mirror of
https://github.com/ivellioscolin/pykd.git
synced 2025-04-20 03:23:23 +08:00
[~] workitem/9499 workaround
git-svn-id: https://pykd.svn.codeplex.com/svn@69661 9b283d60-5439-405e-af05-b73fd8c4d996
This commit is contained in:
SND\EreTIk_cp
parent
b06f995200
commit
e8c6ac7b19
@ -29,11 +29,11 @@ DispFormatsLength = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
def PrintPortMesage(messageAddr, printFormat="b", use32=False, moduleName="nt"):
|
def PrintPortMesage(messageAddr, printFormat="b", use32=False):
|
||||||
"""
|
"""
|
||||||
Print _PORT_MESSAGE header and dump of message dump
|
Print _PORT_MESSAGE header and dump of message dump
|
||||||
|
|
||||||
Usage: portmsg messageAddr, printFormat[=b], use32[=False], moduleName[=nt]
|
Usage: portmsg messageAddr, printFormat[=b], use32[=False]
|
||||||
When:
|
When:
|
||||||
messageAddr - address of port message
|
messageAddr - address of port message
|
||||||
printFormat - string of display format ("d+printFormat").
|
printFormat - string of display format ("d+printFormat").
|
||||||
@ -42,37 +42,80 @@ def PrintPortMesage(messageAddr, printFormat="b", use32=False, moduleName="nt"):
|
|||||||
<link cmd=\".shell -x rundll32 url.dll,FileProtocolHandler http://msdn.microsoft.com/en-us/library/ff542790(VS.85).aspx\">http://msdn.microsoft.com/en-us/library/ff542790(VS.85).aspx</link>
|
<link cmd=\".shell -x rundll32 url.dll,FileProtocolHandler http://msdn.microsoft.com/en-us/library/ff542790(VS.85).aspx\">http://msdn.microsoft.com/en-us/library/ff542790(VS.85).aspx</link>
|
||||||
|
|
||||||
use32 - use _PORT_MESSAGE32 (instead of _PORT_MESSAGE) structure (True or False)
|
use32 - use _PORT_MESSAGE32 (instead of _PORT_MESSAGE) structure (True or False)
|
||||||
moduleName - module name with _PORT_MESSAGE structure in symbols
|
|
||||||
"""
|
"""
|
||||||
|
|
||||||
messageTypeName = "_PORT_MESSAGE"
|
# WOW64 workaround: !!! workitem/9499 !!!!
|
||||||
if (use32):
|
dynPtr = typeInfo("", "portmsg *")
|
||||||
messageTypeName = "_PORT_MESSAGE32"
|
|
||||||
|
|
||||||
messageHeader = typedVar(moduleName, messageTypeName, messageAddr)
|
|
||||||
|
def buildPortMessageType():
|
||||||
|
clientIdType = typeInfo("portmsg~_CLIENT_ID")
|
||||||
|
clientIdType.append(dynPtr, "UniqueProcess")
|
||||||
|
clientIdType.append(dynPtr, "UniqueThread")
|
||||||
|
|
||||||
|
print clientIdType
|
||||||
|
|
||||||
|
portMsgType = typeInfo("portmsg~_PORT_MESSAGE")
|
||||||
|
portMsgType.append(ushort_t, "DataLength")
|
||||||
|
portMsgType.append(ushort_t, "TotalLength")
|
||||||
|
portMsgType.append(ushort_t, "Type")
|
||||||
|
portMsgType.append(ushort_t, "DataInfoOffset")
|
||||||
|
portMsgType.append(clientIdType, "ClientId")
|
||||||
|
portMsgType.append(ulong_t, "MessageId")
|
||||||
|
portMsgType.append(ulong_t, "CallbackId")
|
||||||
|
return portMsgType
|
||||||
|
|
||||||
|
def buildPortMessage32Type():
|
||||||
|
|
||||||
|
clientIdType = typeInfo("portmsg~_CLIENT_ID32")
|
||||||
|
clientIdType.append(ulong_t, "UniqueProcess")
|
||||||
|
clientIdType.append(ulong_t, "UniqueThread")
|
||||||
|
|
||||||
|
portMsgType = typeInfo("portmsg~_PORT_MESSAGE32", 4)
|
||||||
|
portMsgType.append(ushort_t, "DataLength")
|
||||||
|
portMsgType.append(ushort_t, "TotalLength")
|
||||||
|
portMsgType.append(ushort_t, "Type")
|
||||||
|
portMsgType.append(ushort_t, "DataInfoOffset")
|
||||||
|
portMsgType.append(clientIdType, "ClientId")
|
||||||
|
portMsgType.append(ulong_t, "MessageId")
|
||||||
|
portMsgType.append(ulong_t, "CallbackId")
|
||||||
|
return portMsgType
|
||||||
|
|
||||||
|
|
||||||
|
if (use32):
|
||||||
|
messageTypeName = buildPortMessage32Type()
|
||||||
|
else:
|
||||||
|
messageTypeName = buildPortMessageType()
|
||||||
|
|
||||||
|
messageHeader = typedVar(messageTypeName, messageAddr)
|
||||||
if (None == messageHeader):
|
if (None == messageHeader):
|
||||||
dprintln("ERROR: Getting (" + moduleName + "!" + messageTypeName + " *)(0x%x) failed" % messageAddr )
|
dprintln("ERROR: Getting (" + moduleName + "!" + messageTypeName + " *)(0x%x) failed" % messageAddr )
|
||||||
return
|
return
|
||||||
|
|
||||||
dprintln( "Data length : %3d (0x%02x)" % (messageHeader.u1.s1.DataLength, messageHeader.u1.s1.DataLength) )
|
dprintln( "Data length : %3d (0x%02x)" % (messageHeader.DataLength, messageHeader.DataLength) )
|
||||||
dprintln( "Total length : %3d (0x%02x)" % (messageHeader.u1.s1.TotalLength, messageHeader.u1.s1.TotalLength) )
|
dprintln( "Total length : %3d (0x%02x)" % (messageHeader.TotalLength, messageHeader.TotalLength) )
|
||||||
calcHeaderLen = messageHeader.u1.s1.TotalLength - messageHeader.u1.s1.DataLength
|
calcHeaderLen = messageHeader.TotalLength - messageHeader.DataLength
|
||||||
headerLen = sizeof(moduleName, messageTypeName)
|
headerLen = messageTypeName.size()
|
||||||
if (calcHeaderLen != headerLen):
|
if (calcHeaderLen != headerLen):
|
||||||
dprintln( "WARRING: calculated size (%2d (0x%02x)) of LPC-header does not match with symbols information (%2d (0x%02x))" % (calcHeaderLen, calcHeaderLen, headerLen, headerLen) )
|
dprintln( "WARRING: calculated size (%2d (0x%02x)) of LPC-header does not match with symbols information (%2d (0x%02x))" % (calcHeaderLen, calcHeaderLen, headerLen, headerLen) )
|
||||||
if (messageHeader.u2.s2.Type in LpcMessageType):
|
if (messageHeader.Type in LpcMessageType):
|
||||||
dprintln( "Message type : " + LpcMessageType[messageHeader.u2.s2.Type] )
|
dprintln( "Message type : " + LpcMessageType[messageHeader.Type] )
|
||||||
else:
|
else:
|
||||||
dprintln( "Message type : %3d (0x%x)" % (messageHeader.u2.s2.Type, messageHeader.u2.s2.Type) )
|
dprintln( "Message type : %3d (0x%x)" % (messageHeader.Type, messageHeader.Type) )
|
||||||
procFindStr = "<link cmd=\"!process 0x%x\">%d(0x%x)</link>" % (messageHeader.ClientId.UniqueProcess, messageHeader.ClientId.UniqueProcess, messageHeader.ClientId.UniqueProcess)
|
|
||||||
dprintln( "Client ID : process= " + procFindStr + ", thread= %d(0x%x)" % (messageHeader.ClientId.UniqueThread, messageHeader.ClientId.UniqueThread), True)
|
procFindStr = ""
|
||||||
dprintln( "View/Callback : %d (0x%x)" % (messageHeader.ClientViewSize, messageHeader.ClientViewSize) )
|
if isKernelDebugging():
|
||||||
|
procFindStr = "<link cmd=\"!process 0x%x\">%d(0x%x)</link>" % (messageHeader.ClientId.UniqueProcess, messageHeader.ClientId.UniqueProcess, messageHeader.ClientId.UniqueProcess)
|
||||||
|
else:
|
||||||
|
procFindStr = "%d(0x%x)" % (messageHeader.ClientId.UniqueProcess, messageHeader.ClientId.UniqueProcess)
|
||||||
|
dprintln( "Client ID : process= " + procFindStr + ", thread= %d(0x%x)" % (messageHeader.ClientId.UniqueThread, messageHeader.ClientId.UniqueThread), isKernelDebugging())
|
||||||
|
dprintln( "View/Callback : %d (0x%x)" % (messageHeader.CallbackId, messageHeader.CallbackId) )
|
||||||
if (printFormat not in DispFormatsLength):
|
if (printFormat not in DispFormatsLength):
|
||||||
dprintln( "WARRING: Unknown (" + printFormat + ") diplay fromat. Use \"b\"" )
|
dprintln( "WARRING: Unknown (" + printFormat + ") diplay fromat. Use \"b\"" )
|
||||||
printFormat = "b"
|
printFormat = "b"
|
||||||
dataAddr = messageHeader.getAddress() + headerLen
|
dataAddr = messageHeader.getAddress() + headerLen
|
||||||
printCommand = "d" + printFormat + " 0x%x" % dataAddr
|
printCommand = "d" + printFormat + " 0x%x" % dataAddr
|
||||||
dataCount = messageHeader.u1.s1.DataLength / DispFormatsLength[printFormat]
|
dataCount = messageHeader.DataLength / DispFormatsLength[printFormat]
|
||||||
printCommand += " L 0x%x " % dataCount
|
printCommand += " L 0x%x " % dataCount
|
||||||
dprintln( "<link cmd=\"" + printCommand + "\">Dump of message data:</link>", True )
|
dprintln( "<link cmd=\"" + printCommand + "\">Dump of message data:</link>", True )
|
||||||
dprintln( dbgCommand(printCommand) )
|
dprintln( dbgCommand(printCommand) )
|
||||||
@ -86,7 +129,5 @@ if __name__ == "__main__":
|
|||||||
PrintPortMesage(expr(sys.argv[1]), sys.argv[2])
|
PrintPortMesage(expr(sys.argv[1]), sys.argv[2])
|
||||||
elif (4 == argc):
|
elif (4 == argc):
|
||||||
PrintPortMesage(expr(sys.argv[1]), sys.argv[2], sys.argv[3] == "True")
|
PrintPortMesage(expr(sys.argv[1]), sys.argv[2], sys.argv[3] == "True")
|
||||||
elif (5 == argc):
|
|
||||||
PrintPortMesage(expr(sys.argv[1]), sys.argv[2], sys.argv[3] == "True", sys.argv[4])
|
|
||||||
else:
|
else:
|
||||||
dprintln(PrintPortMesage.__doc__, True)
|
dprintln(PrintPortMesage.__doc__, True)
|
||||||
|
|||||||
@ -39,6 +39,9 @@ def rpcSrvIf(ifSpec):
|
|||||||
|
|
||||||
return formatGuid(synId.SyntaxGUID) + " " + formatRpcVer(synId.SyntaxVersion)
|
return formatGuid(synId.SyntaxGUID) + " " + formatRpcVer(synId.SyntaxVersion)
|
||||||
|
|
||||||
|
# WOW64 workaround: !!! workitem/9499 !!!!
|
||||||
|
dynPtr = typeInfo("", "rpcSrvIf *")
|
||||||
|
|
||||||
# prepare structures for parsing
|
# prepare structures for parsing
|
||||||
commGuid = typeInfo("rpcSrvIf~_GUID")
|
commGuid = typeInfo("rpcSrvIf~_GUID")
|
||||||
commGuid.append(ulong_t, "data1")
|
commGuid.append(ulong_t, "data1")
|
||||||
@ -60,24 +63,24 @@ def rpcSrvIf(ifSpec):
|
|||||||
|
|
||||||
prcDispatchTable = typeInfo("rpcSrvIf~_RPC_DISPATCH_TABLE")
|
prcDispatchTable = typeInfo("rpcSrvIf~_RPC_DISPATCH_TABLE")
|
||||||
prcDispatchTable.append(uint_t, "DispatchTableCount")
|
prcDispatchTable.append(uint_t, "DispatchTableCount")
|
||||||
prcDispatchTable.append(ptr_t, "DispatchTable")
|
prcDispatchTable.append(dynPtr, "DispatchTable")
|
||||||
prcDispatchTable.append(ptr_t, "Reserved")
|
prcDispatchTable.append(dynPtr, "Reserved")
|
||||||
# print prcDispatchTable
|
# print prcDispatchTable
|
||||||
|
|
||||||
midlServerInfoHeader = typeInfo("rpcSrvIf~_MIDL_SERVER_INFO_hdr")
|
midlServerInfoHeader = typeInfo("rpcSrvIf~_MIDL_SERVER_INFO_hdr")
|
||||||
midlServerInfoHeader.append(ptr_t, "pStubDesc")
|
midlServerInfoHeader.append(dynPtr, "pStubDesc")
|
||||||
midlServerInfoHeader.append(ptr_t, "DispatchTable")
|
midlServerInfoHeader.append(dynPtr, "DispatchTable")
|
||||||
# print midlServerInfoHeader
|
# print midlServerInfoHeader
|
||||||
|
|
||||||
rpcServerInterface = typeInfo("rpcSrvIf~_RPC_SERVER_INTERFACE")
|
rpcServerInterface = typeInfo("rpcSrvIf~_RPC_SERVER_INTERFACE")
|
||||||
rpcServerInterface.append(uint_t, "Length")
|
rpcServerInterface.append(uint_t, "Length")
|
||||||
rpcServerInterface.append(rpcSintaxIdentifier, "InterfaceId")
|
rpcServerInterface.append(rpcSintaxIdentifier, "InterfaceId")
|
||||||
rpcServerInterface.append(rpcSintaxIdentifier, "TransferSyntax")
|
rpcServerInterface.append(rpcSintaxIdentifier, "TransferSyntax")
|
||||||
rpcServerInterface.append(ptr_t, "DispatchTable") # -> prcDispatchTable
|
rpcServerInterface.append(dynPtr, "DispatchTable") # -> prcDispatchTable
|
||||||
rpcServerInterface.append(uint_t, "RpcProtseqEndpointCount")
|
rpcServerInterface.append(uint_t, "RpcProtseqEndpointCount")
|
||||||
rpcServerInterface.append(ptr_t, "RpcProtseqEndpoint")
|
rpcServerInterface.append(dynPtr, "RpcProtseqEndpoint")
|
||||||
rpcServerInterface.append(ptr_t, "DefaultManagerEpv")
|
rpcServerInterface.append(dynPtr, "DefaultManagerEpv")
|
||||||
rpcServerInterface.append(ptr_t, "InterpreterInfo") # -> midlServerInfoHeader
|
rpcServerInterface.append(dynPtr, "InterpreterInfo") # -> midlServerInfoHeader
|
||||||
rpcServerInterface.append(uint_t, "Flags")
|
rpcServerInterface.append(uint_t, "Flags")
|
||||||
# print rpcServerInterface
|
# print rpcServerInterface
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user