memory breakpoints now throw the desired exceptions

2016-08-19 16:02:27 +02:00 · 2016-08-19 16:02:27 +02:00 · aecc172ecb
parent bff2775e7a
commit aecc172ecb
2 changed files with 28 additions and 3 deletions
--- a/GleeBug/Debugger.Process.Breakpoint.cpp
+++ b/GleeBug/Debugger.Process.Breakpoint.cpp
@ -259,7 +259,11 @@ namespace GleeBug
            else if (data.Type & (uint32(MemoryType::Write) | uint32(MemoryType::Execute))) //Write + Execute becomes either PAGE_GUARD or both write and execute flags removed
                data.NewProtect = permanentDep ? RemoveExecuteAccess(RemoveWriteAccess(data.OldProtect)) : data.OldProtect | PAGE_GUARD;
        }
-        return false;
+
+        DWORD oldProtect;
+        auto vps = !!VirtualProtectEx(hProcess, LPVOID(page), PAGE_SIZE, data.NewProtect, &oldProtect);
+        printf("VirtualProtect(0x%p, 0x%X, %08X, %08X) = %d\n", page, PAGE_SIZE, data.NewProtect, oldProtect, vps);
+        return vps;
    }

    bool Process::SetMemoryBreakpoint(ptr address, ptr size, MemoryType type, bool singleshoot)
@ -317,7 +321,8 @@ namespace GleeBug
            for (const auto & page : breakpointData)
            {
                DWORD oldProtect;
-                VirtualProtectEx(hProcess, LPVOID(page.addr), PAGE_SIZE, page.OldProtect, &oldProtect);
+                auto vps = !!VirtualProtectEx(hProcess, LPVOID(page.addr), PAGE_SIZE, page.OldProtect, &oldProtect);
+                printf("VirtualProtect(0x%p, 0x%X, %08X, %08X) = %d\n", page, PAGE_SIZE, page.OldProtect, oldProtect, vps);
            }
            return false;
        }
@ -384,7 +389,9 @@ namespace GleeBug
            else
                Protect = data.OldProtect;
            DWORD oldProtect;
-            if (!VirtualProtectEx(hProcess, LPVOID(page), PAGE_SIZE, Protect, &oldProtect))
+            auto vps = !!VirtualProtectEx(hProcess, LPVOID(page), PAGE_SIZE, Protect, &oldProtect);
+            printf("VirtualProtect(0x%p, 0x%X, %08X, %08X) = %d\n", page, PAGE_SIZE, Protect, oldProtect, vps);
+            if (!vps)
                success = false;
            if (!data.Refcount)
                memoryBreakpointPages.erase(foundData);
--- a/MyDebugger/MyDebugger.h
+++ b/MyDebugger/MyDebugger.h
@ -8,10 +8,25 @@ using namespace GleeBug;
 class MyDebugger : public Debugger
 {
 protected:
+    void cbMemoryBreakpoint(const BreakpointInfo & info)
+    {
+        printf("Reached memory breakpoint! GIP: 0x%p\n",
+            mRegisters->Gip());
+    }
+
    void cbEntryBreakpoint(const BreakpointInfo & info)
    {
        printf("Reached entry breakpoint! GIP: 0x%p\n",
            mRegisters->Gip());
+#ifdef _WIN64
+        printf("RBX: 0x%p\n", mRegisters->Rbx());
+        if (mProcess->SetMemoryBreakpoint(mRegisters->Rbx(), 0x1000, this, &MyDebugger::cbMemoryBreakpoint, MemoryType::Execute))
+            puts("Memory breakpoint set!");
+        else
+            puts("Failed to set memory breakpoint...");
+#endif
+        //system("pause");
+
        /*if (mProcess->DeleteBreakpoint(info.address))
            printf("Entry breakpoint deleted!\n");
        else
@ -61,6 +76,7 @@ protected:
        else
            printf("No free hardware breakpoint slot...\n");*/

+        entry = ptr(createProcess.lpBaseOfImage) + 0x1060;
        if(mProcess->SetBreakpoint(entry, this, &MyDebugger::cbEntryBreakpoint, true))
            printf("Breakpoint set at 0x%p!\n", entry);
        else
@ -119,6 +135,8 @@ protected:
            exceptionType,
            exceptionInfo.ExceptionRecord.ExceptionCode,
            exceptionInfo.ExceptionRecord.ExceptionAddress);
+        for (DWORD i = 0; i < exceptionInfo.ExceptionRecord.NumberParameters; i++)
+            printf("  ExceptionInformation[%d] = 0x%p\n", i, exceptionInfo.ExceptionRecord.ExceptionInformation[i]);
    }

    void cbDebugStringEvent(const OUTPUT_DEBUG_STRING_INFO & debugString) override