lazymio/unicorn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Format code

Browse Source
This commit is contained in:
mio
2025-03-10 11:31:53 +08:00
parent d3674f84b4
commit 3870cdcaf3
5 changed files with 35 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
qemu/target/i386/unicorn.c
View File

@@ -173,23 +173,23 @@ static void reg_reset(struct uc_struct *uc)
// CR initialization // CR initialization
switch (uc->mode) { switch (uc->mode) {
case UC_MODE_32: case UC_MODE_32:
case UC_MODE_64: { case UC_MODE_64: {
uint32_t cr4 = 0; uint32_t cr4 = 0;
if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) { if (env->features[FEAT_1_ECX] & CPUID_EXT_XSAVE) {
cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK; cr4 |= CR4_OSFXSR_MASK | CR4_OSXSAVE_MASK;
}
if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
cr4 |= CR4_FSGSBASE_MASK;
}
cpu_x86_update_cr0(env, CR0_PE_MASK); // protected mode
cpu_x86_update_cr4(env, cr4);
break;
} }
default: if (env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_FSGSBASE) {
break; cr4 |= CR4_FSGSBASE_MASK;
}
cpu_x86_update_cr0(env, CR0_PE_MASK); // protected mode
cpu_x86_update_cr4(env, cr4);
break;
}
default:
break;
} }
} }

2
qemu/target/m68k/unicorn.c
View File

@@ -173,7 +173,7 @@ uc_err reg_write(void *_env, int mode, unsigned int regid, const void *value,
break; break;
case UC_M68K_REG_CR_CACR: { case UC_M68K_REG_CR_CACR: {
CHECK_REG_TYPE(uint32_t); CHECK_REG_TYPE(uint32_t);
uint32_t val = *(uint32_t*)value; uint32_t val = *(uint32_t *)value;
if (m68k_feature(env, M68K_FEATURE_M68020)) { if (m68k_feature(env, M68K_FEATURE_M68020)) {
env->cacr = val & 0x0000000f; env->cacr = val & 0x0000000f;
} else if (m68k_feature(env, M68K_FEATURE_M68030)) { } else if (m68k_feature(env, M68K_FEATURE_M68030)) {

11
tests/unit/test_ctl.c
View File

@@ -277,8 +277,8 @@ static void test_uc_hook_cached_uaf(void)
uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_32, code, sizeof(code) - 1); uc_common_setup(&uc, UC_ARCH_X86, UC_MODE_32, code, sizeof(code) - 1);
OK(uc_hook_add(uc, &h, UC_HOOK_CODE, (void *)test_uc_hook_cached_cb, (void *)&count, 1, OK(uc_hook_add(uc, &h, UC_HOOK_CODE, (void *)test_uc_hook_cached_cb,
0)); (void *)&count, 1, 0));
OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
@@ -288,9 +288,10 @@ static void test_uc_hook_cached_uaf(void)
// This will clear deleted hooks and SHOULD clear cache. // This will clear deleted hooks and SHOULD clear cache.
OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
// Now hooks are deleted and thus this _should not_ call test_uc_hook_cached_cb anymore. // Now hooks are deleted and thus this _should not_ call
// If the hook is allocated like from malloc, and the code region is free-ed, this call _shall not_ // test_uc_hook_cached_cb anymore. If the hook is allocated like from
// call the hook anymore to avoid UAF. // malloc, and the code region is free-ed, this call _shall not_ call the
// hook anymore to avoid UAF.
OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0));
// Only 4 calls // Only 4 calls

6
tests/unit/test_mips.c
View File

@@ -109,7 +109,8 @@ static void test_mips_stop_delay_slot_from_qiling(void)
// 10 40 00 32 beqz $v0, 0x47c8c9c // 10 40 00 32 beqz $v0, 0x47c8c9c
// 00 00 00 00 nop // 00 00 00 00 nop
char code[] = char code[] =
"\x24\x06\x00\x03\x10\xa6\x00\x79\x30\x42\x00\xfc\x10\x40\x00\x32\x24\xab\xff\xda\x2d\x62\x00\x02\x10\x40\x00\x32\x00\x00\x00\x00"; "\x24\x06\x00\x03\x10\xa6\x00\x79\x30\x42\x00\xfc\x10\x40\x00\x32\x24"
"\xab\xff\xda\x2d\x62\x00\x02\x10\x40\x00\x32\x00\x00\x00\x00";
uint32_t r_pc = 0x0; uint32_t r_pc = 0x0;
uint32_t r_v0 = 0xff; uint32_t r_v0 = 0xff;
uint32_t r_a1 = 0x3; uint32_t r_a1 = 0x3;
@@ -207,5 +208,6 @@ TEST_LIST = {
{"test_mips_lwx_exception_issue_1314", test_mips_lwx_exception_issue_1314}, {"test_mips_lwx_exception_issue_1314", test_mips_lwx_exception_issue_1314},
{"test_mips_mips16", test_mips_mips16}, {"test_mips_mips16", test_mips_mips16},
{"test_mips_mips_fpr", test_mips_mips_fpr}, {"test_mips_mips_fpr", test_mips_mips_fpr},
{"test_mips_stop_delay_slot_from_qiling", test_mips_stop_delay_slot_from_qiling}, {"test_mips_stop_delay_slot_from_qiling",
test_mips_stop_delay_slot_from_qiling},
{NULL, NULL}}; {NULL, NULL}};

7
uc.c
View File

@@ -1981,12 +1981,13 @@ void helper_uc_tracecode(int32_t size, uc_hook_idx index, void *handle,
index & index &
UC_HOOK_FLAG_MASK; // The index here may contain additional flags. See UC_HOOK_FLAG_MASK; // The index here may contain additional flags. See
// the comments of uc_hook_idx for details. // the comments of uc_hook_idx for details.
// bool not_allow_stop = (size & UC_HOOK_FLAG_NO_STOP) || (hook_flags & UC_HOOK_FLAG_NO_STOP); // bool not_allow_stop = (size & UC_HOOK_FLAG_NO_STOP) || (hook_flags &
// UC_HOOK_FLAG_NO_STOP);
bool not_allow_stop = hook_flags & UC_HOOK_FLAG_NO_STOP; bool not_allow_stop = hook_flags & UC_HOOK_FLAG_NO_STOP;
index = index & UC_HOOK_IDX_MASK; index = index & UC_HOOK_IDX_MASK;
// // Like hook index, only low 6 bits of size is used for representing sizes. // // Like hook index, only low 6 bits of size is used for representing
// size = size & UC_HOOK_IDX_MASK; // sizes. size = size & UC_HOOK_IDX_MASK;
// This has been done in tcg code. // This has been done in tcg code.
// sync PC in CPUArchState with address // sync PC in CPUArchState with address