arno/bddisasm
1
0
Fork 0
mirror of https://github.com/bitdefender/bddisasm.git synced 2025-07-16 12:08:15 +00:00
Code Issues Releases Wiki Activity

Build improvements

Browse Source 
Exclude string constants from build if BDDISASM_NO_FORMAT is defined.
Use extern "C" when declaring the public bddisasm/bdshemu functions.
Include wmmintrin.h for AES intrinisics when building using LLVM/clang.
This commit is contained in:
Andrei Vlad LUTAS 2021-05-17 09:52:04 +03:00
parent 10dc00681d
commit 072f6e059b
5 changed files with 45 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bddisasm/bddisasm.c
View File

@ -17,6 +17,7 @@
#define UNREFERENCED_PARAMETER(P) ((void)(P)) #define UNREFERENCED_PARAMETER(P) ((void)(P))
#endif #endif
#ifndef BDDISASM_NO_FORMAT
static const char *gReg8Bit[] = static const char *gReg8Bit[] =
{ {
@ -132,6 +133,9 @@ static const char *gEmbeddedRounding[] =
"rn", "rd", "ru", "rz", "rn", "rd", "ru", "rz",
}; };
#endif // !BDDISASM_NO_FORMAT
static const uint16_t gOperandMap[] = static const uint16_t gOperandMap[] =
{ {
ND_OPE_D, // ND_OPT_A ND_OPE_D, // ND_OPT_A

5
bdshemu/bdshemu.c
View File

@ -10,7 +10,12 @@
#include "nd_crt.h" #include "nd_crt.h"
#include "bddisasm.h" #include "bddisasm.h"
#include "bdshemu.h" #include "bdshemu.h"
#ifdef __clang__
#include <wmmintrin.h>
#else
#include <immintrin.h> #include <immintrin.h>
#endif // __clang__
// //
// A generic emulator value. // A generic emulator value.

28
disasmtool/disasmtool.c
View File

@ -39,6 +39,7 @@ typedef struct _DISASM_OPTIONS
char *FileName; // Input file, if any. char *FileName; // Input file, if any.
size_t ShemuRegs[NDR_R15 + 1]; size_t ShemuRegs[NDR_R15 + 1];
BOOLEAN UseShemuRegs; BOOLEAN UseShemuRegs;
BOOLEAN BypassSelfWrites; // If true, shemu emulation will ignore self-modifications made by the shellcode.
} DISASM_OPTIONS, *PDISASM_OPTIONS; } DISASM_OPTIONS, *PDISASM_OPTIONS;
char *gSpaces[16] = char *gSpaces[16] =
@ -743,7 +744,7 @@ print_instruction(
if (Instrux->HasEvex) if (Instrux->HasEvex)
{ {
printf(" EVEX Tuple Type: %s\n", printf(" EVEX Tuple Type: %s\n",
tuple_to_string(Instrux->TupleType)); tuple_to_string((ND_TUPLE)Instrux->TupleType));
} }
if (Instrux->ExceptionClass != ND_EXC_None) if (Instrux->ExceptionClass != ND_EXC_None)
@ -760,7 +761,7 @@ print_instruction(
printf("exception type: %d\n", Instrux->ExceptionType); printf("exception type: %d\n", Instrux->ExceptionType);
break; break;
case ND_EXC_EVEX: case ND_EXC_EVEX:
printf("exception type: %s\n", exception_evex_to_string(Instrux->ExceptionType)); printf("exception type: %s\n", exception_evex_to_string((ND_EX_TYPE_EVEX)Instrux->ExceptionType));
break; break;
case ND_EXC_OPMASK: case ND_EXC_OPMASK:
printf("exception type: K%d\n", Instrux->ExceptionType + 19); printf("exception type: K%d\n", Instrux->ExceptionType + 19);
@ -1517,7 +1518,7 @@ handle_shemu(
shellSize = fsize + 0x100; shellSize = fsize + 0x100;
// Allocate the shellcode, stack, shell bitmap and stack bitmaps. // Allocate the shellcode, stack, shell bitmap and stack bitmaps.
ctx.Shellcode = malloc(shellSize); ctx.Shellcode = (uint8_t *)malloc(shellSize);
if (NULL == ctx.Shellcode) if (NULL == ctx.Shellcode)
{ {
printf("Memory error: couldn't allocated %zu bytes!\n", fsize); printf("Memory error: couldn't allocated %zu bytes!\n", fsize);
@ -1527,7 +1528,7 @@ handle_shemu(
#define STACK_SIZE 0x2000 #define STACK_SIZE 0x2000
ctx.Stack = malloc(STACK_SIZE); ctx.Stack = (uint8_t *)malloc(STACK_SIZE);
if (NULL == ctx.Stack) if (NULL == ctx.Stack)
{ {
printf("Memory error: couldn't allocated %zu bytes!\n", fsize); printf("Memory error: couldn't allocated %zu bytes!\n", fsize);
@ -1535,7 +1536,7 @@ handle_shemu(
return; return;
} }
ctx.Intbuf = malloc(shellSize + STACK_SIZE); ctx.Intbuf = (uint8_t *)malloc(shellSize + STACK_SIZE);
if (NULL == ctx.Intbuf) if (NULL == ctx.Intbuf)
{ {
printf("Memory error: couldn't allocated %zu bytes!\n", fsize); printf("Memory error: couldn't allocated %zu bytes!\n", fsize);
@ -1578,7 +1579,7 @@ handle_shemu(
ctx.Flags = 0; ctx.Flags = 0;
ctx.Options = SHEMU_OPT_TRACE_EMULATION; ctx.Options = SHEMU_OPT_TRACE_EMULATION;
ctx.Log = &ShemuLog; ctx.Log = &ShemuLog;
ctx.AccessMemory = &ShemuAccessMem; ctx.AccessMemory = (ShemuMemAccess)&ShemuAccessMem;
// Configurable thresholds. // Configurable thresholds.
ctx.NopThreshold = SHEMU_DEFAULT_NOP_THRESHOLD; ctx.NopThreshold = SHEMU_DEFAULT_NOP_THRESHOLD;
@ -1596,6 +1597,11 @@ handle_shemu(
ctx.Options |= SHEMU_OPT_SUPPORT_AES; ctx.Options |= SHEMU_OPT_SUPPORT_AES;
} }
if (Options->BypassSelfWrites)
{
ctx.Options |= SHEMU_OPT_BYPASS_SELF_WRITES;
}
if (Options->UseShemuRegs) if (Options->UseShemuRegs)
{ {
// Copy the new GPRs // Copy the new GPRs
@ -1694,6 +1700,7 @@ int main(
SIZE_T rip; SIZE_T rip;
char text[ND_MIN_BUF_SIZE], *fname, *target, *shemuCtxFname; char text[ND_MIN_BUF_SIZE], *fname, *target, *shemuCtxFname;
BYTE mode, print, highlight, fmode, hmode, stats, exi, vend, feat, search, isShemu, isShemuCtxf, isKernel, bitfields; BYTE mode, print, highlight, fmode, hmode, stats, exi, vend, feat, search, isShemu, isShemuCtxf, isKernel, bitfields;
BYTE bypassw;
INT ret, i; INT ret, i;
BYTE hexbuf[256], *buffer; BYTE hexbuf[256], *buffer;
DISASM_OPTIONS options; DISASM_OPTIONS options;
@ -1723,6 +1730,7 @@ int main(
isShemuCtxf = 0; isShemuCtxf = 0;
isKernel = 0; isKernel = 0;
bitfields = 0; bitfields = 0;
bypassw = 0;
if (NULL == argv) if (NULL == argv)
{ {
@ -1757,6 +1765,7 @@ int main(
printf(" -regname regval specify registers to be set for the shemu context. Ignored if shemu is not used\n"); printf(" -regname regval specify registers to be set for the shemu context. Ignored if shemu is not used\n");
printf(" Examples of valid command line register naming: \"RegRax\" ; \"rax\" ; \"reg_rax\"\n"); printf(" Examples of valid command line register naming: \"RegRax\" ; \"rax\" ; \"reg_rax\"\n");
printf(" -k specify kernel mode for shemu emulation. Ignore if shemu is not specified.\n"); printf(" -k specify kernel mode for shemu emulation. Ignore if shemu is not specified.\n");
printf(" -bw bypass self-modifications for shemu emulation.\n");
printf(" -hl highlight instruction parts:\n"); printf(" -hl highlight instruction parts:\n");
printf(" -bits display the instruction bit fields"); printf(" -bits display the instruction bit fields");
SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE), SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),
@ -1847,6 +1856,10 @@ int main(
{ {
isKernel = 1; isKernel = 1;
} }
else if (argv[i][0] == '-' && argv[i][1] == 'b' && argv[i][2] == 'w' && argv[i][3] == 0)
{
bypassw = 1;
}
else if (0 == strcmp(argv[i], "-b16")) else if (0 == strcmp(argv[i], "-b16"))
{ {
mode = ND_CODE_16; mode = ND_CODE_16;
@ -1988,7 +2001,7 @@ int main(
} }
// Map the file. // Map the file.
buffer = MapViewOfFile(hMapping, FILE_MAP_ALL_ACCESS, 0, 0, 0); buffer = (BYTE *)MapViewOfFile(hMapping, FILE_MAP_ALL_ACCESS, 0, 0, 0);
if (NULL == buffer) if (NULL == buffer)
{ {
printf("Couldn't map the view for '%s': 0x%08x\n", argv[1], GetLastError()); printf("Couldn't map the view for '%s': 0x%08x\n", argv[1], GetLastError());
@ -2051,6 +2064,7 @@ int main(
options.Vendor = vend; options.Vendor = vend;
options.Feature = feat; options.Feature = feat;
options.Rip = rip; options.Rip = rip;
options.BypassSelfWrites = bypassw;
if (isShemu) if (isShemu)
{ {

8
inc/bddisasm.h
View File

@ -1449,6 +1449,10 @@ typedef struct _ND_CONTEXT
} ND_CONTEXT; } ND_CONTEXT;
#ifdef __cplusplus
extern "C" {
#endif
// //
// Returns the bddisasm version. // Returns the bddisasm version.
// //
@ -1559,6 +1563,10 @@ NdInitContext(
ND_CONTEXT *Context ND_CONTEXT *Context
); );
#ifdef __cplusplus
}
#endif
// #pragma warning(default: 4214) // Bitfield in type other than int. // #pragma warning(default: 4214) // Bitfield in type other than int.
// #pragma warning(default: 4201) // Nonstandard extension used: nameless struct/union. // #pragma warning(default: 4201) // Nonstandard extension used: nameless struct/union.
#ifdef _MSC_VER #ifdef _MSC_VER

7
inc/bdshemu.h
View File

@ -278,6 +278,10 @@ typedef unsigned int SHEMU_STATUS;
#define SHEMU_INTERNAL_BUFFER_SIZE(ctx) ((ctx)->ShellcodeSize + (ctx)->StackSize) #define SHEMU_INTERNAL_BUFFER_SIZE(ctx) ((ctx)->ShellcodeSize + (ctx)->StackSize)
#ifdef __cplusplus
extern "C" {
#endif
// //
// API // API
// //
@ -286,5 +290,8 @@ ShemuEmulate(
SHEMU_CONTEXT *Context SHEMU_CONTEXT *Context
); );
#ifdef __cplusplus
}
#endif
#endif // BDSHEMU_H #endif // BDSHEMU_H