public static executionState readExecutionState()
{
executionState readExecutionState = new executionState();
String disAssemblyLine = ProcessCommunicator.readLine();
if (disAssemblyLine.Trim() == "" || disAssemblyLine == "error")
{
throw new Exception("Execution resulted in error");
}
else if (disAssemblyLine == "DISASSEMBLY:")
{
disAssemblyLine = "";
String currDisAssemblyLine = ProcessCommunicator.readLine();
while (true)
{
disAssemblyLine = disAssemblyLine + currDisAssemblyLine + "\r\n";
currDisAssemblyLine = ProcessCommunicator.readLine();
if (currDisAssemblyLine == "Disassembly end") break;
}
}
readExecutionState.disassembly = disAssemblyLine;
String registersLine = ProcessCommunicator.readLine();
foreach (String registerAndValue in registersLine.Split('\t'))
{
String registerName = registerAndValue.Split(':')[0];
String registerValue = registerAndValue.Split(':')[1];
String[] registerValueSplitted = registerValue.Split('-');
if (registerValue.IndexOf("-") != -1)
{
String commentValue = registerValueSplitted[1];
registerValue = registerValueSplitted[0];
String CPIndex = Utils.HexString2Ascii(registerValueSplitted[2]);
commentValue = Utils.HexString2Ascii(commentValue);
readExecutionState.SetPropertyAsString(registerName + "CPInfo", CPIndex);
readExecutionState.SetPropertyAsString(registerName + "Comment", commentValue);
}
readExecutionState.SetPropertyAsString(registerName, registerValue);
}
String eflagsLine = ProcessCommunicator.readLine();
foreach (String registerAndValue in eflagsLine.Split('\t'))
{
String registerName = registerAndValue.Split(':')[0];
String registerValue = registerAndValue.Split(':')[1];
readExecutionState.SetPropertyAsString(registerName, registerValue != "0");
}
String stackStartLine = ProcessCommunicator.readLine();
readExecutionState.stackStart = stackStartLine.Substring(12);
String stack = "";
while (true)
{
String currentStackLine = ProcessCommunicator.readLine();
stack = stack + currentStackLine + "\t";
if (currentStackLine == "Stack end") break;
}
readExecutionState.stack = stack;
return readExecutionState;
}
public ExecutionStepForm(executionState state, int stepNumberInt)
{
InitializeComponent();
this.stepNumber.Text = "Step:" + stepNumberInt;
setDisassemblyText(this.Disassembly, state.disassembly.ToString());
stackList.MouseEnter += new System.EventHandler(MainForm.getInstance().ExecutionsResultsContainer_MouseEnter);
Disassembly.MouseEnter += new System.EventHandler(MainForm.getInstance().ExecutionsResultsContainer_MouseEnter);
this.EAXInfo.Text = state.EAXComment;
if (state.EAXCPInfo != "")
{
setToolTip("CP Index: " + state.EAXCPInfo, EAX);
this.EAXLabel.ForeColor = Color.FromArgb(255, 255, 200);
this.EAX.ForeColor = Color.FromArgb(255, 255, 200);
this.EAXInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.ECXInfo.Text = state.ECXComment;
if (state.ECXCPInfo != "")
{
setToolTip("CP Index: " + state.ECXCPInfo, ECX);
this.ECXLabel.ForeColor = Color.FromArgb(255, 255, 200);
this.ECX.ForeColor = Color.FromArgb(255, 255, 200);
this.ECXInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.EDXInfo.Text = state.EDXComment;
if (state.EDXCPInfo != "")
{
setToolTip("CP Index: " + state.EDXCPInfo, EDX);
this.EDXLabel.ForeColor = Color.FromArgb(255, 255, 200);
this.EDX.ForeColor = Color.FromArgb(255, 255, 200);
this.EDXInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.EBXInfo.Text = state.EBXComment;
if (state.EBXCPInfo != "")
{
setToolTip("CP Index: " + state.EBXCPInfo, EBX);
this.EBXLabel.ForeColor = Color.FromArgb(255, 255, 200);
this.EBX.ForeColor = Color.FromArgb(255, 255, 200);
this.EBXInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.ESPInfo.Text = state.ESPComment;
if (state.ESPCPInfo != "")
{
setToolTip("CP Index: " + state.ESPCPInfo, ESP);
this.ESPLabel.ForeColor = Color.FromArgb(255, 255, 200);
this.ESP.ForeColor = Color.FromArgb(255, 255, 200);
this.ESPInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.EBPInfo.Text = state.EBPComment;
if (state.EBPCPInfo != "")
{
setToolTip("CP Index: " + state.EBPCPInfo, EBP);
this.EBPLabel.ForeColor = Color.FromArgb(255, 255, 200);
this.EBP.ForeColor = Color.FromArgb(255, 255, 200);
this.EBPInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.ESIInfo.Text = state.ESIComment;
if (state.ESICPInfo != "")
{
setToolTip("CP Index: " + state.ESICPInfo, ESI);
this.ESILabel.ForeColor = Color.FromArgb(255, 255, 200);
this.ESI.ForeColor = Color.FromArgb(255, 255, 200);
this.ESIInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.EDIInfo.Text = state.EDIComment;
if (state.EDICPInfo != "")
{
setToolTip("CP Index: " + state.EDICPInfo, EDI);
this.EDILabel.ForeColor = Color.FromArgb(255, 255, 200);
this.EDI.ForeColor = Color.FromArgb(255, 255, 200);
this.EDIInfo.ForeColor = Color.FromArgb(255, 255, 200);
}
this.EIPInfo.Text = state.EIPComment;
this.EAX.Text = state.EAX.ToString().Replace("0x", "");
this.ECX.Text = state.ECX.ToString().Replace("0x", "");
this.EDX.Text = state.EDX.ToString().Replace("0x", "");
this.EBX.Text = state.EBX.ToString().Replace("0x", "");
this.ESP.Text = state.ESP.ToString().Replace("0x", "");
this.EBP.Text = state.EBP.ToString().Replace("0x", "");
this.ESI.Text = state.ESI.ToString().Replace("0x", "");
this.EDI.Text = state.EDI.ToString().Replace("0x", "");
this.EIP.Text = state.EIP.ToString().Replace("0x", "");
this.C.Text = state.C ? "1" : "0";
this.P.Text = state.P ? "1" : "0";
this.A.Text = state.A ? "1" : "0";
this.Z.Text = state.Z ? "1" : "0";
this.S.Text = state.S ? "1" : "0";
this.T.Text = state.T ? "1" : "0";
uint stackStart = Convert.ToUInt32(state.stackStart.Replace("0x", ""), 16);
string readData = state.stack;
ListViewItem toSelect = null;
//We make a collection of items to add to the stack listview, to figure out witch items that are focus candites
//But we wait to add them to the listview as it is a very very slow operation, that can run in a seperate thread
//allowing the other form to continue being created.
//Though we need to tell the focus candidates before we can continue creating the next form
List<ListViewItem> itemsToAdd = new List<ListViewItem>();
foreach (String stackLine in state.stack.Split('\t'))
{
if (stackLine == "Stack end" || (stackLine == "")) break;
if (stackLine.IndexOf(":") != -1)
{
string stackAddrAsHex = stackLine.Split(':')[0];
string stackValueAndComment = stackLine.Split(':')[1];
string[] stackValueCommentCPIndexArray = stackValueAndComment.Split('-');
string stackValue = stackValueCommentCPIndexArray[0].Replace(" ", "").Replace("0x", "");
string comment = Utils.HexString2Ascii(stackValueCommentCPIndexArray[1].ToString());
string CPIndex = Utils.HexString2Ascii(stackValueCommentCPIndexArray[2].ToString());
ListViewItem itemToAdd = new ListViewItem(new[] { stackAddrAsHex, stackValue, Utils.toAscii(Utils.endianSwitch(stackValue)), comment, CPIndex });
string toolTipText = comment;
int toolTipMaxLength = 150;
if (toolTipText.Length > toolTipMaxLength)
{
toolTipText = toolTipText.Substring(0, toolTipMaxLength);
}
if (toolTipText != "" && CPIndex != "")
{
toolTipText = toolTipText + "\r\n";
}
if (CPIndex != "")
{
itemToAdd.ForeColor = Color.FromArgb(255, 255, 200);
toolTipText = toolTipText + "CP Index:" + CPIndex;
}
if (this.ESP.Text == stackAddrAsHex.Remove(0, 2))
{
itemToAdd.ForeColor = Color.Red;
}
itemToAdd.ToolTipText = toolTipText;
if (stackAddrAsHex == state.ESP.ToString())
{
toSelect = itemToAdd;
}
itemsToAdd.Add(itemToAdd);
}
}
stackList.BeginUpdate();
foreach (ListViewItem stackItem in itemsToAdd)
{
stackList.Items.Add(stackItem);
}
stackList.EndUpdate();
if (toSelect != null)
{
if (toSelect.SubItems[4].Text != "")
{
toSelect.Focused = true;
stackList.EnsureVisible(toSelect.Index);
stackList.TopItem = toSelect;
CyclicPatternForm.getInstance().addFocusCandidate(Convert.ToInt32(toSelect.SubItems[4].Text));
}
}
}