//////////////////////////////////////////////////////////////////////////////////////////////////////////
// callback functions
//
void initial_break (DEBUG_EVENT *db)
{
char line[256], module[128];
DWORD f_offset, offset, base, size;
int loaded = 0;
node *bp_node;
dbg.ActivateTraces();
printf("initial break, tid = %04x.\n\n", dbg.FindThread( (DWORD)db->dwThreadId )->hThread);
if (!dbg.get_thandle())
{
printf("manually setting thread handle.\n");
dbg.set_thandle(dbg.FindThread( (DWORD)db->dwThreadId )->hThread);
}
// if an initial breakpoint list was provided, process it.
if (bpl != NULL)
{
printf("loading breakpoints from %s\n", breakpoint_list);
// process the breakpoint list line by line.
for (int i = 0; fgets(line, sizeof(line), bpl) != NULL; i++)
{
// line format: module name:function offset:offset
// ignore malformatted lines.
if (sscanf(line, "%127[^:]:%08x:%08x", module, &f_offset, &offset) == 0)
continue;
// determine if this module already exists in our linked list.
// if not attempt to locate the module in memory.
if ((bp_node = ps_node_find_by_name(module, bp_modules)) == NULL)
{
// attempt to determine the module address / size.
if (!ps_base_address(module, &base, &size))
{
printf("failed locating base address for module %s\n", module);
continue;
}
// add a bp_node to the linked list.
bp_node = (node *) malloc(sizeof(node));
bp_node->base = base;
bp_node->size = size;
strncpy(bp_node->name, module, sizeof(bp_node->name) - 1);
ps_node_add(bp_node, &bp_modules, &num_bp_modules);
}
// the '-25' means we want to reserve 25 left justified characters for the name.
// the '.25' specifies that we want the string truncated after 25 characters.
//printf("Setting breakpoint @%08x [%-25.25s] ... ", address, name);
if (!dbg.bpx(bp_node->base + offset))
{
//printf("failed setting breakpoint @ 0x%08x\n", bp_node->base + offset);
continue;
}
// at this point a breakpoint was successfully loaded.
loaded++;
if (i % 100 == 0)
printf("setting breakpoint %d\r", i);
// add function to splay tree.
//if (offset == f_offset)
// function_list = splay_insert(address, name, function_list);
}
printf("done. %d of %d breakpoints set.\n", loaded, i);
fclose(bpl);
}
// display the command menu.
ps_commands();
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////
// ps_load_dll_callback()
//
// callback function for when a new dll is loaded into the target process.
//
void ps_load_dll_callback (PEfile *pe)
{
FILE *fp;
char filename[MAX_PATH];
char line[256], module[128];
DWORD f_offset, offset, base, size;
int loaded = 0;
node *bp_node;
map <DWORD,t_Debugger_memory*>::const_iterator it;
strncpy(module, pe->internal_name.c_str(), sizeof(module) - 1);
// determine if this module already exists in our linked list.
// if not attempt to locate the module in memory.
if ((bp_node = ps_node_find_by_name(module, bp_modules)) == NULL)
{
// attempt to determine the module address / size.
if (!ps_base_address(module, &base, &size))
{
printf("failed locating base address for module %s\n", module);
return;
}
}
// if a breakpoint list exists for the recently loaded module then parse it and set breakpoints.
_snprintf(filename, sizeof(filename) - 1, "%s.bpl", module);
if ((fp = fopen(filename, "r+")) == NULL)
return;
// add the bp_node to the linked list.
bp_node = (node *) malloc(sizeof(node));
bp_node->base = base;
bp_node->size = size;
strncpy(bp_node->name, module, sizeof(bp_node->name) - 1);
ps_node_add(bp_node, &bp_modules, &num_bp_modules);
// pe->winpe->ImageBase + pe->section[0]->VirtualAddress == 'base' but that's only in situations where
// the first section is the executable section. most dlls are simply imagebase+0x1000 but we don't want
// to make either assumption.
// XXX - there is definetely a more elegant way of determining 'base'.
printf("processing breakpoints for module %s at %08x\n", module, base);
// process the breakpoint list line by line.
for (int i = 0; fgets(line, sizeof(line), fp) != NULL; i++)
{
// line format: module name:function offset:offset
// ignore malformatted lines.
if (sscanf(line, "%127[^:]:%08x:%08x", module, &f_offset, &offset) == 0)
continue;
if (!dbg.bpx(bp_node->base + offset))
{
//printf("failed setting breakpoint @ 0x%08x\n", base + offset);
continue;
}
// at this point a breakpoint was successfully loaded.
loaded++;
if (i % 100 == 0)
printf("setting breakpoint %d\r", i);
}
printf("done. %d of %d breakpoints set.\n\n", loaded, i);
fclose(fp);
return;
}
