def invoke(self, arg, from_tty): stacktrace_info_list = [] if ScriptUtils.current_arch == type_defs.INFERIOR_ARCH.ARCH_64: sp_register = "rsp" else: sp_register = "esp" stack_pointer_int = int( ScriptUtils.examine_expression("$" + sp_register).address, 16) result = gdb.execute("bt", from_tty, to_string=True) max_frame = common_regexes.max_frame_count.findall(result)[-1] # +1 because frame numbers start from 0 for item in range(int(max_frame) + 1): result = gdb.execute("info frame " + str(item), from_tty, to_string=True) frame_address = common_regexes.frame_address.search(result).group( 1) difference = hex(int(frame_address, 16) - stack_pointer_int) frame_address_with_difference = frame_address + "(" + sp_register + "+" + difference + ")" return_address = common_regexes.return_address.search(result) if return_address: return_address_with_info = ScriptUtils.examine_expression( return_address.group(1)).all else: return_address_with_info = "<unavailable>" stacktrace_info_list.append( [return_address_with_info, frame_address_with_difference]) send_to_pince(stacktrace_info_list)
def invoke(self, arg, from_tty): stack_info_list = [] if ScriptUtils.current_arch == type_defs.INFERIOR_ARCH.ARCH_64: chunk_size = 8 int_format = "Q" sp_register = "rsp" else: chunk_size = 4 int_format = "I" sp_register = "esp" sp_address = int( ScriptUtils.examine_expression("$" + sp_register).address, 16) with open(ScriptUtils.mem_file, "rb") as FILE: try: old_position = FILE.seek(sp_address) except (OSError, ValueError): send_to_pince(stack_info_list) return for index in range(int(4096 / chunk_size)): current_offset = chunk_size * index stack_indicator = hex(sp_address + current_offset ) + "(" + sp_register + "+" + hex( current_offset) + ")" try: FILE.seek(old_position) read = FILE.read(chunk_size) except (OSError, ValueError): print("Can't access the stack after address " + stack_indicator) break old_position = FILE.tell() int_addr = struct.unpack_from(int_format, read)[0] hex_repr = hex(int_addr) try: FILE.seek(int_addr) read_pointer = FILE.read(20) except (OSError, ValueError): pointer_data = "" else: symbol = ScriptUtils.examine_expression(hex_repr).symbol if not symbol: pointer_data = "(str)" + read_pointer.decode( "utf-8", "ignore") else: pointer_data = "(ptr)" + symbol stack_info_list.append( [stack_indicator, hex_repr, pointer_data]) send_to_pince(stack_info_list)
def invoke(self, arg, from_tty): searched_str, case_sensitive, enable_regex = eval(arg) if enable_regex: try: if case_sensitive: regex = re.compile(searched_str) else: regex = re.compile(searched_str, re.IGNORECASE) except Exception as e: print( "An exception occurred while trying to compile the given regex\n", str(e)) return str_dict = shelve.open(SysUtils.get_referenced_calls_file(pid), "r") returned_list = [] for index, item in enumerate(str_dict): symbol = ScriptUtils.examine_expression(item).all if not symbol: continue if enable_regex: if not regex.search(symbol): continue else: if case_sensitive: if symbol.find(searched_str) == -1: continue else: if symbol.lower().find(searched_str.lower()) == -1: continue returned_list.append((symbol, len(str_dict[item]))) str_dict.close() send_to_pince(returned_list)
def invoke(self, arg, from_tty): arg_list = arg.split(",") breakpoint_number = arg_list.pop() register_expressions = arg_list global track_breakpoint_dict if not breakpoint_number in track_breakpoint_dict: track_breakpoint_dict[breakpoint_number] = OrderedDict() for register_expression in register_expressions: if not register_expression: continue if not register_expression in track_breakpoint_dict[ breakpoint_number]: track_breakpoint_dict[breakpoint_number][ register_expression] = OrderedDict() try: address = ScriptUtils.examine_expression( register_expression).address except: address = None if address: if address not in track_breakpoint_dict[breakpoint_number][ register_expression]: track_breakpoint_dict[breakpoint_number][ register_expression][address] = 1 else: track_breakpoint_dict[breakpoint_number][ register_expression][address] += 1 track_breakpoint_file = SysUtils.get_track_breakpoint_file( pid, breakpoint_number) pickle.dump(track_breakpoint_dict[breakpoint_number], open(track_breakpoint_file, "wb"))
def invoke(self, arg, from_tty): searched_str, case_sensitive, enable_regex = eval(arg) if enable_regex: try: if case_sensitive: regex = re.compile(searched_str) else: regex = re.compile(searched_str, re.IGNORECASE) except Exception as e: print("An exception occurred while trying to compile the given regex\n", str(e)) return str_dict = shelve.open(SysUtils.get_referenced_calls_file(pid), "r") returned_list = [] for index, item in enumerate(str_dict): symbol = ScriptUtils.examine_expression(item).all if not symbol: continue if enable_regex: if not regex.search(symbol): continue else: if case_sensitive: if symbol.find(searched_str) == -1: continue else: if symbol.lower().find(searched_str.lower()) == -1: continue returned_list.append((symbol, len(str_dict[item]))) str_dict.close() send_to_pince(returned_list)
def invoke(self, arg, from_tty): data_read_list = [] contents_recv = receive_from_pince() # contents_recv format: [expression1, expression2, ...] for expression in contents_recv: result_tuple = ScriptUtils.examine_expression(expression) data_read_list.append(result_tuple) send_to_pince(data_read_list)
def invoke(self, arg, from_tty): stack_info_list = [] if ScriptUtils.current_arch == type_defs.INFERIOR_ARCH.ARCH_64: chunk_size = 8 int_format = "Q" sp_register = "rsp" else: chunk_size = 4 int_format = "I" sp_register = "esp" sp_address = int(ScriptUtils.examine_expression("$" + sp_register).address, 16) with open(ScriptUtils.mem_file, "rb") as FILE: try: old_position = FILE.seek(sp_address) except (OSError, ValueError): send_to_pince(stack_info_list) return for index in range(int(4096 / chunk_size)): current_offset = chunk_size * index stack_indicator = hex(sp_address + current_offset) + "(" + sp_register + "+" + hex(current_offset) + ")" try: FILE.seek(old_position) read = FILE.read(chunk_size) except (OSError, ValueError): print("Can't access the stack after address " + stack_indicator) break old_position = FILE.tell() int_addr = struct.unpack_from(int_format, read)[0] hex_repr = hex(int_addr) try: FILE.seek(int_addr) read_pointer = FILE.read(20) except (OSError, ValueError): pointer_data = "" else: symbol = ScriptUtils.examine_expression(hex_repr).symbol if not symbol: pointer_data = "(str)" + read_pointer.decode("utf-8", "ignore") else: pointer_data = "(ptr)" + symbol stack_info_list.append([stack_indicator, hex_repr, pointer_data]) send_to_pince(stack_info_list)
def invoke(self, arg, from_tty): stacktrace_info_list = [] if ScriptUtils.current_arch == type_defs.INFERIOR_ARCH.ARCH_64: sp_register = "rsp" else: sp_register = "esp" stack_pointer_int = int(ScriptUtils.examine_expression("$" + sp_register).address, 16) result = gdb.execute("bt", from_tty, to_string=True) max_frame = common_regexes.max_frame_count.findall(result)[-1] # +1 because frame numbers start from 0 for item in range(int(max_frame) + 1): result = gdb.execute("info frame " + str(item), from_tty, to_string=True) frame_address = common_regexes.frame_address.search(result).group(1) difference = hex(int(frame_address, 16) - stack_pointer_int) frame_address_with_difference = frame_address + "(" + sp_register + "+" + difference + ")" return_address = common_regexes.return_address.search(result) if return_address: return_address_with_info = ScriptUtils.examine_expression(return_address.group(1)).all else: return_address_with_info = "<unavailable>" stacktrace_info_list.append([return_address_with_info, frame_address_with_difference]) send_to_pince(stacktrace_info_list)
def invoke(self, arg, from_tty): return_address_list = [] result = gdb.execute("bt", from_tty, to_string=True) max_frame = common_regexes.max_frame_count.findall(result)[-1] # +1 because frame numbers start from 0 for item in range(int(max_frame) + 1): result = gdb.execute("info frame " + str(item), from_tty, to_string=True) return_address = common_regexes.return_address.search(result) if return_address: return_address_with_info = ScriptUtils.examine_expression(return_address.group(1)).all else: return_address_with_info = "<unavailable>" return_address_list.append(return_address_with_info) send_to_pince(return_address_list)
def invoke(self, arg, from_tty): return_address_list = [] result = gdb.execute("bt", from_tty, to_string=True) max_frame = common_regexes.max_frame_count.findall(result)[-1] # +1 because frame numbers start from 0 for item in range(int(max_frame) + 1): result = gdb.execute("info frame " + str(item), from_tty, to_string=True) return_address = common_regexes.return_address.search(result) if return_address: return_address_with_info = ScriptUtils.examine_expression( return_address.group(1)).all else: return_address_with_info = "<unavailable>" return_address_list.append(return_address_with_info) send_to_pince(return_address_list)
def invoke(self, arg, from_tty): arg_list = arg.split(",") breakpoint_number = arg_list.pop() register_expressions = arg_list global track_breakpoint_dict if not breakpoint_number in track_breakpoint_dict: track_breakpoint_dict[breakpoint_number] = OrderedDict() for register_expression in register_expressions: if not register_expression: continue if not register_expression in track_breakpoint_dict[breakpoint_number]: track_breakpoint_dict[breakpoint_number][register_expression] = OrderedDict() try: address = ScriptUtils.examine_expression(register_expression).address except: address = None if address: if address not in track_breakpoint_dict[breakpoint_number][register_expression]: track_breakpoint_dict[breakpoint_number][register_expression][address] = 1 else: track_breakpoint_dict[breakpoint_number][register_expression][address] += 1 track_breakpoint_file = SysUtils.get_track_breakpoint_file(pid, breakpoint_number) pickle.dump(track_breakpoint_dict[breakpoint_number], open(track_breakpoint_file, "wb"))
def invoke(self, arg, from_tty): expression, ignore_case = receive_from_pince() function_list = [] if ignore_case: gdb.execute("set case-sensitive off") else: gdb.execute("set case-sensitive on") output = gdb.execute("info functions " + expression, to_string=True).splitlines() gdb.execute("set case-sensitive auto") for line in output: non_debugging = common_regexes.info_functions_non_debugging.search( line) if non_debugging: function_list.append( (non_debugging.group(1), non_debugging.group(2))) else: defined = common_regexes.info_functions_defined.search(line) if defined: symbol = defined.group(1) function_list.append( (ScriptUtils.examine_expression("'" + symbol + "'").address, symbol)) send_to_pince(function_list)