x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

fixed detection when stepping over 'pop ss, pushfd/q' (thanks to firelegend for reporting)

This commit is contained in:
Mr. eXoDia 2014-08-20 23:33:42 +02:00
parent a6a093760a
commit a815753c52
2 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
TitanEngine/TitanEngine.Debugger.Control.cpp
View File

@ -50,12 +50,18 @@ __declspec(dllexport) void TITCALL ForceClose()
__declspec(dllexport) void TITCALL StepInto(LPVOID StepCallBack)
{
ULONG_PTR ueCurrentPosition = GetContextData(UE_CIP);
unsigned char instr[16];
unsigned char instr[32]; //two instructions
MemoryReadSafe(dbgProcessInformation.hProcess, (void*)ueCurrentPosition, instr, sizeof(instr), 0);
char* DisassembledString = (char*)StaticDisassembleEx(ueCurrentPosition, (LPVOID)instr);
if(strstr(DisassembledString, "PUSHF"))
StepOver(StepCallBack);
else
{
int len = StaticLengthDisassemble((LPVOID)instr);
DisassembledString = (char*)StaticDisassembleEx(ueCurrentPosition + len, (LPVOID)(instr + len));
if(strstr(DisassembledString, "PUSHF")) //we wanna land on PUSHF safely (to prevent 'PUSH SS, POP SS' problems
SetBPX(ueCurrentPosition + len, UE_BREAKPOINT_TYPE_INT3 + UE_SINGLESHOOT, StepCallBack);
else
{
ULONG_PTR ueContext = NULL;
ueContext = (ULONG_PTR)GetContextData(UE_EFLAGS);
@ -66,6 +72,7 @@ __declspec(dllexport) void TITCALL StepInto(LPVOID StepCallBack)
engineStepCount = NULL;
}
}
}
__declspec(dllexport) void TITCALL StepOver(LPVOID StepCallBack)
{