x64dbg/x64dbg
x64dbg
/
x64dbg
1
0
Fork 0
Code Releases 4 Activity

DBG: Replacing uint with duint

This commit is contained in:
Nukem 2015-10-17 19:52:02 -04:00
parent eda641f6a7
commit f23b5af60a
83 changed files with 937 additions and 1012 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/dbg/AnalysisPass.cpp
View File

@ -3,7 +3,7 @@
#include "AnalysisPass.h"
#include "memory.h"
AnalysisPass::AnalysisPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks) : m_MainBlocks(MainBlocks)
AnalysisPass::AnalysisPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks) : m_MainBlocks(MainBlocks)
{
assert(VirtualEnd > VirtualStart);
@ -29,20 +29,20 @@ AnalysisPass::~AnalysisPass()
efree(m_Data);
}
BasicBlock* AnalysisPass::FindBBlockInRange(uint Address)
BasicBlock* AnalysisPass::FindBBlockInRange(duint Address)
{
// NOTE: __MUST__ BE A SORTED VECTOR
//
// Use a binary search
uint indexLo = 0;
uint indexHi = m_MainBlocks.size();
duint indexLo = 0;
duint indexHi = m_MainBlocks.size();
// Get a pointer to pure data
const auto blocks = m_MainBlocks.data();
while(indexHi > indexLo)
{
uint indexMid = (indexLo + indexHi) / 2;
duint indexMid = (indexLo + indexHi) / 2;
auto entry = &blocks[indexMid];
if(Address < entry->VirtualStart)
@ -66,18 +66,18 @@ BasicBlock* AnalysisPass::FindBBlockInRange(uint Address)
return nullptr;
}
uint AnalysisPass::FindBBlockIndex(BasicBlock* Block)
duint AnalysisPass::FindBBlockIndex(BasicBlock* Block)
{
// Fast pointer arithmetic to find index
return ((uint)Block - (uint)m_MainBlocks.data()) / sizeof(BasicBlock);
return ((duint)Block - (duint)m_MainBlocks.data()) / sizeof(BasicBlock);
}
uint AnalysisPass::IdealThreadCount()
duint AnalysisPass::IdealThreadCount()
{
if(m_InternalMaxThreads == 0)
{
// Determine the maximum hardware thread count at once
uint maximumThreads = max(std::thread::hardware_concurrency(), 1);
duint maximumThreads = max(std::thread::hardware_concurrency(), 1);
// Don't consume 100% of the CPU, adjust accordingly
if(maximumThreads > 1)
@ -89,7 +89,7 @@ uint AnalysisPass::IdealThreadCount()
return m_InternalMaxThreads;
}
void AnalysisPass::SetIdealThreadCount(uint Count)
void AnalysisPass::SetIdealThreadCount(duint Count)
{
m_InternalMaxThreads = (BYTE)min(Count, 255);
}

20
src/dbg/AnalysisPass.h
View File

@ -6,35 +6,35 @@
class AnalysisPass
{
public:
AnalysisPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks);
AnalysisPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks);
virtual ~AnalysisPass();
virtual const char* GetName() = 0;
virtual bool Analyse() = 0;
protected:
uint m_VirtualStart;
uint m_VirtualEnd;
uint m_DataSize;
duint m_VirtualStart;
duint m_VirtualEnd;
duint m_DataSize;
unsigned char* m_Data;
BBlockArray & m_MainBlocks;
inline unsigned char* AnalysisPass::TranslateAddress(uint Address)
inline unsigned char* AnalysisPass::TranslateAddress(duint Address)
{
assert(ValidateAddress(Address));
return &m_Data[Address - m_VirtualStart];
}
inline bool AnalysisPass::ValidateAddress(uint Address)
inline bool AnalysisPass::ValidateAddress(duint Address)
{
return (Address >= m_VirtualStart && Address < m_VirtualEnd);
}
BasicBlock* FindBBlockInRange(uint Address);
uint FindBBlockIndex(BasicBlock* Block);
uint IdealThreadCount();
void SetIdealThreadCount(uint Count);
BasicBlock* FindBBlockInRange(duint Address);
duint FindBBlockIndex(BasicBlock* Block);
duint IdealThreadCount();
void SetIdealThreadCount(duint Count);
private:
BYTE m_InternalMaxThreads;

24
src/dbg/BasicBlock.h
View File

@ -2,7 +2,7 @@
#include "_global.h"
enum BasicBlockFlags : uint
enum BasicBlockFlags : duint
{
BASIC_BLOCK_FLAG_NONE = 0, // No flag
@ -23,22 +23,22 @@ enum BasicBlockFlags : uint
struct BasicBlock
{
uint VirtualStart; // Inclusive
uint VirtualEnd; // Exclusive
uint Flags;
uint Target;
duint VirtualStart; // Inclusive
duint VirtualEnd; // Exclusive
duint Flags;
duint Target;
__forceinline bool GetFlag(uint Flag)
__forceinline bool GetFlag(duint Flag)
{
return (Flags & Flag) == Flag;
}
__forceinline void SetFlag(uint Flag)
__forceinline void SetFlag(duint Flag)
{
Flags |= Flag;
}
__forceinline uint Size()
__forceinline duint Size()
{
return VirtualEnd - VirtualStart;
}
@ -56,11 +56,11 @@ struct BasicBlock
struct FunctionDef
{
uint VirtualStart; // Inclusive
uint VirtualEnd; // Exclusive
duint VirtualStart; // Inclusive
duint VirtualEnd; // Exclusive
uint BBlockStart; // Index of first basic block
uint BBlockEnd; // Index of last basic block
duint BBlockStart; // Index of first basic block
duint BBlockEnd; // Index of last basic block
bool operator< (const FunctionDef & b) const
{

10
src/dbg/CodeFollowPass.cpp
View File

@ -1,7 +1,7 @@
#include "AnalysisPass.h"
#include "CodeFollowPass.h"
CodeFollowPass::CodeFollowPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks)
CodeFollowPass::CodeFollowPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks)
: AnalysisPass(VirtualStart, VirtualEnd, MainBlocks)
{
@ -31,7 +31,7 @@ bool CodeFollowPass::Analyse()
return false;
}
uint CodeFollowPass::GetReferenceOperand(const cs_x86 & Context)
duint CodeFollowPass::GetReferenceOperand(const cs_x86 & Context)
{
for(int i = 0; i < Context.op_count; i++)
{
@ -40,7 +40,7 @@ uint CodeFollowPass::GetReferenceOperand(const cs_x86 & Context)
// Looking for immediate references
if(operand.type == X86_OP_IMM)
{
uint dest = (uint)operand.imm;
duint dest = (duint)operand.imm;
if(ValidateAddress(dest))
return dest;
@ -50,7 +50,7 @@ uint CodeFollowPass::GetReferenceOperand(const cs_x86 & Context)
return 0;
}
uint CodeFollowPass::GetMemoryOperand(Capstone & Disasm, const cs_x86 & Context, bool* Indirect)
duint CodeFollowPass::GetMemoryOperand(Capstone & Disasm, const cs_x86 & Context, bool* Indirect)
{
if(Context.op_count <= 0)
return 0;
@ -81,7 +81,7 @@ uint CodeFollowPass::GetMemoryOperand(Capstone & Disasm, const cs_x86 & Context,
// TODO: Translate RIP-Relative
return 0;
uint dest = (uint)operand.mem.disp;
duint dest = (duint)operand.mem.disp;
if(ValidateAddress(dest))
return dest;

6
src/dbg/CodeFollowPass.h
View File

@ -7,13 +7,13 @@
class CodeFollowPass : public AnalysisPass
{
public:
CodeFollowPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks);
CodeFollowPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks);
virtual ~CodeFollowPass();
virtual const char* GetName() override;
virtual bool Analyse() override;
private:
uint GetReferenceOperand(const cs_x86 & Context);
uint GetMemoryOperand(Capstone & Disasm, const cs_x86 & Context, bool* Indirect);
duint GetReferenceOperand(const cs_x86 & Context);
duint GetMemoryOperand(Capstone & Disasm, const cs_x86 & Context, bool* Indirect);
};

38
src/dbg/FunctionPass.cpp
View File

@ -6,7 +6,7 @@
#include "module.h"
#include "function.h"
FunctionPass::FunctionPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks)
FunctionPass::FunctionPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks)
: AnalysisPass(VirtualStart, VirtualEnd, MainBlocks)
{
// Zero values
@ -70,15 +70,15 @@ const char* FunctionPass::GetName()
bool FunctionPass::Analyse()
{
// THREAD_WORK = ceil(TOTAL / # THREADS)
uint workAmount = (m_MainBlocks.size() + (IdealThreadCount() - 1)) / IdealThreadCount();
duint workAmount = (m_MainBlocks.size() + (IdealThreadCount() - 1)) / IdealThreadCount();
// Initialize thread vector
auto threadFunctions = new std::vector<FunctionDef>[IdealThreadCount()];
concurrency::parallel_for(uint(0), IdealThreadCount(), [&](uint i)
concurrency::parallel_for(duint(0), IdealThreadCount(), [&](duint i)
{
uint threadWorkStart = (workAmount * i);
uint threadWorkStop = min((threadWorkStart + workAmount), m_MainBlocks.size());
duint threadWorkStart = (workAmount * i);
duint threadWorkStop = min((threadWorkStart + workAmount), m_MainBlocks.size());
// Memory allocation optimization
// TODO: Option to conserve memory
@ -91,7 +91,7 @@ bool FunctionPass::Analyse()
std::vector<FunctionDef> funcs;
// Merge thread vectors into single local
for(uint i = 0; i < IdealThreadCount(); i++)
for(duint i = 0; i < IdealThreadCount(); i++)
std::move(threadFunctions[i].begin(), threadFunctions[i].end(), std::back_inserter(funcs));
// Sort and remove duplicates
@ -111,7 +111,7 @@ bool FunctionPass::Analyse()
return true;
}
void FunctionPass::AnalysisWorker(uint Start, uint End, std::vector<FunctionDef>* Blocks)
void FunctionPass::AnalysisWorker(duint Start, duint End, std::vector<FunctionDef>* Blocks)
{
// Step 1: Use any defined functions in the PE function table
FindFunctionWorkerPrepass(Start, End, Blocks);
@ -122,17 +122,17 @@ void FunctionPass::AnalysisWorker(uint Start, uint End, std::vector<FunctionDef>
// NOTE: *Some* indirect calls are included
auto blockItr = std::next(m_MainBlocks.begin(), Start);
for(uint i = Start; i < End; i++, ++blockItr)
for(duint i = Start; i < End; i++, ++blockItr)
{
if(blockItr->GetFlag(BASIC_BLOCK_FLAG_CALL))
{
uint destination = blockItr->Target;
duint destination = blockItr->Target;
// Was it a pointer?
if(blockItr->GetFlag(BASIC_BLOCK_FLAG_INDIRPTR))
{
// Read it from memory
if(!MemRead(destination, &destination, sizeof(uint)))
if(!MemRead(destination, &destination, sizeof(duint)))
continue;
// Validity check
@ -168,17 +168,17 @@ void FunctionPass::AnalysisWorker(uint Start, uint End, std::vector<FunctionDef>
// TODO
}
void FunctionPass::FindFunctionWorkerPrepass(uint Start, uint End, std::vector<FunctionDef>* Blocks)
void FunctionPass::FindFunctionWorkerPrepass(duint Start, duint End, std::vector<FunctionDef>* Blocks)
{
const uint minFunc = std::next(m_MainBlocks.begin(), Start)->VirtualStart;
const uint maxFunc = std::next(m_MainBlocks.begin(), End - 1)->VirtualEnd;
const duint minFunc = std::next(m_MainBlocks.begin(), Start)->VirtualStart;
const duint maxFunc = std::next(m_MainBlocks.begin(), End - 1)->VirtualEnd;
#ifdef _WIN64
// RUNTIME_FUNCTION exception information
EnumerateFunctionRuntimeEntries64([&](PRUNTIME_FUNCTION Function)
{
const uint funcAddr = m_ModuleStart + Function->BeginAddress;
const uint funcEnd = m_ModuleStart + Function->EndAddress;
const duint funcAddr = m_ModuleStart + Function->BeginAddress;
const duint funcEnd = m_ModuleStart + Function->EndAddress;
// If within limits...
if(funcAddr >= minFunc && funcAddr < maxFunc)
@ -197,7 +197,7 @@ void FunctionPass::FindFunctionWorkerPrepass(uint Start, uint End, std::vector<F
#endif // _WIN64
// Module exports (return value ignored)
apienumexports(m_ModuleStart, [&](uint Base, const char* Module, const char* Name, uint Address)
apienumexports(m_ModuleStart, [&](duint Base, const char* Module, const char* Name, duint Address)
{
// If within limits...
if(Address >= minFunc && Address < maxFunc)
@ -248,7 +248,7 @@ bool FunctionPass::ResolveKnownFunctionEnd(FunctionDef* Function)
Function->BBlockEnd = FindBBlockIndex(endBlock);
// Set the flag for blocks that have been scanned
for(BasicBlock* block = startBlock; (uint)block <= (uint)endBlock; block++)
for(BasicBlock* block = startBlock; (duint)block <= (duint)endBlock; block++)
block->SetFlag(BASIC_BLOCK_FLAG_FUNCTION);
return true;
@ -270,10 +270,10 @@ bool FunctionPass::ResolveFunctionEnd(FunctionDef* Function, BasicBlock* LastBlo
// The maximum address is determined by any jump that extends past
// a RET or other terminating basic block. A function may have multiple
// return statements.
uint maximumAddr = 0;
duint maximumAddr = 0;
// Loop forever until the end is found
for(; (uint)block <= (uint)LastBlock; block++)
for(; (duint)block <= (duint)LastBlock; block++)
{
// Block is now in use
block->SetFlag(BASIC_BLOCK_FLAG_FUNCTION);

8
src/dbg/FunctionPass.h
View File

@ -7,20 +7,20 @@
class FunctionPass : public AnalysisPass
{
public:
FunctionPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks);
FunctionPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks);
virtual ~FunctionPass();
virtual const char* GetName() override;
virtual bool Analyse() override;
private:
uint m_ModuleStart;
duint m_ModuleStart;
PVOID m_FunctionInfo;
ULONG m_FunctionInfoSize;
void AnalysisWorker(uint Start, uint End, std::vector<FunctionDef>* Blocks);
void FindFunctionWorkerPrepass(uint Start, uint End, std::vector<FunctionDef>* Blocks);
void AnalysisWorker(duint Start, duint End, std::vector<FunctionDef>* Blocks);
void FindFunctionWorkerPrepass(duint Start, duint End, std::vector<FunctionDef>* Blocks);
void FindFunctionWorker(std::vector<FunctionDef>* Blocks);
bool ResolveKnownFunctionEnd(FunctionDef* Function);

77
src/dbg/Int3CoagulatorPass.cpp
View File

@ -1,77 +0,0 @@
#include <thread>
#include "AnalysisPass.h"
#include "Int3CoagulatorPass.h"
#include "console.h"
Int3CoagulatorPass::Int3CoagulatorPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks)
: AnalysisPass(VirtualStart, VirtualEnd, MainBlocks)
{
}
Int3CoagulatorPass::~Int3CoagulatorPass()
{
}
const char* Int3CoagulatorPass::GetName()
{
return "INT3 Group Combiner - DEPRECATED";
}
bool Int3CoagulatorPass::Analyse()
{
// Execute
std::thread thread(&Int3CoagulatorPass::AnalysisWorker, this, 0, m_MainBlocks.size(), &m_MainBlocks);
// Wait for thread to finish
thread.join();
dprintf("Total basic blocks: %d\n", m_MainBlocks.size());
return true;
}
void Int3CoagulatorPass::AnalysisWorker(uint Start, uint End, std::vector<BasicBlock>* Blocks)
{
uint counterIndex = 0; // Loop counter
uint intSeriesStart = 0; // Block starting address
uint intSeriesCount = 0; // Number of blocks
uint intSeriesSize = 0; // Size of instructions
for(auto itr = Blocks->begin(); counterIndex < End; ++itr, counterIndex++)
{
if(!itr->GetFlag(BASIC_BLOCK_FLAG_PAD))
{
// Synchronize the vector if more than 1 instruction
// is present. (Combine)
if(intSeriesCount > 1)
{
// Removal of old blocks
itr = Blocks->erase(itr - intSeriesCount, itr);
// Build the new block and insert
BasicBlock block;
block.VirtualStart = intSeriesStart;
block.VirtualEnd = intSeriesStart + intSeriesSize;
block.SetFlag(BASIC_BLOCK_FLAG_PAD);
itr = Blocks->insert(itr, block);
// Adjust the integer counter manually
End -= (intSeriesCount - 1);
}
// Counter is reset because the series is broken
intSeriesCount = 0;
intSeriesSize = 0;
continue;
}
// Hit! An INT3 instruction block has been found.
// Update the counter stats.
if(intSeriesCount == 0)
intSeriesStart = itr->VirtualStart;
intSeriesCount += 1;
intSeriesSize += (itr->VirtualEnd - itr->VirtualStart);
}
}

17
src/dbg/Int3CoagulatorPass.h
View File

@ -1,17 +0,0 @@
#pragma once
#include "AnalysisPass.h"
#include "BasicBlock.h"
class Int3CoagulatorPass : public AnalysisPass
{
public:
Int3CoagulatorPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks);
virtual ~Int3CoagulatorPass();
virtual const char* GetName() override;
virtual bool Analyse() override;
private:
void AnalysisWorker(uint Start, uint End, BBlockArray* Blocks);
};

44
src/dbg/LinearPass.cpp
View File

@ -4,7 +4,7 @@
#include "LinearPass.h"
#include "capstone_wrapper.h"
LinearPass::LinearPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks)
LinearPass::LinearPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks)
: AnalysisPass(VirtualStart, VirtualEnd, MainBlocks)
{
// This is a fix for when the total data analysis size is less
@ -28,15 +28,15 @@ bool LinearPass::Analyse()
{
// Divide the work up between each thread
// THREAD_WORK = (TOTAL / # THREADS)
uint workAmount = m_DataSize / IdealThreadCount();
duint workAmount = m_DataSize / IdealThreadCount();
// Initialize thread vector
auto threadBlocks = new std::vector<BasicBlock>[IdealThreadCount()];
concurrency::parallel_for(uint(0), IdealThreadCount(), [&](uint i)
concurrency::parallel_for(duint(0), IdealThreadCount(), [&](duint i)
{
uint threadWorkStart = m_VirtualStart + (workAmount * i);
uint threadWorkStop = min((threadWorkStart + workAmount), m_VirtualEnd);
duint threadWorkStart = m_VirtualStart + (workAmount * i);
duint threadWorkStop = min((threadWorkStart + workAmount), m_VirtualEnd);
// Allow a 256-byte variance of scanning because of
// integer rounding errors and instruction overlap
@ -57,7 +57,7 @@ bool LinearPass::Analyse()
// Clear old data and combine vectors
m_MainBlocks.clear();
for(uint i = 0; i < IdealThreadCount(); i++)
for(duint i = 0; i < IdealThreadCount(); i++)
{
std::move(threadBlocks[i].begin(), threadBlocks[i].end(), std::back_inserter(m_MainBlocks));
@ -91,16 +91,16 @@ void LinearPass::AnalyseOverlaps()
// the middle of other basic blocks.
//
// THREAD_WORK = ceil(TOTAL / # THREADS)
uint workTotal = m_MainBlocks.size();
uint workAmount = (workTotal + (IdealThreadCount() - 1)) / IdealThreadCount();
duint workTotal = m_MainBlocks.size();
duint workAmount = (workTotal + (IdealThreadCount() - 1)) / IdealThreadCount();
// Initialize thread vectors
auto threadInserts = new std::vector<BasicBlock>[IdealThreadCount()];
concurrency::parallel_for(uint(0), IdealThreadCount(), [&](uint i)
concurrency::parallel_for(duint(0), IdealThreadCount(), [&](duint i)
{
uint threadWorkStart = (workAmount * i);
uint threadWorkStop = min((threadWorkStart + workAmount), workTotal);
duint threadWorkStart = (workAmount * i);
duint threadWorkStop = min((threadWorkStart + workAmount), workTotal);
// Again, allow an overlap of +/- 1 entry
if(threadWorkStart > 0)
@ -116,7 +116,7 @@ void LinearPass::AnalyseOverlaps()
// THREAD VECTOR
std::vector<BasicBlock> overlapInserts;
{
for(uint i = 0; i < IdealThreadCount(); i++)
for(duint i = 0; i < IdealThreadCount(); i++)
std::move(threadInserts[i].begin(), threadInserts[i].end(), std::back_inserter(overlapInserts));
// Sort and remove duplicates
@ -142,16 +142,16 @@ void LinearPass::AnalyseOverlaps()
}
}
void LinearPass::AnalysisWorker(uint Start, uint End, BBlockArray* Blocks)
void LinearPass::AnalysisWorker(duint Start, duint End, BBlockArray* Blocks)
{
Capstone disasm;
uint blockBegin = Start; // BBlock starting virtual address
uint blockEnd; // BBlock ending virtual address
duint blockBegin = Start; // BBlock starting virtual address
duint blockEnd; // BBlock ending virtual address
bool blockPrevPad = false; // Indicator if the last instruction was padding
BasicBlock* lastBlock = nullptr;// Avoid an expensive call to std::vector::back()
for(uint i = Start; i < End;)
for(duint i = Start; i < End;)
{
if(!disasm.Disassemble(i, TranslateAddress(i)))
{
@ -174,7 +174,7 @@ void LinearPass::AnalysisWorker(uint Start, uint End, BBlockArray* Blocks)
{
// PADDING is treated differently. They are all created as their
// own separate block for more analysis later.
uint realBlockEnd = blockEnd - disasm.Size();
duint realBlockEnd = blockEnd - disasm.Size();
if((realBlockEnd - blockBegin) > 0)
{
@ -206,7 +206,7 @@ void LinearPass::AnalysisWorker(uint Start, uint End, BBlockArray* Blocks)
if(operand.type == X86_OP_IMM)
{
// Branch target immediate
block->Target = (uint)operand.imm;
block->Target = (duint)operand.imm;
// Check if absolute jump
if(disasm.GetId() == X86_INS_JMP)
@ -223,7 +223,7 @@ void LinearPass::AnalysisWorker(uint Start, uint End, BBlockArray* Blocks)
operand.mem.scale == 1)
{
block->SetFlag(BASIC_BLOCK_FLAG_INDIRPTR);
block->Target = (uint)operand.mem.disp;
block->Target = (duint)operand.mem.disp;
}
}
}
@ -235,7 +235,7 @@ void LinearPass::AnalysisWorker(uint Start, uint End, BBlockArray* Blocks)
}
}
void LinearPass::AnalysisOverlapWorker(uint Start, uint End, BBlockArray* Insertions)
void LinearPass::AnalysisOverlapWorker(duint Start, duint End, BBlockArray* Insertions)
{
// Comparison function to see if two blocks overlap
auto BlockOverlapsRemove = [](BasicBlock * A, BasicBlock * B) -> BasicBlock*
@ -256,7 +256,7 @@ void LinearPass::AnalysisOverlapWorker(uint Start, uint End, BBlockArray* Insert
// Get a pointer to pure data
const auto blocks = m_MainBlocks.data();
for(uint i = Start; i < End; i++)
for(duint i = Start; i < End; i++)
{
const auto curr = &blocks[i];
const auto next = &blocks[i + 1];
@ -302,7 +302,7 @@ void LinearPass::AnalysisOverlapWorker(uint Start, uint End, BBlockArray* Insert
}
}
BasicBlock* LinearPass::CreateBlockWorker(std::vector<BasicBlock>* Blocks, uint Start, uint End, bool Call, bool Jmp, bool Ret, bool Pad)
BasicBlock* LinearPass::CreateBlockWorker(std::vector<BasicBlock>* Blocks, duint Start, duint End, bool Call, bool Jmp, bool Ret, bool Pad)
{
BasicBlock block;
block.VirtualStart = Start;

8
src/dbg/LinearPass.h
View File

@ -6,7 +6,7 @@
class LinearPass : public AnalysisPass
{
public:
LinearPass(uint VirtualStart, uint VirtualEnd, BBlockArray & MainBlocks);
LinearPass(duint VirtualStart, duint VirtualEnd, BBlockArray & MainBlocks);
virtual ~LinearPass();
virtual const char* GetName() override;
@ -14,7 +14,7 @@ public:
void AnalyseOverlaps();
private:
void AnalysisWorker(uint Start, uint End, BBlockArray* Blocks);
void AnalysisOverlapWorker(uint Start, uint End, BBlockArray* Insertions);
BasicBlock* CreateBlockWorker(BBlockArray* Blocks, uint Start, uint End, bool Call, bool Jmp, bool Ret, bool Pad);
void AnalysisWorker(duint Start, duint End, BBlockArray* Blocks);
void AnalysisOverlapWorker(duint Start, duint End, BBlockArray* Insertions);
BasicBlock* CreateBlockWorker(BBlockArray* Blocks, duint Start, duint End, bool Call, bool Jmp, bool Ret, bool Pad);
};

2
src/dbg/_dbgfunctions.cpp
View File

@ -41,7 +41,7 @@ static bool _sectionfromaddr(duint addr, char* section)
ULONG_PTR FileMapVA;
if(StaticFileLoadW(curModPath, UE_ACCESS_READ, false, &FileHandle, &LoadedSize, &FileMap, &FileMapVA))
{
uint rva = addr - (uint)hMod;
duint rva = addr - (duint)hMod;
int sectionNumber = GetPE32SectionNumberFromVA(FileMapVA, GetPE32DataFromMappedFile(FileMapVA, 0, UE_IMAGEBASE) + rva);
if(sectionNumber >= 0)
{

76
src/dbg/_exports.cpp
View File

@ -89,8 +89,8 @@ extern "C" DLL_EXPORT bool _dbg_isdebugging()
extern "C" DLL_EXPORT bool _dbg_isjumpgoingtoexecute(duint addr)
{
static uint cacheFlags;
static uint cacheAddr;
static duint cacheFlags;
static duint cacheAddr;
static bool cacheResult;
if(cacheAddr != addr || cacheFlags != GetContextDataEx(hActiveThread, UE_EFLAGS))
{
@ -135,7 +135,7 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDR
memset(&basicinfo, 0, sizeof(BASIC_INSTRUCTION_INFO));
if(disasmfast(addr, &basicinfo) && basicinfo.branch && !basicinfo.call && basicinfo.memory.value) //thing is a JMP
{
uint val = 0;
duint val = 0;
if(MemRead(basicinfo.memory.value, &val, sizeof(val)))
{
if(SafeSymFromAddr(fdProcessInfo->hProcess, (DWORD64)val, &displacement, pSymbol) && !displacement)
@ -150,7 +150,7 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDR
}
if(!retval) //search for module entry
{
uint entry = ModEntryFromAddr(addr);
duint entry = ModEntryFromAddr(addr);
if(entry && entry == addr)
{
strcpy_s(addrinfo->label, "EntryPoint");
@ -338,7 +338,7 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoset(duint addr, ADDRINFO* addrinfo)
extern "C" DLL_EXPORT int _dbg_bpgettypeat(duint addr)
{
static uint cacheAddr;
static duint cacheAddr;
static int cacheBpCount;
static int cacheResult;
int bpcount = BpGetList(nullptr);
@ -618,7 +618,7 @@ extern "C" DLL_EXPORT int _dbg_getbplist(BPXTYPE type, BPMAP* bpmap)
return retcount;
}
extern "C" DLL_EXPORT uint _dbg_getbranchdestination(uint addr)
extern "C" DLL_EXPORT duint _dbg_getbranchdestination(duint addr)
{
DISASM_INSTR instr;
memset(&instr, 0, sizeof(instr));
@ -627,7 +627,7 @@ extern "C" DLL_EXPORT uint _dbg_getbranchdestination(uint addr)
return 0;
if(strstr(instr.instruction, "ret"))
{
uint atcsp = DbgValFromString("@csp");
duint atcsp = DbgValFromString("@csp");
if(DbgMemIsValidReadPtr(atcsp))
return atcsp;
else
@ -639,12 +639,12 @@ extern "C" DLL_EXPORT uint _dbg_getbranchdestination(uint addr)
return instr.arg[0].value;
}
extern "C" DLL_EXPORT bool _dbg_functionoverlaps(uint start, uint end)
extern "C" DLL_EXPORT bool _dbg_functionoverlaps(duint start, duint end)
{
return FunctionOverlaps(start, end);
}
extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* param2)
extern "C" DLL_EXPORT duint _dbg_sendmessage(DBGMSG type, void* param1, void* param2)
{
if(dbgisstopped())
{
@ -753,13 +753,13 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
case DBG_DISASM_AT:
{
disasmget((uint)param1, (DISASM_INSTR*)param2);
disasmget((duint)param1, (DISASM_INSTR*)param2);
}
break;
case DBG_STACK_COMMENT_GET:
{
return stackcommentget((uint)param1, (STACK_COMMENT*)param2);
return stackcommentget((duint)param1, (STACK_COMMENT*)param2);
}
break;
@ -778,7 +778,7 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
bUndecorateSymbolNames = settingboolget("Engine", "UndecorateSymbolNames");
bEnableSourceDebugging = settingboolget("Engine", "EnableSourceDebugging");
uint setting;
duint setting;
if(BridgeSettingGetUint("Engine", "BreakpointType", &setting))
{
switch(setting)
@ -829,7 +829,7 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
if(!param1 || !param2)
return 0;
BASIC_INSTRUCTION_INFO* basicinfo = (BASIC_INSTRUCTION_INFO*)param2;
if(!disasmfast((uint)param1, basicinfo))
if(!disasmfast((duint)param1, basicinfo))
basicinfo->size = 1;
return 0;
}
@ -837,7 +837,7 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
case DBG_MENU_ENTRY_CLICKED:
{
int hEntry = (int)(uint)param1;
int hEntry = (int)(duint)param1;
pluginmenucall(hEntry);
}
break;
@ -845,119 +845,119 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
case DBG_FUNCTION_GET:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionGet(info->addr, &info->start, &info->end);
return (duint)FunctionGet(info->addr, &info->start, &info->end);
}
break;
case DBG_FUNCTION_OVERLAPS:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionOverlaps(info->start, info->end);
return (duint)FunctionOverlaps(info->start, info->end);
}
break;
case DBG_FUNCTION_ADD:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionAdd(info->start, info->end, info->manual);
return (duint)FunctionAdd(info->start, info->end, info->manual);
}
break;
case DBG_FUNCTION_DEL:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionDelete(info->addr);
return (duint)FunctionDelete(info->addr);
}
break;
case DBG_LOOP_GET:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopGet(info->depth, info->addr, &info->start, &info->end);
return (duint)LoopGet(info->depth, info->addr, &info->start, &info->end);
}
break;
case DBG_LOOP_OVERLAPS:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopOverlaps(info->depth, info->start, info->end, 0);
return (duint)LoopOverlaps(info->depth, info->start, info->end, 0);
}
break;
case DBG_LOOP_ADD:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopAdd(info->start, info->end, info->manual);
return (duint)LoopAdd(info->start, info->end, info->manual);
}
break;
case DBG_LOOP_DEL:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopDelete(info->depth, info->addr);
return (duint)LoopDelete(info->depth, info->addr);
}
break;
case DBG_IS_RUN_LOCKED:
{
return (uint)waitislocked(WAITID_RUN);
return (duint)waitislocked(WAITID_RUN);
}
break;
case DBG_IS_BP_DISABLED:
{
BREAKPOINT bp;
if(BpGet((uint)param1, BPNORMAL, 0, &bp))
return !(uint)bp.enabled;
return (uint)false;
if(BpGet((duint)param1, BPNORMAL, 0, &bp))
return !(duint)bp.enabled;
return (duint)false;
}
break;
case DBG_SET_AUTO_COMMENT_AT:
{
return (uint)CommentSet((uint)param1, (const char*)param2, false);
return (duint)CommentSet((duint)param1, (const char*)param2, false);
}
break;
case DBG_DELETE_AUTO_COMMENT_RANGE:
{
CommentDelRange((uint)param1, (uint)param2);
CommentDelRange((duint)param1, (duint)param2);
}
break;
case DBG_SET_AUTO_LABEL_AT:
{
return (uint)LabelSet((uint)param1, (const char*)param2, false);
return (duint)LabelSet((duint)param1, (const char*)param2, false);
}
break;
case DBG_DELETE_AUTO_LABEL_RANGE:
{
LabelDelRange((uint)param1, (uint)param2);
LabelDelRange((duint)param1, (duint)param2);
}
break;
case DBG_SET_AUTO_BOOKMARK_AT:
{
return (uint)BookmarkSet((uint)param1, false);
return (duint)BookmarkSet((duint)param1, false);
}
break;
case DBG_DELETE_AUTO_BOOKMARK_RANGE:
{
BookmarkDelRange((uint)param1, (uint)param2);
BookmarkDelRange((duint)param1, (duint)param2);
}
break;
case DBG_SET_AUTO_FUNCTION_AT:
{
return (uint)FunctionAdd((uint)param1, (uint)param2, false);
return (duint)FunctionAdd((duint)param1, (duint)param2, false);
}
break;
case DBG_DELETE_AUTO_FUNCTION_RANGE:
{
FunctionDelRange((uint)param1, (uint)param2);
FunctionDelRange((duint)param1, (duint)param2);
}
break;
@ -965,7 +965,7 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
{
STRING_TYPE strtype;
char string[MAX_STRING_SIZE];
if(disasmgetstringat((uint)param1, &strtype, string, string, MAX_STRING_SIZE - 3))
if(disasmgetstringat((duint)param1, &strtype, string, string, MAX_STRING_SIZE - 3))
{
if(strtype == str_ascii)
sprintf((char*)param2, "\"%s\"", string);
@ -979,19 +979,19 @@ extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* par
case DBG_GET_FUNCTIONS:
{
return (uint)dbgfunctionsget();
return (duint)dbgfunctionsget();
}
break;
case DBG_WIN_EVENT:
{
return (uint)pluginwinevent((MSG*)param1, (long*)param2);
return (duint)pluginwinevent((MSG*)param1, (long*)param2);
}
break;
case DBG_WIN_EVENT_GLOBAL:
{
return (uint)pluginwineventglobal((MSG*)param1);
return (duint)pluginwineventglobal((MSG*)param1);
}
break;

6
src/dbg/_exports.h
View File

@ -22,9 +22,9 @@ DLL_EXPORT int _dbg_bpgettypeat(duint addr);
DLL_EXPORT bool _dbg_getregdump(REGDUMP* regdump);
DLL_EXPORT bool _dbg_valtostring(const char* string, duint value);
DLL_EXPORT int _dbg_getbplist(BPXTYPE type, BPMAP* list);
DLL_EXPORT uint _dbg_getbranchdestination(uint addr);
DLL_EXPORT bool _dbg_functionoverlaps(uint start, uint end);
DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* param2);
DLL_EXPORT duint _dbg_getbranchdestination(duint addr);
DLL_EXPORT bool _dbg_functionoverlaps(duint start, duint end);
DLL_EXPORT duint _dbg_sendmessage(DBGMSG type, void* param1, void* param2);
#ifdef __cplusplus
}

2
src/dbg/_global.cpp
View File

@ -247,7 +247,7 @@ bool GetFileNameFromHandle(HANDLE hFile, char* szFileName)
*/
bool settingboolget(const char* section, const char* name)
{
uint setting;
duint setting;
if(!BridgeSettingGetUint(section, name, &setting))
return false;
if(setting)

5
src/dbg/_global.h
View File

@ -18,6 +18,7 @@
#include <algorithm>
#include <unordered_map>
#include <tlhelp32.h>
#include "..\types.h"
#include "..\bridge\bridgemain.h"
#include "jansson\jansson.h"
#include "jansson\jansson_x64dbg.h"
@ -40,13 +41,9 @@
#ifdef _WIN64 //defined by default
#define fhex "%.16llX"
#define fext "ll"
typedef unsigned long long uint;
typedef long long sint;
#else
#define fhex "%.8X"
#define fext ""
typedef unsigned long uint;
typedef long sint;
#endif // _WIN64
enum arch

24
src/dbg/addrinfo.cpp
View File

@ -164,17 +164,17 @@ void dbclose()
}
///api functions
bool apienumexports(uint base, EXPORTENUMCALLBACK cbEnum)
bool apienumexports(duint base, EXPORTENUMCALLBACK cbEnum)
{
MEMORY_BASIC_INFORMATION mbi;
VirtualQueryEx(fdProcessInfo->hProcess, (const void*)base, &mbi, sizeof(mbi));
uint size = mbi.RegionSize;
duint size = mbi.RegionSize;
Memory<void*> buffer(size, "apienumexports:buffer");
if(!MemRead(base, buffer(), size))
return false;
IMAGE_NT_HEADERS* pnth = (IMAGE_NT_HEADERS*)((uint)buffer() + GetPE32DataFromMappedFile((ULONG_PTR)buffer(), 0, UE_PE_OFFSET));
uint export_dir_rva = pnth->OptionalHeader.DataDirectory[0].VirtualAddress;
uint export_dir_size = pnth->OptionalHeader.DataDirectory[0].Size;
IMAGE_NT_HEADERS* pnth = (IMAGE_NT_HEADERS*)((duint)buffer() + GetPE32DataFromMappedFile((ULONG_PTR)buffer(), 0, UE_PE_OFFSET));
duint export_dir_rva = pnth->OptionalHeader.DataDirectory[0].VirtualAddress;
duint export_dir_size = pnth->OptionalHeader.DataDirectory[0].Size;
IMAGE_EXPORT_DIRECTORY export_dir;
memset(&export_dir, 0, sizeof(export_dir));
MemRead((export_dir_rva + base), &export_dir, sizeof(export_dir));
@ -183,7 +183,7 @@ bool apienumexports(uint base, EXPORTENUMCALLBACK cbEnum)
return false;
char modname[MAX_MODULE_SIZE] = "";
ModNameFromAddr(base, modname, true);
uint original_name_va = export_dir.Name + base;
duint original_name_va = export_dir.Name + base;
char original_name[deflen] = "";
memset(original_name, 0, sizeof(original_name));
MemRead(original_name_va, original_name, deflen);
@ -193,15 +193,15 @@ bool apienumexports(uint base, EXPORTENUMCALLBACK cbEnum)
for(DWORD i = 0; i < NumberOfNames; i++)
{
DWORD curAddrOfName = 0;
MemRead((uint)(AddrOfNames_va + sizeof(DWORD)*i), &curAddrOfName, sizeof(DWORD));
MemRead((duint)(AddrOfNames_va + sizeof(DWORD)*i), &curAddrOfName, sizeof(DWORD));
char* cur_name_va = (char*)(curAddrOfName + base);
char cur_name[deflen] = "";
memset(cur_name, 0, deflen);
MemRead((uint)cur_name_va, cur_name, deflen);
MemRead((duint)cur_name_va, cur_name, deflen);
WORD curAddrOfNameOrdinals = 0;
MemRead((uint)(AddrOfNameOrdinals_va + sizeof(WORD)*i), &curAddrOfNameOrdinals, sizeof(WORD));
MemRead((duint)(AddrOfNameOrdinals_va + sizeof(WORD)*i), &curAddrOfNameOrdinals, sizeof(WORD));
DWORD curFunctionRva = 0;
MemRead((uint)(AddrOfFunctions_va + sizeof(DWORD)*curAddrOfNameOrdinals), &curFunctionRva, sizeof(DWORD));
MemRead((duint)(AddrOfFunctions_va + sizeof(DWORD)*curAddrOfNameOrdinals), &curFunctionRva, sizeof(DWORD));
if(curFunctionRva >= export_dir_rva && curFunctionRva < export_dir_rva + export_dir_size)
{
@ -218,10 +218,10 @@ bool apienumexports(uint base, EXPORTENUMCALLBACK cbEnum)
HINSTANCE hTempDll = LoadLibraryExA(forwarded_api, 0, DONT_RESOLVE_DLL_REFERENCES | LOAD_LIBRARY_AS_DATAFILE);
if(hTempDll)
{
uint local_addr = (uint)GetProcAddress(hTempDll, forwarded_api + j + 1);
duint local_addr = (duint)GetProcAddress(hTempDll, forwarded_api + j + 1);
if(local_addr)
{
uint remote_addr = ImporterGetRemoteAPIAddress(fdProcessInfo->hProcess, local_addr);
duint remote_addr = ImporterGetRemoteAPIAddress(fdProcessInfo->hProcess, local_addr);
cbEnum(base, modname, cur_name, remote_addr);
}
}

8
src/dbg/addrinfo.h
View File

@ -5,8 +5,8 @@
#include <functional>
//ranges
typedef std::pair<uint, uint> Range;
typedef std::pair<uint, Range> ModuleRange; //modhash + RVA range
typedef std::pair<duint, duint> Range;
typedef std::pair<duint, Range> ModuleRange; //modhash + RVA range
typedef std::pair<int, ModuleRange> DepthModuleRange; //depth + modulerange
struct RangeCompare
@ -54,12 +54,12 @@ struct DepthModuleRangeCompare
};
//typedefs
typedef std::function<void (uint base, const char* mod, const char* name, uint addr)> EXPORTENUMCALLBACK;
typedef std::function<void (duint base, const char* mod, const char* name, duint addr)> EXPORTENUMCALLBACK;
void dbsave();
void dbload();
void dbclose();
bool apienumexports(uint base, EXPORTENUMCALLBACK cbEnum);
bool apienumexports(duint base, EXPORTENUMCALLBACK cbEnum);
#endif // _ADDRINFO_H

6
src/dbg/analysis.cpp
View File

@ -1,7 +1,7 @@
#include "analysis.h"
#include "memory.h"
Analysis::Analysis(uint base, uint size)
Analysis::Analysis(duint base, duint size)
{
_base = base;
_size = size;
@ -14,12 +14,12 @@ Analysis::~Analysis()
delete[] _data;
}
bool Analysis::IsValidAddress(uint addr)
bool Analysis::IsValidAddress(duint addr)
{
return addr >= _base && addr < _base + _size;
}
const unsigned char* Analysis::TranslateAddress(uint addr)
const unsigned char* Analysis::TranslateAddress(duint addr)
{
return IsValidAddress(addr) ? _data + (addr - _base) : nullptr;
}

10
src/dbg/analysis.h
View File

@ -7,20 +7,20 @@
class Analysis
{
public:
explicit Analysis(uint base, uint size);
explicit Analysis(duint base, duint size);
Analysis(const Analysis & that) = delete;
virtual ~Analysis();
virtual void Analyse() = 0;
virtual void SetMarkers() = 0;
protected:
uint _base;
uint _size;
duint _base;
duint _size;
unsigned char* _data;
Capstone _cp;
bool IsValidAddress(uint addr);
const unsigned char* TranslateAddress(uint addr);
bool IsValidAddress(duint addr);
const unsigned char* TranslateAddress(duint addr);
};
#endif //_ANALYSIS_H

4
src/dbg/analysis_nukem.cpp
View File

@ -4,12 +4,12 @@
#include "FunctionPass.h"
#include "console.h"
void Analyse_nukem(uint base, uint size)
void Analyse_nukem(duint base, duint size)
{
dputs("Starting analysis (Nukem)...");
DWORD ticks = GetTickCount();
uint end = base + size;
duint end = base + size;
BBlockArray blocks;

2
src/dbg/analysis_nukem.h
View File

@ -2,4 +2,4 @@
#include "_global.h"
void Analyse_nukem(uint base, uint size);
void Analyse_nukem(duint base, duint size);

6
src/dbg/assemble.cpp
View File

@ -14,14 +14,14 @@ static bool cbUnknown(const char* text, ULONGLONG* value)
{
if(!text || !value)
return false;
uint val;
duint val;
if(!valfromstring(text, &val))
return false;
*value = val;
return true;
}
bool assemble(uint addr, unsigned char* dest, int* size, const char* instruction, char* error)
bool assemble(duint addr, unsigned char* dest, int* size, const char* instruction, char* error)
{
if(strlen(instruction) >= XEDPARSE_MAXBUFSIZE)
return false;
@ -50,7 +50,7 @@ bool assemble(uint addr, unsigned char* dest, int* size, const char* instruction
return true;
}
bool assembleat(uint addr, const char* instruction, int* size, char* error, bool fillnop)
bool assembleat(duint addr, const char* instruction, int* size, char* error, bool fillnop)
{
int destSize;
unsigned char dest[16];

4
src/dbg/assemble.h
View File

@ -3,7 +3,7 @@
#include "_global.h"
bool assemble(uint addr, unsigned char* dest, int* size, const char* instruction, char* error);
bool assembleat(uint addr, const char* instruction, int* size, char* error, bool fillnop);
bool assemble(duint addr, unsigned char* dest, int* size, const char* instruction, char* error);
bool assembleat(duint addr, const char* instruction, int* size, char* error, bool fillnop);
#endif // _ASSEMBLE_H

16
src/dbg/bookmark.cpp
View File

@ -3,9 +3,9 @@
#include "module.h"
#include "memory.h"
std::unordered_map<uint, BOOKMARKSINFO> bookmarks;
std::unordered_map<duint, BOOKMARKSINFO> bookmarks;
bool BookmarkSet(uint Address, bool Manual)
bool BookmarkSet(duint Address, bool Manual)
{
// CHECK: Export call
if(!DbgIsDebugging())
@ -32,7 +32,7 @@ bool BookmarkSet(uint Address, bool Manual)
return true;
}
bool BookmarkGet(uint Address)
bool BookmarkGet(duint Address)
{
// CHECK: Export call
if(!DbgIsDebugging())
@ -42,7 +42,7 @@ bool BookmarkGet(uint Address)
return (bookmarks.count(ModHashFromAddr(Address)) > 0);
}
bool BookmarkDelete(uint Address)
bool BookmarkDelete(duint Address)
{
// CHECK: Export call
if(!DbgIsDebugging())
@ -52,7 +52,7 @@ bool BookmarkDelete(uint Address)
return (bookmarks.erase(ModHashFromAddr(Address)) > 0);
}
void BookmarkDelRange(uint Start, uint End)
void BookmarkDelRange(duint Start, duint End)
{
// CHECK: Export call
if(!DbgIsDebugging())
@ -67,7 +67,7 @@ void BookmarkDelRange(uint Start, uint End)
else
{
// Make sure 'Start' and 'End' reference the same module
uint moduleBase = ModBaseFromAddr(Start);
duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return;
@ -150,10 +150,10 @@ void BookmarkCacheLoad(JSON Root)
strcpy_s(bookmarkInfo.mod, mod);
// Load address and set auto-generated flag
bookmarkInfo.addr = (uint)json_hex_value(json_object_get(value, "address"));
bookmarkInfo.addr = (duint)json_hex_value(json_object_get(value, "address"));
bookmarkInfo.manual = Manual;
const uint key = ModHashFromName(bookmarkInfo.mod) + bookmarkInfo.addr;
const duint key = ModHashFromName(bookmarkInfo.mod) + bookmarkInfo.addr;
bookmarks.insert(std::make_pair(key, bookmarkInfo));
}
};

10
src/dbg/bookmark.h
View File

@ -5,14 +5,14 @@
struct BOOKMARKSINFO
{
char mod[MAX_MODULE_SIZE];
uint addr;
duint addr;
bool manual;
};
bool BookmarkSet(uint Address, bool Manual);
bool BookmarkGet(uint Address);
bool BookmarkDelete(uint Address);
void BookmarkDelRange(uint Start, uint End);
bool BookmarkSet(duint Address, bool Manual);
bool BookmarkGet(duint Address);
bool BookmarkDelete(duint Address);
void BookmarkDelRange(duint Start, duint End);
void BookmarkCacheSave(JSON Root);
void BookmarkCacheLoad(JSON Root);
bool BookmarkEnum(BOOKMARKSINFO* List, size_t* Size);

20
src/dbg/breakpoint.cpp
View File

@ -9,10 +9,10 @@
#include "threading.h"
#include "module.h"
typedef std::pair<BP_TYPE, uint> BreakpointKey;
typedef std::pair<BP_TYPE, duint> BreakpointKey;
std::map<BreakpointKey, BREAKPOINT> breakpoints;
BREAKPOINT* BpInfoFromAddr(BP_TYPE Type, uint Address)
BREAKPOINT* BpInfoFromAddr(BP_TYPE Type, duint Address)
{
//
// NOTE: THIS DOES _NOT_ USE LOCKS
@ -52,7 +52,7 @@ int BpGetList(std::vector<BREAKPOINT>* List)
return (int)breakpoints.size();
}
bool BpNew(uint Address, bool Enable, bool Singleshot, short OldBytes, BP_TYPE Type, DWORD TitanType, const char* Name)
bool BpNew(duint Address, bool Enable, bool Singleshot, short OldBytes, BP_TYPE Type, DWORD TitanType, const char* Name)
{
// CHECK: Command function
if(!DbgIsDebugging())
@ -91,7 +91,7 @@ bool BpNew(uint Address, bool Enable, bool Singleshot, short OldBytes, BP_TYPE T
return true;
}
bool BpGet(uint Address, BP_TYPE Type, const char* Name, BREAKPOINT* Bp)
bool BpGet(duint Address, BP_TYPE Type, const char* Name, BREAKPOINT* Bp)
{
// CHECK: Export/Command function
if(!DbgIsDebugging())
@ -140,7 +140,7 @@ bool BpGet(uint Address, BP_TYPE Type, const char* Name, BREAKPOINT* Bp)
return false;
}
bool BpDelete(uint Address, BP_TYPE Type)
bool BpDelete(duint Address, BP_TYPE Type)
{
// CHECK: Command function
if(!DbgIsDebugging())
@ -152,7 +152,7 @@ bool BpDelete(uint Address, BP_TYPE Type)
return (breakpoints.erase(BreakpointKey(Type, ModHashFromAddr(Address))) > 0);
}
bool BpEnable(uint Address, BP_TYPE Type, bool Enable)
bool BpEnable(duint Address, BP_TYPE Type, bool Enable)
{
// CHECK: Command function
if(!DbgIsDebugging())
@ -170,7 +170,7 @@ bool BpEnable(uint Address, BP_TYPE Type, bool Enable)
return true;
}
bool BpSetName(uint Address, BP_TYPE Type, const char* Name)
bool BpSetName(duint Address, BP_TYPE Type, const char* Name)
{
// CHECK: Future(?); This is not used anywhere
if(!DbgIsDebugging())
@ -192,7 +192,7 @@ bool BpSetName(uint Address, BP_TYPE Type, const char* Name)
return true;
}
bool BpSetTitanType(uint Address, BP_TYPE Type, int TitanType)
bool BpSetTitanType(duint Address, BP_TYPE Type, int TitanType)
{
// CHECK: Command function
if(!DbgIsDebugging())
@ -377,7 +377,7 @@ void BpCacheLoad(JSON Root)
if(breakpoint.type == BPNORMAL)
breakpoint.oldbytes = (short)json_hex_value(json_object_get(value, "oldbytes"));
breakpoint.type = (BP_TYPE)json_integer_value(json_object_get(value, "type"));
breakpoint.addr = (uint)json_hex_value(json_object_get(value, "address"));
breakpoint.addr = (duint)json_hex_value(json_object_get(value, "address"));
breakpoint.enabled = json_boolean_value(json_object_get(value, "enabled"));
breakpoint.titantype = (DWORD)json_hex_value(json_object_get(value, "titantype"));
@ -394,7 +394,7 @@ void BpCacheLoad(JSON Root)
strcpy_s(breakpoint.mod, mod);
// Build the hash map key: MOD_HASH + ADDRESS
const uint key = ModHashFromName(breakpoint.mod) + breakpoint.addr;
const duint key = ModHashFromName(breakpoint.mod) + breakpoint.addr;
breakpoints.insert(std::make_pair(BreakpointKey(breakpoint.type, key), breakpoint));
}
}

16
src/dbg/breakpoint.h
View File

@ -18,7 +18,7 @@ enum BP_TYPE
struct BREAKPOINT
{
uint addr;
duint addr;
bool enabled;
bool singleshoot;
bool active;
@ -32,14 +32,14 @@ struct BREAKPOINT
// Breakpoint enumeration callback
typedef bool (*BPENUMCALLBACK)(const BREAKPOINT* bp);
BREAKPOINT* BpInfoFromAddr(BP_TYPE Type, uint Address);
BREAKPOINT* BpInfoFromAddr(BP_TYPE Type, duint Address);
int BpGetList(std::vector<BREAKPOINT>* List);
bool BpNew(uint Address, bool Enable, bool Singleshot, short OldBytes, BP_TYPE Type, DWORD TitanType, const char* Name);
bool BpGet(uint Address, BP_TYPE Type, const char* Name, BREAKPOINT* Bp);
bool BpDelete(uint Address, BP_TYPE Type);
bool BpEnable(uint Address, BP_TYPE Type, bool Enable);
bool BpSetName(uint Address, BP_TYPE Type, const char* Name);
bool BpSetTitanType(uint Address, BP_TYPE Type, int TitanType);
bool BpNew(duint Address, bool Enable, bool Singleshot, short OldBytes, BP_TYPE Type, DWORD TitanType, const char* Name);
bool BpGet(duint Address, BP_TYPE Type, const char* Name, BREAKPOINT* Bp);
bool BpDelete(duint Address, BP_TYPE Type);
bool BpEnable(duint Address, BP_TYPE Type, bool Enable);
bool BpSetName(duint Address, BP_TYPE Type, const char* Name);
bool BpSetTitanType(duint Address, BP_TYPE Type, int TitanType);
bool BpEnumAll(BPENUMCALLBACK EnumCallback, const char* Module);
bool BpEnumAll(BPENUMCALLBACK EnumCallback);
int BpGetCount(BP_TYPE Type, bool EnabledOnly = false);

8
src/dbg/capstone_wrapper.cpp
View File

@ -31,12 +31,12 @@ Capstone::~Capstone()
cs_free(mInstr, 1);
}
bool Capstone::Disassemble(uint addr, const unsigned char data[MAX_DISASM_BUFFER])
bool Capstone::Disassemble(duint addr, const unsigned char data[MAX_DISASM_BUFFER])
{
return Disassemble(addr, data, MAX_DISASM_BUFFER);
}
bool Capstone::Disassemble(uint addr, const unsigned char* data, int size)
bool Capstone::Disassemble(duint addr, const unsigned char* data, int size)
{
if(!data)
return false;
@ -150,9 +150,9 @@ int Capstone::Size() const
return GetInstr()->size;
}
uint Capstone::Address() const
duint Capstone::Address() const
{
return uint(GetInstr()->address);
return duint(GetInstr()->address);
}
const cs_x86 & Capstone::x86() const

6
src/dbg/capstone_wrapper.h
View File

@ -13,15 +13,15 @@ public:
static void GlobalFinalize();
Capstone();
~Capstone();
bool Disassemble(uint addr, const unsigned char data[MAX_DISASM_BUFFER]);
bool Disassemble(uint addr, const unsigned char* data, int size);
bool Disassemble(duint addr, const unsigned char data[MAX_DISASM_BUFFER]);
bool Disassemble(duint addr, const unsigned char* data, int size);
const cs_insn* GetInstr() const;
cs_err GetError() const;
const char* RegName(x86_reg reg) const;
bool InGroup(cs_group_type group) const;
String OperandText(int opindex) const;
int Size() const;
uint Address() const;
duint Address() const;
const cs_x86 & x86() const;
bool IsFilling() const;
bool IsLoop() const;

2
src/dbg/command.cpp
View File

@ -262,7 +262,7 @@ CMDRESULT cmdloop(COMMAND* command_list, CBCOMMAND cbUnknownCommand, CBCOMMANDPR
*/
static bool isvalidexpression(const char* expression)
{
uint value;
duint value;
return valfromstring(expression, &value);
}

18
src/dbg/comment.cpp
View File

@ -3,9 +3,9 @@
#include "module.h"
#include "memory.h"
std::unordered_map<uint, COMMENTSINFO> comments;
std::unordered_map<duint, COMMENTSINFO> comments;
bool CommentSet(uint Address, const char* Text, bool Manual)
bool CommentSet(duint Address, const char* Text, bool Manual)
{
// CHECK: Exported/Command function
if(!DbgIsDebugging())
@ -32,7 +32,7 @@ bool CommentSet(uint Address, const char* Text, bool Manual)
comment.addr = Address - ModBaseFromAddr(Address);
// Key generated from module hash
const uint key = ModHashFromAddr(Address);
const duint key = ModHashFromAddr(Address);
EXCLUSIVE_ACQUIRE(LockComments);
@ -43,7 +43,7 @@ bool CommentSet(uint Address, const char* Text, bool Manual)
return true;
}
bool CommentGet(uint Address, char* Text)
bool CommentGet(duint Address, char* Text)
{
// CHECK: Exported/Command function
if(!DbgIsDebugging())
@ -66,7 +66,7 @@ bool CommentGet(uint Address, char* Text)
return true;
}
bool CommentDelete(uint Address)
bool CommentDelete(duint Address)
{
// CHECK: Command/Sub function
if(!DbgIsDebugging())
@ -76,7 +76,7 @@ bool CommentDelete(uint Address)
return (comments.erase(ModHashFromAddr(Address)) > 0);
}
void CommentDelRange(uint Start, uint End)
void CommentDelRange(duint Start, duint End)
{
// CHECK: Export function
if(!DbgIsDebugging())
@ -91,7 +91,7 @@ void CommentDelRange(uint Start, uint End)
else
{
// Make sure 'Start' and 'End' reference the same module
uint moduleBase = ModBaseFromAddr(Start);
duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return;
@ -175,7 +175,7 @@ void CommentCacheLoad(JSON Root)
strcpy_s(commentInfo.mod, mod);
// Address/Manual
commentInfo.addr = (uint)json_hex_value(json_object_get(value, "address"));
commentInfo.addr = (duint)json_hex_value(json_object_get(value, "address"));
commentInfo.manual = Manual;
// String value
@ -189,7 +189,7 @@ void CommentCacheLoad(JSON Root)
continue;
}
const uint key = ModHashFromName(commentInfo.mod) + commentInfo.addr;
const duint key = ModHashFromName(commentInfo.mod) + commentInfo.addr;
comments.insert(std::make_pair(key, commentInfo));
}
};

10
src/dbg/comment.h
View File

@ -5,15 +5,15 @@
struct COMMENTSINFO
{
char mod[MAX_MODULE_SIZE];
uint addr;
duint addr;
char text[MAX_COMMENT_SIZE];
bool manual;
};
bool CommentSet(uint Address, const char* Text, bool Manual);
bool CommentGet(uint Address, char* Text);
bool CommentDelete(uint Address);
void CommentDelRange(uint Start, uint End);
bool CommentSet(duint Address, const char* Text, bool Manual);
bool CommentGet(duint Address, char* Text);
bool CommentDelete(duint Address);
void CommentDelRange(duint Start, duint End);
void CommentCacheSave(JSON Root);
void CommentCacheLoad(JSON Root);
bool CommentEnum(COMMENTSINFO* List, size_t* Size);

56
src/dbg/controlflowanalysis.cpp
View File

@ -5,7 +5,7 @@
#include "memory.h"
#include "function.h"
ControlFlowAnalysis::ControlFlowAnalysis(uint base, uint size, bool exceptionDirectory) : Analysis(base, size)
ControlFlowAnalysis::ControlFlowAnalysis(duint base, duint size, bool exceptionDirectory) : Analysis(base, size)
{
_functionInfoData = nullptr;
#ifdef _WIN64
@ -34,7 +34,7 @@ ControlFlowAnalysis::ControlFlowAnalysis(uint base, uint size, bool exceptionDir
{
// Find a pointer to IMAGE_DIRECTORY_ENTRY_EXCEPTION for later use
ULONG_PTR virtualOffset = GetPE32DataFromMappedFile(fileMapVa, IMAGE_DIRECTORY_ENTRY_EXCEPTION, UE_SECTIONVIRTUALOFFSET);
_functionInfoSize = (uint)GetPE32DataFromMappedFile(fileMapVa, IMAGE_DIRECTORY_ENTRY_EXCEPTION, UE_SECTIONVIRTUALSIZE);
_functionInfoSize = (duint)GetPE32DataFromMappedFile(fileMapVa, IMAGE_DIRECTORY_ENTRY_EXCEPTION, UE_SECTIONVIRTUALSIZE);
// Unload the file
StaticFileUnloadW(nullptr, false, fileHandle, fileSize, fileMapHandle, fileMapVa);
@ -94,7 +94,7 @@ void ControlFlowAnalysis::SetMarkers()
}
/*dprintf("digraph ControlFlow {\n");
int i = 0;
std::map<uint, int> nodeMap;
std::map<duint, int> nodeMap;
for(const auto & it : _blocks)
{
const auto & block = it.second;
@ -136,9 +136,9 @@ void ControlFlowAnalysis::BasicBlockStarts()
{
_blockStarts.insert(_base);
bool bSkipFilling = false;
for(uint i = 0; i < _size;)
for(duint i = 0; i < _size;)
{
uint addr = _base + i;
duint addr = _base + i;
if(_cp.Disassemble(addr, TranslateAddress(addr), MAX_DISASM_BUFFER))
{
if(bSkipFilling) //handle filling skip mode
@ -155,8 +155,8 @@ void ControlFlowAnalysis::BasicBlockStarts()
}
else if(_cp.InGroup(CS_GRP_JUMP) || _cp.IsLoop()) //branches
{
uint dest1 = GetReferenceOperand();
uint dest2 = 0;
duint dest1 = GetReferenceOperand();
duint dest2 = 0;
if(_cp.GetId() != X86_INS_JMP) //unconditional jump
dest2 = addr + _cp.Size();
@ -169,7 +169,7 @@ void ControlFlowAnalysis::BasicBlockStarts()
}
else if(_cp.InGroup(CS_GRP_CALL))
{
uint dest1 = GetReferenceOperand();
duint dest1 = GetReferenceOperand();
if(dest1)
{
_blockStarts.insert(dest1);
@ -178,7 +178,7 @@ void ControlFlowAnalysis::BasicBlockStarts()
}
else
{
uint dest1 = GetReferenceOperand();
duint dest1 = GetReferenceOperand();
if(dest1)
_blockStarts.insert(dest1);
}
@ -193,14 +193,14 @@ void ControlFlowAnalysis::BasicBlocks()
{
for(auto i = _blockStarts.begin(); i != _blockStarts.end(); ++i)
{
uint start = *i;
duint start = *i;
if(!IsValidAddress(start))
continue;
uint nextStart = _base + _size;
duint nextStart = _base + _size;
auto next = std::next(i);
if(next != _blockStarts.end())
nextStart = *next;
for(uint addr = start, prevaddr = 0; addr < _base + _size;)
for(duint addr = start, prevaddr = 0; addr < _base + _size;)
{
prevaddr = addr;
if(_cp.Disassemble(addr, TranslateAddress(addr), MAX_DISASM_BUFFER))
@ -212,8 +212,8 @@ void ControlFlowAnalysis::BasicBlocks()
}
else if(_cp.InGroup(CS_GRP_JUMP) || _cp.IsLoop())
{
uint dest1 = GetReferenceOperand();
uint dest2 = _cp.GetId() != X86_INS_JMP ? addr + _cp.Size() : 0;
duint dest1 = GetReferenceOperand();
duint dest2 = _cp.GetId() != X86_INS_JMP ? addr + _cp.Size() : 0;
insertBlock(BasicBlock(start, addr, dest1, dest2));
insertParent(dest1, start);
insertParent(dest2, start);
@ -237,8 +237,8 @@ void ControlFlowAnalysis::BasicBlocks()
int count = 0;
EnumerateFunctionRuntimeEntries64([&](PRUNTIME_FUNCTION Function)
{
const uint funcAddr = _moduleBase + Function->BeginAddress;
const uint funcEnd = _moduleBase + Function->EndAddress;
const duint funcAddr = _moduleBase + Function->BeginAddress;
const duint funcEnd = _moduleBase + Function->EndAddress;
// If within limits...
if(funcAddr >= _base && funcAddr < _base + _size)
@ -264,7 +264,7 @@ void ControlFlowAnalysis::Functions()
{
if(!parents || _functionStarts.count(block->start)) //no parents = function start
{
uint functionStart = block->start;
duint functionStart = block->start;
block->function = functionStart;
UintSet functionBlocks;
functionBlocks.insert(functionStart);
@ -272,7 +272,7 @@ void ControlFlowAnalysis::Functions()
}
else //in function
{
uint function = findFunctionStart(block, parents);
duint function = findFunctionStart(block, parents);
if(!function) //this happens with loops / unreferenced blocks sometimes
delayedBlocks.push_back(DelayedBlock(block, parents));
else
@ -289,7 +289,7 @@ void ControlFlowAnalysis::Functions()
{
BasicBlock* block = delayedBlock.first;
UintSet* parents = delayedBlock.second;
uint function = findFunctionStart(block, parents);
duint function = findFunctionStart(block, parents);
if(!function)
{
continue;
@ -330,8 +330,8 @@ void ControlFlowAnalysis::FunctionRanges()
//iterate over the functions and then find the deepest block = function end
for(const auto & function : _functions)
{
uint start = function.first;
uint end = start;
duint start = function.first;
duint end = start;
for(auto blockstart : function.second)
{
BasicBlock* block = this->findBlock(blockstart);
@ -351,7 +351,7 @@ void ControlFlowAnalysis::insertBlock(BasicBlock block)
_blocks[block.start] = block;
}
ControlFlowAnalysis::BasicBlock* ControlFlowAnalysis::findBlock(uint start)
ControlFlowAnalysis::BasicBlock* ControlFlowAnalysis::findBlock(duint start)
{
if(!start)
return nullptr;
@ -359,7 +359,7 @@ ControlFlowAnalysis::BasicBlock* ControlFlowAnalysis::findBlock(uint start)
return found != _blocks.end() ? &found->second : nullptr;
}
void ControlFlowAnalysis::insertParent(uint child, uint parent)
void ControlFlowAnalysis::insertParent(duint child, duint parent)
{
if(!child || !parent)
return;
@ -374,7 +374,7 @@ void ControlFlowAnalysis::insertParent(uint child, uint parent)
found->second.insert(parent);
}
ControlFlowAnalysis::UintSet* ControlFlowAnalysis::findParents(uint child)
ControlFlowAnalysis::UintSet* ControlFlowAnalysis::findParents(duint child)
{
if(!child)
return nullptr;
@ -382,7 +382,7 @@ ControlFlowAnalysis::UintSet* ControlFlowAnalysis::findParents(uint child)
return found != _parentMap.end() ? &found->second : nullptr;
}
uint ControlFlowAnalysis::findFunctionStart(BasicBlock* block, ControlFlowAnalysis::UintSet* parents)
duint ControlFlowAnalysis::findFunctionStart(BasicBlock* block, ControlFlowAnalysis::UintSet* parents)
{
if(!block)
return 0;
@ -410,14 +410,14 @@ String ControlFlowAnalysis::blockToString(BasicBlock* block)
return block->toString();
}
uint ControlFlowAnalysis::GetReferenceOperand()
duint ControlFlowAnalysis::GetReferenceOperand()
{
for(int i = 0; i < _cp.x86().op_count; i++)
{
const cs_x86_op & operand = _cp.x86().operands[i];
if(operand.type == X86_OP_IMM)
{
uint dest = (uint)operand.imm;
duint dest = (duint)operand.imm;
if(dest >= _base && dest < _base + _size)
return dest;
}
@ -433,7 +433,7 @@ void ControlFlowAnalysis::EnumerateFunctionRuntimeEntries64(std::function<bool(P
// Get the table pointer and size
auto functionTable = (PRUNTIME_FUNCTION)_functionInfoData;
uint totalCount = (_functionInfoSize / sizeof(RUNTIME_FUNCTION));
duint totalCount = (_functionInfoSize / sizeof(RUNTIME_FUNCTION));
// Enumerate each entry
for(ULONG i = 0; i < totalCount; i++)

36
src/dbg/controlflowanalysis.h
View File

@ -9,7 +9,7 @@
class ControlFlowAnalysis : public Analysis
{
public:
explicit ControlFlowAnalysis(uint base, uint size, bool exceptionDirectory);
explicit ControlFlowAnalysis(duint base, duint size, bool exceptionDirectory);
~ControlFlowAnalysis();
void Analyse() override;
void SetMarkers() override;
@ -17,11 +17,11 @@ public:
private:
struct BasicBlock
{
uint start;
uint end;
uint left;
uint right;
uint function;
duint start;
duint end;
duint left;
duint right;
duint function;
BasicBlock()
{
@ -32,7 +32,7 @@ private:
this->function = 0;
}
BasicBlock(uint start, uint end, uint left, uint right)
BasicBlock(duint start, duint end, duint left, duint right)
{
this->start = start;
this->end = end;
@ -47,17 +47,17 @@ private:
}
};
typedef std::set<uint> UintSet;
typedef std::set<duint> UintSet;
uint _moduleBase;
uint _functionInfoSize;
duint _moduleBase;
duint _functionInfoSize;
void* _functionInfoData;
UintSet _blockStarts;
UintSet _functionStarts;
std::map<uint, BasicBlock> _blocks; //start of block -> block
std::map<uint, UintSet> _parentMap; //start child -> parents
std::map<uint, UintSet> _functions; //function start -> function block starts
std::map<duint, BasicBlock> _blocks; //start of block -> block
std::map<duint, UintSet> _parentMap; //start child -> parents
std::map<duint, UintSet> _functions; //function start -> function block starts
std::vector<Range> _functionRanges; //function start -> function range TODO: smarter stuff with overlapping ranges
void BasicBlockStarts();
@ -65,12 +65,12 @@ private:
void Functions();
void FunctionRanges();
void insertBlock(BasicBlock block);
BasicBlock* findBlock(uint start);
void insertParent(uint child, uint parent);
UintSet* findParents(uint child);
uint findFunctionStart(BasicBlock* block, UintSet* parents);
BasicBlock* findBlock(duint start);
void insertParent(duint child, duint parent);
UintSet* findParents(duint child);
duint findFunctionStart(BasicBlock* block, UintSet* parents);
String blockToString(BasicBlock* block);
uint GetReferenceOperand();
duint GetReferenceOperand();
#ifdef _WIN64
void EnumerateFunctionRuntimeEntries64(std::function<bool(PRUNTIME_FUNCTION)> Callback);
#endif // _WIN64

124
src/dbg/debugger.cpp
View File

@ -23,9 +23,9 @@
static PROCESS_INFORMATION g_pi = {0, 0, 0, 0};
static char szBaseFileName[MAX_PATH] = "";
static bool bFileIsDll = false;
static uint pDebuggedBase = 0;
static uint pCreateProcessBase = 0;
static uint pDebuggedEntry = 0;
static duint pDebuggedBase = 0;
static duint pCreateProcessBase = 0;
static duint pDebuggedEntry = 0;
static bool isStepping = false;
static bool isPausedByUser = false;
static bool isDetachedByUser = false;
@ -42,7 +42,7 @@ static bool bStopMemMapThread = false;
static HANDLE hTimeWastedCounterThread = 0;
static bool bStopTimeWastedCounterThread = false;
static String lastDebugText;
static uint timeWastedDebugging = 0;
static duint timeWastedDebugging = 0;
char szFileName[MAX_PATH] = "";
char szSymbolCachePath[MAX_PATH] = "";
char sqlitedb[deflen] = "";
@ -125,12 +125,12 @@ SIZE_T dbggetprivateusage(HANDLE hProcess, bool update)
return memoryCounters.PrivateUsage;
}
uint dbgdebuggedbase()
duint dbgdebuggedbase()
{
return pDebuggedBase;
}
uint dbggettimewastedcounter()
duint dbggettimewastedcounter()
{
return timeWastedDebugging;
}
@ -214,9 +214,9 @@ DWORD WINAPI updateCallStackThread(void* ptr)
return 0;
}
void DebugUpdateGui(uint disasm_addr, bool stack)
void DebugUpdateGui(duint disasm_addr, bool stack)
{
uint cip = GetContextDataEx(hActiveThread, UE_CIP);
duint cip = GetContextDataEx(hActiveThread, UE_CIP);
if(MemIsValidReadPtr(disasm_addr))
{
if(bEnableSourceDebugging)
@ -228,10 +228,10 @@ void DebugUpdateGui(uint disasm_addr, bool stack)
}
GuiDisasmAt(disasm_addr, cip);
}
uint csp = GetContextDataEx(hActiveThread, UE_CSP);
duint csp = GetContextDataEx(hActiveThread, UE_CSP);
if(stack)
GuiStackDumpAt(csp, csp);
static uint cacheCsp = 0;
static duint cacheCsp = 0;
if(csp != cacheCsp)
{
cacheCsp = csp;
@ -302,12 +302,12 @@ void cbUserBreakpoint()
void cbHardwareBreakpoint(void* ExceptionAddress)
{
hActiveThread = ThreadGetHandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
uint cip = GetContextDataEx(hActiveThread, UE_CIP);
duint cip = GetContextDataEx(hActiveThread, UE_CIP);
BREAKPOINT bp;
BRIDGEBP pluginBp;
PLUG_CB_BREAKPOINT bpInfo;
bpInfo.breakpoint = 0;
if(!BpGet((uint)ExceptionAddress, BPHARDWARE, 0, &bp))
if(!BpGet((duint)ExceptionAddress, BPHARDWARE, 0, &bp))
dputs("Hardware breakpoint reached not in list!");
else
{
@ -377,9 +377,9 @@ void cbHardwareBreakpoint(void* ExceptionAddress)
void cbMemoryBreakpoint(void* ExceptionAddress)
{
hActiveThread = ThreadGetHandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
uint cip = GetContextDataEx(hActiveThread, UE_CIP);
uint size;
uint base = MemFindBaseAddr((uint)ExceptionAddress, &size, true);
duint cip = GetContextDataEx(hActiveThread, UE_CIP);
duint size;
duint base = MemFindBaseAddr((duint)ExceptionAddress, &size, true);
BREAKPOINT bp;
BRIDGEBP pluginBp;
PLUG_CB_BREAKPOINT bpInfo;
@ -527,7 +527,7 @@ bool cbSetModuleBreakpoints(const BREAKPOINT* bp)
case BPMEMORY:
{
uint size = 0;
duint size = 0;
MemFindBaseAddr(bp->addr, &size);
if(!SetMemoryBPXEx(bp->addr, size, bp->titantype, !bp->singleshoot, (void*)cbMemoryBreakpoint))
dprintf("Could not set memory breakpoint " fhex "! (SetMemoryBPXEx)\n", bp->addr);
@ -617,7 +617,7 @@ static void cbRtrFinalStep()
static unsigned char getCIPch()
{
unsigned char ch = 0x90;
uint cip = GetContextDataEx(hActiveThread, UE_CIP);
duint cip = GetContextDataEx(hActiveThread, UE_CIP);
MemRead(cip, &ch, 1);
return ch;
}
@ -684,13 +684,13 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
memset(&modInfo, 0, sizeof(modInfo));
modInfo.SizeOfStruct = sizeof(modInfo);
if(SafeSymGetModuleInfo64(fdProcessInfo->hProcess, (DWORD64)base, &modInfo))
ModLoad((uint)base, modInfo.ImageSize, modInfo.ImageName);
ModLoad((duint)base, modInfo.ImageSize, modInfo.ImageName);
char modname[256] = "";
if(ModNameFromAddr((uint)base, modname, true))
if(ModNameFromAddr((duint)base, modname, true))
BpEnumAll(cbSetModuleBreakpoints, modname);
GuiUpdateBreakpointsView();
pCreateProcessBase = (uint)CreateProcessInfo->lpBaseOfImage;
pCreateProcessBase = (duint)CreateProcessInfo->lpBaseOfImage;
if(!bFileIsDll && !bIsAttached) //Set entry breakpoint
{
pDebuggedBase = pCreateProcessBase; //debugged base = executable
@ -703,16 +703,16 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
if(NumberOfCallBacks)
{
dprintf("TLS Callbacks: %d\n", NumberOfCallBacks);
Memory<uint*> TLSCallBacks(NumberOfCallBacks * sizeof(uint), "cbCreateProcess:TLSCallBacks");
Memory<duint*> TLSCallBacks(NumberOfCallBacks * sizeof(duint), "cbCreateProcess:TLSCallBacks");
if(!TLSGrabCallBackDataW(StringUtils::Utf8ToUtf16(DebugFileName).c_str(), TLSCallBacks(), &NumberOfCallBacks))
dputs("Failed to get TLS callback addresses!");
else
{
uint ImageBase = GetPE32DataW(StringUtils::Utf8ToUtf16(DebugFileName).c_str(), 0, UE_IMAGEBASE);
duint ImageBase = GetPE32DataW(StringUtils::Utf8ToUtf16(DebugFileName).c_str(), 0, UE_IMAGEBASE);
int invalidCount = 0;
for(unsigned int i = 0; i < NumberOfCallBacks; i++)
{
uint callbackVA = TLSCallBacks()[i] - ImageBase + pDebuggedBase;
duint callbackVA = TLSCallBacks()[i] - ImageBase + pDebuggedBase;
if(MemIsValidReadPtr(callbackVA))
{
sprintf(command, "bp " fhex ",\"TLS Callback %d\",ss", callbackVA, i + 1);
@ -729,7 +729,7 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo)
if(settingboolget("Events", "EntryBreakpoint"))
{
sprintf(command, "bp " fhex ",\"entry breakpoint\",ss", (uint)CreateProcessInfo->lpStartAddress);
sprintf(command, "bp " fhex ",\"entry breakpoint\",ss", (duint)CreateProcessInfo->lpStartAddress);
cmddirectexec(dbggetcommandlist(), command);
}
}
@ -770,7 +770,7 @@ static void cbCreateThread(CREATE_THREAD_DEBUG_INFO* CreateThread)
if(settingboolget("Events", "ThreadEntry"))
{
char command[256] = "";
sprintf(command, "bp " fhex ",\"Thread %X\",ss", (uint)CreateThread->lpStartAddress, dwThreadId);
sprintf(command, "bp " fhex ",\"Thread %X\",ss", (duint)CreateThread->lpStartAddress, dwThreadId);
cmddirectexec(dbggetcommandlist(), command);
}
@ -829,7 +829,7 @@ static void cbSystemBreakpoint(void* ExceptionData)
{
hActiveThread = ThreadGetHandle(((DEBUG_EVENT*)GetDebugData())->dwThreadId);
uint cip = GetContextDataEx(hActiveThread, UE_CIP);
duint cip = GetContextDataEx(hActiveThread, UE_CIP);
GuiDumpAt(MemFindBaseAddr(cip, 0, true)); //dump somewhere
//log message
@ -873,7 +873,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
memset(&modInfo, 0, sizeof(modInfo));
modInfo.SizeOfStruct = sizeof(IMAGEHLP_MODULE64);
if(SafeSymGetModuleInfo64(fdProcessInfo->hProcess, (DWORD64)base, &modInfo))
ModLoad((uint)base, modInfo.ImageSize, modInfo.ImageName);
ModLoad((duint)base, modInfo.ImageSize, modInfo.ImageName);
//update memory map
dbggetprivateusage(fdProcessInfo->hProcess, true);
@ -881,7 +881,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
GuiUpdateMemoryView();
char modname[256] = "";
if(ModNameFromAddr((uint)base, modname, true))
if(ModNameFromAddr((duint)base, modname, true))
BpEnumAll(cbSetModuleBreakpoints, modname);
GuiUpdateBreakpointsView();
bool bAlreadySetEntry = false;
@ -891,7 +891,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
if(bFileIsDll && !_stricmp(DLLDebugFileName, szFileName) && !bIsAttached) //Set entry breakpoint
{
bIsDebuggingThis = true;
pDebuggedBase = (uint)base;
pDebuggedBase = (duint)base;
if(settingboolget("Events", "EntryBreakpoint"))
{
bAlreadySetEntry = true;
@ -908,16 +908,16 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
if(NumberOfCallBacks)
{
dprintf("TLS Callbacks: %d\n", NumberOfCallBacks);
Memory<uint*> TLSCallBacks(NumberOfCallBacks * sizeof(uint), "cbLoadDll:TLSCallBacks");
Memory<duint*> TLSCallBacks(NumberOfCallBacks * sizeof(duint), "cbLoadDll:TLSCallBacks");
if(!TLSGrabCallBackDataW(StringUtils::Utf8ToUtf16(DLLDebugFileName).c_str(), TLSCallBacks(), &NumberOfCallBacks))
dputs("Failed to get TLS callback addresses!");
else
{
uint ImageBase = GetPE32DataW(StringUtils::Utf8ToUtf16(DLLDebugFileName).c_str(), 0, UE_IMAGEBASE);
duint ImageBase = GetPE32DataW(StringUtils::Utf8ToUtf16(DLLDebugFileName).c_str(), 0, UE_IMAGEBASE);
int invalidCount = 0;
for(unsigned int i = 0; i < NumberOfCallBacks; i++)
{
uint callbackVA = TLSCallBacks()[i] - ImageBase + (uint)base;
duint callbackVA = TLSCallBacks()[i] - ImageBase + (duint)base;
if(MemIsValidReadPtr(callbackVA))
{
if(bIsDebuggingThis)
@ -937,11 +937,11 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
if((bBreakOnNextDll || settingboolget("Events", "DllEntry")) && !bAlreadySetEntry)
{
uint oep = GetPE32Data(DLLDebugFileName, 0, UE_OEP);
duint oep = GetPE32Data(DLLDebugFileName, 0, UE_OEP);
if(oep)
{
char command[256] = "";
sprintf(command, "bp " fhex ",\"DllMain (%s)\",ss", oep + (uint)base, modname);
sprintf(command, "bp " fhex ",\"DllMain (%s)\",ss", oep + (duint)base, modname);
cmddirectexec(dbggetcommandlist(), command);
}
}
@ -980,7 +980,7 @@ static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
void* base = UnloadDll->lpBaseOfDll;
char modname[256] = "???";
if(ModNameFromAddr((uint)base, modname, true))
if(ModNameFromAddr((duint)base, modname, true))
BpEnumAll(cbRemoveModuleBreakpoints, modname);
GuiUpdateBreakpointsView();
SafeSymUnloadModule64(fdProcessInfo->hProcess, (DWORD64)base);
@ -1001,7 +1001,7 @@ static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
wait(WAITID_RUN);
}
ModUnload((uint)base);
ModUnload((duint)base);
//update memory map
dbggetprivateusage(fdProcessInfo->hProcess, true);
@ -1020,7 +1020,7 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
if(!DebugString->fUnicode) //ASCII
{
Memory<char*> DebugText(DebugString->nDebugStringLength + 1, "cbOutputDebugString:DebugText");
if(MemRead((uint)DebugString->lpDebugStringData, DebugText(), DebugString->nDebugStringLength))
if(MemRead((duint)DebugString->lpDebugStringData, DebugText(), DebugString->nDebugStringLength))
{
String str = String(DebugText());
if(str != lastDebugText) //fix for every string being printed twice
@ -1057,7 +1057,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
unsigned int ExceptionCode = ExceptionData->ExceptionRecord.ExceptionCode;
GuiSetLastException(ExceptionCode);
uint addr = (uint)ExceptionData->ExceptionRecord.ExceptionAddress;
duint addr = (duint)ExceptionData->ExceptionRecord.ExceptionAddress;
if(ExceptionData->ExceptionRecord.ExceptionCode == EXCEPTION_BREAKPOINT)
{
if(isDetachedByUser)
@ -1091,7 +1091,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
wait(WAITID_RUN);
return;
}
SetContextDataEx(hActiveThread, UE_CIP, (uint)ExceptionData->ExceptionRecord.ExceptionAddress);
SetContextDataEx(hActiveThread, UE_CIP, (duint)ExceptionData->ExceptionRecord.ExceptionAddress);
}
else if(ExceptionData->ExceptionRecord.ExceptionCode == MS_VC_EXCEPTION) //SetThreadName exception
{
@ -1102,7 +1102,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
if(nameInfo.dwType == 0x1000 && nameInfo.dwFlags == 0 && ThreadIsValid(nameInfo.dwThreadID)) //passed basic checks
{
Memory<char*> ThreadName(MAX_THREAD_NAME_SIZE, "cbException:ThreadName");
if(MemRead((uint)nameInfo.szName, ThreadName(), MAX_THREAD_NAME_SIZE - 1))
if(MemRead((duint)nameInfo.szName, ThreadName(), MAX_THREAD_NAME_SIZE - 1))
{
String ThreadNameEscaped = StringUtils::Escape(ThreadName());
dprintf("SetThreadName(%X, \"%s\")\n", nameInfo.dwThreadID, ThreadNameEscaped.c_str());
@ -1191,7 +1191,7 @@ DWORD WINAPI threadDebugLoop(void* lpParameter)
return 0;
}
GuiAddRecentFile(szFileName);
varset("$hp", (uint)fdProcessInfo->hProcess, true);
varset("$hp", (duint)fdProcessInfo->hProcess, true);
varset("$pid", fdProcessInfo->dwProcessId, true);
ecount = 0;
cachePrivateUsage = 0;
@ -1239,8 +1239,8 @@ DWORD WINAPI threadDebugLoop(void* lpParameter)
ThreadClear();
GuiSetDebugState(stopped);
dputs("Debugging stopped!");
varset("$hp", (uint)0, true);
varset("$pid", (uint)0, true);
varset("$hp", (duint)0, true);
varset("$pid", (duint)0, true);
unlock(WAITID_STOP); //we are done
pDebuggedEntry = 0;
pDebuggedBase = 0;
@ -1344,7 +1344,7 @@ bool cbEnableAllMemoryBreakpoints(const BREAKPOINT* bp)
{
if(bp->type != BPMEMORY || bp->enabled)
return true;
uint size = 0;
duint size = 0;
MemFindBaseAddr(bp->addr, &size);
if(!BpEnable(bp->addr, BPMEMORY, true))
{
@ -1402,7 +1402,7 @@ bool cbDeleteAllMemoryBreakpoints(const BREAKPOINT* bp)
{
if(!bp->enabled)
return true;
uint size;
duint size;
MemFindBaseAddr(bp->addr, &size);
if(!BpDelete(bp->addr, BPMEMORY))
{
@ -1442,7 +1442,7 @@ static void cbAttachDebugger()
hEvent = 0;
}
hProcess = fdProcessInfo->hProcess;
varset("$hp", (uint)fdProcessInfo->hProcess, true);
varset("$hp", (duint)fdProcessInfo->hProcess, true);
varset("$pid", fdProcessInfo->dwProcessId, true);
}
@ -1506,8 +1506,8 @@ DWORD WINAPI threadAttachLoop(void* lpParameter)
ThreadClear();
GuiSetDebugState(stopped);
dputs("debugging stopped!");
varset("$hp", (uint)0, true);
varset("$pid", (uint)0, true);
varset("$hp", (duint)0, true);
varset("$pid", (duint)0, true);
unlock(WAITID_STOP);
return 0;
}
@ -1750,11 +1750,11 @@ bool dbglistprocesses(std::vector<PROCESSENTRY32>* list)
return true;
}
static bool getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
static bool getcommandlineaddr(duint* addr, cmdline_error_t* cmd_line_error)
{
uint pprocess_parameters;
duint pprocess_parameters;
cmd_line_error->addr = (uint)GetPEBLocation(fdProcessInfo->hProcess);
cmd_line_error->addr = (duint)GetPEBLocation(fdProcessInfo->hProcess);
if(cmd_line_error->addr == 0)
{
@ -1763,20 +1763,20 @@ static bool getcommandlineaddr(uint* addr, cmdline_error_t* cmd_line_error)
}
//cast-trick to calculate the address of the remote peb field ProcessParameters
cmd_line_error->addr = (uint) & (((PPEB) cmd_line_error->addr)->ProcessParameters);
cmd_line_error->addr = (duint) & (((PPEB) cmd_line_error->addr)->ProcessParameters);
if(!MemRead(cmd_line_error->addr, &pprocess_parameters, sizeof(pprocess_parameters)))
{
cmd_line_error->type = CMDL_ERR_READ_PEBBASE;
return false;
}
*addr = (uint) & (((RTL_USER_PROCESS_PARAMETERS*) pprocess_parameters)->CommandLine);
*addr = (duint) & (((RTL_USER_PROCESS_PARAMETERS*) pprocess_parameters)->CommandLine);
return true;
}
static bool patchcmdline(uint getcommandline, uint new_command_line, cmdline_error_t* cmd_line_error)
static bool patchcmdline(duint getcommandline, duint new_command_line, cmdline_error_t* cmd_line_error)
{
uint command_line_stored = 0;
duint command_line_stored = 0;
unsigned char data[100];
cmd_line_error->addr = getcommandline;
@ -1810,7 +1810,7 @@ static bool patchcmdline(uint getcommandline, uint new_command_line, cmdline_err
cmd_line_error->type = CMDL_ERR_CHECK_GETCOMMANDLINESTORED;
return false;
}
command_line_stored = * ((uint*) & data[1]);
command_line_stored = * ((duint*) & data[1]);
#endif
//update the pointer in the debuggee
@ -1824,9 +1824,9 @@ static bool patchcmdline(uint getcommandline, uint new_command_line, cmdline_err
return true;
}
static bool fixgetcommandlinesbase(uint new_command_line_unicode, uint new_command_line_ascii, cmdline_error_t* cmd_line_error)
static bool fixgetcommandlinesbase(duint new_command_line_unicode, duint new_command_line_ascii, cmdline_error_t* cmd_line_error)
{
uint getcommandline;
duint getcommandline;
if(!valfromstring("kernelbase:GetCommandLineA", &getcommandline))
{
@ -1857,7 +1857,7 @@ bool dbgsetcmdline(const char* cmd_line, cmdline_error_t* cmd_line_error)
{
cmdline_error_t cmd_line_error_aux;
UNICODE_STRING new_command_line;
uint command_line_addr;
duint command_line_addr;
if(cmd_line_error == NULL)
cmd_line_error = &cmd_line_error_aux;
@ -1882,7 +1882,7 @@ bool dbgsetcmdline(const char* cmd_line, cmdline_error_t* cmd_line_error)
new_command_line.Buffer = command_linewstr();
uint mem = (uint)MemAllocRemote(0, new_command_line.Length * 2);
duint mem = (duint)MemAllocRemote(0, new_command_line.Length * 2);
if(!mem)
{
cmd_line_error->type = CMDL_ERR_ALLOC_UNICODEANSI_COMMANDLINE;
@ -1936,7 +1936,7 @@ bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error)
Memory<wchar_t*> wstr_cmd(CommandLine.Length + sizeof(wchar_t));
cmd_line_error->addr = (uint) CommandLine.Buffer;
cmd_line_error->addr = (duint) CommandLine.Buffer;
if(!MemRead(cmd_line_error->addr, wstr_cmd(), CommandLine.Length))
{
cmd_line_error->type = CMDL_ERR_READ_PROCPARM_CMDLINE;
@ -1970,7 +1970,7 @@ void dbgstartscriptthread(CBPLUGINSCRIPT cbScript)
CloseHandle(CreateThread(0, 0, scriptThread, cbScript, 0, 0));
}
uint dbggetdebuggedbase()
duint dbggetdebuggedbase()
{
return pDebuggedBase;
}

10
src/dbg/debugger.h
View File

@ -53,7 +53,7 @@ typedef enum
typedef struct
{
cmdline_error_type_t type;
uint addr;
duint addr;
} cmdline_error_t;
struct ExceptionRange
@ -76,12 +76,12 @@ typedef struct _THREADNAME_INFO
SIZE_T dbggetprivateusage(HANDLE hProcess, bool update = false);
void dbginit();
void dbgstop();
uint dbgdebuggedbase();
uint dbggettimewastedcounter();
duint dbgdebuggedbase();
duint dbggettimewastedcounter();
bool dbgisrunning();
bool dbgisdll();
void dbgsetattachevent(HANDLE handle);
void DebugUpdateGui(uint disasm_addr, bool stack);
void DebugUpdateGui(duint disasm_addr, bool stack);
void dbgsetskipexceptions(bool skip);
void dbgsetstepping(bool stepping);
void dbgsetispausedbyuser(bool b);
@ -101,7 +101,7 @@ bool IsProcessElevated();
bool dbgsetcmdline(const char* cmd_line, cmdline_error_t* cmd_line_error);
bool dbggetcmdline(char** cmd_line, cmdline_error_t* cmd_line_error);
void dbgstartscriptthread(CBPLUGINSCRIPT cbScript);
uint dbggetdebuggedbase();
duint dbggetdebuggedbase();
void cbStep();
void cbRtrStep();

120
src/dbg/debugger_commands.cpp
View File

@ -23,9 +23,9 @@
#include "function.h"
static bool bScyllaLoaded = false;
uint LoadLibThreadID;
uint DLLNameMem;
uint ASMAddr;
duint LoadLibThreadID;
duint DLLNameMem;
duint ASMAddr;
TITAN_ENGINE_CONTEXT_t backupctx = { 0 };
CMDRESULT cbDebugInit(int argc, char* argv[])
@ -151,7 +151,7 @@ CMDRESULT cbDebugSetBPXOptions(int argc, char* argv[])
}
DWORD type = 0;
const char* strType = 0;
uint setting_type;
duint setting_type;
if(strstr(argv[1], "long"))
{
setting_type = 1; //break_int3long
@ -203,7 +203,7 @@ CMDRESULT cbDebugSetBPX(int argc, char* argv[]) //bp addr [,name [,type]]
*argname = 0;
}
_strlwr(argtype);
uint addr = 0;
duint addr = 0;
if(!valfromstring(argaddr, &addr))
{
dprintf("Invalid addr: \"%s\"\n", argaddr);
@ -292,7 +292,7 @@ CMDRESULT cbDebugDeleteBPX(int argc, char* argv[])
}
return STATUS_CONTINUE;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPNORMAL, 0, &found)) //invalid breakpoint
{
dprintf("No such breakpoint \"%s\"\n", argv[1]);
@ -345,7 +345,7 @@ CMDRESULT cbDebugEnableBPX(int argc, char* argv[])
GuiUpdateAllViews();
return STATUS_CONTINUE;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPNORMAL, 0, &found)) //invalid breakpoint
{
dprintf("No such breakpoint \"%s\"\n", argv[1]);
@ -403,7 +403,7 @@ CMDRESULT cbDebugDisableBPX(int argc, char* argv[])
GuiUpdateAllViews();
return STATUS_CONTINUE;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPNORMAL, 0, &found)) //invalid breakpoint
{
dprintf("No such breakpoint \"%s\"\n", argv[1]);
@ -467,7 +467,7 @@ CMDRESULT cbDebugeStepOver(int argc, char* argv[])
CMDRESULT cbDebugSingleStep(int argc, char* argv[])
{
uint stepcount = 1;
duint stepcount = 1;
if(argc > 1)
if(!valfromstring(argv[1], &stepcount))
stepcount = 1;
@ -493,7 +493,7 @@ CMDRESULT cbDebugHide(int argc, char* argv[])
CMDRESULT cbDebugDisasm(int argc, char* argv[])
{
uint addr = 0;
duint addr = 0;
if(argc > 1)
{
if(!valfromstring(argv[1], &addr))
@ -512,7 +512,7 @@ CMDRESULT cbDebugSetMemoryBpx(int argc, char* argv[])
dputs("Not enough arguments!");
return STATUS_ERROR;
}
uint addr;
duint addr;
if(!valfromstring(argv[1], &addr))
return STATUS_ERROR;
bool restore = false;
@ -547,8 +547,8 @@ CMDRESULT cbDebugSetMemoryBpx(int argc, char* argv[])
break;
}
}
uint size = 0;
uint base = MemFindBaseAddr(addr, &size, true);
duint size = 0;
duint base = MemFindBaseAddr(addr, &size, true);
bool singleshoot = false;
if(!restore)
singleshoot = true;
@ -590,7 +590,7 @@ CMDRESULT cbDebugDeleteMemoryBreakpoint(int argc, char* argv[])
BREAKPOINT found;
if(BpGet(0, BPMEMORY, argv[1], &found)) //found a breakpoint with name
{
uint size;
duint size;
MemFindBaseAddr(found.addr, &size);
if(!BpDelete(found.addr, BPMEMORY))
{
@ -604,13 +604,13 @@ CMDRESULT cbDebugDeleteMemoryBreakpoint(int argc, char* argv[])
}
return STATUS_CONTINUE;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPMEMORY, 0, &found)) //invalid breakpoint
{
dprintf("No such memory breakpoint \"%s\"\n", argv[1]);
return STATUS_ERROR;
}
uint size;
duint size;
MemFindBaseAddr(found.addr, &size);
if(!BpDelete(found.addr, BPMEMORY))
{
@ -647,7 +647,7 @@ CMDRESULT cbDebugSetHardwareBreakpoint(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr;
duint addr;
if(!valfromstring(argv[1], &addr))
return STATUS_ERROR;
DWORD type = UE_HARDWARE_EXECUTE;
@ -671,7 +671,7 @@ CMDRESULT cbDebugSetHardwareBreakpoint(int argc, char* argv[])
DWORD titsize = UE_HARDWARE_SIZE_1;
if(argc > 3)
{
uint size;
duint size;
if(!valfromstring(argv[3], &size))
return STATUS_ERROR;
switch(size)
@ -762,7 +762,7 @@ CMDRESULT cbDebugDeleteHardwareBreakpoint(int argc, char* argv[])
}
return STATUS_CONTINUE;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPHARDWARE, 0, &found)) //invalid breakpoint
{
dprintf("No such hardware breakpoint \"%s\"\n", argv[1]);
@ -785,11 +785,11 @@ CMDRESULT cbDebugDeleteHardwareBreakpoint(int argc, char* argv[])
CMDRESULT cbDebugAlloc(int argc, char* argv[])
{
uint size = 0x1000;
duint size = 0x1000;
if(argc > 1)
if(!valfromstring(argv[1], &size, false))
return STATUS_ERROR;
uint mem = (uint)MemAllocRemote(0, size);
duint mem = (duint)MemAllocRemote(0, size);
if(!mem)
dputs("VirtualAllocEx failed");
else
@ -807,9 +807,9 @@ CMDRESULT cbDebugAlloc(int argc, char* argv[])
CMDRESULT cbDebugFree(int argc, char* argv[])
{
uint lastalloc;
duint lastalloc;
varget("$lastalloc", &lastalloc, 0, 0);
uint addr = lastalloc;
duint addr = lastalloc;
if(argc > 1)
{
if(!valfromstring(argv[1], &addr, false))
@ -821,7 +821,7 @@ CMDRESULT cbDebugFree(int argc, char* argv[])
return STATUS_ERROR;
}
if(addr == lastalloc)
varset("$lastalloc", (uint)0, true);
varset("$lastalloc", (duint)0, true);
bool ok = !!VirtualFreeEx(fdProcessInfo->hProcess, (void*)addr, 0, MEM_RELEASE);
if(!ok)
dputs("VirtualFreeEx failed");
@ -836,9 +836,9 @@ CMDRESULT cbDebugFree(int argc, char* argv[])
CMDRESULT cbDebugMemset(int argc, char* argv[])
{
uint addr;
uint value;
uint size;
duint addr;
duint value;
duint size;
if(argc < 3)
{
dputs("Not enough arguments");
@ -853,13 +853,13 @@ CMDRESULT cbDebugMemset(int argc, char* argv[])
}
else
{
uint base = MemFindBaseAddr(addr, &size, true);
duint base = MemFindBaseAddr(addr, &size, true);
if(!base)
{
dputs("Invalid address specified");
return STATUS_ERROR;
}
uint diff = addr - base;
duint diff = addr - base;
addr = base + diff;
size -= diff;
}
@ -873,9 +873,9 @@ CMDRESULT cbDebugMemset(int argc, char* argv[])
CMDRESULT cbDebugBenchmark(int argc, char* argv[])
{
uint addr = MemFindBaseAddr(GetContextDataEx(hActiveThread, UE_CIP), 0);
duint addr = MemFindBaseAddr(GetContextDataEx(hActiveThread, UE_CIP), 0);
DWORD ticks = GetTickCount();
for(uint i = addr; i < addr + 100000; i++)
for(duint i = addr; i < addr + 100000; i++)
{
CommentSet(i, "test", false);
LabelSet(i, "test", false);
@ -893,7 +893,7 @@ CMDRESULT cbDebugPause(int argc, char* argv[])
dputs("Program is not running");
return STATUS_ERROR;
}
uint debugBreakAddr;
duint debugBreakAddr;
if(!valfromstring("DebugBreak", &debugBreakAddr))
{
dputs("Could not find DebugBreak!");
@ -961,12 +961,12 @@ CMDRESULT cbDebugAttach(int argc, char* argv[])
dputs("Not enough arguments!");
return STATUS_ERROR;
}
uint pid = 0;
duint pid = 0;
if(!valfromstring(argv[1], &pid, false))
return STATUS_ERROR;
if(argc > 2)
{
uint eventHandle = 0;
duint eventHandle = 0;
if(!valfromstring(argv[2], &eventHandle, false))
return STATUS_ERROR;
dbgsetattachevent((HANDLE)eventHandle);
@ -1112,7 +1112,7 @@ CMDRESULT cbDebugBcDll(int argc, char* argv[])
CMDRESULT cbDebugSwitchthread(int argc, char* argv[])
{
uint threadid = fdProcessInfo->dwThreadId; //main thread
duint threadid = fdProcessInfo->dwThreadId; //main thread
if(argc > 1)
if(!valfromstring(argv[1], &threadid, false))
return STATUS_ERROR;
@ -1130,7 +1130,7 @@ CMDRESULT cbDebugSwitchthread(int argc, char* argv[])
CMDRESULT cbDebugSuspendthread(int argc, char* argv[])
{
uint threadid = fdProcessInfo->dwThreadId;
duint threadid = fdProcessInfo->dwThreadId;
if(argc > 1)
if(!valfromstring(argv[1], &threadid, false))
return STATUS_ERROR;
@ -1152,7 +1152,7 @@ CMDRESULT cbDebugSuspendthread(int argc, char* argv[])
CMDRESULT cbDebugResumethread(int argc, char* argv[])
{
uint threadid = fdProcessInfo->dwThreadId;
duint threadid = fdProcessInfo->dwThreadId;
if(argc > 1)
if(!valfromstring(argv[1], &threadid, false))
return STATUS_ERROR;
@ -1174,11 +1174,11 @@ CMDRESULT cbDebugResumethread(int argc, char* argv[])
CMDRESULT cbDebugKillthread(int argc, char* argv[])
{
uint threadid = fdProcessInfo->dwThreadId;
duint threadid = fdProcessInfo->dwThreadId;
if(argc > 1)
if(!valfromstring(argv[1], &threadid, false))
return STATUS_ERROR;
uint exitcode = 0;
duint exitcode = 0;
if(argc > 2)
if(!valfromstring(argv[2], &exitcode, false))
return STATUS_ERROR;
@ -1221,10 +1221,10 @@ CMDRESULT cbDebugSetPriority(int argc, char* argv[])
dputs("Not enough arguments!");
return STATUS_ERROR;
}
uint threadid;
duint threadid;
if(!valfromstring(argv[1], &threadid, false))
return STATUS_ERROR;
uint priority;
duint priority;
if(!valfromstring(argv[2], &priority))
{
if(_strcmpi(argv[2], "Normal") == 0)
@ -1302,7 +1302,7 @@ CMDRESULT cbDebugEnableHardwareBreakpoint(int argc, char* argv[])
return STATUS_CONTINUE;
}
BREAKPOINT found;
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPHARDWARE, 0, &found)) //invalid hardware breakpoint
{
dprintf("No such hardware breakpoint \"%s\"\n", argv[1]);
@ -1342,7 +1342,7 @@ CMDRESULT cbDebugDisableHardwareBreakpoint(int argc, char* argv[])
return STATUS_CONTINUE;
}
BREAKPOINT found;
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPHARDWARE, 0, &found)) //invalid hardware breakpoint
{
dprintf("No such hardware breakpoint \"%s\"\n", argv[1]);
@ -1379,7 +1379,7 @@ CMDRESULT cbDebugEnableMemoryBreakpoint(int argc, char* argv[])
return STATUS_CONTINUE;
}
BREAKPOINT found;
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPMEMORY, 0, &found)) //invalid memory breakpoint
{
dprintf("No such memory breakpoint \"%s\"\n", argv[1]);
@ -1391,7 +1391,7 @@ CMDRESULT cbDebugEnableMemoryBreakpoint(int argc, char* argv[])
GuiUpdateAllViews();
return STATUS_CONTINUE;
}
uint size = 0;
duint size = 0;
MemFindBaseAddr(found.addr, &size);
if(!BpEnable(found.addr, BPMEMORY, true) || !SetMemoryBPXEx(found.addr, size, found.titantype, !found.singleshoot, (void*)cbMemoryBreakpoint))
{
@ -1419,7 +1419,7 @@ CMDRESULT cbDebugDisableMemoryBreakpoint(int argc, char* argv[])
return STATUS_CONTINUE;
}
BREAKPOINT found;
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !BpGet(addr, BPMEMORY, 0, &found)) //invalid memory breakpoint
{
dprintf("No such memory breakpoint \"%s\"\n", argv[1]);
@ -1430,7 +1430,7 @@ CMDRESULT cbDebugDisableMemoryBreakpoint(int argc, char* argv[])
dputs("Memory breakpoint already disabled!");
return STATUS_CONTINUE;
}
uint size = 0;
duint size = 0;
MemFindBaseAddr(found.addr, &size);
if(!BpEnable(found.addr, BPMEMORY, false) || !RemoveMemoryBPX(found.addr, size))
{
@ -1459,7 +1459,7 @@ CMDRESULT cbDebugDownloadSymbol(int argc, char* argv[])
return STATUS_CONTINUE;
}
//get some module information
uint modbase = ModBaseFromName(argv[1]);
duint modbase = ModBaseFromName(argv[1]);
if(!modbase)
{
dprintf("Invalid module \"%s\"!\n", argv[1]);
@ -1823,7 +1823,7 @@ CMDRESULT cbDebugGetJIT(int argc, char* argv[])
CMDRESULT cbDebugGetPageRights(int argc, char* argv[])
{
uint addr = 0;
duint addr = 0;
char rights[RIGHTS_STRING_SIZE];
if(argc != 2 || !valfromstring(argv[1], &addr))
@ -1845,7 +1845,7 @@ CMDRESULT cbDebugGetPageRights(int argc, char* argv[])
CMDRESULT cbDebugSetPageRights(int argc, char* argv[])
{
uint addr = 0;
duint addr = 0;
char rights[RIGHTS_STRING_SIZE];
if(argc < 3 || !valfromstring(argv[1], &addr))
@ -1904,7 +1904,7 @@ CMDRESULT cbDebugLoadLib(int argc, char* argv[])
int size = 0;
int counter = 0;
uint LoadLibraryA = 0;
duint LoadLibraryA = 0;
char command[50] = "";
char error[MAX_ERROR_SIZE] = "";
@ -1918,28 +1918,28 @@ CMDRESULT cbDebugLoadLib(int argc, char* argv[])
// Arch specific asm code
#ifdef _WIN64
sprintf(command, "mov rcx, " fhex, (uint)DLLNameMem);
sprintf(command, "mov rcx, " fhex, (duint)DLLNameMem);
#else
sprintf(command, "push " fhex, DLLNameMem);
#endif // _WIN64
assembleat((uint)ASMAddr, command, &size, error, true);
assembleat((duint)ASMAddr, command, &size, error, true);
counter += size;
#ifdef _WIN64
sprintf(command, "mov rax, " fhex, LoadLibraryA);
assembleat((uint)ASMAddr + counter, command, &size, error, true);
assembleat((duint)ASMAddr + counter, command, &size, error, true);
counter += size;
sprintf(command, "call rax");
#else
sprintf(command, "call " fhex, LoadLibraryA);
#endif // _WIN64
assembleat((uint)ASMAddr + counter, command, &size, error, true);
assembleat((duint)ASMAddr + counter, command, &size, error, true);
counter += size;
SetContextDataEx(LoadLibThread, UE_CIP, (uint)ASMAddr);
SetBPX((uint)ASMAddr + counter, UE_SINGLESHOOT | UE_BREAKPOINT_TYPE_INT3, (void*)cbDebugLoadLibBPX);
SetContextDataEx(LoadLibThread, UE_CIP, (duint)ASMAddr);
SetBPX((duint)ASMAddr + counter, UE_SINGLESHOOT | UE_BREAKPOINT_TYPE_INT3, (void*)cbDebugLoadLibBPX);
ThreadSuspendAll();
ResumeThread(LoadLibThread);
@ -1953,9 +1953,9 @@ void cbDebugLoadLibBPX()
{
HANDLE LoadLibThread = ThreadGetHandle((DWORD)LoadLibThreadID);
#ifdef _WIN64
uint LibAddr = GetContextDataEx(LoadLibThread, UE_RAX);
duint LibAddr = GetContextDataEx(LoadLibThread, UE_RAX);
#else
uint LibAddr = GetContextDataEx(LoadLibThread, UE_EAX);
duint LibAddr = GetContextDataEx(LoadLibThread, UE_EAX);
#endif //_WIN64
varset("$result", LibAddr, false);
backupctx.eflags &= ~0x100;
@ -2084,7 +2084,7 @@ CMDRESULT cbDebugSetCmdline(int argc, char* argv[])
CMDRESULT cbDebugSkip(int argc, char* argv[])
{
SetNextDbgContinueStatus(DBG_CONTINUE); //swallow the exception
uint cip = GetContextDataEx(hActiveThread, UE_CIP);
duint cip = GetContextDataEx(hActiveThread, UE_CIP);
BASIC_INSTRUCTION_INFO basicinfo;
memset(&basicinfo, 0, sizeof(basicinfo));
disasmfast(cip, &basicinfo);

4
src/dbg/disasm_fast.cpp
View File

@ -85,7 +85,7 @@ void fillbasicinfo(Capstone* cp, BASIC_INSTRUCTION_INFO* basicinfo)
}
}
bool disasmfast(unsigned char* data, uint addr, BASIC_INSTRUCTION_INFO* basicinfo)
bool disasmfast(unsigned char* data, duint addr, BASIC_INSTRUCTION_INFO* basicinfo)
{
if(!data || !basicinfo)
return false;
@ -100,7 +100,7 @@ bool disasmfast(unsigned char* data, uint addr, BASIC_INSTRUCTION_INFO* basicinf
return true;
}
bool disasmfast(uint addr, BASIC_INSTRUCTION_INFO* basicinfo)
bool disasmfast(duint addr, BASIC_INSTRUCTION_INFO* basicinfo)
{
unsigned int data[16];
if(!MemRead(addr, data, sizeof(data)))

4
src/dbg/disasm_fast.h
View File

@ -5,7 +5,7 @@
#include "capstone_wrapper.h"
void fillbasicinfo(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo);
bool disasmfast(uint addr, BASIC_INSTRUCTION_INFO* basicinfo);
bool disasmfast(unsigned char* data, uint addr, BASIC_INSTRUCTION_INFO* basicinfo);
bool disasmfast(duint addr, BASIC_INSTRUCTION_INFO* basicinfo);
bool disasmfast(unsigned char* data, duint addr, BASIC_INSTRUCTION_INFO* basicinfo);
#endif //_DISASM_FAST_H

34
src/dbg/disasm_helper.cpp
View File

@ -10,10 +10,10 @@
#include "memory.h"
#include "capstone_wrapper.h"
uint disasmback(unsigned char* data, uint base, uint size, uint ip, int n)
duint disasmback(unsigned char* data, duint base, duint size, duint ip, int n)
{
int i;
uint abuf[131], addr, back, cmdsize;
duint abuf[131], addr, back, cmdsize;
unsigned char* pdata;
// Reset Disasm Structure
@ -37,7 +37,7 @@ uint disasmback(unsigned char* data, uint base, uint size, uint ip, int n)
if(n == 0)
return ip;
if(ip < (uint)n)
if(ip < (duint)n)
return ip;
back = MAX_DISASM_BUFFER * (n + 3); // Instruction length limited to 16
@ -70,10 +70,10 @@ uint disasmback(unsigned char* data, uint base, uint size, uint ip, int n)
return abuf[(i - n + 128) % 128];
}
uint disasmnext(unsigned char* data, uint base, uint size, uint ip, int n)
duint disasmnext(unsigned char* data, duint base, duint size, duint ip, int n)
{
int i;
uint cmdsize;
duint cmdsize;
unsigned char* pdata;
// Reset Disasm Structure
@ -106,7 +106,7 @@ uint disasmnext(unsigned char* data, uint base, uint size, uint ip, int n)
return ip;
}
const char* disasmtext(uint addr)
const char* disasmtext(duint addr)
{
unsigned char buffer[MAX_DISASM_BUFFER] = "";
DbgMemRead(addr, buffer, sizeof(buffer));
@ -131,7 +131,7 @@ static void HandleCapstoneOperand(Capstone & cp, int opindex, DISASM_ARG* arg)
{
const char* regname = cp.RegName((x86_reg)op.reg);
arg->type = arg_normal;
uint value;
duint value;
if(!valfromstring(regname, &value, true, true))
value = 0;
arg->constant = arg->value = value;
@ -153,7 +153,7 @@ static void HandleCapstoneOperand(Capstone & cp, int opindex, DISASM_ARG* arg)
arg->constant = cp.Address() + (duint)mem.disp + cp.Size();
else
arg->constant = (duint)mem.disp;
uint value;
duint value;
if(!valfromstring(arg->mnemonic, &value, true, true))
return;
arg->value = value;
@ -180,7 +180,7 @@ static void HandleCapstoneOperand(Capstone & cp, int opindex, DISASM_ARG* arg)
}
}
void disasmget(unsigned char* buffer, uint addr, DISASM_INSTR* instr)
void disasmget(unsigned char* buffer, duint addr, DISASM_INSTR* instr)
{
if(!DbgIsDebugging())
{
@ -212,7 +212,7 @@ void disasmget(unsigned char* buffer, uint addr, DISASM_INSTR* instr)
HandleCapstoneOperand(cp, i, &instr->arg[i]);
}
void disasmget(uint addr, DISASM_INSTR* instr)
void disasmget(duint addr, DISASM_INSTR* instr)
{
if(!DbgIsDebugging())
{
@ -225,7 +225,7 @@ void disasmget(uint addr, DISASM_INSTR* instr)
disasmget(buffer, addr, instr);
}
void disasmprint(uint addr)
void disasmprint(duint addr)
{
DISASM_INSTR instr;
memset(&instr, 0, sizeof(instr));
@ -273,20 +273,20 @@ static bool isunicodestring(const unsigned char* data, int maxlen)
return true;
}
bool disasmispossiblestring(uint addr)
bool disasmispossiblestring(duint addr)
{
unsigned char data[11];
memset(data, 0, sizeof(data));
if(!MemRead(addr, data, sizeof(data) - 3))
return false;
uint test = 0;
memcpy(&test, data, sizeof(uint));
duint test = 0;
memcpy(&test, data, sizeof(duint));
if(isasciistring(data, sizeof(data)) || isunicodestring(data, _countof(data)))
return true;
return false;
}
bool disasmgetstringat(uint addr, STRING_TYPE* type, char* ascii, char* unicode, int maxlen)
bool disasmgetstringat(duint addr, STRING_TYPE* type, char* ascii, char* unicode, int maxlen)
{
if(type)
*type = str_none;
@ -340,7 +340,7 @@ bool disasmgetstringat(uint addr, STRING_TYPE* type, char* ascii, char* unicode,
return false;
}
int disasmgetsize(uint addr, unsigned char* data)
int disasmgetsize(duint addr, unsigned char* data)
{
Capstone cp;
if(!cp.Disassemble(addr, data, MAX_DISASM_BUFFER))
@ -348,7 +348,7 @@ int disasmgetsize(uint addr, unsigned char* data)
return cp.Size();
}
int disasmgetsize(uint addr)
int disasmgetsize(duint addr)
{
char data[MAX_DISASM_BUFFER];
if(!MemRead(addr, data, sizeof(data)))

20
src/dbg/disasm_helper.h
View File

@ -4,15 +4,15 @@
#include "_global.h"
//functions
uint disasmback(unsigned char* data, uint base, uint size, uint ip, int n);
uint disasmnext(unsigned char* data, uint base, uint size, uint ip, int n);
const char* disasmtext(uint addr);
void disasmprint(uint addr);
void disasmget(unsigned char* buffer, uint addr, DISASM_INSTR* instr);
void disasmget(uint addr, DISASM_INSTR* instr);
bool disasmispossiblestring(uint addr);
bool disasmgetstringat(uint addr, STRING_TYPE* type, char* ascii, char* unicode, int maxlen);
int disasmgetsize(uint addr, unsigned char* data);
int disasmgetsize(uint addr);
duint disasmback(unsigned char* data, duint base, duint size, duint ip, int n);
duint disasmnext(unsigned char* data, duint base, duint size, duint ip, int n);
const char* disasmtext(duint addr);
void disasmprint(duint addr);
void disasmget(unsigned char* buffer, duint addr, DISASM_INSTR* instr);
void disasmget(duint addr, DISASM_INSTR* instr);
bool disasmispossiblestring(duint addr);
bool disasmgetstringat(duint addr, STRING_TYPE* type, char* ascii, char* unicode, int maxlen);
int disasmgetsize(duint addr, unsigned char* data);
int disasmgetsize(duint addr);
#endif // _DISASM_HELPER_H

14
src/dbg/dynamicptr.h
View File

@ -6,10 +6,10 @@ template<typename T, bool ReadOnly = false, bool BreakOnFail = false>
class RemotePtr;
template<typename T, typename U>
RemotePtr<U> RemoteMemberPtr(uint Address, U T::*Member)
RemotePtr<U> RemoteMemberPtr(duint Address, U T::*Member)
{
// Calculate the offset from the member to the class base
uint offset = ((char*) & ((T*)nullptr->*Member) - (char*)nullptr);
duint offset = ((char*) & ((T*)nullptr->*Member) - (char*)nullptr);
return RemotePtr<U>(Address + offset);
}
@ -34,14 +34,14 @@ class RemotePtr
isClass<U>::value > {};
public:
explicit RemotePtr(uint Address)
explicit RemotePtr(duint Address)
{
Init(Address);
}
explicit RemotePtr(PVOID Address)
{
Init((uint)Address);
Init((duint)Address);
}
~RemotePtr()
@ -75,7 +75,7 @@ public:
}
template<typename A, typename B = T>
enableIf<isClass<T>::value, uint> memberOffset(A B::*Member)
enableIf<isClass<T>::value, duint> memberOffset(A B::*Member)
{
return (char*) & ((typename std::remove_pointer<T>::type*)nullptr->*Member) - (char*)nullptr;
}
@ -136,7 +136,7 @@ private:
m_Modified = false;
}
inline void Init(uint Address)
inline void Init(duint Address)
{
m_Modified = false;
m_InternalAddr = Address;
@ -144,6 +144,6 @@ private:
}
bool m_Modified;
uint m_InternalAddr;
duint m_InternalAddr;
T m_InternalData;
};

12
src/dbg/exceptiondirectoryanalysis.cpp
View File

@ -5,7 +5,7 @@
#include "console.h"
#include "function.h"
ExceptionDirectoryAnalysis::ExceptionDirectoryAnalysis(uint base, uint size) : Analysis(base, size)
ExceptionDirectoryAnalysis::ExceptionDirectoryAnalysis(duint base, duint size) : Analysis(base, size)
{
_functionInfoData = nullptr;
#ifdef _WIN64
@ -34,7 +34,7 @@ ExceptionDirectoryAnalysis::ExceptionDirectoryAnalysis(uint base, uint size) : A
{
// Find a pointer to IMAGE_DIRECTORY_ENTRY_EXCEPTION for later use
ULONG_PTR virtualOffset = GetPE32DataFromMappedFile(fileMapVa, IMAGE_DIRECTORY_ENTRY_EXCEPTION, UE_SECTIONVIRTUALOFFSET);
_functionInfoSize = (uint)GetPE32DataFromMappedFile(fileMapVa, IMAGE_DIRECTORY_ENTRY_EXCEPTION, UE_SECTIONVIRTUALSIZE);
_functionInfoSize = (duint)GetPE32DataFromMappedFile(fileMapVa, IMAGE_DIRECTORY_ENTRY_EXCEPTION, UE_SECTIONVIRTUALSIZE);
// Unload the file
StaticFileUnloadW(nullptr, false, fileHandle, fileSize, fileMapHandle, fileMapVa);
@ -64,8 +64,8 @@ void ExceptionDirectoryAnalysis::Analyse()
#ifdef _WIN64
EnumerateFunctionRuntimeEntries64([&](PRUNTIME_FUNCTION Function)
{
const uint funcAddr = _moduleBase + Function->BeginAddress;
const uint funcEnd = _moduleBase + Function->EndAddress;
const duint funcAddr = _moduleBase + Function->BeginAddress;
const duint funcEnd = _moduleBase + Function->EndAddress;
// If within limits...
if(funcAddr >= _base && funcAddr < _base + _size)
@ -94,10 +94,10 @@ void ExceptionDirectoryAnalysis::EnumerateFunctionRuntimeEntries64(std::function
// Get the table pointer and size
auto functionTable = (PRUNTIME_FUNCTION)_functionInfoData;
uint totalCount = (_functionInfoSize / sizeof(RUNTIME_FUNCTION));
duint totalCount = (_functionInfoSize / sizeof(RUNTIME_FUNCTION));
// Enumerate each entry
for(uint i = 0; i < totalCount; i++)
for(duint i = 0; i < totalCount; i++)
{
if(!Callback(&functionTable[i]))
break;

8
src/dbg/exceptiondirectoryanalysis.h
View File

@ -7,16 +7,16 @@
class ExceptionDirectoryAnalysis : public Analysis
{
public:
explicit ExceptionDirectoryAnalysis(uint base, uint size);
explicit ExceptionDirectoryAnalysis(duint base, duint size);
~ExceptionDirectoryAnalysis();
void Analyse() override;
void SetMarkers() override;
private:
uint _moduleBase;
uint _functionInfoSize;
duint _moduleBase;
duint _functionInfoSize;
void* _functionInfoData;
std::vector<std::pair<uint, uint>> _functions;
std::vector<std::pair<duint, duint>> _functions;
#ifdef _WIN64
void EnumerateFunctionRuntimeEntries64(std::function<bool(PRUNTIME_FUNCTION)> Callback);

20
src/dbg/expressionparser.cpp
View File

@ -368,34 +368,34 @@ static bool operation(const ExpressionParser::Token::Type type, const T op1, con
}
}
bool ExpressionParser::unsignedoperation(const Token::Type type, const uint op1, const uint op2, uint & result)
bool ExpressionParser::unsignedoperation(const Token::Type type, const duint op1, const duint op2, duint & result)
{
return operation<uint>(type, op1, op2, result, false);
return operation<duint>(type, op1, op2, result, false);
}
bool ExpressionParser::signedoperation(const Token::Type type, const sint op1, const sint op2, uint & result)
bool ExpressionParser::signedoperation(const Token::Type type, const sint op1, const sint op2, duint & result)
{
sint signedResult;
if(!operation<sint>(type, op1, op2, signedResult, true))
return false;
result = (uint)signedResult;
result = (duint)signedResult;
return true;
}
bool ExpressionParser::calculate(uint & value, bool signedcalc, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly)
bool ExpressionParser::calculate(duint & value, bool signedcalc, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly)
{
value = 0;
if(!_prefixTokens.size())
return false;
std::stack<uint> stack;
std::stack<duint> stack;
//calculate the result from the RPN queue
for(const auto & token : _prefixTokens)
{
if(token.isOperator())
{
uint op1 = 0;
uint op2 = 0;
uint result = 0;
duint op1 = 0;
duint op2 = 0;
duint result = 0;
switch(token.type())
{
case Token::Type::OperatorUnarySub:
@ -439,7 +439,7 @@ bool ExpressionParser::calculate(uint & value, bool signedcalc, bool silent, boo
}
else
{
uint result;
duint result;
if(!valfromstring_noexpr(token.data().c_str(), &result, silent, baseonly, value_size, isvar, hexonly))
return false;
stack.push(result);

6
src/dbg/expressionparser.h
View File

@ -7,7 +7,7 @@ class ExpressionParser
{
public:
ExpressionParser(const String & expression);
bool calculate(uint & value, bool signedcalc, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly);
bool calculate(duint & value, bool signedcalc, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly);
class Token
{
@ -57,8 +57,8 @@ private:
void tokenize(const String & expression);
void shuntingYard();
void addOperatorToken(const char ch, const Token::Type type);
bool unsignedoperation(const Token::Type type, const uint op1, const uint op2, uint & result);
bool signedoperation(const Token::Type type, const sint op1, const sint op2, uint & result);
bool unsignedoperation(const Token::Type type, const duint op1, const duint op2, duint & result);
bool signedoperation(const Token::Type type, const sint op1, const sint op2, duint & result);
std::vector<Token> _tokens;
std::vector<Token> _prefixTokens;

28
src/dbg/function.cpp
View File

@ -5,7 +5,7 @@
std::map<ModuleRange, FUNCTIONSINFO, ModuleRangeCompare> functions;
bool FunctionAdd(uint Start, uint End, bool Manual)
bool FunctionAdd(duint Start, duint End, bool Manual)
{
// CHECK: Export/Command function
if(!DbgIsDebugging())
@ -16,7 +16,7 @@ bool FunctionAdd(uint Start, uint End, bool Manual)
return false;
// Fail if boundary exceeds module size
const uint moduleBase = ModBaseFromAddr(Start);
const duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return false;
@ -38,13 +38,13 @@ bool FunctionAdd(uint Start, uint End, bool Manual)
return true;
}
bool FunctionGet(uint Address, uint* Start, uint* End)
bool FunctionGet(duint Address, duint* Start, duint* End)
{
// CHECK: Exported function
if(!DbgIsDebugging())
return false;
const uint moduleBase = ModBaseFromAddr(Address);
const duint moduleBase = ModBaseFromAddr(Address);
// Lookup by module hash, then function range
SHARED_ACQUIRE(LockFunctions);
@ -64,7 +64,7 @@ bool FunctionGet(uint Address, uint* Start, uint* End)
return true;
}
bool FunctionOverlaps(uint Start, uint End)
bool FunctionOverlaps(duint Start, duint End)
{
// CHECK: Exported function
if(!DbgIsDebugging())
@ -74,25 +74,25 @@ bool FunctionOverlaps(uint Start, uint End)
if(Start > End)
return false;
const uint moduleBase = ModBaseFromAddr(Start);
const duint moduleBase = ModBaseFromAddr(Start);
SHARED_ACQUIRE(LockFunctions);
return (functions.count(ModuleRange(ModHashFromAddr(moduleBase), Range(Start - moduleBase, End - moduleBase))) > 0);
}
bool FunctionDelete(uint Address)
bool FunctionDelete(duint Address)
{
// CHECK: Exported function
if(!DbgIsDebugging())
return false;
const uint moduleBase = ModBaseFromAddr(Address);
const duint moduleBase = ModBaseFromAddr(Address);
EXCLUSIVE_ACQUIRE(LockFunctions);
return (functions.erase(ModuleRange(ModHashFromAddr(moduleBase), Range(Address - moduleBase, Address - moduleBase))) > 0);
}
void FunctionDelRange(uint Start, uint End)
void FunctionDelRange(duint Start, duint End)
{
// CHECK: Exported function
if(!DbgIsDebugging())
@ -107,7 +107,7 @@ void FunctionDelRange(uint Start, uint End)
else
{
// The start and end address must be in the same module
uint moduleBase = ModBaseFromAddr(Start);
duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return;
@ -194,15 +194,15 @@ void FunctionCacheLoad(JSON Root)
strcpy_s(functionInfo.mod, mod);
// Function address
functionInfo.start = (uint)json_hex_value(json_object_get(value, "start"));
functionInfo.end = (uint)json_hex_value(json_object_get(value, "end"));
functionInfo.start = (duint)json_hex_value(json_object_get(value, "start"));
functionInfo.end = (duint)json_hex_value(json_object_get(value, "end"));
functionInfo.manual = Manual;
// Sanity check
if(functionInfo.end < functionInfo.start)
continue;
const uint key = ModHashFromName(functionInfo.mod);
const duint key = ModHashFromName(functionInfo.mod);
functions.insert(std::make_pair(ModuleRange(key, Range(functionInfo.start, functionInfo.end)), functionInfo));
}
};
@ -244,7 +244,7 @@ bool FunctionEnum(FUNCTIONSINFO* List, size_t* Size)
for(auto & itr : functions)
{
// Adjust for relative to virtual addresses
uint moduleBase = ModBaseFromName(itr.second.mod);
duint moduleBase = ModBaseFromName(itr.second.mod);
*List = itr.second;
List->start += moduleBase;

14
src/dbg/function.h
View File

@ -5,16 +5,16 @@
struct FUNCTIONSINFO
{
char mod[MAX_MODULE_SIZE];
uint start;
uint end;
duint start;
duint end;
bool manual;
};
bool FunctionAdd(uint Start, uint End, bool Manual);
bool FunctionGet(uint Address, uint* Start, uint* End);
bool FunctionOverlaps(uint Start, uint End);
bool FunctionDelete(uint Address);
void FunctionDelRange(uint Start, uint End);
bool FunctionAdd(duint Start, duint End, bool Manual);
bool FunctionGet(duint Address, duint* Start, duint* End);
bool FunctionOverlaps(duint Start, duint End);
bool FunctionDelete(duint Address);
void FunctionDelRange(duint Start, duint End);
void FunctionCacheSave(JSON Root);
void FunctionCacheLoad(JSON Root);
bool FunctionEnum(FUNCTIONSINFO* List, size_t* Size);

234
src/dbg/instruction.cpp
View File

@ -38,7 +38,7 @@ static int maxFindResults = 5000;
CMDRESULT cbBadCmd(int argc, char* argv[])
{
uint value = 0;
duint value = 0;
int valsize = 0;
bool isvar = false;
bool hexonly = false;
@ -102,7 +102,7 @@ CMDRESULT cbInstrVar(int argc, char* argv[])
char arg2[deflen] = ""; //var value (optional)
if(argc > 2)
strcpy_s(arg2, argv[2]);
uint value = 0;
duint value = 0;
int add = 0;
if(*argv[1] == '$')
add++;
@ -173,7 +173,7 @@ CMDRESULT cbInstrMov(int argc, char* argv[])
}
}
//Check the destination
uint dest;
duint dest;
if(!valfromstring(argv[1], &dest) || !MemIsValidReadPtr(dest))
{
dprintf("invalid destination \"%s\"\n", argv[1]);
@ -201,20 +201,20 @@ CMDRESULT cbInstrMov(int argc, char* argv[])
}
else
{
uint set_value = 0;
duint set_value = 0;
if(!valfromstring(srcText.c_str(), &set_value))
{
dprintf("invalid src \"%s\"\n", argv[2]);
return STATUS_ERROR;
}
bool isvar = false;
uint temp = 0;
duint temp = 0;
valfromstring(argv[1], &temp, true, false, 0, &isvar, 0);
if(!isvar)
isvar = vargettype(argv[1], 0);
if(!isvar || !valtostring(argv[1], set_value, true))
{
uint value;
duint value;
if(valfromstring(argv[1], &value)) //if the var is a value already it's an invalid destination
{
dprintf("invalid dest \"%s\"\n", argv[1]);
@ -259,7 +259,7 @@ CMDRESULT cbInstrVarList(int argc, char* argv[])
continue;
char name[deflen] = "";
strcpy_s(name, variables()[i].name.c_str());
uint value = (uint)variables()[i].value.u.value;
duint value = (duint)variables()[i].value.u.value;
if(variables()[i].type != VAR_HIDDEN)
{
if(filter)
@ -308,7 +308,7 @@ CMDRESULT cbInstrCmt(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!CommentSet(addr, argv[2], true))
@ -326,7 +326,7 @@ CMDRESULT cbInstrCmtdel(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!CommentDelete(addr))
@ -345,7 +345,7 @@ CMDRESULT cbInstrLbl(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!LabelSet(addr, argv[2], true))
@ -364,7 +364,7 @@ CMDRESULT cbInstrLbldel(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!LabelDelete(addr))
@ -382,7 +382,7 @@ CMDRESULT cbInstrBookmarkSet(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!BookmarkSet(addr, true))
@ -401,7 +401,7 @@ CMDRESULT cbInstrBookmarkDel(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!BookmarkDelete(addr))
@ -433,7 +433,7 @@ CMDRESULT cbInstrAssemble(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr))
{
dprintf("invalid expression: \"%s\"!\n", argv[1]);
@ -467,8 +467,8 @@ CMDRESULT cbInstrFunctionAdd(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint start = 0;
uint end = 0;
duint start = 0;
duint end = 0;
if(!valfromstring(argv[1], &start, false) || !valfromstring(argv[2], &end, false))
return STATUS_ERROR;
if(!FunctionAdd(start, end, true))
@ -488,7 +488,7 @@ CMDRESULT cbInstrFunctionDel(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!FunctionDelete(addr))
@ -508,14 +508,14 @@ CMDRESULT cbInstrCmp(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint arg1 = 0;
duint arg1 = 0;
if(!valfromstring(argv[1], &arg1, false))
return STATUS_ERROR;
uint arg2 = 0;
duint arg2 = 0;
if(!valfromstring(argv[2], &arg2, false))
return STATUS_ERROR;
uint ezflag;
uint bsflag;
duint ezflag;
duint bsflag;
if(arg1 == arg2)
ezflag = 1;
else
@ -552,7 +552,7 @@ CMDRESULT cbInstrGpa(int argc, char* argv[])
sprintf(newcmd, "%s:%s", argv[2], argv[1]);
else
sprintf(newcmd, "%s", argv[1]);
uint result = 0;
duint result = 0;
if(!valfromstring(newcmd, &result, false))
return STATUS_ERROR;
varset("$RESULT", result, false);
@ -751,14 +751,14 @@ CMDRESULT cbInstrTest(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint arg1 = 0;
duint arg1 = 0;
if(!valfromstring(argv[1], &arg1, false))
return STATUS_ERROR;
uint arg2 = 0;
duint arg2 = 0;
if(!valfromstring(argv[2], &arg2, false))
return STATUS_ERROR;
uint ezflag;
uint bsflag = 0;
duint ezflag;
duint bsflag = 0;
if(!(arg1 & arg2))
ezflag = 1;
else
@ -795,7 +795,7 @@ CMDRESULT cbInstrPush(int argc, char* argv[])
return STATUS_ERROR;
}
Script::Stack::Push(value);
uint csp = GetContextDataEx(hActiveThread, UE_CSP);
duint csp = GetContextDataEx(hActiveThread, UE_CSP);
GuiStackDumpAt(csp, csp);
GuiUpdateRegisterView();
return STATUS_CONTINUE;
@ -804,7 +804,7 @@ CMDRESULT cbInstrPush(int argc, char* argv[])
CMDRESULT cbInstrPop(int argc, char* argv[])
{
duint value = Script::Stack::Pop();
uint csp = GetContextDataEx(hActiveThread, UE_CSP);
duint csp = GetContextDataEx(hActiveThread, UE_CSP);
GuiStackDumpAt(csp, csp);
GuiUpdateRegisterView();
if(argc > 1)
@ -818,7 +818,7 @@ CMDRESULT cbInstrPop(int argc, char* argv[])
CMDRESULT cbInstrRefinit(int argc, char* argv[])
{
GuiReferenceInitialize("Script");
GuiReferenceAddColumn(sizeof(uint) * 2, "Address");
GuiReferenceAddColumn(sizeof(duint) * 2, "Address");
GuiReferenceAddColumn(0, "Data");
GuiReferenceSetRowCount(0);
GuiReferenceReloadData();
@ -833,7 +833,7 @@ CMDRESULT cbInstrRefadd(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
if(!bRefinit)
@ -850,8 +850,8 @@ CMDRESULT cbInstrRefadd(int argc, char* argv[])
struct VALUERANGE
{
uint start;
uint end;
duint start;
duint end;
};
static bool cbRefFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo)
@ -859,7 +859,7 @@ static bool cbRefFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFIN
if(!disasm || !basicinfo) //initialize
{
GuiReferenceInitialize(refinfo->name);
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(0, "Disassembly");
GuiReferenceSetRowCount(0);
GuiReferenceReloadData();
@ -867,23 +867,23 @@ static bool cbRefFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFIN
}
bool found = false;
VALUERANGE* range = (VALUERANGE*)refinfo->userinfo;
uint start = range->start;
uint end = range->end;
duint start = range->start;
duint end = range->end;
if((basicinfo->type & TYPE_VALUE) == TYPE_VALUE)
{
uint value = basicinfo->value.value;
duint value = basicinfo->value.value;
if(value >= start && value <= end)
found = true;
}
if((basicinfo->type & TYPE_MEMORY) == TYPE_MEMORY)
{
uint value = basicinfo->memory.value;
duint value = basicinfo->memory.value;
if(value >= start && value <= end)
found = true;
}
if((basicinfo->type & TYPE_ADDR) == TYPE_ADDR)
{
uint value = basicinfo->addr;
duint value = basicinfo->addr;
if(value >= start && value <= end)
found = true;
}
@ -929,14 +929,14 @@ CMDRESULT cbInstrRefFindRange(int argc, char* argv[])
return STATUS_ERROR;
if(argc < 3 || !valfromstring(argv[2], &range.end, false))
range.end = range.start;
uint addr = 0;
duint addr = 0;
if(argc < 4 || !valfromstring(argv[3], &addr))
addr = GetContextDataEx(hActiveThread, UE_CIP);
uint size = 0;
duint size = 0;
if(argc >= 5)
if(!valfromstring(argv[4], &size))
size = 0;
uint ticks = GetTickCount();
duint ticks = GetTickCount();
char title[256] = "";
if(range.start == range.end)
sprintf_s(title, "Constant: %" fext "X", range.start);
@ -953,7 +953,7 @@ bool cbRefStr(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refi
if(!disasm || !basicinfo) //initialize
{
GuiReferenceInitialize(refinfo->name);
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(64, "Disassembly");
GuiReferenceAddColumn(500, "String");
GuiReferenceSetSearchStartCol(2); //only search the strings
@ -998,14 +998,14 @@ bool cbRefStr(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refi
CMDRESULT cbInstrRefStr(int argc, char* argv[])
{
uint addr;
duint addr;
if(argc < 2 || !valfromstring(argv[1], &addr, true))
addr = GetContextDataEx(hActiveThread, UE_CIP);
uint size = 0;
duint size = 0;
if(argc >= 3)
if(!valfromstring(argv[2], &size, true))
size = 0;
uint ticks = GetTickCount();
duint ticks = GetTickCount();
int found = RefFind(addr, size, cbRefStr, 0, false, "Strings");
dprintf("%u string(s) in %ums\n", found, GetTickCount() - ticks);
varset("$result", found, false);
@ -1100,7 +1100,7 @@ CMDRESULT cbInstrCopystr(int argc, char* argv[])
dprintf("failed to get variable data \"%s\"!\n", argv[2]);
return STATUS_ERROR;
}
uint addr;
duint addr;
if(!valfromstring(argv[1], &addr))
{
dprintf("invalid address \"%s\"!\n", argv[1]);
@ -1124,7 +1124,7 @@ CMDRESULT cbInstrFind(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
char pattern[deflen] = "";
@ -1136,8 +1136,8 @@ CMDRESULT cbInstrFind(int argc, char* argv[])
int len = (int)strlen(pattern);
if(pattern[len - 1] == '#')
pattern[len - 1] = '\0';
uint size = 0;
uint base = MemFindBaseAddr(addr, &size, true);
duint size = 0;
duint base = MemFindBaseAddr(addr, &size, true);
if(!base)
{
dprintf("invalid memory address " fhex "!\n", addr);
@ -1149,8 +1149,8 @@ CMDRESULT cbInstrFind(int argc, char* argv[])
dputs("failed to read memory!");
return STATUS_ERROR;
}
uint start = addr - base;
uint find_size = 0;
duint start = addr - base;
duint find_size = 0;
if(argc >= 4)
{
if(!valfromstring(argv[3], &find_size))
@ -1160,8 +1160,8 @@ CMDRESULT cbInstrFind(int argc, char* argv[])
}
else
find_size = size - start;
uint foundoffset = patternfind(data() + start, find_size, pattern);
uint result = 0;
duint foundoffset = patternfind(data() + start, find_size, pattern);
duint result = 0;
if(foundoffset != -1)
result = addr + foundoffset;
varset("$result", result, false);
@ -1175,7 +1175,7 @@ CMDRESULT cbInstrFindAll(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
@ -1188,8 +1188,8 @@ CMDRESULT cbInstrFindAll(int argc, char* argv[])
int len = (int)strlen(pattern);
if(pattern[len - 1] == '#')
pattern[len - 1] = '\0';
uint size = 0;
uint base = MemFindBaseAddr(addr, &size, true);
duint size = 0;
duint base = MemFindBaseAddr(addr, &size, true);
if(!base)
{
dprintf("invalid memory address " fhex "!\n", addr);
@ -1201,8 +1201,8 @@ CMDRESULT cbInstrFindAll(int argc, char* argv[])
dputs("failed to read memory!");
return STATUS_ERROR;
}
uint start = addr - base;
uint find_size = 0;
duint start = addr - base;
duint find_size = 0;
bool findData = false;
if(argc >= 4)
{
@ -1226,7 +1226,7 @@ CMDRESULT cbInstrFindAll(int argc, char* argv[])
char patterntitle[256] = "";
sprintf_s(patterntitle, "Pattern: %s", patternshort);
GuiReferenceInitialize(patterntitle);
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
if(findData)
GuiReferenceAddColumn(0, "&Data&");
else
@ -1234,8 +1234,8 @@ CMDRESULT cbInstrFindAll(int argc, char* argv[])
GuiReferenceReloadData();
DWORD ticks = GetTickCount();
int refCount = 0;
uint i = 0;
uint result = 0;
duint i = 0;
duint result = 0;
std::vector<PatternByte> searchpattern;
if(!patterntransform(pattern, searchpattern))
{
@ -1244,7 +1244,7 @@ CMDRESULT cbInstrFindAll(int argc, char* argv[])
}
while(refCount < maxFindResults)
{
uint foundoffset = patternfind(data() + start + i, find_size - i, searchpattern);
duint foundoffset = patternfind(data() + start + i, find_size - i, searchpattern);
if(foundoffset == -1)
break;
i += foundoffset + 1;
@ -1291,7 +1291,7 @@ CMDRESULT cbInstrFindMemAll(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr, false))
return STATUS_ERROR;
@ -1311,7 +1311,7 @@ CMDRESULT cbInstrFindMemAll(int argc, char* argv[])
return STATUS_ERROR;
}
uint endAddr = -1;
duint endAddr = -1;
bool findData = false;
if(argc >= 4)
{
@ -1325,7 +1325,7 @@ CMDRESULT cbInstrFindMemAll(int argc, char* argv[])
std::vector<SimplePage> searchPages;
for(auto & itr : memoryPages)
{
SimplePage page(uint(itr.second.mbi.BaseAddress), itr.second.mbi.RegionSize);
SimplePage page(duint(itr.second.mbi.BaseAddress), itr.second.mbi.RegionSize);
if(page.address >= addr && page.address + page.size <= endAddr)
searchPages.push_back(page);
}
@ -1333,7 +1333,7 @@ CMDRESULT cbInstrFindMemAll(int argc, char* argv[])
DWORD ticks = GetTickCount();
std::vector<uint> results;
std::vector<duint> results;
if(!MemFindInMap(searchPages, searchpattern, results, maxFindResults))
{
dputs("MemFindInMap failed!");
@ -1348,7 +1348,7 @@ CMDRESULT cbInstrFindMemAll(int argc, char* argv[])
char patterntitle[256] = "";
sprintf_s(patterntitle, "Pattern: %s", patternshort);
GuiReferenceInitialize(patterntitle);
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
if(findData)
GuiReferenceAddColumn(0, "&Data&");
else
@ -1356,7 +1356,7 @@ CMDRESULT cbInstrFindMemAll(int argc, char* argv[])
GuiReferenceReloadData();
int refCount = 0;
for(uint result : results)
for(duint result : results)
{
char msg[deflen] = "";
sprintf(msg, fhex, result);
@ -1394,7 +1394,7 @@ static bool cbModCallFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, R
if(!disasm || !basicinfo) //initialize
{
GuiReferenceInitialize(refinfo->name);
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(0, "Disassembly");
GuiReferenceReloadData();
return true;
@ -1402,7 +1402,7 @@ static bool cbModCallFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, R
bool found = false;
if(basicinfo->call) //we are looking for calls
{
uint ptr = basicinfo->addr > 0 ? basicinfo->addr : basicinfo->memory.value;
duint ptr = basicinfo->addr > 0 ? basicinfo->addr : basicinfo->memory.value;
char label[MAX_LABEL_SIZE] = "";
found = DbgGetLabelAt(ptr, SEG_DEFAULT, label) && !LabelGet(ptr, label); //a non-user label
}
@ -1423,14 +1423,14 @@ static bool cbModCallFind(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, R
CMDRESULT cbInstrModCallFind(int argc, char* argv[])
{
uint addr;
duint addr;
if(argc < 2 || !valfromstring(argv[1], &addr, true))
addr = GetContextDataEx(hActiveThread, UE_CIP);
uint size = 0;
duint size = 0;
if(argc >= 3)
if(!valfromstring(argv[2], &size, true))
size = 0;
uint ticks = GetTickCount();
duint ticks = GetTickCount();
int found = RefFind(addr, size, cbModCallFind, 0, false, "Calls");
dprintf("%u call(s) in %ums\n", found, GetTickCount() - ticks);
varset("$result", found, false);
@ -1441,7 +1441,7 @@ CMDRESULT cbInstrCommentList(int argc, char* argv[])
{
//setup reference view
GuiReferenceInitialize("Comments");
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(64, "Disassembly");
GuiReferenceAddColumn(0, "Comment");
GuiReferenceReloadData();
@ -1476,7 +1476,7 @@ CMDRESULT cbInstrLabelList(int argc, char* argv[])
{
//setup reference view
GuiReferenceInitialize("Labels");
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(64, "Disassembly");
GuiReferenceAddColumn(0, "Label");
GuiReferenceReloadData();
@ -1511,7 +1511,7 @@ CMDRESULT cbInstrBookmarkList(int argc, char* argv[])
{
//setup reference view
GuiReferenceInitialize("Bookmarks");
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(0, "Disassembly");
GuiReferenceReloadData();
size_t cbsize;
@ -1544,8 +1544,8 @@ CMDRESULT cbInstrFunctionList(int argc, char* argv[])
{
//setup reference view
GuiReferenceInitialize("Functions");
GuiReferenceAddColumn(2 * sizeof(uint), "Start");
GuiReferenceAddColumn(2 * sizeof(uint), "End");
GuiReferenceAddColumn(2 * sizeof(duint), "Start");
GuiReferenceAddColumn(2 * sizeof(duint), "End");
GuiReferenceAddColumn(64, "Disassembly (Start)");
GuiReferenceAddColumn(0, "Label/Comment");
GuiReferenceReloadData();
@ -1590,8 +1590,8 @@ CMDRESULT cbInstrLoopList(int argc, char* argv[])
{
//setup reference view
GuiReferenceInitialize("Loops");
GuiReferenceAddColumn(2 * sizeof(uint), "Start");
GuiReferenceAddColumn(2 * sizeof(uint), "End");
GuiReferenceAddColumn(2 * sizeof(duint), "Start");
GuiReferenceAddColumn(2 * sizeof(duint), "End");
GuiReferenceAddColumn(64, "Disassembly (Start)");
GuiReferenceAddColumn(0, "Label/Comment");
GuiReferenceReloadData();
@ -1634,7 +1634,7 @@ CMDRESULT cbInstrLoopList(int argc, char* argv[])
CMDRESULT cbInstrSleep(int argc, char* argv[])
{
uint ms = 100;
duint ms = 100;
if(argc > 1)
if(!valfromstring(argv[1], &ms, false))
return STATUS_ERROR;
@ -1649,7 +1649,7 @@ static bool cbFindAsm(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFIN
if(!disasm || !basicinfo) //initialize
{
GuiReferenceInitialize(refinfo->name);
GuiReferenceAddColumn(2 * sizeof(uint), "Address");
GuiReferenceAddColumn(2 * sizeof(duint), "Address");
GuiReferenceAddColumn(0, "Disassembly");
GuiReferenceReloadData();
return true;
@ -1679,10 +1679,10 @@ CMDRESULT cbInstrFindAsm(int argc, char* argv[])
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(argc < 3 || !valfromstring(argv[2], &addr))
addr = GetContextDataEx(hActiveThread, UE_CIP);
uint size = 0;
duint size = 0;
if(argc >= 4)
if(!valfromstring(argv[3], &size))
size = 0;
@ -1699,7 +1699,7 @@ CMDRESULT cbInstrFindAsm(int argc, char* argv[])
memset(&basicinfo, 0, sizeof(BASIC_INSTRUCTION_INFO));
disasmfast(dest, addr + size / 2, &basicinfo);
uint ticks = GetTickCount();
duint ticks = GetTickCount();
char title[256] = "";
sprintf_s(title, "Command: \"%s\"", basicinfo.instruction);
int found = RefFind(addr, size, cbFindAsm, (void*)&basicinfo.instruction[0], false, title);
@ -1755,7 +1755,7 @@ static String yara_print_hex_string(const uint8_t* data, int length)
struct YaraScanInfo
{
uint base;
duint base;
int index;
};
@ -1766,7 +1766,7 @@ static int yaraScanCallback(int message, void* message_data, void* user_data)
{
case CALLBACK_MSG_RULE_MATCHING:
{
uint base = scanInfo->base;
duint base = scanInfo->base;
YR_RULE* yrRule = (YR_RULE*)message_data;
dprintf("[YARA] Rule \"%s\" matched:\n", yrRule->identifier);
YR_STRING* string;
@ -1780,7 +1780,7 @@ static int yaraScanCallback(int message, void* message_data, void* user_data)
pattern = yara_print_hex_string(match->data, match->length);
else
pattern = yara_print_string(match->data, match->length);
uint addr = (uint)(base + match->base + match->offset);
duint addr = (duint)(base + match->base + match->offset);
//dprintf("[YARA] String \"%s\" : %s on 0x%" fext "X\n", string->identifier, pattern.c_str(), addr);
//update references
@ -1831,14 +1831,14 @@ CMDRESULT cbInstrYara(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
SELECTIONDATA sel;
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
addr = sel.start;
uint base = 0;
uint size = 0;
uint mod = ModBaseFromName(argv[2]);
duint base = 0;
duint size = 0;
duint mod = ModBaseFromName(argv[2]);
if(mod)
{
base = mod;
@ -1898,7 +1898,7 @@ CMDRESULT cbInstrYara(int argc, char* argv[])
fullName += modname;
fullName += ")"; //nanana, very ugly code (long live open source)
GuiReferenceInitialize(fullName.c_str());
GuiReferenceAddColumn(sizeof(uint) * 2, "Address");
GuiReferenceAddColumn(sizeof(duint) * 2, "Address");
GuiReferenceAddColumn(48, "Rule");
GuiReferenceAddColumn(0, "Data");
GuiReferenceSetRowCount(0);
@ -1906,7 +1906,7 @@ CMDRESULT cbInstrYara(int argc, char* argv[])
YaraScanInfo scanInfo;
scanInfo.base = base;
scanInfo.index = 0;
uint ticks = GetTickCount();
duint ticks = GetTickCount();
dputs("[YARA] Scan started...");
int err = yr_rules_scan_mem(yrRules, data(), size, 0, yaraScanCallback, &scanInfo, 0);
GuiReferenceReloadData();
@ -1944,13 +1944,13 @@ CMDRESULT cbInstrYaramod(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint base = ModBaseFromName(argv[2]);
duint base = ModBaseFromName(argv[2]);
if(!base)
{
dprintf("invalid module \"%s\"!\n", argv[2]);
return STATUS_ERROR;
}
uint size = ModSizeFromAddr(base);
duint size = ModSizeFromAddr(base);
char newcmd[deflen] = "";
sprintf_s(newcmd, "yara \"%s\",%p,%p", argv[1], base, size);
return cmddirectexec(dbggetcommandlist(), newcmd);
@ -1983,7 +1983,7 @@ CMDRESULT cbInstrCapstone(int argc, char* argv[])
return STATUS_ERROR;
}
uint addr = 0;
duint addr = 0;
if(!valfromstring(argv[1], &addr) || !MemIsValidReadPtr(addr))
{
dprintf("invalid address \"%s\"\n", argv[1]);
@ -2052,8 +2052,8 @@ CMDRESULT cbInstrAnalyseNukem(int argc, char* argv[])
{
SELECTIONDATA sel;
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
uint size = 0;
uint base = MemFindBaseAddr(sel.start, &size);
duint size = 0;
duint base = MemFindBaseAddr(sel.start, &size);
Analyse_nukem(base, size);
GuiUpdateAllViews();
return STATUS_CONTINUE;
@ -2063,8 +2063,8 @@ CMDRESULT cbInstrAnalyse(int argc, char* argv[])
{
SELECTIONDATA sel;
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
uint size = 0;
uint base = MemFindBaseAddr(sel.start, &size);
duint size = 0;
duint base = MemFindBaseAddr(sel.start, &size);
LinearAnalysis anal(base, size);
anal.Analyse();
anal.SetMarkers();
@ -2079,8 +2079,8 @@ CMDRESULT cbInstrCfanalyse(int argc, char* argv[])
exceptionDirectory = true;
SELECTIONDATA sel;
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
uint size = 0;
uint base = MemFindBaseAddr(sel.start, &size);
duint size = 0;
duint base = MemFindBaseAddr(sel.start, &size);
ControlFlowAnalysis anal(base, size, exceptionDirectory);
anal.Analyse();
anal.SetMarkers();
@ -2092,8 +2092,8 @@ CMDRESULT cbInstrExanalyse(int argc, char* argv[])
{
SELECTIONDATA sel;
GuiSelectionGet(GUI_DISASSEMBLY, &sel);
uint size = 0;
uint base = MemFindBaseAddr(sel.start, &size);
duint size = 0;
duint base = MemFindBaseAddr(sel.start, &size);
ExceptionDirectoryAnalysis anal(base, size);
anal.Analyse();
anal.SetMarkers();
@ -2108,7 +2108,7 @@ CMDRESULT cbInstrVirtualmod(int argc, char* argv[])
dputs("Not enough arguments!");
return STATUS_ERROR;
}
uint base;
duint base;
if(!valfromstring(argv[2], &base))
{
dputs("Invalid parameter [base]!");
@ -2119,7 +2119,7 @@ CMDRESULT cbInstrVirtualmod(int argc, char* argv[])
dputs("Invalid memory address!");
return STATUS_ERROR;
}
uint size;
duint size;
if(argc < 4)
base = MemFindBaseAddr(base, &size);
else if(!valfromstring(argv[3], &size))
@ -2150,8 +2150,8 @@ CMDRESULT cbInstrVisualize(int argc, char* argv[])
dputs("not enough arguments!");
return STATUS_ERROR;
}
uint start;
uint maxaddr;
duint start;
duint maxaddr;
if(!valfromstring(argv[1], &start) || !valfromstring(argv[2], &maxaddr))
{
dputs("invalid arguments!");
@ -2168,16 +2168,16 @@ CMDRESULT cbInstrVisualize(int argc, char* argv[])
{
//initialize
Capstone _cp;
uint _base = start;
uint _size = maxaddr - start;
duint _base = start;
duint _size = maxaddr - start;
Memory<unsigned char*> _data(_size);
MemRead(_base, _data(), _size);
FunctionClear();
//linear search with some trickery
uint end = 0;
uint jumpback = 0;
for(uint addr = start, fardest = 0; addr < maxaddr;)
duint end = 0;
duint jumpback = 0;
for(duint addr = start, fardest = 0; addr < maxaddr;)
{
//update GUI
BpClear();
@ -2203,7 +2203,7 @@ CMDRESULT cbInstrVisualize(int argc, char* argv[])
const cs_x86_op & operand = _cp.x86().operands[0];
if((_cp.InGroup(CS_GRP_JUMP) || _cp.IsLoop()) && operand.type == X86_OP_IMM) //jump
{
uint dest = (uint)operand.imm;
duint dest = (duint)operand.imm;
if(dest >= maxaddr) //jump across function boundaries
{
@ -2249,7 +2249,7 @@ CMDRESULT cbInstrMeminfo(int argc, char* argv[])
dputs("usage: meminfo a/r, addr");
return STATUS_ERROR;
}
uint addr;
duint addr;
if(!valfromstring(argv[2], &addr))
{
dputs("invalid argument");
@ -2280,7 +2280,7 @@ CMDRESULT cbInstrSetMaxFindResult(int argc, char* argv[])
dputs("Not enough arguments!");
return STATUS_ERROR;
}
uint num;
duint num;
if(!valfromstring(argv[1], &num))
{
dprintf("Invalid expression: \"%s\"", argv[1]);

20
src/dbg/label.cpp
View File

@ -3,9 +3,9 @@
#include "module.h"
#include "memory.h"
std::unordered_map<uint, LABELSINFO> labels;
std::unordered_map<duint, LABELSINFO> labels;
bool LabelSet(uint Address, const char* Text, bool Manual)
bool LabelSet(duint Address, const char* Text, bool Manual)
{
// CHECK: Exported/Command function
if(!DbgIsDebugging())
@ -37,7 +37,7 @@ bool LabelSet(uint Address, const char* Text, bool Manual)
EXCLUSIVE_ACQUIRE(LockLabels);
// Insert label by key
const uint key = ModHashFromAddr(Address);
const duint key = ModHashFromAddr(Address);
if(!labels.insert(std::make_pair(ModHashFromAddr(key), labelInfo)).second)
labels[key] = labelInfo;
@ -45,7 +45,7 @@ bool LabelSet(uint Address, const char* Text, bool Manual)
return true;
}
bool LabelFromString(const char* Text, uint* Address)
bool LabelFromString(const char* Text, duint* Address)
{
// CHECK: Future? (Not used)
if(!DbgIsDebugging())
@ -69,7 +69,7 @@ bool LabelFromString(const char* Text, uint* Address)
return false;
}
bool LabelGet(uint Address, char* Text)
bool LabelGet(duint Address, char* Text)
{
// CHECK: Export function
if(!DbgIsDebugging())
@ -90,7 +90,7 @@ bool LabelGet(uint Address, char* Text)
return true;
}
bool LabelDelete(uint Address)
bool LabelDelete(duint Address)
{
// CHECK: Export function
if(!DbgIsDebugging())
@ -100,7 +100,7 @@ bool LabelDelete(uint Address)
return (labels.erase(ModHashFromAddr(Address)) > 0);
}
void LabelDelRange(uint Start, uint End)
void LabelDelRange(duint Start, duint End)
{
// CHECK: Export function
if(!DbgIsDebugging())
@ -115,7 +115,7 @@ void LabelDelRange(uint Start, uint End)
else
{
// Make sure 'Start' and 'End' reference the same module
uint moduleBase = ModBaseFromAddr(Start);
duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return;
@ -196,7 +196,7 @@ void LabelCacheLoad(JSON Root)
strcpy_s(labelInfo.mod, mod);
// Address/Manual
labelInfo.addr = (uint)json_hex_value(json_object_get(value, "address"));
labelInfo.addr = (duint)json_hex_value(json_object_get(value, "address"));
labelInfo.manual = Manual;
// Text string
@ -218,7 +218,7 @@ void LabelCacheLoad(JSON Root)
}
// Finally insert the data
const uint key = ModHashFromName(labelInfo.mod) + labelInfo.addr;
const duint key = ModHashFromName(labelInfo.mod) + labelInfo.addr;
labels.insert(std::make_pair(key, labelInfo));
}

12
src/dbg/label.h
View File

@ -5,16 +5,16 @@
struct LABELSINFO
{
char mod[MAX_MODULE_SIZE];
uint addr;
duint addr;
char text[MAX_LABEL_SIZE];
bool manual;
};
bool LabelSet(uint Address, const char* Text, bool Manual);
bool LabelFromString(const char* Text, uint* Address);
bool LabelGet(uint Address, char* Text);
bool LabelDelete(uint Address);
void LabelDelRange(uint Start, uint End);
bool LabelSet(duint Address, const char* Text, bool Manual);
bool LabelFromString(const char* Text, duint* Address);
bool LabelGet(duint Address, char* Text);
bool LabelDelete(duint Address);
void LabelDelRange(duint Start, duint End);
void LabelCacheSave(JSON root);
void LabelCacheLoad(JSON root);
bool LabelEnum(LABELSINFO* List, size_t* Size);

26
src/dbg/linearanalysis.cpp
View File

@ -3,7 +3,7 @@
#include "memory.h"
#include "function.h"
LinearAnalysis::LinearAnalysis(uint base, uint size) : Analysis(base, size)
LinearAnalysis::LinearAnalysis(duint base, duint size) : Analysis(base, size)
{
}
@ -41,12 +41,12 @@ void LinearAnalysis::SortCleanup()
void LinearAnalysis::PopulateReferences()
{
//linear immediate reference scan (call <addr>, push <addr>, mov [somewhere], <addr>)
for(uint i = 0; i < _size;)
for(duint i = 0; i < _size;)
{
uint addr = _base + i;
duint addr = _base + i;
if(_cp.Disassemble(addr, TranslateAddress(addr), MAX_DISASM_BUFFER))
{
uint ref = GetReferenceOperand();
duint ref = GetReferenceOperand();
if(ref)
_functions.push_back({ ref, 0 });
i += _cp.Size();
@ -64,11 +64,11 @@ void LinearAnalysis::AnalyseFunctions()
FunctionInfo & function = _functions[i];
if(function.end) //skip already-analysed functions
continue;
uint maxaddr = _base + _size;
duint maxaddr = _base + _size;
if(i < _functions.size() - 1)
maxaddr = _functions[i + 1].start;
uint end = FindFunctionEnd(function.start, maxaddr);
duint end = FindFunctionEnd(function.start, maxaddr);
if(end)
{
if(_cp.Disassemble(end, TranslateAddress(end), MAX_DISASM_BUFFER))
@ -79,7 +79,7 @@ void LinearAnalysis::AnalyseFunctions()
}
}
uint LinearAnalysis::FindFunctionEnd(uint start, uint maxaddr)
duint LinearAnalysis::FindFunctionEnd(duint start, duint maxaddr)
{
//disassemble first instruction for some heuristics
if(_cp.Disassemble(start, TranslateAddress(start), MAX_DISASM_BUFFER))
@ -90,9 +90,9 @@ uint LinearAnalysis::FindFunctionEnd(uint start, uint maxaddr)
}
//linear search with some trickery
uint end = 0;
uint jumpback = 0;
for(uint addr = start, fardest = 0; addr < maxaddr;)
duint end = 0;
duint jumpback = 0;
for(duint addr = start, fardest = 0; addr < maxaddr;)
{
if(_cp.Disassemble(addr, TranslateAddress(addr), MAX_DISASM_BUFFER))
{
@ -102,7 +102,7 @@ uint LinearAnalysis::FindFunctionEnd(uint start, uint maxaddr)
const cs_x86_op & operand = _cp.x86().operands[0];
if((_cp.InGroup(CS_GRP_JUMP) || _cp.IsLoop()) && operand.type == X86_OP_IMM) //jump
{
uint dest = (uint)operand.imm;
duint dest = (duint)operand.imm;
if(dest >= maxaddr) //jump across function boundaries
{
@ -132,7 +132,7 @@ uint LinearAnalysis::FindFunctionEnd(uint start, uint maxaddr)
return end < jumpback ? jumpback : end;
}
uint LinearAnalysis::GetReferenceOperand()
duint LinearAnalysis::GetReferenceOperand()
{
for(int i = 0; i < _cp.x86().op_count; i++)
{
@ -141,7 +141,7 @@ uint LinearAnalysis::GetReferenceOperand()
continue;
if(operand.type == X86_OP_IMM) //we are looking for immediate references
{
uint dest = (uint)operand.imm;
duint dest = (duint)operand.imm;
if(dest >= _base && dest < _base + _size)
return dest;
}

10
src/dbg/linearanalysis.h
View File

@ -7,15 +7,15 @@
class LinearAnalysis : public Analysis
{
public:
explicit LinearAnalysis(uint base, uint size);
explicit LinearAnalysis(duint base, duint size);
void Analyse() override;
void SetMarkers() override;
private:
struct FunctionInfo
{
uint start;
uint end;
duint start;
duint end;
bool operator<(const FunctionInfo & b) const
{
@ -33,8 +33,8 @@ private:
void SortCleanup();
void PopulateReferences();
void AnalyseFunctions();
uint FindFunctionEnd(uint start, uint maxaddr);
uint GetReferenceOperand();
duint FindFunctionEnd(duint start, duint maxaddr);
duint GetReferenceOperand();
};
#endif //_LINEARANALYSIS_H

28
src/dbg/loop.cpp
View File

@ -5,7 +5,7 @@
std::map<DepthModuleRange, LOOPSINFO, DepthModuleRangeCompare> loops;
bool LoopAdd(uint Start, uint End, bool Manual)
bool LoopAdd(duint Start, duint End, bool Manual)
{
// CHECK: Export function
if(!DbgIsDebugging())
@ -20,7 +20,7 @@ bool LoopAdd(uint Start, uint End, bool Manual)
return false;
// Check if loop boundaries are in the same module range
const uint moduleBase = ModBaseFromAddr(Start);
const duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return false;
@ -53,14 +53,14 @@ bool LoopAdd(uint Start, uint End, bool Manual)
}
// Get the start/end of a loop at a certain depth and address
bool LoopGet(int Depth, uint Address, uint* Start, uint* End)
bool LoopGet(int Depth, duint Address, duint* Start, duint* End)
{
// CHECK: Exported function
if(!DbgIsDebugging())
return false;
// Get the virtual address module
const uint moduleBase = ModBaseFromAddr(Address);
const duint moduleBase = ModBaseFromAddr(Address);
// Virtual address to relative address
Address -= moduleBase;
@ -85,18 +85,18 @@ bool LoopGet(int Depth, uint Address, uint* Start, uint* End)
}
//check if a loop overlaps a range, inside is not overlapping
bool LoopOverlaps(int Depth, uint Start, uint End, int* FinalDepth)
bool LoopOverlaps(int Depth, duint Start, duint End, int* FinalDepth)
{
// CHECK: Export function
if(!DbgIsDebugging())
return false;
// Determine module addresses and lookup keys
const uint moduleBase = ModBaseFromAddr(Start);
const uint key = ModHashFromAddr(moduleBase);
const duint moduleBase = ModBaseFromAddr(Start);
const duint key = ModHashFromAddr(moduleBase);
uint curStart = Start - moduleBase;
uint curEnd = End - moduleBase;
duint curStart = Start - moduleBase;
duint curEnd = End - moduleBase;
SHARED_ACQUIRE(LockLoops);
@ -138,7 +138,7 @@ bool LoopOverlaps(int Depth, uint Start, uint End, int* FinalDepth)
}
// This should delete a loop and all sub-loops that matches a certain addr
bool LoopDelete(int Depth, uint Address)
bool LoopDelete(int Depth, duint Address)
{
return false;
}
@ -203,10 +203,10 @@ void LoopCacheLoad(JSON Root)
strcpy_s(loopInfo.mod, mod);
// All other variables
loopInfo.start = (uint)json_hex_value(json_object_get(value, "start"));
loopInfo.end = (uint)json_hex_value(json_object_get(value, "end"));
loopInfo.start = (duint)json_hex_value(json_object_get(value, "start"));
loopInfo.end = (duint)json_hex_value(json_object_get(value, "end"));
loopInfo.depth = (int)json_integer_value(json_object_get(value, "depth"));
loopInfo.parent = (uint)json_hex_value(json_object_get(value, "parent"));
loopInfo.parent = (duint)json_hex_value(json_object_get(value, "parent"));
loopInfo.manual = Manual;
// Sanity check: Make sure the loop starts before it ends
@ -255,7 +255,7 @@ bool LoopEnum(LOOPSINFO* List, size_t* Size)
*List = itr.second;
// Adjust the offset to a real virtual address
uint modbase = ModBaseFromName(List->mod);
duint modbase = ModBaseFromName(List->mod);
List->start += modbase;
List->end += modbase;

14
src/dbg/loop.h
View File

@ -6,17 +6,17 @@
struct LOOPSINFO
{
char mod[MAX_MODULE_SIZE];
uint start;
uint end;
uint parent;
duint start;
duint end;
duint parent;
int depth;
bool manual;
};
bool LoopAdd(uint Start, uint End, bool Manual);
bool LoopGet(int Depth, uint Address, uint* Start, uint* End);
bool LoopOverlaps(int Depth, uint Start, uint End, int* FinalDepth);
bool LoopDelete(int Depth, uint Address);
bool LoopAdd(duint Start, duint End, bool Manual);
bool LoopGet(int Depth, duint Address, duint* Start, duint* End);
bool LoopOverlaps(int Depth, duint Start, duint End, int* FinalDepth);
bool LoopDelete(int Depth, duint Address);
void LoopCacheSave(JSON Root);
void LoopCacheLoad(JSON Root);
bool LoopEnum(LOOPSINFO* List, size_t* Size);

90
src/dbg/memory.cpp
View File

@ -25,8 +25,8 @@ void MemUpdateMap()
std::vector<MEMPAGE> pageVector;
{
SIZE_T numBytes = 0;
uint pageStart = 0;
uint allocationBase = 0;
duint pageStart = 0;
duint allocationBase = 0;
do
{
@ -40,10 +40,10 @@ void MemUpdateMap()
if(mbi.State == MEM_COMMIT)
{
// Only list allocation bases, unless if forced to list all
if(bListAllPages || allocationBase != (uint)mbi.AllocationBase)
if(bListAllPages || allocationBase != (duint)mbi.AllocationBase)
{
// Set the new allocation base page
allocationBase = (uint)mbi.AllocationBase;
allocationBase = (duint)mbi.AllocationBase;
MEMPAGE curPage;
memset(&curPage, 0, sizeof(MEMPAGE));
@ -60,7 +60,7 @@ void MemUpdateMap()
}
// Calculate the next page start
uint newAddress = (uint)mbi.BaseAddress + mbi.RegionSize;
duint newAddress = (duint)mbi.BaseAddress + mbi.RegionSize;
if(newAddress <= pageStart)
break;
@ -79,7 +79,7 @@ void MemUpdateMap()
if(!currentPage.info[0] || (scmp(curMod, currentPage.info) && !bListAllPages)) //there is a module
continue; //skip non-modules
strcpy(curMod, pageVector.at(i).info);
uint base = ModBaseFromName(currentPage.info);
duint base = ModBaseFromName(currentPage.info);
if(!base)
continue;
std::vector<MODSECTIONINFO> sections;
@ -98,7 +98,7 @@ void MemUpdateMap()
const auto & currentSection = sections.at(j);
memset(&newPage, 0, sizeof(MEMPAGE));
VirtualQueryEx(fdProcessInfo->hProcess, (LPCVOID)currentSection.addr, &newPage.mbi, sizeof(MEMORY_BASIC_INFORMATION));
uint SectionSize = currentSection.size;
duint SectionSize = currentSection.size;
if(SectionSize % PAGE_SIZE) //unaligned page size
SectionSize += PAGE_SIZE - (SectionSize % PAGE_SIZE); //fix this
if(SectionSize)
@ -114,16 +114,16 @@ void MemUpdateMap()
}
else //list all pages
{
uint start = (uint)currentPage.mbi.BaseAddress;
uint end = start + currentPage.mbi.RegionSize;
duint start = (duint)currentPage.mbi.BaseAddress;
duint end = start + currentPage.mbi.RegionSize;
for(int j = 0, k = 0; j < SectionNumber; j++)
{
const auto & currentSection = sections.at(j);
uint secStart = currentSection.addr;
uint SectionSize = currentSection.size;
duint secStart = currentSection.addr;
duint SectionSize = currentSection.size;
if(SectionSize % PAGE_SIZE) //unaligned page size
SectionSize += PAGE_SIZE - (SectionSize % PAGE_SIZE); //fix this
uint secEnd = secStart + SectionSize;
duint secEnd = secStart + SectionSize;
if(secStart >= start && secEnd <= end) //section is inside the memory page
{
if(k)
@ -146,13 +146,13 @@ void MemUpdateMap()
for(auto & page : pageVector)
{
uint start = (uint)page.mbi.BaseAddress;
uint size = (uint)page.mbi.RegionSize;
duint start = (duint)page.mbi.BaseAddress;
duint size = (duint)page.mbi.RegionSize;
memoryPages.insert(std::make_pair(std::make_pair(start, start + size - 1), page));
}
}
uint MemFindBaseAddr(uint Address, uint* Size, bool Refresh)
duint MemFindBaseAddr(duint Address, duint* Size, bool Refresh)
{
// Update the memory map if needed
if(Refresh)
@ -173,7 +173,7 @@ uint MemFindBaseAddr(uint Address, uint* Size, bool Refresh)
return found->first.first;
}
bool MemRead(uint BaseAddress, void* Buffer, uint Size, uint* NumberOfBytesRead)
bool MemRead(duint BaseAddress, void* Buffer, duint Size, duint* NumberOfBytesRead)
{
if(!MemIsCanonicalAddress(BaseAddress))
return false;
@ -201,9 +201,9 @@ bool MemRead(uint BaseAddress, void* Buffer, uint Size, uint* NumberOfBytesRead)
if(pageCount > 1)
{
// Determine the number of bytes between ADDRESS and the next page
uint offset = 0;
uint readBase = BaseAddress;
uint readSize = ROUND_TO_PAGES(readBase) - readBase;
duint offset = 0;
duint readBase = BaseAddress;
duint readSize = ROUND_TO_PAGES(readBase) - readBase;
// Reset the bytes read count
*NumberOfBytesRead = 0;
@ -227,7 +227,7 @@ bool MemRead(uint BaseAddress, void* Buffer, uint Size, uint* NumberOfBytesRead)
return (*NumberOfBytesRead > 0);
}
bool MemWrite(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfBytesWritten)
bool MemWrite(duint BaseAddress, const void* Buffer, duint Size, duint* NumberOfBytesWritten)
{
if(!MemIsCanonicalAddress(BaseAddress))
return false;
@ -255,9 +255,9 @@ bool MemWrite(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfByt
if(pageCount > 1)
{
// Determine the number of bytes between ADDRESS and the next page
uint offset = 0;
uint writeBase = BaseAddress;
uint writeSize = ROUND_TO_PAGES(writeBase) - writeBase;
duint offset = 0;
duint writeBase = BaseAddress;
duint writeSize = ROUND_TO_PAGES(writeBase) - writeBase;
// Reset the bytes read count
*NumberOfBytesWritten = 0;
@ -281,7 +281,7 @@ bool MemWrite(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfByt
return (*NumberOfBytesWritten > 0);
}
bool MemPatch(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfBytesWritten)
bool MemPatch(duint BaseAddress, const void* Buffer, duint Size, duint* NumberOfBytesWritten)
{
// Buffer and size must be valid
if(!Buffer || Size <= 0)
@ -297,19 +297,19 @@ bool MemPatch(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfByt
return false;
}
for(uint i = 0; i < Size; i++)
for(duint i = 0; i < Size; i++)
PatchSet(BaseAddress + i, oldData()[i], ((const unsigned char*)Buffer)[i]);
return MemWrite(BaseAddress, Buffer, Size, NumberOfBytesWritten);
}
bool MemIsValidReadPtr(uint Address)
bool MemIsValidReadPtr(duint Address)
{
unsigned char a = 0;
return MemRead(Address, &a, sizeof(unsigned char));
}
bool MemIsCanonicalAddress(uint Address)
bool MemIsCanonicalAddress(duint Address)
{
#ifndef _WIN64
// 32-bit mode only supports 4GB max, so limits are
@ -325,7 +325,7 @@ bool MemIsCanonicalAddress(uint Address)
#endif // ndef _WIN64
}
bool MemIsCodePage(uint Address, bool Refresh)
bool MemIsCodePage(duint Address, bool Refresh)
{
MEMPAGE pageInfo;
if(!MemGetPageInfo(Address, &pageInfo, Refresh))
@ -334,22 +334,22 @@ bool MemIsCodePage(uint Address, bool Refresh)
return (pageInfo.mbi.Protect & (PAGE_EXECUTE | PAGE_EXECUTE_READ | PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY)) != 0;
}
uint MemAllocRemote(uint Address, uint Size, DWORD Type, DWORD Protect)
duint MemAllocRemote(duint Address, duint Size, DWORD Type, DWORD Protect)
{
return (uint)VirtualAllocEx(fdProcessInfo->hProcess, (LPVOID)Address, Size, Type, Protect);
return (duint)VirtualAllocEx(fdProcessInfo->hProcess, (LPVOID)Address, Size, Type, Protect);
}
bool MemFreeRemote(uint Address)
bool MemFreeRemote(duint Address)
{
return !!VirtualFreeEx(fdProcessInfo->hProcess, (LPVOID)Address, 0, MEM_RELEASE);
}
uint MemGetPageAligned(uint Address)
duint MemGetPageAligned(duint Address)
{
return PAGE_ALIGN(Address);
}
bool MemGetPageInfo(uint Address, MEMPAGE* PageInfo, bool Refresh)
bool MemGetPageInfo(duint Address, MEMPAGE* PageInfo, bool Refresh)
{
// Update the memory map if needed
if(Refresh)
@ -370,7 +370,7 @@ bool MemGetPageInfo(uint Address, MEMPAGE* PageInfo, bool Refresh)
return true;
}
bool MemSetPageRights(uint Address, const char* Rights)
bool MemSetPageRights(duint Address, const char* Rights)
{
// Align address to page base
Address = MemGetPageAligned(Address);
@ -387,7 +387,7 @@ bool MemSetPageRights(uint Address, const char* Rights)
return true;
}
bool MemGetPageRights(uint Address, char* Rights)
bool MemGetPageRights(duint Address, char* Rights)
{
// Align address to page base
Address = MemGetPageAligned(Address);
@ -472,7 +472,7 @@ bool MemPageRightsFromString(DWORD* Protect, const char* Rights)
return (*Protect != 0);
}
bool MemFindInPage(SimplePage page, uint startoffset, const std::vector<PatternByte> & pattern, std::vector<uint> & results, uint maxresults)
bool MemFindInPage(SimplePage page, duint startoffset, const std::vector<PatternByte> & pattern, std::vector<duint> & results, duint maxresults)
{
if(startoffset >= page.size || results.size() >= maxresults)
return false;
@ -482,27 +482,27 @@ bool MemFindInPage(SimplePage page, uint startoffset, const std::vector<PatternB
if(!MemRead(page.address, data(), data.size()))
return false;
uint maxFind = maxresults;
uint foundCount = results.size();
uint i = 0;
uint findSize = data.size() - startoffset;
duint maxFind = maxresults;
duint foundCount = results.size();
duint i = 0;
duint findSize = data.size() - startoffset;
while(foundCount < maxFind)
{
uint foundoffset = patternfind(data() + startoffset + i, findSize - i, pattern);
duint foundoffset = patternfind(data() + startoffset + i, findSize - i, pattern);
if(foundoffset == -1)
break;
i += foundoffset + 1;
uint result = page.address + startoffset + i - 1;
duint result = page.address + startoffset + i - 1;
results.push_back(result);
foundCount++;
}
return true;
}
bool MemFindInMap(const std::vector<SimplePage> & pages, const std::vector<PatternByte> & pattern, std::vector<uint> & results, uint maxresults, bool progress)
bool MemFindInMap(const std::vector<SimplePage> & pages, const std::vector<PatternByte> & pattern, std::vector<duint> & results, duint maxresults, bool progress)
{
uint count = 0;
uint total = pages.size();
duint count = 0;
duint total = pages.size();
for(const auto page : pages)
{
if(!MemFindInPage(page, 0, pattern, results, maxresults))

36
src/dbg/memory.h
View File

@ -9,10 +9,10 @@ extern bool bListAllPages;
struct SimplePage
{
uint address;
uint size;
duint address;
duint size;
SimplePage(uint address, uint size)
SimplePage(duint address, duint size)
{
this->address = address;
this->size = size;
@ -20,20 +20,20 @@ struct SimplePage
};
void MemUpdateMap();
uint MemFindBaseAddr(uint Address, uint* Size, bool Refresh = false);
bool MemRead(uint BaseAddress, void* Buffer, uint Size, uint* NumberOfBytesRead = nullptr);
bool MemWrite(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfBytesWritten = nullptr);
bool MemPatch(uint BaseAddress, const void* Buffer, uint Size, uint* NumberOfBytesWritten = nullptr);
bool MemIsValidReadPtr(uint Address);
bool MemIsCanonicalAddress(uint Address);
bool MemIsCodePage(uint Address, bool Refresh);
uint MemAllocRemote(uint Address, uint Size, DWORD Type = MEM_RESERVE | MEM_COMMIT, DWORD Protect = PAGE_EXECUTE_READWRITE);
bool MemFreeRemote(uint Address);
uint MemGetPageAligned(uint Address);
bool MemGetPageInfo(uint Address, MEMPAGE* PageInfo, bool Refresh = false);
bool MemSetPageRights(uint Address, const char* Rights);
bool MemGetPageRights(uint Address, char* Rights);
duint MemFindBaseAddr(duint Address, duint* Size, bool Refresh = false);
bool MemRead(duint BaseAddress, void* Buffer, duint Size, duint* NumberOfBytesRead = nullptr);
bool MemWrite(duint BaseAddress, const void* Buffer, duint Size, duint* NumberOfBytesWritten = nullptr);
bool MemPatch(duint BaseAddress, const void* Buffer, duint Size, duint* NumberOfBytesWritten = nullptr);
bool MemIsValidReadPtr(duint Address);
bool MemIsCanonicalAddress(duint Address);
bool MemIsCodePage(duint Address, bool Refresh);
duint MemAllocRemote(duint Address, duint Size, DWORD Type = MEM_RESERVE | MEM_COMMIT, DWORD Protect = PAGE_EXECUTE_READWRITE);
bool MemFreeRemote(duint Address);
duint MemGetPageAligned(duint Address);
bool MemGetPageInfo(duint Address, MEMPAGE* PageInfo, bool Refresh = false);
bool MemSetPageRights(duint Address, const char* Rights);
bool MemGetPageRights(duint Address, char* Rights);
bool MemPageRightsToString(DWORD Protect, char* Rights);
bool MemPageRightsFromString(DWORD* Protect, const char* Rights);
bool MemFindInPage(SimplePage page, uint startoffset, const std::vector<PatternByte> & pattern, std::vector<uint> & results, uint maxresults);
bool MemFindInMap(const std::vector<SimplePage> & pages, const std::vector<PatternByte> & pattern, std::vector<uint> & results, uint maxresults, bool progress = true);
bool MemFindInPage(SimplePage page, duint startoffset, const std::vector<PatternByte> & pattern, std::vector<duint> & results, duint maxresults);
bool MemFindInMap(const std::vector<SimplePage> & pages, const std::vector<PatternByte> & pattern, std::vector<duint> & results, duint maxresults, bool progress = true);

26
src/dbg/module.cpp
View File

@ -11,7 +11,7 @@ std::map<Range, MODINFO, RangeCompare> modinfo;
void GetModuleInfo(MODINFO & Info, ULONG_PTR FileMapVA)
{
// Get the entry point
uint moduleOEP = GetPE32DataFromMappedFile(FileMapVA, 0, UE_OEP);
duint moduleOEP = GetPE32DataFromMappedFile(FileMapVA, 0, UE_OEP);
// Fix a problem where the OEP is set to zero (non-existent).
// OEP can't start at the PE header/offset 0 -- except if module is an EXE.
@ -47,7 +47,7 @@ void GetModuleInfo(MODINFO & Info, ULONG_PTR FileMapVA)
}
}
bool ModLoad(uint Base, uint Size, const char* FullPath)
bool ModLoad(duint Base, duint Size, const char* FullPath)
{
// Handle a new module being loaded
if(!Base || !Size || !FullPath)
@ -137,7 +137,7 @@ bool ModLoad(uint Base, uint Size, const char* FullPath)
if(info.entry >= Base && info.entry < Base + Size)
LabelSet(info.entry, "EntryPoint", false);
apienumexports(Base, [](uint base, const char* mod, const char* name, uint addr)
apienumexports(Base, [](duint base, const char* mod, const char* name, duint addr)
{
LabelSet(addr, name, false);
});
@ -147,7 +147,7 @@ bool ModLoad(uint Base, uint Size, const char* FullPath)
return true;
}
bool ModUnload(uint Base)
bool ModUnload(duint Base)
{
EXCLUSIVE_ACQUIRE(LockModules);
@ -177,7 +177,7 @@ void ModClear()
GuiSymbolUpdateModuleList(0, nullptr);
}
MODINFO* ModInfoFromAddr(uint Address)
MODINFO* ModInfoFromAddr(duint Address)
{
//
// NOTE: THIS DOES _NOT_ USE LOCKS
@ -191,7 +191,7 @@ MODINFO* ModInfoFromAddr(uint Address)
return &found->second;
}
bool ModNameFromAddr(uint Address, char* Name, bool Extension)
bool ModNameFromAddr(duint Address, char* Name, bool Extension)
{
if(!Name)
return false;
@ -213,7 +213,7 @@ bool ModNameFromAddr(uint Address, char* Name, bool Extension)
return true;
}
uint ModBaseFromAddr(uint Address)
duint ModBaseFromAddr(duint Address)
{
SHARED_ACQUIRE(LockModules);
@ -225,7 +225,7 @@ uint ModBaseFromAddr(uint Address)
return module->base;
}
uint ModHashFromAddr(uint Address)
duint ModHashFromAddr(duint Address)
{
// Returns a unique hash from a virtual address
SHARED_ACQUIRE(LockModules);
@ -238,7 +238,7 @@ uint ModHashFromAddr(uint Address)
return module->hash + (Address - module->base);
}
uint ModHashFromName(const char* Module)
duint ModHashFromName(const char* Module)
{
// return MODINFO.hash (based on the name)
if(!Module || Module[0] == '\0')
@ -247,7 +247,7 @@ uint ModHashFromName(const char* Module)
return murmurhash(Module, (int)strlen(Module));
}
uint ModBaseFromName(const char* Module)
duint ModBaseFromName(const char* Module)
{
if(!Module || strlen(Module) >= MAX_MODULE_SIZE)
return 0;
@ -269,7 +269,7 @@ uint ModBaseFromName(const char* Module)
return 0;
}
uint ModSizeFromAddr(uint Address)
duint ModSizeFromAddr(duint Address)
{
SHARED_ACQUIRE(LockModules);
@ -281,7 +281,7 @@ uint ModSizeFromAddr(uint Address)
return module->size;
}
bool ModSectionsFromAddr(uint Address, std::vector<MODSECTIONINFO>* Sections)
bool ModSectionsFromAddr(duint Address, std::vector<MODSECTIONINFO>* Sections)
{
SHARED_ACQUIRE(LockModules);
@ -295,7 +295,7 @@ bool ModSectionsFromAddr(uint Address, std::vector<MODSECTIONINFO>* Sections)
return true;
}
uint ModEntryFromAddr(uint Address)
duint ModEntryFromAddr(duint Address)
{
SHARED_ACQUIRE(LockModules);

34
src/dbg/module.h
View File

@ -4,17 +4,17 @@
struct MODSECTIONINFO
{
uint addr; // Virtual address
uint size; // Virtual size
duint addr; // Virtual address
duint size; // Virtual size
char name[MAX_SECTION_SIZE * 5]; // Escaped section name
};
struct MODINFO
{
uint base; // Module base
uint size; // Module size
uint hash; // Full module name hash
uint entry; // Entry point
duint base; // Module base
duint size; // Module size
duint hash; // Full module name hash
duint entry; // Entry point
char name[MAX_MODULE_SIZE]; // Module name (without extension)
char extension[MAX_MODULE_SIZE]; // File extension
@ -23,18 +23,18 @@ struct MODINFO
std::vector<MODSECTIONINFO> sections;
};
bool ModLoad(uint Base, uint Size, const char* FullPath);
bool ModUnload(uint Base);
bool ModLoad(duint Base, duint Size, const char* FullPath);
bool ModUnload(duint Base);
void ModClear();
MODINFO* ModInfoFromAddr(uint Address);
bool ModNameFromAddr(uint Address, char* Name, bool Extension);
uint ModBaseFromAddr(uint Address);
uint ModHashFromAddr(uint Address);
uint ModHashFromName(const char* Module);
uint ModBaseFromName(const char* Module);
uint ModSizeFromAddr(uint Address);
bool ModSectionsFromAddr(uint Address, std::vector<MODSECTIONINFO>* Sections);
uint ModEntryFromAddr(uint Address);
MODINFO* ModInfoFromAddr(duint Address);
bool ModNameFromAddr(duint Address, char* Name, bool Extension);
duint ModBaseFromAddr(duint Address);
duint ModHashFromAddr(duint Address);
duint ModHashFromName(const char* Module);
duint ModBaseFromName(const char* Module);
duint ModSizeFromAddr(duint Address);
bool ModSectionsFromAddr(duint Address, std::vector<MODSECTIONINFO>* Sections);
duint ModEntryFromAddr(duint Address);
int ModPathFromAddr(duint Address, char* Path, int Size);
int ModPathFromName(const char* Module, char* Path, int Size);
void ModGetList(std::vector<MODINFO> & list);

2
src/dbg/msgqueue.cpp
View File

@ -37,7 +37,7 @@ void MsgFreeStack(MESSAGE_STACK* msgstack)
}
//add a message to the stack
bool MsgSend(MESSAGE_STACK* msgstack, int msg, uint param1, uint param2)
bool MsgSend(MESSAGE_STACK* msgstack, int msg, duint param1, duint param2)
{
CRITICAL_SECTION* cr = &msgstack->cr;
EnterCriticalSection(cr);

6
src/dbg/msgqueue.h
View File

@ -10,8 +10,8 @@
struct MESSAGE
{
int msg;
uint param1;
uint param2;
duint param1;
duint param2;
};
//message stack structure
@ -25,7 +25,7 @@ struct MESSAGE_STACK
//function definitions
MESSAGE_STACK* MsgAllocStack();
void MsgFreeStack(MESSAGE_STACK* msgstack);
bool MsgSend(MESSAGE_STACK* msgstack, int msg, uint param1, uint param2);
bool MsgSend(MESSAGE_STACK* msgstack, int msg, duint param1, duint param2);
bool MsgGet(MESSAGE_STACK* msgstack, MESSAGE* msg);
void MsgWait(MESSAGE_STACK* msgstack, MESSAGE* msg, bool* bStop);

16
src/dbg/patches.cpp
View File

@ -10,9 +10,9 @@
#include "threading.h"
#include "module.h"
std::unordered_map<uint, PATCHINFO> patches;
std::unordered_map<duint, PATCHINFO> patches;
bool PatchSet(uint Address, unsigned char OldByte, unsigned char NewByte)
bool PatchSet(duint Address, unsigned char OldByte, unsigned char NewByte)
{
// CHECK: Exported function
if(!DbgIsDebugging())
@ -33,7 +33,7 @@ bool PatchSet(uint Address, unsigned char OldByte, unsigned char NewByte)
ModNameFromAddr(Address, newPatch.mod, true);
// Generate a key for this address
const uint key = ModHashFromAddr(Address);
const duint key = ModHashFromAddr(Address);
EXCLUSIVE_ACQUIRE(LockPatches);
@ -62,7 +62,7 @@ bool PatchSet(uint Address, unsigned char OldByte, unsigned char NewByte)
return true;
}
bool PatchGet(uint Address, PATCHINFO* Patch)
bool PatchGet(duint Address, PATCHINFO* Patch)
{
// CHECK: Export
if(!DbgIsDebugging())
@ -87,7 +87,7 @@ bool PatchGet(uint Address, PATCHINFO* Patch)
return true;
}
bool PatchDelete(uint Address, bool Restore)
bool PatchDelete(duint Address, bool Restore)
{
// CHECK: Export function
if(!DbgIsDebugging())
@ -110,7 +110,7 @@ bool PatchDelete(uint Address, bool Restore)
return true;
}
void PatchDelRange(uint Start, uint End, bool Restore)
void PatchDelRange(duint Start, duint End, bool Restore)
{
// CHECK: Export call
if(!DbgIsDebugging())
@ -126,7 +126,7 @@ void PatchDelRange(uint Start, uint End, bool Restore)
else
{
// Make sure 'Start' and 'End' reference the same module
uint moduleBase = ModBaseFromAddr(Start);
duint moduleBase = ModBaseFromAddr(Start);
if(moduleBase != ModBaseFromAddr(End))
return;
@ -218,7 +218,7 @@ int PatchFile(const PATCHINFO* List, int Count, const char* FileName, char* Erro
}
// See if the module was loaded
uint moduleBase = ModBaseFromName(moduleName);
duint moduleBase = ModBaseFromName(moduleName);
if(!moduleBase)
{

10
src/dbg/patches.h
View File

@ -5,15 +5,15 @@
struct PATCHINFO
{
char mod[MAX_MODULE_SIZE];
uint addr;
duint addr;
unsigned char oldbyte;
unsigned char newbyte;
};
bool PatchSet(uint Address, unsigned char OldByte, unsigned char NewByte);
bool PatchGet(uint Address, PATCHINFO* Patch);
bool PatchDelete(uint Address, bool Restore);
void PatchDelRange(uint Start, uint End, bool Restore);
bool PatchSet(duint Address, unsigned char OldByte, unsigned char NewByte);
bool PatchGet(duint Address, PATCHINFO* Patch);
bool PatchDelete(duint Address, bool Restore);
void PatchDelRange(duint Start, duint End, bool Restore);
bool PatchEnum(PATCHINFO* List, size_t* Size);
int PatchFile(const PATCHINFO* List, int Count, const char* FileName, char* Error);
void PatchClear(const char* Module = nullptr);

2
src/dbg/plugin_loader.cpp
View File

@ -386,7 +386,7 @@ void plugincbcall(CBTYPE cbType, void* callbackInfo)
if(currentCallback.cbType == cbType)
{
CBPLUGIN cbPlugin = currentCallback.cbPlugin;
if(!IsBadReadPtr((const void*)cbPlugin, sizeof(uint)))
if(!IsBadReadPtr((const void*)cbPlugin, sizeof(duint)))
cbPlugin(cbType, callbackInfo);
}
}

16
src/dbg/reference.cpp
View File

@ -9,10 +9,10 @@
#include "console.h"
#include "module.h"
int RefFind(uint Address, uint Size, CBREF Callback, void* UserData, bool Silent, const char* Name)
int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Silent, const char* Name)
{
uint regionSize = 0;
uint regionBase = MemFindBaseAddr(Address, &regionSize, true);
duint regionSize = 0;
duint regionBase = MemFindBaseAddr(Address, &regionSize, true);
// If the memory page wasn't found, fail
if(!regionBase || !regionSize)
@ -24,13 +24,13 @@ int RefFind(uint Address, uint Size, CBREF Callback, void* UserData, bool Silent
}
// Assume the entire range is used
uint scanStart = regionBase;
uint scanSize = regionSize;
duint scanStart = regionBase;
duint scanSize = regionSize;
// Otherwise use custom boundaries if size was supplied
if(Size)
{
uint maxsize = Size - (Address - regionBase);
duint maxsize = Size - (Address - regionBase);
// Make sure the size fits in one page
scanStart = Address;
@ -69,8 +69,8 @@ int RefFind(uint Address, uint Size, CBREF Callback, void* UserData, bool Silent
Callback(0, 0, &refInfo);
//concurrency::parallel_for(uint(0), scanSize, [&](uint i)
for(uint i = 0; i < scanSize;)
//concurrency::parallel_for(duint(0), scanSize, [&](duint i)
for(duint i = 0; i < scanSize;)
{
// Print the progress every 4096 bytes
if((i % 0x1000) == 0)

2
src/dbg/reference.h
View File

@ -13,4 +13,4 @@ struct REFINFO
// Reference callback typedef
typedef bool (*CBREF)(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refinfo);
int RefFind(uint Address, uint Size, CBREF Callback, void* UserData, bool Silent, const char* Name);
int RefFind(duint Address, duint Size, CBREF Callback, void* UserData, bool Silent, const char* Name);

8
src/dbg/simplescript.cpp
View File

@ -346,8 +346,8 @@ static CMDRESULT scriptinternalcmdexec(const char* cmd)
static bool scriptinternalbranch(SCRIPTBRANCHTYPE type) //determine if we should jump
{
uint ezflag = 0;
uint bsflag = 0;
duint ezflag = 0;
duint bsflag = 0;
varget("$_EZ_FLAG", &ezflag, 0, 0);
varget("$_BS_FLAG", &bsflag, 0, 0);
bool bJump = false;
@ -426,7 +426,7 @@ static bool scriptinternalcmd()
static DWORD WINAPI scriptRunThread(void* arg)
{
int destline = (int)(uint)arg;
int destline = (int)(duint)arg;
if(!destline || destline > (int)linemap.size()) //invalid line
destline = 0;
if(destline)
@ -504,7 +504,7 @@ void scriptrun(int destline)
if(bIsRunning) //already running
return;
bIsRunning = true;
CloseHandle(CreateThread(0, 0, scriptRunThread, (void*)(uint)destline, 0, 0));
CloseHandle(CreateThread(0, 0, scriptRunThread, (void*)(duint)destline, 0, 0));
}
DWORD WINAPI scriptStepThread(void* param)

26
src/dbg/stackinfo.cpp
View File

@ -12,23 +12,23 @@
#include "module.h"
#include "thread.h"
bool stackcommentget(uint addr, STACK_COMMENT* comment)
bool stackcommentget(duint addr, STACK_COMMENT* comment)
{
uint data = 0;
duint data = 0;
memset(comment, 0, sizeof(STACK_COMMENT));
MemRead(addr, &data, sizeof(uint));
MemRead(addr, &data, sizeof(duint));
if(!MemIsValidReadPtr(data)) //the stack value is no pointer
return false;
uint size = 0;
uint base = MemFindBaseAddr(data, &size);
uint readStart = data - 16 * 4;
duint size = 0;
duint base = MemFindBaseAddr(data, &size);
duint readStart = data - 16 * 4;
if(readStart < base)
readStart = base;
unsigned char disasmData[256];
MemRead(readStart, disasmData, sizeof(disasmData));
uint prev = disasmback(disasmData, 0, sizeof(disasmData), data - readStart, 1);
uint previousInstr = readStart + prev;
duint prev = disasmback(disasmData, 0, sizeof(disasmData), data - readStart, 1);
duint previousInstr = readStart + prev;
BASIC_INSTRUCTION_INFO basicinfo;
bool valid = disasmfast(disasmData + prev, previousInstr, &basicinfo);
@ -114,7 +114,7 @@ BOOL CALLBACK StackReadProcessMemoryProc64(HANDLE hProcess, DWORD64 lpBaseAddres
// Fix for 64-bit sizes
SIZE_T bytesRead = 0;
if(MemRead((uint)lpBaseAddress, lpBuffer, nSize, &bytesRead))
if(MemRead((duint)lpBaseAddress, lpBuffer, nSize, &bytesRead))
{
if(lpNumberOfBytesRead)
*lpNumberOfBytesRead = (DWORD)bytesRead;
@ -127,7 +127,7 @@ BOOL CALLBACK StackReadProcessMemoryProc64(HANDLE hProcess, DWORD64 lpBaseAddres
DWORD64 CALLBACK StackGetModuleBaseProc64(HANDLE hProcess, DWORD64 Address)
{
return (DWORD64)ModBaseFromAddr((uint)Address);
return (DWORD64)ModBaseFromAddr((duint)Address);
}
DWORD64 CALLBACK StackTranslateAddressProc64(HANDLE hProcess, HANDLE hThread, LPADDRESS64 lpaddr)
@ -136,7 +136,7 @@ DWORD64 CALLBACK StackTranslateAddressProc64(HANDLE hProcess, HANDLE hThread, LP
return 0;
}
void StackEntryFromFrame(CALLSTACKENTRY* Entry, uint Address, uint From, uint To)
void StackEntryFromFrame(CALLSTACKENTRY* Entry, duint Address, duint From, duint To)
{
Entry->addr = Address;
Entry->from = From;
@ -177,7 +177,7 @@ void StackEntryFromFrame(CALLSTACKENTRY* Entry, uint Address, uint From, uint To
sprintf_s(Entry->comment, "return to %s from ???", returnToAddr);
}
void stackgetcallstack(uint csp, CALLSTACK* callstack)
void stackgetcallstack(duint csp, CALLSTACK* callstack)
{
// Gather context data
CONTEXT context;
@ -242,7 +242,7 @@ void stackgetcallstack(uint csp, CALLSTACK* callstack)
CALLSTACKENTRY entry;
memset(&entry, 0, sizeof(CALLSTACKENTRY));
StackEntryFromFrame(&entry, (uint)frame.AddrFrame.Offset, (uint)frame.AddrReturn.Offset, (uint)frame.AddrPC.Offset);
StackEntryFromFrame(&entry, (duint)frame.AddrFrame.Offset, (duint)frame.AddrReturn.Offset, (duint)frame.AddrPC.Offset);
callstackVector.push_back(entry);
}
else

10
src/dbg/stackinfo.h
View File

@ -5,9 +5,9 @@
struct CALLSTACKENTRY
{
uint addr;
uint from;
uint to;
duint addr;
duint from;
duint to;
char comment[MAX_COMMENT_SIZE];
};
@ -17,7 +17,7 @@ struct CALLSTACK
CALLSTACKENTRY* entries;
};
bool stackcommentget(uint addr, STACK_COMMENT* comment);
void stackgetcallstack(uint csp, CALLSTACK* callstack);
bool stackcommentget(duint addr, STACK_COMMENT* comment);
void stackgetcallstack(duint csp, CALLSTACK* callstack);
#endif //_STACKINFO_H

2
src/dbg/stringformat.cpp
View File

@ -17,7 +17,7 @@ enum ValueType
static String printValue(FormatValueType value, ValueType::ValueType type)
{
uint valuint = 0;
duint valuint = 0;
bool validval = valfromstring(value, &valuint);
char result[deflen] = "???";
switch(type)

10
src/dbg/symbolinfo.cpp
View File

@ -51,7 +51,7 @@ static BOOL CALLBACK EnumSymbols(PSYMBOL_INFO SymInfo, ULONG SymbolSize, PVOID U
return TRUE;
}
void SymEnum(uint Base, CBSYMBOLENUM EnumCallback, void* UserData)
void SymEnum(duint Base, CBSYMBOLENUM EnumCallback, void* UserData)
{
SYMBOLCBDATA symbolCbData;
symbolCbData.cbSymbolEnum = EnumCallback;
@ -177,7 +177,7 @@ void SymDownloadAllSymbols(const char* SymbolStore)
dputs("SymSetSearchPathW (2) failed!");
}
bool SymAddrFromName(const char* Name, uint* Address)
bool SymAddrFromName(const char* Name, duint* Address)
{
if(!Name || Name[0] == '\0')
return false;
@ -200,11 +200,11 @@ bool SymAddrFromName(const char* Name, uint* Address)
if(!SafeSymFromName(fdProcessInfo->hProcess, Name, symbol))
return false;
*Address = (uint)symbol->Address;
*Address = (duint)symbol->Address;
return true;
}
const char* SymGetSymbolicName(uint Address)
const char* SymGetSymbolicName(duint Address)
{
//
// This resolves an address to a module and symbol:
@ -251,7 +251,7 @@ const char* SymGetSymbolicName(uint Address)
return symbolicname;
}
bool SymGetSourceLine(uint Cip, char* FileName, int* Line)
bool SymGetSourceLine(duint Cip, char* FileName, int* Line)
{
IMAGEHLP_LINEW64 lineInfo;
memset(&lineInfo, 0, sizeof(IMAGEHLP_LINE64));

8
src/dbg/symbolinfo.h
View File

@ -2,12 +2,12 @@
#include "_global.h"
void SymEnum(uint Base, CBSYMBOLENUM EnumCallback, void* UserData);
void SymEnum(duint Base, CBSYMBOLENUM EnumCallback, void* UserData);
bool SymGetModuleList(std::vector<SYMBOLMODULEINFO>* List);
void SymUpdateModuleList();
void SymDownloadAllSymbols(const char* SymbolStore);
bool SymAddrFromName(const char* Name, uint* Address);
const char* SymGetSymbolicName(uint Address);
bool SymAddrFromName(const char* Name, duint* Address);
const char* SymGetSymbolicName(duint Address);
/**
\brief Gets the source code file name and line from an address.
@ -16,4 +16,4 @@ const char* SymGetSymbolicName(uint Address);
\param [out] nLine Line number. Can be null.
\return true if it succeeds, false if it fails.
*/
bool SymGetSourceLine(uint Cip, char* FileName, int* Line);
bool SymGetSourceLine(duint Cip, char* FileName, int* Line);

6
src/dbg/thread.cpp
View File

@ -19,8 +19,8 @@ void ThreadCreate(CREATE_THREAD_DEBUG_INFO* CreateThread)
curInfo.ThreadNumber = ThreadGetCount();
curInfo.Handle = CreateThread->hThread;
curInfo.ThreadId = ((DEBUG_EVENT*)GetDebugData())->dwThreadId;
curInfo.ThreadStartAddress = (uint)CreateThread->lpStartAddress;
curInfo.ThreadLocalBase = (uint)CreateThread->lpThreadLocalBase;
curInfo.ThreadStartAddress = (duint)CreateThread->lpStartAddress;
curInfo.ThreadLocalBase = (duint)CreateThread->lpThreadLocalBase;
// The first thread (#0) is always the main program thread
if(curInfo.ThreadNumber <= 0)
@ -110,7 +110,7 @@ bool ThreadIsValid(DWORD ThreadId)
return threadList.find(ThreadId) != threadList.end();
}
bool ThreadGetTeb(uint TEBAddress, TEB* Teb)
bool ThreadGetTeb(duint TEBAddress, TEB* Teb)
{
memset(Teb, 0, sizeof(TEB));
return MemRead(TEBAddress, Teb, sizeof(TEB));

2
src/dbg/thread.h
View File

@ -10,7 +10,7 @@ int ThreadGetCount();
void ThreadGetList(THREADLIST* list);
bool ThreadIsValid(DWORD ThreadId);
bool ThreadSetName(DWORD ThreadId, const char* name);
bool ThreadGetTeb(uint TEBAddress, TEB* Teb);
bool ThreadGetTeb(duint TEBAddress, TEB* Teb);
int ThreadGetSuspendCount(HANDLE Thread);
THREADPRIORITY ThreadGetPriority(HANDLE Thread);
THREADWAITREASON ThreadGetWaitReason(HANDLE Thread);

164
src/dbg/value.cpp
View File

@ -345,7 +345,7 @@ static unsigned int getmxcsrflagfromstring(const char* string)
\param string The string with the flag name.
\return true if the flag is 1, false if the flag is 0.
*/
bool valmxcsrflagfromstring(uint mxcsrflags, const char* string)
bool valmxcsrflagfromstring(duint mxcsrflags, const char* string)
{
unsigned int flag = getmxcsrflagfromstring(string);
if(flag == 0)
@ -409,7 +409,7 @@ static unsigned int getx87statuswordflagfromstring(const char* string)
\param string The flag name.
\return true if the flag is 1, false if the flag is 0.
*/
bool valx87statuswordflagfromstring(uint statusword, const char* string)
bool valx87statuswordflagfromstring(duint statusword, const char* string)
{
unsigned int flag = getx87statuswordflagfromstring(string);
if(flag == 0)
@ -463,7 +463,7 @@ static unsigned int getx87controlwordflagfromstring(const char* string)
\param string The flag name.
\return true if the flag is 1, false when the flag is 0.
*/
bool valx87controlwordflagfromstring(uint controlword, const char* string)
bool valx87controlwordflagfromstring(duint controlword, const char* string)
{
unsigned int flag = getx87controlwordflagfromstring(string);
@ -479,7 +479,7 @@ bool valx87controlwordflagfromstring(uint controlword, const char* string)
\param string The name of the field (should be "RC").
\return The MXCSR field word.
*/
unsigned short valmxcsrfieldfromstring(uint mxcsrflags, const char* string)
unsigned short valmxcsrfieldfromstring(duint mxcsrflags, const char* string)
{
if(scmp(string, "RC"))
return ((mxcsrflags & 0x6000) >> 13);
@ -493,7 +493,7 @@ unsigned short valmxcsrfieldfromstring(uint mxcsrflags, const char* string)
\param string The name of the field (should be "TOP").
\return The x87 status word field.
*/
unsigned short valx87statuswordfieldfromstring(uint statusword, const char* string)
unsigned short valx87statuswordfieldfromstring(duint statusword, const char* string)
{
if(scmp(string, "TOP"))
return ((statusword & 0x3800) >> 11);
@ -507,7 +507,7 @@ unsigned short valx87statuswordfieldfromstring(uint statusword, const char* stri
\param string The name of the field.
\return The x87 control word field.
*/
unsigned short valx87controlwordfieldfromstring(uint controlword, const char* string)
unsigned short valx87controlwordfieldfromstring(duint controlword, const char* string)
{
if(scmp(string, "PC"))
return ((controlword & 0x300) >> 8);
@ -523,7 +523,7 @@ unsigned short valx87controlwordfieldfromstring(uint controlword, const char* st
\param string The name of the flag.
\return true if the flag equals to 1, false if the flag is 0 or not found.
*/
bool valflagfromstring(uint eflags, const char* string)
bool valflagfromstring(duint eflags, const char* string)
{
if(scmp(string, "cf"))
return (bool)((int)(eflags & 0x1) != 0);
@ -566,9 +566,9 @@ bool valflagfromstring(uint eflags, const char* string)
*/
bool setflag(const char* string, bool set)
{
uint eflags = GetContextDataEx(hActiveThread, UE_CFLAGS);
uint xorval = 0;
uint flag = 0;
duint eflags = GetContextDataEx(hActiveThread, UE_CFLAGS);
duint xorval = 0;
duint flag = 0;
if(scmp(string, "cf"))
flag = 0x1;
else if(scmp(string, "pf"))
@ -612,7 +612,7 @@ bool setflag(const char* string, bool set)
\param string The name of the register to get.
\return The register value.
*/
static uint getregister(int* size, const char* string)
static duint getregister(int* size, const char* string)
{
if(size)
*size = 4;
@ -686,47 +686,47 @@ static uint getregister(int* size, const char* string)
*size = 2;
if(scmp(string, "ax"))
{
uint val = GetContextDataEx(hActiveThread, UE_EAX);
duint val = GetContextDataEx(hActiveThread, UE_EAX);
return val & 0xFFFF;
}
if(scmp(string, "bx"))
{
uint val = GetContextDataEx(hActiveThread, UE_EBX);
duint val = GetContextDataEx(hActiveThread, UE_EBX);
return val & 0xFFFF;
}
if(scmp(string, "cx"))
{
uint val = GetContextDataEx(hActiveThread, UE_ECX);
duint val = GetContextDataEx(hActiveThread, UE_ECX);
return val & 0xFFFF;
}
if(scmp(string, "dx"))
{
uint val = GetContextDataEx(hActiveThread, UE_EDX);
duint val = GetContextDataEx(hActiveThread, UE_EDX);
return val & 0xFFFF;
}
if(scmp(string, "si"))
{
uint val = GetContextDataEx(hActiveThread, UE_ESI);
duint val = GetContextDataEx(hActiveThread, UE_ESI);
return val & 0xFFFF;
}
if(scmp(string, "di"))
{
uint val = GetContextDataEx(hActiveThread, UE_EDI);
duint val = GetContextDataEx(hActiveThread, UE_EDI);
return val & 0xFFFF;
}
if(scmp(string, "bp"))
{
uint val = GetContextDataEx(hActiveThread, UE_EBP);
duint val = GetContextDataEx(hActiveThread, UE_EBP);
return val & 0xFFFF;
}
if(scmp(string, "sp"))
{
uint val = GetContextDataEx(hActiveThread, UE_ESP);
duint val = GetContextDataEx(hActiveThread, UE_ESP);
return val & 0xFFFF;
}
if(scmp(string, "ip"))
{
uint val = GetContextDataEx(hActiveThread, UE_EIP);
duint val = GetContextDataEx(hActiveThread, UE_EIP);
return val & 0xFFFF;
}
@ -734,97 +734,97 @@ static uint getregister(int* size, const char* string)
*size = 1;
if(scmp(string, "ah"))
{
uint val = GetContextDataEx(hActiveThread, UE_EAX);
duint val = GetContextDataEx(hActiveThread, UE_EAX);
return (val >> 8) & 0xFF;
}
if(scmp(string, "al"))
{
uint val = GetContextDataEx(hActiveThread, UE_EAX);
duint val = GetContextDataEx(hActiveThread, UE_EAX);
return val & 0xFF;
}
if(scmp(string, "bh"))
{
uint val = GetContextDataEx(hActiveThread, UE_EBX);
duint val = GetContextDataEx(hActiveThread, UE_EBX);
return (val >> 8) & 0xFF;
}
if(scmp(string, "bl"))
{
uint val = GetContextDataEx(hActiveThread, UE_EBX);
duint val = GetContextDataEx(hActiveThread, UE_EBX);
return val & 0xFF;
}
if(scmp(string, "ch"))
{
uint val = GetContextDataEx(hActiveThread, UE_ECX);
duint val = GetContextDataEx(hActiveThread, UE_ECX);
return (val >> 8) & 0xFF;
}
if(scmp(string, "cl"))
{
uint val = GetContextDataEx(hActiveThread, UE_ECX);
duint val = GetContextDataEx(hActiveThread, UE_ECX);
return val & 0xFF;
}
if(scmp(string, "dh"))
{
uint val = GetContextDataEx(hActiveThread, UE_EDX);
duint val = GetContextDataEx(hActiveThread, UE_EDX);
return (val >> 8) & 0xFF;
}
if(scmp(string, "dl"))
{
uint val = GetContextDataEx(hActiveThread, UE_EDX);
duint val = GetContextDataEx(hActiveThread, UE_EDX);
return val & 0xFF;
}
if(scmp(string, "sih"))
{
uint val = GetContextDataEx(hActiveThread, UE_ESI);
duint val = GetContextDataEx(hActiveThread, UE_ESI);
return (val >> 8) & 0xFF;
}
if(scmp(string, "sil"))
{
uint val = GetContextDataEx(hActiveThread, UE_ESI);
duint val = GetContextDataEx(hActiveThread, UE_ESI);
return val & 0xFF;
}
if(scmp(string, "dih"))
{
uint val = GetContextDataEx(hActiveThread, UE_EDI);
duint val = GetContextDataEx(hActiveThread, UE_EDI);
return (val >> 8) & 0xFF;
}
if(scmp(string, "dil"))
{
uint val = GetContextDataEx(hActiveThread, UE_EDI);
duint val = GetContextDataEx(hActiveThread, UE_EDI);
return val & 0xFF;
}
if(scmp(string, "bph"))
{
uint val = GetContextDataEx(hActiveThread, UE_EBP);
duint val = GetContextDataEx(hActiveThread, UE_EBP);
return (val >> 8) & 0xFF;
}
if(scmp(string, "bpl"))
{
uint val = GetContextDataEx(hActiveThread, UE_EBP);
duint val = GetContextDataEx(hActiveThread, UE_EBP);
return val & 0xFF;
}
if(scmp(string, "sph"))
{
uint val = GetContextDataEx(hActiveThread, UE_ESP);
duint val = GetContextDataEx(hActiveThread, UE_ESP);
return (val >> 8) & 0xFF;
}
if(scmp(string, "spl"))
{
uint val = GetContextDataEx(hActiveThread, UE_ESP);
duint val = GetContextDataEx(hActiveThread, UE_ESP);
return val & 0xFF;
}
if(scmp(string, "iph"))
{
uint val = GetContextDataEx(hActiveThread, UE_EIP);
duint val = GetContextDataEx(hActiveThread, UE_EIP);
return (val >> 8) & 0xFF;
}
if(scmp(string, "ipl"))
{
uint val = GetContextDataEx(hActiveThread, UE_EIP);
duint val = GetContextDataEx(hActiveThread, UE_EIP);
return val & 0xFF;
}
if(size)
*size = sizeof(uint);
*size = sizeof(duint);
if(scmp(string, "dr0"))
{
return GetContextDataEx(hActiveThread, UE_DR0);
@ -1056,7 +1056,7 @@ static uint getregister(int* size, const char* string)
\param value The new register value.
\return true if the register was set, false otherwise.
*/
bool setregister(const char* string, uint value)
bool setregister(const char* string, duint value)
{
if(scmp(string, "eax"))
return SetContextDataEx(hActiveThread, UE_EAX, value & 0xFFFFFFFF);
@ -1264,13 +1264,13 @@ bool setregister(const char* string, uint value)
\brief Gets the address of an API from a name.
\param name The name of the API, see the command help for more information about valid constructions.
\param [out] value The address of the retrieved API. Cannot be null.
\param [out] value_size This function sets this value to the size of the address, sizeof(uint).
\param [out] value_size This function sets this value to the size of the address, sizeof(duint).
\param printall true to print all possible API values to the console.
\param silent true to have no console output. If true, the \p printall parameter is ignored.
\param [out] hexonly If set to true, the values should be printed in hex only. Usually this function sets it to true.
\return true if the API was found and a value retrieved, false otherwise.
*/
bool valapifromstring(const char* name, uint* value, int* value_size, bool printall, bool silent, bool* hexonly)
bool valapifromstring(const char* name, duint* value, int* value_size, bool printall, bool silent, bool* hexonly)
{
if(!value || !DbgIsDebugging())
return false;
@ -1305,7 +1305,7 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
apiname++;
if(!strlen(apiname))
return false;
uint modbase = ModBaseFromName(modname);
duint modbase = ModBaseFromName(modname);
wchar_t szModName[MAX_PATH] = L"";
if(!GetModuleFileNameExW(fdProcessInfo->hProcess, (HMODULE)modbase, szModName, MAX_PATH))
{
@ -1322,9 +1322,9 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
}
else
{
uint addr = noexports ? 0 : (uint)GetProcAddress(mod, apiname);
duint addr = noexports ? 0 : (duint)GetProcAddress(mod, apiname);
if(addr) //found exported function
addr = modbase + (addr - (uint)mod); //correct for loaded base
addr = modbase + (addr - (duint)mod); //correct for loaded base
else //not found
{
if(scmp(apiname, "base") || scmp(apiname, "imagebase") || scmp(apiname, "header")) //get loaded base
@ -1333,13 +1333,13 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
addr = modbase + GetPE32DataW(szModName, 0, UE_OEP);
else if(*apiname == '$') //RVA
{
uint rva;
duint rva;
if(valfromstring(apiname + 1, &rva))
addr = modbase + rva;
}
else if(*apiname == '#') //File Offset
{
uint offset;
duint offset;
if(valfromstring(apiname + 1, &offset))
addr = valfileoffsettova(modname, offset);
}
@ -1347,18 +1347,18 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
{
if(noexports) //get the exported functions with the '?' delimiter
{
addr = (uint)GetProcAddress(mod, apiname);
addr = (duint)GetProcAddress(mod, apiname);
if(addr) //found exported function
addr = modbase + (addr - (uint)mod); //correct for loaded base
addr = modbase + (addr - (duint)mod); //correct for loaded base
}
else
{
uint ordinal;
duint ordinal;
if(valfromstring(apiname, &ordinal))
{
addr = (uint)GetProcAddress(mod, (LPCSTR)(ordinal & 0xFFFF));
addr = (duint)GetProcAddress(mod, (LPCSTR)(ordinal & 0xFFFF));
if(addr) //found exported function
addr = modbase + (addr - (uint)mod); //correct for loaded base
addr = modbase + (addr - (duint)mod); //correct for loaded base
else if(!ordinal) //support for getting the image base using <modname>:0
addr = modbase;
}
@ -1369,7 +1369,7 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
if(addr) //found!
{
if(value_size)
*value_size = sizeof(uint);
*value_size = sizeof(duint);
if(hexonly)
*hexonly = true;
*value = addr;
@ -1382,10 +1382,10 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
int found = 0;
int kernel32 = -1;
DWORD cbNeeded = 0;
Memory<uint*> addrfound;
Memory<duint*> addrfound;
if(EnumProcessModules(fdProcessInfo->hProcess, 0, 0, &cbNeeded))
{
addrfound.realloc(cbNeeded * sizeof(uint), "valapifromstring:addrfound");
addrfound.realloc(cbNeeded * sizeof(duint), "valapifromstring:addrfound");
Memory<HMODULE*> hMods(cbNeeded * sizeof(HMODULE), "valapifromstring:hMods");
if(EnumProcessModules(fdProcessInfo->hProcess, hMods(), cbNeeded, &cbNeeded))
{
@ -1406,8 +1406,8 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
{
if(!_wcsicmp(szBaseName, L"kernel32.dll"))
kernel32 = found;
uint rva = funcAddress - (uint)hModule;
addrfound()[found] = (uint)hMods()[i] + rva;
duint rva = funcAddress - (duint)hModule;
addrfound()[found] = (duint)hMods()[i] + rva;
found++;
}
FreeLibrary(hModule);
@ -1420,7 +1420,7 @@ bool valapifromstring(const char* name, uint* value, int* value_size, bool print
if(!found)
return false;
if(value_size)
*value_size = sizeof(uint);
*value_size = sizeof(duint);
if(hexonly)
*hexonly = true;
if(kernel32 != -1) //prioritize kernel32 exports
@ -1498,7 +1498,7 @@ static bool ishexnumber(const char* string)
\param [out] hexonly This function can output if the output value should only be printed as hexadecimal (for example addresses). Can be null.
\return true if the expression was parsed successful, false otherwise.
*/
bool valfromstring_noexpr(const char* string, uint* value, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly)
bool valfromstring_noexpr(const char* string, duint* value, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly)
{
if(!value || !string)
return false;
@ -1534,7 +1534,7 @@ bool valfromstring_noexpr(const char* string, uint* value, bool silent, bool bas
newstring += string[i];
}
int read_size = sizeof(uint);
int read_size = sizeof(duint);
int add = 1;
if(string[1] == ':') //n:[ (number of bytes to read)
{
@ -1548,7 +1548,7 @@ bool valfromstring_noexpr(const char* string, uint* value, bool silent, bool bas
dprintf("noexpr failed on %s\n", newstring.c_str());
return false;
}
uint addr = *value;
duint addr = *value;
*value = 0;
if(!MemRead(addr, value, read_size))
{
@ -1593,7 +1593,7 @@ bool valfromstring_noexpr(const char* string, uint* value, bool silent, bool bas
*isvar = true;
return true;
}
uint eflags = GetContextDataEx(hActiveThread, UE_CFLAGS);
duint eflags = GetContextDataEx(hActiveThread, UE_CFLAGS);
if(valflagfromstring(eflags, string + 1))
*value = 1;
else
@ -1656,7 +1656,7 @@ bool valfromstring_noexpr(const char* string, uint* value, bool silent, bool bas
\param [out] hexonly This function can output if the output value should only be printed as hexadecimal (for example addresses). Can be null.
\return true if the expression was parsed successful, false otherwise.
*/
bool valfromstring(const char* string, uint* value, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly)
bool valfromstring(const char* string, duint* value, bool silent, bool baseonly, int* value_size, bool* isvar, bool* hexonly)
{
if(!value || !string)
return false;
@ -1666,7 +1666,7 @@ bool valfromstring(const char* string, uint* value, bool silent, bool baseonly,
return true;
}
ExpressionParser parser(string);
uint result;
duint result;
if(!parser.calculate(result, valuesignedcalc(), silent, baseonly, value_size, isvar, hexonly))
return false;
*value = result;
@ -1716,11 +1716,11 @@ static bool startsWith(const char* pre, const char* str)
\param string The name of the FPU value to set.
\param value The value to set.
*/
static void setfpuvalue(const char* string, uint value)
static void setfpuvalue(const char* string, duint value)
{
uint xorval = 0;
uint flags = 0;
uint flag = 0;
duint xorval = 0;
duint flags = 0;
duint flag = 0;
bool set = false;
if(value)
@ -1730,7 +1730,7 @@ static void setfpuvalue(const char* string, uint value)
{
if(StrNCmpI(string + STRLEN_USING_SIZEOF(MxCsr_PRE_FIELD_STRING), "RC", (int) strlen("RC")) == 0)
{
uint flags = GetContextDataEx(hActiveThread, UE_MXCSR);
duint flags = GetContextDataEx(hActiveThread, UE_MXCSR);
int i = 3;
i <<= 13;
flags &= ~i;
@ -1740,7 +1740,7 @@ static void setfpuvalue(const char* string, uint value)
}
else
{
uint flags = GetContextDataEx(hActiveThread, UE_MXCSR);
duint flags = GetContextDataEx(hActiveThread, UE_MXCSR);
flag = getmxcsrflagfromstring(string + STRLEN_USING_SIZEOF(MxCsr_PRE_FIELD_STRING));
if(flags & flag && !set)
xorval = flag;
@ -1778,7 +1778,7 @@ static void setfpuvalue(const char* string, uint value)
{
if(StrNCmpI(string + STRLEN_USING_SIZEOF(x87SW_PRE_FIELD_STRING), "TOP", (int) strlen("TOP")) == 0)
{
uint flags = GetContextDataEx(hActiveThread, UE_X87_STATUSWORD);
duint flags = GetContextDataEx(hActiveThread, UE_X87_STATUSWORD);
int i = 7;
i <<= 11;
flags &= ~i;
@ -1788,7 +1788,7 @@ static void setfpuvalue(const char* string, uint value)
}
else
{
uint flags = GetContextDataEx(hActiveThread, UE_X87_STATUSWORD);
duint flags = GetContextDataEx(hActiveThread, UE_X87_STATUSWORD);
flag = getx87statuswordflagfromstring(string + STRLEN_USING_SIZEOF(x87SW_PRE_FIELD_STRING));
if(flags & flag && !set)
xorval = flag;
@ -1801,7 +1801,7 @@ static void setfpuvalue(const char* string, uint value)
{
if(StrNCmpI(string + STRLEN_USING_SIZEOF(x87CW_PRE_FIELD_STRING), "RC", (int) strlen("RC")) == 0)
{
uint flags = GetContextDataEx(hActiveThread, UE_X87_CONTROLWORD);
duint flags = GetContextDataEx(hActiveThread, UE_X87_CONTROLWORD);
int i = 3;
i <<= 10;
flags &= ~i;
@ -1811,7 +1811,7 @@ static void setfpuvalue(const char* string, uint value)
}
else if(StrNCmpI(string + STRLEN_USING_SIZEOF(x87CW_PRE_FIELD_STRING), "PC", (int) strlen("PC")) == 0)
{
uint flags = GetContextDataEx(hActiveThread, UE_X87_CONTROLWORD);
duint flags = GetContextDataEx(hActiveThread, UE_X87_CONTROLWORD);
int i = 3;
i <<= 8;
flags &= ~i;
@ -1821,7 +1821,7 @@ static void setfpuvalue(const char* string, uint value)
}
else
{
uint flags = GetContextDataEx(hActiveThread, UE_X87_CONTROLWORD);
duint flags = GetContextDataEx(hActiveThread, UE_X87_CONTROLWORD);
flag = getx87controlwordflagfromstring(string + STRLEN_USING_SIZEOF(x87CW_PRE_FIELD_STRING));
if(flags & flag && !set)
xorval = flag;
@ -2104,7 +2104,7 @@ static void setfpuvalue(const char* string, uint value)
\param silent true to not have output to the console.
\return true if the value was set successfully, false otherwise.
*/
bool valtostring(const char* string, uint value, bool silent)
bool valtostring(const char* string, duint value, bool silent)
{
if(!*string)
return false;
@ -2137,7 +2137,7 @@ bool valtostring(const char* string, uint value, bool silent)
}
else
strcpy_s(newstring(), len * 2, string);
int read_size = sizeof(uint);
int read_size = sizeof(duint);
int add = 1;
if(newstring()[2] == ':' && isdigit((newstring()[1])))
{
@ -2146,12 +2146,12 @@ bool valtostring(const char* string, uint value, bool silent)
if(new_size < read_size)
read_size = new_size;
}
uint temp;
duint temp;
if(!valfromstring(newstring() + add, &temp, silent, false))
{
return false;
}
uint value_ = value;
duint value_ = value;
if(!MemPatch(temp, &value_, read_size))
{
if(!silent)
@ -2179,7 +2179,7 @@ bool valtostring(const char* string, uint value, bool silent)
DebugUpdateGui(GetContextDataEx(hActiveThread, UE_CIP), false); //update disassembly + register view
else if(strstr(regName(), "sp")) //update stack
{
uint csp = GetContextDataEx(hActiveThread, UE_CSP);
duint csp = GetContextDataEx(hActiveThread, UE_CSP);
GuiStackDumpAt(csp, csp);
GuiUpdateRegisterView();
}
@ -2223,7 +2223,7 @@ bool valtostring(const char* string, uint value, bool silent)
\param offset The file offset.
\return The VA of the file offset, 0 when there was a problem with the conversion.
*/
uint valfileoffsettova(const char* modname, uint offset)
duint valfileoffsettova(const char* modname, duint offset)
{
char modpath[MAX_PATH] = "";
if(ModPathFromName(modname, modpath, MAX_PATH))
@ -2249,7 +2249,7 @@ uint valfileoffsettova(const char* modname, uint offset)
\param va The virtual address (must be inside a module).
\return The file offset. 0 when there was a problem with the conversion.
*/
uint valvatofileoffset(uint va)
duint valvatofileoffset(duint va)
{
char modpath[MAX_PATH] = "";
if(ModPathFromAddr(va, modpath, MAX_PATH))

28
src/dbg/value.h
View File

@ -6,20 +6,20 @@
//functions
bool valuesignedcalc();
void valuesetsignedcalc(bool a);
bool valapifromstring(const char* name, uint* value, int* value_size, bool printall, bool silent, bool* hexonly);
bool valfromstring_noexpr(const char* string, uint* value, bool silent = true, bool baseonly = false, int* value_size = 0, bool* isvar = 0, bool* hexonly = 0);
bool valfromstring(const char* string, uint* value, bool silent = true, bool baseonly = false, int* value_size = 0, bool* isvar = 0, bool* hexonly = 0);
bool valflagfromstring(uint eflags, const char* string);
bool valtostring(const char* string, uint value, bool silent);
bool valmxcsrflagfromstring(uint mxcsrflags, const char* string);
bool valx87statuswordflagfromstring(uint statusword, const char* string);
bool valx87controlwordflagfromstring(uint controlword, const char* string);
unsigned short valmxcsrfieldfromstring(uint mxcsrflags, const char* string);
unsigned short valx87statuswordfieldfromstring(uint statusword, const char* string);
unsigned short valx87controlwordfieldfromstring(uint controlword, const char* string);
uint valfileoffsettova(const char* modname, uint offset);
uint valvatofileoffset(uint va);
bool setregister(const char* string, uint value);
bool valapifromstring(const char* name, duint* value, int* value_size, bool printall, bool silent, bool* hexonly);
bool valfromstring_noexpr(const char* string, duint* value, bool silent = true, bool baseonly = false, int* value_size = 0, bool* isvar = 0, bool* hexonly = 0);
bool valfromstring(const char* string, duint* value, bool silent = true, bool baseonly = false, int* value_size = 0, bool* isvar = 0, bool* hexonly = 0);
bool valflagfromstring(duint eflags, const char* string);
bool valtostring(const char* string, duint value, bool silent);
bool valmxcsrflagfromstring(duint mxcsrflags, const char* string);
bool valx87statuswordflagfromstring(duint statusword, const char* string);
bool valx87controlwordflagfromstring(duint controlword, const char* string);
unsigned short valmxcsrfieldfromstring(duint mxcsrflags, const char* string);
unsigned short valx87statuswordfieldfromstring(duint statusword, const char* string);
unsigned short valx87controlwordfieldfromstring(duint controlword, const char* string);
duint valfileoffsettova(const char* modname, duint offset);
duint valvatofileoffset(duint va);
bool setregister(const char* string, duint value);
bool setflag(const char* string, bool set);
#endif // _VALUE_H

10
src/dbg/variable.cpp
View File

@ -112,7 +112,7 @@ void varfree()
\param Type The variable type.
\return true if the new variables was created and set successfully, false otherwise.
*/
bool varnew(const char* Name, uint Value, VAR_TYPE Type)
bool varnew(const char* Name, duint Value, VAR_TYPE Type)
{
if(!Name)
return false;
@ -137,7 +137,7 @@ bool varnew(const char* Name, uint Value, VAR_TYPE Type)
if(i)
var.alias = firstName;
var.type = Type;
var.value.size = sizeof(uint);
var.value.size = sizeof(duint);
var.value.type = VAR_UINT;
var.value.u.value = Value;
variables.insert(std::make_pair(name_, var));
@ -188,7 +188,7 @@ bool varget(const char* Name, VAR_VALUE* Value, int* Size, VAR_TYPE* Type)
\param [out] Type This function can get the variable type. If this value is null, it is ignored.
\return true if the variable was found and the optional values were retrieved successfully, false otherwise.
*/
bool varget(const char* Name, uint* Value, int* Size, VAR_TYPE* Type)
bool varget(const char* Name, duint* Value, int* Size, VAR_TYPE* Type)
{
VAR_VALUE varvalue;
int varsize;
@ -235,11 +235,11 @@ bool varget(const char* Name, char* String, int* Size, VAR_TYPE* Type)
\param ReadOnly true to set read-only variables (like $hProcess etc.).
\return true if the variable was set successfully, false otherwise.
*/
bool varset(const char* Name, uint Value, bool ReadOnly)
bool varset(const char* Name, duint Value, bool ReadOnly)
{
// Insert variable as an unsigned integer
VAR_VALUE varValue;
varValue.size = sizeof(uint);
varValue.size = sizeof(duint);
varValue.type = VAR_UINT;
varValue.u.value = Value;

8
src/dbg/variable.h
View File

@ -23,7 +23,7 @@ struct VAR_VALUE
{
union
{
uint value;
duint value;
std::vector<unsigned char>* data;
} u;
VAR_VALUE_TYPE type;
@ -51,11 +51,11 @@ void varsetvalue(VAR* Var, VAR_VALUE* Value);
bool varset(const char* Name, VAR_VALUE* Value, bool ReadOnly);
void varinit();
void varfree();
bool varnew(const char* Name, uint Value, VAR_TYPE Type);
bool varnew(const char* Name, duint Value, VAR_TYPE Type);
bool varget(const char* Name, VAR_VALUE* Value, int* Size, VAR_TYPE* Type);
bool varget(const char* Name, uint* Value, int* Size, VAR_TYPE* Type);
bool varget(const char* Name, duint* Value, int* Size, VAR_TYPE* Type);
bool varget(const char* Name, char* String, int* Size, VAR_TYPE* Type);
bool varset(const char* Name, uint Value, bool ReadOnly);
bool varset(const char* Name, duint Value, bool ReadOnly);
bool varset(const char* Name, const char* Value, bool ReadOnly);
bool vardel(const char* Name, bool DelSystem);
bool vargettype(const char* Name, VAR_TYPE* Type = nullptr, VAR_VALUE_TYPE* ValueType = nullptr);

2
src/dbg/x64_dbg.cpp
View File

@ -236,7 +236,7 @@ extern "C" DLL_EXPORT bool _dbg_dbgcmdexec(const char* cmd)
int len = (int)strlen(cmd);
char* newcmd = (char*)emalloc((len + 1) * sizeof(char), "_dbg_dbgcmdexec:newcmd");
strcpy_s(newcmd, len + 1, cmd);
return MsgSend(gMsgStack, 0, (uint)newcmd, 0);
return MsgSend(gMsgStack, 0, (duint)newcmd, 0);
}
static DWORD WINAPI DbgCommandLoopThread(void* a)

2
src/dbg/x64_dbg_dbg.vcxproj
View File

@ -47,7 +47,6 @@
<ClCompile Include="linearanalysis.cpp" />
<ClCompile Include="FunctionPass.cpp" />
<ClCompile Include="instruction.cpp" />
<ClCompile Include="Int3CoagulatorPass.cpp" />
<ClCompile Include="label.cpp" />
<ClCompile Include="LinearPass.cpp" />
<ClCompile Include="loop.cpp" />
@ -130,7 +129,6 @@
<ClInclude Include="FunctionPass.h" />
<ClInclude Include="handle.h" />
<ClInclude Include="instruction.h" />
<ClInclude Include="Int3CoagulatorPass.h" />
<ClInclude Include="jansson\jansson.h" />
<ClInclude Include="jansson\jansson_config.h" />
<ClInclude Include="jansson\jansson_x64dbg.h" />

6
src/dbg/x64_dbg_dbg.vcxproj.filters
View File

@ -245,9 +245,6 @@
<ClCompile Include="FunctionPass.cpp">
<Filter>Source Files\Analysis</Filter>
</ClCompile>
<ClCompile Include="Int3CoagulatorPass.cpp">
<Filter>Source Files\Analysis</Filter>
</ClCompile>
<ClCompile Include="analysis.cpp">
<Filter>Source Files\Analysis</Filter>
</ClCompile>
@ -607,9 +604,6 @@
<ClInclude Include="FunctionPass.h">
<Filter>Header Files\Analysis</Filter>
</ClInclude>
<ClInclude Include="Int3CoagulatorPass.h">
<Filter>Header Files\Analysis</Filter>
</ClInclude>
<ClInclude Include="analysis.h">
<Filter>Header Files\Analysis</Filter>
</ClInclude>

30
src/types.h Normal file
View File

@ -0,0 +1,30 @@
#pragma once
/***************************************************************/
//
// This file declares common types to be used
// throughout the project. Originally duint, int_t,
// or size_t were used to represent pointers and addresses.
//
// The purpose is to use a single type as the representation.
//
/***************************************************************/
#undef COMPILE_64
#undef COMPILE_32
#ifdef _WIN64
#define COMPILE_64 1 // Program is being compiled as 64-bit
#else
#define COMPILE_32 1 // Program is being compiled as 32-bit
#endif // _WIN64
//
// Define types
//
#ifdef COMPILE_64
typedef unsigned long long duint;
typedef signed long long dsint;
#else
typedef unsigned long __w64 duint;
typedef signed long __w64 dsint;
#endif // COMPILE_64