static uint32_t assemble_shift(instruction_t *instr)
{
/* PRE: Take a valid and legal pointer to an instruction.
* POST: Check the presence of the shift and in case it applies it. */
assert (instr != NULL);
/* The offset is a register so we set the BIT_I: */
uint32_t shift_result = 0x0000000;
uint32_t BIT_I = 1 << 25;
uint8_t rm = 0;
if (instr->no_of_ops > 2)
rm = get_reg_int(instr->ops[2]);
else
rm = get_reg_int(instr->ops[1] + 4);
regex_t rec_shift_reg;
regex_t rec_shift_exp;
regmatch_t shift_pos[1];
/* We use regex to check if the instructions contains a shift and to save
* the index of the start and end of the shift: */
check_and_compile_regex(&rec_shift_reg, RE_SHIFT_REG, REG_EXTENDED);
check_and_compile_regex(&rec_shift_exp, RE_SHIFT_EXP, REG_EXTENDED);
int reg_match = !regexec(&rec_shift_reg, instr->instr_str, 1, shift_pos, 0);
int exp_match = !regexec(&rec_shift_exp, instr->instr_str, 1, shift_pos, 0);
/* Check if we have a shift with register or a shift with expression */
if (reg_match || exp_match) {
int start_shift = shift_pos->rm_so;
int end_shift = shift_pos->rm_eo;
char *shift_name
= cut_string(instr->instr_str, start_shift, start_shift + 3);
uint32_t reg_or_exp
= (reg_match ? reg_to_int : string_to_int)
(cut_string(instr->instr_str, start_shift + 3, end_shift));
regfree(&rec_shift_reg);
regfree(&rec_shift_exp);
/* Calculate the shift given the shift name, a string containing the
* value of the register or the expression shifted, the index of rm,
* and an int to indicate if the shift use a register (1) or an
* expression (0) */
shift_result = get_shift(shift_name, reg_or_exp, rm, reg_match);
}
regfree(&rec_shift_reg);
regfree(&rec_shift_exp);
/* If there is not shift we return the index of rm */
return shift_result | BIT_I | rm;
}
void diag(FILE *output)
{
char *yn[] = { "No", "Yes", "Unknown" };
fprintf(output,"CVSNT Diagnostic output\n");
fprintf(output,"-----------------------\n");
fprintf(output,"\n");
fprintf(output,"Server version: "CVSNT_PRODUCTVERSION_STRING"\n");
fprintf(output,"OS Version: %s\n",get_os_version());
fprintf(output,"\n");
fprintf(output,"CVS Service installed: %s\n",service_installed("Cvsnt")?"Yes":"No");
fprintf(output,"LockService installed: %s\n",service_installed("CvsLock")?"Yes":"No");
fprintf(output,"\n");
fprintf(output,":pserver: installed: %s\n",protocol_installed("pserver")?"Yes":"No");
fprintf(output,":sserver: installed: %s\n",protocol_installed("sserver")?"Yes":"No");
fprintf(output,":gserver: installed: %s\n",protocol_installed("gserver")?"Yes":"No");
fprintf(output,":server: installed: %s\n",protocol_installed("server")?"Yes":"No");
fprintf(output,":ssh: installed: %s\n",protocol_installed("ssh")?"Yes":"No");
fprintf(output,":sspi: installed: %s\n",protocol_installed("sspi")?"Yes":"No");
fprintf(output,":ext: installed: %s\n",protocol_installed("ext")?"Yes":"No");
fprintf(output,"\n");
fprintf(output,"Installation Path: %s\n",get_reg_string("InstallPath"));
fprintf(output,"Repository 0 Path: %s\n",get_reg_string("Repository0"));
fprintf(output,"Repository 0 Name: %s\n",get_reg_string("Repository0Name"));
fprintf(output,"Repository 1 Path: %s\n",get_reg_string("Repository1"));
fprintf(output,"Repository 1 Name: %s\n",get_reg_string("Repository1Name"));
fprintf(output,"Repository 2 Path: %s\n",get_reg_string("Repository2"));
fprintf(output,"Repository 2 Name: %s\n",get_reg_string("Repository2Name"));
fprintf(output,"Repository 3 Path: %s\n",get_reg_string("Repository3"));
fprintf(output,"Repository 3 Name: %s\n",get_reg_string("Repository3Name"));
fprintf(output,"CVS Temp directory: %s\n",get_reg_string("TempDir"));
fprintf(output,"CA Certificate File: %s\n",get_reg_string("CertificateFile"));
fprintf(output,"Private Key File: %s\n",get_reg_string("PrivateKeyFile"));
fprintf(output,"Local Users Only: %s\n",get_reg_int("DontUseDomain")?"Yes":"No");
fprintf(output,"Default LockServer: %s\n",get_reg_string("LockServer"));
fprintf(output,"Disable Reverse DNS: %s\n",get_reg_int("NoReverseDns")?"Yes":"No");
fprintf(output,"Server Tracing: %s\n",get_reg_int("AllowTrace")?"Yes":"No");
fprintf(output,"Case Sensitive: %s\n",get_reg_int("CaseSensitive")?"Yes":"No");
fprintf(output,"Server listen port: %d\n",get_reg_int("PServerPort"));
fprintf(output,"Compatibility (Non-cvsnt clients):\n");
fprintf(output,"\tReport old CVS version: %s\n",get_reg_int("Compat0_OldVersion")?"Yes":"No");
fprintf(output,"\tHide extended status: %s\n",get_reg_int("Compat0_HideStatus")?"Yes":"No");
fprintf(output,"\tEmulate co -n bug: %s\n",get_reg_int("Compat0_OldCheckout")?"Yes":"No");
fprintf(output,"\tIgnore client wrappers: %s\n",get_reg_int("Compat0_IgnoreWrappers")?"Yes":"No");
fprintf(output,"Compatibility (CVSNT clients):\n");
fprintf(output,"\tReport old CVS version: %s\n",get_reg_int("Compat1_OldVersion")?"Yes":"No");
fprintf(output,"\tHide extended status: %s\n",get_reg_int("Compat1_HideStatus")?"Yes":"No");
fprintf(output,"\tEmulate co -n bug: %s\n",get_reg_int("Compat1_OldCheckout")?"Yes":"No");
fprintf(output,"\tIgnore client wrappers: %s\n",get_reg_int("Compat1_IgnoreWrappers")?"Yes":"No");
fprintf(output,"Default domain: %s\n",get_reg_string("DefaultDomain"));
fprintf(output,"Force run as user: %s\n",get_reg_string("RunAsUser"));
fprintf(output,"\n");
fprintf(output,"Temp dir readable by current user: %s\n",yn[is_readable(false,get_reg_string("TempDir"))]);
// fprintf(output,"Temp dir readable by LocalSystem: %s\n",yn[is_readable(true,get_reg_string("TempDir"))]);
fprintf(output,"Repository0 readable by current user: %s\n",yn[is_readable(false,get_reg_string("Repository0"))]);
// fprintf(output,"Repository0 readable by LocalSystem: %s\n",yn[is_readable(true,get_reg_string("Repository0"))]);
fprintf(output,"Temp dir writable by current user: %s\n",yn[is_writable(false,get_reg_string("TempDir"))]);
// fprintf(output,"Temp dir writable by LocalSystem: %s\n",yn[is_writable(true,get_reg_string("TempDir"))]);
fprintf(output,"\n");
fprintf(output,"AV files detected:\n");
print_found_files(output,"_AVP32.EXE\0_AVPCC.EXE\0_AVPM.EXE\0AVP32.EXE\0AVPCC.EXE\0AVPM.EXE\0"
"N32SCANW.EXE\0NAVAPSVC.EXE\0NAVAPW32.EXE\0NAVLU32.EXE\0NAVRUNR.EXE\0NAVW32.EXE"
"NAVWNT.EXE\0NOD32.EXE\0NPSSVC.EXE\0NRESQ32.EXE\0NSCHED32.EXE\0NSCHEDNT.EXE"
"NSPLUGIN.EXE\0SCAN.EXE\0AVGSRV.EXE\0AVGSERV.EXE\0AVGCC32.EXE\0AVGCC.EXE\0"
"AVGAMSVR.EXE\0AVGUPSVC.EXE\0NOD32KRN.EXE\0NOD32KUI.EXE\0");
fprintf(output,"\n");
WSADATA wsa = {0};
if(WSAStartup(MAKEWORD(2,0),&wsa))
fprintf(output,"Winsock intialisation failed!\n");
else
{
fprintf(output,"Installed Winsock protocols:\n\n");
DWORD dwSize=0;
LPWSAPROTOCOL_INFO proto;
WSAEnumProtocols(NULL,NULL,&dwSize);
proto=(LPWSAPROTOCOL_INFO)malloc(dwSize);
WSAEnumProtocols(NULL,proto,&dwSize);
for(int n=0; n<(int)(dwSize/sizeof(proto[0])); n++)
{
if(!strncmp(proto[n].szProtocol,"MSAFD NetBIOS",13))
continue; // Ignore netbios layers
fprintf(output,"%d: %s\n",proto[n].dwCatalogEntryId,proto[n].szProtocol);
}
free(proto);
}
}
static int calculate_second_operand(assembly_state_t *state,
instruction_t *instr, uint32_t addr, uint32_t *load)
{
/* PRE : The given state is initialised. The instruction is a SDTR instr.
load points to sufficient space to store uint32_t.
* POST: If can be completed, loads the value of both base register and
offset into the given uint32_t* and returns 0. If we need to
pass to data processing (for mov), we leave load and return 1. */
assert (state != NULL && instr != NULL && load != NULL);
uint32_t offset = 0x00000000;
uint32_t rn = 0;
regex_t regex;
/* We use a regex to check if we need to subtract the offset form the base
* register or if we need to add it and we set the BIT_U according to it. */
check_and_compile_regex(®ex, RE_MINUS, REG_EXTENDED);
uint32_t BIT_U = (regexec(®ex, instr->instr_str, 0, NULL, 0) != 0) << 23;
regfree(®ex);
/* Check if the second operand is a numeric constant (i.e. it has the
* form "=expression"). */
check_and_compile_regex(®ex, RE_EQ_EXP, REG_EXTENDED);
if (!regexec(®ex, instr->ops[1], 0, NULL, 0)) {
/* If assemble_constant calls the mov function we exit from the
* single_data function */
if (assemble_constant(state, instr, addr, &offset))
return EXIT_FAILURE;
}
regfree(®ex);
/* Check if the second operand has the form "[Rn].." or [Rn, .."
* If it is, we use Rn as base register */
check_and_compile_regex(®ex, RE_REGISTER, REG_EXTENDED);
if (!regexec(®ex, instr->ops[1], 0, NULL, 0)) {
rn = get_reg_int(instr->ops[1]) << 16;
}
regfree(®ex);
/* Check if the address is exactly "[Rn, <#expression>]: or has the exact
* form "[Rn], <#expression>". */
check_and_compile_regex(®ex, RE_REG_EXP, REG_EXTENDED);
if (!regexec(®ex, instr->instr_str, 0, NULL, 0)) {
offset |= assemble_expression(instr);
}
regfree(®ex);
/* Check if the instruction contains the form "[Rn,{+/-}Rm]" or the form
* "[Rn,{+/-}Rm" */
check_and_compile_regex(®ex, RE_RN_RM, REG_EXTENDED);
if (!regexec(®ex, instr->instr_str, 0, NULL, 0)) {
offset |= assemble_shift(instr);
}
regfree(®ex);
*load |= offset | rn | BIT_U;
return EXIT_SUCCESS;
}
