From 2575bd6bfaea8b725b1b41afc61037fa8ce4a1cf Mon Sep 17 00:00:00 2001
From: "SND\\kernelnet_cp"
 <SND\kernelnet_cp@9b283d60-5439-405e-af05-b73fd8c4d996>
Date: Wed, 28 Jul 2010 14:42:05 +0000
Subject: [PATCH] [+] loadUnicodeString routine added

git-svn-id: https://pykd.svn.codeplex.com/svn@53157 9b283d60-5439-405e-af05-b73fd8c4d996
---
 pykd/dbgext.cpp |  1 +
 pykd/dbgmem.cpp | 72 +++++++++++++++++++++++++++++++++++++++++++++++++
 pykd/dbgmem.h   |  4 ++-
 3 files changed, 76 insertions(+), 1 deletion(-)

diff --git a/pykd/dbgext.cpp b/pykd/dbgext.cpp
index 5b5a354..3d1af35 100644
--- a/pykd/dbgext.cpp
+++ b/pykd/dbgext.cpp
@@ -53,6 +53,7 @@ BOOST_PYTHON_MODULE( pykd )
     boost::python::def( "loadSignDWords", &loadArray<long> );
     boost::python::def( "loadSignQWords", &loadArray<__int64> );
     boost::python::def( "loadPtrs", &loadPtrArray );
+    boost::python::def( "loadUnicodeString", &loadUnicodeStr );
     boost::python::def( "PtrByte", &loadByPtr<unsigned char> );
     boost::python::def( "PtrSignByte", &loadByPtr<char> );
     boost::python::def( "PtrWord", &loadByPtr<unsigned short> );
diff --git a/pykd/dbgmem.cpp b/pykd/dbgmem.cpp
index 9269ee8..45b1b28 100644
--- a/pykd/dbgmem.cpp
+++ b/pykd/dbgmem.cpp
@@ -160,4 +160,76 @@ loadPtrByPtr( ULONG64 address )
     }
 }
 
+///////////////////////////////////////////////////////////////////////////////////
+
+boost::python::object
+loadUnicodeStr( ULONG64 address )
+{
+    USHORT   length;
+    USHORT   maximumLength;
+    ULONG64  buffer = 0;
+    
+    wchar_t  *str = NULL;
+    char     *ansiStr = NULL;
+    
+    do {
+    
+        if ( !loadMemory( address, &length, sizeof( length ) ) )
+            break;
+            
+        if ( length == 0 )
+            break;            
+            
+        address += sizeof( length );
+            
+        if ( !loadMemory( address, &maximumLength, sizeof( maximumLength ) ) )          
+            break;
+           
+        address += sizeof( maximumLength );
+        
+        if ( is64bitSystem() )
+        {
+            if ( !loadMemory( address, &buffer, 8 ) )
+                break;
+                
+            address += 8;                
+        }
+        else
+        {
+            if ( !loadMemory( address, &buffer, 4 ) )
+                break;        
+                
+            buffer = addr64( buffer ); 
+            
+            address += 4;               
+        }    
+        
+        str = new wchar_t[ length/2 ];
+        
+        if ( !loadMemory( buffer, str, length ) )
+            break;
+            
+        ansiStr = new char [ length/2 ];
+            
+        WideCharToMultiByte( CP_ACP, 0, str, length/2, ansiStr, length/2, NULL, NULL );
+
+        std::string     strVal ( ansiStr, length/2 );
+            
+        delete[] str;
+        delete[] ansiStr;
+        
+        return boost::python::object( strVal );
+    
+    } while( FALSE );
+    
+    if ( str )
+        delete[] str;
+        
+    if ( ansiStr )
+        delete[] ansiStr;        
+    
+    return boost::python::object( "" );
+    
+}
+
 ///////////////////////////////////////////////////////////////////////////////////
\ No newline at end of file
diff --git a/pykd/dbgmem.h b/pykd/dbgmem.h
index b1c6c56..3036180 100644
--- a/pykd/dbgmem.h
+++ b/pykd/dbgmem.h
@@ -49,10 +49,12 @@ loadByPtr( ULONG64 address )
 boost::python::object
 loadPtrByPtr( ULONG64 address );
 
-
 boost::python::object
 loadPtrArray( ULONG64 address, ULONG  number );
 
+boost::python::object
+loadUnicodeStr( ULONG64 address );
+
 bool
 compareMemory( ULONG64 addr1, ULONG64 addr2, ULONG length );