public void LoadProcedure(Procedure_v1 sp) { try { var sser = platform.CreateProcedureSerializer(this, this.defaultConvention); var signature = sser.Deserialize(sp.Signature, platform.Architecture.CreateFrame()); library.Signatures[sp.Name] = signature; var mod = EnsureModule(this.moduleName, this.library); var svc = new SystemService { ModuleName = mod.ModuleName, Name = sp.Name, Signature = signature, }; mod.ServicesByName[sp.Name] = svc; //$BUGBUG: catch dupes? if (sp.Ordinal != Procedure_v1.NoOrdinal) { mod.ServicesByVector[sp.Ordinal] = svc; } } catch (Exception ex) { Debug.Print("An error occurred when loading the signature of procedure {0}.", sp.Name); throw new ApplicationException( string.Format("An error occurred when loading the signature of procedure {0}.", sp.Name), ex); } }
public void ProcessDeclaration(Decl declaration, IPlatform platform, TypeLibraryDeserializer tldser, SymbolTable symbolTable) { var types = symbolTable.AddDeclaration(declaration); var type = types[0]; int? vectorOffset = GetVectorOffset(declaration); if (vectorOffset.HasValue) { var ntde = new NamedDataTypeExtractor(platform, declaration.decl_specs, symbolTable); foreach (var declarator in declaration.init_declarator_list) { var nt = ntde.GetNameAndType(declarator.Declarator); var ssig = (SerializedSignature)nt.DataType; if (ssig.ReturnValue != null) { ssig.ReturnValue.Kind = ntde.GetArgumentKindFromAttributes( "returns", declaration.attribute_list); } var sser = platform.CreateProcedureSerializer(tldser, platform.DefaultCallingConvention); var sig = sser.Deserialize(ssig, platform.Architecture.CreateFrame()); SystemServices.Add( vectorOffset.Value, new SystemService { Name = nt.Name, SyscallInfo = new SyscallInfo { Vector = vectorOffset.Value, }, Signature = sig, }); } } }
public SystemService Build(IPlatform platform, TypeLibrary library) { SystemService svc = new SystemService(); svc.Name = Name; svc.SyscallInfo = new SyscallInfo(); svc.SyscallInfo.Vector = SyscallInfo != null ? Convert.ToInt32(SyscallInfo.Vector, 16) : this.Ordinal; if (SyscallInfo != null) { if (SyscallInfo.RegisterValues != null) { svc.SyscallInfo.RegisterValues = new RegValue[SyscallInfo.RegisterValues.Length]; for (int i = 0; i < SyscallInfo.RegisterValues.Length; ++i) { svc.SyscallInfo.RegisterValues[i] = new RegValue { Register = platform.Architecture.GetRegister(SyscallInfo.RegisterValues[i].Register), Value = Convert.ToInt32(SyscallInfo.RegisterValues[i].Value, 16), }; } } } if (svc.SyscallInfo.RegisterValues == null) { svc.SyscallInfo.RegisterValues = new RegValue[0]; } TypeLibraryDeserializer loader = new TypeLibraryDeserializer(platform, true, library); var sser = platform.CreateProcedureSerializer(loader, "stdapi"); svc.Signature = sser.Deserialize(Signature, platform.Architecture.CreateFrame()); svc.Characteristics = Characteristics != null ? Characteristics : DefaultProcedureCharacteristics.Instance; return svc; }
public void ProcessDeclaration(Decl declaration, IPlatform platform, TypeLibraryDeserializer tldser, SymbolTable symbolTable) { var types = symbolTable.AddDeclaration(declaration); var type = types[0]; int?vectorOffset = GetVectorOffset(declaration); if (vectorOffset.HasValue) { var ntde = new NamedDataTypeExtractor(platform, declaration.decl_specs, symbolTable); foreach (var declarator in declaration.init_declarator_list) { var nt = ntde.GetNameAndType(declarator.Declarator); var ssig = (SerializedSignature)nt.DataType; if (ssig.ReturnValue != null) { ssig.ReturnValue.Kind = ntde.GetArgumentKindFromAttributes( "returns", declaration.attribute_list); } var sser = platform.CreateProcedureSerializer(tldser, platform.DefaultCallingConvention); var sig = sser.Deserialize(ssig, platform.Architecture.CreateFrame()); SystemServices.Add( vectorOffset.Value, new SystemService { Name = nt.Name, SyscallInfo = new SyscallInfo { Vector = vectorOffset.Value, }, Signature = sig, }); } } }
public static Tuple <string, DataType, SerializedType> InferTypeFromName(string fnName, TypeLibraryDeserializer loader, IPlatform platform) { if (fnName[0] == '?') { // Microsoft-mangled signatures begin with '?' var pmnp = new MsMangledNameParser(fnName); Tuple <string, SerializedType, SerializedType> field = null; try { field = pmnp.Parse(); } catch (Exception ex) { Debug.Print("*** Error parsing {0}. {1}", fnName, ex.Message); return(null); } var sproc = field.Item2 as SerializedSignature; if (sproc != null) { var sser = platform.CreateProcedureSerializer(loader, sproc.Convention); var sig = sser.Deserialize(sproc, platform.Architecture.CreateFrame()); //$BUGBUG: catch dupes? return(new Tuple <string, DataType, SerializedType>( field.Item1, sig, field.Item3)); } else { var dt = field.Item2.Accept(loader); return(Tuple.Create(field.Item1, dt, field.Item3)); } } return(null); }
public SystemService Build(IPlatform platform, TypeLibrary library) { SystemService svc = new SystemService(); svc.Name = Name; svc.SyscallInfo = new SyscallInfo(); svc.SyscallInfo.Vector = SyscallInfo != null ? Convert.ToInt32(SyscallInfo.Vector, 16) : this.Ordinal; if (SyscallInfo != null) { if (SyscallInfo.RegisterValues != null) { svc.SyscallInfo.RegisterValues = new RegValue[SyscallInfo.RegisterValues.Length]; for (int i = 0; i < SyscallInfo.RegisterValues.Length; ++i) { svc.SyscallInfo.RegisterValues[i] = new RegValue { Register = platform.Architecture.GetRegister(SyscallInfo.RegisterValues[i].Register), Value = Convert.ToInt32(SyscallInfo.RegisterValues[i].Value, 16), }; } } } if (svc.SyscallInfo.RegisterValues == null) { svc.SyscallInfo.RegisterValues = new RegValue[0]; } TypeLibraryDeserializer loader = new TypeLibraryDeserializer(platform, true, library); var sser = platform.CreateProcedureSerializer(loader, "stdapi"); svc.Signature = sser.Deserialize(Signature, platform.Architecture.CreateFrame()); svc.Characteristics = Characteristics != null ? Characteristics : DefaultProcedureCharacteristics.Instance; return(svc); }
/// <summary> /// Guesses the signature of a procedure based on its name. /// </summary> /// <param name="fnName"></param> /// <param name="loader"></param> /// <param name="arch"></param> /// <returns></returns> public static ProcedureSignature SignatureFromName(string fnName, TypeLibraryDeserializer loader, IPlatform platform) { int argBytes; if (fnName[0] == '_') { // Win32 prefixes cdecl and stdcall functions with '_'. Stdcalls will have @<nn> // where <nn> is the number of bytes pushed on the stack. If 0 bytes are pushed // the result is indistinguishable from the corresponding cdecl call, which is OK. int lastAt = fnName.LastIndexOf('@'); if (lastAt < 0) return CdeclSignature(fnName.Substring(1), platform.Architecture); string name = fnName.Substring(1, lastAt - 1); if (!Int32.TryParse(fnName.Substring(lastAt + 1), out argBytes)) return CdeclSignature(name, platform.Architecture); else return StdcallSignature(name, argBytes, platform.Architecture); } else if (fnName[0] == '@') { // Win32 prefixes fastcall functions with '@'. int lastAt = fnName.LastIndexOf('@'); if (lastAt <= 0) return CdeclSignature(fnName.Substring(1), platform.Architecture); string name = fnName.Substring(1, lastAt - 1); if (!Int32.TryParse(fnName.Substring(lastAt + 1), out argBytes)) return CdeclSignature(name, platform.Architecture); else return FastcallSignature(name, argBytes, platform.Architecture); } else if (fnName[0] == '?') { // Microsoft-mangled signatures begin with '?' var pmnp = new MsMangledNameParser(fnName); StructField_v1 field = null; try { field = pmnp.Parse(); } catch (Exception ex) { Debug.Print("*** Error parsing {0}. {1}", fnName, ex.Message); pmnp.ToString(); return null; } var sproc = field.Type as SerializedSignature; if (sproc != null) { var sser = platform.CreateProcedureSerializer(loader, "__cdecl"); return sser.Deserialize(sproc, platform.Architecture.CreateFrame()); //$BUGBUG: catch dupes? } } return null; }
/// <summary> /// Guesses the signature of a procedure based on its name. /// </summary> /// <param name="fnName"></param> /// <param name="loader"></param> /// <param name="arch"></param> /// <returns></returns> public static ExternalProcedure SignatureFromName(string fnName, TypeLibraryDeserializer loader, IPlatform platform) { int argBytes; if (fnName[0] == '_') { // Win32 prefixes cdecl and stdcall functions with '_'. Stdcalls will have @<nn> // where <nn> is the number of bytes pushed on the stack. If 0 bytes are pushed // the result is indistinguishable from the corresponding cdecl call, which is OK. int lastAt = fnName.LastIndexOf('@'); if (lastAt < 0) { return(CdeclSignature(fnName.Substring(1), platform.Architecture)); } string name = fnName.Substring(1, lastAt - 1); if (!Int32.TryParse(fnName.Substring(lastAt + 1), out argBytes)) { return(CdeclSignature(name, platform.Architecture)); } else { return(StdcallSignature(name, argBytes, platform.Architecture)); } } else if (fnName[0] == '@') { // Win32 prefixes fastcall functions with '@'. int lastAt = fnName.LastIndexOf('@'); if (lastAt <= 0) { return(CdeclSignature(fnName.Substring(1), platform.Architecture)); } string name = fnName.Substring(1, lastAt - 1); if (!Int32.TryParse(fnName.Substring(lastAt + 1), out argBytes)) { return(CdeclSignature(name, platform.Architecture)); } else { return(FastcallSignature(name, argBytes, platform.Architecture)); } } else if (fnName[0] == '?') { // Microsoft-mangled signatures begin with '?' var pmnp = new MsMangledNameParser(fnName); StructField_v1 field = null; try { field = pmnp.Parse(); } catch (Exception ex) { Debug.Print("*** Error parsing {0}. {1}", fnName, ex.Message); return(null); } var sproc = field.Type as SerializedSignature; if (sproc != null) { var sser = platform.CreateProcedureSerializer(loader, sproc.Convention); var sig = sser.Deserialize(sproc, platform.Architecture.CreateFrame()); //$BUGBUG: catch dupes? return(new ExternalProcedure(field.Name, sig) { EnclosingType = sproc.EnclosingType }); } } return(null); }