RubyGems - metasm - Versions diffs - 1.0.0 - Mend

metasm 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (192) hide show

data/BUGS +11 -0
data/CREDITS +17 -0
data/README +270 -0
data/TODO +114 -0
data/doc/code_organisation.txt +146 -0
data/doc/const_missing.txt +16 -0
data/doc/core_classes.txt +75 -0
data/doc/feature_list.txt +53 -0
data/doc/index.txt +59 -0
data/doc/install_notes.txt +170 -0
data/doc/style.css +3 -0
data/doc/use_cases.txt +18 -0
data/lib/metasm.rb +80 -0
data/lib/metasm/arm.rb +12 -0
data/lib/metasm/arm/debug.rb +39 -0
data/lib/metasm/arm/decode.rb +167 -0
data/lib/metasm/arm/encode.rb +77 -0
data/lib/metasm/arm/main.rb +75 -0
data/lib/metasm/arm/opcodes.rb +177 -0
data/lib/metasm/arm/parse.rb +130 -0
data/lib/metasm/arm/render.rb +55 -0
data/lib/metasm/compile_c.rb +1457 -0
data/lib/metasm/dalvik.rb +8 -0
data/lib/metasm/dalvik/decode.rb +196 -0
data/lib/metasm/dalvik/main.rb +60 -0
data/lib/metasm/dalvik/opcodes.rb +366 -0
data/lib/metasm/decode.rb +213 -0
data/lib/metasm/decompile.rb +2659 -0
data/lib/metasm/disassemble.rb +2068 -0
data/lib/metasm/disassemble_api.rb +1280 -0
data/lib/metasm/dynldr.rb +1329 -0
data/lib/metasm/encode.rb +333 -0
data/lib/metasm/exe_format/a_out.rb +194 -0
data/lib/metasm/exe_format/autoexe.rb +82 -0
data/lib/metasm/exe_format/bflt.rb +189 -0
data/lib/metasm/exe_format/coff.rb +455 -0
data/lib/metasm/exe_format/coff_decode.rb +901 -0
data/lib/metasm/exe_format/coff_encode.rb +1078 -0
data/lib/metasm/exe_format/dex.rb +457 -0
data/lib/metasm/exe_format/dol.rb +145 -0
data/lib/metasm/exe_format/elf.rb +923 -0
data/lib/metasm/exe_format/elf_decode.rb +979 -0
data/lib/metasm/exe_format/elf_encode.rb +1375 -0
data/lib/metasm/exe_format/macho.rb +827 -0
data/lib/metasm/exe_format/main.rb +228 -0
data/lib/metasm/exe_format/mz.rb +164 -0
data/lib/metasm/exe_format/nds.rb +172 -0
data/lib/metasm/exe_format/pe.rb +437 -0
data/lib/metasm/exe_format/serialstruct.rb +246 -0
data/lib/metasm/exe_format/shellcode.rb +114 -0
data/lib/metasm/exe_format/xcoff.rb +167 -0
data/lib/metasm/gui.rb +23 -0
data/lib/metasm/gui/cstruct.rb +373 -0
data/lib/metasm/gui/dasm_coverage.rb +199 -0
data/lib/metasm/gui/dasm_decomp.rb +369 -0
data/lib/metasm/gui/dasm_funcgraph.rb +103 -0
data/lib/metasm/gui/dasm_graph.rb +1354 -0
data/lib/metasm/gui/dasm_hex.rb +543 -0
data/lib/metasm/gui/dasm_listing.rb +599 -0
data/lib/metasm/gui/dasm_main.rb +906 -0
data/lib/metasm/gui/dasm_opcodes.rb +291 -0
data/lib/metasm/gui/debug.rb +1228 -0
data/lib/metasm/gui/gtk.rb +884 -0
data/lib/metasm/gui/qt.rb +495 -0
data/lib/metasm/gui/win32.rb +3004 -0
data/lib/metasm/gui/x11.rb +621 -0
data/lib/metasm/ia32.rb +14 -0
data/lib/metasm/ia32/compile_c.rb +1523 -0
data/lib/metasm/ia32/debug.rb +193 -0
data/lib/metasm/ia32/decode.rb +1167 -0
data/lib/metasm/ia32/decompile.rb +564 -0
data/lib/metasm/ia32/encode.rb +314 -0
data/lib/metasm/ia32/main.rb +233 -0
data/lib/metasm/ia32/opcodes.rb +872 -0
data/lib/metasm/ia32/parse.rb +327 -0
data/lib/metasm/ia32/render.rb +91 -0
data/lib/metasm/main.rb +1193 -0
data/lib/metasm/mips.rb +11 -0
data/lib/metasm/mips/compile_c.rb +7 -0
data/lib/metasm/mips/decode.rb +253 -0
data/lib/metasm/mips/encode.rb +51 -0
data/lib/metasm/mips/main.rb +72 -0
data/lib/metasm/mips/opcodes.rb +443 -0
data/lib/metasm/mips/parse.rb +51 -0
data/lib/metasm/mips/render.rb +43 -0
data/lib/metasm/os/gnu_exports.rb +270 -0
data/lib/metasm/os/linux.rb +1112 -0
data/lib/metasm/os/main.rb +1686 -0
data/lib/metasm/os/remote.rb +527 -0
data/lib/metasm/os/windows.rb +2027 -0
data/lib/metasm/os/windows_exports.rb +745 -0
data/lib/metasm/parse.rb +876 -0
data/lib/metasm/parse_c.rb +3938 -0
data/lib/metasm/pic16c/decode.rb +42 -0
data/lib/metasm/pic16c/main.rb +17 -0
data/lib/metasm/pic16c/opcodes.rb +68 -0
data/lib/metasm/ppc.rb +11 -0
data/lib/metasm/ppc/decode.rb +264 -0
data/lib/metasm/ppc/decompile.rb +251 -0
data/lib/metasm/ppc/encode.rb +51 -0
data/lib/metasm/ppc/main.rb +129 -0
data/lib/metasm/ppc/opcodes.rb +410 -0
data/lib/metasm/ppc/parse.rb +52 -0
data/lib/metasm/preprocessor.rb +1277 -0
data/lib/metasm/render.rb +130 -0
data/lib/metasm/sh4.rb +8 -0
data/lib/metasm/sh4/decode.rb +336 -0
data/lib/metasm/sh4/main.rb +292 -0
data/lib/metasm/sh4/opcodes.rb +381 -0
data/lib/metasm/x86_64.rb +12 -0
data/lib/metasm/x86_64/compile_c.rb +1025 -0
data/lib/metasm/x86_64/debug.rb +59 -0
data/lib/metasm/x86_64/decode.rb +268 -0
data/lib/metasm/x86_64/encode.rb +264 -0
data/lib/metasm/x86_64/main.rb +135 -0
data/lib/metasm/x86_64/opcodes.rb +118 -0
data/lib/metasm/x86_64/parse.rb +68 -0
data/misc/bottleneck.rb +61 -0
data/misc/cheader-findpppath.rb +58 -0
data/misc/hexdiff.rb +74 -0
data/misc/hexdump.rb +55 -0
data/misc/metasm-all.rb +13 -0
data/misc/objdiff.rb +47 -0
data/misc/objscan.rb +40 -0
data/misc/pdfparse.rb +661 -0
data/misc/ppc_pdf2oplist.rb +192 -0
data/misc/tcp_proxy_hex.rb +84 -0
data/misc/txt2html.rb +440 -0
data/samples/a.out.rb +31 -0
data/samples/asmsyntax.rb +77 -0
data/samples/bindiff.rb +555 -0
data/samples/compilation-steps.rb +49 -0
data/samples/cparser_makestackoffset.rb +55 -0
data/samples/dasm-backtrack.rb +38 -0
data/samples/dasmnavig.rb +318 -0
data/samples/dbg-apihook.rb +228 -0
data/samples/dbghelp.rb +143 -0
data/samples/disassemble-gui.rb +102 -0
data/samples/disassemble.rb +133 -0
data/samples/dump_upx.rb +95 -0
data/samples/dynamic_ruby.rb +1929 -0
data/samples/elf_list_needed.rb +46 -0
data/samples/elf_listexports.rb +33 -0
data/samples/elfencode.rb +25 -0
data/samples/exeencode.rb +128 -0
data/samples/factorize-headers-elfimports.rb +77 -0
data/samples/factorize-headers-peimports.rb +109 -0
data/samples/factorize-headers.rb +43 -0
data/samples/gdbclient.rb +583 -0
data/samples/generate_libsigs.rb +102 -0
data/samples/hotfix_gtk_dbg.rb +59 -0
data/samples/install_win_env.rb +78 -0
data/samples/lindebug.rb +924 -0
data/samples/linux_injectsyscall.rb +95 -0
data/samples/machoencode.rb +31 -0
data/samples/metasm-shell.rb +91 -0
data/samples/pe-hook.rb +69 -0
data/samples/pe-ia32-cpuid.rb +203 -0
data/samples/pe-mips.rb +35 -0
data/samples/pe-shutdown.rb +78 -0
data/samples/pe-testrelocs.rb +51 -0
data/samples/pe-testrsrc.rb +24 -0
data/samples/pe_listexports.rb +31 -0
data/samples/peencode.rb +19 -0
data/samples/peldr.rb +494 -0
data/samples/preprocess-flatten.rb +19 -0
data/samples/r0trace.rb +308 -0
data/samples/rubstop.rb +399 -0
data/samples/scan_pt_gnu_stack.rb +54 -0
data/samples/scanpeexports.rb +62 -0
data/samples/shellcode-c.rb +40 -0
data/samples/shellcode-dynlink.rb +146 -0
data/samples/source.asm +34 -0
data/samples/struct_offset.rb +47 -0
data/samples/testpe.rb +32 -0
data/samples/testraw.rb +45 -0
data/samples/win32genloader.rb +132 -0
data/samples/win32hooker-advanced.rb +169 -0
data/samples/win32hooker.rb +96 -0
data/samples/win32livedasm.rb +33 -0
data/samples/win32remotescan.rb +133 -0
data/samples/wintrace.rb +92 -0
data/tests/all.rb +8 -0
data/tests/dasm.rb +39 -0
data/tests/dynldr.rb +35 -0
data/tests/encodeddata.rb +132 -0
data/tests/ia32.rb +82 -0
data/tests/mips.rb +116 -0
data/tests/parse_c.rb +239 -0
data/tests/preprocessor.rb +269 -0
data/tests/x86_64.rb +62 -0
metadata +255 -0

data/lib/metasm/exe_format/shellcode.rb ADDED

@@ -0,0 +1,114 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/exe_format/main'
+module Metasm
+# a shellcode is a simple sequence of instructions
+class Shellcode < ExeFormat
+	# the array of source elements (Instr/Data etc)
+	attr_accessor :source
+	# the base address of the shellcode (nil if unspecified)
+	attr_accessor :base_addr
+	def initialize(cpu=nil, base_addr=nil)
+		@base_addr = base_addr
+		@source = []
+		super(cpu)
+	end
+	def parse_init
+		@cursource = @source
+		super()
+	end
+	# allows definition of the base address
+	def parse_parser_instruction(instr)
+		case instr.raw.downcase
+		when '.base', '.baseaddr', '.base_addr'
+			# ".base_addr <expression>"
+			# expression should #reduce to integer
+			@lexer.skip_space
+			raise instr, 'syntax error' if not @base_addr = Expression.parse(@lexer).reduce
+			raise instr, 'syntax error' if tok = @lexer.nexttok and tok.type != :eol
+		else super(instr)
+		end
+	end
+	def get_section_at(addr)
+		base = @base_addr || 0
+		if not addr.kind_of? Integer
+			[@encoded, addr] if @encoded.ptr = @encoded.export[addr]
+		elsif addr >= base and addr < base + @encoded.virtsize
+			@encoded.ptr = addr - base
+			[@encoded, addr]
+		end
+	end
+	def each_section
+		yield @encoded, (@base_addr || 0)
+	end
+	def addr_to_fileoff(addr)
+		addr - (base_addr || 0)
+	end
+	def fileoff_to_addr(foff)
+		foff + (base_addr || 0)
+	end
+	# encodes the source found in self.source
+	# appends it to self.encoded
+	# clears self.source
+	# the optional parameter may contain a binding used to fixup! self.encoded
+	# uses self.base_addr if it exists
+	def assemble(*a)
+		parse(*a) if not a.empty?
+		@encoded << assemble_sequence(@source, @cpu)
+		@source.clear
+		encode
+	end
+	def encode(binding={})
+		@encoded.fixup! binding
+		@encoded.fixup @encoded.binding(@base_addr)
+		@encoded.fill @encoded.rawsize
+		self
+	end
+	def decode
+	end
+	def self.disassemble(cpu, str, eip=0)
+		sc = decode(str, cpu)
+		sc.disassemble(eip)
+	end
+	def init_disassembler
+		d = super()
+		d.function[:default] = @cpu.disassembler_default_func
+		d
+	end
+	def compile_setsection(src, section)
+	end
+	def dump_section_header(addr, edata)
+		''
+	end
+	def get_default_entrypoints
+		[@base_addr || 0]
+	end
+	# returns a virtual subclass of Shellcode whose cpu_from_headers will return cpu
+	def self.withcpu(cpu)
+		c = Class.new(self)
+		c.send(:define_method, :cpu_from_headers) { cpu }
+		c
+	end
+end
+end

data/lib/metasm/exe_format/xcoff.rb ADDED

@@ -0,0 +1,167 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/exe_format/main'
+require 'metasm/encode'
+require 'metasm/decode'
+module Metasm
+class XCoff < ExeFormat
+	FLAGS = { 1 => 'RELFLG', 2 => 'EXEC', 4 => 'LNNO',
+		0x200 => 'AR32W', 0x400 => 'PATCH', 0x1000 => 'DYNLOAD',
+		0x2000 => 'SHROBJ', 0x4000 => 'LOADONLY' }
+	SECTION_FLAGS = { 8 => 'PAD', 0x20 => 'TEXT', 0x40 => 'DATA', 0x80 => 'BSS',
+		0x100 => 'EXCEPT', 0x200 => 'INFO', 0x1000 => 'LOADER',
+		0x2000 => 'DEBUG', 0x4000 => 'TYPCHK', 0x8000 => 'OVRFLO' }
+	class SerialStruct < Metasm::SerialStruct
+		new_int_field :xword, :xhalf
+	end
+	class Header < SerialStruct
+		mem :sig, 2
+		decode_hook { |exe, hdr|
+			exe.endianness, exe.intsize =
+			case @sig
+			when "\1\xdf"; [:big,    32]
+			when "\xdf\1"; [:little, 32]
+			when "\1\xef"; [:big,    64]
+			when "\xef\1"; [:little, 64]
+			else raise InvalidExeFormat, "invalid a.out signature"
+			end
+		}
+		half :nsec
+		word :timdat
+		xword :symptr
+		word :nsym
+		half :opthdr
+		half :flags
+		fld_bits :flags, FLAGS
+		def set_default_values(xcoff)
+			@sig ||= case [xcoff.endianness, xcoff.intsize]
+				when [:big,    32]; "\1\xdf"
+				when [:little, 32]; "\xdf\1"
+				when [:big,    64]; "\1\xef"
+				when [:little, 64]; "\xef\1"
+				end
+			@nsec   ||= xcoff.sections.size
+			@symptr ||= xcoff.symbols ? xcoff.new_label('symptr') : 0
+			@nsym   ||= xcoff.symbols ? xcoff.symbols.length : 0
+			@opthdr ||= xcoff.optheader ? OptHeader.size(xcoff) : 0
+			super(xcoff)
+		end
+	end
+	class OptHeader < SerialStruct
+		halfs :magic, :vstamp
+		xwords :tsize, :dsize, :bsize, :entry, :text_start, :data_start, :toc
+		halfs :snentry, :sntext, :sndata, :sntoc, :snloader, :snbss, :aligntext, :aligndata, :modtype, :cpu
+		xwords :maxstack, :maxdata
+		new_field(:res, lambda { |exe, me| exe.encoded.read(exe.intsize == 32 ? 8 : 120) }, lambda { |exe, me, val| val }, '')
+		def self.size(xcoff)
+			xcoff.intsize == 32 ? 2*2+7*4+10*2+2*4+2+8 : 2*2+7*8+10*2+2*8+2+120
+		end
+		def set_default_values(xcoff)
+			@vstamp  ||= 1
+			@snentry ||= 1
+			@sntext  ||= 1
+			@sndata  ||= 2
+			@sntoc   ||= 3
+			@snloader||= 4
+			@snbss   ||= 5
+			super(xcoff)
+		end
+	end
+	class Section < SerialStruct
+		str :name, 8
+		xwords :paddr, :vaddr, :size, :scnptr, :relptr, :lnnoptr
+		xhalfs :nreloc, :nlnno, :flags
+		fld_bits :flags, SECTION_FLAGS
+		def set_defalut_values(xcoff)
+			@name   ||= @flags.kind_of?(::Array) ? ".#{@flags.first.to_s.downcase}" : ''
+			@vaddr  ||= @paddr ? @paddr : @encoded ? xcoff.label_at(@encoded, 0, 's_vaddr') : 0
+			@paddr  ||= @vaddr
+			@size   ||= @encoded ? @encoded.size : 0
+			@scnptr ||= xcoff.new_label('s_scnptr')
+			super(xcoff)
+		end
+	end
+	# basic immediates decoding functions
+	def decode_half( edata = @encoded) edata.decode_imm(:u16, @endianness) end
+	def decode_word( edata = @encoded) edata.decode_imm(:u32, @endianness) end
+	def decode_xhalf(edata = @encoded) edata.edoced_imm((@intsize == 32 ? :u16 : :u32), @endianness) end
+	def decode_xword(edata = @encoded) edata.decode_imm((@intsize == 32 ? :u32 : :u64), @endianness) end
+	def encode_half(w)  Expression[w].encode(:u16, @endianness) end
+	def encode_word(w)  Expression[w].encode(:u32, @endianness) end
+	def encode_xhalf(w) Expression[w].encode((@intsize == 32 ? :u16 : :u32), @endianness) end
+	def encode_xword(w) Expression[w].encode((@intsize == 32 ? :u32 : :u64), @endianness) end
+	attr_accessor :header, :segments, :relocs, :intsize, :endianness
+	def initialize(cpu=nil)
+		@header = Header.new
+		@sections = []
+		if @cpu
+			@intsize = @cpu.size
+			@endianness = @cpu.endianness
+		else
+			@intsize = 32
+			@endianness = :little
+		end
+		super(cpu)
+	end
+	def decode_header(off = 0)
+		@encoded.ptr = off
+		@header.decode(self)
+		if @header.opthdr != 0
+			@optheader = OptHeader.decode(self)
+		end
+		@header.nsec.times { @sections << Section.decode(self) }
+	end
+	def decode
+		decode_header
+		@sections.each { |s| s.encoded = @encoded[s.scnptr, s.size] }
+	end
+	def encode
+		@encoded = EncodedData.new
+		@encoded << @header.encode(self)
+		@encoded << @optheader.encode(self) if @optheader
+		@sections.each { |s| @encoded << s.encode(self) }
+		va = @encoded.size
+		binding = {}
+		@sections.each { |s|
+			if s.scnptr.kind_of? ::String
+				binding[s.scnptr] = @encoded.size
+			else
+				raise 'scnptr too low' if @encoded.virtsize > s.scnptr
+				@encoded.virtsize = s.scnptr
+			end
+			va = (va + 4096 - 1)/4096*4096
+			if s.vaddr.kind_of? ::String
+				binding[s.vaddr] = va
+			else
+				va = s.vaddr
+			end
+			binding.update s.encoded.binding(va)
+			va += s.encoded.size
+			@encoded << s.encoded
+		}
+		@encoded.fixup!(binding)
+		@encoded.data
+	end
+end
+end

data/lib/metasm/gui.rb ADDED

@@ -0,0 +1,23 @@
+backend = case ENV['METASM_GUI']
+when 'gtk'; 'gtk'
+when 'qt'; 'qt'
+when 'win32'; 'win32'
+else
+	puts "Unsupported METASM_GUI #{ENV['METASM_GUI'].inspect}" if $VERBOSE and ENV['METASM_GUI']
+	if RUBY_PLATFORM =~ /(i.86|x(86_)?64)-(mswin|mingw|cygwin)/i
+		'win32'
+	else
+	begin
+		require 'gtk2'
+		'gtk'
+	rescue LoadError
+		#begin
+		#	require 'Qt4'
+		#	'qt'
+		#rescue LoadError
+			raise LoadError, 'No GUI ruby binding installed - please install libgtk2-ruby'
+		#end
+	end
+	end
+end
+require "metasm/gui/#{backend}"

data/lib/metasm/gui/cstruct.rb ADDED

@@ -0,0 +1,373 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+module Metasm
+module Gui
+class CStructWidget < DrawableWidget
+	attr_accessor :dasm, :view_x, :view_y
+	def initialize_widget(dasm, parent_widget)
+		@dasm = dasm
+		@parent_widget = parent_widget
+		@line_text_col = []	# each line is [[:col, 'text'], [:col, 'text']]
+		@line_text = []
+		@line_dereference = []	# linenr => [addr, struct] (args to focus_addr)
+		@curaddr = nil
+		@curstruct = nil
+		@tabwidth = 8
+		@view_x = @view_y = 0
+		@caret_x = @caret_y = 0
+		@cwidth = @cheight = 1	# widget size in chars
+		@structdepth = 2
+		@default_color_association = { :text => :black, :keyword => :blue, :caret => :black,
+			  :background => :white, :hl_word => :palered, :comment => :darkblue }
+	end
+	def click(x, y)
+		@caret_x = (x-1).to_i / @font_width + @view_x
+		@caret_y = y.to_i / @font_height + @view_y
+		update_caret
+	end
+	def rightclick(x, y)
+		click(x, y)
+		@parent_widget.clone_window(@hl_word) if @hl_word
+	end
+	def doubleclick(x, y)
+		click(x, y)
+		keypress(:enter)
+	end
+	def mouse_wheel(dir, x, y)
+		case dir
+		when :up
+			if @caret_y > 0
+				@view_y -= 4
+				@view_y = 0 if @view_y < 0
+				@caret_y -= 4
+				@caret_y = 0 if @caret_y < 0
+			end
+		when :down
+			if @caret_y < @line_text.length - 1
+				@view_y += 4
+				@caret_y += 4
+			end
+		end
+		redraw
+	end
+	def paint
+		@cwidth = width/@font_width
+		@cheight = height/@font_height
+		# adjust viewport to cursor
+		sz_x = @line_text.map { |l| l.length }.max.to_i + 1
+		sz_y = @line_text.length.to_i + 1
+		@view_x = @caret_x - @cwidth + 1 if @caret_x > @view_x + @cwidth - 1
+		@view_x = @caret_x if @caret_x < @view_x
+		@view_x = sz_x - @cwidth - 1 if @view_x >= sz_x - @cwidth
+		@view_x = 0 if @view_x < 0
+		@view_y = @caret_y - @cheight + 1 if @caret_y > @view_y + @cheight - 1
+		@view_y = @caret_y if @caret_y < @view_y
+		@view_y = sz_y - @cheight - 1 if @view_y >= sz_y - @cheight
+		@view_y = 0 if @view_y < 0
+		# current cursor position
+		x = 1
+		y = 0
+		@line_text_col[@view_y, @cheight + 1].each { |l|
+			cx = 0
+			l.each { |c, t|
+				cx += t.length
+				if cx-t.length > @view_x + @cwidth + 1
+				elsif cx < @view_x
+				else
+					t = t[(@view_x - cx + t.length)..-1] if cx-t.length < @view_x
+					if @hl_word
+						stmp = t
+						pre_x = 0
+						while stmp =~ /^(.*?)(\b#{Regexp.escape @hl_word}\b)/
+							s1, s2 = $1, $2
+							pre_x += s1.length*@font_width
+							hl_w = s2.length*@font_width
+							draw_rectangle_color(:hl_word, x+pre_x, y, hl_w, @font_height)
+							pre_x += hl_w
+							stmp = stmp[s1.length+s2.length..-1]
+						end
+					end
+					draw_string_color(c, x, y, t)
+					x += t.length * @font_width
+				end
+			}
+			x = 1
+			y += @font_height
+		}
+		if focus?
+			# draw caret
+			cx = (@caret_x-@view_x)*@font_width+1
+			cy = (@caret_y-@view_y)*@font_height
+			draw_line_color(:caret, cx, cy, cx, cy+@font_height-1)
+		end
+		@oldcaret_x, @oldcaret_y = @caret_x, @caret_y
+	end
+	def keypress(key)
+		case key
+		when :left
+			if @caret_x >= 1
+				@caret_x -= 1
+				update_caret
+			end
+		when :up
+			if @caret_y > 0
+				@caret_y -= 1
+				update_caret
+			end
+		when :right
+			if @caret_x < @line_text[@caret_y].to_s.length
+				@caret_x += 1
+				update_caret
+			end
+		when :down
+			if @caret_y < @line_text.length
+				@caret_y += 1
+				update_caret
+			end
+		when :home
+			@caret_x = @line_text[@caret_y].to_s[/^\s*/].length
+			update_caret
+		when :end
+			@caret_x = @line_text[@caret_y].to_s.length
+			update_caret
+		when :pgup
+			@caret_y -= @cheight/2
+			@caret_y = 0 if @caret_y < 0
+			update_caret
+		when :pgdown
+			@caret_y += @cheight/2
+			@caret_y = @line_text.length if @caret_y > @line_text.length
+			update_caret
+		when :enter
+			if l = @line_dereference[@caret_y]
+				if @parent_widget
+					@parent_widget.focus_addr(l[0], :cstruct, false, l[1])
+				else
+					focus_addr(l[0], l[1])
+				end
+			end
+		when ?+
+			@structdepth += 1
+			gui_update
+		when ?-
+			@structdepth -= 1
+			gui_update
+		when ?/
+			@structdepth = 1
+			gui_update
+		when ?*
+			@structdepth =  50
+			gui_update
+		when ?l
+			liststructs
+		when ?t
+			inputbox('new struct name to use', :text => (@curstruct.name rescue '')) { |n|
+				lst = @dasm.c_parser.toplevel.struct.keys.grep(String)
+				if fn = lst.find { |ln| ln == n } || lst.find { |ln| ln.downcase == n.downcase }
+					focus_addr(@curaddr, @dasm.c_parser.toplevel.struct[fn])
+				else
+					lst = @dasm.c_parser.toplevel.symbol.keys.grep(String).find_all { |ln|
+						s = @dasm.c_parser.toplevel.symbol[ln]
+						s.kind_of?(C::TypeDef) and s.untypedef.kind_of?(C::Union)
+					}
+					if fn = lst.find { |ln| ln == n } || lst.find { |ln| ln.downcase == n.downcase }
+						focus_addr(@curaddr, @dasm.c_parser.toplevel.symbol[fn].untypedef)
+					else
+						liststructs(n)
+					end
+				end
+			}
+		else return false
+		end
+		true
+	end
+	def liststructs(partname=nil)
+		tl = @dasm.c_parser.toplevel
+		list = [['name', 'size']]
+		list += tl.struct.keys.grep(String).sort.map { |stn|
+			next if partname and stn !~ /#{partname}/i
+			st = tl.struct[stn]
+			[stn, @dasm.c_parser.sizeof(st)] if st.members
+		}.compact
+		list += tl.symbol.keys.grep(String).sort.map { |stn|
+			next if partname and stn !~ /#{partname}/i
+			st = tl.symbol[stn]
+			next unless st.kind_of?(C::TypeDef) and st.untypedef.kind_of?(C::Union)
+			[stn, @dasm.c_parser.sizeof(st)] if st.untypedef.members
+		}.compact
+		if partname and list.length == 2
+			focus_addr(@curaddr, tl.struct[list[1][0]] || tl.symbol[list[1][0]].untypedef)
+			return
+		end
+		listwindow('structs', list) { |stn|
+			focus_addr(@curaddr, tl.struct[stn[0]] || tl.symbol[stn[0]].untypedef)
+		}
+	end
+	def get_cursor_pos
+		[@curaddr, @curstruct, @caret_x, @caret_y, @view_y]
+	end
+	def set_cursor_pos(p)
+		focus_addr p[0], p[1]
+		@caret_x, @caret_y, @view_y = p[2, 3]
+		update_caret
+	end
+	# hint that the caret moved
+	# redraws the caret, change the hilighted word, redraw if needed
+	def update_caret
+		if @caret_x < @view_x or @caret_x >= @view_x + @cwidth or @caret_y < @view_y or @caret_y >= @view_y + @cheight
+			redraw
+		elsif update_hl_word(@line_text[@caret_y], @caret_x)
+			redraw
+		else
+			invalidate_caret(@oldcaret_x-@view_x, @oldcaret_y-@view_y)
+			invalidate_caret(@caret_x-@view_x, @caret_y-@view_y)
+		end
+		@oldcaret_x, @oldcaret_y = @caret_x, @caret_y
+	end
+	# focus on addr
+	# returns true on success
+	def focus_addr(addr, struct=@curstruct)
+		return if @parent_widget and not addr = @parent_widget.normalize(addr)
+		@curaddr = addr
+		@curstruct = struct
+		@caret_x = @caret_y = 0
+		gui_update
+		true
+	end
+	# returns the address of the data under the cursor
+	def current_address
+		@curaddr
+	end
+	def render_struct(obj=nil, off=nil, maxdepth=@structdepth)
+		render = lambda { |str, col|
+			if @line_text_col.last[0] == col
+				@line_text_col.last[1] << str
+			else
+				@line_text_col.last << [col, str]
+			end
+		}
+		indent = ' ' * @tabwidth
+		nl = lambda {
+			@line_text_col << []
+			render[indent * [@structdepth - maxdepth, 0].max, :text]
+		}
+		if not obj
+			@line_text_col = [[]]
+			@line_dereference = []
+			struct = @curstruct
+			if str = @dasm.get_section_at(@curaddr)
+				obj = @dasm.c_parser.decode_c_struct(struct, str[0].read(@dasm.c_parser.sizeof(struct)))
+			else
+				render["/* unmapped area #{Expression[@curaddr]} */", :text]
+				return
+			end
+		else
+			struct = obj.struct
+		end
+		if maxdepth <= 0
+			render['{ /* type "+" to expand */ }', :text]
+			return
+		end
+		# from AllocCStruct#to_s
+		if struct.kind_of?(C::Array)
+			render["#{struct.type} ar_#{Expression[@curaddr]}[#{struct.length}] = ", :text] if not off
+			mlist = (0...struct.length)
+			el = @dasm.c_parser.sizeof(struct.type)
+			fldoff = mlist.inject({}) { |h, i| h.update i => i*el }
+		elsif struct.kind_of?(C::Struct)
+			render["struct #{struct.name || '_'} st_#{Expression[@curaddr]} = ", :text] if not off
+			fldoff = struct.fldoffset
+			fbo = struct.fldbitoffset || {}
+		else
+			render["union #{struct.name || '_'} un_#{Expression[@curaddr]} = ", :text] if not off
+		end
+		mlist ||= struct.members
+		render['{', :text]
+		mlist.each { |k|
+			if k.kind_of? C::Variable
+				ct = k.type
+				curoff = off.to_i + (fldoff && k.name ? fldoff[k.name].to_i : struct.offsetof(@dasm.c_parser, k))
+				val = obj[k]
+			else
+				ct = struct.type
+				curoff = off.to_i + fldoff[k].to_i
+				val = obj[k]
+			end
+			nl[]
+			render[indent, :text]
+			render[k.kind_of?(Integer) ? "[#{k}]" : ".#{k.name || '?'}", :text]
+			render[' = ', :text]
+			if val.kind_of?(Integer)
+				if ct.pointer? and ct.pointed.untypedef.kind_of?(C::Union)
+					@line_dereference[@line_text_col.length-1] = [val, ct.pointed.untypedef]
+				end
+				if val >= 0x100
+					val = '0x%X' % val
+				elsif val <= -0x100
+					val = '-0x%X' % -val
+				else
+					val = val.to_s
+				end
+			elsif val.kind_of?(C::AllocCStruct)
+				render_struct(val, curoff, maxdepth-1)
+				next
+			elsif not val
+				val = 'NULL' # pointer with NULL value
+			else
+				raise "unknown value #{val.inspect}"
+			end
+			render[val, :text]
+			render[',', :text]
+			render['   // +%x' % curoff, :comment]
+		}
+		nl[]
+		render['}', :text]
+		render[(off ? ',' : ';'), :text]
+	end
+	def gui_update
+		if @curstruct
+			render_struct
+		else
+			@line_text_col = [[[:text, '/* no struct selected (list with "l") */']]]
+		end
+		@line_text = @line_text_col.map { |l| l.map { |c, s| s }.join }
+		update_caret
+		redraw
+	end
+end
+end
+end