![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to wdbgexts.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / wdbgexts|
Return to wdbgexts.c CVS log | Up to [WindowsNT SDKs] / mstools / samples / wdbgexts |
1.1 root 1: /**********************************************************************\
2: * *
3: * Copyright (c) 1992, 1993 Microsoft Corporation *
4: * *
5: * Module Name: *
6: * *
7: * wdbgexts.c *
8: * *
9: * Abstract: *
10: * *
11: * This file is a ported version of ntsdexts.c, supporting remote *
12: * operations in WinDbg command window. *
13: * *
14: * By including wdbgexts.h, an extension has 4 more apis available, *
15: * beyond those available to ntsd extensions: *
16: * *
17: * PWINDBG_READ_PROCESS_MEMORY_ROUTINE lpReadProcessMemoryRoutine; *
18: * PWINDBG_WRITE_PROCESS_MEMORY_ROUTINE lpWriteProcessMemoryRoutine; *
19: * PWINDBG_GET_THREAD_CONTEXT_ROUTINE lpGetThreadContextRoutine; *
20: * PWINDBG_SET_THREAD_CONTEXT_ROUTINE lpSetThreadContextRoutine; *
21: * *
22: * The apis available to NTSD and WINDBG extensions are: *
23: * *
24: * PNTSD_OUTPUT_ROUTINE lpOutputRoutine; *
25: * PNTSD_GET_EXPRESSION lpGetExpressionRoutine; *
26: * PNTSD_GET_SYMBOL lpGetSymbolRoutine; *
27: * PNTSD_DISASM lpDisasmRoutine; *
28: * PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine; *
29: * *
30: * Author: *
31: * *
32: * Peter Sun *
33: * *
34: \**********************************************************************/
35:
36: #include <windows.h>
37: #include <string.h>
38: #include <wdbgexts.h>
39:
40: #define MAXLEN 80
41:
42: CHAR igrepLastPattern[256];
43: DWORD igrepSearchStartAddress;
44: DWORD igrepLastPc;
45:
46:
47: /**********************************************************************\
48: * *
49: * igrep( ) *
50: * *
51: * Description: *
52: * *
53: * This function is called as a WINDBG extension to grep the *
54: * instruction stream for a particular pattern. *
55: * *
56: * Arguments: *
57: * *
58: * hCurrentProcess - Supplies a handle to the current process (at *
59: * the time the extension was called). *
60: * *
61: * hCurrentThread - Supplies a handle to the current thread (at *
62: * the time the extension was called). *
63: * *
64: * CurrentPc - Supplies the current pc at the time the extension is *
65: * called. *
66: * *
67: * lpExtensionApis - Supplies the address of the functions callable *
68: * by this extension. *
69: * *
70: * lpArgumentString Supplies the pattern and expression for this *
71: * command. *
72: * *
73: * Return Value: *
74: * *
75: * None. *
76: \**********************************************************************/
77:
78: VOID igrep (
79: HANDLE hCurrentProcess,
80: HANDLE hCurrentThread,
81: DWORD dwCurrentPc,
82: PWINDBG_EXTENSION_APIS lpExtensionApis,
83: LPSTR lpArgumentString
84: )
85:
86: {
87: DWORD dwNextGrepAddr;
88: DWORD dwCurrGrepAddr;
89: CHAR SourceLine[256];
90: BOOL NewPc;
91: DWORD d;
92: PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
93: PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
94: PNTSD_GET_SYMBOL lpGetSymbolRoutine;
95: PNTSD_DISASM lpDisasmRoutine;
96: PNTSD_CHECK_CONTROL_C lpCheckControlCRoutine;
97: LPSTR pc;
98: LPSTR Pattern;
99: LPSTR Expression;
100: CHAR Symbol[64];
101: DWORD Displacement;
102:
103: UNREFERENCED_PARAMETER( hCurrentProcess );
104: UNREFERENCED_PARAMETER( hCurrentThread );
105:
106: lpOutputRoutine = lpExtensionApis->lpOutputRoutine;
107: lpGetExpressionRoutine = lpExtensionApis->lpGetExpressionRoutine;
108: lpGetSymbolRoutine = lpExtensionApis->lpGetSymbolRoutine;
109: lpDisasmRoutine = lpExtensionApis->lpDisasmRoutine;
110: lpCheckControlCRoutine = lpExtensionApis->lpCheckControlCRoutine;
111:
112: if( igrepLastPc && igrepLastPc == dwCurrentPc ) {
113: NewPc = FALSE;
114: }
115: else {
116: igrepLastPc = dwCurrentPc;
117: NewPc = TRUE;
118: }
119:
120: //
121: // check for pattern.
122: //
123:
124: pc = lpArgumentString;
125: Pattern = NULL;
126: Expression = NULL;
127: if( *pc ) {
128: Pattern = pc;
129: while( *pc > ' ' ) {
130: pc++;
131: }
132:
133: //
134: // check for an expression
135: //
136:
137: if( *pc != '\0' ) {
138: *pc = '\0';
139: pc++;
140: if( *pc <= ' ' ) {
141: while (*pc <= ' ') {
142: pc++;
143: }
144: }
145: if( *pc ) {
146: Expression = pc;
147: }
148: }
149: }
150:
151: if( Pattern ) {
152: strcpy(igrepLastPattern,Pattern);
153:
154: if( Expression ) {
155: igrepSearchStartAddress = (lpGetExpressionRoutine)(Expression);
156: if( !igrepSearchStartAddress ) {
157: igrepSearchStartAddress = igrepLastPc;
158: return;
159: }
160: }
161: else {
162: igrepSearchStartAddress = igrepLastPc;
163: }
164: }
165:
166: dwNextGrepAddr = igrepSearchStartAddress;
167: dwCurrGrepAddr = dwNextGrepAddr;
168: d = (lpDisasmRoutine)(&dwNextGrepAddr,SourceLine,FALSE);
169: while( d ) {
170: if( strstr(SourceLine,igrepLastPattern) ) {
171: igrepSearchStartAddress = dwNextGrepAddr;
172: (lpGetSymbolRoutine)((LPVOID)dwCurrGrepAddr,(PUCHAR)Symbol,&Displacement);
173: (lpOutputRoutine)("%s",SourceLine);
174: return;
175: }
176: if( (lpCheckControlCRoutine)() ) {
177: return;
178: }
179: dwCurrGrepAddr = dwNextGrepAddr;
180: d = (lpDisasmRoutine)(&dwNextGrepAddr,SourceLine,FALSE);
181: }
182: }
183:
184:
185: /**********************************************************************\
186: * *
187: * str( ) *
188: * *
189: * Routine Description: *
190: * *
191: * This function is called as a WINDBG extension to format and dump *
192: * a counted ansi string. *
193: * *
194: * Arguments: *
195: * *
196: * hCurrentProcess - Supplies a handle to the current process (at *
197: * the time the extension was called). *
198: * *
199: * hCurrentThread - Supplies a handle to the current thread (at the *
200: * time the extension was called). *
201: * *
202: * CurrentPc - Supplies the current pc at the time the extension is *
203: * called. *
204: * *
205: * lpExtensionApis - Supplies the address of the functions callable *
206: * by this extension. *
207: * *
208: * lpArgumentString - Supplies the asciiz string that describes the *
209: * ansi string to be dumped. *
210: * *
211: * Return Value: *
212: * *
213: * None. *
214: * *
215: \**********************************************************************/
216:
217: VOID str (
218: HANDLE hCurrentProcess,
219: HANDLE hCurrentThread,
220: DWORD dwCurrentPc,
221: PWINDBG_EXTENSION_APIS lpExtensionApis,
222: LPSTR lpArgumentString
223: )
224:
225: {
226: CHAR String[MAXLEN];
227: size_t Length;
228: DWORD dwAddrString;
229: CHAR Symbol[64];
230: LPSTR StringData;
231: DWORD Displacement;
232: BOOL b;
233: PNTSD_OUTPUT_ROUTINE lpOutputRoutine;
234: PNTSD_GET_EXPRESSION lpGetExpressionRoutine;
235: PNTSD_GET_SYMBOL lpGetSymbolRoutine;
236:
237: UNREFERENCED_PARAMETER( hCurrentProcess );
238: UNREFERENCED_PARAMETER( hCurrentThread );
239: UNREFERENCED_PARAMETER( dwCurrentPc );
240:
241: lpOutputRoutine = lpExtensionApis->lpOutputRoutine;
242: lpGetExpressionRoutine = lpExtensionApis->lpGetExpressionRoutine;
243: lpGetSymbolRoutine = lpExtensionApis->lpGetSymbolRoutine;
244:
245: //
246: // Evaluate the argument string to get the address of
247: // the string to dump.
248: //
249:
250: dwAddrString = (lpGetExpressionRoutine)(lpArgumentString);
251: if (!dwAddrString) {
252: (lpOutputRoutine)( "Invalid Expression." );
253: return;
254: }
255:
256: //
257: // Get the symbolic name of the string
258: //
259:
260: (lpGetSymbolRoutine)((LPVOID)dwAddrString,(PUCHAR)Symbol,&Displacement);
261:
262: //
263: // Read current process memory and handle remote read as well
264: //
265:
266: b = (lpExtensionApis->lpReadProcessMemoryRoutine)(
267: dwAddrString,
268: String,
269: MAXLEN,
270: NULL
271: );
272:
273: if (!b) {
274: (lpOutputRoutine)( "ReadProcessMemory failed." );
275: return;
276: }
277:
278: Length = strlen( String );
279:
280: StringData = (LPSTR)LocalAlloc(LMEM_ZEROINIT,Length+1);
281:
282: if (!StringData) {
283: (lpOutputRoutine)( "LocalAlloc failed. Error = %x", GetLastError());
284: return;
285: }
286:
287: (lpOutputRoutine)(
288: "String: %s ; %d bytes at %lx\n",
289: String,
290: Length,
291: dwAddrString
292: );
293:
294: LocalFree( StringData );
295: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.