From 23c629f2aae8a1cd0d86c7bf0d45f4ad1f822b17 Mon Sep 17 00:00:00 2001 From: John Reiser Date: Sat, 10 Feb 2007 13:14:27 -0800 Subject: [PATCH] i386-darwin.macho works! --- src/stub/i386-darwin.macho-fold.h | 150 +++++++++++++------------- src/stub/src/i386-darwin.macho-fold.S | 21 ++-- src/stub/src/i386-darwin.macho-main.c | 2 +- 3 files changed, 83 insertions(+), 90 deletions(-) diff --git a/src/stub/i386-darwin.macho-fold.h b/src/stub/i386-darwin.macho-fold.h index e6d9aa8d..e7581327 100644 --- a/src/stub/i386-darwin.macho-fold.h +++ b/src/stub/i386-darwin.macho-fold.h @@ -1,5 +1,5 @@ /* i386-darwin.macho-fold.h - created from i386-darwin.macho-fold.bin, 1115 (0x45b) bytes + created from i386-darwin.macho-fold.bin, 1105 (0x451) bytes This file is part of the UPX executable compressor. @@ -28,79 +28,79 @@ */ -#define STUB_I386_DARWIN_MACHO_FOLD_SIZE 1115 -#define STUB_I386_DARWIN_MACHO_FOLD_ADLER32 0x71810e47 -#define STUB_I386_DARWIN_MACHO_FOLD_CRC32 0x3b908132 +#define STUB_I386_DARWIN_MACHO_FOLD_SIZE 1105 +#define STUB_I386_DARWIN_MACHO_FOLD_ADLER32 0x5ad106a1 +#define STUB_I386_DARWIN_MACHO_FOLD_CRC32 0x01a4878b -unsigned char stub_i386_darwin_macho_fold[1115] = { -141,124, 36,252,141,117, 2,139, 19,137,217, 41,209,139, 89, 24, /* 0x 0 */ -184, 0, 8, 0, 0, 57,216,118, 2,137,195, 41,220, 96,232, 16, /* 0x 10 */ - 3, 0, 0,139, 76, 36, 16,141,100, 12, 32,255,112, 40, 41,192, /* 0x 20 */ - 41,201, 41,210, 41,219, 41,237, 41,246, 41,255,195,139, 68, 36, /* 0x 30 */ - 4,139, 76, 36, 8,139, 16, 15,202,137, 16,131,233, 4,141, 64, /* 0x 40 */ - 4,115,242,195, 90, 15, 52,176, 74,235, 2,176, 73,235, 2,176, /* 0x 50 */ - 1,235, 2,176,153,235, 2,176, 6,235, 2,176, 5,235, 2,176, /* 0x 60 */ -197,235, 2,176, 3, 15,182,192,137,225,232,213,255,255,255,115, /* 0x 70 */ - 3,131,200,255,195,144,144,144, 85,137,229, 87, 86,139,125, 8, /* 0x 80 */ - 83,137,195, 57, 56,139,112, 4,115, 7,106,127,232,190,255,255, /* 0x 90 */ -255,133,255,116, 10,137,249,138, 6, 70,136, 2, 66,226,248, 1, /* 0x a0 */ -123, 4, 41, 59,141,101,244, 91, 94, 95,201,195, 85,137,229, 87, /* 0x b0 */ - 86,137,198, 83,137,211,131,236, 24,139, 69, 8,139,125, 12,137, /* 0x c0 */ - 69,220,131, 58, 0, 15,132,172, 0, 0, 0,141, 85,228,137,240, /* 0x d0 */ -106, 12,232,161,255,255,255,139, 69,228, 90,133,192,139, 77,232, /* 0x e0 */ -117, 19,129,249, 85, 80, 88, 33,117, 15,131, 62, 0, 15,132,132, /* 0x f0 */ - 0, 0, 0,235, 4,133,201,117, 7,106,127,232, 79,255,255,255, /* 0x 100 */ - 57,193,119,245, 59, 3,119,241, 57,193,115, 76,137, 69,224, 15, /* 0x 110 */ -182, 69,236, 80,141, 69,224, 80,255,115, 4, 81,255,118, 4,255, /* 0x 120 */ - 85,220,131,196, 20,133,192,117,208,139, 85,224, 59, 85,228,117, /* 0x 130 */ -200,138, 69,237,132,192,116, 22,133,255,116, 18, 15,182,192, 80, /* 0x 140 */ - 15,182, 69,238, 80, 82,255,115, 4,255,215,131,196, 16,139, 69, /* 0x 150 */ -232, 1, 70, 4, 41, 6,235, 12,139, 83, 4, 81,137,240,232, 21, /* 0x 160 */ -255,255,255, 88,139, 85,228,139, 3, 1, 83, 4, 41,208,133,192, /* 0x 170 */ -137, 3,233, 78,255,255,255,141,101,244, 91, 94, 95,201,195, 85, /* 0x 180 */ -137,229, 87, 86, 83,131,236, 48,137, 69,232,139, 69, 8,137, 85, /* 0x 190 */ -228,139, 85, 12,199, 69,208, 0, 0, 0, 0,137, 69,224,139, 69, /* 0x 1a0 */ - 20,137, 85,220,139, 85, 24,137, 69,216,139, 93,232,139, 69,232, /* 0x 1b0 */ -137, 85,212, 49,210,131,195, 28,199, 69,204, 0, 0, 0, 0, 59, /* 0x 1c0 */ - 80, 16, 15,131, 80, 1, 0, 0,139, 3,131,248, 1, 15,133, 23, /* 0x 1d0 */ - 1, 0, 0,139, 83, 24,139, 67, 28,139, 75, 36,137,214, 1,208, /* 0x 1e0 */ -137, 85,240,137, 69,200,137,208, 37,255, 15, 0, 0,137,207, 41, /* 0x 1f0 */ -198, 1,199,137, 77,236,116, 69,139, 69,228, 49,210, 3, 67, 32, /* 0x 200 */ - 82,133,201, 80,139, 69,220,117, 3,131,200,255,131,125,224, 0, /* 0x 210 */ - 80,117, 9,133,201,184, 18, 0, 0, 0,117, 5,184, 18, 16, 0, /* 0x 220 */ - 0,131,125,224, 0, 80,106, 3,137,248,116, 3,141, 71, 3, 80, /* 0x 230 */ - 86,232, 41,254,255,255,131,196, 28, 57,198,117, 88,131,125,224, /* 0x 240 */ - 0,116, 36,131,123, 36, 0,116, 30,131,123, 32, 0,117, 5,139, /* 0x 250 */ - 85, 16,137, 50,255,117,212,255,117,216,141, 85,236,139, 69,224, /* 0x 260 */ -232, 71,254,255,255, 88, 90,137,248,141, 20, 62,247,216, 37,255, /* 0x 270 */ - 15, 0, 0,137, 69,196,116, 8,137,193,198, 2, 0, 66,226,250, /* 0x 280 */ -133,255,116, 24,255,115, 44, 87, 86,232,185,253,255,255,131,196, /* 0x 290 */ - 12,133,192,116, 7,106,127,232,179,253,255,255,139, 85,196,141, /* 0x 2a0 */ - 4, 23, 1,198, 59,117,200,115, 35,106, 0,106, 0,106,255,104, /* 0x 2b0 */ - 18, 16, 0, 0,255,115, 44, 41,117,200,255,117,200, 86,232,156, /* 0x 2c0 */ -253,255,255,131,196, 28, 57,198,116, 58,235,201,131,125,224, 0, /* 0x 2d0 */ -116, 50,141, 71, 3, 37,255, 15, 0, 0,131,248, 3,119, 37, 80, /* 0x 2e0 */ - 86,232,101,253,255,255, 89, 94,235, 26,131,232, 4,131,248, 1, /* 0x 2f0 */ -119, 18,131,123, 8, 1,117, 12,131,123, 12, 16,117, 6,141, 67, /* 0x 300 */ - 16,137, 69,208,255, 69,204,139, 85,232,139, 69,204, 3, 91, 4, /* 0x 310 */ - 59, 66, 16,233,170,254,255,255,139, 69,208,141,101,244, 91, 94, /* 0x 320 */ - 95,201,195, 85,137,229, 87, 86, 83,131,236, 32,199, 69,212, 0, /* 0x 330 */ - 0, 0, 0,139, 85, 32,139, 69, 24,139, 93, 16,137, 69,216,139, /* 0x 340 */ -117, 20,141, 66, 24,137,117,232,137, 69,240,139, 69, 28,131,232, /* 0x 350 */ - 24,137, 69,236,139, 66, 24,139, 85,240,106, 0,137, 69,228,139, /* 0x 360 */ - 69,236,137, 85,224,137, 69,220,141, 85,228,141, 69,236, 83,232, /* 0x 370 */ - 56,253,255,255,255,117, 12, 83, 49,210,255,117, 8,141, 69,220, /* 0x 380 */ -106,255, 80,137,240,232,245,253,255,255, 49,210,137,195,141, 70, /* 0x 390 */ - 28,131,196, 28,139, 78, 16, 57,202, 15,131,162, 0, 0, 0,131, /* 0x 3a0 */ - 56, 14, 15,133,144, 0, 0, 0, 3, 64, 8,106, 0,106, 0, 80, /* 0x 3b0 */ -232,166,252,255,255,131,196, 12,133,192,137,199,120, 25, 49,210, /* 0x 3c0 */ -139, 69,212, 82, 80,255,117,216, 86, 87,232,132,252,255,255,131, /* 0x 3d0 */ -196, 20, 57, 69,216,116, 15,106,127,232,113,252,255,255,139, 91, /* 0x 3e0 */ - 8,137, 93,212,235,216,129, 62,202,254,186,190,117, 42, 15,182, /* 0x 3f0 */ - 70, 7,141, 94, 8,107,192, 20,131,192, 8, 80, 86,232, 43,252, /* 0x 400 */ -255,255, 89, 90, 49,192,139, 86, 4, 57,208,115, 11,131, 59, 7, /* 0x 410 */ -116,204, 64,131,195, 20,235,241,106, 0,139, 85,212,106, 0,137, /* 0x 420 */ -240,106, 0, 87,106, 0,232, 84,253,255,255, 87,137,195,232, 36, /* 0x 430 */ -252,255,255,131,196, 24,235, 9, 3, 64, 4, 66,233, 86,255,255, /* 0x 440 */ -255,141,101,244,137,216, 91, 94, 95,201,195 /* 0x 450 */ +unsigned char stub_i386_darwin_macho_fold[1105] = { +106, 0,137,231,141,117, 2,139, 19,137,217, 41,209,139, 89, 24, /* 0x 0 */ +184, 0, 8, 0, 0, 57,216,118, 2,137,195, 41,220, 96,232, 6, /* 0x 10 */ + 3, 0, 0,139, 76, 36, 16,141,100, 12, 32,255, 96, 40,139, 68, /* 0x 20 */ + 36, 4,139, 76, 36, 8,139, 16, 15,202,137, 16,131,233, 4,141, /* 0x 30 */ + 64, 4,115,242,195, 90, 15, 52,176, 1,235, 2,176, 74,235, 2, /* 0x 40 */ +176, 73,235, 2,176,153,235, 2,176, 6,235, 2,176, 5,235, 2, /* 0x 50 */ +176,197,235, 2,176, 3, 15,182,192,137,225,232,213,255,255,255, /* 0x 60 */ +115, 3,131,200,255,195,144,144, 85,137,229, 87, 86,139,125, 8, /* 0x 70 */ + 83,137,195, 57, 56,139,112, 4,115, 7,106,127,232,183,255,255, /* 0x 80 */ +255,133,255,116, 10,137,249,138, 6, 70,136, 2, 66,226,248, 1, /* 0x 90 */ +123, 4, 41, 59,141,101,244, 91, 94, 95,201,195, 85,137,229, 87, /* 0x a0 */ + 86,137,198, 83,137,211,131,236, 24,139, 69, 8,139,125, 12,137, /* 0x b0 */ + 69,220,131, 58, 0, 15,132,172, 0, 0, 0,141, 85,228,137,240, /* 0x c0 */ +106, 12,232,161,255,255,255,139, 69,228, 90,133,192,139, 77,232, /* 0x d0 */ +117, 19,129,249, 85, 80, 88, 33,117, 15,131, 62, 0, 15,132,132, /* 0x e0 */ + 0, 0, 0,235, 4,133,201,117, 7,106,127,232, 72,255,255,255, /* 0x f0 */ + 57,193,119,245, 59, 3,119,241, 57,193,115, 76,137, 69,224, 15, /* 0x 100 */ +182, 69,236, 80,141, 69,224, 80,255,115, 4, 81,255,118, 4,255, /* 0x 110 */ + 85,220,131,196, 20,133,192,117,208,139, 85,224, 59, 85,228,117, /* 0x 120 */ +200,138, 69,237,132,192,116, 22,133,255,116, 18, 15,182,192, 80, /* 0x 130 */ + 15,182, 69,238, 80, 82,255,115, 4,255,215,131,196, 16,139, 69, /* 0x 140 */ +232, 1, 70, 4, 41, 6,235, 12,139, 83, 4, 81,137,240,232, 21, /* 0x 150 */ +255,255,255, 88,139, 85,228,139, 3, 1, 83, 4, 41,208,133,192, /* 0x 160 */ +137, 3,233, 78,255,255,255,141,101,244, 91, 94, 95,201,195, 85, /* 0x 170 */ +137,229, 87, 86, 83,131,236, 48,137, 69,232,139, 69, 8,137, 85, /* 0x 180 */ +228,139, 85, 12,199, 69,208, 0, 0, 0, 0,137, 69,224,139, 69, /* 0x 190 */ + 20,137, 85,220,139, 85, 24,137, 69,216,139, 93,232,139, 69,232, /* 0x 1a0 */ +137, 85,212, 49,210,131,195, 28,199, 69,204, 0, 0, 0, 0, 59, /* 0x 1b0 */ + 80, 16, 15,131, 86, 1, 0, 0,139, 3,131,248, 1, 15,133, 29, /* 0x 1c0 */ + 1, 0, 0,139, 83, 24,139, 67, 28,139, 75, 36,137,214, 1,208, /* 0x 1d0 */ +137, 85,240,137, 69,200,137,208, 37,255, 15, 0, 0,137,207, 41, /* 0x 1e0 */ +198, 1,199,137, 77,236,116, 69,139, 69,228, 49,210, 3, 67, 32, /* 0x 1f0 */ + 82,133,201, 80,139, 69,220,117, 3,131,200,255,131,125,224, 0, /* 0x 200 */ + 80,117, 9,133,201,184, 18, 0, 0, 0,117, 5,184, 18, 16, 0, /* 0x 210 */ + 0,131,125,224, 0, 80,106, 3,137,248,116, 3,141, 71, 3, 80, /* 0x 220 */ + 86,232, 42,254,255,255,131,196, 28, 57,198,117, 94,131,125,224, /* 0x 230 */ + 0,116, 42,131,123, 36, 0,116, 36,131,123, 32, 0,117, 11,131, /* 0x 240 */ +125, 16, 0,116, 5,139, 85, 16,137, 50,255,117,212,255,117,216, /* 0x 250 */ +141, 85,236,139, 69,224,232, 65,254,255,255, 88, 90,137,248,141, /* 0x 260 */ + 20, 62,247,216, 37,255, 15, 0, 0,137, 69,196,116, 8,137,193, /* 0x 270 */ +198, 2, 0, 66,226,250,133,255,116, 24,255,115, 44, 87, 86,232, /* 0x 280 */ +184,253,255,255,131,196, 12,133,192,116, 7,106,127,232,166,253, /* 0x 290 */ +255,255,139, 85,196,141, 4, 23, 1,198, 59,117,200,115, 35,106, /* 0x 2a0 */ + 0,106, 0,106,255,104, 18, 16, 0, 0,255,115, 44, 41,117,200, /* 0x 2b0 */ +255,117,200, 86,232,151,253,255,255,131,196, 28, 57,198,116, 58, /* 0x 2c0 */ +235,201,131,125,224, 0,116, 50,141, 71, 3, 37,255, 15, 0, 0, /* 0x 2d0 */ +131,248, 3,119, 37, 80, 86,232,100,253,255,255, 89, 94,235, 26, /* 0x 2e0 */ +131,232, 4,131,248, 1,119, 18,131,123, 8, 1,117, 12,131,123, /* 0x 2f0 */ + 12, 16,117, 6,141, 67, 16,137, 69,208,255, 69,204,139, 85,232, /* 0x 300 */ +139, 69,204, 3, 91, 4, 59, 66, 16,233,164,254,255,255,139, 69, /* 0x 310 */ +208,141,101,244, 91, 94, 95,201,195, 85,137,229, 87, 86, 83,131, /* 0x 320 */ +236, 32,199, 69,212, 0, 0, 0, 0,139, 85, 32,139, 69, 24,139, /* 0x 330 */ + 93, 16,137, 69,216,139,117, 20,141, 66, 24,137,117,232,137, 69, /* 0x 340 */ +240,139, 69, 28,131,232, 24,137, 69,236,139, 66, 24,139, 85,240, /* 0x 350 */ +106, 0,137, 69,228,139, 69,236,137, 85,224,137, 69,220,141, 85, /* 0x 360 */ +228,141, 69,236, 83,232, 50,253,255,255,255,117, 12, 83, 49,210, /* 0x 370 */ +255,117, 8,141, 69,220,106,255, 80,137,240,232,239,253,255,255, /* 0x 380 */ + 49,210,137,195,141, 70, 28,131,196, 28,139, 78, 16, 57,202, 15, /* 0x 390 */ +131,162, 0, 0, 0,131, 56, 14, 15,133,144, 0, 0, 0, 3, 64, /* 0x 3a0 */ + 8,106, 0,106, 0, 80,232,161,252,255,255,131,196, 12,133,192, /* 0x 3b0 */ +137,199,120, 25, 49,210,139, 69,212, 82, 80,255,117,216, 86, 87, /* 0x 3c0 */ +232,127,252,255,255,131,196, 20, 57, 69,216,116, 15,106,127,232, /* 0x 3d0 */ +100,252,255,255,139, 91, 8,137, 93,212,235,216,129, 62,202,254, /* 0x 3e0 */ +186,190,117, 42, 15,182, 70, 7,141, 94, 8,107,192, 20,131,192, /* 0x 3f0 */ + 8, 80, 86,232, 38,252,255,255, 89, 90, 49,192,139, 86, 4, 57, /* 0x 400 */ +208,115, 11,131, 59, 7,116,204, 64,131,195, 20,235,241,106, 0, /* 0x 410 */ +139, 85,212,106, 0,137,240,106, 0, 87,106, 0,232, 78,253,255, /* 0x 420 */ +255, 87,137,195,232, 31,252,255,255,131,196, 24,235, 9, 3, 64, /* 0x 430 */ + 4, 66,233, 86,255,255,255,141,101,244,137,216, 91, 94, 95,201, /* 0x 440 */ +195 /* 0x 450 */ }; diff --git a/src/stub/src/i386-darwin.macho-fold.S b/src/stub/src/i386-darwin.macho-fold.S index eae552bb..beb9c10f 100644 --- a/src/stub/src/i386-darwin.macho-fold.S +++ b/src/stub/src/i386-darwin.macho-fold.S @@ -59,11 +59,12 @@ i386_ts_gs = 15*4 fold_begin: // In: ebx= &total_length //// int3 - lea edi,[-4+ esp] # &mhdrpp + push 0 # default value for mhdrp + mov edi,esp # &mhdrp lea esi,[ 2+ ebp] # &f_unfilter mov edx,[ebx] # sz_total mov ecx,ebx - sub ecx,edx # &{l_info; p_info; b_info} + sub ecx,edx # src= &{l_info; p_info; b_info} mov ebx,[sz_unc + sz_p_info + sz_l_info + ecx] # sz_mach_headers mov eax,2048 # allow for /usr/lib/dyld cmp eax,ebx @@ -74,16 +75,8 @@ fold_begin: // In: ebx= &total_length pusha # (mhdrpp, f_unfilter, f_decompress, mhdr, sz_mhdr, sz_total, src, junk) call upx_main # Out: eax= &Mach_i386_thread_state of dyld mov ecx,[4*4 + esp] # sz_mhdr - lea esp,[8*4 + 1*ecx + esp] # un_alloca - push [i386_ts_eip + eax] - sub eax,eax - sub ecx,ecx - sub edx,edx - sub ebx,ebx - sub ebp,ebp - sub esi,esi - sub edi,edi - ret + lea esp,[8*4 + 1*ecx + esp] # un_pusha, un_alloca; keep mhdrp + jmp [i386_ts_eip + eax] # esp: mhdrp, argc, argv... bswap: .globl bswap mov eax,[4+ esp] # ptr @@ -114,12 +107,12 @@ sysgo: .byte 0x0f, 0x34 # sysenter // lazy jmps enable compression of this code +exit: .globl exit + mov al,SYS_exit; jmps 2+ 0f; 0: mprotect: .globl mprotect mov al,SYS_mprotect; jmps 2+ 0f; 0: munmap: .globl munmap mov al,SYS_munmap; jmps 2+ 0f; 0: -exit: .globl exit - mov al,SYS_exit; jmps 2+ 0f; 0: pread: .globl pread mov al,SYS_pread; jmps 2+ 0f; 0: close: .globl close diff --git a/src/stub/src/i386-darwin.macho-main.c b/src/stub/src/i386-darwin.macho-main.c index 999f5b5d..e636d059 100644 --- a/src/stub/src/i386-darwin.macho-main.c +++ b/src/stub/src/i386-darwin.macho-main.c @@ -344,7 +344,7 @@ do_xmap( err_exit(8); } if (xi && 0!=sc->filesize) { - if (0==sc->fileoff /*&& 0!=mhdrpp*/) { + if (0==sc->fileoff && 0!=mhdrpp) { *mhdrpp = (Mach_header *)addr; } unpackExtent(xi, &xo, f_decompress, f_unf);