stub/amd64-win64.pe.h matches upx-v4.2.4

so that anti-virus checkers of apps for 64-bit Windows that are newly- compressed by upx should not complain about new matches with malware. This costs a few bytes and a small fraction of cycles in NRV2 de-compressors, but is considered to be a tolerable concession to the cesspool environment of software for Microsoft Windows. modified: ../misc/testsuite/upx_testsuite_1-expected_sha256sums.sh modified: p_w64pe_amd64.cpp see code comments modified: stub/amd64-win64.pe.h modified: stub/src/arch/amd64/lzma_d.S see code comments modified: stub/src/arch/amd64/nrv2b_d.S modified: stub/src/arch/amd64/nrv2d_d.S modified: stub/src/arch/amd64/nrv2e_d.S modified: stub/tmp/amd64-win64.pe.bin.dump
2025-01-02 11:47:34 -08:00
parent 1a6c1f0589
commit f6e3df69eb
8 changed files with 1012 additions and 971 deletions
@@ -89,11 +89,13 @@ void PackW64PeAmd64::buildLoader(const Filter *ft) {
        addLoader("PEISDLL0");
    if (isefi)
        addLoader("PEISEFI0");
-    addLoader(isdll ? "PEISDLL1" : "", "PEMAIN01",
+    addLoader(isdll ? "PEISDLL1" : "", "PEMAIN01",  // outer "enter" (push rbp; mov rsp,rbp)
              icondir_count > 1 ? (icondir_count == 2 ? "PEICONS1" : "PEICONS2") : "",
              tmp_tlsindex ? "PETLSHAK" : "", "PEMAIN02",
              // ph.first_offset_found == 1 ? "PEMAIN03" : "",
              M_IS_LZMA(ph.method)    ? "LZMA_HEAD,LZMA_ELF00,LZMA_DEC20,LZMA_TAIL"
+                  // LZMA_ELF00 has inner "enter" (push rbp; mov rsp,rbp)
+                  // LZMA_TAIL  has inner 'leave' (mov rbp,rsp; pop rbp)
              : M_IS_NRV2B(ph.method) ? "NRV_HEAD,NRV2B"
              : M_IS_NRV2D(ph.method) ? "NRV_HEAD,NRV2D"
              : M_IS_NRV2E(ph.method) ? "NRV_HEAD,NRV2E"
@@ -126,7 +128,7 @@ void PackW64PeAmd64::buildLoader(const Filter *ft) {
    if (use_tls_callbacks)
        addLoader("PETLSC");

-    addLoader("PEMAIN20");
+    addLoader("PEMAIN20");  // outer "leave" (mov rbp,rsp; pop rbp)
    if (use_clear_dirty_stack)
        addLoader("CLEARSTACK");
    addLoader("PEMAIN21");
@@ -53,7 +53,7 @@ section LZMA_ELF00
 #define M_LZMA          14
        cmpb $ M_LZMA,methb; jne not_lzma
 #endif
-        pushq %rbp; movq %rsp,%rbp  // we use alloca
+        pushq %rbp; movq %rsp,%rbp  // we use alloca; 'leave' is in LZMA_DEC30

 //LzmaDecode(  // from lzmaSDK/C/7zip/Compress/LZMA_C/LzmaDecode.h
 //      %arg1= &CLzmaDecoderState,
@@ -124,19 +124,22 @@ section LZMA_DEC30
 #endif
        movl szSizeT(%rbx),%ecx; addq %rcx,%rsi  //  inSizeProcessed
        movl        (%rbx),%edx; addq %rdx,%rdi  // outSizeProcessed
-        leave  // movl %ebp,%rsp; popq %rbp
-#ifdef WINDOWS_BACK
-        jmp eof_lzma_win
-#else
-        jmp eof_lzma
-#endif // WINDOWS_BACK
+        leave  //  %rsp = %rbp;  %rbp = * %rsp ++;  "enter" is in LZMA_ELF00

-#ifndef NO_METHOD_CHECK
-not_lzma:
+#ifdef WINDOWS_BACK  //{  Must match stub/amd64-win64.pe.h of upx-v4.2.4.
+    // amd64-win64.pe.S has unconditional "#define NO_METHOD_CHECK"
+    // because p_w64pe_amd64.cpp assumes only one method, and generates it;
+    // thus there is no need to check the method, nor to recover from a mismatch.
+    // In such a case LZMA_DEC30 ends with the [inner] 'leave' above, and
+    // falls into section PEMAIN20, which immediately has an [outer] 'leave'.
+#else  //}{  ndef WINDOWS_BACK
+        jmp eof_lzma  # lzma de-compression is done
+    #ifndef NO_METHOD_CHECK  //{
+    not_lzma:  # recover from not matching M_LZMA
        push %rdi; pop %rsi  # src = arg1
        # fall into next daisy-chain method
-#endif // NO_METHOD_CHECK
-eof_lzma_win:
+    #endif  //}
+#endif  //}

 // vi:ts=8:et

@@ -45,7 +45,11 @@ lit_n2b:
        incq %rsi; movb %dl,(%rdi)
        incq %rdi
 top_n2b:
+#ifdef WINDOWS_BACK
+        movb (%rsi),%dl  # prefetch: literal, or bottom 8 bits of offset
+#else
        movzbl (%rsi),%edx  # prefetch: literal, or bottom 8 bits of offset
+#endif
        jnextb1yp lit_n2b
        lea 1(lenq),off  # [len= 0] off= 1
 offmore_n2b:
@@ -53,9 +57,15 @@ offmore_n2b:
        jnextb0np offmore_n2b

        subl $ 3,off; jc len_n2b  # use previous offset
+#ifdef WINDOWS_BACK
+        shll $ 8,off; movzbl %dl,%edx
+        orl %edx,off; incq %rsi
+        xorl $~0,off; jz EOF
+#else
        shll $ 8,off; incq %rsi
        orl %edx,off
        xorl $~0,off; jz EOF
+#endif
        movslq off,dispq  # XXX: 2GB
 len_n2b:
        lea 1(lenq),off  # [len= 0] off= 1
@@ -73,11 +83,17 @@ gotlen_n2b:
 bot_n2b:  # In: 0==len
        jmp top_n2b

-#ifndef NO_METHOD_CHECK
+#ifndef NO_METHOD_CHECK  //{
 not_n2b:
        push %rdi; pop %rsi  # src = arg1
+#ifdef WINDOWS_BACK
+        # fall into 'EOF'
 #endif
+#endif  //}
+
+#ifndef WINDOWS_BACK
        # fall into daisy chain
+#endif
 /*
 vi:ts=8:et:nowrap
 */
@@ -45,7 +45,11 @@ lit_n2d:
        incq %rsi; movb %dl,(%rdi)
        incq %rdi
 top_n2d:
+#ifdef WINDOWS_BACK
+        movb (%rsi),%dl  // speculate: literal, or bottom 8 bits of offset
+#else
        movzbl (%rsi),%edx  // speculate: literal, or bottom 8 bits of offset
+#endif
        jnextb1yp lit_n2d
        lea 1(lenq),off  // [len= 0] off= 1
        jmp getoff_n2d
@@ -58,9 +62,15 @@ getoff_n2d:
        jnextb0np off_n2d

        subl $ 3,off; jc offprev_n2d
+#ifdef WINDOWS_BACK
+        shll $ 8,off; movzbl %dl,%edx
+        orl %edx,off; incq %rsi
+        xorl $~0,off; jz eof
+#else
        shll $ 8,off; incq %rsi
        orl %edx,off
        xorl $~0,off; jz EOF
+#endif
        sarl     off  // Carry= original low bit
        movslq   off,dispq  // XXX: 2GB
        jmp len_n2d-2  // CHEAT: assume tail of getnextb is "adcl len,len"
@@ -45,7 +45,11 @@ lit_n2e:
        incq %rsi; movb %dl,(%rdi)
        incq %rdi
 top_n2e:
+#ifdef WINDOWS_BACK
+        movb (%rsi),%dl  # speculate: literal, or bottom 8 bits of offset
+#else
        movzbl (%rsi),%edx  # speculate: literal, or bottom 8 bits of offset
+#endif
        jnextb1yp lit_n2e
        lea 1(lenq),off  # [len= 0] off= 1
        jmp getoff_n2e
@@ -58,9 +62,15 @@ getoff_n2e:
        jnextb0np off_n2e

        subl $ 3,off; jc offprev_n2e
+#ifdef WINDOWS_BACK
+        shll $ 8,off; movzbl %dl,%edx
+        orl %edx,off; incq %rsi
+        xorl $~0,off; jz eof
+#else
        shll $ 8,off; incq %rsi
        orl %edx,off
        xorl $~0,off; jz EOF
+#endif
        sarl off  # Carry= original low bit
        movslq off,dispq  # XXX: 2GB
        jc lenlast_n2e
@@ -13,46 +13,46 @@ Idx Name          Size      VMA               LMA               File off  Algn
  8 PEMAIN02      01  0  0  08c  2**0  CONTENTS
  9 PEMAIN03      0  0  0  08d  2**0  CONTENTS
 10 NRV_HEAD      060  0  0  08d  2**0  CONTENTS
- 11 NRV2B         081  0  0  0ed  2**0  CONTENTS
- 12 NRV2D         08f  0  0  016e  2**0  CONTENTS
- 13 NRV2E         0a8  0  0  01fd  2**0  CONTENTS
- 14 LZMA_HEAD     014  0  0  02a5  2**0  CONTENTS
- 15 LZMA_ELF00    05a  0  0  02b9  2**0  CONTENTS
- 16 LZMA_DEC20    0a01  0  0  0313  2**0  CONTENTS
- 17 LZMA_DEC30    016  0  0  0d14  2**0  CONTENTS
- 18 LZMA_TAIL     02  0  0  0d2a  2**0  CONTENTS
- 19 PEMAIN10      01  0  0  0d2c  2**0  CONTENTS
- 20 PETLSHAK2     04  0  0  0d2d  2**0  CONTENTS
- 21 PECTTPOS      07  0  0  0d31  2**0  CONTENTS
- 22 PECTTNUL      03  0  0  0d38  2**0  CONTENTS
- 23 PEFILTER49    052  0  0  0d3b  2**0  CONTENTS
- 24 PEIMPORT      034  0  0  0d8d  2**0  CONTENTS
- 25 PEIBYORD      02  0  0  0dc1  2**0  CONTENTS
- 26 PEK32ORD      012  0  0  0dc3  2**0  CONTENTS
- 27 PEIMORD1      0a  0  0  0dd5  2**0  CONTENTS
- 28 PEIMPOR2      021  0  0  0ddf  2**0  CONTENTS
- 29 PEIERDLL      0b  0  0  0e00  2**0  CONTENTS
- 30 PEIEREXE      06  0  0  0e0b  2**0  CONTENTS
- 31 PEIMDONE      04  0  0  0e11  2**0  CONTENTS
- 32 PERELOC1      07  0  0  0e15  2**0  CONTENTS
- 33 PERELOC2      04  0  0  0e1c  2**0  CONTENTS
- 34 PERELOC3      030  0  0  0e20  2**0  CONTENTS
- 35 REL64BIG      0a  0  0  0e50  2**0  CONTENTS
- 36 RELOC64J      02  0  0  0e5a  2**0  CONTENTS
- 37 PERLOHI0      0a  0  0  0e5c  2**0  CONTENTS
- 38 PERELLO0      0b  0  0  0e66  2**0  CONTENTS
- 39 PERELHI0      0e  0  0  0e71  2**0  CONTENTS
- 40 PEDEPHAK      04b  0  0  0e7f  2**0  CONTENTS
- 41 PETLSC        01b  0  0  0eca  2**0  CONTENTS
- 42 PEMAIN20      04  0  0  0ee5  2**0  CONTENTS
- 43 CLEARSTACK    010  0  0  0ee9  2**0  CONTENTS
- 44 PEMAIN21      0  0  0  0ef9  2**0  CONTENTS
- 45 PEISDLL9      0f  0  0  0ef9  2**0  CONTENTS
- 46 PEISEFI9      02  0  0  0f08  2**0  CONTENTS
- 47 PERETURN      04  0  0  0f0a  2**0  CONTENTS
- 48 PEDOJUMP      05  0  0  0f0e  2**0  CONTENTS
- 49 PETLSC2       026  0  0  0f13  2**0  CONTENTS
- 50 UPX1HEAD      020  0  0  0f39  2**0  CONTENTS
+ 11 NRV2B         083  0  0  0ed  2**0  CONTENTS
+ 12 NRV2D         091  0  0  0170  2**0  CONTENTS
+ 13 NRV2E         0aa  0  0  0201  2**0  CONTENTS
+ 14 LZMA_HEAD     014  0  0  02ab  2**0  CONTENTS
+ 15 LZMA_ELF00    05a  0  0  02bf  2**0  CONTENTS
+ 16 LZMA_DEC20    0a01  0  0  0319  2**0  CONTENTS
+ 17 LZMA_DEC30    014  0  0  0d1a  2**0  CONTENTS
+ 18 LZMA_TAIL     02  0  0  0d2e  2**0  CONTENTS
+ 19 PEMAIN10      01  0  0  0d30  2**0  CONTENTS
+ 20 PETLSHAK2     04  0  0  0d31  2**0  CONTENTS
+ 21 PECTTPOS      07  0  0  0d35  2**0  CONTENTS
+ 22 PECTTNUL      03  0  0  0d3c  2**0  CONTENTS
+ 23 PEFILTER49    052  0  0  0d3f  2**0  CONTENTS
+ 24 PEIMPORT      034  0  0  0d91  2**0  CONTENTS
+ 25 PEIBYORD      02  0  0  0dc5  2**0  CONTENTS
+ 26 PEK32ORD      012  0  0  0dc7  2**0  CONTENTS
+ 27 PEIMORD1      0a  0  0  0dd9  2**0  CONTENTS
+ 28 PEIMPOR2      021  0  0  0de3  2**0  CONTENTS
+ 29 PEIERDLL      0b  0  0  0e04  2**0  CONTENTS
+ 30 PEIEREXE      06  0  0  0e0f  2**0  CONTENTS
+ 31 PEIMDONE      04  0  0  0e15  2**0  CONTENTS
+ 32 PERELOC1      07  0  0  0e19  2**0  CONTENTS
+ 33 PERELOC2      04  0  0  0e20  2**0  CONTENTS
+ 34 PERELOC3      030  0  0  0e24  2**0  CONTENTS
+ 35 REL64BIG      0a  0  0  0e54  2**0  CONTENTS
+ 36 RELOC64J      02  0  0  0e5e  2**0  CONTENTS
+ 37 PERLOHI0      0a  0  0  0e60  2**0  CONTENTS
+ 38 PERELLO0      0b  0  0  0e6a  2**0  CONTENTS
+ 39 PERELHI0      0e  0  0  0e75  2**0  CONTENTS
+ 40 PEDEPHAK      04b  0  0  0e83  2**0  CONTENTS
+ 41 PETLSC        01b  0  0  0ece  2**0  CONTENTS
+ 42 PEMAIN20      04  0  0  0ee9  2**0  CONTENTS
+ 43 CLEARSTACK    010  0  0  0eed  2**0  CONTENTS
+ 44 PEMAIN21      0  0  0  0efd  2**0  CONTENTS
+ 45 PEISDLL9      0f  0  0  0efd  2**0  CONTENTS
+ 46 PEISEFI9      02  0  0  0f0c  2**0  CONTENTS
+ 47 PERETURN      04  0  0  0f0e  2**0  CONTENTS
+ 48 PEDOJUMP      05  0  0  0f12  2**0  CONTENTS
+ 49 PETLSC2       026  0  0  0f17  2**0  CONTENTS
+ 50 UPX1HEAD      020  0  0  0f3d  2**0  CONTENTS
 SYMBOL TABLE:
 0000000000000000 l    d  NRV_HEAD 0 NRV_HEAD
 0000000000000000 l       PEIMDONE 0 imports_done
@@ -164,15 +164,15 @@ OFFSET           TYPE              VALUE

 RELOCATION RECORDS FOR [NRV2B]:
 OFFSET           TYPE              VALUE
-000000000000007b R_X86_64_PC32     NRV_HEAD+0x000000000000001b
+000000000000007d R_X86_64_PC32     NRV_HEAD+0x000000000000001b

 RELOCATION RECORDS FOR [NRV2D]:
 OFFSET           TYPE              VALUE
-0000000000000086 R_X86_64_PC32     NRV_HEAD+0x000000000000001b
+0000000000000088 R_X86_64_PC32     NRV_HEAD+0x000000000000001b

 RELOCATION RECORDS FOR [NRV2E]:
 OFFSET           TYPE              VALUE
-000000000000009f R_X86_64_PC32     NRV_HEAD+0x000000000000001b
+00000000000000a1 R_X86_64_PC32     NRV_HEAD+0x000000000000001b

 RELOCATION RECORDS FOR [LZMA_HEAD]:
 OFFSET           TYPE              VALUE