public formRecording(oFunctionList referenceList)
{
this.list = referenceList;
// Begin recording data
list.startRecording();
InitializeComponent();
}
public formRecording(oFunctionList referenceList)
{
this.list = referenceList;
// Begin recording data
list.startRecording();
InitializeComponent();
}
/// <summary>
/// Creates a timeseries plot from a function list.
/// </summary>
/// <param name="functionList"></param>
/// <param name="name"></param>
/// <param name="row"></param>
/// <param name="numRows"></param>
/// <param name="mainVisualization"></param>
public oTimeseriesPlot(oFunctionList functionList, string name, int row, int numRows, Microsoft.DirectX.Direct3D.Font directxFont, oVisMain mainVisualization, Device device)
{
this.functionList = functionList;
this.name = name;
this.row = row;
this.numRows = numRows;
this.directxFont = directxFont;
this.mainVisualization = mainVisualization;
this.device = device;
}
/// <summary>
/// Creates a timeseries plot from a function list.
/// </summary>
/// <param name="functionList"></param>
/// <param name="name"></param>
/// <param name="row"></param>
/// <param name="numRows"></param>
/// <param name="mainVisualization"></param>
public oTimeseriesPlot(oFunctionList functionList, string name, int row, int numRows, Microsoft.DirectX.Direct3D.Font directxFont, oVisMain mainVisualization, Device device )
{
this.functionList = functionList;
this.name = name;
this.row = row;
this.numRows = numRows;
this.directxFont = directxFont;
this.mainVisualization = mainVisualization;
this.device = device;
}
/// <summary>
/// Add a new time-series from the specified function list.
/// </summary>
/// <param name="list"></param>
/// <param name="name"></param>
public void addTimeSeriesFromFunctionList(oFunctionList list, string name)
{
// Create a new time series
timeseriesPlots.Add(new oTimeseriesPlot(list, name, timeseriesPlots.Count, timeseriesPlots.Count + 1, drawingFont, mainVisualization, device));
// Invalidate all the plots
foreach (oTimeseriesPlot plot in timeseriesPlots)
{
plot.setNumRows(timeseriesPlots.Count);
}
}
/// <summary>
/// Sets the currently active function list.
/// </summary>
/// <param name="data">The function list currently viewable.</param>
public void setData(oFunctionList newList)
{
// Update the data
functionList = newList;
// Invalidate everything
validAxis = false;
validCursor = false;
validLogPlot = false;
validSelection = false;
validMouse = false;
}
public callSender(oFunctionList recordedData)
{
this.recordedData = recordedData;
InitializeComponent();
if (recordedData != null)
{
// Set the call list count
this.dataGridCalls.RowCount = recordedData.getCallCount();
// Make sure only 1 function is in the function list.
if (recordedData.getCount() == 1)
{
// Set this function address
this.address = recordedData.functions[0].address;
// Set this function
this.function = recordedData.functions[0];
// Initialize the arguments data grid view control
this.dataGridArguments.Rows.Add(new string[] { "ecx", "0x0" });
this.dataGridArguments.Rows.Add(new string[] { "edx", "0x0" });
this.dataGridArguments.Rows.Add(new string[] { "eax", "0x0" });
for (int i = 0; i < recordedData.functions[0].getNumParams(); i++)
{
// Add this argument
this.dataGridArguments.Rows.Add(new string[] { "ebp+0x" + (8 + i * 4).ToString("X"), "0x0" });
}
// Load the initial arguments from the most recent function call
if (recordedData.getCallCount() > 0)
{
// Set the register inputs
this.dataGridArguments.Rows[0].Cells[1].Value = "0x" + recordedData.getData()[recordedData.getCallCount() - 1].ecx.ToString("X");
this.dataGridArguments.Rows[1].Cells[1].Value = "0x" + recordedData.getData()[recordedData.getCallCount() - 1].edx.ToString("X");
this.dataGridArguments.Rows[2].Cells[1].Value = "0x" + recordedData.getData()[recordedData.getCallCount() - 1].eax.ToString("X");
// Set the stack inputs
for (int i = 0; i < recordedData.functions[0].getNumParams(); i++)
{
// Set this argument
this.dataGridArguments.Rows[i + 3].Cells[1].Value = "0x" + recordedData.getData()[recordedData.getCallCount() - 1].arguments[i].ToString("X");
}
}
}
}
// Initialize the code text
textCallAssembly.Text = generateCode();
}
public oTabFunctionList(oTabManager parent, ToolStrip toolStrip, Panel panelMain, ToolStrip mainToolStrip, string tabTitle, oFunctionList functionList, oVisMain visMain, oVisPlayBar visPlayBar)
: base(parent, toolStrip, panelMain, mainToolStrip, tabTitle)
{
// Initialize the controls we need
InitializeComponents();
// Set the data source for the control
functionListControl.FunctionList = functionList;
// Set the function list parent tab
if (functionList != null)
functionList.parentControl = functionListControl;
}
/// <summary>
/// This creates a new tab for sending funciton calls.
/// </summary>
/// <param name="name">Display name of the tab.</param>
/// <param name="select">Whether or not to select this new tab.</param>
public void addCallSenderTab(string name, bool @select, oFunctionList data)
{
// Create the new oTab class and tab page
oTabCallSender tabCallSender = new oTabCallSender(this, toolStrip, panelMain, mainToolStrip, name, data);
tabs.Add(tabCallSender);
tabController.TabPages.Add(tabCallSender.WorkingPage);
tabCallSender.WorkingPage.ImageIndex = tabController.ImageList.Images.IndexOfKey(@"memoryview.ico");
if (select)
{
tabController.SelectedTab = tabCallSender.WorkingPage;
}
}
/// <summary>
/// Sets the currently active function list.
/// </summary>
/// <param name="data">The function list currently viewable.</param>
public void setData(oFunctionList newList)
{
// Update the data
baseFunctionList = newList;
// Update all the subplots with the data
generateSubplotFunctionLists();
// Set the cursor to the end of the data
DISPLAY_RANGE range = getDisplayRange();
double time = range.tMaxDataset;
setCursor(time, cursorWidth, 0);
// Render any changes immediately
Render();
}
/// <summary>
/// This creates a new tab from a list of functions with specified name.
/// </summary>
/// <param name="name">Display name of the tab.</param>
/// <param name="functionList">The list of functions to use.</param>
/// <param name="select">Whether or not to select this new tab.</param>
/// <param name="filtered">Whether or not is function subset - just for presentation.</param>
public void addFunctionListTab(string name, oFunctionList functionList, bool select, bool filtered)
{
// Create the new oTab class and tab page
oTabFunctionList tabFunctionList = new oTabFunctionList(this, toolStrip, panelMain, mainToolStrip, name, functionList, visMain, visPlayBar);
tabs.Add(tabFunctionList);
tabController.TabPages.Add(tabFunctionList.WorkingPage);
tabFunctionList.WorkingPage.ImageIndex = tabController.ImageList.Images.IndexOfKey(filtered ? @"FunctionFilter.ico" : @"FunctionFull.ico");
if (select)
{
// Deactivate the selected tab
if (tabController.SelectedIndex >= 0 && tabController.SelectedIndex < tabController.TabPages.Count)
{
tabs[tabController.SelectedIndex].deactivate();
}
// Select the new tab page
tabController.SelectedIndex = tabs.Count - 1;
tabs[tabs.Count - 1].activate();
}
}
public formFilter(oFunctionList functionList, oTabManager tabManager, oTabFunctionList tab, FILTER_TYPE filterType, oVisPlayBar playBar)
{
InitializeComponent();
this.tabManager = tabManager;
this.tab = tab;
this.functionGrid.CellValueNeeded += new System.Windows.Forms.DataGridViewCellValueEventHandler(this.functionGrid_CellValueNeeded);
this.functionList = functionList;
this.functionListOutput = functionList.Clone();
updatePredictedOutput();
timerRefreshOutput.Enabled = false;
this.playBar = playBar;
// Make changes to the interface as determined by the filterType
this.filterType = filterType;
switch (filterType)
{
case FILTER_TYPE.FUNCTION_LIST_FILTERED:
// Do nothing special
break;
case FILTER_TYPE.FUNCTION_LIST_FULL:
// We cannot replace this list
this.buttonApplyReplace.Visible = false;
break;
case FILTER_TYPE.GENERAL:
// We do not want to change any tabs, just provide functionListOutput as the result
buttonApplyReplace.Visible = false;
buttonApplyNew.Text = "Apply";
// We cannot clip data to selection
this.radioTimeRangeClip.Enabled = false;
break;
}
}
public oTabFunctionList(oTabManager parent, ToolStrip toolStrip, Panel panelMain, ToolStrip mainToolStrip, string tabTitle, oFunctionList functionList, oVisMain visMain, oVisPlayBar visPlayBar)
: base(parent, toolStrip, panelMain, mainToolStrip, tabTitle)
{
// Initialize the controls we need
InitializeComponents();
// Set the data source for the control
functionListControl.FunctionList = functionList;
// Set the function list parent tab
if (functionList != null)
{
functionList.parentControl = functionListControl;
}
}
/// <summary>
/// Sets the currently active function list.
/// </summary>
/// <param name="data">The function list currently viewable.</param>
public void setData(oFunctionList data)
{
// Update the data
functionList = data;
}
private void updatePredictedOutput()
{
// Parse the input parameters
int minCallCount = getCallCountMin();
int maxCallCount = getCallCountMax();
// Validate input arguments again
if (minCallCount < 0 | maxCallCount < 0 && maxCallCount >= minCallCount)
{
return;
}
// Load the time range selection radial menu
int timeSelection = (radioTimeRangeAll.Checked ? 1 : 0) + (radioTimeRangeClip.Checked ? 2 : 0);
// Load the arg filter type selection radial menu
int argFilterSelection = (radioArgAny.Checked ? 1 : 0) + (radioArg1Byte.Checked ? 2 : 0) +
(radioArg2Byte.Checked ? 3 : 0) + (radioArg4Byte.Checked ? 4 : 0) +
(radioArgFloat.Checked ? 5 : 0);
// Load the arg string selection radial menu
int argStringSelection = (radioStringAny.Checked ? 1 : 0) + (radioStringYes.Checked ? 2 : 0) +
(radioStringMatch.Checked ? 3 : 0);
// Load the arg binary selection radial menu
int argBinarySelection = (radioBinaryAny.Checked ? 1 : 0) + (radioBinaryPartial.Checked ? 2 : 0) +
(radioBinaryStart.Checked ? 3 : 0);
// Load the argument count filter
int argMinCount;
int argMaxCount;
if (!getArgRange(out argMinCount, out argMaxCount))
{
return;
}
// Validate the input of the arg filter selection
RANGE_PARSE args = null;
switch (argFilterSelection)
{
case 2:
args = new RANGE_PARSE_1BYTE(text1Byte);
break;
case 3:
args = new RANGE_PARSE_2BYTE(text2Byte);
break;
case 4:
args = new RANGE_PARSE_4BYTE(text4Byte);
break;
case 5:
args = new RANGE_PARSE_FLOAT(textFloat);
break;
}
if (args != null && !args.valid)
{
return;
}
// Create a copy of the original function list
functionListOutput = functionList.Clone();
// Perform the data clipping if required
if (timeSelection == 2)
{
// Clip the data to the selected region
// Firstly replace the function list output with the selected time series output
functionListOutput = playBar.getSelectedFunctionList().Clone();
// Now clip it to the selected range
functionListOutput.clipCalls_timeRange(playBar.selectStart, playBar.selectEnd);
}
// Filter the data based on the source and destination if required
if (checkAddressFunction.Checked)
{
// Filter based on the function address
RANGE_PARSE_4BYTE range = new RANGE_PARSE_4BYTE(textAddressRangeFunction);
if (range.valid)
{
functionListOutput.clipCalls_addressDest(range);
}
}
if (checkAddressSource.Checked)
{
// Filter based on the call source address
RANGE_PARSE_4BYTE range = new RANGE_PARSE_4BYTE(textAddressRangeSource);
if (range.valid)
{
functionListOutput.clipCalls_addressSource(range);
}
}
// Perform the argument count filtering
functionListOutput.clipCalls_argumentCount(argMinCount, argMaxCount);
// Perform the argument searching
if (args != null)
{
functionListOutput.clipCalls_argument(args);
}
// Filter based on the string arguments
switch (argStringSelection)
{
case 1:
// Any call
break;
case 2:
// Only calls with strings
functionListOutput.clipCalls_hasStringArgument();
break;
case 3:
// Calls with string match
functionListOutput.clipCalls_hasStringArgumentMatch(textStringMatch.Text, checkStringCaseSensitive.Checked);
break;
}
// Filter based on the binary dereference arguments
// Validate the data
byte[] binaryData;
if (!readByteHexString(textBinaryMatch.Text, out binaryData))
{
// Invalid hex string
textBinaryMatch.BackColor = Color.MediumVioletRed;
}
else
{
// Valid hex string
textBinaryMatch.BackColor = Color.White;
}
switch (argBinarySelection)
{
case 1:
// Any call
break;
case 2:
// Only calls with a partial binary match
functionListOutput.clipCalls_hasBinaryArgumentMatch(binaryData, false);
break;
case 3:
// Only calls with a starts-with binary match
functionListOutput.clipCalls_hasBinaryArgumentMatch(binaryData, true);
break;
}
// Perform the call type filtering
if (radioTypeInter.Checked || radioTypeIntra.Checked)
{
functionListOutput.clipCalls_type((radioTypeInter.Checked ? 1 : 2));
}
// Perform the call count filtering and clip the resulting functions
functionListOutput.clipFunctions_CallCount(minCallCount, maxCallCount);
// Update the displays
functionGrid.Rows.Clear();
functionGrid.RowCount = functionListOutput.getCount();
functionGrid.Invalidate();
this.Update();
labelCallsBefore.Text = string.Concat(functionList.getCallCount().ToString(), " calls before filtering.");
labelCallsAfter.Text = string.Concat(functionListOutput.getCallCount().ToString(), " calls after filtering.");
labelFunctionsBefore.Text = string.Concat(functionList.getCount().ToString(), " functions before filtering.");
labelFunctionsAfter.Text = string.Concat(functionListOutput.getCount().ToString(), " functions after filtering.");
}
/// <summary>
/// Sets the currently active function list.
/// </summary>
/// <param name="data">The function list currently viewable.</param>
public void setData(oFunctionList data)
{
// Update the data
functionList = data;
}
public void TryToApplySignature(DataGridViewSelectedRowCollection selectedRows, oFunctionList functionList)
{
DialogResult showDialog = ShowDialog();
if (showDialog == DialogResult.OK)
{
foreach (ListViewItem item in listSignatures.Items)
{
if (item.Checked)
{
EntpackSignature(item.SubItems[1].Text);
if (!BuildIndex())
{
return;
}
foreach (DataGridViewRow selectedRow in selectedRows)
{
oFunction function = functionList.getFunction(selectedRow.Index);
string functionName = GetFunctionName(function.getSignature());
if (functionName != string.Empty)
{
function.name = functionName;
}
}
}
}
}
}
/// <summary>
/// Add a new time-series from the specified function list.
/// </summary>
/// <param name="list"></param>
/// <param name="name"></param>
public void addTimeSeriesFromFunctionList(oFunctionList list, string name)
{
// Create a new time series
timeseriesPlots.Add(new oTimeseriesPlot(list, name, timeseriesPlots.Count, timeseriesPlots.Count + 1, drawingFont, mainVisualization, device));
// Invalidate all the plots
foreach (oTimeseriesPlot plot in timeseriesPlots)
plot.setNumRows(timeseriesPlots.Count);
}
/// <summary>
/// This creates a new tab for sending funciton calls.
/// </summary>
/// <param name="name">Display name of the tab.</param>
/// <param name="select">Whether or not to select this new tab.</param>
public void addCallSenderTab(string name, bool @select, oFunctionList data)
{
// Create the new oTab class and tab page
oTabCallSender tabCallSender = new oTabCallSender(this, toolStrip, panelMain, mainToolStrip, name, data);
tabs.Add(tabCallSender);
tabController.TabPages.Add(tabCallSender.WorkingPage);
tabCallSender.WorkingPage.ImageIndex = tabController.ImageList.Images.IndexOfKey(@"memoryview.ico");
if (select)
tabController.SelectedTab = tabCallSender.WorkingPage;
}
/// <summary>
/// Sets the currently active function list.
/// </summary>
/// <param name="data">The function list currently viewable.</param>
public void setData(oFunctionList newList)
{
// Update the data
functionList = newList;
// Invalidate everything
validAxis = false;
validCursor = false;
validLogPlot = false;
validSelection = false;
validMouse = false;
}
/// <summary>
/// initialise function list
/// </summary>
/// <param name="functionList">The function list.</param>
public void SetFunctionList(oFunctionList functionList)
{
functionListControl.FunctionList = functionList;
}
/// <summary>
/// initialise function list
/// </summary>
/// <param name="functionList">The function list.</param>
public void SetFunctionList(oFunctionList functionList)
{
functionListControl.FunctionList = functionList;
}
/// <summary>
/// This creates a new tab from a list of functions with specified name.
/// </summary>
/// <param name="name">Display name of the tab.</param>
/// <param name="functionList">The list of functions to use.</param>
/// <param name="select">Whether or not to select this new tab.</param>
/// <param name="filtered">Whether or not is function subset - just for presentation.</param>
public void addFunctionListTab(string name, oFunctionList functionList, bool select, bool filtered)
{
// Create the new oTab class and tab page
oTabFunctionList tabFunctionList = new oTabFunctionList(this, toolStrip, panelMain, mainToolStrip, name, functionList, visMain, visPlayBar);
tabs.Add(tabFunctionList);
tabController.TabPages.Add(tabFunctionList.WorkingPage);
tabFunctionList.WorkingPage.ImageIndex = tabController.ImageList.Images.IndexOfKey(filtered ? @"FunctionFilter.ico" : @"FunctionFull.ico");
if( select )
{
// Deactivate the selected tab
if( tabController.SelectedIndex >= 0 && tabController.SelectedIndex < tabController.TabPages.Count )
tabs[tabController.SelectedIndex].deactivate();
// Select the new tab page
tabController.SelectedIndex = tabs.Count - 1;
tabs[tabs.Count - 1].activate();
}
}
/// <summary>
/// Sets the currently active function list.
/// </summary>
/// <param name="data">The function list currently viewable.</param>
public void setData(oFunctionList newList)
{
// Update the data
baseFunctionList = newList;
// Update all the subplots with the data
generateSubplotFunctionLists();
// Set the cursor to the end of the data
DISPLAY_RANGE range = getDisplayRange();
double time = range.tMaxDataset;
setCursor(time, cursorWidth, 0);
// Render any changes immediately
Render();
}