stuff

2026-01-14 15:55:04 +01:00 · 2025-01-31 18:44:41 +01:00 · 2025-01-31 18:44:41 +01:00 · eff97dfe79
commit eff97dfe79
parent 38797253f6
2 changed files with 30 additions and 31 deletions
--- a/src/lib.rs
+++ b/src/lib.rs
@ -274,20 +274,6 @@ pub fn execute(pe: &[u8]) {
            todo!("zero padding")
        }

-        let mode = if section
-            .characteristics
-            .contains(SectionFlags::IMAGE_SCN_MEM_EXECUTE)
-        {
-            crate::sys::Mode::Execute
-        } else if section
-            .characteristics
-            .contains(SectionFlags::IMAGE_SCN_MEM_WRITE)
-        {
-            crate::sys::Mode::Write
-        } else {
-            crate::sys::Mode::Read
-        };
-
        let section_a = &mut a[section.virtual_address as usize..];

        dbg!(section);
@ -295,17 +281,6 @@ pub fn execute(pe: &[u8]) {
        section_a[..section.size_of_raw_data as usize].copy_from_slice(
            &pe[section.pointer_to_raw_data as usize..][..section.size_of_raw_data as usize],
        );
-
-        // NOTE: we might actually want to do this later in the process?
-        // also it doesn't work on windows right now for some reason.
-        if false {
-            crate::sys::protect(
-                section_a.as_ptr().cast(),
-                section.virtual_size as usize,
-                mode,
-            )
-            .unwrap();
-        }
    }

    let import_directory_table = bytemuck::cast_slice::<_, ImportDirectoryTableEntry>(
@ -368,6 +343,31 @@ pub fn execute(pe: &[u8]) {
        }
    }

+    for section in section_table {
+        let mode = if section
+            .characteristics
+            .contains(SectionFlags::IMAGE_SCN_MEM_EXECUTE)
+        {
+            crate::sys::Mode::Execute
+        } else if section
+            .characteristics
+            .contains(SectionFlags::IMAGE_SCN_MEM_WRITE)
+        {
+            crate::sys::Mode::Write
+        } else {
+            crate::sys::Mode::Read
+        };
+
+        let section_a = &a[section.virtual_address as usize..];
+
+        crate::sys::protect(
+            section_a.as_ptr().cast(),
+            section.virtual_size as usize,
+            mode,
+        )
+        .unwrap();
+    }
+
    eprintln!("YOLO");

    unsafe {
--- a/src/sys.rs
+++ b/src/sys.rs
@ -8,16 +8,15 @@ pub(crate) enum Mode {

 #[cfg(windows)]
 mod imp {
-    use std::{ffi::c_void, io, path::PathBuf, u32};
+    use std::{ffi::c_void, io, u32};

    use windows::Win32::{
        Foundation::INVALID_HANDLE_VALUE,
        System::{
            Memory::{
-                FILE_MAP_EXECUTE, FILE_MAP_WRITE, PAGE_EXECUTE_READ, PAGE_EXECUTE_READWRITE,
-                PAGE_READONLY, PAGE_READWRITE,
+                FILE_MAP_EXECUTE, FILE_MAP_WRITE, PAGE_EXECUTE_READ, PAGE_EXECUTE_READWRITE, PAGE_PROTECTION_FLAGS, PAGE_READONLY, PAGE_READWRITE
            },
-            SystemInformation::{GetSystemDirectoryW, SYSTEM_INFO},
+            SystemInformation::SYSTEM_INFO,
        },
    };

@ -79,7 +78,7 @@ mod imp {

    pub(crate) fn protect(address: *const (), size: usize, mode: Mode) -> io::Result<()> {
        debug_assert_eq!(address.addr() & (page_size() - 1), 0);
-
+        let mut old=  PAGE_PROTECTION_FLAGS::default();
        unsafe {
            windows::Win32::System::Memory::VirtualProtect(
                address.cast::<c_void>(),
@ -89,7 +88,7 @@ mod imp {
                    Mode::Write => PAGE_READWRITE,
                    Mode::Execute => PAGE_EXECUTE_READ,
                },
-                std::ptr::null_mut(),
+                &mut old,
            )
            .map_err(Into::into)
        }