stalker-x86: Add the new api call

frida · Feb 12, 2024 · fa47431 · fa47431
1 parent 7a603be
commit fa47431
Showing 1 changed file with 24 additions and 2 deletions.
diff --git a/tests/core/arch-x86/stalker-x86.c b/tests/core/arch-x86/stalker-x86.c
@@ -171,6 +171,8 @@ static void skip_call (GumStalkerIterator * iterator, GumStalkerOutput * output,
     gpointer user_data);
 static void replace_call_with_callout (GumStalkerIterator * iterator, GumStalkerOutput * output,
     gpointer user_data);
+static void replace_jmp_with_callout (GumStalkerIterator * iterator, GumStalkerOutput * output,
+    gpointer user_data);
 static void callout_set_cool (GumCpuContext * cpu_context, gpointer user_data);
 static void unfollow_during_transform (GumStalkerIterator * iterator,
     GumStalkerOutput * output, gpointer user_data);
@@ -1003,6 +1005,25 @@ TESTCASE (transformer_should_be_able_to_replace_call_with_callout)
   g_assert_cmpuint (ret, ==, 0xc001);
 }
 
+static void
+replace_call_with_callout (GumStalkerIterator * iterator,
+                           GumStalkerOutput * output,
+                           gpointer user_data)
+{
+  const guint8 * func_start = user_data;
+  const cs_insn * insn;
+
+  while (gum_stalker_iterator_next (iterator, &insn))
+  {
+    if (insn->address == GPOINTER_TO_SIZE (func_start + 5)) {
+      gum_stalker_iterator_put_callout (iterator, callout_set_cool, NULL, NULL);
+      continue;
+    }
+
+    gum_stalker_iterator_keep (iterator);
+  }
+}
+
 TESTCASE (transformer_should_be_able_to_replace_tailjump_with_callout)
 {
   guint8 code_template[] =
@@ -1020,15 +1041,15 @@ TESTCASE (transformer_should_be_able_to_replace_tailjump_with_callout)
   func = (StalkerTestFunc) test_stalker_fixture_dup_code (fixture,
       code_template, sizeof (code_template));
 
-  fixture->transformer = gum_stalker_transformer_make_from_callback (replace_call_with_callout,
+  fixture->transformer = gum_stalker_transformer_make_from_callback (replace_jmp_with_callout,
       func, NULL);
 
   ret = test_stalker_fixture_follow_and_invoke (fixture, func, 0);
   g_assert_cmpuint (ret, ==, 0xc001);
 }
 
 static void
-replace_call_with_callout (GumStalkerIterator * iterator,
+replace_jmp_with_callout (GumStalkerIterator * iterator,
                            GumStalkerOutput * output,
                            gpointer user_data)
 {
@@ -1039,6 +1060,7 @@ replace_call_with_callout (GumStalkerIterator * iterator,
   {
     if (insn->address == GPOINTER_TO_SIZE (func_start + 5)) {
       gum_stalker_iterator_put_callout (iterator, callout_set_cool, NULL, NULL);
+      gum_stalker_iterator_put_chaining_return(iterator);
       continue;
     }