mirror of
https://github.com/radareorg/radare2.git
synced 2024-11-23 13:19:54 +00:00
Use dynamic api resolution on windows builds for better portability ##windows
* Single implementation in r_util, used across io and debug
This commit is contained in:
pancake
pancake
parent
6eb734fb95
commit
190d809466
2
.github/workflows/tcc.yml
vendored
2
.github/workflows/tcc.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: TCC
|
||||
name: tcc
|
||||
|
||||
on:
|
||||
push:
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* radare - LGPL - Copyright 2009-2020 - pancake, nibble */
|
||||
/* radare - LGPL - Copyright 2009-2021 - pancake, nibble */
|
||||
|
||||
#include <r_anal.h>
|
||||
#include <r_sign.h>
|
||||
@ -1035,7 +1035,7 @@ R_API bool r_sign_add_addr(RAnal *a, const char *name, ut64 addr) {
|
||||
|
||||
RSignItem *it = r_sign_item_new ();
|
||||
if (!it) {
|
||||
return NULL;
|
||||
return false;
|
||||
}
|
||||
it->name = r_str_new (name);
|
||||
it->space = r_spaces_current (&a->zign_spaces);
|
||||
@ -2671,7 +2671,7 @@ R_API bool r_sign_resolve_collisions(RAnal *a) {
|
||||
r_return_val_if_fail (a, false);
|
||||
RPVector *sigs = r_pvector_new ((RPVectorFree)r_sign_item_free);
|
||||
if (!sigs) {
|
||||
return NULL;
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!r_sign_foreach_nofree (a, _sig_to_vec_cb, (void *)sigs)) {
|
||||
|
||||
@ -2757,6 +2757,7 @@ static void ev_iowrite_cb(REvent *ev, int type, void *user, void *data) {
|
||||
}
|
||||
|
||||
R_API bool r_core_init(RCore *core) {
|
||||
r_w32_init ();
|
||||
core->blocksize = R_CORE_BLOCKSIZE;
|
||||
core->block = (ut8 *)calloc (R_CORE_BLOCKSIZE + 1, 1);
|
||||
if (!core->block) {
|
||||
|
||||
@ -230,7 +230,10 @@ static void proc_mem_img(HANDLE h_proc, RList *map_list, RList *mod_list, RWinMo
|
||||
static void proc_mem_map(HANDLE h_proc, RList *map_list, MEMORY_BASIC_INFORMATION *mbi) {
|
||||
TCHAR f_name[MAX_PATH + 1];
|
||||
|
||||
DWORD len = GetMappedFileName (h_proc, mbi->BaseAddress, f_name, MAX_PATH);
|
||||
DWORD len = 0;
|
||||
if (w32_GetMappedFileName) {
|
||||
w32_GetMappedFileName (h_proc, mbi->BaseAddress, f_name, MAX_PATH);
|
||||
}
|
||||
if (len > 0) {
|
||||
char *f_name_ = r_sys_conv_win_to_utf8 (f_name);
|
||||
add_map_reg (map_list, f_name_, mbi);
|
||||
|
||||
@ -1,115 +1,5 @@
|
||||
#include "w32.h"
|
||||
|
||||
static bool w32dbg_SeDebugPrivilege(void) {
|
||||
/////////////////////////////////////////////////////////
|
||||
// Note: Enabling SeDebugPrivilege adapted from sample
|
||||
// MSDN @ http://msdn.microsoft.com/en-us/library/aa446619%28VS.85%29.aspx
|
||||
// Enable SeDebugPrivilege
|
||||
bool ret = true;
|
||||
TOKEN_PRIVILEGES tokenPriv;
|
||||
HANDLE hToken = NULL;
|
||||
LUID luidDebug;
|
||||
if (!OpenProcessToken (GetCurrentProcess (),
|
||||
TOKEN_ADJUST_PRIVILEGES, &hToken))
|
||||
return false;
|
||||
|
||||
if (!LookupPrivilegeValue (NULL, SE_DEBUG_NAME, &luidDebug)) {
|
||||
CloseHandle (hToken);
|
||||
return false;
|
||||
}
|
||||
|
||||
tokenPriv.PrivilegeCount = 1;
|
||||
tokenPriv.Privileges[0].Luid = luidDebug;
|
||||
tokenPriv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
|
||||
if (AdjustTokenPrivileges (hToken, FALSE, &tokenPriv, 0, NULL, NULL) != FALSE) {
|
||||
if (tokenPriv.Privileges[0].Attributes == SE_PRIVILEGE_ENABLED) {
|
||||
// eprintf ("PRIV ENABLED\n");
|
||||
}
|
||||
// Always successful, even in the cases which lead to OpenProcess failure
|
||||
// eprintf ("Successfully changed token privileges.\n");
|
||||
// XXX if we cant get the token nobody tells?? wtf
|
||||
} else {
|
||||
eprintf ("Failed to change token privileges 0x%x\n", (int)GetLastError());
|
||||
ret = false;
|
||||
}
|
||||
CloseHandle (hToken);
|
||||
return ret;
|
||||
}
|
||||
|
||||
int w32_dbg_init(void) {
|
||||
HANDLE lib;
|
||||
|
||||
// escalate privs (required for win7/vista)
|
||||
w32dbg_SeDebugPrivilege ();
|
||||
// lookup function pointers for portability
|
||||
w32_DebugActiveProcessStop = (BOOL (WINAPI *)(DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")),
|
||||
"DebugActiveProcessStop");
|
||||
w32_OpenThread = (HANDLE (WINAPI *)(DWORD, BOOL, DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "OpenThread");
|
||||
w32_OpenProcess = (HANDLE (WINAPI *)(DWORD, BOOL, DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "OpenProcess");
|
||||
w32_DebugBreakProcess = (BOOL (WINAPI *)(HANDLE))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")),
|
||||
"DebugBreakProcess");
|
||||
w32_CreateToolhelp32Snapshot = (HANDLE (WINAPI *)(DWORD, DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")),
|
||||
"CreateToolhelp32Snapshot");
|
||||
// only windows vista :(
|
||||
w32_GetThreadId = (DWORD (WINAPI *)(HANDLE))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "GetThreadId");
|
||||
// from xp1
|
||||
w32_GetProcessId = (DWORD (WINAPI *)(HANDLE))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "GetProcessId");
|
||||
w32_QueryFullProcessImageName = (BOOL (WINAPI *)(HANDLE, DWORD, LPTSTR, PDWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), W32_TCALL ("QueryFullProcessImageName"));
|
||||
// api to retrieve YMM from w7 sp1
|
||||
w32_GetEnabledXStateFeatures = (ut64 (WINAPI *) ())
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "GetEnabledXStateFeatures");
|
||||
w32_InitializeContext = (BOOL (WINAPI *) (PVOID, DWORD, PCONTEXT*, PDWORD))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "InitializeContext");
|
||||
w32_GetXStateFeaturesMask = (BOOL (WINAPI *) (PCONTEXT Context, PDWORD64))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "GetXStateFeaturesMask");
|
||||
w32_LocateXStateFeature = (PVOID (WINAPI *) (PCONTEXT Context, DWORD ,PDWORD))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "LocateXStateFeature");
|
||||
w32_SetXStateFeaturesMask = (BOOL (WINAPI *) (PCONTEXT Context, DWORD64))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "SetXStateFeaturesMask");
|
||||
lib = LoadLibrary (TEXT("psapi.dll"));
|
||||
if(!lib) {
|
||||
eprintf ("Cannot load psapi.dll. Aborting\n");
|
||||
return false;
|
||||
}
|
||||
w32_GetMappedFileName = (DWORD (WINAPI *)(HANDLE, LPVOID, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetMappedFileName"));
|
||||
w32_GetModuleBaseName = (DWORD (WINAPI *)(HANDLE, HMODULE, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetModuleBaseName"));
|
||||
w32_GetModuleInformation = (BOOL (WINAPI *)(HANDLE, HMODULE, LPMODULEINFO, DWORD))
|
||||
GetProcAddress (lib, "GetModuleInformation");
|
||||
w32_GetModuleFileNameEx = (DWORD (WINAPI *)(HANDLE, HMODULE, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetModuleFileNameEx"));
|
||||
lib = LoadLibrary (TEXT("ntdll.dll"));
|
||||
w32_NtQuerySystemInformation = (NTSTATUS (WINAPI *)(ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQuerySystemInformation");
|
||||
w32_NtDuplicateObject = (NTSTATUS (WINAPI *)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG))
|
||||
GetProcAddress (lib, "NtDuplicateObject");
|
||||
w32_NtQueryObject = (NTSTATUS (WINAPI *)(HANDLE, ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress(lib,"NtQueryObject");
|
||||
w32_NtQueryInformationThread = (NTSTATUS (WINAPI *)(HANDLE, ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQueryInformationThread");
|
||||
if (!w32_DebugActiveProcessStop || !w32_OpenThread || !w32_DebugBreakProcess ||
|
||||
!w32_GetModuleBaseName || !w32_GetModuleInformation) {
|
||||
// OOPS!
|
||||
eprintf ("debug_init_calls:\n"
|
||||
"DebugActiveProcessStop: 0x%p\n"
|
||||
"OpenThread: 0x%p\n"
|
||||
"DebugBreakProcess: 0x%p\n"
|
||||
"GetThreadId: 0x%p\n",
|
||||
w32_DebugActiveProcessStop, w32_OpenThread, w32_DebugBreakProcess, w32_GetThreadId);
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
#if 0
|
||||
static HANDLE w32_t2h(pid_t tid) {
|
||||
TH_INFO *th = get_th (tid);
|
||||
|
||||
@ -8,9 +8,6 @@
|
||||
#ifndef NTSTATUS
|
||||
#define NTSTATUS DWORD
|
||||
#endif
|
||||
#ifndef WINAPI
|
||||
#define WINAPI
|
||||
#endif
|
||||
|
||||
// XXX remove
|
||||
#define WIN32_PI(x) x
|
||||
@ -90,29 +87,6 @@ typedef struct {
|
||||
DWORD dwExitCode;
|
||||
} THREAD_ITEM, *PTHREAD_ITEM;
|
||||
|
||||
DWORD (WINAPI *w32_GetModuleBaseName)(HANDLE, HMODULE, LPTSTR, DWORD);
|
||||
BOOL (WINAPI *w32_GetModuleInformation)(HANDLE, HMODULE, LPMODULEINFO, DWORD);
|
||||
BOOL (WINAPI *w32_DebugActiveProcessStop)(DWORD);
|
||||
HANDLE (WINAPI *w32_OpenThread)(DWORD, BOOL, DWORD);
|
||||
BOOL (WINAPI *w32_DebugBreakProcess)(HANDLE);
|
||||
DWORD (WINAPI *w32_GetThreadId)(HANDLE); // Vista
|
||||
DWORD (WINAPI *w32_GetProcessId)(HANDLE); // XP
|
||||
HANDLE (WINAPI *w32_OpenProcess)(DWORD, BOOL, DWORD);
|
||||
BOOL (WINAPI *w32_QueryFullProcessImageName)(HANDLE, DWORD, LPTSTR, PDWORD);
|
||||
DWORD (WINAPI *w32_GetMappedFileName)(HANDLE, LPVOID, LPTSTR, DWORD);
|
||||
NTSTATUS (WINAPI *w32_NtQuerySystemInformation)(ULONG, PVOID, ULONG, PULONG);
|
||||
NTSTATUS (WINAPI *w32_NtQueryInformationThread)(HANDLE, ULONG, PVOID, ULONG, PULONG);
|
||||
NTSTATUS (WINAPI *w32_NtDuplicateObject)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG);
|
||||
NTSTATUS (WINAPI *w32_NtQueryObject)(HANDLE, ULONG, PVOID, ULONG, PULONG);
|
||||
// fpu access API
|
||||
ut64 (WINAPI *w32_GetEnabledXStateFeatures)();
|
||||
BOOL (WINAPI *w32_InitializeContext)(PVOID, DWORD, PCONTEXT*, PDWORD);
|
||||
BOOL (WINAPI *w32_GetXStateFeaturesMask)(PCONTEXT Context, PDWORD64);
|
||||
PVOID (WINAPI *w32_LocateXStateFeature)(PCONTEXT Context, DWORD, PDWORD);
|
||||
BOOL (WINAPI *w32_SetXStateFeaturesMask)(PCONTEXT Context, DWORD64);
|
||||
DWORD (WINAPI *w32_GetModuleFileNameEx)(HANDLE, HMODULE, LPTSTR, DWORD);
|
||||
HANDLE (WINAPI *w32_CreateToolhelp32Snapshot)(DWORD, DWORD);
|
||||
|
||||
#ifndef XSTATE_GSSE
|
||||
#define XSTATE_GSSE 2
|
||||
#endif
|
||||
@ -145,4 +119,4 @@ RList *w32_pids(int pid, RList *list);
|
||||
RList *w32_thread_list(int pid, RList *list);
|
||||
bool is_pe_hdr(unsigned char *pe_hdr);
|
||||
#include "maps/windows_maps.h"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
@ -12,26 +12,6 @@ static PLIB_ITEM last_lib = NULL;
|
||||
|
||||
#define w32_PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xFFF)
|
||||
#define w32_THREAD_ALL_ACCESS w32_PROCESS_ALL_ACCESS
|
||||
bool setup_debug_privileges(bool b) {
|
||||
HANDLE tok;
|
||||
if (!OpenProcessToken (GetCurrentProcess (), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &tok)) {
|
||||
return false;
|
||||
}
|
||||
bool ret = false;
|
||||
LUID luid;
|
||||
if (LookupPrivilegeValue (NULL, SE_DEBUG_NAME, &luid)) {
|
||||
TOKEN_PRIVILEGES tp;
|
||||
tp.PrivilegeCount = 1;
|
||||
tp.Privileges[0].Luid = luid;
|
||||
tp.Privileges[0].Attributes = b ? SE_PRIVILEGE_ENABLED : 0;
|
||||
if (AdjustTokenPrivileges (tok, FALSE, &tp, 0, NULL, NULL)) {
|
||||
// TODO: handle ERROR_NOT_ALL_ASSIGNED
|
||||
ret = GetLastError () == ERROR_SUCCESS;
|
||||
}
|
||||
}
|
||||
CloseHandle (tok);
|
||||
return ret;
|
||||
}
|
||||
|
||||
int w32_init(RDebug *dbg) {
|
||||
W32DbgWInst *wrap = dbg->user;
|
||||
@ -42,106 +22,9 @@ int w32_init(RDebug *dbg) {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
// escalate privs (required for win7/vista)
|
||||
setup_debug_privileges (true);
|
||||
|
||||
HMODULE lib = GetModuleHandle (TEXT ("kernel32")); //Always loaded
|
||||
if (!lib) {
|
||||
return false;
|
||||
}
|
||||
// lookup function pointers for portability
|
||||
w32_DebugActiveProcessStop = (BOOL (WINAPI *) (DWORD))
|
||||
GetProcAddress (lib, "DebugActiveProcessStop");
|
||||
|
||||
w32_OpenThread = (HANDLE (WINAPI *) (DWORD, BOOL, DWORD))
|
||||
GetProcAddress (lib, "OpenThread");
|
||||
|
||||
w32_OpenProcess = (HANDLE (WINAPI *) (DWORD, BOOL, DWORD))
|
||||
GetProcAddress (lib, "OpenProcess");
|
||||
|
||||
w32_DebugBreakProcess = (BOOL (WINAPI *) (HANDLE))
|
||||
GetProcAddress (lib, "DebugBreakProcess");
|
||||
|
||||
w32_CreateToolhelp32Snapshot = (HANDLE (WINAPI *) (DWORD, DWORD))
|
||||
GetProcAddress (lib, "CreateToolhelp32Snapshot");
|
||||
|
||||
// only windows vista :(
|
||||
w32_GetThreadId = (DWORD (WINAPI *) (HANDLE))
|
||||
GetProcAddress (lib, "GetThreadId");
|
||||
|
||||
// from xp1
|
||||
w32_GetProcessId = (DWORD (WINAPI *) (HANDLE))
|
||||
GetProcAddress (lib, "GetProcessId");
|
||||
|
||||
w32_QueryFullProcessImageName = (BOOL (WINAPI *) (HANDLE, DWORD, LPTSTR, PDWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("QueryFullProcessImageName"));
|
||||
|
||||
// api to retrieve YMM from w7 sp1
|
||||
w32_GetEnabledXStateFeatures = (ut64 (WINAPI *) ())
|
||||
GetProcAddress (lib, "GetEnabledXStateFeatures");
|
||||
|
||||
w32_InitializeContext = (BOOL (WINAPI *) (PVOID, DWORD, PCONTEXT *, PDWORD))
|
||||
GetProcAddress (lib, "InitializeContext");
|
||||
|
||||
w32_GetXStateFeaturesMask = (BOOL (WINAPI *) (PCONTEXT Context, PDWORD64))
|
||||
GetProcAddress (lib, "GetXStateFeaturesMask");
|
||||
|
||||
w32_LocateXStateFeature = (PVOID (WINAPI *) (PCONTEXT Context, DWORD, PDWORD))
|
||||
GetProcAddress (lib, "LocateXStateFeature");
|
||||
|
||||
w32_SetXStateFeaturesMask = (BOOL (WINAPI *) (PCONTEXT Context, DWORD64))
|
||||
GetProcAddress (lib, "SetXStateFeaturesMask");
|
||||
|
||||
lib = LoadLibrary (TEXT ("psapi.dll"));
|
||||
if (!lib) {
|
||||
eprintf ("Cannot load psapi.dll. Aborting\n");
|
||||
return false;
|
||||
}
|
||||
w32_GetMappedFileName = (DWORD (WINAPI *) (HANDLE, LPVOID, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetMappedFileName"));
|
||||
|
||||
w32_GetModuleBaseName = (DWORD (WINAPI *) (HANDLE, HMODULE, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetModuleBaseName"));
|
||||
|
||||
w32_GetModuleInformation = (BOOL (WINAPI *) (HANDLE, HMODULE, LPMODULEINFO, DWORD))
|
||||
GetProcAddress (lib, "GetModuleInformation");
|
||||
|
||||
w32_GetModuleFileNameEx = (DWORD (WINAPI *) (HANDLE, HMODULE, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetModuleFileNameEx"));
|
||||
|
||||
lib = LoadLibrary (TEXT ("ntdll.dll"));
|
||||
if (!lib) {
|
||||
eprintf ("Cannot load ntdll.dll. Aborting\n");
|
||||
return false;
|
||||
}
|
||||
w32_NtQuerySystemInformation = (NTSTATUS (WINAPI *) (ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQuerySystemInformation");
|
||||
|
||||
w32_NtDuplicateObject = (NTSTATUS (WINAPI *) (HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG))
|
||||
GetProcAddress (lib, "NtDuplicateObject");
|
||||
|
||||
w32_NtQueryObject = (NTSTATUS (WINAPI *) (HANDLE, ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQueryObject");
|
||||
|
||||
w32_NtQueryInformationThread = (NTSTATUS (WINAPI *) (HANDLE, ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQueryInformationThread");
|
||||
|
||||
if (!w32_DebugActiveProcessStop || !w32_OpenThread || !w32_DebugBreakProcess ||
|
||||
!w32_GetModuleBaseName || !w32_GetModuleInformation) {
|
||||
// OOPS!
|
||||
eprintf ("debug_init_calls:\n"
|
||||
"DebugActiveProcessStop: 0x%p\n"
|
||||
"OpenThread: 0x%p\n"
|
||||
"DebugBreakProcess: 0x%p\n"
|
||||
"GetThreadId: 0x%p\n",
|
||||
w32_DebugActiveProcessStop, w32_OpenThread, w32_DebugBreakProcess, w32_GetThreadId);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
r_w32_init ();
|
||||
}
|
||||
|
||||
|
||||
static int __w32_findthread_cmp(int *tid, PTHREAD_ITEM th) {
|
||||
return (int)!(*tid == th->tid);
|
||||
}
|
||||
@ -562,7 +445,7 @@ static char *__get_file_name_from_handle(HANDLE handle_file) {
|
||||
}
|
||||
/* Create a file mapping to get the file name. */
|
||||
map = MapViewOfFile (handle_file_map, FILE_MAP_READ, 0, 0, 1);
|
||||
if (!map || !GetMappedFileName (GetCurrentProcess (), map, filename, MAX_PATH)) {
|
||||
if (!map || !w32_GetMappedFileName || !w32_GetMappedFileName (GetCurrentProcess (), map, filename, MAX_PATH)) {
|
||||
R_FREE (filename);
|
||||
goto err_get_file_name_from_handle;
|
||||
}
|
||||
@ -614,7 +497,7 @@ static char *__resolve_path(HANDLE ph, HANDLE mh) {
|
||||
// TODO: add maximum path length support
|
||||
const DWORD maxlength = MAX_PATH;
|
||||
TCHAR filename[MAX_PATH];
|
||||
DWORD length = GetModuleFileNameEx (ph, mh, filename, maxlength);
|
||||
DWORD length = w32_GetModuleFileNameEx (ph, mh, filename, maxlength);
|
||||
if (length > 0) {
|
||||
return r_sys_conv_win_to_utf8 (filename);
|
||||
}
|
||||
|
||||
@ -9,8 +9,6 @@
|
||||
|
||||
#include <r_types.h>
|
||||
#include <r_debug.h>
|
||||
#include <psapi.h>
|
||||
|
||||
#include <windows.h>
|
||||
#include <tlhelp32.h> // CreateToolhelp32Snapshot
|
||||
#include <psapi.h> // GetModuleFileNameEx, GetProcessImageFileName
|
||||
@ -118,29 +116,6 @@ typedef struct{
|
||||
char *Name;
|
||||
} LIB_ITEM, *PLIB_ITEM;
|
||||
|
||||
DWORD (WINAPI *w32_GetModuleBaseName)(HANDLE, HMODULE, LPTSTR, DWORD);
|
||||
BOOL (WINAPI *w32_GetModuleInformation)(HANDLE, HMODULE, LPMODULEINFO, DWORD);
|
||||
BOOL (WINAPI *w32_DebugActiveProcessStop)(DWORD);
|
||||
HANDLE (WINAPI *w32_OpenThread)(DWORD, BOOL, DWORD);
|
||||
BOOL (WINAPI *w32_DebugBreakProcess)(HANDLE);
|
||||
DWORD (WINAPI *w32_GetThreadId)(HANDLE); // Vista
|
||||
DWORD (WINAPI *w32_GetProcessId)(HANDLE); // XP
|
||||
HANDLE (WINAPI *w32_OpenProcess)(DWORD, BOOL, DWORD);
|
||||
BOOL (WINAPI *w32_QueryFullProcessImageName)(HANDLE, DWORD, LPTSTR, PDWORD);
|
||||
DWORD (WINAPI *w32_GetMappedFileName)(HANDLE, LPVOID, LPTSTR, DWORD);
|
||||
NTSTATUS (WINAPI *w32_NtQuerySystemInformation)(ULONG, PVOID, ULONG, PULONG);
|
||||
NTSTATUS (WINAPI *w32_NtQueryInformationThread)(HANDLE, ULONG, PVOID, ULONG, PULONG);
|
||||
NTSTATUS (WINAPI *w32_NtDuplicateObject)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG);
|
||||
NTSTATUS (WINAPI *w32_NtQueryObject)(HANDLE, ULONG, PVOID, ULONG, PULONG);
|
||||
// fpu access API
|
||||
ut64 (WINAPI *w32_GetEnabledXStateFeatures)();
|
||||
BOOL (WINAPI *w32_InitializeContext)(PVOID, DWORD, PCONTEXT*, PDWORD);
|
||||
BOOL (WINAPI *w32_GetXStateFeaturesMask)(PCONTEXT Context, PDWORD64);
|
||||
PVOID (WINAPI *w32_LocateXStateFeature)(PCONTEXT Context, DWORD, PDWORD);
|
||||
BOOL (WINAPI *w32_SetXStateFeaturesMask)(PCONTEXT Context, DWORD64);
|
||||
DWORD (WINAPI *w32_GetModuleFileNameEx)(HANDLE, HMODULE, LPTSTR, DWORD);
|
||||
HANDLE (WINAPI *w32_CreateToolhelp32Snapshot)(DWORD, DWORD);
|
||||
|
||||
// APIs
|
||||
int w32_init(RDebug *dbg);
|
||||
|
||||
@ -167,4 +142,4 @@ RDebugInfo *w32_info(RDebug *dbg, const char *arg);
|
||||
RList *w32_pid_list(RDebug *dbg, int pid, RList *list);
|
||||
|
||||
RList *w32_desc_list(int pid);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
@ -77,6 +77,7 @@ int gettimeofday (struct timeval* p, void* tz);
|
||||
#include "r_util/r_pkcs7.h"
|
||||
#include "r_util/r_protobuf.h"
|
||||
#include "r_util/r_big.h"
|
||||
#include "r_util/r_w32.h"
|
||||
#include "r_util/r_axml.h"
|
||||
// requires io, core, ... #include "r_util/r_print.h"
|
||||
|
||||
|
||||
@ -142,6 +142,7 @@ R_API char *r_syscmd_join(const char *file1, const char *file2);
|
||||
R_API char *r_syscmd_sort(const char *file);
|
||||
|
||||
R_API ut8 *r_sys_unxz (const ut8 *data, size_t len, size_t *olen);
|
||||
R_API bool r_w32_init(void);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
|
||||
45
libr/include/r_util/r_w32.h
Normal file
45
libr/include/r_util/r_w32.h
Normal file
@ -0,0 +1,45 @@
|
||||
#ifndef R_W32_H
|
||||
#define R_W32_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if __WINDOWS__
|
||||
#include <windows.h> // CreateToolhelp32Snapshot
|
||||
#include <tlhelp32.h> // CreateToolhelp32Snapshot
|
||||
#include <psapi.h> // GetModuleFileNameEx, GetProcessImageFileName
|
||||
|
||||
#ifndef NTSTATUS
|
||||
#define NTSTATUS DWORD
|
||||
#endif
|
||||
|
||||
R_API DWORD (*w32_GetModuleBaseName)(HANDLE, HMODULE, LPTSTR, DWORD);
|
||||
R_API BOOL (*w32_GetModuleInformation)(HANDLE, HMODULE, LPMODULEINFO, DWORD);
|
||||
R_API BOOL (*w32_DebugActiveProcessStop)(DWORD);
|
||||
R_API HANDLE (*w32_OpenThread)(DWORD, BOOL, DWORD);
|
||||
R_API BOOL (*w32_DebugBreakProcess)(HANDLE);
|
||||
R_API DWORD (*w32_GetThreadId)(HANDLE); // Vista
|
||||
R_API DWORD (*w32_GetProcessId)(HANDLE); // XP
|
||||
R_API HANDLE (*w32_OpenProcess)(DWORD, BOOL, DWORD);
|
||||
R_API BOOL (*w32_QueryFullProcessImageName)(HANDLE, DWORD, LPTSTR, PDWORD);
|
||||
R_API DWORD (*w32_GetMappedFileName)(HANDLE, LPVOID, LPTSTR, DWORD);
|
||||
R_API NTSTATUS (*w32_NtQuerySystemInformation)(ULONG, PVOID, ULONG, PULONG);
|
||||
R_API NTSTATUS (*w32_NtQueryInformationThread)(HANDLE, ULONG, PVOID, ULONG, PULONG);
|
||||
R_API NTSTATUS (*w32_NtDuplicateObject)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG);
|
||||
R_API NTSTATUS (*w32_NtQueryObject)(HANDLE, ULONG, PVOID, ULONG, PULONG);
|
||||
R_API // fpu access API
|
||||
R_API ut64 (*w32_GetEnabledXStateFeatures)(void);
|
||||
R_API BOOL (*w32_InitializeContext)(PVOID, DWORD, PCONTEXT*, PDWORD);
|
||||
R_API BOOL (*w32_GetXStateFeaturesMask)(PCONTEXT Context, PDWORD64);
|
||||
R_API PVOID (*w32_LocateXStateFeature)(PCONTEXT Context, DWORD, PDWORD);
|
||||
R_API BOOL (*w32_SetXStateFeaturesMask)(PCONTEXT Context, DWORD64);
|
||||
R_API DWORD (*w32_GetModuleFileNameEx)(HANDLE, HMODULE, LPTSTR, DWORD);
|
||||
R_API HANDLE (*w32_CreateToolhelp32Snapshot)(DWORD, DWORD);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif // R_W32_H
|
||||
@ -239,7 +239,7 @@ static int update_self_regions(RIO *io, int pid) {
|
||||
perm |= mbi.Protect & PAGE_EXECUTE_READ ? R_PERM_RX : 0;
|
||||
perm |= mbi.Protect & PAGE_EXECUTE_READWRITE ? R_PERM_RWX : 0;
|
||||
perm = mbi.Protect & PAGE_NOACCESS ? 0 : perm;
|
||||
if (perm && !GetMappedFileName (h, (LPVOID) mbi.BaseAddress, name, name_size)) {
|
||||
if (perm && w32_GetMappedFileName && !w32_GetMappedFileName (h, (LPVOID) mbi.BaseAddress, name, name_size)) {
|
||||
name[0] = '\0';
|
||||
}
|
||||
self_sections[self_sections_count].from = (ut64) mbi.BaseAddress;
|
||||
|
||||
@ -16,7 +16,7 @@ OBJS+=prof.o cache.o sys.o buf.o sys_w32.o ubase64.o base85.o base91.o
|
||||
OBJS+=list.o flist.o chmod.o graph.o event.o alloc.o donut.o print_code.o
|
||||
OBJS+=regex/regcomp.o regex/regerror.o regex/regexec.o uleb128.o
|
||||
OBJS+=sandbox.o calc.o thread.o thread_sem.o thread_lock.o thread_cond.o
|
||||
OBJS+=strpool.o bitmap.o time.o format.o pie.o print.o utype.o
|
||||
OBJS+=strpool.o bitmap.o time.o format.o pie.o print.o utype.o w32.o
|
||||
OBJS+=seven.o randomart.o zip.o debruijn.o log.o getopt.o table.o
|
||||
OBJS+=utf8.o utf16.o utf32.o strbuf.o lib.o name.o spaces.o signal.o syscmd.o
|
||||
OBJS+=udiff.o bdiff.o stack.o queue.o tree.o idpool.o assert.o
|
||||
|
||||
@ -56,8 +56,8 @@ R_API char *r_str_donut(int osize) {
|
||||
if (osize != 0) {
|
||||
Align = 40;
|
||||
}
|
||||
for (j = Zero; 6.28 > j; j += 0.07) {
|
||||
for (i = Zero; 6.28 > i; i+= 0.02) {
|
||||
for (j = Zero; 6.28f > j; j += 0.07f) {
|
||||
for (i = Zero; 6.28f > i; i+= 0.02f) {
|
||||
float c = sin (i);
|
||||
float d = cos (j);
|
||||
float e = sin (A);
|
||||
@ -69,7 +69,7 @@ R_API char *r_str_donut(int osize) {
|
||||
int y = 12 + Height*D*(l*h*n +t*m);
|
||||
int o = x + 80 * y;
|
||||
int N = 8*((f*e-c*d*g)*m-c*d*e-f*g-l*d*n);
|
||||
if (22 >y && y > 0 && x>0&&80>x&&D>z[o]) {
|
||||
if (22 >y && y > 0 && x > 0 && 80 >x && D > z[o]) {
|
||||
z[o] = D;
|
||||
b[o] = " .,-:!/|S$@&"[N > 0? N: 0];
|
||||
}
|
||||
|
||||
@ -3,6 +3,7 @@ subdir('d')
|
||||
r_util_sources = [
|
||||
'ascii_table.c',
|
||||
'assert.c',
|
||||
'w32.c',
|
||||
'alloc.c',
|
||||
'charset.c',
|
||||
'donut.c',
|
||||
|
||||
@ -1100,7 +1100,10 @@ R_API char *r_sys_pid_to_path(int pid) {
|
||||
eprintf ("r_sys_pid_to_path: Cannot open process.\n");
|
||||
return NULL;
|
||||
}
|
||||
DWORD length = GetModuleFileNameEx (processHandle, NULL, filename, maxlength);
|
||||
DWORD length = 0;
|
||||
if (w32_GetModuleFileNameEx) {
|
||||
length = w32_GetModuleFileNameEx (processHandle, NULL, filename, maxlength);
|
||||
}
|
||||
if (length == 0) {
|
||||
// Upon failure fallback to GetProcessImageFileName
|
||||
length = GetProcessImageFileName (processHandle, filename, maxlength);
|
||||
|
||||
175
libr/util/w32.c
Normal file
175
libr/util/w32.c
Normal file
@ -0,0 +1,175 @@
|
||||
/* radare - LGPL - Copyright 2009-2021 - pancake */
|
||||
|
||||
#include <r_userconf.h>
|
||||
#include <r_util.h>
|
||||
|
||||
#if __WINDOWS__
|
||||
#include <windows.h>
|
||||
|
||||
DWORD (*w32_GetModuleBaseName)(HANDLE, HMODULE, LPTSTR, DWORD) = NULL;
|
||||
BOOL (*w32_GetModuleInformation)(HANDLE, HMODULE, LPMODULEINFO, DWORD) = NULL;
|
||||
BOOL (*w32_DebugActiveProcessStop)(DWORD) = NULL;
|
||||
HANDLE (*w32_OpenThread)(DWORD, BOOL, DWORD) = NULL;
|
||||
BOOL (*w32_DebugBreakProcess)(HANDLE) = NULL;
|
||||
DWORD (*w32_GetThreadId)(HANDLE) = NULL; // Vista
|
||||
DWORD (*w32_GetProcessId)(HANDLE) = NULL; // XP
|
||||
HANDLE (*w32_OpenProcess)(DWORD, BOOL, DWORD) = NULL;
|
||||
BOOL (*w32_QueryFullProcessImageName)(HANDLE, DWORD, LPTSTR, PDWORD) = NULL;
|
||||
DWORD (*w32_GetMappedFileName)(HANDLE, LPVOID, LPTSTR, DWORD) = NULL;
|
||||
NTSTATUS (*w32_NtQuerySystemInformation)(ULONG, PVOID, ULONG, PULONG) = NULL;
|
||||
NTSTATUS (*w32_NtQueryInformationThread)(HANDLE, ULONG, PVOID, ULONG, PULONG) = NULL;
|
||||
NTSTATUS (*w32_NtDuplicateObject)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG) = NULL;
|
||||
NTSTATUS (*w32_NtQueryObject)(HANDLE, ULONG, PVOID, ULONG, PULONG) = NULL;
|
||||
// fpu access API
|
||||
ut64 (*w32_GetEnabledXStateFeatures)(void) = NULL;
|
||||
BOOL (*w32_InitializeContext)(PVOID, DWORD, PCONTEXT*, PDWORD) = NULL;
|
||||
BOOL (*w32_GetXStateFeaturesMask)(PCONTEXT Context, PDWORD64) = NULL;
|
||||
PVOID (*w32_LocateXStateFeature)(PCONTEXT Context, DWORD, PDWORD) = NULL;
|
||||
BOOL (*w32_SetXStateFeaturesMask)(PCONTEXT Context, DWORD64) = NULL;
|
||||
DWORD (*w32_GetModuleFileNameEx)(HANDLE, HMODULE, LPTSTR, DWORD) = NULL;
|
||||
HANDLE (*w32_CreateToolhelp32Snapshot)(DWORD, DWORD) = NULL;
|
||||
|
||||
static bool setup_debug_privileges(bool b) {
|
||||
HANDLE tok;
|
||||
if (!OpenProcessToken (GetCurrentProcess (), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &tok)) {
|
||||
return false;
|
||||
}
|
||||
bool ret = false;
|
||||
LUID luid;
|
||||
if (LookupPrivilegeValue (NULL, SE_DEBUG_NAME, &luid)) {
|
||||
TOKEN_PRIVILEGES tp;
|
||||
tp.PrivilegeCount = 1;
|
||||
tp.Privileges[0].Luid = luid;
|
||||
tp.Privileges[0].Attributes = b ? SE_PRIVILEGE_ENABLED : 0;
|
||||
if (AdjustTokenPrivileges (tok, FALSE, &tp, 0, NULL, NULL)) {
|
||||
// TODO: handle ERROR_NOT_ALL_ASSIGNED
|
||||
ret = GetLastError () == ERROR_SUCCESS;
|
||||
}
|
||||
}
|
||||
CloseHandle (tok);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static bool setup_debug_privilege_noarg(void) {
|
||||
/////////////////////////////////////////////////////////
|
||||
// Note: Enabling SeDebugPrivilege adapted from sample
|
||||
// MSDN @ http://msdn.microsoft.com/en-us/library/aa446619%28VS.85%29.aspx
|
||||
// Enable SeDebugPrivilege
|
||||
bool ret = true;
|
||||
TOKEN_PRIVILEGES tokenPriv;
|
||||
HANDLE hToken = NULL;
|
||||
LUID luidDebug;
|
||||
if (!OpenProcessToken (GetCurrentProcess (),
|
||||
TOKEN_ADJUST_PRIVILEGES, &hToken))
|
||||
return false;
|
||||
|
||||
if (!LookupPrivilegeValue (NULL, SE_DEBUG_NAME, &luidDebug)) {
|
||||
CloseHandle (hToken);
|
||||
return false;
|
||||
}
|
||||
|
||||
tokenPriv.PrivilegeCount = 1;
|
||||
tokenPriv.Privileges[0].Luid = luidDebug;
|
||||
tokenPriv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
|
||||
if (AdjustTokenPrivileges (hToken, FALSE, &tokenPriv, 0, NULL, NULL) != FALSE) {
|
||||
if (tokenPriv.Privileges[0].Attributes == SE_PRIVILEGE_ENABLED) {
|
||||
// eprintf ("PRIV ENABLED\n");
|
||||
}
|
||||
// Always successful, even in the cases which lead to OpenProcess failure
|
||||
// eprintf ("Successfully changed token privileges.\n");
|
||||
// XXX if we cant get the token nobody tells?? wtf
|
||||
} else {
|
||||
eprintf ("Failed to change token privileges 0x%x\n", (int)GetLastError());
|
||||
ret = false;
|
||||
}
|
||||
CloseHandle (hToken);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
R_API bool r_w32_init(void) {
|
||||
HANDLE lib;
|
||||
if (w32_DebugActiveProcessStop) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// escalate privs (required for win7/vista)
|
||||
setup_debug_privilege_noarg ();
|
||||
|
||||
// lookup function pointers for portability
|
||||
w32_DebugActiveProcessStop = (BOOL (*)(DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")),
|
||||
"DebugActiveProcessStop");
|
||||
w32_OpenThread = (HANDLE (*)(DWORD, BOOL, DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "OpenThread");
|
||||
w32_OpenProcess = (HANDLE (*)(DWORD, BOOL, DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "OpenProcess");
|
||||
w32_DebugBreakProcess = (BOOL (*)(HANDLE))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")),
|
||||
"DebugBreakProcess");
|
||||
w32_CreateToolhelp32Snapshot = (HANDLE (*)(DWORD, DWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")),
|
||||
"CreateToolhelp32Snapshot");
|
||||
// only windows vista :(
|
||||
w32_GetThreadId = (DWORD (*)(HANDLE))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "GetThreadId");
|
||||
// from xp1
|
||||
w32_GetProcessId = (DWORD (*)(HANDLE))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), "GetProcessId");
|
||||
w32_QueryFullProcessImageName = (BOOL (*)(HANDLE, DWORD, LPTSTR, PDWORD))
|
||||
GetProcAddress (GetModuleHandle (TEXT ("kernel32")), W32_TCALL ("QueryFullProcessImageName"));
|
||||
// api to retrieve YMM from w7 sp1
|
||||
w32_GetEnabledXStateFeatures = (ut64 (*) ())
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "GetEnabledXStateFeatures");
|
||||
w32_InitializeContext = (BOOL (*) (PVOID, DWORD, PCONTEXT*, PDWORD))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "InitializeContext");
|
||||
w32_GetXStateFeaturesMask = (BOOL (*) (PCONTEXT Context, PDWORD64))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "GetXStateFeaturesMask");
|
||||
w32_LocateXStateFeature = (PVOID (*) (PCONTEXT Context, DWORD ,PDWORD))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "LocateXStateFeature");
|
||||
w32_SetXStateFeaturesMask = (BOOL (*) (PCONTEXT Context, DWORD64))
|
||||
GetProcAddress(GetModuleHandle (TEXT ("kernel32")), "SetXStateFeaturesMask");
|
||||
lib = LoadLibrary (TEXT("psapi.dll"));
|
||||
if(!lib) {
|
||||
eprintf ("Cannot load psapi.dll. Aborting\n");
|
||||
return false;
|
||||
}
|
||||
w32_GetMappedFileName = (DWORD (*)(HANDLE, LPVOID, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetMappedFileName"));
|
||||
w32_GetModuleBaseName = (DWORD (*)(HANDLE, HMODULE, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetModuleBaseName"));
|
||||
w32_GetModuleInformation = (BOOL (*)(HANDLE, HMODULE, LPMODULEINFO, DWORD))
|
||||
GetProcAddress (lib, "GetModuleInformation");
|
||||
w32_GetModuleFileNameEx = (DWORD (*)(HANDLE, HMODULE, LPTSTR, DWORD))
|
||||
GetProcAddress (lib, W32_TCALL ("GetModuleFileNameEx"));
|
||||
lib = LoadLibrary (TEXT("ntdll.dll"));
|
||||
w32_NtQuerySystemInformation = (NTSTATUS (*)(ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQuerySystemInformation");
|
||||
w32_NtDuplicateObject = (NTSTATUS (*)(HANDLE, HANDLE, HANDLE, PHANDLE, ACCESS_MASK, ULONG, ULONG))
|
||||
GetProcAddress (lib, "NtDuplicateObject");
|
||||
w32_NtQueryObject = (NTSTATUS (*)(HANDLE, ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress(lib,"NtQueryObject");
|
||||
w32_NtQueryInformationThread = (NTSTATUS (*)(HANDLE, ULONG, PVOID, ULONG, PULONG))
|
||||
GetProcAddress (lib, "NtQueryInformationThread");
|
||||
if (!w32_DebugActiveProcessStop || !w32_OpenThread || !w32_DebugBreakProcess ||
|
||||
!w32_GetModuleBaseName || !w32_GetModuleInformation) {
|
||||
// OOPS!
|
||||
eprintf ("debug_init_calls:\n"
|
||||
"DebugActiveProcessStop: 0x%p\n"
|
||||
"OpenThread: 0x%p\n"
|
||||
"DebugBreakProcess: 0x%p\n"
|
||||
"GetThreadId: 0x%p\n",
|
||||
w32_DebugActiveProcessStop, w32_OpenThread, w32_DebugBreakProcess, w32_GetThreadId);
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
R_API bool r_w32_init(void) {
|
||||
// nothing to do
|
||||
return false;
|
||||
}
|
||||
|
||||
#endif
|
||||
Loading…
Reference in New Issue
Block a user