arno
/
bddisasm
mirror of https://github.com/bitdefender/bddisasm.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Build improvements

Browse Source 
Exclude string constants from build if BDDISASM_NO_FORMAT is defined.
Use extern "C" when declaring the public bddisasm/bdshemu functions.
Include wmmintrin.h for AES intrinisics when building using LLVM/clang.
pull/52/head
Andrei Vlad LUTAS 3 years ago
parent 10dc00681d
commit 072f6e059b
5 changed files with 45 additions and 7 deletions
Show Stats Download Patch File Download Diff File

4
bddisasm/bddisasm.c
Unescape View File

@ -17,6 +17,7 @@
#define UNREFERENCED_PARAMETER(P) ((void)(P))
#endif
#ifndef BDDISASM_NO_FORMAT
static const char *gReg8Bit[] =
{
@ -132,6 +133,9 @@ static const char *gEmbeddedRounding[] =
"rn", "rd", "ru", "rz",
};
#endif // !BDDISASM_NO_FORMAT
static const uint16_t gOperandMap[] =
{
ND_OPE_D, // ND_OPT_A

5
bdshemu/bdshemu.c
Unescape View File

@ -10,7 +10,12 @@
#include "nd_crt.h"
#include "bddisasm.h"
#include "bdshemu.h"
#ifdef __clang__
#include <wmmintrin.h>
#else
#include <immintrin.h>
#endif // __clang__
//
// A generic emulator value.

28
disasmtool/disasmtool.c
Unescape View File

@ -39,6 +39,7 @@ typedef struct _DISASM_OPTIONS
char *FileName; // Input file, if any.
size_t ShemuRegs[NDR_R15 + 1];
BOOLEAN UseShemuRegs;
BOOLEAN BypassSelfWrites; // If true, shemu emulation will ignore self-modifications made by the shellcode.
} DISASM_OPTIONS, *PDISASM_OPTIONS;
char *gSpaces[16] =
@ -743,7 +744,7 @@ print_instruction(
if (Instrux->HasEvex)
{
printf(" EVEX Tuple Type: %s\n",
tuple_to_string(Instrux->TupleType));
tuple_to_string((ND_TUPLE)Instrux->TupleType));
}
if (Instrux->ExceptionClass != ND_EXC_None)
@ -760,7 +761,7 @@ print_instruction(
printf("exception type: %d\n", Instrux->ExceptionType);
break;
case ND_EXC_EVEX:
printf("exception type: %s\n", exception_evex_to_string(Instrux->ExceptionType));
printf("exception type: %s\n", exception_evex_to_string((ND_EX_TYPE_EVEX)Instrux->ExceptionType));
break;
case ND_EXC_OPMASK:
printf("exception type: K%d\n", Instrux->ExceptionType + 19);
@ -1517,7 +1518,7 @@ handle_shemu(
shellSize = fsize + 0x100;
// Allocate the shellcode, stack, shell bitmap and stack bitmaps.
ctx.Shellcode = malloc(shellSize);
ctx.Shellcode = (uint8_t *)malloc(shellSize);
if (NULL == ctx.Shellcode)
{
printf("Memory error: couldn't allocated %zu bytes!\n", fsize);
@ -1527,7 +1528,7 @@ handle_shemu(
#define STACK_SIZE 0x2000
ctx.Stack = malloc(STACK_SIZE);
ctx.Stack = (uint8_t *)malloc(STACK_SIZE);
if (NULL == ctx.Stack)
{
printf("Memory error: couldn't allocated %zu bytes!\n", fsize);
@ -1535,7 +1536,7 @@ handle_shemu(
return;
}
ctx.Intbuf = malloc(shellSize + STACK_SIZE);
ctx.Intbuf = (uint8_t *)malloc(shellSize + STACK_SIZE);
if (NULL == ctx.Intbuf)
{
printf("Memory error: couldn't allocated %zu bytes!\n", fsize);
@ -1578,7 +1579,7 @@ handle_shemu(
ctx.Flags = 0;
ctx.Options = SHEMU_OPT_TRACE_EMULATION;
ctx.Log = &ShemuLog;
ctx.AccessMemory = &ShemuAccessMem;
ctx.AccessMemory = (ShemuMemAccess)&ShemuAccessMem;
// Configurable thresholds.
ctx.NopThreshold = SHEMU_DEFAULT_NOP_THRESHOLD;
@ -1596,6 +1597,11 @@ handle_shemu(
ctx.Options |= SHEMU_OPT_SUPPORT_AES;
}
if (Options->BypassSelfWrites)
{
ctx.Options |= SHEMU_OPT_BYPASS_SELF_WRITES;
}
if (Options->UseShemuRegs)
{
// Copy the new GPRs
@ -1694,6 +1700,7 @@ int main(
SIZE_T rip;
char text[ND_MIN_BUF_SIZE], *fname, *target, *shemuCtxFname;
BYTE mode, print, highlight, fmode, hmode, stats, exi, vend, feat, search, isShemu, isShemuCtxf, isKernel, bitfields;
BYTE bypassw;
INT ret, i;
BYTE hexbuf[256], *buffer;
DISASM_OPTIONS options;
@ -1723,6 +1730,7 @@ int main(
isShemuCtxf = 0;
isKernel = 0;
bitfields = 0;
bypassw = 0;
if (NULL == argv)
{
@ -1757,6 +1765,7 @@ int main(
printf(" -regname regval specify registers to be set for the shemu context. Ignored if shemu is not used\n");
printf(" Examples of valid command line register naming: \"RegRax\" ; \"rax\" ; \"reg_rax\"\n");
printf(" -k specify kernel mode for shemu emulation. Ignore if shemu is not specified.\n");
printf(" -bw bypass self-modifications for shemu emulation.\n");
printf(" -hl highlight instruction parts:\n");
printf(" -bits display the instruction bit fields");
SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),
@ -1847,6 +1856,10 @@ int main(
{
isKernel = 1;
}
else if (argv[i][0] == '-' && argv[i][1] == 'b' && argv[i][2] == 'w' && argv[i][3] == 0)
{
bypassw = 1;
}
else if (0 == strcmp(argv[i], "-b16"))
{
mode = ND_CODE_16;
@ -1988,7 +2001,7 @@ int main(
}
// Map the file.
buffer = MapViewOfFile(hMapping, FILE_MAP_ALL_ACCESS, 0, 0, 0);
buffer = (BYTE *)MapViewOfFile(hMapping, FILE_MAP_ALL_ACCESS, 0, 0, 0);
if (NULL == buffer)
{
printf("Couldn't map the view for '%s': 0x%08x\n", argv[1], GetLastError());
@ -2051,6 +2064,7 @@ int main(
options.Vendor = vend;
options.Feature = feat;
options.Rip = rip;
options.BypassSelfWrites = bypassw;
if (isShemu)
{

8
inc/bddisasm.h
Unescape View File

@ -1449,6 +1449,10 @@ typedef struct _ND_CONTEXT
} ND_CONTEXT;
#ifdef __cplusplus
extern "C" {
#endif
//
// Returns the bddisasm version.
//
@ -1559,6 +1563,10 @@ NdInitContext(
ND_CONTEXT *Context
);
#ifdef __cplusplus
}
#endif
// #pragma warning(default: 4214) // Bitfield in type other than int.
// #pragma warning(default: 4201) // Nonstandard extension used: nameless struct/union.
#ifdef _MSC_VER

7
inc/bdshemu.h
Unescape View File

@ -278,6 +278,10 @@ typedef unsigned int SHEMU_STATUS;
#define SHEMU_INTERNAL_BUFFER_SIZE(ctx) ((ctx)->ShellcodeSize + (ctx)->StackSize)
#ifdef __cplusplus
extern "C" {
#endif
//
// API
//
@ -286,5 +290,8 @@ ShemuEmulate(
SHEMU_CONTEXT *Context
);
#ifdef __cplusplus
}
#endif
#endif // BDSHEMU_H

Write Preview
Loading…
Cancel
Save