x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

Add NTSTATUS fmt;show str in locals tab;fix div by 0 in data copy dlg.

This commit is contained in:
torusrxxx 2017-11-05 21:37:19 +08:00 committed by Duncan Ogilvie
parent d67031a089
commit e6297423f9
8 changed files with 107 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/dbg/formatfunctions.cpp
View File

@ -38,11 +38,10 @@ void FormatFunctions::Init()
{
std::vector<wchar_t> helpMessage(destCount);
String errName = ErrorCodeToName((unsigned int)code);
if(errName.size() == 0)
errName = StringUtils::sprintf("%08X", DWORD(code));
#ifdef _WIN64
if((code >> 32) != 0) //Data in high part: not an error code
{
errName = StringUtils::sprintf("%p", code);
if(destCount < errName.size() + 1)
return FORMAT_BUFFER_TOO_SMALL;
else
@ -52,11 +51,56 @@ void FormatFunctions::Init()
}
}
#endif //_WIN64
if(errName.size() == 0)
errName = StringUtils::sprintf("%08X", DWORD(code));
DWORD success = FormatMessageW(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS, NULL, DWORD(code), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), helpMessage.data(), DWORD(destCount), NULL);
if(success > 0)
{
String UTF8ErrorMessage = StringUtils::Utf16ToUtf8(helpMessage.data());
if(destCount < errName.size() + 2 + UTF8ErrorMessage.size())
if(destCount < errName.size() + 3 + UTF8ErrorMessage.size())
return FORMAT_BUFFER_TOO_SMALL;
else
{
sprintf_s(dest, destCount, "%s: %s", errName.c_str(), UTF8ErrorMessage.c_str());
return FORMAT_SUCCESS;
}
}
else
{
if(destCount < errName.size() + 1)
return FORMAT_BUFFER_TOO_SMALL;
else
{
memcpy(dest, errName.c_str(), errName.size() + 1);
return FORMAT_SUCCESS;
}
}
});
Register("ntstatus", [](char* dest, size_t destCount, int argc, char* argv[], duint code, void* userdata)
{
std::vector<wchar_t> helpMessage(destCount);
String errName = ErrorCodeToName((unsigned int)code);
#ifdef _WIN64
if((code >> 32) != 0) //Data in high part: not an error code
{
errName = StringUtils::sprintf("%p", code);
if(destCount < errName.size() + 1)
return FORMAT_BUFFER_TOO_SMALL;
else
{
memcpy(dest, errName.c_str(), errName.size() + 1);
return FORMAT_SUCCESS;
}
}
#endif //_WIN64
if(errName.size() == 0)
errName = StringUtils::sprintf("%08X", DWORD(code));
DWORD success = FormatMessageW(FORMAT_MESSAGE_FROM_HMODULE | FORMAT_MESSAGE_IGNORE_INSERTS, GetModuleHandleW(L"ntdll.dll"), DWORD(code), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), helpMessage.data(), DWORD(destCount), NULL);
if(success > 0)
{
String UTF8ErrorMessage = StringUtils::Utf16ToUtf8(helpMessage.data());
if(destCount < errName.size() + 3 + UTF8ErrorMessage.size())
return FORMAT_BUFFER_TOO_SMALL;
else
{

43
src/gui/Src/Gui/CPUInfoBox.cpp
View File

@ -81,43 +81,6 @@ void CPUInfoBox::clear()
setInfoLine(3, "");
}
QString CPUInfoBox::getSymbolicName(dsint addr)
{
char labelText[MAX_LABEL_SIZE] = "";
char moduleText[MAX_MODULE_SIZE] = "";
char string[MAX_STRING_SIZE] = "";
bool bHasString = DbgGetStringAt(addr, string);
bool bHasLabel = DbgGetLabelAt(addr, SEG_DEFAULT, labelText);
bool bHasModule = (DbgGetModuleAt(addr, moduleText) && !QString(labelText).startsWith("JMP.&"));
QString addrText = DbgMemIsValidReadPtr(addr) ? ToPtrString(addr) : ToHexString(addr);
QString finalText;
if(bHasString)
finalText = addrText + " " + QString(string);
else if(bHasLabel && bHasModule) //<module.label>
finalText = QString("<%1.%2>").arg(moduleText).arg(labelText);
else if(bHasModule) //module.addr
finalText = QString("%1.%2").arg(moduleText).arg(addrText);
else if(bHasLabel) //<label>
finalText = QString("<%1>").arg(labelText);
else
{
finalText = addrText;
if(addr == (addr & 0xFF))
{
QChar c = QChar((char)addr);
if(c.isPrint() || c.isSpace())
finalText += QString(" '%1'").arg(EscapeCh(c));
}
else if(addr == (addr & 0xFFF)) //UNICODE?
{
QChar c = QChar((ushort)addr);
if(c.isPrint() || c.isSpace())
finalText += QString(" L'%1'").arg(EscapeCh(c));
}
}
return finalText;
}
void CPUInfoBox::disasmSelectionChanged(dsint parVA)
{
curAddr = parVA;
@ -164,7 +127,7 @@ void CPUInfoBox::disasmSelectionChanged(dsint parVA)
bool ok;
argMnemonic.toULongLong(&ok, 16);
QString valText = DbgMemIsValidReadPtr(arg.value) ? ToPtrString(arg.value) : ToHexString(arg.value);
auto valTextSym = getSymbolicName(arg.value);
auto valTextSym = getSymbolicNameStr(arg.value);
if(!valTextSym.contains(valText))
valText = QString("%1 %2").arg(valText, valTextSym);
else
@ -217,7 +180,7 @@ void CPUInfoBox::disasmSelectionChanged(dsint parVA)
setInfoLine(j, sizeName + "[" + argMnemonic + "]=???");
else
{
QString addrText = getSymbolicName(arg.memvalue);
QString addrText = getSymbolicNameStr(arg.memvalue);
setInfoLine(j, sizeName + "[" + argMnemonic + "]=" + addrText);
}
j++;
@ -225,7 +188,7 @@ void CPUInfoBox::disasmSelectionChanged(dsint parVA)
else
{
QString valText = DbgMemIsValidReadPtr(arg.value) ? ToPtrString(arg.value) : ToHexString(arg.value);
auto symbolicName = getSymbolicName(arg.value);
auto symbolicName = getSymbolicNameStr(arg.value);
if(!symbolicName.contains(valText))
valText = QString("%1 (%2)").arg(symbolicName, valText);
else

1
src/gui/Src/Gui/CPUInfoBox.h
View File

@ -37,7 +37,6 @@ private:
dsint curAddr;
dsint curRva;
dsint curOffset;
QString getSymbolicName(dsint addr);
void setInfoLine(int line, QString text);
QString getInfoLine(int line);
void clear();

22
src/gui/Src/Gui/DataCopyDialog.cpp
View File

@ -16,23 +16,23 @@ DataCopyDialog::DataCopyDialog(const QVector<byte_t>* data, QWidget* parent) : Q
mTypes[DataCWord] = FormatType { tr("C-Style WORD (Hex)"), 12 };
mTypes[DataCDword] = FormatType { tr("C-Style DWORD (Hex)"), 8 };
mTypes[DataCQword] = FormatType { tr("C-Style QWORD (Hex)"), 4 };
mTypes[DataCString] = FormatType { tr("C-Style String"), -1 };
mTypes[DataCUnicodeString] = FormatType { tr("C-Style Unicode String"), -1 };
mTypes[DataCShellcodeString] = FormatType { tr("C-Style Shellcode String"), -1 };
mTypes[DataCString] = FormatType { tr("C-Style String"), 1 };
mTypes[DataCUnicodeString] = FormatType { tr("C-Style Unicode String"), 1 };
mTypes[DataCShellcodeString] = FormatType { tr("C-Style Shellcode String"), 1 };
mTypes[DataPascalByte] = FormatType { tr("Pascal BYTE (Hex)"), 42 };
mTypes[DataPascalWord] = FormatType { tr("Pascal WORD (Hex)"), 21 };
mTypes[DataPascalDword] = FormatType { tr("Pascal DWORD (Hex)"), 10 };
mTypes[DataPascalQword] = FormatType { tr("Pascal QWORD (Hex)"), 5 };
mTypes[DataGUID] = FormatType { tr("GUID"), 0 };
mTypes[DataGUID] = FormatType { tr("GUID"), 1 };
mTypes[DataIPv4] = FormatType { tr("IP Address (IPv4)"), 5 };
mTypes[DataIPv6] = FormatType { tr("IP Address (IPv6)"), 1 };
mTypes[DataBase64] = FormatType { tr("Base64"), -1 };
mTypes[DataMD5] = FormatType { "MD5", -1};
mTypes[DataSHA1] = FormatType { "SHA1", -1};
mTypes[DataSHA256] = FormatType { "SHA256 (SHA-2)", -1};
mTypes[DataSHA512] = FormatType { "SHA512 (SHA-2)", -1};
mTypes[DataSHA256_3] = FormatType { "SHA256 (SHA-3)", -1};
mTypes[DataSHA512_3] = FormatType { "SHA512 (SHA-3)", -1};
mTypes[DataBase64] = FormatType { tr("Base64"), 1 };
mTypes[DataMD5] = FormatType { "MD5", 1};
mTypes[DataSHA1] = FormatType { "SHA1", 1};
mTypes[DataSHA256] = FormatType { "SHA256 (SHA-2)", 1};
mTypes[DataSHA512] = FormatType { "SHA512 (SHA-2)", 1};
mTypes[DataSHA256_3] = FormatType { "SHA256 (SHA-3)", 1};
mTypes[DataSHA512_3] = FormatType { "SHA512 (SHA-3)", 1};
for(int i = 0; i < DataLast; i++)
ui->comboType->addItem(mTypes[i].name);

9
src/gui/Src/Gui/DataCopyDialog.ui
View File

@ -14,7 +14,7 @@
<string>Data Copy</string>
</property>
<property name="windowIcon">
<iconset>
<iconset resource="../../resource.qrc">
<normaloff>:/icons/images/data-copy.png</normaloff>:/icons/images/data-copy.png</iconset>
</property>
<layout class="QVBoxLayout" name="verticalLayout">
@ -82,6 +82,9 @@
<height>20</height>
</size>
</property>
<property name="minimum">
<number>1</number>
</property>
<property name="maximum">
<number>200</number>
</property>
@ -91,6 +94,8 @@
</item>
</layout>
</widget>
<resources/>
<resources>
<include location="../../resource.qrc"/>
</resources>
<connections/>
</ui>

2
src/gui/Src/Gui/LocalVarsView.cpp
View File

@ -304,7 +304,7 @@ void LocalVarsView::updateSlot()
if(DbgIsValidExpression(buf.constData()))
{
val = DbgValFromString(buf.constData());
setCellContent(i, 2, ToPtrString(val));
setCellContent(i, 2, getSymbolicNameStr(val));
}
else
setCellContent(i, 2, "???");

37
src/gui/Src/Utils/MiscUtil.cpp
View File

@ -119,6 +119,43 @@ QString getSymbolicName(duint addr)
return addrText;
}
QString getSymbolicNameStr(duint addr)
{
char labelText[MAX_LABEL_SIZE] = "";
char moduleText[MAX_MODULE_SIZE] = "";
char string[MAX_STRING_SIZE] = "";
bool bHasString = DbgGetStringAt(addr, string);
bool bHasLabel = DbgGetLabelAt(addr, SEG_DEFAULT, labelText);
bool bHasModule = (DbgGetModuleAt(addr, moduleText) && !QString(labelText).startsWith("JMP.&"));
QString addrText = DbgMemIsValidReadPtr(addr) ? ToPtrString(addr) : ToHexString(addr);
QString finalText;
if(bHasString)
finalText = addrText + " " + QString(string);
else if(bHasLabel && bHasModule) //<module.label>
finalText = QString("<%1.%2>").arg(moduleText).arg(labelText);
else if(bHasModule) //module.addr
finalText = QString("%1.%2").arg(moduleText).arg(addrText);
else if(bHasLabel) //<label>
finalText = QString("<%1>").arg(labelText);
else
{
finalText = addrText;
if(addr == (addr & 0xFF))
{
QChar c = QChar((char)addr);
if(c.isPrint() || c.isSpace())
finalText += QString(" '%1'").arg(EscapeCh(c));
}
else if(addr == (addr & 0xFFF)) //UNICODE?
{
QChar c = QChar((ushort)addr);
if(c.isPrint() || c.isSpace())
finalText += QString(" L'%1'").arg(EscapeCh(c));
}
}
return finalText;
}
static bool allowSeasons()
{
srand(GetTickCount());

1
src/gui/Src/Utils/MiscUtil.h
View File

@ -16,6 +16,7 @@ void SimpleErrorBox(QWidget* parent, const QString & title, const QString & text
void SimpleWarningBox(QWidget* parent, const QString & title, const QString & text);
void SimpleInfoBox(QWidget* parent, const QString & title, const QString & text);
QString getSymbolicName(duint addr);
QString getSymbolicNameStr(duint addr);
bool isEaster();
QString couldItBeSeasonal(QString icon);