ucontext->uc_mcontext.gregs[greg]=fs_KPCR_ExceptionList;
return TRUE;
}
+ if (fsmem==(const void *)0x00000051) { /* =='KeGetCurrentKPCR()->Number' */
+ g_return_val_if_fail(greg!=REG_ESP,FALSE);
+ ucontext->uc_mcontext.gregs[greg]=(greg_t)0; /* ==libcaptive version of KeGetCurrentProcessorNumber() */
+ return TRUE;
+ }
if (fsmem==(const void *)0x00000124) { /* =='KeGetCurrentKPCR()->CurrentThread' */
g_return_val_if_fail(greg!=REG_ESP,FALSE);
ucontext->uc_mcontext.gregs[greg]=(greg_t)captive_KeGetCurrentKPCR()->CurrentThread;
if (*reg_eip==0x64) { /* prefix '%fs:' */
reg_eip++;
/* TODO:thread; %fs: is CPU-dependent */
+ if (*reg_eip==0x0F) { /* two-byte opcode */
+ reg_eip++;
+ if (*reg_eip==0xB6) { /* ??? */
+ reg_eip++;
+ if (*reg_eip==0x05) { /* movzbl %fs:{reg_eip[1..4]},%eax */
+ reg_eip++;
+ if (instr_mov_fsmem_to_greg(*(const void **)reg_eip,REG_EAX,ucontext)) {
+ reg_eip+=4;
+ goto ok;
+ }
+ g_assert_not_reached();
+ }
+ g_assert_not_reached();
+ }
+ g_assert_not_reached();
+ }
if (*reg_eip==0xA3) { /* 'mov %eax,%fs:{reg_eip[1..4]}' */
reg_eip++;
if (instr_mov_greg_to_fsmem(REG_EAX,*(const void **)reg_eip,ucontext)) {
git://git.jankratochvil.net / captive.git / commitdiff