Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-20 12:13:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Log crafted out-of-line syscalls

Browse Source
This commit is contained in:
momo5502
2025-01-03 17:29:00 +01:00
parent 6da3f27da6
commit 912e9c9379
2 changed files with 20 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/windows-emulator/syscall_dispatcher.cpp
View File

@@ -100,13 +100,26 @@ void syscall_dispatcher::dispatch(windows_emulator& win_emu)
}
else
{
const auto rsp = c.emu.read_stack_pointer();
const auto return_address = c.emu.read_memory<uint64_t>(rsp);
const auto* mod_name = context.module_manager.find_name(return_address);
const auto* previous_mod = context.module_manager.find_by_address(context.previous_ip);
if (previous_mod == mod)
{
const auto rsp = c.emu.read_stack_pointer();
const auto return_address = c.emu.read_memory<uint64_t>(rsp);
const auto* mod_name = context.module_manager.find_name(return_address);
win_emu.logger.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX via 0x%llX (%s)\n",
entry->second.name.c_str(),
syscall_id, address, return_address, mod_name);
win_emu.logger.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX via 0x%llX (%s) %lld\n",
entry->second.name.c_str(),
syscall_id, address, return_address, mod_name, c.proc.executed_instructions);
}
else
{
win_emu.logger.print(color::blue,
"Crafted out-of-line syscall: %s (0x%X) at 0x%llX (%s) via 0x%llX (%s)\n",
entry->second.name.c_str(),
syscall_id,
address, mod ? mod->name.c_str() : "<N/A>", context.previous_ip,
previous_mod ? previous_mod->name.c_str() : "<N/A>");
}
}
entry->second.handler(c);

2
src/windows-emulator/windows_emulator.cpp
View File

@@ -820,7 +820,7 @@ void windows_emulator::setup_hooks()
const auto rip = this->emu().read_instruction_pointer();
printf("Interrupt: %i 0x%llX\n", interrupt, rip);
if (this->fuzzing)
if (this->fuzzing || true) // TODO: Fix
{
this->process().exception_rip = rip;
this->emu().stop();