x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

GUI+DBG+BRIDGE: added thread switching + fixed a bug in callstack + added CB_WINEVENT_GLOBAL plugin callback + auto-update memory map on allocation size change + added sleep script command

This commit is contained in:
Mr. eXoDia 2014-07-28 01:14:32 +02:00
parent 32ec82ac23
commit b64245837d
23 changed files with 454 additions and 267 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
x64_dbg_bridge/bridgemain.cpp
View File

@ -731,6 +731,13 @@ BRIDGE_IMPEXP bool DbgWinEvent(MSG* message, long* result)
return false;
}
BRIDGE_IMPEXP bool DbgWinEventGlobal(MSG* message)
{
if(_dbg_sendmessage(DBG_WIN_EVENT_GLOBAL, message, 0))
return true;
return false;
}
//GUI
BRIDGE_IMPEXP void GuiDisasmAt(duint addr, duint cip)
{

2
x64_dbg_bridge/bridgemain.h
View File

@ -164,6 +164,7 @@ typedef enum
DBG_GET_STRING_AT, // param1=duint addr, param2=unused
DBG_GET_FUNCTIONS, // param1=unused, param2=unused
DBG_WIN_EVENT, // param1=MSG* message, param2=long* result
DBG_WIN_EVENT_GLOBAL // param1=MSG* message, param2=unused
} DBGMSG;
typedef enum
@ -564,6 +565,7 @@ BRIDGE_IMPEXP void DbgClearAutoFunctionRange(duint start, duint end);
BRIDGE_IMPEXP bool DbgGetStringAt(duint addr, char* text);
BRIDGE_IMPEXP const DBGFUNCTIONS* DbgFunctions();
BRIDGE_IMPEXP bool DbgWinEvent(MSG* message, long* result);
BRIDGE_IMPEXP bool DbgWinEventGlobal(MSG* message);
//Gui defines
#define GUI_PLUGIN_MENU 0

2
x64_dbg_dbg/_dbgfunctions.cpp
View File

@ -103,7 +103,7 @@ static int _modpathfromname(const char* modname, char* path, int size)
static void _getcallstack(DBGCALLSTACK* callstack)
{
stackgetcallstack(GetContextData(UE_CSP), (CALLSTACK*)callstack);
stackgetcallstack(GetContextDataEx(hActiveThread, UE_CSP), (CALLSTACK*)callstack);
}
void dbgfunctionsinit()

84
x64_dbg_dbg/_exports.cpp
View File

@ -69,9 +69,9 @@ extern "C" DLL_EXPORT bool _dbg_isjumpgoingtoexecute(duint addr)
static uint cacheFlags;
static uint cacheAddr;
static bool cacheResult;
if(cacheAddr!=addr or cacheFlags!=GetContextData(UE_EFLAGS))
if(cacheAddr!=addr or cacheFlags!=GetContextDataEx(hActiveThread, UE_EFLAGS))
{
cacheFlags=GetContextData(UE_EFLAGS);
cacheFlags=GetContextDataEx(hActiveThread, UE_EFLAGS);
cacheAddr=addr;
cacheResult=IsJumpGoingToExecuteEx(fdProcessInfo->hProcess, fdProcessInfo->hThread, (ULONG_PTR)cacheAddr, cacheFlags);
}
@ -339,79 +339,79 @@ extern "C" DLL_EXPORT bool _dbg_getregdump(REGDUMP* regdump)
}
REGDUMP r;
#ifdef _WIN64
r.cax=GetContextData(UE_RAX);
r.cax=GetContextDataEx(hActiveThread, UE_RAX);
#else
r.cax=(duint)GetContextData(UE_EAX);
r.cax=(duint)GetContextDataEx(hActiveThread, UE_EAX);
#endif // _WIN64
#ifdef _WIN64
r.ccx=GetContextData(UE_RCX);
r.ccx=GetContextDataEx(hActiveThread, UE_RCX);
#else
r.ccx=(duint)GetContextData(UE_ECX);
r.ccx=(duint)GetContextDataEx(hActiveThread, UE_ECX);
#endif // _WIN64
#ifdef _WIN64
r.cdx=GetContextData(UE_RDX);
r.cdx=GetContextDataEx(hActiveThread, UE_RDX);
#else
r.cdx=(duint)GetContextData(UE_EDX);
r.cdx=(duint)GetContextDataEx(hActiveThread, UE_EDX);
#endif // _WIN64
#ifdef _WIN64
r.cbx=GetContextData(UE_RBX);
r.cbx=GetContextDataEx(hActiveThread, UE_RBX);
#else
r.cbx=(duint)GetContextData(UE_EBX);
r.cbx=(duint)GetContextDataEx(hActiveThread, UE_EBX);
#endif // _WIN64
#ifdef _WIN64
r.cbp=GetContextData(UE_RBP);
r.cbp=GetContextDataEx(hActiveThread, UE_RBP);
#else
r.cbp=(duint)GetContextData(UE_EBP);
r.cbp=(duint)GetContextDataEx(hActiveThread, UE_EBP);
#endif // _WIN64
#ifdef _WIN64
r.csi=GetContextData(UE_RSI);
r.csi=GetContextDataEx(hActiveThread, UE_RSI);
#else
r.csi=(duint)GetContextData(UE_ESI);
r.csi=(duint)GetContextDataEx(hActiveThread, UE_ESI);
#endif // _WIN64
#ifdef _WIN64
r.cdi=GetContextData(UE_RDI);
r.cdi=GetContextDataEx(hActiveThread, UE_RDI);
#else
r.cdi=(duint)GetContextData(UE_EDI);
r.cdi=(duint)GetContextDataEx(hActiveThread, UE_EDI);
#endif // _WIN64
#ifdef _WIN64
r.r8=GetContextData(UE_R8);
r.r8=GetContextDataEx(hActiveThread, UE_R8);
#endif // _WIN64
#ifdef _WIN64
r.r9=GetContextData(UE_R9);
r.r9=GetContextDataEx(hActiveThread, UE_R9);
#endif // _WIN64
#ifdef _WIN64
r.r10=GetContextData(UE_R10);
r.r10=GetContextDataEx(hActiveThread, UE_R10);
#endif // _WIN64
#ifdef _WIN64
r.r11=GetContextData(UE_R11);
r.r11=GetContextDataEx(hActiveThread, UE_R11);
#endif // _WIN64
#ifdef _WIN64
r.r12=GetContextData(UE_R12);
r.r12=GetContextDataEx(hActiveThread, UE_R12);
#endif // _WIN64
#ifdef _WIN64
r.r13=GetContextData(UE_R13);
r.r13=GetContextDataEx(hActiveThread, UE_R13);
#endif // _WIN64
#ifdef _WIN64
r.r14=GetContextData(UE_R14);
r.r14=GetContextDataEx(hActiveThread, UE_R14);
#endif // _WIN64
#ifdef _WIN64
r.r15=GetContextData(UE_R15);
r.r15=GetContextDataEx(hActiveThread, UE_R15);
#endif // _WIN64
r.csp=(duint)GetContextData(UE_CSP);
r.cip=(duint)GetContextData(UE_CIP);
r.eflags=(unsigned int)GetContextData(UE_EFLAGS);
r.gs=(unsigned short)(GetContextData(UE_SEG_GS)&0xFFFF);
r.fs=(unsigned short)(GetContextData(UE_SEG_FS)&0xFFFF);
r.es=(unsigned short)(GetContextData(UE_SEG_ES)&0xFFFF);
r.ds=(unsigned short)(GetContextData(UE_SEG_DS)&0xFFFF);
r.cs=(unsigned short)(GetContextData(UE_SEG_CS)&0xFFFF);
r.ss=(unsigned short)(GetContextData(UE_SEG_SS)&0xFFFF);
r.dr0=(duint)GetContextData(UE_DR0);
r.dr1=(duint)GetContextData(UE_DR1);
r.dr2=(duint)GetContextData(UE_DR2);
r.dr3=(duint)GetContextData(UE_DR3);
r.dr6=(duint)GetContextData(UE_DR6);
r.dr7=(duint)GetContextData(UE_DR7);
r.csp=(duint)GetContextDataEx(hActiveThread, UE_CSP);
r.cip=(duint)GetContextDataEx(hActiveThread, UE_CIP);
r.eflags=(unsigned int)GetContextDataEx(hActiveThread, UE_EFLAGS);
r.gs=(unsigned short)(GetContextDataEx(hActiveThread, UE_SEG_GS)&0xFFFF);
r.fs=(unsigned short)(GetContextDataEx(hActiveThread, UE_SEG_FS)&0xFFFF);
r.es=(unsigned short)(GetContextDataEx(hActiveThread, UE_SEG_ES)&0xFFFF);
r.ds=(unsigned short)(GetContextDataEx(hActiveThread, UE_SEG_DS)&0xFFFF);
r.cs=(unsigned short)(GetContextDataEx(hActiveThread, UE_SEG_CS)&0xFFFF);
r.ss=(unsigned short)(GetContextDataEx(hActiveThread, UE_SEG_SS)&0xFFFF);
r.dr0=(duint)GetContextDataEx(hActiveThread, UE_DR0);
r.dr1=(duint)GetContextDataEx(hActiveThread, UE_DR1);
r.dr2=(duint)GetContextDataEx(hActiveThread, UE_DR2);
r.dr3=(duint)GetContextDataEx(hActiveThread, UE_DR3);
r.dr6=(duint)GetContextDataEx(hActiveThread, UE_DR6);
r.dr7=(duint)GetContextDataEx(hActiveThread, UE_DR7);
duint cflags=r.eflags;
r.flags.c=valflagfromstring(cflags, "cf");
r.flags.p=valflagfromstring(cflags, "pf");
@ -890,6 +890,12 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
return (uint)pluginwinevent((MSG*)param1, (long*)param2);
}
break;
case DBG_WIN_EVENT_GLOBAL:
{
return (uint)pluginwineventglobal((MSG*)param1);
}
break;
}
return 0;
}

2
x64_dbg_dbg/_plugins.cpp
View File

@ -42,7 +42,7 @@ PLUG_IMPEXP void _plugin_logputs(const char* text)
PLUG_IMPEXP void _plugin_debugpause()
{
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());

9
x64_dbg_dbg/_plugins.h
View File

@ -153,6 +153,12 @@ typedef struct
bool retval;
} PLUG_CB_WINEVENT;
typedef struct
{
MSG* message;
bool retval;
} PLUG_CB_WINEVENTGLOBAL;
//enums
typedef enum
{
@ -175,7 +181,8 @@ typedef enum
CB_DETACH, //PLUG_CB_DETACH (before detaching, before CB_STOPDEBUG)
CB_DEBUGEVENT, //PLUG_CB_DEBUGEVENT (called on any debug event)
CB_MENUENTRY, //PLUG_CB_MENUENTRY
CB_WINEVENT //PLUG_CB_WINEVENT
CB_WINEVENT, //PLUG_CB_WINEVENT
CB_WINEVENTGLOBAL //PLUG_CB_WINEVENTGLOBAL
} CBTYPE;
//typedefs

115
x64_dbg_dbg/debugger.cpp
View File

@ -35,16 +35,44 @@ static bool bBreakOnNextDll=false;
static int ecount=0;
static std::vector<ExceptionRange> ignoredExceptionRange;
static std::map<unsigned int, const char*> exceptionNames;
static SIZE_T cachePrivateUsage=0;
//Superglobal variables
char sqlitedb[deflen]="";
PROCESS_INFORMATION* fdProcessInfo=&g_pi;
HANDLE hActiveThread;
//static functions
static void cbStep();
static void cbSystemBreakpoint(void* ExceptionData);
static void cbUserBreakpoint();
static SIZE_T getprivateusage(HANDLE hProcess)
{
PROCESS_MEMORY_COUNTERS_EX memoryCounters;
memoryCounters.cb = sizeof(PROCESS_MEMORY_COUNTERS_EX);
if(!GetProcessMemoryInfo(fdProcessInfo->hProcess, (PPROCESS_MEMORY_COUNTERS)&memoryCounters, sizeof(PROCESS_MEMORY_COUNTERS_EX)))
return 0;
return memoryCounters.PrivateUsage;
}
static DWORD WINAPI memMapThread(void* ptr)
{
while(true)
{
while(!DbgIsDebugging())
Sleep(1);
const SIZE_T PrivateUsage=getprivateusage(fdProcessInfo->hProcess);
if(cachePrivateUsage != PrivateUsage && !dbgisrunning()) //update the memory map when
{
cachePrivateUsage = PrivateUsage;
memupdatemap(fdProcessInfo->hProcess);
}
Sleep(1000);
}
return 0;
}
void dbginit()
{
exceptionNames.insert(std::make_pair(0x40000005, "STATUS_SEGMENT_NOTIFICATION"));
@ -107,6 +135,7 @@ void dbginit()
exceptionNames.insert(std::make_pair(0x04242420, "CLRDBG_NOTIFICATION_EXCEPTION_CODE"));
exceptionNames.insert(std::make_pair(0xE0434352, "CLR_EXCEPTION"));
exceptionNames.insert(std::make_pair(0xE06D7363, "CPP_EH_EXCEPTION"));
CloseHandle(CreateThread(0, 0, memMapThread, 0, 0, 0));
}
void dbgdisablebpx()
@ -189,10 +218,10 @@ DWORD WINAPI updateCallStackThread(void* ptr)
void DebugUpdateGui(uint disasm_addr, bool stack)
{
uint cip=GetContextData(UE_CIP);
uint cip=GetContextDataEx(hActiveThread, UE_CIP);
if(memisvalidreadptr(fdProcessInfo->hProcess, disasm_addr))
GuiDisasmAt(disasm_addr, cip);
uint csp=GetContextData(UE_CSP);
uint csp=GetContextDataEx(hActiveThread, UE_CSP);
if(stack)
GuiStackDumpAt(csp, csp);
static uint cacheCsp=0;
@ -208,18 +237,19 @@ void DebugUpdateGui(uint disasm_addr, bool stack)
else
sprintf(modtext, "Module: %s - ", modname);
char title[1024]="";
sprintf(title, "File: %s - PID: %X - %sThread: %X", szBaseFileName, fdProcessInfo->dwProcessId, modtext, ((DEBUG_EVENT*)GetDebugData())->dwThreadId);
sprintf(title, "File: %s - PID: %X - %sThread: %X", szBaseFileName, fdProcessInfo->dwProcessId, modtext, threadgetid(hActiveThread));
GuiUpdateWindowTitle(title);
GuiUpdateAllViews();
}
static void cbUserBreakpoint()
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
BREAKPOINT bp;
BRIDGEBP pluginBp;
PLUG_CB_BREAKPOINT bpInfo;
bpInfo.breakpoint=0;
if(!bpget(GetContextData(UE_CIP), BPNORMAL, 0, &bp) and bp.enabled)
if(!bpget(GetContextDataEx(hActiveThread, UE_CIP), BPNORMAL, 0, &bp) and bp.enabled)
dputs("breakpoint reached not in list!");
else
{
@ -249,7 +279,7 @@ static void cbUserBreakpoint()
bptobridge(&bp, &pluginBp);
bpInfo.breakpoint=&pluginBp;
}
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -264,7 +294,8 @@ static void cbUserBreakpoint()
static void cbHardwareBreakpoint(void* ExceptionAddress)
{
uint cip=GetContextData(UE_CIP);
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
uint cip=GetContextDataEx(hActiveThread, UE_CIP);
BREAKPOINT bp;
BRIDGEBP pluginBp;
PLUG_CB_BREAKPOINT bpInfo;
@ -338,7 +369,8 @@ static void cbHardwareBreakpoint(void* ExceptionAddress)
static void cbMemoryBreakpoint(void* ExceptionAddress)
{
uint cip=GetContextData(UE_CIP);
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
uint cip=GetContextDataEx(hActiveThread, UE_CIP);
uint size;
uint base=memfindbaseaddr((uint)ExceptionAddress, &size, true);
BREAKPOINT bp;
@ -527,8 +559,9 @@ static bool cbRemoveModuleBreakpoints(const BREAKPOINT* bp)
static void cbStep()
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
isStepping=false;
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
PLUG_CB_STEPPED stepInfo;
stepInfo.reserved=0;
@ -545,7 +578,8 @@ static void cbStep()
static void cbRtrFinalStep()
{
DebugUpdateGui(GetContextData(UE_CIP), true);
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -560,7 +594,7 @@ static void cbRtrFinalStep()
static unsigned char getCIPch()
{
unsigned char ch=0x90;
uint cip=GetContextData(UE_CIP);
uint cip=GetContextDataEx(hActiveThread, UE_CIP);
memread(fdProcessInfo->hProcess, (void*)cip, &ch, 1, 0);
return ch;
}
@ -611,6 +645,7 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
modInfo.SizeOfStruct=sizeof(modInfo);
if(SymGetModuleInfo64(fdProcessInfo->hProcess, (DWORD64)base, &modInfo))
modload((uint)base, modInfo.ImageSize, modInfo.ImageName);
cachePrivateUsage=getprivateusage(fdProcessInfo->hProcess);
memupdatemap(fdProcessInfo->hProcess); //update memory map
char modname[256]="";
if(modnamefromaddr((uint)base, modname, true))
@ -680,6 +715,7 @@ static void cbCreateThread(CREATE_THREAD_DEBUG_INFO* CreateThread)
{
threadcreate(CreateThread); //update thread list
DWORD dwThreadId=((DEBUG_EVENT*)GetDebugData())->dwThreadId;
hActiveThread=threadgethandle(dwThreadId);
if(settingboolget("Events", "ThreadEntry"))
{
@ -697,9 +733,10 @@ static void cbCreateThread(CREATE_THREAD_DEBUG_INFO* CreateThread)
if(settingboolget("Events", "ThreadStart"))
{
cachePrivateUsage=getprivateusage(fdProcessInfo->hProcess);
memupdatemap(fdProcessInfo->hProcess); //update memory map
//update GUI
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -713,6 +750,7 @@ static void cbCreateThread(CREATE_THREAD_DEBUG_INFO* CreateThread)
static void cbExitThread(EXIT_THREAD_DEBUG_INFO* ExitThread)
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
DWORD dwThreadId=((DEBUG_EVENT*)GetDebugData())->dwThreadId;
PLUG_CB_EXITTHREAD callbackInfo;
callbackInfo.ExitThread=ExitThread;
@ -724,7 +762,7 @@ static void cbExitThread(EXIT_THREAD_DEBUG_INFO* ExitThread)
if(settingboolget("Events", "ThreadEnd"))
{
//update GUI
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -738,10 +776,11 @@ static void cbExitThread(EXIT_THREAD_DEBUG_INFO* ExitThread)
static void cbSystemBreakpoint(void* ExceptionData)
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
//log message
dputs("system breakpoint reached!");
bSkipExceptions=false; //we are not skipping first-chance exceptions
uint cip=GetContextData(UE_CIP);
uint cip=GetContextDataEx(hActiveThread, UE_CIP);
GuiDumpAt(memfindbaseaddr(cip, 0, true)); //dump somewhere
//plugin callbacks
@ -766,6 +805,7 @@ static void cbSystemBreakpoint(void* ExceptionData)
static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
void* base=LoadDll->lpBaseOfDll;
char DLLDebugFileName[deflen]="";
if(!GetFileNameFromHandle(LoadDll->hFile, DLLDebugFileName))
@ -779,6 +819,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
modInfo.SizeOfStruct=sizeof(IMAGEHLP_MODULE64);
if(SymGetModuleInfo64(fdProcessInfo->hProcess, (DWORD64)base, &modInfo))
modload((uint)base, modInfo.ImageSize, modInfo.ImageName);
cachePrivateUsage=getprivateusage(fdProcessInfo->hProcess);
memupdatemap(fdProcessInfo->hProcess); //update memory map
char modname[256]="";
if(modnamefromaddr((uint)base, modname, true))
@ -822,7 +863,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
{
bBreakOnNextDll=false;
//update GUI
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -836,6 +877,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
PLUG_CB_UNLOADDLL callbackInfo;
callbackInfo.UnloadDll=UnloadDll;
plugincbcall(CB_UNLOADDLL, &callbackInfo);
@ -852,7 +894,7 @@ static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
{
bBreakOnNextDll=false;
//update GUI
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -868,6 +910,7 @@ static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
PLUG_CB_OUTPUTDEBUGSTRING callbackInfo;
callbackInfo.DebugString=DebugString;
plugincbcall(CB_OUTPUTDEBUGSTRING, &callbackInfo);
@ -927,7 +970,7 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
if(settingboolget("Events", "DebugStrings"))
{
//update GUI
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -941,6 +984,7 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
{
hActiveThread=threadgethandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
PLUG_CB_EXCEPTION callbackInfo;
callbackInfo.Exception=ExceptionData;
unsigned int ExceptionCode=ExceptionData->ExceptionRecord.ExceptionCode;
@ -965,7 +1009,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
{
dputs("paused!");
SetNextDbgContinueStatus(DBG_CONTINUE);
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -978,7 +1022,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
wait(WAITID_RUN);
return;
}
SetContextData(UE_CIP, (uint)ExceptionData->ExceptionRecord.ExceptionAddress);
SetContextDataEx(hActiveThread, UE_CIP, (uint)ExceptionData->ExceptionRecord.ExceptionAddress);
}
else if(ExceptionData->ExceptionRecord.ExceptionCode==0x406D1388) //SetThreadName exception
{
@ -1064,7 +1108,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
SetNextDbgContinueStatus(DBG_CONTINUE);
}
DebugUpdateGui(GetContextData(UE_CIP), true);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
@ -1129,6 +1173,7 @@ static DWORD WINAPI threadDebugLoop(void* lpParameter)
varset("$hp", (uint)fdProcessInfo->hProcess, true);
varset("$pid", fdProcessInfo->dwProcessId, true);
ecount=0;
cachePrivateUsage=0;
//NOTE: set custom handlers
SetCustomHandler(UE_CH_CREATEPROCESS, (void*)cbCreateProcess);
SetCustomHandler(UE_CH_EXITPROCESS, (void*)cbExitProcess);
@ -1633,10 +1678,10 @@ CMDRESULT cbDebugHide(int argc, char* argv[])
CMDRESULT cbDebugDisasm(int argc, char* argv[])
{
char arg1[deflen]="";
uint addr=GetContextData(UE_CIP);
uint addr=GetContextDataEx(hActiveThread, UE_CIP);
if(argget(*argv, arg1, 0, true))
if(!valfromstring(arg1, &addr))
addr=GetContextData(UE_CIP);
addr=GetContextDataEx(hActiveThread, UE_CIP);
if(!memisvalidreadptr(fdProcessInfo->hProcess, addr))
return STATUS_CONTINUE;
DebugUpdateGui(addr, false);
@ -1923,6 +1968,8 @@ CMDRESULT cbDebugAlloc(int argc, char* argv[])
dprintf(fhex"\n", mem);
if(mem)
varset("$lastalloc", mem, true);
cachePrivateUsage=getprivateusage(fdProcessInfo->hProcess);
memupdatemap(fdProcessInfo->hProcess);
varset("$res", mem, false);
return STATUS_CONTINUE;
}
@ -1948,6 +1995,8 @@ CMDRESULT cbDebugFree(int argc, char* argv[])
bool ok=!!VirtualFreeEx(fdProcessInfo->hProcess, (void*)addr, 0, MEM_RELEASE);
if(!ok)
dputs("VirtualFreeEx failed");
cachePrivateUsage=getprivateusage(fdProcessInfo->hProcess);
memupdatemap(fdProcessInfo->hProcess);
varset("$res", ok, false);
return STATUS_CONTINUE;
}
@ -1992,7 +2041,7 @@ CMDRESULT cbDebugMemset(int argc, char* argv[])
CMDRESULT cbBenchmark(int argc, char* argv[])
{
uint addr=memfindbaseaddr(GetContextData(UE_CIP), 0);
uint addr=memfindbaseaddr(GetContextDataEx(hActiveThread, UE_CIP), 0);
DWORD ticks=GetTickCount();
char comment[MAX_COMMENT_SIZE]="";
for(uint i=addr; i<addr+100000; i++)
@ -2091,6 +2140,7 @@ static DWORD WINAPI threadAttachLoop(void* lpParameter)
bFileIsDll=IsFileDLL(szFileName, 0);
GuiAddRecentFile(szFileName);
ecount=0;
cachePrivateUsage=0;
//NOTE: set custom handlers
SetCustomHandler(UE_CH_CREATEPROCESS, (void*)cbCreateProcess);
SetCustomHandler(UE_CH_EXITPROCESS, (void*)cbExitProcess);
@ -2237,13 +2287,13 @@ CMDRESULT cbDebugStackDump(int argc, char* argv[])
{
duint addr=0;
if(argc<2)
addr=GetContextData(UE_CSP);
addr=GetContextDataEx(hActiveThread, UE_CSP);
else if(!valfromstring(argv[1], &addr))
{
dprintf("invalid address \"%s\"!\n", argv[1]);
return STATUS_ERROR;
}
duint csp=GetContextData(UE_CSP);
duint csp=GetContextDataEx(hActiveThread, UE_CSP);
duint size=0;
duint base=memfindbaseaddr(csp, &size);
if(base && addr>=base && addr<(base+size))
@ -2311,3 +2361,20 @@ CMDRESULT cbBcDll(int argc, char* argv[])
dputs("dll breakpoint removed!");
return STATUS_CONTINUE;
}
CMDRESULT cbDebugSwitchthread(int argc, char* argv[])
{
uint threadid=fdProcessInfo->dwThreadId; //main thread
if(argc>1)
if(!valfromstring(argv[1], &threadid, false))
return STATUS_ERROR;
if(!threadisvalid((DWORD)threadid)) //check if the thread is valid
{
dprintf("invalid thread %X\n", threadid);
return STATUS_ERROR;
}
//switch thread
hActiveThread=threadgethandle((DWORD)threadid);
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), true);
return STATUS_CONTINUE;
}

3
x64_dbg_dbg/debugger.h
View File

@ -82,9 +82,10 @@ CMDRESULT cbDebugStackDump(int argc, char* argv[]);
CMDRESULT cbDebugContinue(int argc, char* argv[]);
CMDRESULT cbBpDll(int argc, char* argv[]);
CMDRESULT cbBcDll(int argc, char* argv[]);
CMDRESULT cbDebugSwitchthread(int argc, char* argv[]);
//variables
extern PROCESS_INFORMATION* fdProcessInfo;
extern BREAKPOINT* bplist;
extern HANDLE hActiveThread;
#endif // _DEBUGGER_H

18
x64_dbg_dbg/instruction.cpp
View File

@ -794,7 +794,7 @@ CMDRESULT cbInstrRefFind(int argc, char* argv[])
return STATUS_ERROR;
uint addr=0;
if(argc<3 or !valfromstring(argv[2], &addr))
addr=GetContextData(UE_CIP);
addr=GetContextDataEx(hActiveThread, UE_CIP);
uint size=0;
if(argc>=4)
if(!valfromstring(argv[3], &size))
@ -859,7 +859,7 @@ CMDRESULT cbInstrRefStr(int argc, char* argv[])
{
uint addr;
if(argc<2 or !valfromstring(argv[1], &addr, true))
addr=GetContextData(UE_CIP);
addr=GetContextDataEx(hActiveThread, UE_CIP);
uint size=0;
if(argc>=3)
if(!valfromstring(argv[2], &size, true))
@ -1174,7 +1174,7 @@ CMDRESULT cbInstrModCallFind(int argc, char* argv[])
{
uint addr;
if(argc<2 or !valfromstring(argv[1], &addr, true))
addr=GetContextData(UE_CIP);
addr=GetContextDataEx(hActiveThread, UE_CIP);
uint size=0;
if(argc>=3)
if(!valfromstring(argv[2], &size, true))
@ -1384,4 +1384,16 @@ CMDRESULT cbInstrLoopList(int argc, char* argv[])
dprintf("%d loop(s) listed in Reference View\n", count);
GuiReferenceReloadData();
return STATUS_CONTINUE;
}
CMDRESULT cbInstrSleep(int argc, char* argv[])
{
uint ms=100;
if(argc>1)
if(!valfromstring(argv[1], &ms, false))
return STATUS_ERROR;
if(ms>=0xFFFFFFFF)
ms=100;
Sleep((DWORD)ms);
return STATUS_CONTINUE;
}

1
x64_dbg_dbg/instruction.h
View File

@ -59,5 +59,6 @@ CMDRESULT cbInstrLabelList(int argc, char* argv[]);
CMDRESULT cbInstrBookmarkList(int argc, char* argv[]);
CMDRESULT cbInstrFunctionList(int argc, char* argv[]);
CMDRESULT cbInstrLoopList(int argc, char* argv[]);
CMDRESULT cbInstrSleep(int argc, char* argv[]);
#endif // _INSTRUCTIONS_H

37
x64_dbg_dbg/plugin_loader.cpp
View File

@ -53,6 +53,31 @@ void pluginload(const char* pluginDir)
pluginData.plugsetup=(PLUGSETUP)GetProcAddress(pluginData.hPlugin, "plugsetup");
//auto-register callbacks for certain export names
CBPLUGIN cbPlugin;
cbPlugin=(CBPLUGIN)GetProcAddress(pluginData.hPlugin, "CBALLEVENTS");
if(cbPlugin)
{
pluginregistercallback(curPluginHandle, CB_INITDEBUG, cbPlugin);
pluginregistercallback(curPluginHandle, CB_STOPDEBUG, cbPlugin);
pluginregistercallback(curPluginHandle, CB_CREATEPROCESS, cbPlugin);
pluginregistercallback(curPluginHandle, CB_EXITPROCESS, cbPlugin);
pluginregistercallback(curPluginHandle, CB_CREATETHREAD, cbPlugin);
pluginregistercallback(curPluginHandle, CB_EXITTHREAD, cbPlugin);
pluginregistercallback(curPluginHandle, CB_SYSTEMBREAKPOINT, cbPlugin);
pluginregistercallback(curPluginHandle, CB_LOADDLL, cbPlugin);
pluginregistercallback(curPluginHandle, CB_UNLOADDLL, cbPlugin);
pluginregistercallback(curPluginHandle, CB_OUTPUTDEBUGSTRING, cbPlugin);
pluginregistercallback(curPluginHandle, CB_EXCEPTION, cbPlugin);
pluginregistercallback(curPluginHandle, CB_BREAKPOINT, cbPlugin);
pluginregistercallback(curPluginHandle, CB_PAUSEDEBUG, cbPlugin);
pluginregistercallback(curPluginHandle, CB_RESUMEDEBUG, cbPlugin);
pluginregistercallback(curPluginHandle, CB_STEPPED, cbPlugin);
pluginregistercallback(curPluginHandle, CB_ATTACH, cbPlugin);
pluginregistercallback(curPluginHandle, CB_DETACH, cbPlugin);
pluginregistercallback(curPluginHandle, CB_DEBUGEVENT, cbPlugin);
pluginregistercallback(curPluginHandle, CB_MENUENTRY, cbPlugin);
pluginregistercallback(curPluginHandle, CB_WINEVENT, cbPlugin);
pluginregistercallback(curPluginHandle, CB_WINEVENTGLOBAL, cbPlugin);
}
cbPlugin=(CBPLUGIN)GetProcAddress(pluginData.hPlugin, "CBINITDEBUG");
if(cbPlugin)
pluginregistercallback(curPluginHandle, CB_INITDEBUG, cbPlugin);
@ -113,6 +138,9 @@ void pluginload(const char* pluginDir)
cbPlugin=(CBPLUGIN)GetProcAddress(pluginData.hPlugin, "CBWINEVENT");
if(cbPlugin)
pluginregistercallback(curPluginHandle, CB_WINEVENT, cbPlugin);
cbPlugin=(CBPLUGIN)GetProcAddress(pluginData.hPlugin, "CBWINEVENTGLOBAL");
if(cbPlugin)
pluginregistercallback(curPluginHandle, CB_WINEVENTGLOBAL, cbPlugin);
//init plugin
//TODO: handle exceptions
if(!pluginData.pluginit(&pluginData.initStruct))
@ -382,4 +410,13 @@ bool pluginwinevent(MSG* message, long* result)
winevent.retval=false;
plugincbcall(CB_WINEVENT, &winevent);
return winevent.retval;
}
bool pluginwineventglobal(MSG* message)
{
PLUG_CB_WINEVENTGLOBAL winevent;
winevent.message=message;
winevent.retval=false;
plugincbcall(CB_WINEVENTGLOBAL, &winevent);
return winevent.retval;
}

1
x64_dbg_dbg/plugin_loader.h
View File

@ -54,5 +54,6 @@ bool pluginmenuaddseparator(int hMenu);
bool pluginmenuclear(int hMenu);
void pluginmenucall(int hEntry);
bool pluginwinevent(MSG* message, long* result);
bool pluginwineventglobal(MSG* message);
#endif // _PLUGIN_LOADER_H

4
x64_dbg_dbg/stackinfo.cpp
View File

@ -121,8 +121,10 @@ void stackgetcallstack(uint csp, CALLSTACK* callstack)
return;
std::vector<CALLSTACKENTRY> callstackVector;
DWORD ticks=GetTickCount();
uint stacksize;
uint stacksize=0;
uint stackbase=memfindbaseaddr(csp, &stacksize, false);
if(!stackbase) //super-fail (invalid stack address)
return;
//walk up the stack
uint i=csp;
while(i!=stackbase+stacksize)

18
x64_dbg_dbg/thread.cpp
View File

@ -64,7 +64,7 @@ void threadgetlist(THREADLIST* list)
list->list=(THREADALLINFO*)BridgeAlloc(count*sizeof(THREADALLINFO));
for(int i=0; i<count; i++)
{
if(((DEBUG_EVENT*)GetDebugData())->dwThreadId==threadList.at(i).dwThreadId)
if(hActiveThread==threadList.at(i).hThread)
currentThread=i;
memset(&list->list[i], 0, sizeof(THREADALLINFO));
memcpy(&list->list[i].BasicInfo, &threadList.at(i), sizeof(THREADINFO));
@ -98,4 +98,20 @@ bool threadsetname(DWORD dwThreadId, const char* name)
*threadList.at(i).threadName='\0';
}
return false;
}
HANDLE threadgethandle(DWORD dwThreadId)
{
for(unsigned int i=0; i<threadList.size(); i++)
if(threadList.at(i).dwThreadId==dwThreadId)
return threadList.at(i).hThread;
return 0;
}
DWORD threadgetid(HANDLE hThread)
{
for(unsigned int i=0; i<threadList.size(); i++)
if(threadList.at(i).hThread==hThread)
return threadList.at(i).dwThreadId;
return 0;
}

2
x64_dbg_dbg/thread.h
View File

@ -11,5 +11,7 @@ void threadclear();
void threadgetlist(THREADLIST* list);
bool threadisvalid(DWORD dwThreadId);
bool threadsetname(DWORD dwTHreadId, const char* name);
HANDLE threadgethandle(DWORD dwThreadId);
DWORD threadgetid(HANDLE hThread);
#endif //_THREAD_H

386
x64_dbg_dbg/value.cpp
View File

@ -294,7 +294,7 @@ bool valflagfromstring(uint eflags, const char* string)
static bool setflag(const char* string, bool set)
{
uint eflags=GetContextData(UE_CFLAGS);
uint eflags=GetContextDataEx(hActiveThread, UE_CFLAGS);
uint xorval=0;
uint flag=0;
if(scmp(string, "cf"))
@ -331,7 +331,7 @@ static bool setflag(const char* string, bool set)
xorval=flag;
else if(set)
xorval=flag;
return SetContextData(UE_CFLAGS, eflags^xorval);
return SetContextDataEx(hActiveThread, UE_CFLAGS, eflags^xorval);
}
static uint getregister(int* size, const char* string)
@ -340,115 +340,115 @@ static uint getregister(int* size, const char* string)
*size=4;
if(scmp(string, "eax"))
{
return GetContextData(UE_EAX);
return GetContextDataEx(hActiveThread, UE_EAX);
}
if(scmp(string, "ebx"))
{
return GetContextData(UE_EBX);
return GetContextDataEx(hActiveThread, UE_EBX);
}
if(scmp(string, "ecx"))
{
return GetContextData(UE_ECX);
return GetContextDataEx(hActiveThread, UE_ECX);
}
if(scmp(string, "edx"))
{
return GetContextData(UE_EDX);
return GetContextDataEx(hActiveThread, UE_EDX);
}
if(scmp(string, "edi"))
{
return GetContextData(UE_EDI);
return GetContextDataEx(hActiveThread, UE_EDI);
}
if(scmp(string, "esi"))
{
return GetContextData(UE_ESI);
return GetContextDataEx(hActiveThread, UE_ESI);
}
if(scmp(string, "ebp"))
{
return GetContextData(UE_EBP);
return GetContextDataEx(hActiveThread, UE_EBP);
}
if(scmp(string, "esp"))
{
return GetContextData(UE_ESP);
return GetContextDataEx(hActiveThread, UE_ESP);
}
if(scmp(string, "eip"))
{
return GetContextData(UE_EIP);
return GetContextDataEx(hActiveThread, UE_EIP);
}
if(scmp(string, "eflags"))
{
return GetContextData(UE_EFLAGS);
return GetContextDataEx(hActiveThread, UE_EFLAGS);
}
if(scmp(string, "gs"))
{
return GetContextData(UE_SEG_GS);
return GetContextDataEx(hActiveThread, UE_SEG_GS);
}
if(scmp(string, "fs"))
{
return GetContextData(UE_SEG_FS);
return GetContextDataEx(hActiveThread, UE_SEG_FS);
}
if(scmp(string, "es"))
{
return GetContextData(UE_SEG_ES);
return GetContextDataEx(hActiveThread, UE_SEG_ES);
}
if(scmp(string, "ds"))
{
return GetContextData(UE_SEG_DS);
return GetContextDataEx(hActiveThread, UE_SEG_DS);
}
if(scmp(string, "cs"))
{
return GetContextData(UE_SEG_CS);
return GetContextDataEx(hActiveThread, UE_SEG_CS);
}
if(scmp(string, "ss"))
{
return GetContextData(UE_SEG_SS);
return GetContextDataEx(hActiveThread, UE_SEG_SS);
}
if(size)
*size=2;
if(scmp(string, "ax"))
{
uint val=GetContextData(UE_EAX);
uint val=GetContextDataEx(hActiveThread, UE_EAX);
return val&0xFFFF;
}
if(scmp(string, "bx"))
{
uint val=GetContextData(UE_EBX);
uint val=GetContextDataEx(hActiveThread, UE_EBX);
return val&0xFFFF;
}
if(scmp(string, "cx"))
{
uint val=GetContextData(UE_ECX);
uint val=GetContextDataEx(hActiveThread, UE_ECX);
return val&0xFFFF;
}
if(scmp(string, "dx"))
{
uint val=GetContextData(UE_EDX);
uint val=GetContextDataEx(hActiveThread, UE_EDX);
return val&0xFFFF;
}
if(scmp(string, "si"))
{
uint val=GetContextData(UE_ESI);
uint val=GetContextDataEx(hActiveThread, UE_ESI);
return val&0xFFFF;
}
if(scmp(string, "di"))
{
uint val=GetContextData(UE_EDI);
uint val=GetContextDataEx(hActiveThread, UE_EDI);
return val&0xFFFF;
}
if(scmp(string, "bp"))
{
uint val=GetContextData(UE_EBP);
uint val=GetContextDataEx(hActiveThread, UE_EBP);
return val&0xFFFF;
}
if(scmp(string, "sp"))
{
uint val=GetContextData(UE_ESP);
uint val=GetContextDataEx(hActiveThread, UE_ESP);
return val&0xFFFF;
}
if(scmp(string, "ip"))
{
uint val=GetContextData(UE_EIP);
uint val=GetContextDataEx(hActiveThread, UE_EIP);
return val&0xFFFF;
}
@ -456,92 +456,92 @@ static uint getregister(int* size, const char* string)
*size=1;
if(scmp(string, "ah"))
{
uint val=GetContextData(UE_EAX);
uint val=GetContextDataEx(hActiveThread, UE_EAX);
return (val>>8)&0xFF;
}
if(scmp(string, "al"))
{
uint val=GetContextData(UE_EAX);
uint val=GetContextDataEx(hActiveThread, UE_EAX);
return val&0xFF;
}
if(scmp(string, "bh"))
{
uint val=GetContextData(UE_EBX);
uint val=GetContextDataEx(hActiveThread, UE_EBX);
return (val>>8)&0xFF;
}
if(scmp(string, "bl"))
{
uint val=GetContextData(UE_EBX);
uint val=GetContextDataEx(hActiveThread, UE_EBX);
return val&0xFF;
}
if(scmp(string, "ch"))
{
uint val=GetContextData(UE_ECX);
uint val=GetContextDataEx(hActiveThread, UE_ECX);
return (val>>8)&0xFF;
}
if(scmp(string, "cl"))
{
uint val=GetContextData(UE_ECX);
uint val=GetContextDataEx(hActiveThread, UE_ECX);
return val&0xFF;
}
if(scmp(string, "dh"))
{
uint val=GetContextData(UE_EDX);
uint val=GetContextDataEx(hActiveThread, UE_EDX);
return (val>>8)&0xFF;
}
if(scmp(string, "dl"))
{
uint val=GetContextData(UE_EDX);
uint val=GetContextDataEx(hActiveThread, UE_EDX);
return val&0xFF;
}
if(scmp(string, "sih"))
{
uint val=GetContextData(UE_ESI);
uint val=GetContextDataEx(hActiveThread, UE_ESI);
return (val>>8)&0xFF;
}
if(scmp(string, "sil"))
{
uint val=GetContextData(UE_ESI);
uint val=GetContextDataEx(hActiveThread, UE_ESI);
return val&0xFF;
}
if(scmp(string, "dih"))
{
uint val=GetContextData(UE_EDI);
uint val=GetContextDataEx(hActiveThread, UE_EDI);
return (val>>8)&0xFF;
}
if(scmp(string, "dil"))
{
uint val=GetContextData(UE_EDI);
uint val=GetContextDataEx(hActiveThread, UE_EDI);
return val&0xFF;
}
if(scmp(string, "bph"))
{
uint val=GetContextData(UE_EBP);
uint val=GetContextDataEx(hActiveThread, UE_EBP);
return (val>>8)&0xFF;
}
if(scmp(string, "bpl"))
{
uint val=GetContextData(UE_EBP);
uint val=GetContextDataEx(hActiveThread, UE_EBP);
return val&0xFF;
}
if(scmp(string, "sph"))
{
uint val=GetContextData(UE_ESP);
uint val=GetContextDataEx(hActiveThread, UE_ESP);
return (val>>8)&0xFF;
}
if(scmp(string, "spl"))
{
uint val=GetContextData(UE_ESP);
uint val=GetContextDataEx(hActiveThread, UE_ESP);
return val&0xFF;
}
if(scmp(string, "iph"))
{
uint val=GetContextData(UE_EIP);
uint val=GetContextDataEx(hActiveThread, UE_EIP);
return (val>>8)&0xFF;
}
if(scmp(string, "ipl"))
{
uint val=GetContextData(UE_EIP);
uint val=GetContextDataEx(hActiveThread, UE_EIP);
return val&0xFF;
}
@ -549,40 +549,40 @@ static uint getregister(int* size, const char* string)
*size=sizeof(uint);
if(scmp(string, "dr0"))
{
return GetContextData(UE_DR0);
return GetContextDataEx(hActiveThread, UE_DR0);
}
if(scmp(string, "dr1"))
{
return GetContextData(UE_DR1);
return GetContextDataEx(hActiveThread, UE_DR1);
}
if(scmp(string, "dr2"))
{
return GetContextData(UE_DR2);
return GetContextDataEx(hActiveThread, UE_DR2);
}
if(scmp(string, "dr3"))
{
return GetContextData(UE_DR3);
return GetContextDataEx(hActiveThread, UE_DR3);
}
if(scmp(string, "dr6") or scmp(string, "dr4"))
{
return GetContextData(UE_DR6);
return GetContextDataEx(hActiveThread, UE_DR6);
}
if(scmp(string, "dr7") or scmp(string, "dr5"))
{
return GetContextData(UE_DR7);
return GetContextDataEx(hActiveThread, UE_DR7);
}
if(scmp(string, "cip"))
{
return GetContextData(UE_CIP);
return GetContextDataEx(hActiveThread, UE_CIP);
}
if(scmp(string, "csp"))
{
return GetContextData(UE_CSP);
return GetContextDataEx(hActiveThread, UE_CSP);
}
if(scmp(string, "cflags"))
{
return GetContextData(UE_CFLAGS);
return GetContextDataEx(hActiveThread, UE_CFLAGS);
}
#ifdef _WIN64
@ -590,180 +590,180 @@ static uint getregister(int* size, const char* string)
*size=8;
if(scmp(string, "rax"))
{
return GetContextData(UE_RAX);
return GetContextDataEx(hActiveThread, UE_RAX);
}
if(scmp(string, "rbx"))
{
return GetContextData(UE_RBX);
return GetContextDataEx(hActiveThread, UE_RBX);
}
if(scmp(string, "rcx"))
{
return GetContextData(UE_RCX);
return GetContextDataEx(hActiveThread, UE_RCX);
}
if(scmp(string, "rdx"))
{
return GetContextData(UE_RDX);
return GetContextDataEx(hActiveThread, UE_RDX);
}
if(scmp(string, "rdi"))
{
return GetContextData(UE_RDI);
return GetContextDataEx(hActiveThread, UE_RDI);
}
if(scmp(string, "rsi"))
{
return GetContextData(UE_RSI);
return GetContextDataEx(hActiveThread, UE_RSI);
}
if(scmp(string, "rbp"))
{
return GetContextData(UE_RBP);
return GetContextDataEx(hActiveThread, UE_RBP);
}
if(scmp(string, "rsp"))
{
return GetContextData(UE_RSP);
return GetContextDataEx(hActiveThread, UE_RSP);
}
if(scmp(string, "rip"))
{
return GetContextData(UE_RIP);
return GetContextDataEx(hActiveThread, UE_RIP);
}
if(scmp(string, "rflags"))
{
return GetContextData(UE_RFLAGS);
return GetContextDataEx(hActiveThread, UE_RFLAGS);
}
if(scmp(string, "r8"))
{
return GetContextData(UE_R8);
return GetContextDataEx(hActiveThread, UE_R8);
}
if(scmp(string, "r9"))
{
return GetContextData(UE_R9);
return GetContextDataEx(hActiveThread, UE_R9);
}
if(scmp(string, "r10"))
{
return GetContextData(UE_R10);
return GetContextDataEx(hActiveThread, UE_R10);
}
if(scmp(string, "r11"))
{
return GetContextData(UE_R11);
return GetContextDataEx(hActiveThread, UE_R11);
}
if(scmp(string, "r12"))
{
return GetContextData(UE_R12);
return GetContextDataEx(hActiveThread, UE_R12);
}
if(scmp(string, "r13"))
{
return GetContextData(UE_R13);
return GetContextDataEx(hActiveThread, UE_R13);
}
if(scmp(string, "r14"))
{
return GetContextData(UE_R14);
return GetContextDataEx(hActiveThread, UE_R14);
}
if(scmp(string, "r15"))
{
return GetContextData(UE_R15);
return GetContextDataEx(hActiveThread, UE_R15);
}
if(size)
*size=4;
if(scmp(string, "r8d"))
{
return GetContextData(UE_R8)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R8)&0xFFFFFFFF;
}
if(scmp(string, "r9d"))
{
return GetContextData(UE_R9)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R9)&0xFFFFFFFF;
}
if(scmp(string, "r10d"))
{
return GetContextData(UE_R10)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R10)&0xFFFFFFFF;
}
if(scmp(string, "r11d"))
{
return GetContextData(UE_R11)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R11)&0xFFFFFFFF;
}
if(scmp(string, "r12d"))
{
return GetContextData(UE_R12)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R12)&0xFFFFFFFF;
}
if(scmp(string, "r13d"))
{
return GetContextData(UE_R13)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R13)&0xFFFFFFFF;
}
if(scmp(string, "r14d"))
{
return GetContextData(UE_R14)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R14)&0xFFFFFFFF;
}
if(scmp(string, "r15d"))
{
return GetContextData(UE_R15)&0xFFFFFFFF;
return GetContextDataEx(hActiveThread, UE_R15)&0xFFFFFFFF;
}
if(size)
*size=2;
if(scmp(string, "r8w"))
{
return GetContextData(UE_R8)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R8)&0xFFFF;
}
if(scmp(string, "r9w"))
{
return GetContextData(UE_R9)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R9)&0xFFFF;
}
if(scmp(string, "r10w"))
{
return GetContextData(UE_R10)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R10)&0xFFFF;
}
if(scmp(string, "r11w"))
{
return GetContextData(UE_R11)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R11)&0xFFFF;
}
if(scmp(string, "r12w"))
{
return GetContextData(UE_R12)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R12)&0xFFFF;
}
if(scmp(string, "r13w"))
{
return GetContextData(UE_R13)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R13)&0xFFFF;
}
if(scmp(string, "r14w"))
{
return GetContextData(UE_R14)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R14)&0xFFFF;
}
if(scmp(string, "r15w"))
{
return GetContextData(UE_R15)&0xFFFF;
return GetContextDataEx(hActiveThread, UE_R15)&0xFFFF;
}
if(size)
*size=1;
if(scmp(string, "r8b"))
{
return GetContextData(UE_R8)&0xFF;
return GetContextDataEx(hActiveThread, UE_R8)&0xFF;
}
if(scmp(string, "r9b"))
{
return GetContextData(UE_R9)&0xFF;
return GetContextDataEx(hActiveThread, UE_R9)&0xFF;
}
if(scmp(string, "r10b"))
{
return GetContextData(UE_R10)&0xFF;
return GetContextDataEx(hActiveThread, UE_R10)&0xFF;
}
if(scmp(string, "r11b"))
{
return GetContextData(UE_R11)&0xFF;
return GetContextDataEx(hActiveThread, UE_R11)&0xFF;
}
if(scmp(string, "r12b"))
{
return GetContextData(UE_R12)&0xFF;
return GetContextDataEx(hActiveThread, UE_R12)&0xFF;
}
if(scmp(string, "r13b"))
{
return GetContextData(UE_R13)&0xFF;
return GetContextDataEx(hActiveThread, UE_R13)&0xFF;
}
if(scmp(string, "r14b"))
{
return GetContextData(UE_R14)&0xFF;
return GetContextDataEx(hActiveThread, UE_R14)&0xFF;
}
if(scmp(string, "r15b"))
{
return GetContextData(UE_R15)&0xFF;
return GetContextDataEx(hActiveThread, UE_R15)&0xFF;
}
#endif //_WIN64
@ -775,202 +775,202 @@ static uint getregister(int* size, const char* string)
static bool setregister(const char* string, uint value)
{
if(scmp(string, "eax"))
return SetContextData(UE_EAX, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EAX, value&0xFFFFFFFF);
if(scmp(string, "ebx"))
return SetContextData(UE_EBX, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EBX, value&0xFFFFFFFF);
if(scmp(string, "ecx"))
return SetContextData(UE_ECX, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_ECX, value&0xFFFFFFFF);
if(scmp(string, "edx"))
return SetContextData(UE_EDX, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EDX, value&0xFFFFFFFF);
if(scmp(string, "edi"))
return SetContextData(UE_EDI, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EDI, value&0xFFFFFFFF);
if(scmp(string, "esi"))
return SetContextData(UE_ESI, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_ESI, value&0xFFFFFFFF);
if(scmp(string, "ebp"))
return SetContextData(UE_EBP, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EBP, value&0xFFFFFFFF);
if(scmp(string, "esp"))
return SetContextData(UE_ESP, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_ESP, value&0xFFFFFFFF);
if(scmp(string, "eip"))
return SetContextData(UE_EIP, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EIP, value&0xFFFFFFFF);
if(scmp(string, "eflags"))
return SetContextData(UE_EFLAGS, value&0xFFFFFFFF);
return SetContextDataEx(hActiveThread, UE_EFLAGS, value&0xFFFFFFFF);
if(scmp(string, "gs"))
return SetContextData(UE_SEG_GS, value&0xFFFF);
return SetContextDataEx(hActiveThread, UE_SEG_GS, value&0xFFFF);
if(scmp(string, "fs"))
return SetContextData(UE_SEG_FS, value&0xFFFF);
return SetContextDataEx(hActiveThread, UE_SEG_FS, value&0xFFFF);
if(scmp(string, "es"))
return SetContextData(UE_SEG_ES, value&0xFFFF);
return SetContextDataEx(hActiveThread, UE_SEG_ES, value&0xFFFF);
if(scmp(string, "ds"))
return SetContextData(UE_SEG_DS, value&0xFFFF);
return SetContextDataEx(hActiveThread, UE_SEG_DS, value&0xFFFF);
if(scmp(string, "cs"))
return SetContextData(UE_SEG_CS, value&0xFFFF);
return SetContextDataEx(hActiveThread, UE_SEG_CS, value&0xFFFF);
if(scmp(string, "ss"))
return SetContextData(UE_SEG_SS, value&0xFFFF);
return SetContextDataEx(hActiveThread, UE_SEG_SS, value&0xFFFF);
if(scmp(string, "ax"))
return SetContextData(UE_EAX, (value&0xFFFF)|(GetContextData(UE_EAX)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_EAX, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_EAX)&0xFFFF0000));
if(scmp(string, "bx"))
return SetContextData(UE_EBX, (value&0xFFFF)|(GetContextData(UE_EBX)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_EBX, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_EBX)&0xFFFF0000));
if(scmp(string, "cx"))
return SetContextData(UE_ECX, (value&0xFFFF)|(GetContextData(UE_ECX)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_ECX, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_ECX)&0xFFFF0000));
if(scmp(string, "dx"))
return SetContextData(UE_EDX, (value&0xFFFF)|(GetContextData(UE_EDX)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_EDX, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_EDX)&0xFFFF0000));
if(scmp(string, "si"))
return SetContextData(UE_ESI, (value&0xFFFF)|(GetContextData(UE_ESI)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_ESI, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_ESI)&0xFFFF0000));
if(scmp(string, "di"))
return SetContextData(UE_EDI, (value&0xFFFF)|(GetContextData(UE_EDI)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_EDI, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_EDI)&0xFFFF0000));
if(scmp(string, "bp"))
return SetContextData(UE_EBP, (value&0xFFFF)|(GetContextData(UE_EBP)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_EBP, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_EBP)&0xFFFF0000));
if(scmp(string, "sp"))
return SetContextData(UE_ESP, (value&0xFFFF)|(GetContextData(UE_ESP)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_ESP, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_ESP)&0xFFFF0000));
if(scmp(string, "ip"))
return SetContextData(UE_EIP, (value&0xFFFF)|(GetContextData(UE_EIP)&0xFFFF0000));
return SetContextDataEx(hActiveThread, UE_EIP, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_EIP)&0xFFFF0000));
if(scmp(string, "ah"))
return SetContextData(UE_EAX, ((value&0xFF)<<8)|(GetContextData(UE_EAX)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_EAX, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_EAX)&0xFFFF00FF));
if(scmp(string, "al"))
return SetContextData(UE_EAX, (value&0xFF)|(GetContextData(UE_EAX)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_EAX, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_EAX)&0xFFFFFF00));
if(scmp(string, "bh"))
return SetContextData(UE_EBX, ((value&0xFF)<<8)|(GetContextData(UE_EBX)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_EBX, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_EBX)&0xFFFF00FF));
if(scmp(string, "bl"))
return SetContextData(UE_EBX, (value&0xFF)|(GetContextData(UE_EBX)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_EBX, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_EBX)&0xFFFFFF00));
if(scmp(string, "ch"))
return SetContextData(UE_ECX, ((value&0xFF)<<8)|(GetContextData(UE_ECX)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_ECX, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_ECX)&0xFFFF00FF));
if(scmp(string, "cl"))
return SetContextData(UE_ECX, (value&0xFF)|(GetContextData(UE_ECX)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_ECX, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_ECX)&0xFFFFFF00));
if(scmp(string, "dh"))
return SetContextData(UE_EDX, ((value&0xFF)<<8)|(GetContextData(UE_EDX)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_EDX, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_EDX)&0xFFFF00FF));
if(scmp(string, "dl"))
return SetContextData(UE_EDX, (value&0xFF)|(GetContextData(UE_EDX)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_EDX, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_EDX)&0xFFFFFF00));
if(scmp(string, "sih"))
return SetContextData(UE_ESI, ((value&0xFF)<<8)|(GetContextData(UE_ESI)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_ESI, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_ESI)&0xFFFF00FF));
if(scmp(string, "sil"))
return SetContextData(UE_ESI, (value&0xFF)|(GetContextData(UE_ESI)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_ESI, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_ESI)&0xFFFFFF00));
if(scmp(string, "dih"))
return SetContextData(UE_EDI, ((value&0xFF)<<8)|(GetContextData(UE_EDI)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_EDI, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_EDI)&0xFFFF00FF));
if(scmp(string, "dil"))
return SetContextData(UE_EDI, (value&0xFF)|(GetContextData(UE_EDI)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_EDI, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_EDI)&0xFFFFFF00));
if(scmp(string, "bph"))
return SetContextData(UE_EBP, ((value&0xFF)<<8)|(GetContextData(UE_EBP)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_EBP, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_EBP)&0xFFFF00FF));
if(scmp(string, "bpl"))
return SetContextData(UE_EBP, (value&0xFF)|(GetContextData(UE_EBP)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_EBP, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_EBP)&0xFFFFFF00));
if(scmp(string, "sph"))
return SetContextData(UE_ESP, ((value&0xFF)<<8)|(GetContextData(UE_ESP)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_ESP, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_ESP)&0xFFFF00FF));
if(scmp(string, "spl"))
return SetContextData(UE_ESP, (value&0xFF)|(GetContextData(UE_ESP)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_ESP, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_ESP)&0xFFFFFF00));
if(scmp(string, "iph"))
return SetContextData(UE_EIP, ((value&0xFF)<<8)|(GetContextData(UE_EIP)&0xFFFF00FF));
return SetContextDataEx(hActiveThread, UE_EIP, ((value&0xFF)<<8)|(GetContextDataEx(hActiveThread, UE_EIP)&0xFFFF00FF));
if(scmp(string, "ipl"))
return SetContextData(UE_EIP, (value&0xFF)|(GetContextData(UE_EIP)&0xFFFFFF00));
return SetContextDataEx(hActiveThread, UE_EIP, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_EIP)&0xFFFFFF00));
if(scmp(string, "dr0"))
return SetContextData(UE_DR0, value);
return SetContextDataEx(hActiveThread, UE_DR0, value);
if(scmp(string, "dr1"))
return SetContextData(UE_DR1, value);
return SetContextDataEx(hActiveThread, UE_DR1, value);
if(scmp(string, "dr2"))
return SetContextData(UE_DR2, value);
return SetContextDataEx(hActiveThread, UE_DR2, value);
if(scmp(string, "dr3"))
return SetContextData(UE_DR3, value);
return SetContextDataEx(hActiveThread, UE_DR3, value);
if(scmp(string, "dr6") or scmp(string, "dr4"))
return SetContextData(UE_DR6, value);
return SetContextDataEx(hActiveThread, UE_DR6, value);
if(scmp(string, "dr7") or scmp(string, "dr5"))
return SetContextData(UE_DR7, value);
return SetContextDataEx(hActiveThread, UE_DR7, value);
if(scmp(string, "cip"))
return SetContextData(UE_CIP, value);
return SetContextDataEx(hActiveThread, UE_CIP, value);
if(scmp(string, "csp"))
return SetContextData(UE_CSP, value);
return SetContextDataEx(hActiveThread, UE_CSP, value);
if(scmp(string, "cflags"))
return SetContextData(UE_CFLAGS, value);
return SetContextDataEx(hActiveThread, UE_CFLAGS, value);
#ifdef _WIN64
if(scmp(string, "rax"))
return SetContextData(UE_RAX, value);
return SetContextDataEx(hActiveThread, UE_RAX, value);
if(scmp(string, "rbx"))
return SetContextData(UE_RBX, value);
return SetContextDataEx(hActiveThread, UE_RBX, value);
if(scmp(string, "rcx"))
return SetContextData(UE_RCX, value);
return SetContextDataEx(hActiveThread, UE_RCX, value);
if(scmp(string, "rdx"))
return SetContextData(UE_RDX, value);
return SetContextDataEx(hActiveThread, UE_RDX, value);
if(scmp(string, "rdi"))
return SetContextData(UE_RDI, value);
return SetContextDataEx(hActiveThread, UE_RDI, value);
if(scmp(string, "rsi"))
return SetContextData(UE_RSI, value);
return SetContextDataEx(hActiveThread, UE_RSI, value);
if(scmp(string, "rbp"))
return SetContextData(UE_RBP, value);
return SetContextDataEx(hActiveThread, UE_RBP, value);
if(scmp(string, "rsp"))
return SetContextData(UE_RSP, value);
return SetContextDataEx(hActiveThread, UE_RSP, value);
if(scmp(string, "rip"))
return SetContextData(UE_RIP, value);
return SetContextDataEx(hActiveThread, UE_RIP, value);
if(scmp(string, "rflags"))
return SetContextData(UE_RFLAGS, value);
return SetContextDataEx(hActiveThread, UE_RFLAGS, value);
if(scmp(string, "r8"))
return SetContextData(UE_R8, value);
return SetContextDataEx(hActiveThread, UE_R8, value);
if(scmp(string, "r9"))
return SetContextData(UE_R9, value);
return SetContextDataEx(hActiveThread, UE_R9, value);
if(scmp(string, "r10"))
return SetContextData(UE_R10, value);
return SetContextDataEx(hActiveThread, UE_R10, value);
if(scmp(string, "r11"))
return SetContextData(UE_R11, value);
return SetContextDataEx(hActiveThread, UE_R11, value);
if(scmp(string, "r12"))
return SetContextData(UE_R12, value);
return SetContextDataEx(hActiveThread, UE_R12, value);
if(scmp(string, "r13"))
return SetContextData(UE_R13, value);
return SetContextDataEx(hActiveThread, UE_R13, value);
if(scmp(string, "r14"))
return SetContextData(UE_R14, value);
return SetContextDataEx(hActiveThread, UE_R14, value);
if(scmp(string, "r15"))
return SetContextData(UE_R15, value);
return SetContextDataEx(hActiveThread, UE_R15, value);
if(scmp(string, "r8d"))
return SetContextData(UE_R8, (value&0xFFFFFFFF)|(GetContextData(UE_R8)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R8, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R8)&0xFFFFFFFF00000000));
if(scmp(string, "r9d"))
return SetContextData(UE_R9, (value&0xFFFFFFFF)|(GetContextData(UE_R9)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R9, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R9)&0xFFFFFFFF00000000));
if(scmp(string, "r10d"))
return SetContextData(UE_R10, (value&0xFFFFFFFF)|(GetContextData(UE_R10)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R10, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R10)&0xFFFFFFFF00000000));
if(scmp(string, "r11d"))
return SetContextData(UE_R11, (value&0xFFFFFFFF)|(GetContextData(UE_R11)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R11, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R11)&0xFFFFFFFF00000000));
if(scmp(string, "r12d"))
return SetContextData(UE_R12, (value&0xFFFFFFFF)|(GetContextData(UE_R12)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R12, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R12)&0xFFFFFFFF00000000));
if(scmp(string, "r13d"))
return SetContextData(UE_R13, (value&0xFFFFFFFF)|(GetContextData(UE_R13)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R13, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R13)&0xFFFFFFFF00000000));
if(scmp(string, "r14d"))
return SetContextData(UE_R14, (value&0xFFFFFFFF)|(GetContextData(UE_R14)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R14, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R14)&0xFFFFFFFF00000000));
if(scmp(string, "r15d"))
return SetContextData(UE_R15, (value&0xFFFFFFFF)|(GetContextData(UE_R15)&0xFFFFFFFF00000000));
return SetContextDataEx(hActiveThread, UE_R15, (value&0xFFFFFFFF)|(GetContextDataEx(hActiveThread, UE_R15)&0xFFFFFFFF00000000));
if(scmp(string, "r8w"))
return SetContextData(UE_R8, (value&0xFFFF)|(GetContextData(UE_R8)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R8, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R8)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r9w"))
return SetContextData(UE_R9, (value&0xFFFF)|(GetContextData(UE_R9)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R9, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R9)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r10w"))
return SetContextData(UE_R10, (value&0xFFFF)|(GetContextData(UE_R10)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R10, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R10)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r11w"))
return SetContextData(UE_R11, (value&0xFFFF)|(GetContextData(UE_R11)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R11, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R11)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r12w"))
return SetContextData(UE_R12, (value&0xFFFF)|(GetContextData(UE_R12)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R12, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R12)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r13w"))
return SetContextData(UE_R13, (value&0xFFFF)|(GetContextData(UE_R13)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R13, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R13)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r14w"))
return SetContextData(UE_R14, (value&0xFFFF)|(GetContextData(UE_R14)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R14, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R14)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r15w"))
return SetContextData(UE_R15, (value&0xFFFF)|(GetContextData(UE_R15)&0xFFFFFFFFFFFF0000));
return SetContextDataEx(hActiveThread, UE_R15, (value&0xFFFF)|(GetContextDataEx(hActiveThread, UE_R15)&0xFFFFFFFFFFFF0000));
if(scmp(string, "r8b"))
return SetContextData(UE_R8, (value&0xFF)|(GetContextData(UE_R8)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R8, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R8)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r9b"))
return SetContextData(UE_R9, (value&0xFF)|(GetContextData(UE_R9)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R9, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R9)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r10b"))
return SetContextData(UE_R10, (value&0xFF)|(GetContextData(UE_R10)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R10, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R10)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r11b"))
return SetContextData(UE_R11, (value&0xFF)|(GetContextData(UE_R11)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R11, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R11)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r12b"))
return SetContextData(UE_R12, (value&0xFF)|(GetContextData(UE_R12)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R12, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R12)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r13b"))
return SetContextData(UE_R13, (value&0xFF)|(GetContextData(UE_R13)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R13, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R13)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r14b"))
return SetContextData(UE_R14, (value&0xFF)|(GetContextData(UE_R14)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R14, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R14)&0xFFFFFFFFFFFFFF00));
if(scmp(string, "r15b"))
return SetContextData(UE_R15, (value&0xFF)|(GetContextData(UE_R15)&0xFFFFFFFFFFFFFF00));
return SetContextDataEx(hActiveThread, UE_R15, (value&0xFF)|(GetContextDataEx(hActiveThread, UE_R15)&0xFFFFFFFFFFFFFF00));
#endif // _WIN64
return false;
@ -1314,7 +1314,7 @@ bool valfromstring(const char* string, uint* value, bool silent, bool baseonly,
*isvar=true;
return true;
}
uint eflags=GetContextData(UE_CFLAGS);
uint eflags=GetContextDataEx(hActiveThread, UE_CFLAGS);
if(valflagfromstring(eflags, string+1))
*value=1;
else
@ -1454,10 +1454,10 @@ bool valtostring(const char* string, uint* value, bool silent)
strcpy(regName, string);
_strlwr(regName);
if(strstr(regName, "ip"))
DebugUpdateGui(GetContextData(UE_CIP), false); //update disassembly + register view
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), false); //update disassembly + register view
else if(strstr(regName, "sp")) //update stack
{
uint csp=GetContextData(UE_CSP);
uint csp=GetContextDataEx(hActiveThread, UE_CSP);
GuiStackDumpAt(csp, csp);
}
else

2
x64_dbg_dbg/x64_dbg.cpp
View File

@ -95,6 +95,7 @@ static void registercommands()
dbgcmdnew("DebugContinue\1con", cbDebugContinue, true); //set continue status
dbgcmdnew("LibrarianSetBreakPoint\1bpdll", cbBpDll, true); //set dll breakpoint
dbgcmdnew("LibrarianRemoveBreakPoint\1bcdll", cbBcDll, true); //remove dll breakpoint
dbgcmdnew("switchthread\1threadswitch", cbDebugSwitchthread, true);
//breakpoints
dbgcmdnew("bplist", cbDebugBplist, true); //breakpoint list
@ -125,6 +126,7 @@ static void registercommands()
dbgcmdnew("refinit", cbInstrRefinit, false);
dbgcmdnew("refadd", cbInstrRefadd, false);
dbgcmdnew("asm", cbAssemble, true); //assemble instruction
dbgcmdnew("sleep", cbInstrSleep, false); //Sleep
//user database
dbgcmdnew("cmt\1cmtset\1commentset", cbInstrCmt, true); //set/edit comment

1
x64_dbg_gui/Project/Src/Gui/MainWindow.cpp
View File

@ -78,6 +78,7 @@ MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent), ui(new Ui::MainWi
// Thread View
mThreadView = new ThreadView();
connect(mThreadView, SIGNAL(showCpu()), this, SLOT(displayCpuWidget()));
mThreadView->setWindowTitle("Threads");
mThreadView->setWindowIcon(QIcon(":/icons/images/arrow-threads.png"));

5
x64_dbg_gui/Project/Src/Gui/PatchDialog.cpp
View File

@ -442,7 +442,10 @@ void PatchDialog::on_btnPatchFile_clicked()
strcpy(szDirName, szModName);
szDirName[len]='\0';
QString filename = QDir::toNativeSeparators(QFileDialog::getSaveFileName(this, "Open file", szDirName, "All files (*.*)"));
QString filename = QFileDialog::getSaveFileName(this, "Save file", szDirName, "All files (*.*)");
if(!filename.length())
return;
filename=QDir::toNativeSeparators(filename); //convert to native path format (with backlashes)
//call patchSave function
DBGPATCHINFO* dbgPatchList = new DBGPATCHINFO[patchList.size()];

10
x64_dbg_gui/Project/Src/Gui/ThreadView.cpp
View File

@ -22,6 +22,7 @@ ThreadView::ThreadView(StdTable *parent) : StdTable(parent)
setCopyMenuOnly(true);
connect(Bridge::getBridge(), SIGNAL(updateThreads()), this, SLOT(updateThreadList()));
connect(this, SIGNAL(doubleClickedSignal()), this, SLOT(doubleClickedSlot()));
}
void ThreadView::updateThreadList()
@ -40,7 +41,7 @@ void ThreadView::updateThreadList()
setCellContent(i, 2, QString("%1").arg(threadList.list[i].BasicInfo.ThreadStartAddress, sizeof(int_t) * 2, 16, QChar('0')).toUpper());
setCellContent(i, 3, QString("%1").arg(threadList.list[i].BasicInfo.ThreadLocalBase, sizeof(int_t) * 2, 16, QChar('0')).toUpper());
setCellContent(i, 4, QString("%1").arg(threadList.list[i].ThreadCip, sizeof(int_t) * 2, 16, QChar('0')).toUpper());
setCellContent(i, 5, QString("%1").arg(threadList.list[i].SuspendCount, 0, 10));
setCellContent(i, 5, QString().sprintf("%d", threadList.list[i].SuspendCount));
QString priorityString;
switch(threadList.list[i].Priority)
{
@ -210,3 +211,10 @@ QString ThreadView::paintContent(QPainter* painter, int_t rowBase, int rowOffset
}
return ret;
}
void ThreadView::doubleClickedSlot()
{
QString threadId=getCellContent(getInitialSelection(), 1);
DbgCmdExecDirect(QString("switchthread " + threadId).toUtf8().constData());
emit showCpu();
}

4
x64_dbg_gui/Project/Src/Gui/ThreadView.h
View File

@ -13,6 +13,10 @@ public:
public slots:
void updateThreadList();
void doubleClickedSlot();
signals:
void showCpu();
private:
int mCurrentThread;

7
x64_dbg_gui/Project/Src/main.cpp
View File

@ -3,6 +3,7 @@
#include "NewTypes.h"
#include "Bridge.h"
#include "main.h"
#include <QAbstractEventDispatcher>
MyApplication::MyApplication(int& argc, char** argv) : QApplication(argc, argv)
{
@ -13,6 +14,11 @@ bool MyApplication::winEventFilter(MSG* message, long* result)
return DbgWinEvent(message, result);
}
bool MyApplication::globalEventFilter(void* message)
{
return DbgWinEventGlobal((MSG*)message);
}
bool MyApplication::notify(QObject* receiver, QEvent* event)
{
bool done = true;
@ -42,6 +48,7 @@ static Configuration* mConfiguration;
int main(int argc, char *argv[])
{
MyApplication application(argc, argv);
QAbstractEventDispatcher::instance(application.thread())->setEventFilter(MyApplication::globalEventFilter);
// load config file + set config font
mConfiguration = new Configuration;

1
x64_dbg_gui/Project/Src/main.h
View File

@ -9,6 +9,7 @@ public:
MyApplication(int& argc, char** argv);
bool notify(QObject* receiver, QEvent* event);
bool winEventFilter(MSG* message, long* result);
static bool globalEventFilter(void* message);
};
int main(int argc, char *argv[]);