Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-07-27 19:41:40 +00:00
Code Issues Projects Releases Packages Wiki Activity

- enumerate symbols instead of simple lookup, this makes the program slow, but you can now see if an adress has more than one name

Browse source 
svn path=/trunk/; revision=31456
This commit is contained in:
Timo Kreuzer 2007-12-27 03:42:56 +00:00
parent dd3cdddf47
commit 68dbbc3eaf
1 changed files with 22 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

32
rosapps/devutils/syscalldump/syscalldump.c
View file

@ -77,9 +77,19 @@ GetOffsetFromName(HANDLE hProcess, PSYMBOL_INFO pSym, PBYTE pModule, PCSTR Name,
printf("SymGetSymFromName64() failed: %ld\n", GetLastError()); printf("SymGetSymFromName64() failed: %ld\n", GetLastError());
return 0; return 0;
} }
printf("looking up adress for %s: 0x%llx\n", Name, pSym->Address);
return GetOffsetFromAdress64(pModule, pSym->Address - pSym->ModBase, pbX64); return GetOffsetFromAdress64(pModule, pSym->Address - pSym->ModBase, pbX64);
} }
BOOL CALLBACK EnumSymbolsProc(
PSYMBOL_INFO pSymInfo,
ULONG SymbolSize,
PVOID UserContext)
{
printf("%s@%d ", pSymInfo->Name, (UINT)UserContext);
return TRUE;
}
int main(int argc, char* argv[]) int main(int argc, char* argv[])
{ {
HANDLE hProcess; HANDLE hProcess;
@ -159,16 +169,16 @@ cont:
dwW32pServiceTable = GetOffsetFromName(hProcess, &Sym.Symbol, pModule, "W32pServiceTable", &bX64); dwW32pServiceTable = GetOffsetFromName(hProcess, &Sym.Symbol, pModule, "W32pServiceTable", &bX64);
dwW32pServiceLimit = GetOffsetFromName(hProcess, &Sym.Symbol, pModule, "W32pServiceLimit", &bX64); dwW32pServiceLimit = GetOffsetFromName(hProcess, &Sym.Symbol, pModule, "W32pServiceLimit", &bX64);
dwW32pArgumentTable = GetOffsetFromName(hProcess, &Sym.Symbol, pModule, "W32pArgumentTable", &bX64); dwW32pArgumentTable = GetOffsetFromName(hProcess, &Sym.Symbol, pModule, "W32pArgumentTable", &bX64);
printf("dwW32pServiceTable = %llx\n", dwW32pServiceTable);
printf("dwW32pServiceLimit = %llx\n", dwW32pServiceLimit);
printf("dwW32pArgumentTable = %llx\n", dwW32pArgumentTable);
if (!dwW32pServiceTable || !dwW32pServiceLimit || !dwW32pArgumentTable) if (!dwW32pServiceTable || !dwW32pServiceLimit || !dwW32pArgumentTable)
{ {
printf("Couldn't find adress!\n"); printf("Couldn't find adress!\n");
goto cleanup; goto cleanup;
} }
printf("dwW32pServiceTable = %llx\n", dwW32pServiceTable);
printf("dwW32pServiceLimit = %llx\n", dwW32pServiceLimit);
printf("dwW32pArgumentTable = %llx\n", dwW32pArgumentTable);
dwServiceLimit = *((DWORD*)(pModule + dwW32pServiceLimit)); dwServiceLimit = *((DWORD*)(pModule + dwW32pServiceLimit));
pdwArgs = (BYTE*)(pModule + dwW32pArgumentTable); pdwArgs = (BYTE*)(pModule + dwW32pArgumentTable);
@ -176,20 +186,22 @@ cont:
{ {
DWORD *pdwEntries32 = (DWORD*)(pModule + dwW32pServiceTable); DWORD *pdwEntries32 = (DWORD*)(pModule + dwW32pServiceTable);
for (i = 0; i <= dwServiceLimit; i++) for (i = 0; i < dwServiceLimit; i++)
{ {
SymFromAddr(hProcess, (DWORD64)pdwEntries32[i], 0, &Sym.Symbol); printf("0x%x:", i+0x1000);
printf("0x%x:%s@%d\n", i+0x1000, Sym.Symbol.Name, pdwArgs[i]); SymEnumSymbolsForAddr(hProcess, (DWORD64)pdwEntries32[i], EnumSymbolsProc, (PVOID)(DWORD)pdwArgs[i]);
printf("\n");
} }
} }
else else
{ {
DWORD64 *pdwEntries64 = (DWORD64*)(pModule + dwW32pServiceTable); DWORD64 *pdwEntries64 = (DWORD64*)(pModule + dwW32pServiceTable);
for (i = 0; i <= dwServiceLimit; i++) for (i = 0; i < dwServiceLimit; i++)
{ {
SymFromAddr(hProcess, (DWORD64)pdwEntries64[i], 0, &Sym.Symbol); printf("0x%x:", i+0x1000);
printf("0x%x:%s@%d\n", i+0x1000, Sym.Symbol.Name, pdwArgs[i]); SymEnumSymbolsForAddr(hProcess, (DWORD64)pdwEntries64[i], EnumSymbolsProc, (PVOID)(i+0x1000));
printf("\n");
} }
} }