def malloc_chunk(addr):
"""
Prints out the malloc_chunk at the specified address.
"""
main_heap = pwndbg.heap.current
if not isinstance(addr, six.integer_types):
addr = int(addr)
chunk = value_from_type('struct malloc_chunk', addr)
size = int(chunk['size'])
actual_size = size & ~7
prev_inuse, is_mmapped, non_main_arena = main_heap.chunk_flags(size)
arena = None
if non_main_arena:
arena = main_heap.get_heap(addr)['ar_ptr']
fastbins = main_heap.fastbins(arena)
header = M.get(addr)
if prev_inuse:
if actual_size in fastbins:
header += yellow(' FASTBIN')
else:
header += yellow(' PREV_INUSE')
if is_mmapped:
header += yellow(' IS_MMAPED')
if non_main_arena:
header += yellow(' NON_MAIN_ARENA')
print(header, chunk)
return chunk
def malloc_chunk(addr):
"""
Prints out the malloc_chunk at the specified address.
"""
if not isinstance(addr, six.integer_types):
addr = int(addr)
chunk = value_from_type('struct malloc_chunk', addr)
size = int(chunk['size'])
prev_inuse = (size & PREV_INUSE) == 1
is_mmaped = (size & IS_MMAPED) == 1
non_main_arena = (size & NON_MAIN_ARENA) == 1
header = M.get(addr)
if prev_inuse:
header += yellow(' PREV_INUSE')
if is_mmaped:
header += yellow(' IS_MMAPED')
if non_main_arena:
header += yellow(' NON_MAIN_ARENA')
print(header)
print(chunk)
return chunk
def malloc_chunk(addr):
"""
Prints out the malloc_chunk at the specified address.
"""
if not isinstance(addr, six.integer_types):
addr = int(addr)
chunk = value_from_type('struct malloc_chunk', addr)
size = int(chunk['size'])
prev_inuse = (size & PREV_INUSE) == 1
is_mmaped = (size & IS_MMAPED) == 1
non_main_arena = (size & NON_MAIN_ARENA) == 1
header = pwndbg.color.get(addr)
if prev_inuse:
header += yellow(' PREV_INUSE')
if is_mmaped:
header += yellow(' IS_MMAPED')
if non_main_arena:
header += yellow(' NON_MAIN_ARENA')
print(header)
print(chunk)
return chunk
def largebins(addr=None, verbose=False):
"""
Prints out the contents of the large bin of the main arena or the arena
at the specified address.
"""
main_heap = pwndbg.heap.current
largebins = main_heap.largebins(addr)
if largebins is None:
return
formatted_bins = format_bin(largebins, verbose)
print(underline(yellow('largebins')))
for node in formatted_bins:
print(node)
def unsortedbin(addr=None, verbose=True):
"""
Prints out the contents of the unsorted bin of the main arena or the
arena at the specified address.
"""
main_heap = pwndbg.heap.current
unsortedbin = main_heap.unsortedbin(addr)
if unsortedbin is None:
return
formatted_bins = format_bin(unsortedbin, verbose)
print(underline(yellow('unsortedbin')))
for node in formatted_bins:
print(node)
def fastbins(addr=None, verbose=True):
"""
Prints out the contents of the fastbins of the main arena or the arena
at the specified address.
"""
main_heap = pwndbg.heap.current
fastbins = main_heap.fastbins(addr)
if fastbins is None:
return
formatted_bins = format_bin(fastbins, verbose)
print(underline(yellow('fastbins')))
for node in formatted_bins:
print(node)
def bins(addr=None):
"""
Prints out the contents of the fastbins of the main arena or the arena
at the specified address.
"""
main_arena = get_main_arena(addr)
if main_arena == None:
return
fastbins = main_arena['fastbinsY']
bins = main_arena['bins']
size_t_size = pwndbg.typeinfo.load('size_t').sizeof
num_fastbins = int(fastbins.type.sizeof / fastbins.type.target().sizeof)
num_bins = int(bins.type.sizeof / bins.type.target().sizeof)
fd_field_offset = 2 * size_t_size
print(underline(yellow('fastbins')))
for i in range(num_fastbins):
size = 2 * size_t_size * (i + 1)
chain = pwndbg.chain.format(int(fastbins[i]), offset=fd_field_offset)
print((bold(size) + ': ').ljust(13) + chain)
def bins(addr=None):
"""
Prints out the contents of the fastbins of the main arena or the arena
at the specified address.
"""
main_arena = get_main_arena(addr)
if main_arena == None:
return
fastbins = main_arena['fastbinsY']
bins = main_arena['bins']
size_t_size = pwndbg.typeinfo.load('size_t').sizeof
num_fastbins = int(fastbins.type.sizeof / fastbins.type.target().sizeof)
num_bins = int(bins.type.sizeof / bins.type.target().sizeof)
fd_field_offset = 2 * size_t_size
print(underline(yellow('fastbins')))
for i in range(num_fastbins):
size = 2 * size_t_size * (i + 1)
chain = pwndbg.chain.format(int(fastbins[i]), offset=fd_field_offset)
print((bold(size) + ': ').ljust(13) + chain)
