📄 dbg.c
字号:
return FALSE;
}
// Reannotate end position of block just after block tag
memcpy (&(pParamBuf->Buffer [CurrentBlockEndReannotateIdx]), &OutBufIndex, sizeof (OutBufIndex));
//
// Provide Thread Info Data
//
if (InpParams.dwSubServiceMask & PtissmskThreadInfoData)
{
dwThreadIdx = GetNumberOfThreadsAttachedToProc (dwProcessIdx);
dwLastThread = (InpParams.dwrThreadOrdNum.dwLast > (dwThreadIdx - 1)) ? (dwThreadIdx - 1) : InpParams.dwrThreadOrdNum.dwLast; // last thread is min (NumberOfThread, ParamLastThread)
for ( dwThreadIdx = InpParams.dwrThreadOrdNum.dwFirst;
dwThreadIdx <= dwLastThread;
dwThreadIdx++)
{ // loop thru process range [InpParams.dwrThreadOrdNum.dwFirst..InpParams.dwrThreadOrdNum.dwLast]
DEBUGGERMSG(KDZONE_DBG, (L"FlexiPTI: Provide Thread Data (index# = %i,OutBufIdx=%i)\r\n", dwThreadIdx, OutBufIndex));
if (pParamBuf->MaximumLength >= (OutBufIndex + 1 + sizeof (OutBufIndex)))
{ // At least 3 more bytes left in buffer (1 for tag + 2 for block end position)
AppendImmByteToOutBuf_M ( pParamBuf->Buffer,
PtitagsStartThreadInfoDataV1,
OutBufIndex); // Insert Start Thread Info Data TAG
CurrentBlockEndReannotateIdx = OutBufIndex; // save block end pos annotation index
OutBufIndex += 2; // skip size (will be written at the end of the block)
}
else
{ // Buffer not large enough: exit with error
return FALSE;
}
if (pParamBuf->MaximumLength >= (OutBufIndex + sizeof (dwThreadIdx)))
{ // enough space left in buffer
AppendObjToOutBuf_M ( pParamBuf->Buffer,
dwThreadIdx,
OutBufIndex); // Insert Thread Index number
}
else
{ // Buffer not large enough: exit with error
return FALSE;
}
if (!MarshalThreadInfoData (pParamBuf->Buffer,
&OutBufIndex,
dwProcessIdx,
dwThreadIdx,
(USHORT)(pParamBuf->MaximumLength - OutBufIndex)))
{ // Buffer not large enough: exit with error
return FALSE;
}
// Reannotate end position of block just after block tag
memcpy (&(pParamBuf->Buffer [CurrentBlockEndReannotateIdx]), &OutBufIndex, sizeof (OutBufIndex));
}
}
}
// Refresh return buffer size (return at least previous blocks)
pParamBuf->Length = OutBufIndex;
}
}
}
}
pParamBuf->Length = OutBufIndex; // defensive refresh of return buffer size (should be already OK)
SetReturnStatus_M (PtirstOK);
DEBUGGERMSG(KDZONE_DBG, (L"--FlexiPTI (OK - OutBufIdx=%i)\r\n", OutBufIndex));
return TRUE;
} // End of GetProcessAndThreadInfo
ULONG VerifyAddress(PVOID Addr)
{
ULONG loop, ret=0;
PVOID Temp=0;
COPYentry *cptr;
LPMODULE lpMod;
PCALLSTACK pCurStk;
for (loop = 0; loop < pTOC->ulCopyEntries; loop++) {
cptr = (COPYentry *)(pTOC->ulCopyOffset + loop*sizeof(COPYentry));
if ((ULONG)Addr >= cptr->ulSource && (ULONG)Addr < cptr->ulSource+cptr->ulDestLen) {
ret = (((ULONG)Addr)-cptr->ulSource+cptr->ulDest);
break;
}
}
if (!ret) {
if (((ULONG)Addr >= dwKStart) && ((ULONG)Addr <= dwKEnd))
ret = (ULONG)Addr-dwKStart+dwNewKStart;
else {
if (((ULONG)Addr > (DWORD)DllLoadBase) && ((ULONG)Addr < (1 << VA_SECTION))) {
lpMod = ModuleFromAddress((ULONG)Addr);
if (lpMod) {
/*
We now have the module. Loop through to find out what section
this address is in. If it is in a read only section map it into
the zero slot. Otherwise try to find a process space to map it into.
*/
for (loop=0; loop < lpMod->e32.e32_objcnt; loop++) {
if (ZeroPtr(Addr) >= ZeroPtr(lpMod->o32_ptr[loop].o32_realaddr)
&& (ZeroPtr(Addr)
<= ZeroPtr(lpMod->o32_ptr[loop].o32_realaddr)+lpMod->o32_ptr[loop].o32_vsize)) {
if ((lpMod->o32_ptr[loop].o32_flags & IMAGE_SCN_MEM_READ) &&
!(lpMod->o32_ptr[loop].o32_flags & IMAGE_SCN_MEM_WRITE)) {
// This is the read only section, map the pointer into slot zero
Temp=MapPtrProc(Addr,kdProcArray);
} else {
//now have to search for the process to map the pointer into.
//Check for CurProc
if ((lpMod->refcnt[pCurProc->procnum])
|| !(pCurThread->pcstkTop)) {
Temp=(PVOID)((DWORD)Addr|pCurProc->dwVMBase);
} else {
pCurStk=pCurThread->pcstkTop;
while (pCurStk) {
if ((pCurStk->pprcLast != (PPROCESS)USER_MODE) && (pCurStk->pprcLast != (PPROCESS)KERNEL_MODE)) {
if (lpMod->refcnt[pCurStk->pprcLast->procnum]) {
Temp=(PVOID)((DWORD)Addr|pCurStk->pprcLast->dwVMBase);
break;
}
}
pCurStk=pCurStk->pcstkNext;
}
if (!pCurStk && !Temp)
Temp=MapPtrInProc(Addr,kdProcArray);
}
}
}
}
} else
Temp = MapPtrInProc(Addr,kdProcArray);
} else
Temp = Addr;
ret = (ULONG)DbgVerify(Temp, 0);
}
}
return ret;
}
BOOL TranslateRA(PULONG lpAddr, PTHREAD pThd, DWORD dwStackFrameAddr)
{
ULONG NewRa, Temp;
ACCESSKEY ulOldKey;
DEBUGGERMSG(KDZONE_STACKW, (L"+ TranslateRA\r\n"));
if ((pThd == NULL))
{
DEBUGGERMSG(KDZONE_STACKW, (L"**** pThd == NULL ! Exit FALSE\r\n- TranslateRA\r\n"));
return FALSE;
}
if (!*lpAddr)
{
DEBUGGERMSG(KDZONE_STACKW, (L"**** RA == NULL ! Exit TRUE\r\n- TranslateRA\r\n"));
return TRUE;
}
SWITCHKEY(ulOldKey,0xffffffff);
if ((*lpAddr==SYSCALL_RETURN || *lpAddr==DIRECT_RETURN) && pStk)
{ // PSL IPC style:
//Check for mode not process
DEBUGGERMSG(KDZONE_STACKW, (L"PSL IPC style translation\r\n"));
if ((DWORD)pStk->pprcLast > 0x10000uL)
{
pLastProc=pStk->pprcLast;
}
Temp=(ULONG)(pStk)->retAddr;
NewRa=ZeroPtr(Temp);
pStk=pStk->pcstkNext;
}
else if (dwStackFrameAddr && pStk &&
((DWORD)pStk < dwStackFrameAddr) && // Stack Frame Base pointer is now above cstk var (on the stack) so we changed process
!pStk->retAddr // Extra check (optional) that ret is NULL
)
{ // New IPC style (SC_PerformCallBack4)
pLastProc=pStk->pprcLast;
Temp=*lpAddr;
NewRa=ZeroPtr(Temp);
pStk=pStk->pcstkNext;
DEBUGGERMSG(KDZONE_STACKW, (L"New IPC style translation pLastProc=%8.8lx NewRa=%8.8lx pStk=%8.8lx\r\n", pLastProc, NewRa, pStk));
}
else
{ // Normal case:
NewRa=*lpAddr;
}
if ((NewRa > (1 << VA_SECTION)) || (NewRa < (DWORD)DllLoadBase))
{ // Address from a EXE: Slotize it to its proper process
NewRa=(DWORD)MapPtrInProc(NewRa,pLastProc);
}
else
{ // Address from a DLL: Zero-slotize it because the debugger has only a zero-slot address of it
NewRa=(DWORD)ZeroPtr(NewRa);
}
DEBUGGERMSG(KDZONE_STACKW, (L"Translated RA from %8.8lx to %8.8lx (pThd=%8.8lx pStk=%8.8lx CurThread=%8.8lx WalkThread=%8.8lx pLastProc=%8.8lx dwStackFrameAddr=%8.8lx)\r\n",
*lpAddr, NewRa, pThd, pStk, pCurThread, pWalkThread, pLastProc, dwStackFrameAddr));
*lpAddr = NewRa;
SETCURKEY(ulOldKey);
DEBUGGERMSG(KDZONE_STACKW, (L"normal exit (TRUE)\r\n- TranslateRA\r\n"));
return TRUE;
}
BOOL TranslateAddress(PULONG lpAddr)
{
ULONG ret;
ACCESSKEY ulOldKey;
static ULONG PrevAddr;
static ULONG PrevTrans;
DEBUGGERMSG(KDZONE_DBG,(L"Getting jump location for %8.8lx (%8.8lx)\r\n", *lpAddr, pCurThread));
if (*lpAddr == PrevAddr) {
*lpAddr=PrevTrans;
DEBUGGERMSG(KDZONE_DBG, (L"Returning previous jump target %8.8lx\r\n", *lpAddr));
return TRUE;
}
SWITCHKEY(ulOldKey,0xffffffff);
if (*lpAddr == SYSCALL_RETURN || *lpAddr==DIRECT_RETURN) {
ret = (DWORD)DBG_ReturnCheck(pCurThread);
DEBUGGERMSG(KDZONE_DBG, (TEXT("DBG_CallCheck returned %8.8lx\r\n"), ret));
if (ret) {
if ((ZeroPtr(ret) > (1 << VA_SECTION)) || ZeroPtr(ret) < (DWORD)DllLoadBase)
ret=(DWORD)MapPtrProc(ret, pCurThread->pcstkTop->pprcLast);
}
DEBUGGERMSG(KDZONE_DBG, (TEXT("Patching syscall return jump to %8.8lx\r\n"), ret));
} else {
ret = (ULONG)DBG_CallCheck(pCurThread, *lpAddr);
DEBUGGERMSG(KDZONE_DBG, (TEXT("DBG_CallCheck returned %8.8lx\r\n"), ret));
if (ret) {
if ((ZeroPtr(ret) > (1 << VA_SECTION)) || ZeroPtr(ret) < (DWORD)DllLoadBase)
ret=(DWORD)MapPtrProc(ret, pCurThread->pcstkTop->pprcLast);
DEBUGGERMSG(KDZONE_DBG, (TEXT("Patching CallCheck to %8.8lx\r\n"), ret));
} else {
ret = *lpAddr;
if ((ZeroPtr(ret) > (1 << VA_SECTION)) || ZeroPtr(ret) < (DWORD)DllLoadBase)
ret=(DWORD)MapPtr(ret);
DEBUGGERMSG(KDZONE_DBG, (TEXT("Patching Jump to %8.8lx\r\n"), ret));
}
}
PrevAddr = *lpAddr;
PrevTrans = ret;
*lpAddr = ret;
SETCURKEY(ulOldKey);
return TRUE;
}
BOOL SwitchToThread(PTHREAD pThd)
{
//Check globals to find out if there is already one of these queued up.
if (pBreakThd) {
//If so clear old
SetThreadIP(pBreakThd, BreakPC);
SetThreadMode(pBreakThd, BreakMode);
}
//Store PC, mode and SR in global variables
pBreakThd=pThd;
BreakPC = GetThreadIP(pBreakThd);
BreakMode = GetThreadMode(pBreakThd);
//Set Thread to kernel mode
SetThreadMode(pBreakThd, KERNEL_MODE);
//Set PC to ThreadStopFunc
SetThreadIP(pBreakThd, ThreadStopFunc);
return TRUE;
}
void ClearThreadSwitch(PCONTEXT pCtx)
{
//Check globals to find out if there is already one of these queued up.
if (pBreakThd) {
//If so clear old
SetThreadIP(pBreakThd, BreakPC);
SetThreadMode(pBreakThd, BreakMode);
SetContextMode(pCtx, BreakMode);
if ((ZeroPtr(BreakPC) > (1 << VA_SECTION)) || ZeroPtr(BreakPC) < (DWORD)DllLoadBase)
BreakPC = (UINT)MapPtrProc(BreakPC, pCurProc);
CONTEXT_TO_PROGRAM_COUNTER(pCtx) = BreakPC;
}
pBreakThd=0;
BreakPC=0;
BreakMode=0;
}
ULONG ByteToNum(BYTE b)
{
switch(b) {
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
case '8':
case '9':
case '0':
return b - '0';
case 'A':
case 'B':
case 'C':
case 'D':
case 'E':
case 'F':
return b -'A' + 10;
case 'a':
case 'b':
case 'c':
case 'd':
case 'e':
case 'f':
return b - 'a' + 10;
default:
DEBUGCHK(0);
}
return 0;
}
ULONG SH3strtoul(LPBYTE lpStr, ULONG radix)
{
UINT Ret=0;
while (*lpStr) {
Ret= (Ret * radix) + ByteToNum(*lpStr);
lpStr++;
}
return Ret;
}
void SetKernLoadAddress(void)
{
dwKernBase=((TOCentry *)((LPBYTE)pTOC+sizeof(ROMHDR)))->ulLoadOffset;
dwKernSize=((LPe32_exe)((TOCentry *)((LPBYTE)pTOC+sizeof(ROMHDR)))->ulE32Offset)->e32_vsize;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -