rgimad/kpack_c
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

correct opcode checking, same logic as in original

Browse Source
This commit is contained in:
rgimad
2025-05-31 09:49:58 +03:00
parent 8eb9d9cc93
commit 6bd80d9c25
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kpack_c.c
View File

@@ -16,6 +16,9 @@
#define METHOD_FLAG_CALLTRICK_1 0x40 #define METHOD_FLAG_CALLTRICK_1 0x40
#define METHOD_FLAG_CALLTRICK_2 0x80 #define METHOD_FLAG_CALLTRICK_2 0x80
#define OP_CALL_REL32 0xE8
#define OP_JMP_REL32 0xE9
static const char* str_usage = "Usage: %s [--nologo / -n] [--kernel / -k] [--unpack / -u] <infile> [<outfile>]\n"; static const char* str_usage = "Usage: %s [--nologo / -n] [--kernel / -k] [--unpack / -u] <infile> [<outfile>]\n";
static void error_load_infile() { static void error_load_infile() {
@@ -60,10 +63,7 @@ unsigned preprocess_calltrick(unsigned char *infile, unsigned insize, unsigned c
do { do {
//printf("infile_ptr = %p, count = %u\n", infile_ptr, count); //printf("infile_ptr = %p, count = %u\n", infile_ptr, count);
unsigned opcode = *(infile_ptr++); unsigned opcode = *(infile_ptr++);
// E8 dword: call rel32 if (opcode != OP_CALL_REL32 && opcode != OP_JMP_REL32) {
// E9 dword: jmp rel32
if (opcode > 0xE9)
{
continue; continue;
} }
if (count < 5) { if (count < 5) {