mirror/upx
1
0
Fork 0
mirror of https://github.com/upx/upx synced 2025-09-28 19:06:07 +08:00
Code Issues Releases Wiki Activity

--force-execve for *BSD/386

Browse Source
This commit is contained in:
John Reiser 2006-08-17 17:35:33 -07:00
parent 28e97ccaf2
commit a6e4b45a38
14 changed files with 4411 additions and 3551 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
src/p_lx_exc.cpp
View File

@ -54,11 +54,25 @@
// linux/386 (generic "execve" format)
**************************************************************************/
PackLinuxI386::PackLinuxI386(InputFile *f) : super(f),
ei_osabi(0), osabi_note(NULL)
{
}
PackBSDI386::PackBSDI386(InputFile *f) : super(f)
{
}
static const
#include "stub/i386-linux.elf.execve-entry.h"
static const
#include "stub/i386-linux.elf.execve-fold.h"
static const
#include "stub/i386-bsd.elf.execve-entry.h"
static const
#include "stub/i386-bsd.elf.execve-fold.h"
const int *PackLinuxI386::getCompressionMethods(int method, int level) const
{
@ -135,7 +149,9 @@ PackLinuxI386::generateElfHdr(
}
if (ph.format==UPX_F_LINUX_i386
|| ph.format==UPX_F_LINUX_SH_i386 ) {
|| ph.format==UPX_F_LINUX_SH_i386
|| ph.format==UPX_F_BSD_i386
) {
// SELinux, PAx, grSecurity demand no PF_W if PF_X.
// kernel-2.6.12-2.3.legacy_FC3 has a bug which demands
// a PT_LOAD with PF_W, else SIGSEGV when clearing page fragment
@ -164,6 +180,15 @@ PackLinuxI386::pack1(OutputFile *fo, Filter &)
generateElfHdr(fo, linux_i386exec_fold, 0);
}
void
PackBSDI386::pack1(OutputFile *fo, Filter &)
{
// create a pseudo-unique program id for our paranoid stub
progid = getRandomId();
generateElfHdr(fo, bsd_i386exec_fold, 0);
}
void
PackLinuxI386::pack4(OutputFile *fo, Filter &ft)
{
@ -289,21 +314,22 @@ PackLinuxI386::buildLinuxLoader(
n_mru = ft->n_mru;
// Here is a quick summary of the format of the output file:
linker->setLoaderAlignOffset(
// Elf32_Edhr
sizeof(elfout.ehdr) +
// Elf32_Phdr: 1 for exec86, 2 for sh86, 3 for elf86
(elfout.ehdr.e_phentsize * elfout.ehdr.e_phnum) +
// checksum UPX! lsize version format
sizeof(l_info) +
// PT_DYNAMIC with DT_NEEDED "forwarded" from original file
((elfout.ehdr.e_phnum==3) ? (unsigned) elfout.phdr[2].p_memsz : 0) +
// p_progid, p_filesize, p_blocksize
sizeof(p_info) +
// compressed data
b_len + ph.c_len );
// entry to stub
// Rely on "+80CXXXX" [etc] in getDecompressorSections() packer_c.cpp */
// // Here is a quick summary of the format of the output file:
// linker->setLoaderAlignOffset(
// // Elf32_Edhr
// sizeof(elfout.ehdr) +
// // Elf32_Phdr: 1 for exec86, 2 for sh86, 3 for elf86
// (elfout.ehdr.e_phentsize * elfout.ehdr.e_phnum) +
// // checksum UPX! lsize version format
// sizeof(l_info) +
// // PT_DYNAMIC with DT_NEEDED "forwarded" from original file
// ((elfout.ehdr.e_phnum==3) ? (unsigned) elfout.phdr[2].p_memsz : 0) +
// // p_progid, p_filesize, p_blocksize
// sizeof(p_info) +
// // compressed data
// b_len + ph.c_len );
// // entry to stub
addLoader("LEXEC000", NULL);
if (ft->id) {
@ -373,6 +399,26 @@ PackLinuxI386::buildLoader(Filter const *ft)
buf, sz_fold, ft );
}
int
PackBSDI386::buildLoader(Filter const *ft)
{
unsigned const sz_fold = sizeof(bsd_i386exec_fold);
MemBuffer buf(sz_fold);
memcpy(buf, bsd_i386exec_fold, sz_fold);
// patch loader
// note: we only can use /proc/<pid>/fd when exetype > 0.
// also, we sleep much longer when compressing a script.
checkPatch(NULL, 0, 0, 0); // reset
patch_le32(buf,sz_fold,"UPX4",exetype > 0 ? 3 : 15); // sleep time
patch_le32(buf,sz_fold,"UPX3",progid);
patch_le32(buf,sz_fold,"UPX2",exetype > 0 ? 0 : 0x7fffffff);
return buildLinuxLoader(
bsd_i386exec_loader, sizeof(bsd_i386exec_loader),
buf, sz_fold, ft );
}
// FIXME: getLoaderPrefixSize is unused?
int PackLinuxI386::getLoaderPrefixSize() const
{
@ -438,6 +484,7 @@ bool PackLinuxI386::canPack()
Elf32_Ehdr ehdr;
unsigned char *buf = ehdr.e_ident;
fi->seek(0, SEEK_SET);
fi->readx(&ehdr, sizeof(ehdr));
fi->seek(0, SEEK_SET);
@ -445,12 +492,58 @@ bool PackLinuxI386::canPack()
const unsigned l = get_le32(buf);
int elf = checkEhdr(&ehdr);
if (elf >= 0)
{
if (elf >= 0) {
// NOTE: ELF executables are now handled by p_lx_elf.cpp,
// so we only handle them here if force_execve
if (elf == 0 && opt->o_unix.force_execve)
if (elf == 0 && opt->o_unix.force_execve) {
exetype = 1;
unsigned osabi0 = ehdr.e_ident[Elf32_Ehdr::EI_OSABI];
switch (osabi0) {
case Elf32_Ehdr::ELFOSABI_LINUX:
case Elf32_Ehdr::ELFOSABI_FREEBSD:
case Elf32_Ehdr::ELFOSABI_NETBSD:
case Elf32_Ehdr::ELFOSABI_OPENBSD:
ei_osabi = osabi0; // Proudly declares its osabi in Ehdr.
break;
default:
unsigned const e_phnum = get_native16(&ehdr.e_phnum);
if (e_phnum<=(512/sizeof(Elf32_Phdr))) {
char buf2[512];
fi->seek(get_native32(&ehdr.e_phoff), SEEK_SET);
fi->readx(buf2, sizeof(buf2));
fi->seek(0, SEEK_SET);
Elf32_Phdr const *phdr = (Elf32_Phdr const *)buf2;
for (unsigned j=0; j < e_phnum; ++phdr, ++j) {
if (phdr->PT_NOTE == get_native32(&phdr->p_type)) {
unsigned const offset = get_native32(&phdr->p_offset);
struct Elf32_Note note; memset(&note, 0, sizeof(note));
fi->seek(offset, SEEK_SET);
fi->readx(&note, sizeof(note));
fi->seek(0, SEEK_SET);
if (4==get_native32(&note.descsz)
&& 1==get_native32(&note.type)
&& 0==note.end ) {
if (0==strcmp("NetBSD", (char const *)&note.text)) {
ei_osabi = Elf32_Ehdr::ELFOSABI_NETBSD;
break;
}
if (0==strcmp("OpenBSD", (char const *)&note.text)) {
ei_osabi = Elf32_Ehdr::ELFOSABI_OPENBSD;
break;
}
}
}
}
}
}
}
if (UPX_F_BSD_i386==getFormat()
&& !(Elf32_Ehdr::ELFOSABI_FREEBSD==ei_osabi
|| Elf32_Ehdr::ELFOSABI_NETBSD ==ei_osabi
|| Elf32_Ehdr::ELFOSABI_OPENBSD==ei_osabi )) {
return false;
}
}
else if (l == 0x00640107 || l == 0x00640108 || l == 0x0064010b || l == 0x006400cc)
{

25
src/p_lx_exc.h
View File

@ -41,7 +41,7 @@ class PackLinuxI386 : public PackUnixLe32
{
typedef PackUnixLe32 super;
public:
PackLinuxI386(InputFile *f) : super(f) { }
PackLinuxI386(InputFile *f);
virtual void generateElfHdr(
OutputFile *,
void const *proto,
@ -109,9 +109,32 @@ protected:
cprElfHdr3 elfout;
struct Elf32_Note {
unsigned namesz; // 8
unsigned descsz; // 4
unsigned type; // 1
char text[0x18 - 4*4]; // "OpenBSD"
unsigned end; // 0
} elfnote;
unsigned char ei_osabi;
char const *osabi_note;
};
class PackBSDI386 : public PackLinuxI386
{
typedef PackLinuxI386 super;
public:
PackBSDI386(InputFile *f);
virtual int getFormat() const { return UPX_F_BSD_i386; }
virtual const char *getName() const { return "*BSD/386"; }
protected:
virtual void pack1(OutputFile *, Filter &); // generate executable header
virtual int buildLoader(const Filter *);
};
#endif /* already included */

2
src/packmast.cpp
View File

@ -233,6 +233,8 @@ static Packer* try_packers(InputFile *f, try_function func)
if ((p = func(new PackLinuxI386sh(f),f)) != NULL)
return p;
}
if ((p = func(new PackBSDI386(f),f)) != NULL)
return p;
if ((p = func(new PackLinuxI386(f),f)) != NULL)
return p;

44
src/stub/Makefile
View File

@ -49,6 +49,8 @@ STUBS += i086-dos16.exe.h
STUBS += i086-dos16.sys.h
STUBS += i386-bsd.elf-entry.h
STUBS += i386-bsd.elf-fold.h
STUBS += i386-bsd.elf.execve-entry.h
STUBS += i386-bsd.elf.execve-fold.h
STUBS += i386-openbsd.elf-fold.h
STUBS += i386-dos32.djgpp2.h
STUBS += i386-dos32.djgpp2-stubify.h
@ -326,7 +328,7 @@ i386-bsd.elf-entry.h : $(srcdir)/src/$$T.S
$(call tc,m-objdump) -trwh tmp/$T.bin >> tmp/$T.bin
$(call tc,bin2h) --ident=bsd_i386elf_loader tmp/$T.bin $@
i386-bsd.elf-fold.h : tmp/$$T.o tmp/i386-bsd.elf-main.o $(srcdir)/src/$$T.lds
i386-bsd.elf-fold.h : tmp/$$T.o tmp/i386-bsd.elf-main.o tmp/i386-bsd.syscall.o $(srcdir)/src/$$T.lds
$(call tc,ld) -T $(srcdir)/src/$T.lds -Map tmp/$T.map -o tmp/$T.bin --strip-all $(filter %.o,$^)
$(call tc,objstrip) tmp/$T.bin
$(call tc,sstrip) tmp/$T.bin
@ -337,6 +339,10 @@ tmp/i386-bsd.elf-fold.o : $(srcdir)/src/$$T.S
$(call tc,gcc) -c -x assembler-with-cpp $< -o tmp/$T.o
$(call tc,objstrip) $@
tmp/i386-bsd.syscall.o: $(srcdir)/src/$$T.S
$(call tc,gcc) -c -x assembler-with-cpp $< -o $@
$(call tc,objstrip) $@
tmp/i386-bsd.elf-main.o : $(srcdir)/src/$$T.c
$(call tc,gcc) -c $< -o $@
$(call tc,objstrip) $@
@ -348,7 +354,7 @@ i386-openbsd.elf% : tc_bfdname = elf32-i386
# Note the re-use of i386-bsd.elf-entry.h as output (no separate i386-openbsd.elf-entry.h).
# Note the re-use of i386-bsd.elf-fold.lds as input (no separate i386-openbsd.elf-fold.lds).
i386-openbsd.elf-fold.h : tmp/$$T.o tmp/i386-openbsd.elf-main.o $(srcdir)/src/i386-bsd.elf-fold.lds
i386-openbsd.elf-fold.h : tmp/$$T.o tmp/i386-openbsd.elf-main.o tmp/i386-bsd.syscall.o $(srcdir)/src/i386-bsd.elf-fold.lds
$(call tc,ld) -T $(srcdir)/src/i386-bsd.elf-fold.lds -Map tmp/$T.map -o tmp/$T.bin --strip-all $(filter %.o,$^)
$(call tc,objstrip) tmp/$T.bin
$(call tc,sstrip) tmp/$T.bin
@ -364,6 +370,40 @@ tmp/i386-openbsd.elf-main.o : $(srcdir)/src/$$T.c
$(call tc,objstrip) $@
# /***********************************************************************
# // i386-bsd.elf.execve
# ************************************************************************/
# note: tc_list settings are inherited from i386-bsd.elf
i386-bsd.elf.execve-entry.h : $(srcdir)/src/$$T.S
$(call tc,gcc) -c -x assembler-with-cpp $< -o tmp/$T.bin
$(call tc,m-objcopy) --strip-unneeded tmp/$T.bin
$(call tc,m-objcopy) -R .text -R .data -R .bss tmp/$T.bin
$(call tc,m-objcopy) -R .note -R .comment tmp/$T.bin
$(call tc,m-objdump) -trwh tmp/$T.bin >> tmp/$T.bin
$(call tc,bin2h) --ident=bsd_i386exec_loader tmp/$T.bin $@
i386-bsd.elf.execve-fold.h : tmp/$$T.o tmp/i386-bsd.elf.execve-main.o tmp/i386-bsd.syscall.o tmp/i386-linux.elf.execve-upx_itoa.o $(srcdir)/src/i386-linux.elf.execve-fold.lds
$(call tc,ld) -T $(srcdir)/src/i386-linux.elf.execve-fold.lds -Map tmp/$T.map -o tmp/$T.bin --strip-all $(filter %.o,$^)
$(call tc,objstrip) tmp/$T.bin
$(call tc,sstrip) tmp/$T.bin
$(call tc,brandelf) --elfosabi=freebsd tmp/$T.bin
$(call tc,bin2h) --ident=bsd_i386exec_fold tmp/$T.bin $@
tmp/i386-bsd.elf.execve-fold.o : $(srcdir)/src/$$T.S
$(call tc,gcc) -c -x assembler-with-cpp $< -o tmp/$T.o
$(call tc,objstrip) $@
tmp/i386-bsd.elf.execve-main.o : $(srcdir)/src/$$T.c
$(call tc,gcc) -c $< -o $@
$(call tc,objstrip) $@
tmp/i386-bsd.elf.execve-upx_itoa.o: $(srcdir)/src/$$T.S
$(call tc,gcc) -c -x assembler-with-cpp $< -o $@
$(call tc,objstrip) $@
# /***********************************************************************
# // i386-dos32.djgpp2
# ************************************************************************/

200
src/stub/i386-bsd.elf-fold.h
View File

@ -1,4 +1,4 @@
/* i386-bsd.elf-fold.h -- created from i386-bsd.elf-fold.bin, 1746 (0x6d2) bytes
/* i386-bsd.elf-fold.h -- created from i386-bsd.elf-fold.bin, 1789 (0x6fd) bytes
This file is part of the UPX executable compressor.
@ -27,17 +27,17 @@
*/
#define BSD_I386ELF_FOLD_SIZE 1746
#define BSD_I386ELF_FOLD_ADLER32 0x7c430a03
#define BSD_I386ELF_FOLD_CRC32 0x9c1dd61c
#define BSD_I386ELF_FOLD_SIZE 1789
#define BSD_I386ELF_FOLD_ADLER32 0x627bfe0b
#define BSD_I386ELF_FOLD_CRC32 0x9ea4486f
unsigned char bsd_i386elf_fold[1746] = {
unsigned char bsd_i386elf_fold[1789] = {
127, 69, 76, 70, 1, 1, 1, 9, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x 0 */
2, 0, 3, 0, 1, 0, 0, 0,128, 16,192, 0, 52, 0, 0, 0, /* 0x 10 */
0, 0, 0, 0, 0, 0, 0, 0, 52, 0, 32, 0, 2, 0, 0, 0, /* 0x 20 */
0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 16,192, 0, /* 0x 30 */
0, 16,192, 0,210, 6, 0, 0,212, 6, 0, 0, 5, 0, 0, 0, /* 0x 40 */
0, 16, 0, 0, 1, 0, 0, 0,210, 6, 0, 0, 0, 0, 0, 0, /* 0x 50 */
0, 16,192, 0,253, 6, 0, 0, 0, 7, 0, 0, 5, 0, 0, 0, /* 0x 40 */
0, 16, 0, 0, 1, 0, 0, 0,253, 6, 0, 0, 0, 0, 0, 0, /* 0x 50 */
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x 60 */
0, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x 70 */
41,201,186,248, 2, 0, 0,137,230,137,231,232,131, 0, 0, 0, /* 0x 80 */
@ -46,100 +46,102 @@ unsigned char bsd_i386elf_fold[1746] = {
141,148, 26,255, 31, 0, 0,129,226, 0,240,255,255, 82, 41,192, /* 0x b0 */
102,131,123, 16, 3,117, 1,146, 80,139,115, 24,141,131,140, 0, /* 0x c0 */
0, 0, 41,198,139, 24,139, 72, 4,131,193, 12,141, 84, 36, 12, /* 0x d0 */
96, 71,232,179, 4, 0, 0,131,196, 36, 89, 91,129,196, 0, 10, /* 0x e0 */
96, 71,232,111, 4, 0, 0,131,196, 36, 89, 91,129,196, 0, 10, /* 0x e0 */
0, 0, 80,106, 0,137,229, 41,217, 41,192, 81, 83, 80, 79, 60, /* 0x f0 */
175,175,117,252,255, 55, 49,255, 49,246, 49,210, 49,201, 49,219, /* 0x 100 */
176, 73,195,173,171,133,192,117,250,173,171,133,192,117,250, 87, /* 0x 110 */
173,171,131,248, 32,115, 3, 15,179,194,133,192,173,171,117,240, /* 0x 120 */
131,239, 8, 1,201, 64,243,171, 72,171,171, 95,195, 85,137,229, /* 0x 130 */
49,192, 80,255,117, 28, 80,255,117, 24,255,117, 20,255,117, 16, /* 0x 140 */
255,117, 12,255,117, 8, 80,176,197, 80, 80,176,198,205,128,201, /* 0x 150 */
195,195,176, 1, 15,182,192,205,128,195,176, 3,235,246,176, 4, /* 0x 160 */
235,242,176, 5,235,238,176, 6,235,234,176, 73,235,230,176, 74, /* 0x 170 */
235,226, 0, 0, 85,137,229, 87, 86,137,206, 83,137,195, 57, 8, /* 0x 180 */
139,120, 4,115, 7,106,127,232,198,255,255,255,133,201,116, 8, /* 0x 190 */
138, 7, 71,136, 2, 66,226,248, 1,115, 4, 41, 51,141,101,244, /* 0x 1a0 */
91, 94, 95,201,195, 85,137,229, 87, 86,137,198, 83,137,211,131, /* 0x 1b0 */
236, 24,139, 69, 8,139,125, 12,137, 69,220,131, 58, 0, 15,132, /* 0x 1c0 */
182, 0, 0, 0,141, 85,228,185, 12, 0, 0, 0,137,240,232,161, /* 0x 1d0 */
255,255,255,139, 69,228,139, 77,232,133,192,117, 19,129,249, 85, /* 0x 1e0 */
80, 88, 33,117, 15,131, 62, 0, 15,132,140, 0, 0, 0,235, 4, /* 0x 1f0 */
133,201,117, 7,106,127,232, 87,255,255,255, 57,193,119,245, 59, /* 0x 200 */
3,119,241, 57,193,115, 86,137, 69,224,141, 69,224,255,117,236, /* 0x 210 */
80,255,115, 4, 81,255,118, 4,255, 85,220,131,196, 20,133,192, /* 0x 220 */
117,210,139, 85,224, 59, 85,228,117,202,138, 69,237,132,192,116, /* 0x 230 */
34,133,255,116, 30,129,250, 0, 2, 0, 0,119, 4, 57, 19,117, /* 0x 240 */
18, 15,182,192, 80, 15,182, 69,238, 80, 82,255,115, 4,255,215, /* 0x 250 */
131,196, 16,139, 69,232, 1, 70, 4, 41, 6,235, 10,139, 83, 4, /* 0x 260 */
137,240,232, 13,255,255,255,139, 85,228,139, 3, 1, 83, 4, 41, /* 0x 270 */
208,133,192,137, 3,233, 68,255,255,255,141,101,244, 91, 94, 95, /* 0x 280 */
201,195,133,192, 83,137,211,116, 29,168, 1,117, 25,139, 16, 57, /* 0x 290 */
218,116, 7, 74,117, 11,133,219,116, 7,137, 24,137, 72, 4,235, /* 0x 2a0 */
5,131,192, 8,235,231, 91,195, 85,137,229, 87, 86, 83,131,236, /* 0x 2b0 */
60,137, 85,224,137, 69,228,139, 85, 12,139, 69, 8,199, 69,204, /* 0x 2c0 */
255,255,255,255,137, 85,216,139,125,224,139, 85,224,137, 69,220, /* 0x 2d0 */
139, 69, 20, 3,127, 28,137, 69,212, 49,192,102,131,122, 16, 2, /* 0x 2e0 */
15,183, 74, 44,137,251, 15,148,192, 49,246,193,224, 4,137,202, /* 0x 2f0 */
5, 2, 16, 0, 0, 74,120, 30,131, 59, 1,117, 20,139, 83, 8, /* 0x 300 */
59, 85,204,115, 3,137, 85,204, 3, 83, 20, 57,214,115, 2,137, /* 0x 310 */
214,131,195, 32,226,226,139, 93,204,106, 0,106,255,129,227, 0, /* 0x 320 */
240,255,255, 80, 41,222,106, 0,129,198,255, 15, 0, 0,129,230, /* 0x 330 */
0,240,255,255, 86, 83,232,242,253,255,255,131,196, 24,141, 52, /* 0x 340 */
48, 41,216,137, 69,208,139, 69,224,137,117,240,102,131,120, 44, /* 0x 350 */
0,199, 69,200, 0, 0, 0, 0, 15,132,226, 1, 0, 0,139, 7, /* 0x 360 */
131,248, 6,117, 34,131,125,220, 0, 15,132,187, 1, 0, 0,139, /* 0x 370 */
77,208,186, 3, 0, 0, 0, 3, 79, 8,139, 69,216,232, 0,255, /* 0x 380 */
255,255,233,163, 1, 0, 0, 72, 15,133,156, 1, 0, 0,139, 69, /* 0x 390 */
208,199, 69,196, 64, 98, 81,115, 3, 71, 8,139, 87, 20,139, 79, /* 0x 3a0 */
24, 1,194,137, 69,236,137, 85,188,137,194,129,226,255, 15, 0, /* 0x 3b0 */
0,131,225, 7, 41,208,193,225, 2,137, 69,192,139, 71, 4,211, /* 0x 3c0 */
109,196, 41,208,131,101,196, 7,131,125,220, 0,139, 79, 16, 80, /* 0x 3d0 */
139, 69,228,137, 77,232,141, 52, 17,116, 3,131,200,255,131,125, /* 0x 3e0 */
220, 1, 80, 25,192, 37, 0,240,255,255, 5, 18, 16, 0, 0,131, /* 0x 3f0 */
125,220, 0, 80,139, 69,196,116, 3,131,200, 2,131,125,220, 0, /* 0x 400 */
80,137,240,116, 3,141, 70, 3, 80,255,117,192,232, 28,253,255, /* 0x 410 */
255,131,196, 24, 57, 69,192, 15,133,185, 0, 0, 0,131,125,220, /* 0x 420 */
0,116, 28,246, 69,196, 4,139, 69,212,117, 2, 49,192, 80,139, /* 0x 430 */
69,220,255,117,228,141, 85,232,232,104,253,255,255, 88, 90,137, /* 0x 440 */
240,247,216, 37,255, 15, 0, 0,246, 69,196, 2,137, 69,184,116, /* 0x 450 */
20,139, 69,192, 1,240,131,125,184, 0,116, 9,139, 77,184,198, /* 0x 460 */
0, 0, 64,226,250,131,125,220, 0,116,114,131, 63, 1,117, 83, /* 0x 470 */
246, 71, 24, 1,116, 77,139, 87, 20,139, 95, 8,141, 12, 26, 3, /* 0x 480 */
77,208, 59, 87, 16,117, 14,137,200,247,216, 37,255, 15, 0, 0, /* 0x 490 */
131,248, 3,119, 14,107, 69,208, 52,131,127, 4, 0,141, 76, 3, /* 0x 4a0 */
12,117, 15,139, 1, 61,205,128,201,195,116, 6,199, 1,205,128, /* 0x 4b0 */
201,195,133,201,116, 13,139, 69,216, 49,210,131,224,254,232,191, /* 0x 4c0 */
253,255,255,255,117,196, 86,255,117,192,232,159,252,255,255,131, /* 0x 4d0 */
196, 12,133,192,116, 7,106,127,232,117,252,255,255,139, 85,184, /* 0x 4e0 */
139, 93,192,141, 4, 22, 1,195, 59, 93,188,115, 33,106, 0,106, /* 0x 4f0 */
255,104, 18, 16, 0, 0,255,117,196, 41, 93,188,255,117,188, 83, /* 0x 500 */
232, 40,252,255,255,131,196, 24, 57,195,116, 30,235,200,131,125, /* 0x 510 */
220, 0,116, 22,141, 70, 3, 37,255, 15, 0, 0,131,248, 3,119, /* 0x 520 */
9, 80, 83,232, 66,252,255,255, 89, 91,139, 85,224,131,199, 32, /* 0x 530 */
255, 69,200, 15,183, 66, 44, 57, 69,200, 15,140, 30,254,255,255, /* 0x 540 */
131,125,220, 0,117, 15,255,117,228,232, 24,252,255,255, 90,133, /* 0x 550 */
192,116, 21,235,129,139, 69,224,102,131,120, 16, 3,116, 9,255, /* 0x 560 */
117,240,232,234,251,255,255, 88,131,125, 16, 0,116, 8,139, 69, /* 0x 570 */
208,139, 85, 16,137, 2,139, 85,224,139, 82, 24, 1, 85,208,139, /* 0x 580 */
69,208,141,101,244, 91, 94, 95,201,195, 85,137,229, 87, 86, 83, /* 0x 590 */
131,236, 16,141, 85, 24,139, 69, 8,106, 0,139,125, 28,137, 69, /* 0x 5a0 */
236,139, 69, 16,139, 93, 32,141,119, 52,137, 69,232,131,192, 2, /* 0x 5b0 */
255,117,232,137, 69,228,141, 69, 32,232,231,251,255,255,139, 69, /* 0x 5c0 */
12,185, 0, 16, 0, 0,186, 6, 0, 0, 0,137, 69, 32,139, 69, /* 0x 5d0 */
236, 41, 93, 36,232,169,252,255,255, 15,183, 79, 44,139, 69,236, /* 0x 5e0 */
186, 5, 0, 0, 0,232,152,252,255,255, 15,183, 79, 42,139, 69, /* 0x 5f0 */
236,186, 4, 0, 0, 0,232,135,252,255,255,139, 77, 40, 3, 78, /* 0x 600 */
8,186, 3, 0, 0, 0,139, 69,236,131,193, 52,232,113,252,255, /* 0x 610 */
255,141, 69,240,255,117,228,137,250, 80,141, 69, 32,255,117,236, /* 0x 620 */
80,139, 69,232,232,127,252,255,255,186, 9, 0, 0, 0,137,193, /* 0x 630 */
137,195,139, 69,236,232, 72,252,255,255,102,139, 79, 44,131,196, /* 0x 640 */
24, 49,210,102,133,201,116,112,131, 62, 3,117, 96,106, 0,139, /* 0x 650 */
69,240,106, 0, 3, 70, 8, 80,232, 5,251,255,255,131,196, 12, /* 0x 660 */
133,192,137,195,120, 22,104, 0, 2, 0, 0, 87, 80,232,232,250, /* 0x 670 */
255,255,131,196, 12, 61, 0, 2, 0, 0,116, 7,106,127,232,207, /* 0x 680 */
250,255,255,141, 69,240,137,250,106, 0, 80,137,216,106, 0,106, /* 0x 690 */
0,232, 18,252,255,255,139, 77,240,137,195,139, 69,236,186, 7, /* 0x 6a0 */
0, 0, 0,232,218,251,255,255,131,196, 16,235, 11, 66, 15,183, /* 0x 6b0 */
193,131,198, 32, 57,194,124,144,141,101,244,137,216, 91, 94, 95, /* 0x 6c0 */
201,195 /* 0x 6d0 */
131,239, 8, 1,201, 64,243,171, 72,171,171, 95,195, 0, 0, 0, /* 0x 130 */
85,137,229, 87, 86,137,206, 83,137,195, 57, 8,139,120, 4,115, /* 0x 140 */
7,106,127,232, 93, 5, 0, 0,133,201,116, 8,138, 7, 71,136, /* 0x 150 */
2, 66,226,248, 1,115, 4, 41, 51,141,101,244, 91, 94, 95,201, /* 0x 160 */
195, 85,137,229, 87, 86,137,198, 83,137,211,131,236, 24,139, 69, /* 0x 170 */
8,139,125, 12,137, 69,220,131, 58, 0, 15,132,182, 0, 0, 0, /* 0x 180 */
141, 85,228,185, 12, 0, 0, 0,137,240,232,161,255,255,255,139, /* 0x 190 */
69,228,139, 77,232,133,192,117, 19,129,249, 85, 80, 88, 33,117, /* 0x 1a0 */
15,131, 62, 0, 15,132,140, 0, 0, 0,235, 4,133,201,117, 7, /* 0x 1b0 */
106,127,232,238, 4, 0, 0, 57,193,119,245, 59, 3,119,241, 57, /* 0x 1c0 */
193,115, 86,137, 69,224,141, 69,224,255,117,236, 80,255,115, 4, /* 0x 1d0 */
81,255,118, 4,255, 85,220,131,196, 20,133,192,117,210,139, 85, /* 0x 1e0 */
224, 59, 85,228,117,202,138, 69,237,132,192,116, 34,133,255,116, /* 0x 1f0 */
30,129,250, 0, 2, 0, 0,119, 4, 57, 19,117, 18, 15,182,192, /* 0x 200 */
80, 15,182, 69,238, 80, 82,255,115, 4,255,215,131,196, 16,139, /* 0x 210 */
69,232, 1, 70, 4, 41, 6,235, 10,139, 83, 4,137,240,232, 13, /* 0x 220 */
255,255,255,139, 85,228,139, 3, 1, 83, 4, 41,208,133,192,137, /* 0x 230 */
3,233, 68,255,255,255,141,101,244, 91, 94, 95,201,195,133,192, /* 0x 240 */
83,137,211,116, 29,168, 1,117, 25,139, 16, 57,218,116, 7, 74, /* 0x 250 */
117, 11,133,219,116, 7,137, 24,137, 72, 4,235, 5,131,192, 8, /* 0x 260 */
235,231, 91,195, 85,137,229, 87, 86, 83,131,236, 60,137, 85,224, /* 0x 270 */
137, 69,228,139, 85, 12,139, 69, 8,199, 69,204,255,255,255,255, /* 0x 280 */
137, 85,216,139,125,224,139, 85,224,137, 69,220,139, 69, 20, 3, /* 0x 290 */
127, 28,137, 69,212, 49,192,102,131,122, 16, 2, 15,183, 74, 44, /* 0x 2a0 */
137,251, 15,148,192, 49,246,193,224, 4,137,202, 5, 2, 16, 0, /* 0x 2b0 */
0, 74,120, 30,131, 59, 1,117, 20,139, 83, 8, 59, 85,204,115, /* 0x 2c0 */
3,137, 85,204, 3, 83, 20, 57,214,115, 2,137,214,131,195, 32, /* 0x 2d0 */
226,226,139, 93,204,106, 0,106,255,129,227, 0,240,255,255, 80, /* 0x 2e0 */
41,222,106, 0,129,198,255, 15, 0, 0,129,230, 0,240,255,255, /* 0x 2f0 */
86, 83,232,137, 3, 0, 0,131,196, 24,141, 52, 48, 41,216,137, /* 0x 300 */
69,208,139, 69,224,137,117,240,102,131,120, 44, 0,199, 69,200, /* 0x 310 */
0, 0, 0, 0, 15,132,226, 1, 0, 0,139, 7,131,248, 6,117, /* 0x 320 */
34,131,125,220, 0, 15,132,187, 1, 0, 0,139, 77,208,186, 3, /* 0x 330 */
0, 0, 0, 3, 79, 8,139, 69,216,232, 0,255,255,255,233,163, /* 0x 340 */
1, 0, 0, 72, 15,133,156, 1, 0, 0,139, 69,208,199, 69,196, /* 0x 350 */
64, 98, 81,115, 3, 71, 8,139, 87, 20,139, 79, 24, 1,194,137, /* 0x 360 */
69,236,137, 85,188,137,194,129,226,255, 15, 0, 0,131,225, 7, /* 0x 370 */
41,208,193,225, 2,137, 69,192,139, 71, 4,211,109,196, 41,208, /* 0x 380 */
131,101,196, 7,131,125,220, 0,139, 79, 16, 80,139, 69,228,137, /* 0x 390 */
77,232,141, 52, 17,116, 3,131,200,255,131,125,220, 1, 80, 25, /* 0x 3a0 */
192, 37, 0,240,255,255, 5, 18, 16, 0, 0,131,125,220, 0, 80, /* 0x 3b0 */
139, 69,196,116, 3,131,200, 2,131,125,220, 0, 80,137,240,116, /* 0x 3c0 */
3,141, 70, 3, 80,255,117,192,232,179, 2, 0, 0,131,196, 24, /* 0x 3d0 */
57, 69,192, 15,133,185, 0, 0, 0,131,125,220, 0,116, 28,246, /* 0x 3e0 */
69,196, 4,139, 69,212,117, 2, 49,192, 80,139, 69,220,255,117, /* 0x 3f0 */
228,141, 85,232,232,104,253,255,255, 88, 90,137,240,247,216, 37, /* 0x 400 */
255, 15, 0, 0,246, 69,196, 2,137, 69,184,116, 20,139, 69,192, /* 0x 410 */
1,240,131,125,184, 0,116, 9,139, 77,184,198, 0, 0, 64,226, /* 0x 420 */
250,131,125,220, 0,116,114,131, 63, 1,117, 83,246, 71, 24, 1, /* 0x 430 */
116, 77,139, 87, 20,139, 95, 8,141, 12, 26, 3, 77,208, 59, 87, /* 0x 440 */
16,117, 14,137,200,247,216, 37,255, 15, 0, 0,131,248, 3,119, /* 0x 450 */
14,107, 69,208, 52,131,127, 4, 0,141, 76, 3, 12,117, 15,139, /* 0x 460 */
1, 61,205,128,201,195,116, 6,199, 1,205,128,201,195,133,201, /* 0x 470 */
116, 13,139, 69,216, 49,210,131,224,254,232,191,253,255,255,255, /* 0x 480 */
117,196, 86,255,117,192,232, 54, 2, 0, 0,131,196, 12,133,192, /* 0x 490 */
116, 7,106,127,232, 12, 2, 0, 0,139, 85,184,139, 93,192,141, /* 0x 4a0 */
4, 22, 1,195, 59, 93,188,115, 33,106, 0,106,255,104, 18, 16, /* 0x 4b0 */
0, 0,255,117,196, 41, 93,188,255,117,188, 83,232,191, 1, 0, /* 0x 4c0 */
0,131,196, 24, 57,195,116, 30,235,200,131,125,220, 0,116, 22, /* 0x 4d0 */
141, 70, 3, 37,255, 15, 0, 0,131,248, 3,119, 9, 80, 83,232, /* 0x 4e0 */
217, 1, 0, 0, 89, 91,139, 85,224,131,199, 32,255, 69,200, 15, /* 0x 4f0 */
183, 66, 44, 57, 69,200, 15,140, 30,254,255,255,131,125,220, 0, /* 0x 500 */
117, 15,255,117,228,232,175, 1, 0, 0, 90,133,192,116, 21,235, /* 0x 510 */
129,139, 69,224,102,131,120, 16, 3,116, 9,255,117,240,232,129, /* 0x 520 */
1, 0, 0, 88,131,125, 16, 0,116, 8,139, 69,208,139, 85, 16, /* 0x 530 */
137, 2,139, 85,224,139, 82, 24, 1, 85,208,139, 69,208,141,101, /* 0x 540 */
244, 91, 94, 95,201,195, 85,137,229, 87, 86, 83,131,236, 16,141, /* 0x 550 */
85, 24,139, 69, 8,106, 0,139,125, 28,137, 69,236,139, 69, 16, /* 0x 560 */
139, 93, 32,141,119, 52,137, 69,232,131,192, 2,255,117,232,137, /* 0x 570 */
69,228,141, 69, 32,232,231,251,255,255,139, 69, 12,185, 0, 16, /* 0x 580 */
0, 0,186, 6, 0, 0, 0,137, 69, 32,139, 69,236, 41, 93, 36, /* 0x 590 */
232,169,252,255,255, 15,183, 79, 44,139, 69,236,186, 5, 0, 0, /* 0x 5a0 */
0,232,152,252,255,255, 15,183, 79, 42,139, 69,236,186, 4, 0, /* 0x 5b0 */
0, 0,232,135,252,255,255,139, 77, 40, 3, 78, 8,186, 3, 0, /* 0x 5c0 */
0, 0,139, 69,236,131,193, 52,232,113,252,255,255,141, 69,240, /* 0x 5d0 */
255,117,228,137,250, 80,141, 69, 32,255,117,236, 80,139, 69,232, /* 0x 5e0 */
232,127,252,255,255,186, 9, 0, 0, 0,137,193,137,195,139, 69, /* 0x 5f0 */
236,232, 72,252,255,255,102,139, 79, 44,131,196, 24, 49,210,102, /* 0x 600 */
133,201,116,112,131, 62, 3,117, 96,106, 0,139, 69,240,106, 0, /* 0x 610 */
3, 70, 8, 80,232,156, 0, 0, 0,131,196, 12,133,192,137,195, /* 0x 620 */
120, 22,104, 0, 2, 0, 0, 87, 80,232,127, 0, 0, 0,131,196, /* 0x 630 */
12, 61, 0, 2, 0, 0,116, 7,106,127,232,102, 0, 0, 0,141, /* 0x 640 */
69,240,137,250,106, 0, 80,137,216,106, 0,106, 0,232, 18,252, /* 0x 650 */
255,255,139, 77,240,137,195,139, 69,236,186, 7, 0, 0, 0,232, /* 0x 660 */
218,251,255,255,131,196, 16,235, 11, 66, 15,183,193,131,198, 32, /* 0x 670 */
57,194,124,144,141,101,244,137,216, 91, 94, 95,201,195, 0, 0, /* 0x 680 */
85,137,229, 49,192, 80,255,117, 28, 80,255,117, 24,255,117, 20, /* 0x 690 */
255,117, 16,255,117, 12,255,117, 8, 80,176,197, 80, 80,176,198, /* 0x 6a0 */
205,128,201,195,195,176, 1, 15,182,192,205,128,195,176, 3,235, /* 0x 6b0 */
246,176, 4,235,242,176, 5,235,238,176, 6,235,234,176, 73,235, /* 0x 6c0 */
230,176, 74,235,226,176, 33,235,222,176, 20,235,218,176, 92,235, /* 0x 6d0 */
214,176, 59,235,210,176, 2,235,206,176,130,235,202,176,116,235, /* 0x 6e0 */
198,176,240,235,194,176, 10,235,190,176, 7,235,186 /* 0x 6f0 */
};

6344
src/stub/i386-linux.elf.execve-entry.h
View File

File diff suppressed because it is too large Load Diff

229
src/stub/i386-openbsd.elf-fold.h
View File

@ -1,4 +1,4 @@
/* i386-openbsd.elf-fold.h -- created from i386-openbsd.elf-fold.bin, 1981 (0x7bd) bytes
/* i386-openbsd.elf-fold.h -- created from i386-openbsd.elf-fold.bin, 2025 (0x7e9) bytes
This file is part of the UPX executable compressor.
@ -27,17 +27,17 @@
*/
#define OPENBSD_I386ELF_FOLD_SIZE 1981
#define OPENBSD_I386ELF_FOLD_ADLER32 0x345765c5
#define OPENBSD_I386ELF_FOLD_CRC32 0x455b252f
#define OPENBSD_I386ELF_FOLD_SIZE 2025
#define OPENBSD_I386ELF_FOLD_ADLER32 0x4b605db7
#define OPENBSD_I386ELF_FOLD_CRC32 0x59c73b6b
unsigned char openbsd_i386elf_fold[1981] = {
unsigned char openbsd_i386elf_fold[2025] = {
127, 69, 76, 70, 1, 1, 1, 12, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x 0 */
2, 0, 3, 0, 1, 0, 0, 0,128, 16,192, 0, 52, 0, 0, 0, /* 0x 10 */
0, 0, 0, 0, 0, 0, 0, 0, 52, 0, 32, 0, 2, 0, 0, 0, /* 0x 20 */
0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 16,192, 0, /* 0x 30 */
0, 16,192, 0,189, 7, 0, 0,192, 7, 0, 0, 5, 0, 0, 0, /* 0x 40 */
0, 16, 0, 0, 1, 0, 0, 0,189, 7, 0, 0, 0, 0, 0, 0, /* 0x 50 */
0, 16,192, 0,233, 7, 0, 0,236, 7, 0, 0, 5, 0, 0, 0, /* 0x 40 */
0, 16, 0, 0, 1, 0, 0, 0,233, 7, 0, 0, 0, 0, 0, 0, /* 0x 50 */
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x 60 */
0, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x 70 */
41,201,186,248, 2, 0, 0,137,230,137,231,232,131, 0, 0, 0, /* 0x 80 */
@ -46,114 +46,117 @@ unsigned char openbsd_i386elf_fold[1981] = {
141,148, 26,255, 31, 0, 0,129,226, 0,240,255,255, 82, 41,192, /* 0x b0 */
102,131,123, 16, 3,117, 1,146, 80,139,115, 24,141,131,196, 0, /* 0x c0 */
0, 0, 41,198,139, 24,139, 72, 4,131,193, 12,141, 84, 36, 12, /* 0x d0 */
96, 71,232,136, 5, 0, 0,131,196, 36, 89, 91,129,196, 0, 10, /* 0x e0 */
96, 71,232, 68, 5, 0, 0,131,196, 36, 89, 91,129,196, 0, 10, /* 0x e0 */
0, 0, 80,106, 0,137,229, 41,217, 41,192, 81, 83, 80, 79, 60, /* 0x f0 */
175,175,117,252,255, 55, 49,255, 49,246, 49,210, 49,201, 49,219, /* 0x 100 */
176, 73,195,173,171,133,192,117,250,173,171,133,192,117,250, 87, /* 0x 110 */
173,171,131,248, 32,115, 3, 15,179,194,133,192,173,171,117,240, /* 0x 120 */
131,239, 8, 1,201, 64,243,171, 72,171,171, 95,195, 85,137,229, /* 0x 130 */
49,192, 80,255,117, 28, 80,255,117, 24,255,117, 20,255,117, 16, /* 0x 140 */
255,117, 12,255,117, 8, 80,176,197, 80, 80,176,198,205,128,201, /* 0x 150 */
195,195,204,195,176, 1, 15,182,192,205,128,195,176, 3,235,246, /* 0x 160 */
176, 4,235,242,176, 5,235,238,176, 6,235,234,176, 73,235,230, /* 0x 170 */
176, 74,235,226, 85,137,229, 87, 86,137,206, 83,137,195, 57, 8, /* 0x 180 */
139,120, 4,115, 7,106,127,232,200,255,255,255,133,201,116, 8, /* 0x 190 */
138, 7, 71,136, 2, 66,226,248, 1,115, 4, 41, 51,141,101,244, /* 0x 1a0 */
91, 94, 95,201,195, 85,137,229, 87, 86,137,198, 83,137,211,131, /* 0x 1b0 */
236, 24,139, 69, 8,139,125, 12,137, 69,220,131, 58, 0, 15,132, /* 0x 1c0 */
182, 0, 0, 0,141, 85,228,185, 12, 0, 0, 0,137,240,232,161, /* 0x 1d0 */
255,255,255,139, 69,228,139, 77,232,133,192,117, 19,129,249, 85, /* 0x 1e0 */
80, 88, 33,117, 15,131, 62, 0, 15,132,140, 0, 0, 0,235, 4, /* 0x 1f0 */
133,201,117, 7,106,127,232, 89,255,255,255, 57,193,119,245, 59, /* 0x 200 */
3,119,241, 57,193,115, 86,137, 69,224,141, 69,224,255,117,236, /* 0x 210 */
80,255,115, 4, 81,255,118, 4,255, 85,220,131,196, 20,133,192, /* 0x 220 */
117,210,139, 85,224, 59, 85,228,117,202,138, 69,237,132,192,116, /* 0x 230 */
34,133,255,116, 30,129,250, 0, 2, 0, 0,119, 4, 57, 19,117, /* 0x 240 */
18, 15,182,192, 80, 15,182, 69,238, 80, 82,255,115, 4,255,215, /* 0x 250 */
131,196, 16,139, 69,232, 1, 70, 4, 41, 6,235, 10,139, 83, 4, /* 0x 260 */
137,240,232, 13,255,255,255,139, 85,228,139, 3, 1, 83, 4, 41, /* 0x 270 */
208,133,192,137, 3,233, 68,255,255,255,141,101,244, 91, 94, 95, /* 0x 280 */
201,195,133,192, 83,137,211,116, 29,168, 1,117, 25,139, 16, 57, /* 0x 290 */
218,116, 7, 74,117, 11,133,219,116, 7,137, 24,137, 72, 4,235, /* 0x 2a0 */
5,131,192, 8,235,231, 91,195, 85,137,229, 87, 86, 83,131,236, /* 0x 2b0 */
104,137, 69,200,139, 69, 12,137, 85,196,139, 77, 24,199, 69,228, /* 0x 2c0 */
0, 0, 0, 0,137, 69,192,139, 69,196,137, 77,184,139, 93,196, /* 0x 2d0 */
139,117,196,199, 69,232, 0, 0, 0, 0, 15,183, 72, 44,199, 69, /* 0x 2e0 */
220, 0, 0, 0, 0,139, 85, 16,199, 69,224, 0, 0, 0, 0, 3, /* 0x 2f0 */
91, 28,199, 69,236,255,255,255,255, 15,183,118, 16,137, 85,188, /* 0x 300 */
137,202,199, 69,240,255,255,255,255, 74,137, 93,180,137,117,176, /* 0x 310 */
199, 69,148, 0, 0, 0, 0,120, 62,137,206,131, 59, 1,117, 49, /* 0x 320 */
139, 67, 24,139, 75, 8,131,224, 1,141, 20,133, 0, 0, 0, 0, /* 0x 330 */
57, 76, 42,236,118, 11,139, 67, 16,137, 76, 42,236,137, 68, 21, /* 0x 340 */
228,139, 67, 20,141,125,220, 1,200, 57, 4, 58,115, 3,137, 4, /* 0x 350 */
58,131,195, 32, 78,117,196,131,125,176, 2,116, 63,129,125,220, /* 0x 360 */
255,255,255, 31,118, 54,139, 77, 8,139, 93, 8,139, 65, 4,137, /* 0x 370 */
194,137,193,139, 3,129,225,255,255,255, 3,129,226, 0, 0, 0, /* 0x 380 */
252, 37,255,255,255, 3, 57,193,118, 2,137,200,141,148, 2,255, /* 0x 390 */
15, 0, 0,129,226, 0,240,255,255,137, 85,148,139,117, 8, 49, /* 0x 3a0 */
255,199, 69,144, 1, 0, 0, 0,137,117,152,141, 69,236,139, 85, /* 0x 3b0 */
148,139,117,152,139, 28, 7,137,217,129,227, 0,240,255,255,129, /* 0x 3c0 */
225,255, 15, 0, 0, 3, 76, 47,228,137, 28, 7,139, 68, 47,220, /* 0x 3d0 */
1,194, 41,216,137, 22, 3, 93,148,106, 0, 5,255, 15, 0, 0, /* 0x 3e0 */
106,255, 37, 0,240,255,255,104, 18, 16, 0, 0,129,193,255, 15, /* 0x 3f0 */
0, 0,106, 0,129,225, 0,240,255,255, 80,131,198, 4, 83,137, /* 0x 400 */
68, 47,220,137, 76, 47,228,232, 33,253,255,255,137, 68, 61,212, /* 0x 410 */
131,196, 24,131,199, 4,255, 77,144,137,117,152,121,141,139, 69, /* 0x 420 */
212,199, 69,168, 0, 0, 0, 0,139, 85,236,139, 77,196, 41,208, /* 0x 430 */
102,131,121, 44, 0,137, 69,172, 15,132,236, 1, 0, 0,139, 93, /* 0x 440 */
180,139, 3,131,248, 6,117, 34,131,125,192, 0, 15,132,193, 1, /* 0x 450 */
0, 0,139, 77,172,186, 3, 0, 0, 0, 3, 75, 8,139, 69,188, /* 0x 460 */
232, 29,254,255,255,233,169, 1, 0, 0, 72, 15,133,162, 1, 0, /* 0x 470 */
0,139,117,180,199, 69,164, 64, 98, 81,115,139, 69,172, 3, 70, /* 0x 480 */
8,139, 78, 24,139, 86, 20,131,225, 7,137, 69,208, 1,194,193, /* 0x 490 */
225, 2,211,109,164,137, 85,156,139, 78, 16,137,194,131,101,164, /* 0x 4a0 */
7,129,226,255, 15, 0, 0,137, 77,204,141, 52, 17,139, 77,180, /* 0x 4b0 */
41,208,137, 69,160,139, 65, 4, 41,208,131,125,192, 0, 80,139, /* 0x 4c0 */
69,200,116, 3,131,200,255,131,125,192, 1, 80, 25,192, 37, 0, /* 0x 4d0 */
240,255,255, 5, 18, 16, 0, 0,131,125,192, 0, 80,139, 69,164, /* 0x 4e0 */
116, 3,131,200, 2,131,125,192, 0, 80,137,240,116, 3,141, 70, /* 0x 4f0 */
3, 80,255,117,160,232, 51,252,255,255,131,196, 24, 57, 69,160, /* 0x 500 */
15,133,188, 0, 0, 0,131,125,192, 0,116, 28,246, 69,164, 4, /* 0x 510 */
139, 69,184,117, 2, 49,192, 80,139, 69,192,255,117,200,141, 85, /* 0x 520 */
204,232,127,252,255,255, 95, 88,137,247,247,223,129,231,255, 15, /* 0x 530 */
0, 0,246, 69,164, 2,116, 17,139, 69,160, 1,240,133,255,116, /* 0x 540 */
8,137,249,198, 0, 0, 64,226,250,131,125,192, 0,116,122,139, /* 0x 550 */
93,180,131, 59, 1,117, 88,246, 67, 24, 1,116, 82,139, 83, 20, /* 0x 560 */
137,216,139, 91, 8,141, 12, 26, 3, 77,172, 59, 80, 16,117, 14, /* 0x 570 */
137,200,247,216, 37,255, 15, 0, 0,131,248, 3,119, 17,139, 85, /* 0x 580 */
180,107, 69,172, 52,131,122, 4, 0,141, 76, 3, 12,117, 15,139, /* 0x 590 */
1, 61,205,128,201,195,116, 6,199, 1,205,128,201,195,133,201, /* 0x 5a0 */
116, 13,139, 69,188, 49,210,131,224,254,232,211,252,255,255,255, /* 0x 5b0 */
117,164, 86,255,117,160,232,181,251,255,255,131,196, 12,133,192, /* 0x 5c0 */
116, 7,106,127,232,139,251,255,255,141, 4, 62,139, 93,160, 1, /* 0x 5d0 */
195, 59, 93,156,115, 33,106, 0,106,255,104, 18, 16, 0, 0,255, /* 0x 5e0 */
117,164, 41, 93,156,255,117,156, 83,232, 63,251,255,255,131,196, /* 0x 5f0 */
24, 57,195,116, 30,235,203,131,125,192, 0,116, 22,141, 70, 3, /* 0x 600 */
37,255, 15, 0, 0,131,248, 3,119, 9, 80, 83,232, 91,251,255, /* 0x 610 */
255, 89, 91,139, 77,196,255, 69,168, 15,183, 65, 44,131, 69,180, /* 0x 620 */
32, 57, 69,168, 15,140, 20,254,255,255,131,125,192, 0,117, 13, /* 0x 630 */
255,117,200,232, 48,251,255,255, 90,133,192,117,133,131,125, 20, /* 0x 640 */
0,116, 8,139,117,172,139, 93, 20,137, 51,139, 69,196,139, 64, /* 0x 650 */
24, 1, 69,172,139, 69,172,141,101,244, 91, 94, 95,201,195, 85, /* 0x 660 */
137,229, 87, 86, 83,131,236, 24,141, 85, 24,139, 69, 8,106, 0, /* 0x 670 */
139,125, 28,199, 69,232, 0, 0, 0, 0,137, 69,228,139, 69, 16, /* 0x 680 */
139, 93, 32,199, 69,236, 0, 0, 0, 0,137, 69,224,131,192, 2, /* 0x 690 */
255,117,224,137, 69,220,141, 69, 32,141,119, 52,232, 4,251,255, /* 0x 6a0 */
255,139, 69, 12,185, 0, 16, 0, 0,186, 6, 0, 0, 0,137, 69, /* 0x 6b0 */
32,139, 69,228, 41, 93, 36,232,198,251,255,255, 15,183, 79, 44, /* 0x 6c0 */
139, 69,228,186, 5, 0, 0, 0,232,181,251,255,255, 15,183, 79, /* 0x 6d0 */
42,139, 69,228,186, 4, 0, 0, 0,232,164,251,255,255,139, 77, /* 0x 6e0 */
40, 3, 78, 8,186, 3, 0, 0, 0,139, 69,228,131,193, 52,232, /* 0x 6f0 */
142,251,255,255,141, 69,240,255,117,220,137,250, 80,141, 69, 32, /* 0x 700 */
255,117,228, 80,141, 69,232, 80,139, 69,224,232,152,251,255,255, /* 0x 710 */
186, 9, 0, 0, 0,137,193,137,195,139, 69,228,232, 97,251,255, /* 0x 720 */
255,102,139, 79, 44,131,196, 28, 49,210,102,133,201,116,116,131, /* 0x 730 */
62, 3,117,100,106, 0,139, 69,240,106, 0, 3, 70, 8, 80,232, /* 0x 740 */
32,250,255,255,131,196, 12,133,192,137,195,120, 22,104, 0, 2, /* 0x 750 */
0, 0, 87, 80,232, 3,250,255,255,131,196, 12, 61, 0, 2, 0, /* 0x 760 */
0,116, 7,106,127,232,234,249,255,255,141, 69,240,137,250,106, /* 0x 770 */
0, 80,106, 0,141, 69,232,106, 0, 80,137,216,232, 39,251,255, /* 0x 780 */
255,139, 77,240,137,195,139, 69,228,186, 7, 0, 0, 0,232,239, /* 0x 790 */
250,255,255,131,196, 20,235, 11, 66, 15,183,193,131,198, 32, 57, /* 0x 7a0 */
194,124,140,141,101,244,137,216, 91, 94, 95,201,195 /* 0x 7b0 */
131,239, 8, 1,201, 64,243,171, 72,171,171, 95,195, 0, 0, 0, /* 0x 130 */
85,137,229, 87, 86,137,206, 83,137,195, 57, 8,139,120, 4,115, /* 0x 140 */
7,106,127,232, 73, 6, 0, 0,133,201,116, 8,138, 7, 71,136, /* 0x 150 */
2, 66,226,248, 1,115, 4, 41, 51,141,101,244, 91, 94, 95,201, /* 0x 160 */
195, 85,137,229, 87, 86,137,198, 83,137,211,131,236, 24,139, 69, /* 0x 170 */
8,139,125, 12,137, 69,220,131, 58, 0, 15,132,182, 0, 0, 0, /* 0x 180 */
141, 85,228,185, 12, 0, 0, 0,137,240,232,161,255,255,255,139, /* 0x 190 */
69,228,139, 77,232,133,192,117, 19,129,249, 85, 80, 88, 33,117, /* 0x 1a0 */
15,131, 62, 0, 15,132,140, 0, 0, 0,235, 4,133,201,117, 7, /* 0x 1b0 */
106,127,232,218, 5, 0, 0, 57,193,119,245, 59, 3,119,241, 57, /* 0x 1c0 */
193,115, 86,137, 69,224,141, 69,224,255,117,236, 80,255,115, 4, /* 0x 1d0 */
81,255,118, 4,255, 85,220,131,196, 20,133,192,117,210,139, 85, /* 0x 1e0 */
224, 59, 85,228,117,202,138, 69,237,132,192,116, 34,133,255,116, /* 0x 1f0 */
30,129,250, 0, 2, 0, 0,119, 4, 57, 19,117, 18, 15,182,192, /* 0x 200 */
80, 15,182, 69,238, 80, 82,255,115, 4,255,215,131,196, 16,139, /* 0x 210 */
69,232, 1, 70, 4, 41, 6,235, 10,139, 83, 4,137,240,232, 13, /* 0x 220 */
255,255,255,139, 85,228,139, 3, 1, 83, 4, 41,208,133,192,137, /* 0x 230 */
3,233, 68,255,255,255,141,101,244, 91, 94, 95,201,195,133,192, /* 0x 240 */
83,137,211,116, 29,168, 1,117, 25,139, 16, 57,218,116, 7, 74, /* 0x 250 */
117, 11,133,219,116, 7,137, 24,137, 72, 4,235, 5,131,192, 8, /* 0x 260 */
235,231, 91,195, 85,137,229, 87, 86, 83,131,236,104,137, 69,200, /* 0x 270 */
139, 69, 12,137, 85,196,139, 77, 24,199, 69,228, 0, 0, 0, 0, /* 0x 280 */
137, 69,192,139, 69,196,137, 77,184,139, 93,196,139,117,196,199, /* 0x 290 */
69,232, 0, 0, 0, 0, 15,183, 72, 44,199, 69,220, 0, 0, 0, /* 0x 2a0 */
0,139, 85, 16,199, 69,224, 0, 0, 0, 0, 3, 91, 28,199, 69, /* 0x 2b0 */
236,255,255,255,255, 15,183,118, 16,137, 85,188,137,202,199, 69, /* 0x 2c0 */
240,255,255,255,255, 74,137, 93,180,137,117,176,199, 69,148, 0, /* 0x 2d0 */
0, 0, 0,120, 62,137,206,131, 59, 1,117, 49,139, 67, 24,139, /* 0x 2e0 */
75, 8,131,224, 1,141, 20,133, 0, 0, 0, 0, 57, 76, 42,236, /* 0x 2f0 */
118, 11,139, 67, 16,137, 76, 42,236,137, 68, 21,228,139, 67, 20, /* 0x 300 */
141,125,220, 1,200, 57, 4, 58,115, 3,137, 4, 58,131,195, 32, /* 0x 310 */
78,117,196,131,125,176, 2,116, 63,129,125,220,255,255,255, 31, /* 0x 320 */
118, 54,139, 77, 8,139, 93, 8,139, 65, 4,137,194,137,193,139, /* 0x 330 */
3,129,225,255,255,255, 3,129,226, 0, 0, 0,252, 37,255,255, /* 0x 340 */
255, 3, 57,193,118, 2,137,200,141,148, 2,255, 15, 0, 0,129, /* 0x 350 */
226, 0,240,255,255,137, 85,148,139,117, 8, 49,255,199, 69,144, /* 0x 360 */
1, 0, 0, 0,137,117,152,141, 69,236,139, 85,148,139,117,152, /* 0x 370 */
139, 28, 7,137,217,129,227, 0,240,255,255,129,225,255, 15, 0, /* 0x 380 */
0, 3, 76, 47,228,137, 28, 7,139, 68, 47,220, 1,194, 41,216, /* 0x 390 */
137, 22, 3, 93,148,106, 0, 5,255, 15, 0, 0,106,255, 37, 0, /* 0x 3a0 */
240,255,255,104, 18, 16, 0, 0,129,193,255, 15, 0, 0,106, 0, /* 0x 3b0 */
129,225, 0,240,255,255, 80,131,198, 4, 83,137, 68, 47,220,137, /* 0x 3c0 */
76, 47,228,232,164, 3, 0, 0,137, 68, 61,212,131,196, 24,131, /* 0x 3d0 */
199, 4,255, 77,144,137,117,152,121,141,139, 69,212,199, 69,168, /* 0x 3e0 */
0, 0, 0, 0,139, 85,236,139, 77,196, 41,208,102,131,121, 44, /* 0x 3f0 */
0,137, 69,172, 15,132,236, 1, 0, 0,139, 93,180,139, 3,131, /* 0x 400 */
248, 6,117, 34,131,125,192, 0, 15,132,193, 1, 0, 0,139, 77, /* 0x 410 */
172,186, 3, 0, 0, 0, 3, 75, 8,139, 69,188,232, 29,254,255, /* 0x 420 */
255,233,169, 1, 0, 0, 72, 15,133,162, 1, 0, 0,139,117,180, /* 0x 430 */
199, 69,164, 64, 98, 81,115,139, 69,172, 3, 70, 8,139, 78, 24, /* 0x 440 */
139, 86, 20,131,225, 7,137, 69,208, 1,194,193,225, 2,211,109, /* 0x 450 */
164,137, 85,156,139, 78, 16,137,194,131,101,164, 7,129,226,255, /* 0x 460 */
15, 0, 0,137, 77,204,141, 52, 17,139, 77,180, 41,208,137, 69, /* 0x 470 */
160,139, 65, 4, 41,208,131,125,192, 0, 80,139, 69,200,116, 3, /* 0x 480 */
131,200,255,131,125,192, 1, 80, 25,192, 37, 0,240,255,255, 5, /* 0x 490 */
18, 16, 0, 0,131,125,192, 0, 80,139, 69,164,116, 3,131,200, /* 0x 4a0 */
2,131,125,192, 0, 80,137,240,116, 3,141, 70, 3, 80,255,117, /* 0x 4b0 */
160,232,182, 2, 0, 0,131,196, 24, 57, 69,160, 15,133,188, 0, /* 0x 4c0 */
0, 0,131,125,192, 0,116, 28,246, 69,164, 4,139, 69,184,117, /* 0x 4d0 */
2, 49,192, 80,139, 69,192,255,117,200,141, 85,204,232,127,252, /* 0x 4e0 */
255,255, 95, 88,137,247,247,223,129,231,255, 15, 0, 0,246, 69, /* 0x 4f0 */
164, 2,116, 17,139, 69,160, 1,240,133,255,116, 8,137,249,198, /* 0x 500 */
0, 0, 64,226,250,131,125,192, 0,116,122,139, 93,180,131, 59, /* 0x 510 */
1,117, 88,246, 67, 24, 1,116, 82,139, 83, 20,137,216,139, 91, /* 0x 520 */
8,141, 12, 26, 3, 77,172, 59, 80, 16,117, 14,137,200,247,216, /* 0x 530 */
37,255, 15, 0, 0,131,248, 3,119, 17,139, 85,180,107, 69,172, /* 0x 540 */
52,131,122, 4, 0,141, 76, 3, 12,117, 15,139, 1, 61,205,128, /* 0x 550 */
201,195,116, 6,199, 1,205,128,201,195,133,201,116, 13,139, 69, /* 0x 560 */
188, 49,210,131,224,254,232,211,252,255,255,255,117,164, 86,255, /* 0x 570 */
117,160,232, 54, 2, 0, 0,131,196, 12,133,192,116, 7,106,127, /* 0x 580 */
232, 12, 2, 0, 0,141, 4, 62,139, 93,160, 1,195, 59, 93,156, /* 0x 590 */
115, 33,106, 0,106,255,104, 18, 16, 0, 0,255,117,164, 41, 93, /* 0x 5a0 */
156,255,117,156, 83,232,194, 1, 0, 0,131,196, 24, 57,195,116, /* 0x 5b0 */
30,235,203,131,125,192, 0,116, 22,141, 70, 3, 37,255, 15, 0, /* 0x 5c0 */
0,131,248, 3,119, 9, 80, 83,232,220, 1, 0, 0, 89, 91,139, /* 0x 5d0 */
77,196,255, 69,168, 15,183, 65, 44,131, 69,180, 32, 57, 69,168, /* 0x 5e0 */
15,140, 20,254,255,255,131,125,192, 0,117, 13,255,117,200,232, /* 0x 5f0 */
177, 1, 0, 0, 90,133,192,117,133,131,125, 20, 0,116, 8,139, /* 0x 600 */
117,172,139, 93, 20,137, 51,139, 69,196,139, 64, 24, 1, 69,172, /* 0x 610 */
139, 69,172,141,101,244, 91, 94, 95,201,195, 85,137,229, 87, 86, /* 0x 620 */
83,131,236, 24,141, 85, 24,139, 69, 8,106, 0,139,125, 28,199, /* 0x 630 */
69,232, 0, 0, 0, 0,137, 69,228,139, 69, 16,139, 93, 32,199, /* 0x 640 */
69,236, 0, 0, 0, 0,137, 69,224,131,192, 2,255,117,224,137, /* 0x 650 */
69,220,141, 69, 32,141,119, 52,232, 4,251,255,255,139, 69, 12, /* 0x 660 */
185, 0, 16, 0, 0,186, 6, 0, 0, 0,137, 69, 32,139, 69,228, /* 0x 670 */
41, 93, 36,232,198,251,255,255, 15,183, 79, 44,139, 69,228,186, /* 0x 680 */
5, 0, 0, 0,232,181,251,255,255, 15,183, 79, 42,139, 69,228, /* 0x 690 */
186, 4, 0, 0, 0,232,164,251,255,255,139, 77, 40, 3, 78, 8, /* 0x 6a0 */
186, 3, 0, 0, 0,139, 69,228,131,193, 52,232,142,251,255,255, /* 0x 6b0 */
141, 69,240,255,117,220,137,250, 80,141, 69, 32,255,117,228, 80, /* 0x 6c0 */
141, 69,232, 80,139, 69,224,232,152,251,255,255,186, 9, 0, 0, /* 0x 6d0 */
0,137,193,137,195,139, 69,228,232, 97,251,255,255,102,139, 79, /* 0x 6e0 */
44,131,196, 28, 49,210,102,133,201,116,116,131, 62, 3,117,100, /* 0x 6f0 */
106, 0,139, 69,240,106, 0, 3, 70, 8, 80,232,161, 0, 0, 0, /* 0x 700 */
131,196, 12,133,192,137,195,120, 22,104, 0, 2, 0, 0, 87, 80, /* 0x 710 */
232,132, 0, 0, 0,131,196, 12, 61, 0, 2, 0, 0,116, 7,106, /* 0x 720 */
127,232,107, 0, 0, 0,141, 69,240,137,250,106, 0, 80,106, 0, /* 0x 730 */
141, 69,232,106, 0, 80,137,216,232, 39,251,255,255,139, 77,240, /* 0x 740 */
137,195,139, 69,228,186, 7, 0, 0, 0,232,239,250,255,255,131, /* 0x 750 */
196, 20,235, 11, 66, 15,183,193,131,198, 32, 57,194,124,140,141, /* 0x 760 */
101,244,137,216, 91, 94, 95,201,195, 0, 0, 0, 85,137,229, 49, /* 0x 770 */
192, 80,255,117, 28, 80,255,117, 24,255,117, 20,255,117, 16,255, /* 0x 780 */
117, 12,255,117, 8, 80,176,197, 80, 80,176,198,205,128,201,195, /* 0x 790 */
195,176, 1, 15,182,192,205,128,195,176, 3,235,246,176, 4,235, /* 0x 7a0 */
242,176, 5,235,238,176, 6,235,234,176, 73,235,230,176, 74,235, /* 0x 7b0 */
226,176, 33,235,222,176, 20,235,218,176, 92,235,214,176, 59,235, /* 0x 7c0 */
210,176, 2,235,206,176,130,235,202,176,116,235,198,176,240,235, /* 0x 7d0 */
194,176, 10,235,190,176, 7,235,186 /* 0x 7e0 */
};

67
src/stub/src/i386-bsd.elf-fold.S
View File

@ -201,72 +201,5 @@ L32:
pop edi // &auxtab
ret
#define __NR_mmap 197
#define __NR_syscall 198
mmap: .globl mmap
push ebp
mov ebp,esp
xor eax,eax // 0
push eax // convert to 64-bit
push dword ptr [7*4+ebp] // offset
push eax // pad
push dword ptr [6*4+ebp] // fd
push dword ptr [5*4+ebp] // flags
push dword ptr [4*4+ebp] // prot
push dword ptr [3*4+ebp] // len
push dword ptr [2*4+ebp] // addr
push eax // current thread
mov al,__NR_mmap
push eax
push eax // fake ret.addr
mov al,__NR_syscall
int 0x80
leave
ret
brk: .globl brk
ret
#define __NR_exit 1
#define __NR_read 3
#define __NR_write 4
#define __NR_open 5
#define __NR_close 6
#define __NR_munmap 73
#define __NR_mprotect 74
exit: .globl exit
mov al,__NR_exit
nf_sysgo:
movzx eax,al
int 0x80
ret
read: .globl read
mov al,__NR_read
jmp nf_sysgo
write: .globl write
mov al,__NR_write
jmp nf_sysgo
open: .globl open
mov al,__NR_open
jmp nf_sysgo
close: .globl close
mov al,__NR_close
jmp nf_sysgo
munmap: .globl munmap
mov al,__NR_munmap
jmp nf_sysgo
mprotect: .globl mprotect
mov al,__NR_mprotect
jmp nf_sysgo
// vi:ts=8:et:nowrap

154
src/stub/src/i386-bsd.elf.execve-entry.S Normal file
View File

@ -0,0 +1,154 @@
/*
; i386-bsd.elf.execve-entry.S -- BSD program entry point & decompressor (kernel exec)
;
; This file is part of the UPX executable compressor.
;
; Copyright (C) 1996-2006 Markus Franz Xaver Johannes Oberhumer
; Copyright (C) 1996-2006 Laszlo Molnar
; Copyright (C) 2000-2006 John F. Reiser
; All Rights Reserved.
;
; UPX and the UCL library are free software; you can redistribute them
; and/or modify them under the terms of the GNU General Public License as
; published by the Free Software Foundation; either version 2 of
; the License, or (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program; see the file COPYING.
; If not, write to the Free Software Foundation, Inc.,
; 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
;
; Markus F.X.J. Oberhumer Laszlo Molnar
; <mfx@users.sourceforge.net> <ml1050@users.sourceforge.net>
;
; John F. Reiser
; <jreiser@users.sourceforge.net>
;
*/
#include "arch/i386/macros.S"
// CPU 386
/*************************************************************************
// program entry point
// see glibc/sysdeps/i386/elf/start.S
**************************************************************************/
section LEXEC000
_start: .globl _start
//// int3
/*
;; How to debug this code: Uncomment the 'int3' breakpoint instruction above.
;; Build the stubs and upx. Compress a testcase, such as a copy of /bin/date.
;; Invoke gdb, and give a 'run' command. Define a single-step macro such as
;; define g
;; stepi
;; x/i $pc
;; end
;; and a step-over macro such as
;; define h
;; x/2i $pc
;; tbreak *$_
;; continue
;; x/i $pc
;; end
;; Step through the code; remember that <Enter> repeats the previous command.
;;
*/
call main // push address of decompress subroutine
decompress:
// /*************************************************************************
// // C callable decompressor
// **************************************************************************/
// /* Offsets to parameters, allowing for {push + pusha + call} */
#define O_INP (4+ 8*4 +1*4)
#define O_INS (4+ 8*4 +2*4)
#define O_OUTP (4+ 8*4 +3*4)
#define O_OUTS (4+ 8*4 +4*4)
#define O_PARAM (4+ 8*4 +5*4)
#define INP dword ptr [esp+O_INP]
#define INS dword ptr [esp+O_INS]
#define OUTP dword ptr [esp+O_OUTP]
#define OUTS dword ptr [esp+O_OUTS]
#define PARM dword ptr [esp+O_PARAM]
section LEXEC009
mov eax, offset NMRU // free slot in following 'pusha'
section LEXEC010
pusha
push '?' // cto8 (sign extension does not matter)
// cld
mov esi, INP
mov edi, OUTP
or ebp, -1
// align 8
#include "arch/i386/nrv2b_d32.S"
#include "arch/i386/nrv2d_d32.S"
#include "arch/i386/nrv2e_d32.S"
#include "arch/i386/lzma_d.S"
cjt32 0
section LEXEC015
// eax is 0 from decompressor code
//xor eax, eax ; return code
// check compressed size
mov edx, INP
add edx, INS
cmp edx, esi
jz .ok
dec eax
.ok:
xchg [8*4 + esp], eax // store success/failure, fetch NMRU
// write back the uncompressed size, and prepare for unfilter
mov edx, OUTS
mov ecx, edi
mov edi, OUTP
sub ecx, edi // ecx= uncompressed size
mov [edx], ecx
pop edx // cto8
section LEXEC110 // Jcc and/or possible n_mru
push edi // addvalue
push 0x0f
pop ebx
mov bh, dl // ebx= 0,,cto8,0x0F
section LEXEC100 // 0!=n_mru
xchg eax, ebx // eax= ct08_0f; ebx= n_mru {or n_mru1}
section LEXEC016 // bug in APP: jmp and target must be in same .asx
//; jmpn lxunf0 ; logically belongs here
ctojr32
ckt32 edi, dl
section LEXEC017
popa
ret
section LEXEC020
main:
pop ebp // &decompress
mov ebx, 0x401000 // &Elf32_Ehdr of this program
//; fall into fold_begin
eof:
// vi:ts=8:et:nowrap

59
src/stub/src/i386-bsd.elf.execve-fold.S Normal file
View File

@ -0,0 +1,59 @@
/*
; i386-bsd.elf.execve-fold.S -- linkage to C code to process Elf binary
;
; This file is part of the UPX executable compressor.
;
; Copyright (C) 2000-2006 John F. Reiser
; All Rights Reserved.
;
; UPX and the UCL library are free software; you can redistribute them
; and/or modify them under the terms of the GNU General Public License as
; published by the Free Software Foundation; either version 2 of
; the License, or (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program; see the file COPYING.
; If not, write to the Free Software Foundation, Inc.,
; 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
;
; Markus F.X.J. Oberhumer Laszlo Molnar
; <mfx@users.sourceforge.net> <ml1050@users.sourceforge.net>
;
; John F. Reiser
; <jreiser@users.sourceforge.net>
;
*/
#include "arch/i386/macros.S"
// CPU 386
// control just falls through, after this part and compiled C code
// are uncompressed.
#define szElf32_Ehdr 0x34
#define szElf32_Phdr 8*4
#define e_entry (16 + 2*2 + 4)
#define p_vaddr 2*4
#define p_memsz 5*4
#define szl_info 12
#define szp_info 12
fold_begin: // enter: %ebx= &Elf32_Ehdr of this program
pop eax // Pop the argument count
mov ecx, esp // argv starts just at the current stack top
lea edx, [esp+eax*4+4] // envp = &argv[argc + 1]
mov edi, [ebx + e_entry]
lea esi, [ebx + szElf32_Ehdr + 2*szElf32_Phdr + szl_info]
sub edi, esi // length
lea ebx, [2 + ebp] // f_unfilter, maybe
pusha // (cprLen, cprSrc, f_decpr, xx, f_unf, envp, argv, argc)
.extern upx_main
call upx_main // Call the UPX main function
hlt // Crash if somehow upx_main does return
// vi:ts=8:et:nowrap

520
src/stub/src/i386-bsd.elf.execve-main.c Normal file
View File

@ -0,0 +1,520 @@
/* i386-bsd.elf.execve-main.c -- generic stub loader for *BSD using execve()
This file is part of the UPX executable compressor.
Copyright (C) 1996-2006 Markus Franz Xaver Johannes Oberhumer
Copyright (C) 1996-2006 Laszlo Molnar
All Rights Reserved.
UPX and the UCL library are free software; you can redistribute them
and/or modify them under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of
the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING.
If not, write to the Free Software Foundation, Inc.,
59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
Markus F.X.J. Oberhumer Laszlo Molnar
<mfx@users.sourceforge.net> <ml1050@users.sourceforge.net>
John F. Reiser
<jreiser@users.sourceforge.net>
*/
#include "include/bsd.h"
/*************************************************************************
// configuration section
**************************************************************************/
// mmap() the temporary output file
#define USE_MMAP_FO
/*************************************************************************
// file util
**************************************************************************/
struct Extent {
int size; // must be first to match size[0] uncompressed size
char *buf;
};
#if !defined(USE_MMAP_FO)
#if 1
static __inline__ int xwrite(int fd, const void *buf, int count)
{
// note: we can assert(count > 0);
do {
int n = write(fd, buf, count);
if (n == -EINTR)
continue;
if (n <= 0)
break;
buf += n; // gcc extension: add to void *
count -= n;
} while (count > 0);
return count;
}
#else
#define xwrite(fd,buf,count) ((count) - write(fd,buf,count))
#endif
#endif /* !USE_MMAP_FO */
/*************************************************************************
// util
**************************************************************************/
#if 1
extern char *
__attribute__((regparm(2), stdcall)) // be ruthless
upx_itoa(unsigned long v, char *buf);
#else
// Some versions of gcc optimize the division and/or remainder using
// a multiplication by (2**32)/10, and use a relocatable 32-bit address
// to reference the constant. We require no relocations because we move
// the code at runtime. See upx_itoa.S for replacement [also smaller.]
static char *upx_itoa(unsigned long v, char *buf)
{
// const unsigned TEN = 10;
volatile unsigned TEN = 10; // an ugly way to achieve no relocation
char *p = buf;
{
unsigned long k = v;
do {
p++;
k /= TEN;
} while (k > 0);
}
buf = p;
*p = 0;
{
unsigned long k = v;
do {
*--p = '0' + k % TEN;
k /= TEN;
} while (k > 0);
}
return buf;
}
#endif
static uint32_t ascii5(char *p, uint32_t v, unsigned n)
{
do {
unsigned char d = v % 32;
if (d >= 26) d -= 43; // 43 == 'Z' - '0' + 1
*--p = (d += 'A');
v /= 32;
} while (--n > 0);
return v;
}
#if defined(__i386__)
# define SET2(p, c0, c1) \
* (unsigned short *) (p) = ((c1)<<8 | (c0))
# define SET4(p, c0, c1, c2, c3) \
* (uint32_t *) (p) = ((c3)<<24 | (c2)<<16 | (c1)<<8 | (c0))
# define SET3(p, c0, c1, c2) \
SET4(p, c0, c1, c2, 0)
#else
# define SET2(p, c0, c1) \
(p)[0] = c0, (p)[1] = c1
# define SET3(p, c0, c1, c2) \
(p)[0] = c0, (p)[1] = c1, (p)[2] = c2
# define SET4(p, c0, c1, c2, c3) \
(p)[0] = c0, (p)[1] = c1, (p)[2] = c2, (p)[3] = c3
#endif
// go_self is a separate subroutine to spread the burden of local arrays.
// Otherwise the size of the stack frame in upx_main exceeds 128 bytes,
// which causes too many offsets to expand from 1 byte to 4.
static int
#if (ACC_CC_GNUC >= 0x030300)
__attribute__((__noinline__, __used__, __stdcall__))
#endif
go_self(char const *tmpname, char *argv[], char *envp[])
{
// Old FreeBSD does not have /proc/self, so use /proc/<pid> instead.
// Open the temp file.
int const fdi = open(tmpname, O_RDONLY, 0);
if (0 <= fdi) {
// 17 chars for "/proc/PPPPP/fd/XX" should be enough, but we
// play safe in case there will be 32-bit pid_t at some time.
//char procself_buf[17+1];
char procself_buf[31+1];
// Compute name of temp fdi.
SET4(procself_buf + 0, '/', 'p', 'r', 'o');
SET4(procself_buf + 4, 'c', '/', 0 , 0 );
{
char *const procself = upx_itoa(getpid(), procself_buf + 6);
SET4(procself, '/', 'f', 'd', '/');
upx_itoa(fdi, procself + 4);
}
// Check for working /proc/self/fd/X by accessing the
// temp file again, now via temp fdi.
if (UPX2 == access(procself_buf, R_OK | X_OK)) {
// Now it's safe to unlink the temp file (as it is still open).
unlink(tmpname);
// Set the file close-on-exec.
fcntl(fdi, F_SETFD, FD_CLOEXEC);
// Execute the original program via /proc/self/fd/X.
execve(procself_buf, (char const *const *)argv, (char const *const *)envp);
// NOTE: if we get here we've lost.
}
// The proc filesystem isn't working. No problem.
close(fdi);
}
return fdi;
}
/*************************************************************************
// UPX & NRV stuff
**************************************************************************/
typedef void f_unfilter(
nrv_byte *, // also addvalue
nrv_uint,
unsigned cto8 // junk in high 24 bits
);
typedef int f_expand(
const nrv_byte *src, nrv_uint src_len,
nrv_byte *dst, nrv_uint *dst_len, int method );
/*************************************************************************
// upx_main - called by our entry code
//
// This function is optimized for size.
**************************************************************************/
void upx_main(
struct Extent xi,
f_expand *const f_decompress,
int junk2,
f_unfilter *const f_unf,
char *envp[],
char *argv[],
int argc
) __asm__("upx_main");
void upx_main(
struct Extent xi,
f_expand *const f_decompress,
int junk,
f_unfilter *const f_unf,
char *envp[],
char *argv[],
int argc
)
{
// file descriptor
int fdo;
// decompression buffer
unsigned char *buf;
char *tmpname;
struct p_info header;
// temporary file name
char tmpname_buf[20];
(void)junk;
//
// ----- Step 0: set /proc/self using /proc/<pid> -----
//
//personality(PER_LINUX);
//
// ----- Step 1: prepare input file -----
//
// Read header.
{
register char *__d0, *__d1;
__asm__ __volatile__( "movsl; movsl; movsl"
: "=&D" (__d0), "=&S" (__d1)
: "0" (&header), "1" (xi.buf)
: "memory");
xi.buf = __d1;
xi.size -= sizeof(header);
}
// Paranoia. Make sure this is actually our expected executable
// by checking the random program id. (The id is both stored
// in the header and patched into this stub.)
if (header.p_progid != UPX3)
goto error1;
//
// ----- Step 2: prepare temporary output file -----
//
tmpname = tmpname_buf;
SET4(tmpname + 0, '/', 't', 'm', 'p');
SET4(tmpname + 4, '/', 'u', 'p', 'x');
// Compute name of temporary output file in tmpname[].
// Protect against Denial-of-Service attacks.
{
char *p = tmpname_buf + sizeof(tmpname_buf) - 1;
// Compute the last 4 characters (20 bits) from getpid().
uint32_t r = ascii5(p, (uint32_t)getpid(), 4); *p = '\0'; p -= 4;
// Provide 4 random bytes from our program id.
r ^= header.p_progid;
// Mix in 4 runtime random bytes.
// Don't consume precious bytes from /dev/urandom.
{
#if 1
struct timeval tv;
gettimeofday(&tv, 0);
r ^= (uint32_t) tv.tv_sec;
r ^= ((uint32_t) tv.tv_usec) << 12; // shift into high-bits
#else
// using adjtimex() may cause portability problems
struct timex tx;
adjtimex(&tx);
r ^= (uint32_t) tx.time.tv_sec;
r ^= ((uint32_t) tx.time.tv_usec) << 12; // shift into high-bits
r ^= (uint32_t) tx.errcnt;
#endif
}
// Compute 7 more characters from the 32 random bits.
ascii5(p, r, 7);
}
// Just in case, remove the file.
{
int err = unlink(tmpname);
if (err != -ENOENT && err != 0)
goto error1;
}
// Create the temporary output file.
#if defined(USE_MMAP_FO)
fdo = open(tmpname, O_RDWR | O_CREAT | O_EXCL, 0700);
#else
fdo = open(tmpname, O_WRONLY | O_CREAT | O_EXCL, 0700);
#endif
#if 0
// Save some bytes of code - the ftruncate() below will fail anyway.
if (fdo < 0)
goto error;
#endif
// Set expected uncompressed file size.
if (ftruncate(fdo, header.p_filesize) != 0)
goto error;
//
// ----- Step 3: setup memory -----
//
#if defined(USE_MMAP_FO)
// FIXME: packer could set length
buf = (unsigned char *)mmap(0, header.p_filesize,
PROT_READ | PROT_WRITE, MAP_SHARED, fdo, 0);
if ((unsigned long) buf >= (unsigned long) -4095)
goto error;
// Decompressor can overrun the output by 3 bytes.
// Defend against SIGSEGV by using a scratch page.
// FIXME: packer could set address delta
mmap(buf + (PAGE_MASK & (header.p_filesize + ~PAGE_MASK)),
-PAGE_MASK, PROT_READ | PROT_WRITE,
MAP_FIXED | MAP_PRIVATE | MAP_ANONYMOUS, -1, 0 );
#else
// Temporary decompression buffer.
// FIXME: packer could set length
buf = mmap(0, (header.p_blocksize + OVERHEAD + ~PAGE_MASK) & PAGE_MASK,
PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0 );
if ((unsigned long) buf >= (unsigned long) -4095)
goto error;
#endif
//
// ----- Step 4: decompress blocks -----
//
for (;;)
{
struct b_info h;
// Read and check block sizes.
{
register char *__d0, *__d1;
__asm__ __volatile__( "movsl; movsl; movsl"
: "=&D" (__d0), "=&S" (__d1)
: "0" (&h), "1" (xi.buf)
: "memory");
xi.buf = __d1;
xi.size -= sizeof(h);
}
if (h.sz_unc == 0) // uncompressed size 0 -> EOF
{
if (h.sz_cpr != UPX_MAGIC_LE32) // h.sz_cpr must be h->magic
goto error;
if (header.p_filesize != 0) // all bytes must be written
goto error;
break;
}
// Note: if sz_unc == sz_cpr then the block was not
// compressible and is stored in its uncompressed form.
if (h.sz_cpr > h.sz_unc || h.sz_cpr > header.p_blocksize)
goto error;
// Now we have:
// assert(h.sz_cpr <= h.sz_unc);
// assert(h.sz_unc > 0 && h.sz_unc <= blocksize);
// assert(h.sz_cpr > 0 && h.sz_cpr <= blocksize);
if (h.sz_cpr < h.sz_unc) { // Decompress block.
nrv_uint out_len = h.sz_unc; // EOF for lzma
int i = (*f_decompress)((unsigned char *)xi.buf, h.sz_cpr, buf,
&out_len, *(int *)(void *)&h.b_method);
if (i != 0 || out_len != (nrv_uint)h.sz_unc)
goto error;
// Right now, unfilter is combined with decompression.
// (*f_unfilter)(buf, out_len, cto8);
(void)f_unf;
}
else
{
// Incompressible block
#if defined(USE_MMAP_FO)
//memcpy(buf, xi.buf, h.sz_unc);
register unsigned long int __d0, __d1, __d2;
__asm__ __volatile__( "rep; movsb"
: "=&c" (__d0), "=&D" (__d1), "=&S" (__d2)
: "0" (h.sz_unc), "1" (buf), "2" (xi.buf)
: "memory");
#endif
}
#if defined(USE_MMAP_FO)
// unmap part of the output
munmap(buf, h.sz_unc);
buf += h.sz_unc;
#else
// write output file
if (xwrite(fdo, buf, h.sz_unc) != 0)
goto error;
#endif
header.p_filesize -= h.sz_unc;
xi.buf += h.sz_cpr;
xi.size -= h.sz_cpr;
if (xi.size < 0) {
// error exit is here in the middle to keep the jumps short.
error:
(void) unlink(tmpname);
error1:
// Note: the kernel will close all open files and
// unmap any allocated memory.
for (;;)
(void) exit(127);
}
}
//
// ----- Step 5: release resources -----
//
#if !defined(USE_MMAP_FO)
// Free our temporary decompression buffer.
munmap(buf, malloc_args.ma_length);
#endif
if (close(fdo) != 0)
goto error;
//
// ----- Step 6: try to start program via /proc/self/fd/X -----
//
// Many thanks to Andi Kleen <ak@muc.de> and
// Jamie Lokier <nospam@cern.ch> for this nice idea.
if (0 > go_self(tmpname, argv, envp))
goto error;
//
// ----- Step 7: start program in /tmp -----
//
// Fork off a subprocess to clean up.
// We have to do this double-fork trick to keep a zombie from
// hanging around if the spawned original program doesn't check for
// subprocesses (as well as to prevent the real program from getting
// confused about this subprocess it shouldn't have).
// Thanks to Adam Ierymenko <api@one.net> for this solution.
if (fork() == 0)
{
if (fork() == 0)
{
// Sleep 3 seconds, then remove the temp file.
struct timespec ts; ts.tv_sec = UPX4; ts.tv_nsec = 0;
nanosleep(&ts, 0);
unlink(tmpname);
}
exit(0);
}
// Wait for the first fork()'d process to die.
waitpid(-1, (int *)0, 0);
// Execute the original program.
(void)argc;
execve(tmpname, (char const *const *)argv, (char const *const *)envp);
//
// ----- Step 8: error exit -----
//
// If we return from execve() there was an error. Give up.
goto error;
}
/*
vi:ts=4:et:nowrap
*/

105
src/stub/src/i386-bsd.syscall.S Normal file
View File

@ -0,0 +1,105 @@
/*
; i386-bsd.syscall.S -- *BSD system calls
;
; This file is part of the UPX executable compressor.
;
; Copyright (C) 2006 John F. Reiser
; All Rights Reserved.
;
; UPX and the UCL library are free software; you can redistribute them
; and/or modify them under the terms of the GNU General Public License as
; published by the Free Software Foundation; either version 2 of
; the License, or (at your option) any later version.
;
; This program is distributed in the hope that it will be useful,
; but WITHOUT ANY WARRANTY; without even the implied warranty of
; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
; GNU General Public License for more details.
;
; You should have received a copy of the GNU General Public License
; along with this program; see the file COPYING.
; If not, write to the Free Software Foundation, Inc.,
; 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
;
; Markus F.X.J. Oberhumer Laszlo Molnar
; <mfx@users.sourceforge.net> <ml1050@users.sourceforge.net>
;
; John F. Reiser
; <jreiser@users.sourceforge.net>
;
*/
.code32
.intel_syntax noprefix
#define SYS_mmap 197
#define SYS_syscall 198
mmap: .globl mmap
push ebp
mov ebp,esp
xor eax,eax // 0
push eax // convert to 64-bit
push dword ptr [7*4+ebp] // offset
push eax // pad
push dword ptr [6*4+ebp] // fd
push dword ptr [5*4+ebp] // flags
push dword ptr [4*4+ebp] // prot
push dword ptr [3*4+ebp] // len
push dword ptr [2*4+ebp] // addr
push eax // current thread
mov al,SYS_mmap
push eax
push eax // fake ret.addr
mov al,SYS_syscall
int 0x80
leave
ret
brk: .globl brk
ret
#define SYS_exit 1
#define SYS_read 3
#define SYS_write 4
#define SYS_open 5
#define SYS_close 6
#define SYS_munmap 73
#define SYS_mprotect 74
#define SYS_access 33
#define SYS_getpid 20
#define SYS_fcntl 92
#define SYS_execve 59
#define SYS_fork 2
#define SYS_ftruncate 130
#define SYS_gettimeofday 116
#define SYS_nanosleep 240
#define SYS_unlink 10
#define SYS_waitpid 7 /* FIXME: wait4 */
exit: .globl exit
mov al,SYS_exit
nf_sysgo:
movzx eax,al
int 0x80
ret
#define SYS(symbol) symbol: .globl symbol; mov al,SYS_##symbol; jmp nf_sysgo
SYS(read)
SYS(write)
SYS(open)
SYS(close)
SYS(munmap)
SYS(mprotect)
SYS(access)
SYS(getpid)
SYS(fcntl)
SYS(execve)
SYS(fork)
SYS(ftruncate)
SYS(gettimeofday)
SYS(nanosleep)
SYS(unlink)
SYS(waitpid)

71
src/stub/src/i386-openbsd.elf-fold.S
View File

@ -200,76 +200,5 @@ L32:
pop edi // &auxtab
ret
#define __NR_mmap 197
#define __NR_syscall 198
mmap: .globl mmap
push ebp
mov ebp,esp
xor eax,eax // 0
push eax // convert to 64-bit
push dword ptr [7*4+ebp] // offset
push eax // pad
push dword ptr [6*4+ebp] // fd
push dword ptr [5*4+ebp] // flags
push dword ptr [4*4+ebp] // prot
push dword ptr [3*4+ebp] // len
push dword ptr [2*4+ebp] // addr
push eax // current thread
mov al,__NR_mmap
push eax
push eax // fake ret.addr
mov al,__NR_syscall
int 0x80
leave
ret
brk: .globl brk
ret
bkpt: .globl bkpt
int3
ret
#define __NR_exit 1
#define __NR_read 3
#define __NR_write 4
#define __NR_open 5
#define __NR_close 6
#define __NR_munmap 73
#define __NR_mprotect 74
exit: .globl exit
mov al,__NR_exit
nf_sysgo:
movzx eax,al
int 0x80
ret
read: .globl read
mov al,__NR_read
jmp nf_sysgo
write: .globl write
mov al,__NR_write
jmp nf_sysgo
open: .globl open
mov al,__NR_open
jmp nf_sysgo
close: .globl close
mov al,__NR_close
jmp nf_sysgo
munmap: .globl munmap
mov al,__NR_munmap
jmp nf_sysgo
mprotect: .globl mprotect
mov al,__NR_mprotect
jmp nf_sysgo
// vi:ts=8:et:nowrap

11
src/stub/src/include/bsd.h
View File

@ -153,6 +153,17 @@ extern ssize_t read(int, void *, size_t);
extern ssize_t write(int, char const *, size_t);
void exit(int) __attribute__((noreturn));
extern int access(char const *,int);
extern int execve(char const *,char const *const *,char const *const *);
extern int fcntl(int,int,long);
extern int ftruncate(int,size_t);
extern pid_t fork(void);
extern pid_t getpid(void);
extern int gettimeofday(struct timeval *,void *);
extern int nanosleep(struct timespec const *,struct timespec *);
extern pid_t waitpid(pid_t,int *,int);
extern int unlink(char const *);
/*************************************************************************
// <elf.h>
**************************************************************************/