Duncan Ogilvie
d50675ca02
DBG: fix some edge cases with page protections in the memory map
2019-08-23 00:48:20 +02:00
Duncan Ogilvie
2c37afcc9e
DBG: truncate copy data in DISASM_INSTR
...
closes #2028
2019-08-23 00:48:19 +02:00
Duncan Ogilvie
d6b27324f4
DBG: fix bugfix
...
closes #2206
2019-08-22 17:50:30 +02:00
Duncan Ogilvie
bbc93a9426
DBG: improve symbol handling
2019-08-22 17:21:37 +02:00
Duncan Ogilvie
c6e3441819
GUI: don't follow patch in disasm and dump when toggling
2019-08-22 11:33:04 +02:00
Duncan Ogilvie
7212e853fb
DBG: better heuristics for detecting the debuggee did not terminate after 10 seconds
2019-08-19 15:39:13 +02:00
Duncan Ogilvie
8a07bd2d7e
DBG+GUI: implement auto completion for exports in goto dialog
...
closes #1987
2019-08-17 17:38:58 +02:00
Duncan Ogilvie
593b5f1752
DBG: fix out of bounds access in valapifromstring
...
closes #2190
2019-08-17 16:30:23 +02:00
Duncan Ogilvie
de2d930d8f
DBG+GUI: add transparent exception stepping option
2019-08-17 12:19:08 +02:00
3bad6cb6dc
GUI: Added Implemented color (orange/cyan) directional differentiation for sidebar jumps.
...
Existing configurations will use their color for forwards, and orange for backwards.
2019-08-11 10:33:31 +02:00
Duncan Ogilvie
60e1dff147
DBG: fix signature verification for PDB v2.0 and improve symbol log
...
closes #2193
2019-08-09 20:55:59 +02:00
Duncan Ogilvie
f57d69f91e
GUI: add a timer to SearchListView to properly deal with millions of entries
2019-07-02 15:57:21 +02:00
Duncan Ogilvie
ab9f2d2f80
GUI: fixed some minor undefined behavior
2019-07-02 14:56:05 +02:00
Duncan Ogilvie
021ea4f743
GUI: properly encapsulate mSearchBox in SearchListView
2019-07-02 14:55:01 +02:00
Duncan Ogilvie
bf413de6de
GUI: better sorting behavior in the HandlesView
...
closes #2195
2019-06-26 20:25:47 +02:00
Duncan Ogilvie
d17852b63b
DBG: fix a weird bug where dll breakpoints could not be deleted in certain cases
2019-06-25 21:17:45 +02:00
Duncan Ogilvie
0b7d840b60
DBG+BRIDGE+GUI: fix bugs and add Graph+Memory Map+Symbol Module plugin menus
2019-06-22 16:44:45 +02:00
Duncan Ogilvie
fc9f9a52fd
BRIDGE+GUI: GuiExecuteOnGuiThreadEx
2019-06-22 15:05:59 +02:00
Duncan Ogilvie
3dc120d623
GUI: refactor BridgeResult and fix a bunch of bugs in the process
2019-06-22 13:29:27 +02:00
Duncan Ogilvie
c345647e85
DBG: allow plugstop to indicate FreeLibrary should not be called
2019-06-22 13:22:58 +02:00
Duncan Ogilvie
7114c71fe3
DBG: trim debug strings before showing them
2019-06-22 13:22:29 +02:00
Duncan Ogilvie
3c5a1ad13a
DBG: fix _plugin_menuentrysetvisible
2019-06-21 16:39:03 +02:00
Duncan Ogilvie
17d8f8ea45
GUI: remove snowman
2019-06-21 16:38:12 +02:00
Duncan Ogilvie
bb2a369ce8
DBG: add colors and column to indicate symbol load status
...
closes #2185
2019-06-19 00:12:43 +02:00
Duncan Ogilvie
cc30f105de
DBG: implement DbgFunctions()->ModSymbolStatus
2019-06-19 00:12:43 +02:00
Duncan Ogilvie
80d84e7108
DBG: implement symunload command
2019-06-19 00:12:38 +02:00
Duncan Ogilvie
d969087bed
GUI: refactor StdSearchListView to allow passing a custom StdTableSearchList
2019-06-19 00:12:32 +02:00
Duncan Ogilvie
34318e3f7e
GUI: introduce AbstractTableView::getCellColor
2019-06-19 00:12:32 +02:00
Duncan Ogilvie
728f0eaa8d
DBG: fix various issues pointed out by Visual Studio code analysis
2019-06-19 00:12:31 +02:00
Duncan Ogilvie
d62f7f431c
disable warnings for dbghelp.h
2019-06-19 00:12:31 +02:00
32c8e33c64
Removed backtab key substitution
...
Fixing issue #2176
2019-06-16 14:03:25 +02:00
Duncan Ogilvie
0a77a1cb00
DBG: add expression functions for exception information
2019-06-13 13:17:15 +02:00
Duncan Ogilvie
1e075142a5
DBG: add symload command to manually load a PDB
2019-06-12 16:51:19 +02:00
Duncan Ogilvie
4ce5b0baec
Fix other minor things
2019-05-19 18:09:34 +02:00
23968f11d9
Iterating QMap with ranged for. Inlined renderShortcuts. Save button now has default focus
...
Using ranged for instead of iterators.
Inlined renderShortcuts since it was used only once
Adjusted layout of shortcuts Ui
2019-05-19 18:09:34 +02:00
59ddfa63a8
Added action filter box
...
Added shortcut copyline
Added shortcut binding for copyline
2019-05-19 18:09:34 +02:00
72d76bb9bc
Add GetExports and GetImports to the module scripting API.
2019-05-09 20:46:13 +02:00
4273fce56e
Fix export name is not parsed correctly
2019-05-09 20:45:04 +02:00
Duncan Ogilvie
dcbe4e17c9
GUI: save script type when restarting
2019-05-02 15:29:18 +02:00
Duncan Ogilvie
b244c8177f
DBG: removed sortedlru
...
closes #2124
2019-04-30 15:27:47 +02:00
Duncan Ogilvie
c664ad1b4a
DBG: add dis.iscallsystem expression function
2019-04-30 15:05:36 +02:00
Duncan Ogilvie
2cbafa369d
DBG: add mod.isexport expression function
2019-04-30 15:05:36 +02:00
Duncan Ogilvie
4c08468c46
GUI: update the source view if the disassembly updates
2019-04-29 01:43:21 +02:00
Duncan Ogilvie
1c023053ca
GUI: rename repaintGui signal to updateDisassembly
2019-04-29 01:43:21 +02:00
36741fdaf8
Fix ThreadGetSuspendCount if the suspend count limit is reached
...
Use a better method of querying the suspend count on Windows >= 8.1 that doesn't involve suspending and resuming
2019-04-28 21:24:59 +02:00
1874da8657
Fix export name parsing
2019-04-28 16:40:21 +02:00
Duncan Ogilvie
425a531535
DBG: fix use after free derp
...
closes #2149
2019-04-22 11:45:38 +02:00
ed5d085fa3
Fix compilation in VS2019
2019-04-17 19:34:00 +02:00
Duncan Ogilvie
1d9df16898
DBG: fix missing module name in symbol log and implement source mapping
2019-04-17 19:30:59 +02:00
Duncan Ogilvie
d13b2eefe1
GUI: better handling of xbegin tokenizing
2019-04-17 18:10:19 +02:00
Duncan Ogilvie
6bc16f8bac
PROJECT: remove and ignore vcxproj.user files
2019-04-12 17:51:56 +02:00
Duncan Ogilvie
51f53ee886
GUI: implement all the missing SourceView features from before
2019-04-12 17:50:38 +02:00
Duncan Ogilvie
4af8ff6174
DBG: (performance) improvements to SymbolSourceDIA
2019-04-12 16:51:37 +02:00
Duncan Ogilvie
9b602ee27b
GUI: setup copy menu for SourceView
2019-04-09 15:51:46 +02:00
Duncan Ogilvie
2a3bc1d667
GUI: implement \t correctly in SourceView
2019-04-09 15:51:46 +02:00
Duncan Ogilvie
deef25ba42
GUI: implement follow in disassembler + go to line in SourceView
2019-04-09 15:51:45 +02:00
Duncan Ogilvie
61020f7701
GUI: rewrite SourceView to work on 2gb+ files
2019-04-09 15:51:45 +02:00
Duncan Ogilvie
b67b5ebb23
GUI: improve TraceFileSearch (now also searches r8-r15 on x64)
2019-04-09 15:51:45 +02:00
Duncan Ogilvie
3b8469ba55
DBG: print rex info in Zydis command
2019-04-09 15:47:22 +02:00
Duncan Ogilvie
386e242645
DBG+GUI: removed yara
2019-04-06 13:18:16 +02:00
Duncan Ogilvie
7d727d014d
GUI: remove entropy view
2019-04-06 13:18:10 +02:00
Duncan Ogilvie
41978f961c
DBG: show full command line near 'Process Started' log entry
2019-04-06 12:40:51 +02:00
Duncan Ogilvie
ee411b0c30
DBG: some more improvements to safely reading the PE info
2019-04-06 12:40:50 +02:00
6f60175506
Fix a minor problem with trace browser ( #2138 )
2019-03-28 21:53:05 +08:00
f3e0a4e1e1
Scroll to keep selected register in view
2019-03-22 12:54:03 +01:00
21d03ce395
Clean up control flow of arrow key logic
2019-03-22 12:54:03 +01:00
8253a842e4
Add arrow key movements for x64 registers
2019-03-22 12:54:03 +01:00
54bd25be73
Add arrow key movements for remaining FPU registers
2019-03-22 12:54:03 +01:00
9d1c72fd4b
Arrow key movements for middle group of FPU registers
2019-03-22 12:54:03 +01:00
c669c3491f
Add arrow key movements for first set of FPU registers
2019-03-22 12:54:03 +01:00
115b90db35
Add arrow movements for rest of non-FPU registers
2019-03-22 12:54:03 +01:00
2815ca25b0
Add arrow key movements for flag registers
2019-03-22 12:54:03 +01:00
02129b5942
Account for up/down keys in register view
2019-03-22 12:54:03 +01:00
39880b1892
Add ability to move between general purpose registers with arrow keys
2019-03-22 12:54:03 +01:00
e68720777d
Add struct and map for relative register positions
2019-03-22 12:54:03 +01:00
6e18613e37
DBG: ReadExportDirectory: put upper bound on the number of imports
2019-03-17 19:46:33 +01:00
e38adf1265
DBG: AddressOfNameOrdinals is WORD[], not DWORD[]
2019-03-17 19:46:33 +01:00
c54c96816e
DBG: ReadExportDirectory: do bounds checks on all export dir entries before indexing into arrays
...
Fixes #2105 (second case/malware sample)
2019-03-17 19:46:33 +01:00
e36779d7a4
DBG: more robust validation of PE directory sizes
2019-03-17 19:46:33 +01:00
c325ccd2cd
Graph breakpoints fix ( #2137 )
...
* graph breakpoints fix
* removed "beta"
2019-03-07 21:59:07 +01:00
62c6d40725
zoom overview fix
2019-03-05 23:03:45 +01:00
435b208427
Fix filename bug in patch menu
2019-03-05 23:01:11 +01:00
Duncan Ogilvie
7d53b1ae08
DBG: fix potential crashes in GetModuleInfo
2019-01-20 22:41:26 +01:00
Duncan Ogilvie
661360bc68
GUI: fix duplicate &p in PatchDialog
2019-01-20 20:45:58 +01:00
Duncan Ogilvie
9f5ce5041d
DBG: fix a mistake in MemUpdateMap
...
closes #2101
2019-01-20 20:45:47 +01:00
Duncan Ogilvie
85e96353cb
DBG+BRIDGE+GUI: put in the title whether x64dbg is elevated or not
2019-01-20 20:43:39 +01:00
Duncan Ogilvie
223ea586bb
DBG: add some more helpful format functions
...
ascii, ansi, utf8, utf16, disasm, modname
2019-01-10 23:54:31 +01:00
Duncan Ogilvie
d04288cbc1
DBG: improve performance of MemoryMapUpdate
2019-01-10 23:45:24 +01:00
Duncan Ogilvie
e5e96f7cbb
DBG: analyze all xrefs in the module with XrefsAnalysis
2019-01-10 23:44:51 +01:00
Duncan Ogilvie
cc15cdec9f
DBG: correctly handle executables with entry points inside the MZ header
...
closes #1994
2019-01-10 23:44:07 +01:00
Duncan Ogilvie
f1fbfd98b3
DBG: don't use CreateProcessInfo->lpStartAddress because it is broken
...
closes #2099
2019-01-10 23:43:05 +01:00
Duncan Ogilvie
98d38d94cb
GUI: fix warnings in DisassemblerGraphView
2018-12-28 16:58:14 +01:00
Duncan Ogilvie
8cf227624f
GUI: fix qword memory operand info in x32dbg
2018-12-28 16:56:47 +01:00
e5c838c276
opcode grouping in trace view
2018-11-27 12:14:07 +01:00
24e71e86ee
fix graph reopen bug ( #2083 )
2018-11-27 12:11:31 +01:00
Duncan Ogilvie
688e2ccc04
DBG+GUI: AStyle
2018-11-18 15:50:13 +01:00
Duncan Ogilvie
418541e46e
DBG: improve the skipInt3Stepping feature to work for long int3 instructions
2018-11-18 15:49:43 +01:00
Duncan Ogilvie
49f5780935
GUI: only show logging enabled/disabled in status bar
2018-11-18 15:29:10 +01:00
edbaedb47b
Graph zoom mode feature ( #2068 )
...
Graph zoom mode feature
2018-11-18 15:21:32 +01:00
1e9bf1ab7c
DBG: Fix mapped area overrun in ReadDebugDirectory for bogus debugDirSize
2018-11-18 15:20:38 +01:00
0adb663a91
Fixed Symbol::GetList() for symbols without undecorated name
...
* Such symbols have "" instead of nullptr in SYMBOLINFO.undecoratedSymbol
* This fix greatly improves Snowman's decompiled results, example: comctl32!ListBox_SetCurSelHandler
2018-11-13 12:10:36 +01:00
836a544287
Run "AStyleWhore"
2018-11-13 10:01:22 +08:00
5162450ff3
Fix yara crash when used with a single argument
2018-11-04 23:14:31 +01:00
50580782e2
GUI: fix merge error in Disassembly.cpp
2018-11-04 23:14:04 +01:00
806e09671c
Remove Zydis-Capstone diff logic comment block
2018-11-04 23:14:04 +01:00
4ae573d620
Remove capstone references from zydis_wrapper
2018-11-04 23:14:04 +01:00
a3b5812908
GUI: rename CapstoneTokenizer to ZydisTokenizer
2018-11-04 23:14:04 +01:00
c7107374d2
DBG: remove capstone references
2018-11-04 23:14:04 +01:00
eef5d07c30
GUI: fix negative zero floating point display ( #2058 )
...
* GUI: make StringUtil void* buffer functions const-correct
* GUI: add precision support to ToFloatString and ToDoubleString
* GUI: fix -0.0 float display by converting with STL instead of QString::number
2018-11-02 15:35:13 +00:00
de678aec21
Fixed incorrect error message when memory could not be allocated
2018-11-02 15:31:14 +00:00
60c54ea83a
Fixed incorrect comparator used in sorting xrefs
...
* With old comparator, items {1, 2} and {2, 1} were "less" then each other. This will cause them to sort randomly.
2018-11-02 15:29:34 +00:00
0c87d87fe6
DBG: fix getting raw int value for float typed watch points
2018-10-31 12:39:00 +01:00
e0052d6b2b
ZYDIS: Use ZydisOperandAction as an enum instead of a flag
2018-10-31 12:38:40 +01:00
0065f204a3
Add DLL ordinal to symbol table and fix symbol table comparator
2018-10-31 12:38:00 +01:00
5a4f15e9f5
DBG: add OptionalHeader.AddressOfEntryPoint to the displayed symbols
2018-10-31 12:37:48 +01:00
Duncan Ogilvie
fba7af6bcd
Merge branch 'torusrxxx-patch00000092' into development
2018-10-29 13:38:56 +01:00
Duncan Ogilvie
744ccc5305
GUI: change bNoDisassemblyPopup to bDisassemblyPopupEnabled for clarity
2018-10-29 13:36:35 +01:00
d316405f11
Fixed uninitialized var with opcode grouping
2018-10-24 18:54:26 +08:00
25b154b2cf
Use Bridge clipboard funcs instead of QClipboard for status bar msg
2018-10-17 12:09:53 +08:00
Duncan Ogilvie
49fe03c643
GUI: remove pointless "to clipboard" part in RegistersView
2018-10-16 18:17:13 +02:00
Duncan Ogilvie
98e509bb78
GUI: fix really triggering misalignment of the comments column in TraceBrowser
2018-10-16 18:17:13 +02:00
be8dfaeeb4
Add clear log hotkey (Ctrl+L)
2018-10-16 18:15:59 +02:00
ba7915057d
Set FPU registers to one/zero
2018-10-16 18:15:01 +02:00
5669e13485
temporary
2018-10-16 18:15:01 +02:00
ae9bf8c49e
st(X) can be edited
2018-10-16 18:15:01 +02:00
f5395cb318
Added x87stX register names and menu action to switch ordering
2018-10-16 18:15:01 +02:00
8c6a9e5fed
remove some signal slots about SIMD display mode
2018-10-16 18:15:01 +02:00
788ecf240d
Use integer index for register names
2018-10-16 18:15:01 +02:00
9d585036b9
Don't use Qt wheel scrolling
2018-10-13 21:02:54 +08:00
64db2ce66b
No popups for some views
2018-10-13 17:13:00 +08:00
594319a654
Refactored old disassembly popup in CPUDisassembly
2018-10-13 16:56:19 +08:00
707cd444ae
Moved disassembly popup to AbstractTableView and added its support in StdTable
2018-10-13 16:36:05 +08:00
753ecd3ba5
FIXED: uninitialized variable was used for height calculation and caused negative height value (registers view)
2018-10-12 22:47:20 +02:00
6705ce1af3
Disassembly popup in references
2018-10-12 23:09:36 +08:00
cf1498786c
Merge branch 'development' into patch00000092
2018-10-12 20:50:28 +08:00
28211215e7
FIXED: setting up the auto-follow context menu entry
2018-10-11 14:23:45 +00:00
94fcc52734
support copy individual x87 registers
2018-10-10 15:53:22 +02:00
d149f6d794
Do not leave empty or corrupt PDBs in the store if a download failed. Fixes a crash in LoadDataFromIStream in MS DIA 14.15
2018-10-10 15:50:40 +02:00
a406a8e3df
GUI: Fix build for latest Qt
2018-10-10 15:50:22 +02:00
cf763adc18
CHANGED: renamed toggleAutoDisassemblyFollowSelectionSlot() to follow given convention
2018-10-10 15:48:39 +02:00
69db4494cd
ADDED: trace file can now auto-scroll the disassembly view to current selection
2018-10-10 15:48:39 +02:00
Duncan Ogilvie
da69e828ea
DBG: improve memory usage and performance with line numbers
2018-10-10 15:45:32 +02:00
Duncan Ogilvie
25a67b778e
DBG: fix buffer overflow and assert when tracing fxsave or invalid instructions
2018-10-10 15:44:37 +02:00
Duncan Ogilvie
22861d69e5
Add some analysis for exceptions containing FACILITY_VISUALCPP in exinfo
2018-10-10 15:44:37 +02:00
Duncan Ogilvie
b1188c3c04
DBG: fix crash in stackgetsuspectedcallstack when CSP is not pointing to valid memory
2018-10-10 15:44:37 +02:00
Duncan Ogilvie
521195eea9
DBG: small refactor for SymAutoComplete
2018-10-10 15:44:37 +02:00
Duncan Ogilvie
d7f1dadb52
DBG: exclude some invalid imports + give ordinal imports a name
2018-10-10 15:44:37 +02:00
Duncan Ogilvie
70cfec4094
DBG: add (undocumented) option to force load PDB
2018-10-10 15:44:37 +02:00
03f596c162
Stricter ordinal name check
2018-10-09 11:20:55 +08:00
Duncan Ogilvie
da913f7cdc
DBG: fix a possible crash in disasmget
2018-09-13 12:56:10 +02:00
Duncan Ogilvie
09fe1e379d
BRIDGE: fix incorrect message being sent in some GuiMenuXXX functions
...
closes #2027
2018-09-13 12:56:10 +02:00
Duncan Ogilvie
7aab39f8e1
Revert "DBG: do not step if there is an enable breakpoint at CIP"
...
This reverts commit 9804400df6
2018-09-02 00:53:05 +02:00
863f83df49
improve nop detection
2018-08-28 18:30:15 +02:00
d4ec06f6de
Fixed a crash when tracing into far jump
2018-08-21 17:04:36 +02:00
c29eba9d35
no errors anymore
2018-08-21 17:04:25 +02:00
b3b7ceef3e
Stop tracing when closing trace file
2018-08-21 17:04:25 +02:00
c5830e5c26
close and delete trace file
2018-08-21 17:04:25 +02:00
f6216e2102
Add ctrl/alt modifiers to dump
2018-08-12 18:44:50 +08:00
a4756fe804
slight changes of registers view key press event
2018-08-08 11:18:11 +08:00
ea3943cf0a
const functions
2018-08-07 20:57:24 +08:00
0baa39c207
Use keys to select in dump
2018-08-07 17:31:40 +08:00
Duncan Ogilvie
7526b7e482
DBG: update TitanEngine
2018-07-19 16:44:44 +02:00
Duncan Ogilvie
1d510d61db
DBG+GUI: update Zydis to fix a crash when disassembling certain instructions
2018-07-15 19:15:02 +02:00
Duncan Ogilvie
f042e81a28
LAUNCHER: clean up command line handling and allow the launcher as JIT debugger
2018-07-15 19:14:31 +02:00
Duncan Ogilvie
bbf2dc296a
LAUNCHER: fix a bug in forwarding of the command line parameters
...
closes #1918
2018-07-15 19:13:45 +02:00
Duncan Ogilvie
62b6be97e0
DBG: allow the "-p PID -e EVENT" command line for JIT debugging
2018-07-15 19:11:52 +02:00
Duncan Ogilvie
681eb3e2c8
GUI: fix a crash in the CPUSideBar
2018-07-14 20:48:02 +02:00
d09e89687a
Allow folding a function when first instruction is selected. Add code fold box tooltip.
2018-07-05 02:44:14 +02:00
91924de32f
Really copy bytes HTML
2018-07-05 02:44:14 +02:00
8ab605b7f6
Input NaN & Inf into FPU registers
2018-07-05 02:44:14 +02:00
Duncan Ogilvie
fa82c80c51
DBG: temporary fix for AutoPatchExporter
2018-07-05 02:41:18 +02:00
Duncan Ogilvie
bcb1df389c
DBG: include DIA in deps
2018-07-05 02:41:09 +02:00
Duncan Ogilvie
d7eac4598d
DBG: better error messages in PDBDiaFile::open
2018-07-05 02:39:58 +02:00
Duncan Ogilvie
144dbd4c2f
DBG: undecorate import/export names
2018-07-04 17:12:37 +02:00
Duncan Ogilvie
9804400df6
DBG: do not step if there is an enable breakpoint at CIP
...
closes #1721
2018-07-01 19:28:08 +02:00
Duncan Ogilvie
7bde267620
GUI: allow collapsing the side bar
2018-07-01 19:28:07 +02:00
Duncan Ogilvie
e5467cf966
DBG: correctly update module list when changing module type
2018-07-01 19:28:07 +02:00
Duncan Ogilvie
0c8956f480
DBG+GUI: disable source debugging per default
2018-07-01 19:28:07 +02:00
Duncan Ogilvie
32b400b834
GUI: correctly show address column in search list view
2018-07-01 19:28:07 +02:00
Duncan Ogilvie
8c169ae2ed
DBG+BRIDGE+GUI: fix source loading
2018-07-01 19:28:06 +02:00
Duncan Ogilvie
b63402066b
DBG: implement findSourceLineInfo by fileName + line in symbol source
2018-07-01 19:28:06 +02:00
Duncan Ogilvie
47d6efb59e
DBG: do not fully escape debug strings
2018-07-01 19:28:06 +02:00
Duncan Ogilvie
b8ae4b1496
DBG: invalidate symbol source when MODINFO is destroyed
2018-07-01 19:28:06 +02:00
Duncan Ogilvie
d70ed83a72
DBG: fix a bug in getLabel where jmp [MessageBoxA] would not be recognized correctly
2018-07-01 19:28:06 +02:00
Duncan Ogilvie
df31f0da45
DBG: change symbol load order + add debuggee.pdb to the search list
2018-07-01 19:28:05 +02:00
Duncan Ogilvie
4098dc8fb2
DBG: finally fix the handle leak in PDBDiaFile
2018-07-01 19:28:05 +02:00
Duncan Ogilvie
34279ebf08
GUI: fix performance bottleneck with Qt signals
2018-07-01 19:28:04 +02:00
Duncan Ogilvie
8af904fad6
DBG: fix assert in debug mode on pluginunloadall
2018-07-01 19:28:04 +02:00
Duncan Ogilvie
0bf7bd10ef
GUI: fix ReferenceView signals not being called correctly
2018-07-01 19:28:04 +02:00
Duncan Ogilvie
9e68ea3900
DBG: only store file hash in database if there is other data as well
2018-07-01 19:28:03 +02:00
Duncan Ogilvie
7d1afa0940
DBG+GUI: change layout of window title to be more helpful in the task bar
2018-07-01 19:28:03 +02:00
Duncan Ogilvie
05378fabb2
GUI: add copy header VA to disassembly menu
2018-07-01 19:28:03 +02:00
Duncan Ogilvie
2665df4eb3
DBG: added mod.headerva expression function
2018-07-01 19:28:03 +02:00
Duncan Ogilvie
87c3238de8
DBG (WIP): set up DIA file stream for profiling of a handle leak
2018-07-01 19:28:03 +02:00
Duncan Ogilvie
408b6eeff9
GUI: don't filter symbol list when not necessary
2018-07-01 19:28:02 +02:00
Duncan Ogilvie
62cd2bb915
BRIDGE: fix truncation crash in DbgGetLabelAt
2018-07-01 19:28:02 +02:00
Duncan Ogilvie
d79586d02b
DBG: fix a crash in the Cleanup in downslib
2018-07-01 19:28:02 +02:00
Duncan Ogilvie
70b3149599
WIP: new symbol gui mostly working
2018-07-01 19:28:02 +02:00
0bb2efcb2c
Improve performance and crash resistance when loading PE files containing 1000 or more sections. Tested on https://github.com/corkami/pocs/blob/master/PE/bin/65535sects.exe . Technically performance was already very good, but that was only due to crashing instantly
2018-07-01 19:28:01 +02:00
f515484790
ReadBaseRelocationTable() refactor. Is it better now? Dunno really. This method may be slightly easier to use with both SEC_COMMIT and SEC_IMAGE mappings in the future if needed, but in the end they pretty much do the same thing. At least some more TitanEngine calls were killed off so that's something I suppose
...
Replaced dark and brooding "..."s in error messages with exclamation marks to better emphasise that this stuff is serious
2018-07-01 19:28:01 +02:00
1f485f313e
DBG: more robust debug directory parsing. Validate the RVA, type and size bounds for each debug directory entry, and do not stop after the one unrecognised (non-CV) entry
...
Protect against PDB paths that do not have a null terminator in the PE codeview info
2018-07-01 19:28:01 +02:00
Duncan Ogilvie
14da6c4448
DBG: clean up downslib
2018-07-01 19:28:00 +02:00
6df9535ba4
Rewrite ReadTlsCallbacks() to use RtlImageDirectoryEntryToData and remove all TitanEngine calls. Also fix an anti-debug trick I found by accident: it is possible to have working TLS callbacks with a TLS directory size of 0. The loader does not check this field and always executes callbacks if they exist
2018-07-01 19:28:00 +02:00
28c03967c7
RvaToVa(): use SizeOfRawData instead of VirtualSize as the upper bound on section RVAs. This matches the behaviour of RtlImageRvaToSection for SEC_COMMIT mappings
2018-07-01 19:28:00 +02:00
a4638d2ea9
DBG: misc. changes and fixes in SymbolSourceDIA:
...
- Rename SetThreadDescription to SetWin10ThreadDescription, to clarify that this function isn't actually useful to anyone. (ha ha, OK... but seriously, the same name is also used by the Windows SDK which apparently takes precedence and gets added as a static import, making it impossible to start the debugger on OSes other than Windows 10)
- Thread names are a good idea and they even kind of work on older Windows versions with NtQueryInformationThread(ThreadQuerySetWin32StartAddress), which is what e.g. Process Explorer and Process Hacker use. What *doesn't* work so well is lambdas. Added static functions SymbolsThread() and SourceLinesThread() to replace these. (before: x64dbg.dll!<lambda_fc00d3fb731b14a9b4857ac068d657c4>::<lambda_invoker_cdecl>. after: x64dbg.dll!SymbolSourceDIA::SymbolsThread). These should probably be file statics instead of class members, but they need access to private class functions
- GetModuleHandleA -> GetModuleHandleW. The former just calls the latter but with an extra string allocation and pointless unicode conversion
- Fix pedantic Clang warnings about member initialization order in ctor
- Qualify type name in call to virtual function in destructor, as this will be statically resolved and won't call any potential future implementations in derived classes (this can be further 'fixed' by making either the function or the class final so you'll get a compile time error if you try to do this later)
2018-07-01 19:28:00 +02:00
9b0f9b5c59
Add clarifying comment/TODO re: invalid RVAs to ReadExportDirectory(). Don't feed your .avi collection to this function just yet
2018-07-01 19:28:00 +02:00
a94c250c5d
[DBG] Rewrite ReadImportDirectory()
...
- Obtain the directory directly using RtlImageDirectoryEntryToData and ditch TitanEngine conversion helpers
- Use OFTs instead of FTs if possible, with FTs only as fallback
- Answer the pop quiz questions in comments re: ntdll loader behaviour and handle these cases appropriately
- Use THUNK_VAL() to obtain OFT/FT values independent of process and file bitness
- Always use ULONG64 for AddressOfData to be able to test for IMAGE_ORDINAL_FLAG64. Also return ULONG64 from RvaToVa(), and rva2offset too as a result of this. This makes these functions compatible with both 32 and 64 bit files regardless of process bitness. There shouldn't be any functional changes due to this, otherwise will revert/fix
- Require an import by name to have a non-null name in addition to not having the ordinal flag set. Otherwise treat it as an import by ordinal
- The ordinal value of an import by ordinal is obtained by (val & 0xffff), not (val &= ~ordinalFlag). The ordinal flag is now always removed to ensure the RVA is valid
- Give imports by ordinal a 'name' the same way dbghelp does, e.g. Ordinal57. Previously imports by ordinal were not being shown in the Symbols tab due to having no name. TODO: if we have the PDB for the file being imported from, we can overwrite or append the real function name later using the importee's export directory
- RvaToVa(): assert that RVA 0 always returns VA 0, because if this isn't the case something is seriously messed up
2018-07-01 19:27:59 +02:00
5ad21c69ee
- ReadDebugDirectory(): add about 20 years worth of missing debug directory type names
...
- symbolsourcedia.h: Add _global.h #include to prevent various macros like WINVER and _WIN32_WINNT from being redefined because Windows.h was indirectly included first
2018-07-01 19:27:59 +02:00
fc9285ed2e
[DBG] Work on modinfo improvements:
...
- Add ImageNtHeaders() (clone of RtlImageNtHeaderEx which doesn't exist on XP) to obtain PE headers given a VA
- Add HEADER_FIELD() and THUNK_VAL() macros to module.h to allow accessing header fields independent of process and file bitness
- Add IMAGE_NT_HEADERS pointer to MODINFO, since anything related to parsing PEs needs this struct
- Read PE headers in GetModuleInfo(). Currently the headers are being parsed every time a TitanEngine helper function is called, the goal is to reduce this to once per module load
- GetModuleInfo(): eliminate all TitanEngine calls now that we have the headers
- Add RvaToVa() for SEC_COMMIT mappings. This can simultaneously serve as replacement for rva2offset helpers (pass base = 0). Preferably SEC_IMAGE should be used though as that way neither of these would be needed
- ReadExportDirectory(): use RtlImageDirectoryEntryToData() to obtain a PIMAGE_EXPORT_DIRECTORY and its size in one go to eliminate TitanEngine helper calls and RVA to offset conversions
- Answer burning questions re: Windows loader behaviour when parsing exports in comments
- (Minor) fix '>= 0' comparison against unsigned as this will always evaluate to true
- Add comment re: PDB search path order since it's wrong atm but I'm too scared of breaking something if I change this code myself
2018-07-01 19:27:59 +02:00
Duncan Ogilvie
013cd1e5f7
DBG: dont copy MODINFO and MODIMPORT/MODEXPORT structures
2018-07-01 19:27:59 +02:00
Duncan Ogilvie
4e88b399fe
Update DIA to 14.13.26128.0 + XP support
2018-07-01 19:27:58 +02:00
Duncan Ogilvie
aa8a215895
DBG: use win32 threads instead of std::thread
2018-07-01 19:27:58 +02:00
72ccf42298
Fix too early stream deletion.
2018-07-01 19:27:58 +02:00
cad8aed97d
Refactor PDB data loading via IStream, explicit file access.
2018-07-01 19:27:58 +02:00
c8af1f9144
Use correct PDBDiaFile instance.
2018-07-01 19:27:57 +02:00
Duncan Ogilvie
45b49995f3
DBG: fall back to resolving modules exports when no symbol is found
2018-07-01 19:27:57 +02:00
Duncan Ogilvie
73a5ffebd9
DBG: use export/import data from modules instead of from memory
2018-07-01 19:27:57 +02:00
Duncan Ogilvie
476bc093bc
DBG: add export and import parsing routines in module.cpp
...
#580
2018-07-01 19:27:57 +02:00
Duncan Ogilvie
bee62fbbf0
DBG: add missing locks for ModInfoFromAddr
2018-07-01 19:27:56 +02:00
Duncan Ogilvie
a2c52260f7
DBG: remove unused imports field from MODINFO
2018-07-01 19:27:56 +02:00
Duncan Ogilvie
4fa1b9a2a1
DBG: fix a buffer overflow in the symbol autocomplete function
2018-07-01 19:27:56 +02:00
0cbf519e66
Fix undecorated name being uninitialized.
2018-07-01 19:27:56 +02:00
Duncan Ogilvie
d5ae04dce4
DBG: fully implement symdownload command without dbghelp usage
2018-07-01 19:27:56 +02:00
Duncan Ogilvie
ff11a39533
DBG: attempt to load symbols from multiple locations
2018-07-01 19:27:55 +02:00
Duncan Ogilvie
637815b63d
DBG: symdownload now works without dbghelp
2018-07-01 19:27:55 +02:00
Duncan Ogilvie
ba6ad4cefc
DBG: initial version of Wininet download library
2018-07-01 19:27:55 +02:00
Duncan Ogilvie
3ab836225f
DBG: remove some useless dbghelp calls
2018-07-01 19:27:55 +02:00
Duncan Ogilvie
66017a7442
DBG: refactor SymbolInfo to use VA instead of RVA
2018-07-01 19:27:54 +02:00
Duncan Ogilvie
ffc168f44d
DBG: rename SymbolSourcePDB to SymbolSourceDIA
2018-07-01 19:27:54 +02:00
Duncan Ogilvie
aec262b88a
GUI: remove unused ColumnCompare class from StdTable
2018-07-01 19:27:54 +02:00
Duncan Ogilvie
73b30ed49b
DBG: actually use findSymbolsByPrefix
2018-07-01 19:27:54 +02:00
Duncan Ogilvie
876abcdf10
DBG: change findSymbolsByPrefix to take a callback
2018-07-01 19:27:53 +02:00
Duncan Ogilvie
a6ccf69e5b
DBG: implement SymAddrFromName (untested on large symbols, working on small)
2018-07-01 19:27:53 +02:00
Duncan Ogilvie
550a1ff45a
DBG: correct PDB signature format
2018-07-01 19:27:53 +02:00
Duncan Ogilvie
2ce2470ea1
DBG: implement a much nicer data structure for SymbolSourcePDB
2018-07-01 19:27:53 +02:00
Duncan Ogilvie
c7d0f50207
DBG: initial implementation of name-sorted symbol storage
2018-07-01 19:27:52 +02:00
Duncan Ogilvie
eb9d55ac61
DBG: read debug directory on ModLoad
2018-07-01 19:27:52 +02:00
Duncan Ogilvie
caa5b6273f
DBG: implement DiaLoadCallback for loadDataForExe
2018-07-01 19:27:52 +02:00
Duncan Ogilvie
4fadd01ad4
DBG: move files in 'Symbols' folder
2018-07-01 19:27:52 +02:00
4a1327a896
Only print on load failure if its not missing.
2018-07-01 19:27:52 +02:00
Duncan Ogilvie
b07611387f
GUI: implement initial version of ZehSymbolTable
...
beware of race conditions, but it appears to kinda work
2018-07-01 19:27:51 +02:00
Duncan Ogilvie
f68b830069
GUI: fix some weird includes
2018-07-01 19:27:51 +02:00
Duncan Ogilvie
7c30c5993b
GUI: introduce an additional AbstractStdTable layer to prepare for the new symbol view
2018-07-01 19:27:51 +02:00
Duncan Ogilvie
83005bdcda
GUI: remove sorting related functionality from AbstractTableView
2018-07-01 19:27:50 +02:00
ae5bb70203
Fix resolving symbol size always returning true.
2018-07-01 19:27:50 +02:00
80ad0e7df1
Minor cleanup.
2018-07-01 19:27:50 +02:00
59d166ecf4
Refactor PDBDiaFile query.
2018-07-01 19:27:50 +02:00
Duncan Ogilvie
82774e2445
DBG: use undocumented __unDNameEx function to significantly speed up symbol loading
...
Before:
Loaded 313534 line infos in 47.406
Loaded 140366 symbols in 171.640
After:
Loaded 313534 line infos in 4.187
Loaded 140366 symbols in 9.391
2018-07-01 19:27:50 +02:00
Duncan Ogilvie
a9782ac6c6
DBG: Don't show pointless module size in ModLoad
2018-07-01 19:27:49 +02:00
Duncan Ogilvie
995153cfc0
DBG: fix some truncation issues
2018-07-01 19:27:49 +02:00
058c14d8bf
Make source file strings unique, reduces a lot of memory.
2018-07-01 19:27:49 +02:00
bd08f67f47
Load symbols and source line in parallel.
2018-07-01 19:27:49 +02:00
7c6bfcd2c6
Use enumerators Next instead of index, slight performance improvement.
2018-07-01 19:27:48 +02:00
97fa3c1408
Lock when trying to read source lines.
2018-07-01 19:27:48 +02:00
ae050ea4a1
Fix source lines displayed with disp.
2018-07-01 19:27:48 +02:00
cad369f7a5
Refactor DbgHelp source line query references to new symbol interface.
2018-07-01 19:27:48 +02:00
ac6ee608e4
Add source line queries into new symbol interface.
2018-07-01 19:27:48 +02:00
2604384853
Refactor source line queries in DIA interface.
2018-07-01 19:27:47 +02:00
b68c89a12e
Hide undecorated name if identical to decorated.
2018-07-01 19:27:47 +02:00
d6fd79346e
Prioritize private symbols over public.
2018-07-01 19:27:47 +02:00
e648e27346
Use spinlock instead of critical section.
...
Use proper thread termination on destructor.
2018-07-01 19:27:47 +02:00
a0c94caaf6
Cleanup DIA interface some more.
2018-07-01 19:27:46 +02:00
d35996883e
Implement unloading.
2018-07-01 19:27:46 +02:00
0ea92f26eb
Remove unused functions from DIA interface.
2018-07-01 19:27:46 +02:00
Duncan Ogilvie
1b94728118
DBG: buggy implementation of symbol enum
2018-07-01 19:27:46 +02:00
Duncan Ogilvie
03a609c954
lf to crlf
2018-07-01 19:27:45 +02:00
4e2f307052
Tabs to spaces
2018-07-01 19:27:45 +02:00
626695f233
Add PDB load cancellation.
2018-07-01 19:27:45 +02:00
01f0a824ab
Fix marking symbol with wrong type.
2018-07-01 19:27:45 +02:00
b176fb7e46
Initial for async symbol loading.
2018-07-01 19:27:44 +02:00
3a3afa3744
Remove unused DbgHelp loading.
2018-07-01 19:27:44 +02:00
bd173bf01e
Refactor symbol loading/query to use a common interface.
2018-07-01 19:27:44 +02:00
121486a137
Initial implementation of LRU.
...
Initial implementation of MSDIA.
2018-07-01 19:27:44 +02:00
Duncan Ogilvie
607c5a94e6
GUI: refactor formatOpcodeString + fix underline of relocations
2018-07-01 19:04:38 +02:00
Duncan Ogilvie
67e095efb5
GUI: don't add same thing to the history twice
2018-07-01 19:04:38 +02:00
Duncan Ogilvie
95cacb3732
DBG: add information to Zydis command
2018-07-01 19:04:38 +02:00
Duncan Ogilvie
d24d045105
ZYDIS: fix uninitialized variable in BytesGroup function
2018-07-01 19:04:38 +02:00
Duncan Ogilvie
3a2ce72dd2
rename curByte1 to curByte
2018-07-01 19:04:38 +02:00
Duncan Ogilvie
c46dc0aaca
fix crash in formatOpcodeString
2018-07-01 19:04:38 +02:00
40c00a4d01
fixed relocations
2018-07-01 19:04:38 +02:00
4cbf8ac7f1
Restore old code for patch&relocation
2018-07-01 19:04:38 +02:00
606d3cec2e
Added patches and relocations
2018-07-01 19:04:38 +02:00
6c472a34e4
fixed problem with immediates
2018-07-01 19:04:38 +02:00
712bd6f78a
test
2018-07-01 19:04:38 +02:00
58825d4522
Edit inactive breakpoint
2018-06-19 18:51:36 +02:00
c2f999c6ea
Delete inactive breakpoint in Breakpoints View
2018-06-19 18:51:36 +02:00
3b5d9eeb86
temporary
2018-06-19 18:51:36 +02:00
380df7ba2e
minor parsing bug
2018-06-19 18:51:36 +02:00
ddbeeefab4
Special format to find an inactive breakpoint to edit it.
2018-06-19 18:51:36 +02:00
b59798db6f
minor enhancements about SymbolView&breakpointcpp&SearchListView
2018-06-19 18:51:36 +02:00
Duncan Ogilvie
12e9127799
DBG: support for an edge case in HandlesGetName where the process itself doesn't have query access
2018-06-19 18:30:13 +02:00
f8c67ef2ab
show PID or TID in handles view
2018-06-19 18:30:13 +02:00
Duncan Ogilvie
f5fa7de918
DBG: better message in _dbg_animatecommand
2018-06-11 03:13:25 +02:00
0ab417f5b4
Animation help; Restore empty graph help
2018-06-11 03:12:50 +02:00
71847bb385
set conditional breakoint
2018-06-11 03:12:49 +02:00
ee56954a0c
Use a more useful example for switch condition
2018-06-11 03:12:49 +02:00
2df55a3fa6
Load language menu only when needed
2018-06-11 03:12:49 +02:00
5acf7eb182
Added some icons for Log view and Trace view
2018-06-10 23:56:33 +08:00
Duncan Ogilvie
db17e323fe
DBG: more message fixes
2018-06-03 17:47:01 +02:00
Duncan Ogilvie
01960c556b
fix some whitespace in strings
2018-06-03 17:43:30 +02:00
1cd3cfc469
fix mistakes
2018-06-03 17:43:30 +02:00
4cf5508b5f
add error descriptions to x64dbg failure messages
2018-06-03 17:43:30 +02:00
Duncan Ogilvie
4ea3a8e3af
GUI: actually fix the crash, derp
2018-05-17 17:14:12 +02:00
Duncan Ogilvie
291039eb17
GUI: fix crash in new HexEditDialog
2018-05-17 17:05:11 +02:00
40ab0ed1ae
Fix pasting CR/LF text to CR/LF hex editor
2018-05-13 20:38:53 +02:00
781b0dd89c
Add CR/LF option to text editor
2018-05-13 20:38:53 +02:00
e714824a0d
restore current tab index
2018-05-13 20:38:53 +02:00
49a1c861f0
Make hex editor dialog resizable & Fix copying IP addr.
2018-05-13 20:38:53 +02:00
8de0520dc9
string editor works
2018-05-13 20:38:53 +02:00
facf8ac223
Removed data copy dialog
2018-05-13 20:38:53 +02:00
dce0e11713
data copy working
2018-05-13 20:38:53 +02:00
9741c06798
Disable data copy in find pattern dialog
2018-05-13 20:38:53 +02:00
dba3178428
Improved design. Added codepage warning.
2018-05-13 20:38:53 +02:00
1f7352e0a0
design
2018-05-13 20:38:53 +02:00
Duncan Ogilvie
3f33ad44cc
DBG+GUI: update zydis and fix some issues related to formatting
...
closes #1904
closes #1898
2018-04-05 00:20:31 +02:00
Duncan Ogilvie
3f754c0bfc
DBG: fix an out of bounds access on expression "([esp])"
2018-03-26 02:14:49 +02:00
Duncan Ogilvie
fa902f5df7
GUI: set shortcut for copy file offset in CPUDisassembly
...
closes #1916
2018-03-20 10:25:59 +01:00
Duncan Ogilvie
5bf0e7fb7b
PROJECT: fix zydis_wrapper project to not include nonexistent files
2018-03-05 23:52:20 +01:00
Duncan Ogilvie
1c1a48bcee
DBG: fix heuristic string detection near the end of a page
...
related to #1906
2018-03-05 23:52:07 +01:00
Duncan Ogilvie
f8e4ed4f1f
DBG: fix bug with operand size in TraceRecord
2018-03-04 23:00:13 +01:00
Duncan Ogilvie
8da82cf569
PROJECT: remove keystone
2018-03-04 22:41:00 +01:00
Duncan Ogilvie
e5f950308a
PROJECT: remove capstone
2018-03-04 22:35:01 +01:00
Duncan Ogilvie
55d99b5647
DBG+GUI: replace Capstone with Zydis in trace record
2018-03-04 22:32:08 +01:00
Duncan Ogilvie
0343280cb5
DBG+GUI: update to Zydis v2.0.0
2018-03-04 22:22:54 +01:00
Duncan Ogilvie
49167e92c6
DBG+GUI: fix many application verifier issues
2018-03-04 22:04:37 +01:00
Duncan Ogilvie
53e621c175
DBG: replace WAITID_STOP with a more reliable method
...
closes #1852
2018-03-04 22:04:04 +01:00
e2dcda5498
removed unnecessary include
2018-03-02 10:17:14 +01:00
5a28eb7d30
ASM styles added
2018-03-02 10:17:14 +01:00
da8d90f674
Enhancements to the Data Copy dialog
2018-03-02 10:17:14 +01:00
96b8038f88
Added ASCII field for edit registers dialog
2018-03-02 10:17:14 +01:00
Duncan Ogilvie
c5ce4313b4
DBG+GUI: update Zydis to the latest version
2018-02-24 13:42:59 +01:00
Duncan Ogilvie
289a6b1911
GUI: mnemonic help and brief now work better with prefixes
2018-02-24 12:43:48 +01:00
Duncan Ogilvie
16fdf57f41
DBG: move call to CB_STOPDEBUG to the very end of the debug loop
...
close issue #1899
2018-02-14 22:19:00 +01:00
Duncan Ogilvie
2c284cd210
DBG: remove std::thread usage from TaskThread
2018-02-14 20:38:49 +01:00
Duncan Ogilvie
804322aeb8
GUI: introduce setting for ASCII/Unicode in address dump mode
2018-02-08 01:22:33 +01:00
Duncan Ogilvie
8a1256b5fd
GUI: small refactor in Configuration
2018-02-08 01:22:33 +01:00
e8e7112cf5
GUI: swich bettween ASCII and UNICODE column in Address mode
...
closes issue #1880
2018-02-08 01:22:33 +01:00
Duncan Ogilvie
1fa1c3d705
DBG: remove limitation of placing "&" in labels
2018-01-30 20:54:45 +01:00
Duncan Ogilvie
ddc97f2a74
DBG: show PEB in memory map
...
#1882
2018-01-28 11:51:15 +01:00
13b8db3a2b
fix and add UTF8/UCS4
2018-01-28 11:45:23 +01:00
164d8b0730
View and copy raw string
2018-01-28 11:45:23 +01:00
Duncan Ogilvie
39f78b1c33
DBG: remove weak acquire in dbghelp_safe
...
possibly fixes #1863
2018-01-12 14:15:06 +01:00
0e29990da5
Jump to thread IP by double clicking.
2017-12-31 12:34:05 +01:00
Duncan Ogilvie
3e510440d2
GUI: don't try reading the first byte of a memory region in HexDump
2017-12-28 23:26:13 +01:00
Duncan Ogilvie
2d6004da9b
DBG: remove TitanEngine for parsing TLS callbacks
2017-12-28 23:25:42 +01:00
Duncan Ogilvie
42dc5f90e5
DBG: fix Zydis.BranchDestination
...
closes #1855
2017-12-28 21:34:47 +01:00
Duncan Ogilvie
7c0d122ee4
DBG: add breakpointexceptionaddress variable
2017-12-28 20:27:23 +01:00
Duncan Ogilvie
8616ff67a2
DBG+GUI: fix OperandText returning weird values for relative jumps
...
closes #1849
2017-12-26 13:31:10 +01:00
Duncan Ogilvie
761e2f67c0
DBG: fix a rare bug with module resolving by name (thanks to chessgod101!)
...
if you had:
blub.exe
blub.exe.dll
And tried to resolve 'blub.exe' it could return the base of 'blub.exe.dll'
2017-12-24 13:21:06 +01:00
Duncan Ogilvie
2106873f55
GUI: revamp of the menu system
2017-12-18 03:07:27 +01:00
Duncan Ogilvie
bdde5d3cce
GUI: hide the "Disable Branch Destination Preview" menu + symbol menu in system modules only
2017-12-18 02:15:44 +01:00
Duncan Ogilvie
ed1dd3c6c1
GUI: save and restore deleted tab state
2017-12-18 02:03:14 +01:00
Duncan Ogilvie
0f1916cc2e
GUI: fix cip not displaying correctly in the reference view
2017-12-18 02:02:35 +01:00
Duncan Ogilvie
0e2ff40443
DBG: remove unused parameter from RecursiveAnalysis class
2017-12-17 02:05:53 +01:00
f29d660b6e
Search for function pointer
2017-12-17 02:05:39 +01:00
Duncan Ogilvie
188b74bc91
GUI: implement OllyDbg's Find all names in current module (Ctrl+N)
...
Cheers to @R3MRUM from Twitter!
2017-12-08 03:10:10 +01:00
Duncan Ogilvie
37e83c9436
DBG+GUI: trim error descriptions in RegisterView and format functions
2017-12-03 22:27:47 +01:00
Duncan Ogilvie
e11701d7c3
GUI: improve InfoBox for bigger memory sizes
2017-12-03 22:27:47 +01:00
70a836b17a
Move SafeSymCleanup() call to cbExitProcess so it isn't called when the process may have already terminated
...
debugLoopFunction: set fdProcessInfo->hProcess and fdProcessInfo->hThread to NULL as these shouldn't be used after this point. The actual CloseHandle calls on these two handles are done by kernel32!ContinueDebugEvent immediately after cbExitProcess
2017-11-28 17:29:50 +01:00
2f3f28746d
Remove 2 occurrences of 'varset("$hp", fdProcessInfo->hProcess)', one of which was being called with the initial handle from CreateProcess(). cbCreateProcess is now the only place where this variable is set, for both types of debug sessions (attaching or creating)
2017-11-28 17:29:50 +01:00
629a6022e4
Fix duplicate debuggee process and initial thread handles being kept around in the case that x64dbg is not attaching:
...
- CloseHandle() the fdProcessInfo->hProcess and fdProcessInfo->hThread handles and set them to NULL if CreateProcess was called (i.e. we are not attaching) just before entering the debug loop
- cbCreateProcess(): set fdProcessInfo->hProcess, fdProcessInfo->hThread and varset("$hp") to the correct handles prior to doing anything else
2017-11-28 17:29:50 +01:00
c8e8b692f0
Remove static global handle 'hProcess' in debugger.cpp; it is only used in one place as argument to SafeSymCleanup(). Use fdProcessInfo->hProcess instead
2017-11-28 17:29:50 +01:00
Duncan Ogilvie
27a9266de8
GUI: do not render instructions that are not visible on the screen + remove timer
...
#1819
2017-11-19 23:57:08 +01:00
Duncan Ogilvie
4eb0fb6b88
GUI: autocompletion works much nicer now
...
#1738
2017-11-17 16:46:18 +01:00
Duncan Ogilvie
c3dae65658
PROJECT: update translation sources
2017-11-17 14:48:27 +01:00
Duncan Ogilvie
233a2670d2
GUI: replace backtab with Shift+Tab in ShortcutEdit
2017-11-17 14:42:49 +01:00
5b7696219e
Tab switch using history stack ( #1807 )
...
* add OpenViewsWindow
* almost done for history view switch
* rename the class
* add icon in history popup window
* astyle format
* add config TabSwitchUseHistory, default disable history tab switch
* remove no used code
* add shortcuts for the stuff
* rename HistoryViewsPopupWindow to MultiItemsSelectWindow, for further common use
* GUI: some small style adjustments
* GUI: change default hotkeys for ViewNextTab
2017-11-17 14:40:08 +01:00
7963e5206f
Add memory read breakpoint to context menu
...
* added breakpoint_memory_read.png
* added breakpoint_memory_read.png to resource.qrc
* breakpoint memory read added to memory dump context menu
* breakpoint memory read added to context menu
2017-11-17 13:00:32 +01:00
200c861761
fixed winerror & ntstatus fmt funcs
...
Thanks @Mattiwatti
2017-11-17 12:54:30 +01:00
Duncan Ogilvie
1c79384a06
DBG: remove the ordinal flag before printing the value
...
#1795
2017-11-15 13:44:36 +01:00
Duncan Ogilvie
c9abfd5229
GUI: put current selection in the initial goto dialog expression
...
related to #1812
2017-11-14 16:49:51 +01:00
f4cdecd46a
GUI: show Follow->Constant even if same as Address ( #1806 )
...
* GUI: show Follow->Constant even if same as Address
* GUI: invert constant and address entries in follow
* GUI: maintain original ordering in Follow menu
2017-11-14 16:32:09 +01:00
925c2a1222
added settings to hide ptr sizes and defualt segments
2017-11-14 16:04:43 +01:00
679aa23340
fix filter search bug in symbolview, and avoid double call setSingleSelection
2017-11-14 16:04:25 +01:00
e5cd1813ef
let goto file offset dialog has a init value of current selected address
2017-11-14 16:03:50 +01:00
dbb6e7e322
Added context menu icons for reference view ( #1808 )
...
* Added context menu icons for reference view
* Add context menu icons to source view
* Upload context menu icons
* Upload context menu icons
* Update stdtable to include copy item icon for columns in copy menu
2017-11-14 16:02:49 +01:00
Duncan Ogilvie
ca27de0dd7
DBG: remove custom formatter hooks and use new zydis setting instead
2017-11-14 16:00:55 +01:00
Duncan Ogilvie
63ec6d4648
GUI: add a fake menu for modules
2017-11-14 16:00:55 +01:00
Duncan Ogilvie
d1edce0872
DBG: small improvement to Handle class
...
By @torusrxxx
2017-11-14 16:00:55 +01:00
Duncan Ogilvie
4db8d02cf4
DBG: show operand visibility in Zydis command
2017-11-14 16:00:54 +01:00
3096f0dbba
Add warning to follow in dis bc tracing dont support ASLR;add TID & LastErr
2017-11-14 16:00:54 +01:00
36003e3abe
GUI: sortable memory map headers for type and protections
2017-11-14 16:00:54 +01:00
062dee26f6
fix crashes in trace viewer when pressing hotkeys
2017-11-08 17:12:20 +08:00
4cf0844255
Browse dialog and goto dialog support auto-complete ( #1738 )
...
* Browse dialog and goto dialog supports auto-complete
* don't use unicode string size
* Auto complete only when expression is valid symbol name
* use dbgfunctions for better flexibility and performance
* buffer last auto complete
* disable auto completion
2017-11-07 20:24:51 +01:00
3116b3dde0
fixed NTSTATUS name
2017-11-07 20:24:01 +01:00
01e5caf75b
removed upper part check in NTSTATUS
2017-11-07 20:24:01 +01:00
79e335277e
lazy load mnemonic data and save 3MB memory
2017-11-07 20:24:01 +01:00
990bccfffc
add mem.isstring()
2017-11-07 20:24:01 +01:00
e6297423f9
Add NTSTATUS fmt;show str in locals tab;fix div by 0 in data copy dlg.
2017-11-07 20:24:01 +01:00
d67031a089
DBG: remove \\n replacement in string formatting
2017-11-07 20:23:25 +01:00
15b0e73ba0
DGB: fix disp+imm printing in “zydis” command
2017-11-07 20:22:15 +01:00
a19b603620
GUI: fix printing of operands with non-standard size
2017-11-07 20:22:15 +01:00
2207ad9311
Added context menu icons for thread view ( #1796 )
...
* Added context menu icons for thread view
* Added thread setname icon
2017-11-05 00:51:41 +01:00
6d45928375
GUI: add shortcuts for search in current module
2017-11-04 21:26:15 +01:00
5e67d7ae45
GUI: minimize changes for struct in lambda MSVC 2017 compile fix
2017-11-04 21:25:46 +01:00
ecd1a3d576
GUI: small compile fixes for MSVC 2017
2017-11-04 21:25:46 +01:00
d2102e20ed
GUI: handle highlighting segment registers in RegistersView
2017-11-04 21:25:26 +01:00
b767d39b3e
cannot paste when clipboard is empty
2017-11-04 21:25:03 +01:00
0985f490ef
Copy hash
2017-11-04 21:24:40 +01:00
2f5d1135c6
Overriding a non global hotkey by a non global hotkey now asks user for confirmation
2017-11-04 21:23:49 +01:00
Duncan Ogilvie
7e3a045c4b
PROJECT: don't keep trying to compile the Zydis wrapper
2017-11-04 20:57:40 +01:00
Duncan Ogilvie
ae20041edb
DBG: proper workaround for 0x prefix in GUI
...
also closes #1792
2017-11-04 18:08:44 +01:00
Duncan Ogilvie
4870eebd87
DBG: correctly handle imports by ordinal
...
closes #1795
2017-11-04 16:34:52 +01:00
Duncan Ogilvie
8c04e7b272
DBG: fix a copy&paste bug in the Zydis wrapper
2017-11-03 14:09:13 +01:00
Duncan Ogilvie
f14633f20a
GUI: fix weird looking uppercase 0X
2017-11-02 22:29:47 +01:00
Duncan Ogilvie
9c639ddc5f
DBG: small improvements to winerror format function
2017-10-30 00:35:54 +01:00
Duncan Ogilvie
2f26a80b78
DBG+BRIDGE+GUI: deprecate DbgGetRegDump
2017-10-29 02:18:06 +02:00
ec0555dc0d
Added winerror format function and show help message for last error in reg view
2017-10-28 02:52:13 +02:00
d5582c6a1f
- DbgGetRegDumpEx(): copy lastStatus NTSTATUS name if requested struct size is >= sizeof(REGDUMP_V2)
...
- RegistersView: replace usages of REGDUMP with REGDUMP_V2 to access LastStatus register
2017-10-28 02:47:49 +02:00
8c9b11ecc9
Remove LastStatus from THREADALLINFO to preserve plugin compatibility
2017-10-28 02:47:49 +02:00
1e639585db
GUI changes for TEB->LastStatusValue:
...
- RegistersView: add LastStatus entry to REGISTER_NAME enum
- RegistersView: add modifiable LastStatus pseudo-register under LastError with the human-readable NTSTATUS name
2017-10-28 02:47:49 +02:00
6f1b6b77bb
dbg changes for TEB->LastStatusValue:
...
- Add LASTSTATUS struct
- Add LastStatus members to REGDUMP and THREADALLINFO
- Add ThreadGetLastStatus()/ThreadGetLastStatusTEB()
- Make "laststatus" a supported pseudo-register in isregister() / getregister() / setregister() similar to "lasterror"
- _dbg_getregdump(): copy the full name of the last NTSTATUS value
- ThreadGetList(): add the last status value to the thread list for each thread
- TraceRecordManager: account for the size change of REGDUMP to keep REGDUMPWORD the same size
2017-10-28 02:47:49 +02:00
8f0f83bdf3
ntdll.h: Update PEB and TEB structs for Windows 10 RS3, and correct offset of TEB->LastStatusValue on x86
2017-10-28 02:47:49 +02:00
787b86cd1f
Add DbgGetRegDumpEx to bridge API
...
Public SDK changes:
- Add LASTSTATUS struct
- Add REGDUMP_V2 struct with LASTSTATUS member
- Add DbgGetRegDumpEx(REGDUMP* regdump, size_t size);
Internal changes:
- Change typedef of _dbg_getregdump to add a size parameter
- Make DbgGetRegDump() pass sizeof(REGDUMP) to _dbg_getregdump to preserve existing behaviour. DbgGetRegDumpEx() forwards the size that was passed to it
2017-10-27 00:02:39 +02:00
0fbb1aa056
Don't add autocomments on "mov edi,edi"( #1775 )
2017-10-26 00:43:54 +02:00
Duncan Ogilvie
0762182973
DBG: implement DLL breakpoints directly in x64dbg
2017-10-25 21:58:01 +02:00
a514176750
Add tokenizer support for pointer operands ( #1781 )
...
* Add tokenizer support for pointer operands
* Fixed pointer operand width calculation
2017-10-25 21:45:00 +02:00
466d5e9173
Update cmd-misc.cpp
2017-10-25 11:21:44 +00:00
db5c3e23af
Update cmd-misc.cpp
2017-10-25 11:16:01 +00:00
Duncan Ogilvie
ecbea6d9d8
GUI: fix Sonar issues
2017-10-22 17:07:45 +02:00
c102670c3f
Update TraceBrowser.cpp
2017-10-21 14:17:38 +00:00
Duncan Ogilvie
33844079ee
DBG+GUI: update zydis
2017-10-18 23:44:36 +02:00
9a2cb20682
enhancement to run until return
2017-10-18 22:49:06 +02:00
75987325fb
Remember navigation source in graph history ( #1766 )
...
* Remember navigation source in graph history
If you follow a jump or a call, and click on '-', you don't go back to the jump or the call (as in the regular CPU view), but to a previous, non-relevant command in the graph. This commit tries to fix this.
* Update DisassemblerGraphView.cpp
* Update DisassemblerGraphView.cpp
2017-10-18 22:48:57 +02:00
f519f322da
Added setting that controls MaxModuleSize. ( #1765 )
...
* Added spinbox that controls maximum module name size in the disassembler settings.
* Restored settings dialog default tab index to zero.
2017-10-18 22:47:43 +02:00
390bf4c5ca
Trace recording ( #1736 )
...
* run trace file format
* record opcode
* Successfully recorded sample run trace
* fixed order of thread id and opcode
* use capstone in run trace
* Revised format;Stop tracing when stop debug;Changed ext name
* trace browser(draft)
* Lower bound
* Lower bound
* implemented more funcitons in trace file reader
* Initial trace browser
* trace browser works for single-page traces
* fixed page fault
* Multi-selection, fixed page faults
* copy disassembly
* resize columns
* address label;follow in disassembly
* highlight
* history,comment,breakpoint in trace view
* stricter validation to prevent buffer overflow
* MAX_MEMORY_OPERANDS=32
* fixing bug in memory access count
* Temporary info menu to view registers & memory
* assumed to fix thread id bug
* live update trace view
* Fixed a bug with registers recording (similar to thread id bug)
* Search for constant in trace file
* Fixed bugs with memory operands recording
* File header for trace file; Auto update trace viewer
* fix x64dbg_translations.pro
* Default filename for trace; Start trace from trace view
* Switch to Qt JSON
* Copy selection, file offset and RVA; recent files
* Properly implement MRU menu
* shortcut for tracing
* Fix file names with comma
* added interaction with tab closing
* change default directory for trace file
* fix minor issue
2017-10-16 20:00:26 +02:00
9959278863
Properly exit x64dbg
2017-10-15 16:18:48 +02:00
Duncan Ogilvie
f85cea6bcd
GUI: change multi-selection hotkeys ( #1743 )
...
closes #1762
closes #1761
2017-10-14 19:46:47 +02:00
Duncan Ogilvie
f6590e6465
DBG: fixed a typo
2017-10-14 17:31:11 +02:00
c44c1f7fc6
GUI: add multiselect hotkeys to StdTable
...
This allows selecting multiple rows in e. g. the Breakpoints view
without having to use the mouse.
New hotkeys:
- Select all: (ctrl+a)
- Select first row (ctrl+home)
- Select last row (ctrl+end)
- Expand selection upwards (shift+up)
- Expand selection downwards (shift+down)
2017-10-14 17:26:39 +02:00
Duncan Ogilvie
d6ca58efd1
DBG: fixed another problem with Zydis
2017-10-14 15:42:02 +02:00
Duncan Ogilvie
6f7af9b8da
DBG: fixed various small issues with Zydis
...
ping @athre0z
2017-10-14 00:32:34 +02:00
Duncan Ogilvie
c9e17df1c0
DBG+LAUNCHER: correctly handle mixed mode executables
...
fixes #1758
2017-10-13 23:38:53 +02:00
8cf9f63bac
Fixing #1752
2017-10-13 19:43:33 +02:00
c5c3358c52
Add range checks for operand access ( fixes #1750 ) ( #1751 )
...
* DBG: added range checks to operand access
- previously, some instructions could trigger the `DebugBreak` path in `Zydis::operator[]`
* GUI: removed redundant semicolon
2017-10-10 21:01:59 +02:00
Duncan Ogilvie
9d692efbdf
PROJECT: AStyle
2017-10-09 23:42:23 +02:00
Duncan Ogilvie
d365b5a590
GUI: fixed a typo in capstone_gui
2017-10-09 23:15:00 +02:00
77c6e951f0
zydis_wrapper: Cleaned up branch types
...
- Remove unused semantic groups
- Improve handling of “far” in tokenizer
2017-10-09 10:02:13 +02:00
8741e94bdb
zydis_wrapper: Final touch
...
- Comment out diff code in GUI
- Enable optimization
- A few more whitelist entries in the diff code
- A few fixes in the old tokenizer to be consistent with the new one in diffs
- Remove LICENSE and README now that the wrapper is part of the x64dbg core repo
2017-10-09 10:02:13 +02:00
5b1cf81f55
zydis_wrapper: Fixed x32 build
2017-10-09 10:02:13 +02:00
3fca5c9191
Ported & renamed `cbInstrCapstone`
2017-10-09 10:02:13 +02:00
16942049b3
QBeaEngine: Implemented reg & flag info again
2017-10-09 10:02:13 +02:00
af0ff55df3
zydis_wrapper: Better compliance with style-guide
...
- Removed underscores
- Removed redundant “zy” prefix
- Executed `AStyleWhore` (sorreh, I use git on my macOS host, can’t put it into pre-commit-hook)
2017-10-09 10:02:13 +02:00
ca9401fdb7
Moved “zydis_wrapper” into root repo
...
- Instead, we directly use Zydis as a submodule now
2017-10-09 10:02:13 +02:00
da0d4415e3
Print “far” token, support RTM instructions
...
- Also, more whitelist entries for the CS-Zydis diff
2017-10-09 10:02:13 +02:00
0711ac09df
Added CS vs Zydis diff code & various fixes
...
- Fixed various porting bugs in the Zydis `CapstoneTokenizer`
- Added Capstone vs Zydis tokenizing diff and various exceptions for known issues
2017-10-09 10:02:13 +02:00
4c841d85c6
Renamed `Capstone` -> `Zydis`
...
- Prevents name clashes with actual capstone disassembler implementation
2017-10-09 10:02:13 +02:00
5338a0a85b
Replace Capstone with Zydis
...
- While at it, added branch info logic to disassembler class
- Thus reduce direct checks by mnemonic in GUI and analysis code
- Replaced direct disassembler struct access with disassembler class calls where trivially possible
- Removed workarounds for empty segment registers
- Temp. disabled `cbInstrCapstone` command
- Temp. disabled flag stuff in `QBeaEngine`
2017-10-09 10:02:13 +02:00
Duncan Ogilvie
103866eafe
DBG+EXE+GUI: fixed some more sonar warnings
2017-10-08 20:19:32 +02:00
Duncan Ogilvie
cd9bbb1189
BRIDGE+LAUNCHER: fixed some more CRT warnings
2017-10-08 16:23:20 +02:00
Duncan Ogilvie
57235b2f24
DBG+EXE+LAUNCHER+BRIDGE: remove _CRT_SECURE_NO_WARNINGS
2017-10-08 16:16:20 +02:00
bebc47b924
Show address with label in InfoBox
...
Address issue #1588
2017-10-05 17:25:56 +02:00
Duncan Ogilvie
d121cd9dc2
DBG+LAUNCHER: fix exception handling in GetPeArch.h
...
Thanks to digitalboy for the report!
2017-10-05 17:08:34 +02:00
8671ff2e57
fixup
2017-10-03 20:23:41 +02:00
33024f5672
Fix standard conformance issues
2017-10-02 00:07:17 +02:00
Duncan Ogilvie
ba6e6dea63
DBG: full unicode support in ResolveShortcut
2017-09-30 14:30:40 +02:00
Duncan Ogilvie
1143621eb1
DBG: make sure the debugger is signaled as initialized before loading plugins
...
Fixes #1734
2017-09-30 13:01:24 +02:00
Duncan Ogilvie
fcda76a470
DBG: fixed LibrarianEnableBreakpoint
2017-09-30 12:52:07 +02:00
537b587f73
Fixing issues with memory map( closes #1720 )
2017-09-16 17:55:40 +08:00
mrexodia
51c1b5f690
GUI: Don't freeze when calling BridgeResult::Wait() on the main ThreadClear
...
closes #1716
2017-09-12 00:36:34 +02:00
mrexodia
ec66220dd5
GUI: don't select when changing the byte offset with ctrl+up/down
...
closes #1709
2017-09-11 17:58:34 +02:00
mrexodia
5e9ee7afc3
GUI: keep consistent when disabling summary ( closes #1708 )
2017-09-11 17:47:11 +02:00
7627fce15c
Tripleslash for scriptapi_misc functions
2017-09-11 15:00:30 +02:00
mrexodia
ef6bf04fb0
DBG: find the plugin name for the currently-loading plugin name (thanks to testuser!)
2017-09-07 23:04:48 +02:00
3879297c7a
Fixed conditions in favourite tools
2017-09-06 12:40:47 +08:00
1f2dd7a816
Fixed copy AVX register:32-bit app can use AVX
2017-09-06 12:30:30 +08:00
mrexodia
7db12dcd6e
GUI: copy in the same order as the view ( closes #1712 )
2017-09-06 03:56:46 +02:00
mrexodia
2d7c929c64
DBG: fixed a deadlock while unloading plugins
...
closes #1710
2017-09-06 03:50:46 +02:00
mrexodia
95d3a837bb
GUI: added back the remove all option in the BreakpointsView
2017-09-05 17:29:19 +02:00
mrexodia
1d47124ec3
GUI: don't check QueryProcessCookie per default
...
related: https://github.com/x64dbg/ScyllaHide/issues/32
2017-09-05 15:49:10 +02:00
mrexodia
d8ad2e7f53
GUI: better clickable columns (thanks to ali56s for reporting!)
2017-09-04 22:57:49 +02:00
mrexodia
7c93a0ef48
DBG: QueryWorkingSetEx with GetProcAddress (restored XP support)
2017-09-04 22:57:49 +02:00
mrexodia
9cc8e779e9
DBG: some small improvements to plugin functions and added idle detection for time wasted
2017-09-04 22:57:48 +02:00
3da4461a63
Tripleslash for DbgCmdExec, DbgCmdExecDirect
2017-09-04 22:47:42 +02:00
mrexodia
082bcc0937
Merge remote-tracking branch 'origin/PLMDebug' into development
2017-09-01 22:54:53 +02:00
mrexodia
4f67fcada7
GUI: fixed some small coverity issues
2017-09-01 22:54:23 +02:00
mrexodia
037504643b
DBG+GUI: option to query the working set before attempting to read a memory page
...
workaround for http://www.triplefault.io/2017/08/detecting-debuggers-by-abusing-bad.html
2017-09-01 22:53:50 +02:00
mrexodia
4104c0a004
GUI: formatting + fixed a warning
2017-09-01 18:52:06 +02:00
f3132e9315
use dynamic casting
2017-09-01 18:51:20 +02:00
144051162d
Switch reference tabs by forward/back mouse buttons
2017-09-01 18:51:20 +02:00
fa92a9c474
Add Xref for switch cases; Follow switch cases in CPU.
2017-09-01 13:58:33 +02:00
09dd193d9f
graph history;follow children or parent in graph
2017-09-01 13:58:33 +02:00
bf43f7eb97
graph for switch statements
2017-09-01 13:58:33 +02:00
690b048c7f
breakpoint, memory and threads view support multi-select ( #1697 )
...
* breakpoint, memory and threads view support multi-select
* fixed
* use older breakpointsview
* fixed
* revert deps change
* command in reference view
* to-do
* fixed deps
2017-09-01 13:57:41 +02:00
2b4a9bc9dc
Fixes #1699 Arch-Indep-Registers ( #1700 )
...
* Arch-Indep-Registers Fix 1
* Run format.bat
2017-08-31 20:55:11 +02:00
3f766fa8a6
shortcut to delete watch;fixed selection issue
2017-08-31 20:54:25 +02:00
7d712b7a6e
fixed watch view
2017-08-31 20:54:25 +02:00
mrexodia
80210eb9b0
LAUNCHER+DBG: add support for PID attaching + PLMDebug in the command line
...
closes #1698
2017-08-28 11:41:37 +02:00
mrexodia
948c40eb1a
GUI: allow multiple selection in BreakpointsView ( #1697 )
2017-08-26 16:37:22 +02:00
mrexodia
d678ad1e82
DBG: fixed a warning on x64 about the cookie
2017-08-26 15:54:52 +02:00
mrexodia
f7182c111e
GUI: fixed enabling all DLL breakpoints in BreakpointsView
2017-08-26 15:26:34 +02:00
mrexodia
95bfa7ec0e
GUI: use the correct index when displaying the disasm/summary columns in BreakpointsView
...
closes #1696
2017-08-26 13:10:14 +02:00
mrexodia
88fec2a1d3
DBG: correctly remove librarian breakpoints on exit + remove hwbp on detach
2017-08-25 13:18:13 +02:00
mrexodia
fa2784792c
DBG+GUI: query the process cookie on startup ( #489 #1418 #1412 )
2017-08-25 13:17:14 +02:00
mrexodia
da77f37c4f
DBG: moved tracing code out of debugger.cpp
2017-08-25 13:14:46 +02:00
mrexodia
da9d298142
GUI: fixed a memory leak + uninitialized member in DisassemblerGraphView ( closes #1695 )
2017-08-25 13:04:36 +02:00
mrexodia
f37406ff40
LAUNCHER: enable LargeAddressAware to fix 65535sect.exe
2017-08-25 13:03:40 +02:00
mrexodia
e9d47b0925
GUI: format ComboBoxDialog
2017-08-25 13:03:07 +02:00
mrexodia
010a3bbf7e
DBG: better behaviour for "exhandlers" on XP
2017-08-25 13:02:37 +02:00
16b40aab5b
GUI: add auto completion to "Add exception breakpoint" dialog
2017-08-22 13:29:14 +02:00
c78ffc38f1
remove DR6/7 from label display
2017-08-22 13:28:43 +02:00
mrexodia
652c61f7f7
DBG+BRIDGE+GUI: warn when trying to render a graph with more than 5000 nodes
...
(closes #1321 )
2017-08-21 15:13:02 +02:00
c1c7910d8d
GUI: fix building of BreakpointView context menu when no bp is selected
2017-08-21 13:57:37 +02:00
mrexodia
1c4607e25b
DBG: change ReadBaseRelocationTable to read the relocation directory from disk instead of memory
2017-08-21 00:44:21 +02:00
mrexodia
838b03e9d9
DBG: add ModEnum to remove various bottlenecks with module loading
2017-08-21 00:41:04 +02:00
mrexodia
25e0a1071d
GUI: use more ArchValue in the AppearanceDialog
2017-08-19 15:58:05 +02:00
mrexodia
9fe867e0e5
BRIDGE: documented Bridge* functions in bridgemain.h
2017-08-19 15:36:26 +02:00
451807f8ae
GUI: Display and edit breakpoints in graph view ( closes #1266 ) ( #1688 )
...
* GUI: working prototype for ActionHelperProxy
* GUI: fully implemented ActionHelperProxy
* GUI: display breakpoints in Graph view
* GUI: move breakpoint context menu into separate class
* GUI: add breakpoint context menu to graph view
2017-08-19 15:34:53 +02:00
mrexodia
2bd32aee32
DBG: fixed typo in pluginreload command
2017-08-18 00:08:37 +02:00
mrexodia
ca296699b0
DBG: added plugreload command
2017-08-17 23:54:43 +02:00
8c797ef42d
Fix "requires a narrowing conversion" error when compiling with vs2015 ( #1687 )
2017-08-17 13:06:58 +02:00
mrexodia
a404f63960
DBG: fixed Script::Flags implementation
2017-08-14 16:24:29 +02:00
mrexodia
88aa0db41c
GUI: another small fix to BreakpointsView
2017-08-14 16:21:00 +02:00
mrexodia
d5619a57e0
GUI: improve selection behavior when deleting the last breakpoint
2017-08-14 15:55:58 +02:00
6587cbc564
underline relocated bytes in disassembly view ( #1683 )
...
* DBG: add relocation info to module
* GUI: underline relocated bytes
* DBG: remove unnecessary wrapper function
* DBG: store relocations in sorted vector instead of set
* GUI: warn about patches in relocation regions (closes #263 )
2017-08-14 00:17:47 +02:00
84bbc5cf4a
Small fixes an deletion of unnecessary stuff ( #1684 )
...
* Remove unnecessary if check.
If the above one is False, than this oen has to be true, since it can't be
anything else than smaller or equal to
* If it's bigger than zero, than it's also != -1
* Remove unused variable.
It just get's values assigned that are never used.
* Remove unused Macro and the calls to it
2017-08-13 22:57:52 +02:00
mrexodia
4982de948c
GUI: refactor StdTable to allow userdata ( fixes #909 )
2017-08-13 21:56:52 +02:00
mrexodia
a64bdef223
DBG+GUI: minor fixes
2017-08-13 18:10:59 +02:00
mrexodia
91f955fa82
GUI: new BreakpointsView ( closes #909 )
2017-08-13 18:00:51 +02:00
mrexodia
f484108fd7
DBG: added MemBpSize function
2017-08-13 17:17:37 +02:00
mrexodia
1b27b951ee
DBG+BRIDGE: added more detail in the BRIDGEBP structure (in the padding so backwards-compatible)
2017-08-13 17:17:15 +02:00
mrexodia
b876d3b9f0
DBG: add memory breakpoint size (unimplemented) to breakpoint database
2017-08-13 16:27:55 +02:00
mrexodia
9fcfb5b39e
DBG: various improvements to the breakpoint api
2017-08-13 16:26:46 +02:00
mrexodia
3a9e05ee02
GUI: small improvements to StdTable and AbstractTableView
2017-08-13 16:26:11 +02:00
mrexodia
5e9db68c71
DBG: improved performance of valapifromstring
2017-08-13 16:25:38 +02:00
mrexodia
86b623b691
DBG: add module base to label list
2017-08-13 16:24:40 +02:00
mrexodia
0cd8078256
DBG: added EnumExceptions
2017-08-13 16:23:59 +02:00
mrexodia
864437cc5f
GUI: rewrite menu deletion/clearing
2017-08-11 05:34:37 +02:00
mrexodia
6f76503b9f
GUI: fixed plugin menus in other dump tabs
2017-08-10 21:43:37 +02:00
mrexodia
20dff5b467
GUI: fixed a double delete for removed menu entries
2017-08-10 21:34:55 +02:00
mrexodia
b79f1bd35b
DBG+GUI: implemented _plugin_menuremove and _plugin_menuentryremove
2017-08-10 20:25:18 +02:00
mrexodia
d69e9726b1
DBG+GUI: properly implemented _plugin_menuclear
2017-08-10 20:00:33 +02:00
mrexodia
9b314ef740
DBG: separate menu entries from the menus
2017-08-10 19:07:20 +02:00
mrexodia
a951d060bb
Revert "DBG: allow duplicate hEntry for _plugin_menuaddentry"
...
This reverts commit 42b9b0f9dc
2017-08-10 18:50:27 +02:00
mrexodia
c43b64cdec
BRIDGE+GUI: implement GuiMenuRemove
2017-08-10 18:46:29 +02:00
mrexodia
42b9b0f9dc
DBG: allow duplicate hEntry for _plugin_menuaddentry
2017-08-10 18:27:55 +02:00
mrexodia
92850bd12f
GUI: change default font for log to be valid on Windows 10
2017-08-10 17:57:38 +02:00
mrexodia
fafb376946
GUI: fixed a focus issue with plugin dialogs
2017-08-10 07:56:46 +02:00
mrexodia
e9cfedd722
DBG: fixed an invalid handle exception
2017-08-10 06:03:04 +02:00
mrexodia
dbc6ceb3db
DBG: fixed warning on x64
2017-08-09 03:13:04 +02:00
mrexodia
2ff93e479a
DBG: set temporary labels for visited types
2017-08-09 02:41:00 +02:00
mrexodia
5a34b54fb2
DBG: show label of memory address in auto comments
2017-08-09 02:40:32 +02:00
mrexodia
8271b69f87
GUI: show label of memory address in CPUInfoBox
2017-08-09 02:40:02 +02:00
mrexodia
f97439c9f5
DBG: introduce temp labels
2017-08-09 02:32:28 +02:00
mrexodia
5cb7917630
DBG+BRIDGE+GUI: added menu preparation plugin event
2017-08-08 01:39:04 +02:00
mrexodia
caae4a9d6a
DBG: fixed a bug in _plugin_menuclear (now it no longer deletes the menu itself)
2017-08-08 01:17:25 +02:00
mrexodia
afd18d870f
GUI: fixed creation of dll breakpoints with a space
2017-08-08 01:16:12 +02:00
mrexodia
192b35acde
GUI: change symbol menu
2017-08-07 20:06:11 +02:00
mrexodia
7ab339fa3b
DBG: various small improvements
2017-08-07 19:41:32 +02:00
7646747eca
GUI: download symbols in CPU tab ( #1680 )
2017-08-07 19:38:34 +02:00
mrexodia
ef0cbcf58f
GUI: fixed (artificial) compile error ( closes #1678 )
2017-08-03 16:39:16 +02:00
mrexodia
3ed658d42c
DBG: fixed (artificial) build error
2017-08-03 17:34:27 +02:00
mrexodia
875eaf9350
PROJECT: (hopefully) fixed build.bat
2017-08-03 17:30:08 +02:00
mrexodia
a965c2b8a6
GUI: fixed dumb compile error in AssembleDialog
2017-08-03 16:51:18 +02:00
mrexodia
6f38e2b0f5
GUI: AA_EnableHighDpiScaling
2017-08-03 16:49:49 +02:00
mrexodia
d2e8f8ab1c
GUI: temporarily remove keystone from AssembleDialog
2017-08-02 00:36:14 +02:00
mrexodia
9cdd399dde
DBG: added CFLAGS support in _scriptapi_register.h (thanks to krzywix)
2017-08-01 23:59:12 +02:00
mrexodia
43458b0881
DBG: also set pDebuggedBase and check hash on attach ( fixes #1674 )
2017-08-01 22:33:54 +02:00
mrexodia
6059511296
GUI: deprecate local help file + fixed release script
2017-08-01 19:23:15 +02:00
mrexodia
3c9a24ec37
GUI: show segments better in CPUInfoBox
2017-07-29 17:59:09 +02:00
b758ea6e9d
DBG: The log now indicates the name of the breakpoint set ( closes #1613 ) ( #1662 )
2017-07-27 22:53:09 +02:00
3ff9122673
can enter floating point number ( #1661 )
2017-07-27 18:24:55 +02:00
754ef54968
can use rtu ( #1660 )
2017-07-27 18:24:01 +02:00
mrexodia
7aef027ebc
GUI: fixed a crash in the FlickerThread ( closes #1651 )
2017-07-25 16:19:06 +02:00
mrexodia
db9f8c845b
DBG: remove explicit size for memset in command line
2017-07-25 13:39:23 +02:00
2c3a16fbb5
GUI: revalidate when toggling 'Keep Size' in AssembleDialog ( #1648 )
...
* GUI: revalidate when toggling 'Keep Size' in AssembleDialog
* GUI: remove code duplication
2017-07-25 13:39:29 +02:00
c64777e32a
PNG compress icons of sizes >= 64x64 ( #1646 )
2017-07-25 12:55:08 +02:00
18979ef6e9
Fixed some unsafe code ( #1647 )
...
* Fix underflow of commandLine variable. (memset)
* Fix for integer inconsistencies
* fix for possible overflow at line 1841 of debugger.cpp. Offending code:
sprintf_s(command, "bp %p,\"DllMain (%s)\",ss", entry, modname);
2017-07-25 12:54:41 +02:00
mrexodia
a5e37fe74f
GUI: exit confirmation dialog ( closes #1645 )
2017-07-23 23:11:47 +02:00
a6e296054f
fixed x96dbg ( #1644 )
...
* fixed x96dbg
* fixed
2017-07-09 20:12:23 +02:00
mrexodia
73a8a93cbe
DBG+LAUNCHER: fix #1635 (.NET files are now processed correctly)
2017-07-08 18:29:13 +02:00
mrexodia
4631fbfc0f
DBG: fixed various cppcheck warnings
2017-07-06 16:15:57 +02:00
66c006d703
Small code improvement ( #1637 )
...
* Check index before array access
* fix for va_list leaks
* mismatch in new-delete pair
2017-07-04 17:26:01 +02:00
mrexodia
189cd520f0
GUI: use layout for the color picker grid
2017-07-03 11:56:04 +02:00
mrexodia
6a4510ce3a
DBG: bpgoto now no longer refreshes the GUI if not breaking
2017-07-03 10:43:52 +02:00
mrexodia
68f897d595
GUI: re-did the AboutDialog with layouts
2017-07-03 06:14:59 +02:00
mrexodia
2f89d2a0e2
GUI: small improvements to MainWindow and AboutDialog
2017-06-30 19:40:02 +02:00
mrexodia
49b4070904
DBG+GUI: updated capstone_wrapper ( fixes #1633 )
2017-06-30 15:07:33 +02:00
mrexodia
a2e245299a
DBG: gracefully break a trace when pausing
2017-06-30 14:41:44 +02:00
a3a25e1695
don't restore window pos invisible; clean up msgbox ( #1632 )
...
* don't restore window pos invisible; clean up msgbox
* remembers more dialog position
2017-06-29 18:38:51 +02:00
mrexodia
e5a614432f
DBG+GUI: small improvements to breakpoint log defaults
2017-06-29 15:45:52 +02:00
mrexodia
a835571cc4
GUI: removed some redundant code from AboutDialog
2017-06-27 03:17:30 +02:00
mrexodia
2588f7dc3e
DBG: workaround for pausing certain applications that are stuck in NtUserGetMessage
2017-06-27 03:13:32 +02:00
mrexodia
b8248630c2
GUI: updated AboutDialog
2017-06-27 03:13:06 +02:00
mrexodia
3d572966d2
GUI: fixed a bug with the BreakpointsViewTable and CIP highlighting
2017-06-27 00:14:23 +02:00
mrexodia
5747342938
GUI: escape unicode and ascii mnemonic characters
2017-06-25 03:00:48 +02:00
mrexodia
7a2e6eb40e
GUI: allow execution of favourite tools that require elevation
2017-06-25 03:00:47 +02:00
mrexodia
53841caab3
DBG: fixed a formatting problem in cbDebugLoadLib
2017-06-25 03:00:47 +02:00
ebd47a88a1
New about box dialog ( #1618 )
...
* New about box dialog
* Minor fixes
2017-06-21 15:54:21 +02:00
ca060c17c1
Replace undocumented.h with ntdll header and libs ( #1620 )
...
* Remove undocumented.h and replace it with header and .lib files for ntdll
* Replace ntdll function typedef + GetProcAddress combos with static imports
2017-06-21 15:43:23 +02:00
7f471c9768
Fixed issue with detached dumps ( #1623 )
2017-06-16 14:14:44 +02:00
mrexodia
2a73aed377
Merge branch 'development' of https://github.com/x64dbg/x64dbg into development
2017-06-07 04:26:53 +02:00
mrexodia
8ba0580626
DBG: fixed up the loadlib and freelib functions
2017-06-06 23:58:24 +02:00
32748cab5b
Fixes #1608 ( #1612 )
2017-06-01 07:40:07 +02:00
mrexodia
39b66f3b0f
DBG: switch default assembler engine to asmjit
2017-05-31 19:01:02 +02:00
mrexodia
9642d09bf2
EXE: don't ask for x64dbg.exe when not in WOW64 mode
2017-05-31 15:53:09 +02:00
mrexodia
32be2538dc
EXE+DBG: improved launcher (closes issue #1591 )
2017-05-31 15:47:08 +02:00
mrexodia
9ddfa87789
GUI: fixed annoying focus issue when source debugging is enabled
2017-05-27 01:41:28 +02:00
9944334614
Fixed wrong behavior when using search lists and changing layouts between mList and mSearchList ( #1606 )
2017-05-27 00:40:27 +02:00
mrexodia
c9c0ca4c99
DBG+GUI: fixed issue #1601 (comments in scripts interfering with the log)
2017-05-26 20:35:16 +02:00
5e77ad43e9
Closes #1597 ( #1602 )
2017-05-26 20:11:57 +02:00
544a6312d2
Defense against malicious "explorer.exe" ( #1605 )
2017-05-26 05:08:57 +02:00
mrexodia
2fd5cedd0d
remove some TitanEngine calls
2017-05-25 03:24:29 +02:00
mrexodia
9394b06c4d
DBG: removed unnecessary TitanEngine import
2017-05-23 19:40:21 +02:00
mrexodia
ad700f9001
DBG: updated to yara 3.6.0
2017-05-23 19:09:59 +02:00
mrexodia
4f67087e55
DBG: better comments in shuntingYard
2017-05-22 19:33:56 +02:00
mrexodia
46e136f1b4
GUI: fixed a bug with disassembly and the encode map (closes issue #1595 )
2017-05-17 01:16:51 +02:00
mrexodia
17b1fc7c01
DBG+GUI+BRIDGE: updated the floating point status/control registers with more descriptions
2017-05-16 14:40:23 +02:00
mrexodia
1d28f08fd3
GUI: AStyle
2017-05-15 23:37:41 +02:00
24972c0278
Improved attach dialog and messages bps ( #1589 )
...
* Some minor cpu info box enhancements
* Switch to xrefs in InfoBox and some XrefBrowseDialog improvements
* Added search boxes and saving symbols splitters and columns layout
* Using .toULongLong for both platforms
* casting added
* Added option rva addresses in graph
* Improved attach dialog and messages bps
2017-05-15 23:35:15 +02:00
e050fb6ccf
remembers dialog position ( #1586 )
2017-05-15 23:33:52 +02:00
8829c09300
Switch to xrefs in InfoBox and some XrefBrowseDialog improvements ( #1585 )
...
* Some minor cpu info box enhancements
* Switch to xrefs in InfoBox and some XrefBrowseDialog improvements
* Added search boxes and saving symbols splitters and columns layout
* Using .toULongLong for both platforms
* casting added
* Added option rva addresses in graph
2017-05-15 23:32:31 +02:00
mrexodia
06db8b4856
DBG: more informative memory allocation error message + fixed bug in apienumexports and apienumimports
2017-05-15 23:22:04 +02:00
mrexodia
cb2cb785ea
DBG+GUI: formatting + bigger disasm columns for string search
2017-05-11 06:18:32 +02:00
mrexodia
057eb125eb
GUI: fixed compile error
2017-05-09 21:53:56 +02:00
1b257deefc
Don't lose data when clicking side bar ( #1584 )
2017-05-09 19:28:56 +02:00
bb0f582c9d
Some minor cpu info box enhancements ( #1583 )
2017-05-09 19:27:34 +02:00
mrexodia
ad2835248b
DBG: fixed a small typo
2017-05-09 04:09:01 +02:00
mrexodia
753d15028c
GUI: allow disabling of seasons
2017-05-09 03:15:48 +02:00
mrexodia
8979ef70b0
DBG: fixed intermodular calls (closes issue #900 )
2017-05-05 18:56:38 +02:00
mrexodia
4d63bb63ac
DBG+GUI: updated capstone_wrapper
2017-05-05 18:09:01 +02:00
mrexodia
60382ae119
DBG: call DbgGetStringAt instead of disasmgetstringatwrapper
2017-05-05 18:09:01 +02:00
mrexodia
67b5c40370
BRIDGE+DBG: renamed ADDRINFO to BRIDGE_ADDRINFO
2017-05-05 18:09:00 +02:00
mrexodia
f96cb7dd9d
DBG: conversion functions from local codepage
2017-05-05 18:09:00 +02:00
373cc2a6db
fixing these words
2017-05-05 13:57:48 +00:00
mrexodia
1eed1efe4a
DBG: fixed a bug with memory caching in log strings
2017-05-04 10:22:22 +02:00
4b29afb980
Select "WM_COMMAND" per default ( #1577 )
2017-05-03 15:29:11 +02:00
mrexodia
6680096b86
DBG: fixed command line parsing (closes issue #1576 )
2017-05-02 01:38:23 +02:00
mrexodia
b725aa63c9
DBG+LAUNCHER: better command line forwarding and escaping
2017-05-01 21:40:29 +02:00
mrexodia
4fdf3084ae
DBG: fixed a crash when loading old database files ( fixes #1573 )
2017-05-01 20:51:23 +02:00
mrexodia
771103c27a
DBG: include refactor
2017-04-29 19:45:34 +02:00
mrexodia
906cbb74cf
DBG: improved include situation for debugger.h
2017-04-29 17:49:44 +02:00
mrexodia
1ac71a8e9f
DBG: fixed some kind of race condition from calling dbghelp (fixes issue #1571 )
2017-04-29 17:19:42 +02:00
mrexodia
216e23716d
GUI: improved translation overhead in Configuration
2017-04-29 17:19:42 +02:00
c991fc0c40
Warn the user about mismatch of database and executable ( #1570 )
2017-04-29 16:24:35 +02:00
mrexodia
f4a571a547
DBG: fixed search in modules that have section gaps
2017-04-29 01:57:46 +02:00
5fbc8ae72f
fixed 1278 ( #1569 )
2017-04-28 18:52:43 +02:00
mrexodia
c36a5c75eb
DBG: allow changing of byte:[cip] and fs:[30] (closes issue #1558 )
2017-04-28 01:18:54 +02:00
mrexodia
8814ac8310
DBG: greatly improved format string syntax
2017-04-27 16:58:40 +02:00
a3506502f2
fixed #1566 ( #1567 )
2017-04-27 13:52:31 +02:00
mrexodia
daa05a171e
DBG: don't lose data if the program folder is not writable with 'Save Database to program directory'
2017-04-24 19:59:08 +02:00
mrexodia
039501b2fd
DBG: always store command line cache in x64dbg directory
2017-04-24 19:59:08 +02:00
a1c79b5f6c
Update LocalVarsView.cpp ( #1563 )
2017-04-24 19:58:51 +02:00
mrexodia
c17bbc9653
GUI: small improvements to MessagesBreakpoints dialog
2017-04-24 02:40:58 +02:00
45db5d78f4
WinProc Messages Breakpoints ( #1562 )
...
* Actions added to Handles/Windows table
- Enable/Disable window
- Follow classproc in disassembler
- Toggle bp in classproc
- Message bp in classproc (not implemented entry)
* WinProc Messages Breakpoints
- Messages breakpoints implemented in windows handles table
2017-04-24 02:33:17 +02:00
mrexodia
2fd7119088
DBG: fixed problems with list enumeration
2017-04-24 00:55:53 +02:00
mrexodia
90070ef1b3
DBG: added support for basic Windows constants (currently only window messages)
2017-04-23 22:13:11 +02:00
33d482e74c
Actions added to Handles/Windows table ( #1561 )
...
- Enable/Disable window
- Follow classproc in disassembler
- Toggle bp in classproc
- Message bp in classproc (not implemented entry)
2017-04-23 00:59:15 +02:00
mrexodia
5aaa585c96
DBG+GUI: improved window proc query code
2017-04-22 04:17:05 +02:00
mrexodia
b45f19da5e
GUI: added windows proc query to window handle list (thanks to @ThunderCls)
2017-04-21 21:32:18 +02:00
mrexodia
8961c03a6a
GUI: fixed libpng warnings that trigger me
2017-04-21 14:36:13 +02:00
mrexodia
f74cf54da9
GUI: fixed some bugs with the hotkey descriptions (thanks to lynnux)
2017-04-21 14:24:55 +02:00
2312ba0460
Local variables view improved ( #1560 )
2017-04-21 11:06:14 +02:00
mrexodia
16f6158477
GUI: data copy improvements (closed issue #1534 )
2017-04-21 03:54:33 +02:00
mrexodia
3dca8fbd4f
GUI: restored the 'entire block' option for 'find command' ( #1541 )
2017-04-21 02:55:40 +02:00
mrexodia
d7cd9c9ae7
GUI: added some more shortcuts in the dump
2017-04-21 02:42:33 +02:00
mrexodia
180e79ee2b
DBG+GUI: added option to go to previous/next reference
2017-04-21 02:42:32 +02:00
mrexodia
b24b7939df
DBG+BRIDGE+GUI: added refsearch.count() and refsearch.addr() expression functions
2017-04-21 02:42:01 +02:00
mrexodia
271cba4f56
DBG+GUI: option to not show source line comments
2017-04-20 21:34:09 +02:00
mrexodia
9ea3154701
DBG+GUI: formatting + small fixes
2017-04-20 21:00:37 +02:00
a905656230
0x prefix for values, fixes #614 ( #1557 )
2017-04-20 20:45:23 +02:00
c9d7d15297
added string prefix, fixes #1027 ( #1556 )
2017-04-20 20:45:10 +02:00
8623ba4f8c
local vars view ( #1555 )
2017-04-20 20:45:02 +02:00
mrexodia
aa2a4afb0f
DBG+BRIDGE+GUI: more performance improvements related to GuiSetDebugState
2017-04-20 12:06:54 +02:00
mrexodia
09c80658ec
GUI: slight performance improvements with useless QString allocations
2017-04-20 10:55:06 +02:00
mrexodia
81fd6116b7
DBG+GUI: fixed inconsistent updating problems
2017-04-20 07:40:29 +02:00
mrexodia
82cff792cb
PROJECT+GUI: replaced float128 with ldconvert (closes issue #1241 )
2017-04-20 01:58:29 +02:00
mrexodia
4c1fd6ca09
DBG: fixed a deadlock with handling of unknown breakpoints (closes issue #1546 )
2017-04-19 21:57:20 +02:00
171eca3be6
Update StringUtil.cpp ( #1552 )
2017-04-19 21:48:26 +02:00
mrexodia
7a52b28c55
DBG+BRIDGE+GUI: plugin hotkeys
2017-04-14 08:03:52 +02:00
mrexodia
d5e224a7a5
DBG: format function improvements
2017-04-14 00:33:02 +02:00
mrexodia
668ea4ef57
GUI: default filename for dumps in memory map ( closes #1535 )
2017-04-13 21:43:30 +02:00
mrexodia
c02e3672c7
BRIDGE: added DbgEval function
2017-04-13 21:42:24 +02:00
mrexodia
f2a759434d
GUI: simplified LogView address follow code
2017-04-13 17:18:23 +02:00
mrexodia
444c8dffc6
DBG: added thread suspend failed message in ThreadSuspendAll
2017-04-13 17:18:23 +02:00
5ddd4eadc0
internationalization issue fixed ( #1536 )
2017-04-12 15:22:43 +02:00
mrexodia
221ca3d583
GUI: improved symbol view import behaviour + better highlight dump follow events ( closes #1530 )
2017-04-12 06:28:28 +02:00
mrexodia
caf6d0ceff
GUI: add module path hidden at the end of the module list in symbols view #1530
2017-04-12 05:37:00 +02:00
mrexodia
16a962ae3f
GUI: add newlines to DataCopyDialog for Delphi data (fixed issue #1527 )
2017-04-12 05:28:28 +02:00
mrexodia
75f8afc620
DBG: better support for generic registers in scriptapi
2017-04-11 22:12:21 +02:00
mrexodia
c3cff91b03
DBG: added generic registers to scriptapi
2017-04-11 21:06:17 +02:00
4b0292dacf
fixed #1467 ( #1532 )
2017-04-11 16:54:00 +02:00
7e1eb2a8dc
Add a comment for the newly allocated memory. This comment will show in the memory map. ( #1531 )
2017-04-11 12:41:35 +02:00
cd6288d69f
Fixing this mistake
2017-04-11 08:45:24 +00:00
mrexodia
5deef7360d
move option checking out of the loop
2017-04-11 00:38:53 +02:00
mrexodia
598fc65ea0
DBG+GUI: no longer override the section name in memory map with user comments
2017-04-11 00:20:21 +02:00
mrexodia
8afcb52e36
GUI: added plugins menu
2017-04-11 00:20:21 +02:00
e83989fcf2
Added register LastError, and allow modifying LastError in Registers view
2017-04-11 00:20:20 +02:00
68f18feec7
added internal command to resolve #1525
2017-04-11 00:20:20 +02:00
0ab8b66d85
Improved user experience on single-core CPU
2017-04-11 00:20:20 +02:00
mrexodia
449d04eec6
DBG+GUI: workaround for slow dbghelp functions (see #747 )
2017-04-09 02:40:44 +02:00
mrexodia
701ab86942
GUI: fixed grammatical error
2017-04-08 15:18:28 +02:00
mrexodia
cbe5130061
DBG: added DbgFunctions->GetCallStackEx
2017-04-08 15:16:38 +02:00
mrexodia
6cc5f4d849
DBG: no longer use ThreaderCreateRemoteThread
2017-04-08 15:16:38 +02:00
3fe18e784c
Fixed ( #1526 )
...
* fixed a critical bug
* some tooltip about lock modes
2017-04-08 15:16:09 +02:00
mrexodia
532f2b0513
GUI: no longer support saving in JPG (closes issue #1516 )
2017-04-04 17:55:57 +02:00
64773c8dd3
__fastcall enabled ( #1519 )
2017-04-04 05:39:59 +02:00
987594309c
Respect encoding type for tooltips in dump ( #1518 )
2017-04-04 05:39:52 +02:00
mrexodia
094e5fd122
GUI: fixed premature log truncation
2017-03-23 14:06:10 +01:00
mrexodia
7fbb9afb82
DBG: fixed out of bounds access when loading an empty script
2017-03-23 13:39:17 +01:00
mrexodia
3df04e55d9
DBG: added mod.rva and mod.offset expression functions
2017-03-20 09:08:31 +01:00
mrexodia
4c8b1e92dd
DBG+GUI: trace log file improvements
2017-03-20 08:51:01 +01:00
mrexodia
af6bc45b2e
functions to get memory base/size/protect
2017-03-19 13:12:55 +01:00
mrexodia
37de75450c
GUI: better flush log behavior
2017-03-19 10:41:08 +01:00
mrexodia
52b75cdd8b
DBG: workaround for issue #1501
2017-03-19 10:41:02 +01:00
mrexodia
3fe0242598
DBG: added _plugins_logprint
2017-03-19 10:41:02 +01:00
mrexodia
a14c534282
DBG+GUI: minor improvements
2017-03-19 10:41:02 +01:00
c3554d2964
DBG: load symbols from local filesystem first ( #1502 ) ( #1504 )
2017-03-19 08:45:32 +01:00
mrexodia
e58bc13526
DBG+BRIDGE+GUI: nastry hack to force-flush the log on user commands
2017-03-18 16:45:33 +01:00
mrexodia
0a8091bc85
GUI: highlight all text on LineEditDialog
2017-03-17 13:52:06 +01:00
mrexodia
ca0be798d9
Revert "St Patricks Day, March 17th, clover (32 & 64bit) icon ( #1499 )"
...
This reverts commit 91cb27e701
2017-03-17 07:45:34 +01:00
mrexodia
cb06e15d62
DBG: periodically update thread wait reasons #1470
2017-03-17 07:38:10 +01:00
mrexodia
e7d8b8d5cd
DBG: added DbgAnalyzeFunction to get a function graph
2017-03-17 07:16:30 +01:00
mrexodia
0f94a5886a
GUI: add a gui for the trace log in SimpleTraceDialog
2017-03-17 06:59:37 +01:00
mrexodia
24cb79324e
DBG: added TraceSetLogFile command
2017-03-17 06:59:37 +01:00
mrexodia
8fa4dde358
GUI: slight allocation optimizations
2017-03-17 06:59:36 +01:00
91cb27e701
St Patricks Day, March 17th, clover (32 & 64bit) icon ( #1499 )
2017-03-16 21:44:59 +01:00
mrexodia
d5e578ee6a
DBG+GUI+BRIDGE+PROJECT: updated AStyle and formatting
2017-03-16 03:32:09 +01:00
033a495925
Initial support for compiling with Clang/C2 from VS2017 (Clang 3.8+) ( #1498 )
2017-03-16 03:13:04 +01:00
mrexodia
6d1db38613
DBG: properly fix the GetProcAddress crash
2017-03-14 11:18:47 +01:00
mrexodia
281ccdfb4c
DBG: intercept crash on GetProcAddress (thanks to parfetka!)
2017-03-14 10:47:36 +01:00
mrexodia
f16c24b17c
GUI: recent files in ScriptView
2017-03-14 10:46:26 +01:00
mrexodia
e267eedec0
GUI: move MRUList to a separate utility class
2017-03-14 10:31:59 +01:00
mrexodia
c29aa34baa
GUI: option to edit script in ScriptView
2017-03-14 09:31:31 +01:00
mrexodia
f7d3f7cb74
GUI: disassembly summary in graph
2017-03-14 09:12:24 +01:00
mrexodia
f96a11fede
DBG: don't attempt to demangle C++ symbols in demanglePE32ExternCFunc
2017-03-14 09:11:02 +01:00
mrexodia
4e7a5656db
DBG: use previous context for retrieving comments
2017-03-14 08:15:32 +01:00
mrexodia
95b9579d56
DBG: workaround analysis on modules that don't have holes between sections
2017-03-14 08:14:51 +01:00
mrexodia
fe4db70717
DBG+BRIDGE+GUI: highlight indirect calls in the graph + fixed shadow in certain situations
2017-03-14 08:13:39 +01:00
mrexodia
62b8e4fe11
DBG: delete the DLL loader on exit (closes issue #1496 )
2017-03-14 06:24:54 +01:00
mrexodia
15f447cf94
GUI: highlight relevant registers of the current instruction in the RegistersView
2017-03-13 03:27:37 +01:00
mrexodia
65ddc96542
DBG+GUI: updated capstone_wrapper
2017-03-13 03:23:53 +01:00
mrexodia
c758fa718b
DBG: no longer freeze on attach (by failing certain dbghelp functions if the lock cannot be acquired)
2017-03-12 21:14:06 +01:00
mrexodia
0ccb4eedb3
GUI: drastically improve log performance (especially when not visible)
2017-03-12 18:52:02 +01:00
mrexodia
edf7760267
GUI: slightly improved pen style for selected block edges
2017-03-12 17:01:19 +01:00
mrexodia
cdc19ac2c2
DBG: don't emit nop branches as branches in the graph
2017-03-12 16:56:49 +01:00
mrexodia
e13c899a47
DBG+GUI: use ',' instead of '\1' to seperate commands
2017-03-12 06:54:18 +01:00
mrexodia
c7c654c24b
DBG: implemented repeating variants of step commands
2017-03-12 06:51:46 +01:00
mrexodia
7295f356ee
GUI: fixed default button in HexEditDialog
2017-03-12 06:33:33 +01:00
mrexodia
955ef47b6d
DBG: improved run command to allow run to X
2017-03-12 05:52:58 +01:00
mrexodia
1ae30cef53
DBG+GUI: added error script command
2017-03-12 05:40:07 +01:00
mrexodia
8340cd5aab
GUI: fixed drawing issue in CPUStack with the callstack frame
2017-03-12 05:20:17 +01:00
mrexodia
3845676b98
DBG: added argument expression functions
2017-03-12 05:07:41 +01:00
mrexodia
0b70d9b391
DBG: simplify scriptinternalcmd and make scriptload a blocking call
2017-03-12 04:45:18 +01:00
mrexodia
595244bb29
GUI: icons for new options in graph view
2017-03-12 04:44:33 +01:00
mrexodia
80839d5c46
GUI: don't crash ScriptView when a script is still loaded on exit
2017-03-12 04:36:59 +01:00
mrexodia
4cb14b74a9
GUI: AStyle DisassemblerGraphView and ActionHelpers
2017-03-12 04:33:37 +01:00
mrexodia
00ddb31660
GUI: use TraceOverConditional for "return to user" #1489
2017-03-12 03:01:37 +01:00
mrexodia
45640e0bfe
DBG: improved wow64 step workaround ( #1489 )
2017-03-12 03:01:37 +01:00
mrexodia
d153528481
DBG: added some expression functions
2017-03-12 03:01:37 +01:00
ac4c5c2ed8
Change cursor to 👆 where appropriate in side bar and registers view ( #1492 )
...
* fixed a crash and enable user to dblclick on folding box
* fixed when eip is in the current function it cant select
* Change cursor to 👆 where appropriate
* update translations
2017-03-12 03:00:35 +01:00
f45e2a73b3
Graph improvements ( #1493 )
...
* Fix graph toposorting.
* Prevent edge overlapping and improve routing.
* Prevent overlap when first section is vertical
* Fix range for edge_valid check
* Allow upside down L shape
* Hilight edges from selected block and allow doubleclick to zoom
* Add multiple layout modes.
* Reduce edge intersections.
Route edges in the order of blocks instead of random order from hashmap.
* Get rid of preprocessor abbuse in ActionHelper.
* Added layout selection to context menu.
2017-03-12 02:59:21 +01:00
5cb699e60e
Merge the OS compatibility element from exe/app.manifest into manifest.xml and remove app.manifest, as it was ignored during compilation ( #1490 )
2017-03-11 15:39:09 +01:00
mrexodia
5796891771
DBG: add support for customized string formatting ( closes #1336 )
2017-03-11 05:41:25 +01:00
mrexodia
fa84346445
GUI: closes issue #1488 (invalid stack range when CSP is zero)
2017-03-11 05:12:17 +01:00
mrexodia
bfd4cf74a8
DBG: removed deprecated '@' for memory location
2017-03-11 04:10:33 +01:00
mrexodia
62d3ac7d17
DBG: added expression functions for reference view
2017-03-11 03:53:11 +01:00
mrexodia
3b754f0791
BRIDGE+GUI: adjusted behavior for GuiReferenceGetCellContent
2017-03-11 03:51:55 +01:00
mrexodia
5715e1cc27
DBG: allow a title to be specified for refinit
2017-03-11 03:41:48 +01:00
mrexodia
aaf610de54
DBG: show logged line in script info
2017-03-11 03:02:16 +01:00
mrexodia
2fd8803360
GUI: non-modal script error box
2017-03-11 02:47:23 +01:00
mrexodia
81dc667177
GUI: non-modal message box ( #1416 )
2017-03-11 02:34:02 +01:00
mrexodia
8d6783f91c
GUI: fixed some tabstops
2017-03-11 01:24:02 +01:00
mrexodia
2d605f18ea
DBG: demangle enumerated import symbols
2017-03-11 00:05:54 +01:00
mrexodia
5e0b1c2c61
GUI: fixed conflicting hotkey in symbol view
2017-03-10 23:57:24 +01:00
mrexodia
81bf2510e9
DBG: prevent possible overflow on race condition with varget
2017-03-10 23:52:48 +01:00
mrexodia
b885e2ed4e
GUI: don't display xmm/ymm/st registers in the InfoBox (resolves issue #1476 )
2017-03-10 23:23:47 +01:00
mrexodia
15bbdd84de
DBG: restore breakpoints when loading database (resolves issue #1479 )
2017-03-10 23:11:51 +01:00
mrexodia
4bb5eb2dee
DBG: allow stirng formatting in labelset
2017-03-10 23:10:56 +01:00
mrexodia
448b6ac64c
DBG: refresh views in commentset
2017-03-10 23:09:36 +01:00
mrexodia
8803a50659
DBG: test for InstructionText in 'capstone' command
2017-03-10 23:08:35 +01:00
mrexodia
8e601c72bf
GUI: updated capstone_wrapper to remove RIP-relative text
2017-03-10 23:08:12 +01:00
mrexodia
f66acfa410
DBG: possible cbExitThread crash
2017-03-10 21:31:19 +01:00
mrexodia
e69b57600e
GUI: thick handle when splitter is collapsed (issue #1486 )
2017-03-10 20:40:47 +01:00
65b1f5a4ac
fix ( #1487 )
...
* fixed a crash and enable user to dblclick on folding box
* fixed when eip is in the current function it cant select
* Fix strange "Thread switched from 0" message when starting debuggee
2017-03-10 20:40:17 +01:00
mrexodia
92268d009d
DBG: removed unused disasmtext function
2017-03-06 17:25:08 +01:00
mrexodia
378a6c9637
DBG: added string formatting to findasm
2017-03-06 17:23:24 +01:00
mrexodia
c4841639e2
DBG+GUI: call stack improvements (closes pull request #1478 )
2017-03-04 19:47:44 +01:00
mrexodia
9d71bd3b73
DBG: remove redundant SymEnumerateModules64 dbghelp import
2017-03-01 23:24:00 +01:00
mrexodia
f71b7610b0
DBG: performance improvement with saving/loading databases
2017-02-28 23:21:42 +01:00
mrexodia
6e189010d2
DBG: cache file for the command line in the database (~2x performance improvement on big databases)
2017-02-28 05:42:29 +01:00
mrexodia
aae9953c6d
DBG: fixed various crashes with very big labels in the call stack (they are now truncated instead, thanks to AlexAltea!)
2017-02-28 05:02:16 +01:00
mrexodia
e63874c6bd
DBG: fixed some unclear behaviour and crashes in dbgsetcmdline
2017-02-28 05:00:54 +01:00
mrexodia
79fb2a1b47
GUI: improved the changeCommandLine option
2017-02-28 04:59:23 +01:00
mrexodia
01d46dd036
DBG+GUI: check if DEP is enabled before warning about operations on non-code pages
2017-02-26 22:42:52 +01:00
mrexodia
9a03f959e7
GUI: fixed CPUDump pointer tooltip on 64 bit
2017-02-26 21:11:19 +01:00
mrexodia
80b935ecf5
GUI: better CPUDump pointer tooltip
2017-02-26 07:25:21 +01:00
mrexodia
6329e9c989
GUI: various types of pointer highlighting ( closes #175 )
2017-02-26 07:11:55 +01:00
mrexodia
ac0a0e3933
GUI: implemented byte highlighting (related to issue #175 )
2017-02-26 05:07:20 +01:00
mrexodia
81edb1ecc4
GUI: fun byte color options in disassembly + trace record color + save full graph image (thanks to visitor42 from IRC!)
2017-02-26 04:06:12 +01:00
mrexodia
ad34c79883
GUI: don't copy FPU registers when they are hidden (thanks to visitor42 on IRC!)
2017-02-26 01:38:47 +01:00
mrexodia
df0c75ac03
DBG: support for symbol displacement ( #1478 )
2017-02-26 01:14:50 +01:00
mrexodia
2736885c09
DBG: improvement for issue #1475 (cache misses on thread creation when reading the stack)
2017-02-25 23:12:58 +01:00
mrexodia
b438872319
DBG: drastically improved loop manipulation performance
2017-02-24 20:43:48 +01:00
mrexodia
9e30cc7c3e
DBG: improve range comparison functions
2017-02-24 19:48:00 +01:00
mrexodia
fd17359f3d
GUI: fixed display of certain imm operands ( closes #1448 )
2017-02-24 19:47:26 +01:00
mrexodia
4f704b81bb
DBG+GUI: fixed some warnings
2017-02-24 19:39:32 +01:00
mrexodia
75e47ff75c
BRIDGE: fixed compilation on VS2012
2017-02-24 19:39:11 +01:00
mrexodia
bf3ccd7e0b
DBG: significant memory usage improvements for database (~5x less memory used)
2017-02-24 19:38:48 +01:00
71130601ee
Add wait reason to threads list ( #1470 )
...
* Implement ThreadGetWaitReason
* Get the wait reason for all threads at once in ThreadGetWaitReason to limit the number of NtQuerySystemInformation calls to 1 per refresh
2017-02-22 19:30:18 +01:00
Duncan Ogilvie
Austin Richards
franco martinelli
Matt
Zhang Li
Mattiwatti
torusrxxx
dl471
raiseman
Bálint Faragó
Alexander Miloslavskiy
Atvaark
Wolfgang Schoechl
Manuel
Ta Thanh Dinh
Hank McCord
ThunderCls
aikuimail
lynnux
Paul
Mack Stump
Emily Clemens
lynnux
fearless
Joel Höner
Alexandros Naskos
RaMMicHaeL
genuine
Danila Malyutin
roL
Rajarshi Vaidya aka gmastergreatee
Georgeto
Georgeto
Antonio Prcela
pointerrrr
Matthijs Lavrijsen
genuine_
Maksim Derbasov
ThunderCls
kkthx
Better known as gordon--
Stanisław Halik
karliss