public SimulatedProc EnsureProc( Module module, string procName, Action <IProcessorEmulator> emulator, ProcedureCharacteristics chars = null) { SimulatedProc proc; if (!module.Procedures.TryGetValue(procName, out proc)) { var extProc = platform.LookupProcedureByName(module.Name, procName); proc = new SimulatedProc(procName, emulator); proc.Signature = extProc.Signature; if (chars != null) { proc.Characteristics = chars; } proc.uFakedAddress = ++this.uPseudoFn; InterceptedCalls[proc.uFakedAddress] = proc; module.Procedures.Add(procName, proc); } return(proc); }
void GetProcAddress(IProcessorEmulator emulator) { // M[esp] is return address // M[esp + 4] is hmodule // M[esp + 4] is pointer to function name uint esp = (uint)emulator.ReadRegister(Registers.esp); uint hmodule = ReadLeUInt32(esp + 4u); uint pstrFnName = ReadLeUInt32(esp + 8u); if ((pstrFnName & 0xFFFF0000) != 0) { string importName = ReadMbString(pstrFnName); var module = modules.Values.First(m => m.Handle == hmodule); SimulatedProc fn = EnsureProc(module, importName, NYI); emulator.WriteRegister(Registers.eax, fn.uFakedAddress); emulator.WriteRegister(Registers.esp, esp + 12); } else { //$TODO: import by ordinal. throw new NotImplementedException(); } }
public SimulatedProc EnsureProc( Module module, string procName, Action<IProcessorEmulator> emulator, ProcedureCharacteristics chars = null) { SimulatedProc proc; if (!module.Procedures.TryGetValue(procName, out proc)) { var extProc = platform.LookupProcedureByName(module.Name, procName); proc = new SimulatedProc(procName, emulator); proc.Signature = extProc.Signature; if (chars != null) proc.Characteristics = chars; proc.uFakedAddress = ++this.uPseudoFn; InterceptedCalls[proc.uFakedAddress] = proc; module.Procedures.Add(procName, proc); } return proc; }