x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

BRIDGE: added DbgDisasmFastAt & GuiGetDisassembly 

DBG: exported DBG_DISASM_FAST
DBG: references now have disassembly as displayed in the GUI
GUI: added double click signal to StdTable
GUI: added 'Copy' context menu items to the ReferenceView
GUI: added double click slot to the SearchListView
GUI: added GET_DISASSEMBLY export
GUI: fixed a bug with unknown memory sizes (in BeaHighlight)
This commit is contained in:
Mr. eXoDia 2014-04-05 00:17:20 +02:00
parent db9f14ed69
commit 3c67b77ec3
17 changed files with 159 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
x64_dbg_bridge/bridgemain.cpp
View File

@ -575,6 +575,11 @@ BRIDGE_IMPEXP void DbgSettingsUpdated()
_dbg_sendmessage(DBG_SETTINGS_UPDATED, 0, 0);
}
BRIDGE_IMPEXP void DbgDisasmFastAt(duint addr, BASIC_INSTRUCTION_INFO* basicinfo)
{
_dbg_sendmessage(DBG_DISASM_FAST_AT, (void*)addr, basicinfo);
}
//GUI
BRIDGE_IMPEXP void GuiDisasmAt(duint addr, duint cip)
{
@ -769,6 +774,11 @@ BRIDGE_IMPEXP void GuiSetLastException(unsigned int exception)
_gui_sendmessage(GUI_SET_LAST_EXCEPTION, (void*)(duint)exception, 0);
}
BRIDGE_IMPEXP bool GuiGetDisassembly(duint addr, char* text)
{
return (bool)(duint)_gui_sendmessage(GUI_GET_DISASSEMBLY, (void*)addr, text);
}
//Main
BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{

45
x64_dbg_bridge/bridgemain.h
View File

@ -44,6 +44,11 @@ BRIDGE_IMPEXP bool BridgeSettingSetUint(const char* section, const char* key, du
#define MAX_BREAKPOINT_SIZE 256
#define MAX_SCRIPT_LINE_SIZE 2048
#define TYPE_VALUE 1
#define TYPE_MEMORY 2
#define TYPE_ADDR 4
#define MAX_MNEMONIC_SIZE 64
//Debugger enums
enum DBGSTATE
{
@ -117,7 +122,8 @@ enum DBGMSG
DBG_DISASM_AT, // param1=duint addr, param2=DISASM_INSTR* instr
DBG_STACK_COMMENT_GET, // param1=duint addr, param2=STACK_COMMENT* comment
DBG_GET_THREAD_LIST, // param1=THREADALLINFO* list, param2=unused
DBG_SETTINGS_UPDATED // param1=unused, param2=unused
DBG_SETTINGS_UPDATED, // param1=unused, param2=unused
DBG_DISASM_FAST_AT // param1=duint addr, param2=BASIC_INSTRUCTION_INFO* basicinfo
};
enum SCRIPTLINETYPE
@ -202,7 +208,16 @@ enum THREADWAITREASON
WrRundown = 36,
};
enum MEMORY_SIZE
{
size_byte,
size_word,
size_dword,
size_qword
};
//Debugger typedefs
typedef MEMORY_SIZE VALUE_SIZE;
struct SYMBOLINFO;
typedef void (*CBSYMBOLENUM)(SYMBOLINFO* symbol, void* user);
@ -334,7 +349,6 @@ struct DISASM_ARG
duint memvalue;
};
struct DISASM_INSTR
{
char instruction[64];
@ -376,6 +390,28 @@ struct THREADLIST
int CurrentThread;
};
struct MEMORY_INFO
{
ULONG_PTR value; //displacement / addrvalue (rip-relative)
MEMORY_SIZE size; //byte/word/dword/qword
char mnemonic[MAX_MNEMONIC_SIZE];
};
struct VALUE_INFO
{
ULONG_PTR value;
VALUE_SIZE size;
};
struct BASIC_INSTRUCTION_INFO
{
DWORD type; //value|memory|addr
VALUE_INFO value; //immediat
MEMORY_INFO memory;
ULONG_PTR addr; //addrvalue (jumps + calls)
bool branch; //jumps/calls
};
//Debugger functions
BRIDGE_IMPEXP const char* DbgInit();
BRIDGE_IMPEXP bool DbgMemRead(duint va, unsigned char* dest, duint size);
@ -423,6 +459,7 @@ BRIDGE_IMPEXP void DbgDisasmAt(duint addr, DISASM_INSTR* instr);
BRIDGE_IMPEXP bool DbgStackCommentGet(duint addr, STACK_COMMENT* comment);
BRIDGE_IMPEXP void DbgGetThreadList(THREADLIST* list);
BRIDGE_IMPEXP void DbgSettingsUpdated();
BRIDGE_IMPEXP void DbgDisasmFastAt(duint addr, BASIC_INSTRUCTION_INFO* basicinfo);
//Gui enums
enum GUIMSG
@ -462,7 +499,8 @@ enum GUIMSG
GUI_UPDATE_DUMP_VIEW, // param1=unused, param2=unused
GUI_UPDATE_THREAD_VIEW, // param1=unused, param2=unused
GUI_ADD_RECENT_FILE, // param1=(const char*)file, param2=unused
GUI_SET_LAST_EXCEPTION // param1=unsigned int code, param2=unused
GUI_SET_LAST_EXCEPTION, // param1=unsigned int code, param2=unused
GUI_GET_DISASSEMBLY // param1=duint addr, param2=char* text
};
//GUI structures
@ -511,6 +549,7 @@ BRIDGE_IMPEXP void GuiUpdateDumpView();
BRIDGE_IMPEXP void GuiUpdateThreadView();
BRIDGE_IMPEXP void GuiAddRecentFile(const char* file);
BRIDGE_IMPEXP void GuiSetLastException(unsigned int exception);
BRIDGE_IMPEXP bool GuiGetDisassembly(duint addr, char* text);
#ifdef __cplusplus
}

20
x64_dbg_dbg/_exports.cpp
View File

@ -12,6 +12,7 @@
#include "assemble.h"
#include "stackinfo.h"
#include "thread.h"
#include "disasm_fast.h"
extern "C" DLL_EXPORT duint _dbg_memfindbaseaddr(duint addr, duint* size)
{
@ -680,6 +681,25 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
}
}
break;
case DBG_DISASM_FAST_AT:
{
if(!param1 or !param2)
return 0;
unsigned char data[16];
if(!memread(fdProcessInfo->hProcess, param1, data, sizeof(data), 0))
return 0;
DISASM disasm;
memset(&disasm, 0, sizeof(disasm));
#ifdef _WIN64
disasm.Archi=64;
#endif // _WIN64
disasm.EIP=(UIntPtr)data;
disasm.VirtualAddr=(UInt64)param1;
uint i=0;
fillbasicinfo(&disasm, (BASIC_INSTRUCTION_INFO*)param2);
}
break;
}
return 0;
}

5
x64_dbg_dbg/disasm_fast.cpp
View File

@ -18,12 +18,11 @@ static MEMORY_SIZE argsize2memsize(int argsize)
void fillbasicinfo(DISASM* disasm, BASIC_INSTRUCTION_INFO* basicinfo)
{
//set type to zero
basicinfo->type=0;
//zero basicinfo
memset(basicinfo, 0, sizeof(BASIC_INSTRUCTION_INFO));
//find immidiat
if(disasm->Instruction.BranchType==0) //no branch
{
basicinfo->branch=false;
if((disasm->Argument1.ArgType&CONSTANT_TYPE)==CONSTANT_TYPE)
{
basicinfo->type|=TYPE_VALUE;

38
x64_dbg_dbg/disasm_fast.h
View File

@ -4,44 +4,6 @@
#include "_global.h"
#include "BeaEngine\BeaEngine.h"
#define TYPE_VALUE 1
#define TYPE_MEMORY 2
#define TYPE_ADDR 4
#define MAX_MNEMONIC_SIZE 64
enum MEMORY_SIZE
{
size_byte,
size_word,
size_dword,
size_qword
};
typedef MEMORY_SIZE VALUE_SIZE;
struct MEMORY_INFO
{
ULONG_PTR value; //displacement / addrvalue (rip-relative)
MEMORY_SIZE size; //byte/word/dword/qword
char mnemonic[MAX_MNEMONIC_SIZE];
};
struct VALUE_INFO
{
ULONG_PTR value;
VALUE_SIZE size;
};
struct BASIC_INSTRUCTION_INFO
{
DWORD type; //value|memory|addr
VALUE_INFO value; //immediat
MEMORY_INFO memory;
ULONG_PTR addr; //addrvalue (jumps + calls)
bool branch; //jumps/calls
};
void fillbasicinfo(DISASM* disasm, BASIC_INSTRUCTION_INFO* basicinfo);
#endif //_DISASM_FAST_H

2
x64_dbg_dbg/disasm_helper.cpp
View File

@ -313,7 +313,7 @@ bool disasmispossiblestring(uint addr)
return false;
uint test=0;
memcpy(&test, data, sizeof(uint));
if(memisvalidreadptr(fdProcessInfo->hProcess, test))
if(memisvalidreadptr(fdProcessInfo->hProcess, test)) //imports/pointers
return false;
if(isasciistring(data, sizeof(data)) or isunicodestring(data, sizeof(data)))
return true;

26
x64_dbg_dbg/instruction.cpp
View File

@ -769,7 +769,11 @@ static bool cbRefFind(DISASM* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO
sprintf(addrText, "%p", disasm->VirtualAddr);
GuiReferenceSetRowCount(refinfo->refcount+1);
GuiReferenceSetCellContent(refinfo->refcount, 0, addrText);
GuiReferenceSetCellContent(refinfo->refcount, 1, disasm->CompleteInstr);
char disassembly[2048]="";
if(GuiGetDisassembly((duint)disasm->VirtualAddr, disassembly))
GuiReferenceSetCellContent(refinfo->refcount, 1, disassembly);
else
GuiReferenceSetCellContent(refinfo->refcount, 1, disasm->CompleteInstr);
}
return found;
}
@ -787,10 +791,10 @@ CMDRESULT cbInstrRefFind(int argc, char* argv[])
uint addr=0;
if(argc<3 or !valfromstring(argv[2], &addr, true))
addr=GetContextData(UE_CIP);
uint ticks=GetTickCount();
int found=reffind(addr, cbRefFind, (void*)value, false);
char cmd[256]="";
sprintf(cmd, "$result=%u", found);
DbgCmdExec(cmd);
dprintf("%u references in %ums\n", found, GetTickCount()-ticks);
varset("$result", found, false);
return STATUS_CONTINUE;
}
@ -808,7 +812,7 @@ bool cbRefStr(DISASM* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinf
bool found=false;
STRING_TYPE strtype;
char string[512]="";
if(basicinfo->branch) //branches have no strings
if(basicinfo->branch) //branches have no strings (jmp dword [401000])
return false;
if((basicinfo->type&TYPE_VALUE)==TYPE_VALUE)
{
@ -826,7 +830,11 @@ bool cbRefStr(DISASM* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinf
sprintf(addrText, "%p", disasm->VirtualAddr);
GuiReferenceSetRowCount(refinfo->refcount+1);
GuiReferenceSetCellContent(refinfo->refcount, 0, addrText);
GuiReferenceSetCellContent(refinfo->refcount, 1, disasm->CompleteInstr);
char disassembly[2048]="";
if(GuiGetDisassembly((duint)disasm->VirtualAddr, disassembly))
GuiReferenceSetCellContent(refinfo->refcount, 1, disassembly);
else
GuiReferenceSetCellContent(refinfo->refcount, 1, disasm->CompleteInstr);
char dispString[1024]="";
if(strtype==str_ascii)
sprintf(dispString, "\"%s\"", string);
@ -844,10 +852,8 @@ CMDRESULT cbInstrRefStr(int argc, char* argv[])
addr=GetContextData(UE_CIP);
uint ticks=GetTickCount();
int found=reffind(addr, cbRefStr, 0, false);
dprintf("%ums\n", GetTickCount()-ticks);
char cmd[256]="";
sprintf(cmd, "$result=%u", found);
DbgCmdExec(cmd);
dprintf("%u references in %ums\n", found, GetTickCount()-ticks);
varset("$result", found, false);
return STATUS_CONTINUE;
}

1
x64_dbg_gui/Project/Src/BasicView/AbstractTableView.cpp
View File

@ -311,7 +311,6 @@ void AbstractTableView::mousePressEvent(QMouseEvent* event)
//QWidget::mousePressEvent(event);
}
/**
* @brief This method has been reimplemented. It manages the following actions:
* - Column resizing

26
x64_dbg_gui/Project/Src/BasicView/ReferenceView.cpp
View File

@ -23,6 +23,7 @@ ReferenceView::ReferenceView()
connect(Bridge::getBridge(), SIGNAL(referenceSetSingleSelection(int,bool)), this, SLOT(setSingleSelection(int,bool)));
connect(Bridge::getBridge(), SIGNAL(referenceSetProgress(int)), mSearchProgress, SLOT(setValue(int)));
connect(this, SIGNAL(listContextMenuSignal(QPoint)), this, SLOT(referenceContextMenu(QPoint)));
connect(this, SIGNAL(enterPressedSignal()), this, SLOT(followAddress()));
setupContextMenu();
}
@ -98,6 +99,17 @@ void ReferenceView::referenceContextMenu(const QPoint &pos)
QMenu* wMenu = new QMenu(this);
wMenu->addAction(mFollowAddress);
wMenu->addAction(mFollowDumpAddress);
wMenu->addSeparator();
//add copy actions
int count=this->mCurList->getColumnCount();
for(int i=0; i<count; i++)
{
wMenu->addAction(new QAction(QString("Copy " + this->mCurList->getColTitle(i)), this));
wMenu->actions().last()->setObjectName(QString("COPY|")+QString().sprintf("%d", i));
connect(wMenu->actions().last(), SIGNAL(triggered()), this, SLOT(copySlot()));
}
wMenu->exec(pos);
}
@ -112,3 +124,17 @@ void ReferenceView::followDumpAddress()
DbgCmdExecDirect(QString("dump " + this->mCurList->getCellContent(this->mCurList->getInitialSelection(), 0)).toUtf8().constData());
emit showCpu();
}
void ReferenceView::copySlot()
{
QAction* action = qobject_cast<QAction*>(sender());
if(action && action->objectName().startsWith("COPY|"))
{
bool ok=false;
int row=action->objectName().mid(5).toInt(&ok);
if(ok)
{
Bridge::CopyToClipboard(this->mCurList->getCellContent(this->mCurList->getInitialSelection(), row).toUtf8().constData());
}
}
}

1
x64_dbg_gui/Project/Src/BasicView/ReferenceView.h
View File

@ -24,6 +24,7 @@ private slots:
void referenceContextMenu(const QPoint & pos);
void followAddress();
void followDumpAddress();
void copySlot();
signals:
void showCpu();

9
x64_dbg_gui/Project/Src/BasicView/SearchListView.cpp
View File

@ -52,8 +52,10 @@ SearchListView::SearchListView(QWidget *parent) :
// Setup signals
connect(mList, SIGNAL(keyPressedSignal(QKeyEvent*)), this, SLOT(listKeyPressed(QKeyEvent*)));
connect(mList, SIGNAL(customContextMenuRequested(QPoint)), this, SLOT(listContextMenu(QPoint)));
connect(mList, SIGNAL(doubleClickedSignal()), this, SLOT(doubleClickedSlot()));
connect(mSearchList, SIGNAL(keyPressedSignal(QKeyEvent*)), this, SLOT(listKeyPressed(QKeyEvent*)));
connect(mSearchList, SIGNAL(customContextMenuRequested(QPoint)), this, SLOT(listContextMenu(QPoint)));
connect(mSearchList, SIGNAL(doubleClickedSignal()), this, SLOT(doubleClickedSlot()));
connect(mSearchBox, SIGNAL(textChanged(QString)), this, SLOT(searchTextChanged(QString)));
}
@ -123,7 +125,6 @@ void SearchListView::searchTextChanged(const QString &arg1)
for(int i=0,j=0; i<count; i++)
{
if(findTextInList(mList, arg1, i, mSearchStartCol, false))
//if(mList->getCellContent(i, 1).contains(arg1, Qt::CaseInsensitive) || mList->getCellContent(i, 2).contains(arg1, Qt::CaseInsensitive))
{
mSearchList->setRowCount(j+1);
mSearchList->setCellContent(j, 0, mList->getCellContent(i, 0));
@ -137,7 +138,6 @@ void SearchListView::searchTextChanged(const QString &arg1)
for(int i=0; i<count; i++)
{
if(findTextInList(mSearchList, arg1, i, mSearchStartCol, true))
//if(mSearchList->getCellContent(i, 1).startsWith(arg1, Qt::CaseInsensitive) || mSearchList->getCellContent(i, 2).startsWith(arg1, Qt::CaseInsensitive))
{
if(count>mSearchList->getViewableRowsCount())
{
@ -158,3 +158,8 @@ void SearchListView::listContextMenu(const QPoint & pos)
{
emit listContextMenuSignal(mCurList->mapToGlobal(pos));
}
void SearchListView::doubleClickedSlot()
{
emit enterPressedSignal();
}

1
x64_dbg_gui/Project/Src/BasicView/SearchListView.h
View File

@ -31,6 +31,7 @@ private slots:
void searchTextChanged(const QString &arg1);
void listKeyPressed(QKeyEvent* event);
void listContextMenu(const QPoint & pos);
void doubleClickedSlot();
signals:
void enterPressedSignal();

6
x64_dbg_gui/Project/Src/BasicView/StdTable.cpp
View File

@ -91,6 +91,12 @@ void StdTable::mousePressEvent(QMouseEvent* event)
AbstractTableView::mousePressEvent(event);
}
void StdTable::mouseDoubleClickEvent(QMouseEvent* event)
{
if(event->button() == Qt::LeftButton)
emit doubleClickedSignal();
AbstractTableView::mouseDoubleClickEvent(event);
}
void StdTable::mouseReleaseEvent(QMouseEvent* event)
{

2
x64_dbg_gui/Project/Src/BasicView/StdTable.h
View File

@ -14,6 +14,7 @@ public:
void mouseMoveEvent(QMouseEvent* event);
void mousePressEvent(QMouseEvent* event);
void mouseDoubleClickEvent(QMouseEvent* event);
void mouseReleaseEvent(QMouseEvent* event);
void keyPressEvent(QKeyEvent* event);
@ -38,6 +39,7 @@ public:
signals:
void selectionChangedSignal(int index);
void keyPressedSignal(QKeyEvent* event);
void doubleClickedSignal();
public slots:

21
x64_dbg_gui/Project/Src/Bridge/Bridge.cpp
View File

@ -455,6 +455,27 @@ __declspec(dllexport) void* _gui_sendmessage(GUIMSG type, void* param1, void* pa
}
break;
case GUI_GET_DISASSEMBLY:
{
uint_t parVA=(uint_t)param1;
char* text=(char*)param2;
if(!text || !parVA || !DbgIsDebugging())
return 0;
byte_t wBuffer[16];
if(!DbgMemRead(parVA, wBuffer, 16))
return 0;
QBeaEngine* disasm = new QBeaEngine();
Instruction_t instr=disasm->DisassembleAt(wBuffer, 16, 0, 0, parVA);
QList<CustomRichText_t> richText;
BeaHighlight::PrintRtfInstruction(&richText, &instr.disasm);
QString finalInstruction="";
for(int i=0; i<richText.size(); i++)
finalInstruction+=richText.at(i).text;
strcpy(text, finalInstruction.toUtf8().constData());
return (void*)1;
}
break;
default:
{
}

1
x64_dbg_gui/Project/Src/Bridge/Bridge.h
View File

@ -4,6 +4,7 @@
#include <QObject>
#include <QDebug>
#include <QtGui>
#include "BeaHighlight.h"
#include "NewTypes.h"
#include "ReferenceView.h"

3
x64_dbg_gui/Project/Src/Disassembler/BeaHighlight.cpp
View File

@ -113,6 +113,9 @@ bool BeaHighlight::PrintArgument(QList<CustomRichText_t>* richText, const ARGTYP
case 64:
argument.text.sprintf("qword ptr %s:[%s]", segment, argmnemonic.toUtf8().constData());
break;
default: //different memory size
argument.text.sprintf("ptr %s:[%s]", segment, argmnemonic.toUtf8().constData());
break;
}
}
else