private void RefreshStackData()
{
uint ProcessId = GetSelectedProcessId();
ArgumentDatas.Clear();
LocalDatas.Clear();
ArgumentsDepthLoaded = 1;
LocalsDepthLoaded = 1;
if (Registers.ContainsKey("EBP"))
{
uint EBP = Registers["EBP"];
if (!string.IsNullOrWhiteSpace(CurrentMethodLabel))
{
// Refresh arguments
MethodInfo TheMethod = TheDebugger.GetMethodInfo(CurrentMethodLabel);
if (TheMethod.Arguments.Count > 0)
{
try
{
int MaxOffset = TheMethod.Arguments.Select(x => x.Value.Offset).Max();
string MaxTypeID = TheMethod.Arguments.Where(x => x.Value.Offset == MaxOffset).Select(x => x.Value.TypeID).First();
TypeInfo MaxArgType = TheDebugger.GetTypeInfo(MaxTypeID);
// +8 for old ebp and return address
// +4 or more for return value
uint RetValSize = (uint)TheMethod.ReturnSize;
string ArgumentValuesStr = TheDebugger.GetMemoryValues(ProcessId, EBP + 8 + RetValSize, MaxOffset + MaxArgType.SizeOnStackInBytes, 1);
byte[] ArgumentValuesArr = ArgumentValuesStr.Split(" ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Select(x => byte.Parse(x.Substring(2), System.Globalization.NumberStyles.HexNumber)).ToArray();
List <VariableInfo> ArgInfos = TheMethod.Arguments.Values.OrderBy(x => x.Offset).ToList();
foreach (VariableInfo AnArgInfo in ArgInfos)
{
TypeInfo ArgType = TheDebugger.GetTypeInfo(AnArgInfo.TypeID);
VariableData NewVarData = new VariableData()
{
Address = (uint)(EBP + AnArgInfo.Offset),
OffsetFromParent = AnArgInfo.Offset,
Info = ArgType,
Value = new byte[ArgType.SizeOnStackInBytes]
};
for (int i = 0; i < ArgType.SizeOnStackInBytes; i++)
{
NewVarData.Value[i] = ArgumentValuesArr[i + AnArgInfo.Offset];
}
ArgumentDatas.Add(NewVarData);
}
}
catch (Exception ex)
{
ArgumentDatas.Add(new VariableData()
{
Name = "Error! " + ex.Message
});
}
}
if (Registers.ContainsKey("ESP"))
{
// Refresh locals
try
{
int MaxOffset = TheMethod.Locals.Count == 0 ? 0 : TheMethod.Locals.Select(x => x.Value.Offset).Max();
string MaxTypeID = TheMethod.Locals.Count == 0 ? "" : TheMethod.Locals.Where(x => x.Value.Offset == MaxOffset).Select(x => x.Value.TypeID).First();
TypeInfo MaxLocType = TheMethod.Locals.Count == 0 ? null : TheDebugger.GetTypeInfo(MaxTypeID);
uint ESP = Registers["ESP"];
int NumLocalBytes = (int)(EBP - ESP);
string LocalValuesStr = TheDebugger.GetMemoryValues(ProcessId, ESP, NumLocalBytes, 1);
byte[] LocalValuesArr = LocalValuesStr.Split(" ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Select(x => byte.Parse(x.Substring(2), System.Globalization.NumberStyles.HexNumber)).ToArray();
if (LocalValuesArr.Length > 0)
{
int max = LocalValuesArr.Length - (MaxOffset + (TheMethod.Locals.Count == 0 ? 0 : MaxLocType.SizeOnStackInBytes));
for (int i = 0; i < max;)
{
VariableData NewVarData = new VariableData()
{
Address = (uint)(ESP + i),
Temporary = true,
Value = new byte[4],
OffsetFromParent = i
};
LocalDatas.Add(NewVarData);
if (max - i >= 4)
{
for (int j = 0; j < 4; j++)
{
NewVarData.Value[j] = LocalValuesArr[j + i];
}
i += 4;
}
else
{
for (int j = 0; j < (max - i); j++)
{
NewVarData.Value[j] = LocalValuesArr[j + i];
}
i = max;
}
}
List <VariableInfo> LocInfos = TheMethod.Locals.Values.OrderBy(x => x.Offset).ToList();
foreach (VariableInfo ALocInfo in LocInfos)
{
TypeInfo LocType = TheDebugger.GetTypeInfo(ALocInfo.TypeID);
int position = (LocalValuesArr.Length - (ALocInfo.Offset + LocType.SizeOnStackInBytes));
VariableData NewVarData = new VariableData()
{
Address = (uint)(EBP + ALocInfo.Offset),
OffsetFromParent = position,
Info = LocType,
Value = new byte[LocType.SizeOnStackInBytes]
};
for (int i = 0; i < LocType.SizeOnStackInBytes; i++)
{
NewVarData.Value[i] = LocalValuesArr[i + position];
}
LocalDatas.Add(NewVarData);
}
}
}
catch (Exception ex)
{
LocalDatas.Add(new VariableData()
{
Name = "Error! " + ex.Message
});
}
}
}
else
{
if (Registers.ContainsKey("ESP"))
{
// Refresh locals
// - Can get values as blocks of 4 bytes but not interpret them because we don't have the method info
try
{
uint ESP = Registers["ESP"];
int NumLocalBytes = (int)(EBP - ESP);
string LocalValuesStr = TheDebugger.GetMemoryValues(ProcessId, ESP, NumLocalBytes / 4, 4);
uint[] LocalValuesArr = LocalValuesStr.Split(" ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Select(x => uint.Parse(x.Substring(2), System.Globalization.NumberStyles.HexNumber)).ToArray();
int offset = 0;
foreach (uint ALocalVal in LocalValuesArr)
{
LocalDatas.Add(new VariableData()
{
Address = ESP,
Temporary = true,
Value = BitConverter.GetBytes(ALocalVal),
OffsetFromParent = offset
});
ESP += 4;
offset += 4;
}
}
catch (Exception ex)
{
LocalDatas.Add(new VariableData()
{
Name = "Error! " + ex.Message
});
}
}
}
}
UpdateStackData();
PerformingAction = false;
}
private void RefreshStackData()
{
uint ProcessId = GetSelectedProcessId();
ArgumentDatas.Clear();
LocalDatas.Clear();
ArgumentsDepthLoaded = 1;
LocalsDepthLoaded = 1;
if (Registers.ContainsKey("EBP"))
{
uint EBP = Registers["EBP"];
if (!string.IsNullOrWhiteSpace(CurrentMethodLabel))
{
// Refresh arguments
MethodInfo TheMethod = TheDebugger.GetMethodInfo(CurrentMethodLabel);
if (TheMethod.Arguments.Count > 0)
{
try
{
int MaxOffset = TheMethod.Arguments.Select(x => x.Value.Offset).Max();
string MaxTypeID = TheMethod.Arguments.Where(x => x.Value.Offset == MaxOffset).Select(x => x.Value.TypeID).First();
TypeInfo MaxArgType = TheDebugger.GetTypeInfo(MaxTypeID);
// +8 for old ebp and return address
// +4 or more for return value
uint RetValSize = (uint)TheMethod.ReturnSize;
string ArgumentValuesStr = TheDebugger.GetMemoryValues(ProcessId, EBP + 8 + RetValSize, MaxOffset + MaxArgType.SizeOnStackInBytes, 1);
byte[] ArgumentValuesArr = ArgumentValuesStr.Split(" ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Select(x => byte.Parse(x.Substring(2), System.Globalization.NumberStyles.HexNumber)).ToArray();
List<VariableInfo> ArgInfos = TheMethod.Arguments.Values.OrderBy(x => x.Offset).ToList();
foreach (VariableInfo AnArgInfo in ArgInfos)
{
TypeInfo ArgType = TheDebugger.GetTypeInfo(AnArgInfo.TypeID);
VariableData NewVarData = new VariableData()
{
Address = (uint)(EBP + AnArgInfo.Offset),
OffsetFromParent = AnArgInfo.Offset,
Info = ArgType,
Value = new byte[ArgType.SizeOnStackInBytes]
};
for (int i = 0; i < ArgType.SizeOnStackInBytes; i++)
{
NewVarData.Value[i] = ArgumentValuesArr[i + AnArgInfo.Offset];
}
ArgumentDatas.Add(NewVarData);
}
}
catch (Exception ex)
{
ArgumentDatas.Add(new VariableData()
{
Name = "Error! " + ex.Message
});
}
}
if (Registers.ContainsKey("ESP"))
{
// Refresh locals
try
{
int MaxOffset = TheMethod.Locals.Count == 0 ? 0 : TheMethod.Locals.Select(x => x.Value.Offset).Max();
string MaxTypeID = TheMethod.Locals.Count == 0 ? "" : TheMethod.Locals.Where(x => x.Value.Offset == MaxOffset).Select(x => x.Value.TypeID).First();
TypeInfo MaxLocType = TheMethod.Locals.Count == 0 ? null : TheDebugger.GetTypeInfo(MaxTypeID);
uint ESP = Registers["ESP"];
int NumLocalBytes = (int)(EBP - ESP);
string LocalValuesStr = TheDebugger.GetMemoryValues(ProcessId, ESP, NumLocalBytes, 1);
byte[] LocalValuesArr = LocalValuesStr.Split(" ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Select(x => byte.Parse(x.Substring(2), System.Globalization.NumberStyles.HexNumber)).ToArray();
if (LocalValuesArr.Length > 0)
{
int max = LocalValuesArr.Length - (MaxOffset + (TheMethod.Locals.Count == 0 ? 0 : MaxLocType.SizeOnStackInBytes));
for (int i = 0; i < max; )
{
VariableData NewVarData = new VariableData()
{
Address = (uint)(ESP + i),
Temporary = true,
Value = new byte[4],
OffsetFromParent = i
};
LocalDatas.Add(NewVarData);
if (max - i >= 4)
{
for (int j = 0; j < 4; j++)
{
NewVarData.Value[j] = LocalValuesArr[j + i];
}
i += 4;
}
else
{
for (int j = 0; j < (max - i); j++)
{
NewVarData.Value[j] = LocalValuesArr[j + i];
}
i = max;
}
}
List<VariableInfo> LocInfos = TheMethod.Locals.Values.OrderBy(x => x.Offset).ToList();
foreach (VariableInfo ALocInfo in LocInfos)
{
TypeInfo LocType = TheDebugger.GetTypeInfo(ALocInfo.TypeID);
int position = (LocalValuesArr.Length - (ALocInfo.Offset + LocType.SizeOnStackInBytes));
VariableData NewVarData = new VariableData()
{
Address = (uint)(EBP + ALocInfo.Offset),
OffsetFromParent = position,
Info = LocType,
Value = new byte[LocType.SizeOnStackInBytes]
};
for (int i = 0; i < LocType.SizeOnStackInBytes; i++)
{
NewVarData.Value[i] = LocalValuesArr[i + position];
}
LocalDatas.Add(NewVarData);
}
}
}
catch (Exception ex)
{
LocalDatas.Add(new VariableData()
{
Name = "Error! " + ex.Message
});
}
}
}
else
{
if (Registers.ContainsKey("ESP"))
{
// Refresh locals
// - Can get values as blocks of 4 bytes but not interpret them because we don't have the method info
try
{
uint ESP = Registers["ESP"];
int NumLocalBytes = (int)(EBP - ESP);
string LocalValuesStr = TheDebugger.GetMemoryValues(ProcessId, ESP, NumLocalBytes / 4, 4);
uint[] LocalValuesArr = LocalValuesStr.Split(" ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries).Select(x => uint.Parse(x.Substring(2), System.Globalization.NumberStyles.HexNumber)).ToArray();
int offset = 0;
foreach (uint ALocalVal in LocalValuesArr)
{
LocalDatas.Add(new VariableData()
{
Address = ESP,
Temporary = true,
Value = BitConverter.GetBytes(ALocalVal),
OffsetFromParent = offset
});
ESP += 4;
offset += 4;
}
}
catch (Exception ex)
{
LocalDatas.Add(new VariableData()
{
Name = "Error! " + ex.Message
});
}
}
}
}
UpdateStackData();
PerformingAction = false;
}
