22 Dec
2024
22 Dec
'24
11:33 p.m.
On Sun Dec 22 23:30:51 2024 +0000, William Horvath wrote:
Some testing on macOS 13 showed that the check in `virtual_is_valid_code_address( instr, 1 )` leads to an early exit that breaks the fix, because the view->protect flags are missing `VPROT_SYSTEM`. I'm not sure what's causing this difference. For the minimal test program, simply removing that `virtual_is_valid_code_address` check allows it to work, but that doesn't seem like a robust solution.
Fixed by checking for `CS_sig(sigcontext) == cs64_sel` instead as per Jinoh Kang's suggestion.