From c16e8546521a469e4b7b036276f83f2ab339d0da Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 20:42:46 +0100
Subject: [PATCH 1/7] Fix peb page comment

---
 miasm/os_dep/win_api_x86_32_seh.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/miasm/os_dep/win_api_x86_32_seh.py b/miasm/os_dep/win_api_x86_32_seh.py
index 374a975e7..1d0d875c8 100644
--- a/miasm/os_dep/win_api_x86_32_seh.py
+++ b/miasm/os_dep/win_api_x86_32_seh.py
@@ -130,16 +130,16 @@ def build_peb(jitter, peb_address):
     """
 
     if main_pe:
-        offset, length = peb_address + 8, 4
+        offset, length = 8, 4
     else:
-        offset, length = peb_address + 0xC, 0
+        offset, length = 0xC, 0
     length += 4
 
     jitter.vm.add_memory_page(
-        offset,
+        peb_address + offset,
         PAGE_READ | PAGE_WRITE,
         b"\x00" * length,
-        "PEB"
+        "PEB + 0x%x" % offset
     )
 
     Peb = PEB(jitter.vm, peb_address)

From 18c4392a66877609ee33927ecec773a0fb535539 Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 20:52:28 +0100
Subject: [PATCH 2/7] Rm dbg

---
 miasm/os_dep/win_api_x86_32.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/miasm/os_dep/win_api_x86_32.py b/miasm/os_dep/win_api_x86_32.py
index 7abd03b72..5d6789978 100644
--- a/miasm/os_dep/win_api_x86_32.py
+++ b/miasm/os_dep/win_api_x86_32.py
@@ -757,7 +757,6 @@ def kernel32_VirtualProtect(jitter):
         old = jitter.vm.get_mem_access(args.lpvoid)
         jitter.vm.set_u32(args.lpfloldprotect, ACCESS_DICT_INV[old])
 
-    print("XXX VIRTUALP")
     log.warn("set page %x %x", args.lpvoid, args.dwsize)
     for addr, data in jitter.vm.get_all_memory().items():
         size = data["size"]

From cdeed6969c2d10dc11346a598e7d3cba0930757b Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 21:03:31 +0100
Subject: [PATCH 3/7] Core/Interval: Add explicit api for interval

---
 miasm/core/interval.py | 43 +++++++++++++++++++++++++++++++++---------
 1 file changed, 34 insertions(+), 9 deletions(-)

diff --git a/miasm/core/interval.py b/miasm/core/interval.py
index 06dc546f5..172197c01 100644
--- a/miasm/core/interval.py
+++ b/miasm/core/interval.py
@@ -125,16 +125,26 @@ def __eq__(self, i):
     def __ne__(self, other):
         return not self.__eq__(other)
 
-    def __add__(self, i):
-        if isinstance(i, interval):
-            i = i.intervals
-        i = interval(self.intervals + i)
-        return i
+    def union(self, other):
+        """
+        Return the union of intervals
+        @other: interval instance
+        """
+
+        if isinstance(other, interval):
+            other = other.intervals
+        other = interval(self.intervals + other)
+        return other
+
+    def difference(self, other):
+        """
+        Return the difference of intervals
+        @other: interval instance
+        """
 
-    def __sub__(self, v):
         to_test = self.intervals[:]
         i = -1
-        to_del = v.intervals[:]
+        to_del = other.intervals[:]
         while i < len(to_test) - 1:
             i += 1
             x = to_test[i]
@@ -181,12 +191,17 @@ def __sub__(self, v):
                     raise ValueError('unknown state', rez)
         return interval(to_test)
 
-    def __and__(self, v):
+    def intersection(self, other):
+        """
+        Return the intersection of intervals
+        @other: interval instance
+        """
+
         out = []
         for x in self.intervals:
             if x[0] > x[1]:
                 continue
-            for y in v.intervals:
+            for y in other.intervals:
                 rez = cmp_interval(x, y)
 
                 if rez == INT_DISJOIN:
@@ -214,6 +229,16 @@ def __and__(self, v):
                     raise ValueError('unknown state', rez)
         return interval(out)
 
+
+    def __add__(self, other):
+        return self.union(other)
+
+    def __and__(self, other):
+        return self.intersection(other)
+
+    def __sub__(self, other):
+        return self.difference(other)
+
     def hull(self):
         "Return the first and the last bounds of intervals"
         if not self.intervals:

From 1719d332bcc550e926da3f6b86150dc99640d44c Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 21:05:39 +0100
Subject: [PATCH 4/7] Loader/Pe: fix py2/py3 str

---
 miasm/jitter/loader/pe.py | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/miasm/jitter/loader/pe.py b/miasm/jitter/loader/pe.py
index 09319664f..9bd488773 100644
--- a/miasm/jitter/loader/pe.py
+++ b/miasm/jitter/loader/pe.py
@@ -30,12 +30,8 @@ def get_pe_dependencies(pe_obj):
     out = set()
     for dependency in pe_obj.DirImport.impdesc:
         libname = dependency.dlldescname.name.lower()
-        # transform bytes to chr
-        if isinstance(libname, bytes):
-            libname_str = ''
-            for c in libname:
-                libname_str += chr(c)
-            libname = libname_str
+        # transform bytes to str
+        libname = force_str(libname)
         out.add(libname)
 
     # If binary has redirected export, add dependencies

From 2befc53c407747568ca742c007815341ef104c69 Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 21:07:53 +0100
Subject: [PATCH 5/7] Loader/utils: less debug

---
 miasm/jitter/loader/utils.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/miasm/jitter/loader/utils.py b/miasm/jitter/loader/utils.py
index b165960dc..fbe387929 100644
--- a/miasm/jitter/loader/utils.py
+++ b/miasm/jitter/loader/utils.py
@@ -8,7 +8,7 @@
 hnd = logging.StreamHandler()
 hnd.setFormatter(logging.Formatter("[%(levelname)s]: %(message)s"))
 log.addHandler(hnd)
-log.setLevel(logging.DEBUG)
+log.setLevel(logging.INFO)
 
 
 def canon_libname_libfunc(libname, libfunc):
@@ -39,9 +39,9 @@ def lib_get_add_base(self, name):
         assert isinstance(name, basestring)
         name = name.lower().strip(' ')
         if not "." in name:
-            log.debug('warning adding .dll to modulename')
+            log.warning('warning adding .dll to modulename')
             name += '.dll'
-            log.debug(name)
+            log.warning(name)
 
         if name in self.name2off:
             ad = self.name2off[name]

From 029f197de9a6c471b508b171134df778e68a0ae7 Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 21:13:16 +0100
Subject: [PATCH 6/7] Jitter: add 'run' API

---
 example/jitter/x86_32.py |  3 +--
 miasm/jitter/jitload.py  | 10 ++++++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/example/jitter/x86_32.py b/example/jitter/x86_32.py
index c2273b690..cee9241af 100644
--- a/example/jitter/x86_32.py
+++ b/example/jitter/x86_32.py
@@ -29,5 +29,4 @@ def code_sentinelle(jitter):
 
 myjit.add_breakpoint(0x1337beef, code_sentinelle)
 
-myjit.init_run(run_addr)
-myjit.continue_run()
+myjit.run(run_addr)
diff --git a/miasm/jitter/jitload.py b/miasm/jitter/jitload.py
index e8277e346..017dbde3d 100644
--- a/miasm/jitter/jitload.py
+++ b/miasm/jitter/jitload.py
@@ -413,6 +413,16 @@ def continue_run(self, step=False):
 
         return None
 
+
+    def run(self, addr):
+        """
+        Launch emulation
+        @addr: (int) start address
+        """
+        self.init_run(addr)
+        return self.continue_run()
+
+
     def init_stack(self):
         self.vm.add_memory_page(
             self.stack_base,

From 87dba497998a5c33b6780dca0cc128b0aaa27ce4 Mon Sep 17 00:00:00 2001
From: Fabrice Desclaux <fabrice.desclaux@cea.fr>
Date: Mon, 25 Nov 2019 21:30:31 +0100
Subject: [PATCH 7/7] PE: API returns None on bad traduction addreses

---
 miasm/jitter/loader/pe.py |  8 ++++++--
 miasm/loader/pe_init.py   | 24 ++++++++++++++++++------
 2 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/miasm/jitter/loader/pe.py b/miasm/jitter/loader/pe.py
index 9bd488773..02558e6c3 100644
--- a/miasm/jitter/loader/pe.py
+++ b/miasm/jitter/loader/pe.py
@@ -323,8 +323,12 @@ def vm2pe(myjit, fname, libs=None, e_orig=None,
     addrs = list(all_mem)
     addrs.sort()
     entry_point = mye.virt2rva(myjit.pc)
-    if not 0 < entry_point < 0xFFFFFFFF:
-        raise ValueError("Cannot compute a valid entry point RVA")
+    if entry_point is None or not 0 < entry_point < 0xFFFFFFFF:
+        raise ValueError(
+            "Current pc (0x%x) used as entry point seems to be out of the binary" %
+            myjit.pc
+        )
+
     mye.Opthdr.AddressOfEntryPoint = entry_point
     first = True
     for ad in addrs:
diff --git a/miasm/loader/pe_init.py b/miasm/loader/pe_init.py
index 74192849e..f5baa9a51 100644
--- a/miasm/loader/pe_init.py
+++ b/miasm/loader/pe_init.py
@@ -476,18 +476,30 @@ def off2rva(self, off):
             return
         return off - section.offset + section.addr
 
-    def virt2rva(self, virt):
-        if virt is None:
-            return
-        return virt - self.NThdr.ImageBase
+    def virt2rva(self, addr):
+        """
+        Return rva of virtual address @addr; None if addr is below ImageBase
+        """
+        if addr is None:
+            return None
+        rva = addr - self.NThdr.ImageBase
+        if rva < 0:
+            return None
+        return rva
 
     def rva2virt(self, rva):
         if rva is None:
             return
         return rva + self.NThdr.ImageBase
 
-    def virt2off(self, virt):
-        return self.rva2off(self.virt2rva(virt))
+    def virt2off(self, addr):
+        """
+        Return offset of virtual address @addr
+        """
+        rva = self.virt2rva(addr)
+        if rva is None:
+            return None
+        return self.rva2off(rva)
 
     def off2virt(self, off):
         return self.rva2virt(self.off2rva(off))