You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I get different eip values in the unmapped mem callback for the very same binary if I register a code hook instead of a block hook. Seemingly eip gets updated in some part of the code that depends on the existance of a code hook. (if there is a code hook, eip precisely points to the instruction making the failed access) What I see is that env->eip is different is store_helper() where the unmapped hook is called from. I haven't made any deep analysis hoping the phenomenon might ring some bells regarding code hook implementation.
Thanks for the help,
Viktor
The text was updated successfully, but these errors were encountered:
I get different eip values in the unmapped mem callback for the very same binary if I register a code hook instead of a block hook. Seemingly eip gets updated in some part of the code that depends on the existance of a code hook. (if there is a code hook, eip precisely points to the instruction making the failed access) What I see is that env->eip is different is store_helper() where the unmapped hook is called from. I haven't made any deep analysis hoping the phenomenon might ring some bells regarding code hook implementation.
Thanks for the help,
Viktor
The text was updated successfully, but these errors were encountered: