Modified the manner in which set and clear worked to make them more interconnected

and better! git-svn-id: file:///home/svn/incoming/trunk@3356 4d416f70-5f16-0410-b530-b9f4589650da
2006-01-09 02:07:56 +00:00 · 2006-01-09 02:07:56 +00:00 · 9e4530ff30
parent 953cbe0f20
commit 9e4530ff30
2 changed files with 19 additions and 10 deletions
--- a/lib/rex/arch/x86.rb
+++ b/lib/rex/arch/x86.rb
@ -142,12 +142,7 @@ module X86
 	#
 	def self.clear(reg, badchars = '')
 		_check_reg(reg)
-		opcodes = Rex::Text.remove_badchars("\x29\x2b\x31\x33", badchars)
-		if opcodes.empty?
-			raise RuntimeError, "Could not find a usable opcode", caller()
-		end
-
-		return opcodes[rand(opcodes.length)].chr + encode_modrm(reg, reg)
+		return set(reg, 0, badchars)
 	end

 	#
@ -188,25 +183,35 @@ module X86
 	def self.set(dst, val, badchars = '')
 		_check_reg(dst)

-		# try push BYTE val; pop dst
+		# If the value is 0 try xor/sub dst, dst (2 bytes)
+		if(val == 0)
+			opcodes = Rex::Text.remove_badchars("\x29\x2b\x31\x33", badchars)
+			if !opcodes.empty?
+				return opcodes[rand(opcodes.length)].chr + encode_modrm(dst, dst)
+			end
+		end
+
+		# try push BYTE val; pop dst (3 bytes)
 		begin
 			return _check_badchars(push_byte(val) + pop_dword(dst), badchars)
 		rescue ::ArgumentError, RuntimeError, RangeError
 		end

-		# try clear dst, mov BYTE dst
+		# try clear dst, mov BYTE dst (4 bytes)
 		begin
 			return _check_badchars(clear(dst, badchars) + mov_byte(dst, val), badchars)
 		rescue ::ArgumentError, RuntimeError, RangeError
 		end
+# TODO: Use add...
+# TODO: Use clear dst, mov BYTE dst, add

-		# try clear dst, mov WORD dst
+		# try clear dst, mov WORD dst (6 bytes)
 		begin
 			return _check_badchars(clear(dst, badchars) + mov_word(dst, val), badchars)
 		rescue ::ArgumentError, RuntimeError, RangeError
 		end

-		# try clear dst, mov DWORD dst
+		# try clear dst, mov DWORD dst (7 bytes)
 		begin
 			return _check_badchars(clear(dst, badchars) + mov_dword(dst, val), badchars)
 		rescue ::ArgumentError, RuntimeError, RangeError
--- a/lib/rex/arch/x86.rb.ut.rb
+++ b/lib/rex/arch/x86.rb.ut.rb
@ -65,6 +65,10 @@ class Rex::Arch::X86::UnitTest < ::Test::Unit::TestCase
 		assert_equal("\x83\xc4\x47", Klass.add(0x47, Klass::ESP, '', true))
 		assert_equal("\x81\xc4\x11\x11\x01\x00", Klass.add(0x11111, Klass::ESP, '', true))
 	end
+
+	def test_clear
+		assert_equal("\x33\xc0", Klass.clear(Klass::EAX, "\x27\x29\x31"))
+	end
 	
 	def test_searcher
 			s = "\xbe"+                  # mov esi, Tag - 1