📄 symbols.c
字号:
} LEAVE_FUNC();}//************************************************************************* // LoadSymbols() // //************************************************************************* PICE_SYMBOLFILE_HEADER* LoadSymbols(LPSTR filename){ struct file *pf = NULL; PICE_SYMBOLFILE_HEADER *pSymbols=NULL; ENTER_FUNC(); if(ulNumSymbolsLoaded < DIM(apSymbols)) { pf = filp_open(filename,O_RDONLY,0); if(IS_ERR(pf)) goto Quit; size_t len; DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pf = %p\n", pf); if(!pf->f_op) goto Quit; DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pf = %p pf->f_op->read @ %08X\n", pf, (ULONG)pf->f_op->read); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pf->f_count = %04X p->f_flags %x\n", pf->f_count.counter, pf->f_flags); len = pf->f_dentry->d_inode->i_size; DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "file len = %d\n", len); if(len) { if((pSymbols = PICE_HeapAlloc(len+1)) == NULL) goto Quit; DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pSymbols = %p\n", pSymbols); if(len == kernel_read(pf, 0, (PVOID)pSymbols, len)) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "success reading symbols!\n"); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pSymbols->magic = %X\n", pSymbols->magic); PICE_sprintf(tempSym, "pICE: loading symbols for %s\n", pSymbols->name); Print(OUTPUT_WINDOW,tempSym); } if(pSymbols->magic == PICE_MAGIC) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "magic = %X\n", pSymbols->magic); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "name = %s\n", pSymbols->name);; DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ulOffsetToHeaders,ulSizeOfHeader = %X,%X\n", pSymbols->ulOffsetToHeaders,pSymbols->ulSizeOfHeader); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ulOffsetToGlobals,ulSizeOfGlobals = %X,%X\n", pSymbols->ulOffsetToGlobals,pSymbols->ulSizeOfGlobals); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ulOffsetToGlobalsStrings,ulSizeOfGlobalsStrings = %X,%X\n", pSymbols->ulOffsetToGlobalsStrings,pSymbols->ulSizeOfGlobalsStrings); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ulOffsetToStabs,ulSizeOfStabs = %X,%X\n", pSymbols->ulOffsetToStabs,pSymbols->ulSizeOfStabs); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ulOffsetToStabsStrings,ulSizeOfStabsStrings = %X,%X\n", pSymbols->ulOffsetToStabsStrings,pSymbols->ulSizeOfStabsStrings); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ulOffsetToSrcFiles,ulNumberOfSrcFiles = %X,%X\n", pSymbols->ulOffsetToSrcFiles,pSymbols->ulNumberOfSrcFiles); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pICE: symbols loaded for module \"%s\" @ %p\n", pSymbols->name, pSymbols); apSymbols[ulNumSymbolsLoaded++]=pSymbols; } else { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "LoadSymbols(): freeing %p\n", pSymbols); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "symbols file \"%s\" corrupt\n", filename); PICE_HeapFree(pSymbols); } } } else { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "could not load symbols for %s...\n", filename); }Quit: if(pf) filp_close(pf, 0); LEAVE_FUNC(); return pSymbols;}//************************************************************************* // ReloadSymbols() // //************************************************************************* BOOLEAN ReloadSymbols(void){ BOOLEAN bResult; ENTER_FUNC(); Print(OUTPUT_WINDOW, "pICE: reloading symbols...\n"); UnloadSymbols(); bResult = LoadSymbolsFromConfig(TRUE, SymbolFileName); Print(OUTPUT_WINDOW, "pICE: reloading symbols OK!\n"); LEAVE_FUNC(); return bResult;}//************************************************************************* // UnloadSymbols() // //************************************************************************* void UnloadSymbols(){ ULONG i; ENTER_FUNC(); if(ulNumSymbolsLoaded) { for(i=0;i<ulNumSymbolsLoaded;i++) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "freeing [%u] %p\n", i, apSymbols[i]); PICE_HeapFree(apSymbols[i]); apSymbols[i] = NULL; } ulNumSymbolsLoaded = 0; } LEAVE_FUNC();}//************************************************************************* // LoadSymbolsFromConfig() // //************************************************************************* BOOLEAN LoadSymbolsFromConfig(BOOLEAN bIgnoreBootParams, LPSTR pSymbolFile){ PICE_SYMBOLFILE_HEADER *pSymbols; BOOLEAN bResult = FALSE; ENTER_FUNC(); if(pSymbolFile != NULL && strlen(pSymbolFile) < (sizeof(SymbolFileName)-1)) strcpy(SymbolFileName, pSymbolFile); else goto Quit; if((pSymbols = LoadSymbols(pSymbolFile)) != NULL) { PICE_SYMBOLFILE_SOURCE *pSrc; LPSTR p; pSrc = (PICE_SYMBOLFILE_SOURCE*)((ULONG)pSymbols + pSymbols->ulOffsetToSrcFiles); pCurrentSymbols = pSymbols; if((p = strrchr(pSrc->filename,'/')) != NULL) { PICE_strcpy(szCurrentFile,p+1); } else { PICE_strcpy(szCurrentFile,pSrc->filename); } } bResult = TRUE;Quit: LEAVE_FUNC(); return bResult;}//************************************************************************* // FindSymbolTableForModule() // // //************************************************************************* PICE_SYMBOLFILE_HEADER* FindSymbolTableForModule(ULONG addr){ struct module* pMod; ULONG start,end,i; ENTER_FUNC(); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForModule(%x)\n", addr);#ifndef ACTIVATE_SYMBOL_LOOKUP return NULL;#endif // !ACTIVATE_SYMBOL_LOOKUP if(pmodule_list) { i=0; pMod = pmodule_list; do { if(pMod->size) { start = (ULONG)pMod+sizeof(struct module); end = start + pMod->size-sizeof(struct module); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForModule(): %s %x-%x\n", pMod->name,start,end); if(addr>=start && addr<end) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForModule(): address matches %s %x-%x\n", pMod->name,start,end); for(i=0;i<ulNumSymbolsLoaded;i++) { if(PICE_strcmpi((LPSTR)pMod->name,apSymbols[i]->name) == 0) { if(ValidityCheckSymbols(apSymbols[i])) return apSymbols[i]; else return NULL; } } } } else { start = (ULONG)KERNEL_START + sizeof(struct module); end = start + fake_kernel_module.size-sizeof(struct module); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForModule(): %s %x-%x\n", fake_kernel_module.name,start,end); if(addr>=start && addr<end) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForModule(): address matches %s %x-%x\n", fake_kernel_module.name,start,end); for(i=0;i<ulNumSymbolsLoaded;i++) { if(PICE_strcmpi((LPSTR)fake_kernel_module.name,apSymbols[i]->name) == 0) { if(ValidityCheckSymbols(apSymbols[i])) return apSymbols[i]; else return NULL; } } } } }while((pMod = pMod->next)); } LEAVE_FUNC(); return NULL;}//************************************************************************* // FindSymbolTableForProcess() // // //************************************************************************* PICE_SYMBOLFILE_HEADER* FindSymbolTableForProcess(ULONG addr){ ULONG i; ENTER_FUNC(); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForProcess(%x)\n", addr);#ifndef ACTIVATE_SYMBOL_LOOKUP return NULL;#endif // !ACTIVATE_SYMBOL_LOOKUP if(addr < TASK_SIZE) { for(i=0;i<ulNumSymbolsLoaded;i++) { if(PICE_strcmpi((LPSTR)current->comm,apSymbols[i]->name) == 0) { if(ValidityCheckSymbols(apSymbols[i])) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindSymbolTableForProcess(%x): found\n", addr); return apSymbols[i]; } else return NULL; } } } LEAVE_FUNC(); return NULL;}//************************************************************************* // FindModuleFromAddress() // //************************************************************************* struct module* FindModuleFromAddress(ULONG addr){ struct module* pMod; ULONG start,end; ENTER_FUNC(); if(pmodule_list) { pMod = pmodule_list; do { if(pMod->size) { start = (ULONG)pMod+sizeof(struct module); end = start + pMod->size-sizeof(struct module); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "%s %x-%x\n", pMod->name,start,end); if(addr>=start && addr<end) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "found %s\n", pMod->name); return pMod; } } // must be the kernel else { start = (ULONG)KERNEL_START + sizeof(struct module); end = start + fake_kernel_module.size-sizeof(struct module); DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "%s %x-%x\n", fake_kernel_module.name,start,end); if(addr>=start && addr<end) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "found %s\n", fake_kernel_module.name); return &fake_kernel_module; } } }while((pMod = pMod->next)); } LEAVE_FUNC(); return NULL;}//************************************************************************* // FindModuleByName() // //************************************************************************* struct module* FindModuleByName(LPSTR modname){ struct module* pMod; ENTER_FUNC(); if(pmodule_list) { pMod = pmodule_list; do { if(pMod->size) { if(PICE_strcmpi(modname,(LPSTR)pMod->name) == 0) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "found %s\n", pMod->name); return pMod; } } else { if(PICE_strcmpi(modname,(LPSTR)fake_kernel_module.name) == 0) { DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "found %s\n", fake_kernel_module.name); return &fake_kernel_module; } } }while((pMod = pMod->next)); } LEAVE_FUNC(); return NULL;}//************************************************************************* // FindSymbolTableByModuleName() // //************************************************************************* PICE_SYMBOLFILE_HEADER* FindSymbolTableByModuleName(LPSTR modname){ ULONG i; ENTER_FUNC(); for(i=0;i<ulNumSymbolsLoaded;i++) { if(PICE_strcmpi(modname,apSymbols[i]->name) == 0) return apSymbols[i]; } LEAVE_FUNC(); return NULL;}//************************************************************************* // FindSymbolByAddress() // //************************************************************************* BOOLEAN FindSymbolByAddress(LPSTR *pFind,ULONG ulValue){ char temp[256]; static char temp3[256]; LPSTR p,pStartOfLine,pSymbolName=NULL; ULONG ulCurrentValue=0,i; BOOLEAN bResult = FALSE; struct module *pMod; ULONG ulMinValue = -1; Elf32_Sym* pElfSym;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -