mirror of
https://github.com/momo5502/emulator.git
synced 2026-01-11 16:46:16 +00:00
Fix naming collisions
This commit is contained in:
momo5502
@@ -46,7 +46,7 @@ namespace
|
||||
if (options.use_gdb)
|
||||
{
|
||||
const auto* address = "127.0.0.1:28960";
|
||||
win_emu.logger.print(color::pink, "Waiting for GDB connection on %s...\n", address);
|
||||
win_emu.log.print(color::pink, "Waiting for GDB connection on %s...\n", address);
|
||||
|
||||
win_x64_gdb_stub_handler handler{win_emu};
|
||||
run_gdb_stub(handler, "i386:x86-64", gdb_registers.size(), address);
|
||||
@@ -58,24 +58,24 @@ namespace
|
||||
}
|
||||
catch (const std::exception& e)
|
||||
{
|
||||
win_emu.logger.print(color::red, "Emulation failed at: 0x%llX - %s\n",
|
||||
win_emu.log.print(color::red, "Emulation failed at: 0x%llX - %s\n",
|
||||
win_emu.emu().read_instruction_pointer(), e.what());
|
||||
throw;
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
win_emu.logger.print(color::red, "Emulation failed at: 0x%llX\n", win_emu.emu().read_instruction_pointer());
|
||||
win_emu.log.print(color::red, "Emulation failed at: 0x%llX\n", win_emu.emu().read_instruction_pointer());
|
||||
throw;
|
||||
}
|
||||
|
||||
const auto exit_status = win_emu.process().exit_status;
|
||||
if (exit_status.has_value())
|
||||
{
|
||||
win_emu.logger.print(color::red, "Emulation terminated with status: %X\n", *exit_status);
|
||||
win_emu.log.print(color::red, "Emulation terminated with status: %X\n", *exit_status);
|
||||
}
|
||||
else
|
||||
{
|
||||
win_emu.logger.print(color::red, "Emulation terminated without status!\n");
|
||||
win_emu.log.print(color::red, "Emulation terminated without status!\n");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -127,7 +127,7 @@ namespace
|
||||
auto read_handler = [&, section, concise_logging](const uint64_t address, size_t, uint64_t)
|
||||
{
|
||||
const auto rip = win_emu.emu().read_instruction_pointer();
|
||||
if (win_emu.process().module_manager.find_by_address(rip) != win_emu.process().executable)
|
||||
if (win_emu.process().mod_manager.find_by_address(rip) != win_emu.process().executable)
|
||||
{
|
||||
return;
|
||||
}
|
||||
@@ -139,7 +139,7 @@ namespace
|
||||
if (count > 100 && count % 10000 != 0) return;
|
||||
}
|
||||
|
||||
win_emu.logger.print(
|
||||
win_emu.log.print(
|
||||
color::green,
|
||||
"Reading from executable section %s at 0x%llX via 0x%llX\n",
|
||||
section.name.c_str(), address, rip);
|
||||
@@ -148,7 +148,7 @@ namespace
|
||||
const auto write_handler = [&, section, concise_logging](const uint64_t address, size_t, uint64_t)
|
||||
{
|
||||
const auto rip = win_emu.emu().read_instruction_pointer();
|
||||
if (win_emu.process().module_manager.find_by_address(rip) != win_emu.process().executable)
|
||||
if (win_emu.process().mod_manager.find_by_address(rip) != win_emu.process().executable)
|
||||
{
|
||||
return;
|
||||
}
|
||||
@@ -160,7 +160,7 @@ namespace
|
||||
if (count > 100 && count % 10000 != 0) return;
|
||||
}
|
||||
|
||||
win_emu.logger.print(
|
||||
win_emu.log.print(
|
||||
color::blue,
|
||||
"Writing to executable section %s at 0x%llX via 0x%llX\n",
|
||||
section.name.c_str(), address, rip);
|
||||
|
||||
@@ -12,7 +12,7 @@ emulator_hook* watch_object(windows_emulator& emu, emulator_object<T> object, co
|
||||
const uint64_t address, size_t, uint64_t)
|
||||
{
|
||||
const auto rip = emu.emu().read_instruction_pointer();
|
||||
const auto* mod = emu.process().module_manager.find_by_address(rip);
|
||||
const auto* mod = emu.process().mod_manager.find_by_address(rip);
|
||||
const auto is_main_access = mod == emu.process().executable;
|
||||
|
||||
if (!emu.verbose_calls && !is_main_access)
|
||||
@@ -30,7 +30,7 @@ emulator_hook* watch_object(windows_emulator& emu, emulator_object<T> object, co
|
||||
}
|
||||
|
||||
const auto offset = address - object.value();
|
||||
emu.logger.print(is_main_access ? color::green : color::dark_gray,
|
||||
emu.log.print(is_main_access ? color::green : color::dark_gray,
|
||||
"Object access: %s - 0x%llX (%s) at 0x%llX (%s)\n",
|
||||
i.get_type_name().c_str(),
|
||||
offset,
|
||||
|
||||
@@ -13,7 +13,7 @@ namespace
|
||||
{
|
||||
try
|
||||
{
|
||||
win_emu.logger.disable_output(true);
|
||||
win_emu.log.disable_output(true);
|
||||
win_emu.start();
|
||||
|
||||
if (win_emu.process().exception_rip.has_value())
|
||||
@@ -23,12 +23,12 @@ namespace
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
win_emu.logger.disable_output(false);
|
||||
win_emu.logger.print(color::red, "Emulation failed at: 0x%llX\n", win_emu.emu().read_instruction_pointer());
|
||||
win_emu.log.disable_output(false);
|
||||
win_emu.log.print(color::red, "Emulation failed at: 0x%llX\n", win_emu.emu().read_instruction_pointer());
|
||||
throw;
|
||||
}
|
||||
|
||||
win_emu.logger.disable_output(false);
|
||||
win_emu.log.disable_output(false);
|
||||
}
|
||||
|
||||
void forward_emulator(windows_emulator& win_emu)
|
||||
|
||||
@@ -58,7 +58,7 @@ namespace test
|
||||
utils::buffer_deserializer deserializer{serializer.get_buffer()};
|
||||
|
||||
windows_emulator new_emu{};
|
||||
new_emu.logger.disable_output(true);
|
||||
new_emu.log.disable_output(true);
|
||||
new_emu.deserialize(deserializer);
|
||||
|
||||
new_emu.start();
|
||||
|
||||
@@ -315,11 +315,11 @@ namespace
|
||||
{
|
||||
if (_AFD_BASE(c.io_control_code) != FSCTL_AFD_BASE)
|
||||
{
|
||||
win_emu.logger.print(color::cyan, "Bad AFD IOCTL: %X\n", c.io_control_code);
|
||||
win_emu.log.print(color::cyan, "Bad AFD IOCTL: %X\n", c.io_control_code);
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
win_emu.logger.print(color::cyan, "AFD IOCTL: %X\n", c.io_control_code);
|
||||
win_emu.log.print(color::cyan, "AFD IOCTL: %X\n", c.io_control_code);
|
||||
|
||||
const auto request = _AFD_REQUEST(c.io_control_code);
|
||||
|
||||
@@ -337,7 +337,7 @@ namespace
|
||||
case AFD_GET_INFORMATION:
|
||||
return STATUS_SUCCESS;
|
||||
default:
|
||||
win_emu.logger.print(color::gray, "Unsupported AFD IOCTL: %X\n", c.io_control_code);
|
||||
win_emu.log.print(color::gray, "Unsupported AFD IOCTL: %X\n", c.io_control_code);
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -507,7 +507,7 @@ struct process_context
|
||||
, peb(emu)
|
||||
, process_params(emu)
|
||||
, kusd(emu, *this)
|
||||
, module_manager(emu)
|
||||
, mod_manager(emu)
|
||||
{
|
||||
}
|
||||
|
||||
@@ -526,7 +526,7 @@ struct process_context
|
||||
emulator_object<RTL_USER_PROCESS_PARAMETERS64> process_params;
|
||||
kusd_mmio kusd;
|
||||
|
||||
module_manager module_manager;
|
||||
module_manager mod_manager;
|
||||
|
||||
mapped_module* executable{};
|
||||
mapped_module* ntdll{};
|
||||
@@ -564,7 +564,7 @@ struct process_context
|
||||
buffer.write(this->peb);
|
||||
buffer.write(this->process_params);
|
||||
buffer.write(this->kusd);
|
||||
buffer.write(this->module_manager);
|
||||
buffer.write(this->mod_manager);
|
||||
|
||||
buffer.write(this->executable->image_base);
|
||||
buffer.write(this->ntdll->image_base);
|
||||
@@ -603,15 +603,15 @@ struct process_context
|
||||
buffer.read(this->peb);
|
||||
buffer.read(this->process_params);
|
||||
buffer.read(this->kusd);
|
||||
buffer.read(this->module_manager);
|
||||
buffer.read(this->mod_manager);
|
||||
|
||||
const auto executable_base = buffer.read<uint64_t>();
|
||||
const auto ntdll_base = buffer.read<uint64_t>();
|
||||
const auto win32u_base = buffer.read<uint64_t>();
|
||||
|
||||
this->executable = this->module_manager.find_by_address(executable_base);
|
||||
this->ntdll = this->module_manager.find_by_address(ntdll_base);
|
||||
this->win32u = this->module_manager.find_by_address(win32u_base);
|
||||
this->executable = this->mod_manager.find_by_address(executable_base);
|
||||
this->ntdll = this->mod_manager.find_by_address(ntdll_base);
|
||||
this->win32u = this->mod_manager.find_by_address(win32u_base);
|
||||
|
||||
buffer.read(this->ldr_initialize_thunk);
|
||||
buffer.read(this->rtl_user_thread_start);
|
||||
|
||||
@@ -90,10 +90,10 @@ void syscall_dispatcher::dispatch(windows_emulator& win_emu)
|
||||
return;
|
||||
}
|
||||
|
||||
const auto* mod = context.module_manager.find_by_address(address);
|
||||
const auto* mod = context.mod_manager.find_by_address(address);
|
||||
if (mod != context.ntdll && mod != context.win32u)
|
||||
{
|
||||
win_emu.logger.print(color::blue, "Executing inline syscall: %s (0x%X) at 0x%llX (%s)\n",
|
||||
win_emu.log.print(color::blue, "Executing inline syscall: %s (0x%X) at 0x%llX (%s)\n",
|
||||
entry->second.name.c_str(),
|
||||
syscall_id,
|
||||
address, mod ? mod->name.c_str() : "<N/A>");
|
||||
@@ -104,16 +104,16 @@ void syscall_dispatcher::dispatch(windows_emulator& win_emu)
|
||||
{
|
||||
const auto rsp = c.emu.read_stack_pointer();
|
||||
const auto return_address = c.emu.read_memory<uint64_t>(rsp);
|
||||
const auto* mod_name = context.module_manager.find_name(return_address);
|
||||
const auto* mod_name = context.mod_manager.find_name(return_address);
|
||||
|
||||
win_emu.logger.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX via 0x%llX (%s) %lld\n",
|
||||
win_emu.log.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX via 0x%llX (%s) %lld\n",
|
||||
entry->second.name.c_str(),
|
||||
syscall_id, address, return_address, mod_name, c.proc.executed_instructions);
|
||||
}
|
||||
else
|
||||
{
|
||||
const auto* previous_mod = context.module_manager.find_by_address(context.previous_ip);
|
||||
win_emu.logger.print(color::blue,
|
||||
const auto* previous_mod = context.mod_manager.find_by_address(context.previous_ip);
|
||||
win_emu.log.print(color::blue,
|
||||
"Crafted out-of-line syscall: %s (0x%X) at 0x%llX (%s) via 0x%llX (%s)\n",
|
||||
entry->second.name.c_str(),
|
||||
syscall_id,
|
||||
|
||||
@@ -81,7 +81,7 @@ namespace
|
||||
key = full_path.u16string();
|
||||
}
|
||||
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Registry key: %S\n", key.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Registry key: %S\n", key.c_str());
|
||||
|
||||
auto entry = c.proc.registry.get_key(key);
|
||||
if (!entry.has_value())
|
||||
@@ -164,7 +164,7 @@ namespace
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
c.win_emu.logger.print(color::gray, "Unsupported registry class: %X\n", key_information_class);
|
||||
c.win_emu.log.print(color::gray, "Unsupported registry class: %X\n", key_information_class);
|
||||
c.emu.stop();
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
@@ -278,7 +278,7 @@ namespace
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
c.win_emu.logger.print(color::gray, "Unsupported registry value class: %X\n", key_value_information_class);
|
||||
c.win_emu.log.print(color::gray, "Unsupported registry value class: %X\n", key_value_information_class);
|
||||
c.emu.stop();
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
@@ -314,7 +314,7 @@ namespace
|
||||
|
||||
if (info_class == ThreadHideFromDebugger)
|
||||
{
|
||||
c.win_emu.logger.print(color::pink, "--> Hiding thread %X from debugger!\n", thread->id);
|
||||
c.win_emu.log.print(color::pink, "--> Hiding thread %X from debugger!\n", thread->id);
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
@@ -329,7 +329,7 @@ namespace
|
||||
const auto i = info.read();
|
||||
thread->name = read_unicode_string(c.emu, i.ThreadName);
|
||||
|
||||
c.win_emu.logger.print(color::blue, "Setting thread (%d) name: %S\n", thread->id, thread->name.c_str());
|
||||
c.win_emu.log.print(color::blue, "Setting thread (%d) name: %S\n", thread->id, thread->name.c_str());
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
@@ -440,7 +440,7 @@ namespace
|
||||
{
|
||||
if (mutant_handle.value.type != handle_types::mutant)
|
||||
{
|
||||
c.win_emu.logger.error("Bad handle type for NtReleaseMutant\n");
|
||||
c.win_emu.log.error("Bad handle type for NtReleaseMutant\n");
|
||||
c.emu.stop();
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
@@ -598,7 +598,7 @@ namespace
|
||||
const auto attributes = object_attributes.read();
|
||||
|
||||
auto filename = read_unicode_string(c.emu, reinterpret_cast<UNICODE_STRING<EmulatorTraits<Emu64>>*>(attributes.ObjectName));
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Opening section: %S\n", filename.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Opening section: %S\n", filename.c_str());
|
||||
|
||||
if (filename == u"\\Windows\\SharedSection")
|
||||
{
|
||||
@@ -699,7 +699,7 @@ namespace
|
||||
|
||||
if (section_entry->is_image())
|
||||
{
|
||||
const auto binary = c.proc.module_manager.map_module(section_entry->file_name, c.win_emu.logger);
|
||||
const auto binary = c.proc.mod_manager.map_module(section_entry->file_name, c.win_emu.log);
|
||||
if (!binary)
|
||||
{
|
||||
return STATUS_FILE_INVALID;
|
||||
@@ -829,7 +829,7 @@ namespace
|
||||
return STATUS_BUFFER_OVERFLOW;
|
||||
}
|
||||
|
||||
const auto mod = c.proc.module_manager.find_by_address(base_address);
|
||||
const auto mod = c.proc.mod_manager.find_by_address(base_address);
|
||||
if (!mod)
|
||||
{
|
||||
printf("Bad address for memory image request: 0x%zX\n", base_address);
|
||||
@@ -1837,7 +1837,7 @@ namespace
|
||||
|
||||
const auto requested_protection = map_nt_to_emulator_protection(protection);
|
||||
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Changing protection at 0x%llX-0x%llX to %s\n", aligned_start,
|
||||
c.win_emu.log.print(color::dark_gray, "--> Changing protection at 0x%llX-0x%llX to %s\n", aligned_start,
|
||||
aligned_start + aligned_length, get_permission_string(requested_protection).c_str());
|
||||
|
||||
memory_permission old_protection_value{};
|
||||
@@ -2030,7 +2030,7 @@ namespace
|
||||
const auto* file = c.proc.files.get(file_handle);
|
||||
if (file)
|
||||
{
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Section for file %S\n", file->name.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Section for file %S\n", file->name.c_str());
|
||||
s.file_name = file->name;
|
||||
}
|
||||
|
||||
@@ -2040,7 +2040,7 @@ namespace
|
||||
if (attributes.ObjectName)
|
||||
{
|
||||
const auto name = read_unicode_string(c.emu, reinterpret_cast<UNICODE_STRING<EmulatorTraits<Emu64>>*>(attributes.ObjectName));
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Section with name %S\n", name.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Section with name %S\n", name.c_str());
|
||||
s.name = std::move(name);
|
||||
}
|
||||
}
|
||||
@@ -2074,7 +2074,7 @@ namespace
|
||||
const emulator_object<ULONG> connection_info_length)
|
||||
{
|
||||
auto port_name = read_unicode_string(c.emu, server_port_name);
|
||||
c.win_emu.logger.print(color::dark_gray, "NtConnectPort: %S\n", port_name.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "NtConnectPort: %S\n", port_name.c_str());
|
||||
|
||||
port p{};
|
||||
p.name = std::move(port_name);
|
||||
@@ -2690,7 +2690,7 @@ namespace
|
||||
}
|
||||
|
||||
c.win_emu.on_stdout(temp_buffer);
|
||||
c.win_emu.logger.info("%.*s", static_cast<int>(temp_buffer.size()), temp_buffer.data());
|
||||
c.win_emu.log.info("%.*s", static_cast<int>(temp_buffer.size()), temp_buffer.data());
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
@@ -2774,7 +2774,7 @@ namespace
|
||||
|
||||
auto printer = utils::finally([&]
|
||||
{
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Opening file: %S\n", filename.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Opening file: %S\n", filename.c_str());
|
||||
});
|
||||
|
||||
constexpr std::u16string_view device_prefix = u"\\Device\\";
|
||||
@@ -2820,7 +2820,7 @@ namespace
|
||||
|
||||
if (f.name.ends_with(u"\\") || create_options & FILE_DIRECTORY_FILE)
|
||||
{
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Opening folder: %S\n", f.name.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Opening folder: %S\n", f.name.c_str());
|
||||
|
||||
if (create_disposition & FILE_CREATE)
|
||||
{
|
||||
@@ -2843,7 +2843,7 @@ namespace
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
c.win_emu.logger.print(color::dark_gray, "--> Opening file: %S\n", f.name.c_str());
|
||||
c.win_emu.log.print(color::dark_gray, "--> Opening file: %S\n", f.name.c_str());
|
||||
|
||||
std::u16string mode = map_mode(desired_access, create_disposition);
|
||||
|
||||
@@ -3124,7 +3124,7 @@ namespace
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
const auto* mod = c.proc.module_manager.find_by_address(base_address);
|
||||
const auto* mod = c.proc.mod_manager.find_by_address(base_address);
|
||||
if (!mod)
|
||||
{
|
||||
puts("Unmapping non-module section not supported!");
|
||||
@@ -3132,7 +3132,7 @@ namespace
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (c.proc.module_manager.unmap(base_address))
|
||||
if (c.proc.mod_manager.unmap(base_address))
|
||||
{
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
@@ -3222,7 +3222,7 @@ namespace
|
||||
{
|
||||
if (alertable)
|
||||
{
|
||||
c.win_emu.logger.print(color::gray, "Alertable NtWaitForMultipleObjects not supported yet!\n");
|
||||
c.win_emu.log.print(color::gray, "Alertable NtWaitForMultipleObjects not supported yet!\n");
|
||||
}
|
||||
|
||||
if (wait_type != WaitAny && wait_type != WaitAll)
|
||||
@@ -3242,7 +3242,7 @@ namespace
|
||||
|
||||
if (!is_awaitable_object_type(h))
|
||||
{
|
||||
c.win_emu.logger.print(color::gray, "Unsupported handle type for NtWaitForMultipleObjects: %d!\n",
|
||||
c.win_emu.log.print(color::gray, "Unsupported handle type for NtWaitForMultipleObjects: %d!\n",
|
||||
h.value.type);
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
@@ -3263,12 +3263,12 @@ namespace
|
||||
{
|
||||
if (alertable)
|
||||
{
|
||||
c.win_emu.logger.print(color::gray, "Alertable NtWaitForSingleObject not supported yet!\n");
|
||||
c.win_emu.log.print(color::gray, "Alertable NtWaitForSingleObject not supported yet!\n");
|
||||
}
|
||||
|
||||
if (!is_awaitable_object_type(h))
|
||||
{
|
||||
c.win_emu.logger.print(color::gray,
|
||||
c.win_emu.log.print(color::gray,
|
||||
"Unsupported handle type for NtWaitForSingleObject: %d!\n", h.value.type);
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
@@ -3344,7 +3344,7 @@ namespace
|
||||
{
|
||||
if (lock.value())
|
||||
{
|
||||
c.win_emu.logger.print(color::gray, "NtAlertThreadByThreadIdEx with lock not supported yet!");
|
||||
c.win_emu.log.print(color::gray, "NtAlertThreadByThreadIdEx with lock not supported yet!");
|
||||
//c.emu.stop();
|
||||
//return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
@@ -3400,7 +3400,7 @@ namespace
|
||||
{
|
||||
if (context.ContextFlags & CONTEXT_DEBUG_REGISTERS)
|
||||
{
|
||||
c.win_emu.logger.print(color::pink, "--> Reading debug registers!\n");
|
||||
c.win_emu.log.print(color::pink, "--> Reading debug registers!\n");
|
||||
}
|
||||
|
||||
context_frame::save(c.emu, context);
|
||||
|
||||
@@ -488,7 +488,7 @@ namespace
|
||||
|
||||
if (active_thread)
|
||||
{
|
||||
win_emu.logger.print(color::dark_gray, "Performing thread switch...\n");
|
||||
win_emu.log.print(color::dark_gray, "Performing thread switch...\n");
|
||||
active_thread->save(emu);
|
||||
}
|
||||
|
||||
@@ -749,7 +749,7 @@ windows_emulator::windows_emulator(emulator_settings settings,
|
||||
this->silent_until_main_ = settings.silent_until_main && !settings.disable_logging;
|
||||
this->stdout_callback_ = std::move(settings.stdout_callback);
|
||||
this->use_relative_time_ = settings.use_relative_time;
|
||||
this->logger.disable_output(settings.disable_logging || this->silent_until_main_);
|
||||
this->log.disable_output(settings.disable_logging || this->silent_until_main_);
|
||||
this->setup_process(settings);
|
||||
}
|
||||
|
||||
@@ -765,19 +765,19 @@ void windows_emulator::setup_process(const emulator_settings& settings)
|
||||
auto& emu = this->emu();
|
||||
|
||||
auto& context = this->process();
|
||||
context.module_manager = module_manager(emu); // TODO: Cleanup module manager
|
||||
context.mod_manager = module_manager(emu); // TODO: Cleanup module manager
|
||||
|
||||
setup_context(*this, settings);
|
||||
|
||||
context.executable = context.module_manager.map_module(settings.application, this->logger);
|
||||
context.executable = context.mod_manager.map_module(settings.application, this->log);
|
||||
|
||||
context.peb.access([&](PEB64& peb)
|
||||
{
|
||||
peb.ImageBaseAddress = reinterpret_cast<std::uint64_t*>(context.executable->image_base);
|
||||
});
|
||||
|
||||
context.ntdll = context.module_manager.map_module(R"(C:\Windows\System32\ntdll.dll)", this->logger);
|
||||
context.win32u = context.module_manager.map_module(R"(C:\Windows\System32\win32u.dll)", this->logger);
|
||||
context.ntdll = context.mod_manager.map_module(R"(C:\Windows\System32\ntdll.dll)", this->log);
|
||||
context.win32u = context.mod_manager.map_module(R"(C:\Windows\System32\win32u.dll)", this->log);
|
||||
|
||||
const auto ntdll_data = emu.read_memory(context.ntdll->image_base, context.ntdll->size_of_image);
|
||||
const auto win32u_data = emu.read_memory(context.win32u->image_base, context.win32u->size_of_image);
|
||||
@@ -832,7 +832,7 @@ void windows_emulator::on_instruction_execution(uint64_t address)
|
||||
if (this->silent_until_main_ && is_main_exe)
|
||||
{
|
||||
this->silent_until_main_ = false;
|
||||
this->logger.disable_output(false);
|
||||
this->log.disable_output(false);
|
||||
}
|
||||
|
||||
if (!this->verbose && !this->verbose_calls && !is_interesting_call)
|
||||
@@ -840,21 +840,21 @@ void windows_emulator::on_instruction_execution(uint64_t address)
|
||||
return;
|
||||
}
|
||||
|
||||
const auto* binary = this->process().module_manager.find_by_address(address);
|
||||
const auto* binary = this->process().mod_manager.find_by_address(address);
|
||||
|
||||
if (binary)
|
||||
{
|
||||
const auto export_entry = binary->address_names.find(address);
|
||||
if (export_entry != binary->address_names.end())
|
||||
{
|
||||
logger.print(is_interesting_call ? color::yellow : color::dark_gray,
|
||||
log.print(is_interesting_call ? color::yellow : color::dark_gray,
|
||||
"Executing function: %s - %s (0x%llX)\n",
|
||||
binary->name.c_str(),
|
||||
export_entry->second.c_str(), address);
|
||||
}
|
||||
else if (address == binary->entry_point)
|
||||
{
|
||||
logger.print(is_interesting_call ? color::yellow : color::gray,
|
||||
log.print(is_interesting_call ? color::yellow : color::gray,
|
||||
"Executing entry point: %s (0x%llX)\n",
|
||||
binary->name.c_str(),
|
||||
address);
|
||||
@@ -935,17 +935,17 @@ void windows_emulator::setup_hooks()
|
||||
{
|
||||
const auto permission = get_permission_string(operation);
|
||||
const auto ip = this->emu().read_instruction_pointer();
|
||||
const char* name = this->process().module_manager.find_name(ip);
|
||||
const char* name = this->process().mod_manager.find_name(ip);
|
||||
|
||||
if (type == memory_violation_type::protection)
|
||||
{
|
||||
this->logger.print(color::gray, "Protection violation: 0x%llX (%zX) - %s at 0x%llX (%s)\n", address, size,
|
||||
this->log.print(color::gray, "Protection violation: 0x%llX (%zX) - %s at 0x%llX (%s)\n", address, size,
|
||||
permission.c_str(), ip,
|
||||
name);
|
||||
}
|
||||
else if (type == memory_violation_type::unmapped)
|
||||
{
|
||||
this->logger.print(color::gray, "Mapping violation: 0x%llX (%zX) - %s at 0x%llX (%s)\n", address, size,
|
||||
this->log.print(color::gray, "Mapping violation: 0x%llX (%zX) - %s at 0x%llX (%s)\n", address, size,
|
||||
permission.c_str(), ip,
|
||||
name);
|
||||
}
|
||||
|
||||
@@ -97,7 +97,7 @@ public:
|
||||
}
|
||||
}
|
||||
|
||||
logger logger{};
|
||||
logger log{};
|
||||
bool verbose{false};
|
||||
bool verbose_calls{false};
|
||||
bool buffer_stdout{false};
|
||||
|
||||
Reference in New Issue
Block a user