Almost running application

momo5502 · Aug 31, 2024 · 164e9b7 · 164e9b7
1 parent 3ead613
commit 164e9b7
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 3 deletions.
diff --git a/src/windows_emulator/main.cpp b/src/windows_emulator/main.cpp
@@ -609,6 +609,7 @@ namespace
 		execution_context.access([&](CONTEXT& c)
 		{
 			c.Rip = entry2;
+			c.Rcx = context.executable.entry_point;
 			c.Rsp = emu->reg(x64_register::rsp);
 		});
 

diff --git a/src/windows_emulator/module_mapper.cpp b/src/windows_emulator/module_mapper.cpp
@@ -158,7 +158,8 @@ namespace
 			emu.hook_memory_execution(exp.first, 0,
 			                          [n = std::move(name), filename](const uint64_t address, const size_t)
 			                          {
-				                          printf("Executing function: %s - %s (%llX)\n",filename.c_str(), n.c_str(), address);
+				                          printf("Executing function: %s - %s (%llX)\n", filename.c_str(), n.c_str(),
+				                                 address);
 			                          });
 		}
 	}
@@ -189,6 +190,9 @@ namespace
 			}
 		}
 
+
+		binary.entry_point = binary.image_base + optional_header.AddressOfEntryPoint;
+
 		printf("Mapping %s at %llX\n", name.c_str(), binary.image_base);
 
 		emu.write_memory(binary.image_base, ptr, optional_header.SizeOfHeaders);

diff --git a/src/windows_emulator/process_context.hpp b/src/windows_emulator/process_context.hpp
@@ -15,6 +15,7 @@ struct mapped_binary
 {
 	uint64_t image_base{};
 	uint64_t size_of_image{};
+	uint64_t entry_point{};
 	exported_symbols exports{};
 };
 

diff --git a/src/windows_emulator/syscalls.cpp b/src/windows_emulator/syscalls.cpp
@@ -1017,7 +1017,7 @@ namespace
 	NTSTATUS handle_NtCreateSection(const syscall_context& c, const emulator_object<uint64_t> section_handle,
 	                                const ACCESS_MASK /*desired_access*/,
 	                                const emulator_object<OBJECT_ATTRIBUTES> /*object_attributes*/,
-	                                const emulator_object<LARGE_INTEGER> maximum_size,
+	                                const emulator_object<LARGE_INTEGER> /*maximum_size*/,
 	                                const ULONG /*section_page_protection*/, const ULONG /*allocation_attributes*/,
 	                                const uint64_t /*file_handle*/)
 	{
@@ -1079,7 +1079,7 @@ namespace
 	}
 
 	NTSTATUS handle_NtContinue(const syscall_context& c, const emulator_object<CONTEXT> thread_context,
-	                           const BOOLEAN raise_alert)
+	                           const BOOLEAN /*raise_alert*/)
 	{
 		const auto context = thread_context.read();
 		apply_context(c.emu, context);