uninitialized class member in decaf/shared/vmi.h make hook unstable about decaf HOT 4 OPEN

We had other issues which popped up when we had this variable initialized in the constructor. Our workaround for this was to initialize the variable instead in the only points where instances are actually created. For example, in the linux vmi, (refer line 174 in https://github.com/sycurelab/DECAF/blob/master/decaf/shared/linux_vmi_new.cpp ) this is already taken care of, but for windows this is not handled. Please change the windows vmi accordingly if you are having problems with windows.

from decaf.

I see.

but we can fix it in shared/windows_vmi.cpp after line 289
288 if (!curr_entry) {
289 curr_entry = new module();
** curr_entry->symbols_extracted=false;
290 DECAF_read_mem(env,
291 curr_mod + handle_funds[GuestOS_index].offset->SIZE_OFFSET,
292 4, &curr_entry->size); // dllsize SIZE_OFFSET

by the way, would you please tell me about your version 2 at https://github.com/TheLoneRanger14/Decaf.v2, can it run faster?

from decaf.

Yes absolutely. That would work perfectly for windows.

Regarding DECAF.v2, it was an attempt to port DECAF to the newest version of QEMU. Due to other project commitments I have not been able to finish it. I'm not sure how significant a boost in runtime speed you might get with that even if complete.

from decaf.

Sorry, I just saw this. I'm not sure what "other issues which popped up" refer to. But I guess the unintialized variables left risks to the program...

from decaf.