📄 parse.c
字号:
DPRINT((0,"StepOver(): line #%u in file = %s!\n",ulLineNumber,pFilename));
g_ulLineNumberStart = ulLineNumber;
bStepThroughSource = TRUE;
// deinstall the INT3 in kernel's printk()
DeInstallPrintkHook();
goto proceed_as_normal;
}
else
{
DPRINT((0,"StepOver(): no source here!\n"));
proceed_as_normal:
// if there is some form of call instruction at EIP we need to find
// the return address
if(IsCallInstrAtEIP())
{
// get address of next instruction
dwBreakAddress=GetLinearAddress(CurrentCS,CurrentEIP);
Disasm(&dwBreakAddress,tempDisasm);
DPRINT((0,"address of break = %.4X:%.8X\n",CurrentCS,dwBreakAddress));
dwBreakAddress=GetLinearAddress(CurrentCS,dwBreakAddress);
DPRINT((0,"linear address of break = %.8X\n",dwBreakAddress));
DPRINT((0,"setting DR0=%.8X\n",dwBreakAddress));
SetHardwareBreakPoint(dwBreakAddress,0);
bSingleStep = FALSE;
bNotifyToExit = TRUE;
}
else
{
DPRINT((0,"no call at breakpoint\n"));
// modify trace flag
CurrentEFL|=0x100; // set trace flag (TF)
bSingleStep=TRUE;
bNotifyToExit=TRUE;
}
}
bStepInto = FALSE;
bStepping = TRUE;
LEAVE_FUNC();
return TRUE;
}
//*************************************************************************
// StepInto()
//
// step into calls
//*************************************************************************
COMMAND_PROTOTYPE(StepInto)
{
ULONG ulLineNumber;
LPSTR pSrcStart,pSrcEnd,pFilename;
ENTER_FUNC();
// only no arguments supplied
// when we have source and current disassembly mod is SOURCE
// we have to analyse the code block for the source line
if(FindSourceLineForAddress(GetLinearAddress(CurrentCS,CurrentEIP),&ulLineNumber,&pSrcStart,&pSrcEnd,&pFilename))
{
DPRINT((0,"StepOver(): we have source here!\n"));
DPRINT((0,"StepOver(): line #%u in file = %s!\n",ulLineNumber,pFilename));
g_ulLineNumberStart = ulLineNumber;
bStepThroughSource = TRUE;
// deinstall the INT3 in kernel's printk()
DeInstallPrintkHook();
goto proceed_as_normal_into;
}
else
{
DPRINT((0,"StepInto(): no source here!\n"));
proceed_as_normal_into:
// modify trace flag
CurrentEFL|=0x100; // set trace flag (TF)
bSingleStep=TRUE;
bNotifyToExit=TRUE;
}
bStepInto = TRUE;
bStepping = TRUE;
LEAVE_FUNC();
return TRUE;
}
//*************************************************************************
// SetBreakpoint()
//
//*************************************************************************
COMMAND_PROTOTYPE(SetBreakpoint)
{
ULONG addr,addrorg;
USHORT segment;
if(pArgs->Count<=2)
{
if(pArgs->bNotTranslated[0]==FALSE)
{
if(gCurrentSelector)
{
addr=pArgs->Value[0];
addrorg=gCurrentOffset;
segment=gCurrentSelector;
}
else
{
addrorg=addr=pArgs->Value[0];
segment=CurrentCS;
}
if(InstallSWBreakpoint(GetLinearAddress(segment,addr),FALSE,NULL) )
{
PICE_sprintf(tempCmd,"BP #%u set to %.4X:%.8X\n",0,segment,addr);
}
else
{
PICE_sprintf(tempCmd,"BP #%u NOT set (either page not valid OR already used)\n",0);
}
Print(OUTPUT_WINDOW,tempCmd);
}
else
{
if(InstallVirtualSWBreakpoint((LPSTR)pArgs->Value[0],(LPSTR)pArgs->Value[1]) )
{
PICE_sprintf(tempCmd,"BP #%u virtually set to %s!%s\n",0,(LPSTR)pArgs->Value[0],(LPSTR)pArgs->Value[1]);
}
else
{
PICE_sprintf(tempCmd,"BP #%u NOT set (maybe no symbols loaded)\n",0);
}
Print(OUTPUT_WINDOW,tempCmd);
}
RepaintSource();
}
return TRUE;
}
//*************************************************************************
// ListBreakpoints()
//
//*************************************************************************
COMMAND_PROTOTYPE(ListBreakpoints)
{
ULONG i;
ListSWBreakpoints();
for(i=0;i<4;i++)
{
if(Bp[i].Used)
{
PICE_sprintf(tempCmd,"(%u) %s %.4X:%.8X(linear %.8X)\n",i,Bp[i].Active?"*":" ",Bp[i].Segment,Bp[i].Offset,Bp[i].LinearAddress);
Print(OUTPUT_WINDOW,tempCmd);
}
}
return TRUE;
}
//*************************************************************************
// ClearBreakpoints()
//
//*************************************************************************
COMMAND_PROTOTYPE(ClearBreakpoints)
{
if(pArgs->Count)
{
if(pArgs->Value[0]<4)
{
Bp[pArgs->Value[0]].Used=Bp[pArgs->Value[0]].Active=FALSE;
}
RepaintSource();
}
else
{
ULONG i;
RemoveAllSWBreakpoints(FALSE);
for(i=0;i<4;i++)Bp[i].Used=Bp[i].Active=FALSE;
RepaintSource();
}
return TRUE;
}
//*************************************************************************
// LeaveIce()
//
//*************************************************************************
COMMAND_PROTOTYPE(LeaveIce)
{
// SetHardwareBreakPoints();
bSingleStep=FALSE;
bNotifyToExit=TRUE;
return TRUE;
}
//*************************************************************************
// ShowGdt()
//
//*************************************************************************
COMMAND_PROTOTYPE(ShowGdt)
{
ULONG gdtr[2];
USHORT i;
PGDT pGdt;
static ULONG addr=0;
LPSTR pVerbose;
// get GDT register
__asm__ ("sgdt %0\n"
:"=m" (gdtr));
// info out
PICE_sprintf(tempCmd,"Address=%.8X Limit=%.4X\n",(gdtr[1]<<16)|(gdtr[0]>>16),gdtr[0]&0xFFFF);
Print(OUTPUT_WINDOW,tempCmd);
WaitForKey();
// make pointer to GDT
pGdt=(PGDT)(((ULONG)(gdtr[1]<<16))|((ULONG)(gdtr[0]>>16)));
if(pArgs->Count==1)
{
ULONG limit=((pGdt[addr].Limit_19_16<<16)|pGdt[addr].Limit_15_0);
addr=pArgs->Value[0];
addr&=(~0x7);
if(pGdt[addr>>3].Gran)limit=(limit*4096)|0xfff;
if(!pGdt[addr>>3].DescType)
pVerbose = SystemSegmentTypes[pGdt[addr>>3].SegType];
else
pVerbose = NonSystemSegmentTypes[pGdt[addr>>3].SegType];
PICE_sprintf(tempCmd,"%.4X %.8X %.8X %s %u %s\n",
addr,
(pGdt[addr>>3].Base_31_24<<24)|(pGdt[addr>>3].Base_23_16<<16)|(pGdt[addr>>3].Base_15_0),
limit,
pGdt[addr>>3].Present?" P":"NP",
pGdt[addr>>3].Dpl,
pVerbose);
Print(OUTPUT_WINDOW,tempCmd);
}
else if(pArgs->Count==0)
{
for(i=0;i<((gdtr[0]&0xFFFF)>>3);i++)
{
ULONG limit=((pGdt[i].Limit_19_16<<16)|pGdt[i].Limit_15_0);
if(!pGdt[i].DescType)
pVerbose = SystemSegmentTypes[pGdt[i].SegType];
else
pVerbose = NonSystemSegmentTypes[pGdt[i].SegType];
if(pGdt[i].Gran)limit=(limit*4096)|0xfff;
PICE_sprintf(tempCmd,"%.4X %.8X %.8X %s %u %s\n",
i<<3,
(pGdt[i].Base_31_24<<24)|(pGdt[i].Base_23_16<<16)|(pGdt[i].Base_15_0),
limit,
pGdt[i].Present?" P":"NP",
pGdt[i].Dpl,
pVerbose);
Print(OUTPUT_WINDOW,tempCmd);
if(WaitForKey()==FALSE)break;
}
}
return TRUE;
}
//*************************************************************************
// OutputIdtEntry()
//
//*************************************************************************
void OutputIdtEntry(PIDT pIdt,ULONG i)
{
USHORT seg;
ULONG offset;
LPSTR pSym;
seg = (USHORT)pIdt[i].Selector;
offset = (pIdt[i].Offset_31_16<<16)|(pIdt[i].Offset_15_0);
switch(pIdt[i].DescType)
{
// task gate
case 0x5:
PICE_sprintf(tempCmd,"(%0.4X) %0.4X:%0.8X %u [task]\n",i,
seg,
GetLinearAddress((USHORT)seg,0),
pIdt[i].Dpl);
break;
// interrupt gate
case 0x6:
case 0xE:
if(ScanExportsByAddress(&pSym,GetLinearAddress((USHORT)seg,offset)))
{
PICE_sprintf(tempCmd,"(%0.4X) %0.4X:%0.8X %u [int] (%s)\n",i,
seg,
offset,
pIdt[i].Dpl,
pSym);
}
else
{
PICE_sprintf(tempCmd,"(%0.4X) %0.4X:%0.8X %u [int]\n",i,
seg,
offset,
pIdt[i].Dpl);
}
break;
// trap gate
case 0x7:
case 0xF:
if(ScanExportsByAddress(&pSym,GetLinearAddress((USHORT)seg,offset)))
{
PICE_sprintf(tempCmd,"(%0.4X) %0.4X:%0.8X %u [trap] (%s)\n",i,
seg,
offset,
pIdt[i].Dpl,
pSym);
}
else
{
PICE_sprintf(tempCmd,"(%0.4X) %0.4X:%0.8X %u [trap]\n",i,
seg,
offset,
pIdt[i].Dpl);
}
break;
default:
PICE_sprintf(tempCmd,"(%0.4X) INVALID\n",i);
break;
}
Print(OUTPUT_WINDOW,tempCmd);
}
//*************************************************************************
// ShowIdt()
//
//*************************************************************************
COMMAND_PROTOTYPE(ShowIdt)
{
ULONG idtr[2];
USHORT i;
PIDT pIdt;
ULONG addr=0;
ENTER_FUNC();
// get GDT register
__asm__ ("sidt %0\n"
:"=m" (idtr));
// info out
PICE_sprintf(tempCmd,"Address=%.8X Limit=%.4X\n",(idtr[1]<<16)|(idtr[0]>>16),idtr[0]&0xFFFF);
Print(OUTPUT_WINDOW,tempCmd);
WaitForKey();
// make pointer to GDT
pIdt=(PIDT)(((ULONG)(idtr[1]<<16))|((ULONG)(idtr[0]>>16)));
if(pArgs->Count==1)
{
addr=pArgs->Value[0];
addr&=(~0x7);
}
else if(pArgs->Count==0)
{
for(i=0;i<((idtr[0]&0xFFFF)>>3);i++)
{
OutputIdtEntry(pIdt,i);
if(WaitForKey()==FALSE)break;
}
}
LEAVE_FUNC();
return TRUE;
}
//*************************************************************************
// ShowHelp()
//
//*************************************************************************
COMMAND_PROTOTYPE(ShowHelp)
{
ULONG i,j;
PutStatusText("COMMAND KEYWORD DESCRIPTION");
for(j=0;j<COMMAND_GROUP_LAST;j++)
{
PICE_sprintf(tempCmd,"= %-20s =====================================\n",CommandGroups[j]);
Print(OUTPUT_WINDOW,tempCmd);
WaitForKey();
for(i=0;CmdTable[i].Cmd!=NULL;i++)
{
if(CmdTable[i].CommandGroup == j)
{
PICE_sprintf(tempCmd,"%-20s %s\n",CmdTable[i].Cmd,CmdTable[i].Help);
Print(OUTPUT_WINDOW,tempCmd);
if(WaitForKey()==FALSE)return TRUE;
}
}
}
return TRUE;
}
//*************************************************************************
// ShowPageDirs()
//
//*************************************************************************
COMMAND_PROTOTYPE(ShowPageDirs)
{
ULONG i;
PPAGEDIR pPageDir;
PULONG pPGD;
PULONG pPTE;
PEPROCESS my_current = IoGetCurrentProcess();
ENTER_FUNC();
DPRINT((0,"ShowPageDirs(): my_current = %.8X\n",(ULONG)my_current));
// don't touch if not valid process
if(my_current)
{
// no arguments supplied -> show all page directories
if(!pArgs->Count)
{
PutStatusText("Linear Physical Attributes");
// there are 1024 page directories each mapping 1024*4k of address space
for(i=0;i<1024;i++)
{
ULONG ulAddress = i<<22;
// from the mm_struct get pointer to page directory for this address
pPGD = ADDR_TO_PDE(ulAddress);
// create a structurized pointer from PGD
pPageDir = (PPAGEDIR)pPGD;
if(pPageDir->PTBase)
{
PICE_sprintf(tempCmd,"%.8X-%.8X %.8X %s %s %s\n",
ulAddress, ulAddress + 0x400000,
(pPageDir->PTBase<<12),
pPageDir->P?"P ":"NP",
pPageDir->RW?"RW":"R ",
pPageDir->US?"U":"S");
Print(OUTPUT_WINDOW,tempCmd);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -