x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

removed _try..._catch blocks that prevented a successfull compilation with DynBuf

This commit is contained in:
deep0 2014-03-12 10:38:24 +01:00
parent 61fdb34693
commit 3cb15ef49f
4 changed files with 62 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
TitanEngine/TitanEngine.Debugger.Memory.cpp
View File

@ -5,13 +5,13 @@
__declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard)
{
if(!MemoryToCheck || !PatternToMatch)
if(!MemoryToCheck || !PatternToMatch || !SizeOfPatternToMatch || !SizeOfMemoryToCheck)
return false;
int i = 0;
BYTE intWildCard = 0;
LPVOID ueReadBuffer = NULL;
DynBuf ueReadBuf;
ULONG_PTR ueNumberOfBytesRead = NULL;
SIZE_T ueNumberOfBytesRead = 0;
MEMORY_BASIC_INFORMATION memoryInformation = {};
PMEMORY_COMPARE_HANDLER memCmp = (PMEMORY_COMPARE_HANDLER)MemoryToCheck;
PMEMORY_COMPARE_HANDLER memPattern = (PMEMORY_COMPARE_HANDLER)PatternToMatch;
@ -20,6 +20,7 @@ __declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryT
{
WildCard = &intWildCard;
}
if(SizeOfMemoryToCheck >= SizeOfPatternToMatch)
{
if(hProcess != GetCurrentProcess())
@ -27,58 +28,40 @@ __declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryT
ueReadBuffer = ueReadBuf.Allocate(SizeOfMemoryToCheck);
if(ueReadBuffer && !ReadProcessMemory(hProcess, MemoryToCheck, ueReadBuffer, SizeOfMemoryToCheck, &ueNumberOfBytesRead))
{
if(ueNumberOfBytesRead == NULL)
if(ueNumberOfBytesRead == 0)
{
if(VirtualQueryEx(hProcess, MemoryToCheck, &memoryInformation, sizeof memoryInformation) != NULL)
{
SizeOfMemoryToCheck = (int)((ULONG_PTR)memoryInformation.BaseAddress + memoryInformation.RegionSize - (ULONG_PTR)MemoryToCheck);
if(!ReadProcessMemory(hProcess, MemoryToCheck, ueReadBuffer, SizeOfMemoryToCheck, &ueNumberOfBytesRead))
{
return(NULL);
return false;
}
}
else
{
return false;
}
}
}
memCmp = (PMEMORY_COMPARE_HANDLER)ueReadBuffer;
}
}
else
if(memCmp)
{
return(NULL);
}
}
else
{
memCmp = (PMEMORY_COMPARE_HANDLER)ueReadBuffer;
}
}
else
{
memCmp = (PMEMORY_COMPARE_HANDLER)ueReadBuffer;
}
}
__try
{
while(SizeOfPatternToMatch > NULL)
for(int i=0; i<SizeOfMemoryToCheck && i<SizeOfPatternToMatch; i++)
{
if(memCmp->Array.bArrayEntry[i] != memPattern->Array.bArrayEntry[i] && memPattern->Array.bArrayEntry[i] != *WildCard)
{
return false;
}
SizeOfPatternToMatch--;
i++;
}
}
return true;
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
return false;
}
}
else
{
return false;
}
}
__declspec(dllexport) bool TITCALL MatchPattern(void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard)
{
@ -93,9 +76,9 @@ __declspec(dllexport) bool TITCALL MatchPattern(void* MemoryToCheck, int SizeOfM
}
__declspec(dllexport) long long TITCALL FindEx(HANDLE hProcess, LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard)
{
if(!hProcess || !MemoryStart ||!MemorySize || !SearchPattern || !PatternSize)
return 0;
int i = NULL;
int j = NULL;
ULONG_PTR Return = NULL;
LPVOID ueReadBuffer = NULL;
DynBuf ueReadBuf;
@ -111,8 +94,7 @@ __declspec(dllexport) long long TITCALL FindEx(HANDLE hProcess, LPVOID MemorySta
{
WildCard = &nWildCard;
}
if(hProcess != NULL && MemoryStart != NULL && MemorySize != NULL)
{
if(hProcess != GetCurrentProcess())
{
ueReadBuffer = ueReadBuf.Allocate(MemorySize);
@ -125,60 +107,37 @@ __declspec(dllexport) long long TITCALL FindEx(HANDLE hProcess, LPVOID MemorySta
MemorySize = (DWORD)((ULONG_PTR)memoryInformation.BaseAddress + memoryInformation.RegionSize - (ULONG_PTR)MemoryStart);
if(!ReadProcessMemory(hProcess, MemoryStart, ueReadBuffer, MemorySize, &ueNumberOfBytesRead))
{
return(NULL);
}
else
{
SearchBuffer = (PUCHAR)ueReadBuffer;
return 0;
}
}
else
{
return(NULL);
return 0;
}
}
else
{
SearchBuffer = (PUCHAR)ueReadBuffer;
}
}
else
{
SearchBuffer = (PUCHAR)ueReadBuffer;
}
}
else
{
SearchBuffer = (PUCHAR)MemoryStart;
}
__try
{
CompareBuffer = (PUCHAR)SearchPattern;
for(i = 0; i < (int)MemorySize && Return == NULL; i++)
DWORD i,j;
for(i=0; i < MemorySize && Return == NULL; i++)
{
for(j = 0; j < (int)PatternSize; j++)
for(j=0; j < PatternSize; j++)
{
if(CompareBuffer[j] != *(PUCHAR)WildCard && SearchBuffer[i + j] != CompareBuffer[j])
{
break;
}
}
if(j == (int)PatternSize)
if(j == PatternSize)
{
Return = (ULONG_PTR)MemoryStart + i;
}
}
return(Return);
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
return(NULL);
}
}
else
{
return(NULL);
}
return Return;
}
extern "C" __declspec(dllexport) long long TITCALL Find(LPVOID MemoryStart, DWORD MemorySize, LPVOID SearchPattern, DWORD PatternSize, LPBYTE WildCard)

23
TitanEngine/TitanEngine.Dumper.cpp
View File

@ -17,7 +17,6 @@ __declspec(dllexport) bool TITCALL DumpProcess(HANDLE hProcess, LPVOID ImageBase
__declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint)
{
int i = 0;
PIMAGE_DOS_HEADER DOSHeader;
PIMAGE_DOS_HEADER DOSFixHeader;
PIMAGE_NT_HEADERS32 PEHeader32;
@ -109,7 +108,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
{
if(ReadProcessMemory(hProcess, ImageBase, ueCopyBuffer, AlignedHeaderSize, &ueNumberOfBytesRead))
{
__try
if(ueCopyBuffer)
{
DOSFixHeader = (PIMAGE_DOS_HEADER)ueCopyBuffer;
PEFixHeader32 = (PIMAGE_NT_HEADERS32)((ULONG_PTR)DOSFixHeader + DOSFixHeader->e_lfanew);
@ -120,8 +119,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
}
PEFixHeader32->OptionalHeader.AddressOfEntryPoint = (DWORD)(EntryPoint - (ULONG_PTR)ImageBase);
PEFixHeader32->OptionalHeader.ImageBase = (DWORD)((ULONG_PTR)ImageBase);
i = NumberOfSections;
while(i >= 1)
for(int i=NumberOfSections; i>=1; i--)
{
PEFixSection->PointerToRawData = PEFixSection->VirtualAddress;
RealignedVirtualSize = (PEFixSection->Misc.VirtualSize / PEHeader32->OptionalHeader.SectionAlignment) * PEHeader32->OptionalHeader.SectionAlignment;
@ -132,7 +130,6 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
PEFixSection->SizeOfRawData = RealignedVirtualSize;
PEFixSection->Misc.VirtualSize = RealignedVirtualSize;
PEFixSection = (PIMAGE_SECTION_HEADER)((ULONG_PTR)PEFixSection + IMAGE_SIZEOF_SECTION_HEADER);
i--;
}
WriteFile(hFile, ueCopyBuffer, (DWORD)AlignedHeaderSize, &uedNumberOfBytesRead, NULL);
ReadBase = (LPVOID)((ULONG_PTR)ReadBase + AlignedHeaderSize - TITANENGINE_PAGESIZE);
@ -162,10 +159,6 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
EngineCloseHandle(hFile);
return true;
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
}
}
}
}//PE32 Handler
@ -189,7 +182,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
{
if(ReadProcessMemory(hProcess, ImageBase, ueCopyBuffer, AlignedHeaderSize, &ueNumberOfBytesRead))
{
__try
if(ueCopyBuffer)
{
DOSFixHeader = (PIMAGE_DOS_HEADER)ueCopyBuffer;
PEFixHeader64 = (PIMAGE_NT_HEADERS64)((ULONG_PTR)DOSFixHeader + DOSFixHeader->e_lfanew);
@ -200,8 +193,7 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
}
PEFixHeader64->OptionalHeader.AddressOfEntryPoint = (DWORD)(EntryPoint - (ULONG_PTR)ImageBase);
PEFixHeader64->OptionalHeader.ImageBase = (DWORD64)((ULONG_PTR)ImageBase);
i = NumberOfSections;
while(i >= 1)
for(int i=NumberOfSections; i>=1; i--)
{
PEFixSection->PointerToRawData = PEFixSection->VirtualAddress;
RealignedVirtualSize = (PEFixSection->Misc.VirtualSize / PEHeader64->OptionalHeader.SectionAlignment) * PEHeader64->OptionalHeader.SectionAlignment;
@ -212,7 +204,6 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
PEFixSection->SizeOfRawData = RealignedVirtualSize;
PEFixSection->Misc.VirtualSize = RealignedVirtualSize;
PEFixSection = (PIMAGE_SECTION_HEADER)((ULONG_PTR)PEFixSection + IMAGE_SIZEOF_SECTION_HEADER);
i--;
}
WriteFile(hFile,ueCopyBuffer, (DWORD)AlignedHeaderSize, &uedNumberOfBytesRead, NULL);
ReadBase = (LPVOID)((ULONG_PTR)ReadBase + (DWORD)AlignedHeaderSize - TITANENGINE_PAGESIZE);
@ -242,9 +233,6 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
EngineCloseHandle(hFile);
return true;
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
}
}
}
}//PE64 Handler
@ -255,9 +243,6 @@ __declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBas
{
EngineCloseHandle(hFile);
}
if (ueReadBuffer != 0)
{
}
return false;
}

9
TitanEngine/TitanEngine.Exporter.cpp
View File

@ -205,15 +205,8 @@ __declspec(dllexport) bool TITCALL ExporterBuildExportTable(ULONG_PTR StorePlace
RtlMoveMemory(expBuildExportDataCWP, &expOrdinals, 2 * expExportNumber);
expBuildExportDataCWP = (LPVOID)((ULONG_PTR)expBuildExportDataCWP + 2 * expExportNumber);
RtlMoveMemory(expBuildExportData, &expExportData, sizeof IMAGE_EXPORT_DIRECTORY);
__try
{
RtlMoveMemory((LPVOID)StorePlace, expBuildExportData, (DWORD)((ULONG_PTR)expBuildExportDataCWP - (ULONG_PTR)expBuildExportData));
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
ExporterCleanup();
return false;
}
if(FileMapVA != NULL)
{

8
TitanEngine/TitanEngine.PE.Section.cpp
View File

@ -200,7 +200,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName)
if(!FileIs64)
{
sortedFileName = sortedFileNameBuf.Allocate(FileSize);
__try
if(sortedFileName)
{
RtlMoveMemory(sortedFileName, (LPVOID)FileMapVA, FileSize);
SectionNumber = PEHeader32->FileHeader.NumberOfSections;
@ -257,7 +257,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName)
return true;
}
}
__except(EXCEPTION_EXECUTE_HANDLER)
else
{
UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA);
RemoveGarbageItem(szBackupItem, true);
@ -267,7 +267,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName)
else
{
sortedFileName = sortedFileNameBuf.Allocate(FileSize);
__try
if(sortedFileName)
{
RtlMoveMemory(sortedFileName, (LPVOID)FileMapVA, FileSize);
SectionNumber = PEHeader64->FileHeader.NumberOfSections;
@ -324,7 +324,7 @@ __declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName)
return true;
}
}
__except(EXCEPTION_EXECUTE_HANDLER)
else
{
UnMapFileEx(FileHandle, FileSize, FileMap, FileMapVA);
RemoveGarbageItem(szBackupItem, true);