lyc
/
pwndbg
mirror of https://github.com/pwndbg/pwndbg.git
1
0
Fork 0
Code Releases Activity

Convert all vmmap references to pwndbg.gdblib.vmmap

Browse Source
pull/1283/head
Gulshan Singh 3 years ago
parent 8b6deac4fd
commit e456b317d7
34 changed files with 102 additions and 93 deletions
Show Stats Download Patch File Download Diff File

4
docs/source/api/vmmap.rst
Unescape View File

@ -1,5 +1,5 @@
:mod:`pwndbg.vmmap` --- pwndbg.vmmap
:mod:`pwndbg.gdblib.vmmap` --- pwndbg.gdblib.vmmap
=============================================
.. automodule:: pwndbg.vmmap
.. automodule:: pwndbg.gdblib.vmmap
:members:

1
pwndbg/__init__.py
Unescape View File

@ -20,7 +20,6 @@ import pwndbg.exception
import pwndbg.heap
import pwndbg.lib.version
import pwndbg.ui
import pwndbg.vmmap
__version__ = pwndbg.lib.version.__version__
version = __version__

4
pwndbg/chain.py
Unescape View File

@ -8,7 +8,7 @@ import pwndbg.gdblib.abi
import pwndbg.gdblib.memory
import pwndbg.gdblib.symbol
import pwndbg.gdblib.typeinfo
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
LIMIT = pwndbg.gdblib.config.add_param(
"dereference-limit", 5, "max number of pointers to dereference in a chain"
@ -56,7 +56,7 @@ def get(
# Avoid redundant dereferences in bare metal mode by checking
# if address is in any of vmmap pages
if not pwndbg.gdblib.abi.linux and not pwndbg.vmmap.find(address):
if not pwndbg.gdblib.abi.linux and not pwndbg.gdblib.vmmap.find(address):
break
next_address = int(pwndbg.gdblib.memory.poi(pwndbg.gdblib.typeinfo.ppvoid, address))

4
pwndbg/color/memory.py
Unescape View File

@ -1,6 +1,6 @@
import pwndbg.color.theme as theme
import pwndbg.gdblib.config as config
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
from pwndbg.color import generateColorFunction
from pwndbg.color import normal
@ -51,7 +51,7 @@ def get(address, text=None):
"""
address = int(address)
page = pwndbg.vmmap.find(int(address))
page = pwndbg.gdblib.vmmap.find(int(address))
if page is None:
color = normal

4
pwndbg/commands/aslr.py
Unescape View File

@ -4,7 +4,7 @@ import gdb
import pwndbg.commands
import pwndbg.gdblib.proc
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
from pwndbg.color import message
options = {"on": "off", "off": "on"}
@ -33,7 +33,7 @@ def aslr(state=None):
if pwndbg.gdblib.proc.alive:
print("Change will take effect when the process restarts")
aslr, method = pwndbg.vmmap.check_aslr()
aslr, method = pwndbg.gdblib.vmmap.check_aslr()
if aslr is True:
status = message.on("ON")

2
pwndbg/commands/context.py
Unescape View File

@ -23,10 +23,10 @@ import pwndbg.gdblib.config
import pwndbg.gdblib.events
import pwndbg.gdblib.regs
import pwndbg.gdblib.symbol
import pwndbg.gdblib.vmmap
import pwndbg.ghidra
import pwndbg.ida
import pwndbg.ui
import pwndbg.vmmap
from pwndbg.color import message
from pwndbg.color import theme

2
pwndbg/commands/dt.py
Unescape View File

@ -3,7 +3,7 @@ import argparse
import pwndbg.color
import pwndbg.commands
import pwndbg.gdblib.dt
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
parser = argparse.ArgumentParser()
parser.description = """

4
pwndbg/commands/heap.py
Unescape View File

@ -143,7 +143,7 @@ def heap(addr=None, verbose=False, simple=False):
cursor = heap_region.start
else:
cursor = heap_region.start + allocator.heap_info.sizeof
if pwndbg.vmmap.find(allocator.get_heap(heap_region.start)["ar_ptr"]) == heap_region:
if pwndbg.gdblib.vmmap.find(allocator.get_heap(heap_region.start)["ar_ptr"]) == heap_region:
# Round up to a 2-machine-word alignment after an arena to
# compensate for the presence of the have_fastchunks variable
# in GLIBC versions >= 2.27.
@ -642,7 +642,7 @@ def vis_heap_chunks(addr=None, count=None, naive=None, display_all=None):
cursor = heap_region.start
else:
cursor = heap_region.start + allocator.heap_info.sizeof
if pwndbg.vmmap.find(allocator.get_heap(heap_region.start)["ar_ptr"]) == heap_region:
if pwndbg.gdblib.vmmap.find(allocator.get_heap(heap_region.start)["ar_ptr"]) == heap_region:
# Round up to a 2-machine-word alignment after an arena to
# compensate for the presence of the have_fastchunks variable
# in GLIBC versions >= 2.27.

2
pwndbg/commands/hexdump.py
Unescape View File

@ -28,7 +28,7 @@ def address_or_module_name(s):
gdbval_or_str = pwndbg.commands.sloppy_gdb_parse(s)
if isinstance(gdbval_or_str, str):
module_name = gdbval_or_str
pages = list(filter(lambda page: module_name in page.objfile, pwndbg.vmmap.get()))
pages = list(filter(lambda page: module_name in page.objfile, pwndbg.gdblib.vmmap.get()))
if pages:
return pages[0].vaddr
else:

8
pwndbg/commands/leakfind.py
Unescape View File

@ -11,7 +11,7 @@ import pwndbg.color.chain as C
import pwndbg.color.memory as M
import pwndbg.color.message as message
import pwndbg.commands
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
from pwndbg.chain import config_arrow_right
@ -19,7 +19,7 @@ from pwndbg.chain import config_arrow_right
# addr is a pointer. It is taken to be a child pointer.
# visited_map is a map of children -> (parent,parent_start)
def get_rec_addr_string(addr, visited_map):
page = pwndbg.vmmap.find(addr)
page = pwndbg.gdblib.vmmap.find(addr)
arrow_right = C.arrow(" %s " % config_arrow_right)
if page is not None:
@ -103,7 +103,7 @@ def leakfind(
):
if address is None:
raise argparse.ArgumentTypeError("No starting address provided.")
foundPages = pwndbg.vmmap.find(address)
foundPages = pwndbg.gdblib.vmmap.find(address)
if not foundPages:
raise argparse.ArgumentTypeError("Starting address is not mapped.")
@ -165,7 +165,7 @@ def leakfind(
arrow_right = C.arrow(" %s " % config_arrow_right)
for child in visited_map:
child_page = pwndbg.vmmap.find(child)
child_page = pwndbg.gdblib.vmmap.find(child)
if child_page is not None:
if page_name is not None and page_name not in child_page.objfile:
continue

2
pwndbg/commands/misc.py
Unescape View File

@ -40,7 +40,7 @@ def errno_(err):
errno_loc_gotplt = pwndbg.gdblib.symbol.address("__errno_location@got.plt")
# If the got.plt entry is not there (is None), it means the symbol is not used by the binary
if errno_loc_gotplt is None or pwndbg.vmmap.find(
if errno_loc_gotplt is None or pwndbg.gdblib.vmmap.find(
pwndbg.gdblib.memory.pvoid(errno_loc_gotplt)
):
err = int(gdb.parse_and_eval("*((int *(*) (void)) __errno_location) ()"))

4
pwndbg/commands/nearpc.py
Unescape View File

@ -15,10 +15,10 @@ import pwndbg.gdblib.config
import pwndbg.gdblib.regs
import pwndbg.gdblib.strings
import pwndbg.gdblib.symbol
import pwndbg.gdblib.vmmap
import pwndbg.ida
import pwndbg.lib.functions
import pwndbg.ui
import pwndbg.vmmap
from pwndbg.color import message
@ -120,7 +120,7 @@ def nearpc(pc=None, lines=None, to_string=False, emulate=False):
# In case $pc is in a new map we don't know about,
# this will trigger an exploratory search.
pwndbg.vmmap.find(pc)
pwndbg.gdblib.vmmap.find(pc)
# Gather all addresses and symbols for each instruction
symbols = [pwndbg.gdblib.symbol.get(i.address) for i in instructions]

4
pwndbg/commands/p2p.py
Unescape View File

@ -20,7 +20,7 @@ class AddrRange:
def get_addrrange_any_named():
return [AddrRange(page.start, page.end) for page in pwndbg.vmmap.get()]
return [AddrRange(page.start, page.end) for page in pwndbg.gdblib.vmmap.get()]
def guess_numbers_base(num: str):
@ -63,7 +63,7 @@ def address_range(section):
if ":" in section:
return [address_range_explicit(section)]
pages = list(filter(lambda page: section in page.objfile, pwndbg.vmmap.get()))
pages = list(filter(lambda page: section in page.objfile, pwndbg.gdblib.vmmap.get()))
if pages:
return [AddrRange(page.start, page.end) for page in pages]

4
pwndbg/commands/pie.py
Unescape View File

@ -6,7 +6,7 @@ import gdb
import pwndbg.auxv
import pwndbg.color.message as message
import pwndbg.commands
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
def get_exe_name():
@ -42,7 +42,7 @@ def get_exe_name():
def translate_addr(offset, module):
mod_filter = lambda page: module in page.objfile
pages = list(filter(mod_filter, pwndbg.vmmap.get()))
pages = list(filter(mod_filter, pwndbg.gdblib.vmmap.get()))
if not pages:
print(

6
pwndbg/commands/probeleak.py
Unescape View File

@ -9,17 +9,17 @@ import pwndbg.color.message as message
import pwndbg.commands
import pwndbg.gdblib.arch
import pwndbg.gdblib.elf
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
def find_module(addr, max_distance):
mod_filter = lambda page: page.start <= addr < page.end
pages = list(filter(mod_filter, pwndbg.vmmap.get()))
pages = list(filter(mod_filter, pwndbg.gdblib.vmmap.get()))
if not pages:
if max_distance != 0:
mod_filter = lambda page: page.start - max_distance <= addr < page.end + max_distance
pages = list(filter(mod_filter, pwndbg.vmmap.get()))
pages = list(filter(mod_filter, pwndbg.gdblib.vmmap.get()))
if not pages:
return None

2
pwndbg/commands/rop.py
Unescape View File

@ -6,7 +6,7 @@ import tempfile
import gdb
import pwndbg.commands
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
parser = argparse.ArgumentParser(
description="Dump ROP gadgets with Jon Salwan's ROPgadget tool.",

2
pwndbg/commands/ropper.py
Unescape View File

@ -5,7 +5,7 @@ import tempfile
import gdb
import pwndbg.commands
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
parser = argparse.ArgumentParser(
description="ROP gadget search with ropper.",

6
pwndbg/commands/search.py
Unescape View File

@ -10,8 +10,8 @@ import pwndbg.commands
import pwndbg.enhance
import pwndbg.gdblib.arch
import pwndbg.gdblib.config
import pwndbg.gdblib.vmmap
import pwndbg.search
import pwndbg.vmmap
from pwndbg.color import message
saved = set() # type:Set[int]
@ -26,7 +26,7 @@ def print_search_hit(address):
if not address:
return
vmmap = pwndbg.vmmap.find(address)
vmmap = pwndbg.gdblib.vmmap.find(address)
if vmmap:
region = os.path.basename(vmmap.objfile)
else:
@ -179,7 +179,7 @@ def search(type, hex, executable, writable, value, mapping_name, save, next, tru
value += b"\x00"
# Find the mappings that we're looking for
mappings = pwndbg.vmmap.get()
mappings = pwndbg.gdblib.vmmap.get()
if mapping_name:
mappings = [m for m in mappings if mapping_name in m.objfile]

4
pwndbg/commands/stack.py
Unescape View File

@ -4,14 +4,14 @@ import pwndbg.chain
import pwndbg.commands
import pwndbg.gdblib.arch
import pwndbg.gdblib.regs
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
@pwndbg.commands.ArgparsedCommand("Print out the stack addresses that contain return addresses.")
@pwndbg.commands.OnlyWhenRunning
def retaddr():
sp = pwndbg.gdblib.regs.sp
stack = pwndbg.vmmap.find(sp)
stack = pwndbg.gdblib.vmmap.find(sp)
# Enumerate all return addresses
frame = gdb.newest_frame()

10
pwndbg/commands/vmmap.py
Unescape View File

@ -10,7 +10,7 @@ from elftools.elf.elffile import ELFFile
import pwndbg.color.memory as M
import pwndbg.commands
import pwndbg.gdblib.elf
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
integer_types = (int, gdb.Value)
@ -62,7 +62,7 @@ parser.add_argument("-x", "--executable", action="store_true", help="Display exe
@pwndbg.commands.ArgparsedCommand(parser, aliases=["lm", "address", "vprot"])
@pwndbg.commands.OnlyWhenRunning
def vmmap(gdbval_or_str=None, writable=False, executable=False):
pages = pwndbg.vmmap.get()
pages = pwndbg.gdblib.vmmap.get()
if gdbval_or_str:
pages = list(filter(pages_filter(gdbval_or_str), pages))
@ -117,14 +117,14 @@ def vmmap_add(start, size, flags, offset):
perm |= flag_val
page = pwndbg.lib.memory.Page(start, size, perm, offset)
pwndbg.vmmap.add_custom_page(page)
pwndbg.gdblib.vmmap.add_custom_page(page)
print("%r added" % page)
@pwndbg.commands.ArgparsedCommand("Clear the vmmap cache.") # TODO is this accurate?
def vmmap_clear():
pwndbg.vmmap.clear_custom_page()
pwndbg.gdblib.vmmap.clear_custom_page()
parser = argparse.ArgumentParser()
@ -173,5 +173,5 @@ def vmmap_load(filename):
pages.append(page)
for page in pages:
pwndbg.vmmap.add_custom_page(page)
pwndbg.gdblib.vmmap.add_custom_page(page)
print("%r added" % page)

8
pwndbg/commands/xinfo.py
Unescape View File

@ -7,7 +7,7 @@ import pwndbg.gdblib.config
import pwndbg.gdblib.memory
import pwndbg.gdblib.regs
import pwndbg.gdblib.stack
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
import pwndbg.wrappers
parser = argparse.ArgumentParser(
@ -35,7 +35,7 @@ def xinfo_stack(page, addr):
sp = pwndbg.gdblib.regs.sp
frame = pwndbg.gdblib.regs[pwndbg.gdblib.regs.frame]
frame_mapping = pwndbg.vmmap.find(frame)
frame_mapping = pwndbg.gdblib.vmmap.find(frame)
print_line("Stack Top", addr, page.vaddr, addr - page.vaddr, "+")
print_line("Stack End", addr, page.end, page.end - addr, "-")
@ -63,7 +63,7 @@ def xinfo_mmap_file(page, addr):
# to beginning of file in memory and on disk
file_name = page.objfile
objpages = filter(lambda p: p.objfile == file_name, pwndbg.vmmap.get())
objpages = filter(lambda p: p.objfile == file_name, pwndbg.gdblib.vmmap.get())
first = sorted(objpages, key=lambda p: p.vaddr)[0]
# print offset from ELF base load address
@ -112,7 +112,7 @@ def xinfo(address=None):
addr = int(address)
addr &= pwndbg.gdblib.arch.ptrmask
page = pwndbg.vmmap.find(addr)
page = pwndbg.gdblib.vmmap.find(addr)
if page is None:
print("\n Virtual address {:#x} is not mapped.".format(addr))

2
pwndbg/enhance.py
Unescape View File

@ -60,7 +60,7 @@ def enhance(value, code=True, safe_linking=False):
value = int(value)
name = pwndbg.gdblib.symbol.get(value) or None
page = pwndbg.vmmap.find(value)
page = pwndbg.gdblib.vmmap.find(value)
# If it's not in a page we know about, try to dereference
# it anyway just to test.

1
pwndbg/gdblib/__init__.py
Unescape View File

@ -27,3 +27,4 @@ def load_gdblib():
import pwndbg.gdblib.regs
import pwndbg.gdblib.symbol
import pwndbg.gdblib.typeinfo
import pwndbg.gdblib.vmmap

4
pwndbg/gdblib/elf.py
Unescape View File

@ -240,7 +240,7 @@ def get_ehdr(pointer):
if pwndbg.gdblib.qemu.is_qemu():
return None, None
vmmap = pwndbg.vmmap.find(pointer)
vmmap = pwndbg.gdblib.vmmap.find(pointer)
base = None
# If there is no vmmap for the requested address, we can't do much
@ -255,7 +255,7 @@ def get_ehdr(pointer):
# The page did not have ELF magic; it may be that .text and binary start are split
# into two pages, so let's get the first page from the pointer's page objfile
else:
for v in pwndbg.vmmap.get():
for v in pwndbg.gdblib.vmmap.get():
if v.objfile == vmmap.objfile:
vmmap = v
break

2
pwndbg/gdblib/next.py
Unescape View File

@ -140,7 +140,7 @@ def break_on_program_code():
"""
exe = pwndbg.gdblib.proc.exe
binary_exec_page_ranges = tuple(
(p.start, p.end) for p in pwndbg.vmmap.get() if p.objfile == exe and p.execute
(p.start, p.end) for p in pwndbg.gdblib.vmmap.get() if p.objfile == exe and p.execute
)
pc = pwndbg.gdblib.regs.pc

10
pwndbg/gdblib/symbol.py
Unescape View File

@ -23,9 +23,9 @@ import pwndbg.gdblib.memory
import pwndbg.gdblib.qemu
import pwndbg.gdblib.remote
import pwndbg.gdblib.stack
import pwndbg.gdblib.vmmap
import pwndbg.ida
import pwndbg.lib.memoize
import pwndbg.vmmap
def _get_debug_file_directory():
@ -87,7 +87,7 @@ def _autofetch():
if remote_files_dir not in _get_debug_file_directory().split(":"):
_add_debug_file_directory(remote_files_dir)
for mapping in pwndbg.vmmap.get():
for mapping in pwndbg.gdblib.vmmap.get():
objfile = mapping.objfile
# Don't attempt to download things like '[stack]' and '[heap]'
@ -118,7 +118,7 @@ def _autofetch():
_remote_files[objfile] = local_path
base = None
for mapping in pwndbg.vmmap.get():
for mapping in pwndbg.gdblib.vmmap.get():
if mapping.objfile != objfile:
continue
@ -167,7 +167,7 @@ def get(address: int, gdb_only=False) -> str:
address = int(address)
exe = pwndbg.gdblib.elf.exe()
if exe:
exe_map = pwndbg.vmmap.find(exe.address)
exe_map = pwndbg.gdblib.vmmap.find(exe.address)
if exe_map and address in exe_map:
res = pwndbg.ida.Name(address) or pwndbg.ida.GetFuncOffset(address)
return res or ""
@ -265,7 +265,7 @@ def _add_main_exe_to_symbols():
addr = int(addr)
mmap = pwndbg.vmmap.find(addr)
mmap = pwndbg.gdblib.vmmap.find(addr)
if not mmap:
return

5
pwndbg/gdblib/tls.py
Unescape View File

@ -11,7 +11,7 @@ import pwndbg.gdblib.arch
import pwndbg.gdblib.memory
import pwndbg.gdblib.regs
import pwndbg.gdblib.symbol
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
class module(ModuleType):
@ -97,7 +97,8 @@ class module(ModuleType):
# For arm (32-bit), we doesn't have other choice
# Note: aarch64 seems doesn't have this issue
is_valid_tls_base = (
pwndbg.vmmap.find(tls_base) is not None and tls_base % pwndbg.gdblib.arch.ptrsize == 0
pwndbg.gdblib.vmmap.find(tls_base) is not None
and tls_base % pwndbg.gdblib.arch.ptrsize == 0
)
return tls_base if is_valid_tls_base else self.get_tls_base_via_errno_location()

50
pwndbg/heap/ptmalloc.py
Unescape View File

@ -10,9 +10,9 @@ import pwndbg.gdblib.events
import pwndbg.gdblib.symbol
import pwndbg.gdblib.tls
import pwndbg.gdblib.typeinfo
import pwndbg.gdblib.vmmap
import pwndbg.glibc
import pwndbg.search
import pwndbg.vmmap
from pwndbg.color import message
from pwndbg.constants import ptmalloc
from pwndbg.heap import heap_chain_limit
@ -264,7 +264,7 @@ class HeapInfo:
def __str__(self):
fmt = "[%%%ds]" % (pwndbg.gdblib.arch.ptrsize * 2)
return message.hint(fmt % (hex(self.first_chunk))) + M.heap(
str(pwndbg.vmmap.find(self.addr))
str(pwndbg.gdblib.vmmap.find(self.addr))
)
@ -529,7 +529,7 @@ class Heap(pwndbg.heap.heap.BaseHeap):
def get_region(self, addr):
"""Find the memory map containing 'addr'."""
return pwndbg.vmmap.find(addr)
return pwndbg.gdblib.vmmap.find(addr)
def fastbin_index(self, size):
if pwndbg.gdblib.arch.ptrsize == 8:
@ -890,7 +890,7 @@ class DebugSymsHeap(Heap):
return (
None
if pwndbg.vmmap.find(arena_addr) is None
if pwndbg.gdblib.vmmap.find(arena_addr) is None
else pwndbg.gdblib.memory.poi(self.malloc_state, arena_addr)
)
@ -956,11 +956,11 @@ class HeuristicHeap(Heap):
def possible_page_of_symbols(self):
if self._possible_page_of_symbols is None:
if pwndbg.glibc.get_got_plt_address() > 0:
self._possible_page_of_symbols = pwndbg.vmmap.find(
self._possible_page_of_symbols = pwndbg.gdblib.vmmap.find(
pwndbg.glibc.get_got_plt_address()
)
elif pwndbg.gdblib.symbol.address("_IO_list_all"):
self._possible_page_of_symbols = pwndbg.vmmap.find(
self._possible_page_of_symbols = pwndbg.gdblib.vmmap.find(
pwndbg.gdblib.symbol.address("_IO_list_all")
)
return self._possible_page_of_symbols
@ -975,7 +975,7 @@ class HeuristicHeap(Heap):
return False
_IO_list_all_addr = pwndbg.gdblib.symbol.address("_IO_list_all")
if _IO_list_all_addr:
return addr in pwndbg.vmmap.find(_IO_list_all_addr) and addr > _IO_list_all_addr
return addr in pwndbg.gdblib.vmmap.find(_IO_list_all_addr) and addr > _IO_list_all_addr
# We trust that symbol is from GLIBC :)
return True
@ -1059,7 +1059,7 @@ class HeuristicHeap(Heap):
self._main_arena_addr = offset + instr.address + 4
# Try to search main_arena in .data of libc if we can't find it via above trick
if not self._main_arena_addr or pwndbg.vmmap.find(self._main_arena_addr) is None:
if not self._main_arena_addr or pwndbg.gdblib.vmmap.find(self._main_arena_addr) is None:
start = pwndbg.gdblib.symbol.address("_IO_2_1_stdin_")
end = pwndbg.gdblib.symbol.address("_IO_list_all")
# If we didn't have these symbols, we try to find them in the possible page
@ -1100,7 +1100,7 @@ class HeuristicHeap(Heap):
if found:
break
if self._main_arena_addr and pwndbg.vmmap.find(self._main_arena_addr):
if self._main_arena_addr and pwndbg.gdblib.vmmap.find(self._main_arena_addr):
self._main_arena = self.malloc_state(self._main_arena_addr)
return self._main_arena
@ -1133,13 +1133,14 @@ class HeuristicHeap(Heap):
is_valid_address = 0 < thread_arena_via_symbol - tls_base < 0x250
is_valid_address = (
is_valid_address and thread_arena_via_symbol in pwndbg.vmmap.find(tls_base)
is_valid_address
and thread_arena_via_symbol in pwndbg.gdblib.vmmap.find(tls_base)
)
if is_valid_address:
thread_arena_struct_addr = pwndbg.gdblib.memory.u(thread_arena_via_symbol)
# Check &thread_arena is a valid address or not to avoid false positive.
if pwndbg.vmmap.find(thread_arena_struct_addr):
if pwndbg.gdblib.vmmap.find(thread_arena_struct_addr):
return thread_arena_struct_addr
if not self._thread_arena_offset and pwndbg.gdblib.symbol.address("__libc_calloc"):
@ -1264,7 +1265,7 @@ class HeuristicHeap(Heap):
tls_base = pwndbg.gdblib.tls.address
if tls_base:
thread_arena_struct_addr = tls_base + self._thread_arena_offset
if pwndbg.vmmap.find(thread_arena_struct_addr):
if pwndbg.gdblib.vmmap.find(thread_arena_struct_addr):
return pwndbg.gdblib.memory.pvoid(thread_arena_struct_addr)
raise SymbolUnresolvableError("thread_arena")
@ -1296,7 +1297,8 @@ class HeuristicHeap(Heap):
is_valid_address = 0 < thread_cache_via_symbol - tls_base < 0x250
is_valid_address = (
is_valid_address and thread_cache_via_symbol in pwndbg.vmmap.find(tls_base)
is_valid_address
and thread_cache_via_symbol in pwndbg.gdblib.vmmap.find(tls_base)
)
if is_valid_address:
@ -1471,7 +1473,7 @@ class HeuristicHeap(Heap):
tls_base + self._thread_cache_offset
)
if (
pwndbg.vmmap.find(thread_cache_struct_addr)
pwndbg.gdblib.vmmap.find(thread_cache_struct_addr)
and thread_cache_struct_addr in self.get_heap_boundaries()
):
self._thread_cache = self.tcache_perthread_struct(thread_cache_struct_addr)
@ -1487,7 +1489,10 @@ class HeuristicHeap(Heap):
cursor = heap_region.start
else:
cursor = heap_region.start + self.heap_info.sizeof
if pwndbg.vmmap.find(self.get_heap(heap_region.start)["ar_ptr"]) == heap_region:
if (
pwndbg.gdblib.vmmap.find(self.get_heap(heap_region.start)["ar_ptr"])
== heap_region
):
# Round up to a 2-machine-word alignment after an arena to
# compensate for the presence of the have_fastchunks variable
# in GLIBC versions >= 2.27.
@ -1618,7 +1623,7 @@ class HeuristicHeap(Heap):
# can't find the reference about mp_ in __libc_free, try to find it with heap boundaries of main_arena
if (
not self._mp_addr
or pwndbg.vmmap.find(self._mp_addr) is None
or pwndbg.gdblib.vmmap.find(self._mp_addr) is None
and self.possible_page_of_symbols
):
libc_page = self.possible_page_of_symbols
@ -1633,7 +1638,7 @@ class HeuristicHeap(Heap):
region = self.get_region(arena["top"])
else:
# If we can't find main_arena via heuristics, try to find it via vmmap
region = next(p for p in pwndbg.vmmap.get() if "heap]" in p.objfile)
region = next(p for p in pwndbg.gdblib.vmmap.get() if "heap]" in p.objfile)
possible_sbrk_base = region.start
sbrk_offset = self.malloc_par(0).get_field_address("sbrk_base")
@ -1648,7 +1653,7 @@ class HeuristicHeap(Heap):
except StopIteration:
pass
if self._mp_addr and pwndbg.vmmap.find(self._mp_addr) is not None:
if self._mp_addr and pwndbg.gdblib.vmmap.find(self._mp_addr) is not None:
self._mp = self.malloc_par(self._mp_addr)
return self._mp
@ -1781,7 +1786,7 @@ class HeuristicHeap(Heap):
elif instr.mnemonic == "ldr" and "[pc" in instr.op_str:
ldr_instr = instr
if self._global_max_fast_addr and pwndbg.vmmap.find(self._global_max_fast_addr):
if self._global_max_fast_addr and pwndbg.gdblib.vmmap.find(self._global_max_fast_addr):
self._global_max_fast = pwndbg.gdblib.memory.u(self._global_max_fast_addr)
return self._global_max_fast
@ -1857,7 +1862,7 @@ class HeuristicHeap(Heap):
region = self.get_region(addr) if addr else self.get_region(self.get_arena()["top"])
else:
# If we can't find an arena via heuristics, try to find it via vmmap
region = next(p for p in pwndbg.vmmap.get() if "heap]" in p.objfile)
region = next(p for p in pwndbg.gdblib.vmmap.get() if "heap]" in p.objfile)
# Occasionally, the [heap] vm region and the actual start of the heap are
# different, e.g. [heap] starts at 0x61f000 but mp_.sbrk_base is 0x620000.
@ -1877,4 +1882,7 @@ class HeuristicHeap(Heap):
def is_initialized(self):
# TODO/FIXME: If main_arena['top'] is been modified to 0, this will not work.
# try to use vmmap or main_arena.top to find the heap
return any("heap]" in x.objfile for x in pwndbg.vmmap.get()) or self.main_arena["top"] != 0
return (
any("heap]" in x.objfile for x in pwndbg.gdblib.vmmap.get())
or self.main_arena["top"] != 0
)

4
pwndbg/search.py
Unescape View File

@ -7,7 +7,7 @@ import gdb
import pwndbg.gdblib.arch
import pwndbg.gdblib.memory
import pwndbg.gdblib.typeinfo
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
def search(searchfor, mappings=None, start=None, end=None, executable=False, writable=False):
@ -27,7 +27,7 @@ def search(searchfor, mappings=None, start=None, end=None, executable=False, wri
"""
i = gdb.selected_inferior()
maps = mappings or pwndbg.vmmap.get()
maps = mappings or pwndbg.gdblib.vmmap.get()
if end and start:
assert start < end, "Last address to search must be greater then first address"

18
tests/heap/test_heap_bins.py
Unescape View File

@ -2,8 +2,8 @@ import gdb
import pwndbg.gdblib.memory
import pwndbg.gdblib.symbol
import pwndbg.gdblib.vmmap
import pwndbg.heap
import pwndbg.vmmap
import tests
BINARY = tests.binaries.get("heap_bins.out")
@ -76,7 +76,7 @@ def test_heap_bins(start_binary):
result[tcache_size][1] == tcache_count and len(result[tcache_size][0]) == tcache_count + 1
)
for addr in result[tcache_size][0][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
# check fastbin
gdb.execute("continue")
@ -85,7 +85,7 @@ def test_heap_bins(start_binary):
assert result["type"] == "fastbins"
assert (fastbin_size in result) and (len(result[fastbin_size]) == fastbin_count + 1)
for addr in result[fastbin_size][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
# check unsortedbin
gdb.execute("continue")
@ -97,9 +97,9 @@ def test_heap_bins(start_binary):
)
assert not result["all"][2]
for addr in result["all"][0][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
for addr in result["all"][1][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
# check smallbins
gdb.execute("continue")
@ -112,9 +112,9 @@ def test_heap_bins(start_binary):
)
assert not result[smallbin_size][2]
for addr in result[smallbin_size][0][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
for addr in result[smallbin_size][1][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
# check largebins
gdb.execute("continue")
@ -127,9 +127,9 @@ def test_heap_bins(start_binary):
)
assert not result[largebin_size][2]
for addr in result[largebin_size][0][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
for addr in result[largebin_size][1][:-1]:
assert pwndbg.vmmap.find(addr)
assert pwndbg.gdblib.vmmap.find(addr)
# check corrupted
gdb.execute("continue")

2
tests/heap/test_vis_heap_chunks.py
Unescape View File

@ -13,7 +13,7 @@ def test_vis_heap_chunk_command(start_binary):
# TODO/FIXME: Shall we have a standard method to do this kind of filtering?
# Note that we have `pages_filter` in pwndbg/pwndbg/commands/vmmap.py heh
heap_page = next(page for page in pwndbg.vmmap.get() if page.objfile == "[heap]")
heap_page = next(page for page in pwndbg.gdblib.vmmap.get() if page.objfile == "[heap]")
first_chunk_size = pwndbg.gdblib.memory.u64(heap_page.start + pwndbg.gdblib.arch.ptrsize)

6
tests/test_commands_next.py
Unescape View File

@ -24,16 +24,16 @@ def test_command_nextproginstr(start_binary):
# Sanity check
exec_bin_pages = [
p for p in pwndbg.vmmap.get() if p.objfile == pwndbg.gdblib.proc.exe and p.execute
p for p in pwndbg.gdblib.vmmap.get() if p.objfile == pwndbg.gdblib.proc.exe and p.execute
]
assert any(pwndbg.gdblib.regs.pc in p for p in exec_bin_pages)
main_page = pwndbg.vmmap.find(pwndbg.gdblib.regs.pc)
main_page = pwndbg.gdblib.vmmap.find(pwndbg.gdblib.regs.pc)
gdb.execute("break puts")
gdb.execute("continue")
# Sanity check that we are in libc
assert "libc" in pwndbg.vmmap.find(pwndbg.gdblib.regs.rip).objfile
assert "libc" in pwndbg.gdblib.vmmap.find(pwndbg.gdblib.regs.rip).objfile
# Execute nextproginstr and see if we came back to the same vmmap page
gdb.execute("nextproginstr")

2
tests/test_hexdump.py
Unescape View File

@ -4,7 +4,7 @@ from pwnlib.util.cyclic import cyclic
import pwndbg.gdblib.config
import pwndbg.gdblib.memory
import pwndbg.gdblib.regs
import pwndbg.vmmap
import pwndbg.gdblib.vmmap
import tests
BINARY = tests.binaries.get("reference-binary.out")

2
tests/test_windbg.py
Unescape View File

@ -287,7 +287,7 @@ def test_windbg_eX_commands(start_binary):
#########################################
# e.g. when we make a write to the last stack address
stack_ea = pwndbg.gdblib.regs[pwndbg.gdblib.regs.stack]
stack_page = pwndbg.vmmap.find(stack_ea)
stack_page = pwndbg.gdblib.vmmap.find(stack_ea)
# Last possible address on stack where we can perform an 8-byte write
stack_last_qword_ea = stack_page.end - 8

Write Preview
Loading…
Cancel
Save