From d7e65f1d42ea7560f225833427ed5b53860a37ae Mon Sep 17 00:00:00 2001
From: b <vpbalint@silentsignal.hu>
Date: Mon, 1 Jan 2018 14:20:17 +0100
Subject: [PATCH 1/3] Warning for not implemented hooks

---
 codegen.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/codegen.py b/codegen.py
index 07f12ae..27d65fd 100644
--- a/codegen.py
+++ b/codegen.py
@@ -450,7 +450,8 @@ def generate_default_hookFunc(self, name, indent=1):
             The default python hook for imported calls should do nothing.
         '''
         out = ' ' * (indent * 4) + """def hook_%s(self):
-        pass\n""" % name
+        print "[!] %s hook not implemented!"
+        pass\n""" % (name, name)
         return out
         
     def _build_impCall_hook_dict(self, indent=1):

From af21555034f28ac521ecd42cc30fdb5d7fd591c3 Mon Sep 17 00:00:00 2001
From: b <vpbalint@silentsignal.hu>
Date: Mon, 1 Jan 2018 14:21:34 +0100
Subject: [PATCH 2/3] Added getPointer() to callConv base

---
 codegen.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/codegen.py b/codegen.py
index 27d65fd..a6cebdd 100644
--- a/codegen.py
+++ b/codegen.py
@@ -17,6 +17,9 @@ def __init__(self, name, arch):
     def gen_arg_number(self, argno):
         pass
 
+    def genPointer(self, arg, regs, indent):
+        pass
+
 class x64callConv(callConv):
 # TODO Stack based arguments 
     def __init__(self, name, arch):

From fdaa00dbb7470476405cff3297780bcaf0f4ac74 Mon Sep 17 00:00:00 2001
From: b <vpbalint@silentsignal.hu>
Date: Mon, 1 Jan 2018 15:03:10 +0100
Subject: [PATCH 3/3] Dumping CPU context on emulator exception

---
 codegen.py  | 46 +++++++++++++++++++++++++++++++++++++++++++++-
 packager.py |  2 +-
 2 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/codegen.py b/codegen.py
index a6cebdd..9056353 100644
--- a/codegen.py
+++ b/codegen.py
@@ -20,12 +20,20 @@ def gen_arg_number(self, argno):
     def genPointer(self, arg, regs, indent):
         pass
 
+    def dumpContext(self, indent):
+        pass
+
 class x64callConv(callConv):
 # TODO Stack based arguments 
     def __init__(self, name, arch):
         self.name = name
         self.arch = arch
         self.platform = ''
+        self.regs = ["UC_X86_REG_RAX", "UC_X86_REG_RBP", "UC_X86_REG_RBX", "UC_X86_REG_RCX",\
+                    "UC_X86_REG_RDI", "UC_X86_REG_RDX", "UC_X86_REG_RSI", "UC_X86_REG_RSP",\
+                    "UC_X86_REG_RIP", "UC_X86_REG_R8", "UC_X86_REG_R9", "UC_X86_REG_R10",\
+                    "UC_X86_REG_R11", "UC_X86_REG_R12", "UC_X86_REG_R13", "UC_X86_REG_R14",\
+                    "UC_X86_REG_R15"]
 
     def gen_arg_number(self, argno, indent=1):
         print "X64"
@@ -55,10 +63,20 @@ def systemV(self, arg, indent):
                 return ' ' * (indent*4) + "self.mu.reg_write(%s, arg_%x)\n" % (regs[arg.num], arg.num)
             return self.genPointer(arg, regs, indent)
 
+    def dumpContext(self, indent):
+        ret = ' ' * (indent * 4) + "print '[!] Exception occured - Emulator state (x64):'\n"
+        for r in self.regs:
+            ret += ' ' * (indent * 4) + "print \"%s : %%016X\" %% (self.mu.reg_read(%s))\n" % (r,r)
+        return ret
+
+
 class x86callConv(callConv):
     def __init__(self, name, arch):
         self.name = name
         self.arch = arch
+        self.regs = ["UC_X86_REG_EAX", "UC_X86_REG_EBP", "UC_X86_REG_EBX", "UC_X86_REG_ECX",\
+                    "UC_X86_REG_EDI", "UC_X86_REG_EDX", "UC_X86_REG_ESI", "UC_X86_REG_ESP",\
+                    "UC_X86_REG_EIP"]
 
     def genPointer(self, arg, indent):
         ret = ' ' * (indent * 4) + "argAddr_%x = (%d * 0x1000)\n" % (arg.num, arg.num + 1)
@@ -73,10 +91,20 @@ def gen_arg_number(self, arg, indent):
             return ' ' * (indent * 4) + "self.mu.mem_write(self.mu.reg_read(UC_X86_REG_ESP) + %d, struct.pack('<i', arg_%x))\n" % ( (arg.num * 4) + 4, arg.num)
         return self.genPointer(arg, indent)
 
+    def dumpContext(self, indent):
+        ret = ' ' * (indent * 4) + "print '[!] Exception occured - Emulator state (x86):'\n"
+        for r in self.regs:
+            ret += ' ' * (indent * 4) + "print \"%s : %%08X\" %% (self.mu.reg_read(%s))\n" % (r,r)
+        return ret
+
 class armcallConv(callConv):
     def __init__(self, name, arch):
         self.name = name
         self.arch = arch
+        self.regs = ["UC_ARM_REG_R0", "UC_ARM_REG_R1", "UC_ARM_REG_R2", "UC_ARM_REG_R3",\
+                    "UC_ARM_REG_R4", "UC_ARM_REG_R5", "UC_ARM_REG_R6", "UC_ARM_REG_R7",\
+                    "UC_ARM_REG_R8", "UC_ARM_REG_R9", "UC_ARM_REG_R10", "UC_ARM_REG_R11",\
+                    "UC_ARM_REG_R12", "UC_ARM_REG_R13", "UC_ARM_REG_R14", "UC_ARM_REG_R15"]
 
     def genPointer(self, arg, regs, indent):
         ret = ' ' * (indent * 4) + "argAddr_%x = (%d * 0x1000)\n" % (arg.num, arg.num+1)
@@ -90,7 +118,12 @@ def gen_arg_number(self, arg, indent):
             if arg.pointerDepth == 0 or arg.pointerDepth > 1:
                 return ' ' * (indent *4 ) + "self.mu.reg_write(%s, arg_%x)\n" % (regs[arg.num], arg.num)
             return self.genPointer(arg, regs, indent)
-            
+
+    def dumpContext(self, indent):
+        ret = ' ' * (indent * 4) + "print '[!] Exception occured - Emulator state (arm):'\n"
+        for r in self.regs:
+            ret += ' ' * (indent * 4) + "print \"%s : %%X\" %% (self.mu.reg_read(%s))\n" % (r,r)
+        return ret            
 
 class codeSlice(object):
     '''
@@ -153,6 +186,15 @@ def __init__(self, name, isFunc=True):
 
         self.isFunc = isFunc
         
+    def setArch(self,a):
+        self.arch=a
+        if self.arch == 'x64':
+            self.callConv = x64callConv("linux", "x64")
+        if self.arch == 'x86':
+            self.callConv = x86callConv("linux", "x86")
+        if self.arch == 'arm':
+            self.callConv =armcallConv("linux", "arm")
+
     def data_saved(self, addr): 
         return any(lowaddr <= addr <= highaddr for (lowaddr, highaddr) in self.saved_ranges)
     
@@ -357,6 +399,8 @@ def generate_return_guard(self, indent=1):
 
         # Raise original exception if PC is not equal to the appropriate marker value or imported call marker
         out += ' ' * (indent * 4) + "else:\n"
+        if self.callConv is not None:
+            out += self.callConv.dumpContext(indent+1)
         out += ' ' * ((indent + 1) * 4) + "raise e"
 
         return out + "\n"
diff --git a/packager.py b/packager.py
index 5a6e5fa..27ed117 100644
--- a/packager.py
+++ b/packager.py
@@ -26,7 +26,7 @@ def __init__(self, isFunc, address, engine, ui = None, length=None):
         
         self.codeobj = genwrapper('', isFunc)
         self.arch = self.engine.get_arch()
-        self.codeobj.arch = self.arch
+        self.codeobj.setArch(self.arch)
 
         self.impCallStrategy = None
         self.dataStrategy = None