Skip to content

Commit 94cec83

Browse files
tihmstartihmstar
committed
add deref functionality
1 parent 0141ec2 commit 94cec83

1 file changed

Lines changed: 59 additions & 1 deletion

File tree

tools/binrider/main.cpp

Lines changed: 59 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@ static struct option longopts[] = {
2929
{ "bof", required_argument, NULL, 0 },
3030
{ "bref", required_argument, NULL, 0 },
3131
{ "cref", required_argument, NULL, 0 },
32+
{ "derefmem", required_argument, NULL, 0 },
33+
{ "derefstr", required_argument, NULL, 0 },
3234
{ "fof" , required_argument, NULL, 0 },
3335
{ "stringloc", required_argument, NULL, 0 },
3436
{ "stringloc2", required_argument, NULL, 0 },
@@ -53,6 +55,8 @@ void cmd_help(){
5355
printf(" --bof <address>\t\t\t\tPrint beginning of function for address\n");
5456
printf(" --bref <address>\t\t\t\tPrint branch refs to address\n");
5557
printf(" --cref <address>\t\t\t\tPrint call refs to address\n");
58+
printf(" --derefmem <address>,<len>\tDump memory at address\n");
59+
printf(" --derefstr <address>\t\t\tDump string at address\n");
5660
printf(" --fof <address>\t\t\t\tPrint fileoffset of virtual address\n");
5761
printf(" --stringloc <string>\t\t\tPrint addr of null terminated string\n");
5862
printf(" --stringloc2 <string>\t\t\tPrint addr of not null terminated string\n");
@@ -85,6 +89,11 @@ struct fstruct {
8589
bool isString;
8690
};
8791

92+
struct mstruct {
93+
uint64_t addr;
94+
uint64_t size;
95+
};
96+
8897
MAINFUNCTION
8998
int main_r(int argc, const char * argv[]) {
9099
info("binrider: %s",VERSION_STRING);
@@ -144,7 +153,8 @@ int main_r(int argc, const char * argv[]) {
144153
}
145154
};
146155
std::vector<fstruct> memLocs;
147-
156+
std::vector<mstruct> derefLocs;
157+
148158
while ((opt = getopt_long(argc, (char * const*)argv, "hb:r:", longopts, &optindex)) >= 0) {
149159
switch (opt) {
150160
case 0:
@@ -156,6 +166,27 @@ int main_r(int argc, const char * argv[]) {
156166
brefs.refs.push_back(strtoll(optarg, NULL, 16));
157167
}else if (curopt == "cref") {
158168
crefs.refs.push_back(strtoll(optarg, NULL, 16));
169+
}else if (curopt == "derefmem" || curopt == "derefstr") {
170+
bool isString = (curopt == "derefstr");
171+
uint64_t addr = strtoull(optarg, NULL, 16);
172+
uint64_t memsize = 0;
173+
if (!isString){
174+
char *smem = strstr(optarg, ",");
175+
if (!smem) {
176+
error("Failed to parse derefmem size");
177+
return -1;
178+
}
179+
smem++;
180+
if (smem[0] == '0' && tolower(smem[1]) == 'x') {
181+
memsize = strtoull(smem, NULL, 16);
182+
}else{
183+
memsize = strtoull(smem, NULL, 10);
184+
}
185+
}
186+
derefLocs.push_back({
187+
.addr = addr,
188+
.size = memsize,
189+
});
159190
}else if (curopt == "fof") {
160191
fofs.refs.push_back(strtoll(optarg, NULL, 16));
161192
}else if (curopt.starts_with("stringloc")) {
@@ -335,6 +366,33 @@ int main_r(int argc, const char * argv[]) {
335366
}
336367
}
337368

369+
{
370+
//deref
371+
for (auto dm : derefLocs) {
372+
if (dm.size == 0) {
373+
printf("Deref string at 0x%08llx: ",dm.addr);
374+
try {
375+
const char *ms = (const char*)pf->memoryForLoc(dm.addr);
376+
printf("%s\n",ms);
377+
} catch (...) {
378+
printf("[FAILED]\n");
379+
}
380+
}else{
381+
printf("Deref mem at 0x%08llx: ",dm.addr);
382+
try {
383+
const uint8_t *mem = (const uint8_t*)pf->memoryForLoc(dm.addr);
384+
for (int i=0; i<dm.size; i++) {
385+
printf("%02x",mem[i]);
386+
}
387+
printf("\n");
388+
} catch (...) {
389+
printf("[FAILED]\n");
390+
}
391+
392+
}
393+
}
394+
}
395+
338396
info("done");
339397
return 0;
340398
}

0 commit comments

Comments
 (0)