📄 macros.s
字号:
/*; macros.S --;; This file is part of the UPX executable compressor.;; Copyright (C) 1996-2007 Markus Franz Xaver Johannes Oberhumer; Copyright (C) 1996-2007 Laszlo Molnar; All Rights Reserved.;; UPX and the UCL library are free software; you can redistribute them; and/or modify them under the terms of the GNU General Public License as; published by the Free Software Foundation; either version 2 of; the License, or (at your option) any later version.;; This program is distributed in the hope that it will be useful,; but WITHOUT ANY WARRANTY; without even the implied warranty of; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the; GNU General Public License for more details.;; You should have received a copy of the GNU General Public License; along with this program; see the file COPYING.; If not, write to the Free Software Foundation, Inc.,; 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.;; Markus F.X.J. Oberhumer Laszlo Molnar; <mfx@users.sourceforge.net> <ml1050@users.sourceforge.net>;*/#undef amd64#undef i386#undef i486#undef i586#undef x86_64 .altmacro .intel_syntax noprefix .arch i386, jumps .code32.macro section name .section \name .code32.endm.macro CPU id .ifc \id, 386 .arch i386, jumps .endif .ifc \id, 486 .arch i486, jumps .endif.endm.macro jmps target .byte 0xeb, \target - . - 1.endm.macro jos target .byte 0x70, \target - . - 1.endm.macro jnos target .byte 0x71, \target - . - 1.endm.macro jcs target .byte 0x72, \target - . - 1.endm.macro jncs target .byte 0x73, \target - . - 1.endm.macro jzs target .byte 0x74, \target - . - 1.endm.macro jnzs target .byte 0x75, \target - . - 1.endm.macro jnas target .byte 0x76, \target - . - 1.endm.macro jas target .byte 0x77, \target - . - 1.endm.macro jss target .byte 0x78, \target - . - 1.endm.macro jnss target .byte 0x79, \target - . - 1.endm.macro jps target .byte 0x7a, \target - . - 1.endm.macro jnps target .byte 0x7b, \target - . - 1.endm.macro jls target .byte 0x7c, \target - . - 1.endm.macro jnls target .byte 0x7d, \target - . - 1.endm.macro jngs target .byte 0x7e, \target - . - 1.endm.macro jgs target .byte 0x7f, \target - . - 1.endm#define jbes jnas#define jbs jcs#define jes jzs#define jnbs jncs#define jnes jnzs/*;; =============;; ============= 32-BIT CALLTRICK & JUMPTRICK;; =============;; call & jump trick : 2 in 1*/.macro cjt32 addvalue local calltrickloopsection CALLTR00 mov ecx, offset filter_lengthcalltrickloop: mov al, [edi] inc edi sub al, 0xE8ct1: cmp al, 1 ja calltrickloopsection CTCLEVE1 cmpb [edi], offset filter_cto jnzs calltrickloopsection CALLTR01 mov eax, [edi] mov bl, [edi + 4]section CTBSHR01 shr ax, 8section CTBROR01 xchg ah, alsection CTBSWA01 rol eax, 16 xchg ah, alsection CALLTR02 sub eax, edi sub bl, 0xE8 .ifnc \addvalue, 0 add eax, \addvalue .endif mov [edi], eax add edi, 5 mov al, bl loop ct1section CALLTR10//;; 32-bit call XOR jump trick mov ecx, offset filter_lengthctloop1:section CALLTRE8 mov al,0xE8section CALLTRE9 mov al,0xE9section CALLTR11ctloop2: repnz scasb jnzs ctendsection CTCLEVE2 cmpb [edi], offset filter_cto jnzs ctloop2section CALLTR12 mov eax, [edi]section CTBSHR11 shr ax, 8section CTBROR11 xchg ah, alsection CTBSWA11 rol eax, 16 xchg ah, alsection CALLTR13 sub eax, edi .ifnc \addvalue, 0 add eax, \addvalue .endif stosd jmps ctloop1ctend:.endm// cit32 is same as cjt32 except esi captures 'addvalue' at the beginning.macro cit32 addvaluesection CALLTR00 mov ecx, offset filter_length .ifnc \addvalue, 0 .ifnc \addvalue, esi mov esi, \addvalue .endif .endifcalltrickloop: mov al, [edi] inc edi sub al, 0xE8ct1: cmp al, 1 ja calltrickloopsection CTCLEVE1 cmpb [edi], offset filter_cto jnzs calltrickloopsection CALLTR01 mov eax, [edi] mov bl, [edi + 4]section CTBSHR01 shr ax, 8section CTBROR01 xchg ah, alsection CTBSWA01 rol eax, 16 xchg ah, alsection CALLTR02 sub eax, edi sub bl, 0xE8 .ifnc \addvalue, 0 add eax, esi .endif mov [edi], eax add edi, 5 mov al, bl loop ct1section CALLTR10//;; 32-bit call XOR jump trick mov ecx, offset filter_lengthctloop1:section CALLTRE8 mov al,0xE8section CALLTRE9 mov al,0xE9section CALLTR11ctloop2: repnz scasb jnzs ctendsection CTCLEVE2 cmpb [edi], offset filter_cto jnzs ctloop2section CALLTR12 mov eax, [edi]section CTBSHR11 shr ax, 8section CTBROR11 xchg ah, alsection CTBSWA11 rol eax, 16 xchg ah, alsection CALLTR13 sub eax, edi .ifnc \addvalue, 0 add eax, esi .endif stosd jmps ctloop1ctend:.endm/*;; call/jump/jcc trick; also used more than once (and/or optionally), so;; ecx has byte count (not count of applied instances), and;; edi points to buffer.*/.macro ctok32 addvalue, cto8 local ckstart, ckmark, ckcount, ckend local ckloop2, ckloop3// 1st param: effective addvalue (typically 0 or edi; any rvalue)// 2nd param: where is cto8 (dl, bl, or literal)section ctok32.00 .ifnc \addvalue, 0 .ifc \addvalue, edi mov esi, edi .endif .endif jmps ckstartckloop3: mov al, [edi] add edi, 1section ctok32.10 // Jcc only cmp al, 0x80 // lo of 6-byte Jcc jb ckloop2 cmp al, 0x8f // hi of 6-byte Jcc ja ckloop2 cmpb [edi -2], 0x0F // prefix of 6-byte Jcc jes ckmarkckloop2:section ctok32.20 sub al, 0xE8 cmp al, 0xE9 - 0xE8 jas ckcountckmark: cmpb [edi], \cto8 jnzs ckcount mov eax, [edi] shr ax, 8 rol eax, 16 xchg ah, al// above 3 instr are equivalent to the following 2 instr:// mov al, 0 ; clear cto8 [setup partial-write stall]// bswap eax ; not on 386: need 486 and up sub eax, edi .ifnc \addvalue, 0 .ifc \addvalue, edi add eax, esi .else add eax, \addvalue .endif .endif mov [edi], eax add edi, 4ckstart: sub ecx, 4section ctok32.30 // Jcc only mov al, [edi] add edi, 1 loop ckloop2 // prefix cannot overlap previous displacementsection ctok32.40ckcount: sub ecx, 1 jgs ckloop3ckend:.endm// =============// ============= 32-BIT RELOCATIONS⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -