1 | /* $Id: DBGCDumpImage.cpp 98103 2023-01-17 14:15:46Z vboxsync $ */
|
---|
2 | /** @file
|
---|
3 | * DBGC - Debugger Console, Native Commands.
|
---|
4 | */
|
---|
5 |
|
---|
6 | /*
|
---|
7 | * Copyright (C) 2006-2023 Oracle and/or its affiliates.
|
---|
8 | *
|
---|
9 | * This file is part of VirtualBox base platform packages, as
|
---|
10 | * available from https://www.virtualbox.org.
|
---|
11 | *
|
---|
12 | * This program is free software; you can redistribute it and/or
|
---|
13 | * modify it under the terms of the GNU General Public License
|
---|
14 | * as published by the Free Software Foundation, in version 3 of the
|
---|
15 | * License.
|
---|
16 | *
|
---|
17 | * This program is distributed in the hope that it will be useful, but
|
---|
18 | * WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
20 | * General Public License for more details.
|
---|
21 | *
|
---|
22 | * You should have received a copy of the GNU General Public License
|
---|
23 | * along with this program; if not, see <https://www.gnu.org/licenses>.
|
---|
24 | *
|
---|
25 | * SPDX-License-Identifier: GPL-3.0-only
|
---|
26 | */
|
---|
27 |
|
---|
28 |
|
---|
29 | /*********************************************************************************************************************************
|
---|
30 | * Header Files *
|
---|
31 | *********************************************************************************************************************************/
|
---|
32 | #define LOG_GROUP LOG_GROUP_DBGC
|
---|
33 | #include <VBox/dbg.h>
|
---|
34 | #include <VBox/vmm/dbgf.h>
|
---|
35 | #include <VBox/param.h>
|
---|
36 | #include <iprt/errcore.h>
|
---|
37 | #include <VBox/log.h>
|
---|
38 |
|
---|
39 | #include <iprt/assert.h>
|
---|
40 | #include <iprt/ctype.h>
|
---|
41 | #include <iprt/dir.h>
|
---|
42 | #include <iprt/env.h>
|
---|
43 | #include <iprt/ldr.h>
|
---|
44 | #include <iprt/mem.h>
|
---|
45 | #include <iprt/path.h>
|
---|
46 | #include <iprt/string.h>
|
---|
47 | #include <iprt/formats/mz.h>
|
---|
48 | #include <iprt/formats/pecoff.h>
|
---|
49 | #include <iprt/formats/elf32.h>
|
---|
50 | #include <iprt/formats/elf64.h>
|
---|
51 | #include <iprt/formats/codeview.h>
|
---|
52 | #include <iprt/formats/mach-o.h>
|
---|
53 |
|
---|
54 | #include "DBGCInternal.h"
|
---|
55 |
|
---|
56 |
|
---|
57 | /*********************************************************************************************************************************
|
---|
58 | * Structures and Typedefs *
|
---|
59 | *********************************************************************************************************************************/
|
---|
60 | /**
|
---|
61 | * PE dumper instance.
|
---|
62 | */
|
---|
63 | typedef struct DUMPIMAGEPE
|
---|
64 | {
|
---|
65 | /** Pointer to the image base address variable. */
|
---|
66 | PCDBGCVAR pImageBase;
|
---|
67 | /** Pointer to the file header. */
|
---|
68 | PCIMAGE_FILE_HEADER pFileHdr;
|
---|
69 | /** Pointer to the NT headers. */
|
---|
70 | union
|
---|
71 | {
|
---|
72 | PCIMAGE_NT_HEADERS32 pNt32;
|
---|
73 | PCIMAGE_NT_HEADERS64 pNt64;
|
---|
74 | void *pv;
|
---|
75 | } u;
|
---|
76 | /** Pointer to the section headers. */
|
---|
77 | PCIMAGE_SECTION_HEADER paShdrs;
|
---|
78 | /** Number of section headers. */
|
---|
79 | unsigned cShdrs;
|
---|
80 | /** Number of RVA and sizes (data directory entries). */
|
---|
81 | unsigned cDataDir;
|
---|
82 | /** Pointer to the data directory. */
|
---|
83 | PCIMAGE_DATA_DIRECTORY paDataDir;
|
---|
84 |
|
---|
85 | /** The command descriptor (for failing the command). */
|
---|
86 | PCDBGCCMD pCmd;
|
---|
87 | } DUMPIMAGEPE;
|
---|
88 | /** Pointer to a PE dumper instance. */
|
---|
89 | typedef DUMPIMAGEPE *PDUMPIMAGEPE;
|
---|
90 |
|
---|
91 |
|
---|
92 | /** Helper for translating flags. */
|
---|
93 | typedef struct
|
---|
94 | {
|
---|
95 | uint32_t fFlag;
|
---|
96 | const char *pszNm;
|
---|
97 | } DBGCDUMPFLAGENTRY;
|
---|
98 | #define FLENT(a_Define) { a_Define, #a_Define }
|
---|
99 |
|
---|
100 |
|
---|
101 | /*********************************************************************************************************************************
|
---|
102 | * Internal Functions *
|
---|
103 | *********************************************************************************************************************************/
|
---|
104 | extern FNDBGCCMD dbgcCmdDumpImage; /* See DBGCCommands.cpp. */
|
---|
105 |
|
---|
106 |
|
---|
107 | /** Stringifies a 32-bit flag value. */
|
---|
108 | static void dbgcDumpImageFlags32(PDBGCCMDHLP pCmdHlp, uint32_t fFlags, DBGCDUMPFLAGENTRY const *paEntries, size_t cEntries)
|
---|
109 | {
|
---|
110 | for (size_t i = 0; i < cEntries; i++)
|
---|
111 | if (fFlags & paEntries[i].fFlag)
|
---|
112 | DBGCCmdHlpPrintf(pCmdHlp, " %s", paEntries[i].pszNm);
|
---|
113 | }
|
---|
114 |
|
---|
115 |
|
---|
116 | /*********************************************************************************************************************************
|
---|
117 | * PE *
|
---|
118 | *********************************************************************************************************************************/
|
---|
119 |
|
---|
120 | static const char *dbgcPeMachineName(uint16_t uMachine)
|
---|
121 | {
|
---|
122 | switch (uMachine)
|
---|
123 | {
|
---|
124 | case IMAGE_FILE_MACHINE_I386 : return "I386";
|
---|
125 | case IMAGE_FILE_MACHINE_AMD64 : return "AMD64";
|
---|
126 | case IMAGE_FILE_MACHINE_UNKNOWN : return "UNKNOWN";
|
---|
127 | case IMAGE_FILE_MACHINE_BASIC_16 : return "BASIC_16";
|
---|
128 | case IMAGE_FILE_MACHINE_BASIC_16_TV : return "BASIC_16_TV";
|
---|
129 | case IMAGE_FILE_MACHINE_IAPX16 : return "IAPX16";
|
---|
130 | case IMAGE_FILE_MACHINE_IAPX16_TV : return "IAPX16_TV";
|
---|
131 | //case IMAGE_FILE_MACHINE_IAPX20 : return "IAPX20";
|
---|
132 | //case IMAGE_FILE_MACHINE_IAPX20_TV : return "IAPX20_TV";
|
---|
133 | case IMAGE_FILE_MACHINE_I8086 : return "I8086";
|
---|
134 | case IMAGE_FILE_MACHINE_I8086_TV : return "I8086_TV";
|
---|
135 | case IMAGE_FILE_MACHINE_I286_SMALL : return "I286_SMALL";
|
---|
136 | case IMAGE_FILE_MACHINE_MC68 : return "MC68";
|
---|
137 | //case IMAGE_FILE_MACHINE_MC68_WR : return "MC68_WR";
|
---|
138 | case IMAGE_FILE_MACHINE_MC68_TV : return "MC68_TV";
|
---|
139 | case IMAGE_FILE_MACHINE_MC68_PG : return "MC68_PG";
|
---|
140 | //case IMAGE_FILE_MACHINE_I286_LARGE : return "I286_LARGE";
|
---|
141 | case IMAGE_FILE_MACHINE_U370_WR : return "U370_WR";
|
---|
142 | case IMAGE_FILE_MACHINE_AMDAHL_470_WR: return "AMDAHL_470_WR";
|
---|
143 | case IMAGE_FILE_MACHINE_AMDAHL_470_RO: return "AMDAHL_470_RO";
|
---|
144 | case IMAGE_FILE_MACHINE_U370_RO : return "U370_RO";
|
---|
145 | case IMAGE_FILE_MACHINE_R4000 : return "R4000";
|
---|
146 | case IMAGE_FILE_MACHINE_WCEMIPSV2 : return "WCEMIPSV2";
|
---|
147 | case IMAGE_FILE_MACHINE_VAX_WR : return "VAX_WR";
|
---|
148 | case IMAGE_FILE_MACHINE_VAX_RO : return "VAX_RO";
|
---|
149 | case IMAGE_FILE_MACHINE_SH3 : return "SH3";
|
---|
150 | case IMAGE_FILE_MACHINE_SH3DSP : return "SH3DSP";
|
---|
151 | case IMAGE_FILE_MACHINE_SH4 : return "SH4";
|
---|
152 | case IMAGE_FILE_MACHINE_SH5 : return "SH5";
|
---|
153 | case IMAGE_FILE_MACHINE_ARM : return "ARM";
|
---|
154 | case IMAGE_FILE_MACHINE_THUMB : return "THUMB";
|
---|
155 | case IMAGE_FILE_MACHINE_ARMNT : return "ARMNT";
|
---|
156 | case IMAGE_FILE_MACHINE_AM33 : return "AM33";
|
---|
157 | case IMAGE_FILE_MACHINE_POWERPC : return "POWERPC";
|
---|
158 | case IMAGE_FILE_MACHINE_POWERPCFP : return "POWERPCFP";
|
---|
159 | case IMAGE_FILE_MACHINE_IA64 : return "IA64";
|
---|
160 | case IMAGE_FILE_MACHINE_MIPS16 : return "MIPS16";
|
---|
161 | case IMAGE_FILE_MACHINE_MIPSFPU : return "MIPSFPU";
|
---|
162 | case IMAGE_FILE_MACHINE_MIPSFPU16 : return "MIPSFPU16";
|
---|
163 | case IMAGE_FILE_MACHINE_EBC : return "EBC";
|
---|
164 | case IMAGE_FILE_MACHINE_M32R : return "M32R";
|
---|
165 | case IMAGE_FILE_MACHINE_ARM64 : return "ARM64";
|
---|
166 | }
|
---|
167 | return "??";
|
---|
168 | }
|
---|
169 |
|
---|
170 |
|
---|
171 | static const char *dbgcPeDataDirName(unsigned iDir)
|
---|
172 | {
|
---|
173 | switch (iDir)
|
---|
174 | {
|
---|
175 | case IMAGE_DIRECTORY_ENTRY_EXPORT: return "EXPORT";
|
---|
176 | case IMAGE_DIRECTORY_ENTRY_IMPORT: return "IMPORT";
|
---|
177 | case IMAGE_DIRECTORY_ENTRY_RESOURCE: return "RESOURCE";
|
---|
178 | case IMAGE_DIRECTORY_ENTRY_EXCEPTION: return "EXCEPTION";
|
---|
179 | case IMAGE_DIRECTORY_ENTRY_SECURITY: return "SECURITY";
|
---|
180 | case IMAGE_DIRECTORY_ENTRY_BASERELOC: return "BASERELOC";
|
---|
181 | case IMAGE_DIRECTORY_ENTRY_DEBUG: return "DEBUG";
|
---|
182 | case IMAGE_DIRECTORY_ENTRY_ARCHITECTURE: return "ARCHITECTURE";
|
---|
183 | case IMAGE_DIRECTORY_ENTRY_GLOBALPTR: return "GLOBALPTR";
|
---|
184 | case IMAGE_DIRECTORY_ENTRY_TLS: return "TLS";
|
---|
185 | case IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG: return "LOAD_CONFIG";
|
---|
186 | case IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT: return "BOUND_IMPORT";
|
---|
187 | case IMAGE_DIRECTORY_ENTRY_IAT: return "IAT";
|
---|
188 | case IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT: return "DELAY_IMPORT";
|
---|
189 | case IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR: return "COM_DESCRIPTOR";
|
---|
190 | }
|
---|
191 | return "??";
|
---|
192 | }
|
---|
193 |
|
---|
194 |
|
---|
195 | static const char *dbgPeDebugTypeName(uint32_t uType)
|
---|
196 | {
|
---|
197 | switch (uType)
|
---|
198 | {
|
---|
199 | case IMAGE_DEBUG_TYPE_UNKNOWN: return "UNKNOWN";
|
---|
200 | case IMAGE_DEBUG_TYPE_COFF: return "COFF";
|
---|
201 | case IMAGE_DEBUG_TYPE_CODEVIEW: return "CODEVIEW";
|
---|
202 | case IMAGE_DEBUG_TYPE_FPO: return "FPO";
|
---|
203 | case IMAGE_DEBUG_TYPE_MISC: return "MISC";
|
---|
204 | case IMAGE_DEBUG_TYPE_EXCEPTION: return "EXCEPTION";
|
---|
205 | case IMAGE_DEBUG_TYPE_FIXUP: return "FIXUP";
|
---|
206 | case IMAGE_DEBUG_TYPE_OMAP_TO_SRC: return "OMAP_TO_SRC";
|
---|
207 | case IMAGE_DEBUG_TYPE_OMAP_FROM_SRC: return "OMAP_FROM_SRC";
|
---|
208 | case IMAGE_DEBUG_TYPE_BORLAND: return "BORLAND";
|
---|
209 | case IMAGE_DEBUG_TYPE_RESERVED10: return "RESERVED10";
|
---|
210 | case IMAGE_DEBUG_TYPE_CLSID: return "CLSID";
|
---|
211 | case IMAGE_DEBUG_TYPE_VC_FEATURE: return "VC_FEATURE";
|
---|
212 | case IMAGE_DEBUG_TYPE_POGO: return "POGO";
|
---|
213 | case IMAGE_DEBUG_TYPE_ILTCG: return "ILTCG";
|
---|
214 | case IMAGE_DEBUG_TYPE_MPX: return "MPX";
|
---|
215 | case IMAGE_DEBUG_TYPE_REPRO: return "REPRO";
|
---|
216 | }
|
---|
217 | return "??";
|
---|
218 | }
|
---|
219 |
|
---|
220 |
|
---|
221 | static int dbgcDumpImagePeDebugDir(PDUMPIMAGEPE pThis, PDBGCCMDHLP pCmdHlp, PCDBGCVAR pDataAddr, uint32_t cbData)
|
---|
222 | {
|
---|
223 | uint32_t cEntries = cbData / sizeof(IMAGE_DEBUG_DIRECTORY);
|
---|
224 | for (uint32_t i = 0; i < cEntries; i++)
|
---|
225 | {
|
---|
226 | /*
|
---|
227 | * Read the entry into memory.
|
---|
228 | */
|
---|
229 | DBGCVAR DbgDirAddr;
|
---|
230 | int rc = DBGCCmdHlpEval(pCmdHlp, &DbgDirAddr, "%DV + %#RX32", pDataAddr, i * sizeof(IMAGE_DEBUG_DIRECTORY));
|
---|
231 | if (RT_FAILURE(rc))
|
---|
232 | return DBGCCmdHlpFailRc(pCmdHlp, pThis->pCmd, rc, "DBGCCmdHlpEval failed on debug entry %u", i);
|
---|
233 |
|
---|
234 | IMAGE_DEBUG_DIRECTORY DbgDir;
|
---|
235 | rc = DBGCCmdHlpMemRead(pCmdHlp, &DbgDir, sizeof(DbgDir), &DbgDirAddr, NULL);
|
---|
236 | if (RT_FAILURE(rc))
|
---|
237 | return DBGCCmdHlpFailRc(pCmdHlp, pThis->pCmd, rc, "Failed to read %zu at %Dv", sizeof(DbgDir), &DbgDirAddr);
|
---|
238 |
|
---|
239 | /*
|
---|
240 | * Dump it.
|
---|
241 | */
|
---|
242 | DBGCVAR DebugDataAddr = *pThis->pImageBase;
|
---|
243 | rc = DBGCCmdHlpEval(pCmdHlp, &DebugDataAddr, "%DV + %#RX32", pThis->pImageBase, DbgDir.AddressOfRawData);
|
---|
244 | DBGCCmdHlpPrintf(pCmdHlp, " Debug[%u]: %Dv/%08RX32 LB %06RX32 %u (%s) v%u.%u file=%RX32 ts=%08RX32 fl=%RX32\n",
|
---|
245 | i, &DebugDataAddr, DbgDir.AddressOfRawData, DbgDir.SizeOfData, DbgDir.Type,
|
---|
246 | dbgPeDebugTypeName(DbgDir.Type), DbgDir.MajorVersion, DbgDir.MinorVersion, DbgDir.PointerToRawData,
|
---|
247 | DbgDir.TimeDateStamp, DbgDir.Characteristics);
|
---|
248 | union
|
---|
249 | {
|
---|
250 | uint8_t abPage[0x1000];
|
---|
251 | CVPDB20INFO Pdb20;
|
---|
252 | CVPDB70INFO Pdb70;
|
---|
253 | IMAGE_DEBUG_MISC Misc;
|
---|
254 | } uBuf;
|
---|
255 | RT_ZERO(uBuf);
|
---|
256 |
|
---|
257 | if (DbgDir.Type == IMAGE_DEBUG_TYPE_CODEVIEW)
|
---|
258 | {
|
---|
259 | if ( DbgDir.SizeOfData < sizeof(uBuf)
|
---|
260 | && DbgDir.SizeOfData > 16
|
---|
261 | && DbgDir.AddressOfRawData > 0
|
---|
262 | && RT_SUCCESS(rc))
|
---|
263 | {
|
---|
264 | rc = DBGCCmdHlpMemRead(pCmdHlp, &uBuf, DbgDir.SizeOfData, &DebugDataAddr, NULL);
|
---|
265 | if (RT_FAILURE(rc))
|
---|
266 | return DBGCCmdHlpFailRc(pCmdHlp, pThis->pCmd, rc, "Failed to read %zu at %Dv",
|
---|
267 | DbgDir.SizeOfData, &DebugDataAddr);
|
---|
268 |
|
---|
269 | if ( uBuf.Pdb20.u32Magic == CVPDB20INFO_MAGIC
|
---|
270 | && uBuf.Pdb20.offDbgInfo == 0
|
---|
271 | && DbgDir.SizeOfData > RT_UOFFSETOF(CVPDB20INFO, szPdbFilename) )
|
---|
272 | DBGCCmdHlpPrintf(pCmdHlp, " PDB2.0: ts=%08RX32 age=%RX32 %s\n",
|
---|
273 | uBuf.Pdb20.uTimestamp, uBuf.Pdb20.uAge, uBuf.Pdb20.szPdbFilename);
|
---|
274 | else if ( uBuf.Pdb20.u32Magic == CVPDB70INFO_MAGIC
|
---|
275 | && DbgDir.SizeOfData > RT_UOFFSETOF(CVPDB70INFO, szPdbFilename) )
|
---|
276 | DBGCCmdHlpPrintf(pCmdHlp, " PDB7.0: %RTuuid age=%u %s\n",
|
---|
277 | &uBuf.Pdb70.PdbUuid, uBuf.Pdb70.uAge, uBuf.Pdb70.szPdbFilename);
|
---|
278 | else
|
---|
279 | DBGCCmdHlpPrintf(pCmdHlp, " Unknown PDB/codeview magic: %.8Rhxs\n", uBuf.abPage);
|
---|
280 | }
|
---|
281 | }
|
---|
282 | else if (DbgDir.Type == IMAGE_DEBUG_TYPE_MISC)
|
---|
283 | {
|
---|
284 | if ( DbgDir.SizeOfData < sizeof(uBuf)
|
---|
285 | && DbgDir.SizeOfData > RT_UOFFSETOF(IMAGE_DEBUG_MISC, Data)
|
---|
286 | && DbgDir.AddressOfRawData > 0
|
---|
287 | && RT_SUCCESS(rc) )
|
---|
288 | {
|
---|
289 | rc = DBGCCmdHlpMemRead(pCmdHlp, &uBuf, DbgDir.SizeOfData, &DebugDataAddr, NULL);
|
---|
290 | if (RT_FAILURE(rc))
|
---|
291 | return DBGCCmdHlpFailRc(pCmdHlp, pThis->pCmd, rc, "Failed to read %zu at %Dv",
|
---|
292 | DbgDir.SizeOfData, &DebugDataAddr);
|
---|
293 |
|
---|
294 | if ( uBuf.Misc.DataType == IMAGE_DEBUG_MISC_EXENAME
|
---|
295 | && uBuf.Misc.Length == DbgDir.SizeOfData)
|
---|
296 | {
|
---|
297 | if (!uBuf.Misc.Unicode)
|
---|
298 | DBGCCmdHlpPrintf(pCmdHlp, " Misc DBG: ts=%RX32 %s\n",
|
---|
299 | DbgDir.TimeDateStamp, (const char *)&uBuf.Misc.Data[0]);
|
---|
300 | else
|
---|
301 | DBGCCmdHlpPrintf(pCmdHlp, " Misc DBG: ts=%RX32 %ls\n",
|
---|
302 | DbgDir.TimeDateStamp, (PCRTUTF16)&uBuf.Misc.Data[0]);
|
---|
303 | }
|
---|
304 | }
|
---|
305 | }
|
---|
306 | }
|
---|
307 | return VINF_SUCCESS;
|
---|
308 | }
|
---|
309 |
|
---|
310 |
|
---|
311 | static int dbgcDumpImagePeDataDirs(PDUMPIMAGEPE pThis, PDBGCCMDHLP pCmdHlp, unsigned cDataDirs, PCIMAGE_DATA_DIRECTORY paDataDirs)
|
---|
312 | {
|
---|
313 | int rcRet = VINF_SUCCESS;
|
---|
314 | for (unsigned i = 0; i < cDataDirs; i++)
|
---|
315 | {
|
---|
316 | if (paDataDirs[i].Size || paDataDirs[i].VirtualAddress)
|
---|
317 | {
|
---|
318 | DBGCVAR DataAddr = *pThis->pImageBase;
|
---|
319 | DBGCCmdHlpEval(pCmdHlp, &DataAddr, "%DV + %#RX32", pThis->pImageBase, paDataDirs[i].VirtualAddress);
|
---|
320 | DBGCCmdHlpPrintf(pCmdHlp, "DataDir[%02u]: %Dv/%08RX32 LB %08RX32 %s\n",
|
---|
321 | i, &DataAddr, paDataDirs[i].VirtualAddress, paDataDirs[i].Size, dbgcPeDataDirName(i));
|
---|
322 | int rc = VINF_SUCCESS;
|
---|
323 | if ( i == IMAGE_DIRECTORY_ENTRY_DEBUG
|
---|
324 | && paDataDirs[i].Size >= sizeof(IMAGE_DEBUG_DIRECTORY))
|
---|
325 | rc = dbgcDumpImagePeDebugDir(pThis, pCmdHlp, &DataAddr, paDataDirs[i].Size);
|
---|
326 | if (RT_FAILURE(rc) && RT_SUCCESS(rcRet))
|
---|
327 | rcRet = rc;
|
---|
328 | }
|
---|
329 | }
|
---|
330 | return rcRet;
|
---|
331 | }
|
---|
332 |
|
---|
333 |
|
---|
334 | static int dbgcDumpImagePeSectionHdrs(PDUMPIMAGEPE pThis, PDBGCCMDHLP pCmdHlp, unsigned cShdrs, PCIMAGE_SECTION_HEADER paShdrs)
|
---|
335 | {
|
---|
336 | for (unsigned i = 0; i < cShdrs; i++)
|
---|
337 | {
|
---|
338 | DBGCVAR SectAddr = *pThis->pImageBase;
|
---|
339 | DBGCCmdHlpEval(pCmdHlp, &SectAddr, "%DV + %#RX32", pThis->pImageBase, paShdrs[i].VirtualAddress);
|
---|
340 | DBGCCmdHlpPrintf(pCmdHlp, "Section[%02u]: %Dv/%08RX32 LB %08RX32 %.8s\n",
|
---|
341 | i, &SectAddr, paShdrs[i].VirtualAddress, paShdrs[i].Misc.VirtualSize, paShdrs[i].Name);
|
---|
342 | }
|
---|
343 | return VINF_SUCCESS;
|
---|
344 | }
|
---|
345 |
|
---|
346 |
|
---|
347 | static int dbgcDumpImagePeOptHdr32(PDUMPIMAGEPE pThis, PDBGCCMDHLP pCmdHlp, PCIMAGE_NT_HEADERS32 pNtHdrs)
|
---|
348 | {
|
---|
349 | RT_NOREF(pThis, pCmdHlp, pNtHdrs);
|
---|
350 | return VINF_SUCCESS;
|
---|
351 | }
|
---|
352 |
|
---|
353 | static int dbgcDumpImagePeOptHdr64(PDUMPIMAGEPE pThis, PDBGCCMDHLP pCmdHlp, PCIMAGE_NT_HEADERS64 pNtHdrs)
|
---|
354 | {
|
---|
355 | RT_NOREF(pThis, pCmdHlp, pNtHdrs);
|
---|
356 | return VINF_SUCCESS;
|
---|
357 | }
|
---|
358 |
|
---|
359 |
|
---|
360 | static int dbgcDumpImagePe(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PCDBGCVAR pImageBase,
|
---|
361 | PCDBGCVAR pPeHdrAddr, PCIMAGE_FILE_HEADER pFileHdr)
|
---|
362 | {
|
---|
363 | /*
|
---|
364 | * Dump file header fields.
|
---|
365 | */
|
---|
366 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: PE image - %#x (%s), %u sections\n", pImageBase, pFileHdr->Machine,
|
---|
367 | dbgcPeMachineName(pFileHdr->Machine), pFileHdr->NumberOfSections);
|
---|
368 | DBGCCmdHlpPrintf(pCmdHlp, "Characteristics: %#06x", pFileHdr->Characteristics);
|
---|
369 | if (pFileHdr->Characteristics & IMAGE_FILE_RELOCS_STRIPPED) DBGCCmdHlpPrintf(pCmdHlp, " RELOCS_STRIPPED");
|
---|
370 | if (pFileHdr->Characteristics & IMAGE_FILE_EXECUTABLE_IMAGE) DBGCCmdHlpPrintf(pCmdHlp, " EXECUTABLE_IMAGE");
|
---|
371 | if (pFileHdr->Characteristics & IMAGE_FILE_LINE_NUMS_STRIPPED) DBGCCmdHlpPrintf(pCmdHlp, " LINE_NUMS_STRIPPED");
|
---|
372 | if (pFileHdr->Characteristics & IMAGE_FILE_LOCAL_SYMS_STRIPPED) DBGCCmdHlpPrintf(pCmdHlp, " LOCAL_SYMS_STRIPPED");
|
---|
373 | if (pFileHdr->Characteristics & IMAGE_FILE_AGGRESIVE_WS_TRIM) DBGCCmdHlpPrintf(pCmdHlp, " AGGRESIVE_WS_TRIM");
|
---|
374 | if (pFileHdr->Characteristics & IMAGE_FILE_LARGE_ADDRESS_AWARE) DBGCCmdHlpPrintf(pCmdHlp, " LARGE_ADDRESS_AWARE");
|
---|
375 | if (pFileHdr->Characteristics & IMAGE_FILE_16BIT_MACHINE) DBGCCmdHlpPrintf(pCmdHlp, " 16BIT_MACHINE");
|
---|
376 | if (pFileHdr->Characteristics & IMAGE_FILE_BYTES_REVERSED_LO) DBGCCmdHlpPrintf(pCmdHlp, " BYTES_REVERSED_LO");
|
---|
377 | if (pFileHdr->Characteristics & IMAGE_FILE_32BIT_MACHINE) DBGCCmdHlpPrintf(pCmdHlp, " 32BIT_MACHINE");
|
---|
378 | if (pFileHdr->Characteristics & IMAGE_FILE_DEBUG_STRIPPED) DBGCCmdHlpPrintf(pCmdHlp, " DEBUG_STRIPPED");
|
---|
379 | if (pFileHdr->Characteristics & IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP) DBGCCmdHlpPrintf(pCmdHlp, " REMOVABLE_RUN_FROM_SWAP");
|
---|
380 | if (pFileHdr->Characteristics & IMAGE_FILE_NET_RUN_FROM_SWAP) DBGCCmdHlpPrintf(pCmdHlp, " NET_RUN_FROM_SWAP");
|
---|
381 | if (pFileHdr->Characteristics & IMAGE_FILE_SYSTEM) DBGCCmdHlpPrintf(pCmdHlp, " SYSTEM");
|
---|
382 | if (pFileHdr->Characteristics & IMAGE_FILE_DLL) DBGCCmdHlpPrintf(pCmdHlp, " DLL");
|
---|
383 | if (pFileHdr->Characteristics & IMAGE_FILE_UP_SYSTEM_ONLY) DBGCCmdHlpPrintf(pCmdHlp, " UP_SYSTEM_ONLY");
|
---|
384 | if (pFileHdr->Characteristics & IMAGE_FILE_BYTES_REVERSED_HI) DBGCCmdHlpPrintf(pCmdHlp, " BYTES_REVERSED_HI");
|
---|
385 | DBGCCmdHlpPrintf(pCmdHlp, "\n");
|
---|
386 |
|
---|
387 | /*
|
---|
388 | * Allocate memory for all the headers, including section headers, and read them into memory.
|
---|
389 | */
|
---|
390 | size_t offSHdrs = pFileHdr->SizeOfOptionalHeader + sizeof(*pFileHdr) + sizeof(uint32_t);
|
---|
391 | size_t cbHdrs = offSHdrs + pFileHdr->NumberOfSections * sizeof(IMAGE_SECTION_HEADER);
|
---|
392 | if (cbHdrs > _2M)
|
---|
393 | return DBGCCmdHlpFail(pCmdHlp, pCmd, "%Dv: headers too big: %zu.\n", pImageBase, cbHdrs);
|
---|
394 |
|
---|
395 | void *pvBuf = RTMemTmpAllocZ(cbHdrs);
|
---|
396 | if (!pvBuf)
|
---|
397 | return DBGCCmdHlpFail(pCmdHlp, pCmd, "%Dv: failed to allocate %zu bytes.\n", pImageBase, cbHdrs);
|
---|
398 | int rc = DBGCCmdHlpMemRead(pCmdHlp, pvBuf, cbHdrs, pPeHdrAddr, NULL);
|
---|
399 | if (RT_SUCCESS(rc))
|
---|
400 | {
|
---|
401 | DUMPIMAGEPE This;
|
---|
402 | RT_ZERO(This);
|
---|
403 | This.pImageBase = pImageBase;
|
---|
404 | This.pFileHdr = pFileHdr;
|
---|
405 | This.u.pv = pvBuf;
|
---|
406 | This.cShdrs = pFileHdr->NumberOfSections;
|
---|
407 | This.paShdrs = (PCIMAGE_SECTION_HEADER)((uintptr_t)pvBuf + offSHdrs);
|
---|
408 | This.pCmd = pCmd;
|
---|
409 |
|
---|
410 | if (pFileHdr->SizeOfOptionalHeader == sizeof(IMAGE_OPTIONAL_HEADER32))
|
---|
411 | {
|
---|
412 | This.paDataDir = This.u.pNt32->OptionalHeader.DataDirectory;
|
---|
413 | This.cDataDir = This.u.pNt32->OptionalHeader.NumberOfRvaAndSizes;
|
---|
414 | rc = dbgcDumpImagePeOptHdr32(&This, pCmdHlp, This.u.pNt32);
|
---|
415 | }
|
---|
416 | else if (pFileHdr->SizeOfOptionalHeader == sizeof(IMAGE_OPTIONAL_HEADER64))
|
---|
417 | {
|
---|
418 | This.paDataDir = This.u.pNt64->OptionalHeader.DataDirectory;
|
---|
419 | This.cDataDir = This.u.pNt64->OptionalHeader.NumberOfRvaAndSizes;
|
---|
420 | rc = dbgcDumpImagePeOptHdr64(&This, pCmdHlp, This.u.pNt64);
|
---|
421 | }
|
---|
422 | else
|
---|
423 | rc = DBGCCmdHlpFail(pCmdHlp, pCmd, "%Dv: Unsupported optional header size: %#x\n",
|
---|
424 | pImageBase, pFileHdr->SizeOfOptionalHeader);
|
---|
425 |
|
---|
426 | int rc2 = dbgcDumpImagePeSectionHdrs(&This, pCmdHlp, This.cShdrs, This.paShdrs);
|
---|
427 | if (RT_FAILURE(rc2) && RT_SUCCESS(rc))
|
---|
428 | rc = rc2;
|
---|
429 |
|
---|
430 | rc2 = dbgcDumpImagePeDataDirs(&This, pCmdHlp, This.cDataDir, This.paDataDir);
|
---|
431 | if (RT_FAILURE(rc2) && RT_SUCCESS(rc))
|
---|
432 | rc = rc2;
|
---|
433 | }
|
---|
434 | else
|
---|
435 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "%Dv: Failed to read %zu at %Dv", pImageBase, cbHdrs, pPeHdrAddr);
|
---|
436 | RTMemTmpFree(pvBuf);
|
---|
437 | return rc;
|
---|
438 | }
|
---|
439 |
|
---|
440 |
|
---|
441 | /*********************************************************************************************************************************
|
---|
442 | * ELF *
|
---|
443 | *********************************************************************************************************************************/
|
---|
444 |
|
---|
445 | static int dbgcDumpImageElf(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PCDBGCVAR pImageBase)
|
---|
446 | {
|
---|
447 | RT_NOREF_PV(pCmd);
|
---|
448 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: ELF image dumping not implemented yet.\n", pImageBase);
|
---|
449 | return VINF_SUCCESS;
|
---|
450 | }
|
---|
451 |
|
---|
452 |
|
---|
453 | /*********************************************************************************************************************************
|
---|
454 | * Mach-O *
|
---|
455 | *********************************************************************************************************************************/
|
---|
456 |
|
---|
457 | static const char *dbgcMachoFileType(uint32_t uType)
|
---|
458 | {
|
---|
459 | switch (uType)
|
---|
460 | {
|
---|
461 | case MH_OBJECT: return "MH_OBJECT";
|
---|
462 | case MH_EXECUTE: return "MH_EXECUTE";
|
---|
463 | case MH_FVMLIB: return "MH_FVMLIB";
|
---|
464 | case MH_CORE: return "MH_CORE";
|
---|
465 | case MH_PRELOAD: return "MH_PRELOAD";
|
---|
466 | case MH_DYLIB: return "MH_DYLIB";
|
---|
467 | case MH_DYLINKER: return "MH_DYLINKER";
|
---|
468 | case MH_BUNDLE: return "MH_BUNDLE";
|
---|
469 | case MH_DYLIB_STUB: return "MH_DYLIB_STUB";
|
---|
470 | case MH_DSYM: return "MH_DSYM";
|
---|
471 | case MH_KEXT_BUNDLE: return "MH_KEXT_BUNDLE";
|
---|
472 | }
|
---|
473 | return "??";
|
---|
474 | }
|
---|
475 |
|
---|
476 |
|
---|
477 | static const char *dbgcMachoCpuType(int32_t iType, int32_t iSubType)
|
---|
478 | {
|
---|
479 | switch (iType)
|
---|
480 | {
|
---|
481 | case CPU_TYPE_ANY: return "CPU_TYPE_ANY";
|
---|
482 | case CPU_TYPE_VAX: return "VAX";
|
---|
483 | case CPU_TYPE_MC680x0: return "MC680x0";
|
---|
484 | case CPU_TYPE_X86: return "X86";
|
---|
485 | case CPU_TYPE_X86_64:
|
---|
486 | switch (iSubType)
|
---|
487 | {
|
---|
488 | case CPU_SUBTYPE_X86_64_ALL: return "X86_64/ALL64";
|
---|
489 | }
|
---|
490 | return "X86_64";
|
---|
491 | case CPU_TYPE_MC98000: return "MC98000";
|
---|
492 | case CPU_TYPE_HPPA: return "HPPA";
|
---|
493 | case CPU_TYPE_MC88000: return "MC88000";
|
---|
494 | case CPU_TYPE_SPARC: return "SPARC";
|
---|
495 | case CPU_TYPE_I860: return "I860";
|
---|
496 | case CPU_TYPE_POWERPC: return "POWERPC";
|
---|
497 | case CPU_TYPE_POWERPC64: return "POWERPC64";
|
---|
498 |
|
---|
499 | }
|
---|
500 | return "??";
|
---|
501 | }
|
---|
502 |
|
---|
503 |
|
---|
504 | static const char *dbgcMachoLoadCommand(uint32_t uCmd)
|
---|
505 | {
|
---|
506 | switch (uCmd)
|
---|
507 | {
|
---|
508 | RT_CASE_RET_STR(LC_SEGMENT_32);
|
---|
509 | RT_CASE_RET_STR(LC_SYMTAB);
|
---|
510 | RT_CASE_RET_STR(LC_SYMSEG);
|
---|
511 | RT_CASE_RET_STR(LC_THREAD);
|
---|
512 | RT_CASE_RET_STR(LC_UNIXTHREAD);
|
---|
513 | RT_CASE_RET_STR(LC_LOADFVMLIB);
|
---|
514 | RT_CASE_RET_STR(LC_IDFVMLIB);
|
---|
515 | RT_CASE_RET_STR(LC_IDENT);
|
---|
516 | RT_CASE_RET_STR(LC_FVMFILE);
|
---|
517 | RT_CASE_RET_STR(LC_PREPAGE);
|
---|
518 | RT_CASE_RET_STR(LC_DYSYMTAB);
|
---|
519 | RT_CASE_RET_STR(LC_LOAD_DYLIB);
|
---|
520 | RT_CASE_RET_STR(LC_ID_DYLIB);
|
---|
521 | RT_CASE_RET_STR(LC_LOAD_DYLINKER);
|
---|
522 | RT_CASE_RET_STR(LC_ID_DYLINKER);
|
---|
523 | RT_CASE_RET_STR(LC_PREBOUND_DYLIB);
|
---|
524 | RT_CASE_RET_STR(LC_ROUTINES);
|
---|
525 | RT_CASE_RET_STR(LC_SUB_FRAMEWORK);
|
---|
526 | RT_CASE_RET_STR(LC_SUB_UMBRELLA);
|
---|
527 | RT_CASE_RET_STR(LC_SUB_CLIENT);
|
---|
528 | RT_CASE_RET_STR(LC_SUB_LIBRARY);
|
---|
529 | RT_CASE_RET_STR(LC_TWOLEVEL_HINTS);
|
---|
530 | RT_CASE_RET_STR(LC_PREBIND_CKSUM);
|
---|
531 | RT_CASE_RET_STR(LC_LOAD_WEAK_DYLIB);
|
---|
532 | RT_CASE_RET_STR(LC_SEGMENT_64);
|
---|
533 | RT_CASE_RET_STR(LC_ROUTINES_64);
|
---|
534 | RT_CASE_RET_STR(LC_UUID);
|
---|
535 | RT_CASE_RET_STR(LC_RPATH);
|
---|
536 | RT_CASE_RET_STR(LC_CODE_SIGNATURE);
|
---|
537 | RT_CASE_RET_STR(LC_SEGMENT_SPLIT_INFO);
|
---|
538 | RT_CASE_RET_STR(LC_REEXPORT_DYLIB);
|
---|
539 | RT_CASE_RET_STR(LC_LAZY_LOAD_DYLIB);
|
---|
540 | RT_CASE_RET_STR(LC_ENCRYPTION_INFO);
|
---|
541 | RT_CASE_RET_STR(LC_DYLD_INFO);
|
---|
542 | RT_CASE_RET_STR(LC_DYLD_INFO_ONLY);
|
---|
543 | RT_CASE_RET_STR(LC_LOAD_UPWARD_DYLIB);
|
---|
544 | RT_CASE_RET_STR(LC_VERSION_MIN_MACOSX);
|
---|
545 | RT_CASE_RET_STR(LC_VERSION_MIN_IPHONEOS);
|
---|
546 | RT_CASE_RET_STR(LC_FUNCTION_STARTS);
|
---|
547 | RT_CASE_RET_STR(LC_DYLD_ENVIRONMENT);
|
---|
548 | RT_CASE_RET_STR(LC_MAIN);
|
---|
549 | RT_CASE_RET_STR(LC_DATA_IN_CODE);
|
---|
550 | RT_CASE_RET_STR(LC_SOURCE_VERSION);
|
---|
551 | RT_CASE_RET_STR(LC_DYLIB_CODE_SIGN_DRS);
|
---|
552 | RT_CASE_RET_STR(LC_ENCRYPTION_INFO_64);
|
---|
553 | RT_CASE_RET_STR(LC_LINKER_OPTION);
|
---|
554 | RT_CASE_RET_STR(LC_LINKER_OPTIMIZATION_HINT);
|
---|
555 | RT_CASE_RET_STR(LC_VERSION_MIN_TVOS);
|
---|
556 | RT_CASE_RET_STR(LC_VERSION_MIN_WATCHOS);
|
---|
557 | RT_CASE_RET_STR(LC_NOTE);
|
---|
558 | RT_CASE_RET_STR(LC_BUILD_VERSION);
|
---|
559 | }
|
---|
560 | return "??";
|
---|
561 | }
|
---|
562 |
|
---|
563 |
|
---|
564 | static const char *dbgcMachoProt(uint32_t fProt)
|
---|
565 | {
|
---|
566 | switch (fProt)
|
---|
567 | {
|
---|
568 | case VM_PROT_NONE: return "---";
|
---|
569 | case VM_PROT_READ: return "r--";
|
---|
570 | case VM_PROT_READ | VM_PROT_WRITE: return "rw-";
|
---|
571 | case VM_PROT_READ | VM_PROT_EXECUTE: return "r-x";
|
---|
572 | case VM_PROT_READ | VM_PROT_WRITE | VM_PROT_EXECUTE: return "rwx";
|
---|
573 | case VM_PROT_WRITE: return "-w-";
|
---|
574 | case VM_PROT_WRITE | VM_PROT_EXECUTE: return "-wx";
|
---|
575 | case VM_PROT_EXECUTE: return "-w-";
|
---|
576 | }
|
---|
577 | return "???";
|
---|
578 | }
|
---|
579 |
|
---|
580 |
|
---|
581 | static int dbgcDumpImageMachO(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PCDBGCVAR pImageBase, mach_header_64_t const *pHdr)
|
---|
582 | {
|
---|
583 | #define ENTRY(a_Define) { a_Define, #a_Define }
|
---|
584 | RT_NOREF_PV(pCmd);
|
---|
585 |
|
---|
586 | /*
|
---|
587 | * Header:
|
---|
588 | */
|
---|
589 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: Mach-O image (%s bit) - %s (%u) - %s (%#x / %#x)\n",
|
---|
590 | pImageBase, pHdr->magic == IMAGE_MACHO64_SIGNATURE ? "64" : "32",
|
---|
591 | dbgcMachoFileType(pHdr->filetype), pHdr->filetype,
|
---|
592 | dbgcMachoCpuType(pHdr->cputype, pHdr->cpusubtype), pHdr->cputype, pHdr->cpusubtype);
|
---|
593 |
|
---|
594 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: Flags: %#x", pImageBase, pHdr->flags);
|
---|
595 | static DBGCDUMPFLAGENTRY const s_aHdrFlags[] =
|
---|
596 | {
|
---|
597 | FLENT(MH_NOUNDEFS), FLENT(MH_INCRLINK),
|
---|
598 | FLENT(MH_DYLDLINK), FLENT(MH_BINDATLOAD),
|
---|
599 | FLENT(MH_PREBOUND), FLENT(MH_SPLIT_SEGS),
|
---|
600 | FLENT(MH_LAZY_INIT), FLENT(MH_TWOLEVEL),
|
---|
601 | FLENT(MH_FORCE_FLAT), FLENT(MH_NOMULTIDEFS),
|
---|
602 | FLENT(MH_NOFIXPREBINDING), FLENT(MH_PREBINDABLE),
|
---|
603 | FLENT(MH_ALLMODSBOUND), FLENT(MH_SUBSECTIONS_VIA_SYMBOLS),
|
---|
604 | FLENT(MH_CANONICAL), FLENT(MH_WEAK_DEFINES),
|
---|
605 | FLENT(MH_BINDS_TO_WEAK), FLENT(MH_ALLOW_STACK_EXECUTION),
|
---|
606 | FLENT(MH_ROOT_SAFE), FLENT(MH_SETUID_SAFE),
|
---|
607 | FLENT(MH_NO_REEXPORTED_DYLIBS), FLENT(MH_PIE),
|
---|
608 | FLENT(MH_DEAD_STRIPPABLE_DYLIB), FLENT(MH_HAS_TLV_DESCRIPTORS),
|
---|
609 | FLENT(MH_NO_HEAP_EXECUTION),
|
---|
610 | };
|
---|
611 | dbgcDumpImageFlags32(pCmdHlp, pHdr->flags, s_aHdrFlags, RT_ELEMENTS(s_aHdrFlags));
|
---|
612 | DBGCCmdHlpPrintf(pCmdHlp, "\n");
|
---|
613 | if (pHdr->reserved != 0 && pHdr->magic == IMAGE_MACHO64_SIGNATURE)
|
---|
614 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: Reserved header field: %#x\n", pImageBase, pHdr->reserved);
|
---|
615 |
|
---|
616 | /*
|
---|
617 | * And now the load commands.
|
---|
618 | */
|
---|
619 | const uint32_t cCmds = pHdr->ncmds;
|
---|
620 | const uint32_t cbCmds = pHdr->sizeofcmds;
|
---|
621 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: %u load commands covering %#x bytes:\n", pImageBase, cCmds, cbCmds);
|
---|
622 | if (cbCmds > _16M)
|
---|
623 | return DBGCCmdHlpFailRc(pCmdHlp, pCmd, VERR_OUT_OF_RANGE,
|
---|
624 | "%Dv: Commands too big: %#x bytes, max 16MiB\n", pImageBase, cbCmds);
|
---|
625 |
|
---|
626 | /* Calc address of the first command: */
|
---|
627 | const uint32_t cbHdr = pHdr->magic == IMAGE_MACHO64_SIGNATURE ? sizeof(mach_header_64_t) : sizeof(mach_header_32_t);
|
---|
628 | DBGCVAR Addr;
|
---|
629 | int rc = DBGCCmdHlpEval(pCmdHlp, &Addr, "%DV + %#RX32", pImageBase, cbHdr);
|
---|
630 | AssertRCReturn(rc, rc);
|
---|
631 |
|
---|
632 | /* Read them into a temp buffer: */
|
---|
633 | uint8_t *pbCmds = (uint8_t *)RTMemTmpAllocZ(cbCmds);
|
---|
634 | if (!pbCmds)
|
---|
635 | return VERR_NO_TMP_MEMORY;
|
---|
636 |
|
---|
637 | rc = DBGCCmdHlpMemRead(pCmdHlp, pbCmds, cbCmds, &Addr, NULL);
|
---|
638 | if (RT_SUCCESS(rc))
|
---|
639 | {
|
---|
640 | static const DBGCDUMPFLAGENTRY s_aSegFlags[] =
|
---|
641 | { FLENT(SG_HIGHVM), FLENT(SG_FVMLIB), FLENT(SG_NORELOC), FLENT(SG_PROTECTED_VERSION_1), };
|
---|
642 |
|
---|
643 | /*
|
---|
644 | * Iterate the commands.
|
---|
645 | */
|
---|
646 | uint32_t offCmd = 0;
|
---|
647 | for (uint32_t iCmd = 0; iCmd < cCmds; iCmd++)
|
---|
648 | {
|
---|
649 | load_command_t const *pCurCmd = (load_command_t const *)&pbCmds[offCmd];
|
---|
650 | const uint32_t cbCurCmd = offCmd + sizeof(*pCurCmd) <= cbCmds ? pCurCmd->cmdsize : sizeof(*pCurCmd);
|
---|
651 | if (offCmd + cbCurCmd > cbCmds)
|
---|
652 | {
|
---|
653 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, VERR_OUT_OF_RANGE,
|
---|
654 | "%Dv: Load command #%u (offset %#x + %#x) is out of bounds! cmdsize=%u (%#x) cmd=%u\n",
|
---|
655 | pImageBase, iCmd, offCmd, cbHdr, cbCurCmd, cbCurCmd,
|
---|
656 | offCmd + RT_UOFFSET_AFTER(load_command_t, cmd) <= cbCmds ? pCurCmd->cmd : UINT32_MAX);
|
---|
657 | break;
|
---|
658 | }
|
---|
659 |
|
---|
660 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: Load command #%u (offset %#x + %#x): %s (%u) LB %u\n",
|
---|
661 | pImageBase, iCmd, offCmd, cbHdr, dbgcMachoLoadCommand(pCurCmd->cmd), pCurCmd->cmd, cbCurCmd);
|
---|
662 | switch (pCurCmd->cmd)
|
---|
663 | {
|
---|
664 | case LC_SEGMENT_64:
|
---|
665 | if (cbCurCmd < sizeof(segment_command_64_t))
|
---|
666 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, VERR_LDRMACHO_BAD_LOAD_COMMAND,
|
---|
667 | "%Dv: LC_SEGMENT64 is too short!\n", pImageBase);
|
---|
668 | else
|
---|
669 | {
|
---|
670 | segment_command_64_t const *pSeg = (segment_command_64_t const *)pCurCmd;
|
---|
671 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: vmaddr: %016RX64 LB %08RX64 prot: %s(%x) maxprot: %s(%x) name: %.16s\n",
|
---|
672 | pImageBase, pSeg->vmaddr, pSeg->vmsize, dbgcMachoProt(pSeg->initprot), pSeg->initprot,
|
---|
673 | dbgcMachoProt(pSeg->maxprot), pSeg->maxprot, pSeg->segname);
|
---|
674 | DBGCCmdHlpPrintf(pCmdHlp, "%Dv: file: %016RX64 LB %08RX64 sections: %2u flags: %#x",
|
---|
675 | pImageBase, pSeg->fileoff, pSeg->filesize, pSeg->nsects, pSeg->flags);
|
---|
676 | dbgcDumpImageFlags32(pCmdHlp, pSeg->flags, s_aSegFlags, RT_ELEMENTS(s_aSegFlags));
|
---|
677 | DBGCCmdHlpPrintf(pCmdHlp, "\n");
|
---|
678 | if ( pSeg->nsects > _64K
|
---|
679 | || pSeg->nsects * sizeof(section_64_t) + sizeof(pSeg) > cbCurCmd)
|
---|
680 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, VERR_LDRMACHO_BAD_LOAD_COMMAND,
|
---|
681 | "%Dv: LC_SEGMENT64 is too short for all the sections!\n", pImageBase);
|
---|
682 | else
|
---|
683 | {
|
---|
684 | section_64_t const *paSec = (section_64_t const *)(pSeg + 1);
|
---|
685 | for (uint32_t iSec = 0; iSec < pSeg->nsects; iSec++)
|
---|
686 | {
|
---|
687 | DBGCCmdHlpPrintf(pCmdHlp,
|
---|
688 | "%Dv: Section #%u: %016RX64 LB %08RX64 align: 2**%-2u name: %.16s",
|
---|
689 | pImageBase, iSec, paSec[iSec].addr, paSec[iSec].size, paSec[iSec].align,
|
---|
690 | paSec[iSec].sectname);
|
---|
691 | if (strncmp(pSeg->segname, paSec[iSec].segname, sizeof(pSeg->segname)))
|
---|
692 | DBGCCmdHlpPrintf(pCmdHlp, "(in %.16s)", paSec[iSec].segname);
|
---|
693 | DBGCCmdHlpPrintf(pCmdHlp, "\n");
|
---|
694 |
|
---|
695 | /// @todo Good night!
|
---|
696 | /// uint32_t offset;
|
---|
697 | /// uint32_t reloff;
|
---|
698 | /// uint32_t nreloc;
|
---|
699 | /// uint32_t flags;
|
---|
700 | /// /** For S_LAZY_SYMBOL_POINTERS, S_NON_LAZY_SYMBOL_POINTERS and S_SYMBOL_STUBS
|
---|
701 | /// * this is the index into the indirect symbol table. */
|
---|
702 | /// uint32_t reserved1;
|
---|
703 | /// uint32_t reserved2;
|
---|
704 | /// uint32_t reserved3;
|
---|
705 | ///
|
---|
706 | }
|
---|
707 | }
|
---|
708 | }
|
---|
709 | break;
|
---|
710 | }
|
---|
711 |
|
---|
712 | /* Advance: */
|
---|
713 | offCmd += cbCurCmd;
|
---|
714 | }
|
---|
715 | }
|
---|
716 | else
|
---|
717 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "%Dv: Error reading load commands %Dv LB %#x\n",
|
---|
718 | pImageBase, &Addr, cbCmds);
|
---|
719 | RTMemTmpFree(pbCmds);
|
---|
720 | return rc;
|
---|
721 | #undef ENTRY
|
---|
722 | }
|
---|
723 |
|
---|
724 |
|
---|
725 | /**
|
---|
726 | * @callback_method_impl{FNDBGCCMD, The 'dumpimage' command.}
|
---|
727 | */
|
---|
728 | DECLCALLBACK(int) dbgcCmdDumpImage(PCDBGCCMD pCmd, PDBGCCMDHLP pCmdHlp, PUVM pUVM, PCDBGCVAR paArgs, unsigned cArgs)
|
---|
729 | {
|
---|
730 | int rcRet = VINF_SUCCESS;
|
---|
731 | for (unsigned iArg = 0; iArg < cArgs; iArg++)
|
---|
732 | {
|
---|
733 | union
|
---|
734 | {
|
---|
735 | uint8_t ab[0x10];
|
---|
736 | IMAGE_DOS_HEADER DosHdr;
|
---|
737 | struct
|
---|
738 | {
|
---|
739 | uint32_t u32Magic;
|
---|
740 | IMAGE_FILE_HEADER FileHdr;
|
---|
741 | } Nt;
|
---|
742 | mach_header_64_t MachO64;
|
---|
743 | } uBuf;
|
---|
744 | DBGCVAR const ImageBase = paArgs[iArg];
|
---|
745 | int rc = DBGCCmdHlpMemRead(pCmdHlp, &uBuf.DosHdr, sizeof(uBuf.DosHdr), &ImageBase, NULL);
|
---|
746 | if (RT_SUCCESS(rc))
|
---|
747 | {
|
---|
748 | /*
|
---|
749 | * MZ.
|
---|
750 | */
|
---|
751 | if (uBuf.DosHdr.e_magic == IMAGE_DOS_SIGNATURE)
|
---|
752 | {
|
---|
753 | uint32_t offNewHdr = uBuf.DosHdr.e_lfanew;
|
---|
754 | if (offNewHdr < _256K && offNewHdr >= 16)
|
---|
755 | {
|
---|
756 | /* Look for new header. */
|
---|
757 | DBGCVAR NewHdrAddr;
|
---|
758 | rc = DBGCCmdHlpEval(pCmdHlp, &NewHdrAddr, "%DV + %#RX32", &ImageBase, offNewHdr);
|
---|
759 | if (RT_SUCCESS(rc))
|
---|
760 | {
|
---|
761 | rc = DBGCCmdHlpMemRead(pCmdHlp, &uBuf.Nt, sizeof(uBuf.Nt), &NewHdrAddr, NULL);
|
---|
762 | if (RT_SUCCESS(rc))
|
---|
763 | {
|
---|
764 | /* PE: */
|
---|
765 | if (uBuf.Nt.u32Magic == IMAGE_NT_SIGNATURE)
|
---|
766 | rc = dbgcDumpImagePe(pCmd, pCmdHlp, &ImageBase, &NewHdrAddr, &uBuf.Nt.FileHdr);
|
---|
767 | else
|
---|
768 | rc = DBGCCmdHlpFail(pCmdHlp, pCmd, "%Dv: Unknown new header magic: %.8Rhxs\n",
|
---|
769 | &ImageBase, uBuf.ab);
|
---|
770 | }
|
---|
771 | else
|
---|
772 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "%Dv: Failed to read %zu at %Dv",
|
---|
773 | &ImageBase, sizeof(uBuf.Nt), &NewHdrAddr);
|
---|
774 | }
|
---|
775 | else
|
---|
776 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "%Dv: Failed to calc address of new header", &ImageBase);
|
---|
777 | }
|
---|
778 | else
|
---|
779 | rc = DBGCCmdHlpFail(pCmdHlp, pCmd, "%Dv: MZ header but e_lfanew=%#RX32 is out of bounds (16..256K).\n",
|
---|
780 | &ImageBase, offNewHdr);
|
---|
781 | }
|
---|
782 | /*
|
---|
783 | * ELF.
|
---|
784 | */
|
---|
785 | else if (uBuf.ab[0] == ELFMAG0 && uBuf.ab[1] == ELFMAG1 && uBuf.ab[2] == ELFMAG2 && uBuf.ab[3] == ELFMAG3)
|
---|
786 | rc = dbgcDumpImageElf(pCmd, pCmdHlp, &ImageBase);
|
---|
787 | /*
|
---|
788 | * Mach-O.
|
---|
789 | */
|
---|
790 | else if ( uBuf.MachO64.magic == IMAGE_MACHO64_SIGNATURE
|
---|
791 | || uBuf.MachO64.magic == IMAGE_MACHO32_SIGNATURE )
|
---|
792 | rc = dbgcDumpImageMachO(pCmd, pCmdHlp, &ImageBase, &uBuf.MachO64);
|
---|
793 | /*
|
---|
794 | * Dunno.
|
---|
795 | */
|
---|
796 | else
|
---|
797 | rc = DBGCCmdHlpFail(pCmdHlp, pCmd, "%Dv: Unknown magic: %.8Rhxs\n", &ImageBase, uBuf.ab);
|
---|
798 | }
|
---|
799 | else
|
---|
800 | rc = DBGCCmdHlpFailRc(pCmdHlp, pCmd, rc, "%Dv: Failed to read %zu", &ImageBase, sizeof(uBuf.DosHdr));
|
---|
801 | if (RT_FAILURE(rc) && RT_SUCCESS(rcRet))
|
---|
802 | rcRet = rc;
|
---|
803 | }
|
---|
804 | RT_NOREF(pUVM);
|
---|
805 | return rcRet;
|
---|
806 | }
|
---|
807 |
|
---|