RubyGems - metasm - Versions diffs - 1.0.0 - Mend

metasm 1.0.0

Files changed (192) hide show

data/BUGS +11 -0
data/CREDITS +17 -0
data/README +270 -0
data/TODO +114 -0
data/doc/code_organisation.txt +146 -0
data/doc/const_missing.txt +16 -0
data/doc/core_classes.txt +75 -0
data/doc/feature_list.txt +53 -0
data/doc/index.txt +59 -0
data/doc/install_notes.txt +170 -0
data/doc/style.css +3 -0
data/doc/use_cases.txt +18 -0
data/lib/metasm.rb +80 -0
data/lib/metasm/arm.rb +12 -0
data/lib/metasm/arm/debug.rb +39 -0
data/lib/metasm/arm/decode.rb +167 -0
data/lib/metasm/arm/encode.rb +77 -0
data/lib/metasm/arm/main.rb +75 -0
data/lib/metasm/arm/opcodes.rb +177 -0
data/lib/metasm/arm/parse.rb +130 -0
data/lib/metasm/arm/render.rb +55 -0
data/lib/metasm/compile_c.rb +1457 -0
data/lib/metasm/dalvik.rb +8 -0
data/lib/metasm/dalvik/decode.rb +196 -0
data/lib/metasm/dalvik/main.rb +60 -0
data/lib/metasm/dalvik/opcodes.rb +366 -0
data/lib/metasm/decode.rb +213 -0
data/lib/metasm/decompile.rb +2659 -0
data/lib/metasm/disassemble.rb +2068 -0
data/lib/metasm/disassemble_api.rb +1280 -0
data/lib/metasm/dynldr.rb +1329 -0
data/lib/metasm/encode.rb +333 -0
data/lib/metasm/exe_format/a_out.rb +194 -0
data/lib/metasm/exe_format/autoexe.rb +82 -0
data/lib/metasm/exe_format/bflt.rb +189 -0
data/lib/metasm/exe_format/coff.rb +455 -0
data/lib/metasm/exe_format/coff_decode.rb +901 -0
data/lib/metasm/exe_format/coff_encode.rb +1078 -0
data/lib/metasm/exe_format/dex.rb +457 -0
data/lib/metasm/exe_format/dol.rb +145 -0
data/lib/metasm/exe_format/elf.rb +923 -0
data/lib/metasm/exe_format/elf_decode.rb +979 -0
data/lib/metasm/exe_format/elf_encode.rb +1375 -0
data/lib/metasm/exe_format/macho.rb +827 -0
data/lib/metasm/exe_format/main.rb +228 -0
data/lib/metasm/exe_format/mz.rb +164 -0
data/lib/metasm/exe_format/nds.rb +172 -0
data/lib/metasm/exe_format/pe.rb +437 -0
data/lib/metasm/exe_format/serialstruct.rb +246 -0
data/lib/metasm/exe_format/shellcode.rb +114 -0
data/lib/metasm/exe_format/xcoff.rb +167 -0
data/lib/metasm/gui.rb +23 -0
data/lib/metasm/gui/cstruct.rb +373 -0
data/lib/metasm/gui/dasm_coverage.rb +199 -0
data/lib/metasm/gui/dasm_decomp.rb +369 -0
data/lib/metasm/gui/dasm_funcgraph.rb +103 -0
data/lib/metasm/gui/dasm_graph.rb +1354 -0
data/lib/metasm/gui/dasm_hex.rb +543 -0
data/lib/metasm/gui/dasm_listing.rb +599 -0
data/lib/metasm/gui/dasm_main.rb +906 -0
data/lib/metasm/gui/dasm_opcodes.rb +291 -0
data/lib/metasm/gui/debug.rb +1228 -0
data/lib/metasm/gui/gtk.rb +884 -0
data/lib/metasm/gui/qt.rb +495 -0
data/lib/metasm/gui/win32.rb +3004 -0
data/lib/metasm/gui/x11.rb +621 -0
data/lib/metasm/ia32.rb +14 -0
data/lib/metasm/ia32/compile_c.rb +1523 -0
data/lib/metasm/ia32/debug.rb +193 -0
data/lib/metasm/ia32/decode.rb +1167 -0
data/lib/metasm/ia32/decompile.rb +564 -0
data/lib/metasm/ia32/encode.rb +314 -0
data/lib/metasm/ia32/main.rb +233 -0
data/lib/metasm/ia32/opcodes.rb +872 -0
data/lib/metasm/ia32/parse.rb +327 -0
data/lib/metasm/ia32/render.rb +91 -0
data/lib/metasm/main.rb +1193 -0
data/lib/metasm/mips.rb +11 -0
data/lib/metasm/mips/compile_c.rb +7 -0
data/lib/metasm/mips/decode.rb +253 -0
data/lib/metasm/mips/encode.rb +51 -0
data/lib/metasm/mips/main.rb +72 -0
data/lib/metasm/mips/opcodes.rb +443 -0
data/lib/metasm/mips/parse.rb +51 -0
data/lib/metasm/mips/render.rb +43 -0
data/lib/metasm/os/gnu_exports.rb +270 -0
data/lib/metasm/os/linux.rb +1112 -0
data/lib/metasm/os/main.rb +1686 -0
data/lib/metasm/os/remote.rb +527 -0
data/lib/metasm/os/windows.rb +2027 -0
data/lib/metasm/os/windows_exports.rb +745 -0
data/lib/metasm/parse.rb +876 -0
data/lib/metasm/parse_c.rb +3938 -0
data/lib/metasm/pic16c/decode.rb +42 -0
data/lib/metasm/pic16c/main.rb +17 -0
data/lib/metasm/pic16c/opcodes.rb +68 -0
data/lib/metasm/ppc.rb +11 -0
data/lib/metasm/ppc/decode.rb +264 -0
data/lib/metasm/ppc/decompile.rb +251 -0
data/lib/metasm/ppc/encode.rb +51 -0
data/lib/metasm/ppc/main.rb +129 -0
data/lib/metasm/ppc/opcodes.rb +410 -0
data/lib/metasm/ppc/parse.rb +52 -0
data/lib/metasm/preprocessor.rb +1277 -0
data/lib/metasm/render.rb +130 -0
data/lib/metasm/sh4.rb +8 -0
data/lib/metasm/sh4/decode.rb +336 -0
data/lib/metasm/sh4/main.rb +292 -0
data/lib/metasm/sh4/opcodes.rb +381 -0
data/lib/metasm/x86_64.rb +12 -0
data/lib/metasm/x86_64/compile_c.rb +1025 -0
data/lib/metasm/x86_64/debug.rb +59 -0
data/lib/metasm/x86_64/decode.rb +268 -0
data/lib/metasm/x86_64/encode.rb +264 -0
data/lib/metasm/x86_64/main.rb +135 -0
data/lib/metasm/x86_64/opcodes.rb +118 -0
data/lib/metasm/x86_64/parse.rb +68 -0
data/misc/bottleneck.rb +61 -0
data/misc/cheader-findpppath.rb +58 -0
data/misc/hexdiff.rb +74 -0
data/misc/hexdump.rb +55 -0
data/misc/metasm-all.rb +13 -0
data/misc/objdiff.rb +47 -0
data/misc/objscan.rb +40 -0
data/misc/pdfparse.rb +661 -0
data/misc/ppc_pdf2oplist.rb +192 -0
data/misc/tcp_proxy_hex.rb +84 -0
data/misc/txt2html.rb +440 -0
data/samples/a.out.rb +31 -0
data/samples/asmsyntax.rb +77 -0
data/samples/bindiff.rb +555 -0
data/samples/compilation-steps.rb +49 -0
data/samples/cparser_makestackoffset.rb +55 -0
data/samples/dasm-backtrack.rb +38 -0
data/samples/dasmnavig.rb +318 -0
data/samples/dbg-apihook.rb +228 -0
data/samples/dbghelp.rb +143 -0
data/samples/disassemble-gui.rb +102 -0
data/samples/disassemble.rb +133 -0
data/samples/dump_upx.rb +95 -0
data/samples/dynamic_ruby.rb +1929 -0
data/samples/elf_list_needed.rb +46 -0
data/samples/elf_listexports.rb +33 -0
data/samples/elfencode.rb +25 -0
data/samples/exeencode.rb +128 -0
data/samples/factorize-headers-elfimports.rb +77 -0
data/samples/factorize-headers-peimports.rb +109 -0
data/samples/factorize-headers.rb +43 -0
data/samples/gdbclient.rb +583 -0
data/samples/generate_libsigs.rb +102 -0
data/samples/hotfix_gtk_dbg.rb +59 -0
data/samples/install_win_env.rb +78 -0
data/samples/lindebug.rb +924 -0
data/samples/linux_injectsyscall.rb +95 -0
data/samples/machoencode.rb +31 -0
data/samples/metasm-shell.rb +91 -0
data/samples/pe-hook.rb +69 -0
data/samples/pe-ia32-cpuid.rb +203 -0
data/samples/pe-mips.rb +35 -0
data/samples/pe-shutdown.rb +78 -0
data/samples/pe-testrelocs.rb +51 -0
data/samples/pe-testrsrc.rb +24 -0
data/samples/pe_listexports.rb +31 -0
data/samples/peencode.rb +19 -0
data/samples/peldr.rb +494 -0
data/samples/preprocess-flatten.rb +19 -0
data/samples/r0trace.rb +308 -0
data/samples/rubstop.rb +399 -0
data/samples/scan_pt_gnu_stack.rb +54 -0
data/samples/scanpeexports.rb +62 -0
data/samples/shellcode-c.rb +40 -0
data/samples/shellcode-dynlink.rb +146 -0
data/samples/source.asm +34 -0
data/samples/struct_offset.rb +47 -0
data/samples/testpe.rb +32 -0
data/samples/testraw.rb +45 -0
data/samples/win32genloader.rb +132 -0
data/samples/win32hooker-advanced.rb +169 -0
data/samples/win32hooker.rb +96 -0
data/samples/win32livedasm.rb +33 -0
data/samples/win32remotescan.rb +133 -0
data/samples/wintrace.rb +92 -0
data/tests/all.rb +8 -0
data/tests/dasm.rb +39 -0
data/tests/dynldr.rb +35 -0
data/tests/encodeddata.rb +132 -0
data/tests/ia32.rb +82 -0
data/tests/mips.rb +116 -0
data/tests/parse_c.rb +239 -0
data/tests/preprocessor.rb +269 -0
data/tests/x86_64.rb +62 -0
metadata +255 -0

data/lib/metasm/exe_format/shellcode.rb ADDED

@@ -0,0 +1,114 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/exe_format/main'
+module Metasm
+# a shellcode is a simple sequence of instructions
+class Shellcode < ExeFormat
+	# the array of source elements (Instr/Data etc)
+	attr_accessor :source
+	# the base address of the shellcode (nil if unspecified)
+	attr_accessor :base_addr
+	def initialize(cpu=nil, base_addr=nil)
+		@base_addr = base_addr
+		@source = []
+		super(cpu)
+	end
+	def parse_init
+		@cursource = @source
+		super()
+	end
+	# allows definition of the base address
+	def parse_parser_instruction(instr)
+		case instr.raw.downcase
+		when '.base', '.baseaddr', '.base_addr'
+			# ".base_addr <expression>"
+			# expression should #reduce to integer
+			@lexer.skip_space
+			raise instr, 'syntax error' if not @base_addr = Expression.parse(@lexer).reduce
+			raise instr, 'syntax error' if tok = @lexer.nexttok and tok.type != :eol
+		else super(instr)
+		end
+	end
+	def get_section_at(addr)
+		base = @base_addr || 0
+		if not addr.kind_of? Integer
+			[@encoded, addr] if @encoded.ptr = @encoded.export[addr]
+		elsif addr >= base and addr < base + @encoded.virtsize
+			@encoded.ptr = addr - base
+			[@encoded, addr]
+		end
+	end
+	def each_section
+		yield @encoded, (@base_addr || 0)
+	end
+	def addr_to_fileoff(addr)
+		addr - (base_addr || 0)
+	end
+	def fileoff_to_addr(foff)
+		foff + (base_addr || 0)
+	end
+	# encodes the source found in self.source
+	# appends it to self.encoded
+	# clears self.source
+	# the optional parameter may contain a binding used to fixup! self.encoded
+	# uses self.base_addr if it exists
+	def assemble(*a)
+		parse(*a) if not a.empty?
+		@encoded << assemble_sequence(@source, @cpu)
+		@source.clear
+		encode
+	end
+	def encode(binding={})
+		@encoded.fixup! binding
+		@encoded.fixup @encoded.binding(@base_addr)
+		@encoded.fill @encoded.rawsize
+		self
+	end
+	def decode
+	end
+	def self.disassemble(cpu, str, eip=0)
+		sc = decode(str, cpu)
+		sc.disassemble(eip)
+	end
+	def init_disassembler
+		d = super()
+		d.function[:default] = @cpu.disassembler_default_func
+		d
+	end
+	def compile_setsection(src, section)
+	end
+	def dump_section_header(addr, edata)
+		''
+	end
+	def get_default_entrypoints
+		[@base_addr || 0]
+	end
+	# returns a virtual subclass of Shellcode whose cpu_from_headers will return cpu
+	def self.withcpu(cpu)
+		c = Class.new(self)
+		c.send(:define_method, :cpu_from_headers) { cpu }
+		c
+	end
+end
+end

data/lib/metasm/exe_format/xcoff.rb ADDED

@@ -0,0 +1,167 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/exe_format/main'
+require 'metasm/encode'
+require 'metasm/decode'
+module Metasm
+class XCoff < ExeFormat
+	FLAGS = { 1 => 'RELFLG', 2 => 'EXEC', 4 => 'LNNO',
+		0x200 => 'AR32W', 0x400 => 'PATCH', 0x1000 => 'DYNLOAD',
+		0x2000 => 'SHROBJ', 0x4000 => 'LOADONLY' }
+	SECTION_FLAGS = { 8 => 'PAD', 0x20 => 'TEXT', 0x40 => 'DATA', 0x80 => 'BSS',
+		0x100 => 'EXCEPT', 0x200 => 'INFO', 0x1000 => 'LOADER',
+		0x2000 => 'DEBUG', 0x4000 => 'TYPCHK', 0x8000 => 'OVRFLO' }
+	class SerialStruct < Metasm::SerialStruct
+		new_int_field :xword, :xhalf
+	end
+	class Header < SerialStruct
+		mem :sig, 2
+		decode_hook { |exe, hdr|
+			exe.endianness, exe.intsize =
+			case @sig
+			when "\1\xdf"; [:big,    32]
+			when "\xdf\1"; [:little, 32]
+			when "\1\xef"; [:big,    64]
+			when "\xef\1"; [:little, 64]
+			else raise InvalidExeFormat, "invalid a.out signature"
+			end
+		}
+		half :nsec
+		word :timdat
+		xword :symptr
+		word :nsym
+		half :opthdr
+		half :flags
+		fld_bits :flags, FLAGS
+		def set_default_values(xcoff)
+			@sig ||= case [xcoff.endianness, xcoff.intsize]
+				when [:big,    32]; "\1\xdf"
+				when [:little, 32]; "\xdf\1"
+				when [:big,    64]; "\1\xef"
+				when [:little, 64]; "\xef\1"
+				end
+			@nsec   ||= xcoff.sections.size
+			@symptr ||= xcoff.symbols ? xcoff.new_label('symptr') : 0
+			@nsym   ||= xcoff.symbols ? xcoff.symbols.length : 0
+			@opthdr ||= xcoff.optheader ? OptHeader.size(xcoff) : 0
+			super(xcoff)
+		end
+	end
+	class OptHeader < SerialStruct
+		halfs :magic, :vstamp
+		xwords :tsize, :dsize, :bsize, :entry, :text_start, :data_start, :toc
+		halfs :snentry, :sntext, :sndata, :sntoc, :snloader, :snbss, :aligntext, :aligndata, :modtype, :cpu
+		xwords :maxstack, :maxdata
+		new_field(:res, lambda { |exe, me| exe.encoded.read(exe.intsize == 32 ? 8 : 120) }, lambda { |exe, me, val| val }, '')
+		def self.size(xcoff)
+			xcoff.intsize == 32 ? 2*2+7*4+10*2+2*4+2+8 : 2*2+7*8+10*2+2*8+2+120
+		end
+		def set_default_values(xcoff)
+			@vstamp  ||= 1
+			@snentry ||= 1
+			@sntext  ||= 1
+			@sndata  ||= 2
+			@sntoc   ||= 3
+			@snloader||= 4
+			@snbss   ||= 5
+			super(xcoff)
+		end
+	end
+	class Section < SerialStruct
+		str :name, 8
+		xwords :paddr, :vaddr, :size, :scnptr, :relptr, :lnnoptr
+		xhalfs :nreloc, :nlnno, :flags
+		fld_bits :flags, SECTION_FLAGS
+		def set_defalut_values(xcoff)
+			@name   ||= @flags.kind_of?(::Array) ? ".#{@flags.first.to_s.downcase}" : ''
+			@vaddr  ||= @paddr ? @paddr : @encoded ? xcoff.label_at(@encoded, 0, 's_vaddr') : 0
+			@paddr  ||= @vaddr
+			@size   ||= @encoded ? @encoded.size : 0
+			@scnptr ||= xcoff.new_label('s_scnptr')
+			super(xcoff)
+		end
+	end
+	# basic immediates decoding functions
+	def decode_half( edata = @encoded) edata.decode_imm(:u16, @endianness) end
+	def decode_word( edata = @encoded) edata.decode_imm(:u32, @endianness) end
+	def decode_xhalf(edata = @encoded) edata.edoced_imm((@intsize == 32 ? :u16 : :u32), @endianness) end
+	def decode_xword(edata = @encoded) edata.decode_imm((@intsize == 32 ? :u32 : :u64), @endianness) end
+	def encode_half(w)  Expression[w].encode(:u16, @endianness) end
+	def encode_word(w)  Expression[w].encode(:u32, @endianness) end
+	def encode_xhalf(w) Expression[w].encode((@intsize == 32 ? :u16 : :u32), @endianness) end
+	def encode_xword(w) Expression[w].encode((@intsize == 32 ? :u32 : :u64), @endianness) end
+	attr_accessor :header, :segments, :relocs, :intsize, :endianness
+	def initialize(cpu=nil)
+		@header = Header.new
+		@sections = []
+		if @cpu
+			@intsize = @cpu.size
+			@endianness = @cpu.endianness
+		else
+			@intsize = 32
+			@endianness = :little
+		end
+		super(cpu)
+	end
+	def decode_header(off = 0)
+		@encoded.ptr = off
+		@header.decode(self)
+		if @header.opthdr != 0
+			@optheader = OptHeader.decode(self)
+		end
+		@header.nsec.times { @sections << Section.decode(self) }
+	end
+	def decode
+		decode_header
+		@sections.each { |s| s.encoded = @encoded[s.scnptr, s.size] }
+	end
+	def encode
+		@encoded = EncodedData.new
+		@encoded << @header.encode(self)
+		@encoded << @optheader.encode(self) if @optheader
+		@sections.each { |s| @encoded << s.encode(self) }
+		va = @encoded.size
+		binding = {}
+		@sections.each { |s|
+			if s.scnptr.kind_of? ::String
+				binding[s.scnptr] = @encoded.size
+			else
+				raise 'scnptr too low' if @encoded.virtsize > s.scnptr
+				@encoded.virtsize = s.scnptr
+			end
+			va = (va + 4096 - 1)/4096*4096
+			if s.vaddr.kind_of? ::String
+				binding[s.vaddr] = va
+			else
+				va = s.vaddr
+			end
+			binding.update s.encoded.binding(va)
+			va += s.encoded.size
+			@encoded << s.encoded
+		}
+		@encoded.fixup!(binding)
+		@encoded.data
+	end
+end
+end

data/lib/metasm/gui.rb ADDED

@@ -0,0 +1,23 @@
+backend = case ENV['METASM_GUI']
+when 'gtk'; 'gtk'
+when 'qt'; 'qt'
+when 'win32'; 'win32'
+else
+	puts "Unsupported METASM_GUI #{ENV['METASM_GUI'].inspect}" if $VERBOSE and ENV['METASM_GUI']
+	if RUBY_PLATFORM =~ /(i.86|x(86_)?64)-(mswin|mingw|cygwin)/i
+		'win32'
+	else
+	begin
+		require 'gtk2'
+		'gtk'
+	rescue LoadError
+		#begin
+		#	require 'Qt4'
+		#	'qt'
+		#rescue LoadError
+			raise LoadError, 'No GUI ruby binding installed - please install libgtk2-ruby'
+		#end
+	end
+	end
+end
+require "metasm/gui/#{backend}"

data/lib/metasm/gui/cstruct.rb ADDED

@@ -0,0 +1,373 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+module Metasm
+module Gui
+class CStructWidget < DrawableWidget
+	attr_accessor :dasm, :view_x, :view_y
+	def initialize_widget(dasm, parent_widget)
+		@dasm = dasm
+		@parent_widget = parent_widget
+		@line_text_col = []	# each line is [[:col, 'text'], [:col, 'text']]
+		@line_text = []
+		@line_dereference = []	# linenr => [addr, struct] (args to focus_addr)
+		@curaddr = nil
+		@curstruct = nil
+		@tabwidth = 8
+		@view_x = @view_y = 0
+		@caret_x = @caret_y = 0
+		@cwidth = @cheight = 1	# widget size in chars
+		@structdepth = 2
+		@default_color_association = { :text => :black, :keyword => :blue, :caret => :black,
+			  :background => :white, :hl_word => :palered, :comment => :darkblue }
+	end
+	def click(x, y)
+		@caret_x = (x-1).to_i / @font_width + @view_x
+		@caret_y = y.to_i / @font_height + @view_y
+		update_caret
+	end
+	def rightclick(x, y)
+		click(x, y)
+		@parent_widget.clone_window(@hl_word) if @hl_word
+	end
+	def doubleclick(x, y)
+		click(x, y)
+		keypress(:enter)
+	end
+	def mouse_wheel(dir, x, y)
+		case dir
+		when :up
+			if @caret_y > 0
+				@view_y -= 4
+				@view_y = 0 if @view_y < 0
+				@caret_y -= 4
+				@caret_y = 0 if @caret_y < 0
+			end
+		when :down
+			if @caret_y < @line_text.length - 1
+				@view_y += 4
+				@caret_y += 4
+			end
+		end
+		redraw
+	end
+	def paint
+		@cwidth = width/@font_width
+		@cheight = height/@font_height
+		# adjust viewport to cursor
+		sz_x = @line_text.map { |l| l.length }.max.to_i + 1
+		sz_y = @line_text.length.to_i + 1
+		@view_x = @caret_x - @cwidth + 1 if @caret_x > @view_x + @cwidth - 1
+		@view_x = @caret_x if @caret_x < @view_x
+		@view_x = sz_x - @cwidth - 1 if @view_x >= sz_x - @cwidth
+		@view_x = 0 if @view_x < 0
+		@view_y = @caret_y - @cheight + 1 if @caret_y > @view_y + @cheight - 1
+		@view_y = @caret_y if @caret_y < @view_y
+		@view_y = sz_y - @cheight - 1 if @view_y >= sz_y - @cheight
+		@view_y = 0 if @view_y < 0
+		# current cursor position
+		x = 1
+		y = 0
+		@line_text_col[@view_y, @cheight + 1].each { |l|
+			cx = 0
+			l.each { |c, t|
+				cx += t.length
+				if cx-t.length > @view_x + @cwidth + 1
+				elsif cx < @view_x
+				else
+					t = t[(@view_x - cx + t.length)..-1] if cx-t.length < @view_x
+					if @hl_word
+						stmp = t
+						pre_x = 0
+						while stmp =~ /^(.*?)(\b#{Regexp.escape @hl_word}\b)/
+							s1, s2 = $1, $2
+							pre_x += s1.length*@font_width
+							hl_w = s2.length*@font_width
+							draw_rectangle_color(:hl_word, x+pre_x, y, hl_w, @font_height)
+							pre_x += hl_w
+							stmp = stmp[s1.length+s2.length..-1]
+						end
+					end
+					draw_string_color(c, x, y, t)
+					x += t.length * @font_width
+				end
+			}
+			x = 1
+			y += @font_height
+		}
+		if focus?
+			# draw caret
+			cx = (@caret_x-@view_x)*@font_width+1
+			cy = (@caret_y-@view_y)*@font_height
+			draw_line_color(:caret, cx, cy, cx, cy+@font_height-1)
+		end
+		@oldcaret_x, @oldcaret_y = @caret_x, @caret_y
+	end
+	def keypress(key)
+		case key
+		when :left
+			if @caret_x >= 1
+				@caret_x -= 1
+				update_caret
+			end
+		when :up
+			if @caret_y > 0
+				@caret_y -= 1
+				update_caret
+			end
+		when :right
+			if @caret_x < @line_text[@caret_y].to_s.length
+				@caret_x += 1
+				update_caret
+			end
+		when :down
+			if @caret_y < @line_text.length
+				@caret_y += 1
+				update_caret
+			end
+		when :home
+			@caret_x = @line_text[@caret_y].to_s[/^\s*/].length
+			update_caret
+		when :end
+			@caret_x = @line_text[@caret_y].to_s.length
+			update_caret
+		when :pgup
+			@caret_y -= @cheight/2
+			@caret_y = 0 if @caret_y < 0
+			update_caret
+		when :pgdown
+			@caret_y += @cheight/2
+			@caret_y = @line_text.length if @caret_y > @line_text.length
+			update_caret
+		when :enter
+			if l = @line_dereference[@caret_y]
+				if @parent_widget
+					@parent_widget.focus_addr(l[0], :cstruct, false, l[1])
+				else
+					focus_addr(l[0], l[1])
+				end
+			end
+		when ?+
+			@structdepth += 1
+			gui_update
+		when ?-
+			@structdepth -= 1
+			gui_update
+		when ?/
+			@structdepth = 1
+			gui_update
+		when ?*
+			@structdepth =  50
+			gui_update
+		when ?l
+			liststructs
+		when ?t
+			inputbox('new struct name to use', :text => (@curstruct.name rescue '')) { |n|
+				lst = @dasm.c_parser.toplevel.struct.keys.grep(String)
+				if fn = lst.find { |ln| ln == n } || lst.find { |ln| ln.downcase == n.downcase }
+					focus_addr(@curaddr, @dasm.c_parser.toplevel.struct[fn])
+				else
+					lst = @dasm.c_parser.toplevel.symbol.keys.grep(String).find_all { |ln|
+						s = @dasm.c_parser.toplevel.symbol[ln]
+						s.kind_of?(C::TypeDef) and s.untypedef.kind_of?(C::Union)
+					}
+					if fn = lst.find { |ln| ln == n } || lst.find { |ln| ln.downcase == n.downcase }
+						focus_addr(@curaddr, @dasm.c_parser.toplevel.symbol[fn].untypedef)
+					else
+						liststructs(n)
+					end
+				end
+			}
+		else return false
+		end
+		true
+	end
+	def liststructs(partname=nil)
+		tl = @dasm.c_parser.toplevel
+		list = [['name', 'size']]
+		list += tl.struct.keys.grep(String).sort.map { |stn|
+			next if partname and stn !~ /#{partname}/i
+			st = tl.struct[stn]
+			[stn, @dasm.c_parser.sizeof(st)] if st.members
+		}.compact
+		list += tl.symbol.keys.grep(String).sort.map { |stn|
+			next if partname and stn !~ /#{partname}/i
+			st = tl.symbol[stn]
+			next unless st.kind_of?(C::TypeDef) and st.untypedef.kind_of?(C::Union)
+			[stn, @dasm.c_parser.sizeof(st)] if st.untypedef.members
+		}.compact
+		if partname and list.length == 2
+			focus_addr(@curaddr, tl.struct[list[1][0]] || tl.symbol[list[1][0]].untypedef)
+			return
+		end
+		listwindow('structs', list) { |stn|
+			focus_addr(@curaddr, tl.struct[stn[0]] || tl.symbol[stn[0]].untypedef)
+		}
+	end
+	def get_cursor_pos
+		[@curaddr, @curstruct, @caret_x, @caret_y, @view_y]
+	end
+	def set_cursor_pos(p)
+		focus_addr p[0], p[1]
+		@caret_x, @caret_y, @view_y = p[2, 3]
+		update_caret
+	end
+	# hint that the caret moved
+	# redraws the caret, change the hilighted word, redraw if needed
+	def update_caret
+		if @caret_x < @view_x or @caret_x >= @view_x + @cwidth or @caret_y < @view_y or @caret_y >= @view_y + @cheight
+			redraw
+		elsif update_hl_word(@line_text[@caret_y], @caret_x)
+			redraw
+		else
+			invalidate_caret(@oldcaret_x-@view_x, @oldcaret_y-@view_y)
+			invalidate_caret(@caret_x-@view_x, @caret_y-@view_y)
+		end
+		@oldcaret_x, @oldcaret_y = @caret_x, @caret_y
+	end
+	# focus on addr
+	# returns true on success
+	def focus_addr(addr, struct=@curstruct)
+		return if @parent_widget and not addr = @parent_widget.normalize(addr)
+		@curaddr = addr
+		@curstruct = struct
+		@caret_x = @caret_y = 0
+		gui_update
+		true
+	end
+	# returns the address of the data under the cursor
+	def current_address
+		@curaddr
+	end
+	def render_struct(obj=nil, off=nil, maxdepth=@structdepth)
+		render = lambda { |str, col|
+			if @line_text_col.last[0] == col
+				@line_text_col.last[1] << str
+			else
+				@line_text_col.last << [col, str]
+			end
+		}
+		indent = ' ' * @tabwidth
+		nl = lambda {
+			@line_text_col << []
+			render[indent * [@structdepth - maxdepth, 0].max, :text]
+		}
+		if not obj
+			@line_text_col = [[]]
+			@line_dereference = []
+			struct = @curstruct
+			if str = @dasm.get_section_at(@curaddr)
+				obj = @dasm.c_parser.decode_c_struct(struct, str[0].read(@dasm.c_parser.sizeof(struct)))
+			else
+				render["/* unmapped area #{Expression[@curaddr]} */", :text]
+				return
+			end
+		else
+			struct = obj.struct
+		end
+		if maxdepth <= 0
+			render['{ /* type "+" to expand */ }', :text]
+			return
+		end
+		# from AllocCStruct#to_s
+		if struct.kind_of?(C::Array)
+			render["#{struct.type} ar_#{Expression[@curaddr]}[#{struct.length}] = ", :text] if not off
+			mlist = (0...struct.length)
+			el = @dasm.c_parser.sizeof(struct.type)
+			fldoff = mlist.inject({}) { |h, i| h.update i => i*el }
+		elsif struct.kind_of?(C::Struct)
+			render["struct #{struct.name || '_'} st_#{Expression[@curaddr]} = ", :text] if not off
+			fldoff = struct.fldoffset
+			fbo = struct.fldbitoffset || {}
+		else
+			render["union #{struct.name || '_'} un_#{Expression[@curaddr]} = ", :text] if not off
+		end
+		mlist ||= struct.members
+		render['{', :text]
+		mlist.each { |k|
+			if k.kind_of? C::Variable
+				ct = k.type
+				curoff = off.to_i + (fldoff && k.name ? fldoff[k.name].to_i : struct.offsetof(@dasm.c_parser, k))
+				val = obj[k]
+			else
+				ct = struct.type
+				curoff = off.to_i + fldoff[k].to_i
+				val = obj[k]
+			end
+			nl[]
+			render[indent, :text]
+			render[k.kind_of?(Integer) ? "[#{k}]" : ".#{k.name || '?'}", :text]
+			render[' = ', :text]
+			if val.kind_of?(Integer)
+				if ct.pointer? and ct.pointed.untypedef.kind_of?(C::Union)
+					@line_dereference[@line_text_col.length-1] = [val, ct.pointed.untypedef]
+				end
+				if val >= 0x100
+					val = '0x%X' % val
+				elsif val <= -0x100
+					val = '-0x%X' % -val
+				else
+					val = val.to_s
+				end
+			elsif val.kind_of?(C::AllocCStruct)
+				render_struct(val, curoff, maxdepth-1)
+				next
+			elsif not val
+				val = 'NULL' # pointer with NULL value
+			else
+				raise "unknown value #{val.inspect}"
+			end
+			render[val, :text]
+			render[',', :text]
+			render['   // +%x' % curoff, :comment]
+		}
+		nl[]
+		render['}', :text]
+		render[(off ? ',' : ';'), :text]
+	end
+	def gui_update
+		if @curstruct
+			render_struct
+		else
+			@line_text_col = [[[:text, '/* no struct selected (list with "l") */']]]
+		end
+		@line_text = @line_text_col.map { |l| l.map { |c, s| s }.join }
+		update_caret
+		redraw
+	end
+end
+end
+end