#include "remods.h"
#include "precomp.h"
#include "stab_gnu.h"
#include <ntdll/ldr.h>
#include <ntdll/rtl.h>
#include <internal/ps.h>
#include <internal/ob.h>
#include <internal/module.h>
#include <debug.h>

Include dependency graph for symbols.c:

Classes
struct	_VRET

Macros
#define	NDEBUG

Typedefs
typedef struct _VRET	VRET

typedef struct _VRET *	PVRET

Functions
BOOLEAN	Expression (PVRET pvr)

PVOID	HEADER_TO_BODY (POBJECT_HEADER obj)

POBJECT_HEADER	BODY_TO_HEADER (PVOID body)

VOID	FreeModuleList (PDEBUG_MODULE pm)

BOOLEAN	InitModuleList (PDEBUG_MODULE *ppmodule, ULONG len)

BOOLEAN	ListUserModules (PPEB peb)

POBJECT	FindDriverObjectDirectory (void)

BOOLEAN	ListDriverModules (void)

BOOLEAN	BuildModuleList (void)

PDEBUG_MODULE	IsModuleLoaded (LPSTR p)

BOOLEAN	ScanExports (const char *pFind, PULONG pValue)

BOOLEAN	ReadHex (LPSTR p, PULONG pValue)

BOOLEAN	ScanExportLine (LPSTR p, PULONG ulValue, LPSTR *ppPtrToSymbol)

BOOLEAN	ValidityCheckSymbols (PICE_SYMBOLFILE_HEADER *pSymbols)

PICE_SYMBOLFILE_HEADER *	FindModuleSymbols (ULONG addr)

PDEBUG_MODULE	FindModuleFromAddress (ULONG addr)

PDEBUG_MODULE	FindModuleByName (LPSTR modname)

PICE_SYMBOLFILE_HEADER *	FindModuleSymbolsByModuleName (LPSTR modname)

BOOLEAN	ScanExportsByAddress (LPSTR *pFind, ULONG ulValue)

LPSTR	FindFunctionByAddress (ULONG ulValue, PULONG pulstart, PULONG pulend)

ULONG	FindFunctionInModuleByName (LPSTR szFunctionname, PDEBUG_MODULE pd)

ULONG	ExtractTypeNumber (LPSTR p)

LPSTR	FindTypeDefinitionForCombinedTypes (PICE_SYMBOLFILE_HEADER *pSymbols, ULONG ulTypeNumber, ULONG ulFileNumber)

LPSTR	FindTypeDefinition (PICE_SYMBOLFILE_HEADER *pSymbols, ULONG ulTypeNumber, ULONG ulFileNumber)

LPSTR	TruncateString (LPSTR p, char c)

PLOCAL_VARIABLE	FindLocalsByAddress (ULONG addr)

LPSTR	FindSourceLineForAddress (ULONG addr, PULONG pulLineNumber, LPSTR ppSrcStart, LPSTR ppSrcEnd, LPSTR *ppFilename)

BOOLEAN	FindAddressForSourceLine (ULONG ulLineNumber, LPSTR pFilename, PDEBUG_MODULE pMod, PULONG pValue)

ULONG	ListSymbolStartingAt (PDEBUG_MODULE pMod, PICE_SYMBOLFILE_HEADER *pSymbols, ULONG index, LPSTR pOutput)

BOOLEAN	SanityCheckExports (void)

BOOLEAN	LoadExports (void)

void	UnloadExports (void)

PICE_SYMBOLFILE_HEADER *	LoadSymbols (LPSTR filename)

BOOLEAN	ReloadSymbols (void)

void	UnloadSymbols ()

BOOLEAN	LoadSymbolsFromConfig (BOOLEAN bIgnoreBootParams)

void	SkipSpaces (void)

BOOLEAN	FindGlobalStabSymbol (LPSTR pExpression, PULONG pValue, PULONG pulTypeNumber, PULONG pulFileNumber)

void	ExtractToken (LPSTR pStringToken)

LPSTR	ExtractTypeName (LPSTR p)

LONG	ExtractNumber (LPSTR p)

BOOLEAN	ExtractArray (PVRET pvr, LPSTR p)

PVRET	ExtractStructMembers (PVRET pvr, LPSTR p)

BOOLEAN	EvaluateSymbol (PVRET pvr, LPSTR pToken)

BOOLEAN	Symbol (PVRET pvr)

void	Evaluate (PICE_SYMBOLFILE_HEADER *pSymbols, LPSTR p)

Variables
PVOID	pExports =0

ULONG	ulExportLen =0

LOCAL_VARIABLE	local_vars [512]

PICE_SYMBOLFILE_HEADER *	apSymbols [32] ={NULL,}

ULONG	ulNumSymbolsLoaded =0

ULONG	kernel_end =0

char	tempSym [1024]

PULONG	LocalRegs []

ULONG	ulIndex

LPSTR	pExpression

VRET	vr

VRET	vrStructMembers [1024]

ULONG	ulNumStructMembers

LIST_ENTRY *	pModuleListHead = NULL

PDIRECTORY_OBJECT *	pNameSpaceRoot

PDEBUG_MODULE	pdebug_module_tail

PDEBUG_MODULE	pdebug_module_head

Macro Definition Documentation

◆ NDEBUG

#define NDEBUG

Definition at line 44 of file symbols.c.

Typedef Documentation

◆ PVRET

typedef struct _VRET* PVRET

◆ VRET

typedef struct _VRET VRET

Function Documentation

◆ BODY_TO_HEADER()

POBJECT_HEADER BODY_TO_HEADER ( PVOID body )

Definition at line 111 of file symbols.c.

 {
    PCOMMON_BODY_HEADER chdr = (PCOMMON_BODY_HEADER)body;
    return(CONTAINING_RECORD((&(chdr->Type)),OBJECT_HEADER,Type));
 }

◆ BuildModuleList()

BOOLEAN BuildModuleList ( void )

Definition at line 266 of file symbols.c.

 {
     PPEB peb;
     PEPROCESS tsk;
     ENTER_FUNC();
 
     pdebug_module_tail = pdebug_module_head;
     tsk = IoGetCurrentProcess();
     ASSERT(IsAddressValid((ULONG)tsk));
     if( tsk  ){
         peb = tsk->Peb;
         if( peb ){
             if( !ListUserModules( peb ) ){
                 LEAVE_FUNC();
                 return FALSE;
             }
         }
     }
     if( !ListDriverModules() ){
         LEAVE_FUNC();
         return FALSE;
     }
     LEAVE_FUNC();
     return TRUE;
 }

Referenced by COMMAND_PROTOTYPE(), FindModuleByName(), FindModuleFromAddress(), FindModuleSymbols(), IsModuleLoaded(), and ScanExportsByAddress().

◆ Evaluate()

void Evaluate	(	PICE_SYMBOLFILE_HEADER *	pSymbols,
		LPSTR	p
	)

Definition at line 2918 of file symbols.c.

 {
     ULONG i;
 
     PICE_memset(&vr,0,sizeof(vr));
     vr.pSymbols = pSymbols;
 
     pExpression = p;
     ulIndex=0;
     ulNumStructMembers=0;
     if(Expression(&vr))
     {
         DPRINT((1,"\nOK!\n"));
         DPRINT((1,"value = %x type = %x\n",vr.value,vr.type));
         if(vr.bStructType)
         {
             PICE_sprintf(tempSym,"struct %s %s @ %x\n",vr.type_name,p,vr.address);
             Print(OUTPUT_WINDOW,tempSym);
             for(i=0;i<ulNumStructMembers;i++)
             {
                 if(vrStructMembers[i].bArrayType)
                 {
                     PICE_sprintf(tempSym,"[%.8X %.8X] %s %s[%u]\n",
                             vrStructMembers[i].address,
                             vrStructMembers[i].size/8,
                             vrStructMembers[i].type_name,
                             vrStructMembers[i].name,
                             vrStructMembers[i].size/8);
                 }
                 else if(vrStructMembers[i].bPtrType)
                 {
                     PICE_sprintf(tempSym,"[%.8X %.8X] %s* %s -> %x (%u)\n",
                             vrStructMembers[i].address,
                             vrStructMembers[i].size/8,
                             vrStructMembers[i].type_name,
                             vrStructMembers[i].name,
                             vrStructMembers[i].value,
                             vrStructMembers[i].value);
                 }
                 else
                 {
                     PICE_sprintf(tempSym,"[%.8X %.8X] %s %s = %x (%u)\n",
                             vrStructMembers[i].address,
                             vrStructMembers[i].size/8,
                             vrStructMembers[i].type_name,
                             vrStructMembers[i].name,
                             vrStructMembers[i].value,
                             vrStructMembers[i].value);
                 }
                 Print(OUTPUT_WINDOW,tempSym);
             }
         }
         else if(vr.bArrayType)
         {
             Print(OUTPUT_WINDOW,"array\n");
         }
         else
         {
             PICE_sprintf(tempSym,"%s %s @ %x = %x (%u)\n",vr.type_name,p,vr.address,vr.value,vr.value);
             Print(OUTPUT_WINDOW,tempSym);
         }
     }
     else
     {
         DPRINT((1,"\nERROR: code %x\n",vr.error));
     }
 }

Referenced by COMMAND_PROTOTYPE(), and DECLARE_INTERFACE_().

◆ EvaluateSymbol()

BOOLEAN EvaluateSymbol	(	PVRET	pvr,
		LPSTR	pToken
	)

Definition at line 2673 of file symbols.c.

 {
     LPSTR pTypeDef,pTypeName,pTypeBase,pSemiColon,pStructMembers;
     BOOLEAN bDone = FALSE;
     ULONG ulType,ulBits,ulBytes;
     LONG lLowerRange,lUpperRange,lDelta;
     static char type_def[2048];
 
     DPRINT((1,"EvaluateSymbol(%s)\n",pToken));
 
     if(FindGlobalStabSymbol(pToken,&pvr->value,&pvr->type,&pvr->file))
     {
         DPRINT((1,"EvaluateSymbol(%s) pvr->value = %x pvr->type = %x\n",pToken,pvr->value,pvr->type));
         while(!bDone)
         {
             if(!(pTypeDef = FindTypeDefinition(pvr->pSymbols,pvr->type,pvr->file)))
                 break;
             PICE_strcpy(type_def,pTypeDef);
 
             pTypeDef = type_def;
 
             pTypeName = ExtractTypeName(pTypeDef);
 
             DPRINT((1,"%s %s\n",pTypeName,pToken));
 
             PICE_strcpy(pvr->type_name,pTypeName);
 
             pTypeBase = PICE_strchr(pTypeDef,'=');
 
             if(!pTypeBase)
                 return FALSE;
 
             pTypeBase++;
 
             switch(*pTypeBase)
             {
                 case '(': // type reference
                     ulType = ExtractTypeNumber(pTypeBase);
                     DPRINT((1,"%x is a type reference to %x\n",pvr->type,ulType));
                     pvr->type = ulType;
                     break;
                 case 'r': // subrange
                     pTypeBase++;
                     ulType = ExtractTypeNumber(pTypeBase);
                     DPRINT((1,"%x is sub range of %x\n",pvr->type,ulType));
                     if(pvr->type == ulType)
                     {
                         DPRINT((1,"%x is a self reference\n",pvr->type));
                         pSemiColon = PICE_strchr(pTypeBase,';');
                         pSemiColon++;
                         lLowerRange = ExtractNumber(pSemiColon);
                         pSemiColon = PICE_strchr(pSemiColon,';');
                         pSemiColon++;
                         lUpperRange = ExtractNumber(pSemiColon);
                         lDelta = lUpperRange-lLowerRange;
                         DPRINT((1,"bounds %x-%x range %x\n",lLowerRange,lUpperRange,lDelta));
                         ulBits=0;
                         do
                         {
                             ulBits++;
                             lDelta /= 2;
                         }while(lDelta);
                         ulBytes = (ulBits+1)/8;
                         if(!ulBytes)
                             ulBytes = 4;
                         DPRINT((1,"# of bytes = %x\n",ulBytes));
                         pvr->address = pvr->value;
                         if(IsRangeValid(pvr->value,ulBytes))
                         {
                             switch(ulBytes)
                             {
                                 case 1:
                                     pvr->value = *(PUCHAR)pvr->value;
                                     break;
                                 case 2:
                                     pvr->value = *(PUSHORT)pvr->value;
                                     break;
                                 case 4:
                                     pvr->value = *(PULONG)pvr->value;
                                     break;
                             }
                         }
                         bDone=TRUE;
                     }
                     else
                         pvr->type = ulType;
                     break;
                 case 'a': // array type
                     DPRINT((1,"%x array\n",pvr->type));
                     pTypeBase++;
                     if(!ExtractArray(pvr,pTypeBase))
                     {
                         bDone = TRUE;
                         pvr->error = 1;
                     }
                     break;
                 case '*': // ptr type
                     DPRINT((1,"%x is ptr to\n",pvr->type));
                     bDone = TRUE; // meanwhile
                     break;
                 case 's': // struct type [name:T(#,#)=s#membername1:(#,#),#,#;membername1:(#,#),#,#;;]
                     // go past 's'
                     pTypeBase++;
 
                     // extract the the struct size
                     lLowerRange = ExtractNumber(pTypeBase);
                     DPRINT((1,"%x struct size = %x\n",pvr->type,lLowerRange));
 
                     // skip over the digits
                     while(PICE_isdigit(*pTypeBase))
                         pTypeBase++;
 
                     // the structs address is is value
                     pvr->address = pvr->value;
                     pvr->bStructType = TRUE;
 
                     // decode the struct members. pStructMembers now points to first member name
                     pStructMembers = pTypeBase;
 
                     while(pStructMembers && *pStructMembers && *pStructMembers!=';' && ulNumStructMembers<DIM(vrStructMembers))
                     {
                         DPRINT((1,"EvaluateSymbol(): member #%u\n",ulNumStructMembers));
                         // put this into our array
                         vrStructMembers[ulNumStructMembers] = *ExtractStructMembers(pvr,pStructMembers);
 
                         if(!PICE_strlen(vrStructMembers[ulNumStructMembers].type_name))
                         {
                             ULONG i;
                             PVRET pvrThis = &vrStructMembers[ulNumStructMembers];
 
                             DPRINT((1,"EvaluateSymbol(): no type name\n"));
                             for(i=0;i<ulNumStructMembers;i++)
                             {
                                 DPRINT((1,"EvaluateSymbol(): vr[i].type_name = %s\n",vrStructMembers[i].type_name));
                                 DPRINT((1,"EvaluateSymbol(): vr[i].name = %s\n",vrStructMembers[i].name));
                                 DPRINT((1,"EvaluateSymbol(): vr[i].address = %.8X\n",vrStructMembers[i].address));
                                 DPRINT((1,"EvaluateSymbol(): vr[i].value = %.8X\n",vrStructMembers[i].value));
                                 DPRINT((1,"EvaluateSymbol(): vr[i].size = %.8X\n",vrStructMembers[i].size));
                                 DPRINT((1,"EvaluateSymbol(): vr[i].type = %.8X\n",vrStructMembers[i].type));
                                 if(pvrThis->type == vrStructMembers[i].type)
                                 {
                                     PICE_strcpy(pvrThis->type_name,vrStructMembers[i].type_name);
                                     pvrThis->bArrayType = vrStructMembers[i].bArrayType;
                                     pvrThis->bPtrType = vrStructMembers[i].bPtrType;
                                     pvrThis->bStructType = vrStructMembers[i].bStructType;
                                     break;
                                 }
                             }
                         }
 
                         DPRINT((1,"EvaluateSymbol(): vr.type_name = %s\n",vrStructMembers[ulNumStructMembers].type_name));
                         DPRINT((1,"EvaluateSymbol(): vr.name = %s\n",vrStructMembers[ulNumStructMembers].name));
                         DPRINT((1,"EvaluateSymbol(): vr.address = %.8X\n",vrStructMembers[ulNumStructMembers].address));
                         DPRINT((1,"EvaluateSymbol(): vr.value = %.8X\n",vrStructMembers[ulNumStructMembers].value));
                         DPRINT((1,"EvaluateSymbol(): vr.size = %.8X\n",vrStructMembers[ulNumStructMembers].size));
                         DPRINT((1,"EvaluateSymbol(): vr.type = %.8X\n",vrStructMembers[ulNumStructMembers].type));
 
                         ulNumStructMembers++;
 
                         // skip to next ':'
                         pStructMembers = PICE_strchr(pStructMembers,';');
                         pStructMembers = PICE_strchr(pStructMembers,':');
                         if(pStructMembers)
                         {
                             DPRINT((1,"EvaluateSymbol(): ptr is now %s\n",pStructMembers));
                             // go back to where member name starts
                             while(*pStructMembers!=';')
                                 pStructMembers--;
                             // if ';' present, go to next char
                             if(pStructMembers)
                                 pStructMembers++;
                         }
                     }
 
                     bDone = TRUE; // meanwhile
                     break;
                 case 'u': // union type
                     DPRINT((1,"%x union\n",pvr->type));
                     bDone = TRUE; // meanwhile
                     break;
                 case 'e': // enum type
                     DPRINT((1,"%x enum\n",pvr->type));
                     bDone = TRUE; // meanwhile
                     break;
                 default:
                     DPRINT((1,"DEFAULT %x, base: %c\n",pvr->type, *pTypeBase));
             pvr->address = pvr->value;
             if(IsRangeValid(pvr->value,ulBytes))
               {
             switch(ulBytes)
               {
               case 1:
                 pvr->value = *(PUCHAR)pvr->value;
                 break;
               case 2:
                 pvr->value = *(PUSHORT)pvr->value;
                 break;
               case 4:
                 pvr->value = *(PULONG)pvr->value;
                 break;
               }
               }
                     bDone = TRUE;
                     break;
             }
 
         }
         return TRUE;
     }
     return FALSE;
 }

Referenced by Symbol().

◆ Expression()

BOOLEAN Expression ( PVRET pvr )

Definition at line 2906 of file symbols.c.

 {
     if(!Symbol(pvr))
         return FALSE;
 
     return TRUE;
 }

Referenced by Evaluate().

◆ ExtractArray()

BOOLEAN ExtractArray	(	PVRET	pvr,
		LPSTR	p
	)

Definition at line 2491 of file symbols.c.

 {
     ULONG index_typenumber,type_number;
     ULONG lower_bound,upper_bound;
     LPSTR pTypeDef;
 
     DPRINT((1,"ExtractArray(%s)\n",p));
 
     // index-type index-type-number;lower;upper;element-type-number
     pvr->bArrayType = TRUE;
     p++;
     index_typenumber = ExtractTypeNumber(p);
     p = PICE_strchr(p,';');
     if(p)
     {
         p++;
         lower_bound = ExtractNumber(p);
         p = PICE_strchr(p,';');
         if(p)
         {
             p++;
 
             upper_bound = ExtractNumber(p);
             p = PICE_strchr(p,';');
             if(p)
             {
                 p++;
 
                 type_number = ExtractTypeNumber(p);
 
                 DPRINT((1,"ExtractArray(): %x %x %x %x\n",index_typenumber,lower_bound,upper_bound,type_number));
 
                 pTypeDef = FindTypeDefinition(pvr->pSymbols,type_number,pvr->file);
                 if(pTypeDef)
                 {
                     PICE_strcpy(pvr->type_name,ExtractTypeName(pTypeDef));
                     pvr->type = type_number;
                     return TRUE;
                 }
             }
         }
     }
     return FALSE;
 }

Referenced by EvaluateSymbol().

◆ ExtractNumber()

LONG ExtractNumber ( LPSTR p )

Definition at line 2436 of file symbols.c.

 {
     LONG lMinus = 1,lBase;
     ULONG lNumber = 0;
 
     DPRINT((0,"ExtractNumber(): %s\n",p));
 
     if(!IsAddressValid((ULONG)p) )
     {
         DPRINT((1,"ExtractNumber(): [1] invalid page %x hit!\n",p));
         return 0;
     }
 
     if(*p == '-')
     {
         lMinus = -1;
         p++;
     }
 
     if(!IsAddressValid((ULONG)p) )
     {
         DPRINT((1,"ExtractNumber(): [2] invalid page %x hit!\n",p));
         return 0;
     }
 
     if(*p != '0') // non-octal -> decimal number
         lBase = 10;
     else
         lBase = 8;
 
     if(!IsAddressValid((ULONG)p) )
     {
         DPRINT((1,"ExtractNumber(): [3] invalid page %x hit!\n",p));
         return 0;
     }
 
     while(PICE_isdigit(*p))
     {
         lNumber *= lBase;
         lNumber += *p-'0';
         p++;
         if(!IsAddressValid((ULONG)p) )
         {
             DPRINT((1,"ExtractNumber(): [4] invalid page %x hit!\n",p));
             return 0;
         }
     }
 
     return (lNumber*lMinus);
 }

Referenced by ConvertTokenToLineNumber(), EvaluateSymbol(), ExtractArray(), ExtractStructMembers(), and ExtractTypeNumber().

◆ ExtractStructMembers()

PVRET ExtractStructMembers	(	PVRET	pvr,
		LPSTR	p
	)

Definition at line 2540 of file symbols.c.

 {
     ULONG len;
     static char member_name[128];
     LONG bit_offset,bit_size,type_number,byte_size;
     static VRET vr;
     LPSTR pTypeDef,pEqual;
 
     DPRINT((1,"ExtractStructMembers(): %s\n",p));
 
     PICE_memset(&vr,0,sizeof(vr));
 
     // name:type-number,bit-offset,bit-size
     len=StrLenUpToWhiteChar(p,":");
     if(len)
     {
         // extract member name
         PICE_strncpy(member_name,p,len);
         member_name[len]=0;
         DPRINT((1,"ExtractStructMembers(): member_name = %s\n",member_name));
 
         // go to char following ':'
         p += (len+1);
         if(IsAddressValid((ULONG)p) )
         {
             type_number = ExtractTypeNumber(p);
             DPRINT((1,"ExtractStructMembers(): type_number = %x\n",type_number));
 
             vr.type = type_number;
 
             pEqual = PICE_strchr(p,')');
             // see if it includes type def
             if(pEqual)
             {
                 p = pEqual+1;
                 if(*p == '=')
                 {
                     p++;
                     if(*p == 'a')
                     {
                         DPRINT((1,"ExtractStructMembers(): member is array\n"));
                         vr.bArrayType = TRUE;
                         p = PICE_strchr(p,';');
                         p = PICE_strchr(p,';');
                         p = PICE_strchr(p,';');
                         if(p)
                             p++;
 
                         type_number = ExtractTypeNumber(p);
                         vr.father_type = type_number;
                     }
                     else if(*p == '*')
                     {
                         DPRINT((1,"ExtractStructMembers(): member is ptr\n"));
                         vr.bPtrType = TRUE;
                         type_number = ExtractTypeNumber(p);
                         DPRINT((1,"ExtractStructMembers(): type_number = %x\n",type_number));
                         vr.father_type = type_number;
                     }
                     else if(*p == 'u')
                     {
                         DPRINT((1,"ExtractStructMembers(): member is union\n"));
                         while(*p!=';' && *(p+1)!=';' && *p!=0)p++;
                     }
                 }
             }
 
             p = PICE_strchr(p,',');
             if(p)
             {
                 p++;
                 bit_offset = ExtractNumber(p);
                 DPRINT((1,"ExtractStructMembers(): bit_offset = %x\n",bit_offset));
                 p = PICE_strchr(p,',');
                 if(p)
                 {
                     p++;
 
                     bit_size = ExtractNumber(p);
                     DPRINT((1,"ExtractStructMembers(): bit_size = %x\n",bit_size));
 
                     vr.address = pvr->value + bit_offset/8;
                     vr.file = pvr->file;
                     vr.size = bit_size;
                     PICE_strcpy(vr.name,member_name);
                     byte_size = (bit_size+1)/8;
                     if(!byte_size)
                         byte_size = 4;
                     pvr->address = pvr->value;
                     if(IsRangeValid(vr.address,byte_size))
                     {
                         switch(byte_size)
                         {
                             case 1:
                                 vr.value = *(PUCHAR)vr.address;
                                 break;
                             case 2:
                                 vr.value = *(PUSHORT)vr.address;
                                 break;
                             case 4:
                                 vr.value = *(PULONG)vr.address;
                                 break;
                         }
                     }
 
                     DPRINT((1,"ExtractStructMembers(): member %s type %x bit_offset %x bit_size%x\n",member_name,type_number,bit_offset,bit_size));
 
                     pTypeDef = FindTypeDefinition(pvr->pSymbols,type_number,pvr->file);
                     if(pTypeDef)
                     {
                         DPRINT((1,"ExtractStructMembers(): pTypedef= %s\n",pTypeDef));
                         PICE_strcpy(vr.type_name,ExtractTypeName(pTypeDef));
                         pTypeDef = PICE_strchr(pTypeDef,':');
                         if(pTypeDef)
                         {
                             pTypeDef++;
                             type_number = ExtractTypeNumber(pTypeDef);
                             DPRINT((1,"ExtractStructMembers(): type_number = %x\n",type_number));
                             vr.father_type = type_number;
                         }
                     }
                 }
             }
         }
     }
 
     return &vr;
 }

Referenced by EvaluateSymbol().

◆ ExtractToken()

void ExtractToken ( LPSTR pStringToken )

Definition at line 2399 of file symbols.c.

 {
     while(PICE_isalpha(pExpression[ulIndex]) || PICE_isdigit(pExpression[ulIndex]) || pExpression[ulIndex]=='_')
     {
         *pStringToken++=pExpression[ulIndex++];
         *pStringToken=0;
     }
 }

Referenced by Symbol().

◆ ExtractTypeName()

LPSTR ExtractTypeName ( LPSTR p )

Definition at line 2412 of file symbols.c.

 {
     static char temp[1024];
     ULONG i;
 
     DPRINT((1,"ExtractTypeName(%s)\n",p));
 
     for(i=0;IsAddressValid((ULONG)p) && *p!=0 && *p!=':';i++,p++)
         temp[i] = *p;
 
     if(!IsAddressValid((ULONG)p) )
     {
         DPRINT((1,"hit invalid page %x!\n",(ULONG)p));
     }
 
     temp[i]=0;
 
     return temp;
 }

Referenced by EvaluateSymbol(), ExtractArray(), and ExtractStructMembers().

◆ ExtractTypeNumber()

ULONG ExtractTypeNumber ( LPSTR p )

Definition at line 1030 of file symbols.c.

 {
     LPSTR pTypeNumber;
     ULONG ulTypeNumber = 0;
 
     DPRINT((0,"ExtractTypeNumber(%s)\n",p));
 
     pTypeNumber = PICE_strchr(p,'(');
 
     if(pTypeNumber)
     {
         pTypeNumber++;
         ulTypeNumber = ExtractNumber(pTypeNumber);
         ulTypeNumber <<= 16;
         pTypeNumber = PICE_strchr(p,',');
         if(pTypeNumber)
         {
             pTypeNumber++;
             ulTypeNumber += ExtractNumber(pTypeNumber);
         }
         else
         {
             ulTypeNumber = 0;
         }
     }
     return ulTypeNumber;
 }

Referenced by EvaluateSymbol(), ExtractArray(), ExtractStructMembers(), FindGlobalStabSymbol(), FindLocalsByAddress(), FindTypeDefinition(), and FindTypeDefinitionForCombinedTypes().

◆ FindAddressForSourceLine()

BOOLEAN FindAddressForSourceLine	(	ULONG	ulLineNumber,
		LPSTR	pFilename,
		PDEBUG_MODULE	pMod,
		PULONG	pValue
	)

Definition at line 1689 of file symbols.c.

 {
     ULONG i;
     PSTAB_ENTRY pStab;
     LPSTR pStr,pName;
     int nStabLen;
     int nOffset=0,nNextOffset=0;
     PICE_SYMBOLFILE_HEADER* pSymbols;
     static char szCurrentFunction[256];
     static char szCurrentPath[256];
     ULONG strLen,addr,ulMinValue=0xFFFFFFFF;
     BOOLEAN bFound = FALSE;
 
     DPRINT((0,"FindAddressForSourceLine(%u,%s,%x)\n",ulLineNumber,pFilename,(ULONG)pMod));
 
     addr = (ULONG)pMod->BaseAddress;
 
     pSymbols = FindModuleSymbols(addr);
     if(pSymbols)
     {
         pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
         nStabLen = pSymbols->ulSizeOfStabs;
         pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);
 
         for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
         {
             pName = &pStr[pStab->n_strx + nOffset];
 
             switch(pStab->n_type)
             {
                 case N_UNDF:
                     nOffset += nNextOffset;
                     nNextOffset = pStab->n_value;
                     break;
                 case N_SO:
                     if((strLen = PICE_strlen(pName)))
                     {
                         if(pName[strLen-1]!='/')
                         {
                             if(PICE_strlen(szCurrentPath))
                             {
                                 PICE_strcat(szCurrentPath,pName);
                                 DPRINT((0,"changing source file %s\n",szCurrentPath));
                             }
                             else
                             {
                                 DPRINT((0,"changing source file %s\n",pName));
                                 PICE_strcpy(szCurrentPath,pName);
                             }
                         }
                         else
                             PICE_strcpy(szCurrentPath,pName);
                     }
                     else
                     {
                         szCurrentPath[0]=0;
                     }
                     break;
                 case N_SLINE:
                     // if we're in the function we're looking for
                     if(PICE_strcmpi(pFilename,szCurrentPath)==0)
                     {
                         if(pStab->n_desc>=ulLineNumber && (pStab->n_desc-ulLineNumber)<=ulMinValue)
                         {
                             ulMinValue = pStab->n_desc-ulLineNumber;
 
                             DPRINT((0,"code source line number #%u for offset %x in function @ %s)\n",pStab->n_desc,pStab->n_value,szCurrentFunction));
                             addr = FindFunctionInModuleByName(szCurrentFunction,pMod);
                             if(addr)
                             {
                                 *pValue = addr + pStab->n_value;
                                 bFound = TRUE;
                             }
                         }
                     }
                     break;
                 case N_FUN:
                     if(PICE_strlen(pName))
                     {
                         ULONG len;
 
                         len=StrLenUpToWhiteChar(pName,":");
                         PICE_strncpy(szCurrentFunction,pName,len);
                         szCurrentFunction[len]=0;
                         DPRINT((0,"function %s\n",szCurrentFunction));
                     }
                     else
                     {
                         DPRINT((0,"END of function %s\n",szCurrentFunction));
                         szCurrentFunction[0]=0;
                     }
                     break;
             }
             pStab++;
         }
     }
     return bFound;
 }

Referenced by ConvertTokenToLineNumber().

◆ FindDriverObjectDirectory()

POBJECT FindDriverObjectDirectory ( void )

Definition at line 202 of file symbols.c.

 {
     PLIST_ENTRY current;
     POBJECT_HEADER current_obj;
     PDIRECTORY_OBJECT pd;
 
     ENTER_FUNC();
 
     if( pNameSpaceRoot && *pNameSpaceRoot ){
         current = (*pNameSpaceRoot)->head.Flink;
         while (current!=(&((*pNameSpaceRoot)->head)))
         {
             current_obj = CONTAINING_RECORD(current,OBJECT_HEADER,Entry);
             DPRINT((0,"Scanning %S\n",current_obj->Name.Buffer));
             if (_wcsicmp(current_obj->Name.Buffer, L"Modules")==0)
             {
                 pd=HEADER_TO_BODY(current_obj);
                 DPRINT((0,"Found it %x\n",pd));
                 return pd;
             }
             current = current->Flink;
         }
     }
     LEAVE_FUNC();
     return NULL;
 }

◆ FindFunctionByAddress()

LPSTR FindFunctionByAddress	(	ULONG	ulValue,
		PULONG	pulstart,
		PULONG	pulend
	)

Definition at line 767 of file symbols.c.

 {
     PIMAGE_SYMBOL pSym, pSymEnd, pFoundSym;
     LPSTR pStr;
     PIMAGE_SECTION_HEADER pShdr;
     PDEBUG_MODULE pd;
     PDEBUG_MODULE pdTemp;
     PICE_SYMBOLFILE_HEADER* pSymbols;
     ULONG start,end;
     static char temp4[256];
     LPSTR pName;
 
     pSymbols = FindModuleSymbols(ulValue);
     DPRINT((0,"FindFunctionByAddress(): symbols for %S @ %x \n",pSymbols->name,(ULONG)pSymbols));
     if(pSymbols && pdebug_module_head)
     {
         DPRINT((0,"looking up symbol\n"));
         pd = pdebug_module_head;
         do
         {
             ASSERT(pd->size);
             pdTemp = pd;
 
             //initial values for start and end.
             start = (ULONG)pdTemp->BaseAddress;
             end = start+pdTemp->size;
 
             DPRINT((0,"FindFunctionByAddress(): ulValue %x\n",ulValue));
 
             if(ulValue>=start && ulValue<end)
             {
                 DPRINT((0,"FindFunctionByAddress(): address matches %S\n",(ULONG)pdTemp->name));
                 if(PICE_wcsicmp(pdTemp->name,pSymbols->name) == 0)
                 {
                     DPRINT((0,"found symbols for module %S\n",pdTemp->name));
                     pSym = (PIMAGE_SYMBOL)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
                     pSymEnd = (PIMAGE_SYMBOL)((ULONG)pSym+pSymbols->ulSizeOfGlobals);
                     pStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
                     pShdr = (PIMAGE_SECTION_HEADER)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
 
                     if(!IsRangeValid((ULONG)pSym,sizeof(IMAGE_SYMBOL) ) ) //should we actually check all the symbols here?
                     {
                         DPRINT((0,"FindFunctionByAddress(): pSym = %x is not a valid pointer\n",(ULONG)pSym));
                         return FALSE;
                     }
                     DPRINT((0,"pSym = %x\n",pSym));
                     DPRINT((0,"pStr = %x\n",pStr));
                     DPRINT((0,"pShdr = %x\n",pShdr));
 
                     while( pSym < pSymEnd )
                     {
                         //symbol is a function is it's type is 0x20, and section>0
                         if(( (pSym->Type == 0x20) &&
                            (pSym->SectionNumber > 0 )))
                         {
                             ULONG ulCurrAddr;
                             PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + (pSym->SectionNumber-1);
 
                             DPRINT((0,"FindFunctionByAddress(): pShdr[%x] = %x\n",pSym->SectionNumber,(ULONG)pShdrThis));
 
                             if(!IsRangeValid((ULONG)pShdrThis,sizeof(IMAGE_SECTION_HEADER)) )
                             {
                                 DPRINT((0,"ScanExportsByAddress(): pElfShdr[%x] = %x is not a valid pointer\n",pSym->SectionNumber,(ULONG)pShdrThis));
                                 return FALSE;
                             }
                             //to get address in the memory we base address of the module and
                             //add offset of the section and then add offset of the symbol from
                             //the begining of the section
                             ulCurrAddr = ((ULONG)pdTemp->BaseAddress+pShdrThis->VirtualAddress+pSym->Value);
                             DPRINT((0,"FindFunctionByAddress(): CurrAddr [1] = %x\n",ulCurrAddr));
                             DPRINT((0,"%x  ", ulCurrAddr));
 
                             if(ulCurrAddr<=ulValue && ulCurrAddr>start)
                             {
                                 start = ulCurrAddr;
                                 pFoundSym = pSym;
                                 //DPRINT((0,"FindFunctionByAddress(): CANDIDATE for start %x\n",start));
                             }
                             else if(ulCurrAddr>=ulValue && ulCurrAddr<end)
                                  {
                                    end = ulCurrAddr;
                                    //DPRINT((0,"FindFunctionByAddress(): CANDIDATE for end %x\n",end));
                                  }
                             }
                             //skip the auxiliary symbols and get the next symbol
                             pSym += pSym->NumberOfAuxSymbols + 1;
                         }
                         //we went through all the symbols for this module
                         //now start should point to the start of the function and
                         //end to the start of the next (or end of section)
                         if(pulstart)
                             *pulstart = start;
 
                         if(pulend){
                             //just in case there is more than  one code section
                             PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + (pFoundSym->SectionNumber-1);
                             if( end > (ULONG)pdTemp->BaseAddress+pShdrThis->SizeOfRawData ){
                                 DPRINT((0,"Hmm: end=%d, end of section: %d\n", end, (ULONG)pdTemp->BaseAddress+pShdrThis->SizeOfRawData));
                                 end = (ULONG)pdTemp->BaseAddress+pShdrThis->SizeOfRawData;
                             }
                             *pulend = end;
                         }
 
                         if(pFoundSym->N.Name.Short){
                             //name is in the header. it's not zero terminated. have to copy.
                             PICE_sprintf(temp4,"%.8s", pFoundSym->N.ShortName);
                             pName = temp4;
                             DPRINT((0,"Function name: %S!%.8s",pdTemp->name,pName));
                         }
                         else{
                             ASSERT(pFoundSym->N.Name.Long<=pSymbols->ulSizeOfGlobalsStrings); //sanity check
                             pName = pStr+pFoundSym->N.Name.Long;
                             if(!IsAddressValid((ULONG)pName))
                             {
                                 DPRINT((0,"FindFunctionByAddress(): pName = %x is not a valid pointer\n",pName));
                                 return NULL;
                             }
                             DPRINT((0,"Function name: %S!%s",pdTemp->name,pName));
                         }
                         return pName;
                     }
                 }
         }while((pd = pd->next) != pdebug_module_tail);
     }
     return NULL;
 }

Referenced by COMMAND_PROTOTYPE(), FindLocalsByAddress(), FindSourceLineForAddress(), IntelStackWalk(), ListSWBreakpoints(), UnassembleOneLineUp(), and UnassembleOnePageUp().

◆ FindFunctionInModuleByName()

ULONG FindFunctionInModuleByName	(	LPSTR	szFunctionname,
		PDEBUG_MODULE	pd
	)

Definition at line 955 of file symbols.c.

 {
     ULONG i,addr;
     PICE_SYMBOLFILE_HEADER* pSymbols=NULL;
     PIMAGE_SYMBOL pSym, pSymEnd;
     LPSTR pStr;
     PIMAGE_SECTION_HEADER pShdr;
 
     ENTER_FUNC();
     DPRINT((0,"FindFunctionInModuleByName(%s)\n",szFunctionname));
     DPRINT((0,"FindFunctionInModuleByName(): mod size = %x\n",pd->size));
     DPRINT((0,"FindFunctionInModuleByName(): module is %S\n",pd->name));
 
     addr = (ULONG)pd->BaseAddress;
 
     pSymbols = FindModuleSymbols(addr);
     if(pSymbols)
     {
         DPRINT((0,"FindFunctionInModuleByName(): found symbol table for %S\n",pSymbols->name));
         pSym = (PIMAGE_SYMBOL)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
         pSymEnd = (PIMAGE_SYMBOL)((ULONG)pSym+pSymbols->ulSizeOfGlobals);
         pStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
         pShdr = (PIMAGE_SECTION_HEADER)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
 
         while( pSym < pSymEnd )
         {
             //symbol is a function is it's type is 0x20, storage class is external and section>0
             //if(( (pSym->Type == 0x20)  && (pSym->StorageClass==IMAGE_SYM_CLASS_EXTERNAL) &&
             //   (pSym->SectionNumber > 0 )))
 
             if(((pSym->Type == 0x0) || (pSym->Type == 0x20) )  &&
                ((pSym->StorageClass == IMAGE_SYM_CLASS_EXTERNAL) || (pSym->StorageClass==IMAGE_SYM_CLASS_STATIC)) &&
                (pSym->SectionNumber > 0 ))
 
             {
                 ULONG start;
                 LPSTR pName;
                 PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + (pSym->SectionNumber-1);
 
                 start = ((ULONG)pd->BaseAddress+pShdrThis->VirtualAddress+pSym->Value);
                 DPRINT((0,"FindFunctionInModuleByName(): %s @ %x\n",szFunctionname,start));
 
                 if(pSym->N.Name.Short){ //if name is stored in the structure
                     //name may be not zero terminated but 8 characters max
                     DPRINT((0,"FindFunctionInModuleByName: %.8s\n", pSym->N.ShortName));
                     pName = pSym->N.ShortName;  //name is in the header
                     if((PICE_fnncmp(pName,szFunctionname, 8) == 0) && start)
                     {
                         DPRINT((0,"FindFunctionInModuleByName(): symbol was in symbol table, start: %x\n", start));
                         LEAVE_FUNC();
                         return start;
                     }
                 }else{
                     pName = pStr+pSym->N.Name.Long;
                     DPRINT((0,"FindFunctionInModuleByName: %s\n", pName));
                     if((PICE_fncmp(pName,szFunctionname) == 0) && start)
                     {
                         DPRINT((0,"FindFunctionInModuleByName(): symbol was in string table, start: %x\n", start));
                         LEAVE_FUNC();
                         return start;
                     }
                 }
             }
             //skip the auxiliary symbols and get the next symbol
             pSym += pSym->NumberOfAuxSymbols + 1;
         }
     }
     LEAVE_FUNC();
     return 0;
 }

Referenced by ConvertTokenToSymbol(), FindAddressForSourceLine(), FindGlobalStabSymbol(), RevirtualizeBreakpointsForModule(), and TryToInstallVirtualSWBreakpoints().

◆ FindGlobalStabSymbol()

BOOLEAN FindGlobalStabSymbol	(	LPSTR	pExpression,
		PULONG	pValue,
		PULONG	pulTypeNumber,
		PULONG	pulFileNumber
	)

Definition at line 2289 of file symbols.c.

 {
   ULONG i;
   PSTAB_ENTRY pStab;
   LPSTR pStr,pName;
   int nStabLen;
   int nOffset=0,nNextOffset=0,nLen,strLen;
   PICE_SYMBOLFILE_HEADER* pSymbols;
   ULONG ulTypeNumber;
   static char SymbolName[1024];
   static char szCurrentPath[256];
   ULONG ulCurrentFileNumber=0;
   LPSTR pTypeDefIncluded;
   ULONG addr;
 
   // must have a current module
   if(pCurrentMod)
     {
       // in case we query for the kernel we need to use the fake kernel module
       addr = (ULONG)pCurrentMod->BaseAddress;
 
       // find the symbols for the module
       pSymbols = FindModuleSymbols(addr);
       if(pSymbols)
     {
       // prepare table access
       pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
       nStabLen = pSymbols->ulSizeOfStabs;
       pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);
       // starting at file 0
       *pulFileNumber = 0;
 
       // go through stabs
       for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
         {
           pName = &pStr[pStab->n_strx + nOffset];
 
           switch(pStab->n_type)
         {
           // an N_UNDF symbol marks a change of string table offset
         case N_UNDF:
           nOffset += nNextOffset;
           nNextOffset = pStab->n_value;
           break;
           // a source file symbol
         case N_SO:
           if((strLen = PICE_strlen(pName)))
             {
               if(pName[strLen-1]!='/')
             {
               ulCurrentFileNumber++;
               if(PICE_strlen(szCurrentPath))
                 {
                   PICE_strcat(szCurrentPath,pName);
                   DPRINT((0,"changing source file %s\n",szCurrentPath));
                 }
               else
                 {
                   DPRINT((0,"changing source file %s\n",pName));
                 }
             }
               else
             PICE_strcpy(szCurrentPath,pName);
             }
           else
             {
               szCurrentPath[0]=0;
             }
           break;
         case N_GSYM:
         case N_LSYM:
         case N_PSYM:
           // symbol-name:type-identifier type-number =
           nLen = StrLenUpToWhiteChar(pName,":");
           PICE_strncpy(SymbolName,pName,nLen);
           SymbolName[nLen] = 0;
           if(PICE_strcmpi(SymbolName,pExpression)==0)
             {
               DPRINT((0,"global symbol %s\n",pName));
               // extract type-number from stab
               ulTypeNumber = ExtractTypeNumber(pName);
               DPRINT((0,"type number = %x, from %s\n",ulTypeNumber, pName));
               *pulTypeNumber = ulTypeNumber;
               // look for symbols address in external symbols
               if( pStab->n_type == N_LSYM || pStab->n_type == N_PSYM )
             *pValue = CurrentEBP + pStab->n_value;
               else *pValue = FindFunctionInModuleByName(SymbolName,pCurrentMod);
 
               DPRINT((0,"value = %x\n",*pValue));
               *pulFileNumber = ulCurrentFileNumber;
               DPRINT((0,"file = %x\n",ulCurrentFileNumber));
               if((pTypeDefIncluded = PICE_strchr(pName,'=')) )
             {
               DPRINT((0,"symbol includes type definition (%s)\n",pTypeDefIncluded));
             }
               return TRUE;
             }
           break;
         }
           pStab++;
         }
     }
     }
   return FALSE;
 }

Referenced by EvaluateSymbol().

◆ FindLocalsByAddress()

PLOCAL_VARIABLE FindLocalsByAddress ( ULONG addr )

Definition at line 1317 of file symbols.c.

 {
     ULONG i;
     PSTAB_ENTRY pStab;
     LPSTR pStr,pName;
     int nStabLen;
     int nOffset=0,nNextOffset=0;
     PICE_SYMBOLFILE_HEADER* pSymbols;
     static char szCurrentFunction[256];
     static char szCurrentPath[256];
     LPSTR pFunctionName;
     ULONG start,end,strLen;
     ULONG ulTypeNumber,ulCurrentFileNumber=0;
     LPSTR pTypedef;
     ULONG ulNumLocalVars=0;
 
     DPRINT((0,"FindLocalsByAddress()\n"));
 
     pFunctionName = FindFunctionByAddress(addr,&start,&end);
     DPRINT((0,"FindLocalsByAddress(): pFunctionName = %s\n",pFunctionName));
     if(pFunctionName)
     {
         pSymbols = FindModuleSymbols(addr);
         if(pSymbols)
         {
             pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
             nStabLen = pSymbols->ulSizeOfStabs;
             pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);
 
             for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
             {
                 pName = &pStr[pStab->n_strx + nOffset];
 
                 DPRINT((0,"FindLocalsByAddress(): %x %x %x %x %x\n",
                         pStab->n_strx,
                         pStab->n_type,
                         pStab->n_other,
                         pStab->n_desc,
                         pStab->n_value));
 
                 switch(pStab->n_type)
                 {
                     case N_UNDF:
                         nOffset += nNextOffset;
                         nNextOffset = pStab->n_value;
                         break;
                     case N_SO:
                         if((strLen = PICE_strlen(pName)))
                         {
                             if(pName[strLen-1]!='/')
                             {
                                 ulCurrentFileNumber++;
                                 if(PICE_strlen(szCurrentPath))
                                 {
                                     PICE_strcat(szCurrentPath,pName);
                                     DPRINT((0,"changing source file1 %s, %u\n",szCurrentPath,ulCurrentFileNumber));
                                 }
                                 else
                                 {
                                     DPRINT((0,"changing source file %s, %u\n",pName,ulCurrentFileNumber));
                                 }
                             }
                             else
                                 PICE_strcpy(szCurrentPath,pName);
                         }
                         else
                         {
                             szCurrentPath[0]=0;
                         }
                         break;
                     case N_LSYM:
                         // if we're in the function we're looking for
                         if(szCurrentFunction[0] && PICE_fncmp(szCurrentFunction,pFunctionName)==0)
                         {
                             DPRINT((0,"local variable1 %.8X %.8X %.8X %.8X %.8X %s\n",pStab->n_strx,pStab->n_type,pStab->n_other,pStab->n_desc,pStab->n_value,pName));
                             ulTypeNumber = ExtractTypeNumber(pName);
                             DPRINT((0,"type number = %u\n",ulTypeNumber));
                             if((pTypedef = FindTypeDefinition(pSymbols,ulTypeNumber,ulCurrentFileNumber)))
                             {
                                 DPRINT((0,"pTypedef: %x\n", pTypedef));
                                 PICE_strcpy(local_vars[ulNumLocalVars].type_name,TruncateString(pTypedef,':'));
                                 PICE_strcpy(local_vars[ulNumLocalVars].name,TruncateString(pName,':'));
                                 local_vars[ulNumLocalVars].value = (CurrentEBP+pStab->n_value);
                                 local_vars[ulNumLocalVars].offset = pStab->n_value;
                                 local_vars[ulNumLocalVars].line = pStab->n_desc;
                                 local_vars[ulNumLocalVars].bRegister = FALSE;
                                 ulNumLocalVars++;
                             }
                         }
                         break;
                     case N_PSYM:
                         // if we're in the function we're looking for
                         if(szCurrentFunction[0] && PICE_fncmp(szCurrentFunction,pFunctionName)==0)
                         {
                             DPRINT((0,"parameter variable %.8X %.8X %.8X %.8X %.8X %s\n",pStab->n_strx,pStab->n_type,pStab->n_other,pStab->n_desc,pStab->n_value,pName));
                             ulTypeNumber = ExtractTypeNumber(pName);
                             DPRINT((0,"type number = %x\n",ulTypeNumber));
                             if((pTypedef = FindTypeDefinition(pSymbols,ulTypeNumber,ulCurrentFileNumber)))
                             {
                                 PICE_strcpy(local_vars[ulNumLocalVars].type_name,TruncateString(pTypedef,':'));
                                 PICE_strcpy(local_vars[ulNumLocalVars].name,TruncateString(pName,':'));
                                 local_vars[ulNumLocalVars].value = (CurrentEBP+pStab->n_value);
                                 local_vars[ulNumLocalVars].offset = pStab->n_value;
                                 ulNumLocalVars++;
                             }
                         }
                         break;
                     case N_RSYM:
                         // if we're in the function we're looking for
                         if(szCurrentFunction[0] && PICE_fncmp(szCurrentFunction,pFunctionName)==0)
                         {
                             DPRINT((0,"local variable2 %.8X %.8X %.8X %.8X %.8X %s\n",pStab->n_strx,pStab->n_type,pStab->n_other,pStab->n_desc,pStab->n_value,pName));
                             ulTypeNumber = ExtractTypeNumber(pName);
                             DPRINT((0,"type number = %x\n",ulTypeNumber));
                             if((pTypedef = FindTypeDefinition(pSymbols,ulTypeNumber,ulCurrentFileNumber)))
                             {
                                 PICE_strcpy(local_vars[ulNumLocalVars].type_name,TruncateString(pTypedef,':'));
                                 PICE_strcpy(local_vars[ulNumLocalVars].name,TruncateString(pName,':'));
                                 local_vars[ulNumLocalVars].value = (LocalRegs[pStab->n_value]);
                                 local_vars[ulNumLocalVars].offset = pStab->n_value;
                                 local_vars[ulNumLocalVars].line = pStab->n_desc;
                                 local_vars[ulNumLocalVars].bRegister = TRUE;
                                 ulNumLocalVars++;
                             }
                         }
                         break;
                     case N_FUN:
                         if(PICE_strlen(pName))
                         {
                             ULONG len;
 
                             len=StrLenUpToWhiteChar(pName,":");
                             PICE_strncpy(szCurrentFunction,pName,len);
                             szCurrentFunction[len]=0;
                             DPRINT((0,"function %s\n",szCurrentFunction));
                         }
                         else
                         {
                             DPRINT((0,"END of function %s\n",szCurrentFunction));
                             szCurrentFunction[0]=0;
                             if(ulNumLocalVars)
                             {
                                 *local_vars[ulNumLocalVars].name = 0;
                                 return local_vars;
                             }
                         }
                         break;
                 }
                 pStab++;
             }
         }
     }
     return NULL;
 }

Referenced by COMMAND_PROTOTYPE().

◆ FindModuleByName()

PDEBUG_MODULE FindModuleByName ( LPSTR modname )

Definition at line 539 of file symbols.c.

 {
     PDEBUG_MODULE pd;
     WCHAR tempstr[DEBUG_MODULE_NAME_LEN];
 
     DPRINT((0,"FindModuleFromAddress()\n"));
     if( !PICE_MultiByteToWideChar(CP_ACP, NULL, modname, -1, tempstr, DEBUG_MODULE_NAME_LEN ) )
     {
         DPRINT((0,"Can't convert module name.\n"));
         return NULL;
     }
 
     if(BuildModuleList())
     {
         pd = pdebug_module_head;
         do
         {
             if(pd->size)
             {
                 if(PICE_wcsicmp(tempstr,pd->name) == 0)
                 {
                     DPRINT((0,"FindModuleByName(): found %S\n",pd->name));
                     return pd;
                 }
             }
         }while((pd = pd->next) != pdebug_module_tail);
     }
 
     return NULL;
 }

◆ FindModuleFromAddress()

PDEBUG_MODULE FindModuleFromAddress ( ULONG addr )

Definition at line 507 of file symbols.c.

 {
     PDEBUG_MODULE pd;
     ULONG start,end;
 
     DPRINT((0,"FindModuleFromAddress()\n"));
     if(BuildModuleList())
     {
         pd = pdebug_module_head;
         do
         {
             if(pd->size)
             {
                 start = (ULONG)pd->BaseAddress;
                 end = start + pd->size;
                 DPRINT((0,"FindModuleFromAddress(): %S %x-%x\n",pd->name,start,end));
                 if(addr>=start && addr<end)
                 {
                     DPRINT((0,"FindModuleFromAddress(): found %S\n",pd->name));
                     return pd;
                 }
             }
         }while((pd = pd->next)!=pdebug_module_tail);
     }
 
     return NULL;
 }

Referenced by COMMAND_PROTOTYPE(), and ListSWBreakpoints().

◆ FindModuleSymbols()

PICE_SYMBOLFILE_HEADER* FindModuleSymbols ( ULONG addr )

Definition at line 463 of file symbols.c.

 {
     ULONG start,end,i;
     PDEBUG_MODULE pd = pdebug_module_head;
 
     DPRINT((0,"FindModuleSymbols(%x)\n",addr));
     if(BuildModuleList())
     {
         i=0;
         pd = pdebug_module_head;
         do
         {
             DPRINT((0,"pd: %x\n", pd));
             if(pd->size)
             {
                 start = (ULONG)pd->BaseAddress;
                 end = start + pd->size;
                 DPRINT((0,"FindModuleSymbols(): %S %x-%x\n",pd->name,start,end));
                 if(addr>=start && addr<end)
                 {
                     DPRINT((0,"FindModuleSymbols(): address matches %S %x-%x\n",pd->name,start,end));
                     for(i=0;i<ulNumSymbolsLoaded;i++)
                     {
                         DPRINT((0,"%S -", apSymbols[i]->name ));
                         if(PICE_wcsicmp(pd->name,apSymbols[i]->name) == 0)
                         {
                             if(ValidityCheckSymbols(apSymbols[i]))
                                 return apSymbols[i];
                             else
                                 return NULL;
                         }
                     }
                 }
             }
         }while((pd = pd->next) != pdebug_module_tail);
     }
 
     return NULL;
 }

Referenced by COMMAND_PROTOTYPE(), FindAddressForSourceLine(), FindFunctionByAddress(), FindFunctionInModuleByName(), FindGlobalStabSymbol(), FindLocalsByAddress(), FindSourceLineForAddress(), and ScanExportsByAddress().

◆ FindModuleSymbolsByModuleName()

PICE_SYMBOLFILE_HEADER* FindModuleSymbolsByModuleName ( LPSTR modname )

Definition at line 574 of file symbols.c.

 {
     ULONG i;
     WCHAR tempstr[DEBUG_MODULE_NAME_LEN];
 
     DPRINT((0,"FindModuleSymbols()\n"));
     if( !PICE_MultiByteToWideChar(CP_ACP, NULL, modname, -1, tempstr, DEBUG_MODULE_NAME_LEN ) )
     {
         DPRINT((0,"Can't convert module name in FindModuleSymbols.\n"));
         return NULL;
     }
 
     for(i=0;i<ulNumSymbolsLoaded;i++)
     {
         if(PICE_wcsicmp(tempstr,apSymbols[i]->name) == 0)
             return apSymbols[i];
     }
 
     return NULL;
 }

◆ FindSourceLineForAddress()

LPSTR FindSourceLineForAddress	(	ULONG	addr,
		PULONG	pulLineNumber,
		LPSTR *	ppSrcStart,
		LPSTR *	ppSrcEnd,
		LPSTR *	ppFilename
	)

Definition at line 1476 of file symbols.c.

 {
     ULONG i; // index for walking through STABS
     PSTAB_ENTRY pStab; // pointer to STABS
     LPSTR pStr,pName; // pointer to STAB strings and current STAB string
     int nStabLen;     // length of STAB section in bytes
     int nOffset=0,nNextOffset=0;    // offset and next offset in string table
     PICE_SYMBOLFILE_HEADER* pSymbols;   // pointer to module's STAB symbol table
     static char szCurrentFunction[256];
     static char szCurrentPath[256];
     static char szWantedPath[256];
     LPSTR pFunctionName; // name of function that brackets the current address
     ULONG start,end,strLen,ulMinValue=0xFFFFFFFF;
     LPSTR pSrcLine=NULL;
     BOOLEAN bFirstOccurence = TRUE;
 
     // lookup the functions name and start-end (external symbols)
     pFunctionName = FindFunctionByAddress(addr,&start,&end);
     DPRINT((0,"FindSourceLineForAddress: for function: %s\n", pFunctionName));
 
     if(pFunctionName)
     {
         // lookup the modules symbol table (STABS)
         pSymbols = FindModuleSymbols(addr);
         DPRINT((0,"FindSourceLineForAddress: pSymbols %x\n", pSymbols));
         if(pSymbols)
         {
             DPRINT((0,"FindSourceLineForAddress: pSymbols->ulNumberOfSrcFiles %x\n", pSymbols->ulNumberOfSrcFiles));
             // no source files so we don't need to lookup anything
             if(!pSymbols->ulNumberOfSrcFiles)
                 return NULL;
 
             // prepare STABS access
             pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
             nStabLen = pSymbols->ulSizeOfStabs;
             pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);
 
             // walk over all STABS
             for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
             {
                 // the name string corresponding to the STAB
                 pName = &pStr[pStab->n_strx + nOffset];
 
                 // switch STAB type
                 switch(pStab->n_type)
                 {
                     // change offset of name strings
                     case N_UNDF:
                         nOffset += nNextOffset;
                         nNextOffset = pStab->n_value;
                         break;
                     // source file change
                     case N_SO:
                         DPRINT((0,"changing source file %s\n",pName));
                         // if filename has a length record it
                         if((strLen = PICE_strlen(pName)))
                         {
                             PICE_strcpy(szCurrentPath,pName);
                         }
                         // else empty filename
                         else
                         {
                             szCurrentPath[0]=0;
                         }
                         break;
                     // sub-source file change
                     case N_SOL:
                         DPRINT((0,"changing sub source file %s\n",pName));
                         // if filename has a length record it
                         if((strLen = PICE_strlen(pName)))
                         {
                             PICE_strcpy(szCurrentPath,pName);
                         }
                         // else empty filename
                         else
                         {
                             szCurrentPath[0]=0;
                         }
                         break;
                     // a function symbol
                     case N_FUN:
                         if(!PICE_strlen(pName))
                         {// it's the end of a function
                             DPRINT((0,"END of function %s\n",szCurrentFunction));
 
                             szCurrentFunction[0]=0;
 
                             // in case we haven't had a zero delta match we return from here
                             if(pSrcLine)
                                 return pSrcLine;
 
                             break;
                         }
                         else
                         {// if it has a length it's the start of a function
                             ULONG len;
                             // extract the name only, the type string is of no use here
                             len=StrLenUpToWhiteChar(pName,":");
                             PICE_strncpy(szCurrentFunction,pName,len);
                             szCurrentFunction[len]=0;
 
                             DPRINT((0,"function %s\n",szCurrentFunction));
                         }
                         //intentional fall through
 
                     // line number
                     case N_SLINE:
                         // if we're in the function we're looking for
                         if(szCurrentFunction[0] && PICE_fncmp(szCurrentFunction,pFunctionName)==0)
                         {
                             DPRINT((0,"cslnum#%u for addr.%x (fn @ %x) ulMinVal=%x ulDelta=%x\n",pStab->n_desc,start+pStab->n_value,start,ulMinValue,(addr-(start+pStab->n_value))));
 
                             if(bFirstOccurence)
                             {
                                 PICE_strcpy(szWantedPath,szCurrentPath);
                                 DPRINT((0,"source file must be %s\n",szWantedPath));
                                 bFirstOccurence = FALSE;
                             }
                             DPRINT((0,"wanted %s, current: %s\n",szWantedPath, szCurrentPath));
                             // we might have a match if our address is greater than the one in the STAB
                             // and we're lower or equal than minimum value
                             if(addr>=start+pStab->n_value &&
                                (addr-(start+pStab->n_value))<=ulMinValue &&
                                PICE_strcmpi(szWantedPath,szCurrentPath)==0 )
                             {
                                 ULONG j;
                                 PICE_SYMBOLFILE_SOURCE* pSrc = (PICE_SYMBOLFILE_SOURCE*)((ULONG)pSymbols+pSymbols->ulOffsetToSrcFiles);
 
                                 DPRINT((0,"code source line number #%u for addr. %x found!\n",pStab->n_desc,start+pStab->n_value));
 
                                 // compute new minimum
                                 ulMinValue = addr-(start+pStab->n_value);
 
                                 // if we have a pointer for storage of line number, store it
                                 if(pulLineNumber)
                                     *pulLineNumber = pStab->n_desc;
 
                                 // NB: should put this somewhere else so that it's not done all the time
                                 // if we have source files at all
                                 DPRINT((0,"%u source files @ %x\n",pSymbols->ulNumberOfSrcFiles,pSrc));
 
                                 // for all source files in this module
                                 for(j=0;j<pSymbols->ulNumberOfSrcFiles;j++)
                                 {
                                     LPSTR pSlash;
                                     ULONG currlen, fnamelen;
 
                                     currlen = PICE_strlen( szCurrentPath );
                                     fnamelen = PICE_strlen( pSrc->filename );
                                     pSlash = pSrc->filename + fnamelen - currlen;
 
                                     //DPRINT((0,"pSlash: %s, szCurrentPath: %s\n", pSlash, szCurrentPath));
                                     // if base name matches current path we have found the correct source file
                                     if(PICE_strcmpi(pSlash,szCurrentPath)==0)
                                     {
                                         // the linenumber
                                         ULONG k = pStab->n_desc;
 
                                         DPRINT((0,"found src file %s @ %x\n",pSrc->filename,pSrc));
 
                                         // store the pointer to the filename
                                         if(ppFilename)
                                             *ppFilename = pSrc->filename;
 
                                         if(pSrc->ulOffsetToNext > sizeof(PICE_SYMBOLFILE_SOURCE))
                                         {
                                             // get a pointer to the source file (right after the file header)
                                             pSrcLine = (LPSTR)((ULONG)pSrc+sizeof(PICE_SYMBOLFILE_SOURCE));
 
                                             // store the source start and end address
                                             if(ppSrcStart)
                                                 *ppSrcStart = pSrcLine;
                                             if(ppSrcEnd)
                                                 *ppSrcEnd = pSrcLine+pSrc->ulOffsetToNext-sizeof(PICE_SYMBOLFILE_SOURCE);
 
                                             // goto to the right line
                                             while(--k)
                                             {
                                                 while(*pSrcLine!=0 && *pSrcLine!=0x0a && *pSrcLine!=0x0d)
                                                     pSrcLine++;
                                                 if(!IsAddressValid((ULONG)pSrcLine))
                                                     return NULL;
                                                 pSrcLine++;
                                             }
 
                                             if(ulMinValue == 0)
                                                 return pSrcLine;
                                         }
                                         else
                                         {
                                             DPRINT((0,"src file descriptor found, but contains no source\n"));
                                         }
 
                                         break;
                                     }
                                     (ULONG)pSrc += pSrc->ulOffsetToNext;
                                 }
                             }
                         }
                         break;
                 }
                 pStab++;
             }
         }
     }
     DPRINT((0,"FindSourceLineForAddress: exit 1\n"));
     return NULL;
 }

Referenced by COMMAND_PROTOTYPE(), and RealIsr().

◆ FindTypeDefinition()

LPSTR FindTypeDefinition	(	PICE_SYMBOLFILE_HEADER *	pSymbols,
		ULONG	ulTypeNumber,
		ULONG	ulFileNumber
	)

Definition at line 1179 of file symbols.c.

 {
     ULONG i;
     PSTAB_ENTRY pStab;
     LPSTR pStr,pName,pTypeString;
     int nStabLen;
     int nOffset=0,nNextOffset=0,strLen;
     static char szAccumulatedName[2048];
     ULONG ulCurrentTypeNumber,ulCurrentFileNumber=0;
     LPSTR pTypeSymbol;
     static char szCurrentPath[256];
 
     ENTER_FUNC();
     DPRINT((0,"FindTypeDefinition(%u,%u)\n",ulTypeNumber,ulFileNumber));
 
     *szAccumulatedName = 0;
 
     pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
     nStabLen = pSymbols->ulSizeOfStabs;
     pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);
 
     for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
     {
         pName = &pStr[pStab->n_strx + nOffset];
 
         switch(pStab->n_type)
         {
     case N_UNDF:
       nOffset += nNextOffset;
       nNextOffset = pStab->n_value;
       break;
     case N_SO:
       if((strLen = PICE_strlen(pName)))
         {
           if(pName[strLen-1]!='/')
         {
           ulCurrentFileNumber++;
           if(PICE_strlen(szCurrentPath))
             {
               PICE_strcat(szCurrentPath,pName);
               DPRINT((0,"FindTypeDefinition()1: cha %s, %u\n",szCurrentPath, ulCurrentFileNumber));
             }
           else
             {
               DPRINT((0,"FindTypeDefinition(): cha %s, %u\n",pName, ulCurrentFileNumber));
             }
         }
           else
         PICE_strcpy(szCurrentPath,pName);
         }
       else
         {
           szCurrentPath[0]=0;
         }
       break;
     case N_LSYM:
                 // stab has no value -> must be type definition
                 //ei File number count is not reliable
       if(pStab->n_value == 0 /*&& ulCurrentFileNumber==ulFileNumber*/)
         {
           DPRINT((0,"FindTypeDefinition(): pre type definition %s\n",pName));
           // handle multi-line symbols
           if(strrchr(pName,'\\'))
         {
           if(PICE_strlen(szAccumulatedName))
             {
               PICE_strcat(szAccumulatedName,pName);
               DPRINT((0,"FindTypeDefinition(): [1] accum. %s\n",szAccumulatedName));
             }
           else
             {
               PICE_strcpy(szAccumulatedName,pName);
               DPRINT((0,"FindTypeDefinition(): [2] accum. %s\n",szAccumulatedName));
             }
           szAccumulatedName[PICE_strlen(szAccumulatedName)-1]=0;
         }
           else
         {
           DPRINT((0,"FindTypeDefinition(): [3] accum. %s, pname: %s\n",szAccumulatedName, pName));
           if(PICE_strlen(szAccumulatedName)==0)
             {
               PICE_strcpy(szAccumulatedName,pName);
             }
           else
             {
               PICE_strcat(szAccumulatedName,pName);
             }
           pTypeString = szAccumulatedName;
 
           pTypeSymbol = PICE_strchr(pTypeString,':');
           if(pTypeSymbol && (*(pTypeSymbol+1)=='t' || *(pTypeSymbol+1)=='T'))
             {
               // parse it
               ulCurrentTypeNumber = ExtractTypeNumber(pTypeString);
               DPRINT((0,"FindTypeDefinition(): ulCurrType: %u, LSYM is type %s\n",ulCurrentTypeNumber,pName));
               if(ulCurrentTypeNumber == ulTypeNumber)
             {
               DPRINT((0,"FindTypeDefinition(): type definition %s\n",pTypeString));
               return pTypeString;
             }
             }
           *szAccumulatedName=0;
         }
         }
       break;
         }
         pStab++;
     }
 
     return FindTypeDefinitionForCombinedTypes(pSymbols,ulTypeNumber,ulFileNumber);
 
 }

Referenced by EvaluateSymbol(), ExtractArray(), ExtractStructMembers(), and FindLocalsByAddress().

◆ FindTypeDefinitionForCombinedTypes()

LPSTR FindTypeDefinitionForCombinedTypes	(	PICE_SYMBOLFILE_HEADER *	pSymbols,
		ULONG	ulTypeNumber,
		ULONG	ulFileNumber
	)

Definition at line 1062 of file symbols.c.

 {
     ULONG i;
     PSTAB_ENTRY pStab;
     LPSTR pStr,pName,pTypeNumber,pTypeDefIncluded,pNameTemp;
     int nStabLen;
     int nOffset=0,nNextOffset=0,nLen;
     static char szAccumulatedName[2048];
     ULONG ulCurrentTypeNumber,ulCurrentFileNumber=0;
     static char szCurrentPath[256];
 
     ENTER_FUNC();
 
     *szAccumulatedName = 0;
 
     pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
     nStabLen = pSymbols->ulSizeOfStabs;
     pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);
 
     DPRINT((0,"FindTypeDefinitionForCombinedTypes()\n"));
 
     for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
     {
         pName = &pStr[pStab->n_strx + nOffset];
 
         switch(pStab->n_type)
         {
             case N_UNDF:
                 nOffset += nNextOffset;
                 nNextOffset = pStab->n_value;
                 break;
             case N_SO:
                 if((nLen = PICE_strlen(pName)))
                 {
                     if(pName[nLen-1]!='/')
                     {
                         ulCurrentFileNumber++;
                         if(PICE_strlen(szCurrentPath))
                         {
                             PICE_strcat(szCurrentPath,pName);
                             DPRINT((0,"FindTypeDefinitionForCombinedTypes(): changing source file %s\n",szCurrentPath));
                         }
                         else
                         {
                             DPRINT((0,"FindTypeDefinitionForCombinedTypes(): changing source file %s\n",pName));
                         }
                     }
                     else
                         PICE_strcpy(szCurrentPath,pName);
                 }
                 else
                 {
                     szCurrentPath[0]=0;
                 }
                 break;
             case N_GSYM:
                 //ei File number count is not reliable
                 if( 1 /*ulCurrentFileNumber == ulFileNumber*/)
                 {
                     DPRINT((0,"FindTypeDefinitionForCombinedTypes(): %s\n",pName));
 
                     // handle multi-line symbols
                     if(PICE_strchr(pName,'\\'))
                     {
                         if(PICE_strlen(szAccumulatedName))
                         {
                             PICE_strcat(szAccumulatedName,pName);
                         }
                         else
                         {
                             PICE_strcpy(szAccumulatedName,pName);
                         }
                         szAccumulatedName[PICE_strlen(szAccumulatedName)-1]=0;
                         //DPRINT((0,"accum. %s\n",szAccumulatedName));
                     }
                     else
                     {
                         if(PICE_strlen(szAccumulatedName)==0)
                         {
                             PICE_strcpy(szAccumulatedName,pName);
                         }
                         else
                         {
                             PICE_strcat(szAccumulatedName,pName);
                         }
                         pNameTemp = szAccumulatedName;
 
                         // symbol-name:type-identifier type-number =
                         nLen = StrLenUpToWhiteChar(pNameTemp,":");
                         if((pTypeDefIncluded = PICE_strchr(pNameTemp,'=')) && pNameTemp[nLen+1]=='G')
                         {
                             DPRINT((0,"FindTypeDefinitionForCombinedTypes(): symbol includes type definition (%s)\n",pNameTemp));
                             pTypeNumber = pNameTemp+nLen+1;
                             if((ulCurrentTypeNumber = ExtractTypeNumber(pTypeNumber)) )
                             {
                                 DPRINT((0,"FindTypeDefinitionForCombinedTypes(): type-number %x\n",ulCurrentTypeNumber));
                                 if(ulCurrentTypeNumber == ulTypeNumber)
                                 {
                                     DPRINT((0,"FindTypeDefinitionForCombinedTypes(): typenumber %x matches!\n",ulCurrentTypeNumber));
                                     return pNameTemp;
                                 }
                             }
                         }
                         *szAccumulatedName = 0;
                     }
                 }
                 break;
         }
         pStab++;
     }
     return NULL;
 }

Referenced by FindTypeDefinition().

◆ FreeModuleList()

VOID FreeModuleList ( PDEBUG_MODULE pm )

Definition at line 121 of file symbols.c.

 {
     PDEBUG_MODULE pNext = pm;
 
     ENTER_FUNC();
 
     while( pNext ){
         pNext = pm->next;
         ExFreePool( pm );
     }
     LEAVE_FUNC();
 }

Referenced by InitModuleList(), and InitPICE().

◆ HEADER_TO_BODY()

PVOID HEADER_TO_BODY ( POBJECT_HEADER obj )

Definition at line 106 of file symbols.c.

 {
    return(((void *)obj)+sizeof(OBJECT_HEADER)-sizeof(COMMON_BODY_HEADER));
 }

Referenced by FindDriverObjectDirectory().

◆ InitModuleList()

BOOLEAN InitModuleList	(	PDEBUG_MODULE *	ppmodule,
		ULONG	len
	)

Definition at line 138 of file symbols.c.

 {
     ULONG i;
     PDEBUG_MODULE pNext = NULL, pm = *ppmodule;
 
     ENTER_FUNC();
 
     ASSERT(pm==NULL);
 
     for(i=1;i<=len;i++){
         pm = (PDEBUG_MODULE)ExAllocatePool( NonPagedPool, sizeof( DEBUG_MODULE ) );
         if( !pm ){
             FreeModuleList(pNext);
             return FALSE;
         }
         pm->next = pNext;
         pm->size = 0;
         pm->BaseAddress = NULL;
         //DbgPrint("len1: %d\n", pm->name.Length);
         pNext = pm;
     }
     *ppmodule = pm;
 
     LEAVE_FUNC();
 
     return TRUE;
 }

Referenced by InitPICE().

◆ IsModuleLoaded()

PDEBUG_MODULE IsModuleLoaded ( LPSTR p )

Definition at line 296 of file symbols.c.

 {
     PDEBUG_MODULE pd;
 
     ENTER_FUNC();
     DPRINT((0,"IsModuleLoaded(%s)\n",p));
 
     if(BuildModuleList())
     {
         pd = pdebug_module_head;
         do
         {
             char temp[DEBUG_MODULE_NAME_LEN];
             DPRINT((0,"module (%x) %S\n",pd->size,pd->name));
             CopyWideToAnsi(temp,pd->name);
             if(pd->size && PICE_strcmpi(p,temp) == 0)
             {
                 DPRINT((0,"module %S is loaded!\n",pd->name));
                 LEAVE_FUNC();
                 return pd;
             }
         }while((pd = pd->next)!=pdebug_module_tail);
     }
     LEAVE_FUNC();
     return NULL;
 }

Referenced by COMMAND_PROTOTYPE(), ConvertTokenToSymbol(), and TryToInstallVirtualSWBreakpoints().

◆ ListDriverModules()

BOOLEAN ListDriverModules ( void )

Definition at line 229 of file symbols.c.

 {
     PLIST_ENTRY current_entry;
     PMODULE_OBJECT current;
     POBJECT_HEADER current_obj;
 
     ENTER_FUNC();
 
     ASSERT( pModuleListHead );
 
     current_entry = pModuleListHead->Flink;
 
     while (current_entry != (pModuleListHead)){
 
         current = CONTAINING_RECORD(current_entry,MODULE_OBJECT,ListEntry);
 
         DPRINT((0,"FullName: %S, BaseName: %S, Length: %ld, EntryPoint: %x\n", current->FullName.Buffer,
                 current->BaseName.Buffer, current->Length, current->EntryPoint ));
 
         pdebug_module_tail->BaseAddress = current->Base;
         pdebug_module_tail->size = current->Length;
         PICE_wcscpy( pdebug_module_tail->name, current->BaseName.Buffer);
         pdebug_module_tail->EntryPoint = current->EntryPoint;
 
         pdebug_module_tail = pdebug_module_tail->next;
 
         if (current && _wcsicmp(current->BaseName.Buffer, L"ntoskrnl")==0)
         {
            kernel_end = (ULONG)current->Base + current->Length;
         }
         current_entry = current_entry->Flink;
     }
 
     LEAVE_FUNC();
     return TRUE;
 }

Referenced by BuildModuleList().

◆ ListSymbolStartingAt()

ULONG ListSymbolStartingAt	(	PDEBUG_MODULE	pMod,
		PICE_SYMBOLFILE_HEADER *	pSymbols,
		ULONG	index,
		LPSTR	pOutput
	)

Definition at line 1792 of file symbols.c.

 {
     PIMAGE_SYMBOL pSym, pSymEnd;
     LPSTR pStr;
     PIMAGE_SECTION_HEADER pShdr;
 
     DPRINT((0,"ListSymbolStartingAt(%x,%u)\n",(ULONG)pSymbols,index));
     DPRINT((0,"ListSymbolStartingAt(): ulOffsetToGlobals = %x ulSizeofGlobals = %x\n",pSymbols->ulOffsetToGlobals,pSymbols->ulSizeOfGlobals));
     pSym = (PIMAGE_SYMBOL)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
     pSymEnd = (PIMAGE_SYMBOL)((ULONG)pSym+pSymbols->ulSizeOfGlobals);
     pStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
     pShdr = (PIMAGE_SECTION_HEADER)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
 
     pSym += index;
 
     while( pSym < pSymEnd )
     {
         LPSTR pName;
 
         if(((pSym->Type == 0x0) || (pSym->Type == 0x20) )  &&
            ((pSym->StorageClass == IMAGE_SYM_CLASS_EXTERNAL) /*|| (pSym->StorageClass==IMAGE_SYM_CLASS_STATIC)*/) &&
            (pSym->SectionNumber > 0 ))
         {
             PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + (pSym->SectionNumber-1);
             ULONG section_flags;
             ULONG start;
 
             DPRINT((0,"ListSymbolStartingAt(): pShdr[%x] = %x\n",pSym->SectionNumber,(ULONG)pShdrThis));
 
             if(!IsRangeValid((ULONG)pShdrThis,sizeof(IMAGE_SECTION_HEADER)) )
             {
                 DPRINT((0,"ListSymbolStartingAt(): pShdr[%x] = %x is not a valid pointer\n",pSym->SectionNumber,(ULONG)pShdrThis));
                 return FALSE;
             }
             section_flags = pShdrThis->Characteristics;
             //to get address in the memory we base address of the module and
             //add offset of the section and then add offset of the symbol from
             //the begining of the section
 
             start = ((ULONG)pMod->BaseAddress+pShdrThis->VirtualAddress+pSym->Value);
             if(pSym->N.Name.Short){
                 //name is in the header. it's not zero terminated. have to copy.
                 PICE_sprintf(pOutput,"%.8X (%s) %.8s\n",start,(section_flags&IMAGE_SCN_CNT_CODE)?"TEXT":"DATA",pSym->N.ShortName);
             }
             else{
                 ASSERT(pSym->N.Name.Long<=pSymbols->ulSizeOfGlobalsStrings); //sanity check
                 pName = pStr+pSym->N.Name.Long;
                 if(!IsAddressValid((ULONG)pName))
                 {
                     DPRINT((0,"ListSymbolStartingAt(): pName = %x is not a valid pointer\n",pName));
                     return 0;
                 }
                 PICE_sprintf(pOutput,"%.8X (%s) %s\n",start,(section_flags&IMAGE_SCN_CNT_CODE)?"TEXT":"DATA",pName);
             }
 
             if((pSym+pSym->NumberOfAuxSymbols+1)<(pSymEnd))
                 return (index+pSym->NumberOfAuxSymbols+1);
         }
         index += pSym->NumberOfAuxSymbols + 1;
         pSym += pSym->NumberOfAuxSymbols + 1;
     }
     return 0;
 }

Referenced by COMMAND_PROTOTYPE().

◆ ListUserModules()

BOOLEAN ListUserModules ( PPEB peb )

Definition at line 166 of file symbols.c.

 {
     PLIST_ENTRY UserModuleListHead;
     PLIST_ENTRY Entry;
     PLDR_DATA_TABLE_ENTRY Module;
     PPEB_LDR_DATA Ldr;
 
     ENTER_FUNC();
 
     Ldr = peb->Ldr;
     if( Ldr && IsAddressValid((ULONG)Ldr)){
         UserModuleListHead = &Ldr->InLoadOrderModuleList;
         ASSERT(IsAddressValid((ULONG)UserModuleListHead));
         Entry = UserModuleListHead->Flink;
         while (Entry != UserModuleListHead)
         {
             Module = CONTAINING_RECORD(Entry, LDR_DATA_TABLE_ENTRY, InLoadOrderModuleList);
             //DbgPrint("Module: %x, BaseAddress: %x\n", Module, Module->BaseAddress);
 
             DPRINT((0,"FullName: %S, BaseName: %S, Length: %ld, EntryPoint: %x, BaseAddress: %x\n", Module->FullDllName.Buffer,
                     Module->BaseDllName.Buffer, Module->SizeOfImage, Module->EntryPoint, Module->BaseAddress ));
 
             pdebug_module_tail->size = Module->SizeOfImage;
             pdebug_module_tail->BaseAddress = Module->BaseAddress;
             pdebug_module_tail->EntryPoint = (PVOID)(Module->EntryPoint);
             ASSERT(Module->BaseDllName.Length<DEBUG_MODULE_NAME_LEN); //name length is limited
             PICE_wcscpy( pdebug_module_tail->name, Module->BaseDllName.Buffer );
             pdebug_module_tail = pdebug_module_tail->next;
 
             Entry = Entry->Flink;
         }
     }
     LEAVE_FUNC();
     return TRUE;
 }

Referenced by BuildModuleList().

◆ LoadExports()

BOOLEAN LoadExports ( void )

Definition at line 1909 of file symbols.c.

 {
     HANDLE hf;
     BOOLEAN bResult = TRUE;
 
     ENTER_FUNC();
 
     Print(OUTPUT_WINDOW,"pICE: loading exports...\n");
     hf = PICE_open(L"\\SystemRoot\\symbols\\ntoskrnl.map",OF_READ);
     /*
     if(hf)
     {
         Print(OUTPUT_WINDOW,"pICE: no System.map in /boot\n");
         hf = PICE_open("/System.map",OF_READ);
     }
     */
 
     if(hf)
     {
         //mm_segment_t oldfs;
         size_t len;
 
         len = PICE_len(hf);
         if(len)
         {
             DPRINT((0,"file len = %d\n",len));
 
             pExports = PICE_malloc(len+1,NONPAGEDPOOL);  // maybe make pool setting an option
 
             DPRINT((0,"pExports = %x\n",pExports));
 
             if(pExports)
             {
                 //oldfs = get_fs(); set_fs(KERNEL_DS);
                 ulExportLen = len;
                 ((PUCHAR)pExports)[len]=0;
                 if(len == PICE_read(hf,pExports,len))
                 {
                     DPRINT((0,"success reading system map!\n"));
                     PICE_sprintf(tempSym,"pICE: ntoskrnl.sym @ %x (size %x)\n",pExports,len);
                     Print(OUTPUT_WINDOW,tempSym);
                 }
                 else
                     DbgPrint("error reading ntoskrnl map!\n");
                 //set_fs(oldfs);
             }
         }
         PICE_close(hf);
     }
     else
     {
         Print(OUTPUT_WINDOW,"pICE: no ntoskrnl.sys \n");
         Print(OUTPUT_WINDOW,"pICE: could not load exports...\n");
         bResult = FALSE;
     }
 
     LEAVE_FUNC();
 
     return bResult;
 }

Referenced by InitPICE().

◆ LoadSymbols()

PICE_SYMBOLFILE_HEADER* LoadSymbols ( LPSTR filename )

Definition at line 1990 of file symbols.c.

 {
     HANDLE hf;
     PICE_SYMBOLFILE_HEADER* pSymbols=NULL;
     WCHAR tempstr[256];
     int conv;
     ENTER_FUNC();
 
     if( !( conv = PICE_MultiByteToWideChar(CP_ACP, NULL, filename, -1, tempstr, 256 ) ) )
     {
         DPRINT((0,"Can't convert module name.\n"));
         return NULL;
     }
     DPRINT((0,"LoadSymbols: filename %s, tempstr %S, conv: %d\n", filename, tempstr, conv));
 
     if(ulNumSymbolsLoaded<DIM(apSymbols))
     {
         hf = PICE_open(tempstr,OF_READ);
         DPRINT((0,"LoadSymbols: hf: %x, file: %S\n",hf, tempstr));
         if(hf)
         {
             //mm_segment_t oldfs;
             size_t len;
 
             DPRINT((0,"hf = %x\n",hf));
 
             len = PICE_len(hf);
             DPRINT((0,"file len = %d\n",len));
 
             if(len)
             {
                 pSymbols = PICE_malloc(len+1,NONPAGEDPOOL);  // maybe make pool setting an option
                 DPRINT((0,"pSymbols = %x\n",pSymbols));
 
                 if(pSymbols)
                 {
                     //oldfs = get_fs(); set_fs(KERNEL_DS);
                     if(len == PICE_read(hf,(PVOID)pSymbols,len))
                     {
                         DPRINT((0,"LoadSymbols(): success reading symbols!\n"));
                         DPRINT((0,"LoadSymbols(): pSymbols->magic = %X\n",pSymbols->magic));
                     }
                     //set_fs(oldfs);
 
 
                     if(pSymbols->magic == PICE_MAGIC)
                     {
                         DPRINT((0,"magic = %X\n",pSymbols->magic));
                         DPRINT((0,"name = %S\n",pSymbols->name));
                         DPRINT((0,"ulOffsetToHeaders,ulSizeOfHeader = %X,%X\n",pSymbols->ulOffsetToHeaders,pSymbols->ulSizeOfHeader));
                         DPRINT((0,"ulOffsetToGlobals,ulSizeOfGlobals = %X,%X\n",pSymbols->ulOffsetToGlobals,pSymbols->ulSizeOfGlobals));
                         DPRINT((0,"ulOffsetToGlobalsStrings,ulSizeOfGlobalsStrings = %X,%X\n",pSymbols->ulOffsetToGlobalsStrings,pSymbols->ulSizeOfGlobalsStrings));
                         DPRINT((0,"ulOffsetToStabs,ulSizeOfStabs = %X,%X\n",pSymbols->ulOffsetToStabs,pSymbols->ulSizeOfStabs));
                         DPRINT((0,"ulOffsetToStabsStrings,ulSizeOfStabsStrings = %X,%X\n",pSymbols->ulOffsetToStabsStrings,pSymbols->ulSizeOfStabsStrings));
                         DPRINT((0,"ulOffsetToSrcFiles,ulNumberOfSrcFiles = %X,%X\n",pSymbols->ulOffsetToSrcFiles,pSymbols->ulNumberOfSrcFiles));
                         DPRINT((0,"pICE: symbols loaded for module \"%S\" @ %x\n",pSymbols->name,pSymbols));
                         apSymbols[ulNumSymbolsLoaded++]=pSymbols;
                     }
                     else
                     {
                         DPRINT((0,"LoadSymbols(): freeing %x\n",pSymbols));
                         DPRINT((0,"pICE: symbols file \"%s\" corrupt\n",filename));
                         PICE_free(pSymbols);
                     }
                 }
 
             }
             PICE_close(hf);
         }
         else
         {
             DPRINT((0,"pICE: could not load symbols for %s...\n",filename));
         }
     }
 
     LEAVE_FUNC();
 
     return pSymbols;
 }

Referenced by LoadSymbolsFromConfig().

◆ LoadSymbolsFromConfig()

BOOLEAN LoadSymbolsFromConfig ( BOOLEAN bIgnoreBootParams )

Definition at line 2116 of file symbols.c.

 {
     HANDLE hf;
     LPSTR pConfig,pConfigEnd,pTemp;
     char temp[256];
     ULONG line = 1;
     BOOLEAN bResult = FALSE;
 
     ENTER_FUNC();
 
     hf = PICE_open(L"\\SystemRoot\\symbols\\pice.cfg",OF_READ);
     if(hf)
     {
         //mm_segment_t oldfs;
         size_t len;
 
         DPRINT((0,"hf = %x\n",hf));
 
         len = PICE_len(hf);
         DPRINT((0,"file len = %d\n",len));
 
         if(len)
         {
             pConfig = PICE_malloc(len+1,NONPAGEDPOOL);  // maybe make pool setting an option
             DPRINT((0,"pConfig = %x\n",pConfig));
             //oldfs = get_fs(); set_fs(KERNEL_DS);
 
             if(len == PICE_read(hf,(PVOID)pConfig,len))
             {
                 //set_fs(oldfs);
 
                 pConfigEnd = pConfig + len;
 
                 while(pConfig<pConfigEnd)
                 {
                     // skip leading spaces
                     while(*pConfig==' ' && pConfig<pConfigEnd)
                         pConfig++;
                     // get ptr to temporary
                     pTemp = temp;
                     // fill in temporary with symbol path
                     while(*pConfig!=0 && *pConfig!=0x0a && *pConfig!=0x0d && pConfig<pConfigEnd)
                         *pTemp++ = *pConfig++;
                     // finish up symbol path string
                     *pTemp = 0;
                     // skip any line ends
                     while((*pConfig==0x0a || *pConfig==0x0d) && pConfig<pConfigEnd)
                         pConfig++;
 
                     // finally try to load the symbols
                     if(PICE_strlen(temp))
                     {
                         PICE_SYMBOLFILE_HEADER *pSymbols;
 
                         // boot parameter
                         if(*temp == '!')
                         {
                             if(!bIgnoreBootParams)
                             {
                                 if(!PICE_strlen(szBootParams))
                                 {
                                     PICE_strcpy(szBootParams,temp+1);
                                     DPRINT((0,"pICE: boot params = %s\n",szBootParams));
                                 }
                                 else
                                 {
                                     DPRINT((0,"pICE: boot params already exist! ignoring...\n",szBootParams));
                                 }
                             }
                         }
                         // options
                         else if(*temp == '+')
                         {
                             if(PICE_strlen(temp)>1)
                             {
                                 if(PICE_strcmpi(temp,"+vga")==0)
                                 {
                                     eTerminalMode = TERMINAL_MODE_VGA_TEXT;
                                     DPRINT((0,"pICE: eTerminalMode = TERMINAL_MODE_VGA_TEXT\n"));
                                 }
                                 else if(PICE_strcmpi(temp,"+hercules")==0)
                                 {
                                     eTerminalMode = TERMINAL_MODE_HERCULES_GRAPHICS;
                                     DPRINT((0,"pICE: eTerminalMode = TERMINAL_MODE_HERCULES_GRAPHICS\n"));
                                 }
                                 else if(PICE_strcmpi(temp,"+serial")==0)
                                 {
                                     eTerminalMode = TERMINAL_MODE_SERIAL;
                                     DPRINT((0,"pICE: eTerminalMode = TERMINAL_MODE_SERIAL\n"));
                                 }
                             }
                             else
                             {
                                 DPRINT((0,"pICE: found option, but no value\n"));
                             }
                         }
                         // comment
                         else if(*temp == '#')
                         {
                             DPRINT((0,"comment out\n"));
                         }
                         // symbol file name/path
                         else
                         {
                             DPRINT((0,"Load symbols from file %s\n", temp));
                             pSymbols = LoadSymbols(temp);
                             DPRINT((0,"Load symbols from file %s, pSymbols: %x\n", temp, pSymbols));
                             if(pSymbols)
                             {
                                 PICE_SYMBOLFILE_SOURCE* pSrc;
                                 LPSTR p;
 
                                 pSrc = (PICE_SYMBOLFILE_SOURCE*)((ULONG)pSymbols + pSymbols->ulOffsetToSrcFiles);
                                 pCurrentSymbols = pSymbols;
                                 p = strrchr(pSrc->filename,'\\');
                                 if(p)
                                 {
                                     PICE_strcpy(szCurrentFile,p+1);
                                 }
                                 else
                                 {
                                     PICE_strcpy(szCurrentFile,pSrc->filename);
                                 }
                             }
                         }
                     }
                     else
                     {
                         DPRINT((0,"invalid line [%u] in config!\n",line));
                     }
                     line++;
                 }
             }
             else
             {
                 //set_fs(oldfs);
             }
         }
 
         PICE_close(hf);
         bResult = TRUE;
     }
     else
     {
         DPRINT((0,"pICE: config file not found! No symbols loaded.\n"));
         DPRINT((0,"pICE: Please make sure to create a file \\systemroot\\symbols\\pice.conf\n"));
         DPRINT((0,"pICE: if you want to have symbols for any module loaded.\n"));
     }
 
     LEAVE_FUNC();
 
     return bResult;
 }

Referenced by InitPICE(), and ReloadSymbols().

◆ ReadHex()

BOOLEAN ReadHex	(	LPSTR	p,
		PULONG	pValue
	)

Definition at line 391 of file symbols.c.

 {
     ULONG result=0,i;
 
     for(i=0;i<8 && p[i]!=0 && p[i]!=' ';i++)
     {
         if(p[i]>='0' && p[i]<='9')
         {
             result<<=4;
             result|=(ULONG)(UCHAR)(p[i]-'0');
         }
         else if(p[i]>='A' && p[i]<='F')
         {
             result<<=4;
             result|=(ULONG)(UCHAR)(p[i]-'A'+10);
         }
         else if(p[i]>='a' && p[i]<='f')
         {
             result<<=4;
             result|=(ULONG)(UCHAR)(p[i]-'a'+10);
         }
         else
             return FALSE;
     }
 
     *pValue = result;
     return TRUE;
 }

Referenced by ScanExportLine().

◆ ReloadSymbols()

BOOLEAN ReloadSymbols ( void )

Definition at line 2074 of file symbols.c.

 {
     BOOLEAN bResult;
 
     ENTER_FUNC();
 
     UnloadSymbols();
 
     bResult = LoadSymbolsFromConfig(TRUE);
 
     LEAVE_FUNC();
 
     return bResult;
 }

Referenced by pice_ioctl().

◆ SanityCheckExports()

BOOLEAN SanityCheckExports ( void )

Definition at line 1860 of file symbols.c.

 {
     BOOLEAN bResult = FALSE;
     ULONG i,ulValue,incr;
 
     Print(OUTPUT_WINDOW,"pICE: sanity-checking exports...\n");
     return TRUE;
     /* fix later!!! do we really need to cross reference two kinds of symbolic info?
     if(fake_kernel_module.nsyms && fake_kernel_module.syms)
     {
         incr = (fake_kernel_module.nsyms/4);
         if(!incr)incr = 1;
         for(i=0;i<fake_kernel_module.nsyms;i+=incr)
         {
             if(ScanExports((char*)fake_kernel_module.syms[i].name,&ulValue) )
             {
                 if(!(i%25))
                 {
                     ClrLine(wWindow[OUTPUT_WINDOW].y + wWindow[OUTPUT_WINDOW].usCurY);
                     PICE_sprintf(tempSym,"pICE: sanity-checking exports %u/%u",
                                           i,
                                           fake_kernel_module.nsyms);
                     PutChar(tempSym,1,wWindow[OUTPUT_WINDOW].y + wWindow[OUTPUT_WINDOW].usCurY);
                 }
 
                 if(fake_kernel_module.syms[i].value != ulValue)
                 {
                     PICE_sprintf(tempSym,"pICE: %s doesn't match (%.8X != %.8X)\n",
                                  fake_kernel_module.syms[i].name,
                                  fake_kernel_module.syms[i].value,
                                  ulValue);
                     Print(OUTPUT_WINDOW,tempSym);
 
                     return FALSE;
                 }
             }
         }
 
         bResult = TRUE;
     }
 
     return bResult;
     */
 }

Referenced by InitPICE().

◆ ScanExportLine()

BOOLEAN ScanExportLine	(	LPSTR	p,
		PULONG	ulValue,
		LPSTR *	ppPtrToSymbol
	)

Definition at line 424 of file symbols.c.

 {
     BOOLEAN bResult = FALSE;
 
     if(ReadHex(p,ulValue))
     {
         p += 11;
         *ppPtrToSymbol += 11;
         bResult = TRUE;
     }
 
     return bResult;
 }

Referenced by ScanExportsByAddress().

◆ ScanExports()

BOOLEAN ScanExports	(	const char *	pFind,
		PULONG	pValue
	)

Definition at line 327 of file symbols.c.

 {
     char temp[256];
     LPSTR pStr=NULL;
     LPSTR pExp = pExports;
     BOOLEAN bResult = FALSE;
 
     ENTER_FUNC();
     DPRINT((0,"ScanExports pValue: %x\n", pValue));
 nomatch:
     if(pExports)
         pStr = strstr(pExp,pFind);
 
     if(pStr)
     {
         LPSTR p;
         ULONG state;
         LPSTR pOldStr = pStr;
 
         for(;(*pStr!=0x0a && *pStr!=0x0d) && (ULONG)pStr>=(ULONG)pExports;pStr--);
         pStr++;
         p = temp;
         for(;(*pStr!=0x0a && *pStr!=0x0d);)*p++=*pStr++;
         *p=0;
         p = (LPSTR) PICE_strtok(temp," ");
         state=0;
         while(p)
         {
             switch(state)
             {
                 case 0:
                     ConvertTokenToHex(p,pValue);
                     break;
                 case 1:
                     break;
                 case 2:
                     if(strcmp(p,pFind)!=0)
                     {
                         DPRINT((0,"Not: %s\n", p));
                         pExp = pOldStr+1;
                         goto nomatch;
                     }
                     state = -1;
                     bResult = TRUE;
                     DPRINT((0,"%s @ %x\n",pFind,*pValue));
                     goto exit;
                     break;
             }
             state++;
             p = (char*) PICE_strtok(NULL," ");
         }
     }
 exit:
     DPRINT((0,"%s %x @ %x\n",pFind,pValue,*pValue));
 
     LEAVE_FUNC();
 
     return bResult;
 }

Referenced by ConvertTokenToSymbol(), InitPICE(), InstallPrintkHook(), and RevirtualizeBreakpointsForModule().

◆ ScanExportsByAddress()

BOOLEAN ScanExportsByAddress	(	LPSTR *	pFind,
		ULONG	ulValue
	)

Definition at line 599 of file symbols.c.

 {
     char temp[256];
     static char temp3[256];
     LPSTR p,pStartOfLine,pSymbolName=NULL;
     ULONG ulCurrentValue=0;
     BOOLEAN bResult = FALSE;
     PDEBUG_MODULE pd;
     ULONG ulMinValue = -1;
     PIMAGE_SYMBOL pSym,pSymEnd;                 //running pointer to symbols and end of sym talbe
     PIMAGE_SYMBOL pFoundSym = NULL;             //current best symbol match
     ULONG ulAddr = 0x0;                         //address of the best match
     LPSTR pStr;
     PIMAGE_SECTION_HEADER pShdr;
     PICE_SYMBOLFILE_HEADER* pSymbols;
     ULONG   ulSectionSize;
     LPSTR pName;
 
     ENTER_FUNC();
     DPRINT((0,"In ScanExportsByAddress:\n"));
 
     pSymbols = FindModuleSymbols(ulValue);
     DPRINT((0,"pSymbols: %x\n", pSymbols));
 
     if(BuildModuleList()){
         if(pSymbols && pdebug_module_head)
         {
             PDEBUG_MODULE pdTemp;
 
             DPRINT((0,"looking up symbols\n"));
             pd = pdebug_module_head;
             do
             {
                 if(pd->size){
                     pdTemp = pd;
 
                     if(ulValue>=((ULONG)pdTemp->BaseAddress) && ulValue<((ULONG)pdTemp+pdTemp->size))
                     {
                         if(PICE_wcsicmp(pdTemp->name,pSymbols->name) == 0)
                         {
                             DPRINT((0,"ScanExportsByAddress(): found symbols for module %S @ %x \n",pdTemp->name,(ULONG)pSymbols));
 
                             pSym = (PIMAGE_SYMBOL)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
                             pSymEnd = (PIMAGE_SYMBOL)((ULONG)pSym+pSymbols->ulSizeOfGlobals);
                             pStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
                             pShdr = (PIMAGE_SECTION_HEADER)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
 
                             if(!IsRangeValid((ULONG)pSym,sizeof(IMAGE_SYMBOL) ) ) //should we actually check all the symbols here?
                             {
                                 DPRINT((0,"ScanExportsByAddress(): pSym = %x is not a valid pointer\n",(ULONG)pSym));
                                 return FALSE;
                             }
 
                             DPRINT((0,"ScanExportsByAddress(): pSym = %x\n",pSym));
                             DPRINT((0,"ScanExportsByAddress(): pStr = %x\n",pStr));
                             DPRINT((0,"ScanExportsByAddress(): pShdr = %x\n",pShdr));
 
                             DPRINT((0,"ScanExportsByAddress(): %S has %u symbols\n",pSymbols->name,pSymbols->ulSizeOfGlobals/sizeof(IMAGE_SYMBOL)));
 
                             /* go through all the global symbols and find the one with
                                the largest address which is less than ulValue */
                             while(pSym < pSymEnd)
                             {   //it seems only 0x0 and 0x20 are used for type and External or Static storage classes
                                 if(((pSym->Type == 0x0) || (pSym->Type == 0x20) )  &&
                                    ((pSym->StorageClass == IMAGE_SYM_CLASS_EXTERNAL) || (pSym->StorageClass==IMAGE_SYM_CLASS_STATIC)) &&
                                    (pSym->SectionNumber > 0 ))
                                 {
                                     ULONG ulCurrAddr;
                                     PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + (pSym->SectionNumber-1);
 
 
                                     DPRINT((0,"ScanExportsByAddress(): pShdr[%x] = %x\n",pSym->SectionNumber,(ULONG)pShdrThis));
 
                                     if(!IsRangeValid((ULONG)pShdrThis,sizeof(IMAGE_SECTION_HEADER)) )
                                     {
                                         DPRINT((0,"ScanExportsByAddress(): pElfShdr[%x] = %x is not a valid pointer\n",pSym->SectionNumber,(ULONG)pShdrThis));
                                         return FALSE;
                                     }
                                     //to get address in the memory we base address of the module and
                                     //add offset of the section and then add offset of the symbol from
                                     //the begining of the section
                                     ulCurrAddr = ((ULONG)pdTemp->BaseAddress+pShdrThis->VirtualAddress+pSym->Value);
                                     DPRINT((0,"ScanExportsByAddress(): CurrAddr [1] = %x\n",ulCurrAddr));
 
                                     if(ulCurrAddr<=ulValue && ulCurrAddr>ulAddr)
                                     {
                                         ulAddr = ulCurrAddr;
                                         pFoundSym = pSym;
                                     }
                                 }
                                 //skip the auxiliary symbols and get the next symbol
                                 pSym += pSym->NumberOfAuxSymbols + 1;
                             }
                             *pFind = temp3;
                             if( pFoundSym->N.Name.Short ){
                                 pName = pFoundSym->N.ShortName;  //name is in the header
                                 PICE_sprintf(temp3,"%S!%.8s",pdTemp->name,pName); //if name is in the header it may be nonzero terminated
                             }
                             else{
                                 ASSERT(pFoundSym->N.Name.Long<=pSymbols->ulSizeOfGlobalsStrings); //sanity check
                                 pName = pStr+pFoundSym->N.Name.Long;
                                 if(!IsAddressValid((ULONG)pName))
                                 {
                                     DPRINT((0,"ScanExportsByAddress(): pName = %x is not a valid pointer\n",pName));
                                     return FALSE;
                                 }
                                 PICE_sprintf(temp3,"%S!%s",pdTemp->name,pName);
                             }
                             DPRINT((0,"ScanExportsByAddress(): pName = %x\n",(ULONG)pName));
                             return TRUE;
                         }
                     }
                 }
             }while((pd = pd->next));
         }
     }
     // if haven't found in the symbols try ntoskrnl exports. (note: check that this is needed since we
     // already checked ntoskrnl coff symbol table)
     if(pExports && ulValue >= KERNEL_START && ulValue < kernel_end)
     {
         p = pExports;
         // while we bound in System.map
         while(p<((LPSTR)pExports+ulExportLen))
         {
             // make a temp ptr to the line we can change
             pStartOfLine = p;
             // will read the hex value and return a pointer to the symbol name
             if(ScanExportLine(p,&ulCurrentValue,&pStartOfLine))
             {
                 if(ulValue>=ulCurrentValue && (ulValue-ulCurrentValue)<ulMinValue)
                 {
                     // save away our info for later
                     ulMinValue = ulValue-ulCurrentValue;
                     pSymbolName = pStartOfLine;
                     bResult = TRUE;
                     *pFind = temp3;
                     if(ulMinValue==0)
                         break;
                 }
             }
             // increment pointer to next line
             p = pStartOfLine;
             while(*p!=0 && *p!=0x0a && *p!=0x0d)p++;
                 p++;
         }
         if(bResult)
         {
             int i;
             // copy symbol name to temp string
             for(i=0;pSymbolName[i]!=0 && pSymbolName[i]!=0x0a && pSymbolName[i]!=0x0d;i++)
                 temp[i] = pSymbolName[i];
             temp[i] = 0;
             // decide if we need to append an offset
             if(ulMinValue)
                 PICE_sprintf(temp3,"ntoskrnl!%s+%.8X",temp,ulMinValue);
             else
                 PICE_sprintf(temp3,"ntoskrnl!%s",temp);
         }
     }
 
     LEAVE_FUNC();
     return bResult;
 }

Classes

Macros

Typedefs

Functions

Variables

Macro Definition Documentation

◆ NDEBUG

Typedef Documentation

◆ PVRET

◆ VRET

Function Documentation

◆ BODY_TO_HEADER()

◆ BuildModuleList()

◆ Evaluate()

◆ EvaluateSymbol()

◆ Expression()

◆ ExtractArray()

◆ ExtractNumber()

◆ ExtractStructMembers()

◆ ExtractToken()

◆ ExtractTypeName()

◆ ExtractTypeNumber()

◆ FindAddressForSourceLine()

◆ FindDriverObjectDirectory()

◆ FindFunctionByAddress()

◆ FindFunctionInModuleByName()

◆ FindGlobalStabSymbol()

◆ FindLocalsByAddress()

◆ FindModuleByName()

◆ FindModuleFromAddress()

◆ FindModuleSymbols()

◆ FindModuleSymbolsByModuleName()

◆ FindSourceLineForAddress()

◆ FindTypeDefinition()

◆ FindTypeDefinitionForCombinedTypes()

◆ FreeModuleList()

◆ HEADER_TO_BODY()

◆ InitModuleList()

◆ IsModuleLoaded()

◆ ListDriverModules()

◆ ListSymbolStartingAt()

◆ ListUserModules()

◆ LoadExports()

◆ LoadSymbols()

◆ LoadSymbolsFromConfig()

◆ ReadHex()

◆ ReloadSymbols()

◆ SanityCheckExports()

◆ ScanExportLine()

◆ ScanExports()

◆ ScanExportsByAddress()