bool bstr_as_string(DEBUGHELPER *pH, DWORDLONG addr, std::string *ret ) { if( addr == 0) { *ret = "@\"\""; } else { long len; if(!ReadMem(pH, addr - sizeof(len), &len) ) return false; std::ostringstream os; os << '\"'; if(len >0 ) { char *val = new char[len+2]; if(!ReadMem(pH, addr, len, val) ) return false; // Null terminate val[len]='\0'; val[len+1]='\0'; // wchar_t *wval = reinterpret_cast<wchar_t *>(val); std::string sret; if (!string_as_string( wval, wval+(len/2), &sret ) ) return false; delete [] val; os << sret; } os << '\"'; *ret = os.str(); } return true; }
/* * doStartTask: * * handle NFY_STARTTASK notification * * If we are waiting for the debuggee to load, then this is the task. * We remember the module and task ID's, and plant a breakpoint at the * starting address of the application. We can do that now, since we * now know the code selector for the segment with the start address. * * Otherwise, we simply record it so that we can notify the debugger * about a loaded module later. */ static BOOL doStartTask( DWORD data ) { char val; TASKENTRY te; te.dwSize = sizeof( te ); TaskFindHandle( &te, TaskAtNotify ); if( DebuggerState == LOADING_DEBUGEE ) { DebugeeModule = te.hModule; DebugeeTask = TaskAtNotify; StopNewTask.loc.segment = HIWORD( data ); ReadMem( StopNewTask.loc.segment, StopNewTask.loc.offset, &StopNewTask.value, 1 ); val = '\xcc'; WriteMem( StopNewTask.loc.segment, StopNewTask.loc.offset, &val, 1 ); ReadMem( StopNewTask.loc.segment, StopNewTask.loc.offset, &val, 1 ); Out((OUT_RUN," wrote breakpoint at %04x:%04lx, oldbyte=%02x(is now %02x)", StopNewTask.loc.segment, StopNewTask.loc.offset, StopNewTask.value, val )); Out((OUT_RUN," StartTask: cs:ip = %Fp", data )); ToDebugger( TASK_LOADED ); } else { AddModuleLoaded( te.hModule, FALSE ); } return( FALSE ); } /* doStartTask */
/* * CheckIsModuleWin32App - check if a given module handle is a win32 app */ bool CheckIsModuleWin32App( HMODULE hmod, WORD *win32ds, WORD *win32cs, DWORD *win32initialeip ) { GLOBALENTRY ge; winext_data wedata; int segnum; *win32cs = *win32ds = 0; ge.dwSize = sizeof( GLOBALENTRY ); if( !GlobalEntryModule( &ge, hmod, 1 ) ) { return( false ); } ReadMem( (WORD)ge.hBlock, 0, (LPVOID) &wedata, sizeof( wedata ) ); if( memcmp( wedata.sig, win386Sig, sizeof( win386Sig) ) == 0 || memcmp( wedata.sig, win386Sig2, sizeof( win386Sig2) ) == 0 ) { if( memcmp( wedata.new_sig, win386Sig, sizeof( win386Sig ) ) == 0 ) { segnum = 2; } else { segnum = 3; } if( !GlobalEntryModule( &ge, hmod, segnum ) ) { return( false ); } ReadMem( (WORD)ge.hBlock, wedata.dataseg_off, (LPVOID)win32ds, sizeof( WORD ) ); ReadMem( (WORD)ge.hBlock, wedata.stacksize_off, (LPVOID)win32initialeip, sizeof( DWORD ) ); ReadMem( (WORD)ge.hBlock, wedata.codeinfo_off + 4, (LPVOID)win32cs, sizeof( WORD ) ); return( true ); } return( false ); } /* CheckIsModuleWin32App */
HRESULT WINAPI DISPPARAMS_Eval( DWORD addr, DEBUGHELPER *pH, int nBase, BOOL bUniStrings, char *pResult, size_t maxlen, DWORD reserved ) { DISPPARAMS dparam; DWORDLONG llAddr =GetAddress(pH,addr); if(!ReadMem(pH, llAddr, &dparam) ) return E_FAIL; std::ostringstream os; if( dparam.cArgs == 0 ) { os << "()"; } else if( dparam.cArgs > 20) { os << "(.." << dparam.cArgs << "..)"; } else { VARIANT *vars= new VARIANT[dparam.cArgs]; try { if(!ReadMem(pH, reinterpret_cast<DWORDLONG>( dparam.rgvarg ) , sizeof(VARIANT) * dparam.cArgs, vars ) ) { delete [] vars; return E_FAIL; } bool first = true; os << '('; for( long i = dparam.cArgs-1; i>= 0 ; --i) { std::string ret; if(! variant_as_string(pH, vars[i], &ret) ) { delete [] vars; return false; } if(!first) os << ',' ; first = false; os << ret; } os << ')'; } catch (...){} delete [] vars; } strncpy(pResult, os.str().c_str(), maxlen); pResult[maxlen-1] ='\0'; return S_OK; }
/** * SoftwareDisableImc - Software disable IMC strap * * * @param[in] FchDataPtr Fch configuration structure pointer. * */ VOID SoftwareDisableImc ( IN VOID *FchDataPtr ) { UINT8 ValueByte; UINT8 PortStatusByte; UINT32 AbValue; UINT32 ABStrapOverrideReg; AMD_CONFIG_PARAMS *StdHeader; StdHeader = ((FCH_DATA_BLOCK *) FchDataPtr)->StdHeader; GetChipSysMode (&PortStatusByte, StdHeader); RwPci ((LPC_BUS_DEV_FUN << 16) + FCH_LPC_REGC8 + 3, AccessWidth8, 0x7F, BIT7, StdHeader); ReadPmio (FCH_PMIOA_REGBF, AccessWidth8, &ValueByte, StdHeader); ReadMem ((ACPI_MMIO_BASE + MISC_BASE + FCH_MISC_REG80), AccessWidth32, &AbValue); ABStrapOverrideReg = AbValue; ABStrapOverrideReg &= ~BIT2; // bit2=0 EcEnableStrap WriteMem ((ACPI_MMIO_BASE + MISC_BASE + FCH_MISC_REG84), AccessWidth32, &ABStrapOverrideReg); ReadPmio (FCH_PMIOA_REGD7, AccessWidth8, &ValueByte, StdHeader); ValueByte |= BIT1; // Set GenImcClkEn to 1 WritePmio (FCH_PMIOA_REGD7, AccessWidth8, &ValueByte, StdHeader); ValueByte = 06; LibAmdIoWrite (AccessWidth8, 0xcf9, &ValueByte, StdHeader); FchStall (0xffffffff, StdHeader); }
/* Handle profiler marks (hardcoded breakpoints with a string) */ static bool ProcessMark( pid_t pid, user_regs_struct *regs ) { if( (regs->edx & 0xffff) != 0 ) { /* this is a mark */ char buff[BUFF_SIZE]; int len = 0; seg_offset where; /* read the mark string char by char */ for( ;; ) { if( len >= (BUFF_SIZE - 1) ) break; ReadMem( pid, buff + len, regs->eax + len, 1 ); if( buff[len] == '\0' ) break; ++len; } buff[len] = '\0'; where.segment = FlatSeg; where.offset = regs->eip; WriteMark( buff, where ); return( true ); } else { dbg_printf( "hardcoded breakpoint was not a mark!\n" ); return( false ); } }
//extern "C" { HRESULT WINAPI DateTime_Evaluate( DWORD dwAddress, DEBUGHELPER *pHelper, int nBase, BOOL bUniStrings, char *pResult, size_t maxlen, DWORD reserved ) { DATE Time; DWORDLONG address = GetAddress( pHelper, dwAddress); if( !ReadMem( pHelper, address, &Time) ) return E_FAIL; if(Time == 0.) { strcpy(pResult, "zero"); return S_OK; } if(Time == ( 65535. * 2147483647. ) || Time == (2147483647.)) { strcpy(pResult, "invalid"); return S_OK; } if(Time == ( 65535. * 2147483648. ) || Time == (2147483648.)) { strcpy(pResult, "null"); return S_OK; } CComBSTR strDate ; HRESULT hr = VarBstrFromDate(Time, LOCALE_USER_DEFAULT, 0, &strDate); if (FAILED(hr)) return hr; if(strDate != 0) WideCharToMultiByte(CP_ACP, 0, strDate, strDate.Length(), pResult, maxlen , NULL, NULL); return S_OK; }
void *aes128_init(void *key) { int i = 0; uint32_t *RK; uint8_t b0,b1,b2,b3; RK = (uint32_t *)malloc(176); RK[0] = *((uint32_t*)key); RK[1] = *((uint32_t*)key + 1); RK[2] = *((uint32_t*)key + 2); RK[3] = *((uint32_t*)key + 3); while(1) { b3 = (uint8_t)(RK[3] & 0xff); b2 = (uint8_t)((RK[3] >> 8)& 0xff); b1 = (uint8_t)((RK[3] >> 16)& 0xff); b0 = (uint8_t)((RK[3] >> 24)& 0xff); b3 = ReadMem( SBox[(b3>>4) & 0xf][b3 & 0xf]); b2 = ReadMem(SBox[(b2>>4) & 0xf][b2 & 0xf]) ^ ReadMem(RCon[i]); b1 = ReadMem(SBox[(b1>>4) & 0xf][b1 & 0xf]); b0 = ReadMem(SBox[(b0>>4) & 0xf][b0 & 0xf]); RK[4] = ((uint32_t)b3 << 24) ^ ((uint32_t)b0 << 16) ^ ((uint32_t)b1 << 8) ^ (uint32_t)b2 ^ RK[0] ; RK[5] = RK[1] ^ RK[4]; RK[6] = RK[2] ^ RK[5]; RK[7] = RK[3] ^ RK[6]; if (++i==10) return (RK-36); RK+=4; } }
unsigned ReqChecksum_mem( void ) { DWORD offset; WORD length,value; DWORD sum; checksum_mem_req *acc; checksum_mem_ret *ret; acc = GetInPtr(0); ret = GetOutPtr(0); length = acc->len; sum = 0; if( DebugeeTask != NULL ) { offset = acc->in_addr.offset; while( length != 0 ) { ReadMem( acc->in_addr.segment, offset, (LPVOID)&value, 2 ); sum += value & 0xff; offset++; length--; if( length != 0 ) { sum += value >> 8; offset++; length--; } }
trap_retval ReqSet_watch( void ) { set_watch_req *acc; set_watch_ret *ret; u_long value; watch_point *curr; u_long linear; unsigned i,needed; acc = GetInPtr( 0 ); ret = GetOutPtr( 0 ); ret->multiplier = 100000; ret->err = 1; if( wpCount < MAX_WP ) { ret->err = 0; curr = wpList + wpCount; curr->loc.segment = acc->watch_addr.segment; curr->loc.offset = acc->watch_addr.offset; ReadMem( pid, &value, acc->watch_addr.offset, sizeof( dword ) ); curr->value = value; curr->len = acc->size; wpCount++; curr->linear = linear = acc->watch_addr.offset; curr->linear &= ~(curr->len-1); curr->dregs = (linear & (curr->len-1) ) ? 2 : 1; needed = 0; for( i = 0; i < wpCount; ++i ) { needed += wpList[ i ].dregs; } if( needed <= 4 ) ret->multiplier |= USING_DEBUG_REG; } return( sizeof( *ret ) ); }
void Trace( struct TDebug *obj ) { char Instr[2] = {0, 0}; int Sel; long Offset; if( obj->CurrentThread ) { Sel = obj->CurrentThread->Cs; Offset = obj->CurrentThread->Eip; ReadMem( obj->CurrentThread, Sel, Offset, Instr, 2 ); if ( Instr[0] == 0xF && Instr[1] == 0xB ) { Offset += 7; AddBreak( obj, Sel, Offset ); Go( obj ); ClearBreak( obj, Sel, Offset ); } else { RdosResetSignal( obj->UserSignal ); SetupTrace( obj->CurrentThread ); RdosContinueDebugEvent( obj->FHandle, obj->CurrentThread->ThreadID); RdosWaitForever( obj->UserWait ); } } }
unsigned ReqChecksum_mem( void ) { char buf[256]; addr_off offv; u_short length; u_short size; int i; u_short amount; u_long sum; checksum_mem_req *acc; checksum_mem_ret *ret; acc = GetInPtr( 0 ); ret = GetOutPtr( 0 ); sum = 0; if( pid != 0 ) { length = acc->len; offv = acc->in_addr.offset; for( ;; ) { if( length == 0 ) break; size = (length > sizeof( buf )) ? sizeof( buf ) : length; amount = ReadMem( pid, buf, offv, size ); for( i = amount; i != 0; --i ) sum += buf[ i - 1 ]; offv += amount; length -= amount; if( amount != size ) break; } } ret->result = sum; return( sizeof( *ret ) ); }
/* * MemWndGetNextByte */ int_16 MemWndGetNextByte( void ) { char buf; ReadMem( Sel, _Offset, &buf, 1 ); return( buf ); } /* MemWndGetNextByte */
signed_32 GetDataLong( void ) { signed_32 d; ReadMem( DbgAddr, sizeof( d ), &d ); DbgAddr.mach.offset += sizeof( d ); return( d ); }
/* * accessSegment: * * Access a segment to cause the windows loader to load it. We find * the segment by looking through the module entry (which is a lot like * an NE header, except that where segment numbers would be, the selector * value is). We then have the app we are debugging execute an instruction that * references the seqment in question. */ static void accessSegment( GLOBALHANDLE gh, WORD segment ) { WORD i; WORD sel; WORD offset; ReadMem( (WORD)gh, 0x22, &offset, sizeof( offset ) ); i = 0; while( i < segment ) { ReadMem( (WORD)gh, offset+8, &sel, sizeof( sel ) ); offset += 10; i++; } SegmentToAccess = sel; DebuggerWaitForMessage( RUNNING_DEBUGEE, TaskAtFault, ACCESS_SEGMENT ); } /* accessSegment */
signed_16 GetDataWord( void ) { signed_16 d; ReadMem( DbgAddr, sizeof( d ), &d ); DbgAddr.mach.offset += sizeof( d ); return( d ); }
/** * GcpuRelatedSetting - Program Gcpu C related function * * * * @param[in] FchDataPtr Fch configuration structure pointer. * */ VOID GcpuRelatedSetting ( IN VOID *FchDataPtr ) { UINT8 FchAcDcMsg; UINT8 FchTimerTickTrack; UINT8 FchClockInterruptTag; UINT8 FchOhciTrafficHanding; UINT8 FchEhciTrafficHanding; UINT8 FchGcpuMsgCMultiCore; UINT8 FchGcpuMsgCStage; UINT32 Value; FCH_DATA_BLOCK *LocalCfgPtr; LocalCfgPtr = (FCH_DATA_BLOCK *) FchDataPtr; FchAcDcMsg = (UINT8) LocalCfgPtr->Gcpu.AcDcMsg; FchTimerTickTrack = (UINT8) LocalCfgPtr->Gcpu.TimerTickTrack; FchClockInterruptTag = (UINT8) LocalCfgPtr->Gcpu.ClockInterruptTag; FchOhciTrafficHanding = (UINT8) LocalCfgPtr->Gcpu.OhciTrafficHanding; FchEhciTrafficHanding = (UINT8) LocalCfgPtr->Gcpu.EhciTrafficHanding; FchGcpuMsgCMultiCore = (UINT8) LocalCfgPtr->Gcpu.GcpuMsgCMultiCore; FchGcpuMsgCStage = (UINT8) LocalCfgPtr->Gcpu.GcpuMsgCStage; ReadMem (ACPI_MMIO_BASE + PMIO_BASE + FCH_PMIOA_REGA0, AccessWidth32, &Value); Value = Value & 0xC07F00A0; if ( FchAcDcMsg ) { Value = Value | BIT0; } if ( FchTimerTickTrack ) { Value = Value | BIT1; } if ( FchClockInterruptTag ) { Value = Value | BIT10; } if ( FchOhciTrafficHanding ) { Value = Value | BIT13; } if ( FchEhciTrafficHanding ) { Value = Value | BIT15; } if ( FchGcpuMsgCMultiCore ) { Value = Value | BIT23; } if ( FchGcpuMsgCMultiCore ) { Value = (Value | (BIT6 + BIT4 + BIT3 + BIT2)); } WriteMem (ACPI_MMIO_BASE + PMIO_BASE + FCH_PMIOA_REGA0, AccessWidth32, &Value); }
/* * MemWndGetDataLong */ long MemWndGetDataLong( void ) { long buf; ReadMem( Sel, _Offset, (char *)&buf, sizeof( long ) ); _Offset += sizeof( long ); return( buf ); } /* MemWndGetDataLong */
/* * MemWndGetDataLong */ int_32 MemWndGetDataLong( void ) { int_32 buf; ReadMem( Sel, _Offset, (char *)&buf, sizeof( buf ) ); _Offset += sizeof( buf ); return( buf ); } /* MemWndGetDataLong */
/** * IsExternalClockMode - Is External Clock Mode? * * * @retval TRUE or FALSE * */ BOOLEAN IsExternalClockMode ( IN VOID *FchDataPtr ) { UINT8 MISC80; ReadMem (ACPI_MMIO_BASE + MISC_BASE + FCH_MISC_REG80 + 2, AccessWidth8, &MISC80); return ( (BOOLEAN) ((MISC80 & BIT1) == 0) ); }
/* * MemWndGetDataByte */ int_16 MemWndGetDataByte( void ) { char buf; ReadMem( Sel, _Offset, &buf, 1 ); _Offset++; return( buf ); } /* GetDataByte */
/* * MemWndGetDataWord */ int_16 MemWndGetDataWord( void ) { int_16 buf; ReadMem( Sel, _Offset, (char *)&buf, sizeof( int_16 ) ); _Offset += sizeof( int_16 ); return( buf ); } /* GetDataWord */
/** * FchSataDriveDetectionFpga * * @param[in] LocalCfgPtr * @param[in] Bar5 * */ VOID FchSataDriveDetectionFpga ( IN FCH_DATA_BLOCK *LocalCfgPtr, IN UINT32 *Bar5 ) { UINT32 SataBarFpgaInfo; UINT8 PortNum; UINT8 SataFpaPortType; UINT16 IoBase; UINT32 SataFpgaLoopVarWord; AMD_CONFIG_PARAMS *StdHeader; StdHeader = LocalCfgPtr->StdHeader; TRACE ((DMSG_FCH_TRACE, "FCH - Entering sata drive detection procedure\n\n")); TRACE ((DMSG_FCH_TRACE, "SATA BAR5 is %X \n", *pBar5)); for ( PortNum = 0; PortNum < 4; PortNum++ ) { ReadMem (*Bar5 + FCH_SATA_BAR5_REG128 + PortNum * 0x80, AccWidthUint32, &SataBarFpgaInfo); if ( ( SataBarFpgaInfo & 0x0F ) == 0x03 ) { if ( PortNum & BIT0 ) { //this port belongs to secondary channel ReadPci (((UINT32) (SATA_BUS_DEV_FUN_FPGA << 16) + FCH_SATA_REG18), AccWidthUint16, &IoBase); } else { //this port belongs to primary channel ReadPci (((UINT32) (SATA_BUS_DEV_FUN_FPGA << 16) + FCH_SATA_REG10), AccWidthUint16, &IoBase); } //if legacy ide mode, then the bar registers don't contain the correct values. So we need to hardcode them if ( LocalCfgPtr->Sata.SataClass == SataLegacyIde ) { IoBase = ( (0x170) | ((UINT16) ( (~((UINT8) (PortNum & BIT0) << 7)) & 0x80 )) ); } if ( PortNum & BIT1 ) { //this port is slave SataFpaPortType = 0xB0; } else { //this port is master SataFpaPortType = 0xA0; } IoBase &= 0xFFF8; LibAmdIoWrite (AccessWidth8, IoBase + 6, &SataFpaPortType, StdHeader); //Wait in loop for 30s for the drive to become ready for ( SataFpgaLoopVarWord = 0; SataFpgaLoopVarWord < 300000; SataFpgaLoopVarWord++ ) { LibAmdIoRead (AccessWidth8, IoBase + 7, &SataFpaPortType, StdHeader); if ( (SataFpaPortType & 0x88) == 0 ) { break; } FchStall (100, StdHeader); } } } }
/* * horkyFindSegment - runs and tries to find a segment. It does this by * finding the module entry in the global heap for this task. The module * entry is a lot like an NE header, except that instead of segment numbers, * it has the selector values themselves. For the format of the module entry * see p 319 of Undocumented Windows */ static WORD horkyFindSegment( HMODULE mod, WORD seg ) { WORD sel; WORD offset; GLOBALENTRY ge; if( !GlobalFirst( &ge, GLOBAL_ALL ) ) { return( 0 ); } do { if( ge.hOwner == mod && ge.wType == GT_MODULE ) { ReadMem( (WORD)ge.hBlock, 0x22, &offset, sizeof( offset ) ); offset += 8 + ( 10 * seg ); ReadMem( (WORD)ge.hBlock, offset, &sel, sizeof( sel ) ); return( sel ); } } while( GlobalNext( &ge, GLOBAL_ALL ) ); return( 0 ); }
HRESULT WINAPI string_Eval( DWORD dwAddress, DEBUGHELPER *pHelper, int nBase, BOOL bUniStrings, char *pResult, size_t maxlen, DWORD reserved ) { DWORDLONG address = GetAddress( pHelper, dwAddress); long begin,end; if (!ReadMem( pHelper, address, &begin) || !ReadMem( pHelper, address + sizeof(long), &end) ) return E_FAIL; long size =(end-begin); if ( begin == 0 ) { strcpy(pResult, "@"); return S_OK; } if( size == 0) { strcpy(pResult, "\"\""); return S_OK; } unsigned char *eval = new unsigned char[size+2]; if (!ReadMem(pHelper, begin, size, eval) ) { delete [] eval; return E_FAIL; } char *chbegin = reinterpret_cast<char *>(eval); char *chend = reinterpret_cast<char *>(eval + size); std::string res; if (!string_as_string( chbegin, chend, &res) ) { delete [] eval; return E_FAIL; } delete [] eval; res.insert(res.begin(), '\"'); res += '\"'; strncpy(pResult,res.c_str(), maxlen); pResult[maxlen-1] ='\0'; return S_OK; }
unsigned ReqRead_mem( void ) { read_mem_req *acc; unsigned len; acc = GetInPtr( 0 ); CONV_LE_32( acc->mem_addr.offset ); CONV_LE_16( acc->mem_addr.segment ); CONV_LE_16( acc->len ); len = ReadMem( pid, GetOutPtr( 0 ), acc->mem_addr.offset, acc->len ); return( len ); }
unsigned ReqRead_mem( void ) { read_mem_req *acc; LPVOID data; unsigned len; acc = GetInPtr(0); data = GetOutPtr(0); len = ReadMem( acc->mem_addr.segment, acc->mem_addr.offset, data, acc->len ); return( len ); }
bool VIRTUALMACHINE::pop(VMFLOAT& val) { bool result= false; VMREGTYPE sp= 0; if(GetRegister(SP,sp)) { if(SetRegister(SP,sp+sizeof(VMREGTYPE))) result= ReadMem((VPVOID)sp,&val,sizeof(val)); } return result; }
void ForthDumpDict(ushort latest) { ushort dictEnd=latest+64; // The format is: flags, name (not zero terminated), previous NFA, // currentNFA. Emit('>'); while(latest<dictEnd) { Emit(' '); byte dictbyte; ReadMem(dictbyte,latest++); // get the byte at here. DotHex(dictbyte); } }
void GetCommArea( void ) { if( CommonAddr.segment == 0 ) { /* can't get the common region yet */ Comm.cgraph_top = 0; Comm.top_ip = 0; Comm.top_cs = 0; Comm.pop_no = 0; Comm.push_no = 0; Comm.in_hook = 1; /* don't record this sample */ } else { ReadMem( Pid, &Comm, CommonAddr.offset, sizeof( Comm ) ); } }