270{
271 UINT64 Address;
272 UINT64 * FinalBuffer;
273 vector<UINT64> ValuesToEdit;
285
286
287
288
289
291 {
293 }
294
295 if (CommandTokens.size() <= 2)
296 {
297 ShowMessages("incorrect use of the '%s'\n\n",
300 return;
301 }
302
303 for (auto Section : CommandTokens)
304 {
305 if (IsFirstCommand)
306 {
308 {
311 }
313 {
316 }
318 {
321 }
323 {
326 }
328 {
331 }
333 {
336 }
337 else
338 {
339
340
341
342 ShowMessages("unknown error happened !\n\n");
344 return;
345 }
346
347 IsFirstCommand =
FALSE;
348
349 continue;
350 }
351
352 if (NextIsProcId)
353 {
354
355
356
357 NextIsProcId =
FALSE;
358
360 {
361 ShowMessages("please specify a correct hex process id\n\n");
363 return;
364 }
365 else
366 {
367
368
369
370 continue;
371 }
372 }
373
374
375
376
378 {
380 continue;
381 }
382
383 if (!SetAddress)
384 {
386 {
387 ShowMessages("err, couldn't resolve error at '%s'\n\n",
390 return;
391 }
392 else
393 {
394
395
396
398 continue;
399 }
400 }
401
402 if (SetAddress)
403 {
404
405
406
408
409 if (TargetVal.rfind("0x", 0) == 0 || TargetVal.rfind("0X", 0) == 0 ||
410 TargetVal.rfind("\\x", 0) == 0 || TargetVal.rfind("\\X", 0) == 0)
411 {
412 TargetVal = TargetVal.erase(0, 2);
413 }
414 else if (TargetVal.rfind('x', 0) == 0 || TargetVal.rfind('X', 0) == 0)
415 {
416 TargetVal = TargetVal.erase(0, 1);
417 }
418
419 TargetVal.erase(remove(TargetVal.begin(), TargetVal.end(), '`'), TargetVal.end());
420
421
422
423
424 if (ByteSize ==
EDIT_BYTE && TargetVal.size() >= 3)
425 {
426 ShowMessages("please specify a byte (hex) value for 'eb' or '!eb'\n\n");
427 return;
428 }
429 if (ByteSize ==
EDIT_DWORD && TargetVal.size() >= 9)
430 {
431 ShowMessages(
432 "please specify a dword (hex) value for 'ed' or '!ed'\n\n");
433 return;
434 }
435 if (ByteSize ==
EDIT_QWORD && TargetVal.size() >= 17)
436 {
437 ShowMessages(
438 "please specify a qword (hex) value for 'eq' or '!eq'\n\n");
439 return;
440 }
441
442
443
444
445
446
448 {
449 ShowMessages("please specify a correct hex value to change the memory "
450 "content\n\n");
452 return;
453 }
454 else
455 {
456
457
458
459
460 ValuesToEdit.push_back(
Value);
461
462
463
464
465 CountOfValues++;
466
468 {
469
470
471
473 }
474 continue;
475 }
476 }
477 }
478
479
480
481
483 {
485 return;
486 }
487
488
489
490
491 if (ProcId == 0)
492 {
493 ProcId = GetCurrentProcessId();
494 }
495
496
497
498
499 if (!SetAddress)
500 {
501 ShowMessages("please specify a correct hex address\n\n");
503 return;
504 }
506 {
507 ShowMessages(
508 "please specify a correct hex value as the content to edit\n\n");
510 return;
511 }
512 if (NextIsProcId)
513 {
514 ShowMessages("please specify a correct hex value as the process id\n\n");
516 return;
517 }
518
519
520
521
522 FinalSize = (CountOfValues * sizeof(UINT64));
523
524
525
526
527 FinalBuffer = (UINT64 *)malloc(FinalSize);
528
529 if (!FinalBuffer)
530 {
531 ShowMessages("unable to allocate memory\n\n");
532 return;
533 }
534
535
536
537
538 ZeroMemory(FinalBuffer, FinalSize);
539
540
541
542
543 std::copy(ValuesToEdit.begin(), ValuesToEdit.end(), FinalBuffer);
544
545
546
547
549 MemoryType,
550 ByteSize,
551 ProcId,
552 CountOfValues,
553 FinalBuffer);
554
555
556
557
558 free(FinalBuffer);
559}
VOID SetValue(PGUEST_REGS GuestRegs, SCRIPT_ENGINE_GENERAL_REGISTERS *ScriptGeneralRegisters, PSYMBOL Symbol, UINT64 Value)
Set the value.
Definition ScriptEngineEval.c:185
BOOLEAN g_IsSerialConnectedToRemoteDebuggee
Shows if the debugger was connected to remote debuggee over (A remote guest).
Definition globals.h:253
ACTIVE_DEBUGGING_PROCESS g_ActiveProcessDebuggingState
State of active debugging thread.
Definition globals.h:372
std::string GetCaseSensitiveStringFromCommandToken(CommandToken TargetToken)
Get case sensitive string from command token.
Definition common.cpp:467
BOOLEAN CompareLowerCaseStrings(CommandToken TargetToken, const CHAR *StringToCompare)
Compare lower case strings.
Definition common.cpp:503
BOOLEAN ConvertTokenToUInt32(CommandToken TargetToken, PUINT32 Result)
check and convert command token to a 32 bit unsigned integer
Definition common.cpp:546
VOID CommandEditMemoryHelp()
help of !e* and e* commands
Definition e.cpp:28
BOOLEAN WriteMemoryContent(UINT64 AddressToEdit, DEBUGGER_EDIT_MEMORY_TYPE MemoryType, DEBUGGER_EDIT_MEMORY_BYTE_SIZE ByteSize, UINT32 Pid, UINT32 CountOf64Chunks, UINT64 *BufferToEdit)
Perform writing the memory content.
Definition e.cpp:66
RequestedActionOfThePacket Value(0x1) 00000000
BOOLEAN SymbolConvertNameOrExprToAddress(const string &TextToConvert, PUINT64 Result)
check and convert string to a 64 bit unsigned integer and also check for symbol object names and eval...
Definition symbol.cpp:359