Hello,
My x86 emulation crash whenever it tries to load mscoree.dll, it happens that's the first dll where the DllMain is actually called and when it's called it tries to save the cr8 register but reading this register crash the Unicorn engine:
def main() -> None:
ql = qiling.Qiling(
["[...]/x.exe"],
"./rootfs/x86_windows",
ostype=qiling.core.QL_OS.WINDOWS,
archtype=qiling.core.QL_ARCH.X86,
verbose=qiling.core.QL_VERBOSE.DEBUG,
)
print(ql)[=] Calling mscoree.dll DllMain at 0x1026f100
Traceback (most recent call last):
[...]
File "[...]\venv\lib\site-packages\unicorn\unicorn_py3\unicorn.py", line 381, in _reg_read
raise UcError(status, reg_id)
unicorn.unicorn_py3.unicorn.UcError: Invalid argument (UC_ERR_ARG)
What's happen is that the reg_map_cr in x86_const.py contains the cr8register id:
reg_map_cr = {
"cr0": UC_X86_REG_CR0,
"cr1": UC_X86_REG_CR1,
"cr2": UC_X86_REG_CR2,
"cr3": UC_X86_REG_CR3,
"cr4": UC_X86_REG_CR4,
"cr8": UC_X86_REG_CR8
}But in Unicorn, in the reg_read function, the UC_X86_REG_CR8 case doens't exist thus it returns an error:
case UC_MODE_32:
switch (regid) {
default:
break;
case UC_X86_REG_CR0:
case UC_X86_REG_CR1:
case UC_X86_REG_CR2:
case UC_X86_REG_CR3:
case UC_X86_REG_CR4:
CHECK_REG_TYPE(int32_t);
*(int32_t *)value = env->cr[regid - UC_X86_REG_CR0];
break;
case UC_X86_REG_DR0:I managed to quick fixed it by removing the cr8 line:
reg_map_cr = {
"cr0": UC_X86_REG_CR0,
"cr1": UC_X86_REG_CR1,
"cr2": UC_X86_REG_CR2,
"cr3": UC_X86_REG_CR3,
"cr4": UC_X86_REG_CR4,
}Thanks!
Hello,
My x86 emulation crash whenever it tries to load
mscoree.dll, it happens that's the first dll where theDllMainis actually called and when it's called it tries to save thecr8register but reading this register crash the Unicorn engine:What's happen is that the
reg_map_crinx86_const.pycontains thecr8register id:But in Unicorn, in the
reg_readfunction, theUC_X86_REG_CR8case doens't exist thus it returns an error:I managed to quick fixed it by removing the cr8 line:
Thanks!