diff options
| -rw-r--r-- | example/jitter/test_x86_32_seh.py | 4 | ||||
| -rw-r--r-- | example/samples/x86_32_seh.S | 8 | ||||
| -rw-r--r-- | miasm/arch/x86/sem.py | 6 | ||||
| -rw-r--r-- | miasm/jitter/csts.py | 1 | ||||
| -rw-r--r-- | miasm/jitter/vm_mngr.h | 1 | ||||
| -rw-r--r-- | miasm/os_dep/win_api_x86_32_seh.py | 1 |
6 files changed, 19 insertions, 2 deletions
diff --git a/example/jitter/test_x86_32_seh.py b/example/jitter/test_x86_32_seh.py index 595b9586..d29d3a22 100644 --- a/example/jitter/test_x86_32_seh.py +++ b/example/jitter/test_x86_32_seh.py @@ -24,6 +24,9 @@ def deal_exception_illegal_instruction(jitter): jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_ILLEGAL_INSTRUCTION) return True +def deal_exception_single_step(jitter): + jitter.pc = win_api_x86_32_seh.fake_seh_handler(jitter, win_api_x86_32_seh.EXCEPTION_SINGLE_STEP) + return True def return_from_seh(jitter): win_api_x86_32_seh.return_from_seh(jitter) @@ -47,6 +50,7 @@ sb.jitter.add_exception_handler(EXCEPT_SOFT_BP, deal_exception_breakpoint) sb.jitter.add_exception_handler(EXCEPT_DIV_BY_ZERO, deal_exception_div) sb.jitter.add_exception_handler(1<<17, deal_exception_privileged_instruction) sb.jitter.add_exception_handler(EXCEPT_UNK_MNEMO, deal_exception_illegal_instruction) +sb.jitter.add_exception_handler(EXCEPT_INT_1, deal_exception_single_step) sb.jitter.add_breakpoint(win_api_x86_32_seh.return_from_exception, return_from_seh) diff --git a/example/samples/x86_32_seh.S b/example/samples/x86_32_seh.S index 7bb2c3cd..a637cccf 100644 --- a/example/samples/x86_32_seh.S +++ b/example/samples/x86_32_seh.S @@ -41,6 +41,12 @@ lbl_err_end4: ADD ESP, 4 RET +;; Single step +lbl_err_5: + INT 0x1 +lbl_err_end5: + NOP + error: MOV ECX, DWORD PTR [ESP+0xC] MOV EAX, DWORD PTR [ECX+0xB8] @@ -66,6 +72,7 @@ labels_err: .dword lbl_err_2 .dword lbl_err_3 .dword lbl_err_4 +.dword lbl_err_5 labels_err_end: @@ -74,3 +81,4 @@ labels_err_end: .dword lbl_err_end2 .dword lbl_err_end3 .dword lbl_err_end4 +.dword lbl_err_end5 diff --git a/miasm/arch/x86/sem.py b/miasm/arch/x86/sem.py index 3d38a9be..962667b4 100644 --- a/miasm/arch/x86/sem.py +++ b/miasm/arch/x86/sem.py @@ -28,7 +28,7 @@ from miasm.arch.x86.arch import mn_x86, repeat_mn, replace_regs from miasm.ir.ir import IntermediateRepresentation, IRBlock, AssignBlock from miasm.core.sembuilder import SemBuilder from miasm.jitter.csts import EXCEPT_DIV_BY_ZERO, EXCEPT_ILLEGAL_INSN, \ - EXCEPT_PRIV_INSN, EXCEPT_SOFT_BP, EXCEPT_INT_XX + EXCEPT_PRIV_INSN, EXCEPT_SOFT_BP, EXCEPT_INT_XX, EXCEPT_INT_1 import math import struct @@ -3386,7 +3386,9 @@ def icebp(_, instr): def l_int(_, instr, src): e = [] # XXX - if src.arg in [1, 3]: + if src.arg == 1: + except_int = EXCEPT_INT_1 + elif src.arg == 3: except_int = EXCEPT_SOFT_BP else: except_int = EXCEPT_INT_XX diff --git a/miasm/jitter/csts.py b/miasm/jitter/csts.py index 9c9919fc..6d40fe0d 100644 --- a/miasm/jitter/csts.py +++ b/miasm/jitter/csts.py @@ -18,6 +18,7 @@ EXCEPT_DIV_BY_ZERO = ((1 << 16) | EXCEPT_DO_NOT_UPDATE_PC) EXCEPT_PRIV_INSN = ((1 << 17) | EXCEPT_DO_NOT_UPDATE_PC) EXCEPT_ILLEGAL_INSN = ((1 << 18) | EXCEPT_DO_NOT_UPDATE_PC) EXCEPT_UNK_MNEMO = ((1 << 19) | EXCEPT_DO_NOT_UPDATE_PC) +EXCEPT_INT_1 = ((1 << 20) | EXCEPT_DO_NOT_UPDATE_PC) # VM Mngr constants diff --git a/miasm/jitter/vm_mngr.h b/miasm/jitter/vm_mngr.h index 35a648a5..bef91771 100644 --- a/miasm/jitter/vm_mngr.h +++ b/miasm/jitter/vm_mngr.h @@ -181,6 +181,7 @@ struct memory_breakpoint_info { #define EXCEPT_PRIV_INSN ((1<<17) | EXCEPT_DO_NOT_UPDATE_PC) #define EXCEPT_ILLEGAL_INSN ((1<<18) | EXCEPT_DO_NOT_UPDATE_PC) #define EXCEPT_UNK_MNEMO ((1<<19) | EXCEPT_DO_NOT_UPDATE_PC) +#define EXCEPT_INT_1 ((1<<20) | EXCEPT_DO_NOT_UPDATE_PC) int is_mem_mapped(vm_mngr_t* vm_mngr, uint64_t ad); diff --git a/miasm/os_dep/win_api_x86_32_seh.py b/miasm/os_dep/win_api_x86_32_seh.py index d1be9ad2..dadd0889 100644 --- a/miasm/os_dep/win_api_x86_32_seh.py +++ b/miasm/os_dep/win_api_x86_32_seh.py @@ -35,6 +35,7 @@ from miasm.os_dep.win_32_structs import LdrDataEntry, ListEntry, \ # Constants Windows EXCEPTION_BREAKPOINT = 0x80000003 +EXCEPTION_SINGLE_STEP = 0x80000004 EXCEPTION_ACCESS_VIOLATION = 0xc0000005 EXCEPTION_INT_DIVIDE_BY_ZERO = 0xc0000094 EXCEPTION_PRIV_INSTRUCTION = 0xc0000096 |