patch by guest2028461

disassembler improvements and other misc changes
smx-smx · Apr 28, 2024 · 47e00e4 · 47e00e4
1 parent cb7b09b
commit 47e00e4
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 3 deletions.
diff --git a/xzre.h b/xzre.h
@@ -148,9 +148,9 @@ typedef int BOOL;
 #define FALSE 0
 
 typedef enum {
-	// has lock prefix
+	// has lock or rep prefix
 	DF_LOCK_REP = 1,
-	// has segment (es/ss) override
+	// has segment override
 	DF_SEG = 2,
 	// has operand size override
 	DF_OSIZE = 4,
@@ -516,7 +516,7 @@ typedef struct __attribute__((packed)) dasm_ctx {
 		};
 		u16 flags_u16;
         };
-	PADDING(1);
+	u8 imm64_reg; // low 3 bits only
 	struct __attribute__((packed)) {
 		union {
 			struct __attribute__((packed)) {
@@ -556,6 +556,7 @@ assert_offset(dasm_ctx_t, modrm, 0x1C);
 assert_offset(dasm_ctx_t, modrm_mod, 0x1D);
 assert_offset(dasm_ctx_t, modrm_reg, 0x1E);
 assert_offset(dasm_ctx_t, modrm_rm, 0x1F);
+assert_offset(dasm_ctx_t, imm64_reg, 0x20);
 assert_offset(dasm_ctx_t, sib, 0x21);
 assert_offset(dasm_ctx_t, sib_scale, 0x22);
 assert_offset(dasm_ctx_t, sib_index, 0x23);
@@ -1064,6 +1065,8 @@ assert_offset(global_context_t, disable_backdoor, 0x18);
 assert_offset(global_context_t, sshd_ctx, 0x20);
 assert_offset(global_context_t, sshd_sensitive_data, 0x28);
 assert_offset(global_context_t, sshd_log_ctx, 0x30);
+assert_offset(global_context_t, STR_ssh_rsa_cert_v01_openssh_com, 0x38);
+assert_offset(global_context_t, STR_rsa_sha2_256, 0x40);
 assert_offset(global_context_t, struct_monitor_ptr_address, 0x48);
 assert_offset(global_context_t, exit_flag, 0x50);
 assert_offset(global_context_t, sshd_offsets, 0x54);
@@ -1345,6 +1348,7 @@ assert_offset(elf_handles_t, dynamic_linker, 0x8);
 assert_offset(elf_handles_t, libc, 0x10);
 assert_offset(elf_handles_t, liblzma, 0x18);
 assert_offset(elf_handles_t, libcrypto, 0x20);
+static_assert(sizeof(elf_handles_t) == 0x28);
 
 typedef struct __attribute__((packed)) main_elf {
 	elf_handles_t *elf_handles;
@@ -1355,6 +1359,7 @@ typedef struct __attribute__((packed)) main_elf {
 assert_offset(main_elf_t, elf_handles, 0x0);
 assert_offset(main_elf_t, dynamic_linker_ehdr, 0x8);
 assert_offset(main_elf_t, __libc_stack_end, 0x10);
+static_assert(sizeof(main_elf_t) == 0x18);
 
 typedef struct backdoor_data backdoor_data_t;
 
@@ -1401,6 +1406,7 @@ typedef struct __attribute__((packed)) string_references {
 } string_references_t;
 
 assert_offset(string_references_t, entries, 0);
+static_assert(sizeof(string_references_t) == 0x368);
 
 /**
  * @brief this structure is used to hold most of the backdoor information.
@@ -1471,6 +1477,7 @@ assert_offset(backdoor_data_t, libcrypto_map, 0x18);
 assert_offset(backdoor_data_t, libsystemd_map, 0x20);
 assert_offset(backdoor_data_t, libc_map, 0x28);
 assert_offset(backdoor_data_t, elf_handles, 0x30);
+assert_offset(backdoor_data_t, data_handle, 0x58);
 assert_offset(backdoor_data_t, main_info, 0x68);
 assert_offset(backdoor_data_t, dynamic_linker_info, 0x168);
 assert_offset(backdoor_data_t, libc_info, 0x268);

diff --git a/xzre.lds.in b/xzre.lds.in
@@ -168,4 +168,14 @@ SECTIONS_BEGIN()
 	DEFSYM(tls_get_addr_random_symbol, .rodata.lzma2_decode)
 	DEFSYM(tls_get_addr_reloc_consts, .rodata.rc_encode)
 	// .rodata.get_literal_prica is used as a branch table for switch statements in elf_parse()
+	DEFSYM_START(.rodata.MASK_TO_BIT_NUMBER0)
+		DEFSYM2(dasm_threebyte_has_modrm, 0x00)
+		DEFSYM2(dasm_threebyte_0x38_is_valid, 0x20)
+		DEFSYM2(dasm_twobyte_has_modrm, 0x40)
+		DEFSYM2(dasm_twobyte_is_valid, 0x60)
+	DEFSYM_END(.rodata.MASK_TO_BIT_NUMBER0)
+	DEFSYM_START(.rodata.BRANCH_TABLE0)
+		DEFSYM2(dasm_onebyte_has_modrm, 0x00)
+		DEFSYM2(dasm_onebyte_is_invalid, 0x20)
+	DEFSYM_END(.rodata.BRANCH_TABLE0)
 SECTIONS_END(.rodata)