Mirror
/
upx
mirror of https://github.com/upx/upx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

stub/amd64-win64.pe.h matches upx-v4.2.4 

so that anti-virus checkers of apps for 64-bit Windows that are newly-
compressed by upx should not complain about new matches with malware.
This costs a few bytes and a small fraction of cycles in NRV2
de-compressors, but is considered to be a tolerable concession
to the cesspool environment of software for Microsoft Windows.
	modified:   ../misc/testsuite/upx_testsuite_1-expected_sha256sums.sh
	modified:   p_w64pe_amd64.cpp   see code comments
	modified:   stub/amd64-win64.pe.h
	modified:   stub/src/arch/amd64/lzma_d.S   see code comments
	modified:   stub/src/arch/amd64/nrv2b_d.S
	modified:   stub/src/arch/amd64/nrv2d_d.S
	modified:   stub/src/arch/amd64/nrv2e_d.S
	modified:   stub/tmp/amd64-win64.pe.bin.dump
This commit is contained in:
John Reiser 2025-01-02 11:47:34 -08:00 committed by Markus F.X.J. Oberhumer
parent 1a6c1f0589
commit f6e3df69eb
8 changed files with 1012 additions and 971 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
misc/testsuite/upx_testsuite_1-expected_sha256sums.sh generated
View File

@ -48,7 +48,7 @@ a0950546dc17fca9437219431d8ddb0249ce5b08e899e0c799a87ac982adee70 *powerpc64le-li
expected_sha256sums__t110_compress_ucl_nrv2b_3_no_filter="\
e4f91dbcb627c0c3fbc4d04afb98f9f1671062b7a997cf0e90826caf33f05cf8 *amd64-linux.elf/upx-3.91
bda0ed1fac238de8472f8248a3d923e0cec78389e88ec7e72262bad241c88b62 *amd64-linux.elf/upx-3.95
be68107b41e5ac9fdfe919f6e26b0ed83807dbe1c8f20d9e391a836be445c4fd *amd64-win64.pe/upx-3.95.exe
1bd70a3cd3b34e635a3c947cacd46c4d66bf07e0fd350cc6d1f3cf60483f75b9 *amd64-win64.pe/upx-3.95.exe
1beaafe2a32c90a82dc122aa00a0af5e0a00862a7444d5d1274c9303289115a5 *arm-linux.elf/upx-3.95
94422a91473a467dfb534afa3f20247bc38691aeb386a42fb3e0fd18d3d0ae08 *arm-wince.pe/upx-3.91.exe
16a4e2ca0db11335534c1a951f3fe61a7013fb6495c794b97e1995864f1d662e *arm64-linux.elf/upx-3.95
@ -71,7 +71,7 @@ e72f0ff8c367d4940aaf49a61e83369ad83972b8835b071f97eb1cd9e1e8f356 *mipsel-linux.e
expected_sha256sums__t120_compress_ucl_nrv2d_3_no_filter="\
0a269fe9119f85366905b80c7d583ad9834e65556429c5ce868aefc82c3be4d9 *amd64-linux.elf/upx-3.91
c6ab1d511a0a19875b474564b49b964c4d17b4e8730ab209778d7c2985fcee8b *amd64-linux.elf/upx-3.95
246079a063b098268c2c0c6237d7a4d0b7e18eaace45eff33a78400e1595f066 *amd64-win64.pe/upx-3.95.exe
0314c6974f29d180e46e41a1004d46a3993fe96f03de7f78d45ad89ad3b2177e *amd64-win64.pe/upx-3.95.exe
f45844cb8a88cb79efcabcb942e9e24a1a08f5b90b5a5c2094384390760c0677 *arm-linux.elf/upx-3.95
d7839b7dee866794e4ca3df32e2b1084b35aa22dee5f060fa14b5ca09c612ba3 *arm-wince.pe/upx-3.91.exe
323762dd4e77c42b2b6288339a52cd8b15527441dab101299eda29ec27d452e2 *arm64-linux.elf/upx-3.95
@ -94,7 +94,7 @@ a5e89be848c503ad5610800d13e363243340dbc3751e4fdaa06405c1097d5b9c *mipsel-linux.e
expected_sha256sums__t130_compress_ucl_nrv2e_3_no_filter="\
d9adcdf406ed22382c408670c6663d4bc420dc7a3a027d07e8f843441ae26c56 *amd64-linux.elf/upx-3.91
675fd00c9cb548a2c6587832703407425b300076fb17883c34234f2441de0bb6 *amd64-linux.elf/upx-3.95
6caf4df19cfe55fc33b31b4e77b6ce0a5665d090de9d4210c1994b62049c66c5 *amd64-win64.pe/upx-3.95.exe
97bb5953405f3413d9ff9bdc272caf2858697168b3e85dab54213da356b5ea0f *amd64-win64.pe/upx-3.95.exe
7b754f16dabe92a2265062dbf0850a6a1041264116dd6a2bc38565e93c29a27d *arm-linux.elf/upx-3.95
8c73f5acfc70e3c518be09978af87b9bec4906240cb457a166da0eba05bea4db *arm-wince.pe/upx-3.91.exe
876d844e5217897ae2e36a14e302c0808f7ea41eaba66f4b7e151d1fb5298d14 *arm64-linux.elf/upx-3.95
@ -140,7 +140,7 @@ c45deba5313a02ba8269ab7d148c4ce33d0c9f3e8c6d6ff528d6535a647fe945 *mipsel-linux.e
expected_sha256sums__t150_compress_ucl_2_all_filters="\
f2a11bf41482521238f715ad1df1b8b3c9ae917f2b99aa25017a67db0e53f712 *amd64-linux.elf/upx-3.91
3cea8f06d1bf0e7c8802f254e304dad55d826c07c54cea91121da208e571f151 *amd64-linux.elf/upx-3.95
fa8ba95a5fcc1a0d591e9b50d26772b3334815ffbf95d0127b4daa6c74ecc28d *amd64-win64.pe/upx-3.95.exe
434732efb16b89114162a1787a28c128e2c11edb9835411f2b707cac5cd475ae *amd64-win64.pe/upx-3.95.exe
536109132c83eaf7f0c7b10d268e52928f2e031219b568cbae842e03eda074b8 *arm-linux.elf/upx-3.95
93e2ead9e54732a1731896681d415e3ce60b7420ad7f3c57822ad7dbd061cdd3 *arm-wince.pe/upx-3.91.exe
cde130452ae6f94865767e7d27740a0d87bd6b07813b44e2b210c6eb444b597f *arm64-linux.elf/upx-3.95
@ -186,7 +186,7 @@ bce0a4cf0d72898dccb0a0a9c82c6ee5934be8e99907e4ccbb489aa2bf803fd1 *mips-linux.elf
expected_sha256sums__t170_compress_all_methods_no_lzma_5_no_filter="\
885c3dbbc87c83258986005978d4863febce98c290aed5d868b87901b7a4a452 *amd64-linux.elf/upx-3.91
2ee7f4c38df398b3b25fe339bf4a815c166eddb27bb58954ba9bce4661d7927f *amd64-linux.elf/upx-3.95
fb362f2b3ea02f9c12de7e8f19f73ea6cfebfeb7b8c316003121a9ad13d3d8ae *amd64-win64.pe/upx-3.95.exe
5fccb0f5044baaa74d176efb25eefa3b5810dc737ed0f9d38084d275f7ebe7b8 *amd64-win64.pe/upx-3.95.exe
46d75aa6fa1ecec6c6911b5a6631267fac9819a5a457ad6de7da6c7c478443a0 *arm-linux.elf/upx-3.95
56be0b4046accdfadbe534ecb6e6452b9e3a18bb9eac39da0ee8893c31d24416 *arm-wince.pe/upx-3.91.exe
294b251518756d20a82580aca1002b03ca71dcb299943f87f225ec157ab252e1 *arm64-linux.elf/upx-3.95

6
src/p_w64pe_amd64.cpp
View File

@ -89,11 +89,13 @@ void PackW64PeAmd64::buildLoader(const Filter *ft) {
addLoader("PEISDLL0");
if (isefi)
addLoader("PEISEFI0");
addLoader(isdll ? "PEISDLL1" : "", "PEMAIN01",
addLoader(isdll ? "PEISDLL1" : "", "PEMAIN01", // outer "enter" (push rbp; mov rsp,rbp)
icondir_count > 1 ? (icondir_count == 2 ? "PEICONS1" : "PEICONS2") : "",
tmp_tlsindex ? "PETLSHAK" : "", "PEMAIN02",
// ph.first_offset_found == 1 ? "PEMAIN03" : "",
M_IS_LZMA(ph.method) ? "LZMA_HEAD,LZMA_ELF00,LZMA_DEC20,LZMA_TAIL"
// LZMA_ELF00 has inner "enter" (push rbp; mov rsp,rbp)
// LZMA_TAIL has inner 'leave' (mov rbp,rsp; pop rbp)
: M_IS_NRV2B(ph.method) ? "NRV_HEAD,NRV2B"
: M_IS_NRV2D(ph.method) ? "NRV_HEAD,NRV2D"
: M_IS_NRV2E(ph.method) ? "NRV_HEAD,NRV2E"
@ -126,7 +128,7 @@ void PackW64PeAmd64::buildLoader(const Filter *ft) {
if (use_tls_callbacks)
addLoader("PETLSC");
addLoader("PEMAIN20");
addLoader("PEMAIN20"); // outer "leave" (mov rbp,rsp; pop rbp)
if (use_clear_dirty_stack)
addLoader("CLEARSTACK");
addLoader("PEMAIN21");

1818
src/stub/amd64-win64.pe.h generated
View File

File diff suppressed because it is too large Load Diff

25
src/stub/src/arch/amd64/lzma_d.S
View File

@ -53,7 +53,7 @@ section LZMA_ELF00
#define M_LZMA 14
cmpb $ M_LZMA,methb; jne not_lzma
#endif
pushq %rbp; movq %rsp,%rbp // we use alloca
pushq %rbp; movq %rsp,%rbp // we use alloca; 'leave' is in LZMA_DEC30
//LzmaDecode( // from lzmaSDK/C/7zip/Compress/LZMA_C/LzmaDecode.h
// %arg1= &CLzmaDecoderState,
@ -124,19 +124,22 @@ section LZMA_DEC30
#endif
movl szSizeT(%rbx),%ecx; addq %rcx,%rsi // inSizeProcessed
movl (%rbx),%edx; addq %rdx,%rdi // outSizeProcessed
leave // movl %ebp,%rsp; popq %rbp
#ifdef WINDOWS_BACK
jmp eof_lzma_win
#else
jmp eof_lzma
#endif // WINDOWS_BACK
leave // %rsp = %rbp; %rbp = * %rsp ++; "enter" is in LZMA_ELF00
#ifndef NO_METHOD_CHECK
not_lzma:
#ifdef WINDOWS_BACK //{ Must match stub/amd64-win64.pe.h of upx-v4.2.4.
// amd64-win64.pe.S has unconditional "#define NO_METHOD_CHECK"
// because p_w64pe_amd64.cpp assumes only one method, and generates it;
// thus there is no need to check the method, nor to recover from a mismatch.
// In such a case LZMA_DEC30 ends with the [inner] 'leave' above, and
// falls into section PEMAIN20, which immediately has an [outer] 'leave'.
#else //}{ ndef WINDOWS_BACK
jmp eof_lzma # lzma de-compression is done
#ifndef NO_METHOD_CHECK //{
not_lzma: # recover from not matching M_LZMA
push %rdi; pop %rsi # src = arg1
# fall into next daisy-chain method
#endif // NO_METHOD_CHECK
eof_lzma_win:
#endif //}
#endif //}
// vi:ts=8:et

18
src/stub/src/arch/amd64/nrv2b_d.S
View File

@ -45,7 +45,11 @@ lit_n2b:
incq %rsi; movb %dl,(%rdi)
incq %rdi
top_n2b:
#ifdef WINDOWS_BACK
movb (%rsi),%dl # prefetch: literal, or bottom 8 bits of offset
#else
movzbl (%rsi),%edx # prefetch: literal, or bottom 8 bits of offset
#endif
jnextb1yp lit_n2b
lea 1(lenq),off # [len= 0] off= 1
offmore_n2b:
@ -53,9 +57,15 @@ offmore_n2b:
jnextb0np offmore_n2b
subl $ 3,off; jc len_n2b # use previous offset
#ifdef WINDOWS_BACK
shll $ 8,off; movzbl %dl,%edx
orl %edx,off; incq %rsi
xorl $~0,off; jz EOF
#else
shll $ 8,off; incq %rsi
orl %edx,off
xorl $~0,off; jz EOF
#endif
movslq off,dispq # XXX: 2GB
len_n2b:
lea 1(lenq),off # [len= 0] off= 1
@ -73,11 +83,17 @@ gotlen_n2b:
bot_n2b: # In: 0==len
jmp top_n2b
#ifndef NO_METHOD_CHECK
#ifndef NO_METHOD_CHECK //{
not_n2b:
push %rdi; pop %rsi # src = arg1
#ifdef WINDOWS_BACK
# fall into 'EOF'
#endif
#endif //}
#ifndef WINDOWS_BACK
# fall into daisy chain
#endif
/*
vi:ts=8:et:nowrap
*/

10
src/stub/src/arch/amd64/nrv2d_d.S
View File

@ -45,7 +45,11 @@ lit_n2d:
incq %rsi; movb %dl,(%rdi)
incq %rdi
top_n2d:
#ifdef WINDOWS_BACK
movb (%rsi),%dl // speculate: literal, or bottom 8 bits of offset
#else
movzbl (%rsi),%edx // speculate: literal, or bottom 8 bits of offset
#endif
jnextb1yp lit_n2d
lea 1(lenq),off // [len= 0] off= 1
jmp getoff_n2d
@ -58,9 +62,15 @@ getoff_n2d:
jnextb0np off_n2d
subl $ 3,off; jc offprev_n2d
#ifdef WINDOWS_BACK
shll $ 8,off; movzbl %dl,%edx
orl %edx,off; incq %rsi
xorl $~0,off; jz eof
#else
shll $ 8,off; incq %rsi
orl %edx,off
xorl $~0,off; jz EOF
#endif
sarl off // Carry= original low bit
movslq off,dispq // XXX: 2GB
jmp len_n2d-2 // CHEAT: assume tail of getnextb is "adcl len,len"

10
src/stub/src/arch/amd64/nrv2e_d.S
View File

@ -45,7 +45,11 @@ lit_n2e:
incq %rsi; movb %dl,(%rdi)
incq %rdi
top_n2e:
#ifdef WINDOWS_BACK
movb (%rsi),%dl # speculate: literal, or bottom 8 bits of offset
#else
movzbl (%rsi),%edx # speculate: literal, or bottom 8 bits of offset
#endif
jnextb1yp lit_n2e
lea 1(lenq),off # [len= 0] off= 1
jmp getoff_n2e
@ -58,9 +62,15 @@ getoff_n2e:
jnextb0np off_n2e
subl $ 3,off; jc offprev_n2e
#ifdef WINDOWS_BACK
shll $ 8,off; movzbl %dl,%edx
orl %edx,off; incq %rsi
xorl $~0,off; jz eof
#else
shll $ 8,off; incq %rsi
orl %edx,off
xorl $~0,off; jz EOF
#endif
sarl off # Carry= original low bit
movslq off,dispq # XXX: 2GB
jc lenlast_n2e

86
src/stub/tmp/amd64-win64.pe.bin.dump generated vendored
View File

@ -13,46 +13,46 @@ Idx Name Size VMA LMA File off Algn
8 PEMAIN02 01 0 0 08c 2**0 CONTENTS
9 PEMAIN03 0 0 0 08d 2**0 CONTENTS
10 NRV_HEAD 060 0 0 08d 2**0 CONTENTS
11 NRV2B 081 0 0 0ed 2**0 CONTENTS
12 NRV2D 08f 0 0 016e 2**0 CONTENTS
13 NRV2E 0a8 0 0 01fd 2**0 CONTENTS
14 LZMA_HEAD 014 0 0 02a5 2**0 CONTENTS
15 LZMA_ELF00 05a 0 0 02b9 2**0 CONTENTS
16 LZMA_DEC20 0a01 0 0 0313 2**0 CONTENTS
17 LZMA_DEC30 016 0 0 0d14 2**0 CONTENTS
18 LZMA_TAIL 02 0 0 0d2a 2**0 CONTENTS
19 PEMAIN10 01 0 0 0d2c 2**0 CONTENTS
20 PETLSHAK2 04 0 0 0d2d 2**0 CONTENTS
21 PECTTPOS 07 0 0 0d31 2**0 CONTENTS
22 PECTTNUL 03 0 0 0d38 2**0 CONTENTS
23 PEFILTER49 052 0 0 0d3b 2**0 CONTENTS
24 PEIMPORT 034 0 0 0d8d 2**0 CONTENTS
25 PEIBYORD 02 0 0 0dc1 2**0 CONTENTS
26 PEK32ORD 012 0 0 0dc3 2**0 CONTENTS
27 PEIMORD1 0a 0 0 0dd5 2**0 CONTENTS
28 PEIMPOR2 021 0 0 0ddf 2**0 CONTENTS
29 PEIERDLL 0b 0 0 0e00 2**0 CONTENTS
30 PEIEREXE 06 0 0 0e0b 2**0 CONTENTS
31 PEIMDONE 04 0 0 0e11 2**0 CONTENTS
32 PERELOC1 07 0 0 0e15 2**0 CONTENTS
33 PERELOC2 04 0 0 0e1c 2**0 CONTENTS
34 PERELOC3 030 0 0 0e20 2**0 CONTENTS
35 REL64BIG 0a 0 0 0e50 2**0 CONTENTS
36 RELOC64J 02 0 0 0e5a 2**0 CONTENTS
37 PERLOHI0 0a 0 0 0e5c 2**0 CONTENTS
38 PERELLO0 0b 0 0 0e66 2**0 CONTENTS
39 PERELHI0 0e 0 0 0e71 2**0 CONTENTS
40 PEDEPHAK 04b 0 0 0e7f 2**0 CONTENTS
41 PETLSC 01b 0 0 0eca 2**0 CONTENTS
42 PEMAIN20 04 0 0 0ee5 2**0 CONTENTS
43 CLEARSTACK 010 0 0 0ee9 2**0 CONTENTS
44 PEMAIN21 0 0 0 0ef9 2**0 CONTENTS
45 PEISDLL9 0f 0 0 0ef9 2**0 CONTENTS
46 PEISEFI9 02 0 0 0f08 2**0 CONTENTS
47 PERETURN 04 0 0 0f0a 2**0 CONTENTS
48 PEDOJUMP 05 0 0 0f0e 2**0 CONTENTS
49 PETLSC2 026 0 0 0f13 2**0 CONTENTS
50 UPX1HEAD 020 0 0 0f39 2**0 CONTENTS
11 NRV2B 083 0 0 0ed 2**0 CONTENTS
12 NRV2D 091 0 0 0170 2**0 CONTENTS
13 NRV2E 0aa 0 0 0201 2**0 CONTENTS
14 LZMA_HEAD 014 0 0 02ab 2**0 CONTENTS
15 LZMA_ELF00 05a 0 0 02bf 2**0 CONTENTS
16 LZMA_DEC20 0a01 0 0 0319 2**0 CONTENTS
17 LZMA_DEC30 014 0 0 0d1a 2**0 CONTENTS
18 LZMA_TAIL 02 0 0 0d2e 2**0 CONTENTS
19 PEMAIN10 01 0 0 0d30 2**0 CONTENTS
20 PETLSHAK2 04 0 0 0d31 2**0 CONTENTS
21 PECTTPOS 07 0 0 0d35 2**0 CONTENTS
22 PECTTNUL 03 0 0 0d3c 2**0 CONTENTS
23 PEFILTER49 052 0 0 0d3f 2**0 CONTENTS
24 PEIMPORT 034 0 0 0d91 2**0 CONTENTS
25 PEIBYORD 02 0 0 0dc5 2**0 CONTENTS
26 PEK32ORD 012 0 0 0dc7 2**0 CONTENTS
27 PEIMORD1 0a 0 0 0dd9 2**0 CONTENTS
28 PEIMPOR2 021 0 0 0de3 2**0 CONTENTS
29 PEIERDLL 0b 0 0 0e04 2**0 CONTENTS
30 PEIEREXE 06 0 0 0e0f 2**0 CONTENTS
31 PEIMDONE 04 0 0 0e15 2**0 CONTENTS
32 PERELOC1 07 0 0 0e19 2**0 CONTENTS
33 PERELOC2 04 0 0 0e20 2**0 CONTENTS
34 PERELOC3 030 0 0 0e24 2**0 CONTENTS
35 REL64BIG 0a 0 0 0e54 2**0 CONTENTS
36 RELOC64J 02 0 0 0e5e 2**0 CONTENTS
37 PERLOHI0 0a 0 0 0e60 2**0 CONTENTS
38 PERELLO0 0b 0 0 0e6a 2**0 CONTENTS
39 PERELHI0 0e 0 0 0e75 2**0 CONTENTS
40 PEDEPHAK 04b 0 0 0e83 2**0 CONTENTS
41 PETLSC 01b 0 0 0ece 2**0 CONTENTS
42 PEMAIN20 04 0 0 0ee9 2**0 CONTENTS
43 CLEARSTACK 010 0 0 0eed 2**0 CONTENTS
44 PEMAIN21 0 0 0 0efd 2**0 CONTENTS
45 PEISDLL9 0f 0 0 0efd 2**0 CONTENTS
46 PEISEFI9 02 0 0 0f0c 2**0 CONTENTS
47 PERETURN 04 0 0 0f0e 2**0 CONTENTS
48 PEDOJUMP 05 0 0 0f12 2**0 CONTENTS
49 PETLSC2 026 0 0 0f17 2**0 CONTENTS
50 UPX1HEAD 020 0 0 0f3d 2**0 CONTENTS
SYMBOL TABLE:
0000000000000000 l d NRV_HEAD 0 NRV_HEAD
0000000000000000 l PEIMDONE 0 imports_done
@ -164,15 +164,15 @@ OFFSET TYPE VALUE
RELOCATION RECORDS FOR [NRV2B]:
OFFSET TYPE VALUE
000000000000007b R_X86_64_PC32 NRV_HEAD+0x000000000000001b
000000000000007d R_X86_64_PC32 NRV_HEAD+0x000000000000001b
RELOCATION RECORDS FOR [NRV2D]:
OFFSET TYPE VALUE
0000000000000086 R_X86_64_PC32 NRV_HEAD+0x000000000000001b
0000000000000088 R_X86_64_PC32 NRV_HEAD+0x000000000000001b
RELOCATION RECORDS FOR [NRV2E]:
OFFSET TYPE VALUE
000000000000009f R_X86_64_PC32 NRV_HEAD+0x000000000000001b
00000000000000a1 R_X86_64_PC32 NRV_HEAD+0x000000000000001b
RELOCATION RECORDS FOR [LZMA_HEAD]:
OFFSET TYPE VALUE