static _inline void b64conv(HWND hwnd){ char B64D[8*10]; char buf[2][4*4]; DWORD adrs,s; t_memory *pmem; BYTE *buff[2]; GetWindowTextM(IDC_EDT_TOPADDR,buf[0],sizeof(buf[0])); GetWindowTextM(IDC_EDT_NUMBER,buf[1],sizeof(buf[1])); s=GetWindowTextM(IDC_COMBO1,B64D,sizeof(B64D)); if(s<64) return; adrs = strtoul(buf[0],NULL,16); s = strtoul(buf[1],NULL,10); if(adrs==0 || s==0) return; pmem=Findmemory(adrs); if(pmem==NULL) return; if ((buff[0] = (BYTE *)malloc(s+4)) == NULL) return; if(Readmemory(buff[0], pdump->sel0, s, MM_RESTORE | MM_SILENT) == s){ buff[1]=MS_Base64Encodes(B64D,buff[0],s); if(buff[1]){ SetWindowTextM(IDC_EDIT1,buff[1]); free(buff[1]); } free(buff[0]); } }
int Assembl(char *answer,ulong parm) { int i,j,k,n,good; char s[TEXTLEN]; t_asmmodel model,attempt; t_memory *pmem; t_dump *pasm; // Visualize changes. Setcpu(0,address,0,0,CPU_ASMHIST|CPU_ASMCENTER); if (string[0]=='\0') // No immediate command Sendshortcut(PM_DISASM,address,WM_CHAR,0,0,' '); else { // Assemble immediate command. If there are several possible encodings, // select the shortest one. model.length=0; for (j=0; ; j++) { // Try all possible encodings good=0; for (k=0; k<4; k++) { // Try all possible constant sizes n=Assemble(string,address,&attempt,j,k,model.length==0?answer:s); if (n>0) { good=1; // If another decoding is found, check if it is shorter. if (model.length==0 || n<model.length) model=attempt; // Shortest encoding so far ; }; }; if (good==0) break; // No more encodings }; if (model.length==0) return -1; // Invalid command // Check for imprecise parameters. k=model.mask[0]; for (i=1; i<model.length; i++) k&=model.mask[i]; if (k!=0xFF) { strcpy(answer,"Command contains imprecise operands"); return -1; }; // If there is no backup copy, create it. Dump window always assumes that // backup has the same base and size as the dump, so check it to avoid // strange ireproducible errors. pmem=Findmemory(address); if (pmem==NULL) { //strcpy(answer,"Attempt to assemble to non-existing memory"); wsprintf(answer,"%X",model.code[0]); for(i=1; i<model.length; i++) { wsprintf(answer,"%s%X",answer,model.code[i]); } return -1; }; pasm=(t_dump *)Plugingetvalue(VAL_CPUDASM); if (pasm!=NULL && pmem->copy==NULL && pmem->base==pasm->base && pmem->size==pasm->size) Dumpbackup(pasm,BKUP_CREATE); // Now write assembled code to memory. Writememory(model.code,address,model.length,MM_RESTORE|MM_DELANAL); }; return 0; };
// Standard function Painttable() makes most of OllyDbg windows redrawing. You // only need to supply another function that prepares text strings and // optionally colours them. Case of custom windows is a bit more complicated, // please read documentation. int Bookmarkgettext(char *s, char *mask, int *select, t_sortheader *ph, int column) { int n; ulong cmdsize, decodesize; char cmd[MAXCMDSIZE], *pdecode; t_memory *pmem; t_disasm da; t_bookmark *pb = (t_bookmark *)ph; if (column == 0) // Name of bookmark { // Column 0 contains name of bookmark in form "Alt+n", where n is the // digit from 0 to 9. Mainly for demonstration purposes, I display prefix // "Alt+" in grayed and digit in normal text. Standard table windows do // not need to bother about selection. n = sprintf(s, "Alt+%i", pb->index); *select = DRAW_MASK; memset(mask, DRAW_GRAY, 4); mask[4] = DRAW_NORMAL; } else if (column == 1) // Address of bookmark n = sprintf(s, "%08X", pb->addr); else if (column == 2) // Disassembled command { // Function Disasm() requires that calling routine supplies code to be // disassembled. Read this code from memory. First determine possible // code size. pmem = Findmemory(pb->addr); // Find memory block containing code if (pmem == NULL) { *select = DRAW_GRAY; return sprintf(s, "???"); }; cmdsize = pmem->base + pmem->size - pb->addr; if (cmdsize > MAXCMDSIZE) cmdsize = MAXCMDSIZE; if (Readmemory(cmd, pb->addr, cmdsize, MM_RESTORE | MM_SILENT) != cmdsize) { *select = DRAW_GRAY; return sprintf(s, "???"); }; pdecode = Finddecode(pb->addr, &decodesize); if (decodesize < cmdsize) pdecode = NULL; Disasm(cmd, cmdsize, pb->addr, pdecode, &da, DISASM_CODE, 0); strcpy(s, da.result); n = strlen(s); } else if (column == 3) // Comment // Only user-defined comments are displayed here. n = Findname(pb->addr, NM_COMMENT, s); else n = 0; // s is not necessarily 0-terminated return n; };