diff options
| -rw-r--r-- | example/samples/x86_32_pop_esp.S | 18 | ||||
| -rw-r--r-- | miasm2/arch/x86/sem.py | 4 | ||||
| -rw-r--r-- | test/test_all.py | 2 |
3 files changed, 22 insertions, 2 deletions
diff --git a/example/samples/x86_32_pop_esp.S b/example/samples/x86_32_pop_esp.S new file mode 100644 index 00000000..4115a522 --- /dev/null +++ b/example/samples/x86_32_pop_esp.S @@ -0,0 +1,18 @@ +main: + MOV EAX, ESP + CALL test + MOV ESP, EAX + PUSH 0 + PUSH title + PUSH msg + PUSH 0 + CALL DWORD PTR [ MessageBoxA ] + RET + +test: + POP ESP + JMP ESP +title: +.string "Hello!" +msg: +.string "World!" diff --git a/miasm2/arch/x86/sem.py b/miasm2/arch/x86/sem.py index 22e8c276..6fc2e96b 100644 --- a/miasm2/arch/x86/sem.py +++ b/miasm2/arch/x86/sem.py @@ -635,7 +635,9 @@ def pop(ir, instr, a): if not s in [16, 32, 64]: raise ValueError('bad size stacker!') new_esp = mRSP[instr.mode][:s] + ExprInt_fromsize(s, off / 8) - e.append(ExprAff(mRSP[instr.mode][:s], new_esp)) + # don't generate ESP incrementation on POP ESP + if a != ir.sp: + e.append(ExprAff(mRSP[instr.mode][:s], new_esp)) # XXX FIX XXX for pop [esp] if isinstance(a, ExprMem): a = a.replace_expr({mRSP[instr.mode]: new_esp}) diff --git a/test/test_all.py b/test/test_all.py index 5de12bf4..66620375 100644 --- a/test/test_all.py +++ b/test/test_all.py @@ -120,7 +120,7 @@ class ExampleShellcode(ExampleAssembler): testset += ExampleShellcode(['x86_32', 'x86_32_manip_ptr.S', "demo_x86_32.bin"]) test_box = {} -test_box_names = ["mod", "mod_self", "repmod", "simple", "enc"] +test_box_names = ["mod", "mod_self", "repmod", "simple", "enc", "pop_esp"] for source in test_box_names: sample_base = "x86_32_" + source args = ["x86_32", sample_base + ".S", sample_base + ".bin", "--PE"] |