def __p___argv(self, proc, argv, ctx={}): """char *** __p___argv ()""" ptr_size = proc.ptr_size _argv = proc.get_param() if not _argv: return 0 argv = [(a + '\x00\x00\x00\x00').encode('utf-8') for a in _argv] array_size = (ptr_size * (len(argv) + 1)) total = sum([len(a) for a in argv]) total += array_size sptr = 0 pptr = 0 #pArgs = proc.default_heap_alloc(total+ptr_size) pArgs = self.win_emu.mem_manager.alloc_heap(proc.default_proc_heap, total + ptr_size) pptr = pArgs + ptr_size common.mem_write(proc.uc_eng, pArgs, pptr.to_bytes(ptr_size, 'little')) sptr = pptr + array_size for a in argv: proc.write_mem_self(pptr, sptr.to_bytes(ptr_size, 'little')) pptr += ptr_size proc.write_mem_self(sptr, a) sptr += len(a) proc.write_mem_self(pptr, pptr, b'\x00' * ptr_size) rv = pArgs return rv
def _get_initial_narrow_environment(self, proc, argv, ctx={}): """char** _get_initial_narrow_environment ()""" ptr_size = self.get_ptr_size() env = common.get_env(proc.emu) total = ptr_size sptr = total pptr = 0 fmt_env = [] for k, v in env.items(): envstr = '%s=%s\x00' % (k, v) envstr = envstr.encode('utf-8') total += len(envstr) fmt_env.append(envstr) total += ptr_size sptr += ptr_size pMem = proc.default_heap_alloc(self.ptr_size * 2) pptr = pMem sptr += pMem for v in fmt_env: common.mem_write(proc.uc_eng, pptr, sptr.to_bytes(ptr_size, 'little')) pptr += ptr_size common.mem_write(proc.uc_eng, sptr, v) sptr += len(v) return pMem
def QueryPerformanceCounter(self, proc, argv, ctx={}): '''BOOL WINAPI QueryPerformanceCounter( _Out_ LARGE_INTEGER *lpPerformanceCount );''' lpPerformanceCount, = argv rv = 1 common.mem_write(proc.uc_eng, lpPerformanceCount, self.perf_counter.to_bytes(8, 'little')) return rv
def __p___argc(self, proc, argv, ctx={}): """int * __p___argc ()""" _argv = proc.get_param() if not _argv: return 0 pMem = proc.default_heap_alloc(self.ptr_size * 2) common.mem_write(proc.uc_eng, pMem, len(_argv).to_bytes(4, 'little')) return pMem
def GetThreadTimes(self, proc, argv, ctx={}): ''' BOOL GetThreadTimes( HANDLE hThread, LPFILETIME lpCreationTime, LPFILETIME lpExitTime, LPFILETIME lpKernelTime, LPFILETIME lpUserTime ); ''' hnd, lpCreationTime, lpExitTime, lpKernelTime, lpUserTime = argv if lpCreationTime: common.mem_write(proc.uc_eng, lpCreationTime, b'\x20\x20\x00\x00') return True