C++ (Cpp) ISymbolInfo Examples, magost::ISymbolInfo C++ (Cpp) Examples

Example #1

0

Show file

File: EventCallback.cpp Project: aBothe/MagoWrapper

    bool FindGlobalSymbolAddress(Module* mainMod, const char* symbol, Address64& symaddr)
    {
        HRESULT hr = S_OK;
        RefPtr<MagoST::ISession> session;

        if ( !mainMod->GetSymbolSession( session ) )
            return false;

        MagoST::EnumNamedSymbolsData enumData = { 0 };

        hr = session->FindFirstSymbol( MagoST::SymHeap_GlobalSymbols, symbol, strlen(symbol), enumData );
        if ( hr != S_OK )
            hr = session->FindFirstSymbol( MagoST::SymHeap_StaticSymbols, symbol, strlen(symbol), enumData );
        if ( hr != S_OK )
            hr = session->FindFirstSymbol( MagoST::SymHeap_PublicSymbols, symbol, strlen(symbol), enumData );
        if ( hr != S_OK )
            return false;

        MagoST::SymHandle handle;

        hr = session->GetCurrentSymbol( enumData, handle );
        if ( FAILED( hr ) )
            return false;

        MagoST::SymInfoData infoData = { 0 };
        MagoST::ISymbolInfo* symInfo = NULL;

        hr = session->GetSymbolInfo( handle, infoData, symInfo );
        if ( FAILED( hr ) )
            return false;

        uint16_t section = 0;
        uint32_t offset = 0;

        if ( !symInfo->GetAddressSegment( section ) 
            || !symInfo->GetAddressOffset( offset ) )
            return false;

        uint64_t addr = session->GetVAFromSecOffset( section, offset );
        if ( addr == 0 )
            return false;

        symaddr = (Address64) addr;
        return true;
    }

Example #2

0

Show file

File: EventCallback.cpp Project: Kentorix/MagoWrapper

    bool FindUserEntryPoint( Module* mainMod, Address& entryPoint )
    {
        HRESULT hr = S_OK;
        RefPtr<MagoST::ISession> session;

        if ( !mainMod->GetSymbolSession( session ) )
            return false;

        MagoST::EnumNamedSymbolsData enumData = { 0 };

        hr = session->FindFirstSymbol( MagoST::SymHeap_GlobalSymbols, "D main", 6, enumData );
        if ( hr != S_OK )
            return false;

        MagoST::SymHandle handle;

        hr = session->GetCurrentSymbol( enumData, handle );
        if ( FAILED( hr ) )
            return false;

        MagoST::SymInfoData infoData = { 0 };
        MagoST::ISymbolInfo* symInfo = NULL;

        hr = session->GetSymbolInfo( handle, infoData, symInfo );
        if ( FAILED( hr ) )
            return false;

        uint16_t section = 0;
        uint32_t offset = 0;

        if ( !symInfo->GetAddressSegment( section ) 
            || !symInfo->GetAddressOffset( offset ) )
            return false;

        uint64_t addr = session->GetVAFromSecOffset( section, offset );
        if ( addr == 0 )
            return false;

        entryPoint = (Address) addr;
        return true;
    }

Example #3

0

Show file

File: EventCallback.cpp Project: aBothe/MagoWrapper

    bool EventCallback::FindThunk( 
        MagoST::ISession* session, uint16_t section, uint32_t offset, AddressRange64& thunkRange )
    {
        HRESULT hr = S_OK;
        MagoST::SymHandle symHandle;

        hr = session->FindOuterSymbolByAddr( MagoST::SymHeap_GlobalSymbols, section, offset, symHandle );
        if ( hr != S_OK )
        {
            hr = session->FindOuterSymbolByAddr( 
                MagoST::SymHeap_StaticSymbols, section, offset, symHandle );
        }
        if ( hr == S_OK )
        {
            MagoST::SymInfoData infoData;
            MagoST::ISymbolInfo* symInfo = NULL;

            hr = session->GetSymbolInfo( symHandle, infoData, symInfo );
            if ( hr == S_OK )
            {
                if ( symInfo->GetSymTag() == MagoST::SymTagThunk )
                {
                    uint32_t length = 0;
                    symInfo->GetAddressOffset( offset );
                    symInfo->GetAddressSegment( section );
                    symInfo->GetLength( length );

                    uint64_t addr = session->GetVAFromSecOffset( section, offset );
                    thunkRange.Begin = (Address64) addr;
                    thunkRange.End = (Address64) addr + length - 1;
                    return true;
                }
            }
        }

        return false;
    }

Example #4

0

Show file

File: StackFrame.cpp Project: aBothe/MagoWrapper

    HRESULT StackFrame::AppendArgs(
        FRAMEINFO_FLAGS flags, 
        UINT radix, 
        MagoST::ISession* session,
        MagoST::ISymbolInfo* symInfo, 
        CString& outputStr )
    {
        _ASSERT( session != NULL );
        _ASSERT( symInfo != NULL );
        HRESULT             hr = S_OK;
        MagoST::SymbolScope funcScope = { 0 };
        MagoST::SymHandle   childSH = { 0 };
        int                 paramCount = 0;
        std::wstring        typeStr;

        hr = MakeExprContext();
        if ( FAILED( hr ) )
            return hr;

        hr = session->SetChildSymbolScope( mFuncSH, funcScope );
        if ( FAILED( hr ) )
            return hr;

        while ( session->NextSymbol( funcScope, childSH ) )
        {
            MagoST::SymInfoData     childData = { 0 };
            MagoST::ISymbolInfo*    childSym = NULL;
            MagoST::SymTag          tag = MagoST::SymTagNull;
            MagoST::DataKind        kind = MagoST::DataIsUnknown;
            RefPtr<MagoEE::Type>    type;
            RefPtr<MagoEE::Declaration> decl;

            session->GetSymbolInfo( childSH, childData, childSym );
            if ( childSym == NULL )
                continue;

            tag = childSym->GetSymTag();
            if ( tag == MagoST::SymTagEndOfArgs )
                break;

            if ( !childSym->GetDataKind( kind ) || kind != MagoST::DataIsParam )
                continue;

            mExprContext->MakeDeclarationFromSymbol( childSH, decl.Ref() );
            if ( decl == NULL )
                continue;

            if ( paramCount > 0 )
                outputStr.AppendChar( L',' );

            if ( (flags & FIF_FUNCNAME_ARGS_TYPES) != 0 )
            {
                if ( decl->GetType( type.Ref() ) )
                {
                    typeStr.clear();
                    type->ToString( typeStr );
                    outputStr.AppendFormat( L" %.*s", typeStr.size(), typeStr.c_str() );
                }
            }

            if ( (flags & FIF_FUNCNAME_ARGS_NAMES) != 0 )
            {
                outputStr.AppendFormat( L" %s", decl->GetName() );
            }

            if ( (flags & FIF_FUNCNAME_ARGS_VALUES) != 0 )
            {
                MagoEE::DataObject resultObj = { 0 };
                CComBSTR valueBstr;

                hr = mExprContext->Evaluate( decl, resultObj );
                if ( hr == S_OK )
                {
                    hr = MagoEE::EED::FormatValue( mExprContext, resultObj, radix, valueBstr.m_str );
                    if ( hr == S_OK )
                    {
                        outputStr.AppendFormat( L" = %.*s", valueBstr.Length(), valueBstr.m_str );
                    }
                }
            }

            paramCount++;
        }

        if ( paramCount > 0 )
            outputStr.AppendChar( L' ' );

        return S_OK;
    }