程序博客网 > 淘宝网店怎么注册平台

DbgHelp应用程序的开发(二)

来源:互联网 发布:淘宝网店怎么注册平台 编辑:程序博客网 时间:2024/06/11 00:26

采用vs2010的 DIA库以及DbgHelp的API开发, 本工具可以生成目标应用程序的全局变量信息以及所有数据类型的信息

主要目的是通过这个过程,开发一个比较完善的Symbol file生成工具。

Symbol file (霍尼韦尔机载软件测试TIU Server Dtmon input file)格式:


PDBDump工具运行界面:


源码:

main.h

#ifndef _MAIN_H_#define _MAIN_H_#include <stdio.h>#include <windows.h>#endif /* _MAIN_H_ */
main.cpp

#include "main.h"#include "PDBDump.h"#include "DataInfo.h"#include <dbghelp.h>FILE *pfDbg;FILE *pfRpt;int main(const int avgc, char *argv[]){HANDLE processHandle;BOOL bRetVal;char *sImageName;if(avgc < 2)return -1;elsesImageName = argv[1];printf("Start the process...\r\n");if((pfDbg = fopen("Debug.txt", "wb")) == NULL){printf("Can't open the debug file.\r\n");return -1;}if((pfRpt = fopen("SymbolFile.txt", "wb")) == NULL){printf("Can't open the debug file.\r\n");return -1;}processHandle = GetCurrentProcess();printf("Process Handle: 0x%08X\r\n", (unsigned long)processHandle);if(SymInitialize(processHandle, sImageName , TRUE)){printf("SymInitialize is OK!\r\n");ProcessInfo.baseAddr = SymLoadModule(processHandle, NULL, sImageName, NULL, 0, 0);ProcessInfo.m_hProcess = processHandle;printf("Process base address: 0x%08X\r\n", ProcessInfo.baseAddr);fprintf(pfDbg, "************************************\r\n");fprintf(pfDbg, "File path: %s\r\n", sImageName);fprintf(pfDbg, "Process base address: %08X\r\n", ProcessInfo.baseAddr);fprintf(pfDbg, "************************************\r\n");if(ProcessInfo.baseAddr){SymSetOptions(SymGetOptions() | SYMOPT_UNDNAME);bRetVal = SymEnumerateModules64(ProcessInfo.m_hProcess, enumModules, NULL);printf("SymEnumerateModules64 | bRetVal = %s\r\n", bRetVal? "TRUE" : "FALSE");bRetVal = SymEnumSourceFiles(ProcessInfo.m_hProcess, ProcessInfo.baseAddr, "", enumSourceFiles, NULL);printf("SymEnumSourceFiles | bRetVal = %s\r\n", bRetVal? "TRUE" : "FALSE");bRetVal = SymEnumTypes(ProcessInfo.m_hProcess, ProcessInfo.baseAddr, enumUDT, NULL);printf("SymEnumTypes | bRetVal = %s\r\n", bRetVal? "TRUE" : "FALSE");bRetVal = SymEnumSymbols(ProcessInfo.m_hProcess, ProcessInfo.baseAddr, 0, enumSymbols, NULL);printf("SymEnumSymbols | bRetVal = %s\r\n", bRetVal? "TRUE" : "FALSE");SymUnloadModule(ProcessInfo.m_hProcess, ProcessInfo.baseAddr);printf("SymUnloadModule\r\n");}else{printf("Can't get the base address of the process.\r\n");}}else{printf("SymInitialize is ERROR!\r\n");}test();fclose(pfDbg);fclose(pfRpt);printf("Stop this process...\r\n");return 0;}
PDBDump.h

#ifndef _PDBDUMP_H_#define _PDBDUMP_H_#include "main.h"#include <dbghelp.h>enum SymTagEnum // Stolen from CVCONST.H in the DIA 2.0 SDK{SymTagNull,SymTagExe,SymTagCompiland,SymTagCompilandDetails,SymTagCompilandEnv,SymTagFunction,SymTagBlock,SymTagData,SymTagAnnotation,SymTagLabel,SymTagPublicSymbol,SymTagUDT,SymTagEnum,SymTagFunctionType,SymTagPointerType,SymTagArrayType,SymTagBaseType, SymTagTypedef, SymTagBaseClass,SymTagFriend,SymTagFunctionArgType, SymTagFuncDebugStart, SymTagFuncDebugEnd,SymTagUsingNamespace, SymTagVTableShape,SymTagVTable,SymTagCustom,SymTagThunk,SymTagCustomType,SymTagManagedType,SymTagDimension};enum BasicType{    btNoType = 0,    btVoid = 1,    btChar = 2,    btWChar = 3,    btInt = 6,    btUInt = 7,    btFloat = 8,    btBCD = 9,    btBool = 10,    btLong = 13,    btULong = 14,    btCurrency = 25,    btDate = 26,    btVariant = 27,    btComplex = 28,    btBit = 29,    btBSTR = 30,    btHresult = 31};extern BOOL CALLBACK enumSymbols(PSYMBOL_INFO pSymInfo,ULONG SymbolSize, PVOID UserContext);extern BOOL CALLBACK enumUDT(PSYMBOL_INFO pUDTInfo,ULONG UDTSize, PVOID UserContext);extern BOOL CALLBACK enumSourceFiles(PSOURCEFILE pSourceFile, PVOID UserContext);extern BOOL CALLBACK enumModules(PCSTR ModuleName, DWORD64 BaseOfDll, PVOID UserContext);typedef struct{char *pname;unsigned long baseAddr;HANDLE m_hProcess;}ProcessInfo_sTypedef;extern ProcessInfo_sTypedef ProcessInfo;extern char * basicTypeDataTypeString[];extern const char * const basicTypeTypeNameString[];extern const char * const rgTags[];#endif /* _PDBDUMP_H_ */
PDBDump.cpp

#include "PDBDump.h"#include <string>#include "DataInfo.h"ProcessInfo_sTypedef ProcessInfo;extern FILE *pfDbg;// Basic typesconst char * const basicTypeTypeNameString[] ={  "<NoType>",                         // btNoType = 0,  "void",                             // btVoid = 1,  "char",                             // btChar = 2,  "wchar_t",                          // btWChar = 3,  "signed char",  "unsigned char",  "int",                              // btInt = 6,  "unsigned int",                     // btUInt = 7,  "float",                            // btFloat = 8,  "<BCD>",                            // btBCD = 9,  "bool",                             // btBool = 10,  "short",  "unsigned short",  "long",                             // btLong = 13,  "unsigned long",                    // btULong = 14,  "__int8",  "__int16",  "__int32",  "__int64",  "__int128",  "unsigned __int8",  "unsigned __int16",  "unsigned __int32",  "unsigned __int64",  "unsigned __int128",  "<currency>",                       // btCurrency = 25,  "<date>",                           // btDate = 26,  "VARIANT",                          // btVariant = 27,  "<complex>",                        // btComplex = 28,  "<bit>",                            // btBit = 29,  "BSTR",                             // btBSTR = 30,  "HRESULT"                           // btHresult = 31};char * basicTypeDataTypeString[] = { "UNKNOWN", "UNKNOWN","C8","C8","UNKNOWN","UNKNOWN","S32","U32","F32","F32","U8","UNKNOWN","UNKNOWN","S32","U32","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","UNKNOWN","btCurrency","btDate","btVariant","btComplex","btBit","btBSTR","btHresult",};// Tags returned by Diaconst char * const rgTags[] ={  "(SymTagNull)",                     // SymTagNull  "Executable (Global)",              // SymTagExe  "Compiland",                        // SymTagCompiland  "CompilandDetails",                 // SymTagCompilandDetails  "CompilandEnv",                     // SymTagCompilandEnv  "Function",                         // SymTagFunction  "Block",                            // SymTagBlock  "Data",                             // SymTagData  "Annotation",                       // SymTagAnnotation  "Label",                            // SymTagLabel  "PublicSymbol",                     // SymTagPublicSymbol  "UserDefinedType",                  // SymTagUDT  "Enum",                             // SymTagEnum  "FunctionType",                     // SymTagFunctionType  "PointerType",                      // SymTagPointerType  "ArrayType",                        // SymTagArrayType  "BaseType",                         // SymTagBaseType  "Typedef",                          // SymTagTypedef  "BaseClass",                        // SymTagBaseClass  "Friend",                           // SymTagFriend  "FunctionArgType",                  // SymTagFunctionArgType  "FuncDebugStart",                   // SymTagFuncDebugStart  "FuncDebugEnd",                     // SymTagFuncDebugEnd  "UsingNamespace",                   // SymTagUsingNamespace  "VTableShape",                      // SymTagVTableShape  "VTable",                           // SymTagVTable  "Custom",                           // SymTagCustom  "Thunk",                            // SymTagThunk  "CustomType",                       // SymTagCustomType  "ManagedType",                      // SymTagManagedType  "Dimension",                        // SymTagDimension};const char * const rgUdtKind[] ={  "STRUCT",  "CLASS",  "UNION",  "ENUM",};DWORD getArrayChildrenLevel(    __in HANDLE hProcess,    __in DWORD64 ModBase,    __in ULONG TypeId,    __in IMAGEHLP_SYMBOL_TYPE_INFO GetType,    __out PVOID pInfo,DWORD level    ){DWORD arrayTypeId;DWORD arrayChildrenTypeId;DWORD dwVal;if(SymGetTypeInfo(ProcessInfo.m_hProcess, ModBase, TypeId, TI_GET_TYPEID, &arrayTypeId)){SymGetTypeInfo(ProcessInfo.m_hProcess, ModBase, arrayTypeId, TI_GET_SYMTAG, &dwVal);if(dwVal == SymTagArrayType)level = getArrayChildrenLevel(ProcessInfo.m_hProcess, ModBase, arrayTypeId, TI_GET_TYPEID, &arrayChildrenTypeId, level + 1);elselevel++;}return level;}ULONG getArrayChildrenCount(__in HANDLE hProcess,    __in DWORD64 ModBase,    __in ULONG TypeId,    __in IMAGEHLP_SYMBOL_TYPE_INFO GetType,    __out PVOID pInfo,DWORD *pCount,unsigned int index){DWORD arrayTypeId;DWORD arrayChildrenTypeId;DWORD dwVal;SymGetTypeInfo(ProcessInfo.m_hProcess, ModBase, TypeId, TI_GET_COUNT, &pCount[index]);if(SymGetTypeInfo(ProcessInfo.m_hProcess, ModBase, TypeId, TI_GET_TYPEID, &arrayTypeId)){SymGetTypeInfo(ProcessInfo.m_hProcess, ModBase, arrayTypeId, TI_GET_SYMTAG, &dwVal);if(dwVal == SymTagArrayType){TypeId = getArrayChildrenCount(ProcessInfo.m_hProcess, ModBase, arrayTypeId, TI_GET_TYPEID, &arrayChildrenTypeId, pCount, index + 1);}else{TypeId = arrayTypeId;}}return TypeId;}BOOL CALLBACK enumSymbols(PSYMBOL_INFO pSymInfo,ULONG SymbolSize, PVOID UserContext){BasicType dwBaseType = btNoType;DWORD dwVal;BOOL bSuccess;DWORD arrayTypeId;DWORD arrayTypeChildrenId;DWORD dwArrayCount;DWORD level = 0;DWORD *dwpArrayCount;EnumSymbols *pEnumSymbols;static WCHAR * pwszTypeName;char *pBuf0;unsigned int chCount;if (pSymInfo->Tag == SymTagData){fprintf(pfDbg, "[DATA] ");fprintf(pfDbg, "[%-32s] ", pSymInfo->Name);pEnumSymbols = new EnumSymbols;pEnumSymbols->strName = pSymInfo->Name;fprintf(pfDbg, "[Addr: %08X] ", pSymInfo->Address);pEnumSymbols->ullAddr = pSymInfo->Address;fprintf(pfDbg, "[Size: %d Byte] ", pSymInfo->Size);pEnumSymbols->ullSize = pSymInfo->Size;if((pSymInfo->Size != 0) && ((pSymInfo->Name)[0] != '$'))pEnumSymbols->dataValid = TRUE;elsepEnumSymbols->dataValid = FALSE;SymGetTypeInfo (ProcessInfo.m_hProcess, pSymInfo->ModBase, pSymInfo->TypeIndex, TI_GET_SYMTAG, &dwVal);fprintf(pfDbg, "[%s] ", rgTags[dwVal]);pEnumSymbols->dwSymTagType = dwVal;pEnumSymbols->dwpArrayCount = NULL;switch(dwVal){case SymTagBaseType:SymGetTypeInfo(ProcessInfo.m_hProcess, pSymInfo->ModBase, pSymInfo->TypeIndex, TI_GET_BASETYPE, &dwVal);fprintf(pfDbg, "[%s] ", basicTypeTypeNameString[dwVal]);pEnumSymbols->dwArrayCount = 1;pEnumSymbols->dwBaseType = dwVal;pEnumSymbols->strTypeName = basicTypeTypeNameString[dwVal];EnumSymbolsInfoList.push_back(pEnumSymbols);break;case SymTagEnum:case SymTagUDT:pEnumSymbols->dwArrayCount = 1;pEnumSymbols->dwBaseType = 0;bSuccess = SymGetTypeInfo(ProcessInfo.m_hProcess, pSymInfo->ModBase,pSymInfo->TypeIndex, TI_GET_SYMNAME, &pwszTypeName);if(bSuccess){fprintf(pfDbg, "[%ls] ", pwszTypeName);chCount = WideCharToMultiByte (CP_ACP, 0, pwszTypeName, wcslen (pwszTypeName), NULL, 0, 0, 0) + 1;pBuf0 = new char [chCount];sprintf(pBuf0, "%ls", pwszTypeName);LocalFree(pwszTypeName);pEnumSymbols->strTypeName = pBuf0;delete[] pBuf0;}else{fprintf(pfDbg, "[UNKNOWN] ");pEnumSymbols->strTypeName = "UNKNOWN";}EnumSymbolsInfoList.push_back(pEnumSymbols);break;case SymTagPointerType:pEnumSymbols->dwArrayCount = 1;pEnumSymbols->dwBaseType = btUInt;pEnumSymbols->strTypeName = basicTypeTypeNameString[btUInt];EnumSymbolsInfoList.push_back(pEnumSymbols);break;case SymTagArrayType:level = getArrayChildrenLevel(ProcessInfo.m_hProcess, pSymInfo->ModBase, pSymInfo->TypeIndex, TI_GET_TYPEID, &arrayTypeId, 0);dwpArrayCount = new DWORD[level];arrayTypeChildrenId = getArrayChildrenCount(ProcessInfo.m_hProcess, pSymInfo->ModBase, pSymInfo->TypeIndex, TI_GET_TYPEID, &arrayTypeId, dwpArrayCount, 0);if(arrayTypeChildrenId){SymGetTypeInfo(ProcessInfo.m_hProcess, pSymInfo->ModBase, arrayTypeChildrenId, TI_GET_SYMTAG, &dwVal);switch(dwVal){case SymTagBaseType:if (SymGetTypeInfo(ProcessInfo.m_hProcess, pSymInfo->ModBase, arrayTypeChildrenId, TI_GET_BASETYPE, &dwVal )){fprintf(pfDbg, "[%s] ", basicTypeTypeNameString[dwVal]);pEnumSymbols->strTypeName = basicTypeTypeNameString[dwVal];pEnumSymbols->dwBaseType = dwVal;}break;case SymTagEnum:case SymTagUDT:pEnumSymbols->dwBaseType = 0;bSuccess = SymGetTypeInfo(ProcessInfo.m_hProcess, pSymInfo->ModBase,arrayTypeChildrenId, TI_GET_SYMNAME, &pwszTypeName);if(bSuccess){fprintf(pfDbg, "[%ls] ", pwszTypeName);chCount = WideCharToMultiByte (CP_ACP, 0, pwszTypeName, wcslen (pwszTypeName), NULL, 0, 0, 0) + 1;pBuf0 = new char [chCount];sprintf(pBuf0, "%ls", pwszTypeName);LocalFree(pwszTypeName);pEnumSymbols->strTypeName = pBuf0;delete[] pBuf0;}else{fprintf(pfDbg, "[UNKNOWN] ");pEnumSymbols->strTypeName = "UNKNOWN";}break;case SymTagPointerType:fprintf(pfDbg, "[POINTER] ");pEnumSymbols->dwBaseType = btUInt;pEnumSymbols->strTypeName = basicTypeTypeNameString[btUInt];break;default:pEnumSymbols->dwBaseType = 0;fprintf(pfDbg, "[UNKNOWN %d] ", dwVal);pEnumSymbols->strTypeName = "UNKNOWN";break;}}else{pEnumSymbols->dwBaseType = 0;pEnumSymbols->strTypeName = "UNKNOWN";}fprintf(pfDbg, "[ArrayLevel: %d] ", level);pEnumSymbols->dwpArrayCount = dwpArrayCount;pEnumSymbols->arrayLevel = level;while(level){fprintf(pfDbg, "[ArrayCount %d: %d] ", level, dwpArrayCount[--level]);}pEnumSymbols->dwArrayCount = dwpArrayCount[0];EnumSymbolsInfoList.push_back(pEnumSymbols);break;default:delete pEnumSymbols;break;}fprintf(pfDbg, "\r\n");}return TRUE;}BOOL CALLBACK enumUDT(PSYMBOL_INFO pUDTInfo,ULONG UDTSize, PVOID UserContext){DWORD dwChildrenCount = 0;DWORD dwMemberOffset;DWORD typeId;DWORD arrayTypeId;DWORD arrayTypeChildrenId;DWORD dwArrayCount;DWORD level = 0;DWORD *dwpArrayCount;BOOL dataValid;unsigned int i;char *pBuf0;char *pBuf1;unsigned int chCount;static TI_FINDCHILDREN_PARAMS *pChildren;static WCHAR * pwszTypeName;static WCHAR * pwchildTypeName;static BOOL bSuccess;static DWORD dwVal;static DWORD dwlength;static ULONG64 dwArraylength;//定义类型数据指针并分配内存空间EnumTypes *pEnumTypes = new EnumTypes;//子目录类型数据指针ChildrenEnumTypes *pChildrenEnumTypes;SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, pUDTInfo->TypeIndex, TI_GET_CHILDRENCOUNT, &dwChildrenCount);//存储自定义数据类型的子目录个数pEnumTypes->dwChildrenCount = dwChildrenCount;pChildren = (TI_FINDCHILDREN_PARAMS *)new char[sizeof(TI_FINDCHILDREN_PARAMS) + sizeof(DWORD) * dwChildrenCount];pChildren->Count = dwChildrenCount;pChildren->Start = 0;bSuccess = SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, pUDTInfo->TypeIndex, TI_FINDCHILDREN, pChildren);fprintf(pfDbg, "-----------------------------------\r\n", pUDTInfo->Name);fprintf(pfDbg, "[Name: %s]\r\n", pUDTInfo->Name);//存储自定义类型名字pEnumTypes->strName = pUDTInfo->Name;fprintf(pfDbg, "| [Type: %s : ", rgTags[pUDTInfo->Tag]);if(SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, pUDTInfo->TypeIndex, TI_GET_UDTKIND, &dwVal)){fprintf(pfDbg, "%s]\r\n", rgUdtKind[dwVal]);//存储数据类型种类pEnumTypes->udtKind = rgUdtKind[dwVal];}else{fprintf(pfDbg, "NULL]\r\n");pEnumTypes->udtKind = "STRUCT";}fprintf(pfDbg, "| [Size: %d Byte]\r\n", pUDTInfo->Size);//存储自定义数据类型的大小pEnumTypes->ulllength = pUDTInfo->Size;//fprintf(pfDbg, "| [Children count: %d]\r\n", dwChildrenCount);fprintf(pfDbg, "| [TypeID: %d]\r\n", pUDTInfo->TypeIndex);if(dwChildrenCount)fprintf(pfDbg, "+>[Children :->]\r\n");elsefprintf(pfDbg, "+>[Children :NULL]\r\n");pEnumTypes->dwSymTagType = pUDTInfo->Tag;switch(pUDTInfo->Tag){case SymTagUDT:for(i = 0; i < dwChildrenCount; i++){fprintf(pfDbg, "\t|->");bSuccess = SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, pChildren->ChildId[i], TI_GET_SYMNAME, &pwszTypeName );if(bSuccess){fprintf(pfDbg, "[%-32ls] ", pwszTypeName);chCount = WideCharToMultiByte (CP_ACP, 0, pwszTypeName, wcslen (pwszTypeName), NULL, 0, 0, 0) + 1;pBuf0 = new char [chCount];sprintf(pBuf0, "%ls", pwszTypeName);LocalFree(pwszTypeName);}else{fprintf(pfDbg, "[UNKNOWN] ");pBuf0 = new char [8];sprintf(pBuf0, "%s", "UNKNOWN");}if(SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, pChildren->ChildId[i], TI_GET_OFFSET, &dwMemberOffset)){fprintf(pfDbg, "[offset: %08X] ", dwMemberOffset);dataValid = TRUE;}else{fprintf(pfDbg, "[offset: NULL] ");dataValid = FALSE;}if(SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, pChildren->ChildId[i], TI_GET_TYPEID, &typeId)){pChildrenEnumTypes = new ChildrenEnumTypes;pChildrenEnumTypes->dataValid = dataValid;SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_SYMTAG, &dwVal);fprintf(pfDbg, "[%s] ", rgTags[dwVal]);pChildrenEnumTypes->dwSymTagType = dwVal;pChildrenEnumTypes->strName = pBuf0;pChildrenEnumTypes->ullAddrOffset = dwMemberOffset;pChildrenEnumTypes->dwpArrayCount = NULL;switch(dwVal){case SymTagBaseType:SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_BASETYPE, &dwVal);fprintf(pfDbg, "[%s] ", basicTypeTypeNameString[dwVal]);pChildrenEnumTypes->dwBaseType = dwVal;SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_LENGTH, &dwlength);fprintf(pfDbg, "[Length: %d Byte] ", dwlength);pChildrenEnumTypes->ulllength = dwlength;pChildrenEnumTypes->dwArrayCount = 1;pChildrenEnumTypes->strTypeName = basicTypeTypeNameString[dwVal];pEnumTypes->childrenList.push_back(pChildrenEnumTypes);break;case SymTagArrayType:level = getArrayChildrenLevel(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_TYPEID, &arrayTypeId, 0);dwpArrayCount = new DWORD[level];arrayTypeChildrenId = getArrayChildrenCount(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_TYPEID, &arrayTypeId, dwpArrayCount, 0);if(arrayTypeChildrenId){SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, arrayTypeChildrenId, TI_GET_SYMTAG, &dwVal);switch(dwVal){case SymTagBaseType:if (SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, arrayTypeChildrenId, TI_GET_BASETYPE, &dwVal )){fprintf(pfDbg, "[%s] ", basicTypeTypeNameString[dwVal]);pChildrenEnumTypes->strTypeName = basicTypeTypeNameString[dwVal];pChildrenEnumTypes->dwBaseType = dwVal;}break;case SymTagEnum:case SymTagUDT:pChildrenEnumTypes->dwBaseType = 0;bSuccess = SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase,arrayTypeChildrenId, TI_GET_SYMNAME, &pwchildTypeName);if(bSuccess){fprintf(pfDbg, "[%ls] ", pwchildTypeName);chCount = WideCharToMultiByte (CP_ACP, 0, pwchildTypeName, wcslen (pwchildTypeName), NULL, 0, 0, 0) + 1;pBuf1 = new char [chCount];sprintf(pBuf1, "%ls", pwchildTypeName);LocalFree(pwchildTypeName);pChildrenEnumTypes->strTypeName = pBuf1;delete[] pBuf1;}else{fprintf(pfDbg, "[UNKNOWN] ");pChildrenEnumTypes->strTypeName = "UNKNOWN";}break;case SymTagPointerType:fprintf(pfDbg, "[POINTER] ");pChildrenEnumTypes->dwBaseType = btUInt;pChildrenEnumTypes->strTypeName = basicTypeTypeNameString[btUInt];break;default:pChildrenEnumTypes->dwBaseType = btNoType;fprintf(pfDbg, "[UNKNOWN %d] ", dwVal);pChildrenEnumTypes->strTypeName = "UNKNOWN";break;}}SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_LENGTH, &dwArraylength);fprintf(pfDbg, "[Length: %d Byte] ", dwArraylength);pChildrenEnumTypes->ulllength = dwArraylength;fprintf(pfDbg, "[ArrayLevel: %d] ", level);pChildrenEnumTypes->dwpArrayCount = dwpArrayCount;pChildrenEnumTypes->arrayLevel = level;while(level){fprintf(pfDbg, "[ArrayCount %d: %d] ", level, dwpArrayCount[--level]);}pChildrenEnumTypes->dwArrayCount = dwpArrayCount[0];pEnumTypes->childrenList.push_back(pChildrenEnumTypes);break;case SymTagPointerType:SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase, typeId, TI_GET_LENGTH, &dwlength);fprintf(pfDbg, "[Length: %d Byte] ", dwlength);pChildrenEnumTypes->ulllength = dwlength;pChildrenEnumTypes->dwArrayCount = 1;pChildrenEnumTypes->strTypeName = basicTypeTypeNameString[btUInt];pChildrenEnumTypes->dwBaseType = btUInt;pEnumTypes->childrenList.push_back(pChildrenEnumTypes);break;case SymTagEnum:case SymTagUDT:bSuccess = SymGetTypeInfo(ProcessInfo.m_hProcess, pUDTInfo->ModBase,typeId, TI_GET_SYMNAME, &pwchildTypeName);if(bSuccess){fprintf(pfDbg, "[%ls] ", pwchildTypeName);chCount = WideCharToMultiByte (CP_ACP, 0, pwchildTypeName, wcslen (pwchildTypeName), NULL, 0, 0, 0) + 1;pBuf1 = new char [chCount];sprintf(pBuf1, "%ls", pwchildTypeName);LocalFree(pwchildTypeName);pChildrenEnumTypes->strTypeName = pBuf1;delete[] pBuf1;}else{fprintf(pfDbg, "[UNKNOWN] ");pChildrenEnumTypes->strTypeName = "UNKNOWN";}pChildrenEnumTypes->ulllength = 0;pChildrenEnumTypes->dwArrayCount = 1;pChildrenEnumTypes->dwBaseType = 0;pEnumTypes->childrenList.push_back(pChildrenEnumTypes);break;default:delete pChildrenEnumTypes;break;}}fprintf(pfDbg, "\r\n");delete[] pBuf0;}break;case SymTagEnum:break;default:break;}EnumTypesInfoList.push_back(pEnumTypes);delete[] pChildren;return TRUE;}BOOL CALLBACK enumSourceFiles(PSOURCEFILE pSourceFile, PVOID UserContext){return TRUE;}BOOL CALLBACK enumModules(PCSTR ModuleName, DWORD64 BaseOfDll, PVOID UserContext){return TRUE;}
DataInfo.h

#ifndef _DATAINFO_H_#define _DATAINFO_H_#include <stdio.h>#include <windows.h>#include <string>#include <list>#include <iostream>#include <map>typedef struct sEnumSymbolsInfo{std::string strName;DWORD dwSymTagType;DWORD dwBaseType;std::string strTypeName;DWORD dwArrayCount;DWORD *dwpArrayCount;unsigned int arrayLevel;ULONG64 ullAddr;ULONG64 ullSize;BOOL dataValid;}EnumSymbols;typedef std::list<sEnumSymbolsInfo *> sEnumSymbolsInfoList;typedef struct sChildrenEnumTypesInfo{std::string strName;DWORD dwSymTagType;DWORD dwBaseType;std::string strTypeName;DWORD dwArrayCount;DWORD *dwpArrayCount;unsigned int arrayLevel;ULONG64 ullAddrOffset;ULONG64 ulllength;BOOL dataValid;}ChildrenEnumTypes;typedef std::list<sChildrenEnumTypesInfo *> sChildrenEnumTypesInfoList;typedef struct sEnumTypesInfo{std::string strName;DWORD dwSymTagType;ULONG64 ulllength;const char *udtKind;DWORD dwChildrenCount;sChildrenEnumTypesInfoList childrenList;}EnumTypes;typedef std::list<sEnumTypesInfo *> sEnumTypesInfoList;extern sEnumTypesInfoList EnumTypesInfoList;extern sEnumSymbolsInfoList EnumSymbolsInfoList;extern void deleteEnumSymbolsInfoListAll();extern void deleteEnumTypesInfoListAll();extern EnumTypes *findEnumType(std::string name);extern void reportChildrenEnumTypes(EnumTypes *pEnumTypes, unsigned char level, ULONG64 baseAddr);extern void reportAllSymbols();extern void test();#endif /* _DATAINFO_H_ */
DataInfo.cpp

#include "DataInfo.h"#include "PDBDump.h"sEnumTypesInfoList EnumTypesInfoList;sEnumSymbolsInfoList EnumSymbolsInfoList;extern FILE *pfRpt;void deleteEnumSymbolsInfoListAll(){sEnumSymbolsInfoList::iterator plist = EnumSymbolsInfoList.begin();struct sEnumSymbolsInfo *p;while (plist != EnumSymbolsInfoList.end()){p = (*plist);if(p->dwpArrayCount != NULL)delete[] p->dwpArrayCount;delete (*plist);++plist;}EnumSymbolsInfoList.clear();}void deleteEnumTypesInfoListAll(){sEnumTypesInfoList::iterator plist = EnumTypesInfoList.begin();sChildrenEnumTypesInfoList::iterator pchildrenlist;EnumTypes *p0;ChildrenEnumTypes *p1;while (plist != EnumTypesInfoList.end()){p0 = (*plist);pchildrenlist = p0->childrenList.begin();while(pchildrenlist != p0->childrenList.end()){p1 = (*pchildrenlist);if(p1->dwpArrayCount != NULL)delete[] p1->dwpArrayCount;delete(*pchildrenlist);++pchildrenlist;}p0->childrenList.clear();delete (*plist);++plist;}EnumTypesInfoList.clear();}EnumTypes *findEnumType(std::string name){sEnumTypesInfoList::iterator plist = EnumTypesInfoList.begin();while(plist != EnumTypesInfoList.end()){if(name == (*plist)->strName){return (*plist);}++plist;}return NULL;}void reportChildrenEnumTypes(EnumTypes *pEnumTypes, unsigned char level, ULONG64 baseAddr){sChildrenEnumTypesInfoList::iterator pChildren;ChildrenEnumTypes *pTemChild;EnumTypes *pTemEnumTypes;ULONG64 tempCount;unsigned int arrayLevel;if(pEnumTypes){for(pChildren = pEnumTypes->childrenList.begin(); pChildren != pEnumTypes->childrenList.end(); ++pChildren){pTemChild = (*pChildren);if(pTemChild->dataValid != TRUE)continue;switch(pTemChild->dwSymTagType){case SymTagBaseType:case SymTagPointerType:fprintf(pfRpt, "%d,", level);fprintf(pfRpt, "%s,", pTemChild->strName.c_str());fprintf(pfRpt, "%08X,", pTemChild->ullAddrOffset + baseAddr);fprintf(pfRpt, "%s,", basicTypeDataTypeString[pTemChild->dwBaseType]);fprintf(pfRpt, "%d,", pTemChild->ulllength);fprintf(pfRpt, "%s,", pTemChild->strTypeName.c_str());fprintf(pfRpt, "%d,\r\n", pTemChild->dwArrayCount);break;case SymTagArrayType:pTemEnumTypes = NULL;fprintf(pfRpt, "%d,", level);fprintf(pfRpt, "%s,", pTemChild->strName.c_str());fprintf(pfRpt, "%08X,", pTemChild->ullAddrOffset + baseAddr);if(pTemChild->dwBaseType){fprintf(pfRpt, "%s,", basicTypeDataTypeString[pTemChild->dwBaseType]);}else{pTemEnumTypes = findEnumType(pTemChild->strTypeName.c_str());if(pTemEnumTypes){switch(pTemEnumTypes->dwSymTagType){case SymTagEnum:fprintf(pfRpt, "ENUM,");break;case SymTagUDT:fprintf(pfRpt, "%s,", pTemEnumTypes->udtKind);break;default:fprintf(pfRpt, "UNKNOWN,");break;}}else{fprintf(pfRpt, "UNKNOWN,");}}for(arrayLevel = 0, tempCount = pTemChild->ulllength; arrayLevel < pTemChild->arrayLevel; arrayLevel++){tempCount = tempCount / pTemChild->dwpArrayCount[arrayLevel];}fprintf(pfRpt, "%d,", tempCount);fprintf(pfRpt, "%s,", pTemChild->strTypeName.c_str());fprintf(pfRpt, "%d", pTemChild->dwArrayCount);for(arrayLevel = 1; arrayLevel < pTemChild->arrayLevel; arrayLevel++){fprintf(pfRpt, "|%d", pTemChild->dwpArrayCount[arrayLevel]);}fprintf(pfRpt, ",\r\n");if(pTemEnumTypes)reportChildrenEnumTypes(pTemEnumTypes, level + 1, pTemChild->ullAddrOffset + baseAddr);break;case SymTagEnum:fprintf(pfRpt, "%d,", level);fprintf(pfRpt, "%s,", pTemChild->strName.c_str());fprintf(pfRpt, "%08X,", pTemChild->ullAddrOffset + baseAddr);fprintf(pfRpt, "ENUM,");pTemEnumTypes = findEnumType(pTemChild->strTypeName.c_str());if(pTemEnumTypes){fprintf(pfRpt, "%d,", pTemEnumTypes->ulllength);}else{fprintf(pfRpt, "%d,", 0);}fprintf(pfRpt, "%s,", pTemChild->strTypeName.c_str());fprintf(pfRpt, "%d,\r\n", pTemChild->dwArrayCount);break;case SymTagUDT:fprintf(pfRpt, "%d,", level);fprintf(pfRpt, "%s,", pTemChild->strName.c_str());fprintf(pfRpt, "%08X,", pTemChild->ullAddrOffset + baseAddr);pTemEnumTypes = findEnumType(pTemChild->strTypeName.c_str());if(pTemEnumTypes){fprintf(pfRpt, "%s,", pTemEnumTypes->udtKind);fprintf(pfRpt, "%d,", pTemEnumTypes->ulllength);}else{fprintf(pfRpt, "%s,", "UNKNOWN");fprintf(pfRpt, "%d,", 0);}fprintf(pfRpt, "%s,", pTemChild->strTypeName.c_str());fprintf(pfRpt, "%d,\r\n", pTemChild->dwArrayCount);reportChildrenEnumTypes(pTemEnumTypes, level + 1, pTemChild->ullAddrOffset + baseAddr);break;default:break;}}}}void reportAllSymbols(){sEnumSymbolsInfoList::iterator plist = EnumSymbolsInfoList.begin();struct sEnumSymbolsInfo *pEnumSymbols;unsigned int level;EnumTypes *pTemEnumTypes;ULONG64 tempCount;while (plist != EnumSymbolsInfoList.end()){pEnumSymbols = (*plist);if(pEnumSymbols->dataValid != TRUE){++plist;continue;}fprintf(pfRpt, "1,");fprintf(pfRpt, "%s,",pEnumSymbols->strName.c_str());fprintf(pfRpt, "%08X,",pEnumSymbols->ullAddr);switch(pEnumSymbols->dwSymTagType){case SymTagPointerType:case SymTagBaseType:fprintf(pfRpt, "%s,", basicTypeDataTypeString[pEnumSymbols->dwBaseType]);fprintf(pfRpt, "%d,", pEnumSymbols->ullSize);fprintf(pfRpt, "%s,", pEnumSymbols->strTypeName.c_str());fprintf(pfRpt, "%d,\r\n", pEnumSymbols->dwArrayCount);break;case SymTagEnum:fprintf(pfRpt, "%s,", "ENUM");fprintf(pfRpt, "%d,", pEnumSymbols->ullSize);fprintf(pfRpt, "%s,", pEnumSymbols->strTypeName.c_str());fprintf(pfRpt, "%d,\r\n", pEnumSymbols->dwArrayCount);break;case SymTagUDT:pTemEnumTypes = findEnumType(pEnumSymbols->strTypeName.c_str());if(pTemEnumTypes){fprintf(pfRpt, "%s,", pTemEnumTypes->udtKind);}else{fprintf(pfRpt, "%s,", "UNKNOWN");}fprintf(pfRpt, "%d,", pEnumSymbols->ullSize);fprintf(pfRpt, "%s,", pEnumSymbols->strTypeName.c_str());fprintf(pfRpt, "%d,\r\n", pEnumSymbols->dwArrayCount);reportChildrenEnumTypes(pTemEnumTypes, 2, pEnumSymbols->ullAddr);break;case SymTagArrayType:pTemEnumTypes = NULL;if(pEnumSymbols->dwBaseType){fprintf(pfRpt, "%s,", basicTypeDataTypeString[pEnumSymbols->dwBaseType]);}else{pTemEnumTypes = findEnumType(pEnumSymbols->strTypeName.c_str());if(pTemEnumTypes){switch(pTemEnumTypes->dwSymTagType){case SymTagEnum:fprintf(pfRpt, "ENUM,");break;case SymTagUDT:fprintf(pfRpt, "%s,", pTemEnumTypes->udtKind);break;default:fprintf(pfRpt, "UNKNOWN,");break;}}else{fprintf(pfRpt, "UNKNOWN,");}}for(level = 0, tempCount = pEnumSymbols->ullSize; level < pEnumSymbols->arrayLevel; level++){tempCount = tempCount / pEnumSymbols->dwpArrayCount[level];}fprintf(pfRpt, "%d,", tempCount);fprintf(pfRpt, "%s,", pEnumSymbols->strTypeName.c_str());fprintf(pfRpt, "%d", pEnumSymbols->dwArrayCount);for(level = 1; level < pEnumSymbols->arrayLevel; level++){fprintf(pfRpt, "|%d", pEnumSymbols->dwpArrayCount[level]);}fprintf(pfRpt, ",\r\n");if(pTemEnumTypes)reportChildrenEnumTypes(pTemEnumTypes, 2, pEnumSymbols->ullAddr);break;default:break;}++plist;}}void test(){reportAllSymbols();deleteEnumTypesInfoListAll();deleteEnumSymbolsInfoListAll();}







0 0
淘宝网店怎么注册平台 淘宝网店怎么注册平台
原创粉丝点击
热门IT博客
淘宝店铺优惠券代码淘宝店铺优惠券代码
知学学院课程知学学院课程
mac app store软件少
艾腾软件招聘
淘宝网搜索排名规则
soton数据分析百度云
华为云计算实验室
元硕碳晶 知乎
买淘宝店铺多少钱
家庭网络共享
南京大学 校园网络
java 打印菱形
格洛纳斯并入北斗知乎
尼康d7000调焦软件
java xss防御代码
森林资源二类调查数据
程序员 显示器 护眼
岂凡网络怎么样
dnf强制交易软件2016
微信多开软件免费下载
热门问题 老师的惩罚 人脸识别 我在镇武司摸鱼那些年 重生之率土为王 我在大康的咸鱼生活 盘龙之生命进化 天生仙种 凡人之先天五行 春回大明朝 姑娘不必设防,我是瞎子 洪荒之搏天命 老老头裸微搏 道奇酷搏 搏手无策 亚搏娱乐 狮子搏兔亦用全力 搏拼音 搏一波个人简历 两虎相搏 体外反搏 搏将的意思 翼博 翼博车怎么样 翼搏 翼搏论坛 yibo 翼搏2013款 搏击俱乐部 搏击 搏击长空 扇贝搏击手 搏击之王 青春有搏击 搏击玫瑰 搏击棍棒 搏击图片 青春搏击 搏击之夜4 搏击的意思 搏击俱乐部解析 动物搏击俱乐部 自由搏击教学 搏击长空制空霸权 网上扇贝搏击手什么梗 搏击俱乐部在线 自由搏击散打 搏击学员不听话 搏击俱乐部高清在线 搏击长空风暴特工队 自由搏击培训班 散打搏击培训班

程序博客网,程序员的互联网技术博客家园。csdn论坛精品 msdn技术资料都在这里