From 42edc834d21584de2cbfe7e7309ff49a2f64ef08 Mon Sep 17 00:00:00 2001
From: pancake <pancake@nopcode.org>
Date: Sun, 9 Oct 2011 19:45:34 +0200
Subject: [PATCH] * Added maps for debug.bfdbg   - Implement dm* command *
 Implement hex:// handler in io.malloc plugin   - r2 hex://1020304090102030

---
 TODO                        |  8 ++-----
 libr/core/cmd.c             | 17 +++++++-------
 libr/debug/map.c            | 44 +++++++++++++++++++++++++------------
 libr/debug/p/debug_bf.c     | 19 +++++++++++++++-
 libr/debug/p/debug_native.c |  9 ++++----
 libr/include/r_debug.h      |  2 +-
 libr/io/p/io_malloc.c       | 27 ++++++++++++++++-------
 7 files changed, 83 insertions(+), 43 deletions(-)

diff --git a/TODO b/TODO
index 21b2717c9c..3fec715c7d 100644
--- a/TODO
+++ b/TODO
@@ -11,13 +11,14 @@
 * shell encoder - get x86-64 one from twitter
   - http://funoverip.net/2011/09/simple-shellcode-obfuscation/
 * cleanup magic database.. too slow for search :(
+* use centralized pubsub or memcached to sync data
 * rabin2 -z /dev/sda1 TAKES TOO LONG. opening r2 /tmp/fs is SLOW as shit.
+* Implement differential distance signature search
 
 ====[[ 0.9 ]]====
 
 * Add support for classes (useful for c++, dex, objc, ...)
   - command to add new classes
-* Implement hex:// io :D like malloc but initialized.. use malloc here?
 
 OSX
 ===
@@ -28,10 +29,6 @@ Other stuff
 ===========
 * code analysis for msil
 * rax2 -k by default?
-* r_anal_find_fcn() is O(N). should be O(1)
-  - var r = RHashTable<RList>()
-    var l = r.add ("0x8048000-0x8049000", new RList ())
-    l.append (ReferenceTo (fcn)
 * Optimize /m
   - search only using given file, not loading default library
   - do not read each block byte per byte
@@ -41,7 +38,6 @@ Other stuff
 * Merge libr/db inside libr/util ?
 * Test r_search_delta()
 * Dupped javasm bin/asm -- must merge
-* Implement differential distance signature search
 
 * Rename r_hashtable -> r_ht
   - Make ht64.c include ht.c
diff --git a/libr/core/cmd.c b/libr/core/cmd.c
index adbcac203b..901165f515 100644
--- a/libr/core/cmd.c
+++ b/libr/core/cmd.c
@@ -4617,7 +4617,7 @@ R_API int r_core_cmd_command(RCore *core, const char *command) {
 	return 0;
 }
 
-static void cmd_dm(RCore *core, const char *input) {
+static void cmd_debug_dm(RCore *core, const char *input) {
 	switch (input[0]) {
 	case '?':
 		r_cons_printf (
@@ -4670,13 +4670,16 @@ static void cmd_dm(RCore *core, const char *input) {
 		}
 		break;
 	case '*':
+		r_debug_map_sync (core->dbg); // update process memory maps
+		r_debug_map_list (core->dbg, core->offset, 1);
+		break;
 	case '-':
 	case ' ':
 		eprintf ("TODO\n");
 		break;
 	default:
 		r_debug_map_sync (core->dbg); // update process memory maps
-		r_debug_map_list (core->dbg, core->offset);
+		r_debug_map_list (core->dbg, core->offset, 0);
 		break;
 	}
 }
@@ -4748,11 +4751,9 @@ static void cmd_debug_pid(RCore *core, const char *input) {
 		/* XXX: but we want fine-grained access to process resources */
 		pid = atoi (input+2);
 		ptr = strchr (input, ' ');
-		if (ptr) sig = atoi (ptr+1);
-		else sig = 0;
+		sig = ptr? atoi (ptr+1): 0;
 		if (pid > 0) {
-			eprintf ("Sending signal '%d' to pid '%d'\n",
-				sig, pid);
+			eprintf ("Sending signal '%d' to pid '%d'\n", sig, pid);
 			r_debug_kill (core->dbg, R_FALSE, sig);
 		} else eprintf ("Invalid arguments\n");
 		break;
@@ -5065,7 +5066,7 @@ static int cmd_debug(void *data, const char *input) {
 		follow = r_config_get_i (core->config, "dbg.follow");
 		break;
 	case 'm':
-		cmd_dm (core, input+1);
+		cmd_debug_dm (core, input+1);
 		break;
 	case 'r':
 		cmd_reg (core, input+1);
@@ -5091,7 +5092,7 @@ static int cmd_debug(void *data, const char *input) {
 		" db[?]          breakpoints\n"
 		" dbt            display backtrace\n"
 		" dt[r] [tag]    display instruction traces (dtr=reset)\n"
-		" dm             show memory maps\n");
+		" dm[?*]         show memory maps\n");
 		break;
 	}
 	if (follow>0) {
diff --git a/libr/debug/map.c b/libr/debug/map.c
index 7f26a01351..172dd009b1 100644
--- a/libr/debug/map.c
+++ b/libr/debug/map.c
@@ -3,21 +3,37 @@
 #include <r_debug.h>
 #include <r_list.h>
 
-R_API void r_debug_map_list(RDebug *dbg, ut64 addr) {
+R_API void r_debug_map_list(RDebug *dbg, ut64 addr, int rad) {
 	RListIter *iter = r_list_iterator (dbg->maps);
-	while (r_list_iter_next (iter)) {
-		RDebugMap *map = r_list_iter_get (iter);
-		dbg->printf ("sys 0x%08"PFMT64x" %c 0x%08"PFMT64x" %c %s %s\n",
-			map->addr, (addr>=map->addr && addr<=map->addr_end)?'*':'-',
-			map->addr_end, map->user?'u':'s', r_str_rwx_i (map->perm), map->name);
-	}
-	iter = r_list_iterator (dbg->maps_user);
-	while (r_list_iter_next (iter)) {
-		RDebugMap *map = r_list_iter_get (iter);
-		dbg->printf ("usr 0x%08"PFMT64x" - 0x%08"PFMT64x" %c %x %s\n",
-			map->addr, map->addr_end,
-			map->user?'u':'s',
-			map->perm, map->name);
+	if (rad) {
+		while (r_list_iter_next (iter)) {
+			RDebugMap *map = r_list_iter_get (iter);
+			dbg->printf ("f map.%s.%s 0x%08"PFMT64x" 0x%08"PFMT64x"\n",
+				map->name, r_str_rwx_i (map->perm),
+				map->addr_end - map->addr, map->addr);
+		}
+		iter = r_list_iterator (dbg->maps_user);
+		while (r_list_iter_next (iter)) {
+			RDebugMap *map = r_list_iter_get (iter);
+			dbg->printf ("f map.%s.%s 0x%08"PFMT64x" 0x%08"PFMT64x"\n",
+				map->name, r_str_rwx_i (map->perm),
+				map->addr_end - map->addr, map->addr);
+		}
+	} else {
+		while (r_list_iter_next (iter)) {
+			RDebugMap *map = r_list_iter_get (iter);
+			dbg->printf ("sys 0x%08"PFMT64x" %c 0x%08"PFMT64x" %c %s %s\n",
+				map->addr, (addr>=map->addr && addr<=map->addr_end)?'*':'-',
+				map->addr_end, map->user?'u':'s', r_str_rwx_i (map->perm), map->name);
+		}
+		iter = r_list_iterator (dbg->maps_user);
+		while (r_list_iter_next (iter)) {
+			RDebugMap *map = r_list_iter_get (iter);
+			dbg->printf ("usr 0x%08"PFMT64x" - 0x%08"PFMT64x" %c %x %s\n",
+				map->addr, map->addr_end,
+				map->user?'u':'s',
+				map->perm, map->name);
+		}
 	}
 }
 
diff --git a/libr/debug/p/debug_bf.c b/libr/debug/p/debug_bf.c
index 00498fd47b..2b719773d4 100644
--- a/libr/debug/p/debug_bf.c
+++ b/libr/debug/p/debug_bf.c
@@ -163,6 +163,22 @@ static int r_debug_native_bp(RDebug *dbg, int add, ut64 addr, int hw, int rwx) {
 	return R_FALSE;
 }
 
+static RList *r_debug_native_map_get(RDebug *dbg) {
+	RIOBfdbg *o = dbg->iob.io->fd->data;
+	BfvmCPU *c = o->bfvm;
+	RList *list = r_list_new ();
+	list->free = r_debug_map_free;
+	r_list_append (list, r_debug_map_new (
+		"code", 0, 4096, 6, 0));
+	r_list_append (list, r_debug_map_new (
+		"memory", c->base, c->base+c->size, 6, 0));
+	r_list_append (list, r_debug_map_new (
+		"screen", c->screen, c->screen+c->screen_size, 6, 0));
+	r_list_append (list, r_debug_map_new (
+		"input", c->input, c->input+c->input_size, 6, 0));
+	return list;
+}
+
 struct r_debug_plugin_t r_debug_plugin_bf = {
 	.name = "bf",
 	/* TODO: Add support for more architectures here */
@@ -185,7 +201,8 @@ struct r_debug_plugin_t r_debug_plugin_bf = {
 	.breakpoint = &r_debug_bf_breakpoint,
 	.reg_read = &r_debug_bf_reg_read,
 	.reg_write = &r_debug_bf_reg_write,
-	.reg_profile = (void *)r_debug_bf_reg_profile,
+	.reg_profile = r_debug_bf_reg_profile,
+	.map_get = r_debug_native_map_get,
 //	.breakpoint = r_debug_native_bp,
 	//.ptr_write = &r_debug_bf_ptr_write,
 	//.ptr_read = &r_debug_bf_ptr_read,
diff --git a/libr/debug/p/debug_native.c b/libr/debug/p/debug_native.c
index c7bcc5b07a..d812b03227 100644
--- a/libr/debug/p/debug_native.c
+++ b/libr/debug/p/debug_native.c
@@ -1588,7 +1588,6 @@ static RList *r_debug_native_map_get(RDebug *dbg) {
 		eprintf ("r_debug_native_map_get: No selected pid (-1)\n");
 		return NULL;
 	}
-
 #if __KFBSD__
 	list = r_debug_native_sysctl_map (dbg);
 	if (list != NULL)
@@ -1629,7 +1628,7 @@ static RList *r_debug_native_map_get(RDebug *dbg) {
 		if (!pos_c)
 			continue;
 
-		pos_c[-1] = (char)'0';
+		pos_c[-1] = (char)'0'; // xxx. this is wrong
 		pos_c[ 0] = (char)'x';
 		strncpy (region2, pos_c-1, sizeof (region2)-1);
 #endif // __KFBSD__
@@ -1640,7 +1639,7 @@ static RList *r_debug_native_map_get(RDebug *dbg) {
 			snprintf (path, sizeof (path), "unk%d", unk++);
 
 		perm = 0;
-		for(i = 0; perms[i] && i < 4; i++)
+		for (i = 0; perms[i] && i < 4; i++)
 			switch (perms[i]) {
 			case 'r': perm |= R_IO_READ; break;
 			case 'w': perm |= R_IO_WRITE; break;
@@ -2066,9 +2065,9 @@ struct r_debug_plugin_t r_debug_plugin_native = {
 	.kill = &r_debug_native_kill,
 	.frames = &r_debug_native_frames, // rename to backtrace ?
 	.reg_profile = (void *)r_debug_native_reg_profile,
-	.reg_read = &r_debug_native_reg_read,
+	.reg_read = r_debug_native_reg_read,
 	.reg_write = (void *)&r_debug_native_reg_write,
-	.map_get = (void *)&r_debug_native_map_get,
+	.map_get = r_debug_native_map_get,
 	.breakpoint = r_debug_native_bp,
 };
 
diff --git a/libr/include/r_debug.h b/libr/include/r_debug.h
index e88e44f921..e605bec85b 100644
--- a/libr/include/r_debug.h
+++ b/libr/include/r_debug.h
@@ -254,7 +254,7 @@ R_API void r_debug_map_list_free(RList *maps);
 R_API RDebugMap *r_debug_map_get(RDebug *dbg, ut64 addr);
 R_API RDebugMap *r_debug_map_new (char *name, ut64 addr, ut64 addr_end, int perm, int user);
 R_API void r_debug_map_free(RDebugMap *map);
-R_API void r_debug_map_list(RDebug *dbg, ut64 addr);
+R_API void r_debug_map_list(RDebug *dbg, ut64 addr, int rad);
 
 /* descriptors */
 R_API RDebugDesc *r_debug_desc_new (int fd, char* path, int perm, int type, int off);
diff --git a/libr/io/p/io_malloc.c b/libr/io/p/io_malloc.c
index 7ec2c963c4..2c53c424c8 100644
--- a/libr/io/p/io_malloc.c
+++ b/libr/io/p/io_malloc.c
@@ -28,8 +28,10 @@ static int __write(struct r_io_t *io, RIODesc *fd, const ut8 *buf, int count) {
 static int __read(struct r_io_t *io, RIODesc *fd, ut8 *buf, int count) {
 	if (fd == NULL || fd->data == NULL)
 		return -1;
-	if (io->off+count >= RIOMALLOC_SZ (fd))
+	if (io->off>= RIOMALLOC_SZ (fd))
 		return -1;
+	if (io->off+count >= RIOMALLOC_SZ (fd))
+		count = RIOMALLOC_SZ (fd) - io->off;
 	memcpy (buf, RIOMALLOC_BUF (fd)+io->off, count);
 	return count;
 }
@@ -57,25 +59,34 @@ static ut64 __lseek(struct r_io_t *io, RIODesc *fd, ut64 offset, int whence) {
 }
 
 static int __plugin_open(struct r_io_t *io, const char *pathname) {
-	return (!memcmp (pathname, "malloc://", 9));
+	return (
+		(!memcmp (pathname, "malloc://", 9)) ||
+		(!memcmp (pathname, "hex://", 6))
+	);
 }
 
 static inline int getmalfd (RIOMalloc *mal) {
-	return 0xfffffff & (int)(size_t)mal->buf;
+	return 0xfffff & (int)(size_t)mal->buf;
 }
 
 static RIODesc *__open(struct r_io_t *io, const char *pathname, int rw, int mode) {
 	if (__plugin_open (io, pathname)) {
 		RIOMalloc *mal = R_NEW (RIOMalloc);
 		mal->fd = getmalfd (mal);
-		mal->size = atoi (pathname+9);
-		if ((mal->size)>0) {
+		if (!memcmp (pathname, "hex://", 6)) {
+			mal->size = strlen (pathname);
 			mal->buf = malloc (mal->size);
-			if (mal->buf != NULL) {
+			memset (mal->buf, 0, mal->size);
+			mal->size = r_hex_str2bin (pathname+6, mal->buf);
+		} else {
+			mal->size = atoi (pathname+9);
+			if ((mal->size)>0) {
+				mal->buf = malloc (mal->size);
 				memset (mal->buf, '\0', mal->size);
-				return r_io_desc_new (&r_io_plugin_malloc, mal->fd, pathname, rw, mode, mal);
 			}
 		}
+		if (mal->buf != NULL)
+			return r_io_desc_new (&r_io_plugin_malloc, mal->fd, pathname, rw, mode, mal);
 		eprintf ("Cannot allocate (%s) %d bytes\n", pathname+9, mal->size);
 		free (mal);
 	}
@@ -84,7 +95,7 @@ static RIODesc *__open(struct r_io_t *io, const char *pathname, int rw, int mode
 
 struct r_io_plugin_t r_io_plugin_malloc = {
 	.name = "malloc",
-        .desc = "memory allocation (malloc://1024)",
+        .desc = "memory allocation (malloc://1024 hex://10294505)",
         .open = __open,
         .close = __close,
 	.read = __read,