dependabot[bot]
663b58f8d9
Build(deps-dev): Bump eslint from 9.39.1 to 9.39.2 in /page
...
Bumps [eslint](https://github.com/eslint/eslint ) from 9.39.1 to 9.39.2.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/compare/v9.39.1...v9.39.2 )
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:28:36 +00:00
dependabot[bot]
fd002f31d4
Build(deps): Bump react from 19.2.0 to 19.2.3 in /page
...
Bumps [react](https://github.com/facebook/react/tree/HEAD/packages/react ) from 19.2.0 to 19.2.3.
- [Release notes](https://github.com/facebook/react/releases )
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md )
- [Commits](https://github.com/facebook/react/commits/v19.2.3/packages/react )
---
updated-dependencies:
- dependency-name: react
dependency-version: 19.2.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:28:30 +00:00
dependabot[bot]
1c74918273
Build(deps): Bump @tailwindcss/vite from 4.1.17 to 4.1.18 in /page
...
Bumps [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite ) from 4.1.17 to 4.1.18.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases )
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md )
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.1.18/packages/@tailwindcss-vite )
---
updated-dependencies:
- dependency-name: "@tailwindcss/vite"
dependency-version: 4.1.18
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:28:11 +00:00
dependabot[bot]
8a9715acfa
Build(deps): Bump react-router-dom from 7.10.0 to 7.11.0 in /page
...
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom ) from 7.10.0 to 7.11.0.
- [Release notes](https://github.com/remix-run/react-router/releases )
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md )
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.11.0/packages/react-router-dom )
---
updated-dependencies:
- dependency-name: react-router-dom
dependency-version: 7.11.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:27:20 +00:00
dependabot[bot]
6824784f86
Build(deps-dev): Bump @types/node from 24.10.1 to 25.0.3 in /page
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 24.10.1 to 25.0.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-version: 25.0.3
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:27:11 +00:00
dependabot[bot]
8260447db1
Build(deps): Bump egor-tensin/setup-mingw from 2 to 3
...
Bumps [egor-tensin/setup-mingw](https://github.com/egor-tensin/setup-mingw ) from 2 to 3.
- [Release notes](https://github.com/egor-tensin/setup-mingw/releases )
- [Commits](https://github.com/egor-tensin/setup-mingw/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: egor-tensin/setup-mingw
dependency-version: '3'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:08:30 +00:00
dependabot[bot]
0224ee024e
Build(deps): Bump pyTooling/download-artifact from 6 to 7
...
Bumps [pyTooling/download-artifact](https://github.com/pytooling/download-artifact ) from 6 to 7.
- [Release notes](https://github.com/pytooling/download-artifact/releases )
- [Commits](https://github.com/pytooling/download-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: pyTooling/download-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:08:28 +00:00
dependabot[bot]
5d7e3d7a69
Build(deps): Bump actions/upload-artifact from 5.0.0 to 6.0.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: 6.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:08:23 +00:00
dependabot[bot]
d1dd8cd9cb
Build(deps): Bump deps/zlib from 5a82f71 to 570720b
...
Bumps [deps/zlib](https://github.com/madler/zlib ) from `5a82f71` to `570720b`.
- [Release notes](https://github.com/madler/zlib/releases )
- [Commits](5a82f71ed1...570720b0c2support@github.com >
2026-01-01 17:08:18 +00:00
dependabot[bot]
d509fd55d6
Build(deps): Bump actions/download-artifact from 6.0.0 to 7.0.0
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:08:18 +00:00
dependabot[bot]
473f64447d
Build(deps): Bump deps/flatbuffers from a577050 to 8914d06
...
Bumps [deps/flatbuffers](https://github.com/google/flatbuffers ) from `a577050` to `8914d06`.
- [Release notes](https://github.com/google/flatbuffers/releases )
- [Commits](a577050817...8914d06ab7support@github.com >
2026-01-01 17:08:16 +00:00
dependabot[bot]
6fde96d80d
Build(deps): Bump pyTooling/upload-artifact from 5 to 6
...
Bumps [pyTooling/upload-artifact](https://github.com/pytooling/upload-artifact ) from 5 to 6.
- [Release notes](https://github.com/pytooling/upload-artifact/releases )
- [Commits](https://github.com/pytooling/upload-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: pyTooling/upload-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-01 17:08:14 +00:00
dependabot[bot]
a6caa3bdfe
Build(deps): Bump deps/capstone from ca42e80 to 198cd49
...
Bumps [deps/capstone](https://github.com/capstone-engine/capstone ) from `ca42e80` to `198cd49`.
- [Release notes](https://github.com/capstone-engine/capstone/releases )
- [Commits](ca42e808a9...198cd49dd9support@github.com >
2026-01-01 17:08:13 +00:00
dependabot[bot]
61d4e2c4ac
Build(deps): Bump deps/googletest from 1b96fa1 to 9156d4c
...
Bumps [deps/googletest](https://github.com/google/googletest ) from `1b96fa1` to `9156d4c`.
- [Release notes](https://github.com/google/googletest/releases )
- [Commits](1b96fa13f5...9156d4caacsupport@github.com >
2026-01-01 17:08:11 +00:00
Maurice Heumann
0b82e18848
Skip redundant PR workflows ( #636 )
2026-01-01 11:56:30 +01:00
momo5502
f75929a3a4
Only run push actions for main branch
2026-01-01 11:37:29 +01:00
momo5502
9a7b9e553d
Revert "Skip redundant PR workflows"
...
This reverts commit ea78271129
2026-01-01 11:37:06 +01:00
momo5502
ea78271129
Skip redundant PR workflows
2026-01-01 11:16:43 +01:00
Maurice Heumann
d3c4c9e906
Fix registry unicode and enhance syscall exception logging ( #644 )
2025-12-30 17:58:12 +01:00
Maurice Heumann
1f936c024d
Fix thread support ( #640 )
...
This PR fixes several things related to threads emulation:
1. Support `SameTebFlags.InitialThread`
This flag is needed to support emulation of .net executables (not yet
fully supported) that don't have an entry point set in `PE` header. This
applies to both `PE32` and `PE64` executables. If `InitialThread` is set
the loader substitutes an entry point of the .net executable with
`mscoree.dll!_CorExeMain`.
2. Fix static thread local storage for `WOW64`
This fix resolves `shell32.dll` initialization on `WOW64`. This fix also
uses correct structure and field names that are obtained from the
corresponding `.pdb` files.
3. Fix dynamic thread local storage for `WOW64`
4. Fix setting argument of a `WOW64` thread start proc
5. Fix creating suspended thread and parse create_flags
Currently creating suspended thread doesn't work because
`NtCreateThreadEx` handler uses invalid flag `CREATE_SUSPENDED`. This PR
fixes that, and moreover it carefully parses create_flags of the
`NtCreateThreadEx` call.
6. Fix `FS` and `GS` handling
This PR fixes several problems with `GS` and `FS` segments:
* Wrong GDT descriptor for selector 0x53
* Update GDT descriptor for selector 0x53 for a `WOW64` process every
context switch like Windows does
* Set `GS` base when `GS` segment register is updated in 64-bit code
(code selector is `0x33`). When `GS` segment register is loaded with
correct selector (`0x2b`) `GS` base is set to 0. So, when the code
accesses something like `gs:[0]`, a page fault occurs. `KiPageFault`
handles this situation and sets correct `GS` base.
Also, take into account that `teb64.ExceptionList` initially contains
`teb32` address for `WOW64` process. This is used to setup `FS` base
when `wrfsbase` instruction is available. We can enable this instruction
using `kusd.ProcessorFeatures.arr[PF_RDWRFSGSBASE_AVAILABLE] = 1;` and
this work perfectly with `unicorn` backend. Unfortunately `icicle`
backend does not support `wrfsbase`, so I don't enable this instruction
by default.
2025-12-30 17:56:30 +01:00
Maurice Heumann
468190b5b9
VMP program simulation patches ( #643 )
...
This PR fixes some issues with VMP program emulation. It has
successfully allowed programs protected by VMP 3.5 to run normally, and
it modifies the following functions:
1. Correct implementation of ProcessInstrumentationCallback
2. Add missing path check in handle_NtCreateFile
3. Fix the check in handle_NtOpenSection
4. Fix the behavioral differences between the emulator and the kernel
when the return value is an invalid pointer
5. Add printing of the content of the NtRaiseHardError message box
6. Bypass NtClose detection for VMP
2025-12-30 17:53:13 +01:00
ssvine
f25ee26c36
Fix FS and GS handling
2025-12-30 15:19:05 +03:00
ssvine
57ad277158
Fix creating suspended thread and parse create_flags
2025-12-30 15:18:55 +03:00
ssvine
0370da327b
Fix setting argument of a WOW64 thread
2025-12-30 15:18:44 +03:00
ssvine
1ebe5356c9
Fix dynamic TLS for WOW64
2025-12-30 15:18:33 +03:00
ssvine
04ff582fa9
Fix static TLS for WOW64
...
This fix resolves shell32.dll TLS problems.
Also it uses correct structure and field names
2025-12-30 15:18:18 +03:00
66hh
82dff75f64
Fix the formatting again
2025-12-30 19:22:10 +08:00
brian
e2bb1c4d48
Fix registry unicode and enhance syscall exception logging
2025-12-30 19:13:47 +08:00
66hh
0521fdef7d
Fix code formatting issues
2025-12-30 18:50:59 +08:00
ssvine
fea27338bb
Support SameTebFlags.InitialThread
...
This flag is needed to suport emulation of .net executables
that don't have an entry point set in PE header. This applies
to both PE32 and PE64 executables. If InitialThread is set
the loader substitutes an entry point of the .net executable
with mscoree.dll!_CorExeMain.
2025-12-30 13:44:21 +03:00
66hh
d830bea3c5
Try to fix the build
2025-12-30 17:40:16 +08:00
66hh
c144f2f438
Adjust memory allocation method
2025-12-30 17:05:08 +08:00
66hh
536f2ce883
Adjust variable order
2025-12-29 00:54:31 +08:00
66hh
3cd461e2ab
Add the debugger_hide attribute to emulator_thread
2025-12-29 00:52:59 +08:00
66hh
12e96c8921
Adjust memory allocation method
2025-12-29 00:31:49 +08:00
66hh
1c11921701
Add error handling to prevent the engine from throwing errors
2025-12-28 23:45:52 +08:00
66hh
478fb7b4dd
Register NtWriteVirtualMemory
2025-12-28 20:52:43 +08:00
66hh
83d4cadf76
Modify memory API implementation
2025-12-28 20:48:26 +08:00
66hh
418c5abf49
Extract callback handling into a separate function
2025-12-28 19:51:45 +08:00
66hh
41b86f655b
Replace write with try_write in the handle_query function
2025-12-28 19:44:02 +08:00
66hh
c3464dd5c3
Introduce try_read/try_write for emulator_object
2025-12-28 19:40:53 +08:00
66hh
f95081cb6e
Introduce try_write_memory for the memory manager
2025-12-28 19:36:40 +08:00
66hh
020e7ca3f6
Fix the base address alignment issue
2025-12-28 19:14:42 +08:00
66hh
d83c602f19
Change data type to fix 32-bit build
2025-12-28 12:40:51 +08:00
66hh
2d24b4189d
Fix VMP NtClose detection
2025-12-27 19:51:29 +08:00
66hh
95b17566a0
Add NtRaiseHardError error message logging
2025-12-27 17:17:24 +08:00
66hh
02298e2303
Fix illegal address write
2025-12-27 17:17:24 +08:00
66hh
55310c57ac
Add additional path checks for NtOpenSection
2025-12-27 17:17:24 +08:00
66hh
98393c03d2
Add a check before the conversion path
2025-12-27 17:17:24 +08:00
66hh
ecc00216d6
Support ProcessInstrumentationCallback
2025-12-27 17:17:23 +08:00
