From 521514b2041e9c53e613c6ce3172baffce5b873b Mon Sep 17 00:00:00 2001
From: Disconnect3d <dominik.b.czarnota@gmail.com>
Date: Mon, 3 Oct 2022 03:30:24 +0200
Subject: [PATCH] fix #1190: telescope -r with addr as count (#1198)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Before:
```
pwndbg> telescope -r 3
Traceback (most recent call last):
  File "/home/gsgx/code/pwndbg/pwndbg/commands/__init__.py", line 145, in __call__
    return self.function(*args, **kwargs)
  File "/home/gsgx/code/pwndbg/pwndbg/commands/__init__.py", line 216, in _OnlyWhenRunning
    return function(*a, **kw)
  File "/home/gsgx/code/pwndbg/pwndbg/commands/telescope.py", line 191, in telescope
    telescope.offset += i
UnboundLocalError: local variable 'i' referenced before assignment
```

After:
```
pwndbg> telescope -r 3
00:0000│         0x7fffffffe2b0 ◂— 0x0
01:0008│         0x7fffffffe2b8 —▸ 0x7ffff7fe32ea (_dl_start_user+50) ◂— lea    rdx, [rip - 0x1a2b1]
02:0010│ r13 rsp 0x7fffffffe2c0 ◂— 0x1
```
---
 pwndbg/commands/telescope.py    | 23 ++++++++++++-----------
 tests/test_command_telescope.py | 29 +++++++++++++++++++++++++++--
 2 files changed, 39 insertions(+), 13 deletions(-)

diff --git a/pwndbg/commands/telescope.py b/pwndbg/commands/telescope.py
index 579cf7c45..889fd7dd2 100644
--- a/pwndbg/commands/telescope.py
+++ b/pwndbg/commands/telescope.py
@@ -49,12 +49,6 @@ parser = argparse.ArgumentParser(
     ($sp by default)
     """
 )
-parser.add_argument(
-    "address", nargs="?", default=None, type=int, help="The address to telescope at."
-)
-parser.add_argument(
-    "count", nargs="?", default=telescope_lines, type=int, help="The number of lines to show."
-)
 parser.add_argument(
     "-r",
     "--reverse",
@@ -64,6 +58,14 @@ parser.add_argument(
     help="Show <count> previous addresses instead of next ones",
 )
 
+parser.add_argument(
+    "address", nargs="?", default=None, type=int, help="The address to telescope at."
+)
+
+parser.add_argument(
+    "count", nargs="?", default=telescope_lines, type=int, help="The number of lines to show."
+)
+
 
 @pwndbg.commands.ArgparsedCommand(parser)
 @pwndbg.commands.OnlyWhenRunning
@@ -84,15 +86,15 @@ def telescope(address=None, count=telescope_lines, to_string=False, reverse=Fals
     delimiter = T.delimiter(offset_delimiter)
     separator = T.separator(offset_separator)
 
-    # Allow invocation of telescope -r to dump previous addresses
-    if reverse:
-        address -= (count - 1) * ptrsize
-
     # Allow invocation of "telescope 20" to dump 20 bytes at the stack pointer
     if address < pwndbg.gdblib.memory.MMAP_MIN_ADDR and not pwndbg.gdblib.memory.peek(address):
         count = address
         address = pwndbg.gdblib.regs.sp
 
+    # Allow invocation of telescope -r to dump previous addresses
+    if reverse:
+        address -= (count - 1) * ptrsize
+
     # Allow invocation of "telescope a b" to dump all bytes from A to B
     if int(address) <= int(count):
         # adjust count if it is an address. use ceil division as count is number of
@@ -103,7 +105,6 @@ def telescope(address=None, count=telescope_lines, to_string=False, reverse=Fals
     reg_values = collections.defaultdict(lambda: [])
     for reg in pwndbg.gdblib.regs.common:
         reg_values[pwndbg.gdblib.regs[reg]].append(reg)
-    # address    = pwndbg.gdblib.memory.poi(pwndbg.gdblib.typeinfo.ppvoid, address)
 
     start = address
     stop = address + (count * ptrsize)
diff --git a/tests/test_command_telescope.py b/tests/test_command_telescope.py
index 937d8e807..a14dc66ca 100644
--- a/tests/test_command_telescope.py
+++ b/tests/test_command_telescope.py
@@ -1,5 +1,8 @@
+import re
+
 import gdb
 
+import pwndbg.gdblib
 import tests
 
 TELESCOPE_BINARY = tests.binaries.get("telescope_binary.out")
@@ -55,5 +58,27 @@ def test_command_telescope_n_records(start_binary):
 
     n = 3
     gdb.execute("entry")
-    result_str = gdb.execute("telescope $rsp {}".format(n), to_string=True)
-    assert len(result_str.strip("\n").split("\n")) == n
+    result = gdb.execute("telescope $rsp {}".format(n), to_string=True).strip().splitlines()
+    assert len(result) == n
+
+
+def test_telescope_command_with_address_as_count(start_binary):
+    start_binary(TELESCOPE_BINARY)
+
+    out = gdb.execute("telescope 2", to_string=True).splitlines()
+    rsp = pwndbg.gdblib.regs.rsp
+
+    assert len(out) == 2
+    assert out[0] == "00:0000│ rsp %#x ◂— 0x1" % rsp
+
+    expected = r"01:0008│     %#x —▸ 0x[0-9a-f]+ ◂— '%s'" % (rsp + 8, pwndbg.proc.exe)
+    assert re.search(expected, out[1])
+
+
+def test_telescope_command_with_address_as_count_and_reversed_flag(start_binary):
+    start_binary(TELESCOPE_BINARY)
+
+    out = gdb.execute("telescope -r 2", to_string=True).splitlines()
+    rsp = pwndbg.gdblib.regs.rsp
+
+    assert out == ["00:0000│     %#x ◂— 0x0" % (rsp - 8), "01:0008│ rsp %#x ◂— 0x1" % rsp]