00001 /******************************************************************************** 00002 * libemu 00003 * 00004 * - x86 shellcode emulation - 00005 * 00006 * 00007 * Copyright (C) 2007 Paul Baecher & Markus Koetter 00008 * 00009 * This program is free software; you can redistribute it and/or 00010 * modify it under the terms of the GNU General Public License 00011 * as published by the Free Software Foundation; either version 2 00012 * of the License, or (at your option) any later version. 00013 * 00014 * This program is distributed in the hope that it will be useful, 00015 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00016 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00017 * GNU General Public License for more details. 00018 * 00019 * You should have received a copy of the GNU General Public License 00020 * along with this program; if not, write to the Free Software 00021 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 00022 * 00023 * 00024 * contact nepenthesdev@users.sourceforge.net 00025 * 00026 *******************************************************************************/ 00027 00028 00029 #ifndef HAVE_EMU_TRACK_H 00030 #define HAVE_EMU_TRACK_H 00031 00032 #include <stdint.h> 00033 #include <stdbool.h> 00034 00035 struct emu; 00036 struct emu_cpu; 00037 struct emu_graph; 00038 struct emu_instruction; 00039 00040 00041 00052 struct emu_tracking_info 00053 { 00054 uint32_t eip; 00055 00056 uint32_t eflags; 00057 uint32_t reg[8]; 00058 00059 uint8_t fpu:1; // used to store the last_instruction information required for fnstenv 00060 }; 00061 00062 00072 struct emu_source_and_track_instr_info 00073 { 00074 uint32_t eip; 00075 char *instrstring; 00076 00077 struct 00078 { 00079 struct emu_tracking_info init; 00080 struct emu_tracking_info need; 00081 } track; 00082 00083 struct 00084 { 00085 uint8_t has_cond_pos : 1; 00086 uint32_t norm_pos; 00087 uint32_t cond_pos; 00088 } source; 00089 }; 00090 00091 struct emu_source_and_track_instr_info *emu_source_and_track_instr_info_new(struct emu_cpu *cpu, uint32_t eip_before_instruction); 00092 void emu_source_and_track_instr_info_free(struct emu_source_and_track_instr_info *esantii); 00093 void emu_source_and_track_instr_info_free_void(void *x); 00094 00095 bool emu_source_and_track_instr_info_cmp(void *a, void *b); 00096 uint32_t emu_source_and_track_instr_info_hash(void *key); 00097 00098 00099 struct emu_track_and_source 00100 { 00101 struct emu_tracking_info track; 00102 00103 struct emu_graph *static_instr_graph; 00104 struct emu_hashtable *static_instr_table; 00105 00106 struct emu_graph *run_instr_graph; 00107 struct emu_hashtable *run_instr_table; 00108 00109 }; 00110 00111 00112 struct emu_track_and_source *emu_track_and_source_new(void); 00113 void emu_track_and_source_free(struct emu_track_and_source *et); 00114 00115 int32_t emu_track_instruction_check(struct emu *e, struct emu_track_and_source *et); 00116 00117 00118 00119 struct emu_tracking_info *emu_tracking_info_new(void); 00120 void emu_tracking_info_free(struct emu_tracking_info *eti); 00121 00122 void emu_tracking_info_clear(struct emu_tracking_info *eti); 00123 00124 00133 void emu_tracking_info_diff(struct emu_tracking_info *a, struct emu_tracking_info *b, struct emu_tracking_info *result); 00134 00135 void emu_tracking_info_copy(struct emu_tracking_info *from, struct emu_tracking_info *to); 00136 00147 bool emu_tracking_info_covers(struct emu_tracking_info *a, struct emu_tracking_info *b); 00148 00149 void emu_tracking_info_debug_print(struct emu_tracking_info *a); 00150 00151 00152 00153 #endif
1.6.1