bool is_trivial_nop(const Vinstr& inst) { return (inst.op == Vinstr::copy && is_nop(inst.copy_)) || (inst.op == Vinstr::copy2 && is_nop(inst.copy2_)) || (inst.op == Vinstr::lea && is_nop(inst.lea_)) || inst.op == Vinstr::nop; }
static GeglRectangle get_required_for_output (GeglOperation *operation, const gchar *input_pad, const GeglRectangle *roi) { GeglRectangle result = *roi; if (! is_nop (operation)) { GeglProperties *o = GEGL_PROPERTIES (operation); GeglRectangle *in_rect = gegl_operation_source_get_bounding_box (operation, "input"); if (in_rect) { switch (o->mode) { case GEGL_SPHERIZE_MODE_RADIAL: result = *in_rect; break; case GEGL_SPHERIZE_MODE_HORIZONTAL: result.x = in_rect->x; result.width = in_rect->width; break; case GEGL_SPHERIZE_MODE_VERTICAL: result.y = in_rect->y; result.height = in_rect->height; break; } } } return result; }
// Relocation for conditional branches inline bool MacroAssembler::is_bc_far_variant3_at(address instruction_addr) { // Variant 3, far cond branch to the next instruction, already patched to nops: // // nop // endgroup // SKIP/DEST: // const int instruction_1 = *(int*)(instruction_addr); const int instruction_2 = *(int*)(instruction_addr + 4); return is_nop(instruction_1) && is_endgroup(instruction_2); }
static gboolean parent_process (GeglOperation *operation, GeglOperationContext *context, const gchar *output_prop, const GeglRectangle *result, gint level) { if (is_nop (operation)) { GObject *input; input = gegl_operation_context_get_object (context, "input"); gegl_operation_context_set_object (context, "output", input); return TRUE; } return GEGL_OPERATION_CLASS (gegl_op_parent_class)->process (operation, context, output_prop, result, level); }
//------------------------------------------------------------------------------ // Name: do_find // Desc: //------------------------------------------------------------------------------ void DialogROPTool::do_find() { const QItemSelectionModel *const selModel = ui->tableView->selectionModel(); const QModelIndexList sel = selModel->selectedRows(); if(sel.size() == 0) { QMessageBox::critical( this, tr("No Region Selected"), tr("You must select a region which is to be scanned for gadgets.")); } else { unique_results_.clear(); if(IProcess *process = edb::v1::debugger_core->process()) { for(const QModelIndex &selected_item: sel) { const QModelIndex index = filter_model_->mapToSource(selected_item); if(auto region = *reinterpret_cast<const IRegion::pointer *>(index.internalPointer())) { edb::address_t start_address = region->start(); const edb::address_t end_address = region->end(); const edb::address_t orig_start = start_address; ByteShiftArray bsa(32); while(start_address < end_address) { // read in the next byte quint8 byte; if(process->read_bytes(start_address, &byte, 1)) { bsa << byte; const quint8 *p = bsa.data(); const quint8 *const l = p + bsa.size(); edb::address_t rva = start_address - bsa.size() + 1; QList<edb::Instruction> instruction_list; // eat up any NOPs in front... Q_FOREVER { edb::Instruction inst(p, l, rva); if(!is_nop(inst)) { break; } instruction_list << inst; p += inst.size(); rva += inst.size(); } edb::Instruction inst1(p, l, rva); if(inst1) { instruction_list << inst1; if(inst1.operation() == edb::Instruction::Operation::X86_INS_INT && inst1.operands()[0].general_type() == edb::Operand::TYPE_IMMEDIATE && (inst1.operands()[0].immediate() & 0xff) == 0x80) { add_gadget(instruction_list); } else if(inst1.operation() == edb::Instruction::Operation::X86_INS_SYSENTER) { add_gadget(instruction_list); } else if(inst1.operation() == edb::Instruction::Operation::X86_INS_SYSCALL) { add_gadget(instruction_list); } else if(is_ret(inst1)) { ui->progressBar->setValue(util::percentage(start_address - orig_start, region->size())); ++start_address; continue; } else { p += inst1.size(); rva += inst1.size(); // eat up any NOPs in between... Q_FOREVER { edb::Instruction inst(p, l, rva); if(!is_nop(inst)) { break; } instruction_list << inst; p += inst.size(); rva += inst.size(); } edb::Instruction inst2(p, l, rva); if(is_ret(inst2)) { instruction_list << inst2; add_gadget(instruction_list); } else if(inst2 && inst2.operation() == edb::Instruction::Operation::X86_INS_POP) { instruction_list << inst2; p += inst2.size(); rva += inst2.size(); edb::Instruction inst3(p, l, rva); if(inst3 && inst3.operation() == edb::Instruction::Operation::X86_INS_JMP) { instruction_list << inst3; if(inst2.operand_count() == 1 && inst2.operands()[0].general_type() == edb::Operand::TYPE_REGISTER) { if(inst3.operand_count() == 1 && inst3.operands()[0].general_type() == edb::Operand::TYPE_REGISTER) { if(inst2.operands()[0].reg() == inst3.operands()[0].reg()) { add_gadget(instruction_list); } } } } } } // TODO(eteran): catch things like "add rsp, 8; jmp [rsp - 8]" and similar, it's rare, // but could happen } } ui->progressBar->setValue(util::percentage(start_address - orig_start, region->size())); ++start_address; } } } } }