void nteh_usevars() { #if SCPP // Turn off SFLdead and SFLunambig in Sflags nteh_contextsym()->Sflags &= ~(SFLdead | SFLunambig); nteh_contextsym()->Sflags |= SFLread; nteh_ecodesym()->Sflags &= ~(SFLdead | SFLunambig); nteh_ecodesym()->Sflags |= SFLread; #else // Turn off SFLdead and SFLunambig in Sflags nteh_contextsym()->Sflags &= ~SFLdead; nteh_contextsym()->Sflags |= SFLread; #endif }
code *nteh_filter(block *b) { code cs; CodeBuilder cdb; assert(b->BC == BC_filter); if (b->Bflags & BFLehcode) // if referenced __ecode { /* Generate: mov EAX,__context[EBP].info mov EAX,[EAX] mov EAX,[EAX] mov __ecode[EBP],EAX */ cdb.append(getregs(mAX)); cs.Iop = 0x8B; cs.Irm = modregrm(2,AX,BPRM); cs.Iflags = 0; cs.Irex = 0; cs.IFL1 = FLconst; // EBP offset of __context.info cs.IEV1.Vint = nteh_EBPoffset_info(); cdb.gen(&cs); // MOV EAX,__context[EBP].info cs.Irm = modregrm(0,AX,0); cdb.gen(&cs); // MOV EAX,[EAX] cdb.gen(&cs); // MOV EAX,[EAX] cs.Iop = 0x89; cs.Irm = modregrm(2,AX,BPRM); cs.IFL1 = FLauto; cs.IEVsym1 = nteh_ecodesym(); cs.IEVoffset1 = 0; cdb.gen(&cs); // MOV __ecode[EBP],EAX } return cdb.finish(); }