[Loader] Add x86 static TLS support

2020-01-10 11:15:22 +01:00 · 2020-01-10 11:15:22 +01:00 · a0835b6877
parent 6aec395e30
commit a0835b6877
3 changed files with 47 additions and 0 deletions
--- a/Src/C3.sln
+++ b/Src/C3.sln
@ -120,6 +120,7 @@ Global
 		{53182258-F40E-4104-AFC6-1F327E556E77}.Debug|x64.Deploy.0 = Debug|x64
 		{53182258-F40E-4104-AFC6-1F327E556E77}.Debug|x86.ActiveCfg = Debug|Win32
 		{53182258-F40E-4104-AFC6-1F327E556E77}.Debug|x86.Build.0 = Debug|Win32
+		{53182258-F40E-4104-AFC6-1F327E556E77}.Debug|x86.Deploy.0 = Debug|Win32
 		{53182258-F40E-4104-AFC6-1F327E556E77}.Release|x64.ActiveCfg = Release|x64
 		{53182258-F40E-4104-AFC6-1F327E556E77}.Release|x64.Build.0 = Release|x64
 		{53182258-F40E-4104-AFC6-1F327E556E77}.Release|x64.Deploy.0 = Release|x64
--- a/Src/CebuLoader/UnexportedWinApi.cpp
+++ b/Src/CebuLoader/UnexportedWinApi.cpp
@ -13,6 +13,7 @@ namespace MWR::Loader::UnexportedWinApi
 	{
 		std::pair<std::string, size_t> GetOsLdrpHandleTlsOffsetData()
 		{
+#if defined _WIN64
 			if (IsWindows10RS3OrGreater())
 			{
 				// LdrpHandleTlsData
@ -54,6 +55,45 @@ namespace MWR::Loader::UnexportedWinApi
 			}
 			else
 				abort(); // TODO
+#elif defined _WIN32
+			if (IsWindows10RS3OrGreater())
+			{
+				auto pattern = "\x8b\xc1\x8d\x4d\xbc\x51";
+				if (IsWindows10RS5OrGreater())
+					pattern = "\x33\xf6\x85\xc0\x79\x03";
+				else if (IsWindows10RS4OrGreater())
+					pattern = "\x8b\xc1\x8d\x4d\xac\x51";
+
+				auto offset = 0x18;
+				if (IsWindows10RS6OrGreater())
+					offset = 0x2E;
+				else if (IsWindows10RS5OrGreater())
+					offset = 0x2C;
+
+				return { pattern, offset };
+			}
+			else if (IsWindows10RS2OrGreater())
+			{
+				return { "\x8b\xc1\x8d\x4d\xbc\x51"s, 0x18 };
+			}
+			else if (IsWindows8Point1OrGreater())
+			{
+				return { "\x50\x6a\x09\x6a\x01\x8b\xc1"s, 0x1B };
+			}
+			else if (IsWindows8OrGreater())
+			{
+				return { "\x8b\x45\x08\x89\x45\xa0"s, 0xC };
+			}
+			else if (IsWindows7OrGreater())
+			{
+				return { "\x74\x20\x8d\x45\xd4\x50\x6a\x09"s, 0x14 };
+			}
+			else
+				abort(); // TODO
+#else
+# error Unsupported architecture
+#endif
+
 		}
 	}

--- a/Src/CebuLoader/UnexportedWinApi.h
+++ b/Src/CebuLoader/UnexportedWinApi.h
@ -26,7 +26,13 @@ namespace MWR::Loader::UnexportedWinApi
 		ULONG TimeDateStamp;
 	};

+#if defined _WIN64
 	typedef DWORD(NTAPI* LdprHandleTlsData)(LDR_DATA_TABLE_ENTRY*);
+#elif defined _WIN32
+	typedef DWORD(__thiscall* LdprHandleTlsData)(LDR_DATA_TABLE_ENTRY*);
+#else
+#error Unsupported architecture
+#endif

 	inline DWORD GetSizeOfImage(UINT_PTR baseAddress)
 	{