Changeset 52374 in vbox for trunk/src/VBox/HostDrivers
- Timestamp:
- Aug 13, 2014 10:23:44 PM (10 years ago)
- Location:
- trunk/src/VBox/HostDrivers/Support/win
- Files:
-
- 2 edited
-
SUPR3HardenedMainA-win.asm (modified) (1 diff)
-
SUPR3HardenedMainImports-win.cpp (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMainA-win.asm
r52367 r52374 129 129 mov edx, 07ffe0300h ; SharedUserData!SystemCallStub 130 130 mov eax, [NAME(g_uApiNo %+ %1) xWrtRIP] 131 call edx131 call dword [edx] 132 132 ret %2 133 133 ENDPROC %1 %+ _SyscallType1 -
trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMainImports-win.cpp
r52373 r52374 473 473 && pbFunction[ 4] == 0x00) 474 474 { 475 *pSyscall->puApiNo = RT_MAKE_U16(pbFunction[ 0], pbFunction[1]);475 *pSyscall->puApiNo = RT_MAKE_U16(pbFunction[1], pbFunction[2]); 476 476 if ( pbFunction[5] == 0xba /* mov edx, offset SharedUserData!SystemCallStub */ 477 477 && pbFunction[ 6] == 0x00 … … 481 481 && pbFunction[10] == 0xff /* call [edx] */ 482 482 && pbFunction[11] == 0x12 483 && pbFunction[12] == 0xc2 /* ret 1ch */ 484 && pbFunction[13] == pSyscall->cbParams 485 && pbFunction[14] == 0x00) 483 && ( ( pbFunction[12] == 0xc2 /* ret 1ch */ 484 && pbFunction[13] == pSyscall->cbParams 485 && pbFunction[14] == 0x00) 486 || ( pbFunction[12] == 0xc3 /* ret */ 487 && pSyscall->cbParams == 0) 488 ) 489 ) 486 490 { 487 491 *pImport->ppfnImport = pSyscall->pfnType1; … … 491 495 if ( pbFunction[ 5] == 0xe8 /* call [$+3] */ 492 496 && RT_ABS(*(int32_t *)&pbFunction[6]) < 0x10 493 && pbFunction[10] == 0xc2 /* ret 1ch */ 494 && pbFunction[11] == pSyscall->cbParams 495 && pbFunction[12] == 0x00) 497 && ( ( pbFunction[10] == 0xc2 /* ret 1ch */ 498 && pbFunction[11] == pSyscall->cbParams 499 && pbFunction[12] == 0x00) 500 || ( pbFunction[12] == 0xc3 /* ret */ 501 && pSyscall->cbParams == 0) 502 ) 503 ) 496 504 { 497 505 *pImport->ppfnImport = pSyscall->pfnType2;
Note:
See TracChangeset
for help on using the changeset viewer.
