// check if a file handle is for kernel32.dll
static bool kludge_isKernel32Dll(HANDLE fileHandle, std::string &kernel32Name) {
static DWORD IndxHigh, IndxLow;
static bool firstTime = true;
BY_HANDLE_FILE_INFORMATION info;
static std::string kernel32Name_;
if (firstTime) {
HANDLE kernel32H;
firstTime = false;
char sysRootDir[MAX_PATH+1];
if (GetSystemDirectory(sysRootDir, MAX_PATH) == 0)
assert(0);
kernel32Name_ = std::string(sysRootDir) + "\\kernel32.dll";
kernel32H = CreateFile(kernel32Name_.c_str(), GENERIC_READ,
FILE_SHARE_READ, NULL, OPEN_EXISTING, NULL, NULL);
assert(kernel32H);
if (!GetFileInformationByHandle(kernel32H, &info)) {
printSysError(GetLastError());
assert(0);
}
IndxHigh = info.nFileIndexHigh;
IndxLow = info.nFileIndexLow;
CloseHandle(kernel32H);
}
if (!GetFileInformationByHandle(fileHandle, &info))
return false;
if (info.nFileIndexHigh==IndxHigh && info.nFileIndexLow==IndxLow) {
kernel32Name = kernel32Name_;
return true;
}
return false;
}
void *loadDynamicLibrary(char *name) {
void *result = (void *) LoadLibrary(name);
if (!result) {
output->log(STDERR, "[%s:%u] - The mutatee could not load %s\n", __FILE__, __LINE__);
printSysError(GetLastError());
}
return result;
}
void printSysError(unsigned errNo) {
char buf[1000];
bool result = FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, errNo,
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
buf, 1000, NULL);
if (!result) {
fprintf(stderr, "Couldn't print error message\n");
printSysError(GetLastError());
}
fprintf(stderr, "*** System error [%d]: %s\n", errNo, buf);
fflush(stderr);
}
int DYNINSTwriteEvent(void *ev, size_t sz)
{
DYNINSTasyncConnect(DYNINST_mutatorPid);
if (send((SOCKET)async_socket, ev, sz, 0) != sz) {
printSysError(WSAGetLastError());
printf("DYNINSTwriteTrace: send error %d, %d %d\n",
WSAGetLastError(), sz, async_socket);
if (async_socket == -1)
return 1;
return 0;
}
return 1;
}
void *getFuncFromDLL(void *libhandle, const char *func_name) {
void *result;
if (!libhandle || !func_name) {
output->log(STDERR, "[%s:%u] - Test error - getFuncFromDLL passed NULL "
"parameter\n", __FILE__, __LINE__);
return NULL;
}
result = GetProcAddress((HMODULE) libhandle, func_name);
if (!result) {
output->log(STDERR, "[%s:%u] - Couldn't load symbol %s\n", __FILE__, __LINE__, func_name);
printSysError(GetLastError());
}
return result;
}
mapped_object* PCProcess::createObjectNoFile(Address addr)
{
Address closestObjEnd = 0;
for (unsigned i = 0; i < mapped_objects.size(); i++) {
if (addr >= mapped_objects[i]->codeAbs() &&
addr < (mapped_objects[i]->codeAbs() +
mapped_objects[i]->imageSize())) {
fprintf(stderr,"createObjectNoFile called for addr %lx, "
"matching existing mapped_object %s %s[%d]\n", addr,
mapped_objects[i]->fullName().c_str(), FILE__,__LINE__);
return mapped_objects[i];
}
if (addr >= (mapped_objects[i]->codeAbs() +
mapped_objects[i]->imageSize()) &&
closestObjEnd < (mapped_objects[i]->codeAbs() +
mapped_objects[i]->imageSize())) {
closestObjEnd = mapped_objects[i]->codeAbs() +
mapped_objects[i]->imageSize();
}
}
Address testRead = 0;
// WindowsAPI VirtualQueryEx rounds down to pages size,
// so we need to round up first.
Address ObjOffset = closestObjEnd % getMemoryPageSize();
if (ObjOffset) {
closestObjEnd = closestObjEnd - ObjOffset + getMemoryPageSize();
}
if (readDataSpace((void*)addr, getAddressWidth(), &testRead, false)) {
// create a module for the region enclosing this address
ProcControlAPI::Process::MemoryRegion memRegion;
if (!pcProc_->findAllocatedRegionAround(addr, memRegion)) {
mal_printf("ERROR: failed to find allocated region for page %lx, %s[%d]\n",
addr, FILE__, __LINE__);
assert(0);
return NULL;
}
mal_printf("[%lx %lx] is valid region containing %lx and corresponding "
"to no object, closest is object ending at %lx %s[%d]\n",
memRegion.first, memRegion.second, addr, closestObjEnd, FILE__,__LINE__);
// The size of the region returned by VirtualQueryEx is from BaseAddress
// to the end, NOT from meminfo.AllocationBase, which is what we want.
// BaseAddress is the start address of the page of the address parameter
// that is sent to VirtualQueryEx as a parameter
Address regionSize = memRegion.second - memRegion.first;
// read region into this PCProcess
void* rawRegion = malloc(regionSize);
if (!readDataSpace((void *)memRegion.first, regionSize, rawRegion, true)) {
mal_printf("Error: failed to read memory region [%lx, %lx]\n",
memRegion.first, memRegion.second);
printSysError(GetLastError());
assert(0);
return NULL;
}
// set up file descriptor
char regname[64];
snprintf(regname, 63, "mmap_buffer_%lx_%lx", memRegion.first, memRegion.second);
fileDescriptor desc(string(regname),
memRegion.first, /* code */
memRegion.first, /* data */
regionSize, /* length */
rawRegion, /* rawPtr */
true); /* shared */
mapped_object *obj = mapped_object::createMappedObject
(desc, this, getHybridMode(), false);
if (obj != NULL) {
obj->setMemoryImg();
//mapped_objects.push_back(obj);
addMappedObject(obj);
obj->parse_img()->getOrCreateModule(
obj->parse_img()->getObject()->getDefaultModule());
return obj;
} else {
fprintf(stderr,"Failed to create object (that was not backed by a file) at %lx\n", memRegion.first);
return NULL;
}
}
return NULL;
}