More syscalls

momo5502 · Sep 10, 2024 · 920bc9d · 920bc9d
1 parent c4164f4
commit 920bc9d
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 13 deletions.
diff --git a/src/windows_emulator/main.cpp b/src/windows_emulator/main.cpp
@@ -30,7 +30,7 @@
 #define GDT_LIMIT 0x1000
 #define GDT_ENTRY_SIZE 0x8
 
-bool use_gdb = true;
+bool use_gdb = false;
 
 namespace
 {
@@ -591,7 +591,7 @@ namespace
 
 			const auto* binary = context.module_manager.find_by_address(address);
 
-			if (binary && binary->name != "ntdll.dll")
+			if (binary)
 			{
 				const auto export_entry = binary->address_names.find(address);
 				if (export_entry != binary->address_names.end())

diff --git a/src/windows_emulator/syscalls.cpp b/src/windows_emulator/syscalls.cpp
@@ -1023,30 +1023,48 @@ namespace
 		throw std::runtime_error("Bad free type");
 	}
 
-	NTSTATUS handle_NtCreateSection(const syscall_context& c, const emulator_object<uint64_t> section_handle,
+	NTSTATUS handle_NtCreateSection(const syscall_context& /*c*/, const emulator_object<uint64_t> /*section_handle*/,
 	                                const ACCESS_MASK /*desired_access*/,
 	                                const emulator_object<OBJECT_ATTRIBUTES> /*object_attributes*/,
-	                                const emulator_object<LARGE_INTEGER> /*maximum_size*/,
+	                                const emulator_object<ULARGE_INTEGER> /*maximum_size*/,
 	                                const ULONG /*section_page_protection*/, const ULONG /*allocation_attributes*/,
 	                                const uint64_t /*file_handle*/)
 	{
 		puts("NtCreateSection not supported");
-		c.emu.stop();
+		//c.emu.stop();
+		//const auto attributes = object_attributes.read();
+		//const auto object_name = read_unicode_string(c.emu, attributes.ObjectName);
+
+		/*section_handle.write(SHARED_SECTION.bits);
 
-		section_handle.write(SHARED_SECTION.bits);
-		/*
-		maximum_size.access([](LARGE_INTEGER& large_int)
+		maximum_size.access([](ULARGE_INTEGER& large_int)
 		{
 			large_int.QuadPart = page_align_up(large_int.QuadPart);
-		});
-		*/
-		return STATUS_SUCCESS;
+		});*/
+
+		//return STATUS_SUCCESS;
+		return STATUS_NOT_SUPPORTED;
 	}
 
-	NTSTATUS handle_NtConnectPort(const syscall_context& c)
+	NTSTATUS handle_NtConnectPort(const syscall_context& /*c*/)
 	{
 		puts("NtConnectPort not supported");
-		c.emu.stop();
+		//c.emu.stop();
+
+		return STATUS_SUCCESS;
+	}
+
+	NTSTATUS handle_NtReadVirtualMemory(const syscall_context& c, uint64_t process_handle, uint64_t base_address,
+	                                    uint64_t buffer, ULONG number_of_bytes_to_read,
+	                                    const emulator_object<ULONG> number_of_bytes_readed)
+	{
+		puts("NtReadVirtualMemory not supported");
+		//c.emu.stop();
+
+		if (process_handle != ~0ULL)
+		{
+			return STATUS_NOT_SUPPORTED;
+		}
 
 		return STATUS_SUCCESS;
 	}
@@ -1268,6 +1286,7 @@ syscall_dispatcher::syscall_dispatcher(const exported_symbols& ntdll_exports)
 	add_handler(NtWriteFile);
 	add_handler(NtRaiseHardError);
 	add_handler(NtCreateSemaphore);
+	add_handler(NtReadVirtualMemory);
 
 #undef add_handler
 }