x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

Merged in Mattiwatti/titanengine/x64dbg (pull request #13) 

Fix memory/handle waste caused by mapping every loaded DLL into the debugger process

* Don't create a file mapping for every loaded DLL in LOAD_DLL_DEBUG_EVENT that is not freed until the end of the debug session just to query the DLL filename. GetMappedFileNameW takes a process handle, so just use the debuggee's process and DLL base instead

* Fix double free if TranslateNativeNameW() fails
This commit is contained in:
Mattiwatti 2018-03-23 11:25:54 +00:00 committed by Duncan
parent 9b36d32bf6
commit ef020ed39d
1 changed files with 50 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
TitanEngine/TitanEngine.Debugger.DebugLoop.cpp
View File

@ -52,8 +52,6 @@ __declspec(dllexport) void TITCALL DebugLoop()
wchar_t DLLDebugFileName[512]; wchar_t DLLDebugFileName[512];
char szAnsiLibraryName[MAX_PATH]; char szAnsiLibraryName[MAX_PATH];
ULONG_PTR DLLPatchAddress; ULONG_PTR DLLPatchAddress;
HANDLE hFileMapping;
LPVOID hFileMappingView;
LPVOID DBGEntryPoint; LPVOID DBGEntryPoint;
wchar_t* szTranslatedNativeName; wchar_t* szTranslatedNativeName;
@ -258,15 +256,9 @@ __declspec(dllexport) void TITCALL DebugLoop()
LIBRARY_ITEM_DATAW NewLibraryData; LIBRARY_ITEM_DATAW NewLibraryData;
memset(&NewLibraryData, 0, sizeof(LIBRARY_ITEM_DATAW)); memset(&NewLibraryData, 0, sizeof(LIBRARY_ITEM_DATAW));
NewLibraryData.BaseOfDll = DBGEvent.u.LoadDll.lpBaseOfDll; NewLibraryData.BaseOfDll = DBGEvent.u.LoadDll.lpBaseOfDll;
hFileMapping = DBGEvent.u.LoadDll.hFile ? CreateFileMappingA(DBGEvent.u.LoadDll.hFile, NULL, PAGE_READONLY, 0, 0, NULL) : NULL;
if(hFileMapping != NULL) // Query remote DLL path
{ if(GetMappedFileNameW(dbgProcessInformation.hProcess, DBGEvent.u.LoadDll.lpBaseOfDll, DLLDebugFileName, sizeof(DLLDebugFileName) / sizeof(wchar_t)))
hFileMappingView = MapViewOfFile(hFileMapping, FILE_MAP_READ, NULL, NULL, NULL);
if(hFileMappingView != NULL)
{
NewLibraryData.hFileMapping = hFileMapping;
NewLibraryData.hFileMappingView = hFileMappingView;
if(GetMappedFileNameW(GetCurrentProcess(), hFileMappingView, DLLDebugFileName, sizeof(DLLDebugFileName) / sizeof(DLLDebugFileName[0])) > NULL)
{ {
int i = lstrlenW(DLLDebugFileName); int i = lstrlenW(DLLDebugFileName);
while(DLLDebugFileName[i] != '\\' && i) while(DLLDebugFileName[i] != '\\' && i)
@ -296,8 +288,11 @@ __declspec(dllexport) void TITCALL DebugLoop()
} }
lstrcpyW(NewLibraryData.szLibraryName, &DLLDebugFileName[i + 1]); lstrcpyW(NewLibraryData.szLibraryName, &DLLDebugFileName[i + 1]);
szTranslatedNativeName = (wchar_t*)TranslateNativeNameW(DLLDebugFileName); szTranslatedNativeName = (wchar_t*)TranslateNativeNameW(DLLDebugFileName);
if(szTranslatedNativeName != nullptr)
{
lstrcpyW(NewLibraryData.szLibraryPath, szTranslatedNativeName); lstrcpyW(NewLibraryData.szLibraryPath, szTranslatedNativeName);
VirtualFree((void*)szTranslatedNativeName, NULL, MEM_RELEASE); VirtualFree((void*)szTranslatedNativeName, NULL, MEM_RELEASE);
}
RtlZeroMemory(szAnsiLibraryName, sizeof(szAnsiLibraryName)); RtlZeroMemory(szAnsiLibraryName, sizeof(szAnsiLibraryName));
WideCharToMultiByte(CP_ACP, NULL, NewLibraryData.szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL); WideCharToMultiByte(CP_ACP, NULL, NewLibraryData.szLibraryName, -1, szAnsiLibraryName, sizeof szAnsiLibraryName, NULL, NULL);
@ -319,8 +314,6 @@ __declspec(dllexport) void TITCALL DebugLoop()
} }
} }
} }
}
}
//maintain library list //maintain library list
hListLibrary.push_back(NewLibraryData); hListLibrary.push_back(NewLibraryData);