/*
* EnumerateModules enumerates all modules in the assembly
*/
HRESULT CordbAssembly::EnumerateModules(ICorDebugModuleEnum **ppModules)
{
HRESULT hr = S_OK;
PUBLIC_API_BEGIN(this);
{
ValidateOrThrow(ppModules);
*ppModules = NULL;
m_pAppDomain->PrepopulateModules();
RSInitHolder<CordbEnumFilter> pModEnum(
new CordbEnumFilter(GetProcess(), GetProcess()->GetContinueNeuterList()));
RSInitHolder<CordbHashTableEnum> pEnum;
CordbHashTableEnum::BuildOrThrow(
this,
NULL, // ownership
&m_pAppDomain->m_modules,
IID_ICorDebugModuleEnum,
pEnum.GetAddr());
// this will build up an auxillary list. Don't need pEnum after this.
hr = pModEnum->Init(pEnum, this);
IfFailThrow(hr);
pModEnum.TransferOwnershipExternal(ppModules);
}
PUBLIC_API_END(hr);
return hr;
}
void CordbAppDomain::AddToTypeList(CordbBase *pObject)
{
INTERNAL_API_ENTRY(this);
_ASSERTE(pObject != NULL);
RSLockHolder lockHolder(GetProcess()->GetProcessLock());
this->m_TypeNeuterList.Add(GetProcess(), pObject);
}
HRESULT CordbAppDomain::EnumerateThreads(ICorDebugThreadEnum **ppThreads)
{
// @TODO E_NOIMPL this
//
// (use Process::EnumerateThreads and let users filter their own data)
HRESULT hr = S_OK;
PUBLIC_API_BEGIN(this);
{
ValidateOrThrow(ppThreads);
RSInitHolder<CordbEnumFilter> pThreadEnum(
new CordbEnumFilter(GetProcess(), GetProcess()->GetContinueNeuterList()));
GetProcess()->PrepopulateThreadsOrThrow();
RSInitHolder<CordbHashTableEnum> pEnum;
GetProcess()->BuildThreadEnum(this, NULL, pEnum.GetAddr());
// This builds up auxillary list. don't need pEnum after this.
hr = pThreadEnum->Init(pEnum, this);
IfFailThrow(hr);
pThreadEnum.TransferOwnershipExternal(ppThreads);
}
PUBLIC_API_END(hr);
return hr;
}
HRESULT CordbAppDomain::EnumerateSteppers(ICorDebugStepperEnum **ppSteppers)
{
PUBLIC_API_ENTRY(this);
FAIL_IF_NEUTERED(this);
ATT_REQUIRE_STOPPED_MAY_FAIL(GetProcess());
VALIDATE_POINTER_TO_OBJECT(ppSteppers,ICorDebugStepperEnum **);
HRESULT hr = S_OK;
EX_TRY
{
//
// !!! m_steppers may be modified while user is enumerating,
// if steppers complete (if process is running)
//
RSInitHolder<CordbHashTableEnum> pEnum;
CordbHashTableEnum::BuildOrThrow(
GetProcess(),
GetProcess()->GetContinueNeuterList(), // ownership
&(m_pProcess->m_steppers),
IID_ICorDebugStepperEnum,
pEnum.GetAddr());
pEnum.TransferOwnershipExternal(ppSteppers);
}
EX_CATCH_HRESULT(hr);
return hr;
}
HRESULT CordbStepper::Step(BOOL bStepIn)
{
if (m_thread == NULL)
return CORDBG_E_PROCESS_TERMINATED;
CORDBSyncFromWin32StopIfNecessary(GetProcess());
CORDBRequireProcessStateOKAndSync(GetProcess(), GetAppDomain());
return StepRange(bStepIn, NULL, 0);
}
//获取正在运行的对手进程名
std::wstring CProcessReport::GetProcessName()
{
std::wstring runProcName;
runProcName = GetProcess(m_OpponentsProcessName,ProcessType::PROCESS_NAME ); //使用进程名列表查找正在运行的对手进程
if(runProcName == _T("")) //未找到
{
runProcName = GetProcess(m_OpponentsWindowsText,ProcessType::PROCESS_WINDOWS ); //使用窗口名列表查找正在运行的对手窗口标题
}
return runProcName;
}
//---------------------------------------------------------------------------------------
//
// Cache a new assembly
//
// Arguments:
// vmDomainAssembly - new assembly to add to cache
//
// Return Value:
// Pointer to Assembly in cache.
// NULL on failure, and sets unrecoverable error.
//
// Assumptions:
// Caller gaurantees assembly is not already added.
// Called under the stop-go lock.
//
// Notes:
//
CordbAssembly * CordbAppDomain::CacheAssembly(VMPTR_DomainAssembly vmDomainAssembly)
{
INTERNAL_API_ENTRY(GetProcess());
VMPTR_Assembly vmAssembly;
GetProcess()->GetDAC()->GetAssemblyFromDomainAssembly(vmDomainAssembly, &vmAssembly);
RSInitHolder<CordbAssembly> pAssembly(new CordbAssembly(this, vmAssembly, vmDomainAssembly));
return pAssembly.TransferOwnershipToHash(&m_assemblies);
}
bool
RenderScriptRuntime::GetOverrideExprOptions(clang::TargetOptions &proto)
{
auto *process = GetProcess();
assert(process);
return registerRSDefaultTargetOpts(proto, process->GetTarget().GetArchitecture().GetMachine());
}
//---------------------------------------------------------------------------------------
// Assert that a assembly is no longer discoverable via enumeration.
//
// Notes:
// See code:IDacDbiInterface#Enumeration for rules that we're asserting.
// This is a debug only method. It's conceptually similar to
// code:CordbProcess::DbgAssertAppDomainDeleted.
//
void CordbAssembly::DbgAssertAssemblyDeleted()
{
GetProcess()->GetDAC()->EnumerateAssembliesInAppDomain(
GetAppDomain()->GetADToken(),
CordbAssembly::DbgAssertAssemblyDeletedCallback,
this);
}
LONG
HookRegCreateDynKey(
PCHAR szName,
PVOID KeyContext,
PVOID pInfo,
PVOID pValList,
DWORD dwNumVals,
PVMMHKEY pKeyHandle
)
{
LONG retval;
CHAR fullname[NAMELEN], process[PROCESSLEN];
sprintf(fullname, "DYNDAT\\%s", szName );
retval = RealRegCreateDynKey( szName, KeyContext, pInfo, pValList,
dwNumVals, pKeyHandle );
if( ErrorString( retval ) && FilterDef.logreads) {
LogRecord( "%s\tCreateDynKey\t%s\t%s\thKey: 0x%X",
GetProcess( process ), fullname, ErrorString( retval ),
*pKeyHandle );
}
if( retval == ERROR_SUCCESS ) {
RegmonLogHash( *pKeyHandle, fullname );
}
return retval;
}
// This is just a convenience function to convert a regdisplay into a Context.
// Since a context has more info than a regdisplay, the conversion isn't perfect
// and the context can't be fully accurate.
void CordbRegisterSet::InternalCopyRDToContext(DT_CONTEXT * pInputContext)
{
INTERNAL_SYNC_API_ENTRY(GetProcess());
_ASSERTE(pInputContext);
if ((pInputContext->ContextFlags & DT_CONTEXT_INTEGER) == DT_CONTEXT_INTEGER)
{
pInputContext->R0 = m_rd->R0;
pInputContext->R1 = m_rd->R1;
pInputContext->R2 = m_rd->R2;
pInputContext->R3 = m_rd->R3;
pInputContext->R4 = m_rd->R4;
pInputContext->R5 = m_rd->R5;
pInputContext->R6 = m_rd->R6;
pInputContext->R7 = m_rd->R7;
pInputContext->R8 = m_rd->R8;
pInputContext->R9 = m_rd->R9;
pInputContext->R10 = m_rd->R10;
pInputContext->R11 = m_rd->R11;
}
if ((pInputContext->ContextFlags & DT_CONTEXT_CONTROL) == DT_CONTEXT_CONTROL)
{
pInputContext->Sp = m_rd->SP;
pInputContext->Lr = m_rd->LR;
pInputContext->Pc = m_rd->PC;
}
}
// Implement public interface
HRESULT CordbAppDomain::GetModuleFromMetaDataInterface(
IUnknown *pIMetaData,
ICorDebugModule **ppModule)
{
PUBLIC_API_ENTRY(this);
FAIL_IF_NEUTERED(this);
VALIDATE_POINTER_TO_OBJECT(pIMetaData, IUnknown *);
VALIDATE_POINTER_TO_OBJECT(ppModule, ICorDebugModule **);
HRESULT hr = S_OK;
ATT_REQUIRE_STOPPED_MAY_FAIL(GetProcess());
*ppModule = NULL;
EX_TRY
{
CordbModule * pModule = GetModuleFromMetaDataInterface(pIMetaData);
_ASSERTE(pModule != NULL); // thrown on error
*ppModule = static_cast<ICorDebugModule*> (pModule);
pModule->ExternalAddRef();
}
EX_CATCH_HRESULT(hr);
return hr;
}
LONG
HookRegCreateKey(
HKEY hkey,
PCHAR lpszSubKey,
PHKEY phkResult
)
{
LONG retval;
CHAR fullname[NAMELEN], data[DATASIZE], process[PROCESSLEN];
GetFullName( hkey, lpszSubKey, NULL, fullname );
retval = RealRegCreateKey( hkey, lpszSubKey, phkResult );
data[0] = 0;
if( retval == ERROR_SUCCESS ) {
RegmonFreeHashEntry( *phkResult );
RegmonLogHash( *phkResult, fullname );
sprintf(data,"hKey: 0x%X", *phkResult );
}
if( ErrorString( retval ) && FilterDef.logwrites ) {
LogRecord( "%s\tCreateKey\t%s\t%s\t%s",
GetProcess( process ), fullname, ErrorString( retval ), data);
}
return retval;
}
LONG
HookRegSetValue(
HKEY hkey,
PCHAR lpszSubKey,
DWORD fdwType,
PCHAR lpszData,
DWORD cbData
)
{
LONG retval;
CHAR fullname[NAMELEN], data[DATASIZE], process[PROCESSLEN];
GetFullName( hkey, lpszSubKey, "(Default)", fullname );
retval = RealRegSetValue( hkey, lpszSubKey, fdwType, lpszData, cbData );
data[0] = 0;
if( lpszData ) {
strcpy( data,"\"");
strncat(data, lpszData, STRINGLEN );
if( strlen( lpszData ) > STRINGLEN )
strcat( data, "..." );
strcat( data, "\"");
}
if( ErrorString( retval ) && FilterDef.logwrites) {
LogRecord( "%s\tSetValue\t%s\t%s\t%s",
GetProcess( process ), fullname, ErrorString( retval ), data );
}
return retval;
}
LONG
HookRegQueryValue(
HKEY hkey,
PCHAR lpszSubKey,
PCHAR lpszValue,
PLONG pcbValue
)
{
LONG retval;
CHAR fullname[NAMELEN], data[DATASIZE], process[PROCESSLEN];
GetFullName( hkey, lpszSubKey, "(Default)", fullname );
retval = RealRegQueryValue( hkey, lpszSubKey, lpszValue, pcbValue );
data[0] = 0;
if( retval == ERROR_SUCCESS && lpszValue && *pcbValue ) {
strcpy( data, "\"");
strncat( data, lpszValue, STRINGLEN );
if( strlen( lpszValue ) > STRINGLEN )
strcat( data, "..." );
strcat( data, "\"");
}
if( ErrorString( retval ) && FilterDef.logreads ) {
LogRecord( "%s\tQueryValue\t%s\t%s\t%s",
GetProcess( process ), fullname, ErrorString( retval ), data);
}
return retval;
}
//++ ------------------------------------------------------------------------------------
// Details: Retrieve the specified thread's frame information.
// Type: Method.
// Args: vCmdData - (R) A command's information.
// vThreadIdx - (R) Thread index.
// vwrThreadFrames - (W) Frame data.
// Return: MIstatus::success - Functional succeeded.
// MIstatus::failure - Functional failed.
// Throws: None.
//--
bool
CMICmnLLDBDebugSessionInfo::GetThreadFrames(const SMICmdData &vCmdData, const MIuint vThreadIdx, const FrameInfoFormat_e veFrameInfoFormat,
CMIUtilString &vwrThreadFrames)
{
lldb::SBThread thread = GetProcess().GetThreadByIndexID(vThreadIdx);
const uint32_t nFrames = thread.GetNumFrames();
if (nFrames == 0)
{
// MI print "frame={}"
CMICmnMIValueTuple miValueTuple;
CMICmnMIValueResult miValueResult("frame", miValueTuple);
vwrThreadFrames = miValueResult.GetString();
return MIstatus::success;
}
// MI print
// "frame={level=\"%d\",addr=\"0x%016" PRIx64 "\",func=\"%s\",args=[%s],file=\"%s\",fullname=\"%s\",line=\"%d\"},frame={level=\"%d\",addr=\"0x%016" PRIx64 "\",func=\"%s\",args=[%s],file=\"%s\",fullname=\"%s\",line=\"%d\"},
// ..."
CMIUtilString strListCommaSeparated;
for (MIuint nLevel = 0; nLevel < nFrames; nLevel++)
{
CMICmnMIValueTuple miValueTuple;
if (!MIResponseFormFrameInfo(thread, nLevel, veFrameInfoFormat, miValueTuple))
return MIstatus::failure;
const CMICmnMIValueResult miValueResult2("frame", miValueTuple);
if (nLevel != 0)
strListCommaSeparated += ",";
strListCommaSeparated += miValueResult2.GetString();
}
vwrThreadFrames = strListCommaSeparated;
return MIstatus::success;
}
HRESULT CordbRegisterSet::GetRegisters(ULONG64 mask, ULONG32 regCount, CORDB_REGISTER regBuffer[])
{
PUBLIC_REENTRANT_API_ENTRY(this);
FAIL_IF_NEUTERED(this);
ATT_REQUIRE_STOPPED_MAY_FAIL(GetProcess());
UINT iRegister = 0;
VALIDATE_POINTER_TO_OBJECT_ARRAY(regBuffer, CORDB_REGISTER, regCount, true, true);
// @ARMTODO: floating point support
for (int i = REGISTER_INSTRUCTION_POINTER;
i <= REGISTER_ARM_LR && iRegister < regCount;
i++)
{
if (mask & SETBITULONG64(i))
{
switch (i)
{
case REGISTER_INSTRUCTION_POINTER:
regBuffer[iRegister++] = m_rd->PC; break;
case REGISTER_STACK_POINTER:
regBuffer[iRegister++] = m_rd->SP; break;
case REGISTER_ARM_R0:
regBuffer[iRegister++] = m_rd->R0; break;
case REGISTER_ARM_R1:
regBuffer[iRegister++] = m_rd->R1; break;
case REGISTER_ARM_R2:
regBuffer[iRegister++] = m_rd->R2; break;
case REGISTER_ARM_R3:
regBuffer[iRegister++] = m_rd->R3; break;
case REGISTER_ARM_R4:
regBuffer[iRegister++] = m_rd->R4; break;
case REGISTER_ARM_R5:
regBuffer[iRegister++] = m_rd->R5; break;
case REGISTER_ARM_R6:
regBuffer[iRegister++] = m_rd->R6; break;
case REGISTER_ARM_R7:
regBuffer[iRegister++] = m_rd->R7; break;
case REGISTER_ARM_R8:
regBuffer[iRegister++] = m_rd->R8; break;
case REGISTER_ARM_R9:
regBuffer[iRegister++] = m_rd->R9; break;
case REGISTER_ARM_R10:
regBuffer[iRegister++] = m_rd->R10; break;
case REGISTER_ARM_R11:
regBuffer[iRegister++] = m_rd->R11; break;
case REGISTER_ARM_R12:
regBuffer[iRegister++] = m_rd->R12; break;
case REGISTER_ARM_LR:
regBuffer[iRegister++] = m_rd->LR; break;
}
}
}
_ASSERTE (iRegister <= regCount);
return S_OK;
}
void CordbAppDomain::PrepopulateAssembliesOrThrow()
{
INTERNAL_API_ENTRY(GetProcess());
RSLockHolder lockHolder(GetProcess()->GetProcessLock());
if (!GetProcess()->IsDacInitialized())
{
return;
}
// DD-primitive that invokes a callback.
GetProcess()->GetDAC()->EnumerateAssembliesInAppDomain(
this->m_vmAppDomain,
CordbAppDomain::AssemblyEnumerationCallback,
this); // user data
}
//-----------------------------------------------------------------------------
// Get the full associated XML for the MDA. This may be empty.
// This could be a potentially expensive operation if the xml stream is large.
// See the MDA documentation for the schema for this XML stream.
// See CopyOutString for parameter details.
//-----------------------------------------------------------------------------
HRESULT CordbMDA::GetXML(ULONG32 cchName, ULONG32 * pcchName, WCHAR szName[])
{
PUBLIC_API_ENTRY(this);
FAIL_IF_NEUTERED(this);
ATT_REQUIRE_STOPPED_MAY_FAIL(GetProcess());
return CopyOutString(m_szXml, cchName, pcchName, szName);
}
LONG
__stdcall HookWin32RegQueryInfoKey(
volatile PCLIENT_STRUCT pClientRegs,
DWORD Dummy2,
HKEY hKey,
PDWORD lpcSubKeys,
PDWORD lpcchMaxSubKey,
PDWORD lpcValues,
PDWORD lpcchMaxValueName,
PDWORD lpcbMaxValueData
)
{
LONG retval;
CHAR fullname[NAMELEN], process[PROCESSLEN];
//
// NOTE: this special hook is needed because Win95 has a bug where
// the Win32 call to RegQueryInfoKey gets routed to VMM's Win32
// service table, but the service table handler does *not* call the
// VMM RegQueryInfoKey entry point. Therefore, we have to hook the
// VMM Win32 service as a special case.
//
GetFullName( hKey, NULL, NULL, fullname );
//
// The return code is Logd in the client registers
//
RealWin32RegQueryInfoKey( pClientRegs, Dummy2,
hKey, lpcSubKeys, lpcchMaxSubKey,
lpcValues, lpcchMaxValueName,
lpcbMaxValueData );
retval = pClientRegs->CRS.Client_EAX;
if( ErrorString( retval ) && FilterDef.logreads) {
if( retval == ERROR_SUCCESS ) {
LogRecord( "%s\tQueryKey\t%s\t%s\tKeys: %d Values: %d",
GetProcess( process ), fullname, ErrorString( retval ),
lpcSubKeys ? *lpcSubKeys : -1,
lpcValues ? *lpcValues : -1 );
} else
LogRecord( "%s\tQueryKey\t%s\t%s",
GetProcess( process ), fullname, ErrorString( retval ));
}
return retval;
}
LONG
HookRegEnumValue(
HKEY hkey,
DWORD iValue,
PCHAR lpszValue,
PDWORD lpcchValue,
PDWORD lpdwReserved,
PDWORD lpdwType,
PBYTE lpbData,
PDWORD lpcbData
)
{
LONG retval;
int i, len;
CHAR fullname[NAMELEN], data[DATASIZE], tmp[2*BINARYLEN], process[PROCESSLEN];
GetFullName( hkey, NULL, NULL, fullname );
retval = RealRegEnumValue( hkey, iValue, lpszValue, lpcchValue,
lpdwReserved, lpdwType, lpbData, lpcbData );
data[0] = 0;
if( retval == ERROR_SUCCESS && lpbData && *lpcbData ) {
strcat( data, lpszValue );
strcat( data, ": ");
if( !lpdwType || *lpdwType == REG_BINARY ) {
if( *lpcbData > BINARYLEN ) len = BINARYLEN;
else len = *lpcbData;
for( i = 0; i < len; i++ ) {
sprintf( tmp, "%X ", lpbData[i]);
strcat( data, tmp );
}
if( *lpcbData > BINARYLEN) strcat( data, "...");
} else if( *lpdwType == REG_SZ ) {
strcat( data, "\"");
strncat( data, lpbData, STRINGLEN );
strcat( data, "\"");
} else if( *lpdwType == REG_DWORD ) {
sprintf( tmp, "0x%X", *(PDWORD) lpbData );
strcat( data, tmp );
}
}
if( ErrorString( retval ) && FilterDef.logreads ) {
LogRecord( "%s\tEnumValue\t%s\t%s\t%s",
GetProcess( process ), fullname, ErrorString( retval ),
data );
}
return retval;
}
HRESULT CordbStepper::Deactivate()
{
if (!m_active)
return S_OK;
if (m_thread == NULL)
return CORDBG_E_PROCESS_TERMINATED;
CORDBLeftSideDeadIsOkay(GetProcess());
CORDBSyncFromWin32StopIfNecessary(GetProcess());
CORDBRequireProcessStateOKAndSync(GetProcess(), GetAppDomain());
CordbProcess *process = GetProcess();
process->Lock();
if (!m_active) // another thread may be deactivating (e.g. step complete event)
{
process->Unlock();
return S_OK;
}
CordbAppDomain *pAppDomain = GetAppDomain();
_ASSERTE (pAppDomain != NULL);
DebuggerIPCEvent event;
process->InitIPCEvent(&event,
DB_IPCE_STEP_CANCEL,
false,
(void *)(pAppDomain->m_id));
event.StepData.stepperToken = (void *) m_id;
HRESULT hr = process->SendIPCEvent(&event, sizeof(DebuggerIPCEvent));
// pAppDomain->Lock();
process->m_steppers.RemoveBase(m_id);
m_active = false;
// pAppDomain->Unlock();
process->Unlock();
return hr;
}
// Let the interpreter know that this thread has completed the call, and is ready to finish
// up the external call (clear arguments off the stack of the calling process and push
// on the return value). We have to do this in synchronisation with the main thread since it
// may involve memory management activities, etc, therefore we signal the Semaphore
// on which the process is waiting, and when the main thread processes this signal it
// will realise that a completion is waiting and send back an appropriate notification
// and then itself wait for the completion to take place on this thread.
void OverlappedCall::NotifyInterpreterOfCallReturn()
{
m_bCompletionRequestPending = true;
Process* myProc = GetProcess();
Interpreter::asynchronousSignal(myProc->OverlapSemaphore());
//completed = true;
// We must set this event in case the main thread has quiesced
Interpreter::SetWakeupEvent();
}
HRESULT CordbAppDomain::SetAllThreadsDebugState(CorDebugThreadState state,
ICorDebugThread *pExceptThisThread)
{
PUBLIC_API_ENTRY(this);
FAIL_IF_NEUTERED(this);
ATT_REQUIRE_STOPPED_MAY_FAIL(GetProcess());
return m_pProcess->SetAllThreadsDebugState(state, pExceptThisThread);
}
HWND GetAppHwnd(const char * app_name, bool skip_current)
{
if(GetProcess(app_name, g_process_id, skip_current ? GetCurrentPrc() : 0) == NULL)
return NULL;
g_process_hwnd = NULL;
::EnumWindows(MyEnumWindowsProc, 0);
return g_process_hwnd;
}
BOOL CRemoteLoader::ProcessTlsEntries( PVOID BaseAddress, PVOID RemoteAddress )
{
IMAGE_NT_HEADERS* ImageNtHeaders = ToNts( BaseAddress );
if( ImageNtHeaders == NULL )
return FALSE;
if( ImageNtHeaders->OptionalHeader.DataDirectory[ IMAGE_DIRECTORY_ENTRY_TLS ].Size == 0 )
return TRUE; // Success when there is no Tls Entries
DebugShout( "[ProcessTlsEntries] Tls Data detected!" );
IMAGE_TLS_DIRECTORY* TlsDirectory =
( IMAGE_TLS_DIRECTORY* ) RvaToPointer( ImageNtHeaders->OptionalHeader.DataDirectory[ IMAGE_DIRECTORY_ENTRY_TLS ].VirtualAddress, BaseAddress );
if( TlsDirectory == NULL )
return TRUE; // Success when there is no Tls entries / broken data?
DebugShout( "[ProcessTlsEntries] TlsDirectory (0x%X)",
TlsDirectory );
if( TlsDirectory->AddressOfCallBacks == NULL )
return TRUE; // Success when there is no Tls entries / broken data?
DebugShout( "[ProcessTlsEntries] TlsDirectory->AddressOfCallBacks (0x%X)",
TlsDirectory->AddressOfCallBacks );
PIMAGE_TLS_CALLBACK TLSCallbacks[ 0xFF ];
if( ReadProcessMemory( GetProcess(), ( LPCVOID ) TlsDirectory->AddressOfCallBacks, TLSCallbacks, sizeof( TLSCallbacks ), NULL ) == FALSE )
{
DebugShout( "[ProcessTlsEntries] Failed ReadProcessMemory" );
return FALSE;
}
BOOL SuccessValue = TRUE;
for( int i = 0; TLSCallbacks[i]; i++ )
{
DebugShout( "[ProcessTlsEntries] TLSCallbacks[%i] = 0x%X (0x%X)", i, TLSCallbacks[i], RemoteAddress );
// As a consequence of the relocation stuff mentioned above, pCallbacks[i] is already fixed
if( CallEntryPoint( RemoteAddress, ( FARPROC ) TLSCallbacks[i] ) == false )
{
DebugShout( "[ProcessTlsEntries] Failed to execute Tls Entry [%i]", i );
}
else
{
DebugShout( "[ProcessTlsEntries] Called Tls Callback (0x%X)", TLSCallbacks[i] );
}
}
return SuccessValue;
}
HRESULT CordbStepper::SetUnmappedStopMask(CorDebugUnmappedStop mask)
{
// You must be Win32 attached to stop in unmanaged code.
if ((mask & STOP_UNMANAGED) &&
!(GetProcess()->m_state & CordbProcess::PS_WIN32_ATTACHED))
return E_INVALIDARG;
m_rgfMappingStop = mask;
return S_OK;
}
FARPROC CRemoteLoader::GetRemoteProcAddress( PCHAR Module, SHORT Function )
{
HMODULE hKernel32 = LoadLibraryA( "Kernel32.dll" );
if( hKernel32 == NULL ) return NULL;
DWORD GetProcAddressOffset = ( DWORD ) GetProcAddress - ( DWORD ) hKernel32;
HMODULE hRemoteKernel32 = GetRemoteModuleHandleA( "Kernel32.dll" );
if( hRemoteKernel32 == NULL ) return NULL;
HMODULE hRemoteModule = GetRemoteModuleHandleA( Module );
if( hRemoteModule == NULL ) return NULL;
PVOID ReturnPointerValue = RemoteAllocateMemory( sizeof( DWORD ) );
PushInt( ( INT ) hRemoteModule ); // HACKHACK: Why is this an int?
PushInt( ( INT ) Function );
PushCall( CCONV_STDCALL, ( FARPROC )( ( DWORD_PTR ) hRemoteKernel32 + ( DWORD_PTR ) GetProcAddressOffset ) );
//mov ptr, eax
AddByteToBuffer( 0xA3 );
AddLongToBuffer( ( DWORD ) ReturnPointerValue );
//xor eax, eax
AddByteToBuffer( 0x33 );
AddByteToBuffer( 0xC0 );
//retn 4
AddByteToBuffer( 0xC2 );
AddByteToBuffer( 0x04 );
AddByteToBuffer( 0x00 );
if( ExecuteRemoteThreadBuffer( m_CurrentRemoteThreadBuffer, true ) == false )
{
RemoteFreeMemory( ReturnPointerValue, sizeof( DWORD ) );
return NULL;
}
DWORD ProcAddressRemote = 0;
if( ReadProcessMemory( GetProcess(), ReturnPointerValue, &ProcAddressRemote, sizeof( DWORD ), NULL ) == TRUE )
{
RemoteFreeMemory( ReturnPointerValue, sizeof( DWORD ) );
return ( FARPROC ) ProcAddressRemote;
}
RemoteFreeMemory( ReturnPointerValue, sizeof( DWORD ) );
return NULL;
}
void main(void)
{
char *res;
res=GetProcess("\0");
printf("GetProcess %s\n",res);
free(res);
res=ReadSet("TEMP","\0");
printf("ReadSet %s\n",res);
free(res);
}
bool CActivFeedConnection::Connect()
{
if (m_Gateway.IsConnected())
return true;
GetProcess()->SetState( IProcess::STATE_RUNNING );
StartThread();
return m_Gateway.Activate();
};