bdshemu: Fix edge case with unsupported instrs

Fixes #106
bitdefender · Sep 23, 2024 · 0bfbfd3 · 0bfbfd3
1 parent 34a0880
commit 0bfbfd3
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/bdshemu/bdshemu_x86.c b/bdshemu/bdshemu_x86.c
@@ -1793,13 +1793,6 @@ ShemuX86Emulate(
         nd_memzero(&dst, sizeof(dst));
         nd_memzero(&src, sizeof(src));
 
-        // The stop flag has been set, this means we've reached a valid instruction, but that instruction cannot be
-        // emulated (for example, SYSCALL, INT, system instructions, etc).
-        if (stop)
-        {
-            return SHEMU_ABORT_CANT_EMULATE;
-        }
-
         // If we already have a detection and we wish to stop on detections, do so now.
         if ((0 != Context->Flags) && (0 != (Context->Options & SHEMU_OPT_STOP_ON_EXPLOIT)))
         {
@@ -3557,6 +3550,13 @@ ShemuX86Emulate(
 
             break;
         }
+
+        // The stop flag has been set, this means we've reached a valid instruction, but that instruction cannot be
+        // emulated (for example, SYSCALL, INT, system instructions, etc).
+        if (stop)
+        {
+            return SHEMU_ABORT_CANT_EMULATE;
+        }
     }
 
     // Minimum percent of the instructions were NOPs => consider we have a NOP sled. Note that we get here only if