def main():
kernel32 = pykd.module("kernel32")
HANDLE = pykd.typeInfo("Void*")
LPCWSTR = pykd.typeInfo("WChar*")
DWORD = pykd.typeInfo("UInt4B")
LPSECURITY_ATTRIBUTES = pykd.typeInfo("Void*")
CreateFileW_Type = pykd.defineFunction(HANDLE,
pykd.callingConvention.NearStd)
CreateFileW_Type.append("lpFileName", LPCWSTR)
CreateFileW_Type.append("dwDesiredAccess", DWORD)
CreateFileW_Type.append("dwShareMode", DWORD)
CreateFileW_Type.append("lpSecurityAttributes", LPSECURITY_ATTRIBUTES)
CreateFileW_Type.append("dwCreationDisposition", DWORD)
CreateFileW_Type.append("dwFlagsAndAttributes", DWORD)
CreateFileW_Type.append("hTemplateFile", HANDLE)
CreateFileW = pykd.typedVar(CreateFileW_Type, kernel32.CreateFileW)
fileHandle = CreateFileW("C:\\temp\\testfile.txt",
GENERIC_READ | GENERIC_WRITE, 0, NULL,
CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)
print "File Handle", hex(fileHandle)
def testCtor(self):
self.assertEqual("structTest", pykd.typeInfo("structTest").name())
self.assertEqual(
"structTest",
pykd.typeInfo(target.moduleName + "!structTest").name())
self.assertEqual("structTest", pykd.typeInfo("g_structTest").name())
self.assertEqual(
"structTest",
pykd.typeInfo(target.moduleName + "!g_structTest").name())
self.assertEqual("Int1B", pykd.typeInfo("Int1B").name())
def testNamespace(self):
ti1 = pykd.typeInfo(target.moduleName, "Namespace1::Class1")
ti2 = pykd.typeInfo(target.moduleName,
"Namespace1::Namespace2::Class2")
var3 = pykd.typedVar(
ti1, pykd.getOffset(target.moduleName, "Namespace1::var3"))
var4 = pykd.typedVar(
ti1,
pykd.getOffset(target.moduleName, "Namespace1::Namespace2::var4"))
self.assertEqual(var3.m_field1, 50)
def testDeref(self):
ti = pykd.typeInfo("Int1B*")
self.assertEqual("Int1B", ti.deref().name())
ti = target.module.type("structTest*")
self.assertEqual("structTest", ti.deref().name())
ti = pykd.typeInfo("structTest[2]")
self.assertRaises(pykd.TypeException, ti.deref)
ti = target.module.type("classChild")
self.assertRaises(pykd.TypeException, ti.deref)
def testArrayOf(self):
arrayType = pykd.typeInfo("UInt8B").arrayOf(5)
arrayVar = pykd.typedVar(arrayType,
target.module.offset("ulonglongArray"))
self.assertEqual(0xFF, arrayVar[1])
self.assertEqual(0xFFFFFFFFFFFFFFFF, arrayVar[4])
arrayStructType = pykd.typeInfo("structTest").arrayOf(2)
arrayStructVar = pykd.typedVar(arrayStructType,
target.module.offset("g_testArray"))
self.assertEqual(True, arrayStructVar[0].m_field2)
self.assertEqual(1, arrayStructVar[1].m_field3)
def sizeof(type_name):
global cache_sizes
k = type_name
if k not in cache_sizes:
type_name = 'mozglue!' + type_name # speedup
cache_sizes[k] = pykd.typeInfo(type_name).size()
return cache_sizes[k]
def testPtr(self):
self.assertEqual("UInt8B*", target.module.type("pbigValue").name())
self.assertEqual("structTest*",
target.module.type("structTest*").name())
self.assertEqual("UInt2B*", pykd.typeInfo("UInt2B*").name())
self.assertEqual("Void*", target.module.type("voidPtr").name())
self.assertEqual("Void*[3]", target.module.type("voidPtrArray").name())
def sizeof(type_name):
global cache_sizes
k = type_name
if k not in cache_sizes:
type_name = 'mozglue!' + type_name # speedup
cache_sizes[k] = pykd.typeInfo(type_name).size()
return cache_sizes[k]
def offsetof(struct_name, member_name):
global cache_offsets
k = struct_name + "." + member_name
if k not in cache_offsets:
# speed up
s = 'mozglue!' + struct_name
cache_offsets[k] = pykd.typeInfo(s).fieldOffset(member_name)
return cache_offsets[k]
def testStaticField(self):
ti = pykd.typeInfo("g_classChild")
self.assertNotEqual(0, ti.staticOffset("m_staticField"))
self.assertNotEqual(0, ti.staticOffset("m_stdstr"))
if not ti.staticOffset("m_staticConst"):
self.assertFalse(
"MS DIA bug: https://connect.microsoft.com/VisualStudio/feedback/details/737430"
)
def offsetof(struct_name, member_name):
global cache_offsets
k = struct_name + "." + member_name
if k not in cache_offsets:
# speed up
s = 'mozglue!' + struct_name
cache_offsets[k] = pykd.typeInfo(s).fieldOffset(member_name)
return cache_offsets[k]
def testNestedStruct(self):
ti4 = pykd.typeInfo(target.moduleName, "Type4")
self.assertTrue(hasattr(ti4, "field1"))
self.assertTrue(hasattr(ti4, "field2"))
self.assertTrue(hasattr(ti4, "field3"))
self.assertTrue(hasattr(ti4, "field4"))
self.assertTrue(hasattr(ti4, "field4"))
self.assertTrue(hasattr(ti4.field4, "field41"))
def testSimpleStruct(self):
ti = pykd.typeInfo(target.moduleName, "Type1")
self.assertTrue(hasattr(ti, "field1"))
self.assertTrue(hasattr(ti, "field2"))
self.assertTrue(hasattr(ti, "field3"))
tv = pykd.typedVar(ti, target.module.var1)
self.assertEqual(tv.field1, -121)
self.assertEqual(tv.field2, 220)
def testCompareWihNone(self):
ti = pykd.typeInfo("UInt8B")
if ti == None:
pass
if ti != None:
pass
if not ti:
pass
if ti:
pass
def testSize(self):
ti1 = target.module.type("structTest")
self.assertEqual(16 + pykd.ptrSize(), ti1.size())
self.assertEqual(pykd.ptrSize(),
target.module.type("structTest**").size())
self.assertEqual(pykd.sizeof("structTest"),
target.module.type("structTest").size())
self.assertEqual(pykd.sizeof("structTest**"),
target.module.type("structTest**").size())
self.assertEqual(pykd.sizeof("Int1B"), pykd.typeInfo("Int1B").size())
def testPtrTo(self):
tvBaseType = pykd.typedVar(
pykd.typeInfo("UInt8B").ptrTo(),
target.module.offset("g_pUlonglongValue"))
self.assertEqual(target.module.typedVar("g_ulonglongValue"),
tvBaseType.deref())
tvDiaStruct = pykd.typedVar(
target.module.type("structTest").ptrTo(),
target.module.offset("g_structTestPtr"))
self.assertEqual(500, tvDiaStruct.deref().m_field1)
customStructTest = pykd.typeBuilder().createStruct(
"customStructTest", 4)
customStructTest.append("m_field0", pykd.typeInfo("UInt4B"))
customStructTest.append("m_field1", pykd.typeInfo("UInt8B"))
tvCustomStruct = pykd.typedVar(customStructTest.ptrTo(),
target.module.offset("g_structTestPtr"))
self.assertEqual(500, tvCustomStruct.deref().m_field1)
def testCreateByName(self):
""" creating typeInfo by the type name """
self.assertEqual("Int4B*", target.module.type("Int4B*").name())
self.assertEqual("structTest", target.module.type("structTest").name())
self.assertEqual("structTest**",
target.module.type("structTest**").name())
self.assertEqual("Int4B[2][3]",
target.module.type("Int4B[2][3]").name())
self.assertEqual("Int4B(*[4])[2][3]",
target.module.type("Int4B(*[4])[2][3]").name())
self.assertEqual("Int4B(*)[2][3]",
target.module.type("Int4B((*))[2][3]").name())
self.assertEqual("Int4B*", pykd.typeInfo("Int4B*").name())
def testPtrTo(self):
tvBaseType = pykd.typedVar(
pykd.typeInfo("UInt8B").ptrTo(), target.module.offset("pbigValue"))
self.assertEqual(target.module.typedVar("bigValue"),
tvBaseType.deref())
tvDiaStruct = pykd.typedVar(
target.module.type("structTest").ptrTo(),
target.module.offset("g_structTestPtr"))
self.assertEqual(500, tvDiaStruct.deref().m_field1)
customStructTest = pykd.createStruct(name="customStructTest", align=4)
customStructTest.append("m_field0", pykd.baseTypes.UInt4B)
customStructTest.append("m_field1", pykd.baseTypes.UInt8B)
tvCustomStruct = pykd.typedVar(customStructTest.ptrTo(),
target.module.offset("g_structTestPtr"))
self.assertEqual(500, tvCustomStruct.deref().m_field1)
def sizeof(type_name):
return pykd.typeInfo(type_name).size()
def offsetof(struct_name, member_name):
return pykd.typeInfo(struct_name).fieldOffset(member_name)
def testBaseTypes(self):
self.assertEqual("Int1B", pykd.typeInfo("Int1B").name())
self.assertEqual("Int2B", pykd.typeInfo("Int2B").name())
self.assertEqual("Int4B", pykd.typeInfo("Int4B").name())
self.assertEqual("Int8B", pykd.typeInfo("Int8B").name())
self.assertEqual("UInt1B", pykd.typeInfo("UInt1B").name())
self.assertEqual("UInt2B", pykd.typeInfo("UInt2B").name())
self.assertEqual("UInt4B", pykd.typeInfo("UInt4B").name())
self.assertEqual("UInt8B", pykd.typeInfo("UInt8B").name())
self.assertEqual("Long", pykd.typeInfo("Long").name())
self.assertEqual("ULong", pykd.typeInfo("ULong").name())
self.assertEqual("Bool", pykd.typeInfo("Bool").name())
self.assertEqual("Char", pykd.typeInfo("Char").name())
self.assertEqual("WChar", pykd.typeInfo("WChar").name())
self.assertEqual(1, pykd.typeInfo("Int1B").size())
self.assertEqual(1, pykd.typeInfo("UInt1B").size())
self.assertEqual(2, pykd.typeInfo("Int2B").size())
self.assertEqual(2, pykd.typeInfo("UInt2B").size())
self.assertEqual(4, pykd.typeInfo("Int4B").size())
self.assertEqual(4, pykd.typeInfo("UInt4B").size())
self.assertEqual(8, pykd.typeInfo("Int8B").size())
self.assertEqual(8, pykd.typeInfo("UInt8B").size())
self.assertEqual(4, pykd.typeInfo("Long").size())
self.assertEqual(4, pykd.typeInfo("ULong").size())
self.assertEqual(1, pykd.typeInfo("Bool").size())
self.assertEqual(1, pykd.typeInfo("Char").size())
self.assertEqual(2, pykd.typeInfo("WChar").size())
try:
self.assertEqual("Int9B", pykd.typeInfo("Int9B").name())
except pykd.SymbolException:
pass
def testUdtSubscribe(self):
ti = pykd.typeInfo("g_virtChild")
self.assertEqual(6, len(ti))
for field in ti:
str(field)
def sizeof(type_name):
return pykd.typeInfo(type_name).size()
def testTypedef(self):
self.assertEqual("structTest", pykd.typeInfo("g_structTypeDef").name())
self.assertEqual("structTest",
pykd.typeInfo("structTestTypeDef").name())
def offsetof(struct_name, member_name):
return pykd.typeInfo(struct_name).fieldOffset(member_name)
def testBaseTypePtr(self):
self.assertEqual("Int1B*", pykd.typeInfo("Int1B*").name())
self.assertEqual("Int1B", pykd.typeInfo("Int1B*").deref().name())
def testEnumField(self):
ti = pykd.typeInfo(target.moduleName, "Type2")
self.assertEqual(hasattr(ti, "field1"), True)
tv = pykd.typedVar(ti, target.module.var2)
self.assertEqual(tv.field1, 100)
def testEnumSubscribe(self):
ti = pykd.typeInfo("enumType")
self.assertEqual(3, len(ti))
self.assertEqual([1, 2, 3], [int(field) for field in ti])
self.assertEqual([("ONE", 1), ("TWO", 2), ("THREE", 3)], ti.fields())
def testTemplates(self):
ti3 = pykd.typeInfo(target.moduleName, "Namespace3::Class3<int>")
var5 = pykd.typedVar(
ti3, pykd.getOffset(target.moduleName, "Namespace3::var5"))
self.assertEqual(var5.m_field1, 5)
def testPtrTo(self):
ti = pykd.typeInfo("UInt8B").ptrTo()
self.assertTrue("UInt8B*", ti.name())
self.assertNotEqual(0, ti.size())
def testArrayOf(self):
ti = pykd.typeInfo("UInt8B").arrayOf(10)
self.assertTrue("UInt8B[10]", ti.name())
def testBaseTypeArray(self):
self.assertEqual("Int4B[20]", pykd.typeInfo("Int4B[20]").name())
if __name__ == "__main__":
if len( sys.argv ) < 2:
printUsage()
quit(0)
showAll = False
args = sys.argv
if '-a' in args:
args.remove('-a')
showAll = True
items = getAVLTable( addr64( expr( sys.argv[1] ) ) )
if showAll:
if len( sys.argv ) == 2:
dprintln( "\n".join( [ "<link cmd=\"db 0x%x\">db 0x%x</link>" % ( entry, entry ) for entry in items ] ), True )
else:
ti = typeInfo(sys.argv[2])
dprintln( "\n".join( [ "<link cmd=\"dt %s 0x%x\">dt %s</link>\n%s" % ( sys.argv[2], entry, sys.argv[2], typedVar(ti, entry) ) for entry in items ] ), True )
else:
if len( sys.argv ) == 2:
dprintln( "\n".join( [ "<link cmd=\"db 0x%x\">db 0x%x</link>" % ( entry, entry ) for entry in items ] ), True )
else:
dprintln( "\n".join( [ "<link cmd=\"dt %s 0x%x\">dt %s</link>" % ( sys.argv[2], entry, sys.argv[2] ) for entry in items ] ), True )
def testVfnTable(self):
ti = pykd.typeInfo("g_classChild")
self.assertTrue(hasattr(ti, "__VFN_table"))