add sample_batch_reg

samples/Makefile

@@ -101,6 +101,7 @@ SOURCES += sample_x86.c
 SOURCES += shellcode.c
 SOURCES += mem_apis.c
 SOURCES += sample_x86_32_gdt_and_seg_regs.c
+SOURCES += sample_batch_reg.c
 endif
 ifneq (,$(findstring m68k,$(UNICORN_ARCHS)))
 SOURCES += sample_m68k.c
@@ -114,7 +115,7 @@ all: clean_bins $(BINARY)
 
 clean_bins:
 	rm -rf *.o $(OBJS_ELF) $(BINARY) $(SAMPLEDIR)/*.exe $(SAMPLEDIR)/*.static $(OBJDIR)/lib$(LIBNAME)* $(OBJDIR)/$(LIBNAME)*
-	rm -rf sample_x86 sample_arm sample_arm64 sample_mips sample_sparc sample_ppc sample_m68k shellcode mem_apis sample_x86_32_gdt_and_seg_regs
+	rm -rf sample_x86 sample_arm sample_arm64 sample_mips sample_sparc sample_ppc sample_m68k shellcode mem_apis sample_x86_32_gdt_and_seg_regs sample_batch_reg
 
 clean_libs:
 	rm -rf libunicorn*.so libunicorn*.lib libunicorn*.dylib unicorn*.dll unicorn*.lib

samples/sample_batch_reg.c

@@ -0,0 +1,90 @@
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+#include <unicorn/unicorn.h>
+
+int syscall_abi[] = {UC_X86_REG_RAX, UC_X86_REG_RDI, UC_X86_REG_RSI, UC_X86_REG_RDX, UC_X86_REG_R10, UC_X86_REG_R8, UC_X86_REG_R9};
+uint64_t vals[7] = {200, 10, 11, 12, 13, 14, 15};
+// This part of the API is less... clean... because Unicorn supports arbitrary register types.
+// So the least intrusive solution is passing individual pointers.
+// On the plus side, you only need to make this pointer array once.
+void *ptrs[7];
+
+void uc_perror(const char *func, uc_err err) {
+    fprintf(stderr, "Error in %s(): %s\n", func, uc_strerror(err));
+}
+
+#define BASE 0x10000
+
+// mov rax, 100; mov rdi, 1; mov rsi, 2; mov rdx, 3; mov r10, 4; mov r8, 5; mov r9, 6; syscall
+#define CODE "\x48\xc7\xc0\x64\x00\x00\x00\x48\xc7\xc7\x01\x00\x00\x00\x48\xc7\xc6\x02\x00\x00\x00\x48\xc7\xc2\x03\x00\x00\x00\x49\xc7\xc2\x04\x00\x00\x00\x49\xc7\xc0\x05\x00\x00\x00\x49\xc7\xc1\x06\x00\x00\x00\x0f\x05"
+
+void hook_syscall(uc_engine *uc, void *user_data) {
+    int i;
+    uc_reg_read_batch(uc, syscall_abi, ptrs, 7);
+    printf("syscall: {");
+    for (i = 0; i < 7; i++) {
+        if (i != 0) printf(", ");
+        printf("%llu", vals[i]);
+    }
+    printf("}\n");
+}
+
+void hook_code(uc_engine *uc, uint64_t addr, uint32_t size, void *user_data) {
+    printf("HOOK_CODE: 0x%llx, 0x%x\n", addr, size);
+}
+
+int main() {
+    int i;
+    // set up register pointers
+    for (i = 0; i < 7; i++) {
+        ptrs[i] = &vals[i];
+    }
+
+    uc_err err;
+    uc_engine *uc;
+    if ((err = uc_open(UC_ARCH_X86, UC_MODE_64, &uc))) {
+        uc_perror("uc_open", err);
+        return 1;
+    }
+
+    // reg_write_batch
+    printf("reg_write_batch({200, 10, 11, 12, 13, 14, 15})\n");
+    if ((err = uc_reg_write_batch(uc, syscall_abi, ptrs, 7))) {
+        uc_perror("uc_reg_write_batch", err);
+        return 1;
+    }
+    // reg_read_batch
+    memset(vals, 0, sizeof(vals));
+    if ((err = uc_reg_read_batch(uc, syscall_abi, ptrs, 7))) {
+        uc_perror("uc_reg_read_batch", err);
+        return 1;
+    }
+    printf("reg_read_batch = {");
+    for (i = 0; i < 7; i++) {
+        if (i != 0) printf(", ");
+        printf("%llu", vals[i]);
+    }
+    printf("}\n");
+
+    // syscall
+    printf("\n");
+    printf("running syscall shellcode\n");
+    uc_hook sys_hook;
+    if ((err = uc_hook_add(uc, &sys_hook, UC_HOOK_INSN, hook_syscall, NULL, 1, 0, UC_X86_INS_SYSCALL))) {
+        uc_perror("uc_hook_add", err);
+        return 1;
+    }
+    if ((err = uc_mem_map(uc, BASE, 0x1000, UC_PROT_ALL))) {
+        uc_perror("uc_mem_map", err);
+        return 1;
+    }
+    if ((err = uc_mem_write(uc, BASE, CODE, sizeof(CODE) - 1))) {
+        uc_perror("uc_mem_write", err);
+        return 1;
+    }
+    if ((err = uc_emu_start(uc, BASE, BASE + sizeof(CODE) - 1, 0, 0))) {
+        uc_perror("uc_emu_start", err);
+        return 1;
+    }
+}