Merged mrexodia/x64_dbg into master

Author: Nukem9

.gitignore

@@ -1,13 +1,18 @@
 #ignore directories
-*/obj/
-bin/*/*
-ipch/*
-x64_dbg_*/Win32/*
-x64_dbg_*/x64/*
+bin/
+obj/
+ipch/
+Win32/
+x64/
+release/
+build/
+debug/
+*XE Results*/
 
 #global filetypes to ignore
 *.depend
 *.layout
+*.patch
 *.cscope_file_list
 *.bmarks
 *.chw
@@ -16,19 +21,22 @@ x64_dbg_*/x64/*
 *.opensdf
 *.sdf
 *.suo
+*.autosave
+*.~vsd
+*.dll
+*.exe
+*.pro.user.*
+*.orig
+coverity*
+cov-int*
+COV/
+*.pdb
+ui_*
 
-#whitelisted bin files
-!bin/*/TitanEngine.dll
-!bin/*/test.dll
-!bin/*/test.exe
-!bin/*/dbghelp.dll
-!bin/*/sqlite.dll
-!bin/*/BeaEngine.dll
-!bin/*/Scylla.dll
-
-#files to ignore
+#project to ignore
 todo_bridge.txt
 help/x64_dbg.chm
+help/output/
 
 #debugger files to ignore
 x64_dbg_dbg/ODbgScript.chm
@@ -46,11 +54,17 @@ x64_dbg_gui/Project/GeneratedFiles/
 x64_dbg_gui/Project/release/
 x64_dbg_gui/Project/Win32/
 x64_dbg_gui/Project/x64/
+x64_dbg_gui/Project/Makefile
+x64_dbg_gui/Project/Makefile.Debug
+x64_dbg_gui/Project/Makefile.Release
 x64_dbg_gui/Project/Src/Bridge/libx32_bridge.a
 x64_dbg_gui/Project/Src/Bridge/libx64_bridge.a
 x64_dbg_gui/Project/Src/Bridge/x32_bridge.lib
 x64_dbg_gui/Project/Src/Bridge/x64_bridge.lib
-help/output/*
-*.autosave
-*.~vsd
-release/
+tools/
+RCa*
+*.aps
+
+#exceptions
+!/AStyleWhore.exe
+!/AStyle.dll

AStyle.dll

@@ -0,0 +1,70 @@
+# x64_dbg
+
+## Note
+**This is a new version of this repository. The old version can be found [here](https://bitbucket.org/mrexodia/x64_dbg_old).**
+
+Also please run install.bat before you start committing code, this ensures your code is auto-formatted to the *x64_dbg* standards.
+
+## Downloads
+Releases of *x64_dbg* can be found on [here](http://download.x64dbg.com).
+
+## Overview
+*x64_dbg* is an open-source x32/x64 debugger for Windows.
+
+## Features
+- Open-source
+- Intuitive and familiar, yet new user interface
+- C-like expression parser
+- Full-featured debugging of DLL and EXE files (TitanEngine)
+- IDA-like sidebar with jump arrows
+- IDA-like instruction token highlighter (highlight registers, etc.)
+- Memory map
+- Symbol view
+- Thread view
+- Content-sensitive register view
+- Fully customizable color scheme
+- Dynamically recognize modules and strings
+- Import reconstructor integrated (Scylla)
+- Fast disassembler (BeaEngine)
+- User database (JSON) for comments, labels, bookmarks, etc.
+- Plugin support with growing API
+- Extendable, debuggable scripting language for automation
+- Multi-datatype memory dump
+- Basic debug symbol (PDB) support
+- Dynamic stack view
+- Built-in assembler (XEDParse)
+
+## Known bugs
+- Memory breakpoints sometimes fail (TitanEngine bug)
+
+## License
+*x64_dbg* is licensed under GLPv3, which means you can freely distribute and/or modify the source of *x64_dbg*, as long as you share your changes with us. The only exception is that plugins you write do not have to comply with the GLPv3 license. They do not have to be open-source and they can be commercial and/or private. The only exception to this is when your plugin uses code copied from *x64_dbg*. In that case you would still have to share the changes to *x64_dbg* with us.
+
+## Credits
+- Debugger core by TitanEngine Community Edition
+- Disassembly powered by BeaEngine (Updated)
+- Assembly powered by XEDParse
+- Import reconstruction powered by Scylla
+- JSON powered by Jansson
+- Database compression powered by lz4
+- Bug icon by VisualPharm
+- Interface icons by Fugue
+- Website by tr4ceflow
+
+## Special Thanks
+- EXETools community
+- Tuts4You community
+- acidflash
+- cyberbob
+- Teddy Rogers
+- TEAM DVT
+- DMichael
+- Artic
+- Nukem
+- ahmadmansoor
+
+## Developers (in order of joining)
+- [Mr. eXoDia](http://mrexodia.cf)
+- Sigma
+- [tr4ceflow](http://blog.tr4ceflow.com)
+- [Dreg](http://www.fr33project.org)

AStyleWhore.exe

@@ -4,6 +4,7 @@ del /Q *.sdf
 del /Q *.layout
 del /Q /A H *.suo
 rmdir /S /Q ipch
+rmdir /S /Q release
 echo cleaning x64_dbg_bridge...
 cd x64_dbg_bridge
 rmdir /S /Q obj
@@ -44,35 +45,37 @@ del /Q Project\Src\Bridge\libx64_bridge.a
 del /Q Project\Src\Bridge\x32_bridge.lib
 del /Q Project\Src\Bridge\x64_bridge.lib
 cd ..
+echo cleaning bin\
+del /Q bin\*.pdb
+del /Q bin\*.exp
+del /Q bin\*.a
+del /Q bin\*.lib
+del /Q bin\*.def
+del /Q bin\x96_dbg.exe
 echo cleaning bin\x32...
-cd bin\x32
-rmdir /S /Q db
-del /Q *.pdb
-del /Q *.exp
-del /Q *.a
-del /Q *.lib
-del /Q *.def
-del /Q x32_dbg.exe
-del /Q x32_dbg.dll
-del /Q x32_gui.dll
-del /Q x32_bridge.dll
-cd ..
-cd ..
+rmdir /S /Q bin\x32\db
+del /Q bin\x32\*.pdb
+del /Q bin\x32\*.exp
+del /Q bin\x32\*.a
+del /Q bin\x32\*.lib
+del /Q bin\x32\*.def
+del /Q bin\x32\x32_dbg.exe
+del /Q bin\x32\x32_dbg.dll
+del /Q bin\x32\x32_gui.dll
+del /Q bin\x32\x32_bridge.dll
 echo cleaning bin\x64...
-cd bin\x64
-rmdir /S /Q db
-del /Q *.pdb
-del /Q *.exp
-del /Q *.a
-del /Q *.lib
-del /Q *.def
-del /Q x64_dbg.exe
-del /Q x64_dbg.dll
-del /Q x64_gui.dll
-del /Q x64_bridge.dll
-cd ..
-cd ..
+rmdir /S /Q bin\x64\db
+del /Q bin\x64\*.pdb
+del /Q bin\x64\*.exp
+del /Q bin\x64\*.a
+del /Q bin\x64\*.lib
+del /Q bin\x64\*.def
+del /Q bin\x64\x64_dbg.exe
+del /Q bin\x64\x64_dbg.dll
+del /Q bin\x64\x64_gui.dll
+del /Q bin\x64\x64_bridge.dll
 echo cleaning help...
 cd help
 del /Q *.chm
-rmdir /S /Q output
+rmdir /S /Q output
+exit 0

LICENSE

@@ -19,6 +19,8 @@
 debugger to a running process.</P>
 <P><U>arguments</U><BR>&nbsp; arg1: Process Identifier 
 (PID) of the running process.</P>
+<P>[arg2]: Handle to an Event Object to signal (this 
+is for internal use only).</P>
 <P><U>result</U> <BR>This command will give control back to the user&nbsp;after 
 the&nbsp;system breakpoint&nbsp;is reached. It will 
 set&nbsp;<U>$pid</U>&nbsp;and&nbsp;<U>$hp/$hProcess</U>&nbsp;variables.  

README.md

@@ -21,17 +21,19 @@
 calculations, it allows quick&nbsp;variable changes using a C-like syntax.</P>
 <P><STRONG>Operators</STRONG><BR>  You can use the 
 following operators in your expression. They are processed in the following order:</P>
+<P><U>0:negative</U>      
+      : Negative numbers can be prefixed by a 
+'-' sign.</P>
 <P><U>1:</U><U>brackets</U>: '(' and ')' Brackets are 
 resolved first, there is no need for a terminating bracket, unless you want to 
 use one.</P>
 <P><U>2:not</U>: '~' The not operator can be used before a 
 number of a variable, like in C.</P>
 <P><U>3:muliplication/devision</U>: '*' = regular 
-multiplication (signed/unsigned), '$' = get the higher part of the 
+multiplication (signed/unsigned), '`' = get the higher part of the 
 multiplication, '/' = regular devision (signed/unsigned, devide by zero=error) 
 and '%' = get the modulo (remainder) of the devision.</P>
-<P><U>4:addition/substraction</U>  
-: '+' and '-'</P>
+<P><U>4:addition/substraction</U>: '+' and '-'</P>
 <P><U>5:shift</U>: '&lt;' = shift left (shl for unsigned, 
 sal for signed), '&gt;' = shift right (shr for unsigned, sar for signed).</P>
 <P><U>6:and</U>: '&amp;' Just the regular AND operation like 
@@ -47,4 +49,4 @@
 can be any register, flag, variable or memory location. 'b' can be anything that is recognized as a mathmatical 
 input.</P>
 <P><U>a++/a--</U>: 'a' can be any register, flag, variable or memory 
-location.</P></BODY></HTML>
+location.</P></body>

bin/x32/BeaEngine.dll

@@ -116,4 +116,20 @@
 <STRONG>DEBUG_EVENT*</STRONG> DebugEvent;<BR>};</P>
 <P>//Called when a menu entry created by the plugin has 
 been clicked, the GUI will resume when this callback returns.<BR>struct <STRONG>PLUG_CB_MENUENTRY</STRONG><BR>{<BR>&nbsp;&nbsp;&nbsp; 
-<STRONG>int</STRONG> hEntry;<BR>};</P></body></HTML>
+<STRONG>int</STRONG> hEntry;<BR>};</P>
+<P>//Called before TranslateMessage and DispatchMessage 
+Windows functions (PreTranslateMessage). Avoid calling user32 functions without 
+precautions here, there <STRONG>will</STRONG> be a recursive call if you fail 
+to take countermeasures.<BR>struct 
+<STRONG>PLUG_CB_WINEVENT<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp; <STRONG>MSG*</STRONG> 
+message;<BR>&nbsp;&nbsp;&nbsp; <STRONG>long*</STRONG> 
+result;<BR>&nbsp;&nbsp;&nbsp; <STRONG>bool</STRONG> retval; //only set this to true, never to 
+false<BR>};</P>
+<P>//Called before TranslateMessage and DispatchMessage 
+Windows functions (PreTranslateMessage). Avoid calling user32 functions without 
+precautions here, there <STRONG>will</STRONG> be a 
+recursive call if you fail to take countermeasures. This function is global, so it also captures hotkeys 
+(see Qt documentation).<BR>struct 
+<STRONG>PLUG_CB_WINEVENTGLOBAL<BR></STRONG>{<BR>&nbsp;&nbsp;&nbsp; <STRONG>MSG*</STRONG> 
+message;<BR>&nbsp;&nbsp;&nbsp; <STRONG>bool</STRONG> retval; //only set this to true, never to 
+false<BR>};</P></body></HTML>

bin/x32/Scylla.dll

@@ -15,21 +15,13 @@
 </head>
 
 <body>
-<P class=rvps3><SPAN class=rvts10><STRONG> 
-command[,alias1,alias2]</STRONG><BR></SPAN><SPAN class=rvts9>Command description 
-here.</SPAN><SPAN class=rvts9><BR></SPAN></P>
-<P class=rvps3><SPAN class=rvts11><U>arguments</U><BR></SPAN><SPAN 
-class=rvts9>&nbsp; arg1: </SPAN><SPAN class=rvts9>Argument description.</SPAN></P>
-<P class=rvps3><SPAN class=rvts9></SPAN><SPAN class=rvts9>[arg2]: </SPAN><SPAN 
-class=rvts9></SPAN><SPAN class=rvts9>Optional argument.</SPAN></P>
-<P class=rvps3><SPAN class=rvts9></SPAN><SPAN 
-class=rvts9>[arg3]: </SPAN><SPAN class=rvts9></SPAN><SPAN class=rvts9>Another optional argument (can only be given when the 
-previous argument is also 
-given).</SPAN><SPAN class=rvts9><BR></P></SPAN>
-<P class=rvps3><SPAN class=rvts11><U>result</U><BR></SPAN><SPAN 
-class=rvts9>Description of the command result.</SPAN><SPAN 
-class=rvts9><BR></SPAN></P>
-<P class=rvps3><SPAN class=rvts12><U><STRONG>REMARK</STRONG></U></SPAN><SPAN 
-class=rvts9>: Commands cannot contain any of the following characters: "," (comma), " " (space) and 
-"\" (backslash). These characters need to be prefixed using a backslash 
-('\,').</SPAN></P></body></HTML>
+<P class=rvps3><STRONG> 
+command[,alias1,alias2]</STRONG><BR>Command description here.</P>
+<P class=rvps3><U>arguments</U><BR>&nbsp; arg1: Argument description.</P>
+<P class=rvps3>[arg2]: Optional argument.</P>
+<P class=rvps3>[arg3]: Another optional argument (can only 
+be given when the previous argument is also given).</P>
+<P class=rvps3><U>result</U><BR>Description of the command result.</P>
+<P class=rvps3><U><STRONG>REMARK</STRONG></U>: Commands cannot contain any of the 
+following characters: "," (comma), " " (space) and "\" (backslash). These 
+characters need to be prefixed using a backslash ('\,').</P></body></HTML>

bin/x32/TitanEngine.dll

@@ -0,0 +1,20 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>Data</title>
+<meta name="GENERATOR" content="WinCHM">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<style>
+html,body { 
+	/* Default Font */
+	font-family: Courier New;
+	font-size: 11pt;
+}
+</style>
+
+</head>
+
+<body>
+<P><STRONG>Data</STRONG><BR>This section contains commands 
+that are used to analyze and manipulate data.</P></body>
+</html>

bin/x32/dbghelp.dll

@@ -0,0 +1,25 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>DebugContinue/con</title>
+<meta name="GENERATOR" content="WinCHM">
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<style>
+html,body { 
+	/* Default Font */
+	font-family: Courier New;
+	font-size: 11pt;
+}
+</style>
+
+</head>
+
+
+<body>
+<P><STRONG>DebugContinue[,con]</STRONG><BR>Set debugger 
+continue status.</P>
+<P class=rvps3><U>arguments</U> <BR>[arg1]: When set, the exception will be handled by the 
+program. Otherwise the exception will be swallowed. </P>
+<P class=rvps3><U>result
+<BR></U>This command does not set any result variables.</P></body>
+</html>

bin/x32/sqlite.dll

@@ -20,4 +20,5 @@
 <P><U>arguments</U><BR>[arg1]: Name or address of the breakpoint to delete. If this argument is not specified, all breakpoints will be 
 deleted.</P>
 <P><U>result<BR></U>This command does not set any result variables.</P>
-<P>&nbsp;</P></head>
+</body>
+</html>

bin/x32/test.dll

@@ -21,3 +21,4 @@
 this argument is not specified, all hardware breakpoints will be deleted.</P>
 <P><U>result<BR></U>This command does not set any result 
 variables.</P></body>
+</html>

bin/x32/test.exe

@@ -37,3 +37,4 @@
 <BR>
 </U>This command does not set any result 
 variables.</P></body>
+</html>

bin/x64/BeaEngine.dll

@@ -20,3 +20,4 @@
 <P><U>arguments</U><BR>This command has no arguments.</P>
 <P><U>result</U> <BR>This command does not set any result 
 variables.</P></body>
+</html>