Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
#include "byakugan.h"
2
#include "symport.h"
3

4
HRESULT addSymbol(ULONG64 address, char *symbolName) {
5
	HRESULT		retVal;
6
	if (S_OK != (retVal = g_ExtSymbols->AddSyntheticSymbol(address, 1, 
7
										symbolName, DEBUG_ADDSYNTHSYM_DEFAULT, NULL))) {
8
		dprintf("[S] Failed to add synthetic symbol: %s\n", symbolName);
9
		return (-1);
10
	}
11
	
12
	printf("[S] Successfully added symbol!\n");
13
	return (S_OK);
14
}
15

16
ULONG64 getBase(char *imageName) {
17
	ULONG64		baseAddress;
18
	DWORD		index;
19
	
20
	if (S_OK != g_ExtSymbols->GetModuleByModuleName2(imageName, 0, 0, &index, &baseAddress))
21
		return (0);
22
	return (baseAddress);
23
}
24

25
void parseMapLine(char *mapBuf, ULONG64 *symAddress, char **symbolName, BYTE *state) {
26
	char	*startAddr;
27
	DWORD	lineLen = strlen(mapBuf);
28

29
	if (*state & MAP_STATE_ENTRYPOINT) 
30
		return;
31
	if (*state & MAP_STATE_LOCALSYM) {
32
		// parse up local symbol section
33
		if (strstr(mapBuf, "Program entry")) {
34
			*state |= MAP_STATE_ENTRYPOINT;
35
			return;
36
		}
37
		
38
		// MEAT OF THE FUNCTION - Get the Addr and Name from the line
39
		if ((startAddr = strchr(mapBuf, ':')) == NULL)
40
			return;
41
		if ((startAddr - mapBuf + 10) > lineLen) {
42
			dprintf("[S] Malformed map line: %s\n", mapBuf);
43
			return;
44
		}
45
		startAddr[9] = '\x00';
46
		*symAddress = _strtoui64(startAddr+1, NULL, 16);
47
		
48
		startAddr += 10;
49
		while (*startAddr == ' ' && (startAddr - mapBuf) < lineLen)
50
			startAddr++;
51
		if ((startAddr - mapBuf) >= lineLen) {
52
			dprintf("[S] Malformed map line: %s\n", mapBuf);
53
			return;
54
		}
55

56
		*symbolName = startAddr;
57
		startAddr = strchr(*symbolName, '\n');
58
		if (startAddr)
59
			*startAddr = '\x00';
60

61
	} else if (!(*state)) {
62
		// Look for start of LOCALSYM section
63
		if (strstr(mapBuf, "Publics by Value"))
64
			*state |= MAP_STATE_LOCALSYM;
65
	}
66
}
67

68
HRESULT addMapFile(char *imageName, char *mapPath) {
69
	HANDLE		mapFile;
70
	DWORD		readOut = 1, i = 0, symCount = 0;
71
	ULONG64		symAddress, imageBase;
72
	char		mapBuf[MAP_BUF_SIZE+1], *symbolName = NULL, out = ' ';
73
	BYTE		state = 0;
74

75
	if (0 == (imageBase = getBase(imageName))) {
76
		dprintf("[S] Failed to get base address for module %s\n", imageName);
77
		return (-1);
78
	}
79
	dprintf("[S] Adjusting symbols to base address of: 0x%16y\n", imageBase);
80

81
	if((mapFile = CreateFile(mapPath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING,
82
							FILE_ATTRIBUTE_NORMAL, NULL)) == INVALID_HANDLE_VALUE) {
83
		dprintf("[S] Unable to open map file: %s\n", mapPath);
84
		return (-1);
85
	}
86
	
87
	while (readOut > 0 && i < MAP_BUF_SIZE) {
88
		ReadFile(mapFile, &out, 1, &readOut, NULL);
89
		if (out == '\n') {
90
			mapBuf[i] = '\x00';
91
			i = 0;
92
			parseMapLine(mapBuf, &symAddress, &symbolName, &state);
93
			symAddress += imageBase;
94
			if (symbolName != NULL) {
95
				//dprintf("Addr: 0x%16y\tName: %s\n", symAddress, symbolName);
96
				if (S_OK == addSymbol(symAddress, symbolName))
97
					symCount++;
98
				symAddress = 0; symbolName = NULL;
99
			}
100
		} else {
101
			mapBuf[i++] = out;
102
		}
103
	}
104
	dprintf("[S] Successfully imported %d symbols.\n", symCount);
105
	return (S_OK);
106
}
107

108