Fixed empty dump

x64dbg · Sep 15, 2023 · ce9168b · ce9168b
1 parent a9bb033
commit ce9168b
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 17 deletions.
diff --git a/src/gui/Src/Tracer/TraceDump.cpp b/src/gui/Src/Tracer/TraceDump.cpp
@@ -239,6 +239,19 @@ void TraceDump::setupContextMenu()
  updateShortcuts();
 }
 
+void TraceDump::mousePressEvent(QMouseEvent* event)
+{
+ if(event->buttons() == Qt::MiddleButton) //copy address to clipboard
+ {
+ //Allow copying while not debugging
+ MessageBeep(MB_OK);
+ QString addrText = ToPtrString(rvaToVa(getInitialSelection()));
+ Bridge::CopyToClipboard(addrText);
+ return;
+ }
+ HexDump::mousePressEvent(event);
+}
+
 void TraceDump::getAttention()
 {
  BackgroundFlickerThread* thread = new BackgroundFlickerThread(this, mBackgroundColor, this);
@@ -250,9 +263,15 @@ void TraceDump::printDumpAt(dsint parVA, bool select, bool repaint, bool updateT
 {
  // Modified from Hexdump, removed memory page information
  // TODO: get memory range from trace instead
- duint wSize;
+ const duint wSize = 0x1000; // TODO: Using 4KB pages currently
  auto wBase = mMemoryPage->getBase();
  dsint wRVA = parVA - wBase; //calculate rva
+ if(wRVA < 0 || wRVA >= wSize)
+ {
+ wBase = parVA & ~(wSize - 1);
+ mMemoryPage->setAttributes(wBase, wSize);
+ wRVA = parVA - wBase; //calculate rva
+ }
  int wBytePerRowCount = getBytePerRowCount(); //get the number of bytes per row
  dsint wRowCount;
 
@@ -269,8 +288,6 @@ void TraceDump::printDumpAt(dsint parVA, bool select, bool repaint, bool updateT
 
  setRowCount(wRowCount); //set the number of rows
 
- //mMemPage->setAttributes(wBase, wSize); // Set base and size (Useful when memory page changed)
-
  if(updateTableOffset)
  {
  setTableOffset(-1); //make sure the requested address is always first
@@ -337,8 +354,8 @@ void TraceDump::getColumnRichText(int col, dsint rva, RichTextPainter::List & ri
 QString TraceDump::paintContent(QPainter* painter, dsint rowBase, int rowOffset, int col, int x, int y, int w, int h)
 {
  // Reset byte offset when base address is reached
- if(rowBase == 0 && mByteOffset != 0)
- HexDump::printDumpAt(mMemPage->getBase(), false, false);
+ //if(rowBase == 0 && mByteOffset != 0)
+ // HexDump::printDumpAt(mMemPage->getBase(), false, false);
 
  if(!col) //address
  {
@@ -527,7 +544,7 @@ void TraceDump::gotoExpressionSlot()
  {
  duint value = DbgValFromString(mGoto->expressionText.toUtf8().constData());
  GuiAddLogMessage(ToPtrString(value).toUtf8());
- this->HexDump::printDumpAt(value, true);
+ this->printDumpAt(value, true, true, true);
  }
 }
 
@@ -561,13 +578,13 @@ void TraceDump::gotoExpressionSlot()
 void TraceDump::gotoStartSlot()
 {
  duint dest = mMemPage->getBase();
- this->HexDump::printDumpAt(dest, true);
+ this->printDumpAt(dest, true, true, true);
 }
 
 void TraceDump::gotoEndSlot()
 {
  duint dest = mMemPage->getBase() + mMemPage->getSize() - (getViewableRowsCount() * getBytePerRowCount());
- this->HexDump::printDumpAt(dest, true);
+ this->printDumpAt(dest, true, true, true);
 }
 
 void TraceDump::hexAsciiSlot()

diff --git a/src/gui/Src/Tracer/TraceDump.h b/src/gui/Src/Tracer/TraceDump.h
@@ -21,6 +21,7 @@ class TraceDump : public HexDump
  void contextMenuEvent(QContextMenuEvent* event);
  void mouseDoubleClickEvent(QMouseEvent* event);
  void mouseMoveEvent(QMouseEvent* event);
+ void mousePressEvent(QMouseEvent* event);
  void printDumpAt(dsint parVA, bool select, bool repaint, bool updateTableOffset);
 
 signals:

diff --git a/src/gui/Src/Tracer/TraceFileDump.cpp b/src/gui/Src/Tracer/TraceFileDump.cpp
@@ -153,7 +153,7 @@ void TraceFileDump::findMemAreas()
 }
 
 // TraceFileDumpMemoryPage
-TraceFileDumpMemoryPage::TraceFileDumpMemoryPage(QObject* parent) : MemoryPage(0x1000, ((duint) - 1) >> 1, parent)
+TraceFileDumpMemoryPage::TraceFileDumpMemoryPage(QObject* parent) : MemoryPage(0x10000, 0x1000, parent)
 {
  QMutexLocker locker(&lock);
  dump = nullptr;

diff --git a/src/gui/Src/Tracer/TraceFileReader.cpp b/src/gui/Src/Tracer/TraceFileReader.cpp
@@ -577,17 +577,19 @@ void TraceFileReader::purgeLastPage()
  }
 }
 
+// Extract memory access information of given index into dump object
 void TraceFileReader::buildDump(unsigned long long index)
 {
- int MemoryOperandsCount = MemoryAccessCount(index);
- if(MemoryOperandsCount == 0) //LEA and NOP instructions
- return;
  Zydis zydis;
  unsigned char opcode[MAX_DISASM_BUFFER];
  int opcodeSize;
  REGDUMP registers = Registers(index);;
  OpCode(index, opcode, &opcodeSize);
+ // Always add opcode into dump
  dump.addMemAccess(registers.regcontext.cip, opcode, opcode, opcodeSize);
+ int MemoryOperandsCount = MemoryAccessCount(index);
+ if(MemoryOperandsCount == 0) //LEA and NOP instructions are ignored here
+ return;
  zydis.Disassemble(registers.regcontext.cip, opcode, opcodeSize);
  duint oldMemory[32];
  duint newMemory[32];
@@ -623,17 +625,18 @@ void TraceFileReader::buildDump(unsigned long long index)
  }
 }
 
+// Build dump index to the given index
 void TraceFileReader::buildDumpTo(unsigned long long index)
 {
- auto start = dump.getMaxIndex();
+ auto start = dump.getMaxIndex(); // Don't re-add existing dump
  for(auto i = start + 1; i < index; i++)
  {
  dump.increaseIndex();
  buildDump(i);
  }
 }
 
-void TraceFileReader::debugdump(unsigned long long index)
+void TraceFileReader::debugdump(unsigned long long index) //TODO: remove me
 {
  dump.findMemAreas();
  for(auto c : dump.memAreas)

diff --git a/src/gui/Src/Tracer/TraceWidget.cpp b/src/gui/Src/Tracer/TraceWidget.cpp
@@ -58,14 +58,14 @@ TraceWidget::TraceWidget(QWidget* parent) :
  //overview
  ui->mBotRightFrameLayout->addWidget(mOverview);
 
- //set up overview
+ // TODO: set up overview
  mOverview->addColumnAt(0, "", true);
  mOverview->setShowHeader(false);
  mOverview->setRowCount(4);
  mOverview->setCellContent(0, 0, "hello");
  mOverview->setCellContent(1, 0, "world");
  mOverview->setCellContent(2, 0, "00000000");
- mOverview->setCellContent(3, 0, "here we will list all control flow transfers");
+ mOverview->setCellContent(3, 0, "TODO: Draw call stack here");
  //mOverview->hide();
  ui->mTopHSplitter->setSizes(QList<int>({1000, 1}));
  ui->mTopLeftVSplitter->setSizes(QList<int>({1000, 1}));
@@ -85,10 +85,14 @@ void TraceWidget::traceSelectionChanged(unsigned long long selection)
  {
  if(selection < traceFile->Length())
  {
+ // update registers view
  registers = traceFile->Registers(selection);
  mInfo->update(selection, traceFile, registers);
- traceFile->buildDumpTo(selection);
+ // update dump view
+ traceFile->buildDumpTo(selection); // TODO: sometimes this can be slow
  mMemoryPage->setDumpObject(traceFile->getDump());
+ mMemoryPage->setSelectedIndex(selection);
+ mDump->reloadData();
  }
  else
  memset(&registers, 0, sizeof(registers));