📄 dumpmemory.cpp
字号:
#include <winbase.h>
#include "debug.h"
/* (C) 2003-2007 Willem Jan Hengeveld <itsme@xs4all.nl>
* Web: http://www.xs4all.nl/~itsme/
* http://wiki.xda-developers.com/
*
* $Id: dumpmemory.cpp 1502 2007-04-15 07:54:20Z itsme $
*/
#include <map>
#include <vector>
#include <string>
#include <algorithm>
using namespace std;
int g_verbose= 0;
//-------------------------------------------------------------------------------
// memory map tracker
class MemoryBlock {
public:
DWORD length;
DWORD vstart;
DWORD vend;
DWORD start;
DWORD end;
BYTE *data;
/* no destructor, to make memory management without copy constructors and refcounting easy */
/* I currently don't care about the data buffer leaking */
bool InRange(DWORD offset) const { return (start <= offset && offset < end); }
operator <(const MemoryBlock& mb) { return start < mb.start; }
operator <(DWORD offset) { return end < offset; }
};
typedef vector<MemoryBlock> MemoryBlockVector;
typedef vector<DWORD> DWORDList;
typedef map<DWORD,DWORDList> BlockMapList;
class MemoryMap {
public:
bool MapMemory(DWORD voffset, DWORD poffset, DWORD size);
void *GetPtr(DWORD offset) const;
DWORD GetOfs(void *ptr) const;
BYTE GetByte(DWORD offset) const;
DWORD GetDword(DWORD offset) const;
DWORD FirstAddress() const;
DWORD LastAddress() const;
DWORD NextValidAddress(DWORD address) const;
void DumpReverseMap();
void DumpForwardMap();
private:
MemoryBlockVector m_blocks;
BlockMapList m_reversemap;
BlockMapList m_forwardmap;
};
MemoryMap g_vmem; // maps virtual -> physical addresses
class MemRegion {
public:
DWORD start;
DWORD end;
DWORD length;
string *description;
/* no destructor, to make memory management without copy constructors and refcounting easy */
/* I currently don't care about the description buffer leaking */
MemRegion(DWORD start, DWORD end) : start(start), end(end), description(NULL), length(end-start) {}
operator <(const MemRegion& r) const { return start < r.start || (start==r.start && length<r.length); }
};
typedef vector<MemRegion> MemRegionVector;
class MemRegions {
public:
MemRegion& MarkRange(DWORD start, DWORD end, const char *msg, ...);
MemRegion& MarkRegion(DWORD start, DWORD length, const char *msg, ...);
MemRegion& MarkRegion_v(DWORD start, DWORD length, const char *msg, va_list ap);
void DumpMemoryMap();
private:
MemRegionVector m_list;
};
//--------------------------- global variables
MemRegions g_vregions;
// maps physical memory back to virtual
bool MemoryMap::MapMemory(DWORD voffset, DWORD poffset, DWORD size)
{
MemoryBlock mb;
mb.length= size;
mb.vstart= voffset;
mb.vend= voffset+size;
mb.start= poffset;
mb.end= poffset+size;
mb.data= (BYTE*)mb.vstart;
// keep m_blocks sorted.
MemoryBlockVector::iterator i;
for (i=m_blocks.begin() ; i!=m_blocks.end(); ++i)
if (mb.start < (*i).start)
break;
m_blocks.insert(i, mb);
m_reversemap[poffset].push_back(voffset);
m_forwardmap[voffset].push_back(poffset);
return true;
}
void MemoryMap::DumpReverseMap()
{
for (BlockMapList::iterator i= m_reversemap.begin() ; i!=m_reversemap.end() ; ++i)
{
debug("%08lx :", (*i).first);
for (DWORDList::iterator j= (*i).second.begin() ; j!=(*i).second.end() ; ++j)
{
debug(" %08lx", (*j));
}
debug("\n");
}
}
void MemoryMap::DumpForwardMap()
{
for (BlockMapList::iterator i= m_forwardmap.begin() ; i!=m_forwardmap.end() ; ++i)
{
debug("%08lx :", (*i).first);
for (DWORDList::iterator j= (*i).second.begin() ; j!=(*i).second.end() ; ++j)
{
debug(" %08lx", (*j));
}
debug("\n");
}
}
BYTE MemoryMap::GetByte(DWORD offset) const
{
BYTE *p= (BYTE*)GetPtr(offset);
if (p==NULL)
return 0;
return *p;
}
DWORD MemoryMap::GetDword(DWORD offset) const
{
DWORD *p= (DWORD*)GetPtr(offset);
if (p==NULL)
return 0;
return *p;
}
void *MemoryMap::GetPtr(DWORD offset) const
{
for (MemoryBlockVector::const_iterator i=m_blocks.begin() ; i!=m_blocks.end(); ++i)
{
if ((*i).InRange(offset)) {
return (*i).data+(offset-(*i).start);
}
}
debug("ERROR: could not find pointer for ofs %08lx\n", offset);
return NULL;
}
DWORD MemoryMap::GetOfs(void *ptr) const
{
for (MemoryBlockVector::const_iterator i=m_blocks.begin() ; i!= m_blocks.end() ; ++i)
{
if ((*i).data <= ptr && ptr < (*i).data+(*i).length)
{
return ((BYTE*)ptr - (*i).data) + (*i).start;
}
}
debug("ERROR: could not find offset for ptr %08lx\n", ptr);
return 0;
}
DWORD MemoryMap::FirstAddress() const
{
MemoryBlockVector::const_iterator i=m_blocks.begin();
return (*i).start;
}
DWORD MemoryMap::LastAddress() const
{
MemoryBlockVector::const_reverse_iterator i=m_blocks.rbegin();
return (*i).end;
}
MemRegion& MemRegions::MarkRange(DWORD start, DWORD end, const char *msg, ...)
{
va_list ap;
va_start(ap, msg);
MemRegion& r= MarkRegion_v(start, end-start, msg, ap);
va_end(ap);
return r;
}
MemRegion& MemRegions::MarkRegion(DWORD start, DWORD length, const char *msg, ...)
{
va_list ap;
va_start(ap, msg);
MemRegion& r= MarkRegion_v(start, length, msg, ap);
va_end(ap);
return r;
}
MemRegion& MemRegions::MarkRegion_v(DWORD start, DWORD length, const char *msg, va_list ap)
{
char msgbuf[1024];
_vsnprintf(msgbuf, 1024, msg, ap);
MemRegion *m= new MemRegion(start, start+length);
m->description= new string(msgbuf);
if (m->description==NULL)
{
debug("error allocating memory\n");
}
m_list.push_back(*m);
return *m;
}
void MemRegions::DumpMemoryMap()
{
debug("marked %d memory entries\n", m_list.size());
sort(m_list.begin(), m_list.end());
DWORD offset= 0;
for (MemRegionVector::iterator i=m_list.begin() ; i!=m_list.end() ; ++i)
{
if (offset < (*i).start) {
MemRegion m(offset, (*i).start);
if ( ((*i).start & 3)==0 && (*i).start - offset < 4)
{
if (g_verbose>0) {
debug("\t%08lx - %08lx L%08lx alignment", m.start, m.end, m.length);
//if (m.FirstNonzero()!=m.end)
// bytedump(m.start, m.end);
}
}
else
{
/*
DWORD firstnz= max(m.start, m.FirstNonzero() & ~3);
DWORD lastnz= min(m.end, (m.LastNonzero() & ~3)+4);
if (firstnz==m.end)
debug("\n%08lx - %08lx L%08lx NUL", m.start, m.end, m.length);
else {
if (firstnz != m.start)
debug("\n%08lx - %08lx L%08lx NUL", m.start, firstnz, firstnz-m.start);
*/
//debug("\n%08lx - %08lx L%08lx unknown", firstnz, lastnz, lastnz-firstnz);
debug("\n%08lx - %08lx L%08lx unknown", m.start, m.end, m.end-m.start);
/*
if (lastnz-firstnz<16)
bytedump(firstnz, lastnz);
else if (lastnz-firstnz<64)
dworddump(firstnz, lastnz);
if (lastnz != m.end)
debug("\n%08lx - %08lx L%08lx NUL", lastnz, m.end, m.end-lastnz);
}
*/
}
}
else if (offset > (*i).start) {
debug("\n!!! overlap of %d bytes\n", offset-(*i).start );
}
debug("\n%08lx - %08lx L%08lx %s", (*i).start, (*i).end, (*i).length, (*i).description->c_str());
offset= (*i).end;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -