Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-31 00:11:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update hook_memory_violation to handle guard page violations

Browse Source
This commit is contained in:
3fault
2025-07-01 19:17:05 -04:00
parent 1276c7e2bc
commit 2e17f37f78
3 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/analyzer/main.cpp
View File

@@ -317,7 +317,7 @@ namespace
{ {
for (const auto& section : exe.sections) for (const auto& section : exe.sections)
{ {
if ((section.region.permissions & memory_permission::exec) != memory_permission::exec) if ((section.region.permissions.common & memory_permission::exec) != memory_permission::exec)
{ {
continue; continue;
} }

4
src/emulator/memory_region.hpp
View File

@@ -1,12 +1,12 @@
#pragma once #pragma once
#include "memory_permission.hpp" #include "windows-emulator/memory_permission_ext.hpp"
#include <cstddef> #include <cstddef>
struct basic_memory_region struct basic_memory_region
{ {
uint64_t start{}; uint64_t start{};
size_t length{}; // uint64_t? size_t length{}; // uint64_t?
memory_permission permissions{}; nt_memory_permission permissions{};
}; };
struct memory_region : basic_memory_region struct memory_region : basic_memory_region

16
src/windows-emulator/windows_emulator.cpp
View File

@@ -11,6 +11,7 @@
#include "apiset/apiset.hpp" #include "apiset/apiset.hpp"
#include "network/static_socket_factory.hpp" #include "network/static_socket_factory.hpp"
#include "windows-emulator/memory_permission_ext.hpp"
constexpr auto MAX_INSTRUCTIONS_PER_TIME_SLICE = 0x20000; constexpr auto MAX_INSTRUCTIONS_PER_TIME_SLICE = 0x20000;
@@ -499,8 +500,19 @@ void windows_emulator::setup_hooks()
this->emu().hook_memory_violation([&](const uint64_t address, const size_t size, const memory_operation operation, this->emu().hook_memory_violation([&](const uint64_t address, const size_t size, const memory_operation operation,
const memory_violation_type type) { const memory_violation_type type) {
this->callbacks.on_memory_violate(address, size, operation, type); auto region = this->memory.get_region_info(address);
dispatch_access_violation(this->emu(), this->process, address, operation); if (region.permissions.is_guarded())
{
// Unset the GUARD_PAGE flag and dispatch a STATUS_GUARD_PAGE_VIOLATION
this->memory.protect_memory(region.allocation_base, region.length, region.permissions & ~memory_permission_ext::guard);
dispatch_guard_page_violation(this->emu(), this->process, address, operation);
}
else
{
this->callbacks.on_memory_violate(address, size, operation, type);
dispatch_access_violation(this->emu(), this->process, address, operation);
}
return memory_violation_continuation::resume; return memory_violation_continuation::resume;
}); });