bool disasmfast(duint addr, BASIC_INSTRUCTION_INFO* basicinfo)
{
unsigned int data[16];
if(!MemRead(addr, data, sizeof(data)))
return false;
return disasmfast((unsigned char*)data, addr, basicinfo);
}
bool stackcommentget(duint addr, STACK_COMMENT* comment)
{
SHARED_ACQUIRE(LockSehCache);
const auto found = SehCache.find(addr);
if(found != SehCache.end())
{
*comment = found->second;
return true;
}
SHARED_RELEASE();
duint data = 0;
memset(comment, 0, sizeof(STACK_COMMENT));
MemRead(addr, &data, sizeof(duint));
if(!MemIsValidReadPtr(data)) //the stack value is no pointer
return false;
duint size = 0;
duint base = MemFindBaseAddr(data, &size);
duint readStart = data - 16 * 4;
if(readStart < base)
readStart = base;
unsigned char disasmData[256];
MemRead(readStart, disasmData, sizeof(disasmData));
duint prev = disasmback(disasmData, 0, sizeof(disasmData), data - readStart, 1);
duint previousInstr = readStart + prev;
BASIC_INSTRUCTION_INFO basicinfo;
bool valid = disasmfast(disasmData + prev, previousInstr, &basicinfo);
if(valid && basicinfo.call) //call
{
char label[MAX_LABEL_SIZE] = "";
ADDRINFO addrinfo;
addrinfo.flags = flaglabel;
if(_dbg_addrinfoget(data, SEG_DEFAULT, &addrinfo))
strcpy_s(label, addrinfo.label);
char module[MAX_MODULE_SIZE] = "";
ModNameFromAddr(data, module, false);
char returnToAddr[MAX_COMMENT_SIZE] = "";
if(*module)
sprintf(returnToAddr, "%s.", module);
if(!*label)
sprintf_s(label, "%p", data);
strcat(returnToAddr, label);
data = basicinfo.addr;
if(data)
{
*label = 0;
addrinfo.flags = flaglabel;
if(_dbg_addrinfoget(data, SEG_DEFAULT, &addrinfo))
strcpy_s(label, addrinfo.label);
*module = 0;
ModNameFromAddr(data, module, false);
char returnFromAddr[MAX_COMMENT_SIZE] = "";
if(*module)
sprintf_s(returnFromAddr, "%s.", module);
if(!*label)
sprintf_s(label, "%p", data);
strcat_s(returnFromAddr, label);
sprintf_s(comment->comment, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "return to %s from %s")), returnToAddr, returnFromAddr);
}
else
sprintf_s(comment->comment, GuiTranslateText(QT_TRANSLATE_NOOP("DBG", "return to %s from ???")), returnToAddr);
strcpy_s(comment->color, "!rtnclr"); // Special token for return address color;
return true;
}
//string
char string[MAX_STRING_SIZE] = "";
if(DbgGetStringAt(data, string))
{
strncpy_s(comment->comment, string, _TRUNCATE);
return true;
}
//label
char label[MAX_LABEL_SIZE] = "";
ADDRINFO addrinfo;
addrinfo.flags = flaglabel;
if(_dbg_addrinfoget(data, SEG_DEFAULT, &addrinfo))
strcpy_s(label, addrinfo.label);
char module[MAX_MODULE_SIZE] = "";
ModNameFromAddr(data, module, false);
if(*module) //module
{
if(*label) //+label
sprintf_s(comment->comment, "%s.%s", module, label);
else //module only
sprintf_s(comment->comment, "%s.%p", module, data);
return true;
}
else if(*label) //label only
{
sprintf_s(comment->comment, "<%s>", label);
return true;
}
return false;
}
void stackgetcallstack(uint csp, CALLSTACK* callstack)
{
#if 1
callstack->total = 0;
if(!DbgIsDebugging() || csp % sizeof(uint)) //alignment problem
return;
if(!MemIsValidReadPtr(csp))
return;
std::vector<CALLSTACKENTRY> callstackVector;
uint stacksize = 0;
uint stackbase = MemFindBaseAddr(csp, &stacksize, false);
if(!stackbase) //super-fail (invalid stack address)
return;
//walk up the stack
uint i = csp;
while(i != stackbase + stacksize)
{
uint data = 0;
MemRead(i, &data, sizeof(uint));
if(MemIsValidReadPtr(data) && MemIsCodePage(data, false)) //the stack value is a pointer to an executable page
{
uint size = 0;
uint base = MemFindBaseAddr(data, &size);
uint readStart = data - 16 * 4;
if(readStart < base)
readStart = base;
unsigned char disasmData[256];
MemRead(readStart, disasmData, sizeof(disasmData));
uint prev = disasmback(disasmData, 0, sizeof(disasmData), data - readStart, 1);
uint previousInstr = readStart + prev;
BASIC_INSTRUCTION_INFO basicinfo;
bool valid = disasmfast(disasmData + prev, previousInstr, &basicinfo);
if(valid && basicinfo.call) //call
{
CALLSTACKENTRY curEntry;
memset(&curEntry, 0, sizeof(CALLSTACKENTRY));
StackEntryFromFrame(&curEntry, i, basicinfo.addr, data);
callstackVector.push_back(curEntry);
}
}
i += sizeof(uint);
}
callstack->total = (int)callstackVector.size();
if(callstack->total)
{
callstack->entries = (CALLSTACKENTRY*)BridgeAlloc(callstack->total * sizeof(CALLSTACKENTRY));
for(int i = 0; i < callstack->total; i++)
{
//CALLSTACKENTRY curEntry;
//memcpy(&curEntry, &callstackVector.at(i), sizeof(CALLSTACKENTRY));
//dprintf(fhex":" fhex ":" fhex ":%s\n", curEntry.addr, curEntry.to, curEntry.from, curEntry.comment);
memcpy(&callstack->entries[i], &callstackVector.at(i), sizeof(CALLSTACKENTRY));
}
}
#else
// Gather context data
CONTEXT context;
memset(&context, 0, sizeof(CONTEXT));
context.ContextFlags = CONTEXT_CONTROL | CONTEXT_INTEGER;
if(SuspendThread(hActiveThread) == -1)
return;
if(!GetThreadContext(hActiveThread, &context))
return;
if(ResumeThread(hActiveThread) == -1)
return;
// Set up all frame data
STACKFRAME64 frame;
ZeroMemory(&frame, sizeof(STACKFRAME64));
#ifdef _M_IX86
DWORD machineType = IMAGE_FILE_MACHINE_I386;
frame.AddrPC.Offset = context.Eip;
frame.AddrPC.Mode = AddrModeFlat;
frame.AddrFrame.Offset = context.Ebp;
frame.AddrFrame.Mode = AddrModeFlat;
frame.AddrStack.Offset = csp;
frame.AddrStack.Mode = AddrModeFlat;
#elif _M_X64
DWORD machineType = IMAGE_FILE_MACHINE_AMD64;
frame.AddrPC.Offset = context.Rip;
frame.AddrPC.Mode = AddrModeFlat;
frame.AddrFrame.Offset = context.Rsp;
frame.AddrFrame.Mode = AddrModeFlat;
frame.AddrStack.Offset = csp;
frame.AddrStack.Mode = AddrModeFlat;
#endif
// Container for each callstack entry
std::vector<CALLSTACKENTRY> callstackVector;
while(true)
{
if(!StackWalk64(
machineType,
fdProcessInfo->hProcess,
hActiveThread,
&frame,
&context,
StackReadProcessMemoryProc64,
SymFunctionTableAccess64,
StackGetModuleBaseProc64,
StackTranslateAddressProc64))
{
// Maybe it failed, maybe we have finished walking the stack
break;
}
if(frame.AddrPC.Offset != 0)
{
// Valid frame
CALLSTACKENTRY entry;
memset(&entry, 0, sizeof(CALLSTACKENTRY));
StackEntryFromFrame(&entry, (uint)frame.AddrFrame.Offset, (uint)frame.AddrReturn.Offset, (uint)frame.AddrPC.Offset);
callstackVector.push_back(entry);
}
else
{
// Base reached
break;
}
}
// Convert to a C data structure
callstack->total = (int)callstackVector.size();
if(callstack->total > 0)
{
callstack->entries = (CALLSTACKENTRY*)BridgeAlloc(callstack->total * sizeof(CALLSTACKENTRY));
// Copy data directly from the vector
memcpy(callstack->entries, callstackVector.data(), callstack->total * sizeof(CALLSTACKENTRY));
}
#endif
}
bool stackcommentget(uint addr, STACK_COMMENT* comment)
{
uint data = 0;
memset(comment, 0, sizeof(STACK_COMMENT));
MemRead(addr, &data, sizeof(uint));
if(!MemIsValidReadPtr(data)) //the stack value is no pointer
return false;
uint size = 0;
uint base = MemFindBaseAddr(data, &size);
uint readStart = data - 16 * 4;
if(readStart < base)
readStart = base;
unsigned char disasmData[256];
MemRead(readStart, disasmData, sizeof(disasmData));
uint prev = disasmback(disasmData, 0, sizeof(disasmData), data - readStart, 1);
uint previousInstr = readStart + prev;
BASIC_INSTRUCTION_INFO basicinfo;
bool valid = disasmfast(disasmData + prev, previousInstr, &basicinfo);
if(valid && basicinfo.call) //call
{
char label[MAX_LABEL_SIZE] = "";
ADDRINFO addrinfo;
addrinfo.flags = flaglabel;
if(_dbg_addrinfoget(data, SEG_DEFAULT, &addrinfo))
strcpy_s(label, addrinfo.label);
char module[MAX_MODULE_SIZE] = "";
ModNameFromAddr(data, module, false);
char returnToAddr[MAX_COMMENT_SIZE] = "";
if(*module)
sprintf(returnToAddr, "%s.", module);
if(!*label)
sprintf(label, fhex, data);
strcat(returnToAddr, label);
data = basicinfo.addr;
if(data)
{
*label = 0;
addrinfo.flags = flaglabel;
if(_dbg_addrinfoget(data, SEG_DEFAULT, &addrinfo))
strcpy_s(label, addrinfo.label);
*module = 0;
ModNameFromAddr(data, module, false);
char returnFromAddr[MAX_COMMENT_SIZE] = "";
if(*module)
sprintf(returnFromAddr, "%s.", module);
if(!*label)
sprintf(label, fhex, data);
strcat_s(returnFromAddr, label);
sprintf_s(comment->comment, "return to %s from %s", returnToAddr, returnFromAddr);
}
else
sprintf_s(comment->comment, "return to %s from ???", returnToAddr);
strcpy_s(comment->color, "#ff0000");
return true;
}
//string
STRING_TYPE strtype;
char string[512] = "";
if(disasmgetstringat(data, &strtype, string, string, 500))
{
if(strtype == str_ascii)
sprintf(comment->comment, "\"%s\"", string);
else //unicode
sprintf(comment->comment, "L\"%s\"", string);
return true;
}
//label
char label[MAX_LABEL_SIZE] = "";
ADDRINFO addrinfo;
addrinfo.flags = flaglabel;
if(_dbg_addrinfoget(data, SEG_DEFAULT, &addrinfo))
strcpy_s(label, addrinfo.label);
char module[MAX_MODULE_SIZE] = "";
ModNameFromAddr(data, module, false);
if(*module) //module
{
if(*label) //+label
sprintf(comment->comment, "%s.%s", module, label);
else //module only
sprintf(comment->comment, "%s." fhex, module, data);
return true;
}
else if(*label) //label only
{
sprintf(comment->comment, "<%s>", label);
return true;
}
return false;
}
extern "C" DLL_EXPORT uint _dbg_sendmessage(DBGMSG type, void* param1, void* param2)
{
if(dbgisstopped())
{
switch(type) //ignore win events
{
//these functions are safe to call when we did not initialize yet
case DBG_DEINITIALIZE_LOCKS:
case DBG_INITIALIZE_LOCKS:
case DBG_GET_FUNCTIONS:
case DBG_SETTINGS_UPDATED:
case DBG_GET_THREAD_LIST:
case DBG_WIN_EVENT:
case DBG_WIN_EVENT_GLOBAL:
break;
//the rest is unsafe -> throw an exception when people try to call them
default:
__debugbreak(); //we cannot process messages when the debugger is stopped, this must be a bug
}
}
switch(type)
{
case DBG_SCRIPT_LOAD:
{
scriptload((const char*)param1);
}
break;
case DBG_SCRIPT_UNLOAD:
{
scriptunload();
}
break;
case DBG_SCRIPT_RUN:
{
scriptrun((int)(duint)param1);
}
break;
case DBG_SCRIPT_STEP:
{
scriptstep();
}
break;
case DBG_SCRIPT_BPTOGGLE:
{
return scriptbptoggle((int)(duint)param1);
}
break;
case DBG_SCRIPT_BPGET:
{
return scriptbpget((int)(duint)param1);
}
break;
case DBG_SCRIPT_CMDEXEC:
{
return scriptcmdexec((const char*)param1);
}
break;
case DBG_SCRIPT_ABORT:
{
scriptabort();
}
break;
case DBG_SCRIPT_GETLINETYPE:
{
return (duint)scriptgetlinetype((int)(duint)param1);
}
break;
case DBG_SCRIPT_SETIP:
{
scriptsetip((int)(duint)param1);
}
break;
case DBG_SCRIPT_GETBRANCHINFO:
{
return (duint)scriptgetbranchinfo((int)(duint)param1, (SCRIPTBRANCH*)param2);
}
break;
case DBG_SYMBOL_ENUM:
{
SYMBOLCBINFO* cbInfo = (SYMBOLCBINFO*)param1;
SymEnum(cbInfo->base, cbInfo->cbSymbolEnum, cbInfo->user);
}
break;
case DBG_ASSEMBLE_AT:
{
return assembleat((duint)param1, (const char*)param2, 0, 0, false);
}
break;
case DBG_MODBASE_FROM_NAME:
{
return ModBaseFromName((const char*)param1);
}
break;
case DBG_DISASM_AT:
{
disasmget((uint)param1, (DISASM_INSTR*)param2);
}
break;
case DBG_STACK_COMMENT_GET:
{
return stackcommentget((uint)param1, (STACK_COMMENT*)param2);
}
break;
case DBG_GET_THREAD_LIST:
{
ThreadGetList((THREADLIST*)param1);
}
break;
case DBG_SETTINGS_UPDATED:
{
valuesetsignedcalc(!settingboolget("Engine", "CalculationType")); //0:signed, 1:unsigned
SetEngineVariable(UE_ENGINE_SET_DEBUG_PRIVILEGE, settingboolget("Engine", "EnableDebugPrivilege"));
bOnlyCipAutoComments = settingboolget("Disassembler", "OnlyCipAutoComments");
bListAllPages = settingboolget("Engine", "ListAllPages");
bUndecorateSymbolNames = settingboolget("Engine", "UndecorateSymbolNames");
bEnableSourceDebugging = settingboolget("Engine", "EnableSourceDebugging");
uint setting;
if(BridgeSettingGetUint("Engine", "BreakpointType", &setting))
{
switch(setting)
{
case 0: //break_int3short
SetBPXOptions(UE_BREAKPOINT_INT3);
break;
case 1: //break_int3long
SetBPXOptions(UE_BREAKPOINT_LONG_INT3);
break;
case 2: //break_ud2
SetBPXOptions(UE_BREAKPOINT_UD2);
break;
}
}
char exceptionRange[MAX_SETTING_SIZE] = "";
dbgclearignoredexceptions();
if(BridgeSettingGet("Exceptions", "IgnoreRange", exceptionRange))
{
char* entry = strtok(exceptionRange, ",");
while(entry)
{
unsigned long start;
unsigned long end;
if(sscanf(entry, "%08X-%08X", &start, &end) == 2 && start <= end)
{
ExceptionRange range;
range.start = start;
range.end = end;
dbgaddignoredexception(range);
}
entry = strtok(0, ",");
}
}
char cachePath[MAX_SETTING_SIZE];
if(BridgeSettingGet("Symbols", "CachePath", cachePath))
{
// Trim the buffer to fit inside MAX_PATH
strncpy_s(szSymbolCachePath, cachePath, _TRUNCATE);
}
}
break;
case DBG_DISASM_FAST_AT:
{
if(!param1 || !param2)
return 0;
BASIC_INSTRUCTION_INFO* basicinfo = (BASIC_INSTRUCTION_INFO*)param2;
if(!disasmfast((uint)param1, basicinfo))
basicinfo->size = 1;
return 0;
}
break;
case DBG_MENU_ENTRY_CLICKED:
{
int hEntry = (int)(uint)param1;
pluginmenucall(hEntry);
}
break;
case DBG_FUNCTION_GET:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionGet(info->addr, &info->start, &info->end);
}
break;
case DBG_FUNCTION_OVERLAPS:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionOverlaps(info->start, info->end);
}
break;
case DBG_FUNCTION_ADD:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionAdd(info->start, info->end, info->manual);
}
break;
case DBG_FUNCTION_DEL:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)FunctionDelete(info->addr);
}
break;
case DBG_LOOP_GET:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopGet(info->depth, info->addr, &info->start, &info->end);
}
break;
case DBG_LOOP_OVERLAPS:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopOverlaps(info->depth, info->start, info->end, 0);
}
break;
case DBG_LOOP_ADD:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopAdd(info->start, info->end, info->manual);
}
break;
case DBG_LOOP_DEL:
{
FUNCTION_LOOP_INFO* info = (FUNCTION_LOOP_INFO*)param1;
return (uint)LoopDelete(info->depth, info->addr);
}
break;
case DBG_IS_RUN_LOCKED:
{
return (uint)waitislocked(WAITID_RUN);
}
break;
case DBG_IS_BP_DISABLED:
{
BREAKPOINT bp;
if(BpGet((uint)param1, BPNORMAL, 0, &bp))
return !(uint)bp.enabled;
return (uint)false;
}
break;
case DBG_SET_AUTO_COMMENT_AT:
{
return (uint)CommentSet((uint)param1, (const char*)param2, false);
}
break;
case DBG_DELETE_AUTO_COMMENT_RANGE:
{
CommentDelRange((uint)param1, (uint)param2);
}
break;
case DBG_SET_AUTO_LABEL_AT:
{
return (uint)LabelSet((uint)param1, (const char*)param2, false);
}
break;
case DBG_DELETE_AUTO_LABEL_RANGE:
{
LabelDelRange((uint)param1, (uint)param2);
}
break;
case DBG_SET_AUTO_BOOKMARK_AT:
{
return (uint)BookmarkSet((uint)param1, false);
}
break;
case DBG_DELETE_AUTO_BOOKMARK_RANGE:
{
BookmarkDelRange((uint)param1, (uint)param2);
}
break;
case DBG_SET_AUTO_FUNCTION_AT:
{
return (uint)FunctionAdd((uint)param1, (uint)param2, false);
}
break;
case DBG_DELETE_AUTO_FUNCTION_RANGE:
{
FunctionDelRange((uint)param1, (uint)param2);
}
break;
case DBG_GET_STRING_AT:
{
STRING_TYPE strtype;
char string[MAX_STRING_SIZE];
if(disasmgetstringat((uint)param1, &strtype, string, string, MAX_STRING_SIZE-3))
{
if(strtype == str_ascii)
sprintf((char*)param2, "\"%s\"", string);
else //unicode
sprintf((char*)param2, "L\"%s\"", string);
return true;
}
return false;
}
break;
case DBG_GET_FUNCTIONS:
{
return (uint)dbgfunctionsget();
}
break;
case DBG_WIN_EVENT:
{
return (uint)pluginwinevent((MSG*)param1, (long*)param2);
}
break;
case DBG_WIN_EVENT_GLOBAL:
{
return (uint)pluginwineventglobal((MSG*)param1);
}
break;
case DBG_INITIALIZE_LOCKS:
{
SectionLockerGlobal::Initialize();
}
break;
case DBG_DEINITIALIZE_LOCKS:
{
SectionLockerGlobal::Deinitialize();
}
break;
case DBG_GET_TIME_WASTED_COUNTER:
return dbggettimewastedcounter();
}
return 0;
}
extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDRINFO* addrinfo)
{
if(!DbgIsDebugging())
return false;
bool retval = false;
if(addrinfo->flags & flagmodule) //get module
{
if(ModNameFromAddr(addr, addrinfo->module, false)) //get module name
retval = true;
}
if(addrinfo->flags & flaglabel)
{
if(LabelGet(addr, addrinfo->label))
retval = true;
else //no user labels
{
DWORD64 displacement = 0;
char buffer[sizeof(SYMBOL_INFO) + MAX_SYM_NAME * sizeof(char)];
PSYMBOL_INFO pSymbol = (PSYMBOL_INFO)buffer;
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
pSymbol->MaxNameLen = MAX_LABEL_SIZE;
if(SafeSymFromAddr(fdProcessInfo->hProcess, (DWORD64)addr, &displacement, pSymbol) && !displacement)
{
pSymbol->Name[pSymbol->MaxNameLen - 1] = '\0';
if(!bUndecorateSymbolNames || !SafeUnDecorateSymbolName(pSymbol->Name, addrinfo->label, MAX_LABEL_SIZE, UNDNAME_COMPLETE))
strcpy_s(addrinfo->label, pSymbol->Name);
retval = true;
}
if(!retval) //search for CALL <jmp.&user32.MessageBoxA>
{
BASIC_INSTRUCTION_INFO basicinfo;
memset(&basicinfo, 0, sizeof(BASIC_INSTRUCTION_INFO));
if(disasmfast(addr, &basicinfo) && basicinfo.branch && !basicinfo.call && basicinfo.memory.value) //thing is a JMP
{
uint val = 0;
if(MemRead(basicinfo.memory.value, &val, sizeof(val)))
{
if(SafeSymFromAddr(fdProcessInfo->hProcess, (DWORD64)val, &displacement, pSymbol) && !displacement)
{
pSymbol->Name[pSymbol->MaxNameLen - 1] = '\0';
if(!bUndecorateSymbolNames || !SafeUnDecorateSymbolName(pSymbol->Name, addrinfo->label, MAX_LABEL_SIZE, UNDNAME_COMPLETE))
sprintf_s(addrinfo->label, "JMP.&%s", pSymbol->Name);
retval = true;
}
}
}
}
if(!retval) //search for module entry
{
uint entry = ModEntryFromAddr(addr);
if(entry && entry == addr)
{
strcpy_s(addrinfo->label, "EntryPoint");
retval = true;
}
}
}
}
if(addrinfo->flags & flagbookmark)
{
addrinfo->isbookmark = BookmarkGet(addr);
retval = true;
}
if(addrinfo->flags & flagfunction)
{
if(FunctionGet(addr, &addrinfo->function.start, &addrinfo->function.end))
retval = true;
}
if(addrinfo->flags & flagloop)
{
if(LoopGet(addrinfo->loop.depth, addr, &addrinfo->loop.start, &addrinfo->loop.end))
retval = true;
}
if(addrinfo->flags & flagcomment)
{
*addrinfo->comment = 0;
if(CommentGet(addr, addrinfo->comment))
retval = true;
else
{
DWORD dwDisplacement;
IMAGEHLP_LINE64 line;
line.SizeOfStruct = sizeof(IMAGEHLP_LINE64);
if(SafeSymGetLineFromAddr64(fdProcessInfo->hProcess, (DWORD64)addr, &dwDisplacement, &line) && !dwDisplacement)
{
char filename[deflen] = "";
strcpy_s(filename, line.FileName);
int len = (int)strlen(filename);
while(filename[len] != '\\' && len != 0)
len--;
if(len)
len++;
sprintf_s(addrinfo->comment, "\1%s:%u", filename + len, line.LineNumber);
retval = true;
}
else if(!bOnlyCipAutoComments || addr == GetContextDataEx(hActiveThread, UE_CIP)) //no line number
{
DISASM_INSTR instr;
String temp_string;
String comment;
ADDRINFO newinfo;
char ascii[256 * 2] = "";
char unicode[256 * 2] = "";
memset(&instr, 0, sizeof(DISASM_INSTR));
disasmget(addr, &instr);
int len_left = MAX_COMMENT_SIZE;
for(int i = 0; i < instr.argcount; i++)
{
memset(&newinfo, 0, sizeof(ADDRINFO));
newinfo.flags = flaglabel;
STRING_TYPE strtype = str_none;
if(instr.arg[i].constant == instr.arg[i].value) //avoid: call <module.label> ; addr:label
{
if(instr.type == instr_branch || !disasmgetstringat(instr.arg[i].constant, &strtype, ascii, unicode, len_left) || strtype == str_none)
continue;
switch(strtype)
{
case str_none:
break;
case str_ascii:
temp_string = instr.arg[i].mnemonic;
temp_string.append(":\"");
temp_string.append(ascii);
temp_string.append("\"");
break;
case str_unicode:
temp_string = instr.arg[i].mnemonic;
temp_string.append(":L\"");
temp_string.append(unicode);
temp_string.append("\"");
break;
}
}
else if(instr.arg[i].memvalue && (disasmgetstringat(instr.arg[i].memvalue, &strtype, ascii, unicode, len_left) || _dbg_addrinfoget(instr.arg[i].memvalue, instr.arg[i].segment, &newinfo)))
{
switch(strtype)
{
case str_none:
if(*newinfo.label)
{
temp_string = "[";
temp_string.append(instr.arg[i].mnemonic);
temp_string.append("]:");
temp_string.append(newinfo.label);
}
break;
case str_ascii:
temp_string = "[";
temp_string.append(instr.arg[i].mnemonic);
temp_string.append("]:");
temp_string.append(ascii);
break;
case str_unicode:
temp_string = "[";
temp_string.append(instr.arg[i].mnemonic);
temp_string.append("]:");
temp_string.append(unicode);
break;
}
}
else if(instr.arg[i].value && (disasmgetstringat(instr.arg[i].value, &strtype, ascii, unicode, len_left) || _dbg_addrinfoget(instr.arg[i].value, instr.arg[i].segment, &newinfo)))
{
if(instr.type != instr_normal) //stack/jumps (eg add esp,4 or jmp 401110) cannot directly point to strings
strtype = str_none;
switch(strtype)
{
case str_none:
if(*newinfo.label)
{
temp_string = instr.arg[i].mnemonic;
temp_string.append(":");
temp_string.append(newinfo.label);
}
break;
case str_ascii:
temp_string = instr.arg[i].mnemonic;
temp_string.append(":\"");
temp_string.append(ascii);
temp_string.append("\"");
break;
case str_unicode:
temp_string = instr.arg[i].mnemonic;
temp_string.append(":L\"");
temp_string.append(unicode);
temp_string.append("\"");
break;
}
}
else
continue;
if(!strstr(comment.c_str(), temp_string.c_str()))
{
if(comment.length())
comment.append(", ");
comment.append(temp_string);
retval = true;
}
}
comment.resize(MAX_COMMENT_SIZE - 2);
String fullComment = "\1";
fullComment += comment;
strcpy_s(addrinfo->comment, fullComment.c_str());
}
}
}
return retval;
}
