forked from Popn_Tools/popnhax
ultra fast limits
This commit is contained in:
parent
a28dcbd882
commit
adadae9067
@ -24,6 +24,7 @@
|
||||
#define NUM_IDX 5
|
||||
|
||||
bst_t *g_xref_bst = NULL;
|
||||
bst_t *g_data_xref_bst = NULL;
|
||||
|
||||
typedef struct table_s {
|
||||
char *name;
|
||||
@ -76,41 +77,44 @@ uint32_t *find_binary_xref(char *data, DWORD dllSize, const char *search_pattern
|
||||
|
||||
uint32_t get_table_size_by_xref(char *data, DWORD data_size, uint32_t *ea, uint32_t entry_size)
|
||||
{
|
||||
fprintf(stderr, "get table size by xref\n");
|
||||
//fprintf(stderr, "get table size by xref\n");
|
||||
uint32_t *orig_ea = ea;
|
||||
// Skip 10 entries because why not. We're looking for the end anyway
|
||||
ea = (uint32_t*)((uint32_t)ea+(entry_size*10));
|
||||
|
||||
fprintf(stderr, "orig ea %p, entry size %u, ea %p\n", orig_ea, entry_size, ea);
|
||||
//fprintf(stderr, "orig ea %p, entry size %u, ea %p\n", orig_ea, entry_size, ea);
|
||||
bool found = false;
|
||||
|
||||
while (!found)
|
||||
{
|
||||
uint32_t curr_limit = (((uint32_t)ea)-((uint32_t)orig_ea))/entry_size;
|
||||
|
||||
uint32_t *as_int = (uint32_t*)&ea;
|
||||
//uint32_t curr_limit = (((uint32_t)ea)-((uint32_t)orig_ea))/entry_size;
|
||||
//fprintf(stderr, "limit candidate %u, looking for xref to %0X\n", curr_limit, *as_int);
|
||||
|
||||
if ( bst_search(g_xref_bst, *as_int) != NULL )
|
||||
{
|
||||
//fprintf(stderr, "found .text XREF in BST\n");
|
||||
found = true;
|
||||
} else {
|
||||
} else if ( bst_search(g_data_xref_bst, *as_int) != NULL )
|
||||
{
|
||||
//fprintf(stderr, "found .data XREF at addr %p\n", xref);
|
||||
found = true;
|
||||
} /* else {
|
||||
//look for Xref in data section
|
||||
char *as_hex = (char*)&ea;
|
||||
uint32_t *xref = find_binary(data, data_size, as_hex, 4, 0, 0);
|
||||
if ( xref != NULL )
|
||||
{
|
||||
//fprintf(stderr, "found .data XREF at addr %p\n", xref);
|
||||
fprintf(stderr, "found .data XREF at addr %p\n", xref);
|
||||
found = true;
|
||||
}
|
||||
}
|
||||
}*/
|
||||
|
||||
if (!found)
|
||||
ea = (uint32_t*)((uint32_t)ea+entry_size);
|
||||
}
|
||||
|
||||
fprintf(stderr, "found value %u (ea = %p, orig_ea = %p, entry size = %u)\n", ((((uint32_t)ea)-((uint32_t)orig_ea))/entry_size), ea, orig_ea, entry_size);
|
||||
//fprintf(stderr, "found value %u (ea = %p, orig_ea = %p, entry size = %u)\n", ((((uint32_t)ea)-((uint32_t)orig_ea))/entry_size), ea, orig_ea, entry_size);
|
||||
return (((uint32_t)ea)-((uint32_t)orig_ea))/entry_size;
|
||||
}
|
||||
|
||||
@ -121,26 +125,21 @@ void print_cb(x86_insn_t *insn, void *arg)
|
||||
fprintf(stderr,"%s\n", line);
|
||||
}
|
||||
|
||||
static void add_xref_to_bst(uint32_t addr)
|
||||
static void add_xref_to_bst(bst_t **bst, uint32_t addr)
|
||||
{
|
||||
if ( bst_search(g_xref_bst, addr) == NULL )
|
||||
if ( bst_search(*bst, addr) == NULL )
|
||||
{
|
||||
//LOG("added addr %0X to BST\n", addr);
|
||||
g_xref_bst = bst_insert(g_xref_bst, addr);
|
||||
*bst = bst_insert(*bst, addr);
|
||||
}
|
||||
}
|
||||
|
||||
void add_xref(x86_insn_t *insn, void *arg)
|
||||
{
|
||||
//char line[LINE_SIZE]; /* buffer of line to print */
|
||||
//x86_format_insn(insn, line, LINE_SIZE, intel_syntax);
|
||||
//LOG("%s\n", line);
|
||||
//LOG("it has %u operands\n", insn->operand_count);
|
||||
|
||||
uint32_t addr = x86_get_address(insn);
|
||||
if ( addr != 0 )
|
||||
{
|
||||
add_xref_to_bst(addr);
|
||||
add_xref_to_bst(&g_xref_bst, addr);
|
||||
//LOG("found ref to %0X at ea %0X\n", addr, insn->addr);
|
||||
//fprintf(stderr, "\n");
|
||||
return;
|
||||
@ -152,7 +151,7 @@ void add_xref(x86_insn_t *insn, void *arg)
|
||||
{
|
||||
x86_ea_t exp = op->data.expression;
|
||||
// LOG("(expression) disp is %0X\n", exp.disp);
|
||||
add_xref_to_bst(exp.disp);
|
||||
add_xref_to_bst(&g_xref_bst, exp.disp);
|
||||
}
|
||||
|
||||
op = x86_operand_2nd(insn);
|
||||
@ -160,7 +159,7 @@ void add_xref(x86_insn_t *insn, void *arg)
|
||||
{
|
||||
x86_ea_t exp = op->data.expression;
|
||||
// LOG("(expression) disp is %0X\n", exp.disp);
|
||||
add_xref_to_bst(exp.disp);
|
||||
add_xref_to_bst(&g_xref_bst, exp.disp);
|
||||
}
|
||||
|
||||
op = x86_operand_3rd(insn);
|
||||
@ -168,12 +167,9 @@ void add_xref(x86_insn_t *insn, void *arg)
|
||||
{
|
||||
x86_ea_t exp = op->data.expression;
|
||||
// LOG("(expression) disp is %0X\n", exp.disp);
|
||||
add_xref_to_bst(exp.disp);
|
||||
add_xref_to_bst(&g_xref_bst, exp.disp);
|
||||
}
|
||||
|
||||
|
||||
/* bst_search(g_xref_bst, idx) == NULL */
|
||||
|
||||
}
|
||||
|
||||
bool make_omnimix_patch(const char *dllFilename){
|
||||
@ -218,13 +214,33 @@ for (WORD SectionIndex = 0; SectionIndex < headers->FileHeader.NumberOfSections;
|
||||
LOG("data section size %lX, addr %p, beginning %02X %02X %02X %02X\n", data_size, data, data[0], data[1], data[2], data[3]);
|
||||
LOG("rdata section size %lX, addr %p, beginning %02X %02X %02X %02X\n", rdata_size, rdata, rdata[0], rdata[1], rdata[2], rdata[3]);
|
||||
|
||||
// disassemble .text section and add all xrefs to our BST
|
||||
LOG("START DISASSEMBLY\n");
|
||||
//add all data xrefs to BST (take anything which looks like 0x10****** in .data section)
|
||||
{
|
||||
LOG("Parsing .data section... ");
|
||||
uint32_t *data_ea = 0;
|
||||
while (true)
|
||||
{
|
||||
int64_t pattern_offset = search(data, data_size -((uint32_t) data_ea)-1, "\x10", 1, ((uint32_t) data_ea)+1);
|
||||
if (pattern_offset == -1)
|
||||
break;
|
||||
|
||||
data_ea = (uint32_t *) ((uint32_t)data + pattern_offset - 3);
|
||||
uint32_t *as_int = (uint32_t*)data_ea;
|
||||
|
||||
//LOG("found %X at offset %p\n", *as_int, data_ea);
|
||||
//LOG("adding %X to data bst\n", *as_int);
|
||||
add_xref_to_bst(&g_data_xref_bst, *as_int);
|
||||
data_ea = (uint32_t *) (pattern_offset);
|
||||
}
|
||||
LOG("done\n");
|
||||
}
|
||||
|
||||
// disassemble .text section and add all xrefs to BST
|
||||
LOG("Disassemble .text section... ");
|
||||
x86_init(opt_none, NULL, NULL);
|
||||
unsigned int num_insn = x86_disasm_range( (unsigned char *)text, (uint32_t) buf, 0, text_size, &add_xref, NULL);
|
||||
|
||||
LOG("parsed %u instructions\n", num_insn);
|
||||
LOG("END DISASSEMBLY\n");
|
||||
LOG("done (%u instructions)\n", num_insn);
|
||||
|
||||
x86_cleanup();
|
||||
/* instruction table is done */
|
||||
|
Loading…
Reference in New Issue
Block a user