From 129cb0b3cd57a96821b05ee8191c92a485a77b91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A1szl=C3=B3=20Moln=C3=A1r?= Date: Tue, 4 Mar 2014 23:51:59 +0100 Subject: [PATCH] pe: packing of pe64 starts to work again --- src/p_w64pep.cpp | 8 +- src/pefile.cpp | 33 ++- src/pefile.h | 6 +- src/stub/amd64-win64.pep.h | 295 +++++++++++++------------- src/stub/src/amd64-win64.pep.S | 8 +- src/stub/tmp/amd64-win64.pep.bin.dump | 8 +- 6 files changed, 181 insertions(+), 177 deletions(-) diff --git a/src/p_w64pep.cpp b/src/p_w64pep.cpp index f1881b90..f27c0d5c 100644 --- a/src/p_w64pep.cpp +++ b/src/p_w64pep.cpp @@ -290,17 +290,17 @@ void PackW64Pep::defineSymbols(unsigned ncsection, unsigned upxsection, linker->defineSymbol("vp_size", ((addr & 0xfff) + 0x28 >= 0x1000) ? 0x2000 : 0x1000); // 2 pages or 1 page linker->defineSymbol("vp_base", addr &~ 0xfff); // page mask - linker->defineSymbol("VirtualProtect", myimport + + linker->defineSymbol("VirtualProtect", ilinkerGetAddress("kernel32.dll", "VirtualProtect")); } linker->defineSymbol("start_of_relocs", crelocs); if (!isdll) - linker->defineSymbol("ExitProcess", myimport + + linker->defineSymbol("ExitProcess", ilinkerGetAddress("kernel32.dll", "ExitProcess")); - linker->defineSymbol("GetProcAddress", myimport + + linker->defineSymbol("GetProcAddress", ilinkerGetAddress("kernel32.dll", "GetProcAddress")); linker->defineSymbol("kernel32_ordinals", myimport); - linker->defineSymbol("LoadLibraryA", myimport + + linker->defineSymbol("LoadLibraryA", ilinkerGetAddress("kernel32.dll", "LoadLibraryA")); linker->defineSymbol("start_of_imports", myimport); linker->defineSymbol("compressed_imports", cimports); diff --git a/src/pefile.cpp b/src/pefile.cpp index 0cbffad7..32e8a5be 100644 --- a/src/pefile.cpp +++ b/src/pefile.cpp @@ -361,7 +361,7 @@ void PeFile::Reloc::finish(upx_byte *&p,unsigned &siz) p = start; siz = ptr_diff(rel1,start) &~ 3; siz -= 8; - assert(siz > 0); + // siz can be 0 in 64-bit mode // assert(siz > 0); start = 0; // safety } @@ -849,7 +849,7 @@ void PeFile::processImports(unsigned myimport, unsigned) // pass 2 } template -unsigned PeFile::processImports(ord_mask_t ord_mask) // pass 1 +unsigned PeFile::processImports0(ord_mask_t ord_mask) // pass 1 { static const unsigned char kernel32dll[] = "KERNEL32.DLL"; @@ -2004,7 +2004,7 @@ void PeFile::readSectionHeaders(unsigned objs, unsigned sizeof_ih) void PeFile::checkHeaderValues(unsigned subsystem, unsigned mask, unsigned ih_entry, unsigned ih_filealign) { - if ((1u << subsystem) & mask) + if ((1u << subsystem) & ~mask) { char buf[100]; upx_snprintf(buf, sizeof(buf), "PE: subsystem %u is not supported", @@ -2322,7 +2322,7 @@ void PeFile::pack0(OutputFile *fo, ht &ih, ht &oh, if (rel_at_sections_start) callProcessRelocs(rel, ic); - PeFile::processImports(ic, getProcessImportParam(upxsection)); + processImports(ic, getProcessImportParam(upxsection)); ODADDR(PEDIR_IMPORT) = ic; ODSIZE(PEDIR_IMPORT) = soimpdlls; ic += soimpdlls; @@ -2389,16 +2389,15 @@ void PeFile::pack0(OutputFile *fo, ht &ih, ht &oh, { osection[1].vsize = (osection[1].size + oam1) &~ oam1; osection[2].vsize = (osection[2].size + ncsize_virt_increase + oam1) &~ oam1; - oh.imagesize = (osection[3].vaddr + osection[3].vsize + oam1) &~ oam1; + oh.imagesize = osection[2].vaddr + osection[2].vsize; osection[0].rawdataptr = (pe_offset + sizeof(oh) + sizeof(osection) + fam1) &~ fam1; osection[1].rawdataptr = osection[0].rawdataptr; - osection[2].rawdataptr = osection[1].rawdataptr + osection[1].size; } else { osection[1].vsize = osection[1].size; osection[2].vsize = osection[2].size; - oh.imagesize = osection[2].vaddr + osection[2].vsize; + oh.imagesize = (osection[3].vaddr + osection[3].vsize + oam1) &~ oam1; osection[0].rawdataptr = 0; osection[1].rawdataptr = (pe_offset + sizeof(oh) + sizeof(osection) + fam1) &~ fam1; } @@ -2751,8 +2750,8 @@ void PeFile::rebuildImports(upx_byte *& extrainfo, } template -void PeFile::unpack(OutputFile *fo, const ht &ih, ht &oh, - ord_mask_t ord_mask, bool set_oft) +void PeFile::unpack0(OutputFile *fo, const ht &ih, ht &oh, + ord_mask_t ord_mask, bool set_oft) { //infoHeader("[Processing %s, format %s, %d sections]", fn_basename(fi->getName()), getName(), objs); @@ -2987,7 +2986,7 @@ void PeFile32::pack0(OutputFile *fo, unsigned subsystem_mask, void PeFile32::unpack(OutputFile *fo) { bool set_oft = getFormat() == UPX_F_WINCE_ARM_PE; - super::unpack(fo, ih, oh, 1U << 31, set_oft); + unpack0(fo, ih, oh, 1U << 31, set_oft); } int PeFile32::canUnpack() @@ -2998,17 +2997,17 @@ int PeFile32::canUnpack() unsigned PeFile32::processImports() // pass 1 { - return super::processImports(1u << 31); + return processImports0(1u << 31); } void PeFile32::processTls(Interval *iv) { - super::processTls1(iv, ih.imagebase, ih.imagesize); + processTls1(iv, ih.imagebase, ih.imagesize); } void PeFile32::processTls(Reloc *r, const Interval *iv, unsigned a) { - super::processTls2(r, iv, a, ih.imagebase); + processTls2(r, iv, a, ih.imagebase); } /************************************************************************* @@ -3041,7 +3040,7 @@ void PeFile64::pack0(OutputFile *fo, unsigned subsystem_mask, void PeFile64::unpack(OutputFile *fo) { - super::unpack(fo, ih, oh, 1ULL << 63, false); + unpack0(fo, ih, oh, 1ULL << 63, false); } int PeFile64::canUnpack() @@ -3051,17 +3050,17 @@ int PeFile64::canUnpack() unsigned PeFile64::processImports() // pass 1 { - return super::processImports(1ULL << 63); + return processImports0(1ULL << 63); } void PeFile64::processTls(Interval *iv) { - super::processTls1(iv, ih.imagebase, ih.imagesize); + processTls1(iv, ih.imagebase, ih.imagesize); } void PeFile64::processTls(Reloc *r, const Interval *iv, unsigned a) { - super::processTls2(r, iv, a, ih.imagebase); + processTls2(r, iv, a, ih.imagebase); } /* diff --git a/src/pefile.h b/src/pefile.h index 37bf6acb..f91cc634 100644 --- a/src/pefile.h +++ b/src/pefile.h @@ -77,8 +77,8 @@ protected: bool last_section_rsrc_only); template - void unpack(OutputFile *fo, const ht &ih, ht &oh, - ord_mask_t ord_mask, bool set_oft); + void unpack0(OutputFile *fo, const ht &ih, ht &oh, + ord_mask_t ord_mask, bool set_oft); // unpacker capabilities virtual bool canUnpackVersion(int version) const @@ -95,7 +95,7 @@ protected: unsigned pe_offset; template - unsigned processImports(ord_mask_t ord_mask); + unsigned processImports0(ord_mask_t ord_mask); template void rebuildImports(upx_byte *& extrainfo, diff --git a/src/stub/amd64-win64.pep.h b/src/stub/amd64-win64.pep.h index 999b6a8f..7df239ec 100644 --- a/src/stub/amd64-win64.pep.h +++ b/src/stub/amd64-win64.pep.h @@ -1,5 +1,5 @@ /* amd64-win64.pep.h - created from amd64-win64.pep.bin, 21168 (0x52b0) bytes + created from amd64-win64.pep.bin, 21244 (0x52fc) bytes This file is part of the UPX executable compressor. @@ -31,11 +31,11 @@ */ -#define STUB_AMD64_WIN64_PEP_SIZE 21168 -#define STUB_AMD64_WIN64_PEP_ADLER32 0x11b3b4f8 -#define STUB_AMD64_WIN64_PEP_CRC32 0xa0ed3bbf +#define STUB_AMD64_WIN64_PEP_SIZE 21244 +#define STUB_AMD64_WIN64_PEP_ADLER32 0x8f35c2d8 +#define STUB_AMD64_WIN64_PEP_CRC32 0x26033695 -unsigned char stub_amd64_win64_pep[21168] = { +unsigned char stub_amd64_win64_pep[21244] = { /* 0x0000 */ 127, 69, 76, 70, 2, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0010 */ 1, 0, 62, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0020 */ 0, 0, 0, 0, 0, 0, 0, 0,176, 27, 0, 0, 0, 0, 0, 0, @@ -414,20 +414,20 @@ unsigned char stub_amd64_win64_pep[21168] = { /* 0x1770 */ 233, 4,138, 7, 72,131,199, 1, 72,255,201,117,217,235, 5, 72, /* 0x1780 */ 255,201,117,190, 72,131,236, 40, 72,141,190, 0, 0, 0, 0,139, /* 0x1790 */ 7, 9,192,116,255,139, 95, 4, 72,141,140, 48, 0, 0, 0, 0, -/* 0x17a0 */ 72, 1,243, 72,131,199, 8,255,150, 0, 0, 0, 0, 72,149,138, +/* 0x17a0 */ 72, 1,243, 72,131,199, 8,255, 21, 0, 0, 0, 0, 72,149,138, /* 0x17b0 */ 7, 72,255,199, 8,192,116,215,121,255,122, 16,139, 7, 72,131, /* 0x17c0 */ 199, 4, 72,139,132, 48, 0, 0, 0, 0,235,255, 72, 15,183, 23, /* 0x17d0 */ 72,131,199, 2,235,255, 72,137,249, 72,137,250,255,200,242,174, -/* 0x17e0 */ 72,137,233,255,150, 0, 0, 0, 0, 72, 9,192,116, 9, 72,137, +/* 0x17e0 */ 72,137,233,255, 21, 0, 0, 0, 0, 72, 9,192,116, 9, 72,137, /* 0x17f0 */ 3, 72,131,195, 8,235,255, 72,131,196, 40, 93, 95, 94, 91, 49, -/* 0x1800 */ 192,195,255,166, 0, 0, 0, 0, 72,131,196, 40, 72,141,190, 0, +/* 0x1800 */ 192,195,255, 37, 0, 0, 0, 0, 72,131,196, 40, 72,141,190, 0, /* 0x1810 */ 0, 0, 0, 72,131,199, 4, 72,141, 94,252, 49,192,138, 7, 72, /* 0x1820 */ 255,199, 9,192,116,255, 60,239,119, 17, 72, 1,195, 72,139, 3, /* 0x1830 */ 72, 15,200, 72, 1,240, 72,137, 3,235,224, 36, 15,193,224, 16, /* 0x1840 */ 102,139, 7, 72,131,199, 2, 9,192,117,255,139, 7, 72,131,199, /* 0x1850 */ 4,235,255, 72,135,247, 72,141,143, 0, 0, 0, 0,235, 4,102, /* 0x1860 */ 1, 12, 7,173, 9,192,117,247,193,233, 16,235, 4,102, 1, 12, -/* 0x1870 */ 7,173, 9,192,117,247, 72,139,174, 0, 0, 0, 0, 72,141,190, +/* 0x1870 */ 7,173, 9,192,117,247, 72,139, 45, 0, 0, 0, 0, 72,141,190, /* 0x1880 */ 0, 0, 0, 0,187, 0, 0, 0,128, 80, 73,137,225, 65,184, 4, /* 0x1890 */ 0, 0, 0, 72,137,218, 72,137,249, 72,131,236, 32,255,213, 72, /* 0x18a0 */ 141,135, 0, 0, 0, 0,128, 32,127,128, 96, 40,127, 76,141, 76, @@ -1223,140 +1223,145 @@ unsigned char stub_amd64_win64_pep[21168] = { /* 0x4a00 */ 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32,115,116, /* 0x4a10 */ 97,114,116, 95,111,102, 95,105,109,112,111,114,116,115, 10, 48, /* 0x4a20 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 50, 53, 32, -/* 0x4a30 */ 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, -/* 0x4a40 */ 32, 32, 76,111, 97,100, 76,105, 98,114, 97,114,121, 65, 10, 10, -/* 0x4a50 */ 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, -/* 0x4a60 */ 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 73, 66, 89, 79, 82, 68, -/* 0x4a70 */ 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, -/* 0x4a80 */ 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x4a90 */ 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, -/* 0x4aa0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 49, 32, 82, 95, 88, -/* 0x4ab0 */ 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, 32, 98, -/* 0x4ac0 */ 121,110, 97,109,101, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, -/* 0x4ad0 */ 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, -/* 0x4ae0 */ 69, 75, 51, 50, 79, 82, 68, 93, 58, 10, 79, 70, 70, 83, 69, 84, -/* 0x4af0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, -/* 0x4b00 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, -/* 0x4b10 */ 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4b20 */ 48, 48, 99, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, 50, 83, -/* 0x4b30 */ 32, 32, 32, 32, 32, 32,107,101,114,110,101,108, 51, 50, 95,111, -/* 0x4b40 */ 114,100,105,110, 97,108,115, 10, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4b50 */ 48, 48, 48, 48, 48, 48, 49, 49, 32, 82, 95, 88, 56, 54, 95, 54, -/* 0x4b60 */ 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, 32,110,101,120,116, 95, -/* 0x4b70 */ 105,109,112, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, -/* 0x4b80 */ 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 73, -/* 0x4b90 */ 77, 79, 82, 68, 49, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, -/* 0x4ba0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, -/* 0x4bb0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, -/* 0x4bc0 */ 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4bd0 */ 57, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, -/* 0x4be0 */ 32, 32, 32, 32,102,105,114,115,116, 95,105,109,112, 10, 10, 82, -/* 0x4bf0 */ 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, -/* 0x4c00 */ 83, 32, 70, 79, 82, 32, 91, 80, 69, 73, 77, 80, 79, 82, 50, 93, -/* 0x4c10 */ 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x4c20 */ 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x4c30 */ 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, -/* 0x4c40 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48,102, 32, 82, 95, 88, 56, -/* 0x4c50 */ 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32, 71,101, -/* 0x4c60 */ 116, 80,114,111, 99, 65,100,100,114,101,115,115, 10, 48, 48, 48, -/* 0x4c70 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 50, 48, 32, 82, 95, -/* 0x4c80 */ 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, 32, -/* 0x4c90 */ 110,101,120,116, 95,102,117,110, 99, 10, 10, 82, 69, 76, 79, 67, -/* 0x4ca0 */ 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, -/* 0x4cb0 */ 82, 32, 91, 80, 69, 73, 69, 82, 69, 88, 69, 93, 58, 10, 79, 70, -/* 0x4cc0 */ 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, -/* 0x4cd0 */ 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x4ce0 */ 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4cf0 */ 48, 48, 48, 48, 48, 48, 50, 32, 82, 95, 88, 56, 54, 95, 54, 52, -/* 0x4d00 */ 95, 51, 50, 83, 32, 32, 32, 32, 32, 32, 69,120,105,116, 80,114, -/* 0x4d10 */ 111, 99,101,115,115, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, -/* 0x4d20 */ 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, -/* 0x4d30 */ 69, 82, 69, 76, 79, 67, 49, 93, 58, 10, 79, 70, 70, 83, 69, 84, -/* 0x4d40 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, -/* 0x4d50 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, -/* 0x4d60 */ 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4d70 */ 48, 48, 51, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, 50, 83, -/* 0x4d80 */ 32, 32, 32, 32, 32, 32,115,116, 97,114,116, 95,111,102, 95,114, -/* 0x4d90 */ 101,108,111, 99,115, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, -/* 0x4da0 */ 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, -/* 0x4db0 */ 69, 82, 69, 76, 79, 67, 51, 93, 58, 10, 79, 70, 70, 83, 69, 84, -/* 0x4dc0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, -/* 0x4dd0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, -/* 0x4de0 */ 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4df0 */ 48, 48,101, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, -/* 0x4e00 */ 32, 32, 32, 32, 32, 32,114,101,108,111, 99, 95,101,110,100,120, -/* 0x4e10 */ 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, -/* 0x4e20 */ 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 82, 69, 76, 54, 52, 66, -/* 0x4e30 */ 73, 71, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, -/* 0x4e40 */ 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, -/* 0x4e50 */ 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, -/* 0x4e60 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 51, 32, 82, -/* 0x4e70 */ 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, -/* 0x4e80 */ 32,114,101,108,111, 99, 95, 97,100,100, 10, 10, 82, 69, 76, 79, -/* 0x4e90 */ 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, -/* 0x4ea0 */ 79, 82, 32, 91, 82, 69, 76, 79, 67, 54, 52, 74, 93, 58, 10, 79, -/* 0x4eb0 */ 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x4ec0 */ 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x4ed0 */ 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4ee0 */ 48, 48, 48, 48, 48, 48, 48, 49, 32, 82, 95, 88, 56, 54, 95, 54, -/* 0x4ef0 */ 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, 32,114,101,108,111, 99, -/* 0x4f00 */ 95, 97,100,100, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, -/* 0x4f10 */ 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, -/* 0x4f20 */ 82, 76, 79, 72, 73, 48, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, -/* 0x4f30 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, -/* 0x4f40 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, -/* 0x4f50 */ 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x4f60 */ 48, 54, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, 50, 83, 32, -/* 0x4f70 */ 32, 32, 32, 32, 32,114,101,108,111, 99, 95,100,101,108,116, 10, -/* 0x4f80 */ 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, -/* 0x4f90 */ 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 68, 69, 80, 72, 65, -/* 0x4fa0 */ 75, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, -/* 0x4fb0 */ 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, -/* 0x4fc0 */ 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, -/* 0x4fd0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 51, 32, 82, 95, -/* 0x4fe0 */ 88, 56, 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32, -/* 0x4ff0 */ 86,105,114,116,117, 97,108, 80,114,111,116,101, 99,116, 10, 48, -/* 0x5000 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 97, 32, -/* 0x5010 */ 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, -/* 0x5020 */ 32, 32,118,112, 95, 98, 97,115,101, 10, 48, 48, 48, 48, 48, 48, -/* 0x5030 */ 48, 48, 48, 48, 48, 48, 48, 48, 48,102, 32, 82, 95, 88, 56, 54, -/* 0x5040 */ 95, 54, 52, 95, 51, 50, 32, 32, 32, 32, 32, 32, 32,118,112, 95, -/* 0x5050 */ 115,105,122,101, 43, 48,120, 48, 48, 48, 48, 48, 48, 48, 48, 56, -/* 0x5060 */ 48, 48, 48, 48, 48, 48, 48, 10, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x5070 */ 48, 48, 48, 48, 48, 48, 50, 99, 32, 82, 95, 88, 56, 54, 95, 54, -/* 0x5080 */ 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32,115,119,114,105, 10, -/* 0x5090 */ 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, -/* 0x50a0 */ 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 84, 76, 83, 67, 93, -/* 0x50b0 */ 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x50c0 */ 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x50d0 */ 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, -/* 0x50e0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 50, 32, 82, 95, 88, 56, -/* 0x50f0 */ 54, 95, 54, 52, 95, 80, 67, 51, 50, 32, 32, 32, 32, 32, 80, 69, -/* 0x5100 */ 84, 76, 83, 67, 50, 45, 48,120, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x5110 */ 48, 48, 48, 48, 48, 48, 48, 53, 10, 48, 48, 48, 48, 48, 48, 48, -/* 0x5120 */ 48, 48, 48, 48, 48, 48, 48, 48, 97, 32, 82, 95, 88, 56, 54, 95, -/* 0x5130 */ 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32,116,108,115, 95, -/* 0x5140 */ 109,111,100,117,108,101, 95, 98, 97,115,101, 10, 48, 48, 48, 48, -/* 0x5150 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 49, 54, 32, 82, 95, 88, -/* 0x5160 */ 56, 54, 95, 54, 52, 95, 80, 67, 51, 50, 32, 32, 32, 32, 32, 80, -/* 0x5170 */ 69, 84, 76, 83, 67, 50, 45, 48,120, 48, 48, 48, 48, 48, 48, 48, -/* 0x5180 */ 48, 48, 48, 48, 48, 48, 48, 48, 52, 10, 10, 82, 69, 76, 79, 67, -/* 0x5190 */ 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, -/* 0x51a0 */ 82, 32, 91, 80, 69, 68, 79, 74, 85, 77, 80, 93, 58, 10, 79, 70, -/* 0x51b0 */ 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, -/* 0x51c0 */ 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x51d0 */ 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x51e0 */ 48, 48, 48, 48, 48, 48, 49, 32, 82, 95, 88, 56, 54, 95, 54, 52, -/* 0x51f0 */ 95, 80, 67, 51, 50, 32, 32, 32, 32, 32,111,114,105,103,105,110, -/* 0x5200 */ 97,108, 95,101,110,116,114,121, 45, 48,120, 48, 48, 48, 48, 48, -/* 0x5210 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 52, 10, 10, 82, 69, 76, -/* 0x5220 */ 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, -/* 0x5230 */ 70, 79, 82, 32, 91, 80, 69, 84, 76, 83, 67, 50, 93, 58, 10, 79, -/* 0x5240 */ 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x5250 */ 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, -/* 0x5260 */ 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, -/* 0x5270 */ 48, 48, 48, 48, 48, 48, 48, 53, 32, 82, 95, 88, 56, 54, 95, 54, -/* 0x5280 */ 52, 95, 80, 67, 51, 50, 32, 32, 32, 32, 32,116,108,115, 95, 99, -/* 0x5290 */ 97,108,108, 98, 97, 99,107,115, 95,112,116,114, 45, 48,120, 48, -/* 0x52a0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 52, 10 +/* 0x4a30 */ 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 51, 50, 32, 32, 32, +/* 0x4a40 */ 32, 32, 76,111, 97,100, 76,105, 98,114, 97,114,121, 65, 45, 48, +/* 0x4a50 */ 120, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4a60 */ 52, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, +/* 0x4a70 */ 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 73, 66, 89, +/* 0x4a80 */ 79, 82, 68, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, +/* 0x4a90 */ 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, +/* 0x4aa0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, +/* 0x4ab0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 49, 32, +/* 0x4ac0 */ 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, 32, 32, +/* 0x4ad0 */ 32, 32, 98,121,110, 97,109,101, 10, 10, 82, 69, 76, 79, 67, 65, +/* 0x4ae0 */ 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, +/* 0x4af0 */ 32, 91, 80, 69, 75, 51, 50, 79, 82, 68, 93, 58, 10, 79, 70, 70, +/* 0x4b00 */ 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, +/* 0x4b10 */ 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x4b20 */ 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4b30 */ 48, 48, 48, 48, 48, 99, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, +/* 0x4b40 */ 51, 50, 83, 32, 32, 32, 32, 32, 32,107,101,114,110,101,108, 51, +/* 0x4b50 */ 50, 95,111,114,100,105,110, 97,108,115, 10, 48, 48, 48, 48, 48, +/* 0x4b60 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 49, 49, 32, 82, 95, 88, 56, +/* 0x4b70 */ 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, 32,110,101, +/* 0x4b80 */ 120,116, 95,105,109,112, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, +/* 0x4b90 */ 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, +/* 0x4ba0 */ 80, 69, 73, 77, 79, 82, 68, 49, 93, 58, 10, 79, 70, 70, 83, 69, +/* 0x4bb0 */ 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, +/* 0x4bc0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, +/* 0x4bd0 */ 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4be0 */ 48, 48, 48, 57, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, +/* 0x4bf0 */ 56, 32, 32, 32, 32, 32, 32,102,105,114,115,116, 95,105,109,112, +/* 0x4c00 */ 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, +/* 0x4c10 */ 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 73, 77, 80, 79, +/* 0x4c20 */ 82, 50, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, +/* 0x4c30 */ 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, +/* 0x4c40 */ 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, +/* 0x4c50 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48,102, 32, 82, +/* 0x4c60 */ 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 51, 50, 32, 32, 32, 32, +/* 0x4c70 */ 32, 71,101,116, 80,114,111, 99, 65,100,100,114,101,115,115, 45, +/* 0x4c80 */ 48,120, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4c90 */ 48, 52, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4ca0 */ 48, 50, 48, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, +/* 0x4cb0 */ 32, 32, 32, 32, 32, 32,110,101,120,116, 95,102,117,110, 99, 10, +/* 0x4cc0 */ 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, +/* 0x4cd0 */ 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 73, 69, 82, 69, 88, +/* 0x4ce0 */ 69, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, +/* 0x4cf0 */ 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, +/* 0x4d00 */ 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, +/* 0x4d10 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 50, 32, 82, 95, +/* 0x4d20 */ 88, 56, 54, 95, 54, 52, 95, 80, 67, 51, 50, 32, 32, 32, 32, 32, +/* 0x4d30 */ 69,120,105,116, 80,114,111, 99,101,115,115, 45, 48,120, 48, 48, +/* 0x4d40 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 52, 10, 10, +/* 0x4d50 */ 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, +/* 0x4d60 */ 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 82, 69, 76, 79, 67, 49, +/* 0x4d70 */ 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, +/* 0x4d80 */ 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x4d90 */ 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, +/* 0x4da0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 51, 32, 82, 95, 88, +/* 0x4db0 */ 56, 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32,115, +/* 0x4dc0 */ 116, 97,114,116, 95,111,102, 95,114,101,108,111, 99,115, 10, 10, +/* 0x4dd0 */ 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, +/* 0x4de0 */ 68, 83, 32, 70, 79, 82, 32, 91, 80, 69, 82, 69, 76, 79, 67, 51, +/* 0x4df0 */ 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, +/* 0x4e00 */ 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x4e10 */ 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, +/* 0x4e20 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48,101, 32, 82, 95, 88, +/* 0x4e30 */ 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, 32, 32, 32, 32,114, +/* 0x4e40 */ 101,108,111, 99, 95,101,110,100,120, 10, 10, 82, 69, 76, 79, 67, +/* 0x4e50 */ 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, +/* 0x4e60 */ 82, 32, 91, 82, 69, 76, 54, 52, 66, 73, 71, 93, 58, 10, 79, 70, +/* 0x4e70 */ 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, +/* 0x4e80 */ 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x4e90 */ 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4ea0 */ 48, 48, 48, 48, 48, 48, 51, 32, 82, 95, 88, 56, 54, 95, 54, 52, +/* 0x4eb0 */ 95, 80, 67, 56, 32, 32, 32, 32, 32, 32,114,101,108,111, 99, 95, +/* 0x4ec0 */ 97,100,100, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, +/* 0x4ed0 */ 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 82, 69, 76, +/* 0x4ee0 */ 79, 67, 54, 52, 74, 93, 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, +/* 0x4ef0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, +/* 0x4f00 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, +/* 0x4f10 */ 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x4f20 */ 49, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 56, 32, 32, +/* 0x4f30 */ 32, 32, 32, 32,114,101,108,111, 99, 95, 97,100,100, 10, 10, 82, +/* 0x4f40 */ 69, 76, 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, +/* 0x4f50 */ 83, 32, 70, 79, 82, 32, 91, 80, 69, 82, 76, 79, 72, 73, 48, 93, +/* 0x4f60 */ 58, 10, 79, 70, 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x4f70 */ 32, 32, 32, 84, 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x4f80 */ 32, 32, 32, 32, 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, +/* 0x4f90 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 54, 32, 82, 95, 88, 56, +/* 0x4fa0 */ 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32,114,101, +/* 0x4fb0 */ 108,111, 99, 95,100,101,108,116, 10, 10, 82, 69, 76, 79, 67, 65, +/* 0x4fc0 */ 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, +/* 0x4fd0 */ 32, 91, 80, 69, 68, 69, 80, 72, 65, 75, 93, 58, 10, 79, 70, 70, +/* 0x4fe0 */ 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, +/* 0x4ff0 */ 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x5000 */ 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5010 */ 48, 48, 48, 48, 48, 51, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, +/* 0x5020 */ 80, 67, 51, 50, 32, 32, 32, 32, 32, 86,105,114,116,117, 97,108, +/* 0x5030 */ 80,114,111,116,101, 99,116, 45, 48,120, 48, 48, 48, 48, 48, 48, +/* 0x5040 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 52, 10, 48, 48, 48, 48, 48, +/* 0x5050 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 97, 32, 82, 95, 88, 56, +/* 0x5060 */ 54, 95, 54, 52, 95, 51, 50, 83, 32, 32, 32, 32, 32, 32,118,112, +/* 0x5070 */ 95, 98, 97,115,101, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5080 */ 48, 48, 48, 48, 48,102, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, +/* 0x5090 */ 51, 50, 32, 32, 32, 32, 32, 32, 32,118,112, 95,115,105,122,101, +/* 0x50a0 */ 43, 48,120, 48, 48, 48, 48, 48, 48, 48, 48, 56, 48, 48, 48, 48, +/* 0x50b0 */ 48, 48, 48, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x50c0 */ 48, 48, 50, 99, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, 50, +/* 0x50d0 */ 83, 32, 32, 32, 32, 32, 32,115,119,114,105, 10, 10, 82, 69, 76, +/* 0x50e0 */ 79, 67, 65, 84, 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, +/* 0x50f0 */ 70, 79, 82, 32, 91, 80, 69, 84, 76, 83, 67, 93, 58, 10, 79, 70, +/* 0x5100 */ 70, 83, 69, 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, +/* 0x5110 */ 89, 80, 69, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, +/* 0x5120 */ 32, 86, 65, 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5130 */ 48, 48, 48, 48, 48, 48, 50, 32, 82, 95, 88, 56, 54, 95, 54, 52, +/* 0x5140 */ 95, 80, 67, 51, 50, 32, 32, 32, 32, 32, 80, 69, 84, 76, 83, 67, +/* 0x5150 */ 50, 45, 48,120, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5160 */ 48, 48, 48, 53, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5170 */ 48, 48, 48, 48, 97, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 51, +/* 0x5180 */ 50, 83, 32, 32, 32, 32, 32, 32,116,108,115, 95,109,111,100,117, +/* 0x5190 */ 108,101, 95, 98, 97,115,101, 10, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x51a0 */ 48, 48, 48, 48, 48, 48, 49, 54, 32, 82, 95, 88, 56, 54, 95, 54, +/* 0x51b0 */ 52, 95, 80, 67, 51, 50, 32, 32, 32, 32, 32, 80, 69, 84, 76, 83, +/* 0x51c0 */ 67, 50, 45, 48,120, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x51d0 */ 48, 48, 48, 48, 52, 10, 10, 82, 69, 76, 79, 67, 65, 84, 73, 79, +/* 0x51e0 */ 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, 91, 80, +/* 0x51f0 */ 69, 68, 79, 74, 85, 77, 80, 93, 58, 10, 79, 70, 70, 83, 69, 84, +/* 0x5200 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, 32, +/* 0x5210 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, 76, +/* 0x5220 */ 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5230 */ 48, 48, 49, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, 51, +/* 0x5240 */ 50, 32, 32, 32, 32, 32,111,114,105,103,105,110, 97,108, 95,101, +/* 0x5250 */ 110,116,114,121, 45, 48,120, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x5260 */ 48, 48, 48, 48, 48, 48, 52, 10, 10, 82, 69, 76, 79, 67, 65, 84, +/* 0x5270 */ 73, 79, 78, 32, 82, 69, 67, 79, 82, 68, 83, 32, 70, 79, 82, 32, +/* 0x5280 */ 91, 80, 69, 84, 76, 83, 67, 50, 93, 58, 10, 79, 70, 70, 83, 69, +/* 0x5290 */ 84, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 84, 89, 80, 69, +/* 0x52a0 */ 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 86, 65, +/* 0x52b0 */ 76, 85, 69, 10, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, +/* 0x52c0 */ 48, 48, 48, 53, 32, 82, 95, 88, 56, 54, 95, 54, 52, 95, 80, 67, +/* 0x52d0 */ 51, 50, 32, 32, 32, 32, 32,116,108,115, 95, 99, 97,108,108, 98, +/* 0x52e0 */ 97, 99,107,115, 95,112,116,114, 45, 48,120, 48, 48, 48, 48, 48, +/* 0x52f0 */ 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 52, 10 }; diff --git a/src/stub/src/amd64-win64.pep.S b/src/stub/src/amd64-win64.pep.S index b68e1c8d..b0896bc0 100644 --- a/src/stub/src/amd64-win64.pep.S +++ b/src/stub/src/amd64-win64.pep.S @@ -247,7 +247,7 @@ next_dll: add rbx, rsi add rdi, 8 - call [rsi + LoadLibraryA] + call [rip + LoadLibraryA] xchg rax, rbp next_func: @@ -279,7 +279,7 @@ section PEIMPOR2 first_imp: mov rcx, rbp - call [rsi + GetProcAddress] + call [rip + GetProcAddress] #if 1 ;// FIXME: is this error handling really needed? @@ -302,7 +302,7 @@ section PEIERDLL section PEIEREXE // rcx contains garbage -> garbage return code - jmp [rsi + ExitProcess] + jmp [rip + ExitProcess] section PEIMDONE imports_done: add rsp, 0x28 @@ -377,7 +377,7 @@ relhi0: // ============= section PEDEPHAK - mov rbp, [rsi + VirtualProtect] + mov rbp, [rip + VirtualProtect] lea rdi, [rsi + vp_base] mov ebx, IMM32(vp_size) // 0x1000 or 0x2000 diff --git a/src/stub/tmp/amd64-win64.pep.bin.dump b/src/stub/tmp/amd64-win64.pep.bin.dump index 38a8c2f7..89d33578 100644 --- a/src/stub/tmp/amd64-win64.pep.bin.dump +++ b/src/stub/tmp/amd64-win64.pep.bin.dump @@ -194,7 +194,7 @@ OFFSET TYPE VALUE 0000000000000007 R_X86_64_32S compressed_imports 0000000000000010 R_X86_64_PC8 imports_done 0000000000000018 R_X86_64_32S start_of_imports -0000000000000025 R_X86_64_32S LoadLibraryA +0000000000000025 R_X86_64_PC32 LoadLibraryA-0x0000000000000004 RELOCATION RECORDS FOR [PEIBYORD]: OFFSET TYPE VALUE @@ -211,12 +211,12 @@ OFFSET TYPE VALUE RELOCATION RECORDS FOR [PEIMPOR2]: OFFSET TYPE VALUE -000000000000000f R_X86_64_32S GetProcAddress +000000000000000f R_X86_64_PC32 GetProcAddress-0x0000000000000004 0000000000000020 R_X86_64_PC8 next_func RELOCATION RECORDS FOR [PEIEREXE]: OFFSET TYPE VALUE -0000000000000002 R_X86_64_32S ExitProcess +0000000000000002 R_X86_64_PC32 ExitProcess-0x0000000000000004 RELOCATION RECORDS FOR [PERELOC1]: OFFSET TYPE VALUE @@ -240,7 +240,7 @@ OFFSET TYPE VALUE RELOCATION RECORDS FOR [PEDEPHAK]: OFFSET TYPE VALUE -0000000000000003 R_X86_64_32S VirtualProtect +0000000000000003 R_X86_64_PC32 VirtualProtect-0x0000000000000004 000000000000000a R_X86_64_32S vp_base 000000000000000f R_X86_64_32 vp_size+0x0000000080000000 000000000000002c R_X86_64_32S swri