DBG: added DbgAnalyzeFunction to get a function graph

2017-03-17 07:16:30 +01:00 · 2017-03-17 07:16:30 +01:00 · e7d8b8d5cd
parent 0f94a5886a
commit e7d8b8d5cd
3 changed files with 28 additions and 0 deletions
--- a/src/bridge/bridgemain.cpp
+++ b/src/bridge/bridgemain.cpp
@ -1026,6 +1026,11 @@ BRIDGE_IMPEXP duint DbgGetTebAddress(DWORD ThreadId)
    return (duint)_dbg_sendmessage(DBG_GET_TEB_ADDRESS, (void*)ThreadId, nullptr);
 }

+BRIDGE_IMPEXP bool DbgAnalyzeFunction(duint entry, BridgeCFGraphList* graph)
+{
+    return !!_dbg_sendmessage(DBG_ANALYZE_FUNCTION, (void*)entry, graph);
+}
+
 BRIDGE_IMPEXP const char* GuiTranslateText(const char* Source)
 {
    EnterCriticalSection(&csTranslate);
--- a/src/bridge/bridgemain.h
+++ b/src/bridge/bridgemain.h
@ -238,6 +238,7 @@ typedef enum
    DBG_GET_THREAD_ID,              // param1=unused,                    param2=unused
    DBG_GET_PEB_ADDRESS,            // param1=DWORD ProcessId,           param2=unused
    DBG_GET_TEB_ADDRESS,            // param1=DWORD ThreadId,            param2=unused
+    DBG_ANALYZE_FUNCTION,           // param1=BridgeCFGraphList* graph,  param2=duint entry
 } DBGMSG;

 typedef enum
@ -875,6 +876,7 @@ BRIDGE_IMPEXP DWORD DbgGetProcessId();
 BRIDGE_IMPEXP DWORD DbgGetThreadId();
 BRIDGE_IMPEXP duint DbgGetPebAddress(DWORD ProcessId);
 BRIDGE_IMPEXP duint DbgGetTebAddress(DWORD ThreadId);
+BRIDGE_IMPEXP bool DbgAnalyzeFunction(duint entry, BridgeCFGraphList* graph);

 //Gui defines
 #define GUI_PLUGIN_MENU 0
--- a/src/dbg/_exports.cpp
+++ b/src/dbg/_exports.cpp
@ -33,6 +33,7 @@
 #include "watch.h"
 #include "animate.h"
 #include "TraceRecord.h"
+#include "recursiveanalysis.h"

 static bool bOnlyCipAutoComments = false;
 static TITAN_ENGINE_CONTEXT_t titcontext;
@ -1443,6 +1444,26 @@ extern "C" DLL_EXPORT duint _dbg_sendmessage(DBGMSG type, void* param1, void* pa
    }
    break;

+    case DBG_ANALYZE_FUNCTION:
+    {
+        auto entry = duint(param1);
+        duint size;
+        auto base = MemFindBaseAddr(entry, &size);
+        if(!base || !MemIsValidReadPtr(entry))
+            return false;
+        auto modbase = ModBaseFromAddr(base);
+        if(modbase)
+            base = modbase, size = ModSizeFromAddr(modbase);
+        RecursiveAnalysis analysis(base, size, entry, 0, true);
+        analysis.Analyse();
+        auto graph = analysis.GetFunctionGraph(entry);
+        if(!graph)
+            return false;
+        *(BridgeCFGraphList*)param2 = graph->ToGraphList();
+        return true;
+    }
+    break;
+
    }
    return 0;
 }