void SeniorVMHandle::r_get_mem(
long _register_index,
long _register_base,
long _scale,
long _lval)
{
//_lval += 0x20;
char sn = 0;
for (int i = 0; i < 32; i++)
{
if (_scale == 1<<i)
{
sn = i;
break;
}
}
if (_register_index || _register_base || _scale || _lval)
{
//d_add(_register_index,_register_base);
d_shl(_register_base,sn);
pop(T_INVALID);
pop(T_TMP_REGISTER5);
d_add(_register_index,T_TMP_REGISTER5);
pop(T_INVALID);
pop(T_TMP_REGISTER5);
d_push_imm(_lval);
pop(T_TMP_REGISTER4);
d_add(T_TMP_REGISTER5,T_TMP_REGISTER4);
pop(T_INVALID);
} else if (_register_index || _register_base || _lval)
{
} else if (_register_index || _scale || _lval)
{
} else if (_register_index || _register_base)
{
d_add(_register_index,_register_base);
pop(T_INVALID);
} else if (_register_base || _lval)
{
d_push_imm(_lval);
pop(T_TMP_REGISTER4);
d_add(_register_base,T_TMP_REGISTER4);
pop(T_INVALID);
} else if (_register_index || _lval)
{
d_push_imm(_lval);
pop(T_TMP_REGISTER4);
d_add(_register_index,T_TMP_REGISTER4);
pop(T_INVALID);
} else if (_register_index)
{
push(_register_index);
} else if (_register_base)
{
}
}
void SeniorVMHandle::d_not_and(long _register1,long _register2,bool is_data)
{
if (is_data)
{
d_push_imm( _register2 );
push( _register1 );
db( GET_HANDLE( d_nand ) );
return;
}
if (_register1 == 0 || _register2 == 0)
{
db(HANDLE.d_nand.handle);
return;
}
push(_register2,false);
// db(HANDLE.push_esp.handle);
//db(HANDLE.d_read_mem.handle);
//pop(_register2);
push(_register1,false);
//db(HANDLE.push_esp.handle);
//db(HANDLE.d_read_mem.handle);
//pop(_register1);
db(HANDLE.d_nand.handle);
}
void SeniorVMHandle::d_shr(long _register,char n,bool is_data)
{
if ( is_data )
d_push_imm( _register );
else
push(_register,false);
b_push_imm(n);
db(HANDLE.d_shr.handle);
}
void SeniorVMHandle::set_key( long _key )
{
//recover_vm_context();
#ifndef PROTECT_X64
d_push_imm( _key );
#else
q_push_imm( _key );
#endif
db( GET_HANDLE( set_key ) );
}
void SeniorVMHandle::b_add_b(long _register1,long _register2)
{
d_push_imm(0);
pop(T_TMP_REGISTER3);
b_and(_register1,_register2);
pop(T_INVALID);
b_xor(_register1,_register2);
pop(T_INVALID);
pop(T_TMP_R8_1H);
b_push_imm(1<<7);
pop(T_TMP_R8_1L);
pop(T_TMP_R8_2H);
b_and(T_TMP_R8_2H,T_TMP_R8_1L);
pop(T_INVALID);
pop(T_TMP_R8_3L);
d_shr(T_TMP_REGISTER3,7);
pop(T_INVALID);
pop(T_TMP_REGISTER3);
d_or(T_TMP_REGISTER3,T_TMP_EFLAG);
pop(T_INVALID);
pop(T_TMP_EFLAG);
d_push_imm(0);
pop(T_TMP_REGISTER3);
b_push_imm(1<<3);
pop(T_TMP_R8_3H);
b_and(T_TMP_R8_3H,T_TMP_R8_2H);
pop(T_INVALID);
pop(T_TMP_R8_2L);
b_shl(T_TMP_R8_2L,1);
pop(T_INVALID);
pop(T_TMP_R8_3L);
d_or(T_TMP_REGISTER3,T_TMP_EFLAG);
pop(T_INVALID);
pop(T_TMP_EFLAG);
b_shl(T_TMP_R8_2H,1);
pop(T_INVALID);
pop(T_TMP_R8_2H);
}
void SeniorVMHandle::d_not(long _register,bool is_data) //如果第二个参数为true 那第一个参数就是 要Not的立即数
{
if (is_data)
{
d_push_imm(_register);
d_copy_stack();
db( GET_HANDLE(d_nand) );
return;
}
if (_register == 0)
{
db(HANDLE.d_nand.handle);
return;
}
/*
char n = rand()%101;
if (n <= 10)
{
d_not(_register); //a = nand(_r,_r);
pop(T_INVALID);
d_not(_register); //b = nand(_r,_r);
pop(T_INVALID);
db(HANDLE.d_nand.handle); //nand(a,b)
pop(T_INVALID);
d_not(_register); //a = nand(_r,_r);
pop(T_INVALID);
d_not(_register); //b = nand(_r,_r);
pop(T_INVALID);
db(HANDLE.d_nand.handle); //nand(a,b)
pop(T_INVALID);
db(HANDLE.d_nand.handle);
return;
}*/
push(_register,false);
db(HANDLE.push_stack_top_base.handle);
db(HANDLE.d_read_mem.handle);
//#ifndef PROTECT_X64
//db(HANDLE.push_stack_top_base.handle);
//db(HANDLE.d_read_mem.handle);
//pop(_register);
//#endif
db(HANDLE.d_nand.handle);
}
void SeniorVMHandle::r_get_mem(
long _register_base,
long _register_index,
long _scale,
long _lval)
{
if (_register_base == T_NSP)
{
db( GET_HANDLE( push_esp ) );
pop( T_ESP );
}
d_push_imm( _lval );
pop( T_TMP_REGISTER4 );
if ( _register_index ) {
char sn = 0;
for (int i = 0; i < 32; i++)
{
if (_scale == 1<<i)
{
sn = i;
break;
}
}
d_shl( _register_index,sn );
pop( T_INVALID );
pop( T_TMP_REGISTER5 );
d_add(T_TMP_REGISTER4,T_TMP_REGISTER5 );
pop( T_INVALID );
pop( T_TMP_REGISTER4 );
}
if (_register_base)
{
d_add( _register_base,T_TMP_REGISTER4 );
pop( T_INVALID );
}
}
char SeniorVMHandle::push_operand( pVOperand o )
{
if (o == NULL)
{
return 0;
}
if (o->is_mem( ))
{
r_get_mem( o->_mem.base,o->_mem.index,o->_mem.scale,o->_mem.lval );
switch (o->_mem.size )
{
case 1:
db( GET_HANDLE( b_read_mem ) );
return 1;
break;
case 2:
db( GET_HANDLE( w_read_mem ) );
return 2;
break;
case 4:
db( GET_HANDLE( d_read_mem ) );
return 4;
break;
#ifdef PROTECT_X64
case 8:
db( GET_HANDLE( q_read_mem ) );
return 8;
break;
#endif
}
} else if (o->is_reg( ))
{
push( o->_reg.base );
if (o->_reg.base & T_E32X)
{
return 4;
} else if (o->_reg.base & T_16X)
{
return 2;
} else if ( o->_reg.base & T_8L || o->_reg.base & T_8H)
{
return 1;
} else
return 8;
} else if (o->is_imm( ))
{
switch( o->_imm.size )
{
case 1:
b_push_imm(o->_imm.value);
return 1;
break;
case 2:
w_push_imm( o->_imm.value );
return 2;
break;
case 4:
d_push_imm( o->_imm.value );
return 4;
break;
#ifdef PROTECT_X64
case 8:
q_push_imm( o->_imm.value );
return 8;
break;
#endif
}
} else if (o->is_none( ))
{
return 0;
}
else {
cout << "未知操作数\r\n" << endl;
throw;
return -1;
}
return 0;
}
void SeniorVMHandle::d_add(long _register1,long _register2,bool is_data)
{
if (!super_protect)
{
push(_register1,false);
if ( is_data )
d_push_imm( _register2 );
else
push(_register2,false);
db(HANDLE.d_add.handle);
return;
}
//return;
/* db(HANDLE.d_push_imm.handle);
dd(1<<31);
pcode->v_pop_register(T_TMP_REGISTER3);
d_and(_register1,T_TMP_REGISTER3);
pcode->v_pop_register(T_INVALID);
db(HANDLE.b_push_imm.handle);
db(20);
db(HANDLE.d_shr.handle);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_EFLAG);*/
d_xor(_register1,_register2);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER1);
d_not(T_TMP_REGISTER1);
pcode->v_pop_register(T_INVALID);
db(HANDLE.d_push_imm.handle);
dd(0x80000000);
pcode->v_pop_register(T_TMP_REGISTER2);
pcode->v_pop_register(T_TMP_REGISTER3);
d_and(T_TMP_REGISTER3,T_TMP_REGISTER2);
pcode->v_pop_register(T_INVALID);
// db(HANDLE.b_push_imm.handle);
// db(20);
// db(HANDLE.d_shr.handle);
// pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_EFLAG);
d_add_d(_register1,_register2);
for (int i = 0; i < 31; ++i) //6次 留一次填充标志位
{
d_add_d(T_TMP_REGISTER2,T_TMP_REGISTER1);
}
//pcode->v_push_register(T_TMP_R32_2);
// pcode->v_push_register(T_TMP_EFLAG);
//pcode->v_push_register(T_TMP_REGISTER1);
///OF 判断是否溢出
d_xor(_register2,T_TMP_REGISTER1);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
db(HANDLE.d_push_imm.handle);
dd(0x80000000);
pcode->v_pop_register(T_TMP_REGISTER4);
d_and(T_TMP_REGISTER4,T_TMP_REGISTER3);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
d_and(T_TMP_EFLAG,T_TMP_REGISTER3);
pcode->v_pop_register(T_INVALID);
db(HANDLE.b_push_imm.handle);
db(20);
db(HANDLE.d_shr.handle);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER4);
//db(HANDLE.d_push_imm.handle);
//dd(0x800);
//pcode->v_pop_register(T_TMP_REGISTER3);
// d_and(T_TMP_REGISTER3,T_TMP_REGISTER4);
// pcode->v_pop_register(T_INVALID);
//pcode->v_pop_register(T_TMP_REGISTER3);
//d_and(T_TMP_EFLAG,T_TMP_REGISTER3); //这时候的OF还在最高位
//pcode->v_pop_register(T_INVALID);
//pcode->v_pop_register(T_TMP_REGISTER3);
//db(HANDLE.d_push_imm.handle);
//dd(0xFFFFF7FF);
//pcode->v_pop_register(T_TMP_REGISTER3);
//d_or(T_TMP_REGISTER3,T_TMP_REGISTER4);
//pcode->v_pop_register(T_INVALID);
//pcode->v_pop_register(T_TMP_REGISTER4);
d_or(T_TMP_EFLAG,T_TMP_REGISTER4);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_EFLAG);
/*pcode->v_push_register(T_TMP_EFLAG);
db(HANDLE.push_esp.handle);
db(HANDLE.d_read_mem.handle);
pcode->v_pop_register(T_TMP_EFLAG);
db(HANDLE.b_push_imm.handle);
db(20);
db(HANDLE.d_shl.handle);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
d_xor(_register1,T_TMP_REGISTER3);
pcode->v_pop_register(T_INVALID);
//pcode->v_pop_register(T_TMP_REGISTER3);
db(HANDLE.b_push_imm.handle);
db(20);
db(HANDLE.d_shr.handle);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER4);
db(HANDLE.d_push_imm.handle);
dd(0x800);
pcode->v_pop_register(T_TMP_REGISTER3);
d_and(T_TMP_REGISTER3,T_TMP_REGISTER4);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
d_and(T_TMP_EFLAG,T_TMP_REGISTER3);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
d_or(T_TMP_EFLAG,T_TMP_REGISTER3);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_EFLAG);*/
/////end OF
d_and(T_TMP_REGISTER1,T_TMP_REGISTER1);
pcode->v_pop_register(T_TMP_REGISTER2); //EFLAG
d_or(T_TMP_EFLAG,T_TMP_REGISTER2);
pcode->v_pop_register(T_INVALID);
/*
pcode->v_push_register(T_TMP_EFLAG);
db(HANDLE.push_esp.handle);
db(HANDLE.d_read_mem.handle);
pcode->v_pop_register(T_TMP_EFLAG);
db(HANDLE.b_push_imm.handle);
db(31);
db(HANDLE.d_shr.handle);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
d_or(T_TMP_REGISTER3,T_TMP_REGISTER2);
pcode->v_pop_register(T_INVALID);
/* pcode->v_pop_register(T_TMP_REGISTER2);
pcode->v_push_register(T_TMP_EFLAG);
db(HANDLE.push_esp.handle);
db(HANDLE.d_read_mem.handle);
pcode->v_pop_register(T_TMP_EFLAG);
db(HANDLE.b_push_imm.handle);
db(3);
db(HANDLE.d_shr.handle);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER3);
d_and(T_TMP_REGISTER3,T_TMP_REGISTER2);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER2);
pcode->v_push_register(T_TMP_EFLAG);
db(HANDLE.d_push_imm.handle);
db(1<<11);
pcode->v_pop_register(T_TMP_REGISTER3);
d_xor(T_TMP_REGISTER3,T_TMP_REGISTER2);
pcode->v_pop_register(T_INVALID);
//pcode->v_push_register(T_TMP_REGISTER3);
pcode->v_pop_register(T_TMP_REGISTER4);
d_and(T_TMP_REGISTER3,T_TMP_REGISTER4);
pcode->v_pop_register(T_INVALID);
pcode->v_pop_register(T_TMP_REGISTER4);
d_or(T_TMP_REGISTER4,T_TMP_REGISTER2);
pcode->v_pop_register(T_INVALID);*/
//db(HANDLE.push_esp.handle);
//db(HANDLE.d_read_mem.handle);
// pcode->v_pop_register(T_EAX);
}
