b59798db6f
minor enhancements about SymbolView&breakpointcpp&SearchListView
2018-06-19 18:51:36 +02:00
Duncan Ogilvie
12e9127799
DBG: support for an edge case in HandlesGetName where the process itself doesn't have query access
2018-06-19 18:30:13 +02:00
f8c67ef2ab
show PID or TID in handles view
2018-06-19 18:30:13 +02:00
Duncan Ogilvie
f5fa7de918
DBG: better message in _dbg_animatecommand
2018-06-11 03:13:25 +02:00
0ab417f5b4
Animation help; Restore empty graph help
2018-06-11 03:12:50 +02:00
Duncan Ogilvie
db17e323fe
DBG: more message fixes
2018-06-03 17:47:01 +02:00
Duncan Ogilvie
01960c556b
fix some whitespace in strings
2018-06-03 17:43:30 +02:00
1cd3cfc469
fix mistakes
2018-06-03 17:43:30 +02:00
4cf5508b5f
add error descriptions to x64dbg failure messages
2018-06-03 17:43:30 +02:00
Duncan Ogilvie
3f33ad44cc
DBG+GUI: update zydis and fix some issues related to formatting
...
closes #1904
closes #1898
2018-04-05 00:20:31 +02:00
Duncan Ogilvie
3f754c0bfc
DBG: fix an out of bounds access on expression "([esp])"
2018-03-26 02:14:49 +02:00
Duncan Ogilvie
1c1a48bcee
DBG: fix heuristic string detection near the end of a page
...
related to #1906
2018-03-05 23:52:07 +01:00
Duncan Ogilvie
f8e4ed4f1f
DBG: fix bug with operand size in TraceRecord
2018-03-04 23:00:13 +01:00
Duncan Ogilvie
8da82cf569
PROJECT: remove keystone
2018-03-04 22:41:00 +01:00
Duncan Ogilvie
e5f950308a
PROJECT: remove capstone
2018-03-04 22:35:01 +01:00
Duncan Ogilvie
55d99b5647
DBG+GUI: replace Capstone with Zydis in trace record
2018-03-04 22:32:08 +01:00
Duncan Ogilvie
49167e92c6
DBG+GUI: fix many application verifier issues
2018-03-04 22:04:37 +01:00
Duncan Ogilvie
53e621c175
DBG: replace WAITID_STOP with a more reliable method
...
closes #1852
2018-03-04 22:04:04 +01:00
Duncan Ogilvie
16fdf57f41
DBG: move call to CB_STOPDEBUG to the very end of the debug loop
...
close issue #1899
2018-02-14 22:19:00 +01:00
Duncan Ogilvie
2c284cd210
DBG: remove std::thread usage from TaskThread
2018-02-14 20:38:49 +01:00
Duncan Ogilvie
1fa1c3d705
DBG: remove limitation of placing "&" in labels
2018-01-30 20:54:45 +01:00
Duncan Ogilvie
ddc97f2a74
DBG: show PEB in memory map
...
#1882
2018-01-28 11:51:15 +01:00
Duncan Ogilvie
39f78b1c33
DBG: remove weak acquire in dbghelp_safe
...
possibly fixes #1863
2018-01-12 14:15:06 +01:00
Duncan Ogilvie
2d6004da9b
DBG: remove TitanEngine for parsing TLS callbacks
2017-12-28 23:25:42 +01:00
Duncan Ogilvie
7c0d122ee4
DBG: add breakpointexceptionaddress variable
2017-12-28 20:27:23 +01:00
Duncan Ogilvie
761e2f67c0
DBG: fix a rare bug with module resolving by name (thanks to chessgod101!)
...
if you had:
blub.exe
blub.exe.dll
And tried to resolve 'blub.exe' it could return the base of 'blub.exe.dll'
2017-12-24 13:21:06 +01:00
Duncan Ogilvie
0e2ff40443
DBG: remove unused parameter from RecursiveAnalysis class
2017-12-17 02:05:53 +01:00
f29d660b6e
Search for function pointer
2017-12-17 02:05:39 +01:00
Duncan Ogilvie
37e83c9436
DBG+GUI: trim error descriptions in RegisterView and format functions
2017-12-03 22:27:47 +01:00
Duncan Ogilvie
e11701d7c3
GUI: improve InfoBox for bigger memory sizes
2017-12-03 22:27:47 +01:00
70a836b17a
Move SafeSymCleanup() call to cbExitProcess so it isn't called when the process may have already terminated
...
debugLoopFunction: set fdProcessInfo->hProcess and fdProcessInfo->hThread to NULL as these shouldn't be used after this point. The actual CloseHandle calls on these two handles are done by kernel32!ContinueDebugEvent immediately after cbExitProcess
2017-11-28 17:29:50 +01:00
2f3f28746d
Remove 2 occurrences of 'varset("$hp", fdProcessInfo->hProcess)', one of which was being called with the initial handle from CreateProcess(). cbCreateProcess is now the only place where this variable is set, for both types of debug sessions (attaching or creating)
2017-11-28 17:29:50 +01:00
629a6022e4
Fix duplicate debuggee process and initial thread handles being kept around in the case that x64dbg is not attaching:
...
- CloseHandle() the fdProcessInfo->hProcess and fdProcessInfo->hThread handles and set them to NULL if CreateProcess was called (i.e. we are not attaching) just before entering the debug loop
- cbCreateProcess(): set fdProcessInfo->hProcess, fdProcessInfo->hThread and varset("$hp") to the correct handles prior to doing anything else
2017-11-28 17:29:50 +01:00
c8e8b692f0
Remove static global handle 'hProcess' in debugger.cpp; it is only used in one place as argument to SafeSymCleanup(). Use fdProcessInfo->hProcess instead
2017-11-28 17:29:50 +01:00
200c861761
fixed winerror & ntstatus fmt funcs
...
Thanks @Mattiwatti
2017-11-17 12:54:30 +01:00
Duncan Ogilvie
1c79384a06
DBG: remove the ordinal flag before printing the value
...
#1795
2017-11-15 13:44:36 +01:00
Duncan Ogilvie
d1edce0872
DBG: small improvement to Handle class
...
By @torusrxxx
2017-11-14 16:00:55 +01:00
Duncan Ogilvie
4db8d02cf4
DBG: show operand visibility in Zydis command
2017-11-14 16:00:54 +01:00
4cf0844255
Browse dialog and goto dialog support auto-complete ( #1738 )
...
* Browse dialog and goto dialog supports auto-complete
* don't use unicode string size
* Auto complete only when expression is valid symbol name
* use dbgfunctions for better flexibility and performance
* buffer last auto complete
* disable auto completion
2017-11-07 20:24:51 +01:00
3116b3dde0
fixed NTSTATUS name
2017-11-07 20:24:01 +01:00
01e5caf75b
removed upper part check in NTSTATUS
2017-11-07 20:24:01 +01:00
79e335277e
lazy load mnemonic data and save 3MB memory
2017-11-07 20:24:01 +01:00
990bccfffc
add mem.isstring()
2017-11-07 20:24:01 +01:00
e6297423f9
Add NTSTATUS fmt;show str in locals tab;fix div by 0 in data copy dlg.
2017-11-07 20:24:01 +01:00
d67031a089
DBG: remove \\n replacement in string formatting
2017-11-07 20:23:25 +01:00
15b0e73ba0
DGB: fix disp+imm printing in “zydis” command
2017-11-07 20:22:15 +01:00
Duncan Ogilvie
ae20041edb
DBG: proper workaround for 0x prefix in GUI
...
also closes #1792
2017-11-04 18:08:44 +01:00
Duncan Ogilvie
4870eebd87
DBG: correctly handle imports by ordinal
...
closes #1795
2017-11-04 16:34:52 +01:00
Duncan Ogilvie
9c639ddc5f
DBG: small improvements to winerror format function
2017-10-30 00:35:54 +01:00
Duncan Ogilvie
2f26a80b78
DBG+BRIDGE+GUI: deprecate DbgGetRegDump
2017-10-29 02:18:06 +02:00
ec0555dc0d
Added winerror format function and show help message for last error in reg view
2017-10-28 02:52:13 +02:00
d5582c6a1f
- DbgGetRegDumpEx(): copy lastStatus NTSTATUS name if requested struct size is >= sizeof(REGDUMP_V2)
...
- RegistersView: replace usages of REGDUMP with REGDUMP_V2 to access LastStatus register
2017-10-28 02:47:49 +02:00
8c9b11ecc9
Remove LastStatus from THREADALLINFO to preserve plugin compatibility
2017-10-28 02:47:49 +02:00
6f1b6b77bb
dbg changes for TEB->LastStatusValue:
...
- Add LASTSTATUS struct
- Add LastStatus members to REGDUMP and THREADALLINFO
- Add ThreadGetLastStatus()/ThreadGetLastStatusTEB()
- Make "laststatus" a supported pseudo-register in isregister() / getregister() / setregister() similar to "lasterror"
- _dbg_getregdump(): copy the full name of the last NTSTATUS value
- ThreadGetList(): add the last status value to the thread list for each thread
- TraceRecordManager: account for the size change of REGDUMP to keep REGDUMPWORD the same size
2017-10-28 02:47:49 +02:00
8f0f83bdf3
ntdll.h: Update PEB and TEB structs for Windows 10 RS3, and correct offset of TEB->LastStatusValue on x86
2017-10-28 02:47:49 +02:00
787b86cd1f
Add DbgGetRegDumpEx to bridge API
...
Public SDK changes:
- Add LASTSTATUS struct
- Add REGDUMP_V2 struct with LASTSTATUS member
- Add DbgGetRegDumpEx(REGDUMP* regdump, size_t size);
Internal changes:
- Change typedef of _dbg_getregdump to add a size parameter
- Make DbgGetRegDump() pass sizeof(REGDUMP) to _dbg_getregdump to preserve existing behaviour. DbgGetRegDumpEx() forwards the size that was passed to it
2017-10-27 00:02:39 +02:00
0fbb1aa056
Don't add autocomments on "mov edi,edi"( #1775 )
2017-10-26 00:43:54 +02:00
Duncan Ogilvie
0762182973
DBG: implement DLL breakpoints directly in x64dbg
2017-10-25 21:58:01 +02:00
466d5e9173
Update cmd-misc.cpp
2017-10-25 11:21:44 +00:00
db5c3e23af
Update cmd-misc.cpp
2017-10-25 11:16:01 +00:00
Duncan Ogilvie
ecbea6d9d8
GUI: fix Sonar issues
2017-10-22 17:07:45 +02:00
9a2cb20682
enhancement to run until return
2017-10-18 22:49:06 +02:00
390bf4c5ca
Trace recording ( #1736 )
...
* run trace file format
* record opcode
* Successfully recorded sample run trace
* fixed order of thread id and opcode
* use capstone in run trace
* Revised format;Stop tracing when stop debug;Changed ext name
* trace browser(draft)
* Lower bound
* Lower bound
* implemented more funcitons in trace file reader
* Initial trace browser
* trace browser works for single-page traces
* fixed page fault
* Multi-selection, fixed page faults
* copy disassembly
* resize columns
* address label;follow in disassembly
* highlight
* history,comment,breakpoint in trace view
* stricter validation to prevent buffer overflow
* MAX_MEMORY_OPERANDS=32
* fixing bug in memory access count
* Temporary info menu to view registers & memory
* assumed to fix thread id bug
* live update trace view
* Fixed a bug with registers recording (similar to thread id bug)
* Search for constant in trace file
* Fixed bugs with memory operands recording
* File header for trace file; Auto update trace viewer
* fix x64dbg_translations.pro
* Default filename for trace; Start trace from trace view
* Switch to Qt JSON
* Copy selection, file offset and RVA; recent files
* Properly implement MRU menu
* shortcut for tracing
* Fix file names with comma
* added interaction with tab closing
* change default directory for trace file
* fix minor issue
2017-10-16 20:00:26 +02:00
9959278863
Properly exit x64dbg
2017-10-15 16:18:48 +02:00
Duncan Ogilvie
f6590e6465
DBG: fixed a typo
2017-10-14 17:31:11 +02:00
Duncan Ogilvie
d6ca58efd1
DBG: fixed another problem with Zydis
2017-10-14 15:42:02 +02:00
Duncan Ogilvie
6f7af9b8da
DBG: fixed various small issues with Zydis
...
ping @athre0z
2017-10-14 00:32:34 +02:00
Duncan Ogilvie
c9e17df1c0
DBG+LAUNCHER: correctly handle mixed mode executables
...
fixes #1758
2017-10-13 23:38:53 +02:00
8cf9f63bac
Fixing #1752
2017-10-13 19:43:33 +02:00
c5c3358c52
Add range checks for operand access ( fixes #1750 ) ( #1751 )
...
* DBG: added range checks to operand access
- previously, some instructions could trigger the `DebugBreak` path in `Zydis::operator[]`
* GUI: removed redundant semicolon
2017-10-10 21:01:59 +02:00
5b1cf81f55
zydis_wrapper: Fixed x32 build
2017-10-09 10:02:13 +02:00
3fca5c9191
Ported & renamed `cbInstrCapstone`
2017-10-09 10:02:13 +02:00
af0ff55df3
zydis_wrapper: Better compliance with style-guide
...
- Removed underscores
- Removed redundant “zy” prefix
- Executed `AStyleWhore` (sorreh, I use git on my macOS host, can’t put it into pre-commit-hook)
2017-10-09 10:02:13 +02:00
ca9401fdb7
Moved “zydis_wrapper” into root repo
...
- Instead, we directly use Zydis as a submodule now
2017-10-09 10:02:13 +02:00
4c841d85c6
Renamed `Capstone` -> `Zydis`
...
- Prevents name clashes with actual capstone disassembler implementation
2017-10-09 10:02:13 +02:00
5338a0a85b
Replace Capstone with Zydis
...
- While at it, added branch info logic to disassembler class
- Thus reduce direct checks by mnemonic in GUI and analysis code
- Replaced direct disassembler struct access with disassembler class calls where trivially possible
- Removed workarounds for empty segment registers
- Temp. disabled `cbInstrCapstone` command
- Temp. disabled flag stuff in `QBeaEngine`
2017-10-09 10:02:13 +02:00
Duncan Ogilvie
103866eafe
DBG+EXE+GUI: fixed some more sonar warnings
2017-10-08 20:19:32 +02:00
Duncan Ogilvie
57235b2f24
DBG+EXE+LAUNCHER+BRIDGE: remove _CRT_SECURE_NO_WARNINGS
2017-10-08 16:16:20 +02:00
Duncan Ogilvie
d121cd9dc2
DBG+LAUNCHER: fix exception handling in GetPeArch.h
...
Thanks to digitalboy for the report!
2017-10-05 17:08:34 +02:00
Duncan Ogilvie
ba6e6dea63
DBG: full unicode support in ResolveShortcut
2017-09-30 14:30:40 +02:00
Duncan Ogilvie
1143621eb1
DBG: make sure the debugger is signaled as initialized before loading plugins
...
Fixes #1734
2017-09-30 13:01:24 +02:00
Duncan Ogilvie
fcda76a470
DBG: fixed LibrarianEnableBreakpoint
2017-09-30 12:52:07 +02:00
7627fce15c
Tripleslash for scriptapi_misc functions
2017-09-11 15:00:30 +02:00
mrexodia
ef6bf04fb0
DBG: find the plugin name for the currently-loading plugin name (thanks to testuser!)
2017-09-07 23:04:48 +02:00
mrexodia
2d7c929c64
DBG: fixed a deadlock while unloading plugins
...
closes #1710
2017-09-06 03:50:46 +02:00
mrexodia
7c93a0ef48
DBG: QueryWorkingSetEx with GetProcAddress (restored XP support)
2017-09-04 22:57:49 +02:00
mrexodia
9cc8e779e9
DBG: some small improvements to plugin functions and added idle detection for time wasted
2017-09-04 22:57:48 +02:00
mrexodia
082bcc0937
Merge remote-tracking branch 'origin/PLMDebug' into development
2017-09-01 22:54:53 +02:00
mrexodia
037504643b
DBG+GUI: option to query the working set before attempting to read a memory page
...
workaround for http://www.triplefault.io/2017/08/detecting-debuggers-by-abusing-bad.html
2017-09-01 22:53:50 +02:00
mrexodia
4104c0a004
GUI: formatting + fixed a warning
2017-09-01 18:52:06 +02:00
fa92a9c474
Add Xref for switch cases; Follow switch cases in CPU.
2017-09-01 13:58:33 +02:00
bf43f7eb97
graph for switch statements
2017-09-01 13:58:33 +02:00
690b048c7f
breakpoint, memory and threads view support multi-select ( #1697 )
...
* breakpoint, memory and threads view support multi-select
* fixed
* use older breakpointsview
* fixed
* revert deps change
* command in reference view
* to-do
* fixed deps
2017-09-01 13:57:41 +02:00
2b4a9bc9dc
Fixes #1699 Arch-Indep-Registers ( #1700 )
...
* Arch-Indep-Registers Fix 1
* Run format.bat
2017-08-31 20:55:11 +02:00
mrexodia
80210eb9b0
LAUNCHER+DBG: add support for PID attaching + PLMDebug in the command line
...
closes #1698
2017-08-28 11:41:37 +02:00
mrexodia
d678ad1e82
DBG: fixed a warning on x64 about the cookie
2017-08-26 15:54:52 +02:00
mrexodia
88fec2a1d3
DBG: correctly remove librarian breakpoints on exit + remove hwbp on detach
2017-08-25 13:18:13 +02:00
mrexodia
fa2784792c
DBG+GUI: query the process cookie on startup ( #489 #1418 #1412 )
2017-08-25 13:17:14 +02:00
mrexodia
da77f37c4f
DBG: moved tracing code out of debugger.cpp
2017-08-25 13:14:46 +02:00
mrexodia
010a3bbf7e
DBG: better behaviour for "exhandlers" on XP
2017-08-25 13:02:37 +02:00
mrexodia
652c61f7f7
DBG+BRIDGE+GUI: warn when trying to render a graph with more than 5000 nodes
...
(closes #1321 )
2017-08-21 15:13:02 +02:00
mrexodia
1c4607e25b
DBG: change ReadBaseRelocationTable to read the relocation directory from disk instead of memory
2017-08-21 00:44:21 +02:00
mrexodia
838b03e9d9
DBG: add ModEnum to remove various bottlenecks with module loading
2017-08-21 00:41:04 +02:00
mrexodia
2bd32aee32
DBG: fixed typo in pluginreload command
2017-08-18 00:08:37 +02:00
mrexodia
ca296699b0
DBG: added plugreload command
2017-08-17 23:54:43 +02:00
8c797ef42d
Fix "requires a narrowing conversion" error when compiling with vs2015 ( #1687 )
2017-08-17 13:06:58 +02:00
mrexodia
a404f63960
DBG: fixed Script::Flags implementation
2017-08-14 16:24:29 +02:00
6587cbc564
underline relocated bytes in disassembly view ( #1683 )
...
* DBG: add relocation info to module
* GUI: underline relocated bytes
* DBG: remove unnecessary wrapper function
* DBG: store relocations in sorted vector instead of set
* GUI: warn about patches in relocation regions (closes #263 )
2017-08-14 00:17:47 +02:00
mrexodia
a64bdef223
DBG+GUI: minor fixes
2017-08-13 18:10:59 +02:00
mrexodia
f484108fd7
DBG: added MemBpSize function
2017-08-13 17:17:37 +02:00
mrexodia
1b27b951ee
DBG+BRIDGE: added more detail in the BRIDGEBP structure (in the padding so backwards-compatible)
2017-08-13 17:17:15 +02:00
mrexodia
b876d3b9f0
DBG: add memory breakpoint size (unimplemented) to breakpoint database
2017-08-13 16:27:55 +02:00
mrexodia
9fcfb5b39e
DBG: various improvements to the breakpoint api
2017-08-13 16:26:46 +02:00
mrexodia
5e9db68c71
DBG: improved performance of valapifromstring
2017-08-13 16:25:38 +02:00
mrexodia
86b623b691
DBG: add module base to label list
2017-08-13 16:24:40 +02:00
mrexodia
0cd8078256
DBG: added EnumExceptions
2017-08-13 16:23:59 +02:00
mrexodia
b79f1bd35b
DBG+GUI: implemented _plugin_menuremove and _plugin_menuentryremove
2017-08-10 20:25:18 +02:00
mrexodia
d69e9726b1
DBG+GUI: properly implemented _plugin_menuclear
2017-08-10 20:00:33 +02:00
mrexodia
9b314ef740
DBG: separate menu entries from the menus
2017-08-10 19:07:20 +02:00
mrexodia
a951d060bb
Revert "DBG: allow duplicate hEntry for _plugin_menuaddentry"
...
This reverts commit 42b9b0f9dc
2017-08-10 18:50:27 +02:00
mrexodia
42b9b0f9dc
DBG: allow duplicate hEntry for _plugin_menuaddentry
2017-08-10 18:27:55 +02:00
mrexodia
e9cfedd722
DBG: fixed an invalid handle exception
2017-08-10 06:03:04 +02:00
mrexodia
dbc6ceb3db
DBG: fixed warning on x64
2017-08-09 03:13:04 +02:00
mrexodia
2ff93e479a
DBG: set temporary labels for visited types
2017-08-09 02:41:00 +02:00
mrexodia
5a34b54fb2
DBG: show label of memory address in auto comments
2017-08-09 02:40:32 +02:00
mrexodia
f97439c9f5
DBG: introduce temp labels
2017-08-09 02:32:28 +02:00
mrexodia
5cb7917630
DBG+BRIDGE+GUI: added menu preparation plugin event
2017-08-08 01:39:04 +02:00
mrexodia
caae4a9d6a
DBG: fixed a bug in _plugin_menuclear (now it no longer deletes the menu itself)
2017-08-08 01:17:25 +02:00
mrexodia
7ab339fa3b
DBG: various small improvements
2017-08-07 19:41:32 +02:00
mrexodia
6f38e2b0f5
GUI: AA_EnableHighDpiScaling
2017-08-03 16:49:49 +02:00
mrexodia
9cdd399dde
DBG: added CFLAGS support in _scriptapi_register.h (thanks to krzywix)
2017-08-01 23:59:12 +02:00
mrexodia
43458b0881
DBG: also set pDebuggedBase and check hash on attach ( fixes #1674 )
2017-08-01 22:33:54 +02:00
b758ea6e9d
DBG: The log now indicates the name of the breakpoint set ( closes #1613 ) ( #1662 )
2017-07-27 22:53:09 +02:00
754ef54968
can use rtu ( #1660 )
2017-07-27 18:24:01 +02:00
mrexodia
db9f8c845b
DBG: remove explicit size for memset in command line
2017-07-25 13:39:23 +02:00
18979ef6e9
Fixed some unsafe code ( #1647 )
...
* Fix underflow of commandLine variable. (memset)
* Fix for integer inconsistencies
* fix for possible overflow at line 1841 of debugger.cpp. Offending code:
sprintf_s(command, "bp %p,\"DllMain (%s)\",ss", entry, modname);
2017-07-25 12:54:41 +02:00
mrexodia
73a8a93cbe
DBG+LAUNCHER: fix #1635 (.NET files are now processed correctly)
2017-07-08 18:29:13 +02:00
mrexodia
4631fbfc0f
DBG: fixed various cppcheck warnings
2017-07-06 16:15:57 +02:00
66c006d703
Small code improvement ( #1637 )
...
* Check index before array access
* fix for va_list leaks
* mismatch in new-delete pair
2017-07-04 17:26:01 +02:00
mrexodia
6a4510ce3a
DBG: bpgoto now no longer refreshes the GUI if not breaking
2017-07-03 10:43:52 +02:00
mrexodia
a2e245299a
DBG: gracefully break a trace when pausing
2017-06-30 14:41:44 +02:00
mrexodia
e5a614432f
DBG+GUI: small improvements to breakpoint log defaults
2017-06-29 15:45:52 +02:00
mrexodia
2588f7dc3e
DBG: workaround for pausing certain applications that are stuck in NtUserGetMessage
2017-06-27 03:13:32 +02:00
mrexodia
5747342938
GUI: escape unicode and ascii mnemonic characters
2017-06-25 03:00:48 +02:00
mrexodia
53841caab3
DBG: fixed a formatting problem in cbDebugLoadLib
2017-06-25 03:00:47 +02:00
ca060c17c1
Replace undocumented.h with ntdll header and libs ( #1620 )
...
* Remove undocumented.h and replace it with header and .lib files for ntdll
* Replace ntdll function typedef + GetProcAddress combos with static imports
2017-06-21 15:43:23 +02:00
mrexodia
2a73aed377
Merge branch 'development' of https://github.com/x64dbg/x64dbg into development
2017-06-07 04:26:53 +02:00
mrexodia
8ba0580626
DBG: fixed up the loadlib and freelib functions
2017-06-06 23:58:24 +02:00
32748cab5b
Fixes #1608 ( #1612 )
2017-06-01 07:40:07 +02:00
mrexodia
39b66f3b0f
DBG: switch default assembler engine to asmjit
2017-05-31 19:01:02 +02:00
mrexodia
32be2538dc
EXE+DBG: improved launcher (closes issue #1591 )
2017-05-31 15:47:08 +02:00
mrexodia
c9c0ca4c99
DBG+GUI: fixed issue #1601 (comments in scripts interfering with the log)
2017-05-26 20:35:16 +02:00
mrexodia
2fd5cedd0d
remove some TitanEngine calls
2017-05-25 03:24:29 +02:00
mrexodia
9394b06c4d
DBG: removed unnecessary TitanEngine import
2017-05-23 19:40:21 +02:00
mrexodia
ad700f9001
DBG: updated to yara 3.6.0
2017-05-23 19:09:59 +02:00
mrexodia
4f67087e55
DBG: better comments in shuntingYard
2017-05-22 19:33:56 +02:00
mrexodia
17b1fc7c01
DBG+GUI+BRIDGE: updated the floating point status/control registers with more descriptions
2017-05-16 14:40:23 +02:00
24972c0278
Improved attach dialog and messages bps ( #1589 )
...
* Some minor cpu info box enhancements
* Switch to xrefs in InfoBox and some XrefBrowseDialog improvements
* Added search boxes and saving symbols splitters and columns layout
* Using .toULongLong for both platforms
* casting added
* Added option rva addresses in graph
* Improved attach dialog and messages bps
2017-05-15 23:35:15 +02:00
mrexodia
06db8b4856
DBG: more informative memory allocation error message + fixed bug in apienumexports and apienumimports
2017-05-15 23:22:04 +02:00
mrexodia
cb2cb785ea
DBG+GUI: formatting + bigger disasm columns for string search
2017-05-11 06:18:32 +02:00
mrexodia
ad2835248b
DBG: fixed a small typo
2017-05-09 04:09:01 +02:00
mrexodia
8979ef70b0
DBG: fixed intermodular calls (closes issue #900 )
2017-05-05 18:56:38 +02:00
mrexodia
60382ae119
DBG: call DbgGetStringAt instead of disasmgetstringatwrapper
2017-05-05 18:09:01 +02:00
mrexodia
67b5c40370
BRIDGE+DBG: renamed ADDRINFO to BRIDGE_ADDRINFO
2017-05-05 18:09:00 +02:00
mrexodia
f96cb7dd9d
DBG: conversion functions from local codepage
2017-05-05 18:09:00 +02:00
mrexodia
1eed1efe4a
DBG: fixed a bug with memory caching in log strings
2017-05-04 10:22:22 +02:00
mrexodia
6680096b86
DBG: fixed command line parsing (closes issue #1576 )
2017-05-02 01:38:23 +02:00
mrexodia
b725aa63c9
DBG+LAUNCHER: better command line forwarding and escaping
2017-05-01 21:40:29 +02:00
mrexodia
4fdf3084ae
DBG: fixed a crash when loading old database files ( fixes #1573 )
2017-05-01 20:51:23 +02:00
mrexodia
771103c27a
DBG: include refactor
2017-04-29 19:45:34 +02:00
mrexodia
906cbb74cf
DBG: improved include situation for debugger.h
2017-04-29 17:49:44 +02:00
mrexodia
1ac71a8e9f
DBG: fixed some kind of race condition from calling dbghelp (fixes issue #1571 )
2017-04-29 17:19:42 +02:00
c991fc0c40
Warn the user about mismatch of database and executable ( #1570 )
2017-04-29 16:24:35 +02:00
mrexodia
f4a571a547
DBG: fixed search in modules that have section gaps
2017-04-29 01:57:46 +02:00
mrexodia
c36a5c75eb
DBG: allow changing of byte:[cip] and fs:[30] (closes issue #1558 )
2017-04-28 01:18:54 +02:00
mrexodia
8814ac8310
DBG: greatly improved format string syntax
2017-04-27 16:58:40 +02:00
mrexodia
daa05a171e
DBG: don't lose data if the program folder is not writable with 'Save Database to program directory'
2017-04-24 19:59:08 +02:00
mrexodia
039501b2fd
DBG: always store command line cache in x64dbg directory
2017-04-24 19:59:08 +02:00
mrexodia
2fd7119088
DBG: fixed problems with list enumeration
2017-04-24 00:55:53 +02:00
mrexodia
90070ef1b3
DBG: added support for basic Windows constants (currently only window messages)
2017-04-23 22:13:11 +02:00
33d482e74c
Actions added to Handles/Windows table ( #1561 )
...
- Enable/Disable window
- Follow classproc in disassembler
- Toggle bp in classproc
- Message bp in classproc (not implemented entry)
2017-04-23 00:59:15 +02:00
mrexodia
5aaa585c96
DBG+GUI: improved window proc query code
2017-04-22 04:17:05 +02:00
mrexodia
180e79ee2b
DBG+GUI: added option to go to previous/next reference
2017-04-21 02:42:32 +02:00
mrexodia
b24b7939df
DBG+BRIDGE+GUI: added refsearch.count() and refsearch.addr() expression functions
2017-04-21 02:42:01 +02:00
mrexodia
271cba4f56
DBG+GUI: option to not show source line comments
2017-04-20 21:34:09 +02:00
mrexodia
9ea3154701
DBG+GUI: formatting + small fixes
2017-04-20 21:00:37 +02:00
c9d7d15297
added string prefix, fixes #1027 ( #1556 )
2017-04-20 20:45:10 +02:00
mrexodia
aa2a4afb0f
DBG+BRIDGE+GUI: more performance improvements related to GuiSetDebugState
2017-04-20 12:06:54 +02:00
mrexodia
81fd6116b7
DBG+GUI: fixed inconsistent updating problems
2017-04-20 07:40:29 +02:00
mrexodia
4c1fd6ca09
DBG: fixed a deadlock with handling of unknown breakpoints (closes issue #1546 )
2017-04-19 21:57:20 +02:00
mrexodia
7a52b28c55
DBG+BRIDGE+GUI: plugin hotkeys
2017-04-14 08:03:52 +02:00
mrexodia
d5e224a7a5
DBG: format function improvements
2017-04-14 00:33:02 +02:00
mrexodia
444c8dffc6
DBG: added thread suspend failed message in ThreadSuspendAll
2017-04-13 17:18:23 +02:00
5ddd4eadc0
internationalization issue fixed ( #1536 )
2017-04-12 15:22:43 +02:00
mrexodia
75f8afc620
DBG: better support for generic registers in scriptapi
2017-04-11 22:12:21 +02:00
mrexodia
c3cff91b03
DBG: added generic registers to scriptapi
2017-04-11 21:06:17 +02:00
7e1eb2a8dc
Add a comment for the newly allocated memory. This comment will show in the memory map. ( #1531 )
2017-04-11 12:41:35 +02:00
mrexodia
5deef7360d
move option checking out of the loop
2017-04-11 00:38:53 +02:00
mrexodia
598fc65ea0
DBG+GUI: no longer override the section name in memory map with user comments
2017-04-11 00:20:21 +02:00
e83989fcf2
Added register LastError, and allow modifying LastError in Registers view
2017-04-11 00:20:20 +02:00
68f18feec7
added internal command to resolve #1525
2017-04-11 00:20:20 +02:00
0ab8b66d85
Improved user experience on single-core CPU
2017-04-11 00:20:20 +02:00
mrexodia
449d04eec6
DBG+GUI: workaround for slow dbghelp functions (see #747 )
2017-04-09 02:40:44 +02:00
mrexodia
cbe5130061
DBG: added DbgFunctions->GetCallStackEx
2017-04-08 15:16:38 +02:00
mrexodia
6cc5f4d849
DBG: no longer use ThreaderCreateRemoteThread
2017-04-08 15:16:38 +02:00
mrexodia
7fbb9afb82
DBG: fixed out of bounds access when loading an empty script
2017-03-23 13:39:17 +01:00
mrexodia
3df04e55d9
DBG: added mod.rva and mod.offset expression functions
2017-03-20 09:08:31 +01:00
mrexodia
4c8b1e92dd
DBG+GUI: trace log file improvements
2017-03-20 08:51:01 +01:00
mrexodia
af6bc45b2e
functions to get memory base/size/protect
2017-03-19 13:12:55 +01:00
mrexodia
52b75cdd8b
DBG: workaround for issue #1501
2017-03-19 10:41:02 +01:00
mrexodia
3fe0242598
DBG: added _plugins_logprint
2017-03-19 10:41:02 +01:00
mrexodia
a14c534282
DBG+GUI: minor improvements
2017-03-19 10:41:02 +01:00
c3554d2964
DBG: load symbols from local filesystem first ( #1502 ) ( #1504 )
2017-03-19 08:45:32 +01:00
mrexodia
e58bc13526
DBG+BRIDGE+GUI: nastry hack to force-flush the log on user commands
2017-03-18 16:45:33 +01:00
mrexodia
cb06e15d62
DBG: periodically update thread wait reasons #1470
2017-03-17 07:38:10 +01:00
mrexodia
e7d8b8d5cd
DBG: added DbgAnalyzeFunction to get a function graph
2017-03-17 07:16:30 +01:00
mrexodia
24cb79324e
DBG: added TraceSetLogFile command
2017-03-17 06:59:37 +01:00
mrexodia
d5e578ee6a
DBG+GUI+BRIDGE+PROJECT: updated AStyle and formatting
2017-03-16 03:32:09 +01:00
033a495925
Initial support for compiling with Clang/C2 from VS2017 (Clang 3.8+) ( #1498 )
2017-03-16 03:13:04 +01:00
mrexodia
6d1db38613
DBG: properly fix the GetProcAddress crash
2017-03-14 11:18:47 +01:00
mrexodia
281ccdfb4c
DBG: intercept crash on GetProcAddress (thanks to parfetka!)
2017-03-14 10:47:36 +01:00
mrexodia
f96a11fede
DBG: don't attempt to demangle C++ symbols in demanglePE32ExternCFunc
2017-03-14 09:11:02 +01:00
mrexodia
4e7a5656db
DBG: use previous context for retrieving comments
2017-03-14 08:15:32 +01:00
mrexodia
95b9579d56
DBG: workaround analysis on modules that don't have holes between sections
2017-03-14 08:14:51 +01:00
mrexodia
fe4db70717
DBG+BRIDGE+GUI: highlight indirect calls in the graph + fixed shadow in certain situations
2017-03-14 08:13:39 +01:00
mrexodia
62b8e4fe11
DBG: delete the DLL loader on exit (closes issue #1496 )
2017-03-14 06:24:54 +01:00
mrexodia
65ddc96542
DBG+GUI: updated capstone_wrapper
2017-03-13 03:23:53 +01:00
mrexodia
c758fa718b
DBG: no longer freeze on attach (by failing certain dbghelp functions if the lock cannot be acquired)
2017-03-12 21:14:06 +01:00
mrexodia
cdc19ac2c2
DBG: don't emit nop branches as branches in the graph
2017-03-12 16:56:49 +01:00
mrexodia
e13c899a47
DBG+GUI: use ',' instead of '\1' to seperate commands
2017-03-12 06:54:18 +01:00
mrexodia
c7c654c24b
DBG: implemented repeating variants of step commands
2017-03-12 06:51:46 +01:00
mrexodia
955ef47b6d
DBG: improved run command to allow run to X
2017-03-12 05:52:58 +01:00
mrexodia
1ae30cef53
DBG+GUI: added error script command
2017-03-12 05:40:07 +01:00
mrexodia
3845676b98
DBG: added argument expression functions
2017-03-12 05:07:41 +01:00
mrexodia
0b70d9b391
DBG: simplify scriptinternalcmd and make scriptload a blocking call
2017-03-12 04:45:18 +01:00
mrexodia
45640e0bfe
DBG: improved wow64 step workaround ( #1489 )
2017-03-12 03:01:37 +01:00
mrexodia
d153528481
DBG: added some expression functions
2017-03-12 03:01:37 +01:00
ac4c5c2ed8
Change cursor to 👆 where appropriate in side bar and registers view ( #1492 )
...
* fixed a crash and enable user to dblclick on folding box
* fixed when eip is in the current function it cant select
* Change cursor to 👆 where appropriate
* update translations
2017-03-12 03:00:35 +01:00
mrexodia
5796891771
DBG: add support for customized string formatting ( closes #1336 )
2017-03-11 05:41:25 +01:00
mrexodia
bfd4cf74a8
DBG: removed deprecated '@' for memory location
2017-03-11 04:10:33 +01:00
mrexodia
62d3ac7d17
DBG: added expression functions for reference view
2017-03-11 03:53:11 +01:00
mrexodia
3b754f0791
BRIDGE+GUI: adjusted behavior for GuiReferenceGetCellContent
2017-03-11 03:51:55 +01:00
mrexodia
5715e1cc27
DBG: allow a title to be specified for refinit
2017-03-11 03:41:48 +01:00
mrexodia
aaf610de54
DBG: show logged line in script info
2017-03-11 03:02:16 +01:00
mrexodia
2d605f18ea
DBG: demangle enumerated import symbols
2017-03-11 00:05:54 +01:00
mrexodia
81bf2510e9
DBG: prevent possible overflow on race condition with varget
2017-03-10 23:52:48 +01:00
mrexodia
15bbdd84de
DBG: restore breakpoints when loading database (resolves issue #1479 )
2017-03-10 23:11:51 +01:00
mrexodia
4bb5eb2dee
DBG: allow stirng formatting in labelset
2017-03-10 23:10:56 +01:00
mrexodia
448b6ac64c
DBG: refresh views in commentset
2017-03-10 23:09:36 +01:00
mrexodia
8803a50659
DBG: test for InstructionText in 'capstone' command
2017-03-10 23:08:35 +01:00
mrexodia
f66acfa410
DBG: possible cbExitThread crash
2017-03-10 21:31:19 +01:00
65b1f5a4ac
fix ( #1487 )
...
* fixed a crash and enable user to dblclick on folding box
* fixed when eip is in the current function it cant select
* Fix strange "Thread switched from 0" message when starting debuggee
2017-03-10 20:40:17 +01:00
mrexodia
92268d009d
DBG: removed unused disasmtext function
2017-03-06 17:25:08 +01:00
mrexodia
378a6c9637
DBG: added string formatting to findasm
2017-03-06 17:23:24 +01:00
mrexodia
c4841639e2
DBG+GUI: call stack improvements (closes pull request #1478 )
2017-03-04 19:47:44 +01:00
mrexodia
9d71bd3b73
DBG: remove redundant SymEnumerateModules64 dbghelp import
2017-03-01 23:24:00 +01:00
mrexodia
f71b7610b0
DBG: performance improvement with saving/loading databases
2017-02-28 23:21:42 +01:00
mrexodia
6e189010d2
DBG: cache file for the command line in the database (~2x performance improvement on big databases)
2017-02-28 05:42:29 +01:00
mrexodia
aae9953c6d
DBG: fixed various crashes with very big labels in the call stack (they are now truncated instead, thanks to AlexAltea!)
2017-02-28 05:02:16 +01:00
mrexodia
e63874c6bd
DBG: fixed some unclear behaviour and crashes in dbgsetcmdline
2017-02-28 05:00:54 +01:00
mrexodia
01d46dd036
DBG+GUI: check if DEP is enabled before warning about operations on non-code pages
2017-02-26 22:42:52 +01:00
mrexodia
df0c75ac03
DBG: support for symbol displacement ( #1478 )
2017-02-26 01:14:50 +01:00
mrexodia
2736885c09
DBG: improvement for issue #1475 (cache misses on thread creation when reading the stack)
2017-02-25 23:12:58 +01:00
mrexodia
b438872319
DBG: drastically improved loop manipulation performance
2017-02-24 20:43:48 +01:00
mrexodia
9e30cc7c3e
DBG: improve range comparison functions
2017-02-24 19:48:00 +01:00
mrexodia
4f704b81bb
DBG+GUI: fixed some warnings
2017-02-24 19:39:32 +01:00
mrexodia
bf3ccd7e0b
DBG: significant memory usage improvements for database (~5x less memory used)
2017-02-24 19:38:48 +01:00
71130601ee
Add wait reason to threads list ( #1470 )
...
* Implement ThreadGetWaitReason
* Get the wait reason for all threads at once in ThreadGetWaitReason to limit the number of NtQuerySystemInformation calls to 1 per refresh
2017-02-22 19:30:18 +01:00
mrexodia
861686f91e
DBG: allow string formatting in the 'asm' command #1416
2017-02-21 19:52:09 +01:00
mrexodia
6b3d1e71da
DBG: include the member name in struct visiting
2017-02-18 20:35:53 +01:00
mrexodia
e83524461c
DBG: correctly enumerate imports as IAT addresses
2017-02-18 20:35:20 +01:00
b4bc8546a8
Do not add breakpoint if SetBPX fails. ( #1460 )
...
* call SetBPX before BpNew in cbDebugSetBPX to prevent failed bps from being added to the bp map.
* revert previous change. Call BpDelete if SetBPX failed.
* remove commented code.
2017-02-18 14:03:54 +01:00
1ae3b7d178
handles and windows view ( #1417 )
...
* handles and windows view
* use references view for heap, cleaned up
* fix #1424 use decimal pid and tid
* thread name in windows view
* fix something when not debugging
* heaps view hidden
2017-02-18 13:56:59 +01:00
mrexodia
8e0a779b20
DBG: correctly enforce reads/writes on page boundaries ( closes #1446 )
2017-02-05 20:45:06 +01:00
mrexodia
48df1c4c2c
DBG: updated savedata behavior
2017-02-05 20:31:17 +01:00
mrexodia
5a0a932524
DBG: slightly improved import parsing ( #1455 )
2017-02-05 20:16:47 +01:00
mrexodia
8788d66cf5
DBG: improved exinfo and capstone commands
2017-02-04 06:04:36 +01:00
mrexodia
003260c2dd
DBG: dont crash on strcpy_s when user-provided sizes
2017-01-31 16:08:10 +01:00
cc01ae09a0
fix MemRead to only return true if NumberOfBytesRead is equal to the requested read size ( #1426 )
...
* fix MemRead to only return true if NumberOfBytesRead is equal to the requested read size
* preserve Size arg value
* adjust readSize before page loop in MemRead
2017-01-18 22:42:45 +01:00
5d36e73033
fixed multiple session process cookie bug when MemInitRemoteProcessCookie fails before brute-force loop ( #1418 )
2017-01-18 14:42:53 +01:00
mrexodia
0b18f65653
DBG: don't clear patches unless the debuggee is terminating ( fixes #1419 )
2017-01-18 14:40:46 +01:00
mrexodia
9118d7f9d8
DBG: various small improvements to the mov command
2017-01-10 20:30:54 +01:00
6c9eb3d6e3
Remote process cookie support for Windows XP/Vista/7 ( #1412 )
...
* added MemInitRemoteProcessCookie and memory.cpp global fallbackCookie
* changed sizeof arg for MemRead
2017-01-10 12:21:07 +01:00
mrexodia
415fe99871
DBG: support multiple string references in one instruction
2017-01-10 12:19:04 +01:00
mrexodia
9f7f649f7e
DBG+GUI: implemented trace switch condition
2017-01-10 12:14:01 +01:00
mrexodia
6f92218437
DBG: todo note
2017-01-10 10:35:50 +01:00
mrexodia
0f4a5fa074
DBG: workaround for a bug/feature in WOW64 that breaks stepping
2017-01-10 10:34:51 +01:00
mrexodia
ee3af0a2df
DBG+BRIDGE+GUI: fixed possible out-of-range access related to data disassembly
2017-01-10 10:16:49 +01:00
mrexodia
0767d74ef2
DBG+GUI: fixed various @coverity issues
2017-01-09 01:10:43 +01:00
mrexodia
94b2280e59
DBG: fixed memory leak with analyze_nukem
2017-01-08 23:43:55 +01:00
mrexodia
0c5a1a89f0
DBG: fixed restart as admin with spaces in the path
2017-01-08 23:32:58 +01:00
mrexodia
db44e0b24d
DBG: updated TitanEngine (resolves issue #1190 ) thanks to @nmikhailov
2017-01-07 16:59:51 +01:00
mrexodia
37fe2150e9
GUI: properly fixed #1408
2017-01-06 11:34:43 +01:00
mrexodia
04a97b51d6
DBG: fixed default trace condition
2017-01-05 02:31:45 +01:00
mrexodia
42978d6359
DBG: fixed small spacing issue in window title
2017-01-04 03:04:07 +01:00
mrexodia
b8cf80a32f
BRIDGE+DBG: added apis to access TEB/PEB
2017-01-03 23:36:57 +01:00
mrexodia
53f300b32a
DBG: SIZE_T -> duint
2017-01-03 15:28:49 +01:00
16f0c9871c
fix incorrectly restored page protection for cross-boundary memory reads ( #1406 )
...
* added a VirtualQueryEx check to MemRead to prevent reads which span multiple memory regions
* replaced VirtualQueryEx check with code to calc # page reads based on base address
2017-01-02 20:44:07 +01:00
mrexodia
598b476132
DBG: further improved string detection heuristics
2017-01-02 13:36:42 +01:00
mrexodia
4ba4bcce1c
DBG: removed restrictive heuristic for string detection
2017-01-02 13:25:51 +01:00
torusrxxx
Duncan Ogilvie
Mattiwatti
Mack Stump
Joel Höner
roL
Rajarshi Vaidya aka gmastergreatee
Georgeto
pointerrrr
genuine_
Maksim Derbasov
Matthijs Lavrijsen
ThunderCls
kkthx
Stanisław Halik
changeofpace