_HEAP.getFreeLists = _HEAP_getFreeLists
def _HEAP_getFreeListsWinXP(self, mappings):
''' Understanding_the_LFH.pdf page 17 '''
freeList = []
# 128 blocks
start = ctypes.addressof(self.FreeLists) # sentinel value
logging.getLogger('listmodel').setLevel(level=logging.DEBUG)
for freeBlock in self.FreeLists._iterateList(mappings):
# try to get the size
sizeaddr = freeBlock - Config.WORDSIZE
memoryMap = utils.is_valid_address_value(sizeaddr, mappings)
if memoryMap == False:
raise ValueError('the link of this linked list has a bad value')
val = memoryMap.readWord(sizeaddr)
log.debug('\t - freeblock @%0.8x size:%d' % (freeBlock, val))
yield freeBlock
#free_chain = [freeBlock for freeBlock in self.iterateListField( mappings, 'FreeLists')]
logging.getLogger('listmodel').setLevel(level=logging.INFO)
raise StopIteration
########## _LIST_ENTRY
from haystack import listmodel
listmodel.declare_double_linked_list_type(_LIST_ENTRY, 'FLink', 'BLink')
_HEAP.getFreeLists = _HEAP_getFreeLists
def _HEAP_getFreeListsWinXP(self, mappings):
""" Understanding_the_LFH.pdf page 17 """
freeList = []
# 128 blocks
start = ctypes.addressof(self.FreeLists) # sentinel value
logging.getLogger("listmodel").setLevel(level=logging.DEBUG)
for freeBlock in self.FreeLists._iterateList(mappings):
# try to get the size
sizeaddr = freeBlock - Config.WORDSIZE
memoryMap = utils.is_valid_address_value(sizeaddr, mappings)
if memoryMap == False:
raise ValueError("the link of this linked list has a bad value")
val = memoryMap.readWord(sizeaddr)
log.debug("\t - freeblock @%0.8x size:%d" % (freeBlock, val))
yield freeBlock
# free_chain = [freeBlock for freeBlock in self.iterateListField( mappings, 'FreeLists')]
logging.getLogger("listmodel").setLevel(level=logging.INFO)
raise StopIteration
########## _LIST_ENTRY
from haystack import listmodel
listmodel.declare_double_linked_list_type(_LIST_ENTRY, "FLink", "BLink")
load mappings that contains subsegment of a heap.
Understanding_the_LFH.pdf page 18 ++
We iterate on HEAP.FreeLists to get ALL free blocks.
@returns freeblock_addr : the address of the HEAP_ENTRY (chunk header)
size : the size of the free chunk + HEAP_ENTRY header size, in blocks.
"""
# FIXME: we should use get_segmentlist to coallescce segment in one heap
# memory mapping. Not free chunks.
res = list()
for freeblock in self.iterateListField(mappings, 'FreeLists'):
if self.EncodeFlagMask:
chunk_header = HEAP_ENTRY_decode(freeblock, self)
# size = header + freespace
res.append((freeblock._orig_address_, chunk_header.Size * 8))
return res
# imported dynamically
# pylint: disable=undefined-variable
HEAP.get_freelists = HEAP_get_freelists
# def HEAP_getFreeListsWinXP(self, mappings):
# Understanding_the_LFH.pdf page 17 """
# LIST_ENTRY
from haystack import listmodel
listmodel.declare_double_linked_list_type(LIST_ENTRY, 'Flink', 'Blink')
