From 6e203d9590a3fe7544b1542dc51286e8306bbb87 Mon Sep 17 00:00:00 2001 From: 3fault Date: Wed, 2 Jul 2025 14:47:51 -0400 Subject: [PATCH] Fix formatting issues --- .../icicle_x86_64_emulator.cpp | 3 +- src/samples/test-sample/test.cpp | 43 ++++++++--------- src/windows-emulator/exception_dispatch.cpp | 2 +- src/windows-emulator/exception_dispatch.hpp | 2 +- src/windows-emulator/memory_manager.cpp | 12 ++--- .../memory_permission_ext.hpp | 48 +++++++++++++------ src/windows-emulator/memory_utils.hpp | 42 ++++++++-------- src/windows-emulator/windows_emulator.cpp | 7 +-- 8 files changed, 85 insertions(+), 74 deletions(-) diff --git a/src/backends/icicle-emulator/icicle_x86_64_emulator.cpp b/src/backends/icicle-emulator/icicle_x86_64_emulator.cpp index 6bb1d6fa..2895fe1d 100644 --- a/src/backends/icicle-emulator/icicle_x86_64_emulator.cpp +++ b/src/backends/icicle-emulator/icicle_x86_64_emulator.cpp @@ -222,7 +222,8 @@ namespace icicle ice(res, "Failed to write memory"); } - void apply_memory_protection(const uint64_t address, const size_t size, nt_memory_permission permissions) override + void apply_memory_protection(const uint64_t address, const size_t size, + nt_memory_permission permissions) override { const auto res = icicle_protect_memory(this->emu_, address, size, static_cast(permissions.common)); ice(res, "Failed to apply permissions"); diff --git a/src/samples/test-sample/test.cpp b/src/samples/test-sample/test.cpp index e8b6fe12..feece83f 100644 --- a/src/samples/test-sample/test.cpp +++ b/src/samples/test-sample/test.cpp @@ -646,26 +646,26 @@ namespace return res; } - - INT32 test_guard_page_seh_filter(LPVOID address, DWORD code, struct _EXCEPTION_POINTERS* ep) + + INT32 test_guard_page_seh_filter(LPVOID address, DWORD code, struct _EXCEPTION_POINTERS* ep) { // We are only looking for guard page exceptions. - if (code != STATUS_GUARD_PAGE_VIOLATION) + if (code != STATUS_GUARD_PAGE_VIOLATION) { return EXCEPTION_CONTINUE_SEARCH; } // The number of defined elements in the ExceptionInformation array for // a guard page violation should be 2. - if (ep->ExceptionRecord->NumberParameters != 2) + if (ep->ExceptionRecord->NumberParameters != 2) { return EXCEPTION_CONTINUE_SEARCH; } // The ExceptionInformation array specifies additional arguments that // describe the exception. - auto *exception_information = ep->ExceptionRecord->ExceptionInformation; - + auto* exception_information = ep->ExceptionRecord->ExceptionInformation; + // If this value is zero, the thread attempted to read the inaccessible // data. If this value is 1, the thread attempted to write to an // inaccessible address. @@ -673,14 +673,14 @@ namespace { return EXCEPTION_CONTINUE_SEARCH; } - + // The second array element specifies the virtual address of the // inaccessible data. if (exception_information[1] != (ULONG_PTR)address) { return EXCEPTION_CONTINUE_SEARCH; } - + return EXCEPTION_EXECUTE_HANDLER; } @@ -691,12 +691,8 @@ namespace // Allocate a guarded memory region with the length of the system page // size. - auto *addr = static_cast(VirtualAlloc( - nullptr, - sys_info.dwPageSize, - MEM_RESERVE | MEM_COMMIT, - PAGE_READWRITE | PAGE_GUARD - )); + auto* addr = static_cast( + VirtualAlloc(nullptr, sys_info.dwPageSize, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE | PAGE_GUARD)); if (addr == nullptr) { puts("Failed to allocate guard page"); @@ -704,12 +700,12 @@ namespace } bool success = false; - + // We want to access some arbitrary offset into the guarded page, to // ensure that ExceptionInformation correctly contains the virtual // address of the inaccessible data, not the base address of the region. constexpr size_t offset = 10; - + // Trigger a guard page violation __try { @@ -717,28 +713,27 @@ namespace } // If the filter function returns EXCEPTION_CONTINUE_SEARCH, the // exception contains all of the correct information. - __except(test_guard_page_seh_filter( - addr + offset, - GetExceptionCode(), - GetExceptionInformation())) + __except (test_guard_page_seh_filter(addr + offset, GetExceptionCode(), GetExceptionInformation())) { success = true; } // The page guard should be lifted, so no exception should be raised. - __try { + __try + { // The previous write should not have went through, this is probably // superflous. - if (addr[offset] == 255) { + if (addr[offset] == 255) + { success = false; } } - __except(EXCEPTION_EXECUTE_HANDLER) + __except (EXCEPTION_EXECUTE_HANDLER) { puts("Failed to read from page after guard exception!"); success = false; } - + return success; } diff --git a/src/windows-emulator/exception_dispatch.cpp b/src/windows-emulator/exception_dispatch.cpp index 2a15c02b..09e9d93c 100644 --- a/src/windows-emulator/exception_dispatch.cpp +++ b/src/windows-emulator/exception_dispatch.cpp @@ -183,7 +183,7 @@ void dispatch_access_violation(x86_64_emulator& emu, const process_context& proc } void dispatch_guard_page_violation(x86_64_emulator& emu, const process_context& proc, const uint64_t address, - const memory_operation operation) + const memory_operation operation) { dispatch_exception(emu, proc, STATUS_GUARD_PAGE_VIOLATION, { diff --git a/src/windows-emulator/exception_dispatch.hpp b/src/windows-emulator/exception_dispatch.hpp index 428c55ef..46850435 100644 --- a/src/windows-emulator/exception_dispatch.hpp +++ b/src/windows-emulator/exception_dispatch.hpp @@ -20,7 +20,7 @@ void dispatch_exception(x86_64_emulator& emu, const process_context& proc, const void dispatch_access_violation(x86_64_emulator& emu, const process_context& proc, uint64_t address, memory_operation operation); void dispatch_guard_page_violation(x86_64_emulator& emu, const process_context& proc, uint64_t address, - memory_operation operation); + memory_operation operation); void dispatch_illegal_instruction_violation(x86_64_emulator& emu, const process_context& proc); void dispatch_integer_division_by_zero(x86_64_emulator& emu, const process_context& proc); void dispatch_single_step(x86_64_emulator& emu, const process_context& proc); diff --git a/src/windows-emulator/memory_manager.cpp b/src/windows-emulator/memory_manager.cpp index 14c0ca55..7e149e50 100644 --- a/src/windows-emulator/memory_manager.cpp +++ b/src/windows-emulator/memory_manager.cpp @@ -272,10 +272,8 @@ bool memory_manager::allocate_memory(const uint64_t address, const size_t size, this->map_memory(address, size, permissions); auto common = memory_permission::read_write; - auto extended = permissions.is_guarded() - ? memory_permission_ext::guard - : memory_permission_ext::none; - + auto extended = permissions.is_guarded() ? memory_permission_ext::guard : memory_permission_ext::none; + entry->second.committed_regions[address] = committed_region{size, nt_memory_permission{common, extended}}; } @@ -634,10 +632,8 @@ void memory_manager::map_mmio(const uint64_t address, const size_t size, mmio_re void memory_manager::map_memory(const uint64_t address, const size_t size, const nt_memory_permission permissions) { - auto perms = permissions.is_guarded() - ? nt_memory_permission(memory_permission::none) - : permissions; - + auto perms = permissions.is_guarded() ? nt_memory_permission(memory_permission::none) : permissions; + this->memory_->map_memory(address, size, perms); } diff --git a/src/windows-emulator/memory_permission_ext.hpp b/src/windows-emulator/memory_permission_ext.hpp index 257acfc6..63427929 100644 --- a/src/windows-emulator/memory_permission_ext.hpp +++ b/src/windows-emulator/memory_permission_ext.hpp @@ -53,29 +53,47 @@ inline memory_permission_ext& operator^=(memory_permission_ext& x, const memory_ * ****************************************************************************/ -struct nt_memory_permission +struct nt_memory_permission { - memory_permission common; + memory_permission common; memory_permission_ext extended; - constexpr nt_memory_permission() : common(memory_permission::none), extended(memory_permission_ext::none) {} - constexpr nt_memory_permission(memory_permission common) : common(common), extended(memory_permission_ext::none) {} - constexpr nt_memory_permission(memory_permission common, memory_permission_ext ext) : common(common), extended(ext) {} + constexpr nt_memory_permission() + : common(memory_permission::none), + extended(memory_permission_ext::none) + { + } + constexpr nt_memory_permission(memory_permission common) + : common(common), + extended(memory_permission_ext::none) + { + } + constexpr nt_memory_permission(memory_permission common, memory_permission_ext ext) + : common(common), + extended(ext) + { + } // Implicit coercions - operator memory_permission() const { return common; } - operator memory_permission_ext() const { return extended; } + operator memory_permission() const + { + return common; + } + operator memory_permission_ext() const + { + return extended; + } // This just does memberwise equality on each of the members in declaration order bool operator==(nt_memory_permission const&) const = default; - nt_memory_permission& operator=(memory_permission const& y) + nt_memory_permission& operator=(memory_permission const& y) { this->common = y; return *this; } - constexpr bool is_guarded() const + constexpr bool is_guarded() const { return (this->extended & memory_permission_ext::guard) == memory_permission_ext::guard; } @@ -87,32 +105,32 @@ struct nt_memory_permission constexpr nt_memory_permission operator&(const nt_memory_permission x, const memory_permission y) { - return nt_memory_permission { x.common & y, x.extended }; + return nt_memory_permission{x.common & y, x.extended}; } constexpr nt_memory_permission operator&(const nt_memory_permission x, const memory_permission_ext y) { - return nt_memory_permission { x.common, x.extended & y }; + return nt_memory_permission{x.common, x.extended & y}; } constexpr nt_memory_permission operator|(const nt_memory_permission x, const memory_permission y) { - return nt_memory_permission { x.common | y, x.extended }; + return nt_memory_permission{x.common | y, x.extended}; } constexpr nt_memory_permission operator|(const nt_memory_permission x, const memory_permission_ext y) { - return nt_memory_permission { x.common, x.extended | y }; + return nt_memory_permission{x.common, x.extended | y}; } constexpr nt_memory_permission operator^(const nt_memory_permission x, const memory_permission y) { - return nt_memory_permission { x.common ^ y, x.extended }; + return nt_memory_permission{x.common ^ y, x.extended}; } constexpr nt_memory_permission operator^(const nt_memory_permission x, const memory_permission_ext y) { - return nt_memory_permission { x.common, x.extended ^ y }; + return nt_memory_permission{x.common, x.extended ^ y}; } inline nt_memory_permission& operator&=(nt_memory_permission& x, const memory_permission y) diff --git a/src/windows-emulator/memory_utils.hpp b/src/windows-emulator/memory_utils.hpp index d524ffd3..bcb05747 100644 --- a/src/windows-emulator/memory_utils.hpp +++ b/src/windows-emulator/memory_utils.hpp @@ -33,29 +33,29 @@ inline nt_memory_permission map_nt_to_emulator_protection(uint32_t nt_protection memory_permission common = memory_permission::none; switch (nt_protection) { - case PAGE_NOACCESS: - common = memory_permission::none; - break; - case PAGE_READONLY: - common = memory_permission::read; - break; - case PAGE_READWRITE: - case PAGE_WRITECOPY: - common = memory_permission::read | memory_permission::write; - break; - case PAGE_EXECUTE: - case PAGE_EXECUTE_READ: - common = memory_permission::read | memory_permission::exec; - break; - case PAGE_EXECUTE_READWRITE: - common = memory_permission::all; - break; - case PAGE_EXECUTE_WRITECOPY: - default: - throw std::runtime_error("Failed to map protection"); + case PAGE_NOACCESS: + common = memory_permission::none; + break; + case PAGE_READONLY: + common = memory_permission::read; + break; + case PAGE_READWRITE: + case PAGE_WRITECOPY: + common = memory_permission::read | memory_permission::write; + break; + case PAGE_EXECUTE: + case PAGE_EXECUTE_READ: + common = memory_permission::read | memory_permission::exec; + break; + case PAGE_EXECUTE_READWRITE: + common = memory_permission::all; + break; + case PAGE_EXECUTE_WRITECOPY: + default: + throw std::runtime_error("Failed to map protection"); } - return nt_memory_permission { common, ext }; + return nt_memory_permission{common, ext}; } inline uint32_t map_emulator_to_nt_protection(const memory_permission permission) diff --git a/src/windows-emulator/windows_emulator.cpp b/src/windows-emulator/windows_emulator.cpp index 8ee4b066..f89d58a8 100644 --- a/src/windows-emulator/windows_emulator.cpp +++ b/src/windows-emulator/windows_emulator.cpp @@ -503,8 +503,9 @@ void windows_emulator::setup_hooks() auto region = this->memory.get_region_info(address); if (region.permissions.is_guarded()) { - // Unset the GUARD_PAGE flag and dispatch a STATUS_GUARD_PAGE_VIOLATION - this->memory.protect_memory(region.allocation_base, region.length, region.permissions & ~memory_permission_ext::guard); + // Unset the GUARD_PAGE flag and dispatch a STATUS_GUARD_PAGE_VIOLATION + this->memory.protect_memory(region.allocation_base, region.length, + region.permissions & ~memory_permission_ext::guard); dispatch_guard_page_violation(this->emu(), this->process, address, operation); } else @@ -512,7 +513,7 @@ void windows_emulator::setup_hooks() this->callbacks.on_memory_violate(address, size, operation, type); dispatch_access_violation(this->emu(), this->process, address, operation); } - + return memory_violation_continuation::resume; });