| Home | Trees | Indices | Help |
|
|---|
|
|
1 #!/usr/bin/env python 2 # -*- coding: utf-8 -*- 3 4 # Copyright (c) 2009-2014, Mario Vilas 5 # All rights reserved. 6 # 7 # Redistribution and use in source and binary forms, with or without 8 # modification, are permitted provided that the following conditions are met: 9 # 10 # * Redistributions of source code must retain the above copyright notice, 11 # this list of conditions and the following disclaimer. 12 # * Redistributions in binary form must reproduce the above copyright 13 # notice,this list of conditions and the following disclaimer in the 14 # documentation and/or other materials provided with the distribution. 15 # * Neither the name of the copyright holder nor the names of its 16 # contributors may be used to endorse or promote products derived from 17 # this software without specific prior written permission. 18 # 19 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 20 # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 23 # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 # POSSIBILITY OF SUCH DAMAGE. 30 31 """ 32 Wrapper for dbghelp.dll in ctypes. 33 """ 34 35 __revision__ = "$Id: dbghelp.py 1299 2013-12-20 09:30:55Z qvasimodo $" 36 37 from defines import * 38 from version import * 39 from kernel32 import * 40 41 # DbgHelp versions and features list: 42 # http://msdn.microsoft.com/en-us/library/windows/desktop/ms679294(v=vs.85).aspx 43 44 #------------------------------------------------------------------------------ 45 # Tries to load the newest version of dbghelp.dll if available. 4648 49 from os import getenv 50 from os.path import join 51 52 if arch == ARCH_AMD64: 53 if wow64: 54 pathname = join( 55 getenv("ProgramFiles(x86)", 56 getenv("ProgramFiles")), 57 "Debugging Tools for Windows (x86)", 58 "dbghelp.dll") 59 else: 60 pathname = join( 61 getenv("ProgramFiles"), 62 "Debugging Tools for Windows (x64)", 63 "dbghelp.dll") 64 elif arch == ARCH_I386: 65 pathname = join( 66 getenv("ProgramFiles"), 67 "Debugging Tools for Windows (x86)", 68 "dbghelp.dll") 69 else: 70 pathname = None 71 72 if pathname: 73 try: 74 _dbghelp = ctypes.windll.LoadLibrary(pathname) 75 ctypes.windll.dbghelp = _dbghelp 76 except Exception: 77 pass78 79 _load_latest_dbghelp_dll() 80 81 # Recover the old binding of the "os" symbol. 82 # XXX FIXME not sure if I really need to do this! 83 ##from version import os 84 85 #------------------------------------------------------------------------------ 86 87 #============================================================================== 88 # This is used later on to calculate the list of exported symbols. 89 _all = None 90 _all = set(vars().keys()) 91 #============================================================================== 92 93 # SymGetHomeDirectory "type" values 94 hdBase = 0 95 hdSym = 1 96 hdSrc = 2 97 98 UNDNAME_32_BIT_DECODE = 0x0800 99 UNDNAME_COMPLETE = 0x0000 100 UNDNAME_NAME_ONLY = 0x1000 101 UNDNAME_NO_ACCESS_SPECIFIERS = 0x0080 102 UNDNAME_NO_ALLOCATION_LANGUAGE = 0x0010 103 UNDNAME_NO_ALLOCATION_MODEL = 0x0008 104 UNDNAME_NO_ARGUMENTS = 0x2000 105 UNDNAME_NO_CV_THISTYPE = 0x0040 106 UNDNAME_NO_FUNCTION_RETURNS = 0x0004 107 UNDNAME_NO_LEADING_UNDERSCORES = 0x0001 108 UNDNAME_NO_MEMBER_TYPE = 0x0200 109 UNDNAME_NO_MS_KEYWORDS = 0x0002 110 UNDNAME_NO_MS_THISTYPE = 0x0020 111 UNDNAME_NO_RETURN_UDT_MODEL = 0x0400 112 UNDNAME_NO_SPECIAL_SYMS = 0x4000 113 UNDNAME_NO_THISTYPE = 0x0060 114 UNDNAME_NO_THROW_SIGNATURES = 0x0100 115 116 #--- IMAGEHLP_MODULE structure and related ------------------------------------ 117 118 SYMOPT_ALLOW_ABSOLUTE_SYMBOLS = 0x00000800 119 SYMOPT_ALLOW_ZERO_ADDRESS = 0x01000000 120 SYMOPT_AUTO_PUBLICS = 0x00010000 121 SYMOPT_CASE_INSENSITIVE = 0x00000001 122 SYMOPT_DEBUG = 0x80000000 123 SYMOPT_DEFERRED_LOADS = 0x00000004 124 SYMOPT_DISABLE_SYMSRV_AUTODETECT = 0x02000000 125 SYMOPT_EXACT_SYMBOLS = 0x00000400 126 SYMOPT_FAIL_CRITICAL_ERRORS = 0x00000200 127 SYMOPT_FAVOR_COMPRESSED = 0x00800000 128 SYMOPT_FLAT_DIRECTORY = 0x00400000 129 SYMOPT_IGNORE_CVREC = 0x00000080 130 SYMOPT_IGNORE_IMAGEDIR = 0x00200000 131 SYMOPT_IGNORE_NT_SYMPATH = 0x00001000 132 SYMOPT_INCLUDE_32BIT_MODULES = 0x00002000 133 SYMOPT_LOAD_ANYTHING = 0x00000040 134 SYMOPT_LOAD_LINES = 0x00000010 135 SYMOPT_NO_CPP = 0x00000008 136 SYMOPT_NO_IMAGE_SEARCH = 0x00020000 137 SYMOPT_NO_PROMPTS = 0x00080000 138 SYMOPT_NO_PUBLICS = 0x00008000 139 SYMOPT_NO_UNQUALIFIED_LOADS = 0x00000100 140 SYMOPT_OVERWRITE = 0x00100000 141 SYMOPT_PUBLICS_ONLY = 0x00004000 142 SYMOPT_SECURE = 0x00040000 143 SYMOPT_UNDNAME = 0x00000002 144 145 ##SSRVOPT_DWORD 146 ##SSRVOPT_DWORDPTR 147 ##SSRVOPT_GUIDPTR 148 ## 149 ##SSRVOPT_CALLBACK 150 ##SSRVOPT_DOWNSTREAM_STORE 151 ##SSRVOPT_FLAT_DEFAULT_STORE 152 ##SSRVOPT_FAVOR_COMPRESSED 153 ##SSRVOPT_NOCOPY 154 ##SSRVOPT_OVERWRITE 155 ##SSRVOPT_PARAMTYPE 156 ##SSRVOPT_PARENTWIN 157 ##SSRVOPT_PROXY 158 ##SSRVOPT_RESET 159 ##SSRVOPT_SECURE 160 ##SSRVOPT_SETCONTEXT 161 ##SSRVOPT_TRACE 162 ##SSRVOPT_UNATTENDED 163 164 # typedef enum 165 # { 166 # SymNone = 0, 167 # SymCoff, 168 # SymCv, 169 # SymPdb, 170 # SymExport, 171 # SymDeferred, 172 # SymSym, 173 # SymDia, 174 # SymVirtual, 175 # NumSymTypes 176 # } SYM_TYPE; 177 SymNone = 0 178 SymCoff = 1 179 SymCv = 2 180 SymPdb = 3 181 SymExport = 4 182 SymDeferred = 5 183 SymSym = 6 184 SymDia = 7 185 SymVirtual = 8 186 NumSymTypes = 9 187 188 # typedef struct _IMAGEHLP_MODULE64 { 189 # DWORD SizeOfStruct; 190 # DWORD64 BaseOfImage; 191 # DWORD ImageSize; 192 # DWORD TimeDateStamp; 193 # DWORD CheckSum; 194 # DWORD NumSyms; 195 # SYM_TYPE SymType; 196 # TCHAR ModuleName[32]; 197 # TCHAR ImageName[256]; 198 # TCHAR LoadedImageName[256]; 199 # TCHAR LoadedPdbName[256]; 200 # DWORD CVSig; 201 # TCHAR CVData[MAX_PATH*3]; 202 # DWORD PdbSig; 203 # GUID PdbSig70; 204 # DWORD PdbAge; 205 # BOOL PdbUnmatched; 206 # BOOL DbgUnmatched; 207 # BOOL LineNumbers; 208 # BOOL GlobalSymbols; 209 # BOOL TypeInfo; 210 # BOOL SourceIndexed; 211 # BOOL Publics; 212 # } IMAGEHLP_MODULE64, *PIMAGEHLP_MODULE64; 213215 _fields_ = [ 216 ("SizeOfStruct", DWORD), 217 ("BaseOfImage", DWORD), 218 ("ImageSize", DWORD), 219 ("TimeDateStamp", DWORD), 220 ("CheckSum", DWORD), 221 ("NumSyms", DWORD), 222 ("SymType", DWORD), # SYM_TYPE 223 ("ModuleName", CHAR * 32), 224 ("ImageName", CHAR * 256), 225 ("LoadedImageName", CHAR * 256), 226 ]227 PIMAGEHLP_MODULE = POINTER(IMAGEHLP_MODULE) 228230 _fields_ = [ 231 ("SizeOfStruct", DWORD), 232 ("BaseOfImage", DWORD64), 233 ("ImageSize", DWORD), 234 ("TimeDateStamp", DWORD), 235 ("CheckSum", DWORD), 236 ("NumSyms", DWORD), 237 ("SymType", DWORD), # SYM_TYPE 238 ("ModuleName", CHAR * 32), 239 ("ImageName", CHAR * 256), 240 ("LoadedImageName", CHAR * 256), 241 ("LoadedPdbName", CHAR * 256), 242 ("CVSig", DWORD), 243 ("CVData", CHAR * (MAX_PATH * 3)), 244 ("PdbSig", DWORD), 245 ("PdbSig70", GUID), 246 ("PdbAge", DWORD), 247 ("PdbUnmatched", BOOL), 248 ("DbgUnmatched", BOOL), 249 ("LineNumbers", BOOL), 250 ("GlobalSymbols", BOOL), 251 ("TypeInfo", BOOL), 252 ("SourceIndexed", BOOL), 253 ("Publics", BOOL), 254 ]255 PIMAGEHLP_MODULE64 = POINTER(IMAGEHLP_MODULE64) 256258 _fields_ = [ 259 ("SizeOfStruct", DWORD), 260 ("BaseOfImage", DWORD), 261 ("ImageSize", DWORD), 262 ("TimeDateStamp", DWORD), 263 ("CheckSum", DWORD), 264 ("NumSyms", DWORD), 265 ("SymType", DWORD), # SYM_TYPE 266 ("ModuleName", WCHAR * 32), 267 ("ImageName", WCHAR * 256), 268 ("LoadedImageName", WCHAR * 256), 269 ]270 PIMAGEHLP_MODULEW = POINTER(IMAGEHLP_MODULEW) 271273 _fields_ = [ 274 ("SizeOfStruct", DWORD), 275 ("BaseOfImage", DWORD64), 276 ("ImageSize", DWORD), 277 ("TimeDateStamp", DWORD), 278 ("CheckSum", DWORD), 279 ("NumSyms", DWORD), 280 ("SymType", DWORD), # SYM_TYPE 281 ("ModuleName", WCHAR * 32), 282 ("ImageName", WCHAR * 256), 283 ("LoadedImageName", WCHAR * 256), 284 ("LoadedPdbName", WCHAR * 256), 285 ("CVSig", DWORD), 286 ("CVData", WCHAR * (MAX_PATH * 3)), 287 ("PdbSig", DWORD), 288 ("PdbSig70", GUID), 289 ("PdbAge", DWORD), 290 ("PdbUnmatched", BOOL), 291 ("DbgUnmatched", BOOL), 292 ("LineNumbers", BOOL), 293 ("GlobalSymbols", BOOL), 294 ("TypeInfo", BOOL), 295 ("SourceIndexed", BOOL), 296 ("Publics", BOOL), 297 ]298 PIMAGEHLP_MODULEW64 = POINTER(IMAGEHLP_MODULEW64) 299 300 #--- dbghelp.dll -------------------------------------------------------------- 301 302 # XXX the ANSI versions of these functions don't end in "A" as expected! 303 304 # BOOL WINAPI MakeSureDirectoryPathExists( 305 # _In_ PCSTR DirPath 306 # );308 _MakeSureDirectoryPathExists = windll.dbghelp.MakeSureDirectoryPathExists 309 _MakeSureDirectoryPathExists.argtypes = [LPSTR] 310 _MakeSureDirectoryPathExists.restype = bool 311 _MakeSureDirectoryPathExists.errcheck = RaiseIfZero 312 return _MakeSureDirectoryPathExists(DirPath)313 314 MakeSureDirectoryPathExistsW = MakeWideVersion(MakeSureDirectoryPathExistsA) 315 MakeSureDirectoryPathExists = GuessStringType(MakeSureDirectoryPathExistsA, MakeSureDirectoryPathExistsW) 316 317 # BOOL WINAPI SymInitialize( 318 # __in HANDLE hProcess, 319 # __in_opt PCTSTR UserSearchPath, 320 # __in BOOL fInvadeProcess 321 # );323 _SymInitialize = windll.dbghelp.SymInitialize 324 _SymInitialize.argtypes = [HANDLE, LPSTR, BOOL] 325 _SymInitialize.restype = bool 326 _SymInitialize.errcheck = RaiseIfZero 327 if not UserSearchPath: 328 UserSearchPath = None 329 _SymInitialize(hProcess, UserSearchPath, fInvadeProcess)330 331 SymInitializeW = MakeWideVersion(SymInitializeA) 332 SymInitialize = GuessStringType(SymInitializeA, SymInitializeW) 333 334 # BOOL WINAPI SymCleanup( 335 # __in HANDLE hProcess 336 # );338 _SymCleanup = windll.dbghelp.SymCleanup 339 _SymCleanup.argtypes = [HANDLE] 340 _SymCleanup.restype = bool 341 _SymCleanup.errcheck = RaiseIfZero 342 _SymCleanup(hProcess)343 344 # BOOL WINAPI SymRefreshModuleList( 345 # __in HANDLE hProcess 346 # );348 _SymRefreshModuleList = windll.dbghelp.SymRefreshModuleList 349 _SymRefreshModuleList.argtypes = [HANDLE] 350 _SymRefreshModuleList.restype = bool 351 _SymRefreshModuleList.errcheck = RaiseIfZero 352 _SymRefreshModuleList(hProcess)353 354 # BOOL WINAPI SymSetParentWindow( 355 # __in HWND hwnd 356 # );358 _SymSetParentWindow = windll.dbghelp.SymSetParentWindow 359 _SymSetParentWindow.argtypes = [HWND] 360 _SymSetParentWindow.restype = bool 361 _SymSetParentWindow.errcheck = RaiseIfZero 362 _SymSetParentWindow(hwnd)363 364 # DWORD WINAPI SymSetOptions( 365 # __in DWORD SymOptions 366 # );368 _SymSetOptions = windll.dbghelp.SymSetOptions 369 _SymSetOptions.argtypes = [DWORD] 370 _SymSetOptions.restype = DWORD 371 _SymSetOptions.errcheck = RaiseIfZero 372 _SymSetOptions(SymOptions)373 374 # DWORD WINAPI SymGetOptions(void);376 _SymGetOptions = windll.dbghelp.SymGetOptions 377 _SymGetOptions.argtypes = [] 378 _SymGetOptions.restype = DWORD 379 return _SymGetOptions()380 381 # DWORD WINAPI SymLoadModule( 382 # __in HANDLE hProcess, 383 # __in_opt HANDLE hFile, 384 # __in_opt PCSTR ImageName, 385 # __in_opt PCSTR ModuleName, 386 # __in DWORD BaseOfDll, 387 # __in DWORD SizeOfDll 388 # );389 -def SymLoadModuleA(hProcess, hFile = None, ImageName = None, ModuleName = None, BaseOfDll = None, SizeOfDll = None):390 _SymLoadModule = windll.dbghelp.SymLoadModule 391 _SymLoadModule.argtypes = [HANDLE, HANDLE, LPSTR, LPSTR, DWORD, DWORD] 392 _SymLoadModule.restype = DWORD 393 394 if not ImageName: 395 ImageName = None 396 if not ModuleName: 397 ModuleName = None 398 if not BaseOfDll: 399 BaseOfDll = 0 400 if not SizeOfDll: 401 SizeOfDll = 0 402 SetLastError(ERROR_SUCCESS) 403 lpBaseAddress = _SymLoadModule(hProcess, hFile, ImageName, ModuleName, BaseOfDll, SizeOfDll) 404 if lpBaseAddress == NULL: 405 dwErrorCode = GetLastError() 406 if dwErrorCode != ERROR_SUCCESS: 407 raise ctypes.WinError(dwErrorCode) 408 return lpBaseAddress409 410 SymLoadModuleW = MakeWideVersion(SymLoadModuleA) 411 SymLoadModule = GuessStringType(SymLoadModuleA, SymLoadModuleW) 412 413 # DWORD64 WINAPI SymLoadModule64( 414 # __in HANDLE hProcess, 415 # __in_opt HANDLE hFile, 416 # __in_opt PCSTR ImageName, 417 # __in_opt PCSTR ModuleName, 418 # __in DWORD64 BaseOfDll, 419 # __in DWORD SizeOfDll 420 # );421 -def SymLoadModule64A(hProcess, hFile = None, ImageName = None, ModuleName = None, BaseOfDll = None, SizeOfDll = None):422 _SymLoadModule64 = windll.dbghelp.SymLoadModule64 423 _SymLoadModule64.argtypes = [HANDLE, HANDLE, LPSTR, LPSTR, DWORD64, DWORD] 424 _SymLoadModule64.restype = DWORD64 425 426 if not ImageName: 427 ImageName = None 428 if not ModuleName: 429 ModuleName = None 430 if not BaseOfDll: 431 BaseOfDll = 0 432 if not SizeOfDll: 433 SizeOfDll = 0 434 SetLastError(ERROR_SUCCESS) 435 lpBaseAddress = _SymLoadModule64(hProcess, hFile, ImageName, ModuleName, BaseOfDll, SizeOfDll) 436 if lpBaseAddress == NULL: 437 dwErrorCode = GetLastError() 438 if dwErrorCode != ERROR_SUCCESS: 439 raise ctypes.WinError(dwErrorCode) 440 return lpBaseAddress441 442 SymLoadModule64W = MakeWideVersion(SymLoadModule64A) 443 SymLoadModule64 = GuessStringType(SymLoadModule64A, SymLoadModule64W) 444 445 # BOOL WINAPI SymUnloadModule( 446 # __in HANDLE hProcess, 447 # __in DWORD BaseOfDll 448 # );450 _SymUnloadModule = windll.dbghelp.SymUnloadModule 451 _SymUnloadModule.argtypes = [HANDLE, DWORD] 452 _SymUnloadModule.restype = bool 453 _SymUnloadModule.errcheck = RaiseIfZero 454 _SymUnloadModule(hProcess, BaseOfDll)455 456 # BOOL WINAPI SymUnloadModule64( 457 # __in HANDLE hProcess, 458 # __in DWORD64 BaseOfDll 459 # );461 _SymUnloadModule64 = windll.dbghelp.SymUnloadModule64 462 _SymUnloadModule64.argtypes = [HANDLE, DWORD64] 463 _SymUnloadModule64.restype = bool 464 _SymUnloadModule64.errcheck = RaiseIfZero 465 _SymUnloadModule64(hProcess, BaseOfDll)466 467 # BOOL WINAPI SymGetModuleInfo( 468 # __in HANDLE hProcess, 469 # __in DWORD dwAddr, 470 # __out PIMAGEHLP_MODULE ModuleInfo 471 # );473 _SymGetModuleInfo = windll.dbghelp.SymGetModuleInfo 474 _SymGetModuleInfo.argtypes = [HANDLE, DWORD, PIMAGEHLP_MODULE] 475 _SymGetModuleInfo.restype = bool 476 _SymGetModuleInfo.errcheck = RaiseIfZero 477 478 ModuleInfo = IMAGEHLP_MODULE() 479 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo) 480 _SymGetModuleInfo(hProcess, dwAddr, byref(ModuleInfo)) 481 return ModuleInfo482484 _SymGetModuleInfoW = windll.dbghelp.SymGetModuleInfoW 485 _SymGetModuleInfoW.argtypes = [HANDLE, DWORD, PIMAGEHLP_MODULEW] 486 _SymGetModuleInfoW.restype = bool 487 _SymGetModuleInfoW.errcheck = RaiseIfZero 488 489 ModuleInfo = IMAGEHLP_MODULEW() 490 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo) 491 _SymGetModuleInfoW(hProcess, dwAddr, byref(ModuleInfo)) 492 return ModuleInfo493 494 SymGetModuleInfo = GuessStringType(SymGetModuleInfoA, SymGetModuleInfoW) 495 496 # BOOL WINAPI SymGetModuleInfo64( 497 # __in HANDLE hProcess, 498 # __in DWORD64 dwAddr, 499 # __out PIMAGEHLP_MODULE64 ModuleInfo 500 # );502 _SymGetModuleInfo64 = windll.dbghelp.SymGetModuleInfo64 503 _SymGetModuleInfo64.argtypes = [HANDLE, DWORD64, PIMAGEHLP_MODULE64] 504 _SymGetModuleInfo64.restype = bool 505 _SymGetModuleInfo64.errcheck = RaiseIfZero 506 507 ModuleInfo = IMAGEHLP_MODULE64() 508 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo) 509 _SymGetModuleInfo64(hProcess, dwAddr, byref(ModuleInfo)) 510 return ModuleInfo511513 _SymGetModuleInfo64W = windll.dbghelp.SymGetModuleInfo64W 514 _SymGetModuleInfo64W.argtypes = [HANDLE, DWORD64, PIMAGEHLP_MODULE64W] 515 _SymGetModuleInfo64W.restype = bool 516 _SymGetModuleInfo64W.errcheck = RaiseIfZero 517 518 ModuleInfo = IMAGEHLP_MODULE64W() 519 ModuleInfo.SizeOfStruct = sizeof(ModuleInfo) 520 _SymGetModuleInfo64W(hProcess, dwAddr, byref(ModuleInfo)) 521 return ModuleInfo522 523 SymGetModuleInfo64 = GuessStringType(SymGetModuleInfo64A, SymGetModuleInfo64W) 524 525 # BOOL CALLBACK SymEnumerateModulesProc( 526 # __in PCTSTR ModuleName, 527 # __in DWORD BaseOfDll, 528 # __in_opt PVOID UserContext 529 # ); 530 PSYM_ENUMMODULES_CALLBACK = WINFUNCTYPE(BOOL, LPSTR, DWORD, PVOID) 531 PSYM_ENUMMODULES_CALLBACKW = WINFUNCTYPE(BOOL, LPWSTR, DWORD, PVOID) 532 533 # BOOL CALLBACK SymEnumerateModulesProc64( 534 # __in PCTSTR ModuleName, 535 # __in DWORD64 BaseOfDll, 536 # __in_opt PVOID UserContext 537 # ); 538 PSYM_ENUMMODULES_CALLBACK64 = WINFUNCTYPE(BOOL, LPSTR, DWORD64, PVOID) 539 PSYM_ENUMMODULES_CALLBACKW64 = WINFUNCTYPE(BOOL, LPWSTR, DWORD64, PVOID) 540 541 # BOOL WINAPI SymEnumerateModules( 542 # __in HANDLE hProcess, 543 # __in PSYM_ENUMMODULES_CALLBACK EnumModulesCallback, 544 # __in_opt PVOID UserContext 545 # );547 _SymEnumerateModules = windll.dbghelp.SymEnumerateModules 548 _SymEnumerateModules.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACK, PVOID] 549 _SymEnumerateModules.restype = bool 550 _SymEnumerateModules.errcheck = RaiseIfZero 551 552 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACK(EnumModulesCallback) 553 if UserContext: 554 UserContext = ctypes.pointer(UserContext) 555 else: 556 UserContext = LPVOID(NULL) 557 _SymEnumerateModules(hProcess, EnumModulesCallback, UserContext)558560 _SymEnumerateModulesW = windll.dbghelp.SymEnumerateModulesW 561 _SymEnumerateModulesW.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACKW, PVOID] 562 _SymEnumerateModulesW.restype = bool 563 _SymEnumerateModulesW.errcheck = RaiseIfZero 564 565 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACKW(EnumModulesCallback) 566 if UserContext: 567 UserContext = ctypes.pointer(UserContext) 568 else: 569 UserContext = LPVOID(NULL) 570 _SymEnumerateModulesW(hProcess, EnumModulesCallback, UserContext)571 572 SymEnumerateModules = GuessStringType(SymEnumerateModulesA, SymEnumerateModulesW) 573 574 # BOOL WINAPI SymEnumerateModules64( 575 # __in HANDLE hProcess, 576 # __in PSYM_ENUMMODULES_CALLBACK64 EnumModulesCallback, 577 # __in_opt PVOID UserContext 578 # );580 _SymEnumerateModules64 = windll.dbghelp.SymEnumerateModules64 581 _SymEnumerateModules64.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACK64, PVOID] 582 _SymEnumerateModules64.restype = bool 583 _SymEnumerateModules64.errcheck = RaiseIfZero 584 585 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACK64(EnumModulesCallback) 586 if UserContext: 587 UserContext = ctypes.pointer(UserContext) 588 else: 589 UserContext = LPVOID(NULL) 590 _SymEnumerateModules64(hProcess, EnumModulesCallback, UserContext)591593 _SymEnumerateModules64W = windll.dbghelp.SymEnumerateModules64W 594 _SymEnumerateModules64W.argtypes = [HANDLE, PSYM_ENUMMODULES_CALLBACK64W, PVOID] 595 _SymEnumerateModules64W.restype = bool 596 _SymEnumerateModules64W.errcheck = RaiseIfZero 597 598 EnumModulesCallback = PSYM_ENUMMODULES_CALLBACK64W(EnumModulesCallback) 599 if UserContext: 600 UserContext = ctypes.pointer(UserContext) 601 else: 602 UserContext = LPVOID(NULL) 603 _SymEnumerateModules64W(hProcess, EnumModulesCallback, UserContext)604 605 SymEnumerateModules64 = GuessStringType(SymEnumerateModules64A, SymEnumerateModules64W) 606 607 # BOOL CALLBACK SymEnumerateSymbolsProc( 608 # __in PCTSTR SymbolName, 609 # __in DWORD SymbolAddress, 610 # __in ULONG SymbolSize, 611 # __in_opt PVOID UserContext 612 # ); 613 PSYM_ENUMSYMBOLS_CALLBACK = WINFUNCTYPE(BOOL, LPSTR, DWORD, ULONG, PVOID) 614 PSYM_ENUMSYMBOLS_CALLBACKW = WINFUNCTYPE(BOOL, LPWSTR, DWORD, ULONG, PVOID) 615 616 # BOOL CALLBACK SymEnumerateSymbolsProc64( 617 # __in PCTSTR SymbolName, 618 # __in DWORD64 SymbolAddress, 619 # __in ULONG SymbolSize, 620 # __in_opt PVOID UserContext 621 # ); 622 PSYM_ENUMSYMBOLS_CALLBACK64 = WINFUNCTYPE(BOOL, LPSTR, DWORD64, ULONG, PVOID) 623 PSYM_ENUMSYMBOLS_CALLBACKW64 = WINFUNCTYPE(BOOL, LPWSTR, DWORD64, ULONG, PVOID) 624 625 # BOOL WINAPI SymEnumerateSymbols( 626 # __in HANDLE hProcess, 627 # __in ULONG BaseOfDll, 628 # __in PSYM_ENUMSYMBOLS_CALLBACK EnumSymbolsCallback, 629 # __in_opt PVOID UserContext 630 # );632 _SymEnumerateSymbols = windll.dbghelp.SymEnumerateSymbols 633 _SymEnumerateSymbols.argtypes = [HANDLE, ULONG, PSYM_ENUMSYMBOLS_CALLBACK, PVOID] 634 _SymEnumerateSymbols.restype = bool 635 _SymEnumerateSymbols.errcheck = RaiseIfZero 636 637 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACK(EnumSymbolsCallback) 638 if UserContext: 639 UserContext = ctypes.pointer(UserContext) 640 else: 641 UserContext = LPVOID(NULL) 642 _SymEnumerateSymbols(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)643645 _SymEnumerateSymbolsW = windll.dbghelp.SymEnumerateSymbolsW 646 _SymEnumerateSymbolsW.argtypes = [HANDLE, ULONG, PSYM_ENUMSYMBOLS_CALLBACKW, PVOID] 647 _SymEnumerateSymbolsW.restype = bool 648 _SymEnumerateSymbolsW.errcheck = RaiseIfZero 649 650 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACKW(EnumSymbolsCallback) 651 if UserContext: 652 UserContext = ctypes.pointer(UserContext) 653 else: 654 UserContext = LPVOID(NULL) 655 _SymEnumerateSymbolsW(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)656 657 SymEnumerateSymbols = GuessStringType(SymEnumerateSymbolsA, SymEnumerateSymbolsW) 658 659 # BOOL WINAPI SymEnumerateSymbols64( 660 # __in HANDLE hProcess, 661 # __in ULONG64 BaseOfDll, 662 # __in PSYM_ENUMSYMBOLS_CALLBACK64 EnumSymbolsCallback, 663 # __in_opt PVOID UserContext 664 # );666 _SymEnumerateSymbols64 = windll.dbghelp.SymEnumerateSymbols64 667 _SymEnumerateSymbols64.argtypes = [HANDLE, ULONG64, PSYM_ENUMSYMBOLS_CALLBACK64, PVOID] 668 _SymEnumerateSymbols64.restype = bool 669 _SymEnumerateSymbols64.errcheck = RaiseIfZero 670 671 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACK64(EnumSymbolsCallback) 672 if UserContext: 673 UserContext = ctypes.pointer(UserContext) 674 else: 675 UserContext = LPVOID(NULL) 676 _SymEnumerateSymbols64(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)677679 _SymEnumerateSymbols64W = windll.dbghelp.SymEnumerateSymbols64W 680 _SymEnumerateSymbols64W.argtypes = [HANDLE, ULONG64, PSYM_ENUMSYMBOLS_CALLBACK64W, PVOID] 681 _SymEnumerateSymbols64W.restype = bool 682 _SymEnumerateSymbols64W.errcheck = RaiseIfZero 683 684 EnumSymbolsCallback = PSYM_ENUMSYMBOLS_CALLBACK64W(EnumSymbolsCallback) 685 if UserContext: 686 UserContext = ctypes.pointer(UserContext) 687 else: 688 UserContext = LPVOID(NULL) 689 _SymEnumerateSymbols64W(hProcess, BaseOfDll, EnumSymbolsCallback, UserContext)690 691 SymEnumerateSymbols64 = GuessStringType(SymEnumerateSymbols64A, SymEnumerateSymbols64W) 692 693 # DWORD WINAPI UnDecorateSymbolName( 694 # __in PCTSTR DecoratedName, 695 # __out PTSTR UnDecoratedName, 696 # __in DWORD UndecoratedLength, 697 # __in DWORD Flags 698 # );700 _UnDecorateSymbolNameA = windll.dbghelp.UnDecorateSymbolName 701 _UnDecorateSymbolNameA.argtypes = [LPSTR, LPSTR, DWORD, DWORD] 702 _UnDecorateSymbolNameA.restype = DWORD 703 _UnDecorateSymbolNameA.errcheck = RaiseIfZero 704 705 UndecoratedLength = _UnDecorateSymbolNameA(DecoratedName, None, 0, Flags) 706 UnDecoratedName = ctypes.create_string_buffer('', UndecoratedLength + 1) 707 _UnDecorateSymbolNameA(DecoratedName, UnDecoratedName, UndecoratedLength, Flags) 708 return UnDecoratedName.value709711 _UnDecorateSymbolNameW = windll.dbghelp.UnDecorateSymbolNameW 712 _UnDecorateSymbolNameW.argtypes = [LPWSTR, LPWSTR, DWORD, DWORD] 713 _UnDecorateSymbolNameW.restype = DWORD 714 _UnDecorateSymbolNameW.errcheck = RaiseIfZero 715 716 UndecoratedLength = _UnDecorateSymbolNameW(DecoratedName, None, 0, Flags) 717 UnDecoratedName = ctypes.create_unicode_buffer(u'', UndecoratedLength + 1) 718 _UnDecorateSymbolNameW(DecoratedName, UnDecoratedName, UndecoratedLength, Flags) 719 return UnDecoratedName.value720 721 UnDecorateSymbolName = GuessStringType(UnDecorateSymbolNameA, UnDecorateSymbolNameW) 722 723 # BOOL WINAPI SymGetSearchPath( 724 # __in HANDLE hProcess, 725 # __out PTSTR SearchPath, 726 # __in DWORD SearchPathLength 727 # );729 _SymGetSearchPath = windll.dbghelp.SymGetSearchPath 730 _SymGetSearchPath.argtypes = [HANDLE, LPSTR, DWORD] 731 _SymGetSearchPath.restype = bool 732 _SymGetSearchPath.errcheck = RaiseIfZero 733 734 SearchPathLength = MAX_PATH 735 SearchPath = ctypes.create_string_buffer("", SearchPathLength) 736 _SymGetSearchPath(hProcess, SearchPath, SearchPathLength) 737 return SearchPath.value738740 _SymGetSearchPathW = windll.dbghelp.SymGetSearchPathW 741 _SymGetSearchPathW.argtypes = [HANDLE, LPWSTR, DWORD] 742 _SymGetSearchPathW.restype = bool 743 _SymGetSearchPathW.errcheck = RaiseIfZero 744 745 SearchPathLength = MAX_PATH 746 SearchPath = ctypes.create_unicode_buffer(u"", SearchPathLength) 747 _SymGetSearchPathW(hProcess, SearchPath, SearchPathLength) 748 return SearchPath.value749 750 SymGetSearchPath = GuessStringType(SymGetSearchPathA, SymGetSearchPathW) 751 752 # BOOL WINAPI SymSetSearchPath( 753 # __in HANDLE hProcess, 754 # __in_opt PCTSTR SearchPath 755 # );757 _SymSetSearchPath = windll.dbghelp.SymSetSearchPath 758 _SymSetSearchPath.argtypes = [HANDLE, LPSTR] 759 _SymSetSearchPath.restype = bool 760 _SymSetSearchPath.errcheck = RaiseIfZero 761 if not SearchPath: 762 SearchPath = None 763 _SymSetSearchPath(hProcess, SearchPath)764766 _SymSetSearchPathW = windll.dbghelp.SymSetSearchPathW 767 _SymSetSearchPathW.argtypes = [HANDLE, LPWSTR] 768 _SymSetSearchPathW.restype = bool 769 _SymSetSearchPathW.errcheck = RaiseIfZero 770 if not SearchPath: 771 SearchPath = None 772 _SymSetSearchPathW(hProcess, SearchPath)773 774 SymSetSearchPath = GuessStringType(SymSetSearchPathA, SymSetSearchPathW) 775 776 # PTCHAR WINAPI SymGetHomeDirectory( 777 # __in DWORD type, 778 # __out PTSTR dir, 779 # __in size_t size 780 # );782 _SymGetHomeDirectoryA = windll.dbghelp.SymGetHomeDirectoryA 783 _SymGetHomeDirectoryA.argtypes = [DWORD, LPSTR, SIZE_T] 784 _SymGetHomeDirectoryA.restype = LPSTR 785 _SymGetHomeDirectoryA.errcheck = RaiseIfZero 786 787 size = MAX_PATH 788 dir = ctypes.create_string_buffer("", size) 789 _SymGetHomeDirectoryA(type, dir, size) 790 return dir.value791793 _SymGetHomeDirectoryW = windll.dbghelp.SymGetHomeDirectoryW 794 _SymGetHomeDirectoryW.argtypes = [DWORD, LPWSTR, SIZE_T] 795 _SymGetHomeDirectoryW.restype = LPWSTR 796 _SymGetHomeDirectoryW.errcheck = RaiseIfZero 797 798 size = MAX_PATH 799 dir = ctypes.create_unicode_buffer(u"", size) 800 _SymGetHomeDirectoryW(type, dir, size) 801 return dir.value802 803 SymGetHomeDirectory = GuessStringType(SymGetHomeDirectoryA, SymGetHomeDirectoryW) 804 805 # PTCHAR WINAPI SymSetHomeDirectory( 806 # __in HANDLE hProcess, 807 # __in_opt PCTSTR dir 808 # );810 _SymSetHomeDirectoryA = windll.dbghelp.SymSetHomeDirectoryA 811 _SymSetHomeDirectoryA.argtypes = [HANDLE, LPSTR] 812 _SymSetHomeDirectoryA.restype = LPSTR 813 _SymSetHomeDirectoryA.errcheck = RaiseIfZero 814 if not dir: 815 dir = None 816 _SymSetHomeDirectoryA(hProcess, dir) 817 return dir818820 _SymSetHomeDirectoryW = windll.dbghelp.SymSetHomeDirectoryW 821 _SymSetHomeDirectoryW.argtypes = [HANDLE, LPWSTR] 822 _SymSetHomeDirectoryW.restype = LPWSTR 823 _SymSetHomeDirectoryW.errcheck = RaiseIfZero 824 if not dir: 825 dir = None 826 _SymSetHomeDirectoryW(hProcess, dir) 827 return dir828 829 SymSetHomeDirectory = GuessStringType(SymSetHomeDirectoryA, SymSetHomeDirectoryW) 830 831 #--- DbgHelp 5+ support, patch by Neitsa -------------------------------------- 832 833 # XXX TODO 834 # + use the GuessStringType decorator for ANSI/Wide versions 835 # + replace hardcoded struct sizes with sizeof() calls 836 # + StackWalk64 should raise on error, but something has to be done about it 837 # not setting the last error code (maybe we should call SetLastError 838 # ourselves with a default error code?) 839 # /Mario 840 841 #maximum length of a symbol name 842 MAX_SYM_NAME = 2000 843845 _fields_ = [ 846 ("SizeOfStruct", ULONG), 847 ("TypeIndex", ULONG), 848 ("Reserved", ULONG64 * 2), 849 ("Index", ULONG), 850 ("Size", ULONG), 851 ("ModBase", ULONG64), 852 ("Flags", ULONG), 853 ("Value", ULONG64), 854 ("Address", ULONG64), 855 ("Register", ULONG), 856 ("Scope", ULONG), 857 ("Tag", ULONG), 858 ("NameLen", ULONG), 859 ("MaxNameLen", ULONG), 860 ("Name", CHAR * (MAX_SYM_NAME + 1)), 861 ]862 PSYM_INFO = POINTER(SYM_INFO) 863865 _fields_ = [ 866 ("SizeOfStruct", ULONG), 867 ("TypeIndex", ULONG), 868 ("Reserved", ULONG64 * 2), 869 ("Index", ULONG), 870 ("Size", ULONG), 871 ("ModBase", ULONG64), 872 ("Flags", ULONG), 873 ("Value", ULONG64), 874 ("Address", ULONG64), 875 ("Register", ULONG), 876 ("Scope", ULONG), 877 ("Tag", ULONG), 878 ("NameLen", ULONG), 879 ("MaxNameLen", ULONG), 880 ("Name", WCHAR * (MAX_SYM_NAME + 1)), 881 ]882 PSYM_INFOW = POINTER(SYM_INFOW) 883 884 #=============================================================================== 885 # BOOL WINAPI SymFromName( 886 # __in HANDLE hProcess, 887 # __in PCTSTR Name, 888 # __inout PSYMBOL_INFO Symbol 889 # ); 890 #===============================================================================892 _SymFromNameA = windll.dbghelp.SymFromName 893 _SymFromNameA.argtypes = [HANDLE, LPSTR, PSYM_INFO] 894 _SymFromNameA.restype = bool 895 _SymFromNameA.errcheck = RaiseIfZero 896 897 SymInfo = SYM_INFO() 898 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFO) in C. 899 SymInfo.MaxNameLen = MAX_SYM_NAME 900 901 _SymFromNameA(hProcess, Name, byref(SymInfo)) 902 903 return SymInfo904906 _SymFromNameW = windll.dbghelp.SymFromNameW 907 _SymFromNameW.argtypes = [HANDLE, LPWSTR, PSYM_INFOW] 908 _SymFromNameW.restype = bool 909 _SymFromNameW.errcheck = RaiseIfZero 910 911 SymInfo = SYM_INFOW() 912 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFOW) in C. 913 SymInfo.MaxNameLen = MAX_SYM_NAME 914 915 _SymFromNameW(hProcess, Name, byref(SymInfo)) 916 917 return SymInfo918 919 #=============================================================================== 920 # BOOL WINAPI SymFromAddr( 921 # __in HANDLE hProcess, 922 # __in DWORD64 Address, 923 # __out_opt PDWORD64 Displacement, 924 # __inout PSYMBOL_INFO Symbol 925 # ); 926 #===============================================================================928 _SymFromAddr = windll.dbghelp.SymFromAddr 929 _SymFromAddr.argtypes = [HANDLE, DWORD64, PDWORD64, PSYM_INFO] 930 _SymFromAddr.restype = bool 931 _SymFromAddr.errcheck = RaiseIfZero 932 933 SymInfo = SYM_INFO() 934 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFO) in C. 935 SymInfo.MaxNameLen = MAX_SYM_NAME 936 937 Displacement = DWORD64(0) 938 _SymFromAddr(hProcess, Address, byref(Displacement), byref(SymInfo)) 939 940 return (Displacement.value, SymInfo)941943 _SymFromAddr = windll.dbghelp.SymFromAddrW 944 _SymFromAddr.argtypes = [HANDLE, DWORD64, PDWORD64, PSYM_INFOW] 945 _SymFromAddr.restype = bool 946 _SymFromAddr.errcheck = RaiseIfZero 947 948 SymInfo = SYM_INFOW() 949 SymInfo.SizeOfStruct = 88 # *don't modify*: sizeof(SYMBOL_INFOW) in C. 950 SymInfo.MaxNameLen = MAX_SYM_NAME 951 952 Displacement = DWORD64(0) 953 _SymFromAddr(hProcess, Address, byref(Displacement), byref(SymInfo)) 954 955 return (Displacement.value, SymInfo)956 957 #=============================================================================== 958 # typedef struct _IMAGEHLP_SYMBOL64 { 959 # DWORD SizeOfStruct; 960 # DWORD64 Address; 961 # DWORD Size; 962 # DWORD Flags; 963 # DWORD MaxNameLength; 964 # CHAR Name[1]; 965 # } IMAGEHLP_SYMBOL64, *PIMAGEHLP_SYMBOL64; 966 #===============================================================================968 _fields_ = [ 969 ("SizeOfStruct", DWORD), 970 ("Address", DWORD64), 971 ("Size", DWORD), 972 ("Flags", DWORD), 973 ("MaxNameLength", DWORD), 974 ("Name", CHAR * (MAX_SYM_NAME + 1)), 975 ]976 PIMAGEHLP_SYMBOL64 = POINTER(IMAGEHLP_SYMBOL64) 977 978 #=============================================================================== 979 # typedef struct _IMAGEHLP_SYMBOLW64 { 980 # DWORD SizeOfStruct; 981 # DWORD64 Address; 982 # DWORD Size; 983 # DWORD Flags; 984 # DWORD MaxNameLength; 985 # WCHAR Name[1]; 986 # } IMAGEHLP_SYMBOLW64, *PIMAGEHLP_SYMBOLW64; 987 #===============================================================================989 _fields_ = [ 990 ("SizeOfStruct", DWORD), 991 ("Address", DWORD64), 992 ("Size", DWORD), 993 ("Flags", DWORD), 994 ("MaxNameLength", DWORD), 995 ("Name", WCHAR * (MAX_SYM_NAME + 1)), 996 ]997 PIMAGEHLP_SYMBOLW64 = POINTER(IMAGEHLP_SYMBOLW64) 998 999 #=============================================================================== 1000 # BOOL WINAPI SymGetSymFromAddr64( 1001 # __in HANDLE hProcess, 1002 # __in DWORD64 Address, 1003 # __out_opt PDWORD64 Displacement, 1004 # __inout PIMAGEHLP_SYMBOL64 Symbol 1005 # ); 1006 #===============================================================================1008 _SymGetSymFromAddr64 = windll.dbghelp.SymGetSymFromAddr64 1009 _SymGetSymFromAddr64.argtypes = [HANDLE, DWORD64, PDWORD64, PIMAGEHLP_SYMBOL64] 1010 _SymGetSymFromAddr64.restype = bool 1011 _SymGetSymFromAddr64.errcheck = RaiseIfZero 1012 1013 imagehlp_symbol64 = IMAGEHLP_SYMBOL64() 1014 imagehlp_symbol64.SizeOfStruct = 32 # *don't modify*: sizeof(IMAGEHLP_SYMBOL64) in C. 1015 imagehlp_symbol64.MaxNameLen = MAX_SYM_NAME 1016 1017 Displacement = DWORD64(0) 1018 _SymGetSymFromAddr64(hProcess, Address, byref(Displacement), byref(imagehlp_symbol64)) 1019 1020 return (Displacement.value, imagehlp_symbol64)1021 1022 #TODO: check for the 'W' version of SymGetSymFromAddr64() 1023 1024 1025 #=============================================================================== 1026 # typedef struct API_VERSION { 1027 # USHORT MajorVersion; 1028 # USHORT MinorVersion; 1029 # USHORT Revision; 1030 # USHORT Reserved; 1031 # } API_VERSION, *LPAPI_VERSION; 1032 #===============================================================================1034 _fields_ = [ 1035 ("MajorVersion", USHORT), 1036 ("MinorVersion", USHORT), 1037 ("Revision", USHORT), 1038 ("Reserved", USHORT), 1039 ]1040 PAPI_VERSION = POINTER(API_VERSION) 1041 LPAPI_VERSION = PAPI_VERSION 1042 1043 #=============================================================================== 1044 # LPAPI_VERSION WINAPI ImagehlpApiVersion(void); 1045 #===============================================================================1047 _ImagehlpApiVersion = windll.dbghelp.ImagehlpApiVersion 1048 _ImagehlpApiVersion.restype = LPAPI_VERSION 1049 1050 api_version = _ImagehlpApiVersion() 1051 return api_version.contents1052 1053 1054 #=============================================================================== 1055 # LPAPI_VERSION WINAPI ImagehlpApiVersionEx( 1056 # __in LPAPI_VERSION AppVersion 1057 # ); 1058 #===============================================================================1060 _ImagehlpApiVersionEx = windll.dbghelp.ImagehlpApiVersionEx 1061 _ImagehlpApiVersionEx.argtypes = [LPAPI_VERSION] 1062 _ImagehlpApiVersionEx.restype = LPAPI_VERSION 1063 1064 api_version = API_VERSION(MajorVersion, MinorVersion, Revision, 0) 1065 1066 ret_api_version = _ImagehlpApiVersionEx(byref(api_version)) 1067 1068 return ret_api_version.contents1069 1070 #=============================================================================== 1071 # typedef enum { 1072 # AddrMode1616, 1073 # AddrMode1632, 1074 # AddrModeReal, 1075 # AddrModeFlat 1076 # } ADDRESS_MODE; 1077 #=============================================================================== 1078 AddrMode1616 = 0 1079 AddrMode1632 = 1 1080 AddrModeReal = 2 1081 AddrModeFlat = 3 1082 1083 ADDRESS_MODE = DWORD #needed for the size of an ADDRESS_MODE (see ADDRESS64) 1084 1085 #=============================================================================== 1086 # typedef struct _tagADDRESS64 { 1087 # DWORD64 Offset; 1088 # WORD Segment; 1089 # ADDRESS_MODE Mode; 1090 # } ADDRESS64, *LPADDRESS64; 1091 #===============================================================================1093 _fields_ = [ 1094 ("Offset", DWORD64), 1095 ("Segment", WORD), 1096 ("Mode", ADDRESS_MODE), #it's a member of the ADDRESS_MODE enum. 1097 ]1098 LPADDRESS64 = POINTER(ADDRESS64) 1099 1100 #=============================================================================== 1101 # typedef struct _KDHELP64 { 1102 # DWORD64 Thread; 1103 # DWORD ThCallbackStack; 1104 # DWORD ThCallbackBStore; 1105 # DWORD NextCallback; 1106 # DWORD FramePointer; 1107 # DWORD64 KiCallUserMode; 1108 # DWORD64 KeUserCallbackDispatcher; 1109 # DWORD64 SystemRangeStart; 1110 # DWORD64 KiUserExceptionDispatcher; 1111 # DWORD64 StackBase; 1112 # DWORD64 StackLimit; 1113 # DWORD64 Reserved[5]; 1114 # } KDHELP64, *PKDHELP64; 1115 #===============================================================================1117 _fields_ = [ 1118 ("Thread", DWORD64), 1119 ("ThCallbackStack", DWORD), 1120 ("ThCallbackBStore", DWORD), 1121 ("NextCallback", DWORD), 1122 ("FramePointer", DWORD), 1123 ("KiCallUserMode", DWORD64), 1124 ("KeUserCallbackDispatcher", DWORD64), 1125 ("SystemRangeStart", DWORD64), 1126 ("KiUserExceptionDispatcher", DWORD64), 1127 ("StackBase", DWORD64), 1128 ("StackLimit", DWORD64), 1129 ("Reserved", DWORD64 * 5), 1130 ]1131 PKDHELP64 = POINTER(KDHELP64) 1132 1133 #=============================================================================== 1134 # typedef struct _tagSTACKFRAME64 { 1135 # ADDRESS64 AddrPC; 1136 # ADDRESS64 AddrReturn; 1137 # ADDRESS64 AddrFrame; 1138 # ADDRESS64 AddrStack; 1139 # ADDRESS64 AddrBStore; 1140 # PVOID FuncTableEntry; 1141 # DWORD64 Params[4]; 1142 # BOOL Far; 1143 # BOOL Virtual; 1144 # DWORD64 Reserved[3]; 1145 # KDHELP64 KdHelp; 1146 # } STACKFRAME64, *LPSTACKFRAME64; 1147 #===============================================================================1149 _fields_ = [ 1150 ("AddrPC", ADDRESS64), 1151 ("AddrReturn", ADDRESS64), 1152 ("AddrFrame", ADDRESS64), 1153 ("AddrStack", ADDRESS64), 1154 ("AddrBStore", ADDRESS64), 1155 ("FuncTableEntry", PVOID), 1156 ("Params", DWORD64 * 4), 1157 ("Far", BOOL), 1158 ("Virtual", BOOL), 1159 ("Reserved", DWORD64 * 3), 1160 ("KdHelp", KDHELP64), 1161 ]1162 LPSTACKFRAME64 = POINTER(STACKFRAME64) 1163 1164 #=============================================================================== 1165 # BOOL CALLBACK ReadProcessMemoryProc64( 1166 # __in HANDLE hProcess, 1167 # __in DWORD64 lpBaseAddress, 1168 # __out PVOID lpBuffer, 1169 # __in DWORD nSize, 1170 # __out LPDWORD lpNumberOfBytesRead 1171 # ); 1172 #=============================================================================== 1173 PREAD_PROCESS_MEMORY_ROUTINE64 = WINFUNCTYPE(BOOL, HANDLE, DWORD64, PVOID, DWORD, LPDWORD) 1174 1175 #=============================================================================== 1176 # PVOID CALLBACK FunctionTableAccessProc64( 1177 # __in HANDLE hProcess, 1178 # __in DWORD64 AddrBase 1179 # ); 1180 #=============================================================================== 1181 PFUNCTION_TABLE_ACCESS_ROUTINE64 = WINFUNCTYPE(PVOID, HANDLE, DWORD64) 1182 1183 #=============================================================================== 1184 # DWORD64 CALLBACK GetModuleBaseProc64( 1185 # __in HANDLE hProcess, 1186 # __in DWORD64 Address 1187 # ); 1188 #=============================================================================== 1189 PGET_MODULE_BASE_ROUTINE64 = WINFUNCTYPE(DWORD64, HANDLE, DWORD64) 1190 1191 #=============================================================================== 1192 # DWORD64 CALLBACK GetModuleBaseProc64( 1193 # __in HANDLE hProcess, 1194 # __in DWORD64 Address 1195 # ); 1196 #=============================================================================== 1197 PTRANSLATE_ADDRESS_ROUTINE64 = WINFUNCTYPE(DWORD64, HANDLE, DWORD64) 1198 1199 # Valid machine types for StackWalk64 function 1200 IMAGE_FILE_MACHINE_I386 = 0x014c #Intel x86 1201 IMAGE_FILE_MACHINE_IA64 = 0x0200 #Intel Itanium Processor Family (IPF) 1202 IMAGE_FILE_MACHINE_AMD64 = 0x8664 #x64 (AMD64 or EM64T) 1203 1204 #=============================================================================== 1205 # BOOL WINAPI StackWalk64( 1206 # __in DWORD MachineType, 1207 # __in HANDLE hProcess, 1208 # __in HANDLE hThread, 1209 # __inout LPSTACKFRAME64 StackFrame, 1210 # __inout PVOID ContextRecord, 1211 # __in_opt PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, 1212 # __in_opt PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, 1213 # __in_opt PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, 1214 # __in_opt PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress 1215 # ); 1216 #===============================================================================1217 -def StackWalk64(MachineType, hProcess, hThread, StackFrame, 1218 ContextRecord = None, ReadMemoryRoutine = None, 1219 FunctionTableAccessRoutine = None, GetModuleBaseRoutine = None, 1220 TranslateAddress = None):1221 1222 _StackWalk64 = windll.dbghelp.StackWalk64 1223 _StackWalk64.argtypes = [DWORD, HANDLE, HANDLE, LPSTACKFRAME64, PVOID, 1224 PREAD_PROCESS_MEMORY_ROUTINE64, 1225 PFUNCTION_TABLE_ACCESS_ROUTINE64, 1226 PGET_MODULE_BASE_ROUTINE64, 1227 PTRANSLATE_ADDRESS_ROUTINE64] 1228 _StackWalk64.restype = bool 1229 1230 pReadMemoryRoutine = None 1231 if ReadMemoryRoutine: 1232 pReadMemoryRoutine = PREAD_PROCESS_MEMORY_ROUTINE64(ReadMemoryRoutine) 1233 else: 1234 pReadMemoryRoutine = ctypes.cast(None, PREAD_PROCESS_MEMORY_ROUTINE64) 1235 1236 pFunctionTableAccessRoutine = None 1237 if FunctionTableAccessRoutine: 1238 pFunctionTableAccessRoutine = PFUNCTION_TABLE_ACCESS_ROUTINE64(FunctionTableAccessRoutine) 1239 else: 1240 pFunctionTableAccessRoutine = ctypes.cast(None, PFUNCTION_TABLE_ACCESS_ROUTINE64) 1241 1242 pGetModuleBaseRoutine = None 1243 if GetModuleBaseRoutine: 1244 pGetModuleBaseRoutine = PGET_MODULE_BASE_ROUTINE64(GetModuleBaseRoutine) 1245 else: 1246 pGetModuleBaseRoutine = ctypes.cast(None, PGET_MODULE_BASE_ROUTINE64) 1247 1248 pTranslateAddress = None 1249 if TranslateAddress: 1250 pTranslateAddress = PTRANSLATE_ADDRESS_ROUTINE64(TranslateAddress) 1251 else: 1252 pTranslateAddress = ctypes.cast(None, PTRANSLATE_ADDRESS_ROUTINE64) 1253 1254 pContextRecord = None 1255 if ContextRecord is None: 1256 ContextRecord = GetThreadContext(hThread, raw=True) 1257 pContextRecord = PCONTEXT(ContextRecord) 1258 1259 #this function *DOESN'T* set last error [GetLastError()] properly most of the time. 1260 ret = _StackWalk64(MachineType, hProcess, hThread, byref(StackFrame), 1261 pContextRecord, pReadMemoryRoutine, 1262 pFunctionTableAccessRoutine, pGetModuleBaseRoutine, 1263 pTranslateAddress) 1264 1265 return ret1266 1267 #============================================================================== 1268 # This calculates the list of exported symbols. 1269 _all = set(vars().keys()).difference(_all) 1270 __all__ = [_x for _x in _all if not _x.startswith('_')] 1271 __all__.sort() 1272 #============================================================================== 1273
| Home | Trees | Indices | Help |
|
|---|
| Generated by Epydoc 3.0.1 on Fri Dec 20 17:55:23 2013 | http://epydoc.sourceforge.net |