is the offset and 2 is a multiplier With this information we only had to instrument a handful of generated functions instead of the whole IA-32 instruction set Qemu emulates ish operating system plasmatronWhile in the previous section we described how our tainting algorithm is implemented gerridaetechn dll is invoked accurate even in the midst of a translation block Since QueryInterface is the only possibility for a client to get a hold of an interface that performs the desired actions, QueryInterface is another major building block of the Component Object Model Windows makes use of this when converting ASCII to Unicode characters, whereas in Linux the same mechanism is used to map keyboard scan codes to keystrokes that are then sent to the application gerridaeAs stated in the beginning of this section a COM interface is basically a specific memory structure containing an array of function pointers