admin/awesome_anti_virus_engine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix up

Browse Source
This commit is contained in:
huoji
2025-03-06 20:08:12 +08:00
parent 9a5ea0f919
commit ed5e7ae994
3 changed files with 47 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ai_anti_malware/sandbox_api_emu.cpp
View File

@@ -264,8 +264,8 @@ auto Api_TlsAlloc(void* sandbox, uc_engine* uc, uint64_t address) -> void {
auto teb = context->GetTeb64();
// 在TLS槽中查找第一个可用的位置
for (DWORD i = 0; i < 64; i++) { // TEB中TlsSlots数组大小为64
if (teb->TlsSlots[i] == nullptr) {
teb->TlsSlots[i] = (void*)1; // 标记为已使用
if (teb->TlsSlots[i] == (void*)0x1337ffffff) {
teb->TlsSlots[i] = (void*)0; // 标记为已使用
tls_index = i;
break;
}
@@ -274,8 +274,8 @@ auto Api_TlsAlloc(void* sandbox, uc_engine* uc, uint64_t address) -> void {
auto teb = context->GetTeb32();
// 在TLS槽中查找第一个可用的位置
for (DWORD i = 0; i < 64; i++) { // TEB中TlsSlots数组大小为64
if (teb->TlsSlots[i] == 0) {
teb->TlsSlots[i] = 1; // 标记为已使用
if (teb->TlsSlots[i] == 0x1337) {
teb->TlsSlots[i] = 0; // 标记为已使用
tls_index = i;
break;
}
@@ -329,14 +329,14 @@ auto Api_TlsSetValue(void* sandbox, uc_engine* uc, uint64_t address) -> void {
if (context->GetPeInfo()->isX64) {
auto teb = context->GetTeb64();
// 检查槽是否已分配不为nullptr
if (teb->TlsSlots[dwTlsIndex] != nullptr) {
if (teb->TlsSlots[dwTlsIndex] != (void*)0x1337ffffff) {
teb->TlsSlots[dwTlsIndex] = (void*)lpTlsValue;
success = TRUE;
}
} else {
auto teb = context->GetTeb32();
// 检查槽是否已分配不为0
if (teb->TlsSlots[dwTlsIndex] != 0) {
if (teb->TlsSlots[dwTlsIndex] != 0x1337) {
teb->TlsSlots[dwTlsIndex] = static_cast<uint32_t>(lpTlsValue);
success = TRUE;
}
@@ -699,7 +699,7 @@ auto Api_TlsGetValue(void* sandbox, uc_engine* uc, uint64_t address) -> void {
if (context->GetPeInfo()->isX64) {
auto teb = context->GetTeb64();
// 检查槽是否已分配不为nullptr
if (teb->TlsSlots[dwTlsIndex] != nullptr) {
if (teb->TlsSlots[dwTlsIndex] != (void*)0x1337ffffff) {
return_value =
reinterpret_cast<uint64_t>(teb->TlsSlots[dwTlsIndex]);
} else {
@@ -710,7 +710,7 @@ auto Api_TlsGetValue(void* sandbox, uc_engine* uc, uint64_t address) -> void {
} else {
auto teb = context->GetTeb32();
// 检查槽是否已分配不为0
if (teb->TlsSlots[dwTlsIndex] != 0) {
if (teb->TlsSlots[dwTlsIndex] != 0x1337) {
return_value = teb->TlsSlots[dwTlsIndex];
} else {
// 槽未分配设置LastError