Get sane string behavior by implementing pwndbg.memory.string

10 years ago · 2f9db4dd4f
parent 0ab757490f
commit 2f9db4dd4f
3 changed files with 15 additions and 9 deletions
--- a/pwndbg/auxv.py
+++ b/pwndbg/auxv.py
@ -248,4 +248,5 @@ def get_execfn():
        addr -= 1

    v = pwndbg.strings.get(addr, 1024)
-    return os.path.abspath(v)
+    if v:
+        return os.path.abspath(v)
--- a/pwndbg/memory.py
+++ b/pwndbg/memory.py
@ -68,6 +68,16 @@ def poke(address):
    except: return False
    return True

+def string(addr):
+    data = bytearray()
+    while peek(addr):
+        byte = read(addr, 1)
+        if byte == b'\x00':
+            break
+        data += byte
+        addr += 1
+    return data
+
 def byte(addr):   return readtype(pwndbg.typeinfo.uchar, addr)
 def uchar(addr):  return readtype(pwndbg.typeinfo.uchar, addr)
 def ushort(addr): return readtype(pwndbg.typeinfo.ushort, addr)
--- a/pwndbg/strings.py
+++ b/pwndbg/strings.py
@ -9,6 +9,7 @@ import string

 import gdb
 import pwndbg.events
+import pwndbg.memory
 import pwndbg.typeinfo

 length = 15
@ -32,20 +33,14 @@ def get(address, maxlen = None):
        maxlen = length

    try:
-        sz = gdb.Value(address)
-        sz = sz.cast(pwndbg.typeinfo.pchar)
-        sz = sz.string('ascii', 'replace', maxlen)
-        sz = pwndbg.memory.read(address, len(sz))
-        sz = sz.rstrip('\x00')
+        sz = pwndbg.memory.string(address)
+        sz = sz.decode('latin-1', 'replace')

        if not sz or not all(s in string.printable for s in sz):
            return None
-
-        sz = str(sz)
    except Exception as e:
        return None

-
    if len(sz) < maxlen:
    	return sz