From 7136b64c6cc079190cc756936bcd007692ad0a5b Mon Sep 17 00:00:00 2001
From: Eugen Podrug <eugen.podrug@ubisoft.com>
Date: Mon, 23 Sep 2024 16:47:52 +0200
Subject: [PATCH] bdshemu: Fix edge case with unsupported instrs

Fixes https://github.com/bitdefender/bddisasm/issues/106
---
 bdshemu/bdshemu_x86.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/bdshemu/bdshemu_x86.c b/bdshemu/bdshemu_x86.c
index ee18b94..c174c12 100644
--- a/bdshemu/bdshemu_x86.c
+++ b/bdshemu/bdshemu_x86.c
@@ -1793,13 +1793,6 @@ ShemuX86Emulate(
         nd_memzero(&dst, sizeof(dst));
         nd_memzero(&src, sizeof(src));
 
-        // The stop flag has been set, this means we've reached a valid instruction, but that instruction cannot be
-        // emulated (for example, SYSCALL, INT, system instructions, etc).
-        if (stop)
-        {
-            return SHEMU_ABORT_CANT_EMULATE;
-        }
-
         // If we already have a detection and we wish to stop on detections, do so now.
         if ((0 != Context->Flags) && (0 != (Context->Options & SHEMU_OPT_STOP_ON_EXPLOIT)))
         {
@@ -1942,7 +1935,7 @@ ShemuX86Emulate(
                 }
             }
 
-            continue;
+            goto post_emulate;
         }
 
         // This flag can only be set for APX instructions.
@@ -3557,6 +3550,14 @@ check_far_branch:
 
             break;
         }
+
+post_emulate:
+        // The stop flag has been set, this means we've reached a valid instruction, but that instruction cannot be
+        // emulated (for example, SYSCALL, INT, system instructions, etc).
+        if (stop)
+        {
+            return SHEMU_ABORT_CANT_EMULATE;
+        }
     }
 
     // Minimum percent of the instructions were NOPs => consider we have a NOP sled. Note that we get here only if