diff --git a/x64_dbg_bridge/bridgemain.h b/x64_dbg_bridge/bridgemain.h index 6c92f10d..9ffafc22 100644 --- a/x64_dbg_bridge/bridgemain.h +++ b/x64_dbg_bridge/bridgemain.h @@ -372,7 +372,8 @@ typedef struct { TITAN_ENGINE_CONTEXT_t titcontext; FLAGS flags; - + x87FPURegister_t x87FPURegisters[8]; + uint64_t mmx[8]; } REGDUMP; typedef struct diff --git a/x64_dbg_dbg/TitanEngine/TitanEngine.h b/x64_dbg_dbg/TitanEngine/TitanEngine.h index c7602051..f111e4ec 100644 --- a/x64_dbg_dbg/TitanEngine/TitanEngine.h +++ b/x64_dbg_dbg/TitanEngine/TitanEngine.h @@ -262,18 +262,18 @@ typedef struct { BYTE data[10]; int st_value; + int tag; } x87FPURegister_t; typedef struct { - DWORD ControlWord; - DWORD StatusWord; - DWORD TagWord; + WORD ControlWord; + WORD StatusWord; + WORD TagWord; DWORD ErrorOffset; DWORD ErrorSelector; DWORD DataOffset; DWORD DataSelector; - x87FPURegister_t x87FPURegister[8]; DWORD Cr0NpxState; } x87FPU_t; @@ -314,7 +314,6 @@ typedef struct BYTE RegisterArea[80]; x87FPU_t x87fpu; DWORD MxCsr; - uint64_t mmx[8]; #ifdef _WIN64 M128A XmmRegisters[16]; #else // x86 @@ -594,66 +593,66 @@ extern "C" // Global.Function.Declaration: // TitanEngine.Dumper.functions: -__declspec(dllexport) bool TITCALL DumpProcess(HANDLE hProcess, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint); -__declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint); -__declspec(dllexport) bool TITCALL DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, char* szDumpFileName, ULONG_PTR EntryPoint); -__declspec(dllexport) bool TITCALL DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, wchar_t* szDumpFileName, ULONG_PTR EntryPoint); -__declspec(dllexport) bool TITCALL DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, char* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, wchar_t* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpRegions(HANDLE hProcess, char* szDumpFolder, bool DumpAboveImageBaseOnly); -__declspec(dllexport) bool TITCALL DumpRegionsW(HANDLE hProcess, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly); -__declspec(dllexport) bool TITCALL DumpRegionsEx(DWORD ProcessId, char* szDumpFolder, bool DumpAboveImageBaseOnly); -__declspec(dllexport) bool TITCALL DumpRegionsExW(DWORD ProcessId, wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly); -__declspec(dllexport) bool TITCALL DumpModule(HANDLE hProcess, LPVOID ModuleBase, char* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, wchar_t* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, char* szDumpFileName); -__declspec(dllexport) bool TITCALL DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, wchar_t* szDumpFileName); -__declspec(dllexport) bool TITCALL PastePEHeader(HANDLE hProcess, LPVOID ImageBase, char* szDebuggedFileName); -__declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, wchar_t* szDebuggedFileName); -__declspec(dllexport) bool TITCALL ExtractSection(char* szFileName, char* szDumpFileName, DWORD SectionNumber); -__declspec(dllexport) bool TITCALL ExtractSectionW(wchar_t* szFileName, wchar_t* szDumpFileName, DWORD SectionNumber); -__declspec(dllexport) bool TITCALL ResortFileSections(char* szFileName); -__declspec(dllexport) bool TITCALL ResortFileSectionsW(wchar_t* szFileName); -__declspec(dllexport) bool TITCALL FindOverlay(char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize); -__declspec(dllexport) bool TITCALL FindOverlayW(wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize); -__declspec(dllexport) bool TITCALL ExtractOverlay(char* szFileName, char* szExtactedFileName); -__declspec(dllexport) bool TITCALL ExtractOverlayW(wchar_t* szFileName, wchar_t* szExtactedFileName); -__declspec(dllexport) bool TITCALL AddOverlay(char* szFileName, char* szOverlayFileName); -__declspec(dllexport) bool TITCALL AddOverlayW(wchar_t* szFileName, wchar_t* szOverlayFileName); -__declspec(dllexport) bool TITCALL CopyOverlay(char* szInFileName, char* szOutFileName); -__declspec(dllexport) bool TITCALL CopyOverlayW(wchar_t* szInFileName, wchar_t* szOutFileName); -__declspec(dllexport) bool TITCALL RemoveOverlay(char* szFileName); -__declspec(dllexport) bool TITCALL RemoveOverlayW(wchar_t* szFileName); -__declspec(dllexport) bool TITCALL MakeAllSectionsRWE(char* szFileName); -__declspec(dllexport) bool TITCALL MakeAllSectionsRWEW(wchar_t* szFileName); -__declspec(dllexport) long TITCALL AddNewSectionEx(char* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize); -__declspec(dllexport) long TITCALL AddNewSectionExW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize); -__declspec(dllexport) long TITCALL AddNewSection(char* szFileName, char* szSectionName, DWORD SectionSize); -__declspec(dllexport) long TITCALL AddNewSectionW(wchar_t* szFileName, char* szSectionName, DWORD SectionSize); -__declspec(dllexport) bool TITCALL ResizeLastSection(char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData); -__declspec(dllexport) bool TITCALL ResizeLastSectionW(wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData); -__declspec(dllexport) void TITCALL SetSharedOverlay(char* szFileName); -__declspec(dllexport) void TITCALL SetSharedOverlayW(wchar_t* szFileName); +__declspec(dllexport) bool TITCALL DumpProcess(HANDLE hProcess, LPVOID ImageBase, const char* szDumpFileName, ULONG_PTR EntryPoint); +__declspec(dllexport) bool TITCALL DumpProcessW(HANDLE hProcess, LPVOID ImageBase, const wchar_t* szDumpFileName, ULONG_PTR EntryPoint); +__declspec(dllexport) bool TITCALL DumpProcessEx(DWORD ProcessId, LPVOID ImageBase, const char* szDumpFileName, ULONG_PTR EntryPoint); +__declspec(dllexport) bool TITCALL DumpProcessExW(DWORD ProcessId, LPVOID ImageBase, const wchar_t* szDumpFileName, ULONG_PTR EntryPoint); +__declspec(dllexport) bool TITCALL DumpMemory(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpMemoryW(HANDLE hProcess, LPVOID MemoryStart, ULONG_PTR MemorySize, const wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpMemoryEx(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpMemoryExW(DWORD ProcessId, LPVOID MemoryStart, ULONG_PTR MemorySize, const wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpRegions(HANDLE hProcess, const char* szDumpFolder, bool DumpAboveImageBaseOnly); +__declspec(dllexport) bool TITCALL DumpRegionsW(HANDLE hProcess, const wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly); +__declspec(dllexport) bool TITCALL DumpRegionsEx(DWORD ProcessId, const char* szDumpFolder, bool DumpAboveImageBaseOnly); +__declspec(dllexport) bool TITCALL DumpRegionsExW(DWORD ProcessId, const wchar_t* szDumpFolder, bool DumpAboveImageBaseOnly); +__declspec(dllexport) bool TITCALL DumpModule(HANDLE hProcess, LPVOID ModuleBase, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpModuleW(HANDLE hProcess, LPVOID ModuleBase, const wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpModuleEx(DWORD ProcessId, LPVOID ModuleBase, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL DumpModuleExW(DWORD ProcessId, LPVOID ModuleBase, const wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL PastePEHeader(HANDLE hProcess, LPVOID ImageBase, const char* szDebuggedFileName); +__declspec(dllexport) bool TITCALL PastePEHeaderW(HANDLE hProcess, LPVOID ImageBase, const wchar_t* szDebuggedFileName); +__declspec(dllexport) bool TITCALL ExtractSection(const char* szFileName, const char* szDumpFileName, DWORD SectionNumber); +__declspec(dllexport) bool TITCALL ExtractSectionW(const wchar_t* szFileName, const wchar_t* szDumpFileName, DWORD SectionNumber); +__declspec(dllexport) bool TITCALL ResortFileSections(const char* szFileName); +__declspec(dllexport) bool TITCALL ResortFileSectionsW(const wchar_t* szFileName); +__declspec(dllexport) bool TITCALL FindOverlay(const char* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize); +__declspec(dllexport) bool TITCALL FindOverlayW(const wchar_t* szFileName, LPDWORD OverlayStart, LPDWORD OverlaySize); +__declspec(dllexport) bool TITCALL ExtractOverlay(const char* szFileName, const char* szExtactedFileName); +__declspec(dllexport) bool TITCALL ExtractOverlayW(const wchar_t* szFileName, const wchar_t* szExtactedFileName); +__declspec(dllexport) bool TITCALL AddOverlay(const char* szFileName, const char* szOverlayFileName); +__declspec(dllexport) bool TITCALL AddOverlayW(const wchar_t* szFileName, const wchar_t* szOverlayFileName); +__declspec(dllexport) bool TITCALL CopyOverlay(const char* szInFileName, const char* szOutFileName); +__declspec(dllexport) bool TITCALL CopyOverlayW(const wchar_t* szInFileName, const wchar_t* szOutFileName); +__declspec(dllexport) bool TITCALL RemoveOverlay(const char* szFileName); +__declspec(dllexport) bool TITCALL RemoveOverlayW(const wchar_t* szFileName); +__declspec(dllexport) bool TITCALL MakeAllSectionsRWE(const char* szFileName); +__declspec(dllexport) bool TITCALL MakeAllSectionsRWEW(const wchar_t* szFileName); +__declspec(dllexport) long TITCALL AddNewSectionEx(const char* szFileName, const char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize); +__declspec(dllexport) long TITCALL AddNewSectionExW(const wchar_t* szFileName, const char* szSectionName, DWORD SectionSize, DWORD SectionAttributes, LPVOID SectionContent, DWORD ContentSize); +__declspec(dllexport) long TITCALL AddNewSection(const char* szFileName, const char* szSectionName, DWORD SectionSize); +__declspec(dllexport) long TITCALL AddNewSectionW(const wchar_t* szFileName, const char* szSectionName, DWORD SectionSize); +__declspec(dllexport) bool TITCALL ResizeLastSection(const char* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData); +__declspec(dllexport) bool TITCALL ResizeLastSectionW(const wchar_t* szFileName, DWORD NumberOfExpandBytes, bool AlignResizeData); +__declspec(dllexport) void TITCALL SetSharedOverlay(const char* szFileName); +__declspec(dllexport) void TITCALL SetSharedOverlayW(const wchar_t* szFileName); __declspec(dllexport) char* TITCALL GetSharedOverlay(); __declspec(dllexport) wchar_t* TITCALL GetSharedOverlayW(); -__declspec(dllexport) bool TITCALL DeleteLastSection(char* szFileName); -__declspec(dllexport) bool TITCALL DeleteLastSectionW(wchar_t* szFileName); -__declspec(dllexport) bool TITCALL DeleteLastSectionEx(char* szFileName, DWORD NumberOfSections); -__declspec(dllexport) bool TITCALL DeleteLastSectionExW(wchar_t* szFileName, DWORD NumberOfSections); +__declspec(dllexport) bool TITCALL DeleteLastSection(const char* szFileName); +__declspec(dllexport) bool TITCALL DeleteLastSectionW(const wchar_t* szFileName); +__declspec(dllexport) bool TITCALL DeleteLastSectionEx(const char* szFileName, DWORD NumberOfSections); +__declspec(dllexport) bool TITCALL DeleteLastSectionExW(const wchar_t* szFileName, DWORD NumberOfSections); __declspec(dllexport) ULONG_PTR TITCALL GetPE32DataFromMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData); -__declspec(dllexport) ULONG_PTR TITCALL GetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData); -__declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData); +__declspec(dllexport) ULONG_PTR TITCALL GetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData); +__declspec(dllexport) ULONG_PTR TITCALL GetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData); __declspec(dllexport) bool TITCALL GetPE32DataFromMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage); -__declspec(dllexport) bool TITCALL GetPE32DataEx(char* szFileName, LPVOID DataStorage); -__declspec(dllexport) bool TITCALL GetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage); +__declspec(dllexport) bool TITCALL GetPE32DataEx(const char* szFileName, LPVOID DataStorage); +__declspec(dllexport) bool TITCALL GetPE32DataExW(const wchar_t* szFileName, LPVOID DataStorage); __declspec(dllexport) bool TITCALL SetPE32DataForMappedFile(ULONG_PTR FileMapVA, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue); -__declspec(dllexport) bool TITCALL SetPE32Data(char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue); -__declspec(dllexport) bool TITCALL SetPE32DataW(wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue); +__declspec(dllexport) bool TITCALL SetPE32Data(const char* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue); +__declspec(dllexport) bool TITCALL SetPE32DataW(const wchar_t* szFileName, DWORD WhichSection, DWORD WhichData, ULONG_PTR NewDataValue); __declspec(dllexport) bool TITCALL SetPE32DataForMappedFileEx(ULONG_PTR FileMapVA, LPVOID DataStorage); -__declspec(dllexport) bool TITCALL SetPE32DataEx(char* szFileName, LPVOID DataStorage); -__declspec(dllexport) bool TITCALL SetPE32DataExW(wchar_t* szFileName, LPVOID DataStorage); +__declspec(dllexport) bool TITCALL SetPE32DataEx(const char* szFileName, LPVOID DataStorage); +__declspec(dllexport) bool TITCALL SetPE32DataExW(const wchar_t* szFileName, LPVOID DataStorage); __declspec(dllexport) long TITCALL GetPE32SectionNumberFromVA(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert); __declspec(dllexport) ULONG_PTR TITCALL ConvertVAtoFileOffset(ULONG_PTR FileMapVA, ULONG_PTR AddressToConvert, bool ReturnType); __declspec(dllexport) ULONG_PTR TITCALL ConvertVAtoFileOffsetEx(ULONG_PTR FileMapVA, DWORD FileSize, ULONG_PTR ImageBase, ULONG_PTR AddressToConvert, bool AddressIsRVA, bool ReturnType); @@ -662,19 +661,19 @@ __declspec(dllexport) ULONG_PTR TITCALL ConvertFileOffsetToVAEx(ULONG_PTR FileMa __declspec(dllexport) bool TITCALL MemoryReadSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesRead); __declspec(dllexport) bool TITCALL MemoryWriteSafe(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T* lpNumberOfBytesWritten); // TitanEngine.Realigner.functions: -__declspec(dllexport) bool TITCALL FixHeaderCheckSum(char* szFileName); -__declspec(dllexport) bool TITCALL FixHeaderCheckSumW(wchar_t* szFileName); +__declspec(dllexport) bool TITCALL FixHeaderCheckSum(const char* szFileName); +__declspec(dllexport) bool TITCALL FixHeaderCheckSumW(const wchar_t* szFileName); __declspec(dllexport) long TITCALL RealignPE(ULONG_PTR FileMapVA, DWORD FileSize, DWORD RealingMode); -__declspec(dllexport) long TITCALL RealignPEEx(char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment); -__declspec(dllexport) long TITCALL RealignPEExW(wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment); -__declspec(dllexport) bool TITCALL WipeSection(char* szFileName, int WipeSectionNumber, bool RemovePhysically); -__declspec(dllexport) bool TITCALL WipeSectionW(wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically); -__declspec(dllexport) bool TITCALL IsPE32FileValidEx(char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo); -__declspec(dllexport) bool TITCALL IsPE32FileValidExW(wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo); -__declspec(dllexport) bool TITCALL FixBrokenPE32FileEx(char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo); -__declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo); -__declspec(dllexport) bool TITCALL IsFileDLL(char* szFileName, ULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL IsFileDLLW(wchar_t* szFileName, ULONG_PTR FileMapVA); +__declspec(dllexport) long TITCALL RealignPEEx(const char* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment); +__declspec(dllexport) long TITCALL RealignPEExW(const wchar_t* szFileName, DWORD RealingFileSize, DWORD ForcedFileAlignment); +__declspec(dllexport) bool TITCALL WipeSection(const char* szFileName, int WipeSectionNumber, bool RemovePhysically); +__declspec(dllexport) bool TITCALL WipeSectionW(const wchar_t* szFileName, int WipeSectionNumber, bool RemovePhysically); +__declspec(dllexport) bool TITCALL IsPE32FileValidEx(const char* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo); +__declspec(dllexport) bool TITCALL IsPE32FileValidExW(const wchar_t* szFileName, DWORD CheckDepth, LPVOID FileStatusInfo); +__declspec(dllexport) bool TITCALL FixBrokenPE32FileEx(const char* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo); +__declspec(dllexport) bool TITCALL FixBrokenPE32FileExW(const wchar_t* szFileName, LPVOID FileStatusInfo, LPVOID FileFixInfo); +__declspec(dllexport) bool TITCALL IsFileDLL(const char* szFileName, ULONG_PTR FileMapVA); +__declspec(dllexport) bool TITCALL IsFileDLLW(const wchar_t* szFileName, ULONG_PTR FileMapVA); // TitanEngine.Hider.functions: __declspec(dllexport) void* TITCALL GetPEBLocation(HANDLE hProcess); __declspec(dllexport) void* TITCALL GetPEBLocation64(HANDLE hProcess); @@ -688,31 +687,31 @@ __declspec(dllexport) void TITCALL RelocaterInit(DWORD MemorySize, ULONG_PTR Old __declspec(dllexport) void TITCALL RelocaterAddNewRelocation(HANDLE hProcess, ULONG_PTR RelocateAddress, DWORD RelocateState); __declspec(dllexport) long TITCALL RelocaterEstimatedSize(); __declspec(dllexport) bool TITCALL RelocaterExportRelocation(ULONG_PTR StorePlace, DWORD StorePlaceRVA, ULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL RelocaterExportRelocationEx(char* szFileName, char* szSectionName); -__declspec(dllexport) bool TITCALL RelocaterExportRelocationExW(wchar_t* szFileName, char* szSectionName); +__declspec(dllexport) bool TITCALL RelocaterExportRelocationEx(const char* szFileName, const char* szSectionName); +__declspec(dllexport) bool TITCALL RelocaterExportRelocationExW(const wchar_t* szFileName, const char* szSectionName); __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTable(HANDLE hProcess, ULONG_PTR MemoryStart, DWORD MemorySize); __declspec(dllexport) bool TITCALL RelocaterGrabRelocationTableEx(HANDLE hProcess, ULONG_PTR MemoryStart, ULONG_PTR MemorySize, DWORD NtSizeOfImage); -__declspec(dllexport) bool TITCALL RelocaterMakeSnapshot(HANDLE hProcess, char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize); -__declspec(dllexport) bool TITCALL RelocaterMakeSnapshotW(HANDLE hProcess, wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize); -__declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, char* szDumpFile1, char* szDumpFile2, ULONG_PTR MemStart); -__declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, wchar_t* szDumpFile1, wchar_t* szDumpFile2, ULONG_PTR MemStart); -__declspec(dllexport) bool TITCALL RelocaterChangeFileBase(char* szFileName, ULONG_PTR NewImageBase); -__declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(wchar_t* szFileName, ULONG_PTR NewImageBase); +__declspec(dllexport) bool TITCALL RelocaterMakeSnapshot(HANDLE hProcess, const char* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize); +__declspec(dllexport) bool TITCALL RelocaterMakeSnapshotW(HANDLE hProcess, const wchar_t* szSaveFileName, LPVOID MemoryStart, ULONG_PTR MemorySize); +__declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshots(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, const char* szDumpFile1, const char* szDumpFile2, ULONG_PTR MemStart); +__declspec(dllexport) bool TITCALL RelocaterCompareTwoSnapshotsW(HANDLE hProcess, ULONG_PTR LoadedImageBase, ULONG_PTR NtSizeOfImage, const wchar_t* szDumpFile1, const wchar_t* szDumpFile2, ULONG_PTR MemStart); +__declspec(dllexport) bool TITCALL RelocaterChangeFileBase(const char* szFileName, ULONG_PTR NewImageBase); +__declspec(dllexport) bool TITCALL RelocaterChangeFileBaseW(const wchar_t* szFileName, ULONG_PTR NewImageBase); __declspec(dllexport) bool TITCALL RelocaterRelocateMemoryBlock(ULONG_PTR FileMapVA, ULONG_PTR MemoryLocation, void* RelocateMemory, DWORD RelocateMemorySize, ULONG_PTR CurrentLoadedBase, ULONG_PTR RelocateBase); -__declspec(dllexport) bool TITCALL RelocaterWipeRelocationTable(char* szFileName); -__declspec(dllexport) bool TITCALL RelocaterWipeRelocationTableW(wchar_t* szFileName); +__declspec(dllexport) bool TITCALL RelocaterWipeRelocationTable(const char* szFileName); +__declspec(dllexport) bool TITCALL RelocaterWipeRelocationTableW(const wchar_t* szFileName); // TitanEngine.Resourcer.functions: -__declspec(dllexport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUse(char* szFileName); -__declspec(dllexport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUseW(wchar_t* szFileName); +__declspec(dllexport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUse(const char* szFileName); +__declspec(dllexport) ULONG_PTR TITCALL ResourcerLoadFileForResourceUseW(const wchar_t* szFileName); __declspec(dllexport) bool TITCALL ResourcerFreeLoadedFile(LPVOID LoadedFileBase); -__declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileEx(ULONG_PTR FileMapVA, char* szResourceType, char* szResourceName, char* szExtractedFileName); -__declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFile(char* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName); -__declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileW(wchar_t* szFileName, char* szResourceType, char* szResourceName, char* szExtractedFileName); -__declspec(dllexport) bool TITCALL ResourcerFindResource(char* szFileName, char* szResourceType, DWORD ResourceType, char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize); -__declspec(dllexport) bool TITCALL ResourcerFindResourceW(wchar_t* szFileName, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize); -__declspec(dllexport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, wchar_t* szResourceType, DWORD ResourceType, wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize); -__declspec(dllexport) void TITCALL ResourcerEnumerateResource(char* szFileName, void* CallBack); -__declspec(dllexport) void TITCALL ResourcerEnumerateResourceW(wchar_t* szFileName, void* CallBack); +__declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileEx(ULONG_PTR FileMapVA, const char* szResourceType, const char* szResourceName, const char* szExtractedFileName); +__declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFile(const char* szFileName, const char* szResourceType, const char* szResourceName, const char* szExtractedFileName); +__declspec(dllexport) bool TITCALL ResourcerExtractResourceFromFileW(const wchar_t* szFileName, char* szResourceType, const char* szResourceName, const char* szExtractedFileName); +__declspec(dllexport) bool TITCALL ResourcerFindResource(const char* szFileName, const char* szResourceType, DWORD ResourceType, const char* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize); +__declspec(dllexport) bool TITCALL ResourcerFindResourceW(const wchar_t* szFileName, const wchar_t* szResourceType, DWORD ResourceType, const wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize); +__declspec(dllexport) bool TITCALL ResourcerFindResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, const wchar_t* szResourceType, DWORD ResourceType, const wchar_t* szResourceName, DWORD ResourceName, DWORD ResourceLanguage, PULONG_PTR pResourceData, LPDWORD pResourceSize); +__declspec(dllexport) void TITCALL ResourcerEnumerateResource(const char* szFileName, void* CallBack); +__declspec(dllexport) void TITCALL ResourcerEnumerateResourceW(const wchar_t* szFileName, void* CallBack); __declspec(dllexport) void TITCALL ResourcerEnumerateResourceEx(ULONG_PTR FileMapVA, DWORD FileSize, void* CallBack); // TitanEngine.Threader.functions: __declspec(dllexport) bool TITCALL ThreaderImportRunningThreadData(DWORD ProcessId); @@ -745,11 +744,11 @@ __declspec(dllexport) long TITCALL StaticLengthDisassemble(LPVOID DisassmAddress __declspec(dllexport) long TITCALL LengthDisassembleEx(HANDLE hProcess, LPVOID DisassmAddress); __declspec(dllexport) long TITCALL LengthDisassemble(LPVOID DisassmAddress); __declspec(dllexport) void* TITCALL InitDebug(char* szFileName, char* szCommandLine, char* szCurrentFolder); -__declspec(dllexport) void* TITCALL InitDebugW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder); -__declspec(dllexport) void* TITCALL InitDebugEx(char* szFileName, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack); -__declspec(dllexport) void* TITCALL InitDebugExW(wchar_t* szFileName, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack); -__declspec(dllexport) void* TITCALL InitDLLDebug(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, LPVOID EntryCallBack); -__declspec(dllexport) void* TITCALL InitDLLDebugW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, LPVOID EntryCallBack); +__declspec(dllexport) void* TITCALL InitDebugW(const wchar_t* szFileName, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder); +__declspec(dllexport) void* TITCALL InitDebugEx(const char* szFileName, const char* szCommandLine, const char* szCurrentFolder, LPVOID EntryCallBack); +__declspec(dllexport) void* TITCALL InitDebugExW(const wchar_t* szFileName, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, LPVOID EntryCallBack); +__declspec(dllexport) void* TITCALL InitDLLDebug(const char* szFileName, bool ReserveModuleBase, const char* szCommandLine, const char* szCurrentFolder, LPVOID EntryCallBack); +__declspec(dllexport) void* TITCALL InitDLLDebugW(const wchar_t* szFileName, bool ReserveModuleBase, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, LPVOID EntryCallBack); __declspec(dllexport) bool TITCALL StopDebug(); __declspec(dllexport) void TITCALL SetBPXOptions(long DefaultBreakPointType); __declspec(dllexport) bool TITCALL IsBPXEnabled(ULONG_PTR bpxAddress); @@ -765,6 +764,8 @@ __declspec(dllexport) bool TITCALL SetMemoryBPX(ULONG_PTR MemoryStart, SIZE_T Si __declspec(dllexport) bool TITCALL SetMemoryBPXEx(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory, DWORD BreakPointType, bool RestoreOnHit, LPVOID bpxCallBack); __declspec(dllexport) bool TITCALL RemoveMemoryBPX(ULONG_PTR MemoryStart, SIZE_T SizeOfMemory); __declspec(dllexport) bool TITCALL GetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea); +__declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPURegisters[8], TITAN_ENGINE_CONTEXT_t* titcontext); +__declspec(dllexport) void TITCALL GetMMXRegisters(uint64_t mmx[8], TITAN_ENGINE_CONTEXT_t* titcontext); __declspec(dllexport) bool TITCALL GetFullContextDataEx(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext); __declspec(dllexport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister); __declspec(dllexport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister); @@ -814,25 +815,25 @@ __declspec(dllexport) bool TITCALL AttachDebugger(DWORD ProcessId, bool KillOnEx __declspec(dllexport) bool TITCALL DetachDebugger(DWORD ProcessId); __declspec(dllexport) bool TITCALL DetachDebuggerEx(DWORD ProcessId); __declspec(dllexport) void TITCALL DebugLoopEx(DWORD TimeOut); -__declspec(dllexport) void TITCALL AutoDebugEx(char* szFileName, bool ReserveModuleBase, char* szCommandLine, char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack); -__declspec(dllexport) void TITCALL AutoDebugExW(wchar_t* szFileName, bool ReserveModuleBase, wchar_t* szCommandLine, wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack); +__declspec(dllexport) void TITCALL AutoDebugEx(const char* szFileName, bool ReserveModuleBase, const char* szCommandLine, const char* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack); +__declspec(dllexport) void TITCALL AutoDebugExW(const wchar_t* szFileName, bool ReserveModuleBase, const wchar_t* szCommandLine, const wchar_t* szCurrentFolder, DWORD TimeOut, LPVOID EntryCallBack); __declspec(dllexport) bool TITCALL IsFileBeingDebugged(); __declspec(dllexport) void TITCALL SetErrorModel(bool DisplayErrorMessages); // TitanEngine.FindOEP.functions: __declspec(dllexport) void TITCALL FindOEPInit(); -__declspec(dllexport) bool TITCALL FindOEPGenerically(char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack); -__declspec(dllexport) bool TITCALL FindOEPGenericallyW(wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack); +__declspec(dllexport) bool TITCALL FindOEPGenerically(const char* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack); +__declspec(dllexport) bool TITCALL FindOEPGenericallyW(const wchar_t* szFileName, LPVOID TraceInitCallBack, LPVOID CallBack); // TitanEngine.Importer.functions: -__declspec(dllexport) void TITCALL ImporterAddNewDll(char* szDLLName, ULONG_PTR FirstThunk); -__declspec(dllexport) void TITCALL ImporterAddNewAPI(char* szAPIName, ULONG_PTR ThunkValue); +__declspec(dllexport) void TITCALL ImporterAddNewDll(const char* szDLLName, ULONG_PTR FirstThunk); +__declspec(dllexport) void TITCALL ImporterAddNewAPI(const char* szAPIName, ULONG_PTR ThunkValue); __declspec(dllexport) void TITCALL ImporterAddNewOrdinalAPI(ULONG_PTR OrdinalNumber, ULONG_PTR ThunkValue); __declspec(dllexport) long TITCALL ImporterGetAddedDllCount(); __declspec(dllexport) long TITCALL ImporterGetAddedAPICount(); __declspec(dllexport) bool TITCALL ImporterExportIAT(ULONG_PTR StorePlace, ULONG_PTR FileMapVA, HANDLE hFileMap); __declspec(dllexport) long TITCALL ImporterEstimatedSize(); -__declspec(dllexport) bool TITCALL ImporterExportIATEx(char* szDumpFileName, char* szExportFileName, char* szSectionName); -__declspec(dllexport) bool TITCALL ImporterExportIATExW(wchar_t* szDumpFileName, wchar_t* szExportFileName, wchar_t* szSectionName = L".RL!TEv2"); -__declspec(dllexport) ULONG_PTR TITCALL ImporterFindAPIWriteLocation(char* szAPIName); +__declspec(dllexport) bool TITCALL ImporterExportIATEx(const char* szDumpFileName, const char* szExportFileName, const char* szSectionName); +__declspec(dllexport) bool TITCALL ImporterExportIATExW(const wchar_t* szDumpFileName, const wchar_t* szExportFileName, const wchar_t* szSectionName = L".RL!TEv2"); +__declspec(dllexport) ULONG_PTR TITCALL ImporterFindAPIWriteLocation(const char* szAPIName); __declspec(dllexport) ULONG_PTR TITCALL ImporterFindOrdinalAPIWriteLocation(ULONG_PTR OrdinalNumber); __declspec(dllexport) ULONG_PTR TITCALL ImporterFindAPIByWriteLocation(ULONG_PTR APIWriteLocation); __declspec(dllexport) ULONG_PTR TITCALL ImporterFindDLLByWriteLocation(ULONG_PTR APIWriteLocation); @@ -842,7 +843,7 @@ __declspec(dllexport) void* TITCALL ImporterGetAPIName(ULONG_PTR APIAddress); __declspec(dllexport) ULONG_PTR TITCALL ImporterGetAPIOrdinalNumber(ULONG_PTR APIAddress); __declspec(dllexport) void* TITCALL ImporterGetAPINameEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList); __declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress); -__declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddressEx(char* szDLLName, char* szAPIName); +__declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteAPIAddressEx(const char* szDLLName, const char* szAPIName); __declspec(dllexport) ULONG_PTR TITCALL ImporterGetLocalAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress); __declspec(dllexport) void* TITCALL ImporterGetDLLNameFromDebugee(HANDLE hProcess, ULONG_PTR APIAddress); __declspec(dllexport) void* TITCALL ImporterGetDLLNameFromDebugeeW(HANDLE hProcess, ULONG_PTR APIAddress); @@ -851,8 +852,8 @@ __declspec(dllexport) ULONG_PTR TITCALL ImporterGetAPIOrdinalNumberFromDebugee(H __declspec(dllexport) long TITCALL ImporterGetDLLIndexEx(ULONG_PTR APIAddress, ULONG_PTR DLLBasesList); __declspec(dllexport) long TITCALL ImporterGetDLLIndex(HANDLE hProcess, ULONG_PTR APIAddress, ULONG_PTR DLLBasesList); __declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteDLLBase(HANDLE hProcess, HMODULE LocalModuleBase); -__declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, char* szModuleName); -__declspec(dllexport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, wchar_t* szModuleName); +__declspec(dllexport) ULONG_PTR TITCALL ImporterGetRemoteDLLBaseEx(HANDLE hProcess, const char* szModuleName); +__declspec(dllexport) void* TITCALL ImporterGetRemoteDLLBaseExW(HANDLE hProcess, const wchar_t* szModuleName); __declspec(dllexport) bool TITCALL ImporterIsForwardedAPI(HANDLE hProcess, ULONG_PTR APIAddress); __declspec(dllexport) void* TITCALL ImporterGetForwardedAPIName(HANDLE hProcess, ULONG_PTR APIAddress); __declspec(dllexport) void* TITCALL ImporterGetForwardedDLLName(HANDLE hProcess, ULONG_PTR APIAddress); @@ -860,20 +861,20 @@ __declspec(dllexport) long TITCALL ImporterGetForwardedDLLIndex(HANDLE hProcess, __declspec(dllexport) ULONG_PTR TITCALL ImporterGetForwardedAPIOrdinalNumber(HANDLE hProcess, ULONG_PTR APIAddress); __declspec(dllexport) ULONG_PTR TITCALL ImporterGetNearestAPIAddress(HANDLE hProcess, ULONG_PTR APIAddress); __declspec(dllexport) void* TITCALL ImporterGetNearestAPIName(HANDLE hProcess, ULONG_PTR APIAddress); -__declspec(dllexport) bool TITCALL ImporterCopyOriginalIAT(char* szOriginalFile, char* szDumpFile); -__declspec(dllexport) bool TITCALL ImporterCopyOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile); -__declspec(dllexport) bool TITCALL ImporterLoadImportTable(char* szFileName); -__declspec(dllexport) bool TITCALL ImporterLoadImportTableW(wchar_t* szFileName); -__declspec(dllexport) bool TITCALL ImporterMoveOriginalIAT(char* szOriginalFile, char* szDumpFile, char* szSectionName); -__declspec(dllexport) bool TITCALL ImporterMoveOriginalIATW(wchar_t* szOriginalFile, wchar_t* szDumpFile, char* szSectionName); -__declspec(dllexport) void TITCALL ImporterAutoSearchIAT(DWORD ProcessId, char* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize); -__declspec(dllexport) void TITCALL ImporterAutoSearchIATW(DWORD ProcessIds, wchar_t* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize); +__declspec(dllexport) bool TITCALL ImporterCopyOriginalIAT(const char* szOriginalFile, const char* szDumpFile); +__declspec(dllexport) bool TITCALL ImporterCopyOriginalIATW(const wchar_t* szOriginalFile, const wchar_t* szDumpFile); +__declspec(dllexport) bool TITCALL ImporterLoadImportTable(const char* szFileName); +__declspec(dllexport) bool TITCALL ImporterLoadImportTableW(const wchar_t* szFileName); +__declspec(dllexport) bool TITCALL ImporterMoveOriginalIAT(const char* szOriginalFile, const char* szDumpFile, const char* szSectionName); +__declspec(dllexport) bool TITCALL ImporterMoveOriginalIATW(const wchar_t* szOriginalFile, const wchar_t* szDumpFile, const char* szSectionName); +__declspec(dllexport) void TITCALL ImporterAutoSearchIAT(DWORD ProcessId, const char* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize); +__declspec(dllexport) void TITCALL ImporterAutoSearchIATW(DWORD ProcessIds, const wchar_t* szFileName, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize); __declspec(dllexport) void TITCALL ImporterAutoSearchIATEx(DWORD ProcessId, ULONG_PTR ImageBase, ULONG_PTR SearchStart, LPVOID pIATStart, LPVOID pIATSize); __declspec(dllexport) void TITCALL ImporterEnumAddedData(LPVOID EnumCallBack); -__declspec(dllexport) long TITCALL ImporterAutoFixIATEx(DWORD ProcessId, char* szDumpedFile, char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback); -__declspec(dllexport) long TITCALL ImporterAutoFixIATExW(DWORD ProcessId, wchar_t* szDumpedFile, wchar_t* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback); -__declspec(dllexport) long TITCALL ImporterAutoFixIAT(DWORD ProcessId, char* szDumpedFile, ULONG_PTR SearchStart); -__declspec(dllexport) long TITCALL ImporterAutoFixIATW(DWORD ProcessId, wchar_t* szDumpedFile, ULONG_PTR SearchStart); +__declspec(dllexport) long TITCALL ImporterAutoFixIATEx(DWORD ProcessId, const char* szDumpedFile, const char* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback); +__declspec(dllexport) long TITCALL ImporterAutoFixIATExW(DWORD ProcessId, const wchar_t* szDumpedFile, const wchar_t* szSectionName, bool DumpRunningProcess, bool RealignFile, ULONG_PTR EntryPointAddress, ULONG_PTR ImageBase, ULONG_PTR SearchStart, bool TryAutoFix, bool FixEliminations, LPVOID UnknownPointerFixCallback); +__declspec(dllexport) long TITCALL ImporterAutoFixIAT(DWORD ProcessId, const char* szDumpedFile, ULONG_PTR SearchStart); +__declspec(dllexport) long TITCALL ImporterAutoFixIATW(DWORD ProcessId, const wchar_t* szDumpedFile, ULONG_PTR SearchStart); __declspec(dllexport) bool TITCALL ImporterDeleteAPI(DWORD_PTR apiAddr); // Global.Engine.Hook.functions: __declspec(dllexport) bool TITCALL HooksSafeTransitionEx(LPVOID HookAddressArray, int NumberOfHooks, bool TransitionStart); @@ -882,17 +883,17 @@ __declspec(dllexport) bool TITCALL HooksIsAddressRedirected(LPVOID HookAddress); __declspec(dllexport) void* TITCALL HooksGetTrampolineAddress(LPVOID HookAddress); __declspec(dllexport) void* TITCALL HooksGetHookEntryDetails(LPVOID HookAddress); __declspec(dllexport) bool TITCALL HooksInsertNewRedirection(LPVOID HookAddress, LPVOID RedirectTo, int HookType); -__declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, char* szHookFunction, LPVOID RedirectTo); -__declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(char* szModuleName, char* szHookFunction, LPVOID RedirectTo); +__declspec(dllexport) bool TITCALL HooksInsertNewIATRedirectionEx(ULONG_PTR FileMapVA, ULONG_PTR LoadedModuleBase, const char* szHookFunction, LPVOID RedirectTo); +__declspec(dllexport) bool TITCALL HooksInsertNewIATRedirection(const char* szModuleName, const char* szHookFunction, LPVOID RedirectTo); __declspec(dllexport) bool TITCALL HooksRemoveRedirection(LPVOID HookAddress, bool RemoveAll); __declspec(dllexport) bool TITCALL HooksRemoveRedirectionsForModule(HMODULE ModuleBase); -__declspec(dllexport) bool TITCALL HooksRemoveIATRedirection(char* szModuleName, char* szHookFunction, bool RemoveAll); +__declspec(dllexport) bool TITCALL HooksRemoveIATRedirection(const char* szModuleName, const char* szHookFunction, bool RemoveAll); __declspec(dllexport) bool TITCALL HooksDisableRedirection(LPVOID HookAddress, bool DisableAll); __declspec(dllexport) bool TITCALL HooksDisableRedirectionsForModule(HMODULE ModuleBase); -__declspec(dllexport) bool TITCALL HooksDisableIATRedirection(char* szModuleName, char* szHookFunction, bool DisableAll); +__declspec(dllexport) bool TITCALL HooksDisableIATRedirection(const char* szModuleName, const char* szHookFunction, bool DisableAll); __declspec(dllexport) bool TITCALL HooksEnableRedirection(LPVOID HookAddress, bool EnableAll); __declspec(dllexport) bool TITCALL HooksEnableRedirectionsForModule(HMODULE ModuleBase); -__declspec(dllexport) bool TITCALL HooksEnableIATRedirection(char* szModuleName, char* szHookFunction, bool EnableAll); +__declspec(dllexport) bool TITCALL HooksEnableIATRedirection(const char* szModuleName, const char* szHookFunction, bool EnableAll); __declspec(dllexport) void TITCALL HooksScanModuleMemory(HMODULE ModuleBase, LPVOID CallBack); __declspec(dllexport) void TITCALL HooksScanEntireProcessMemory(LPVOID CallBack); __declspec(dllexport) void TITCALL HooksScanEntireProcessMemoryEx(); @@ -903,53 +904,53 @@ __declspec(dllexport) ULONG_PTR TITCALL HashTracerLevel1(HANDLE hProcess, ULONG_ __declspec(dllexport) long TITCALL TracerDetectRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace); __declspec(dllexport) ULONG_PTR TITCALL TracerFixKnownRedirection(HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD RedirectionId); __declspec(dllexport) ULONG_PTR TITCALL TracerFixRedirectionViaModule(HMODULE hModuleHandle, HANDLE hProcess, ULONG_PTR AddressToTrace, DWORD IdParameter); -__declspec(dllexport) long TITCALL TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, char* szPluginName, ULONG_PTR AddressToTrace); +__declspec(dllexport) long TITCALL TracerFixRedirectionViaImpRecPlugin(HANDLE hProcess, const char* szPluginName, ULONG_PTR AddressToTrace); // TitanEngine.Exporter.functions: __declspec(dllexport) void TITCALL ExporterCleanup(); __declspec(dllexport) void TITCALL ExporterSetImageBase(ULONG_PTR ImageBase); -__declspec(dllexport) void TITCALL ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, char* szExportModuleName); -__declspec(dllexport) bool TITCALL ExporterAddNewExport(char* szExportName, DWORD ExportRelativeAddress); +__declspec(dllexport) void TITCALL ExporterInit(DWORD MemorySize, ULONG_PTR ImageBase, DWORD ExportOrdinalBase, const char* szExportModuleName); +__declspec(dllexport) bool TITCALL ExporterAddNewExport(const char* szExportName, DWORD ExportRelativeAddress); __declspec(dllexport) bool TITCALL ExporterAddNewOrdinalExport(DWORD OrdinalNumber, DWORD ExportRelativeAddress); __declspec(dllexport) long TITCALL ExporterGetAddedExportCount(); __declspec(dllexport) long TITCALL ExporterEstimatedSize(); __declspec(dllexport) bool TITCALL ExporterBuildExportTable(ULONG_PTR StorePlace, ULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL ExporterBuildExportTableEx(char* szExportFileName, char* szSectionName); -__declspec(dllexport) bool TITCALL ExporterBuildExportTableExW(wchar_t* szExportFileName, char* szSectionName); -__declspec(dllexport) bool TITCALL ExporterLoadExportTable(char* szFileName); -__declspec(dllexport) bool TITCALL ExporterLoadExportTableW(wchar_t* szFileName); +__declspec(dllexport) bool TITCALL ExporterBuildExportTableEx(const char* szExportFileName, const char* szSectionName); +__declspec(dllexport) bool TITCALL ExporterBuildExportTableExW(const wchar_t* szExportFileName, const char* szSectionName); +__declspec(dllexport) bool TITCALL ExporterLoadExportTable(const char* szFileName); +__declspec(dllexport) bool TITCALL ExporterLoadExportTableW(const wchar_t* szFileName); // TitanEngine.Librarian.functions: -__declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(char* szLibraryName, DWORD bpxType); -__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(char* szLibraryName); -__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(wchar_t* szLibraryName); +__declspec(dllexport) bool TITCALL LibrarianSetBreakPoint(const char* szLibraryName, DWORD bpxType, bool SingleShoot, LPVOID bpxCallBack); +__declspec(dllexport) bool TITCALL LibrarianRemoveBreakPoint(const char* szLibraryName, DWORD bpxType); +__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfo(const char* szLibraryName); +__declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoW(const wchar_t* szLibraryName); __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoEx(void* BaseOfDll); __declspec(dllexport) void* TITCALL LibrarianGetLibraryInfoExW(void* BaseOfDll); __declspec(dllexport) void TITCALL LibrarianEnumLibraryInfo(void* EnumCallBack); __declspec(dllexport) void TITCALL LibrarianEnumLibraryInfoW(void* EnumCallBack); // TitanEngine.Process.functions: -__declspec(dllexport) long TITCALL GetActiveProcessId(char* szImageName); -__declspec(dllexport) long TITCALL GetActiveProcessIdW(wchar_t* szImageName); -__declspec(dllexport) void TITCALL EnumProcessesWithLibrary(char* szLibraryName, void* EnumFunction); +__declspec(dllexport) long TITCALL GetActiveProcessId(const char* szImageName); +__declspec(dllexport) long TITCALL GetActiveProcessIdW(const wchar_t* szImageName); +__declspec(dllexport) void TITCALL EnumProcessesWithLibrary(const char* szLibraryName, void* EnumFunction); __declspec(dllexport) HANDLE TITCALL TitanOpenProcess(DWORD dwDesiredAccess, bool bInheritHandle, DWORD dwProcessId); // TitanEngine.TLSFixer.functions: __declspec(dllexport) bool TITCALL TLSBreakOnCallBack(LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL TLSGrabCallBackData(char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks); -__declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks); -__declspec(dllexport) bool TITCALL TLSBreakOnCallBackEx(char* szFileName, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL TLSBreakOnCallBackExW(wchar_t* szFileName, LPVOID bpxCallBack); -__declspec(dllexport) bool TITCALL TLSRemoveCallback(char* szFileName); -__declspec(dllexport) bool TITCALL TLSRemoveCallbackW(wchar_t* szFileName); -__declspec(dllexport) bool TITCALL TLSRemoveTable(char* szFileName); -__declspec(dllexport) bool TITCALL TLSRemoveTableW(wchar_t* szFileName); -__declspec(dllexport) bool TITCALL TLSBackupData(char* szFileName); -__declspec(dllexport) bool TITCALL TLSBackupDataW(wchar_t* szFileName); +__declspec(dllexport) bool TITCALL TLSGrabCallBackData(const char* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks); +__declspec(dllexport) bool TITCALL TLSGrabCallBackDataW(const wchar_t* szFileName, LPVOID ArrayOfCallBacks, LPDWORD NumberOfCallBacks); +__declspec(dllexport) bool TITCALL TLSBreakOnCallBackEx(const char* szFileName, LPVOID bpxCallBack); +__declspec(dllexport) bool TITCALL TLSBreakOnCallBackExW(const wchar_t* szFileName, LPVOID bpxCallBack); +__declspec(dllexport) bool TITCALL TLSRemoveCallback(const char* szFileName); +__declspec(dllexport) bool TITCALL TLSRemoveCallbackW(const wchar_t* szFileName); +__declspec(dllexport) bool TITCALL TLSRemoveTable(const char* szFileName); +__declspec(dllexport) bool TITCALL TLSRemoveTableW(const wchar_t* szFileName); +__declspec(dllexport) bool TITCALL TLSBackupData(const char* szFileName); +__declspec(dllexport) bool TITCALL TLSBackupDataW(const wchar_t* szFileName); __declspec(dllexport) bool TITCALL TLSRestoreData(); __declspec(dllexport) bool TITCALL TLSBuildNewTable(ULONG_PTR FileMapVA, ULONG_PTR StorePlace, ULONG_PTR StorePlaceRVA, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks); -__declspec(dllexport) bool TITCALL TLSBuildNewTableEx(char* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks); -__declspec(dllexport) bool TITCALL TLSBuildNewTableExW(wchar_t* szFileName, char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks); +__declspec(dllexport) bool TITCALL TLSBuildNewTableEx(const char* szFileName, const char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks); +__declspec(dllexport) bool TITCALL TLSBuildNewTableExW(const wchar_t* szFileName, const char* szSectionName, LPVOID ArrayOfCallBacks, DWORD NumberOfCallBacks); // TitanEngine.TranslateName.functions: -__declspec(dllexport) void* TITCALL TranslateNativeName(char* szNativeName); -__declspec(dllexport) void* TITCALL TranslateNativeNameW(wchar_t* szNativeName); +__declspec(dllexport) void* TITCALL TranslateNativeName(const char* szNativeName); +__declspec(dllexport) void* TITCALL TranslateNativeNameW(const wchar_t* szNativeName); // TitanEngine.Handler.functions: __declspec(dllexport) long TITCALL HandlerGetActiveHandleCount(DWORD ProcessId); __declspec(dllexport) bool TITCALL HandlerIsHandleOpen(DWORD ProcessId, HANDLE hHandle); @@ -959,30 +960,30 @@ __declspec(dllexport) long TITCALL HandlerEnumerateOpenHandles(DWORD ProcessId, __declspec(dllexport) ULONG_PTR TITCALL HandlerGetHandleDetails(HANDLE hProcess, DWORD ProcessId, HANDLE hHandle, DWORD InformationReturn); __declspec(dllexport) bool TITCALL HandlerCloseRemoteHandle(HANDLE hProcess, HANDLE hHandle); __declspec(dllexport) long TITCALL HandlerEnumerateLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount); -__declspec(dllexport) long TITCALL HandlerEnumerateLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount); -__declspec(dllexport) bool TITCALL HandlerCloseAllLockHandles(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); -__declspec(dllexport) bool TITCALL HandlerCloseAllLockHandlesW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); -__declspec(dllexport) bool TITCALL HandlerIsFileLocked(char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); -__declspec(dllexport) bool TITCALL HandlerIsFileLockedW(wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); +__declspec(dllexport) long TITCALL HandlerEnumerateLockHandlesW(const wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated, LPVOID HandleDataBuffer, DWORD MaxHandleCount); +__declspec(dllexport) bool TITCALL HandlerCloseAllLockHandles(const char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); +__declspec(dllexport) bool TITCALL HandlerCloseAllLockHandlesW(const wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); +__declspec(dllexport) bool TITCALL HandlerIsFileLocked(const char* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); +__declspec(dllexport) bool TITCALL HandlerIsFileLockedW(const wchar_t* szFileOrFolderName, bool NameIsFolder, bool NameIsTranslated); // TitanEngine.Handler[Mutex].functions: __declspec(dllexport) long TITCALL HandlerEnumerateOpenMutexes(HANDLE hProcess, DWORD ProcessId, LPVOID HandleBuffer, DWORD MaxHandleCount); -__declspec(dllexport) ULONG_PTR TITCALL HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, char* szMutexString); -__declspec(dllexport) ULONG_PTR TITCALL HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, wchar_t* szMutexString); -__declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutex(char* szMutexString); -__declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutexW(wchar_t* szMutexString); +__declspec(dllexport) ULONG_PTR TITCALL HandlerGetOpenMutexHandle(HANDLE hProcess, DWORD ProcessId, const char* szMutexString); +__declspec(dllexport) ULONG_PTR TITCALL HandlerGetOpenMutexHandleW(HANDLE hProcess, DWORD ProcessId, const wchar_t* szMutexString); +__declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutex(const char* szMutexString); +__declspec(dllexport) long TITCALL HandlerGetProcessIdWhichCreatedMutexW(const wchar_t* szMutexString); // TitanEngine.Injector.functions: -__declspec(dllexport) bool TITCALL RemoteLoadLibrary(HANDLE hProcess, char* szLibraryFile, bool WaitForThreadExit); -__declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, wchar_t* szLibraryFile, bool WaitForThreadExit); -__declspec(dllexport) bool TITCALL RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, char* szLibraryFile, bool WaitForThreadExit); -__declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, wchar_t* szLibraryFile, bool WaitForThreadExit); +__declspec(dllexport) bool TITCALL RemoteLoadLibrary(HANDLE hProcess, const char* szLibraryFile, bool WaitForThreadExit); +__declspec(dllexport) bool TITCALL RemoteLoadLibraryW(HANDLE hProcess, const wchar_t* szLibraryFile, bool WaitForThreadExit); +__declspec(dllexport) bool TITCALL RemoteFreeLibrary(HANDLE hProcess, HMODULE hModule, const char* szLibraryFile, bool WaitForThreadExit); +__declspec(dllexport) bool TITCALL RemoteFreeLibraryW(HANDLE hProcess, HMODULE hModule, const wchar_t* szLibraryFile, bool WaitForThreadExit); __declspec(dllexport) bool TITCALL RemoteExitProcess(HANDLE hProcess, DWORD ExitCode); // TitanEngine.StaticUnpacker.functions: -__declspec(dllexport) bool TITCALL StaticFileLoad(char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL StaticFileLoadW(wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL StaticFileUnload(char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL StaticFileUnloadW(wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA); -__declspec(dllexport) bool TITCALL StaticFileOpen(char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh); -__declspec(dllexport) bool TITCALL StaticFileOpenW(wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh); +__declspec(dllexport) bool TITCALL StaticFileLoad(const char* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA); +__declspec(dllexport) bool TITCALL StaticFileLoadW(const wchar_t* szFileName, DWORD DesiredAccess, bool SimulateLoad, LPHANDLE FileHandle, LPDWORD LoadedSize, LPHANDLE FileMap, PULONG_PTR FileMapVA); +__declspec(dllexport) bool TITCALL StaticFileUnload(const char* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA); +__declspec(dllexport) bool TITCALL StaticFileUnloadW(const wchar_t* szFileName, bool CommitChanges, HANDLE FileHandle, DWORD LoadedSize, HANDLE FileMap, ULONG_PTR FileMapVA); +__declspec(dllexport) bool TITCALL StaticFileOpen(const char* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh); +__declspec(dllexport) bool TITCALL StaticFileOpenW(const wchar_t* szFileName, DWORD DesiredAccess, LPHANDLE FileHandle, LPDWORD FileSizeLow, LPDWORD FileSizeHigh); __declspec(dllexport) bool TITCALL StaticFileGetContent(HANDLE FileHandle, DWORD FilePositionLow, LPDWORD FilePositionHigh, void* Buffer, DWORD Size); __declspec(dllexport) void TITCALL StaticFileClose(HANDLE FileHandle); __declspec(dllexport) void TITCALL StaticMemoryDecrypt(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey); @@ -990,40 +991,40 @@ __declspec(dllexport) void TITCALL StaticMemoryDecryptEx(LPVOID MemoryStart, DWO __declspec(dllexport) void TITCALL StaticMemoryDecryptSpecial(LPVOID MemoryStart, DWORD MemorySize, DWORD DecryptionKeySize, DWORD SpecDecryptionType, void* DecryptionCallBack); __declspec(dllexport) void TITCALL StaticSectionDecrypt(ULONG_PTR FileMapVA, DWORD SectionNumber, bool SimulateLoad, DWORD DecryptionType, DWORD DecryptionKeySize, ULONG_PTR DecryptionKey); __declspec(dllexport) bool TITCALL StaticMemoryDecompress(void* Source, DWORD SourceSize, void* Destination, DWORD DestinationSize, int Algorithm); -__declspec(dllexport) bool TITCALL StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, char* szDumpFileName); -__declspec(dllexport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, wchar_t* szDumpFileName); -__declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, char* szDumpFileName); -__declspec(dllexport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, wchar_t* szDumpFileName); -__declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, char* szDumpFileName); -__declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL StaticRawMemoryCopy(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL StaticRawMemoryCopyW(HANDLE hFile, ULONG_PTR FileMapVA, ULONG_PTR VitualAddressToCopy, DWORD Size, bool AddressIsRVA, const wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL StaticRawMemoryCopyExW(HANDLE hFile, DWORD RawAddressToCopy, DWORD Size, const wchar_t* szDumpFileName); +__declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, const char* szDumpFileName); +__declspec(dllexport) bool TITCALL StaticRawMemoryCopyEx64W(HANDLE hFile, DWORD64 RawAddressToCopy, DWORD64 Size, const wchar_t* szDumpFileName); __declspec(dllexport) bool TITCALL StaticHashMemory(void* MemoryToHash, DWORD SizeOfMemory, void* HashDigest, bool OutputString, int Algorithm); -__declspec(dllexport) bool TITCALL StaticHashFileW(wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm); -__declspec(dllexport) bool TITCALL StaticHashFile(char* szFileName, char* HashDigest, bool OutputString, int Algorithm); +__declspec(dllexport) bool TITCALL StaticHashFileW(const wchar_t* szFileName, char* HashDigest, bool OutputString, int Algorithm); +__declspec(dllexport) bool TITCALL StaticHashFile(const char* szFileName, char* HashDigest, bool OutputString, int Algorithm); // TitanEngine.Engine.functions: -__declspec(dllexport) void TITCALL EngineUnpackerInitialize(char* szFileName, char* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack); -__declspec(dllexport) void TITCALL EngineUnpackerInitializeW(wchar_t* szFileName, wchar_t* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack); +__declspec(dllexport) void TITCALL EngineUnpackerInitialize(const char* szFileName, const char* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack); +__declspec(dllexport) void TITCALL EngineUnpackerInitializeW(const wchar_t* szFileName, const wchar_t* szUnpackedFileName, bool DoLogData, bool DoRealignFile, bool DoMoveOverlay, void* EntryCallBack); __declspec(dllexport) bool TITCALL EngineUnpackerSetBreakCondition(void* SearchStart, DWORD SearchSize, void* SearchPattern, DWORD PatternSize, DWORD PatternDelta, ULONG_PTR BreakType, bool SingleBreak, DWORD Parameter1, DWORD Parameter2); __declspec(dllexport) void TITCALL EngineUnpackerSetEntryPointAddress(ULONG_PTR UnpackedEntryPointAddress); __declspec(dllexport) void TITCALL EngineUnpackerFinalizeUnpacking(); // TitanEngine.Engine.functions: __declspec(dllexport) void TITCALL SetEngineVariable(DWORD VariableId, bool VariableSet); -__declspec(dllexport) bool TITCALL EngineCreateMissingDependencies(char* szFileName, char* szOutputFolder, bool LogCreatedFiles); -__declspec(dllexport) bool TITCALL EngineCreateMissingDependenciesW(wchar_t* szFileName, wchar_t* szOutputFolder, bool LogCreatedFiles); +__declspec(dllexport) bool TITCALL EngineCreateMissingDependencies(const char* szFileName, const char* szOutputFolder, bool LogCreatedFiles); +__declspec(dllexport) bool TITCALL EngineCreateMissingDependenciesW(const wchar_t* szFileName, const wchar_t* szOutputFolder, bool LogCreatedFiles); __declspec(dllexport) bool TITCALL EngineFakeMissingDependencies(HANDLE hProcess); __declspec(dllexport) bool TITCALL EngineDeleteCreatedDependencies(); -__declspec(dllexport) bool TITCALL EngineCreateUnpackerWindow(char* WindowUnpackerTitle, char* WindowUnpackerLongTitle, char* WindowUnpackerName, char* WindowUnpackerAuthor, void* StartUnpackingCallBack); -__declspec(dllexport) void TITCALL EngineAddUnpackerWindowLogMessage(char* szLogMessage); +__declspec(dllexport) bool TITCALL EngineCreateUnpackerWindow(const char* WindowUnpackerTitle, const char* WindowUnpackerLongTitle, const char* WindowUnpackerName, const char* WindowUnpackerAuthor, void* StartUnpackingCallBack); +__declspec(dllexport) void TITCALL EngineAddUnpackerWindowLogMessage(const char* szLogMessage); __declspec(dllexport) bool TITCALL EngineCheckStructAlignment(DWORD StructureType, ULONG_PTR StructureSize); // Global.Engine.Extension.Functions: -__declspec(dllexport) bool TITCALL ExtensionManagerIsPluginLoaded(char* szPluginName); -__declspec(dllexport) bool TITCALL ExtensionManagerIsPluginEnabled(char* szPluginName); +__declspec(dllexport) bool TITCALL ExtensionManagerIsPluginLoaded(const char* szPluginName); +__declspec(dllexport) bool TITCALL ExtensionManagerIsPluginEnabled(const char* szPluginName); __declspec(dllexport) bool TITCALL ExtensionManagerDisableAllPlugins(); -__declspec(dllexport) bool TITCALL ExtensionManagerDisablePlugin(char* szPluginName); +__declspec(dllexport) bool TITCALL ExtensionManagerDisablePlugin(const char* szPluginName); __declspec(dllexport) bool TITCALL ExtensionManagerEnableAllPlugins(); -__declspec(dllexport) bool TITCALL ExtensionManagerEnablePlugin(char* szPluginName); +__declspec(dllexport) bool TITCALL ExtensionManagerEnablePlugin(const char* szPluginName); __declspec(dllexport) bool TITCALL ExtensionManagerUnloadAllPlugins(); -__declspec(dllexport) bool TITCALL ExtensionManagerUnloadPlugin(char* szPluginName); -__declspec(dllexport) void* TITCALL ExtensionManagerGetPluginInfo(char* szPluginName); +__declspec(dllexport) bool TITCALL ExtensionManagerUnloadPlugin(const char* szPluginName); +__declspec(dllexport) void* TITCALL ExtensionManagerGetPluginInfo(const char* szPluginName); #ifdef __cplusplus } diff --git a/x64_dbg_dbg/TitanEngine/TitanEngine_x64.a b/x64_dbg_dbg/TitanEngine/TitanEngine_x64.a deleted file mode 100644 index 3b9d6016..00000000 Binary files a/x64_dbg_dbg/TitanEngine/TitanEngine_x64.a and /dev/null differ diff --git a/x64_dbg_dbg/TitanEngine/TitanEngine_x64.lib b/x64_dbg_dbg/TitanEngine/TitanEngine_x64.lib index 64b13533..b7a81d99 100644 Binary files a/x64_dbg_dbg/TitanEngine/TitanEngine_x64.lib and b/x64_dbg_dbg/TitanEngine/TitanEngine_x64.lib differ diff --git a/x64_dbg_dbg/TitanEngine/TitanEngine_x86.lib b/x64_dbg_dbg/TitanEngine/TitanEngine_x86.lib index b8a422d4..cdbace17 100644 Binary files a/x64_dbg_dbg/TitanEngine/TitanEngine_x86.lib and b/x64_dbg_dbg/TitanEngine/TitanEngine_x86.lib differ diff --git a/x64_dbg_dbg/XEDParse/XEDParse_x64.a b/x64_dbg_dbg/XEDParse/XEDParse_x64.a deleted file mode 100644 index c08940be..00000000 Binary files a/x64_dbg_dbg/XEDParse/XEDParse_x64.a and /dev/null differ diff --git a/x64_dbg_dbg/XEDParse/XEDParse_x86.a b/x64_dbg_dbg/XEDParse/XEDParse_x86.a deleted file mode 100644 index 286630e1..00000000 Binary files a/x64_dbg_dbg/XEDParse/XEDParse_x86.a and /dev/null differ diff --git a/x64_dbg_dbg/XEDParse/XEDParse_x86.lib b/x64_dbg_dbg/XEDParse/XEDParse_x86.lib index 53e0a789..5e87ad2a 100644 Binary files a/x64_dbg_dbg/XEDParse/XEDParse_x86.lib and b/x64_dbg_dbg/XEDParse/XEDParse_x86.lib differ diff --git a/x64_dbg_dbg/_exports.cpp b/x64_dbg_dbg/_exports.cpp index 50ee49a1..a0d864da 100644 --- a/x64_dbg_dbg/_exports.cpp +++ b/x64_dbg_dbg/_exports.cpp @@ -354,6 +354,9 @@ extern "C" DLL_EXPORT bool _dbg_getregdump(REGDUMP* regdump) regdump->flags.d = valflagfromstring(cflags, "df"); regdump->flags.o = valflagfromstring(cflags, "of"); + Getx87FPURegisters(regdump->x87FPURegisters, & (regdump->titcontext)); + GetMMXRegisters(regdump->mmx, & (regdump->titcontext)); + return true; } diff --git a/x64_dbg_dbg/lz4/lz4.h b/x64_dbg_dbg/lz4/lz4.h index 766a6052..3adcc0db 100644 --- a/x64_dbg_dbg/lz4/lz4.h +++ b/x64_dbg_dbg/lz4/lz4.h @@ -60,8 +60,8 @@ extern "C" Simple Functions **************************************/ -__declspec(dllimport) int LZ4_compress(const char* source, char* dest, int inputSize); -__declspec(dllimport) int LZ4_decompress_safe(const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_compress(const char* source, char* dest, int inputSize); +__declspec(dllexport) int LZ4_decompress_safe(const char* source, char* dest, int inputSize, int maxOutputSize); /* LZ4_compress() : @@ -98,7 +98,7 @@ LZ4_compressBound() : return : maximum output size in a "worst case" scenario or 0, if input size is too large ( > LZ4_MAX_INPUT_SIZE) */ -__declspec(dllimport) int LZ4_compressBound(int isize); +__declspec(dllexport) int LZ4_compressBound(int isize); /* @@ -112,7 +112,7 @@ LZ4_compress_limitedOutput() : return : the number of bytes written in buffer 'dest' or 0 if the compression fails */ -__declspec(dllimport) int LZ4_compress_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_compress_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize); /* @@ -125,7 +125,7 @@ LZ4_decompress_fast() : Use this function preferably into a trusted environment (data to decode comes from a trusted source). Destination buffer must be already allocated. Its size must be a minimum of 'outputSize' bytes. */ -__declspec(dllimport) int LZ4_decompress_fast(const char* source, char* dest, int originalSize); +__declspec(dllexport) int LZ4_decompress_fast(const char* source, char* dest, int originalSize); /* @@ -140,7 +140,7 @@ LZ4_decompress_safe_partial() : If the source stream is detected malformed, the function will stop decoding and return a negative result. This function never writes outside of output buffer, and never reads outside of input buffer. It is therefore protected against malicious data packets */ -__declspec(dllimport) int LZ4_decompress_safe_partial(const char* source, char* dest, int inputSize, int targetOutputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_decompress_safe_partial(const char* source, char* dest, int inputSize, int targetOutputSize, int maxOutputSize); /* @@ -154,19 +154,19 @@ The allocated memory can be provided to the compressions functions using 'void* LZ4_compress_withState() and LZ4_compress_limitedOutput_withState() are equivalent to previously described functions. They just use the externally allocated memory area instead of allocating their own (on stack, or on heap). */ -__declspec(dllimport) int LZ4_sizeofState(void); -__declspec(dllimport) int LZ4_compress_withState(void* state, const char* source, char* dest, int inputSize); -__declspec(dllimport) int LZ4_compress_limitedOutput_withState(void* state, const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_sizeofState(void); +__declspec(dllexport) int LZ4_compress_withState(void* state, const char* source, char* dest, int inputSize); +__declspec(dllexport) int LZ4_compress_limitedOutput_withState(void* state, const char* source, char* dest, int inputSize, int maxOutputSize); /************************************** Streaming Functions **************************************/ -__declspec(dllimport) void* LZ4_create(const char* inputBuffer); -__declspec(dllimport) int LZ4_compress_continue(void* LZ4_Data, const char* source, char* dest, int inputSize); -__declspec(dllimport) int LZ4_compress_limitedOutput_continue(void* LZ4_Data, const char* source, char* dest, int inputSize, int maxOutputSize); -__declspec(dllimport) char* LZ4_slideInputBuffer(void* LZ4_Data); -__declspec(dllimport) int LZ4_free(void* LZ4_Data); +__declspec(dllexport) void* LZ4_create(const char* inputBuffer); +__declspec(dllexport) int LZ4_compress_continue(void* LZ4_Data, const char* source, char* dest, int inputSize); +__declspec(dllexport) int LZ4_compress_limitedOutput_continue(void* LZ4_Data, const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) char* LZ4_slideInputBuffer(void* LZ4_Data); +__declspec(dllexport) int LZ4_free(void* LZ4_Data); /* These functions allow the compression of dependent blocks, where each block benefits from prior 64 KB within preceding blocks. @@ -198,8 +198,8 @@ When compression is completed, a call to LZ4_free() will release the memory used */ -__declspec(dllimport) int LZ4_sizeofStreamState(void); -__declspec(dllimport) int LZ4_resetStreamState(void* state, const char* inputBuffer); +__declspec(dllexport) int LZ4_sizeofStreamState(void); +__declspec(dllexport) int LZ4_resetStreamState(void* state, const char* inputBuffer); /* These functions achieve the same result as : @@ -223,8 +223,8 @@ Any other value means there was an error (typically, pointer is not aligned on 4 */ -__declspec(dllimport) int LZ4_decompress_safe_withPrefix64k(const char* source, char* dest, int inputSize, int maxOutputSize); -__declspec(dllimport) int LZ4_decompress_fast_withPrefix64k(const char* source, char* dest, int outputSize); +__declspec(dllexport) int LZ4_decompress_safe_withPrefix64k(const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_decompress_fast_withPrefix64k(const char* source, char* dest, int outputSize); /* *_withPrefix64k() : @@ -241,8 +241,8 @@ __declspec(dllimport) int LZ4_decompress_fast_withPrefix64k(const char* source, These functions are deprecated and should no longer be used. They are provided here for compatibility with existing user programs. */ -__declspec(dllimport) int LZ4_uncompress(const char* source, char* dest, int outputSize); -__declspec(dllimport) int LZ4_uncompress_unknownOutputSize(const char* source, char* dest, int isize, int maxOutputSize); +__declspec(dllexport) int LZ4_uncompress(const char* source, char* dest, int outputSize); +__declspec(dllexport) int LZ4_uncompress_unknownOutputSize(const char* source, char* dest, int isize, int maxOutputSize); #if defined (__cplusplus) diff --git a/x64_dbg_dbg/lz4/lz4_x64.a b/x64_dbg_dbg/lz4/lz4_x64.a deleted file mode 100644 index 6d38e9bb..00000000 Binary files a/x64_dbg_dbg/lz4/lz4_x64.a and /dev/null differ diff --git a/x64_dbg_dbg/lz4/lz4_x86.a b/x64_dbg_dbg/lz4/lz4_x86.a deleted file mode 100644 index b712e289..00000000 Binary files a/x64_dbg_dbg/lz4/lz4_x86.a and /dev/null differ diff --git a/x64_dbg_dbg/lz4/lz4_x86.lib b/x64_dbg_dbg/lz4/lz4_x86.lib index aa960265..71ab58d0 100644 Binary files a/x64_dbg_dbg/lz4/lz4_x86.lib and b/x64_dbg_dbg/lz4/lz4_x86.lib differ diff --git a/x64_dbg_dbg/lz4/lz4file.h b/x64_dbg_dbg/lz4/lz4file.h index 7f64b7f7..5264d949 100644 --- a/x64_dbg_dbg/lz4/lz4file.h +++ b/x64_dbg_dbg/lz4/lz4file.h @@ -16,10 +16,10 @@ extern "C" { #endif -__declspec(dllimport) LZ4_STATUS LZ4_compress_file(const char* input_filename, const char* output_filename); -__declspec(dllimport) LZ4_STATUS LZ4_compress_fileW(const wchar_t* input_filename, const wchar_t* output_filename); -__declspec(dllimport) LZ4_STATUS LZ4_decompress_file(const char* input_filename, const char* output_filename); -__declspec(dllimport) LZ4_STATUS LZ4_decompress_fileW(const wchar_t* input_filename, const wchar_t* output_filename); +__declspec(dllexport) LZ4_STATUS LZ4_compress_file(const char* input_filename, const char* output_filename); +__declspec(dllexport) LZ4_STATUS LZ4_compress_fileW(const wchar_t* input_filename, const wchar_t* output_filename); +__declspec(dllexport) LZ4_STATUS LZ4_decompress_file(const char* input_filename, const char* output_filename); +__declspec(dllexport) LZ4_STATUS LZ4_decompress_fileW(const wchar_t* input_filename, const wchar_t* output_filename); #if defined (__cplusplus) } diff --git a/x64_dbg_dbg/lz4/lz4hc.h b/x64_dbg_dbg/lz4/lz4hc.h index bfed4b03..556a8c2d 100644 --- a/x64_dbg_dbg/lz4/lz4hc.h +++ b/x64_dbg_dbg/lz4/lz4hc.h @@ -40,7 +40,7 @@ extern "C" #endif -__declspec(dllimport) int LZ4_compressHC(const char* source, char* dest, int inputSize); +__declspec(dllexport) int LZ4_compressHC(const char* source, char* dest, int inputSize); /* LZ4_compressHC : return : the number of bytes in compressed buffer dest @@ -50,7 +50,7 @@ LZ4_compressHC : Worst case size evaluation is provided by function LZ4_compressBound() (see "lz4.h") */ -__declspec(dllimport) int LZ4_compressHC_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_compressHC_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize); /* LZ4_compress_limitedOutput() : Compress 'inputSize' bytes from 'source' into an output buffer 'dest' of maximum size 'maxOutputSize'. @@ -64,8 +64,8 @@ LZ4_compress_limitedOutput() : */ -__declspec(dllimport) int LZ4_compressHC2(const char* source, char* dest, int inputSize, int compressionLevel); -__declspec(dllimport) int LZ4_compressHC2_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel); +__declspec(dllexport) int LZ4_compressHC2(const char* source, char* dest, int inputSize, int compressionLevel); +__declspec(dllexport) int LZ4_compressHC2_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel); /* Same functions as above, but with programmable 'compressionLevel'. Recommended values are between 4 and 9, although any value between 0 and 16 will work. @@ -82,12 +82,12 @@ Decompression functions are provided within LZ4 source code (see "lz4.h") (BSD l /************************************** Using an external allocation **************************************/ -__declspec(dllimport) int LZ4_sizeofStateHC(void); -__declspec(dllimport) int LZ4_compressHC_withStateHC(void* state, const char* source, char* dest, int inputSize); -__declspec(dllimport) int LZ4_compressHC_limitedOutput_withStateHC(void* state, const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) int LZ4_sizeofStateHC(void); +__declspec(dllexport) int LZ4_compressHC_withStateHC(void* state, const char* source, char* dest, int inputSize); +__declspec(dllexport) int LZ4_compressHC_limitedOutput_withStateHC(void* state, const char* source, char* dest, int inputSize, int maxOutputSize); -__declspec(dllimport) int LZ4_compressHC2_withStateHC(void* state, const char* source, char* dest, int inputSize, int compressionLevel); -__declspec(dllimport) int LZ4_compressHC2_limitedOutput_withStateHC(void* state, const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel); +__declspec(dllexport) int LZ4_compressHC2_withStateHC(void* state, const char* source, char* dest, int inputSize, int compressionLevel); +__declspec(dllexport) int LZ4_compressHC2_limitedOutput_withStateHC(void* state, const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel); /* These functions are provided should you prefer to allocate memory for compression tables with your own allocation methods. @@ -105,14 +105,14 @@ They just use the externally allocated memory area instead of allocating their o /************************************** Streaming Functions **************************************/ -__declspec(dllimport) void* LZ4_createHC(const char* inputBuffer); -__declspec(dllimport) int LZ4_compressHC_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize); -__declspec(dllimport) int LZ4_compressHC_limitedOutput_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize); -__declspec(dllimport) char* LZ4_slideInputBufferHC(void* LZ4HC_Data); -__declspec(dllimport) int LZ4_freeHC(void* LZ4HC_Data); +__declspec(dllexport) void* LZ4_createHC(const char* inputBuffer); +__declspec(dllexport) int LZ4_compressHC_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize); +__declspec(dllexport) int LZ4_compressHC_limitedOutput_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize); +__declspec(dllexport) char* LZ4_slideInputBufferHC(void* LZ4HC_Data); +__declspec(dllexport) int LZ4_freeHC(void* LZ4HC_Data); -__declspec(dllimport) int LZ4_compressHC2_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int compressionLevel); -__declspec(dllimport) int LZ4_compressHC2_limitedOutput_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel); +__declspec(dllexport) int LZ4_compressHC2_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int compressionLevel); +__declspec(dllexport) int LZ4_compressHC2_limitedOutput_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel); /* These functions allow the compression of dependent blocks, where each block benefits from prior 64 KB within preceding blocks. @@ -143,8 +143,8 @@ Compression can then resume, using LZ4_compressHC_continue() or LZ4_compressHC_l When compression is completed, a call to LZ4_freeHC() will release the memory used by the LZ4HC Data Structure. */ -__declspec(dllimport) int LZ4_sizeofStreamStateHC(void); -__declspec(dllimport) int LZ4_resetStreamStateHC(void* state, const char* inputBuffer); +__declspec(dllexport) int LZ4_sizeofStreamStateHC(void); +__declspec(dllexport) int LZ4_resetStreamStateHC(void* state, const char* inputBuffer); /* These functions achieve the same result as : diff --git a/x64_dbg_gui/Project/Src/Gui/CPUWidget.cpp b/x64_dbg_gui/Project/Src/Gui/CPUWidget.cpp index af739e32..a132059b 100644 --- a/x64_dbg_gui/Project/Src/Gui/CPUWidget.cpp +++ b/x64_dbg_gui/Project/Src/Gui/CPUWidget.cpp @@ -33,7 +33,7 @@ CPUWidget::CPUWidget(QWidget* parent) : QWidget(parent), ui(new Ui::CPUWidget) mGeneralRegs = new RegistersView(0); mGeneralRegs->setFixedWidth(1000); - mGeneralRegs->setFixedHeight(700); + mGeneralRegs->setFixedHeight(1200); QScrollArea* scrollArea = new QScrollArea; scrollArea->setWidget(mGeneralRegs); @@ -41,10 +41,11 @@ CPUWidget::CPUWidget(QWidget* parent) : QWidget(parent), ui(new Ui::CPUWidget) scrollArea->horizontalScrollBar()->setStyleSheet("QScrollBar:horizontal{border:1px solid grey;background:#f1f1f1;height:10px}QScrollBar::handle:horizontal{background:#aaa;min-width:20px;margin:1px}QScrollBar::add-line:horizontal,QScrollBar::sub-line:horizontal{width:0;height:0}"); scrollArea->verticalScrollBar()->setStyleSheet("QScrollBar:vertical{border:1px solid grey;background:#f1f1f1;width:10px}QScrollBar::handle:vertical{background:#aaa;min-height:20px;margin:1px}QScrollBar::add-line:vertical,QScrollBar::sub-line:vertical{width:0;height:0}"); + /* mRegsTab = new QTabWidget(this); mRegsTab->addTab(scrollArea, "General"); - - ui->mTopRightFrameLayout->addWidget(mRegsTab); + */ + ui->mTopRightFrameLayout->addWidget(scrollArea); mDump = new CPUDump(0); //dump widget ui->mBotLeftFrameLayout->addWidget(mDump); diff --git a/x64_dbg_gui/Project/Src/Gui/RegistersView.cpp b/x64_dbg_gui/Project/Src/Gui/RegistersView.cpp index 17ffddfb..2fcfa18b 100644 --- a/x64_dbg_gui/Project/Src/Gui/RegistersView.cpp +++ b/x64_dbg_gui/Project/Src/Gui/RegistersView.cpp @@ -37,43 +37,171 @@ RegistersView::RegistersView(QWidget* parent) : QScrollArea(parent), mVScrollOff // general purposes register (we allow the user to modify the value) mGPR.insert(CAX); + mUINTDISPLAY.insert(CAX); + mLABELDISPLAY.insert(CAX); mGPR.insert(CBX); + mUINTDISPLAY.insert(CBX); + mLABELDISPLAY.insert(CBX); mGPR.insert(CCX); + mUINTDISPLAY.insert(CCX); + mLABELDISPLAY.insert(CCX); mGPR.insert(CDX); + mUINTDISPLAY.insert(CDX); + mLABELDISPLAY.insert(CDX); mGPR.insert(CBP); + mUINTDISPLAY.insert(CBP); + mLABELDISPLAY.insert(CBP); mGPR.insert(CSP); + mUINTDISPLAY.insert(CSP); + mLABELDISPLAY.insert(CSP); mGPR.insert(CSI); + mUINTDISPLAY.insert(CSI); + mLABELDISPLAY.insert(CSI); mGPR.insert(CDI); + mUINTDISPLAY.insert(CDI); + mLABELDISPLAY.insert(CDI); mGPR.insert(R8); + mLABELDISPLAY.insert(R8); + mUINTDISPLAY.insert(R8); mGPR.insert(R9); + mLABELDISPLAY.insert(R9); + mUINTDISPLAY.insert(R9); mGPR.insert(R10); + mUINTDISPLAY.insert(R10); + mLABELDISPLAY.insert(R10); mGPR.insert(R11); + mUINTDISPLAY.insert(R11); + mLABELDISPLAY.insert(R11); mGPR.insert(R12); + mUINTDISPLAY.insert(R12); + mLABELDISPLAY.insert(R12); mGPR.insert(R13); + mUINTDISPLAY.insert(R13); + mLABELDISPLAY.insert(R13); mGPR.insert(R14); + mUINTDISPLAY.insert(R14); + mLABELDISPLAY.insert(R14); mGPR.insert(R15); + mUINTDISPLAY.insert(R15); + mLABELDISPLAY.insert(R15); mGPR.insert(EFLAGS); + mUINTDISPLAY.insert(EFLAGS); // flags (we allow the user to toggle them) mFlags.insert(CF); + mBOOLDISPLAY.insert(CF); mFlags.insert(PF); + mBOOLDISPLAY.insert(PF); mFlags.insert(AF); + mBOOLDISPLAY.insert(AF); mFlags.insert(ZF); + mBOOLDISPLAY.insert(ZF); mFlags.insert(SF); + mBOOLDISPLAY.insert(SF); mFlags.insert(TF); + mBOOLDISPLAY.insert(TF); mFlags.insert(IF); + mBOOLDISPLAY.insert(IF); mFlags.insert(DF); + mBOOLDISPLAY.insert(DF); mFlags.insert(OF); + mBOOLDISPLAY.insert(OF); + + // FPU: XMM, x87 and MMX registers + mDWORDDISPLAY.insert(MxCsr); - // FPU x87 and MMX registers mFPUx87.insert(x87r0); + mFPUx87_80BITSDISPLAY.insert(x87r0); mFPUx87.insert(x87r1); + mFPUx87_80BITSDISPLAY.insert(x87r1); mFPUx87.insert(x87r2); + mFPUx87_80BITSDISPLAY.insert(x87r2); mFPUx87.insert(x87r3); + mFPUx87_80BITSDISPLAY.insert(x87r3); mFPUx87.insert(x87r4); + mFPUx87_80BITSDISPLAY.insert(x87r4); mFPUx87.insert(x87r5); + mFPUx87_80BITSDISPLAY.insert(x87r5); mFPUx87.insert(x87r6); + mFPUx87_80BITSDISPLAY.insert(x87r6); mFPUx87.insert(x87r7); + mFPUx87_80BITSDISPLAY.insert(x87r7); + + mFPUx87.insert(x87TagWord); + mUSHORTDISPLAY.insert(x87TagWord); + mUSHORTDISPLAY.insert(x87StatusWord); + mFPUx87.insert(x87StatusWord); + mFPUx87.insert(x87ControlWord); + mUSHORTDISPLAY.insert(x87ControlWord); + + mFPUx87.insert(x87SW_B); + mBOOLDISPLAY.insert(x87SW_B); + mFPUx87.insert(x87SW_C3); + mBOOLDISPLAY.insert(x87SW_C3); + mFPUx87.insert(x87SW_TOP); + + mFPUx87.insert(x87SW_C2); + mBOOLDISPLAY.insert(x87SW_C2); + mFPUx87.insert(x87SW_C2); + mBOOLDISPLAY.insert(x87SW_C2); + mFPUx87.insert(x87SW_C1); + mBOOLDISPLAY.insert(x87SW_C1); + mFPUx87.insert(x87SW_C0); + mBOOLDISPLAY.insert(x87SW_C0); + mFPUx87.insert(x87SW_IR); + mBOOLDISPLAY.insert(x87SW_IR); + mFPUx87.insert(x87SW_SF); + mBOOLDISPLAY.insert(x87SW_SF); + mFPUx87.insert(x87SW_P); + mBOOLDISPLAY.insert(x87SW_P); + mFPUx87.insert(x87SW_U); + mBOOLDISPLAY.insert(x87SW_U); + mFPUx87.insert(x87SW_O); + mBOOLDISPLAY.insert(x87SW_O); + mFPUx87.insert(x87SW_Z); + mBOOLDISPLAY.insert(x87SW_Z); + mFPUx87.insert(x87SW_D); + mBOOLDISPLAY.insert(x87SW_D); + mFPUx87.insert(x87SW_I); + mBOOLDISPLAY.insert(x87SW_I); + + mFPUx87.insert(x87CW_IC); + mBOOLDISPLAY.insert(x87CW_IC); + mFPUx87.insert(x87CW_RC); + + mFPUx87.insert(x87CW_PC); + + mFPUx87.insert(x87CW_IEM); + mBOOLDISPLAY.insert(x87CW_IEM); + mFPUx87.insert(x87CW_PM); + mBOOLDISPLAY.insert(x87CW_PM); + mFPUx87.insert(x87CW_UM); + mBOOLDISPLAY.insert(x87CW_UM); + mFPUx87.insert(x87CW_OM); + mBOOLDISPLAY.insert(x87CW_OM); + mFPUx87.insert(x87CW_ZM); + mBOOLDISPLAY.insert(x87CW_ZM); + mFPUx87.insert(x87CW_DM); + mBOOLDISPLAY.insert(x87CW_DM); + mFPUx87.insert(x87CW_IM); + mBOOLDISPLAY.insert(x87CW_IM); + + mBOOLDISPLAY.insert(MxCsr_FZ); + mBOOLDISPLAY.insert(MxCsr_PM); + mBOOLDISPLAY.insert(MxCsr_UM); + mBOOLDISPLAY.insert(MxCsr_OM); + mBOOLDISPLAY.insert(MxCsr_ZM); + mBOOLDISPLAY.insert(MxCsr_IM); + mBOOLDISPLAY.insert(MxCsr_DAZ); + mBOOLDISPLAY.insert(MxCsr_PE); + mBOOLDISPLAY.insert(MxCsr_UE); + mBOOLDISPLAY.insert(MxCsr_OE); + mBOOLDISPLAY.insert(MxCsr_ZE); + mBOOLDISPLAY.insert(MxCsr_DE); + mBOOLDISPLAY.insert(MxCsr_IE); + + //MxCsr_RC + mFPUMMX.insert(MM0); mFPUMMX.insert(MM1); mFPUMMX.insert(MM2); @@ -83,20 +211,66 @@ RegistersView::RegistersView(QWidget* parent) : QScrollArea(parent), mVScrollOff mFPUMMX.insert(MM6); mFPUMMX.insert(MM7); + mFPUXMM.insert(XMM0); + mFPUXMM.insert(XMM1); + mFPUXMM.insert(XMM2); + mFPUXMM.insert(XMM3); + mFPUXMM.insert(XMM4); + mFPUXMM.insert(XMM5); + mFPUXMM.insert(XMM6); + mFPUXMM.insert(XMM7); +#ifdef _WIN64 + mFPUXMM.insert(XMM8); + mFPUXMM.insert(XMM9); + mFPUXMM.insert(XMM10); + mFPUXMM.insert(XMM11); + mFPUXMM.insert(XMM12); + mFPUXMM.insert(XMM13); + mFPUXMM.insert(XMM14); + mFPUXMM.insert(XMM15); +#endif + //registers that should not be changed mNoChange.insert(GS); + mUSHORTDISPLAY.insert(GS); mNoChange.insert(FS); + mUSHORTDISPLAY.insert(FS); mNoChange.insert(ES); + mUSHORTDISPLAY.insert(ES); mNoChange.insert(DS); + mUSHORTDISPLAY.insert(DS); mNoChange.insert(CS); + mUSHORTDISPLAY.insert(CS); mNoChange.insert(SS); + mUSHORTDISPLAY.insert(SS); + mNoChange.insert(DR0); + mUINTDISPLAY.insert(DR0); + mLABELDISPLAY.insert(DR0); + mONLYMODULEANDLABELDISPLAY.insert(DR0); mNoChange.insert(DR1); + mONLYMODULEANDLABELDISPLAY.insert(DR1); + mUINTDISPLAY.insert(DR1); + mLABELDISPLAY.insert(DR2); + mONLYMODULEANDLABELDISPLAY.insert(DR2); mNoChange.insert(DR2); + mUINTDISPLAY.insert(DR2); mNoChange.insert(DR3); + mONLYMODULEANDLABELDISPLAY.insert(DR3); + mLABELDISPLAY.insert(DR3); + mUINTDISPLAY.insert(DR3); mNoChange.insert(DR6); + mLABELDISPLAY.insert(DR6); + mONLYMODULEANDLABELDISPLAY.insert(DR6); + mUINTDISPLAY.insert(DR6); mNoChange.insert(DR7); + mUINTDISPLAY.insert(DR7); + mONLYMODULEANDLABELDISPLAY.insert(DR7); + mLABELDISPLAY.insert(DR7); mNoChange.insert(CIP); + mUINTDISPLAY.insert(CIP); + mLABELDISPLAY.insert(CIP); + mONLYMODULEANDLABELDISPLAY.insert(CIP); // create mapping from internal id to name mRegisterMapping.clear(); @@ -228,39 +402,185 @@ RegistersView::RegistersView(QWidget* parent) : QScrollArea(parent), mVScrollOff mRegisterMapping.insert(x87r7, "x87r7"); mRegisterPlaces.insert(x87r7, Register_Position(offset + 13, 0, 6, 10 * 2)); + offset++; + mRegisterMapping.insert(x87TagWord, "x87TagWord"); + mRegisterPlaces.insert(x87TagWord, Register_Position(offset + 14, 0, 11, sizeof(WORD) * 2)); + + offset++; + mRegisterMapping.insert(x87StatusWord, "x87StatusWord"); + mRegisterPlaces.insert(x87StatusWord, Register_Position(offset + 15, 0, 14, sizeof(WORD) * 2)); + + mRegisterMapping.insert(x87SW_B, "x87SW_B"); + mRegisterPlaces.insert(x87SW_B, Register_Position(offset + 16, 0, 9, 1)); + mRegisterMapping.insert(x87SW_C3, "x87SW_C3"); + mRegisterPlaces.insert(x87SW_C3, Register_Position(offset + 16, 12, 10, 1)); + mRegisterMapping.insert(x87SW_C2, "x87SW_C2"); + mRegisterPlaces.insert(x87SW_C2, Register_Position(offset + 16, 25, 10, 1)); + + mRegisterMapping.insert(x87SW_C1, "x87SW_C1"); + mRegisterPlaces.insert(x87SW_C1, Register_Position(offset + 17, 0, 9, 1)); + mRegisterMapping.insert(x87SW_C0, "x87SW_C0"); + mRegisterPlaces.insert(x87SW_C0, Register_Position(offset + 17, 12, 10, 1)); + mRegisterMapping.insert(x87SW_IR, "x87SW_IR"); + mRegisterPlaces.insert(x87SW_IR, Register_Position(offset + 17, 25, 10, 1)); + + mRegisterMapping.insert(x87SW_SF, "x87SW_SF"); + mRegisterPlaces.insert(x87SW_SF, Register_Position(offset + 18, 0, 9, 1)); + mRegisterMapping.insert(x87SW_P, "x87SW_P"); + mRegisterPlaces.insert(x87SW_P, Register_Position(offset + 18, 12, 10, 1)); + mRegisterMapping.insert(x87SW_U, "x87SW_U"); + mRegisterPlaces.insert(x87SW_U, Register_Position(offset + 18, 25, 10, 1)); + + mRegisterMapping.insert(x87SW_O, "x87SW_O"); + mRegisterPlaces.insert(x87SW_O, Register_Position(offset + 19, 0, 9, 1)); + mRegisterMapping.insert(x87SW_Z, "x87SW_Z"); + mRegisterPlaces.insert(x87SW_Z, Register_Position(offset + 19, 12, 10, 1)); + mRegisterMapping.insert(x87SW_D, "x87SW_D"); + mRegisterPlaces.insert(x87SW_D, Register_Position(offset + 19, 25, 10, 1)); + + mRegisterMapping.insert(x87SW_I, "x87SW_I"); + mRegisterPlaces.insert(x87SW_I, Register_Position(offset + 20, 0, 9, 1)); + mRegisterMapping.insert(x87SW_TOP, "x87SW_TOP"); + mRegisterPlaces.insert(x87SW_TOP, Register_Position(offset + 20, 12, 10, 1)); + + offset++; + + mRegisterMapping.insert(x87ControlWord, "x87ControlWord"); + mRegisterPlaces.insert(x87ControlWord, Register_Position(offset + 21, 0, 15, sizeof(WORD) * 2)); + + mRegisterMapping.insert(x87CW_IC, "x87CW_IC"); + mRegisterPlaces.insert(x87CW_IC, Register_Position(offset + 22, 0, 9, 1)); + mRegisterMapping.insert(x87CW_IEM, "x87CW_IEM"); + mRegisterPlaces.insert(x87CW_IEM, Register_Position(offset + 22, 12, 10, 1)); + mRegisterMapping.insert(x87CW_PM, "x87CW_PM"); + mRegisterPlaces.insert(x87CW_PM, Register_Position(offset + 22, 25, 10, 1)); + + mRegisterMapping.insert(x87CW_UM, "x87CW_UM"); + mRegisterPlaces.insert(x87CW_UM, Register_Position(offset + 23, 0, 9, 1)); + mRegisterMapping.insert(x87CW_OM, "x87CW_OM"); + mRegisterPlaces.insert(x87CW_OM, Register_Position(offset + 23, 12, 10, 1)); + mRegisterMapping.insert(x87CW_ZM, "x87CW_ZM"); + mRegisterPlaces.insert(x87CW_ZM, Register_Position(offset + 23, 25, 10, 1)); + + mRegisterMapping.insert(x87CW_DM, "x87CW_DM"); + mRegisterPlaces.insert(x87CW_DM, Register_Position(offset + 24, 0, 9, 1)); + mRegisterMapping.insert(x87CW_IM, "x87CW_IM"); + mRegisterPlaces.insert(x87CW_IM, Register_Position(offset + 24, 12, 10, 1)); + mRegisterMapping.insert(x87CW_RC, "x87CW_RC"); + mRegisterPlaces.insert(x87CW_RC, Register_Position(offset + 24, 25, 10, 1)); + + mRegisterMapping.insert(x87CW_PC, "x87CW_PC"); + mRegisterPlaces.insert(x87CW_PC, Register_Position(offset + 25, 0, 9, 1)); + + offset++; + + mRegisterMapping.insert(MxCsr, "MxCsr"); + mRegisterPlaces.insert(MxCsr, Register_Position(offset + 26, 0, 6, sizeof(DWORD) * 2)); + + mRegisterMapping.insert(MxCsr_FZ, "MxCsr_FZ"); + mRegisterPlaces.insert(MxCsr_FZ, Register_Position(offset + 27, 0, 9, 1)); + mRegisterMapping.insert(MxCsr_PM, "MxCsr_PM"); + mRegisterPlaces.insert(MxCsr_PM, Register_Position(offset + 27, 12, 10, 1)); + mRegisterMapping.insert(MxCsr_UM, "MxCsr_UM"); + mRegisterPlaces.insert(MxCsr_UM, Register_Position(offset + 27, 25, 10, 1)); + + mRegisterMapping.insert(MxCsr_OM, "MxCsr_OM"); + mRegisterPlaces.insert(MxCsr_OM, Register_Position(offset + 28, 0, 9, 1)); + mRegisterMapping.insert(MxCsr_ZM, "MxCsr_ZM"); + mRegisterPlaces.insert(MxCsr_ZM, Register_Position(offset + 28, 12, 10, 1)); + mRegisterMapping.insert(MxCsr_IM, "MxCsr_IM"); + mRegisterPlaces.insert(MxCsr_IM, Register_Position(offset + 28, 25, 10, 1)); + + mRegisterMapping.insert(MxCsr_UE, "MxCsr_UE"); + mRegisterPlaces.insert(MxCsr_UE, Register_Position(offset + 29, 0, 9, 1)); + mRegisterMapping.insert(MxCsr_PE, "MxCsr_PE"); + mRegisterPlaces.insert(MxCsr_PE, Register_Position(offset + 29, 12, 10, 1)); + mRegisterMapping.insert(MxCsr_DAZ, "MxCsr_DAZ"); + mRegisterPlaces.insert(MxCsr_DAZ, Register_Position(offset + 29, 25, 10, 1)); + + mRegisterMapping.insert(MxCsr_OE, "MxCsr_OE"); + mRegisterPlaces.insert(MxCsr_OE, Register_Position(offset + 30, 0, 9, 1)); + mRegisterMapping.insert(MxCsr_ZE, "MxCsr_ZE"); + mRegisterPlaces.insert(MxCsr_ZE, Register_Position(offset + 30, 12, 10, 1)); + mRegisterMapping.insert(MxCsr_DE, "MxCsr_DE"); + mRegisterPlaces.insert(MxCsr_DE, Register_Position(offset + 30, 25, 10, 1)); + + mRegisterMapping.insert(MxCsr_IE, "MxCsr_IE"); + mRegisterPlaces.insert(MxCsr_IE, Register_Position(offset + 31, 0, 9, 1)); + mRegisterMapping.insert(MxCsr_RC, "MxCsr_RC"); + mRegisterPlaces.insert(MxCsr_RC, Register_Position(offset + 31, 12, 10, 1)); + offset++; mRegisterMapping.insert(MM0, "MM0"); - mRegisterPlaces.insert(MM0, Register_Position(offset + 14, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM0, Register_Position(offset + 32, 0, 4, 8 * 2)); mRegisterMapping.insert(MM1, "MM1"); - mRegisterPlaces.insert(MM1, Register_Position(offset + 15, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM1, Register_Position(offset + 33, 0, 4, 8 * 2)); mRegisterMapping.insert(MM2, "MM2"); - mRegisterPlaces.insert(MM2, Register_Position(offset + 16, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM2, Register_Position(offset + 34, 0, 4, 8 * 2)); mRegisterMapping.insert(MM3, "MM3"); - mRegisterPlaces.insert(MM3, Register_Position(offset + 17, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM3, Register_Position(offset + 35, 0, 4, 8 * 2)); mRegisterMapping.insert(MM4, "MM4"); - mRegisterPlaces.insert(MM4, Register_Position(offset + 18, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM4, Register_Position(offset + 36, 0, 4, 8 * 2)); mRegisterMapping.insert(MM5, "MM5"); - mRegisterPlaces.insert(MM5, Register_Position(offset + 19, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM5, Register_Position(offset + 37, 0, 4, 8 * 2)); mRegisterMapping.insert(MM6, "MM6"); - mRegisterPlaces.insert(MM6, Register_Position(offset + 20, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM6, Register_Position(offset + 38, 0, 4, 8 * 2)); mRegisterMapping.insert(MM7, "MM7"); - mRegisterPlaces.insert(MM7, Register_Position(offset + 21, 0, 4, 8 * 2)); + mRegisterPlaces.insert(MM7, Register_Position(offset + 39, 0, 4, 8 * 2)); offset++; mRegisterMapping.insert(DR0, "DR0"); - mRegisterPlaces.insert(DR0, Register_Position(offset + 22, 0, 4, sizeof(uint_t) * 2)); + mRegisterPlaces.insert(DR0, Register_Position(offset + 40, 0, 4, sizeof(uint_t) * 2)); mRegisterMapping.insert(DR1, "DR1"); - mRegisterPlaces.insert(DR1, Register_Position(offset + 23, 0, 4, sizeof(uint_t) * 2)); + mRegisterPlaces.insert(DR1, Register_Position(offset + 41, 0, 4, sizeof(uint_t) * 2)); mRegisterMapping.insert(DR2, "DR2"); - mRegisterPlaces.insert(DR2, Register_Position(offset + 24, 0, 4, sizeof(uint_t) * 2)); + mRegisterPlaces.insert(DR2, Register_Position(offset + 42, 0, 4, sizeof(uint_t) * 2)); mRegisterMapping.insert(DR3, "DR3"); - mRegisterPlaces.insert(DR3, Register_Position(offset + 25, 0, 4, sizeof(uint_t) * 2)); + mRegisterPlaces.insert(DR3, Register_Position(offset + 43, 0, 4, sizeof(uint_t) * 2)); mRegisterMapping.insert(DR6, "DR6"); - mRegisterPlaces.insert(DR6, Register_Position(offset + 26, 0, 4, sizeof(uint_t) * 2)); + mRegisterPlaces.insert(DR6, Register_Position(offset + 44, 0, 4, sizeof(uint_t) * 2)); mRegisterMapping.insert(DR7, "DR7"); - mRegisterPlaces.insert(DR7, Register_Position(offset + 27, 0, 4, sizeof(uint_t) * 2)); + mRegisterPlaces.insert(DR7, Register_Position(offset + 45, 0, 4, sizeof(uint_t) * 2)); + + offset++; + + mRegisterMapping.insert(XMM0, "XMM0"); + mRegisterPlaces.insert(XMM0, Register_Position(offset + 46, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM1, "XMM1"); + mRegisterPlaces.insert(XMM1, Register_Position(offset + 47, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM2, "XMM2"); + mRegisterPlaces.insert(XMM2, Register_Position(offset + 48, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM3, "XMM3"); + mRegisterPlaces.insert(XMM3, Register_Position(offset + 49, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM4, "XMM4"); + mRegisterPlaces.insert(XMM4, Register_Position(offset + 50, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM5, "XMM5"); + mRegisterPlaces.insert(XMM5, Register_Position(offset + 51, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM6, "XMM6"); + mRegisterPlaces.insert(XMM6, Register_Position(offset + 52, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM7, "XMM7"); + mRegisterPlaces.insert(XMM7, Register_Position(offset + 53, 0, 6, 16 * 2)); + +#ifdef _WIN64 + mRegisterMapping.insert(XMM8, "XMM8"); + mRegisterPlaces.insert(XMM8, Register_Position(offset + 54, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM9, "XMM9"); + mRegisterPlaces.insert(XMM9, Register_Position(offset + 55, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM10, "XMM10"); + mRegisterPlaces.insert(XMM10, Register_Position(offset + 56, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM11, "XMM11"); + mRegisterPlaces.insert(XMM11, Register_Position(offset + 57, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM12, "XMM12"); + mRegisterPlaces.insert(XMM12, Register_Position(offset + 58, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM13, "XMM13"); + mRegisterPlaces.insert(XMM13, Register_Position(offset + 59, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM14, "XMM14"); + mRegisterPlaces.insert(XMM14, Register_Position(offset + 60, 0, 6, 16 * 2)); + mRegisterMapping.insert(XMM15, "XMM15"); + mRegisterPlaces.insert(XMM15, Register_Position(offset + 61, 0, 6, 16 * 2)); +#endif fontsUpdatedSlot(); connect(Config(), SIGNAL(fontsUpdated()), this, SLOT(fontsUpdatedSlot())); @@ -445,11 +765,11 @@ QString RegistersView::getRegisterLabel(REGISTER_NAME register_selected) bool hasLabel = DbgGetLabelAt(register_value, SEG_DEFAULT, label_text); bool hasModule = DbgGetModuleAt(register_value, module_text); - if(hasString && register_selected != CIP) + if(hasString && !mONLYMODULEANDLABELDISPLAY.contains(register_selected)) { newText = string_text; } - else if(hasLabel && hasModule && register_selected != CIP) + else if(hasLabel && hasModule) { newText = "<" + QString(module_text) + "." + QString(label_text) + ">"; } @@ -457,11 +777,11 @@ QString RegistersView::getRegisterLabel(REGISTER_NAME register_selected) { newText = QString(module_text) + "." + valueText; } - else if(hasLabel && register_selected != CIP) + else if(hasLabel) { newText = "<" + QString(label_text) + ">"; } - else if(register_selected != CIP) + else if(!mONLYMODULEANDLABELDISPLAY.contains(register_selected)) { bool isCharacter = false; if(register_value == (register_value & 0xFF)) @@ -558,60 +878,6 @@ void RegistersView::drawRegister(QPainter* p, REGISTER_NAME reg, char* value) // is the register-id known? if(mRegisterMapping.contains(reg)) { - uint_t nouint_value; - bool enable_label_detection = false; - switch(reg) - { - case CAX: - case CCX: - case CDX: - case CBX: - case CDI: - case CBP: - case CSI: - case CSP: - case R8: - case R9: - case R10: - case R11: - case R12: - case R13: - case R14: - case R15: - case CIP: - case DR0: - case DR1: - case DR2: - case DR3: - case DR6: - case DR7: - enable_label_detection = true; - break; - - case CF: - case PF: - case AF: - case ZF: - case SF: - case TF: - case IF: - case DF: - case OF: - nouint_value = * ((bool*) value); - value = (char*) & nouint_value; - break; - - case GS: - case FS: - case ES: - case DS: - case CS: - case SS: - nouint_value = * ((unsigned short*) value); - value = (char*) & nouint_value; - break; - } - // padding to the left is at least one character (looks better) int x = mCharWidth * (1 + mRegisterPlaces[reg].start); int ySpace = yTopSpacing; @@ -649,44 +915,70 @@ void RegistersView::drawRegister(QPainter* p, REGISTER_NAME reg, char* value) QString valueText; // draw value - if(mFPUx87.contains(reg) || mFPUMMX.contains(reg)) - { - SIZE_T size; - if(mFPUx87.contains(reg)) - size = 10; - else - size = 8; - valueText = QString(QByteArray(value, size).toHex()).toUpper(); - } - else + if(mUINTDISPLAY.contains(reg)) valueText = QString("%1").arg((* ((uint_t*) value)), mRegisterPlaces[reg].valuesize, 16, QChar('0')).toUpper(); - + else if(mUSHORTDISPLAY.contains(reg)) + valueText = QString("%1").arg((* ((unsigned short*) value)), mRegisterPlaces[reg].valuesize, 16, QChar('0')).toUpper(); + else if(mDWORDDISPLAY.contains(reg)) + valueText = QString("%1").arg((* ((DWORD*) value)), mRegisterPlaces[reg].valuesize, 16, QChar('0')).toUpper(); + else if(mBOOLDISPLAY.contains(reg)) + valueText = QString("%1").arg((* ((bool*) value)), mRegisterPlaces[reg].valuesize, 16, QChar('0')).toUpper(); + else + { + SIZE_T size = GetSizeRegister(reg); + if(size != 0) + valueText = QString(QByteArray(value, size).toHex()).toUpper(); + else + valueText = QString("???"); + } width = mCharWidth * valueText.length(); p->drawText(x, y, width, mRowHeight, Qt::AlignVCenter, valueText); //p->drawText(x + (mRegisterPlaces[reg].labelwidth)*mCharWidth ,mRowHeight*(mRegisterPlaces[reg].line+1),QString("%1").arg(value, mRegisterPlaces[reg].valuesize, 16, QChar('0')).toUpper()); x += valueText.length() * mCharWidth; - if((mFPUx87.contains(reg) || mFPUMMX.contains(reg)) && DbgIsDebugging()) + if(mFPUx87_80BITSDISPLAY.contains(reg) && DbgIsDebugging()) { x += 1 * mCharWidth; //1 space QString newText; - if(mFPUx87.contains(reg)) + newText = QString("ST%1 ").arg(((x87FPURegister_t*) registerValue(&wRegDumpStruct, reg))->st_value); + +#define X87FPU_TAGWORD_NONZERO 0 +#define X87FPU_TAGWORD_ZERO 1 +#define X87FPU_TAGWORD_SPECIAL 2 +#define X87FPU_TAGWORD_EMPTY 3 + + switch(((x87FPURegister_t*) registerValue(&wRegDumpStruct, reg))->tag) { - newText = QString("ST%1 ").arg(((x87FPURegister_t*) registerValue(&wRegDumpStruct, reg))->st_value); - newText += QString::number(readFloat80(((x87FPURegister_t*) registerValue(&wRegDumpStruct, reg))->data)); - } - else - { - newText = QString::number(* (double*)(((x87FPURegister_t*) registerValue(&wRegDumpStruct, reg))->data)); + case X87FPU_TAGWORD_NONZERO: + newText += QString("nonzero "); + break; + + case X87FPU_TAGWORD_ZERO: + newText += QString("zero "); + break; + + case X87FPU_TAGWORD_SPECIAL: + newText += QString("special "); + break; + + case X87FPU_TAGWORD_EMPTY: + newText += QString("empty "); + break; + + default: + newText += QString("unkown "); + break; } + + newText += QString::number(readFloat80(((x87FPURegister_t*) registerValue(&wRegDumpStruct, reg))->data)); width = newText.length() * mCharWidth; p->setPen(ConfigColor("RegistersExtraInfoColor")); p->drawText(x, y, width, mRowHeight, Qt::AlignVCenter, newText); } // do we have a label ? - if(enable_label_detection) + if(mLABELDISPLAY.contains(reg)) { x += 5 * mCharWidth; //5 spaces @@ -819,7 +1111,7 @@ void RegistersView::onCopyToClipboardAction() void RegistersView::onCopySymbolToClipboardAction() { - if(mGPR.contains(mSelected)) + if(mLABELDISPLAY.contains(mSelected)) { QClipboard* clipboard = QApplication::clipboard(); QString symbol = getRegisterLabel(mSelected); @@ -952,41 +1244,47 @@ void RegistersView::repaint() this->viewport()->repaint(); } - -uint_t RegistersView::GetUintValue(REGISTER_NAME reg, char* value) +SIZE_T RegistersView::GetSizeRegister(const REGISTER_NAME reg_name) { - switch(reg) - { - case CF: - case PF: - case AF: - case ZF: - case SF: - case TF: - case IF: - case DF: - case OF: - return (uint_t) * ((bool*) value); - break; + SIZE_T size; - case GS: - case FS: - case ES: - case DS: - case CS: - case SS: - return (uint_t) * ((unsigned short*) value); - break; - } + if(mUINTDISPLAY.contains(reg_name)) + size = sizeof(uint_t); + else if(mUSHORTDISPLAY.contains(reg_name)) + size = sizeof(unsigned short); + else if(mDWORDDISPLAY.contains(reg_name)) + size = sizeof(DWORD); + else if(mBOOLDISPLAY.contains(reg_name)) + size = sizeof(bool); + else if(mFPUx87_80BITSDISPLAY.contains(reg_name)) + size = 10; + else if(mFPUMMX.contains(reg_name)) + size = 8; + else if(mFPUXMM.contains(reg_name)) + size = 16; + else + size = 0; - return * ((uint_t*) value); + return size; +} + +int RegistersView::CompareRegisters(const REGISTER_NAME reg_name, REGDUMP* regdump1, REGDUMP* regdump2) +{ + SIZE_T size = GetSizeRegister(reg_name); + char* reg1_data = registerValue(regdump1, reg_name); + char* reg2_data = registerValue(regdump2, reg_name); + + if(size != 0) + return memcmp(reg1_data, reg2_data, size); + + return -1; } char* RegistersView::registerValue(const REGDUMP* regd, const REGISTER_NAME reg) { static int null_value = 0; // this is probably the most efficient general method to access the values of the struct - + // TODO: or maybe we can add an array with something like: return array[reg].data, this is more fast :-) if(reg == CAX) return (char*) & (regd->titcontext.cax); if(reg == CBX) return (char*) & (regd->titcontext.cbx); if(reg == CCX) return (char*) & (regd->titcontext.ccx); @@ -1034,23 +1332,46 @@ char* RegistersView::registerValue(const REGDUMP* regd, const REGISTER_NAME reg) if(reg == DR6) return (char*) & (regd->titcontext.dr6); if(reg == DR7) return (char*) & (regd->titcontext.dr7); - if(reg == MM0) return (char*) & (regd->titcontext.mmx[0]); - if(reg == MM1) return (char*) & (regd->titcontext.mmx[1]); - if(reg == MM2) return (char*) & (regd->titcontext.mmx[2]); - if(reg == MM3) return (char*) & (regd->titcontext.mmx[3]); - if(reg == MM4) return (char*) & (regd->titcontext.mmx[4]); - if(reg == MM5) return (char*) & (regd->titcontext.mmx[5]); - if(reg == MM6) return (char*) & (regd->titcontext.mmx[6]); - if(reg == MM7) return (char*) & (regd->titcontext.mmx[7]); + if(reg == MM0) return (char*) & (regd->mmx[0]); + if(reg == MM1) return (char*) & (regd->mmx[1]); + if(reg == MM2) return (char*) & (regd->mmx[2]); + if(reg == MM3) return (char*) & (regd->mmx[3]); + if(reg == MM4) return (char*) & (regd->mmx[4]); + if(reg == MM5) return (char*) & (regd->mmx[5]); + if(reg == MM6) return (char*) & (regd->mmx[6]); + if(reg == MM7) return (char*) & (regd->mmx[7]); - if(reg == x87r0) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[0]); - if(reg == x87r1) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[1]); - if(reg == x87r2) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[2]); - if(reg == x87r3) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[3]); - if(reg == x87r4) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[4]); - if(reg == x87r5) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[5]); - if(reg == x87r6) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[6]); - if(reg == x87r7) return (char*) & (regd->titcontext.x87fpu.x87FPURegister[7]); + if(reg == x87r0) return (char*) & (regd->x87FPURegisters[0]); + if(reg == x87r1) return (char*) & (regd->x87FPURegisters[1]); + if(reg == x87r2) return (char*) & (regd->x87FPURegisters[2]); + if(reg == x87r3) return (char*) & (regd->x87FPURegisters[3]); + if(reg == x87r4) return (char*) & (regd->x87FPURegisters[4]); + if(reg == x87r5) return (char*) & (regd->x87FPURegisters[5]); + if(reg == x87r6) return (char*) & (regd->x87FPURegisters[6]); + if(reg == x87r7) return (char*) & (regd->x87FPURegisters[7]); + + if(reg == x87ControlWord) return (char*) & (regd->titcontext.x87fpu.ControlWord); + if(reg == x87StatusWord) return (char*) & (regd->titcontext.x87fpu.StatusWord); + if(reg == x87TagWord) return (char*) & (regd->titcontext.x87fpu.TagWord); + + if(reg == MxCsr) return (char*) & (regd->titcontext.MxCsr); + + if(reg == XMM0) return (char*) & (regd->titcontext.XmmRegisters[0]); + if(reg == XMM1) return (char*) & (regd->titcontext.XmmRegisters[1]); + if(reg == XMM2) return (char*) & (regd->titcontext.XmmRegisters[2]); + if(reg == XMM3) return (char*) & (regd->titcontext.XmmRegisters[3]); + if(reg == XMM4) return (char*) & (regd->titcontext.XmmRegisters[4]); + if(reg == XMM5) return (char*) & (regd->titcontext.XmmRegisters[5]); + if(reg == XMM6) return (char*) & (regd->titcontext.XmmRegisters[6]); + if(reg == XMM7) return (char*) & (regd->titcontext.XmmRegisters[7]); + if(reg == XMM8) return (char*) & (regd->titcontext.XmmRegisters[8]); + if(reg == XMM9) return (char*) & (regd->titcontext.XmmRegisters[9]); + if(reg == XMM10) return (char*) & (regd->titcontext.XmmRegisters[10]); + if(reg == XMM11) return (char*) & (regd->titcontext.XmmRegisters[11]); + if(reg == XMM12) return (char*) & (regd->titcontext.XmmRegisters[12]); + if(reg == XMM13) return (char*) & (regd->titcontext.XmmRegisters[13]); + if(reg == XMM14) return (char*) & (regd->titcontext.XmmRegisters[14]); + if(reg == XMM15) return (char*) & (regd->titcontext.XmmRegisters[15]); return (char*) & null_value; } @@ -1069,9 +1390,7 @@ void RegistersView::setRegisters(REGDUMP* reg) // iterate all ids (CAX, CBX, ...) while(it != mRegisterMapping.end()) { - uint_t old_value = GetUintValue((REGISTER_NAME) it.key(), registerValue(reg, it.key())); - uint_t new_value = GetUintValue((REGISTER_NAME) it.key(), registerValue(&wCipRegDumpStruct, it.key())); - if(old_value != new_value) + if(CompareRegisters(it.key(), reg, &wCipRegDumpStruct) != 0) mRegisterUpdates.insert(it.key()); else if(mRegisterUpdates.contains(it.key())) //registers are equal mRegisterUpdates.remove(it.key()); diff --git a/x64_dbg_gui/Project/Src/Gui/RegistersView.h b/x64_dbg_gui/Project/Src/Gui/RegistersView.h index 469b0771..77bfce26 100644 --- a/x64_dbg_gui/Project/Src/Gui/RegistersView.h +++ b/x64_dbg_gui/Project/Src/Gui/RegistersView.h @@ -27,8 +27,24 @@ public: EFLAGS, CF, PF, AF, ZF, SF, TF, IF, DF, OF, GS, FS, ES, DS, CS, SS, DR0, DR1, DR2, DR3, DR6, DR7, + // x87 stuff x87r0, x87r1, x87r2, x87r3, x87r4, x87r5, x87r6, x87r7, + x87TagWord, x87ControlWord, x87StatusWord, + // x87 Status Word fields + x87SW_B, x87SW_C3, x87SW_TOP, x87SW_C2, x87SW_C1, x87SW_O, + x87SW_IR, x87SW_SF, x87SW_P, x87SW_U, x87SW_Z, + x87SW_D, x87SW_I, x87SW_C0, + // x87 Control Word fields + x87CW_IC, x87CW_RC, x87CW_PC, x87CW_IEM, x87CW_PM, + x87CW_UM, x87CW_OM, x87CW_ZM, x87CW_DM, x87CW_IM, + //MxCsr + MxCsr, MxCsr_FZ, MxCsr_PM, MxCsr_UM, MxCsr_OM, MxCsr_ZM, + MxCsr_IM, MxCsr_DAZ, MxCsr_PE, MxCsr_UE, MxCsr_OE, + MxCsr_ZE, MxCsr_DE, MxCsr_IE, MxCsr_RC, + // MMX and XMM MM0, MM1, MM2, MM3, MM4, MM5, MM6, MM7, + XMM0, XMM1, XMM2, XMM3, XMM4, XMM5, XMM6, XMM7, + XMM8, XMM9, XMM10, XMM11, XMM12, XMM13, XMM14, XMM15, UNKNOWN }; @@ -101,21 +117,29 @@ protected slots: void onFollowInDump(); void onFollowInStack(); QString getRegisterLabel(REGISTER_NAME); - uint_t GetUintValue(REGISTER_NAME, char*); - + int CompareRegisters(const REGISTER_NAME reg_name, REGDUMP* regdump1, REGDUMP* regdump2); + SIZE_T GetSizeRegister(const REGISTER_NAME reg_name); private: int mVScrollOffset; int mRowsNeeded; int yTopSpacing; + QSet mUINTDISPLAY; + QSet mUSHORTDISPLAY; + QSet mDWORDDISPLAY; + QSet mBOOLDISPLAY; + QSet mLABELDISPLAY; + QSet mONLYMODULEANDLABELDISPLAY; + QSet mFPUx87_80BITSDISPLAY; // holds current selected register REGISTER_NAME mSelected; // general purposes register id s (cax, ..., r8, ....) QSet mGPR; // all flags QSet mFlags; - // FPU x87 and MMX registers + // FPU x87, XMM and MMX registers QSet mFPUx87; QSet mFPUMMX; + QSet mFPUXMM; // contains all id's of registers if there occurs a change QSet mRegisterUpdates; // registers that do not allow changes