Skip to content

Commit 714583f

Browse files
mrexodiamrexodia
committed
DBG+GUI: fixed various things with string detection (fixed x64dbg#680 x64dbg#530)
1 parent 7665c17 commit 714583f

File tree

6 files changed

+70
-89
lines changed

6 files changed

+70
-89
lines changed

src/dbg/_exports.cpp

Lines changed: 38 additions & 55 deletions
Original file line numberDiff line numberDiff line change
@@ -232,8 +232,7 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDR
232232
String temp_string;
233233
String comment;
234234
ADDRINFO newinfo;
235-
char ascii[256 * 2] = "";
236-
char unicode[256 * 2] = "";
235+
char string_text[MAX_STRING_SIZE] = "";
237236

238237
memset(&instr, 0, sizeof(DISASM_INSTR));
239238
disasmget(addr, &instr);
@@ -247,85 +246,54 @@ extern "C" DLL_EXPORT bool _dbg_addrinfoget(duint addr, SEGMENTREG segment, ADDR
247246

248247
if(instr.arg[i].constant == instr.arg[i].value) //avoid: call <module.label> ; addr:label
249248
{
250-
if(instr.type == instr_branch || !disasmgetstringat(instr.arg[i].constant, &strtype, ascii, unicode, len_left) || strtype == str_none)
249+
if(instr.type == instr_branch)
251250
continue;
252-
switch(strtype)
251+
if(DbgGetStringAt(instr.arg[i].constant, string_text))
253252
{
254-
case str_none:
255-
break;
256-
case str_ascii:
257253
temp_string = instr.arg[i].mnemonic;
258-
temp_string.append(":\"");
259-
temp_string.append(ascii);
260-
temp_string.append("\"");
261-
break;
262-
case str_unicode:
263-
temp_string = instr.arg[i].mnemonic;
264-
temp_string.append(":L\"");
265-
temp_string.append(unicode);
266-
temp_string.append("\"");
267-
break;
254+
temp_string.append(":");
255+
temp_string.append(string_text);
268256
}
269257
}
270-
else if(instr.arg[i].memvalue && (disasmgetstringat(instr.arg[i].memvalue, &strtype, ascii, unicode, len_left) || _dbg_addrinfoget(instr.arg[i].memvalue, instr.arg[i].segment, &newinfo)))
258+
else if(instr.arg[i].memvalue && (DbgGetStringAt(instr.arg[i].memvalue, string_text) || _dbg_addrinfoget(instr.arg[i].memvalue, instr.arg[i].segment, &newinfo)))
271259
{
272-
switch(strtype)
260+
if(*string_text)
273261
{
274-
case str_none:
275-
if(*newinfo.label)
276-
{
277-
temp_string = "[";
278-
temp_string.append(instr.arg[i].mnemonic);
279-
temp_string.append("]:");
280-
temp_string.append(newinfo.label);
281-
}
282-
break;
283-
case str_ascii:
284262
temp_string = "[";
285263
temp_string.append(instr.arg[i].mnemonic);
286264
temp_string.append("]:");
287-
temp_string.append(ascii);
288-
break;
289-
case str_unicode:
265+
temp_string.append(string_text);
266+
}
267+
else if(*newinfo.label)
268+
{
290269
temp_string = "[";
291270
temp_string.append(instr.arg[i].mnemonic);
292271
temp_string.append("]:");
293-
temp_string.append(unicode);
294-
break;
272+
temp_string.append(newinfo.label);
295273
}
296274
}
297-
else if(instr.arg[i].value && (disasmgetstringat(instr.arg[i].value, &strtype, ascii, unicode, len_left) || _dbg_addrinfoget(instr.arg[i].value, instr.arg[i].segment, &newinfo)))
275+
else if(instr.arg[i].value && (DbgGetStringAt(instr.arg[i].value, string_text) || _dbg_addrinfoget(instr.arg[i].value, instr.arg[i].segment, &newinfo)))
298276
{
299277
if(instr.type != instr_normal) //stack/jumps (eg add esp,4 or jmp 401110) cannot directly point to strings
300-
strtype = str_none;
301-
switch(strtype)
302278
{
303-
case str_none:
304279
if(*newinfo.label)
305280
{
306281
temp_string = instr.arg[i].mnemonic;
307282
temp_string.append(":");
308283
temp_string.append(newinfo.label);
309284
}
310-
break;
311-
case str_ascii:
312-
temp_string = instr.arg[i].mnemonic;
313-
temp_string.append(":\"");
314-
temp_string.append(ascii);
315-
temp_string.append("\"");
316-
break;
317-
case str_unicode:
285+
}
286+
else if(*string_text)
287+
{
318288
temp_string = instr.arg[i].mnemonic;
319-
temp_string.append(":L\"");
320-
temp_string.append(unicode);
321-
temp_string.append("\"");
322-
break;
289+
temp_string.append(":");
290+
temp_string.append(string_text);
323291
}
324292
}
325293
else
326294
continue;
327295

328-
if(!strstr(comment.c_str(), temp_string.c_str()))
296+
if(!strstr(comment.c_str(), temp_string.c_str())) //avoid duplicate comments
329297
{
330298
if(comment.length())
331299
comment.append(", ");
@@ -964,14 +932,29 @@ extern "C" DLL_EXPORT duint _dbg_sendmessage(DBGMSG type, void* param1, void* pa
964932

965933
case DBG_GET_STRING_AT:
966934
{
967-
STRING_TYPE strtype;
935+
auto addr = duint(param1);
936+
auto dest = (char*)param2;
937+
*dest = '\0';
968938
char string[MAX_STRING_SIZE];
969-
if(disasmgetstringat((duint)param1, &strtype, string, string, MAX_STRING_SIZE - 3))
939+
duint addrPtr;
940+
STRING_TYPE strtype;
941+
if(MemRead(addr, &addrPtr, sizeof(addr)) && MemIsValidReadPtr(addrPtr))
942+
{
943+
if(disasmgetstringat(addrPtr, &strtype, string, string, MAX_STRING_SIZE - 3))
944+
{
945+
if(strtype == str_ascii)
946+
sprintf_s(dest, MAX_STRING_SIZE, "&\"%s\"", string);
947+
else //unicode
948+
sprintf_s(dest, MAX_STRING_SIZE, "&L\"%s\"", string);
949+
return true;
950+
}
951+
}
952+
if(disasmgetstringat(addr, &strtype, string, string, MAX_STRING_SIZE - 3))
970953
{
971954
if(strtype == str_ascii)
972-
sprintf((char*)param2, "\"%s\"", string);
955+
sprintf_s(dest, MAX_STRING_SIZE, "\"%s\"", string);
973956
else //unicode
974-
sprintf((char*)param2, "L\"%s\"", string);
957+
sprintf_s(dest, MAX_STRING_SIZE, "L\"%s\"", string);
975958
return true;
976959
}
977960
return false;

src/dbg/instruction.cpp

Lines changed: 5 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -950,37 +950,31 @@ bool cbRefStr(Capstone* disasm, BASIC_INSTRUCTION_INFO* basicinfo, REFINFO* refi
950950
return true;
951951
}
952952
bool found = false;
953-
STRING_TYPE strtype;
954-
char string[1024] = "";
953+
char string[MAX_STRING_SIZE] = "";
955954
if(basicinfo->branch) //branches have no strings (jmp dword [401000])
956955
return false;
957956
if((basicinfo->type & TYPE_VALUE) == TYPE_VALUE)
958957
{
959-
if(disasmgetstringat(basicinfo->value.value, &strtype, string, string, 500))
958+
if(DbgGetStringAt(basicinfo->value.value, string))
960959
found = true;
961960
}
962961
if((basicinfo->type & TYPE_MEMORY) == TYPE_MEMORY)
963962
{
964-
if(!found && disasmgetstringat(basicinfo->memory.value, &strtype, string, string, 500))
963+
if(DbgGetStringAt(basicinfo->memory.value, string))
965964
found = true;
966965
}
967966
if(found)
968967
{
969968
char addrText[20] = "";
970-
sprintf(addrText, "%p", disasm->Address());
969+
sprintf(addrText, fhex, disasm->Address());
971970
GuiReferenceSetRowCount(refinfo->refcount + 1);
972971
GuiReferenceSetCellContent(refinfo->refcount, 0, addrText);
973972
char disassembly[4096] = "";
974973
if(GuiGetDisassembly((duint)disasm->Address(), disassembly))
975974
GuiReferenceSetCellContent(refinfo->refcount, 1, disassembly);
976975
else
977976
GuiReferenceSetCellContent(refinfo->refcount, 1, disasm->InstructionText().c_str());
978-
char dispString[1024] = "";
979-
if(strtype == str_ascii)
980-
sprintf(dispString, "\"%s\"", string);
981-
else
982-
sprintf(dispString, "L\"%s\"", string);
983-
GuiReferenceSetCellContent(refinfo->refcount, 2, dispString);
977+
GuiReferenceSetCellContent(refinfo->refcount, 2, string);
984978
}
985979
return found;
986980
}

src/dbg/stackinfo.cpp

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -108,14 +108,10 @@ bool stackcommentget(duint addr, STACK_COMMENT* comment)
108108
}
109109

110110
//string
111-
STRING_TYPE strtype;
112-
char string[512] = "";
113-
if(disasmgetstringat(data, &strtype, string, string, 500))
111+
char string[MAX_STRING_SIZE] = "";
112+
if(DbgGetStringAt(data, string))
114113
{
115-
if(strtype == str_ascii)
116-
sprintf(comment->comment, "\"%s\"", string);
117-
else //unicode
118-
sprintf(comment->comment, "L\"%s\"", string);
114+
strcpy_s(comment->comment, _TRUNCATE, string);
119115
return true;
120116
}
121117

src/dbg/stringformat.cpp

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ namespace ValueType
1818
static String printValue(FormatValueType value, ValueType::ValueType type)
1919
{
2020
duint valuint = 0;
21-
bool validval = valfromstring(value, &valuint);
21+
auto validval = valfromstring(value, &valuint);
2222
char result[deflen] = "???";
2323
switch(type)
2424
{
@@ -43,10 +43,9 @@ static String printValue(FormatValueType value, ValueType::ValueType type)
4343
case ValueType::String:
4444
if(validval)
4545
{
46-
STRING_TYPE strtype;
47-
char string[512] = "";
48-
if(disasmgetstringat(valuint, &strtype, string, string, 500))
49-
strcpy_s(result, string);
46+
char string[MAX_STRING_SIZE] = "";
47+
if(DbgGetStringAt(valuint, string))
48+
strcpy_s(result, _TRUNCATE, string);
5049
}
5150
break;
5251
}

src/gui/Src/Gui/CPUDump.cpp

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -567,17 +567,25 @@ QString CPUDump::paintContent(QPainter* painter, dsint rowBase, int rowOffset, i
567567
}
568568
painter->drawText(QRect(x + 4, y , w - 4 , h), Qt::AlignVCenter | Qt::AlignLeft, addrText);
569569
}
570-
else if(col && mDescriptor.at(col - 1).isData == false && mDescriptor.at(col - 1).itemCount == 1) //print comments
570+
else if(mDescriptor.at(col - 1).isData) //print data
571+
{
572+
wStr = HexDump::paintContent(painter, rowBase, rowOffset, col, x, y, w, h);
573+
}
574+
else if(!mDescriptor.at(col - 1).isData && mDescriptor.at(col - 1).itemCount) //print comments
571575
{
572576
duint data = 0;
573577
dsint wRva = (rowBase + rowOffset) * getBytePerRowCount() - mByteOffset;
574578
mMemPage->read((byte_t*)&data, wRva, sizeof(duint));
579+
575580
char modname[MAX_MODULE_SIZE] = "";
576581
if(!DbgGetModuleAt(data, modname))
577582
modname[0] = '\0';
578583
char label_text[MAX_LABEL_SIZE] = "";
579584
if(DbgGetLabelAt(data, SEG_DEFAULT, label_text))
580585
wStr = QString(modname) + "." + QString(label_text);
586+
char string_text[MAX_STRING_SIZE] = "";
587+
if(DbgGetStringAt(data, string_text))
588+
wStr = string_text;
581589
if(!wStr.length()) //stack comments
582590
{
583591
auto va = rvaToVa(wRva);
@@ -602,10 +610,6 @@ QString CPUDump::paintContent(QPainter* painter, dsint rowBase, int rowOffset, i
602610
}
603611
}
604612
}
605-
else //data
606-
{
607-
wStr = HexDump::paintContent(painter, rowBase, rowOffset, col, x, y, w, h);
608-
}
609613
return wStr;
610614
}
611615

@@ -1313,7 +1317,7 @@ void CPUDump::addressSlot()
13131317
dDesc.itemSize = Byte;
13141318
dDesc.byteMode = AsciiByte;
13151319
wColDesc.data = dDesc;
1316-
appendDescriptor(0, "Comments", false, wColDesc);
1320+
appendDescriptor(0, tr("Comments"), false, wColDesc);
13171321

13181322
reloadData();
13191323
}

src/gui/Src/Gui/CPUInfoBox.cpp

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -74,8 +74,7 @@ QString CPUInfoBox::getSymbolicName(dsint addr)
7474
bool bHasString = DbgGetStringAt(addr, string);
7575
bool bHasLabel = DbgGetLabelAt(addr, SEG_DEFAULT, labelText);
7676
bool bHasModule = (DbgGetModuleAt(addr, moduleText) && !QString(labelText).startsWith("JMP.&"));
77-
QString addrText;
78-
addrText = QString("%1").arg(addr & (duint) - 1, 0, 16, QChar('0')).toUpper();
77+
QString addrText = ToHexString(addr);
7978
QString finalText;
8079
if(bHasString)
8180
finalText = addrText + " " + QString(string);
@@ -189,12 +188,18 @@ void CPUInfoBox::disasmSelectionChanged(dsint parVA)
189188
}
190189
else
191190
{
191+
auto symbolicName = getSymbolicName(arg.value);
192192
QString mnemonic(arg.mnemonic);
193193
bool ok;
194194
mnemonic.toULongLong(&ok, 16);
195-
if(ok) //skip numbers
196-
continue;
197-
setInfoLine(j, mnemonic + "=" + getSymbolicName(arg.value));
195+
if(ok) //skip certain numbers
196+
{
197+
if(ToHexString(arg.value) == symbolicName)
198+
continue;
199+
setInfoLine(j, symbolicName);
200+
}
201+
else
202+
setInfoLine(j, mnemonic + "=" + symbolicName);
198203
j++;
199204
}
200205
}

0 commit comments

Comments
 (0)