Open PeterPanino opened 6 years ago
MahdiSafsafi
commented
6 years ago This is related to the architecture of UD where native pointer is used for addresses. So 32-bit can't handle 64-bit pointer. The only way to make a 32-bit of GUI handle 64-bit app is to replace pointers types with UInt64 types.
PeterPanino
commented
6 years ago Which types exactly must be replaced by UInt64 for making the 64-bit GUI app handle 32-bit programs?
PeterPanino
commented
6 years ago So why the 64-bit GUI cannot disassemble 32-bit .exe files?
MahdiSafsafi
commented
6 years ago So why the 64-bit GUI cannot disassemble 32-bit .exe files?
Because I used PImageNtHeaders type instead of PImageNtHeaders32/PImageNtHeaders64. So I just wrote one single loader. If you want the x-bit GUI to disassemble both 32 and 64 bit, you need to do this:
PeterPanino
commented
6 years ago This is a misunderstanding: I don't want "the x-bit GUI to disassemble both 32 and 64 bit". I just want the 64-bit GUI to disassemble both 32 and 64 bit. So for this case, which types do I have to change?
MahdiSafsafi
commented
6 years ago Even if you only want to let the 64-bit GUI to disassemble both 32/64 app you need to do all the changes that I told you about.
MahdiSafsafi
commented
6 years ago Update: for just 64 GUI, you only need to do is:
Replacing PImageNtHeaders with PImageNtHeaders32/PImageNtHeaders64 => Make two loaders one for 32-bit that uses PImageNtHeaders32 and one for 64-bit that uses PImageNtHeaders64.
PeterPanino
commented
6 years ago I have done so and it works well with smaller 32-bit exe-files from 64-bit GUI. But when I load this 32-bit exe (from the 64-bit GUI): C:\Program Files (x86)\Embarcadero\Studio\18.0\bin\bds.exe ..then I get an AV! See the attached files: UnivDisasmGUI.zip
Why in the GUI version of UnivDisasm can only 64-bit programs be loaded in the GUI 64-bit version and vice versa? Please make a GUI version where both 32-bit and 64-bit programs can be loaded in the 64-bit GUI version.