153 lines
5.4 KiB
XML
Executable File
153 lines
5.4 KiB
XML
Executable File
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- GuardIT Configuration File -->
|
|
<conf_properties>
|
|
|
|
<property_str id="target_platform">x86_windows</property_str>
|
|
|
|
<property_str id="compiler">autodetect</property_str>
|
|
<!--
|
|
Specify the compiler used to build the input file. Valid values are: autodetect,
|
|
vs2003, vs2005, vs2008, gcc, other
|
|
-->
|
|
|
|
<!--
|
|
<property_int id="expansion">0x10000</property_int>
|
|
Specify the number of bytes to add to the .text section of the image to be
|
|
protected. Valid values are 0 (to disable .text expansion) and multiples of
|
|
0x10000. By default the engine will expand mixed-mode images and images compiled
|
|
with vs2005.
|
|
-->
|
|
|
|
<!--
|
|
<property_str_list id="disable_antidebug_algorithm">
|
|
Algorithms listed here will be disabled when installing a Windows Antidebug Guard.
|
|
<value>Algorithm number</value>
|
|
<value>Algorithm number</value>
|
|
</property_str_list>
|
|
-->
|
|
|
|
<property_range_list id="do_not_analyze">
|
|
<!--
|
|
List artifacts to exclude from image analysis. Use value elements to list
|
|
the files, for example:
|
|
|
|
<addr_range_value>0x1000-0xffff</addr_range_value>
|
|
|
|
<func_range_value>my_function_name</func_range_value>
|
|
<func_range_value>my_other_function_name</func_range_value>
|
|
|
|
<obj_range_value>my_object_file.obj</obj_range_value>
|
|
<lib_range_value>my_lib_name</lib_range_value>
|
|
-->
|
|
</property_range_list>
|
|
|
|
<property_range_list id="analyze_only">
|
|
<!--
|
|
If you want to restrict analysis to a few artifacts
|
|
(instead of all of them which is the default) then list
|
|
the ones to be included in image analysis here. All
|
|
other artifacts will be excluded if you make even a single
|
|
entry in this list. Use value elements to list the
|
|
files, for example:
|
|
|
|
<addr_range_value>0x1000-0xffff</addr_range_value>
|
|
|
|
<func_range_value>my_function_name</func_range_value>
|
|
<func_range_value>my_other_function_name</func_range_value>
|
|
|
|
<obj_range_value>my_object_file.obj</obj_range_value>
|
|
<lib_range_value>my_lib_name</lib_range_value>
|
|
-->
|
|
</property_range_list>
|
|
|
|
<property_str_list id="non_returning_functions">
|
|
<!--
|
|
List exact-match names of map file symbols for all functions that do not return to
|
|
callers. If any are not listed, the image may not load correctly. Use value
|
|
elements to list the symbols.
|
|
-->
|
|
<value>__CxxThrowException@8</value>
|
|
<value>?AfxThrowInvalidArgException@@YGXXZ</value>
|
|
<value>?AfxThrowResourceException@@YGXXZ</value>
|
|
<value>?AfxThrowNotSupportedException@@YGXXZ</value>
|
|
<value>?AfxThrowFileException@@YGXHJPBD@Z</value>
|
|
<value>?AtlThrowImpl@ATL@@YGXJ@Z</value>
|
|
<value>?AfxThrowOleException@@YGXJ@Z</value>
|
|
<value>?BadInstruction@@YAXPAUx86Inst@@PAUArgTerm@@PAD@Z</value>
|
|
<value>$L132493</value>
|
|
<value>__Unwind_GetCFA</value>
|
|
<value>__Unwind_GetLanguageSpecificData</value>
|
|
<value>__Unwind_GetGR</value>
|
|
<value>__Unwind_SetIP</value>
|
|
<value>__Unwind_GetDataRelBase</value>
|
|
<value>__Unwind_GetIP</value>
|
|
<value>__Unwind_Backtrace</value>
|
|
<value>__Unwind_SetGR</value>
|
|
<value>__Unwind_Resume_or_Rethrow</value>
|
|
<value>__Unwind_ForcedUnwind</value>
|
|
<value>__Unwind_GetIPInfo</value>
|
|
<value>__Unwind_GetTextRelBase</value>
|
|
<value>__Unwind_FindEnclosingFunction</value>
|
|
<value>__Unwind_GetRegionStart</value>
|
|
<value>__Unwind_RaiseException</value>
|
|
<value>__Unwind_Resume</value>
|
|
<value>__Unwind_DeleteException</value>
|
|
<value>__Unwind_Find_FDE</value>
|
|
<value>exit</value>
|
|
<value>_exit</value>
|
|
<value>_cexit</value>
|
|
<value>__imp_exit</value>
|
|
<value>__imp__exit</value>
|
|
<value>__imp__cexit</value>
|
|
<value>?terminate@@YAXXZ</value>
|
|
<value>abort</value>
|
|
<value>___report_rangecheckfailure</value>
|
|
<value>?llvm_unreachable_internal@llvm@@YAXPBD0I@Z</value>
|
|
<value>?CannotYetSelect@SelectionDAGISel@llvm@@AAEXPAVSDNode@2@@Z</value>
|
|
<value>?report_fatal_error@llvm@@YAXABVTwine@1@@Z</value>
|
|
<value>?report_fatal_error@llvm@@YAXPBD@Z</value>
|
|
<value>?report_fatal_error@llvm@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z</value>
|
|
<value>?report_fatal_error@llvm@@YAXVStringRef@1@@Z</value>
|
|
</property_str_list>
|
|
|
|
<property_str_list id="ignore_mapfile_symbols">
|
|
<!--
|
|
List substrings of map file symbols for functions that you want the protection
|
|
engine to ignore. You can use this to avoid the __ehhandler problem in recent
|
|
versions of Visual Studio.
|
|
-->
|
|
<value>__sehtable$</value>
|
|
<value>__ehhandler</value>
|
|
<value>except_list</value>
|
|
<value>__unwindfunclet</value>
|
|
<value>$pdata$</value>
|
|
<value>$unwind$</value>
|
|
<value>?ignored</value>
|
|
<!-- This is to fix an issue with applications that use COM -->
|
|
<value>CLSID_StdGlobalInterfaceTable</value>
|
|
</property_str_list>
|
|
|
|
<property_str_list id="cpp_file_extensions">
|
|
<!--
|
|
List file name extensions to associate with C++. This list is used for managing
|
|
source code markers.
|
|
-->
|
|
<value>cpp</value>
|
|
<value>c</value>
|
|
<value>cc</value>
|
|
<value>cxx</value>
|
|
<value>hpp</value>
|
|
<value>h</value>
|
|
<value>hh</value>
|
|
<value>hxx</value>
|
|
<value>asm</value>
|
|
<value>s</value>
|
|
</property_str_list>
|
|
|
|
<property_bool id="destroy_load_config_table">true</property_bool>
|
|
<!--
|
|
If true, the LoadConfigTable in protected executables is destroyed.
|
|
-->
|
|
|
|
</conf_properties>
|