def invoke(self, arg, from_tty): breakpoints = arg current_pc_int = int( SysUtils.extract_address(str(gdb.parse_and_eval("$pc"))), 16) try: disas_output = gdb.execute("disas $pc-30,$pc", to_string=True) # Just before the line "End of assembler dump" last_instruction = disas_output.splitlines()[-2] previous_pc_address = SysUtils.extract_address(last_instruction) except: previous_pc_address = hex(current_pc_int) global track_watchpoint_dict try: count = track_watchpoint_dict[breakpoints][current_pc_int][0] + 1 except KeyError: if breakpoints not in track_watchpoint_dict: track_watchpoint_dict[breakpoints] = OrderedDict() count = 1 register_info = ScriptUtils.get_general_registers() register_info.update(ScriptUtils.get_flag_registers()) register_info.update(ScriptUtils.get_segment_registers()) float_info = ScriptUtils.get_float_registers() disas_info = gdb.execute("disas " + previous_pc_address + ",+40", to_string=True).replace("=>", " ") track_watchpoint_dict[breakpoints][current_pc_int] = [ count, previous_pc_address, register_info, float_info, disas_info ] track_watchpoint_file = SysUtils.get_track_watchpoint_file( pid, breakpoints) pickle.dump(track_watchpoint_dict[breakpoints], open(track_watchpoint_file, "wb"))
def invoke(self, arg, from_tty): breakpoints = arg current_pc_int = int(SysUtils.extract_address(str(gdb.parse_and_eval("$pc"))), 16) try: disas_output = gdb.execute("disas $pc-30,$pc", to_string=True) # Just before the line "End of assembler dump" last_instruction = disas_output.splitlines()[-2] previous_pc_address = SysUtils.extract_address(last_instruction) except: previous_pc_address = hex(current_pc_int) global track_watchpoint_dict try: count = track_watchpoint_dict[breakpoints][current_pc_int][0] + 1 except KeyError: if breakpoints not in track_watchpoint_dict: track_watchpoint_dict[breakpoints] = OrderedDict() count = 1 register_info = ScriptUtils.get_general_registers() register_info.update(ScriptUtils.get_flag_registers()) register_info.update(ScriptUtils.get_segment_registers()) float_info = ScriptUtils.get_float_registers() disas_info = gdb.execute("disas " + previous_pc_address + ",+40", to_string=True).replace("=>", " ") track_watchpoint_dict[breakpoints][current_pc_int] = [count, previous_pc_address, register_info, float_info, disas_info] track_watchpoint_file = SysUtils.get_track_watchpoint_file(pid, breakpoints) pickle.dump(track_watchpoint_dict[breakpoints], open(track_watchpoint_file, "wb"))
def invoke(self, arg, from_tty): arg_list = arg.split(",") breakpoint_number = arg_list.pop() register_expressions = arg_list global track_breakpoint_dict if not breakpoint_number in track_breakpoint_dict: track_breakpoint_dict[breakpoint_number] = OrderedDict() for register_expression in register_expressions: if not register_expression: continue if not register_expression in track_breakpoint_dict[ breakpoint_number]: track_breakpoint_dict[breakpoint_number][ register_expression] = OrderedDict() try: address = SysUtils.extract_address( gdb.execute("p/x " + register_expression, from_tty, to_string=True)) except: address = None if address: if address not in track_breakpoint_dict[breakpoint_number][ register_expression]: track_breakpoint_dict[breakpoint_number][ register_expression][address] = 1 else: track_breakpoint_dict[breakpoint_number][ register_expression][address] += 1 track_breakpoint_file = SysUtils.get_track_breakpoint_file( pid, breakpoint_number) pickle.dump(track_breakpoint_dict[breakpoint_number], open(track_breakpoint_file, "wb"))
def invoke(self, arg, from_tty): stack_info_list = [] if ScriptUtils.current_arch == type_defs.INFERIOR_ARCH.ARCH_64: chunk_size = 8 int_format = "Q" stack_register = "rsp" result = gdb.execute("p/x $rsp", from_tty, to_string=True) else: chunk_size = 4 int_format = "I" stack_register = "esp" result = gdb.execute("p/x $esp", from_tty, to_string=True) stack_address = int(SysUtils.extract_address(result), 16) # $6 = 0x7f0bc0b6bb40 with open(ScriptUtils.mem_file, "rb") as FILE: try: old_position = FILE.seek(stack_address) except (OSError, ValueError): send_to_pince(stack_info_list) return for index in range(int(4096 / chunk_size)): current_offset = chunk_size * index stack_indicator = hex(stack_address + current_offset ) + "(" + stack_register + "+" + hex( current_offset) + ")" try: FILE.seek(old_position) read = FILE.read(chunk_size) except (OSError, ValueError): print("Can't access the stack after address " + stack_indicator) break old_position = FILE.tell() int_addr = struct.unpack_from(int_format, read)[0] hex_repr = hex(int_addr) try: FILE.seek(int_addr) read_pointer = FILE.read(20) except (OSError, ValueError): pointer_data = "" else: result = gdb.execute("x/b " + hex_repr, to_string=True) result = common_regexes.plain_symbol.search(result) if not result: pointer_data = "(str)" + read_pointer.decode( "utf-8", "ignore") else: pointer_data = "(ptr)" + result.group(0) stack_info_list.append( [stack_indicator, hex_repr, pointer_data]) send_to_pince(stack_info_list)
def invoke(self, arg, from_tty): stacktrace_info_list = [] if ScriptUtils.current_arch == type_defs.INFERIOR_ARCH.ARCH_64: sp_register = "rsp" result = gdb.execute("p/x $rsp", from_tty, to_string=True) else: sp_register = "esp" result = gdb.execute("p/x $esp", from_tty, to_string=True) stack_pointer_int = int(SysUtils.extract_address(result), 16) # $6 = 0x7f0bc0b6bb40 result = gdb.execute("bt", from_tty, to_string=True) max_frame = common_regexes.max_frame_count.findall(result)[-1] # +1 because frame numbers start from 0 for item in range(int(max_frame) + 1): result = gdb.execute("info frame " + str(item), from_tty, to_string=True) frame_address = common_regexes.frame_address.search(result).group( 1) difference = hex(int(frame_address, 16) - stack_pointer_int) frame_address_with_difference = frame_address + "(" + sp_register + "+" + difference + ")" return_address = common_regexes.return_address.search(result) if return_address: try: result = gdb.execute("x/b " + return_address.group(1), from_tty, to_string=True) except: break return_address_with_info = common_regexes.return_address_with_info.search( result).group(1) else: return_address_with_info = "<unavailable>" stacktrace_info_list.append( [return_address_with_info, frame_address_with_difference]) send_to_pince(stacktrace_info_list)