ADDRESS MachOBinaryFile::GetMainEntryPoint() {
ADDRESS aMain = GetAddressByName ("main", true);
if (aMain != NO_ADDRESS)
return aMain;
aMain = GetAddressByName ("_main", true);
if (aMain != NO_ADDRESS)
return aMain;
return NO_ADDRESS;
}
static BOOL read_bindery( char * name ) {
/***************************************/
GUID guid = DBG_SAP_ID;
static char addr_buff[1024];
DWORD len;
DWORD alias_len;
int protocols[2] = { NSPROTO_IPX, 0 };
INT num;
LPCSADDR_INFO address_info;
len = sizeof( addr_buff );
alias_len = 0;
num = GetAddressByName( NS_SAP,
&guid,
name,
protocols,
0,
NULL,
addr_buff,
&len,
NULL,
&alias_len );
if( _bad_rc( num ) || num < 1 ) {
return( FALSE );
}
address_info = (LPCSADDR_INFO)addr_buff;
PartnerAddr = *(struct sockaddr_ipx *)(address_info->RemoteAddr.lpSockaddr);
return( TRUE );
}
ADDRESS DOS4GWBinaryFile::GetMainEntryPoint() {
ADDRESS aMain = GetAddressByName ("main", true);
if (aMain != NO_ADDRESS)
return aMain;
aMain = GetAddressByName ("__CMain", true);
if (aMain != NO_ADDRESS)
return aMain;
// Search with this crude pattern: call, sub ebp, ebp, call __Cmain in the first 0x300 bytes
// Start at program entry point
unsigned p = LMMH(m_pLXHeader->eip);
unsigned lim = p + 0x300;
unsigned char op1, op2;
ADDRESS addr;
//unsigned lastOrdCall = 0; //TODO: identify the point of setting this variable
bool gotSubEbp = false; // True if see sub ebp, ebp
bool lastWasCall = false; // True if the last instruction was a call
SectionInfo* si = GetSectionInfoByName("seg0"); // Assume the first section is text
if (si == nullptr) si = GetSectionInfoByName(".text");
if (si == nullptr) si = GetSectionInfoByName("CODE");
assert(si);
ADDRESS nativeOrigin = si->uNativeAddr;
unsigned textSize = si->uSectionSize;
if (textSize < 0x300)
lim = p + textSize;
while (p < lim) {
op1 = *(unsigned char*)(p + base);
op2 = *(unsigned char*)(p + base + 1);
//std::cerr << std::hex << "At " << p << ", ops " << (unsigned)op1 << ", " << (unsigned)op2 << std::dec << "\n";
switch (op1) {
case 0xE8: {
// An ordinary call
if (gotSubEbp) {
// This is the call we want. Get the offset from the call instruction
addr = nativeOrigin + p + 5 + LMMH(*(p + base + 1));
// std::cerr << "__CMain at " << std::hex << addr << "\n";
return addr;
}
//lastOrdCall = p;
lastWasCall = true;
break;
}
case 0x2B: // 0x2B 0xED is sub ebp,ebp
if (op2 == 0xED && lastWasCall)
gotSubEbp = true;
lastWasCall = false;
break;
default:
gotSubEbp = false;
lastWasCall = false;
break;
case 0xEB: // Short relative jump
if (op2 >= 0x80) // Branch backwards?
break; // Yes, just ignore it
// Otherwise, actually follow the branch. May have to modify this some time...
p += op2+2; // +2 for the instruction itself, and op2 for the displacement
continue; // Don't break, we have the new "pc" set already
}
int size = microX86Dis(p + base);
if (size == 0x40) {
fprintf(stderr, "Warning! Microdisassembler out of step at offset 0x%x\n", p);
size = 1;
}
p += size;
}
return NO_ADDRESS;
}
