ins_ctx->op0.flags & VM_OP_FLAG_PRESENT))
   {
     /* probably pusha */
     val = vm_ctx->regs.esp;
@@ -59,11 +44,26 @@
     vm_stack_push(vm_ctx, vm_ctx->regs.edi);
     return 0;
   }
-  else
+  
+  switch(vm_ins_ctx->op0.size)
   {
-    vm_debug(0, "vm_ins_push: operand type %s unsupported", 
-             vm_op_type(op_type));
+    case 1:
+      val = (dword) *((byte *) vm_ins_ctx->op0.real_addr);
+    break;
+    
+    case 2:
+      val = (dword) *((word *) vm_ins_ctx->op0.real_addr);
+    break;
+    
+    case 4:
+      val = *((dword *) vm_ins_ctx->op0.real_addr);
+    break;
+    
+    default:
+      vm_debug(0, "vm_ins_push: unknown operand size: %d", 
+        vm_ins_ctx->op0.size);
     return 1;
+    break;
   }
   
   vm_stack_push(vm_ctx, val);
[Prev in Thread]
Current Thread
[Next in Thread]
[Penalyze2-commit] penalyze2 ChangeLog include/vm.h include/vm_ins..., Stephan Peijnik <=
Next by Date: [Penalyze2-commit] penalyze2 ChangeLog doc/GFDL doc/PE_LOADER
Next by thread: [Penalyze2-commit] penalyze2 ChangeLog doc/GFDL doc/PE_LOADER
Index(es):
- Date
- Thread