From 29f8973700c61a53f36f8f8247ea3ae3f909202a Mon Sep 17 00:00:00 2001
From: "Mr. eXoDia" <mr.exodia.tpodt@gmail.com>
Date: Mon, 8 Dec 2014 23:55:20 +0100
Subject: [PATCH] fixed the 'push ss', 'pop ss' problem (by setting a
 breakpoint on the next instruction)

---
 TitanEngine/TitanEngine.Debugger.Control.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/TitanEngine/TitanEngine.Debugger.Control.cpp b/TitanEngine/TitanEngine.Debugger.Control.cpp
index 906ac99..344fd0a 100644
--- a/TitanEngine/TitanEngine.Debugger.Control.cpp
+++ b/TitanEngine/TitanEngine.Debugger.Control.cpp
@@ -55,6 +55,11 @@ __declspec(dllexport) void TITCALL StepInto(LPVOID StepCallBack)
     char* DisassembledString = (char*)StaticDisassembleEx(ueCurrentPosition, (LPVOID)instr);
     if(strstr(DisassembledString, "PUSHF"))
         StepOver(StepCallBack);
+    else if(strstr(DisassembledString, "POP SS") || strstr(DisassembledString, "MOV SS")) //prevent the 'PUSH SS', 'POP SS' step trick
+    {
+        ueCurrentPosition += StaticLengthDisassemble((void*)instr);
+        SetBPX(ueCurrentPosition, UE_BREAKPOINT_TYPE_INT3 + UE_SINGLESHOOT, StepCallBack);
+    }
     else
     {
         ULONG_PTR ueContext = NULL;