DBG: new command: "symdownload"

2014-08-02 03:58:13 +02:00 · 2014-08-02 03:58:13 +02:00 · 5377371c76
parent 219908b4f8
commit 5377371c76
7 changed files with 134 additions and 7 deletions
--- a/x64_dbg_dbg/debugger.cpp
+++ b/x64_dbg_dbg/debugger.cpp
@ -29,6 +29,7 @@ static SIZE_T cachePrivateUsage=0;

 //Superglobal variables
 char szFileName[MAX_PATH]="";
+char szSymbolCachePath[MAX_PATH]="";
 char sqlitedb[deflen]="";
 PROCESS_INFORMATION* fdProcessInfo=&g_pi;
 HANDLE hActiveThread;
@ -459,6 +460,10 @@ static BOOL CALLBACK SymRegisterCallbackProc64(HANDLE hProcess, ULONG ActionCode
    {
        evt=(PIMAGEHLP_CBA_EVENT)CallbackData;
        const char* text=(const char*)evt->desc;
+        if(strstr(text, "Successfully received a response from the server."))
+            break;
+        if(strstr(text, "Waiting for the server to respond to a request."))
+            break;
        int len=(int)strlen(text);
        bool suspress=false;
        for(int i=0; i<len; i++)
@ -653,7 +658,7 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
    dbload();
    SymSetOptions(SYMOPT_DEBUG|SYMOPT_LOAD_LINES|SYMOPT_ALLOW_ABSOLUTE_SYMBOLS|SYMOPT_FAVOR_COMPRESSED|SYMOPT_IGNORE_NT_SYMPATH);
    GuiSymbolLogClear();
-    SymInitialize(fdProcessInfo->hProcess, 0, false); //initialize symbols
+    SymInitialize(fdProcessInfo->hProcess, szSymbolCachePath, false); //initialize symbols
    SymRegisterCallback64(fdProcessInfo->hProcess, SymRegisterCallbackProc64, 0);
    SymLoadModuleEx(fdProcessInfo->hProcess, CreateProcessInfo->hFile, DebugFileName, 0, (DWORD64)base, 0, 0, 0);
    IMAGEHLP_MODULE64 modInfo;
--- a/x64_dbg_dbg/debugger.h
+++ b/x64_dbg_dbg/debugger.h
@ -74,5 +74,6 @@ void cbDetach();
 extern PROCESS_INFORMATION* fdProcessInfo;
 extern HANDLE hActiveThread;
 extern char szFileName[MAX_PATH];
+extern char szSymbolCachePath[MAX_PATH];

 #endif // _DEBUGGER_H
--- a/x64_dbg_dbg/debugger_commands.cpp
+++ b/x64_dbg_dbg/debugger_commands.cpp
@ -9,6 +9,7 @@
 #include "argument.h"
 #include "plugin_loader.h"
 #include "simplescript.h"
+#include "symbolinfo.h"

 static bool bScyllaLoaded=false;

@ -1305,4 +1306,70 @@ CMDRESULT cbDebugDisableMemoryBreakpoint(int argc, char* argv[])
    dputs("memory breakpoint disabled!");
    GuiUpdateAllViews();
    return STATUS_CONTINUE;
+}
+
+CMDRESULT cbDebugDownloadSymbol(int argc, char* argv[])
+{
+    char szDefaultStore[MAX_PATH] = "";
+    const char* szSymbolStore = szDefaultStore;
+    if(!BridgeSettingGet("Symbols", "DefaultStore", szDefaultStore)) //get default symbol store from settings
+    {
+        strcpy(szDefaultStore, "http://msdl.microsoft.com/download/symbols");
+        BridgeSettingSet("Symbols", "DefaultStore", szDefaultStore);
+    }    
+    if(argc < 2) //no arguments
+    {
+        symdownloadallsymbols(szSymbolStore); //download symbols for all modules
+        GuiSymbolRefreshCurrent();
+        dputs("done! See symbol log for more information");
+        return STATUS_CONTINUE;
+    }
+    //get some module information
+    uint modbase = modbasefromname(argv[1]);
+    if(!modbase)
+    {
+        dprintf("invalid module \"%s\"!\n", argv[1]);
+        return STATUS_ERROR;
+    }
+    char szModulePath[MAX_PATH] = "";
+    if(!GetModuleFileNameExA(fdProcessInfo->hProcess, (HMODULE)modbase, szModulePath, MAX_PATH))
+    {
+        dputs("GetModuleFileNameExA failed!");
+        return STATUS_ERROR;
+    }
+    char szOldSearchPath[MAX_PATH] = "";
+    if(!SymGetSearchPath(fdProcessInfo->hProcess, szOldSearchPath, MAX_PATH)) //backup current search path
+    {
+        dputs("SymGetSearchPath failed!");
+        return STATUS_ERROR;
+    }
+    char szServerSearchPath[MAX_PATH * 2] = "";
+    if(argc > 2)
+        szSymbolStore = argv[2];
+    sprintf_s(szServerSearchPath, "SRV*%s*%s", szSymbolCachePath, szSymbolStore);
+    if(!SymSetSearchPath(fdProcessInfo->hProcess, szServerSearchPath)) //set new search path
+    {
+        dputs("SymSetSearchPath (1) failed!");
+        return STATUS_ERROR;
+    }
+    if(!SymUnloadModule64(fdProcessInfo->hProcess, (DWORD64)modbase)) //unload module
+    {
+        SymSetSearchPath(fdProcessInfo->hProcess, szOldSearchPath);
+        dputs("SymUnloadModule64 failed!");
+        return STATUS_ERROR;
+    }
+    if(!SymLoadModuleEx(fdProcessInfo->hProcess, 0, szModulePath, 0, (DWORD64)modbase, 0, 0, 0)) //load module
+    {
+        dputs("SymLoadModuleEx failed!");
+        SymSetSearchPath(fdProcessInfo->hProcess, szOldSearchPath);
+        return STATUS_ERROR;
+    }
+    if(!SymSetSearchPath(fdProcessInfo->hProcess, szOldSearchPath))
+    {
+        dputs("SymSetSearchPath (2) failed!");
+        return STATUS_ERROR;
+    }
+    GuiSymbolRefreshCurrent();
+    dputs("done! See symbol log for more information");
+    return STATUS_CONTINUE;
 }
--- a/x64_dbg_dbg/debugger_commands.h
+++ b/x64_dbg_dbg/debugger_commands.h
@ -50,5 +50,6 @@ CMDRESULT cbDebugEnableHardwareBreakpoint(int argc, char* argv[]);
 CMDRESULT cbDebugDisableHardwareBreakpoint(int argc, char* argv[]);
 CMDRESULT cbDebugEnableMemoryBreakpoint(int argc, char* argv[]);
 CMDRESULT cbDebugDisableMemoryBreakpoint(int argc, char* argv[]);
+CMDRESULT cbDebugDownloadSymbol(int argc, char* argv[]);

 #endif //_DEBUGGER_COMMANDS_H
--- a/x64_dbg_dbg/symbolinfo.cpp
+++ b/x64_dbg_dbg/symbolinfo.cpp
@ -1,6 +1,7 @@
 #include "symbolinfo.h"
 #include "debugger.h"
 #include "addrinfo.h"
+#include "console.h"

 struct SYMBOLCBDATA
 {
@ -73,6 +74,55 @@ void symupdatemodulelist()
    GuiSymbolUpdateModuleList(modcount, modListBridge);
 }

+void symdownloadallsymbols(const char* szSymbolStore)
+{
+    if(!szSymbolStore)
+        szSymbolStore = "http://msdl.microsoft.com/download/symbols";
+    std::vector<SYMBOLMODULEINFO> modList;
+    modList.clear();
+    SymEnumerateModules(fdProcessInfo->hProcess, EnumModules, &modList);
+    int modcount=(int)modList.size();
+    if(!modcount)
+        return;
+    char szOldSearchPath[MAX_PATH] = "";
+    if(!SymGetSearchPath(fdProcessInfo->hProcess, szOldSearchPath, MAX_PATH)) //backup current path
+    {
+        dputs("SymGetSearchPath failed!");
+        return;
+    }
+    char szServerSearchPath[MAX_PATH * 2] = "";
+    sprintf_s(szServerSearchPath, "SRV*%s*%s", szSymbolCachePath, szSymbolStore);
+    if(!SymSetSearchPath(fdProcessInfo->hProcess, szServerSearchPath)) //update search path
+    {
+        dputs("SymSetSearchPath (1) failed!");
+        return;
+    }
+    for(int i=0; i<modcount; i++) //reload all modules
+    {
+        uint modbase = modList.at(i).base;
+        char szModulePath[MAX_PATH] = "";
+        if(!GetModuleFileNameExA(fdProcessInfo->hProcess, (HMODULE)modbase, szModulePath, MAX_PATH))
+        {
+            dprintf("GetModuleFileNameExA("fhex") failed!\n", modbase);
+            continue;
+        }
+        if(!SymUnloadModule64(fdProcessInfo->hProcess, (DWORD64)modbase))
+        {
+            dprintf("SymUnloadModule64("fhex") failed!\n", modbase);
+            continue;
+        }
+        if(!SymLoadModuleEx(fdProcessInfo->hProcess, 0, szModulePath, 0, (DWORD64)modbase, 0, 0, 0))
+        {
+            dprintf("SymLoadModuleEx("fhex") failed!\n", modbase);
+            continue;
+        }
+    }
+    if(!SymSetSearchPath(fdProcessInfo->hProcess, szOldSearchPath)) //restore search path
+    {
+        dputs("SymSetSearchPath (2) failed!");
+    }
+}
+
 bool symfromname(const char* name, uint* addr)
 {
    if(!name or !strlen(name) or !addr or !_strnicmp(name, "ordinal", 7)) //skip 'OrdinalXXX'
--- a/x64_dbg_dbg/symbolinfo.h
+++ b/x64_dbg_dbg/symbolinfo.h
@ -5,6 +5,7 @@

 void symenum(uint base, CBSYMBOLENUM cbSymbolEnum, void* user);
 void symupdatemodulelist();
+void symdownloadallsymbols(const char* szSymbolStore);
 bool symfromname(const char* name, uint* addr);
 const char* symgetsymbolicname(uint addr);

--- a/x64_dbg_dbg/x64_dbg.cpp
+++ b/x64_dbg_dbg/x64_dbg.cpp
@ -96,12 +96,12 @@ static void registercommands()
    dbgcmdnew("DebugContinue\1con", cbDebugContinue, true); //set continue status
    dbgcmdnew("LibrarianSetBreakPoint\1bpdll", cbDebugBpDll, true); //set dll breakpoint
    dbgcmdnew("LibrarianRemoveBreakPoint\1bcdll", cbDebugBcDll, true); //remove dll breakpoint
-    dbgcmdnew("switchthread\1threadswitch", cbDebugSwitchthread, true);
-    dbgcmdnew("suspendthread\1threadsuspend", cbDebugSuspendthread, true);
-    dbgcmdnew("resumethread\1threadresume", cbDebugResumethread, true);
-    dbgcmdnew("killthread\1threadkill", cbDebugKillthread, true);
-    dbgcmdnew("setthreadpriority\1setprioritythread\1threadsetpriority", cbDebugSetPriority, true);
-
+    dbgcmdnew("switchthread\1threadswitch", cbDebugSwitchthread, true); //switch thread
+    dbgcmdnew("suspendthread\1threadsuspend", cbDebugSuspendthread, true); //suspend thread
+    dbgcmdnew("resumethread\1threadresume", cbDebugResumethread, true); //resume thread
+    dbgcmdnew("killthread\1threadkill", cbDebugKillthread, true); //kill thread
+    dbgcmdnew("setthreadpriority\1setprioritythread\1threadsetpriority", cbDebugSetPriority, true); //set thread priority
+    dbgcmdnew("symdownload\1downloadsym", cbDebugDownloadSymbol, true); //download symbols

    //breakpoints
    dbgcmdnew("bplist", cbDebugBplist, true); //breakpoint list
@ -258,6 +258,8 @@ extern "C" DLL_EXPORT const char* _dbg_dbginit()
    strcpy(dbbasepath, dir); //debug directory
    PathAppendA(dbbasepath, "db");
    CreateDirectoryA(dbbasepath, 0); //create database directory
+    strcpy(szSymbolCachePath, dir);
+    PathAppendA(szSymbolCachePath, "symbols");    
    SetCurrentDirectoryA(dir);
    gMsgStack=msgallocstack();
    if(!gMsgStack)