diff --git a/src/stub/fold_elf86.asm b/src/stub/fold_elf86.asm index 6fde17ba..b4cad4ef 100644 --- a/src/stub/fold_elf86.asm +++ b/src/stub/fold_elf86.asm @@ -209,5 +209,17 @@ L32: pop edi ; &auxtab ret +%define __NR_mmap 90 + + global mmap +mmap: + push ebx + lea ebx, [2*4 + esp] + push byte __NR_mmap + pop eax + int 0x80 + pop ebx + ret + ; vi:ts=8:et:nowrap diff --git a/src/stub/fold_exec86.asm b/src/stub/fold_exec86.asm index 1ce6f725..25b09dec 100644 --- a/src/stub/fold_exec86.asm +++ b/src/stub/fold_exec86.asm @@ -59,4 +59,16 @@ EXTERN upx_main call upx_main ; Call the UPX main function hlt ; Crash if somehow upx_main does return +%define __NR_mmap 90 + + global mmap +mmap: + push ebx + lea ebx, [2*4 + esp] + push byte __NR_mmap + pop eax + int 0x80 + pop ebx + ret + ; vi:ts=8:et:nowrap diff --git a/src/stub/fold_pti86.asm b/src/stub/fold_pti86.asm index 22690414..95d21887 100644 --- a/src/stub/fold_pti86.asm +++ b/src/stub/fold_pti86.asm @@ -115,5 +115,17 @@ EXTERN pti_main sub edi,edi ret ; goto entry point +%define __NR_mmap 90 + + global mmap +mmap: + push ebx + lea ebx, [2*4 + esp] + push byte __NR_mmap + pop eax + int 0x80 + pop ebx + ret + ; vi:ts=8:et:nowrap diff --git a/src/stub/fold_sh86.asm b/src/stub/fold_sh86.asm index aacc4432..eb92d7dd 100644 --- a/src/stub/fold_sh86.asm +++ b/src/stub/fold_sh86.asm @@ -163,6 +163,18 @@ EXTERN upx_main popa ret +%define __NR_mmap 90 + + global mmap +mmap: + push ebx + lea ebx, [2*4 + esp] + push byte __NR_mmap + pop eax + int 0x80 + pop ebx + ret + ; vi:ts=8:et:nowrap diff --git a/src/stub/l_lx_elf.c b/src/stub/l_lx_elf.c index 68b634dc..542f028f 100644 --- a/src/stub/l_lx_elf.c +++ b/src/stub/l_lx_elf.c @@ -96,14 +96,8 @@ do_brk(void *addr) return brk(addr); } -static char * -__attribute_cdecl -do_mmap(void *addr, size_t len, int prot, int flags, int fd, off_t offset) -{ - (void)len; (void)prot; (void)flags; (void)fd; (void)offset; - return mmap((void *)&addr); -} - +extern char *mmap(void *addr, size_t len, + int prot, int flags, int fd, off_t offset); /************************************************************************* // UPX & NRV stuff @@ -274,7 +268,7 @@ xfind_pages(unsigned mflags, Elf32_Phdr const *phdr, int phnum, lo -= ~PAGE_MASK & lo; // round down to page boundary hi = PAGE_MASK & (hi - lo - PAGE_MASK -1); // page length szlo = PAGE_MASK & (szlo - PAGE_MASK -1); // page length - addr = do_mmap((void *)lo, hi, PROT_READ|PROT_WRITE|PROT_EXEC, + addr = mmap((void *)lo, hi, PROT_READ|PROT_WRITE|PROT_EXEC, mflags, 0, 0 ); *p_brk = hi + addr; // the logical value of brk(0) munmap(szlo + addr, hi - szlo); // desirable if PT_LOAD non-contiguous @@ -306,7 +300,7 @@ do_xmap(int const fdi, Elf32_Ehdr const *const ehdr, struct Extent *const xi, addr -= frag; // Decompressor can overrun the destination by 3 bytes. - if (addr != do_mmap(addr, mlen + (xi ? 3 : 0), PROT_READ | PROT_WRITE, + if (addr != mmap(addr, mlen + (xi ? 3 : 0), PROT_READ | PROT_WRITE, MAP_FIXED | MAP_PRIVATE | (xi ? MAP_ANONYMOUS : 0), fdi, phdr->p_offset - frag) ) { err_exit(8); @@ -331,7 +325,7 @@ ERR_LAB } addr += mlen + frag; /* page boundary on hi end */ if (addr < haddr) { // need pages for .bss - if (addr != do_mmap(addr, haddr - addr, prot, + if (addr != mmap(addr, haddr - addr, prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, 0, 0 ) ) { err_exit(9); } diff --git a/src/stub/l_lx_exec.c b/src/stub/l_lx_exec.c index badc3201..32863ac2 100644 --- a/src/stub/l_lx_exec.c +++ b/src/stub/l_lx_exec.c @@ -127,14 +127,8 @@ static uint32_t ascii5(char *p, uint32_t v, unsigned n) } -static unsigned char * -__attribute_cdecl -do_mmap(void *addr, size_t len, int prot, int flags, int fd, off_t offset) -{ - (void)len; (void)prot; (void)flags; (void)fd; (void)offset; - return (unsigned char *) mmap((void *)&addr); -} - +extern char *mmap(void *addr, size_t len, + int prot, int flags, int fd, off_t offset); #if defined(__i386__) # define SET2(p, c0, c1) \ @@ -359,7 +353,7 @@ void upx_main( #if defined(USE_MMAP_FO) // FIXME: packer could set length - buf = do_mmap(0, header.p_filesize, + buf = (unsigned char *)mmap(0, header.p_filesize, PROT_READ | PROT_WRITE, MAP_SHARED, fdo, 0); if ((unsigned long) buf >= (unsigned long) -4095) goto error; @@ -367,13 +361,13 @@ void upx_main( // Decompressor can overrun the output by 3 bytes. // Defend against SIGSEGV by using a scratch page. // FIXME: packer could set address delta - do_mmap(buf + (PAGE_MASK & (header.p_filesize + ~PAGE_MASK)), + mmap(buf + (PAGE_MASK & (header.p_filesize + ~PAGE_MASK)), -PAGE_MASK, PROT_READ | PROT_WRITE, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, 0, 0 ); #else // Temporary decompression buffer. // FIXME: packer could set length - buf = do_mmap(0, (header.p_blocksize + OVERHEAD + ~PAGE_MASK) & PAGE_MASK, + buf = mmap(0, (header.p_blocksize + OVERHEAD + ~PAGE_MASK) & PAGE_MASK, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, 0, 0 ); if ((unsigned long) buf >= (unsigned long) -4095) goto error; diff --git a/src/stub/l_lx_pti.c b/src/stub/l_lx_pti.c index c3d4918f..cb74ab9d 100644 --- a/src/stub/l_lx_pti.c +++ b/src/stub/l_lx_pti.c @@ -96,14 +96,8 @@ do_brk(void *addr) return brk(addr); } -static char * -__attribute_cdecl -do_mmap(void *addr, size_t len, int prot, int flags, int fd, off_t offset) -{ - (void)len; (void)prot; (void)flags; (void)fd; (void)offset; - return mmap((void *)&addr); -} - +extern char *mmap(void *addr, size_t len, + int prot, int flags, int fd, off_t offset); /************************************************************************* // UPX & NRV stuff @@ -270,7 +264,7 @@ xfind_pages(unsigned mflags, Elf32_Phdr const *phdr, int phnum, lo -= ~PAGE_MASK & lo; // round down to page boundary hi = PAGE_MASK & (hi - lo - PAGE_MASK -1); // page length szlo = PAGE_MASK & (szlo - PAGE_MASK -1); // page length - addr = do_mmap((void *)lo, hi, PROT_READ|PROT_WRITE|PROT_EXEC, mflags, 0, 0); + addr = mmap((void *)lo, hi, PROT_READ|PROT_WRITE|PROT_EXEC, mflags, 0, 0); *p_brk = hi + addr; // the logical value of brk(0) munmap(szlo + addr, hi - szlo); // desirable if PT_LOAD non-contiguous return (unsigned long)addr - lo; @@ -310,7 +304,7 @@ do_xmap( haddr += reloc; // Decompressor can overrun the destination by 3 bytes. - if (addr != do_mmap(addr, mlen + (xi ? 3 : 0), PROT_READ | PROT_WRITE, + if (addr != mmap(addr, mlen + (xi ? 3 : 0), PROT_READ | PROT_WRITE, MAP_FIXED | MAP_PRIVATE | (xi ? MAP_ANONYMOUS : 0), fdi, phdr->p_offset - frag) ) { err_exit(8); @@ -334,7 +328,7 @@ ERR_LAB } addr += mlen + frag; /* page boundary on hi end */ if (addr < haddr) { // need pages for .bss - if (addr != do_mmap(addr, haddr - addr, prot, + if (addr != mmap(addr, haddr - addr, prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, 0, 0 ) ) { err_exit(9); } diff --git a/src/stub/l_lx_sep.c b/src/stub/l_lx_sep.c index a7fdc68e..ae35e95c 100644 --- a/src/stub/l_lx_sep.c +++ b/src/stub/l_lx_sep.c @@ -111,15 +111,6 @@ do_brk(void *addr) return brk(addr); } -static char * -__attribute_cdecl -do_mmap(void *addr, size_t len, int prot, int flags, int fd, off_t offset) -{ - (void)len; (void)prot; (void)flags; (void)fd; (void)offset; - return mmap((int *)&addr); -} - - /************************************************************************* // UPX & NRV stuff **************************************************************************/ @@ -264,7 +255,7 @@ do_xmap(int fdi, Elf32_Ehdr const *const ehdr, f_expand *const f_decompress, do_brk(haddr+OVERHEAD); // Also takes care of whole pages of .bss } // Decompressor can overrun the destination by 3 bytes. - if (addr != do_mmap(addr, mlen + (f_decompress ? 3 : 0), PROT_READ | PROT_WRITE, + if (addr != mmap(addr, mlen + (f_decompress ? 3 : 0), PROT_READ | PROT_WRITE, MAP_FIXED | MAP_PRIVATE | (f_decompress ? MAP_ANONYMOUS : 0), fdi, phdr->p_offset - frag) ) { err_exit(8); @@ -286,7 +277,7 @@ do_xmap(int fdi, Elf32_Ehdr const *const ehdr, f_expand *const f_decompress, addr += frag + mlen; mlen = haddr - addr; if (0 < (int)mlen) { // need more pages, too - if (addr != do_mmap(addr, mlen, PROT_READ | PROT_WRITE, + if (addr != mmap(addr, mlen, PROT_READ | PROT_WRITE, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, 0, 0 ) ) { err_exit(9); ERR_LAB diff --git a/src/stub/l_lx_sh.c b/src/stub/l_lx_sh.c index bf07b82f..eae08e3d 100644 --- a/src/stub/l_lx_sh.c +++ b/src/stub/l_lx_sh.c @@ -93,14 +93,8 @@ do_brk(void *addr) return brk(addr); } -static char * -__attribute_cdecl -do_mmap(void *addr, size_t len, int prot, int flags, int fd, off_t offset) -{ - (void)len; (void)prot; (void)flags; (void)fd; (void)offset; - return mmap((void *)&addr); -} - +extern char *mmap(void *addr, size_t len, + int prot, int flags, int fd, off_t offset); /************************************************************************* // UPX & NRV stuff @@ -215,7 +209,7 @@ xfind_pages(unsigned mflags, Elf32_Phdr const *phdr, int phnum) lo -= ~PAGE_MASK & lo; // round down to page boundary hi = PAGE_MASK & (hi - lo - PAGE_MASK -1); // page length szlo = PAGE_MASK & (szlo - PAGE_MASK -1); // page length - addr = do_mmap((void *)lo, hi, PROT_READ|PROT_WRITE|PROT_EXEC, mflags, 0, 0); + addr = mmap((void *)lo, hi, PROT_READ|PROT_WRITE|PROT_EXEC, mflags, 0, 0); // Doing this may destroy the brk() that we set so carefully above. // The munmap() is "needed" only for discontiguous PT_LOAD, @@ -257,7 +251,7 @@ do_xmap(int const fdi, Elf32_Ehdr const *const ehdr, Elf32_auxv_t *const av) haddr += reloc; // Decompressor can overrun the destination by 3 bytes. - if (addr != do_mmap(addr, mlen, PROT_READ | PROT_WRITE, + if (addr != mmap(addr, mlen, PROT_READ | PROT_WRITE, MAP_FIXED | MAP_PRIVATE, fdi, phdr->p_offset - frag) ) { err_exit(8); @@ -271,7 +265,7 @@ ERR_LAB } addr += mlen + frag; /* page boundary on hi end */ if (addr < haddr) { // need pages for .bss - if (addr != do_mmap(addr, haddr - addr, prot, + if (addr != mmap(addr, haddr - addr, prot, MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, 0, 0 ) ) { err_exit(9); } diff --git a/src/stub/l_lx_sh86.asm b/src/stub/l_lx_sh86.asm index 12be5178..9b013c73 100644 --- a/src/stub/l_lx_sh86.asm +++ b/src/stub/l_lx_sh86.asm @@ -42,7 +42,7 @@ GLOBAL _start ;__LEXEC000__ _start: -;;;; int3 + int3 ;; How to debug this code: Uncomment the 'int3' breakpoint instruction above. ;; Build the stubs and upx. Compress a testcase, such as a copy of /bin/date. ;; Invoke gdb, and give a 'run' command. Define a single-step macro such as @@ -85,6 +85,7 @@ decompress: %include "n2b_d32.ash" %include "n2d_d32.ash" %include "n2e_d32.ash" +%include "cl1_d32.ash" %include "macros.ash" cjt32 0 diff --git a/src/stub/linux.hh b/src/stub/linux.hh index f1397594..9642683b 100644 --- a/src/stub/linux.hh +++ b/src/stub/linux.hh @@ -351,7 +351,6 @@ static inline _syscall0(pid_t,getpid) static inline _syscall2(int,getrusage,int,who,struct rusage *,usage); static inline _syscall2(int,gettimeofday,struct timeval *,tv,void *,tz) static inline _syscall3(off_t,lseek,int,fd,off_t,offset,int,whence) -static inline _syscall1m(caddr_t,mmap,const int *,args) static inline _syscall3(int,mprotect,void *,addr,size_t,len,int,prot) static inline _syscall3(int,msync,const void *,start,size_t,length,int,flags) static inline _syscall2(int,munmap,void *,start,size_t,length)