Magic-Mirror/x64dbg
1
0
Fork 0
mirror of https://github.com/x64dbg/x64dbg.git synced 2025-02-22 22:11:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

DBG: added section names to the memory map

Browse Source 
DBG: fixed a bug with string escaping in cbOutputDebugString
DBG: bring to front when paused
This commit is contained in:
Mr. eXoDia 2014-05-09 13:43:12 +02:00
parent 0bee4ed73a
commit 70a91a06fc
5 changed files with 154 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
x64_dbg_bridge/bridgemain.h
View File

@ -244,7 +244,7 @@ typedef void (*CBSYMBOLENUM)(SYMBOLINFO* symbol, void* user);
struct MEMPAGE
{
MEMORY_BASIC_INFORMATION mbi;
char mod[MAX_MODULE_SIZE];
char info[MAX_MODULE_SIZE];
};
struct MEMMAP

133
x64_dbg_dbg/_exports.cpp
View File

@ -37,19 +37,27 @@ extern "C" DLL_EXPORT bool _dbg_memmap(MEMMAP* memmap)
MEMORY_BASIC_INFORMATION mbi;
DWORD numBytes;
uint MyAddress=0, newAddress=0;
SymInitialize(fdProcessInfo->hProcess, 0, true);
uint curAllocationBase=0;
bool bListAllPages = false; //TODO: settings for this
std::vector<MEMPAGE> pageVector;
do
{
numBytes=VirtualQueryEx(fdProcessInfo->hProcess, (LPCVOID)MyAddress, &mbi, sizeof(mbi));
if(mbi.State==MEM_COMMIT)
{
MEMPAGE curPage;
*curPage.mod=0;
modnamefromaddr(MyAddress, curPage.mod, true);
memcpy(&curPage.mbi, &mbi, sizeof(mbi));
pageVector.push_back(curPage);
memmap->count++;
if(bListAllPages || curAllocationBase!=(uint)mbi.AllocationBase) //only list allocation bases
{
curAllocationBase=(uint)mbi.AllocationBase;
MEMPAGE curPage;
*curPage.info=0;
modnamefromaddr(MyAddress, curPage.info, true);
memcpy(&curPage.mbi, &mbi, sizeof(mbi));
pageVector.push_back(curPage);
}
else
pageVector.at(pageVector.size()-1).mbi.RegionSize+=mbi.RegionSize;
}
newAddress=(uint)mbi.BaseAddress+mbi.RegionSize;
if(newAddress<=MyAddress)
@ -59,8 +67,117 @@ extern "C" DLL_EXPORT bool _dbg_memmap(MEMMAP* memmap)
}
while(numBytes);
int pagecount;
//filter executable sections
if(bListAllPages)
{
pagecount=pageVector.size();
char curMod[MAX_MODULE_SIZE]="";
for(int i=pagecount-1,curIdx=0; i>-1; i--)
{
if(pageVector.at(i).info[0]) //there is a module
{
if(!scmp(curMod, pageVector.at(i).info)) //mod is not the current mod
{
strcpy(curMod, pageVector.at(i).info);
curIdx=i;
}
else //current mod
{
pageVector.at(curIdx).mbi.RegionSize+=pageVector.at(i).mbi.RegionSize;
pageVector.erase(pageVector.begin()+i);
curIdx--; //the index changes when you remove an entry
}
}
}
}
//process file sections
pagecount=pageVector.size();
char curMod[MAX_MODULE_SIZE]="";
for(int i=pagecount-1; i>-1; i--)
{
if(pageVector.at(i).info[0]) //there is a module
{
if(!scmp(curMod, pageVector.at(i).info)) //mod is not the current mod
{
strcpy(curMod, pageVector.at(i).info);
HMODULE hMod=(HMODULE)modbasefromname(curMod);
if(!hMod)
continue;
char curModPath[MAX_PATH]="";
if(!GetModuleFileNameExA(fdProcessInfo->hProcess, hMod, curModPath, MAX_PATH))
continue;
int SectionNumber=GetPE32Data(curModPath, 0, UE_SECTIONNUMBER);
MEMPAGE newPage;
pageVector.erase(pageVector.begin()+i); //remove the SizeOfImage page
for(int j=SectionNumber-1; j>-1; j--)
{
memset(&newPage, 0, sizeof(MEMPAGE));
VirtualQueryEx(fdProcessInfo->hProcess, (LPCVOID)((uint)hMod+GetPE32Data(curModPath, j, UE_SECTIONVIRTUALOFFSET)), &newPage.mbi, sizeof(MEMORY_BASIC_INFORMATION));
uint SectionSize=GetPE32Data(curModPath, j, UE_SECTIONVIRTUALSIZE);
if(SectionSize%PAGE_SIZE) //unaligned page size
SectionSize+=PAGE_SIZE-(SectionSize%PAGE_SIZE); //fix this
if(SectionSize)
newPage.mbi.RegionSize=SectionSize;
const char* SectionName=(const char*)GetPE32Data(curModPath, j, UE_SECTIONNAME);
if(!SectionName)
SectionName="";
int len=strlen(SectionName);
int escape_count=0;
for(int i=0; i<len; i++)
if(SectionName[i]=='\\' or SectionName[i]=='\"' or !isprint(SectionName[i]))
escape_count++;
char* SectionNameEscaped=(char*)emalloc(len+escape_count+1, "_dbg_memmap:SectionNameEscaped");
memset(SectionNameEscaped, 0, len+escape_count+1);
for(int i=0,j=0; i<len; i++)
{
switch(SectionName[i])
{
case '\t':
j+=sprintf(SectionNameEscaped+j, "\\t");
break;
case '\f':
j+=sprintf(SectionNameEscaped+j, "\\f");
break;
case '\v':
j+=sprintf(SectionNameEscaped+j, "\\v");
break;
case '\n':
j+=sprintf(SectionNameEscaped+j, "\\n");
break;
case '\r':
j+=sprintf(SectionNameEscaped+j, "\\r");
break;
case '\\':
j+=sprintf(SectionNameEscaped+j, "\\\\");
break;
case '\"':
j+=sprintf(SectionNameEscaped+j, "\\\"");
break;
default:
if(!isprint(SectionName[i])) //unknown unprintable character
j+=sprintf(SectionNameEscaped+j, "\\x%.2X", SectionName[i]);
else
j+=sprintf(SectionNameEscaped+j, "%c", SectionName[i]);
break;
}
}
sprintf(newPage.info, " \"%s\"", SectionNameEscaped);
efree(SectionNameEscaped, "_dbg_memmap:SectionNameEscaped");
pageVector.insert(pageVector.begin()+i, newPage);
}
memset(&newPage, 0, sizeof(MEMPAGE));
VirtualQueryEx(fdProcessInfo->hProcess, (LPCVOID)hMod, &newPage.mbi, sizeof(MEMORY_BASIC_INFORMATION));
strcpy(newPage.info, curMod);
pageVector.insert(pageVector.begin()+i, newPage);
}
}
}
//process vector
int pagecount=memmap->count;
memmap->count=pagecount=pageVector.size();
memmap->page=(MEMPAGE*)BridgeAlloc(sizeof(MEMPAGE)*pagecount);
memset(memmap->page, 0, sizeof(MEMPAGE)*pagecount);
for(int i=0; i<pagecount; i++)

1
x64_dbg_dbg/_plugins.cpp
View File

@ -45,6 +45,7 @@ PLUG_IMPEXP void _plugin_debugpause()
DebugUpdateGui(GetContextData(UE_CIP), true);
GuiSetDebugState(paused);
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
dbgsetskipexceptions(false);
wait(WAITID_RUN);
}

24
x64_dbg_dbg/debugger.cpp
View File

@ -157,6 +157,7 @@ static void cbUserBreakpoint()
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
@ -230,6 +231,7 @@ static void cbHardwareBreakpoint(void* ExceptionAddress)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
@ -291,6 +293,7 @@ static void cbMemoryBreakpoint(void* ExceptionAddress)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
@ -429,6 +432,7 @@ static void cbStep()
stepInfo.reserved=0;
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
@ -443,6 +447,7 @@ static void cbRtrFinalStep()
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
@ -591,6 +596,7 @@ static void cbCreateThread(CREATE_THREAD_DEBUG_INFO* CreateThread)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
@ -615,6 +621,7 @@ static void cbExitThread(EXIT_THREAD_DEBUG_INFO* ExitThread)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
@ -642,6 +649,7 @@ static void cbSystemBreakpoint(void* ExceptionData)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
@ -706,6 +714,7 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
@ -733,6 +742,7 @@ static void cbUnloadDll(UNLOAD_DLL_DEBUG_INFO* UnloadDll)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
@ -755,10 +765,10 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
int len=strlen(DebugText);
int escape_count=0;
for(int i=0; i<len; i++)
if(DebugText[i]=='\\')
if(DebugText[i]=='\\' or DebugText[i]=='\"' or !isprint(DebugText[i]))
escape_count++;
char* DebugTextEscaped=(char*)emalloc(DebugString->nDebugStringLength+escape_count+1, "cbOutputDebugString:DebugTextEscaped");
memset(DebugTextEscaped, 0, DebugString->nDebugStringLength+escape_count+1);
char* DebugTextEscaped=(char*)emalloc(len+escape_count+1, "cbOutputDebugString:DebugTextEscaped");
memset(DebugTextEscaped, 0, len+escape_count+1);
for(int i=0,j=0; i<len; i++)
{
switch(DebugText[i])
@ -785,7 +795,10 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
j+=sprintf(DebugTextEscaped+j, "\\\"");
break;
default:
j+=sprintf(DebugTextEscaped+j, "%c", DebugText[i]);
if(!isprint(DebugText[i])) //unknown unprintable character
j+=sprintf(DebugTextEscaped+j, "\\%.2x", DebugText[i]);
else
j+=sprintf(DebugTextEscaped+j, "%c", DebugText[i]);
break;
}
}
@ -802,6 +815,7 @@ static void cbOutputDebugString(OUTPUT_DEBUG_STRING_INFO* DebugString)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
plugincbcall(CB_PAUSEDEBUG, &pauseInfo);
@ -838,6 +852,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;
@ -866,6 +881,7 @@ static void cbException(EXCEPTION_DEBUG_INFO* ExceptionData)
GuiSetDebugState(paused);
//lock
lock(WAITID_RUN);
SetForegroundWindow(GuiGetWindowHandle());
bSkipExceptions=false;
PLUG_CB_PAUSEDEBUG pauseInfo;
pauseInfo.reserved=0;

24
x64_dbg_gui/Project/Src/BasicView/MemoryMapView.cpp
View File

@ -8,16 +8,12 @@ MemoryMapView::MemoryMapView(StdTable *parent) : StdTable(parent)
addColumnAt(8+charwidth*2*sizeof(uint_t), "ADDR", false); //addr
addColumnAt(8+charwidth*2*sizeof(uint_t), "SIZE", false); //size
addColumnAt(8+charwidth*32, "MOD", false); //module
addColumnAt(8+charwidth*3, "TYP", false);
addColumnAt(8+charwidth*5, "CPROT", false);
addColumnAt(8+charwidth*5, "APROT", false);
addColumnAt(8+charwidth*32, "INFO", false); //page information
addColumnAt(8+charwidth*3, "TYP", false); //allocation type
addColumnAt(8+charwidth*5, "CPROT", false); //current protection
addColumnAt(8+charwidth*5, "APROT", false); //allocation protection
addColumnAt(100, "", false);
//setRowCount(100);
connect(Bridge::getBridge(), SIGNAL(dbgStateChanged(DBGSTATE)), this, SLOT(stateChangedSlot(DBGSTATE)));
}
@ -69,8 +65,6 @@ void MemoryMapView::stateChangedSlot(DBGSTATE state)
DbgMemMap(&wMemMapStruct);
//qDebug() << "count " << wMemMapStruct.count;
setRowCount(wMemMapStruct.count);
for(wI = 0; wI < wMemMapStruct.count; wI++)
@ -86,10 +80,8 @@ void MemoryMapView::stateChangedSlot(DBGSTATE state)
wS = QString("%1").arg((uint_t)wMbi.RegionSize, sizeof(uint_t)*2, 16, QChar('0')).toUpper();
setCellContent(wI, 1, wS);
// Module Name
char newMod[MAX_MODULE_SIZE]="";
strcpy(newMod, (wMemMapStruct.page)[wI].mod);
wS = QString(newMod);
// Information
wS = QString((wMemMapStruct.page)[wI].info);
setCellContent(wI, 2, wS);
// State
@ -136,11 +128,9 @@ void MemoryMapView::stateChangedSlot(DBGSTATE state)
setCellContent(wI, 5, wS);
}
if(wMemMapStruct.page != 0)
{
BridgeFree(wMemMapStruct.page);
}
reloadData(); //refresh memory map
}
}