internal override void Hack_ReturnNull(Inferior inferior) { Registers regs = inferior.GetRegisters (); TargetAddress rsp = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RSP].GetValue ()); TargetAddress rip = inferior.ReadAddress (rsp); rsp += TargetAddressSize; regs [(int) X86_Register.RIP].SetValue (rip); regs [(int) X86_Register.RSP].SetValue (rsp); regs [(int) X86_Register.RAX].SetValue (TargetAddress.Null); inferior.SetRegisters (regs); }
public override bool InterpretInstruction(Inferior inferior) { switch (InstructionType) { case Type.IndirectJump: case Type.Jump: { TargetAddress target = GetEffectiveAddress (inferior); Registers regs = inferior.GetRegisters (); regs [(int) X86_Register.RIP].SetValue (target); inferior.SetRegisters (regs); return true; } case Type.IndirectCall: case Type.Call: { TargetAddress target = GetEffectiveAddress (inferior); Registers regs = inferior.GetRegisters (); TargetAddress rip = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RIP].Value); TargetAddress rsp = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RSP].Value); inferior.WriteAddress (rsp - 8, rip + InstructionSize); regs [(int) X86_Register.RSP].SetValue (rsp - 8); regs [(int) X86_Register.RIP].SetValue (target); inferior.SetRegisters (regs); return true; } case Type.Ret: { Registers regs = inferior.GetRegisters (); TargetAddress rsp = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RSP].Value); TargetAddress rip = inferior.ReadAddress (rsp); rsp += 8 + Displacement; regs [(int) X86_Register.RSP].SetValue (rsp); regs [(int) X86_Register.RIP].SetValue (rip); inferior.SetRegisters (regs); return true; } case Type.Interpretable: { Registers regs = inferior.GetRegisters (); TargetAddress rsp = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RSP].Value); TargetAddress rbp = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RBP].Value); TargetAddress rip = new TargetAddress ( inferior.AddressDomain, regs [(int) X86_Register.RIP].Value); if (Code [0] == 0x55) /* push %rbp */ { inferior.WriteAddress (rsp - 8, rbp); regs [(int) X86_Register.RSP].SetValue (rsp - 8); regs [(int) X86_Register.RIP].SetValue (rip + 1); inferior.SetRegisters (regs); return true; } return false; } default: return false; } }