DBG: added size argument to 'find', 'strref' and 'reffind'

DBG: updated reference API to support a custom size and start address PROJECT: updated help
2014-05-01 18:39:40 +02:00 · 2014-05-01 18:39:40 +02:00 · 92df7faea1
parent 282e185557
commit 92df7faea1
6 changed files with 135 additions and 83 deletions
--- a/help/find.htm
+++ b/help/find.htm
@ -21,9 +21,11 @@ from. Notice that the searching will stop when the end of the memory page this
 address resides in has been reached. This means you cannot search the complete 
 process memory without enumerating the memory pages first.</SPAN></P>
 <P class=rvps3><SPAN class=rvts9>&nbsp; arg2: The byte pattern to search for. This byte 
-pattern can contain wildcards (?) for example: "EB0?90??8D"</SPAN></P>
+pattern can contain wildcards (?) for example: "EB0?90??8D".</SPAN></P>
+<P class=rvps3><SPAN class=rvts9>         [arg3]: 
+The size of the data to search in.</SPAN></P>
 <P class=rvps3><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN 
 class=rvts9>The $result variable is set to the virtual 
 address of the address that matches the byte pattern. $result will be 0 when the pattern could not be 
 matched.</SPAN></P>
-<P>&nbsp;</P></body>
+<P>&nbsp;</P></body>
--- a/help/reffind_findref_ref.htm
+++ b/help/reffind_findref_ref.htm
@ -1,39 +1,46 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-<title>reffind/findref/ref</title>
-<meta name="GENERATOR" content="WinCHM">
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<style>
-html,body { 
-	/* Default Font */
-	font-family: Courier New;
-	font-size: 11pt;
-}
-</style>
-
-</head>
-
-<body>
-<P><STRONG>reffind[,findref,ref]<BR></STRONG>Find references to a certain value.</P>
-<P class=rvps3><SPAN class=rvts11><U>arguments</U> <BR></SPAN>
-<SPAN class=rvts9>&nbsp; 
-arg1: The value to look for.
-
-</SPAN></P>
-<P class=rvps3>
-<SPAN class=rvts9>
-[arg2]: Address&nbsp;of/inside a memory page to look 
-in. When 
-not specified CIP will be used.&nbsp;
-
-</SPAN></P>
-<P class=rvps3>
-<SPAN class=rvts11 >
-<U >
-  result 
-
-<BR></U></SPAN>
-<SPAN 
-class=rvts9>The $result variable is set to the number of references 
-found.</SPAN> </P></head>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>reffind/findref/ref</title>
+<meta name="GENERATOR" content="WinCHM">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<style>
+html,body { 
+	/* Default Font */
+	font-family: Courier New;
+	font-size: 11pt;
+}
+</style>
+
+</head>
+
+<body>
+<P><STRONG>reffind[,findref,ref]<BR></STRONG>Find references to a certain value.</P>
+<P class=rvps3><SPAN class=rvts11><U>arguments</U> <BR></SPAN>
+<SPAN class=rvts9>&nbsp; 
+arg1: The value to look for.
+
+</SPAN></P>
+<P class=rvps3>
+<SPAN class=rvts9>
+[arg2]: Address&nbsp;of/inside a memory page to look 
+in. When 
+not specified CIP will be used.&nbsp;
+
+</SPAN></P>
+<P class=rvps3>
+<SPAN class=rvts9>
+      [arg3]: 
+The size 
+of the data to search in.
+
+</SPAN></P>
+<P class=rvps3>
+<SPAN class=rvts11 >
+<U >
+  result 
+
+<BR></U></SPAN>
+<SPAN 
+class=rvts9>The $result variable is set to the number of references 
+found.</SPAN> </P></BODY></HTML>
--- a/help/refstr_strref.htm
+++ b/help/refstr_strref.htm
@ -1,25 +1,28 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-<title>refstr/strref</title>
-<meta name="GENERATOR" content="WinCHM">
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<style>
-html,body { 
-	/* Default Font */
-	font-family: Courier New;
-	font-size: 11pt;
-}
-</style>
-
-</head>
-
-<body>
-<P><STRONG>refstr[,strref]<BR></STRONG>Find referenced text strings.</P>
-<P class=rvps3><SPAN class=rvts11><U>arguments</U> <BR></SPAN><SPAN 
-class=rvts9></SPAN><SPAN class=rvts9>[arg1]: Address of/inside a memory page to&nbsp;find 
-referenced text&nbsp;strings in. When not specified CIP 
-will be used.</SPAN></P>
-<P class=rvps3><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN 
-class=rvts9>The $result variable is set to the number of string references 
-found.</SPAN></P></body>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>refstr/strref</title>
+<meta name="GENERATOR" content="WinCHM">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<style>
+html,body { 
+	/* Default Font */
+	font-family: Courier New;
+	font-size: 11pt;
+}
+</style>
+
+</head>
+
+<body>
+<P><STRONG>refstr[,strref]<BR></STRONG>Find referenced text strings.</P>
+<P class=rvps3><SPAN class=rvts11><U>arguments</U> <BR></SPAN><SPAN 
+class=rvts9></SPAN><SPAN class=rvts9>[arg1]: Address of/inside a memory page to&nbsp;find 
+referenced text&nbsp;strings in. When not specified CIP 
+will be used.</SPAN></P>
+<P class=rvps3><SPAN class=rvts9>       
+ [arg2]: The size of the data 
+to search in.</SPAN></P>
+<P class=rvps3><SPAN class=rvts11><U>result <BR></U></SPAN><SPAN 
+class=rvts9>The $result variable is set to the number of string references 
+found.</SPAN></P></BODY></HTML>
--- a/x64_dbg_dbg/instruction.cpp
+++ b/x64_dbg_dbg/instruction.cpp
@ -782,17 +782,23 @@ CMDRESULT cbInstrRefFind(int argc, char* argv[])
 {
    if(argc<2)
    {
-        puts("not enough arguments!");
+        dputs("not enough arguments!");
        return STATUS_ERROR;
    }
    uint value=0;
    if(!valfromstring(argv[1], &value, false))
        return STATUS_ERROR;
    uint addr=0;
-    if(argc<3 or !valfromstring(argv[2], &addr, true))
+    if(argc<3 or !valfromstring(argv[2], &addr))
        addr=GetContextData(UE_CIP);
+    uint size;
+    if(argc>=4)
+    {
+        if(!valfromstring(argv[3], &size))
+            size=0;
+    }
    uint ticks=GetTickCount();
-    int found=reffind(addr, cbRefFind, (void*)value, false);
+    int found=reffind(addr, size, cbRefFind, (void*)value, false);
    dprintf("%u references in %ums\n", found, GetTickCount()-ticks);
    varset("$result", found, false);
    return STATUS_CONTINUE;
@ -852,8 +858,14 @@ CMDRESULT cbInstrRefStr(int argc, char* argv[])
    uint addr;
    if(argc<2 or !valfromstring(argv[1], &addr, true))
        addr=GetContextData(UE_CIP);
+    uint size;
+    if(argc>=3)
+    {
+        if(!valfromstring(argv[2], &size, true))
+            size=0;
+    }
    uint ticks=GetTickCount();
-    int found=reffind(addr, cbRefStr, 0, false);
+    int found=reffind(addr, size, cbRefStr, 0, false);
    dprintf("%u references in %ums\n", found, GetTickCount()-ticks);
    varset("$result", found, false);
    return STATUS_CONTINUE;
@ -953,7 +965,17 @@ CMDRESULT cbInstrFind(int argc, char* argv[])
        return STATUS_ERROR;
    }
    uint start=addr-base;
-    uint foundoffset=memfindpattern(data+start, size-start, pattern);
+    uint find_size=0;
+    if(argc>=4)
+    {
+        if(!valfromstring(argv[3], &find_size))
+            find_size=size-start;
+        if(find_size>(size-start))
+            find_size=size-start;
+    }
+    else
+        find_size=size-start;
+    uint foundoffset=memfindpattern(data+start, find_size, pattern);
    uint result=0;
    if(foundoffset!=-1)
        result=addr+foundoffset;
--- a/x64_dbg_dbg/reference.cpp
+++ b/x64_dbg_dbg/reference.cpp
@ -3,22 +3,40 @@
 #include "memory.h"
 #include "console.h"

-int reffind(uint addr, CBREF cbRef, void* userinfo, bool silent)
+int reffind(uint addr, uint size, CBREF cbRef, void* userinfo, bool silent)
 {
-    uint size=0;
-    uint base=memfindbaseaddr(fdProcessInfo->hProcess, addr, &size);
-    if(!base or !size)
+    uint start_addr;
+    uint start_size;
+    uint base;
+    uint base_size;
+    base=memfindbaseaddr(fdProcessInfo->hProcess, addr, &base_size);
+    if(!base or !base_size)
    {
        if(!silent)
            dputs("invalid memory page");
        return 0;
    }
-    unsigned char* data=(unsigned char*)emalloc(size);
-    if(!memread(fdProcessInfo->hProcess, (const void*)base, data, size, 0))
+    
+    if(!size) //assume the whole page
+    {
+        start_addr=base;
+        start_size=base_size;
+    }
+    else //custom boundaries
+    {
+        start_addr=addr;
+        uint maxsize=size-(start_addr-base);
+        if(size<maxsize) //check if the size fits in the page
+            start_size=size;
+        else
+            start_size=maxsize;
+    }
+    unsigned char* data=(unsigned char*)emalloc(start_size, "reffind:data");
+    if(!memread(fdProcessInfo->hProcess, (const void*)start_addr, data, start_size, 0))
    {
        if(!silent)
            dputs("error reading memory");
-        efree(data);
+        efree(data, "reffind:data");
        return 0;
    }
    DISASM disasm;
@ -27,18 +45,18 @@ int reffind(uint addr, CBREF cbRef, void* userinfo, bool silent)
    disasm.Archi=64;
 #endif // _WIN64
    disasm.EIP=(UIntPtr)data;
-    disasm.VirtualAddr=(UInt64)base;
+    disasm.VirtualAddr=(UInt64)start_addr;
    uint i=0;
    BASIC_INSTRUCTION_INFO basicinfo;
    cbRef(&disasm, &basicinfo, 0); //allow initializing
    REFINFO refinfo;
    memset(&refinfo, 0, sizeof(REFINFO));
    refinfo.userinfo=userinfo;
-    while(i<size)
+    while(i<start_size)
    {
        if(!(i%0x1000))
        {
-            double percent=(double)i/(double)size;
+            double percent=(double)i/(double)start_size;
            GuiReferenceSetProgress((int)(percent*100));
        }
        int len=Disasm(&disasm);
@ -56,6 +74,6 @@ int reffind(uint addr, CBREF cbRef, void* userinfo, bool silent)
    }
    GuiReferenceSetProgress(100);
    GuiReferenceReloadData();
-    efree(data);
+    efree(data, "reffind:data");
    return refinfo.refcount;
 }
--- a/x64_dbg_dbg/reference.h
+++ b/x64_dbg_dbg/reference.h
@ -15,6 +15,6 @@ struct REFINFO
 typedef bool (*CBREF)(DISASM* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo);

 //functions
-int reffind(uint page, CBREF cbRef, void* userinfo, bool silent);
+int reffind(uint page, uint size, CBREF cbRef, void* userinfo, bool silent);

 #endif //_REFERENCE_H