zjgcjy/pykd
1
0
Fork 0
mirror of https://github.com/ivellioscolin/pykd.git synced 2025-04-20 03:23:23 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

[+] added : getCurrentPorcess, setCurrentProcess routines

Browse Source 
git-svn-id: https://pykd.svn.codeplex.com/svn@58080 9b283d60-5439-405e-af05-b73fd8c4d996
This commit is contained in:
SND\kernelnet_cp 2010-11-26 15:26:00 +00:00
parent a5fd4481fe
commit 470e376d73
4 changed files with 104 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pykd/dbgext.cpp
View File

@ -135,6 +135,8 @@ BOOST_PYTHON_MODULE( pykd )
boost::python::def( "getImplicitThread", &getImplicitThread );
boost::python::def( "setImplicitThread", &setImplicitThread );
boost::python::def( "getThreadList", &getThreadList );
boost::python::def( "getCurrentProcess", &getCurrentProcess );
boost::python::def( "setCurrentProcess", &setCurrentProcess );
boost::python::def( "getProcessorMode", &getProcessorMode );
boost::python::def( "setProcessorMode", &setProcessorMode );
boost::python::class_<typedVarClass>( "typedVarClass" )

52
pykd/dbgprocess.cpp
View File

@ -252,3 +252,55 @@ setProcessorMode(
}
/////////////////////////////////////////////////////////////////////////////////
ULONG64
getCurrentProcess()
{
HRESULT hres;
try {
ULONG64 processAddr = 0;
hres = dbgExt->system2->GetImplicitProcessDataOffset( &processAddr );
if ( FAILED( hres ) )
throw DbgException( "IDebugSystemObjects2::GetImplicitProcessDataOffset failed" );
return processAddr;
}
catch( std::exception &e )
{
dbgExt->control->Output( DEBUG_OUTPUT_ERROR, "pykd error: %s\n", e.what() );
}
catch(...)
{
dbgExt->control->Output( DEBUG_OUTPUT_ERROR, "pykd unexpected error\n" );
}
return 0;
}
/////////////////////////////////////////////////////////////////////////////////
VOID
setCurrentProcess(
ULONG64 processAddr )
{
HRESULT hres;
try {
hres = dbgExt->system2->SetImplicitProcessDataOffset( processAddr );
if ( FAILED( hres ) )
throw DbgException( "IDebugSystemObjects2::SetImplicitProcessDataOffset failed" );
}
catch( std::exception &e )
{
dbgExt->control->Output( DEBUG_OUTPUT_ERROR, "pykd error: %s\n", e.what() );
}
catch(...)
{
dbgExt->control->Output( DEBUG_OUTPUT_ERROR, "pykd unexpected error\n" );
}
}
/////////////////////////////////////////////////////////////////////////////////

8
pykd/dbgprocess.h
View File

@ -16,7 +16,6 @@ setImplicitThread(
ULONG64
getImplicitThread();
boost::python::object
getCurrentStack();
@ -42,4 +41,11 @@ void
setProcessorMode(
const std::string &mode );
ULONG64
getCurrentProcess();
VOID
setCurrentProcess(
ULONG64 processAddr );
/////////////////////////////////////////////////////////////////////////////////

42
samples/stacks.py
View File

@ -4,6 +4,18 @@ from pykd import *
def printStack():
def printThreadStack( threadPtr ):
setImplicitThread( threadPtr )
stackFrames = getCurrentStack()
for frame in stackFrames: dprintln( findSymbol( frame.instructionOffset ) + " (%x)" % frame.instructionOffset )
dprintln("")
def printUserStack():
threadList = getThreadList()
oldMode = getProcessorMode()
@ -12,14 +24,36 @@ def printStack():
setProcessorMode("X86")
for threadPtr in threadList:
setImplicitThread( threadPtr )
stackFrames = getCurrentStack()
for frame in stackFrames: dprintln( findSymbol( frame.instructionOffset ) + " (%x)" % frame.instructionOffset )
dprintln("")
printThreadStack( threadPtr )
setProcessorMode(oldMode)
def printKernelStack():
process = typedVar( "nt", "_EPROCESS", getCurrentProcess() )
threadList = typedVarList( process.ThreadListHead.getAddress(), "nt", "_ETHREAD", "ThreadListEntry" )
oldMode = getProcessorMode()
if is64bitSystem() and process.Wow64Process != 0:
setProcessorMode("X86")
for thread in threadList:
printThreadStack( thread.getAddress() )
setProcessorMode(oldMode)
if isKernelDebugging():
printKernelStack()
else:
printUserStack()
if __name__ == "__main__":
if not isSessionStart():