about summary refs log tree commit diff stats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--miasm/arch/ia32_sem.py44
-rw-r--r--miasm/expression/expression.py6
-rwxr-xr-xmiasm/tools/emul_helper.py2
-rw-r--r--miasm/tools/emul_lib/libcodenat.c37
-rw-r--r--miasm/tools/emul_lib/libcodenat.h1
-rw-r--r--miasm/tools/to_c_helper.py30
6 files changed, 102 insertions, 18 deletions
diff --git a/miasm/arch/ia32_sem.py b/miasm/arch/ia32_sem.py
index cc809b16..0b0565da 100644
--- a/miasm/arch/ia32_sem.py
+++ b/miasm/arch/ia32_sem.py
@@ -228,14 +228,14 @@ float_c3 = ExprId(reg_float_c3)
 float_stack_ptr = ExprId(reg_float_stack_ptr)
 float_control = ExprId(reg_float_control)
                           
-float_st0 = ExprId(reg_float_st0)
-float_st1 = ExprId(reg_float_st1)
-float_st2 = ExprId(reg_float_st2)
-float_st3 = ExprId(reg_float_st3)
-float_st4 = ExprId(reg_float_st4)
-float_st5 = ExprId(reg_float_st5)
-float_st6 = ExprId(reg_float_st6)
-float_st7 = ExprId(reg_float_st7)
+float_st0 = ExprId(reg_float_st0, 64)
+float_st1 = ExprId(reg_float_st1, 64)
+float_st2 = ExprId(reg_float_st2, 64)
+float_st3 = ExprId(reg_float_st3, 64)
+float_st4 = ExprId(reg_float_st4, 64)
+float_st5 = ExprId(reg_float_st5, 64)
+float_st6 = ExprId(reg_float_st6, 64)
+float_st7 = ExprId(reg_float_st7, 64)
 
 
 
@@ -1229,6 +1229,11 @@ def jno(a, b):
     e.append(ExprAff(eip, ExprCond(ExprOp('==', of, ExprInt(uint32(0))), b, a)))
     return e
 
+def jecxz(a, b): 
+    e= []
+    e.append(ExprAff(eip, ExprCond(ExprOp('==', ecx, ExprInt(uint32(0))), b, a)))
+    return e
+
 
 def loop(a, b): 
     e= []
@@ -1462,11 +1467,13 @@ def float_pop(avoid_flt = None):
 # XXX TODO
 def fcom(a):
     e = []
+    """
     if isinstance(a, ExprMem):
         src = ExprOp('mem_%.2d_to_double'%a.get_size(), a)
     else:
         src = a
-    
+    """
+    src = a
     e.append(ExprAff(float_c0, ExprOp('fcom_c0', float_st0, src)))
     e.append(ExprAff(float_c1, ExprOp('fcom_c1', float_st0, src)))
     e.append(ExprAff(float_c2, ExprOp('fcom_c2', float_st0, src)))
@@ -1482,6 +1489,11 @@ def fcomp(a):
     return e
 
 def fld(a):
+    if isinstance(a, ExprMem):
+        src = ExprOp('mem_%.2d_to_double'%a.get_size(), a)
+    else:
+        src = a
+
     e= []
     e.append(ExprAff(float_st7, float_st6))
     e.append(ExprAff(float_st6, float_st5))
@@ -1490,7 +1502,7 @@ def fld(a):
     e.append(ExprAff(float_st3, float_st2))
     e.append(ExprAff(float_st2, float_st1))
     e.append(ExprAff(float_st1, float_st0))
-    e.append(ExprAff(float_st0, a))
+    e.append(ExprAff(float_st0, src))
     e.append(ExprAff(float_stack_ptr, ExprOp('+', float_stack_ptr, ExprInt(uint32(1)))))
     return e
 
@@ -1539,6 +1551,16 @@ def fadd(a):
     e.append(ExprAff(float_st0, ExprOp('fadd', float_st0, src)))
     return e
 
+def fdiv(a):
+    e = []
+    if isinstance(a, ExprMem):
+        src = ExprOp('mem_%.2d_to_double'%a.get_size(), a)
+    else:
+        src = a
+    e.append(ExprAff(float_st0, ExprOp('fdiv', float_st0, src)))
+    return e
+
+
 def fnstsw():
     dst = eax
     return [ExprAff(dst, ExprCompose([ExprSliceTo(ExprInt(uint32(0)), 0, 8),
@@ -1836,6 +1858,7 @@ mnemo_func = {'mov': mov,
               'jns':jns,
               'jo':jo,
               'jno':jno,
+              'jecxz':jecxz,
               'loop':loop,
               'loopne':loopne,
               'div':div,
@@ -1871,6 +1894,7 @@ mnemo_func = {'mov': mov,
               'fldz':fldz,
               'fild':fild,
               'fadd':fadd,
+              'fdiv':fdiv,
               'fnstsw':fnstsw,
               'fnstcw':fnstcw,
               'fldcw':fldcw,
diff --git a/miasm/expression/expression.py b/miasm/expression/expression.py
index 015dd651..e5ea8eda 100644
--- a/miasm/expression/expression.py
+++ b/miasm/expression/expression.py
@@ -18,10 +18,6 @@
 from numpy import uint8, uint16, uint32, uint64, int8, int16, int32, int64
 tip = 'tip'
 
-
-float_stack = 'float_stack'
-float_stack_ptr = 'float_stack_ptr'
-
 def slice_rest(size, start, stop):
     if start >=size or stop > size: raise 'bad slice rest %s %s %s'%(str(size), str(start), str(stop))
     if start == stop: return [(0,size)]
@@ -538,7 +534,7 @@ class ExprOp(Expr):
                 return "%s(%s, %s)"%(self.op, self.args[0].toC(), self.args[1].toC())
             elif self.op.startswith("fcom"):
                 return "%s(%s, %s)"%(self.op, self.args[0].toC(), self.args[1].toC())
-            elif self.op.startswith("fadd"):
+            elif self.op in ["fadd", "fdiv"]:
                 return "%s(%s, %s)"%(self.op, self.args[0].toC(), self.args[1].toC())
             else:
                 print self.op
diff --git a/miasm/tools/emul_helper.py b/miasm/tools/emul_helper.py
index e91e8c1e..f452cc79 100755
--- a/miasm/tools/emul_helper.py
+++ b/miasm/tools/emul_helper.py
@@ -56,7 +56,7 @@ def tohex(a):
     return hex(a)
     
 
-jcc = ['jz', 'je', 'jnz', 'jp', 'jnp', 'jg', 'jge', 'ja', 'jae', 'jb', 'jbe', 'jl', 'jle', 'js', 'jns', 'jo', 'jno', 'loop', 'loopne']
+jcc = ['jz', 'je', 'jnz', 'jp', 'jnp', 'jg', 'jge', 'ja', 'jae', 'jb', 'jbe', 'jl', 'jle', 'js', 'jns', 'jo', 'jno', 'loop', 'loopne', 'jecxz']
 
 def dump_pool(p):
     log_emu_helper.error('/-------------\\')
diff --git a/miasm/tools/emul_lib/libcodenat.c b/miasm/tools/emul_lib/libcodenat.c
index b241debb..170726e8 100644
--- a/miasm/tools/emul_lib/libcodenat.c
+++ b/miasm/tools/emul_lib/libcodenat.c
@@ -794,6 +794,7 @@ unsigned int cpuid(unsigned int a, unsigned int reg_num)
 	return 0;
 }
 
+#define DEBUG_MIASM_DOUBLE
 
 double mem_32_to_double(unsigned int m)
 {
@@ -802,6 +803,9 @@ double mem_32_to_double(unsigned int m)
 
 	f = *((float*)&m);
 	d = f;
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%d %e\n", m, d);
+#endif
 	return d;
 }
 
@@ -810,6 +814,9 @@ double mem_64_to_double(uint64_t m)
 {
 	double d;
 	d = *((double*)&m);
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%"PRId64" %e\n", m, d);
+#endif
 	return d;
 }
 
@@ -818,6 +825,9 @@ double int_32_to_double(unsigned int m)
 	double d;
 
 	d = (double)m;
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%d %e\n", m, d);
+#endif
 	return d;
 }
 
@@ -826,6 +836,9 @@ double int_64_to_double(uint64_t m)
 	double d;
 
 	d = (double)m;
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%"PRId64" %e\n", m, d);
+#endif
 	return d;
 }
 
@@ -834,6 +847,9 @@ int double_to_int_32(double d)
 	int i;
 
 	i = (int)d;
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%e %d\n", d, i);
+#endif
 	return i;
 }
 
@@ -841,6 +857,19 @@ double fadd(double a, double b)
 {
 	double c;
 	c = a + b;
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%e %e %e\n", a, b, c);
+#endif
+	return c;
+}
+
+double fdiv(double a, double b)
+{
+	double c;
+	c = a / b;
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%e %e %e\n", a, b, c);
+#endif
 	return c;
 }
 
@@ -875,6 +904,9 @@ unsigned int double_to_mem_32(double d)
 	float f;
 	f = d;
 	m = *((unsigned int*)&f);
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%d %e\n", m, d);
+#endif
 	return m;
 }
 
@@ -882,6 +914,9 @@ uint64_t double_to_mem_64(double d)
 {
 	uint64_t m;
 	m = *((uint64_t*)&d);
+#ifdef DEBUG_MIASM_DOUBLE
+	printf("%"PRId64" %e\n", m, d);
+#endif
 	return m;
 }
 
@@ -1095,6 +1130,8 @@ unsigned int get_memory_page_next(unsigned int n_ad)
 	return ad;
 }
 
+
+
 unsigned int get_memory_page_from_min_ad(unsigned int size)
 {
 	struct memory_page_node * mpn;
diff --git a/miasm/tools/emul_lib/libcodenat.h b/miasm/tools/emul_lib/libcodenat.h
index bb014d90..c1ae4e7a 100644
--- a/miasm/tools/emul_lib/libcodenat.h
+++ b/miasm/tools/emul_lib/libcodenat.h
@@ -376,6 +376,7 @@ double int2double(unsigned int m);
 //PyObject* _vm_exec_blocs(PyObject* my_eip);
 
 double fadd(double a, double b);
+double fdiv(double a, double b);
 unsigned int fcom_c0(double a, double b);
 unsigned int fcom_c1(double a, double b);
 unsigned int fcom_c2(double a, double b);
diff --git a/miasm/tools/to_c_helper.py b/miasm/tools/to_c_helper.py
index ed41f6c8..7c45f50d 100644
--- a/miasm/tools/to_c_helper.py
+++ b/miasm/tools/to_c_helper.py
@@ -120,6 +120,18 @@ my_C_id = [
 
     float_stack_ptr,
     ]
+
+float_id_e = [
+    float_st0,
+    float_st1,
+    float_st2,
+    float_st3,
+    float_st4,
+    float_st5,
+    float_st6,
+    float_st7,
+    ]
+
 id2Cid = {}
 for x in my_C_id:
     id2Cid[x] = ExprId('vmcpu.'+str(x))
@@ -203,8 +215,12 @@ def Exp2C(exprs, l = None, addr2label = None, gen_exception_code = False):
             if isinstance(dst, ExprId):
                 id_to_update.append(dst)
                 str_dst = id2new(patch_c_id(dst))
-                out.append('%s = (%s)&0x%X;'%(str_dst, str_src,
-                                              my_size_mask[src.get_size()]))
+                if dst in float_id_e:
+                    # dont mask float affectation
+                    out.append('%s = (%s);'%(str_dst, str_src))
+                else:
+                    out.append('%s = (%s)&0x%X;'%(str_dst, str_src,
+                                                  my_size_mask[src.get_size()]))
             elif isinstance(dst, ExprMem):
                 str_dst = str_dst.replace('MEM_LOOKUP', 'MEM_WRITE')
                 out_mem.append('%s, %s);'%(str_dst[:-1], str_src))
@@ -951,6 +967,16 @@ def flush_all_blocs(known_blocs):
     vm_reset_exception()
     return known_blocs, code_addr
 
+
+def dump_stack():
+    esp = vm_get_gpreg()['esp']
+    print 'esp', hex(esp)
+    a = vm_get_str(esp, 0x20)
+    while a:
+        x = struct.unpack('I', a[:4])[0]
+        a = a[4:]
+        print hex(x)
+
 import random
 
 def c_emul_bloc(known_blocs, my_eip):