-
Notifications
You must be signed in to change notification settings - Fork 224
/
KnowledgeBase.h
390 lines (362 loc) · 13.6 KB
/
KnowledgeBase.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
//---------------------------------------------------------------------------
#ifndef KnowledgeBaseH
#define KnowledgeBaseH
//---------------------------------------------------------------------------
#include <stdio.h>
//---------------------------------------------------------------------------
//Èíôîðìàöèÿ î ñìåùåíèÿõ èìåí è äàííûõ
typedef struct
{
DWORD Offset;
DWORD Size;
int ModId; //Modules
int NamId; //Names
} OFFSETSINFO, *POFFSETSINFO;
//Fixup info
typedef struct
{
BYTE Type; //'A' - ADR, 'J' - JMP, 'D' - DAT
DWORD Ofs; //Ñìåùåíèå îòíîñèòåëüíî íà÷àëà äàìïà
char *Name;
} FIXUPINFO, *PFIXUPINFO;
/*
ModuleDataTable
---------------
//Ñîñòîèò èç ModuleCount çàïèñåé âèäà
WORD ID;
PSTR ModuleName;
PSTR Filename;
WORD UsesNum;
WORD UsesID[UsesNum]; //Ìàññèâ èäåíòèôèêàòîðîâ ìîäóëåé
PSTR UsesNames[UsesNum]; //Ìàññèâ èìåí ìîäóëåé
ConstDataTable
--------------
//Ñîñòîèò èç ModuleCount çàïèñåé âèäà
WORD ModuleID;
PSTR ConstName;
BYTE Type; //'C'-ConstDecl, 'P'-PDecl (VMT), 'V'-VarCDecl
PSTR TypeDef; //Òèï
PSTR Value; //Çíà÷åíèå
DWORD DumpTotal; //Îáùèé ðàçìåð äàìïà (äàìï+ðåëîêè+ôèêñàïû)
DWORD DumpSize; //Ðàçìåð áèíàðíîãî äàìïà (RTTI)
DWORD FixupNum; //Êîëè÷åñòâî ôèêñàïîâ äàìïà
BYTE Dump[DumpSize]; //Áèíàðíûé äàìï (RTTI)
BYTE Relocs[DumpSize];
FIXUPINFO Fixups[FixupNum]; //Ìàññèâ ôèêñàïîâ
TypeDataTable
-------------
//Ñîñòîèò èç TypeCount çàïèñåé âèäà
DWORD Size; //Size of Type
WORD ModuleID;
PSTR TypeName;
BYTE Kind; //drArrayDef,...,drVariantDef (ñì. íà÷àëî)
DWORD VMCnt; //Êîëè÷åñòâî ýëåìåíòîâ VMT (íà÷èíàÿ ñ 0)
PSTR Decl; //Äåêëàðàöèÿ
DWORD DumpTotal; //Îáùèé ðàçìåð äàìïà (äàìï+ðåëîêè+ôèêñàïû)
DWORD DumpSize; //Ðàçìåð áèíàðíîãî äàìïà (RTTI)
DWORD FixupNum; //Êîëè÷åñòâî ôèêñàïîâ äàìïà
BYTE Dump[DumpSize]; //Áèíàðíûé äàìï (RTTI)
BYTE Relocs[DumpSize];
FIXUPINFO Fixups[FixupNum]; //Ôèêñàïû
DWORD FieldsTotal; //Îáùèé ðàçìåð äàííûõ ïîëåé
WORD FieldsNum; //Êîëè÷åñòâî ïîëåé (class, interface, record)
FIELDINFO Fields[FieldNum]; //Ïîëÿ
DWORD PropsTotal; //Îáùèé ðàçìåð äàííûõ ñâîéñòâ
WORD PropsNum; //Êîëè÷åñòâî ñâîéñòâ (class, interface)
PROPERTYINFO Props[PropNum]; //Ñâîéñòâà
DWORD MethodsTotal; //Îáùèé ðàçìåð äàííûõ ìåòîäîâ
WORD MethodsNum; //Êîëè÷åñòâî ìåòîäîâ (class, interface)
METHODINFO Methods[MethodNum]; //Ìåòîäû
VarDataTable
------------
//Ñîñòîèò èç VarCount çàïèñåé âèäà
WORD ModuleID;
PSTR VarName;
BYTE Type; //'V'-Var;'A'-AbsVar;'S'-SpecVar;'T'-ThreadVar
PSTR TypeDef;
PSTR AbsName; //Äëÿ êëþ÷åâîãî ñëîâà absolute
ResStrDataTable
---------------
//Ñîñòîèò èç ResStrCount çàïèñåé âèäà
WORD ModuleID;
PSTR ResStrName;
PSTR TypeDef;
PSTR Context;
ProcDataTable
-------------
//Contains ProcCount structures:
WORD ModuleID;
PSTR ProcName;
BYTE Embedded; //Contains embedded procs
BYTE DumpType; //'C' - code, 'D' - data
BYTE MethodKind; //'M'-method,'P'-procedure,'F'-function,'C'-constructor,'D'-destructor
BYTE CallKind; //1-'cdecl', 2-'pascal', 3-'stdcall', 4-'safecall'
int VProc; //Flag for "overload" (if Delphi version > verD3 and VProc&0x1000 != 0)
PSTR TypeDef; //Type of Result for function
DWORD DumpTotal; //Total size of dump (dump+relocs+fixups)
DWORD DumpSz; //Dump size
DWORD FixupNum; //Dump fixups number
BYTE Dump[DumpSz]; //Binary dump
BYTE Relocs[DumpSize];
FIXUPINFO Fixups[FixupNum]; //Fixups
DWORD ArgsTotal; //Total size of arguments
WORD ArgsNum; //Arguments number
ARGINFO Args[ArgNum]; //Arguments
DWORD LocalsTotal; //Total size of local vars
WORD LocalsNum; //Local vars number
LOCALINFO Locals[LocalNum]; //Local vars
*/
#define SCOPE_TMP 32 //Temp struct FIELDINFO, to be deleted
typedef struct FIELDINFO
{
FIELDINFO():xrefs(0){}
~FIELDINFO();
BYTE Scope; //9-private, 10-protected, 11-public, 12-published
int Offset; //Offset in class instance
int Case; //Case for record (in other cases 0xFFFFFFFF)
String Name; //Field Name
String Type; //Field Type
TList *xrefs; //Xrefs from code
} FIELDINFO, *PFIELDINFO;
typedef struct
{
BYTE Scope; //9-private, 10-protected, 11-public, 12-published
int Index; //readonly, writeonly â çàâèñèìîñòè îò óñòàíîâêè áèò 1 è 2
int DispID; //???
String Name; //Èìÿ ñâîéñòâà
String TypeDef; //Òèï ñâîéñòâà
String ReadName; //Ïðîöåäóðà äëÿ ÷òåíèÿ ñâîéñòâà èëè ñîîòâåòñòâóþùåå ïîëå
String WriteName; //Ïðîöåäóðà äëÿ çàïèñè ñâîéñòâà èëè ñîîòâåòñòâóþùåå ïîëå
String StoredName; //Ïðîöåäóðà äëÿ ïðîâåðêè ñâîéñòâà èëè ñîîòâåòñòâóþùåå çíà÷åíèå
} PROPINFO, *PPROPINFO;
typedef struct
{
BYTE Scope; //9-private, 10-protected, 11-public, 12-published
BYTE MethodKind; //'M'-method, 'P'-procedure, 'F'-function, 'C'-constructor, 'D'-destructor
String Prototype; //Prototype full name
} METHODINFO, *PMETHODINFO;
typedef struct
{
BYTE Tag; //0x21-"val", 0x22-"var"
bool Register; //If true - argument is in register, else - in stack
int Ndx; //Register number and offset (XX-number, XXXXXX-offset) (0-EAX, 1-ECX, 2-EDX)
int Size; //Argument Size
String Name; //Argument Name
String TypeDef; //Argument Type
} ARGINFO, *PARGINFO;
typedef struct
{
int Ofs; //Offset of local var (from ebp or EP)
int Size; //Size of local var
String Name; //Local var Name
String TypeDef; //Local var Type
} LOCALINFO, *PLOCALINFO;
typedef struct
{
char type; //'C'-call; 'J'-jmp; 'D'-data
DWORD adr; //address of procedure
int offset; //offset in procedure
} XrefRec, *PXrefRec;
//Ôëàæêè äëÿ çàïîëíåíèÿ ÷ëåíîâ êëàññîâ
#define INFO_DUMP 1
#define INFO_ARGS 2
#define INFO_LOCALS 4
#define INFO_FIELDS 8
#define INFO_PROPS 16
#define INFO_METHODS 32
#define INFO_ABSNAME 64
class MConstInfo
{
public:
__fastcall MConstInfo();
__fastcall ~MConstInfo();
public:
WORD ModuleID;
String ConstName;
BYTE Type; //'C'-ConstDecl, 'P'-PDecl (VMT), 'V'-VarCDecl
String TypeDef; //Òèï
String Value; //Çíà÷åíèå
DWORD DumpSz; //Ðàçìåð áèíàðíîãî äàìïà
DWORD FixupNum; //Êîëè÷åñòâî ôèêñàïîâ äàìïà
BYTE *Dump; //Áèíàðíûé äàìï
};
//Çíà÷åíèÿ áàéòà Kind èíôîðìàöèè î òèïå
#define drArrayDef 0x4C //'L'
#define drClassDef 0x46 //'F'
#define drFileDef 0x4F //'O'
#define drFloatDef 0x49 //'I'
#define drInterfaceDef 0x54 //'T'
#define drObjVMTDef 0x47 //'G'
#define drProcTypeDef 0x48 //'H'
#define drPtrDef 0x45 //'E'
#define drRangeDef 0x44 //'D'
#define drRecDef 0x4D //'M'
#define drSetDef 0x4A //'J'
#define drShortStrDef 0x4B //'K'
#define drStringDef 0x52 //'R'
#define drTextDef 0x50 //'P'
#define drVariantDef 0x53 //'S'
#define drAliasDef 0x41 //'Z'
class MTypeInfo
{
public:
__fastcall MTypeInfo();
__fastcall ~MTypeInfo();
public:
DWORD Size;
WORD ModuleID;
String TypeName;
BYTE Kind; //drArrayDef,...,drVariantDef
WORD VMCnt; //VMT elements number (from 0)
String Decl; //Declaration
DWORD DumpSz; //Binary dump size
DWORD FixupNum; //Binary dump fixup number
BYTE *Dump; //Binary dump
WORD FieldsNum; //Fields number (class, interface, record)
BYTE *Fields;
WORD PropsNum; //Properties number (class, interface)
BYTE *Props;
WORD MethodsNum; //Methods number (class, interface)
BYTE *Methods;
};
//Var Type field
#define VT_VAR 'V'
#define VT_ABSVAR 'A'
#define VT_SPECVAR 'S'
#define VT_THREADVAR 'T'
class MVarInfo
{
public:
__fastcall MVarInfo();
__fastcall ~MVarInfo();
public:
WORD ModuleID;
String VarName;
BYTE Type; //'V'-Var;'A'-AbsVar;'S'-SpecVar;'T'-ThreadVar
String TypeDef;
String AbsName; //Äëÿ êëþ÷åâîãî ñëîâà absolute
};
class MResStrInfo
{
public:
__fastcall MResStrInfo();
__fastcall ~MResStrInfo();
public:
WORD ModuleID;
String ResStrName;
String TypeDef;
//String Context;
};
class MProcInfo
{
public:
__fastcall MProcInfo();
__fastcall ~MProcInfo();
public:
WORD ModuleID;
String ProcName;
bool Embedded; //true-ñîäåðæèò âëîæåííûå ïðîöåäóðû
char DumpType; //'C' - êîä, 'D' - äàííûå
char MethodKind; //'M'-method,'P'-procedure,'F'-function,'C'-constructor,'D'-destructor
BYTE CallKind; //1-'cdecl', 2-'pascal', 3-'stdcall', 4-'safecall'
int VProc; //ôëàæîê äëÿ "overload" (åñëè âåðñèÿ Äåëüôè > verD3 è VProc&0x1000 != 0)
String TypeDef; //Òèï
DWORD DumpSz; //Ðàçìåð áèíàðíîãî äàìïà
DWORD FixupNum; //Êîëè÷åñòâî ôèêñàïîâ äàìïà
BYTE *Dump; //Áèíàðíûé äàìï (âêëþ÷àåò â ñåáÿ ñîáñòâåííî äàìï, ðåëîêè è ôèêñàïû)
WORD ArgsNum; //Êîëè÷åñòâî àðãóìåíòîâ ïðîöåäóðû
BYTE *Args; //Ñïèñîê àðãóìåíòîâ
//WORD LocalsNum; //Êîëè÷åñòâî ëîêàëüíûõ ïåðåìåííûõ ïðîöåäóðû
//BYTE *Locals; //Ñïèñîê ëîêàëüíûõ ïåðåìåííûõ
};
//Ñåêöèè áàçû çíàíèé
#define KB_NO_SECTION 0
#define KB_CONST_SECTION 1
#define KB_TYPE_SECTION 2
#define KB_VAR_SECTION 4
#define KB_RESSTR_SECTION 8
#define KB_PROC_SECTION 16
class MKnowledgeBase
{
public:
__fastcall MKnowledgeBase();
__fastcall ~MKnowledgeBase();
bool __fastcall Open(char* filename);
void __fastcall Close();
const BYTE* __fastcall GetKBCachePtr(DWORD Offset, DWORD Size);
WORD __fastcall GetModuleID(char* ModuleName);
String __fastcall GetModuleName(WORD ModuleID);
void __fastcall GetModuleIdsByProcName(char* ProcName);
int __fastcall GetItemSection(WORD* ModuleIDs, char* ItemName);
int __fastcall GetConstIdx(WORD* ModuleID, char* ConstName);
int __fastcall GetConstIdxs(char* ConstName, int* ConstIdx);
int __fastcall GetTypeIdxByModuleIds(WORD* ModuleIDs, char* TypeName);
int __fastcall GetTypeIdxsByName(char* TypeName, int* TypeIdx);
int __fastcall GetTypeIdxByUID(char* UID);
int __fastcall GetVarIdx(WORD* ModuleIDs, char* VarName);
int __fastcall GetResStrIdx(int from, char* ResStrContext);
int __fastcall GetResStrIdx(WORD ModuleID, char* ResStrContext);
int __fastcall GetResStrIdx(WORD* ModuleIDs, char* ResStrName);
int __fastcall GetProcIdx(WORD ModuleID, char* ProcName);
int __fastcall GetProcIdx(WORD ModuleID, char* ProcName, BYTE* code);
int __fastcall GetProcIdx(WORD* ModuleIDs, char* ProcName, BYTE* code);
bool __fastcall GetProcIdxs(WORD ModuleID, int* FirstProcIdx, int* LastProcIdx);
bool __fastcall GetProcIdxs(WORD ModuleID, int* FirstProcIdx, int* LastProcIdx, int* DumpSize);
MConstInfo* __fastcall GetConstInfo(int AConstIdx, DWORD AFlags, MConstInfo* cInfo);
MProcInfo* __fastcall GetProcInfo(char* ProcName, DWORD AFlags, MProcInfo* pInfo, int* procIdx);
MProcInfo* __fastcall GetProcInfo(int AProcIdx, DWORD AFlags, MProcInfo* pInfo);
MTypeInfo* __fastcall GetTypeInfo(int ATypeIdx, DWORD AFlags, MTypeInfo* tInfo);
MVarInfo* __fastcall GetVarInfo(int AVarIdx, DWORD AFlags, MVarInfo* vInfo);
MResStrInfo* __fastcall GetResStrInfo(int AResStrIdx, DWORD AFlags, MResStrInfo* rsInfo);
int __fastcall ScanCode(BYTE* code, DWORD* CodeFlags, DWORD CodeSz, MProcInfo* pInfo);
WORD* __fastcall GetModuleUses(WORD ModuleID);
int __fastcall GetProcUses(char* ProcName, WORD* uses);
WORD* __fastcall GetTypeUses(char* TypeName);
WORD* __fastcall GetConstUses(char* ConstName);
String __fastcall GetProcPrototype(int ProcIdx);
String __fastcall GetProcPrototype(MProcInfo* pInfo);
bool __fastcall IsUsedProc(int AIdx);
void __fastcall SetUsedProc(int AIdx);
bool __fastcall GetKBProcInfo(String typeName, MProcInfo* procInfo, int* procIdx);
bool __fastcall GetKBTypeInfo(String typeName, MTypeInfo* typeInfo);
bool __fastcall GetKBPropertyInfo(String className, String propName, MTypeInfo* typeInfo);
String __fastcall IsPropFunction(String className, String procName);
DWORD Version;
int ModuleCount;
OFFSETSINFO *ModuleOffsets;
WORD *Mods;
BYTE *UsedProcs;
const OFFSETSINFO *ConstOffsets;
const OFFSETSINFO *TypeOffsets;
const OFFSETSINFO *VarOffsets;
const OFFSETSINFO *ResStrOffsets;
const OFFSETSINFO *ProcOffsets;
private:
bool Inited;
FILE *Handle;
bool __fastcall CheckKBFile();
long SectionsOffset;
//Modules
int MaxModuleDataSize;
//Consts
int ConstCount;
int MaxConstDataSize;
//Types
int TypeCount;
int MaxTypeDataSize;
//Vars
int VarCount;
int MaxVarDataSize;
//ResStr
int ResStrCount;
int MaxResStrDataSize;
//Procs
int MaxProcDataSize;
int ProcCount;
//as temp test (global KB file cache in mem)
const BYTE *KBCache;
long SizeKBFile;
String NameKBFile;
};
//---------------------------------------------------------------------------
#endif