public static dynamic xCoreStructInfo(
CODEVIEW_HEADER CV,
string Struct,
long vAddress = 0,
long[] memRead = null,
Func <long, int, byte[]> GetMem = null,
Func <long, int, long[]> GetMemLong = null,
PropertyChangedEventHandler ExpandoChanged = null
)
{
var Info = SymAPI.GetType(Struct, CV) as dynamic;
if (vAddress != 0)
{
Info.vAddress = vAddress;
}
xCoreDumpStructs(Info, Struct, 0, vAddress, memRead, GetMem, GetMemLong, ExpandoChanged);
if (ExpandoChanged != null)
{
((INotifyPropertyChanged)Info).PropertyChanged +=
new PropertyChangedEventHandler(ExpandoChanged);
}
return(Info);
}
void IDiaSession.getSymbolsByAddr(out IDiaEnumSymbolsByAddr ppEnumbyAddr)
{
dynamic typ = null;
if (!Dia3.StructCache.ContainsKey(loadAddress.ToString("x")))
{
var json = SymAPI.FromAddress(loadAddress.ToString("x"), CV);
typ = JsonConvert.DeserializeObject <SymNameInfo>(json.Result);
Dia3.StructCache.TryAdd(loadAddress.ToString("x"), typ);
}
Dia3.StructCache.TryGetValue(loadAddress.ToString("x"), out typ);
ppEnumbyAddr = new EnumSymbols(CV, EnumSymType.ByAddr, typ);
return;
}
void IDiaSession.findChildren(IDiaSymbol parent, SymTagEnum symTag, string name, uint compareFlags, out IDiaEnumSymbols ppResult)
{
dynamic typ = null;
if (!Dia3.StructCache.ContainsKey(name))
{
var json = SymAPI.TypeDef(name, CV);
var converter = new Newtonsoft.Json.Converters.ExpandoObjectConverter();
var obj = JsonConvert.DeserializeObject <List <ExpandoObject> >(json.Result, converter);
// we access just the first object back
Dia3.StructCache.TryAdd(name, obj.First());
}
Dia3.StructCache.TryGetValue(name, out typ);
ppResult = new EnumSymbols(CV, EnumSymType.Sym, typ);
return;
}
public static SYMBOL_INFO SymFromName(string name, CODEVIEW_HEADER cvh)
{
SYMBOL_INFO rv = new SYMBOL_INFO();
var json = SymAPI.FromName(name, cvh);
var names = JsonConvert.DeserializeObject <NameList>(json.Result);
if (names == null)
{
return(rv);
}
var first = names.Names.First();
rv.Address = first.Address;
rv.Size = (uint)first.Length;
rv.Name = first.Name;
return(rv);
}
/// <summary>
/// Perform full symbol walk scanning for a struct/member position and length
///
/// TODO: make safe for type collisions in other pdb's
/// </summary>
/// <param name="PDBFile">d:\dev\symbols\ntkrnlmp.pdb\DD08DD42692B43F199A079D60E79D2171\ntkrnlmp.pdb</param>
/// <param name="Struct">_EPROCESS</param>
/// <param name="Member">Pcb.DirectoryTableBase</param>
/// <returns>Tuple of Position & Length </returns>
public static Tuple <int, int> StructMemberInfo(CODEVIEW_HEADER cv, string Struct, string Member)
{
#if !NETSTANDARD2_0
IDiaSession Session;
IDiaSymbol Master = null;
IDiaEnumSymbols EnumSymbols = null;
uint compileFetched = 0;
var result = from symx in StructInfo
where symx.Key.EndsWith(Member)
select symx;
if (result.Count() > 0)
{
return(result.First().Value);
}
#endif
#if NETSTANDARD2_0
IDictionary <string, dynamic> dInfo = null;
dynamic memberInfo = null;
var cnt = Member.Split('.').Length;
var typeInfo = SymAPI.GetType(Struct, cv);
dInfo = typeInfo as IDictionary <string, dynamic>;
if (cnt == 1)
{
memberInfo = dInfo[Member];
}
else
{
for (int i = 0; i < cnt; i++)
{
var path = Member.Split('.')[i];
dInfo = typeInfo as IDictionary <string, dynamic>;
memberInfo = dInfo[path];
if (i < cnt)
{
typeInfo = memberInfo;
}
}
}
dInfo = memberInfo as IDictionary <string, dynamic>;
return(Tuple.Create((int)dInfo["OffsetPos"], (int)dInfo["Length"]));
/* bah, screw this just return the object :\
* var foo = new DiaSource(cv);
* foo.loadDataFromPdb(cv.PDBFullPath);
* foo.openSession(out Session);
*/
#else
var foo = new DiaSource();
foo.loadDataFromPdb(cv.PDBFullPath);
foo.openSession(out Session);
if (Session == null)
{
return(null);
}
Session.findChildren(Session.globalScope, (uint)DebugHelp.SymTagEnum.Null, Struct, 0, out EnumSymbols);
do
{
EnumSymbols.Next(1, out Master, out compileFetched);
if (Master == null)
{
continue;
}
#if DEBUGX
Console.ForegroundColor = ConsoleColor.White;
WriteLine($"Dumping Type [{Master.name}] Len [{Master.length}]");
#endif
if (!StructInfo.ContainsKey(Master.name))
{
StructInfo.Add(Master.name, Tuple.Create <int, int>(0, (int)Master.length));
}
DumpStructs(Master, Master.name, Struct, 0);
} while (compileFetched == 1);
var resultx = (from symx in StructInfo
where symx.Key.EndsWith(Member)
select symx).FirstOrDefault();
return(resultx.Value);
#endif
}
