Martin Michelsen
58 lines
1.6 KiB
ArmAsm
58 lines
1.6 KiB
ArmAsm
start:
|
|
.include GetVersionInfoXB
|
|
test eax, eax
|
|
jnz can_patch
|
|
ret
|
|
|
|
can_patch:
|
|
push esi
|
|
push edi
|
|
push ebx
|
|
mov edi, eax # edi = ptr to version info struct
|
|
jmp get_patch_data_ptr
|
|
get_patch_data_ptr_ret:
|
|
pop ebx # ebx = patch header
|
|
|
|
apply_next_patch:
|
|
cmp dword [ebx + 4], 0
|
|
jne copy_code_and_apply_again
|
|
pop ebx
|
|
pop edi
|
|
pop esi
|
|
mov eax, 1
|
|
ret
|
|
|
|
copy_code_and_apply_again:
|
|
push dword [ebx] # dest addr
|
|
mov ecx, [edi + 0x0C]
|
|
call [ecx] # MmQueryAddressProtect
|
|
mov esi, eax # esi = prev protection flags
|
|
|
|
push 4 # new protection flags
|
|
push dword [ebx + 4] # size
|
|
push dword [ebx] # base address
|
|
mov ecx, [edi + 0x08]
|
|
call [ecx] # MmSetAddressProtect
|
|
|
|
xor ecx, ecx # ecx = offset
|
|
mov edx, [ebx] # edx = dest addr
|
|
copy_next_byte:
|
|
mov al, [ebx + ecx + 8] # copy one byte to dest
|
|
mov [edx + ecx], al
|
|
inc ecx # offset++
|
|
cmp [ebx + 4], ecx # check if all bytes have been copied
|
|
jne copy_next_byte
|
|
|
|
push esi # new protection flags
|
|
push dword [ebx + 4] # size
|
|
push dword [ebx] # base address
|
|
lea ebx, [ebx + ecx + 8] # advance to next block
|
|
mov ecx, [edi + 0x08]
|
|
call [ecx] # MmSetAddressProtect
|
|
jmp apply_next_patch
|
|
|
|
get_patch_data_ptr:
|
|
call get_patch_data_ptr_ret
|
|
|
|
first_patch_header:
|