bool CPlugIn::Load()
{
if(m_Filename == "")
{
return false;
}
if(!OpenLib())
{
return false;
}
if(!CheckVersion())
{
Close();
return false;
}
if(!LoadSymbols())
{
Close();
return false;
}
m_Initialized = true;
return true;
}
bool DllLoader::Load()
{
if (!Parse())
{
CLog::Log(LOGERROR, "Unable to open dll %s", GetFileName());
return false;
}
ResolveImports();
LoadSymbols();
// only execute DllMain if no EntryPoint is found
if (!EntryAddress)
ResolveExport("DllMain", (void**)&EntryAddress);
#ifdef LOGALL
CLog::Log(LOGDEBUG, "Executing EntryPoint with DLL_PROCESS_ATTACH at: 0x%x - Dll: %s", pLoader->EntryAddress, sName);
#endif
if(EntryAddress)
{
EntryFunc initdll = (EntryFunc)EntryAddress;
/* since we are handing execution over to unknown code, safeguard here */
try
{
#ifdef TARGET_POSIX
extend_stack_for_dll_alloca();
#endif
initdll((HINSTANCE)hModule, DLL_PROCESS_ATTACH , 0); //call "DllMain" with DLL_PROCESS_ATTACH
#ifdef LOGALL
CLog::Log(LOGDEBUG, "EntryPoint with DLL_PROCESS_ATTACH called - Dll: %s", sName);
#endif
}
XBMCCOMMONS_HANDLE_UNCHECKED
catch(...)
{
CLog::Log(LOGERROR, "%s - Unhandled exception during DLL_PROCESS_ATTACH", __FUNCTION__);
// vp7vfw.dll throws a CUserException due to a missing export
// but the export isn't really needed for normal operation
// and dll works anyway, so let's ignore it
if(stricmp(GetName(), "vp7vfw.dll") != 0)
return false;
CLog::Log(LOGDEBUG, "%s - Ignoring exception during DLL_PROCESS_ATTACH", __FUNCTION__);
}
// init function may have fixed up the export table
// this is what I expect should happens on PECompact2
// dll's if export table is compressed.
if(!m_pExportHead)
LoadExports();
}
return true;
}
int JackProxyDriver::LoadClientLib()
{
// Already loaded
if (fHandle) {
return 0;
}
fHandle = LoadJackModule(JACK_PROXY_CLIENT_LIB);
if (!fHandle) {
return -1;
}
LoadSymbols();
return 0;
}
bool
GLXWrap::Init()
{
if (fCreateContext)
return true;
SymLoadStruct symbols[] = {
{ (PRFuncPtr*) &fGetProcAddress, { "glXGetProcAddress", "glXGetProcAddressARB", NULL } },
{ (PRFuncPtr*) &fCreateContext, { "glXCreateContext", NULL } },
{ (PRFuncPtr*) &fDestroyContext, { "glXDestroyContext", NULL } },
{ (PRFuncPtr*) &fGetString, { "glGetString", NULL } },
{ (PRFuncPtr*) &fMakeCurrent, { "glXMakeCurrent", NULL } },
{ NULL, { NULL } }
};
return LoadSymbols(&symbols[0]);
}
bool
WGLWrap::Init()
{
if (fCreatePbuffer)
return true;
SymLoadStruct symbols[] = {
{ (PRFuncPtr*) &fCreatePbuffer, { "wglCreatePbufferARB", "wglCreatePbufferEXT", NULL } },
{ (PRFuncPtr*) &fDestroyPbuffer, { "wglDestroyPbufferARB", "wglDestroyPbufferEXT", NULL } },
{ (PRFuncPtr*) &fGetPbufferDC, { "wglGetPbufferDCARB", "wglGetPbufferDCEXT", NULL } },
{ (PRFuncPtr*) &fChoosePixelFormat, { "wglChoosePixelFormatARB", "wglChoosePixelFormatEXT", NULL } },
{ (PRFuncPtr*) &fGetPixelFormatAttribiv, { "wglGetPixelFormatAttribivARB", "wglGetPixelFormatAttribivEXT", NULL } },
{ NULL, { NULL } }
};
return LoadSymbols(&symbols[0], true);
}
bool MapFile::Load(const char *Path)
{
m_FileHandle = CreateFileA(Path, GENERIC_READ, FILE_SHARE_READ, nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr);
if (m_FileHandle == INVALID_HANDLE_VALUE)
{
msg("Unable to open file\n");
return false;
}
DWORD fileSize = GetFileSize(m_FileHandle, nullptr);
if (fileSize <= 0)
{
msg("No data in file\n");
return false;
}
m_FileDataBase = (char *)VirtualAlloc(nullptr, fileSize, MEM_COMMIT, PAGE_READWRITE);
m_FileData = m_FileDataBase;
if (!m_FileDataBase)
{
msg("Failed to allocate memory\n");
return false;
}
if (!ReadFile(m_FileHandle, m_FileData, fileSize, &fileSize, nullptr))
{
msg("Failed to read file data\n");
return false;
}
if (!LoadSegments())
return false;
if (!LoadSymbols())
return false;
return true;
}
bool
GLLibraryLoader::LoadSymbols(SymLoadStruct *firstStruct, bool tryplatform, const char *prefix)
{
return LoadSymbols(mLibrary, firstStruct, tryplatform ? mLookupFunc : nullptr, prefix);
}
bool DllLoader::Load()
{
if (!Parse())
{
CLog::Log(LOGERROR, "Unable to open dll %s", GetFileName());
return false;
}
ResolveImports();
LoadSymbols();
// only execute DllMain if no EntryPoint is found
if (!EntryAddress)
ResolveExport("DllMain", (void**)&EntryAddress);
// patch some unwanted calls in memory
if (strstr(GetName(), "QuickTime.qts"))
{
int i;
uintptr_t dispatch_addr;
uintptr_t imagebase_addr;
uintptr_t dispatch_rva;
ResolveExport("theQuickTimeDispatcher", (void **)&dispatch_addr);
imagebase_addr = (uintptr_t)hModule;
CLog::Log(LOGDEBUG,
"Virtual Address of theQuickTimeDispatcher = %p",
(void *)dispatch_addr);
CLog::Log(LOGDEBUG, "ImageBase of %s = %p",
GetName(), (void *)imagebase_addr);
dispatch_rva = dispatch_addr - imagebase_addr;
CLog::Log(LOGDEBUG,
"Relative Virtual Address of theQuickTimeDispatcher = %p",
(void *)dispatch_rva);
uintptr_t base = imagebase_addr;
if (dispatch_rva == 0x124C30)
{
CLog::Log(LOGINFO, "QuickTime5 DLLs found\n");
for (i = 0;i < 5;i++) ((BYTE*)base + 0x19e842)[i] = 0x90; // make_new_region ?
for (i = 0;i < 28;i++) ((BYTE*)base + 0x19e86d)[i] = 0x90; // call__call_CreateCompatibleDC ?
for (i = 0;i < 5;i++) ((BYTE*)base + 0x19e898)[i] = 0x90; // jmp_to_call_loadbitmap ?
for (i = 0;i < 9;i++) ((BYTE*)base + 0x19e8ac)[i] = 0x90; // call__calls_OLE_shit ?
for (i = 0;i < 106;i++) ((BYTE*)base + 0x261B10)[i] = 0x90; // disable threads
}
else if (dispatch_rva == 0x13B330)
{
CLog::Log(LOGINFO, "QuickTime6 DLLs found\n");
for (i = 0;i < 5;i++) ((BYTE*)base + 0x2730CC)[i] = 0x90; // make_new_region
for (i = 0;i < 28;i++) ((BYTE*)base + 0x2730f7)[i] = 0x90; // call__call_CreateCompatibleDC
for (i = 0;i < 5;i++) ((BYTE*)base + 0x273122)[i] = 0x90; // jmp_to_call_loadbitmap
for (i = 0;i < 9;i++) ((BYTE*)base + 0x273131)[i] = 0x90; // call__calls_OLE_shit
for (i = 0;i < 96;i++) ((BYTE*)base + 0x2AC852)[i] = 0x90; // disable threads
}
else if (dispatch_rva == 0x13C3E0)
{
CLog::Log(LOGINFO, "QuickTime6.3 DLLs found\n");
for (i = 0;i < 5;i++) ((BYTE*)base + 0x268F6C)[i] = 0x90; // make_new_region
for (i = 0;i < 28;i++) ((BYTE*)base + 0x268F97)[i] = 0x90; // call__call_CreateCompatibleDC
for (i = 0;i < 5;i++) ((BYTE*)base + 0x268FC2)[i] = 0x90; // jmp_to_call_loadbitmap
for (i = 0;i < 9;i++) ((BYTE*)base + 0x268FD1)[i] = 0x90; // call__calls_OLE_shit
for (i = 0;i < 96;i++) ((BYTE*)base + 0x2B4722)[i] = 0x90; // disable threads
}
else
{
CLog::Log(LOGERROR, "Unsupported QuickTime version");
}
CLog::Log(LOGINFO, "QuickTime.qts patched!!!\n");
}
#ifdef LOGALL
CLog::Log(LOGDEBUG, "Executing EntryPoint with DLL_PROCESS_ATTACH at: 0x%x - Dll: %s", pLoader->EntryAddress, sName);
#endif
if(EntryAddress)
{
EntryFunc initdll = (EntryFunc)EntryAddress;
/* since we are handing execution over to unknown code, safeguard here */
try
{
#ifdef TARGET_POSIX
extend_stack_for_dll_alloca();
#endif
initdll((HINSTANCE)hModule, DLL_PROCESS_ATTACH , 0); //call "DllMain" with DLL_PROCESS_ATTACH
#ifdef LOGALL
CLog::Log(LOGDEBUG, "EntryPoint with DLL_PROCESS_ATTACH called - Dll: %s", sName);
#endif
}
XBMCCOMMONS_HANDLE_UNCHECKED
catch(...)
{
CLog::Log(LOGERROR, "%s - Unhandled exception during DLL_PROCESS_ATTACH", __FUNCTION__);
// vp7vfw.dll throws a CUserException due to a missing export
// but the export isn't really needed for normal operation
// and dll works anyway, so let's ignore it
if(stricmp(GetName(), "vp7vfw.dll") != 0)
return false;
CLog::Log(LOGDEBUG, "%s - Ignoring exception during DLL_PROCESS_ATTACH", __FUNCTION__);
}
// init function may have fixed up the export table
// this is what I expect should happens on PECompact2
// dll's if export table is compressed.
if(!m_pExportHead)
LoadExports();
}
return true;
}
// Main contructor
SymbolManager::SymbolManager()
{
// Load all the symbols
m_loadError = !LoadSymbols();
}
DWORD
ConsoleDebugger(
HANDLE hProcess,
HANDLE hThread,
PEXCEPTION_RECORD ExceptionRecord,
BOOL UnexpectedException,
LPSTR InitialCommand
)
{
PPROCESS_INFO ThisProcess;
DWORD ContinueStatus = DBG_EXCEPTION_NOT_HANDLED;
static CHAR CmdBuf[512];
Stepped = FALSE;
if (!ConsoleCreated) {
CmdBuf[0] = 0;
if (!CreateDebuggerConsole()) {
return ContinueStatus;
}
}
ThisProcess = GetProcessInfo( hProcess );
if (!ThisProcess) {
printf( "could not get process information\n" );
}
if (UnexpectedException) {
printf( "\n" );
printf( "*---------------------------------------\n" );
printf( "An unexpected error has occurred\n" );
printf( "Address: 0x%08x\n", ExceptionRecord->ExceptionAddress );
printf( "Error code: 0x%08x\n", ExceptionRecord->ExceptionCode );
printf( "*---------------------------------------\n" );
PrintRegisters();
PrintOneInstruction( hProcess, (ULONG)ExceptionRecord->ExceptionAddress );
}
if (BreakInNow) {
BreakInNow = FALSE;
printf( "*** Initial breakpoint\n\n" );
}
//
// check to see if any modules need symbols loading
//
for (ULONG i=0; i<MAX_DLLS; i++) {
if (DllList[i].BaseAddress && !DllList[i].Unloaded) {
IMAGEHLP_MODULE ModuleInfo;
if (!SymGetModuleInfo( hProcess, DllList[i].BaseAddress, &ModuleInfo )) {
if (ThisProcess) {
printf( "loading 0x%08x %s\n",
DllList[i].BaseAddress,
DllList[i].Name
);
LoadSymbols(
ThisProcess,
&DllList[i],
NULL
);
}
}
}
}
CurrProcess = hProcess;
if (InitialCommand) {
strcpy( CmdBuf, InitialCommand );
}
while( TRUE ) {
if (!InitialCommand) {
printf( "ApiMon> " );
scanf( "%[^\n]", CmdBuf );
getchar();
}
LPSTR p = CmdBuf;
while (p[0]) {
LPSTR s = p;
while (*s) {
if (*s == '\"') {
s += 1;
while (*s && *s != '\"') {
s += 1;
}
if (*s == '\"') {
s += 1;
}
}
if (*s == ';') {
break;
}
s += 1;
}
if (*s == ';') {
s[0] = 0;
} else {
s = NULL;
}
switch( tolower(p[0]) ) {
case 'q':
ExitProcess( 0 );
break;
case 'g':
ContinueStatus = DBG_CONTINUE;
goto exit;
case 'k':
CmdStackTrace( p, hProcess, hThread, ExceptionRecord );
break;
case 'd':
CmdDisplayMemory( p, hProcess, hThread, ExceptionRecord );
break;
case 'r':
if (p[1] == 't') {
PrintRegistersFlag = !PrintRegistersFlag;
}
CmdDisplayRegisters( p, hProcess, hThread, ExceptionRecord );
break;
case 'u':
CmdDisplayCode( p, hProcess, hThread, ExceptionRecord );
break;
case 'b':
CmdBreakPoint( p, hProcess, hThread, ExceptionRecord );
break;
case 'l':
if (tolower(p[1]) == 'm') {
CmdDisplayModules( p, hProcess, hThread, ExceptionRecord );
} else if (tolower(p[1]) == 'n') {
CmdListNear( p, hProcess, hThread, ExceptionRecord );
} else {
goto invalid_command;
}
break;
case 't':
if (p[1] == 'r') {
PrintRegistersFlag = !PrintRegistersFlag;
}
if (CmdTrace( p, hProcess, hThread, ExceptionRecord )) {
ContinueStatus = DBG_CONTINUE;
Stepped = TRUE;
goto exit;
}
break;
case 'p':
if (p[1] == 'r') {
PrintRegistersFlag = !PrintRegistersFlag;
}
if (CmdStep( p, hProcess, hThread, ExceptionRecord )) {
ContinueStatus = DBG_CONTINUE;
Stepped = TRUE;
goto exit;
}
break;
case 'h':
if (tolower(p[1]) == 'e' && tolower(p[2]) == 'l' && tolower(p[3]) == 'p') {
CmdDisplayHelp( p, hProcess, hThread, ExceptionRecord );
}
break;
case '?':
{
ULONG val = GetExpression( p+1 );
if (!ExprError) {
printf( "Evaluate expression: %d = 0x%08x\n", val, val );
}
}
break;
default:
invalid_command:
printf( "****>>> invalid command\n" );
break;
}
if (s) {
p = s + 1;
} else {
p += strlen(p);
}
}
}
exit:
return ContinueStatus;
}
void AbstractBTGenerator::Run(HANDLE hThread, bool bFaultingThread)
{
assert(m_process.IsValid());
assert(hThread);
if (!Init())
{
assert(false);
return;
}
if (bFaultingThread)
{
const QString threadInfo = QString("Faulting thread (%1)").arg( reinterpret_cast<quintptr>(hThread) );
emit DebugLine(threadInfo);
}
else
{
const QString threadInfo = QString("Thread %1").arg( reinterpret_cast<quintptr>(hThread) );
emit DebugLine(threadInfo);
}
//HANDLE hFile = CreateFile(L"C:\\test\\test.dmp", FILE_ALL_ACCESS, FILE_SHARE_WRITE|FILE_SHARE_READ, NULL, CREATE_ALWAYS, 0, NULL);
//if (!MiniDumpWriteDump(m_process.GetHandle(), m_process.GetId(), hFile,
// MiniDumpNormal, NULL, NULL, NULL))
//{
// HRESULT hres = (HRESULT) GetLastError();
// printf("%08X\n\n", hres);
//}
//SafeCloseHandle(hFile);
DWORD dw = SuspendThread(hThread);
assert(dw != DWORD(-1));
if (dw == DWORD(-1))
{
qCritical() << "SuspendThread() failed: " << GetLastError();
return;
}
CONTEXT context;
ZeroMemory(&context, sizeof(context));
if (!bFaultingThread)
{
// if it's not the faulting thread, get its context
context.ContextFlags = CONTEXT_FULL;
if (!GetThreadContext(hThread, &context))
{
ResumeThread(hThread);
assert(false);
qCritical() << "GetThreadContext() failed: " << GetLastError();
return;
}
}
else
{
// if it is, get it from KCrash
HANDLE hMapFile = OpenFileMapping(FILE_MAP_ALL_ACCESS, FALSE, sharedMemoryName);
if (hMapFile == NULL)
{
qCritical() << "OpenFileMapping() failed: " << GetLastError();
return;
}
CONTEXT *othercontext = (CONTEXT*) MapViewOfFile(hMapFile, FILE_MAP_ALL_ACCESS, 0, 0, sizeof(CONTEXT));
if (othercontext == NULL)
{
qCritical() << "MapViewOfFile() failed: " << GetLastError();
SafeCloseHandle(hMapFile);
return;
}
CopyMemory(&context, othercontext, sizeof(CONTEXT));
UnmapViewOfFile(othercontext); // continue even if it fails
SafeCloseHandle(hMapFile);
}
// some of this stuff is taken from StackWalker
ZeroMemory(&m_currentFrame, sizeof(m_currentFrame));
DWORD machineType = IMAGE_FILE_MACHINE_UNKNOWN;
#if defined(_M_IX86)
machineType = IMAGE_FILE_MACHINE_I386;
m_currentFrame.AddrPC.Offset = context.Eip;
m_currentFrame.AddrFrame.Offset = context.Ebp;
m_currentFrame.AddrStack.Offset = context.Esp;
#elif defined(_M_X64)
machineType = IMAGE_FILE_MACHINE_AMD64;
m_currentFrame.AddrPC.Offset = context.Rip;
m_currentFrame.AddrFrame.Offset = context.Rbp;
m_currentFrame.AddrStack.Offset = context.Rsp;
#else
# error This architecture is not supported.
#endif
m_currentFrame.AddrPC.Mode = AddrModeFlat;
m_currentFrame.AddrFrame.Mode = AddrModeFlat;
m_currentFrame.AddrStack.Mode = AddrModeFlat;
SymSetOptions(SymGetOptions() | SYMOPT_UNDNAME | SYMOPT_LOAD_LINES);
SymInitialize(m_process.GetHandle(), NULL, FALSE);
LoadSymbols();
for (int i = 0; /*nothing*/; i++)
{
SetLastError(0);
if (!StackWalk64(
machineType,
m_process.GetHandle(),
hThread,
&m_currentFrame,
&context,
&Callbacks::ReadProcessMemory,
&Callbacks::SymFunctionTableAccess64,
&Callbacks::SymGetModuleBase64,
NULL))
{
emit Finished();
qDebug() << "Stackwalk finished; GetLastError=" << GetLastError();
break;
}
FrameChanged();
QString modulename = GetModuleName();
QString functionname = GetFunctionName();
QString file = GetFile();
int line = GetLine();
QString address = QString::number(m_currentFrame.AddrPC.Offset, 16);
QString debugLine = QString::fromLatin1(BACKTRACE_FORMAT).
arg(modulename).arg(functionname).arg(file).arg(line).arg(address);
emit DebugLine(debugLine);
}
// Resume the target thread now, or else the crashing process will not
// be terminated
ResumeThread(hThread);
SymCleanup(m_process.GetHandle());
emit DebugLine(QString());
}
BOOL ConfigDlg::OnInitDialog()
{
CDialog::OnInitDialog();
ListView_SetExtendedListViewStyleEx( m_List, LVS_EX_GRIDLINES|LVS_EX_FULLROWSELECT,LVS_EX_GRIDLINES|LVS_EX_FULLROWSELECT);
m_List.InsertColumn( 0, "PDB Path", LVCFMT_LEFT, 500 );
m_bChanged = false;
//////////////////////////////////////////////////////////////////////////
CString csExeName;
GetModuleFileName( 0, csExeName.GetBuffer( MAX_PATH), MAX_PATH );
csExeName.ReleaseBuffer();
csExeName = csExeName.MakeLower();
csExeName.Replace( _T(".exe"), _T("Mem.ini"));
if( PathFileExists( csExeName ))
{
CStdioFile File;
File.Open( csExeName,CFile::modeRead );
CString csLine;
while( File.ReadString( csLine ))
{
csLine.Replace( _T("\r"), _T(""));
m_List.InsertItem( 0, csLine );
m_csPath += csLine + _T(";");
}
File.Close();
}
else
{
CString csSystemPath;
if (GetEnvironmentVariable("SYSTEMROOT", csSystemPath.GetBuffer( MAX_PATH), MAX_PATH) > 0)
{
csSystemPath.ReleaseBuffer();
csSystemPath += _T("\\system32");
}
else
{
csSystemPath.ReleaseBuffer();
}
m_List.InsertItem( 0, csSystemPath );
csSystemPath += _T("\r\n");
CString SymbolPath;
if (GetEnvironmentVariable("_NT_SYMBOL_PATH", SymbolPath.GetBuffer( MAX_PATH), MAX_PATH) > 0)
{
SymbolPath.ReleaseBuffer();
csSystemPath += SymbolPath + _T("\r\n");
m_List.InsertItem( 0, SymbolPath );
}
else
{
csSystemPath.ReleaseBuffer();
}
//add the hook dll path so that it can load the pdb of hookdll
CString csDllPath;
HMODULE hHookDll = GetModuleHandle( _T("HookDll.dll"));
if( GetModuleFileName( hHookDll, csDllPath.GetBuffer( MAX_PATH), MAX_PATH ))
{
csDllPath.ReleaseBuffer();
int nPos = csDllPath.ReverseFind( _T('\\'));
if( 0 < nPos )
{
csDllPath = csDllPath.Left( nPos + 1 );
m_List.InsertItem( 0, csDllPath );
}
}
}
m_EditCtrl.Create( WS_CHILD|WS_BORDER, CRect(0,0,0,0), &m_List, 1 );
g_HookType = HT_MEMORY;
((CButton*)GetDlgItem( IDC_RADIO_MEM ))->SetCheck( BST_CHECKED );
SetDlgItemText( IDC_EDIT1, _T("20"));
#if _DEBUG
SetAppMode();
if(g_IS_TEST_APP)
{
LoadSymbols();
PostMessage( WM_CLOSE,0,0);
}
#endif
return TRUE;
}
void ConfigDlg::OnOk()
{
CDialog::OnOK();
LoadSymbols();
}