Re: [PATCH] Support a protection scheme which reset the GS selector - v2
On 2013-02-07 17:00, Alessandro Pignotti wrote:
+ opcode=(unsigned char*)context->Eip; + if (*opcode==0x65 && /* GS segment instruction prefix */ + context->SegGs!=ntdll_get_thread_data()->gs)
Segment-override prefix may be preceded by repeat or operand-size override prefixes. So instruction that refers to GS-segment doesn't always starts with 0x65. -- Sergey
On 2013-02-07 17:00, Alessandro Pignotti wrote:
+ opcode=(unsigned char*)context->Eip; + if (*opcode==0x65 && /* GS segment instruction prefix */ + context->SegGs!=ntdll_get_thread_data()->gs)
Segment-override prefix may be preceded by repeat or operand-size override prefixes. So instruction that refers to GS-segment doesn't always starts with 0x65.
...and by the lock prefix actually. I've sent a new version of the patch which accounts for the various prefixes Alessandro
Alessandro Pignotti <alessandro(a)agawi.io> writes:
On 2013-02-07 17:00, Alessandro Pignotti wrote:
+ opcode=(unsigned char*)context->Eip; + if (*opcode==0x65 && /* GS segment instruction prefix */ + context->SegGs!=ntdll_get_thread_data()->gs)
Segment-override prefix may be preceded by repeat or operand-size override prefixes. So instruction that refers to GS-segment doesn't always starts with 0x65.
...and by the lock prefix actually. I've sent a new version of the patch which accounts for the various prefixes
I already put in a fix that does this (and more). Please verify that it works for you, or improve it if it doesn't. -- Alexandre Julliard julliard(a)winehq.org
participants (3)
-
Alessandro Pignotti -
Alexandre Julliard -
Sergey Guralnik