📄 plugin.h
字号:
typedef struct t_schemeopt { // Color scheme, alternative form
char *name; // Name of the scheme
int color[8]; // Colours used as in t_scheme
} t_schemeopt;
typedef struct t_bar {
int nbar; // Number of active columns
int font; // Font used for bar segments
int dx[NBAR]; // Actual widths of columns, pixels
int defdx[NBAR]; // Default widths of columns, chars
char *name[NBAR]; // Column names (may be NULL)
uchar mode[NBAR]; // Combination of BAR_xxx bits
int captured; // One of CAPT_xxx, set to CAPT_FREE
int active; // Info about how mouse is captured
int prevx; // Previous mouse coordinate
} t_bar;
typedef struct t_sortheader { // Header of sorted data field
ulong addr; // Base address of the entry
ulong size; // Size address of the entry
ulong type; // Entry type, TY_xxx
} t_sortheader;
typedef int SORTFUNC(const t_sortheader *,const t_sortheader *,const int);
typedef int DRAWFUNC(char *,char *,int *,t_sortheader *,int);
typedef void DESTFUNC(t_sortheader *);
#define AUTOARRANGE ((SORTFUNC *)1) // Autoarrangeable sorted data
typedef struct t_sorted { // Descriptor of sorted table
char name[MAX_PATH]; // Name of table, as appears in error
int n; // Actual number of entries
int nmax; // Maximal number of entries
int selected; // Index of selected entry or -1
ulong seladdr; // Base address of selected entry
int itemsize; // Size of single entry
ulong version; // Unique version of table
void *data; // Entries, sorted by address
SORTFUNC *sortfunc; // Function which sorts data or NULL
DESTFUNC *destfunc; // Destructor function or NULL
int sort; // Sorting criterium (column)
int sorted; // Whether indexes are sorted
int *index; // Indexes, sorted by criterium
int suppresserr; // Suppress multiple overflow errors
} t_sorted;
typedef struct t_table { // Window with sorted data and bar
HWND hw; // Handle of window or NULL
t_sorted data; // Sorted data
t_bar bar; // Description of bar
int showbar; // Bar: 1-displayed, 0-hidden, -1-absent
short hscroll; // Horiz. scroll: 1-displayed, 0-hidden
short colsel; // Column in TABLE_COLSEL window
int mode; // Combination of bits TABLE_xxx
int font; // Font used by window
short scheme; // Colour scheme used by window
short hilite; // Syntax highlighting used by window
int offset; // First displayed row
int xshift; // Shift in X direction, pixels
DRAWFUNC *drawfunc; // Function which decodes table fields
} t_table;
extc int cdecl Createsorteddata(t_sorted *sd,char *name,int itemsize,
int nmax,SORTFUNC *sortfunc,DESTFUNC *destfunc);
extc void cdecl Destroysorteddata(t_sorted *sd);
extc void cdecl *Addsorteddata(t_sorted *sd,void *item);
extc void cdecl Deletesorteddata(t_sorted *sd,ulong addr);
extc void cdecl Deletesorteddatarange(t_sorted *sd,ulong addr0,ulong addr1);
extc int cdecl Deletenonconfirmedsorteddata(t_sorted *sd);
extc void* cdecl Findsorteddata(t_sorted *sd,ulong addr);
extc void* cdecl Findsorteddatarange(t_sorted *sd,ulong addr0,ulong addr1);
extc int cdecl Findsorteddataindex(t_sorted *sd,ulong addr0,ulong addr1);
extc int cdecl Sortsorteddata(t_sorted *sd,int sort);
extc void* cdecl Getsortedbyselection(t_sorted *sd,int index);
extc void cdecl Defaultbar(t_bar *pb);
extc int cdecl Tablefunction(t_table *pt,
HWND hw,UINT msg,WPARAM wp,LPARAM lp);
extc void cdecl Painttable(HWND hw,t_table *pt,DRAWFUNC getline);
extc int cdecl Gettableselectionxy(t_table *pt,int column,int *px,int *py);
extc void cdecl Selectandscroll(t_table *pt,int index,int mode);
////////////////////////////////////////////////////////////////////////////////
//////////////////////////////// NAME FUNCTIONS ////////////////////////////////
// Types of names used in name functions. Note that higher-priority types have
// smaller identifiers!
#define NM_NONAME 0x00 // Undefined name
#define NM_ANYNAME 0xFF // Name of any type
// Names saved in the data file of module they appear.
#define NM_PLUGCMD 0x30 // Plugin commands to execute at break
#define NM_LABEL 0x31 // User-defined label
#define NM_EXPORT 0x32 // Exported (global) name
#define NM_IMPORT 0x33 // Imported name
#define NM_LIBRARY 0x34 // Name from library or object file
#define NM_CONST 0x35 // User-defined constant
#define NM_COMMENT 0x36 // User-defined comment
#define NM_LIBCOMM 0x37 // Comment from library or object file
#define NM_BREAK 0x38 // Condition related with breakpoint
#define NM_ARG 0x39 // Arguments decoded by analyzer
#define NM_ANALYSE 0x3A // Comment added by analyzer
#define NM_BREAKEXPR 0x3B // Expression related with breakpoint
#define NM_BREAKEXPL 0x3C // Explanation related with breakpoint
#define NM_ASSUME 0x3D // Assume function with known arguments
#define NM_STRUCT 0x3E // Code structure decoded by analyzer
#define NM_CASE 0x3F // Case description decoded by analyzer
// Names saved in the data file of main module.
#define NM_INSPECT 0x40 // Several last inspect expressions
#define NM_WATCH 0x41 // Watch expressions
#define NM_ASM 0x42 // Several last assembled strings
#define NM_FINDASM 0x43 // Several last find assembler strings
#define NM_LASTWATCH 0x48 // Several last watch expressions
#define NM_SOURCE 0x49 // Several last source search strings
#define NM_REFTXT 0x4A // Several last ref text search strings
#define NM_GOTO 0x4B // Several last expressions to follow
#define NM_GOTODUMP 0x4C // Several expressions to follow in Dump
#define NM_TRPAUSE 0x4D // Several expressions to pause trace
// Pseudonames.
#define NM_IMCALL 0xFE // Intermodular call
#define NMHISTORY 0x40 // Converts NM_xxx to type of init list
extc int cdecl Insertname(ulong addr,int type,char *name);
extc int cdecl Quickinsertname(ulong addr,int type,char *name);
extc void cdecl Mergequicknames(void);
extc void cdecl Discardquicknames(void);
extc int cdecl Findname(ulong addr,int type,char *name);
extc int cdecl Decodename(ulong addr,int type,char *name);
extc ulong cdecl Findnextname(char *name);
extc int cdecl Findlabel(ulong addr,char *name);
extc void cdecl Deletenamerange(ulong addr0,ulong addr1,int type);
extc int cdecl Findlabelbyname(char *name,ulong *addr,
ulong addr0,ulong addr1);
extc ulong cdecl Findimportbyname(char *name,ulong addr0,ulong addr1);
extc int cdecl Demanglename(char *name,int type,char *undecorated);
extc int cdecl Findsymbolicname(ulong addr,char *fname);
////////////////////////////////////////////////////////////////////////////////
//////////////////////////// DISASSEMBLY FUNCTIONS /////////////////////////////
#define REG_EAX 0 // Indexes of general-purpose registers
#define REG_ECX 1 // in t_reg.
#define REG_EDX 2
#define REG_EBX 3
#define REG_ESP 4
#define REG_EBP 5
#define REG_ESI 6
#define REG_EDI 7
#define SEG_UNDEF -1
#define SEG_ES 0 // Indexes of segment/selector registers
#define SEG_CS 1 // in t_reg.
#define SEG_SS 2
#define SEG_DS 3
#define SEG_FS 4
#define SEG_GS 5
// Selected items in register window.
#define RS_NONE 0x0000 // No selection
#define RS_INT 0x0010 // General-purpose 32-bit registers
#define RS_EIP 0x0020 // EIP (instruction pointer)
#define RS_FLG 0x0030 // 1-bit decoded flags
#define RS_SEG 0x0040 // Segment (selector) registers
#define RS_EFL 0x0050 // 32-bit flag register
#define RS_TAG 0x0060 // FPU register tag
#define RS_FPU 0x0070 // 80-bit FPU registers
#define RS_FST 0x0080 // FPU status
#define RS_FCO 0x0090 // FPU condition bits
#define RS_FER 0x00A0 // FPU error bits
#define RS_FCW 0x00B0 // FPU control word
#define RS_FPR 0x00C0 // FPU precision fields
#define RS_FEM 0x00D0 // FPU error mask bits
#define RS_MMX 0x00E0 // MMX registers
#define RS_3DN 0x00F0 // 3DNow! registers
#define RS_SSE 0x0100 // SSE registers
#define RS_CSR 0x0110 // SSE MXCSR register
#define RS_CSB 0x0120 // SSE MXCSR bits
#define RS_CPR 0x0130 // SSE rounding control
#define RS_ERR 0x0140 // Last thread error
#define RS_GROUP 0x01F0 // Mask to extract group of registers
#define RS_INDEX 0x000F // Mask to extract index of register
#define NREGSTACK 32 // Length of stack trace buffer
#define MAXCALSIZE 8 // Max length of CALL without prefixes
#define INT3 0xCC // Code of 1-byte breakpoint
#define NOP 0x90 // Code of 1-byte NOP command
#define TRAPFLAG 0x00000100 // Trap flag in CPU flag register
#define C_TYPEMASK 0xF0 // Mask for command type
#define C_CMD 0x00 // Ordinary instruction
#define C_PSH 0x10 // PUSH instruction
#define C_POP 0x20 // POP instruction
#define C_MMX 0x30 // MMX instruction
#define C_FLT 0x40 // FPU instruction
#define C_JMP 0x50 // JUMP instruction
#define C_JMC 0x60 // Conditional JUMP instruction
#define C_CAL 0x70 // CALL instruction
#define C_RET 0x80 // RET instruction
#define C_FLG 0x90 // Changes system flags
#define C_RTF 0xA0 // C_JMP and C_FLG simultaneously
#define C_REP 0xB0 // Instruction with REPxx prefix
#define C_PRI 0xC0 // Privileged instruction
#define C_SSE 0xD0 // SSE instruction
#define C_NOW 0xE0 // 3DNow! instruction
#define C_BAD 0xF0 // Unrecognized command
#define C_RARE 0x08 // Rare command, seldom used in programs
#define C_SIZEMASK 0x07 // MMX data size or special flag
#define C_EXPL 0x01 // (non-MMX) Specify explicit memory size
#define C_DANGER95 0x01 // Command is dangerous under Win95/98
#define C_DANGER 0x03 // Command is dangerous everywhere
#define C_DANGERLOCK 0x07 // Dangerous with LOCK prefix
#define DEC_TYPEMASK 0x1F // Type of memory byte
#define DEC_UNKNOWN 0x00 // Unknown type
#define DEC_BYTE 0x01 // Accessed as byte
#define DEC_WORD 0x02 // Accessed as short
#define DEC_NEXTDATA 0x03 // Subsequent byte of data
#define DEC_DWORD 0x04 // Accessed as long
#define DEC_FLOAT4 0x05 // Accessed as float
#define DEC_FWORD 0x06 // Accessed as descriptor/long pointer
#define DEC_FLOAT8 0x07 // Accessed as double
#define DEC_QWORD 0x08 // Accessed as 8-byte integer
#define DEC_FLOAT10 0x09 // Accessed as long double
#define DEC_TBYTE 0x0A // Accessed as 10-byte integer
#define DEC_STRING 0x0B // Zero-terminated ASCII string
#define DEC_UNICODE 0x0C // Zero-terminated UNICODE string
#define DEC_3DNOW 0x0D // Accessed as 3Dnow operand
#define DEC_SSE 0x0E // Accessed as SSE operand
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -