x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 5 Activity

DBG+GUI: some refactoring + formatting

This commit is contained in:
Mr. eXoDia 2014-09-13 21:55:23 +02:00
parent 00a7b3eb96
commit ee88a8bd72
10 changed files with 170 additions and 240 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
x64_dbg_bridge/bridgemain.h
View File

@ -59,11 +59,13 @@ BRIDGE_IMPEXP int BridgeGetDbgVersion();
#define MAX_THREAD_NAME_SIZE 256
#define MAX_STRING_SIZE 512
#define MAX_ERROR_SIZE 512
#define RIGHTS_STRING_SIZE (sizeof("ERWCG") + 1)
#define TYPE_VALUE 1
#define TYPE_MEMORY 2
#define TYPE_ADDR 4
#define MAX_MNEMONIC_SIZE 64
#define PAGE_SIZE 0x1000
//Debugger enums
typedef enum
@ -713,11 +715,6 @@ BRIDGE_IMPEXP void GuiUpdatePatches();
BRIDGE_IMPEXP void GuiUpdateCallStack();
BRIDGE_IMPEXP void GuiUpdateMemoryView();
//other MISC defines
#define RIGHTS_STRING (sizeof("ERWCG") + 1)
#define PAGE_SIZE 0x1000
#ifdef __cplusplus
}
#endif

44
x64_dbg_dbg/_dbgfunctions.cpp
View File

@ -112,36 +112,26 @@ static bool _getjitauto(bool* jit_auto)
return dbggetjitauto(jit_auto, notfound, NULL, NULL);
}
static bool _getcmdline(char** cmd_line)
static bool _getcmdline(char* cmd_line, size_t* cbsize)
{
return dbggetcmdline(cmd_line, NULL);
if(!cmd_line && !cbsize)
return false;
char* cmdline;
if(!dbggetcmdline(&cmdline, NULL))
return false;
if(!cmd_line && cbsize)
*cbsize = strlen(cmdline) + sizeof(char);
else if(cmd_line)
strcpy(cmd_line, cmdline);
efree(cmdline, "_getcmdline:cmdline");
return true;
}
static bool _setcmdline(char* cmd_line)
static bool _setcmdline(const char* cmd_line)
{
return dbgsetcmdline(cmd_line, NULL);
}
static bool _isprocesselevated(void)
{
return IsProcessElevated();
}
static bool _getpagerights(uint* addr, char* rights)
{
return dbggetpagerights(addr, rights);
}
static bool _pagerightstostring(DWORD protect, char* rights)
{
return dbgpagerightstostring(protect, rights);
}
static bool _setpagerights(uint* addr, char* rights)
{
return dbgsetpagerights(addr, rights, false);
}
static bool _getjit(char* jit, bool jit64)
{
arch dummy;
@ -210,10 +200,10 @@ void dbgfunctionsinit()
_dbgfunctions.GetJitAuto = _getjitauto;
_dbgfunctions.GetDefJit = dbggetdefjit;
_dbgfunctions.GetProcessList = _getprocesslist;
_dbgfunctions.GetPageRights = _getpagerights;
_dbgfunctions.SetPageRights = _setpagerights;
_dbgfunctions.PageRightsToString = _pagerightstostring;
_dbgfunctions.IsProcessElevated = _isprocesselevated;
_dbgfunctions.GetPageRights = dbggetpagerights;
_dbgfunctions.SetPageRights = dbgsetpagerights;
_dbgfunctions.PageRightsToString = dbgpagerightstostring;
_dbgfunctions.IsProcessElevated = IsProcessElevated;
_dbgfunctions.GetCmdline = _getcmdline;
_dbgfunctions.SetCmdline = _setcmdline;
}

14
x64_dbg_dbg/_dbgfunctions.h
View File

@ -54,15 +54,15 @@ typedef void (*MEMUPDATEMAP)();
typedef void (*GETCALLSTACK)(DBGCALLSTACK* callstack);
typedef void (*SYMBOLDOWNLOADALLSYMBOLS)(const char* szSymbolStore);
typedef bool (*GETJIT)(char* jit, bool x64);
typedef bool (*GETJITAUTO)(bool*);
typedef bool (*GETDEFJIT)(char*);
typedef bool (*GETJITAUTO)(bool* jitauto);
typedef bool (*GETDEFJIT)(char* defjit);
typedef bool (*GETPROCESSLIST)(DBGPROCESSINFO** entries, int* count);
typedef bool (*GETPAGERIGHTS)(duint*, char*);
typedef bool (*SETPAGERIGHTS)(duint*, char*);
typedef bool (*PAGERIGHTSTOSTRING)(DWORD, char*);
typedef bool (*GETPAGERIGHTS)(duint addr, char* rights);
typedef bool (*SETPAGERIGHTS)(duint addr, const char* rights);
typedef bool (*PAGERIGHTSTOSTRING)(DWORD protect, char* rights);
typedef bool (*ISPROCESSELEVATED)(void);
typedef bool (*GETCMDLINE)(char**);
typedef bool (*SETCMDLINE)(char*);
typedef bool (*GETCMDLINE)(char* cmdline, size_t* cbsize);
typedef bool (*SETCMDLINE)(const char* cmdline);
typedef struct DBGFUNCTIONS_
{

214
x64_dbg_dbg/debugger.cpp
View File

@ -1480,7 +1480,6 @@ void cbDetach()
return;
}
bool IsProcessElevated()
{
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
@ -1493,10 +1492,10 @@ bool IsProcessElevated()
IsAdminMember = FALSE;
FreeSid(SecurityIdentifier);
return IsAdminMember ? true : false;
return !!IsAdminMember;
}
bool _readwritejitkey(char* jit_key_value, DWORD* jit_key_vale_size, char* key, arch arch_in, arch* arch_out, readwritejitkey_error_t* error, bool write)
static bool readwritejitkey(char* jit_key_value, DWORD* jit_key_vale_size, char* key, arch arch_in, arch* arch_out, readwritejitkey_error_t* error, bool write)
{
DWORD key_flags;
DWORD lRv;
@ -1504,14 +1503,14 @@ bool _readwritejitkey(char* jit_key_value, DWORD* jit_key_vale_size, char* key,
DWORD dwDisposition;
if(error != NULL)
* error = ERROR_RW;
*error = ERROR_RW;
if(write)
{
if(!IsProcessElevated())
{
if(error != NULL)
* error = ERROR_RW_NOTADMIN;
*error = ERROR_RW_NOTADMIN;
return false;
}
key_flags = KEY_WRITE;
@ -1524,13 +1523,13 @@ bool _readwritejitkey(char* jit_key_value, DWORD* jit_key_vale_size, char* key,
if(arch_in != x64 && arch_in != x32)
{
#ifdef _WIN64
* arch_out = x64;
#else
* arch_out = x32;
#endif
*arch_out = x64;
#else //x86
*arch_out = x32;
#endif //_WIN64
}
else
* arch_out = arch_in;
*arch_out = arch_in;
}
if(arch_in == x64)
@ -1539,15 +1538,11 @@ bool _readwritejitkey(char* jit_key_value, DWORD* jit_key_vale_size, char* key,
if(!IsWow64())
{
if(error != NULL)
* error = ERROR_RW_NOTWOW64;
*error = ERROR_RW_NOTWOW64;
return false;
}
#endif
#ifndef _WIN64
key_flags |= KEY_WOW64_64KEY;
#endif
#endif //_WIN64
}
else if(arch_in == x32)
{
@ -1574,21 +1569,17 @@ bool _readwritejitkey(char* jit_key_value, DWORD* jit_key_vale_size, char* key,
if(lRv != ERROR_SUCCESS)
{
if(error != NULL)
* error = ERROR_RW_FILE_NOT_FOUND;
*error = ERROR_RW_FILE_NOT_FOUND;
}
}
RegCloseKey(hKey);
if(lRv != ERROR_SUCCESS)
return false;
return true;
return (lRv == ERROR_SUCCESS);
}
bool dbgpagerightstostring(DWORD protect, char* rights)
{
memset(rights, 0, RIGHTS_STRING);
memset(rights, 0, RIGHTS_STRING_SIZE);
switch(protect & 0xFF)
{
@ -1626,79 +1617,73 @@ bool dbgpagerightstostring(DWORD protect, char* rights)
return true;
}
void dbggetpageligned(uint* addr)
static uint dbggetpageligned(uint addr)
{
#ifdef _WIN64
* addr &= 0xFFFFFFFFFFFFF000;
addr &= 0xFFFFFFFFFFFFF000;
#else // _WIN32
* addr &= 0xFFFFF000;
addr &= 0xFFFFF000;
#endif // _WIN64
return addr;
}
bool dbgpagerightsfromstring(DWORD* protect, char* rights_string)
static bool dbgpagerightsfromstring(DWORD* protect, const char* rights_string)
{
if(strlen(rights_string) < 2)
return false;
* protect = 0;
*protect = 0;
if(rights_string[0] == 'G' || rights_string[0] == 'g')
{
* protect |= PAGE_GUARD;
*protect |= PAGE_GUARD;
rights_string++;
}
if(_strcmpi(rights_string, "Execute") == 0)
* protect |= PAGE_EXECUTE;
*protect |= PAGE_EXECUTE;
else if(_strcmpi(rights_string, "ExecuteRead") == 0)
* protect |= PAGE_EXECUTE_READ;
*protect |= PAGE_EXECUTE_READ;
else if(_strcmpi(rights_string, "ExecuteReadWrite") == 0)
* protect |= PAGE_EXECUTE_READWRITE;
*protect |= PAGE_EXECUTE_READWRITE;
else if(_strcmpi(rights_string, "ExecuteWriteCopy") == 0)
* protect |= PAGE_EXECUTE_WRITECOPY;
*protect |= PAGE_EXECUTE_WRITECOPY;
else if(_strcmpi(rights_string, "NoAccess") == 0)
* protect |= PAGE_NOACCESS;
*protect |= PAGE_NOACCESS;
else if(_strcmpi(rights_string, "ReadOnly") == 0)
* protect |= PAGE_READONLY;
*protect |= PAGE_READONLY;
else if(_strcmpi(rights_string, "ReadWrite") == 0)
* protect |= PAGE_READWRITE;
*protect |= PAGE_READWRITE;
else if(_strcmpi(rights_string, "WriteCopy") == 0)
* protect |= PAGE_WRITECOPY;
*protect |= PAGE_WRITECOPY;
if(* protect == 0)
if(*protect == 0)
return false;
return true;
}
bool dbgsetpagerights(uint* addr, char* rights_string, bool update_memmap)
bool dbgsetpagerights(uint addr, const char* rights_string)
{
DWORD protect;
DWORD old_protect;
dbggetpageligned(addr);
addr = dbggetpageligned(addr);
if(!dbgpagerightsfromstring(& protect, rights_string))
return false;
if(VirtualProtectEx(fdProcessInfo->hProcess, (void*)*addr, PAGE_SIZE, protect, & old_protect) == 0)
if(VirtualProtectEx(fdProcessInfo->hProcess, (void*)addr, PAGE_SIZE, protect, & old_protect) == 0)
return false;
if(update_memmap)
{
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
}
return true;
}
bool dbggetpagerights(uint* addr, char* rights)
bool dbggetpagerights(uint addr, char* rights)
{
dbggetpageligned(addr);
addr = dbggetpageligned(addr);
MEMORY_BASIC_INFORMATION mbi;
if(VirtualQueryEx(fdProcessInfo->hProcess, (const void*)*addr, &mbi, sizeof(mbi)) == 0)
if(VirtualQueryEx(fdProcessInfo->hProcess, (const void*)addr, &mbi, sizeof(mbi)) == 0)
return false;
return dbgpagerightstostring(mbi.Protect, rights);
@ -1710,25 +1695,22 @@ bool dbggetjitauto(bool* auto_on, arch arch_in, arch* arch_out, readwritejitkey_
DWORD jit_entry_size = sizeof(jit_entry) - 1;
readwritejitkey_error_t rw_error;
if(_readwritejitkey(jit_entry, & jit_entry_size, "Auto", arch_in, arch_out, & rw_error, false) == false)
if(!readwritejitkey(jit_entry, &jit_entry_size, "Auto", arch_in, arch_out, &rw_error, false))
{
if(rw_error == ERROR_RW_FILE_NOT_FOUND)
{
if(rw_error_out != NULL)
* rw_error_out = rw_error;
*rw_error_out = rw_error;
return true;
}
return false;
}
if(_strcmpi(jit_entry, "1") == 0)
* auto_on = true;
*auto_on = true;
else if(_strcmpi(jit_entry, "0") == 0)
* auto_on = false;
*auto_on = false;
else
return false;
return true;
}
@ -1736,26 +1718,22 @@ bool dbgsetjitauto(bool auto_on, arch arch_in, arch* arch_out, readwritejitkey_e
{
DWORD auto_string_size = sizeof("1");
readwritejitkey_error_t rw_error;
if(auto_on == false)
if(!auto_on)
{
char jit_entry[4];
DWORD jit_entry_size = sizeof(jit_entry) - 1;
if(_readwritejitkey(jit_entry, & jit_entry_size, "Auto", arch_in, arch_out, & rw_error, false) == false)
if(!readwritejitkey(jit_entry, &jit_entry_size, "Auto", arch_in, arch_out, &rw_error, false))
{
if(rw_error == ERROR_RW_FILE_NOT_FOUND)
return true;
}
}
if(_readwritejitkey(auto_on ? "1" : "0", & auto_string_size, "Auto", arch_in, arch_out, & rw_error, true) == false)
if(!readwritejitkey(auto_on ? "1" : "0", &auto_string_size, "Auto", arch_in, arch_out, &rw_error, true))
{
if(rw_error_out != NULL)
* rw_error_out = rw_error;
*rw_error_out = rw_error;
return false;
}
return true;
}
@ -1763,15 +1741,12 @@ bool dbggetjit(char jit_entry[JIT_ENTRY_MAX_SIZE], arch arch_in, arch* arch_out,
{
DWORD jit_entry_size = JIT_ENTRY_MAX_SIZE;
readwritejitkey_error_t rw_error;
if(_readwritejitkey(jit_entry, & jit_entry_size, "Debugger", arch_in, arch_out, & rw_error, false) == false)
if(!readwritejitkey(jit_entry, &jit_entry_size, "Debugger", arch_in, arch_out, &rw_error, false))
{
if(rw_error_out != NULL)
* rw_error_out = rw_error;
*rw_error_out = rw_error;
return false;
}
return true;
}
@ -1782,7 +1757,6 @@ bool dbggetdefjit(char* jit_entry)
GetModuleFileNameA(GetModuleHandleA(NULL), &path[1], MAX_PATH);
strcat(path, ATTACH_CMD_LINE);
strcpy(jit_entry, path);
return true;
}
@ -1790,14 +1764,12 @@ bool dbgsetjit(char* jit_cmd, arch arch_in, arch* arch_out, readwritejitkey_erro
{
DWORD jit_cmd_size = (DWORD)strlen(jit_cmd);
readwritejitkey_error_t rw_error;
if(_readwritejitkey(jit_cmd, & jit_cmd_size, "Debugger", arch_in, arch_out, & rw_error, true) == false)
if(!readwritejitkey(jit_cmd, & jit_cmd_size, "Debugger", arch_in, arch_out, & rw_error, true))
{
if(rw_error_out != NULL)
* rw_error_out = rw_error;
*rw_error_out = rw_error;
return false;
}
return true;
}
@ -1836,12 +1808,12 @@ bool dbglistprocesses(std::vector<PROCESSENTRY32>* list)
return true;
}
bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
static bool getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
{
SIZE_T size;
uint pprocess_parameters;
cmd_line_error->addr = (uint) GetPEBLocation(fdProcessInfo->hProcess);
cmd_line_error->addr = (uint)GetPEBLocation(fdProcessInfo->hProcess);
if(cmd_line_error->addr == 0)
{
@ -1851,18 +1823,18 @@ bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
//cast-trick to calculate the address of the remote peb field ProcessParameters
cmd_line_error->addr = (uint) & (((PPEB) cmd_line_error->addr)->ProcessParameters);
if(!memread(fdProcessInfo->hProcess, (const void*) cmd_line_error->addr, & pprocess_parameters, sizeof(pprocess_parameters), & size))
if(!memread(fdProcessInfo->hProcess, (const void*)cmd_line_error->addr, &pprocess_parameters, sizeof(pprocess_parameters), &size))
{
cmd_line_error->type = CMDL_ERR_READ_PEBBASE;
return false;
}
* addr = (uint) & (((RTL_USER_PROCESS_PARAMETERS*) pprocess_parameters)->CommandLine);
*addr = (uint) & (((RTL_USER_PROCESS_PARAMETERS*) pprocess_parameters)->CommandLine);
return true;
}
bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error)
//update the pointer in the GetCommandLine function
static bool patchcmdline(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error)
{
uint command_line_stored = 0;
uint aux = 0;
@ -1877,6 +1849,12 @@ bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_er
}
#ifdef _WIN64
/*
00007FFC5B91E3C8 | 48 8B 05 19 1D 0E 00 | mov rax,qword ptr ds:[7FFC5BA000E8]
00007FFC5B91E3CF | C3 | ret |
This is a relative offset then to get the symbol: next instruction of getmodulehandle (+7 bytes) + offset to symbol
(the last 4 bytes of the instruction)
*/
if(data[0] != 0x48 || data[1] != 0x8B || data[2] != 0x05 || data[7] != 0xC3)
{
cmd_line_error->type = CMDL_ERR_CHECK_GETCOMMANDLINESTORED;
@ -1884,27 +1862,21 @@ bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_er
}
DWORD offset = * ((DWORD*) & data[3]);
command_line_stored = getcommandline + 7 + offset;
#else //x86
/*
00007FFC5B91E3C8 | 48 8B 05 19 1D 0E 00 | mov rax,qword ptr ds:[7FFC5BA000E8]
00007FFC5B91E3CF | C3 | ret |
This is a relative offset then to get the symbol: next instruction of getmodulehandle (+7 bytes) + offset to symbol
(the last 4 bytes of the instruction)
750FE9CA | A1 CC DB 1A 75 | mov eax,dword ptr ds:[751ADBCC] |
750FE9CF | C3 | ret |
*/
#else
if(data[0] != 0xA1 || data[5] != 0xC3)
{
cmd_line_error->type = CMDL_ERR_CHECK_GETCOMMANDLINESTORED;
return false;
}
command_line_stored = * ((uint*) & data[1]);
/*
750FE9CA | A1 CC DB 1A 75 | mov eax,dword ptr ds:[751ADBCC] |
750FE9CF | C3 | ret |
*/
#endif
if(! memwrite(fdProcessInfo->hProcess, (void*) command_line_stored, & new_command_line, sizeof(new_command_line), & size))
//update the pointer in the debuggee
if(!memwrite(fdProcessInfo->hProcess, (void*)command_line_stored, &new_command_line, sizeof(new_command_line), &size))
{
cmd_line_error->addr = command_line_stored;
cmd_line_error->type = CMDL_ERR_WRITE_GETCOMMANDLINESTORED;
@ -1914,38 +1886,36 @@ bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_er
return true;
}
bool _fixgetcommandlines(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error)
static bool fixgetcommandlinesbase(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error)
{
uint getcommandline;
if(!valfromstring("kernelbase:GetCommandLineA", & getcommandline))
if(!valfromstring("kernelbase:GetCommandLineA", &getcommandline))
{
if(!valfromstring("kernel32:GetCommandLineA", & getcommandline))
if(!valfromstring("kernel32:GetCommandLineA", &getcommandline))
{
cmd_line_error->type = CMDL_ERR_GET_GETCOMMANDLINE;
return false;
}
}
if(!__fixgetcommandlines(getcommandline, new_command_line_ascii, cmd_line_error))
if(!patchcmdline(getcommandline, new_command_line_ascii, cmd_line_error))
return false;
if(!valfromstring("kernelbase:GetCommandLineW", & getcommandline))
if(!valfromstring("kernelbase:GetCommandLineW", &getcommandline))
{
if(!valfromstring("kernel32:GetCommandLineW", & getcommandline))
if(!valfromstring("kernel32:GetCommandLineW", &getcommandline))
{
cmd_line_error->type = CMDL_ERR_GET_GETCOMMANDLINE;
return false;
}
}
if(! __fixgetcommandlines(getcommandline, new_command_line_unicode, cmd_line_error))
if(!patchcmdline(getcommandline, new_command_line_unicode, cmd_line_error))
return false;
return true;
}
bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
bool dbgsetcmdline(const char* cmd_line, cmdline_error_t* cmd_line_error)
{
cmdline_error_t cmd_line_error_aux;
UNICODE_STRING new_command_line;
@ -1953,9 +1923,9 @@ bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
uint command_line_addr;
if(cmd_line_error == NULL)
cmd_line_error = & cmd_line_error_aux;
cmd_line_error = &cmd_line_error_aux;
if(!_getcommandlineaddr(& cmd_line_error->addr, cmd_line_error))
if(!getcommandlineaddr(&cmd_line_error->addr, cmd_line_error))
return false;
command_line_addr = cmd_line_error->addr;
@ -1967,7 +1937,7 @@ bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
Memory<wchar_t*> command_linewstr(new_command_line.Length);
// Covert to Unicode.
if(MultiByteToWideChar(CP_ACP, 0, cmd_line, (int) cmd_line_size + 1, command_linewstr, (int) cmd_line_size + 1) == 0)
if(!MultiByteToWideChar(CP_ACP, 0, cmd_line, (int)cmd_line_size + 1, command_linewstr, (int)cmd_line_size + 1))
{
cmd_line_error->type = CMDL_ERR_CONVERTUNICODE;
return false;
@ -1982,28 +1952,25 @@ bool dbgsetcmdline(char* cmd_line, cmdline_error_t* cmd_line_error)
return false;
}
memupdatemap(fdProcessInfo->hProcess);
GuiUpdateMemoryView();
if(! memwrite(fdProcessInfo->hProcess, (void*) mem, new_command_line.Buffer, new_command_line.Length, & size))
if(!memwrite(fdProcessInfo->hProcess, (void*)mem, new_command_line.Buffer, new_command_line.Length, &size))
{
cmd_line_error->addr = mem;
cmd_line_error->type = CMDL_ERR_WRITE_UNICODE_COMMANDLINE;
return false;
}
if(! memwrite(fdProcessInfo->hProcess, (void*)(mem + new_command_line.Length), cmd_line, strlen(cmd_line) + 1, & size))
if(!memwrite(fdProcessInfo->hProcess, (void*)(mem + new_command_line.Length), cmd_line, strlen(cmd_line) + 1, &size))
{
cmd_line_error->addr = mem + new_command_line.Length;
cmd_line_error->type = CMDL_ERR_WRITE_ANSI_COMMANDLINE;
return false;
}
if(!_fixgetcommandlines(mem, mem + new_command_line.Length, cmd_line_error))
if(!fixgetcommandlinesbase(mem, mem + new_command_line.Length, cmd_line_error))
return false;
new_command_line.Buffer = (PWSTR) mem;
if(! memwrite(fdProcessInfo->hProcess, (void*) command_line_addr, & new_command_line, sizeof(new_command_line), & size))
if(!memwrite(fdProcessInfo->hProcess, (void*)command_line_addr, &new_command_line, sizeof(new_command_line), &size))
{
cmd_line_error->addr = command_line_addr;
cmd_line_error->type = CMDL_ERR_WRITE_PEBUNICODE_COMMANDLINE;
@ -2020,12 +1987,12 @@ bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error)
cmdline_error_t cmd_line_error_aux;
if(cmd_line_error == NULL)
cmd_line_error = & cmd_line_error_aux;
cmd_line_error = &cmd_line_error_aux;
if(!_getcommandlineaddr(& cmd_line_error->addr, cmd_line_error))
if(!getcommandlineaddr(&cmd_line_error->addr, cmd_line_error))
return false;
if(!memread(fdProcessInfo->hProcess, (const void*) cmd_line_error->addr, & CommandLine, sizeof(CommandLine), & size))
if(!memread(fdProcessInfo->hProcess, (const void*)cmd_line_error->addr, &CommandLine, sizeof(CommandLine), &size))
{
cmd_line_error->type = CMDL_ERR_READ_PROCPARM_PTR;
return false;
@ -2034,7 +2001,7 @@ bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error)
Memory<wchar_t*> wstr_cmd(CommandLine.Length + sizeof(wchar_t));
cmd_line_error->addr = (uint) CommandLine.Buffer;
if(!memread(fdProcessInfo->hProcess, (const void*) cmd_line_error->addr, wstr_cmd, CommandLine.Length, & size))
if(!memread(fdProcessInfo->hProcess, (const void*)cmd_line_error->addr, wstr_cmd, CommandLine.Length, &size))
{
cmd_line_error->type = CMDL_ERR_READ_PROCPARM_CMDLINE;
return false;
@ -2043,21 +2010,14 @@ bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error)
SIZE_T wstr_cmd_size = wcslen(wstr_cmd) + 1;
SIZE_T cmd_line_size = wstr_cmd_size * 2;
* cmd_line = (char*) calloc(1, cmd_line_size);
if(* cmd_line == NULL)
{
cmd_line_error->type = CMDL_ERR_ALLOC;
return false;
}
*cmd_line = (char*)emalloc(cmd_line_size, "dbggetcmdline:cmd_line");
//Convert TO ASCII
if(WideCharToMultiByte(CP_ACP, 0, wstr_cmd, (int) wstr_cmd_size, * cmd_line, (int) cmd_line_size, NULL, NULL) == 0)
if(!WideCharToMultiByte(CP_ACP, 0, wstr_cmd, (int)wstr_cmd_size, * cmd_line, (int)cmd_line_size, NULL, NULL))
{
free(* cmd_line);
efree(*cmd_line);
cmd_line_error->type = CMDL_ERR_CONVERTUNICODE;
return false;
}
return true;
}

24
x64_dbg_dbg/debugger.h
View File

@ -90,24 +90,18 @@ void dbgaddignoredexception(ExceptionRange range);
bool dbgisignoredexception(unsigned int exception);
bool dbgcmdnew(const char* name, CBCOMMAND cbCommand, bool debugonly);
bool dbgcmddel(const char* name);
bool dbggetjit(char jit_entry[JIT_ENTRY_MAX_SIZE], arch arch_in, arch* arch_out, readwritejitkey_error_t*);
bool dbggetpagerights(uint*, char*);
bool dbgpagerightstostring(DWORD, char*);
void dbggetpageligned(uint*);
bool dbgpagerightsfromstring(DWORD*, char*);
bool dbgsetpagerights(uint*, char*, bool);
bool dbgsetjit(char* jit_cmd, arch arch_in, arch* arch_out, readwritejitkey_error_t*);
bool dbggetjit(char jit_entry[JIT_ENTRY_MAX_SIZE], arch arch_in, arch* arch_out, readwritejitkey_error_t* rw_error_out);
bool dbgsetjit(char* jit_cmd, arch arch_in, arch* arch_out, readwritejitkey_error_t* rw_error_out);
bool dbggetjitauto(bool* auto_on, arch arch_in, arch* arch_out, readwritejitkey_error_t* rw_error_out);
bool dbgsetjitauto(bool auto_on, arch arch_in, arch* arch_out, readwritejitkey_error_t* rw_error_out);
bool dbggetdefjit(char* jit_entry);
bool _readwritejitkey(char*, DWORD*, char*, arch, arch*, readwritejitkey_error_t*, bool);
bool dbggetjitauto(bool*, arch, arch*, readwritejitkey_error_t*);
bool dbgsetjitauto(bool, arch, arch*, readwritejitkey_error_t*);
bool dbglistprocesses(std::vector<PROCESSENTRY32>* list);
bool IsProcessElevated();
bool dbggetcmdline(char**, cmdline_error_t*);
bool dbgsetcmdline(char*, cmdline_error_t*);
bool _fixgetcommandlines(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error);
bool __fixgetcommandlines(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error);
bool _getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error);
bool dbgsetcmdline(const char* cmd_line, cmdline_error_t* cmd_line_error);
bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error);
bool dbggetpagerights(uint addr, char* rights);
bool dbgsetpagerights(uint addr, const char* rights_string);
bool dbgpagerightstostring(DWORD protect, char* rights);
void cbStep();
void cbRtrStep();

56
x64_dbg_dbg/debugger_commands.cpp
View File

@ -1707,7 +1707,7 @@ CMDRESULT cbDebugGetJIT(int argc, char* argv[])
CMDRESULT cbDebugGetPageRights(int argc, char* argv[])
{
uint addr = 0;
char rights[RIGHTS_STRING];
char rights[RIGHTS_STRING_SIZE];
if(argc != 2 || !valfromstring(argv[1], &addr))
{
@ -1715,7 +1715,7 @@ CMDRESULT cbDebugGetPageRights(int argc, char* argv[])
return STATUS_ERROR;
}
if(!dbggetpagerights(&addr, rights))
if(!dbggetpagerights(addr, rights))
{
dprintf("Error getting rights of page: %s\n", argv[1]);
return STATUS_ERROR;
@ -1729,8 +1729,7 @@ CMDRESULT cbDebugGetPageRights(int argc, char* argv[])
CMDRESULT cbDebugSetPageRights(int argc, char* argv[])
{
uint addr = 0;
char rights[RIGHTS_STRING];
bool update_memmap = true;
char rights[RIGHTS_STRING_SIZE];
if(argc < 3 || !valfromstring(argv[1], &addr))
{
@ -1738,16 +1737,13 @@ CMDRESULT cbDebugSetPageRights(int argc, char* argv[])
return STATUS_ERROR;
}
if(argc >= 4)
update_memmap = false;
if(!dbgsetpagerights(&addr, argv[2], update_memmap))
if(!dbgsetpagerights(addr, argv[2]))
{
dprintf("Error: Set rights of "fhex" with Rights: %s\n", addr, argv[2]);
return STATUS_ERROR;
}
if(!dbggetpagerights(&addr, rights))
if(!dbggetpagerights(addr, rights))
{
dprintf("Error getting rights of page: %s\n", argv[1]);
return STATUS_ERROR;
@ -1765,57 +1761,57 @@ void showcommandlineerror(cmdline_error_t* cmdline_error)
switch(cmdline_error->type)
{
case CMDL_ERR_ALLOC:
dprintf(" Error allocating memory for cmdline");
dputs("Error allocating memory for cmdline");
break;
case CMDL_ERR_CONVERTUNICODE:
dprintf(" Error converting UNICODE cmdline");
dputs("Error converting UNICODE cmdline");
break;
case CMDL_ERR_READ_PEBBASE:
dprintf(" Error reading PEB base addres");
dputs("Error reading PEB base addres");
break;
case CMDL_ERR_READ_PROCPARM_CMDLINE:
dprintf(" Error reading PEB -> ProcessParameters -> CommandLine UNICODE_STRING");
dputs("Error reading PEB -> ProcessParameters -> CommandLine UNICODE_STRING");
break;
case CMDL_ERR_READ_PROCPARM_PTR:
dprintf(" Error reading PEB -> ProcessParameters pointer address");
dputs("Error reading PEB -> ProcessParameters pointer address");
break;
case CMDL_ERR_GET_PEB:
dprintf(" Error Getting remote PEB address");
dputs("Error Getting remote PEB address");
break;
case CMDL_ERR_READ_GETCOMMANDLINEBASE:
dprintf(" Error Getting command line base address");
dputs("Error Getting command line base address");
break;
case CMDL_ERR_CHECK_GETCOMMANDLINESTORED:
dprintf(" Error checking the pattern of the commandline stored");
dputs("Error checking the pattern of the commandline stored");
break;
case CMDL_ERR_WRITE_GETCOMMANDLINESTORED:
dprintf(" Error writing the new command line stored");
dputs("Error writing the new command line stored");
break;
case CMDL_ERR_GET_GETCOMMANDLINE:
dprintf(" Error getting getcommandline");
dputs("Error getting getcommandline");
break;
case CMDL_ERR_ALLOC_UNICODEANSI_COMMANDLINE:
dprintf(" Error allocating the page with UNICODE and ANSI command lines");
dputs("Error allocating the page with UNICODE and ANSI command lines");
break;
case CMDL_ERR_WRITE_ANSI_COMMANDLINE:
dprintf(" Error writing the ANSI command line in the page");
dputs("Error writing the ANSI command line in the page");
break;
case CMDL_ERR_WRITE_UNICODE_COMMANDLINE:
dprintf(" Error writing the UNICODE command line in the page");
dputs("Error writing the UNICODE command line in the page");
break;
case CMDL_ERR_WRITE_PEBUNICODE_COMMANDLINE:
dprintf(" Error writing command line UNICODE in PEB");
dputs("Error writing command line UNICODE in PEB");
break;
default:
unkown = true;
dputs(" Error getting cmdline");
dputs("Error getting cmdline");
break;
}
if(!unkown)
{
if(cmdline_error->addr != 0)
dprintf(" "fhex"", cmdline_error->addr);
dprintf(""fhex"", cmdline_error->addr);
dputs("");
}
}
@ -1825,7 +1821,7 @@ CMDRESULT cbDebugGetCmdline(int argc, char* argv[])
char* cmd_line;
cmdline_error_t cmdline_error = {(cmdline_error_type_t) 0, 0};
if(! dbggetcmdline(& cmd_line, & cmdline_error))
if(!dbggetcmdline(& cmd_line, & cmdline_error))
{
showcommandlineerror(& cmdline_error);
return STATUS_ERROR;
@ -1833,7 +1829,7 @@ CMDRESULT cbDebugGetCmdline(int argc, char* argv[])
dprintf("Command line: %s\n", cmd_line);
free(cmd_line);
efree(cmd_line);
return STATUS_CONTINUE;
}
@ -1844,13 +1840,13 @@ CMDRESULT cbDebugSetCmdline(int argc, char* argv[])
if(argc != 2)
{
dprintf("Error: write the arg1 with the new command line of the process debugged\n");
dputs("Error: write the arg1 with the new command line of the process debugged");
return STATUS_ERROR;
}
if(! dbgsetcmdline(argv[1], & cmdline_error))
if(!dbgsetcmdline(argv[1], &cmdline_error))
{
showcommandlineerror(& cmdline_error);
showcommandlineerror(&cmdline_error);
return STATUS_ERROR;
}

30
x64_dbg_gui/Project/Src/Gui/MainWindow.cpp
View File

@ -170,6 +170,7 @@ MainWindow::MainWindow(QWidget* parent) : QMainWindow(parent), ui(new Ui::MainWi
connect(ui->actionDonate, SIGNAL(triggered()), this, SLOT(donate()));
connect(ui->actionAttach, SIGNAL(triggered()), this, SLOT(displayAttach()));
connect(ui->actionDetach, SIGNAL(triggered()), this, SLOT(detach()));
connect(ui->actionChangeCommandLine, SIGNAL(triggered()), this, SLOT(changeCommandLine()));
connect(Bridge::getBridge(), SIGNAL(updateWindowTitle(QString)), this, SLOT(updateWindowTitleSlot(QString)));
connect(Bridge::getBridge(), SIGNAL(addRecentFile(QString)), this, SLOT(addRecentFile(QString)));
@ -940,31 +941,26 @@ void MainWindow::detach()
DbgCmdExec("detach");
}
void MainWindow::on_actionChange_command_line_triggered()
void MainWindow::changeCommandLine()
{
if(!DbgIsDebugging())
{
QMessageBox msg(QMessageBox::Warning, "ERROR NO DEBUGGING", "THERE IS NOT A DEBUGGING PROCESS");
msg.setWindowIcon(QIcon(":/icons/images/compile-warning.png"));
msg.setParent(this, Qt::Dialog);
msg.setWindowFlags(msg.windowFlags() & (~Qt::WindowContextHelpButtonHint));
msg.exec();
return;
}
LineEditDialog mLineEdit(this);
mLineEdit.setText("this is the current command line");
mLineEdit.setWindowTitle("Edit Command Line");
mLineEdit.setText("");
mLineEdit.setWindowTitle("Change Command Line");
mLineEdit.setWindowIcon(QIcon(":/icons/images/changeargs.png"));
char* cmd_line;
if(! DbgFunctions()->GetCmdline(& cmd_line))
mLineEdit.setText("Cant get remote command line use getcmdline command for more information");
size_t cbsize = 0;
char* cmdline = 0;
if(!DbgFunctions()->GetCmdline(0, &cbsize))
mLineEdit.setText("Cannot get remote command line, use the 'getcmdline'' command for more information.");
else
{
mLineEdit.setText(QString(cmd_line));
free(cmd_line);
cmdline = new char[cbsize];
DbgFunctions()->GetCmdline(cmdline, 0);
mLineEdit.setText(QString(cmdline));
delete cmdline;
}
mLineEdit.setCursorPosition(0);
@ -974,7 +970,7 @@ void MainWindow::on_actionChange_command_line_triggered()
if(!DbgFunctions()->SetCmdline((char*)mLineEdit.editText.toUtf8().constData()))
{
QMessageBox msg(QMessageBox::Warning, "ERROR CANT SET COMMAND LINE", "ERROR SETTING COMMAND LINE TRY SETCOMMANDLINE COMMAND");
QMessageBox msg(QMessageBox::Warning, "Error", "Could not set command line!");
msg.setWindowIcon(QIcon(":/icons/images/compile-warning.png"));
msg.setParent(this, Qt::Dialog);
msg.setWindowFlags(msg.windowFlags() & (~Qt::WindowContextHelpButtonHint));

4
x64_dbg_gui/Project/Src/Gui/MainWindow.h
View File

@ -89,6 +89,7 @@ public slots:
void donate();
void displayAttach();
void detach();
void changeCommandLine();
private:
Ui::MainWindow* ui;
@ -150,9 +151,6 @@ private:
protected:
void dragEnterEvent(QDragEnterEvent* pEvent);
void dropEvent(QDropEvent* pEvent);
private slots:
void on_actionChange_command_line_triggered();
};
#endif // MAINWINDOW_H

7
x64_dbg_gui/Project/Src/Gui/MainWindow.ui
View File

@ -72,6 +72,7 @@
<addaction name="actionPause"/>
<addaction name="actionRestart"/>
<addaction name="actionClose"/>
<addaction name="actionChangeCommandLine"/>
<addaction name="separator"/>
<addaction name="actionStepInto"/>
<addaction name="actioneStepInto"/>
@ -81,8 +82,6 @@
<addaction name="actioneRtr"/>
<addaction name="separator"/>
<addaction name="actionCommand"/>
<addaction name="separator"/>
<addaction name="actionChange_command_line"/>
</widget>
<widget class="QMenu" name="menuHelp">
<property name="title">
@ -595,13 +594,13 @@
<string>Detach</string>
</property>
</action>
<action name="actionChange_command_line">
<action name="actionChangeCommandLine">
<property name="icon">
<iconset resource="../../resource.qrc">
<normaloff>:/icons/images/changeargs.png</normaloff>:/icons/images/changeargs.png</iconset>
</property>
<property name="text">
<string>Change command line</string>
<string>Change Command &amp;Line</string>
</property>
</action>
</widget>

10
x64_dbg_gui/Project/Src/Gui/PageMemoryRights.cpp
View File

@ -31,12 +31,12 @@ void PageMemoryRights::RunAddrSize(uint_t addrin, uint_t sizein, QString pagetyp
tableWidget->setHorizontalHeaderItem(1, new QTableWidgetItem(QString("Rights")));
duint actual_addr;
char rights[RIGHTS_STRING];
char rights[RIGHTS_STRING_SIZE];
for(uint_t i = 0; i < nr_pages; i++)
{
actual_addr = addr + (i * PAGE_SIZE);
tableWidget->setItem(i, 0, new QTableWidgetItem(QString("%1").arg(actual_addr, sizeof(uint_t) * 2, 16, QChar('0')).toUpper()));
if(DbgFunctions()->GetPageRights(& actual_addr, rights))
if(DbgFunctions()->GetPageRights(actual_addr, rights))
tableWidget->setItem(i, 1, new QTableWidgetItem(QString(rights)));
}
@ -76,7 +76,7 @@ void PageMemoryRights::on_btnSetrights_clicked()
{
duint actual_addr;
QString rights;
char newrights[RIGHTS_STRING];
char newrights[RIGHTS_STRING_SIZE];
bool one_right_changed = false;
if(ui->radioExecute->isChecked())
@ -109,10 +109,10 @@ void PageMemoryRights::on_btnSetrights_clicked()
#else //x86
actual_addr = ui->pagetableWidget->item(index.row(), 0)->text().toULong(0, 16);
#endif //_WIN64
if(DbgFunctions()->SetPageRights(& actual_addr, (char*) rights.toUtf8().constData()))
if(DbgFunctions()->SetPageRights(actual_addr, (char*)rights.toUtf8().constData()))
{
one_right_changed = true;
if(DbgFunctions()->GetPageRights(& actual_addr, newrights))
if(DbgFunctions()->GetPageRights(actual_addr, newrights))
ui->pagetableWidget->setItem(index.row(), 1, new QTableWidgetItem(QString(newrights)));
}
}