diff --git a/src/common/platform/kernel_mapped.hpp b/src/common/platform/kernel_mapped.hpp index 5dca4e62..c173f574 100644 --- a/src/common/platform/kernel_mapped.hpp +++ b/src/common/platform/kernel_mapped.hpp @@ -19,13 +19,13 @@ typedef struct _EMU_NT_TIB64 { - struct _EXCEPTION_REGISTRATION_RECORD* ExceptionList; - std::uint64_t* StackBase; - std::uint64_t* StackLimit; - std::uint64_t* SubSystemTib; - std::uint64_t* FibreData; - std::uint64_t* ArbitraryUserPointer; - struct _EMU_NT_TIB64* Self; + EMULATOR_CAST(std::uint64_t, struct _EXCEPTION_REGISTRATION_RECORD*) ExceptionList; + std::uint64_t StackBase; + std::uint64_t StackLimit; + std::uint64_t SubSystemTib; + std::uint64_t FibreData; + std::uint64_t ArbitraryUserPointer; + EMULATOR_CAST(std::uint64_t, struct _EMU_NT_TIB64*) Self; } EMU_NT_TIB64; typedef EMU_NT_TIB64* PEMU_NT_TIB64; @@ -65,17 +65,14 @@ typedef struct _PEB_LDR_DATA64 LIST_ENTRY64 InLoadOrderModuleList; LIST_ENTRY64 InMemoryOrderModuleList; LIST_ENTRY64 InInitializationOrderModuleList; - std::uint64_t* EntryInProgress; + std::uint64_t EntryInProgress; BOOLEAN ShutdownInProgress; EmulatorTraits::HANDLE ShutdownThreadId; } PEB_LDR_DATA64, *PPEB_LDR_DATA64; -typedef struct _STRING64 -{ - USHORT Length; - USHORT MaximumLength; - char16_t* Buffer; -} STRING64, *PSTRING64, ANSI_STRING64, *PANSI_STRING64, OEM_STRING64, *POEM_STRING64; +using STRING64 = UNICODE_STRING>; +using ANSI_STRING64 = STRING64; +using OEM_STRING64 = STRING64; typedef struct _RTL_DRIVE_LETTER_CURDIR64 { @@ -118,7 +115,7 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS64 UNICODE_STRING> DllPath; UNICODE_STRING> ImagePathName; UNICODE_STRING> CommandLine; - std::uint64_t* Environment; + std::uint64_t Environment; ULONG StartingX; ULONG StartingY; @@ -136,21 +133,23 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS64 UNICODE_STRING> RuntimeData; ARRAY_CONTAINER CurrentDirectories; - std::uint64_t* EnvironmentSize; - std::uint64_t* EnvironmentVersion; + std::uint64_t EnvironmentSize; + std::uint64_t EnvironmentVersion; - std::uint64_t* PackageDependencyData; + std::uint64_t PackageDependencyData; ULONG ProcessGroupId; ULONG LoaderThreads; UNICODE_STRING> RedirectionDllName; // REDSTONE4 UNICODE_STRING> HeapPartitionName; // 19H1 - std::uint64_t* DefaultThreadpoolCpuSetMasks; + std::uint64_t DefaultThreadpoolCpuSetMasks; ULONG DefaultThreadpoolCpuSetMaskCount; ULONG DefaultThreadpoolThreadMaximum; ULONG HeapMemoryTypeMask; // WIN11 } RTL_USER_PROCESS_PARAMETERS64, *PRTL_USER_PROCESS_PARAMETERS64; +static_assert(sizeof(RTL_USER_PROCESS_PARAMETERS64) == 0x448); + union PEB_CROSS_PROCESS_FLAGS_UNION { ULONG CrossProcessFlags; @@ -171,8 +170,8 @@ union PEB_CROSS_PROCESS_FLAGS_UNION union PEB_KERNEL_CALLBACK_TABLE_UNION64 { - void* KernelCallbackTable; - void* UserSharedInfoPtr; + std::uint64_t KernelCallbackTable; + std::uint64_t UserSharedInfoPtr; }; typedef struct _API_SET_NAMESPACE @@ -253,26 +252,26 @@ typedef struct _PEB64 EmulatorTraits::HANDLE Mutant; std::uint64_t ImageBaseAddress; - PPEB_LDR_DATA64 Ldr; - PRTL_USER_PROCESS_PARAMETERS64 ProcessParameters; - std::uint64_t* SubSystemData; - std::uint64_t* ProcessHeap; - EMULATOR_CAST(void*, PRTL_CRITICAL_SECTION) FastPebLock; - EMULATOR_CAST(void*, PSLIST_HEADER) AtlThunkSListPtr; - std::uint64_t* IFEOKey; + EMULATOR_CAST(std::uint64_t, PPEB_LDR_DATA64) Ldr; + EMULATOR_CAST(std::uint64_t, PRTL_USER_PROCESS_PARAMETERS64) ProcessParameters; + std::uint64_t SubSystemData; + std::uint64_t ProcessHeap; + EMULATOR_CAST(std::uint64_t, PRTL_CRITICAL_SECTION) FastPebLock; + EMULATOR_CAST(std::uint64_t, PSLIST_HEADER) AtlThunkSListPtr; + std::uint64_t IFEOKey; PEB_CROSS_PROCESS_FLAGS_UNION CrossProcessFlags; PEB_KERNEL_CALLBACK_TABLE_UNION64 KernelCallbackTable; ULONG SystemReserved; ULONG AtlThunkSListPtr32; - PAPI_SET_NAMESPACE ApiSetMap; + EMULATOR_CAST(std::uint64_t, PAPI_SET_NAMESPACE) ApiSetMap; ULONG TlsExpansionCounter; - EMULATOR_CAST(void*, PRTL_BITMAP) TlsBitmap; + EMULATOR_CAST(std::uint64_t, PRTL_BITMAP) TlsBitmap; ARRAY_CONTAINER TlsBitmapBits; // TLS_MINIMUM_AVAILABLE - void* ReadOnlySharedMemoryBase; - EMULATOR_CAST(void*, PSILO_USER_SHARED_DATA) SharedData; // HotpatchInformation - std::uint64_t** ReadOnlyStaticServerData; + std::uint64_t ReadOnlySharedMemoryBase; + EMULATOR_CAST(std::uint64_t, PSILO_USER_SHARED_DATA) SharedData; // HotpatchInformation + std::uint64_t ReadOnlyStaticServerData; EMULATOR_CAST(EmulatorTraits::PVOID, PCPTABLEINFO) AnsiCodePageData; // PCPTABLEINFO EMULATOR_CAST(EmulatorTraits::PVOID, PCPTABLEINFO) OemCodePageData; // PCPTABLEINFO @@ -289,13 +288,13 @@ typedef struct _PEB64 ULONG NumberOfHeaps; ULONG MaximumNumberOfHeaps; - std::uint64_t** ProcessHeaps; // PHEAP + std::uint64_t ProcessHeaps; // PHEAP std::uint64_t GdiSharedHandleTable; // PGDI_SHARED_MEMORY - std::uint64_t* ProcessStarterHelper; + std::uint64_t ProcessStarterHelper; ULONG GdiDCAttributeList; - EMULATOR_CAST(void*, PRTL_CRITICAL_SECTION) LoaderLock; + EMULATOR_CAST(std::uint64_t, PRTL_CRITICAL_SECTION) LoaderLock; ULONG OSMajorVersion; ULONG OSMinorVersion; @@ -307,30 +306,30 @@ typedef struct _PEB64 ULONG ImageSubsystemMinorVersion; EMULATOR_CAST(std::uint64_t, KAFFINITY) ActiveProcessAffinityMask; ARRAY_CONTAINER GdiHandleBuffer; - std::uint64_t* PostProcessInitRoutine; + std::uint64_t PostProcessInitRoutine; - EMULATOR_CAST(void*, PRTL_BITMAP) TlsExpansionBitmap; + EMULATOR_CAST(std::uint64_t, PRTL_BITMAP) TlsExpansionBitmap; ARRAY_CONTAINER TlsExpansionBitmapBits; // TLS_EXPANSION_SLOTS ULONG SessionId; ULARGE_INTEGER AppCompatFlags; // KACF_* ULARGE_INTEGER AppCompatFlagsUser; - std::uint64_t* pShimData; - std::uint64_t* AppCompatInfo; // APPCOMPAT_EXE_DATA + std::uint64_t pShimData; + std::uint64_t AppCompatInfo; // APPCOMPAT_EXE_DATA UNICODE_STRING> CSDVersion; - EMULATOR_CAST(void*, PACTIVATION_CONTEXT_DATA) ActivationContextData; - EMULATOR_CAST(void*, PASSEMBLY_STORAGE_MAP) ProcessAssemblyStorageMap; - EMULATOR_CAST(void*, PACTIVATION_CONTEXT_DATA) SystemDefaultActivationContextData; - EMULATOR_CAST(void*, PASSEMBLY_STORAGE_MAP) SystemAssemblyStorageMap; + EMULATOR_CAST(std::uint64_t, PACTIVATION_CONTEXT_DATA) ActivationContextData; + EMULATOR_CAST(std::uint64_t, PASSEMBLY_STORAGE_MAP) ProcessAssemblyStorageMap; + EMULATOR_CAST(std::uint64_t, PACTIVATION_CONTEXT_DATA) SystemDefaultActivationContextData; + EMULATOR_CAST(std::uint64_t, PASSEMBLY_STORAGE_MAP) SystemAssemblyStorageMap; - EMULATOR_CAST(std::int64_t, SIZE_T) MinimumStackCommit; + EMULATOR_CAST(std::uint64_t, SIZE_T) MinimumStackCommit; - ARRAY_CONTAINER SparePointers; // 19H1 (previously FlsCallback to FlsHighIndex) - std::uint64_t* PatchLoaderData; - std::uint64_t* ChpeV2ProcessInfo; // _CHPEV2_PROCESS_INFO + ARRAY_CONTAINER SparePointers; // 19H1 (previously FlsCallback to FlsHighIndex) + std::uint64_t PatchLoaderData; + std::uint64_t ChpeV2ProcessInfo; // _CHPEV2_PROCESS_INFO ULONG AppModelFeatureState; ARRAY_CONTAINER SpareUlongs; @@ -340,40 +339,42 @@ typedef struct _PEB64 USHORT UseCaseMapping; USHORT UnusedNlsField; - std::uint64_t* WerRegistrationData; - std::uint64_t* WerShipAssertPtr; + std::uint64_t WerRegistrationData; + std::uint64_t WerShipAssertPtr; PEB_CONTEXT_DATA_UNION64 ContextData; - std::uint64_t* pImageHeaderHash; + std::uint64_t pImageHeaderHash; PEB_TRACING_FLAGS_UNION TracingFlags; ULONGLONG CsrServerReadOnlySharedMemoryBase; - EMULATOR_CAST(void*, PRTL_CRITICAL_SECTION) TppWorkerpListLock; + EMULATOR_CAST(std::uint64_t, PRTL_CRITICAL_SECTION) TppWorkerpListLock; LIST_ENTRY64 TppWorkerpList; - ARRAY_CONTAINER WaitOnAddressHashTable; - EMULATOR_CAST(void*, PTELEMETRY_COVERAGE_HEADER) TelemetryCoverageHeader; // REDSTONE3 + ARRAY_CONTAINER WaitOnAddressHashTable; + EMULATOR_CAST(std::uint64_t, PTELEMETRY_COVERAGE_HEADER) TelemetryCoverageHeader; // REDSTONE3 ULONG CloudFileFlags; ULONG CloudFileDiagFlags; // REDSTONE4 CHAR PlaceholderCompatibilityMode; ARRAY_CONTAINER PlaceholderCompatibilityModeReserved; - EMULATOR_CAST(void*, PLEAP_SECOND_DATA) LeapSecondData; // REDSTONE5 + EMULATOR_CAST(std::uint64_t, PLEAP_SECOND_DATA) LeapSecondData; // REDSTONE5 PEB_LEAP_SECONDS_FLAG_UNION LeapSecondFlags; ULONG NtGlobalFlag2; ULONGLONG ExtendedFeatureDisableMask; // since WIN11 } PEB64, *PPEB64; +static_assert(sizeof(PEB64) == 0x7D0); + typedef struct _RTL_ACTIVATION_CONTEXT_STACK_FRAME64 { struct _RTL_ACTIVATION_CONTEXT_STACK_FRAME* Previous; - EMULATOR_CAST(void*, ACTIVATION_CONTEXT) ActivationContext; + EMULATOR_CAST(std::uint64_t, ACTIVATION_CONTEXT) ActivationContext; ULONG Flags; // RTL_ACTIVATION_CONTEXT_STACK_FRAME_FLAG_* } RTL_ACTIVATION_CONTEXT_STACK_FRAME64, *PRTL_ACTIVATION_CONTEXT_STACK_FRAME64; typedef struct _ACTIVATION_CONTEXT_STACK64 { - PRTL_ACTIVATION_CONTEXT_STACK_FRAME64 ActiveFrame; + EMULATOR_CAST(std::uint64_t, PRTL_ACTIVATION_CONTEXT_STACK_FRAME64) ActiveFrame; LIST_ENTRY64 FrameListCache; ULONG Flags; // ACTIVATION_CONTEXT_STACK_FLAG_* ULONG NextCookieSequenceNumber; @@ -383,7 +384,7 @@ typedef struct _ACTIVATION_CONTEXT_STACK64 typedef struct _GDI_TEB_BATCH64 { ULONG Offset; - std::uint64_t* HDC; + std::uint64_t HDC; ULONG Buffer[GDI_BATCH_BUFFER_SIZE]; } GDI_TEB_BATCH64, *PGDI_TEB_BATCH64; @@ -458,25 +459,25 @@ typedef struct _TEB64 { EMU_NT_TIB64 NtTib; - std::uint64_t* EnvironmentPointer; + std::uint64_t EnvironmentPointer; CLIENT_ID64 ClientId; - std::uint64_t* ActiveRpcHandle; - std::uint64_t* ThreadLocalStoragePointer; - PPEB64 ProcessEnvironmentBlock; + std::uint64_t ActiveRpcHandle; + std::uint64_t ThreadLocalStoragePointer; + EMULATOR_CAST(std::uint64_t, PPEB64) ProcessEnvironmentBlock; ULONG LastErrorValue; ULONG CountOfOwnedCriticalSections; - std::uint64_t* CsrClientThread; - std::uint64_t* Win32ThreadInfo; + std::uint64_t CsrClientThread; + std::uint64_t Win32ThreadInfo; ARRAY_CONTAINER User32Reserved; ARRAY_CONTAINER UserReserved; - std::uint64_t* WOW32Reserved; + std::uint64_t WOW32Reserved; LCID CurrentLocale; ULONG FpSoftwareStatusRegister; - ARRAY_CONTAINER ReservedForDebuggerInstrumentation; - ARRAY_CONTAINER SystemReserved1; - std::uint64_t* HeapFlsData; - ARRAY_CONTAINER RngState; + ARRAY_CONTAINER ReservedForDebuggerInstrumentation; + ARRAY_CONTAINER SystemReserved1; + std::uint64_t HeapFlsData; + ARRAY_CONTAINER RngState; CHAR PlaceholderCompatibilityMode; BOOLEAN PlaceholderHydrationAlwaysExplicit; ARRAY_CONTAINER PlaceholderReserved; @@ -488,10 +489,10 @@ typedef struct _TEB64 NTSTATUS ExceptionCode; - PACTIVATION_CONTEXT_STACK64 ActivationContextStackPointer; - std::uint64_t* InstrumentationCallbackSp; - std::uint64_t* InstrumentationCallbackPreviousPc; - std::uint64_t* InstrumentationCallbackPreviousSp; + EMULATOR_CAST(std::uint64_t, PACTIVATION_CONTEXT_STACK64) ActivationContextStackPointer; + std::uint64_t InstrumentationCallbackSp; + std::uint64_t InstrumentationCallbackPreviousPc; + std::uint64_t InstrumentationCallbackPreviousSp; ULONG TxFsContext; BOOLEAN InstrumentationCallbackDisabled; BOOLEAN UnalignedLoadStoreExceptions; @@ -500,89 +501,91 @@ typedef struct _TEB64 EmulatorTraits::HANDLE GdiCachedProcessHandle; ULONG GdiClientPID; ULONG GdiClientTID; - std::uint64_t* GdiThreadLocalInfo; - ARRAY_CONTAINER Win32ClientInfo; + std::uint64_t GdiThreadLocalInfo; + ARRAY_CONTAINER Win32ClientInfo; - ARRAY_CONTAINER glDispatchTable; - ARRAY_CONTAINER glReserved1; - std::uint64_t* glReserved2; - std::uint64_t* glSectionInfo; - std::uint64_t* glSection; - std::uint64_t* glTable; - std::uint64_t* glCurrentRC; - std::uint64_t* glContext; + ARRAY_CONTAINER glDispatchTable; + ARRAY_CONTAINER glReserved1; + std::uint64_t glReserved2; + std::uint64_t glSectionInfo; + std::uint64_t glSection; + std::uint64_t glTable; + std::uint64_t glCurrentRC; + std::uint64_t glContext; NTSTATUS LastStatusValue; UNICODE_STRING> StaticUnicodeString; ARRAY_CONTAINER StaticUnicodeBuffer; - std::uint64_t* DeallocationStack; + std::uint64_t DeallocationStack; - ARRAY_CONTAINER TlsSlots; + ARRAY_CONTAINER TlsSlots; LIST_ENTRY64 TlsLinks; - std::uint64_t* Vdm; - std::uint64_t* ReservedForNtRpc; - ARRAY_CONTAINER DbgSsReserved; + std::uint64_t Vdm; + std::uint64_t ReservedForNtRpc; + ARRAY_CONTAINER DbgSsReserved; ULONG HardErrorMode; - ARRAY_CONTAINER Instrumentation; + ARRAY_CONTAINER Instrumentation; GUID ActivityId; - std::uint64_t* SubProcessTag; - std::uint64_t* PerflibData; - std::uint64_t* EtwTraceData; - std::uint64_t* WinSockData; + std::uint64_t SubProcessTag; + std::uint64_t PerflibData; + std::uint64_t EtwTraceData; + std::uint64_t WinSockData; ULONG GdiBatchCount; TEB_CURRENT_IDEAL_PROCESSOR_UNION CurrentIdealProcessor; ULONG GuaranteedStackBytes; - std::uint64_t* ReservedForPerf; - std::uint64_t* ReservedForOle; // tagSOleTlsData + std::uint64_t ReservedForPerf; + std::uint64_t ReservedForOle; // tagSOleTlsData ULONG WaitingOnLoaderLock; - std::uint64_t* SavedPriorityState; - std::uint64_t* ReservedForCodeCoverage; - std::uint64_t* ThreadPoolData; - std::uint64_t** TlsExpansionSlots; - std::uint64_t* ChpeV2CpuAreaInfo; // CHPEV2_CPUAREA_INFO // previously DeallocationBStore - std::uint64_t* Unused; // previously BStoreLimit + std::uint64_t SavedPriorityState; + std::uint64_t ReservedForCodeCoverage; + std::uint64_t ThreadPoolData; + std::uint64_t TlsExpansionSlots; + std::uint64_t ChpeV2CpuAreaInfo; // CHPEV2_CPUAREA_INFO // previously DeallocationBStore + std::uint64_t Unused; // previously BStoreLimit ULONG MuiGeneration; ULONG IsImpersonating; - std::uint64_t* NlsCache; - std::uint64_t* pShimData; + std::uint64_t NlsCache; + std::uint64_t pShimData; ULONG HeapData; EmulatorTraits::HANDLE CurrentTransactionHandle; - EMULATOR_CAST(void*, PTEB_ACTIVE_FRAME) ActiveFrame; - std::uint64_t* FlsData; + EMULATOR_CAST(std::uint64_t, PTEB_ACTIVE_FRAME) ActiveFrame; + std::uint64_t FlsData; - std::uint64_t* PreferredLanguages; - std::uint64_t* UserPrefLanguages; - std::uint64_t* MergedPrefLanguages; + std::uint64_t PreferredLanguages; + std::uint64_t UserPrefLanguages; + std::uint64_t MergedPrefLanguages; ULONG MuiImpersonation; TEB_CROSS_TEB_FLAGS_UNION CrossTebFlags; TEB_SAME_TEB_FLAGS_UNION SameTebFlags; - std::uint64_t* TxnScopeEnterCallback; - std::uint64_t* TxnScopeExitCallback; - std::uint64_t* TxnScopeContext; + std::uint64_t TxnScopeEnterCallback; + std::uint64_t TxnScopeExitCallback; + std::uint64_t TxnScopeContext; ULONG LockCount; LONG WowTebOffset; - std::uint64_t* ResourceRetValue; - std::uint64_t* ReservedForWdf; + std::uint64_t ResourceRetValue; + std::uint64_t ReservedForWdf; ULONGLONG ReservedForCrt; GUID EffectiveContainerId; ULONGLONG LastSleepCounter; // Win11 ULONG SpinCallCount; ULONGLONG ExtendedFeatureDisableMask; - std::uint64_t* SchedulerSharedDataSlot; // 24H2 - std::uint64_t* HeapWalkContext; + std::uint64_t SchedulerSharedDataSlot; // 24H2 + std::uint64_t HeapWalkContext; EMU_GROUP_AFFINITY64 PrimaryGroupAffinity; ARRAY_CONTAINER Rcu; } TEB64, *PTEB64; +static_assert(sizeof(TEB64) == 0x1878); + #if defined(OS_WINDOWS) && defined(_WIN64) inline TEB64* NtCurrentTeb64() { @@ -838,7 +841,7 @@ struct PS_ATTRIBUTE typename Traits::PVOID ValuePtr; }; - typename Traits::SIZE_T* ReturnLength; + EMULATOR_CAST(uint64_t, typename Traits::SIZE_T*) ReturnLength; }; template @@ -862,7 +865,7 @@ typedef struct _SYSTEM_TIMEOFDAY_INFORMATION64 typedef struct _PROCESS_BASIC_INFORMATION64 { NTSTATUS ExitStatus; - PPEB64 PebBaseAddress; + EMULATOR_CAST(uint64_t, PPEB64) PebBaseAddress; EMULATOR_CAST(std::uint64_t, KAFFINITY) AffinityMask; EMULATOR_CAST(std::uint32_t, KPRIORITY) BasePriority; EMULATOR_CAST(std::uint64_t, HANDLE) UniqueProcessId; @@ -883,7 +886,7 @@ struct THREAD_TLS_INFO union { - EmulatorTraits::PVOID* TlsVector; + EmulatorTraits::PVOID TlsVector; EmulatorTraits::PVOID TlsModulePointer; }; diff --git a/src/common/platform/threading.hpp b/src/common/platform/threading.hpp index de430220..4fe7deaf 100644 --- a/src/common/platform/threading.hpp +++ b/src/common/platform/threading.hpp @@ -76,7 +76,7 @@ struct THREAD_NAME_INFORMATION typedef struct _THREAD_BASIC_INFORMATION64 { NTSTATUS ExitStatus; - PTEB64 TebBaseAddress; + EMULATOR_CAST(uint64_t, PTEB64) TebBaseAddress; CLIENT_ID64 ClientId; EMULATOR_CAST(std::uint64_t, KAFFINITY) AffinityMask; EMULATOR_CAST(std::uint32_t, KPRIORITY) Priority; diff --git a/src/tools/dump-apiset/dump-apiset.cpp b/src/tools/dump-apiset/dump-apiset.cpp index 548e0bec..8b18741f 100644 --- a/src/tools/dump-apiset/dump-apiset.cpp +++ b/src/tools/dump-apiset/dump-apiset.cpp @@ -22,7 +22,7 @@ int main() printf("------------\n\n"); const auto peb = static_cast(GetCurrentProcessPeb()); - const auto api_set_map = peb->ApiSetMap; + const auto api_set_map = reinterpret_cast(peb->ApiSetMap); printf("APISET: 0x%p\n", api_set_map); printf("Version: %d\n", api_set_map->Version); diff --git a/src/windows-emulator/apiset/apiset.cpp b/src/windows-emulator/apiset/apiset.cpp index 7006f4a7..53492205 100644 --- a/src/windows-emulator/apiset/apiset.cpp +++ b/src/windows-emulator/apiset/apiset.cpp @@ -59,10 +59,11 @@ namespace apiset { #ifdef OS_WINDOWS_64 case location::host: { - const auto apiSetMap = - reinterpret_cast(NtCurrentTeb64()->ProcessEnvironmentBlock->ApiSetMap); - const auto* dataPtr = reinterpret_cast(apiSetMap); - return {dataPtr, dataPtr + apiSetMap->Size}; + const auto* teb = NtCurrentTeb64(); + const auto* peb = reinterpret_cast(teb->ProcessEnvironmentBlock); + const auto* api_set_map = reinterpret_cast(peb->ApiSetMap); + const auto* data_ptr = reinterpret_cast(api_set_map); + return {data_ptr, data_ptr + api_set_map->Size}; } #else case location::host: diff --git a/src/windows-emulator/emulator_thread.cpp b/src/windows-emulator/emulator_thread.cpp index 6425a1d7..c3f86a34 100644 --- a/src/windows-emulator/emulator_thread.cpp +++ b/src/windows-emulator/emulator_thread.cpp @@ -111,10 +111,10 @@ emulator_thread::emulator_thread(memory_manager& memory, const process_context& teb_obj.ClientId.UniqueProcess = 1ul; teb_obj.ClientId.UniqueThread = static_cast(this->id); - teb_obj.NtTib.StackLimit = reinterpret_cast(this->stack_base); - teb_obj.NtTib.StackBase = reinterpret_cast(this->stack_base + this->stack_size); - teb_obj.NtTib.Self = &this->teb->ptr()->NtTib; - teb_obj.ProcessEnvironmentBlock = context.peb.ptr(); + teb_obj.NtTib.StackLimit = this->stack_base; + teb_obj.NtTib.StackBase = this->stack_base + this->stack_size; + teb_obj.NtTib.Self = this->teb->value(); + teb_obj.ProcessEnvironmentBlock = context.peb.value(); }); } diff --git a/src/windows-emulator/emulator_utils.hpp b/src/windows-emulator/emulator_utils.hpp index e32c803c..ef7b9459 100644 --- a/src/windows-emulator/emulator_utils.hpp +++ b/src/windows-emulator/emulator_utils.hpp @@ -95,11 +95,6 @@ class emulator_object return this->value() + this->size(); } - T* ptr() const - { - return reinterpret_cast(this->address_); - } - explicit operator bool() const { return this->address_ != 0; @@ -221,11 +216,11 @@ class emulator_allocator return emulator_object(*this->memory_, potential_start); } - char16_t* copy_string(const std::u16string_view str) + uint64_t copy_string(const std::u16string_view str) { UNICODE_STRING> uc_str{}; this->make_unicode_string(uc_str, str); - return reinterpret_cast(uc_str.Buffer); + return uc_str.Buffer; } void make_unicode_string(UNICODE_STRING>& result, const std::u16string_view str, diff --git a/src/windows-emulator/exception_dispatch.cpp b/src/windows-emulator/exception_dispatch.cpp index 3eae5182..b3bd0b3f 100644 --- a/src/windows-emulator/exception_dispatch.cpp +++ b/src/windows-emulator/exception_dispatch.cpp @@ -33,7 +33,7 @@ namespace } record_obj.access([&](exception_record& r) { - r.ExceptionRecord = reinterpret_cast::PVOID>(nested_record_obj.ptr()); + r.ExceptionRecord = nested_record_obj.value(); // }); } diff --git a/src/windows-emulator/process_context.cpp b/src/windows-emulator/process_context.cpp index bb720ec4..b8d22677 100644 --- a/src/windows-emulator/process_context.cpp +++ b/src/windows-emulator/process_context.cpp @@ -65,7 +65,7 @@ void process_context::setup(x64_emulator& emu, memory_manager& memory, const app proc_params.StandardInput = STDIN_HANDLE.h; proc_params.StandardError = proc_params.StandardOutput; - proc_params.Environment = reinterpret_cast(allocator.copy_string(u"=::=::\\")); + proc_params.Environment = allocator.copy_string(u"=::=::\\"); allocator.copy_string(u"EMULATOR=1"); allocator.copy_string(u"COMPUTERNAME=momo"); allocator.copy_string(u"SystemRoot=C:\\WINDOWS"); @@ -95,11 +95,11 @@ void process_context::setup(x64_emulator& emu, memory_manager& memory, const app this->peb.access([&](PEB64& p) { p.BeingDebugged = 0; p.ImageBaseAddress = executable.image_base; - p.ProcessParameters = this->process_params.ptr(); - p.ApiSetMap = apiset::clone(emu, allocator, apiset_container).ptr(); + p.ProcessParameters = this->process_params.value(); + p.ApiSetMap = apiset::clone(emu, allocator, apiset_container).value(); - p.ProcessHeap = nullptr; - p.ProcessHeaps = nullptr; + p.ProcessHeap = 0; + p.ProcessHeaps = 0; p.HeapSegmentReserve = 0x0000000000100000; // TODO: Read from executable p.HeapSegmentCommit = 0x0000000000002000; p.HeapDeCommitTotalFreeThreshold = 0x0000000000010000; @@ -235,4 +235,4 @@ handle process_context::create_thread(memory_manager& memory, const uint64_t sta auto [h, thr] = this->threads.store_and_get(std::move(t)); this->callbacks_->on_create_thread(h, *thr); return h; -} \ No newline at end of file +} diff --git a/src/windows-emulator/syscalls/process.cpp b/src/windows-emulator/syscalls/process.cpp index 7075fa34..dc648a8d 100644 --- a/src/windows-emulator/syscalls/process.cpp +++ b/src/windows-emulator/syscalls/process.cpp @@ -212,7 +212,7 @@ namespace syscalls const emulator_object info{c.emu, process_information}; info.access([&](PROCESS_BASIC_INFORMATION64& basic_info) { - basic_info.PebBaseAddress = c.proc.peb.ptr(); + basic_info.PebBaseAddress = c.proc.peb.value(); basic_info.UniqueProcessId = 1; }); @@ -306,11 +306,12 @@ namespace syscalls thread_iterator->second.teb->access([&](TEB64& teb) { entry.ThreadId = teb.ClientId.UniqueThread; - auto* tls_vector = teb.ThreadLocalStoragePointer; + const auto tls_vector = teb.ThreadLocalStoragePointer; + constexpr auto ptr_size = sizeof(EmulatorTraits::PVOID); if (tls_info.TlsRequest == ProcessTlsReplaceIndex) { - auto* tls_entry_ptr = tls_vector + tls_info.TlsIndex; + const auto tls_entry_ptr = tls_vector + (tls_info.TlsIndex * ptr_size); const auto old_entry = c.emu.read_memory::PVOID>(tls_entry_ptr); c.emu.write_memory::PVOID>(tls_entry_ptr, entry.TlsModulePointer); @@ -319,12 +320,12 @@ namespace syscalls } else if (tls_info.TlsRequest == ProcessTlsReplaceVector) { - auto* new_tls_vector = entry.TlsVector; + const auto new_tls_vector = entry.TlsVector; for (uint32_t index = 0; index < tls_info.TlsVectorLength; ++index) { - auto* old_entry = c.emu.read_memory(tls_vector + index); - c.emu.write_memory(new_tls_vector + index, old_entry); + const auto old_entry = c.emu.read_memory(tls_vector + index * ptr_size); + c.emu.write_memory(new_tls_vector + index * ptr_size, old_entry); } teb.ThreadLocalStoragePointer = new_tls_vector; @@ -386,4 +387,4 @@ namespace syscalls return STATUS_NOT_SUPPORTED; } -} \ No newline at end of file +} diff --git a/src/windows-emulator/syscalls/thread.cpp b/src/windows-emulator/syscalls/thread.cpp index 3cc470a7..827dc0e1 100644 --- a/src/windows-emulator/syscalls/thread.cpp +++ b/src/windows-emulator/syscalls/thread.cpp @@ -73,7 +73,7 @@ namespace syscalls t.teb->access([&](TEB64& teb) { if (tls_cell < TLS_MINIMUM_AVAILABLE) { - teb.TlsSlots.arr[tls_cell] = nullptr; + teb.TlsSlots.arr[tls_cell] = 0; } else if (teb.TlsExpansionSlots) { @@ -136,7 +136,7 @@ namespace syscalls const emulator_object info{c.emu, thread_information}; info.access([&](THREAD_BASIC_INFORMATION64& i) { - i.TebBaseAddress = thread->teb->ptr(); + i.TebBaseAddress = thread->teb->value(); i.ClientId = thread->teb->read().ClientId; }); @@ -542,7 +542,7 @@ namespace syscalls } else if (type == PsAttributeTebAddress) { - write_attribute(c.emu, attribute, thread->teb->ptr()); + write_attribute(c.emu, attribute, thread->teb->value()); } else {